Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2017.2550 SUSE Security Update: Security update for SLES 12 Docker image 11 October 2017 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: SLES Publisher: SUSE Operating System: SUSE Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Root Compromise -- Existing Account Increased Privileges -- Remote/Unauthenticated Access Privileged Data -- Remote/Unauthenticated Modify Arbitrary Files -- Remote/Unauthenticated Denial of Service -- Remote/Unauthenticated Provide Misleading Information -- Remote/Unauthenticated Access Confidential Data -- Remote/Unauthenticated Reduced Security -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2017-1000366 CVE-2017-1000101 CVE-2017-1000100 CVE-2017-11113 CVE-2017-11112 CVE-2017-10685 CVE-2017-10684 CVE-2017-9233 CVE-2017-9050 CVE-2017-9049 CVE-2017-9048 CVE-2017-9047 CVE-2017-7526 CVE-2017-7407 CVE-2017-6507 CVE-2017-2616 CVE-2016-9843 CVE-2016-9842 CVE-2016-9841 CVE-2016-9840 CVE-2016-9597 CVE-2016-9586 CVE-2016-9318 CVE-2016-9063 CVE-2016-8624 CVE-2016-8623 CVE-2016-8622 CVE-2016-8621 CVE-2016-8620 CVE-2016-8619 CVE-2016-8618 CVE-2016-8617 CVE-2016-8616 CVE-2016-8615 CVE-2016-7796 CVE-2016-7543 CVE-2016-7167 CVE-2016-7141 CVE-2016-6318 CVE-2016-6313 CVE-2016-6306 CVE-2016-6304 CVE-2016-6303 CVE-2016-6302 CVE-2016-6263 CVE-2016-6262 CVE-2016-6261 CVE-2016-6185 CVE-2016-5421 CVE-2016-5420 CVE-2016-5419 CVE-2016-5300 CVE-2016-5011 CVE-2016-4658 CVE-2016-4579 CVE-2016-4574 CVE-2016-4483 CVE-2016-4449 CVE-2016-4448 CVE-2016-4447 CVE-2016-4429 CVE-2016-4008 CVE-2016-3706 CVE-2016-3705 CVE-2016-3627 CVE-2016-3191 CVE-2016-3075 CVE-2016-2381 CVE-2016-2183 CVE-2016-2182 CVE-2016-2181 CVE-2016-2180 CVE-2016-2179 CVE-2016-2178 CVE-2016-2177 CVE-2016-2109 CVE-2016-2108 CVE-2016-2107 CVE-2016-2106 CVE-2016-2105 CVE-2016-2073 CVE-2016-2037 CVE-2016-1840 CVE-2016-1839 CVE-2016-1838 CVE-2016-1837 CVE-2016-1835 CVE-2016-1834 CVE-2016-1833 CVE-2016-1762 CVE-2016-1283 CVE-2016-1238 CVE-2016-1234 CVE-2016-0787 CVE-2016-0718 CVE-2016-0634 CVE-2015-8948 CVE-2015-8853 CVE-2015-8842 CVE-2015-8806 CVE-2015-8395 CVE-2015-8394 CVE-2015-8393 CVE-2015-8392 CVE-2015-8391 CVE-2015-8390 CVE-2015-8389 CVE-2015-8388 CVE-2015-8387 CVE-2015-8386 CVE-2015-8385 CVE-2015-8384 CVE-2015-8383 CVE-2015-8382 CVE-2015-8381 CVE-2015-8380 CVE-2015-7511 CVE-2015-5276 CVE-2015-5218 CVE-2015-5073 CVE-2015-3622 CVE-2015-3238 CVE-2015-3217 CVE-2015-3210 CVE-2015-2328 CVE-2015-2327 CVE-2015-2325 CVE-2015-2059 CVE-2015-1283 CVE-2015-0245 CVE-2014-9770 CVE-2014-8964 CVE-2014-7824 CVE-2014-7187 CVE-2014-7169 CVE-2014-6278 CVE-2014-6277 CVE-2014-6271 CVE-2014-0191 CVE-2012-6702 Reference: ASB-2017.0115 ASB-2017.0107 ESB-2017.2542 ESB-2017.2531 Comment: This bulletin contains three (3) SUSE security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for SLES 12 Docker image ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:2699-1 Rating: important References: #1056193 #975726 Cross-References: CVE-2012-6702 CVE-2014-0191 CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7187 CVE-2014-7824 CVE-2014-8964 CVE-2014-9770 CVE-2015-0245 CVE-2015-1283 CVE-2015-2059 CVE-2015-2325 CVE-2015-2327 CVE-2015-2328 CVE-2015-3210 CVE-2015-3217 CVE-2015-3238 CVE-2015-3622 CVE-2015-5073 CVE-2015-5218 CVE-2015-5276 CVE-2015-7511 CVE-2015-8380 CVE-2015-8381 CVE-2015-8382 CVE-2015-8383 CVE-2015-8384 CVE-2015-8385 CVE-2015-8386 CVE-2015-8387 CVE-2015-8388 CVE-2015-8389 CVE-2015-8390 CVE-2015-8391 CVE-2015-8392 CVE-2015-8393 CVE-2015-8394 CVE-2015-8395 CVE-2015-8806 CVE-2015-8842 CVE-2015-8853 CVE-2015-8948 CVE-2016-0634 CVE-2016-0718 CVE-2016-0787 CVE-2016-1234 CVE-2016-1238 CVE-2016-1283 CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-2037 CVE-2016-2073 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-2381 CVE-2016-3075 CVE-2016-3191 CVE-2016-3627 CVE-2016-3705 CVE-2016-3706 CVE-2016-4008 CVE-2016-4429 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 CVE-2016-4483 CVE-2016-4574 CVE-2016-4579 CVE-2016-4658 CVE-2016-5011 CVE-2016-5300 CVE-2016-5419 CVE-2016-5420 CVE-2016-5421 CVE-2016-6185 CVE-2016-6261 CVE-2016-6262 CVE-2016-6263 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 CVE-2016-6313 CVE-2016-6318 CVE-2016-7141 CVE-2016-7167 CVE-2016-7543 CVE-2016-7796 CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8618 CVE-2016-8619 CVE-2016-8620 CVE-2016-8621 CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 CVE-2016-9063 CVE-2016-9318 CVE-2016-9586 CVE-2016-9597 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-1000100 CVE-2017-1000101 CVE-2017-1000366 CVE-2017-10684 CVE-2017-10685 CVE-2017-11112 CVE-2017-11113 CVE-2017-2616 CVE-2017-6507 CVE-2017-7407 CVE-2017-7526 CVE-2017-9047 CVE-2017-9048 CVE-2017-9049 CVE-2017-9050 CVE-2017-9233 Affected Products: SUSE Linux Enterprise Module for Containers 12 ______________________________________________________________________________ An update that fixes 140 vulnerabilities is now available. Description: The SUSE Linux Enterprise Server 12 container image has been updated to include security and stability fixes. The following issues related to building of the container images have been fixed: - Included krb5 package to avoid the inclusion of krb5-mini which gets selected as a dependency by the Build Service solver. (bsc#1056193) - Do not install recommended packages when building container images. (bsc#975726) A number of security issues that have been already fixed by updates released for SUSE Linux Enterprise Server 12 are now included in the base image. A package/CVE cross-reference is available below. pam: - CVE-2015-3238 libtasn1: - CVE-2015-3622 - CVE-2016-4008 libidn: - CVE-2015-2059 - CVE-2015-8948 - CVE-2016-6261 - CVE-2016-6262 - CVE-2016-6263 zlib: - CVE-2016-9840 - CVE-2016-9841 - CVE-2016-9842 - CVE-2016-9843 curl: - CVE-2016-5419 - CVE-2016-5420 - CVE-2016-5421 - CVE-2016-7141 - CVE-2016-7167 - CVE-2016-8615 - CVE-2016-8616 - CVE-2016-8617 - CVE-2016-8618 - CVE-2016-8619 - CVE-2016-8620 - CVE-2016-8621 - CVE-2016-8622 - CVE-2016-8623 - CVE-2016-8624 - CVE-2016-9586 - CVE-2017-1000100 - CVE-2017-1000101 - CVE-2017-7407 openssl: - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2177 - CVE-2016-2178 - CVE-2016-2179 - CVE-2016-2180 - CVE-2016-2181 - CVE-2016-2182 - CVE-2016-2183 - CVE-2016-6302 - CVE-2016-6303 - CVE-2016-6304 - CVE-2016-6306 libxml2: - CVE-2014-0191 - CVE-2015-8806 - CVE-2016-1762 - CVE-2016-1833 - CVE-2016-1834 - CVE-2016-1835 - CVE-2016-1837 - CVE-2016-1838 - CVE-2016-1839 - CVE-2016-1840 - CVE-2016-2073 - CVE-2016-3627 - CVE-2016-3705 - CVE-2016-4447 - CVE-2016-4448 - CVE-2016-4449 - CVE-2016-4483 - CVE-2016-4658 - CVE-2016-9318 - CVE-2016-9597 - CVE-2017-9047 - CVE-2017-9048 - CVE-2017-9049 - CVE-2017-9050 util-linux: - CVE-2015-5218 - CVE-2016-5011 - CVE-2017-2616 cracklib: - CVE-2016-6318 systemd: - CVE-2014-9770 - CVE-2015-8842 - CVE-2016-7796 pcre: - CVE-2014-8964 - CVE-2015-2325 - CVE-2015-2327 - CVE-2015-2328 - CVE-2015-3210 - CVE-2015-3217 - CVE-2015-5073 - CVE-2015-8380 - CVE-2015-8381 - CVE-2015-8382 - CVE-2015-8383 - CVE-2015-8384 - CVE-2015-8385 - CVE-2015-8386 - CVE-2015-8387 - CVE-2015-8388 - CVE-2015-8389 - CVE-2015-8390 - CVE-2015-8391 - CVE-2015-8392 - CVE-2015-8393 - CVE-2015-8394 - CVE-2015-8395 - CVE-2016-1283 - CVE-2016-3191 appamor: - CVE-2017-6507 bash: - CVE-2014-6277 - CVE-2014-6278 - CVE-2016-0634 - CVE-2016-7543 cpio: - CVE-2016-2037 glibc: - CVE-2016-1234 - CVE-2016-3075 - CVE-2016-3706 - CVE-2016-4429 - CVE-2017-1000366 perl: - CVE-2015-8853 - CVE-2016-1238 - CVE-2016-2381 - CVE-2016-6185 libssh2_org: - CVE-2016-0787 expat: - CVE-2012-6702 - CVE-2015-1283 - CVE-2016-0718 - CVE-2016-5300 - CVE-2016-9063 - CVE-2017-9233 ncurses: - CVE-2017-10684 - CVE-2017-10685 - CVE-2017-11112 - CVE-2017-11113 libksba: - CVE-2016-4574 - CVE-2016-4579 libgcrypt: - CVE-2015-7511 - CVE-2016-6313 - CVE-2017-7526 dbus-1: - CVE-2014-7824 - CVE-2015-0245 Finally, the following packages received non-security fixes: - augeas - bzip2 - ca-certificates-mozilla - coreutils - cryptsetup - cyrus-sasl - dirmngr - e2fsprogs - findutils - gpg2 - insserv-compat - kmod - libcap - libsolv - libzypp - openldap2 - p11-kit - permissions - procps - rpm - sed - shadow - zypper Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Containers 12: zypper in -t patch SUSE-SLE-Module-Containers-12-2017-1672=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64): sles12-docker-image-1.1.4-20171002 References: https://www.suse.com/security/cve/CVE-2012-6702.html https://www.suse.com/security/cve/CVE-2014-0191.html https://www.suse.com/security/cve/CVE-2014-6271.html https://www.suse.com/security/cve/CVE-2014-6277.html https://www.suse.com/security/cve/CVE-2014-6278.html https://www.suse.com/security/cve/CVE-2014-7169.html https://www.suse.com/security/cve/CVE-2014-7187.html https://www.suse.com/security/cve/CVE-2014-7824.html https://www.suse.com/security/cve/CVE-2014-8964.html https://www.suse.com/security/cve/CVE-2014-9770.html https://www.suse.com/security/cve/CVE-2015-0245.html https://www.suse.com/security/cve/CVE-2015-1283.html https://www.suse.com/security/cve/CVE-2015-2059.html https://www.suse.com/security/cve/CVE-2015-2325.html https://www.suse.com/security/cve/CVE-2015-2327.html https://www.suse.com/security/cve/CVE-2015-2328.html https://www.suse.com/security/cve/CVE-2015-3210.html https://www.suse.com/security/cve/CVE-2015-3217.html https://www.suse.com/security/cve/CVE-2015-3238.html https://www.suse.com/security/cve/CVE-2015-3622.html https://www.suse.com/security/cve/CVE-2015-5073.html https://www.suse.com/security/cve/CVE-2015-5218.html https://www.suse.com/security/cve/CVE-2015-5276.html https://www.suse.com/security/cve/CVE-2015-7511.html https://www.suse.com/security/cve/CVE-2015-8380.html https://www.suse.com/security/cve/CVE-2015-8381.html https://www.suse.com/security/cve/CVE-2015-8382.html https://www.suse.com/security/cve/CVE-2015-8383.html https://www.suse.com/security/cve/CVE-2015-8384.html https://www.suse.com/security/cve/CVE-2015-8385.html https://www.suse.com/security/cve/CVE-2015-8386.html https://www.suse.com/security/cve/CVE-2015-8387.html https://www.suse.com/security/cve/CVE-2015-8388.html https://www.suse.com/security/cve/CVE-2015-8389.html https://www.suse.com/security/cve/CVE-2015-8390.html https://www.suse.com/security/cve/CVE-2015-8391.html https://www.suse.com/security/cve/CVE-2015-8392.html https://www.suse.com/security/cve/CVE-2015-8393.html https://www.suse.com/security/cve/CVE-2015-8394.html https://www.suse.com/security/cve/CVE-2015-8395.html https://www.suse.com/security/cve/CVE-2015-8806.html https://www.suse.com/security/cve/CVE-2015-8842.html https://www.suse.com/security/cve/CVE-2015-8853.html https://www.suse.com/security/cve/CVE-2015-8948.html https://www.suse.com/security/cve/CVE-2016-0634.html https://www.suse.com/security/cve/CVE-2016-0718.html https://www.suse.com/security/cve/CVE-2016-0787.html https://www.suse.com/security/cve/CVE-2016-1234.html https://www.suse.com/security/cve/CVE-2016-1238.html https://www.suse.com/security/cve/CVE-2016-1283.html https://www.suse.com/security/cve/CVE-2016-1762.html https://www.suse.com/security/cve/CVE-2016-1833.html https://www.suse.com/security/cve/CVE-2016-1834.html https://www.suse.com/security/cve/CVE-2016-1835.html https://www.suse.com/security/cve/CVE-2016-1837.html https://www.suse.com/security/cve/CVE-2016-1838.html https://www.suse.com/security/cve/CVE-2016-1839.html https://www.suse.com/security/cve/CVE-2016-1840.html https://www.suse.com/security/cve/CVE-2016-2037.html https://www.suse.com/security/cve/CVE-2016-2073.html https://www.suse.com/security/cve/CVE-2016-2105.html https://www.suse.com/security/cve/CVE-2016-2106.html https://www.suse.com/security/cve/CVE-2016-2107.html https://www.suse.com/security/cve/CVE-2016-2108.html https://www.suse.com/security/cve/CVE-2016-2109.html https://www.suse.com/security/cve/CVE-2016-2177.html https://www.suse.com/security/cve/CVE-2016-2178.html https://www.suse.com/security/cve/CVE-2016-2179.html https://www.suse.com/security/cve/CVE-2016-2180.html https://www.suse.com/security/cve/CVE-2016-2181.html https://www.suse.com/security/cve/CVE-2016-2182.html https://www.suse.com/security/cve/CVE-2016-2183.html https://www.suse.com/security/cve/CVE-2016-2381.html https://www.suse.com/security/cve/CVE-2016-3075.html https://www.suse.com/security/cve/CVE-2016-3191.html https://www.suse.com/security/cve/CVE-2016-3627.html https://www.suse.com/security/cve/CVE-2016-3705.html https://www.suse.com/security/cve/CVE-2016-3706.html https://www.suse.com/security/cve/CVE-2016-4008.html https://www.suse.com/security/cve/CVE-2016-4429.html https://www.suse.com/security/cve/CVE-2016-4447.html https://www.suse.com/security/cve/CVE-2016-4448.html https://www.suse.com/security/cve/CVE-2016-4449.html https://www.suse.com/security/cve/CVE-2016-4483.html https://www.suse.com/security/cve/CVE-2016-4574.html https://www.suse.com/security/cve/CVE-2016-4579.html https://www.suse.com/security/cve/CVE-2016-4658.html https://www.suse.com/security/cve/CVE-2016-5011.html https://www.suse.com/security/cve/CVE-2016-5300.html https://www.suse.com/security/cve/CVE-2016-5419.html https://www.suse.com/security/cve/CVE-2016-5420.html https://www.suse.com/security/cve/CVE-2016-5421.html https://www.suse.com/security/cve/CVE-2016-6185.html https://www.suse.com/security/cve/CVE-2016-6261.html https://www.suse.com/security/cve/CVE-2016-6262.html https://www.suse.com/security/cve/CVE-2016-6263.html https://www.suse.com/security/cve/CVE-2016-6302.html https://www.suse.com/security/cve/CVE-2016-6303.html https://www.suse.com/security/cve/CVE-2016-6304.html https://www.suse.com/security/cve/CVE-2016-6306.html https://www.suse.com/security/cve/CVE-2016-6313.html https://www.suse.com/security/cve/CVE-2016-6318.html https://www.suse.com/security/cve/CVE-2016-7141.html https://www.suse.com/security/cve/CVE-2016-7167.html https://www.suse.com/security/cve/CVE-2016-7543.html https://www.suse.com/security/cve/CVE-2016-7796.html https://www.suse.com/security/cve/CVE-2016-8615.html https://www.suse.com/security/cve/CVE-2016-8616.html https://www.suse.com/security/cve/CVE-2016-8617.html https://www.suse.com/security/cve/CVE-2016-8618.html https://www.suse.com/security/cve/CVE-2016-8619.html https://www.suse.com/security/cve/CVE-2016-8620.html https://www.suse.com/security/cve/CVE-2016-8621.html https://www.suse.com/security/cve/CVE-2016-8622.html https://www.suse.com/security/cve/CVE-2016-8623.html https://www.suse.com/security/cve/CVE-2016-8624.html https://www.suse.com/security/cve/CVE-2016-9063.html https://www.suse.com/security/cve/CVE-2016-9318.html https://www.suse.com/security/cve/CVE-2016-9586.html https://www.suse.com/security/cve/CVE-2016-9597.html https://www.suse.com/security/cve/CVE-2016-9840.html https://www.suse.com/security/cve/CVE-2016-9841.html https://www.suse.com/security/cve/CVE-2016-9842.html https://www.suse.com/security/cve/CVE-2016-9843.html https://www.suse.com/security/cve/CVE-2017-1000100.html https://www.suse.com/security/cve/CVE-2017-1000101.html https://www.suse.com/security/cve/CVE-2017-1000366.html https://www.suse.com/security/cve/CVE-2017-10684.html https://www.suse.com/security/cve/CVE-2017-10685.html https://www.suse.com/security/cve/CVE-2017-11112.html https://www.suse.com/security/cve/CVE-2017-11113.html https://www.suse.com/security/cve/CVE-2017-2616.html https://www.suse.com/security/cve/CVE-2017-6507.html https://www.suse.com/security/cve/CVE-2017-7407.html https://www.suse.com/security/cve/CVE-2017-7526.html https://www.suse.com/security/cve/CVE-2017-9047.html https://www.suse.com/security/cve/CVE-2017-9048.html https://www.suse.com/security/cve/CVE-2017-9049.html https://www.suse.com/security/cve/CVE-2017-9050.html https://www.suse.com/security/cve/CVE-2017-9233.html https://bugzilla.suse.com/1056193 https://bugzilla.suse.com/975726 ================================================ SUSE Security Update: Security update for SLES 12-SP1 Docker image ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:2700-1 Rating: important References: #1056193 #975726 Cross-References: CVE-2012-6702 CVE-2014-0191 CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7187 CVE-2014-7824 CVE-2014-8964 CVE-2014-9770 CVE-2015-0245 CVE-2015-0860 CVE-2015-1283 CVE-2015-2059 CVE-2015-2325 CVE-2015-2327 CVE-2015-2328 CVE-2015-3210 CVE-2015-3217 CVE-2015-3238 CVE-2015-3622 CVE-2015-5073 CVE-2015-5276 CVE-2015-7511 CVE-2015-8380 CVE-2015-8381 CVE-2015-8382 CVE-2015-8383 CVE-2015-8384 CVE-2015-8385 CVE-2015-8386 CVE-2015-8387 CVE-2015-8388 CVE-2015-8389 CVE-2015-8390 CVE-2015-8391 CVE-2015-8392 CVE-2015-8393 CVE-2015-8394 CVE-2015-8395 CVE-2015-8806 CVE-2015-8842 CVE-2015-8853 CVE-2015-8948 CVE-2016-0634 CVE-2016-0718 CVE-2016-0787 CVE-2016-1234 CVE-2016-1238 CVE-2016-1283 CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-2037 CVE-2016-2073 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-2381 CVE-2016-3075 CVE-2016-3191 CVE-2016-3627 CVE-2016-3705 CVE-2016-3706 CVE-2016-4008 CVE-2016-4429 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 CVE-2016-4483 CVE-2016-4574 CVE-2016-4579 CVE-2016-4658 CVE-2016-5011 CVE-2016-5300 CVE-2016-5419 CVE-2016-5420 CVE-2016-5421 CVE-2016-6185 CVE-2016-6261 CVE-2016-6262 CVE-2016-6263 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 CVE-2016-6313 CVE-2016-6318 CVE-2016-7056 CVE-2016-7141 CVE-2016-7167 CVE-2016-7543 CVE-2016-7796 CVE-2016-8610 CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8618 CVE-2016-8619 CVE-2016-8620 CVE-2016-8621 CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 CVE-2016-9063 CVE-2016-9318 CVE-2016-9586 CVE-2016-9597 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-1000100 CVE-2017-1000101 CVE-2017-1000366 CVE-2017-10684 CVE-2017-10685 CVE-2017-11112 CVE-2017-11113 CVE-2017-2616 CVE-2017-3731 CVE-2017-6507 CVE-2017-7407 CVE-2017-7526 CVE-2017-9047 CVE-2017-9048 CVE-2017-9049 CVE-2017-9050 CVE-2017-9233 Affected Products: SUSE Linux Enterprise Module for Containers 12 ______________________________________________________________________________ An update that fixes 143 vulnerabilities is now available. Description: The SUSE Linux Enterprise Server 12 SP1 container image has been updated to include security and stability fixes. The following issues related to building of the container images have been fixed: - Included krb5 package to avoid the inclusion of krb5-mini which gets selected as a dependency by the Build Service solver. (bsc#1056193) - Do not install recommended packages when building container images. (bsc#975726) A number of security issues that have been already fixed by updates released for SUSE Linux Enterprise Server 12 SP1 are now included in the base image. A package/CVE cross-reference is available below. pam: - CVE-2015-3238 libtasn1: - CVE-2015-3622 - CVE-2016-4008 expat: expat: - CVE-2012-6702 - CVE-2015-1283 - CVE-2016-0718 - CVE-2016-5300 - CVE-2016-9063 - CVE-2017-9233 libidn: - CVE-2015-2059 - CVE-2015-8948 - CVE-2016-6261 - CVE-2016-6262 - CVE-2016-6263 zlib: - CVE-2016-9840 - CVE-2016-9841 - CVE-2016-9842 - CVE-2016-9843 curl: - CVE-2016-5419 - CVE-2016-5420 - CVE-2016-5421 - CVE-2016-7141 - CVE-2016-7167 - CVE-2016-8615 - CVE-2016-8616 - CVE-2016-8617 - CVE-2016-8618 - CVE-2016-8619 - CVE-2016-8620 - CVE-2016-8621 - CVE-2016-8622 - CVE-2016-8623 - CVE-2016-8624 - CVE-2016-9586 - CVE-2017-1000100 - CVE-2017-1000101 - CVE-2017-7407 openssl: - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2177 - CVE-2016-2178 - CVE-2016-2179 - CVE-2016-2180 - CVE-2016-2181 - CVE-2016-2182 - CVE-2016-2183 - CVE-2016-6302 - CVE-2016-6303 - CVE-2016-6304 - CVE-2016-6306 - CVE-2016-7056 - CVE-2016-8610 - CVE-2017-3731 cracklib: - CVE-2016-6318 pcre: - CVE-2014-8964 - CVE-2015-2325 - CVE-2015-2327 - CVE-2015-2328 - CVE-2015-3210 - CVE-2015-3217 - CVE-2015-5073 - CVE-2015-8380 - CVE-2015-8381 - CVE-2015-8382 - CVE-2015-8383 - CVE-2015-8384 - CVE-2015-8385 - CVE-2015-8386 - CVE-2015-8387 - CVE-2015-8388 - CVE-2015-8389 - CVE-2015-8390 - CVE-2015-8391 - CVE-2015-8392 - CVE-2015-8393 - CVE-2015-8394 - CVE-2015-8395 - CVE-2016-1283 - CVE-2016-3191 appamor: - CVE-2017-6507 bash: - CVE-2014-6277 - CVE-2014-6278 - CVE-2016-0634 - CVE-2016-7543 cpio: - CVE-2016-2037 glibc: - CVE-2016-1234 - CVE-2016-3075 - CVE-2016-3706 - CVE-2016-4429 - CVE-2017-1000366 perl: - CVE-2015-8853 - CVE-2016-1238 - CVE-2016-2381 - CVE-2016-6185 libssh2_org: - CVE-2016-0787 util-linux: - CVE-2016-5011 - CVE-2017-2616 ncurses: - CVE-2017-10684 - CVE-2017-10685 - CVE-2017-11112 - CVE-2017-11113 libksba: - CVE-2016-4574 - CVE-2016-4579 libxml2: - CVE-2014-0191 - CVE-2015-8806 - CVE-2016-1762 - CVE-2016-1833 - CVE-2016-1834 - CVE-2016-1835 - CVE-2016-1837 - CVE-2016-1838 - CVE-2016-1839 - CVE-2016-1840 - CVE-2016-2073 - CVE-2016-3627 - CVE-2016-3705 - CVE-2016-4447 - CVE-2016-4448 - CVE-2016-4449 - CVE-2016-4483 - CVE-2016-4658 - CVE-2016-9318 - CVE-2016-9597 - CVE-2017-9047 - CVE-2017-9048 - CVE-2017-9049 - CVE-2017-9050 libgcrypt: - CVE-2015-7511 - CVE-2016-6313 - CVE-2017-7526 update-alternatives: - CVE-2015-0860 systemd: - CVE-2014-9770 - CVE-2015-8842 - CVE-2016-7796 dbus-1: - CVE-2014-7824 - CVE-2015-0245 Finally, the following packages received non-security fixes: - augeas - bzip2 - ca-certificates-mozilla - coreutils - cryptsetup - cyrus-sasl - dirmngr - e2fsprogs - findutils - gpg2 - insserv-compat - kmod - libcap - libsolv - libzypp - lua51 - lvm2 - netcfg - p11-kit - permissions - procps - rpm - sed - sg3_utils - shadow - zypper Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Containers 12: zypper in -t patch SUSE-SLE-Module-Containers-12-2017-1673=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64): sles12sp1-docker-image-1.0.7-20171002 References: https://www.suse.com/security/cve/CVE-2012-6702.html https://www.suse.com/security/cve/CVE-2014-0191.html https://www.suse.com/security/cve/CVE-2014-6271.html https://www.suse.com/security/cve/CVE-2014-6277.html https://www.suse.com/security/cve/CVE-2014-6278.html https://www.suse.com/security/cve/CVE-2014-7169.html https://www.suse.com/security/cve/CVE-2014-7187.html https://www.suse.com/security/cve/CVE-2014-7824.html https://www.suse.com/security/cve/CVE-2014-8964.html https://www.suse.com/security/cve/CVE-2014-9770.html https://www.suse.com/security/cve/CVE-2015-0245.html https://www.suse.com/security/cve/CVE-2015-0860.html https://www.suse.com/security/cve/CVE-2015-1283.html https://www.suse.com/security/cve/CVE-2015-2059.html https://www.suse.com/security/cve/CVE-2015-2325.html https://www.suse.com/security/cve/CVE-2015-2327.html https://www.suse.com/security/cve/CVE-2015-2328.html https://www.suse.com/security/cve/CVE-2015-3210.html https://www.suse.com/security/cve/CVE-2015-3217.html https://www.suse.com/security/cve/CVE-2015-3238.html https://www.suse.com/security/cve/CVE-2015-3622.html https://www.suse.com/security/cve/CVE-2015-5073.html https://www.suse.com/security/cve/CVE-2015-5276.html https://www.suse.com/security/cve/CVE-2015-7511.html https://www.suse.com/security/cve/CVE-2015-8380.html https://www.suse.com/security/cve/CVE-2015-8381.html https://www.suse.com/security/cve/CVE-2015-8382.html https://www.suse.com/security/cve/CVE-2015-8383.html https://www.suse.com/security/cve/CVE-2015-8384.html https://www.suse.com/security/cve/CVE-2015-8385.html https://www.suse.com/security/cve/CVE-2015-8386.html https://www.suse.com/security/cve/CVE-2015-8387.html https://www.suse.com/security/cve/CVE-2015-8388.html https://www.suse.com/security/cve/CVE-2015-8389.html https://www.suse.com/security/cve/CVE-2015-8390.html https://www.suse.com/security/cve/CVE-2015-8391.html https://www.suse.com/security/cve/CVE-2015-8392.html https://www.suse.com/security/cve/CVE-2015-8393.html https://www.suse.com/security/cve/CVE-2015-8394.html https://www.suse.com/security/cve/CVE-2015-8395.html https://www.suse.com/security/cve/CVE-2015-8806.html https://www.suse.com/security/cve/CVE-2015-8842.html https://www.suse.com/security/cve/CVE-2015-8853.html https://www.suse.com/security/cve/CVE-2015-8948.html https://www.suse.com/security/cve/CVE-2016-0634.html https://www.suse.com/security/cve/CVE-2016-0718.html https://www.suse.com/security/cve/CVE-2016-0787.html https://www.suse.com/security/cve/CVE-2016-1234.html https://www.suse.com/security/cve/CVE-2016-1238.html https://www.suse.com/security/cve/CVE-2016-1283.html https://www.suse.com/security/cve/CVE-2016-1762.html https://www.suse.com/security/cve/CVE-2016-1833.html https://www.suse.com/security/cve/CVE-2016-1834.html https://www.suse.com/security/cve/CVE-2016-1835.html https://www.suse.com/security/cve/CVE-2016-1837.html https://www.suse.com/security/cve/CVE-2016-1838.html https://www.suse.com/security/cve/CVE-2016-1839.html https://www.suse.com/security/cve/CVE-2016-1840.html https://www.suse.com/security/cve/CVE-2016-2037.html https://www.suse.com/security/cve/CVE-2016-2073.html https://www.suse.com/security/cve/CVE-2016-2105.html https://www.suse.com/security/cve/CVE-2016-2106.html https://www.suse.com/security/cve/CVE-2016-2107.html https://www.suse.com/security/cve/CVE-2016-2108.html https://www.suse.com/security/cve/CVE-2016-2109.html https://www.suse.com/security/cve/CVE-2016-2177.html https://www.suse.com/security/cve/CVE-2016-2178.html https://www.suse.com/security/cve/CVE-2016-2179.html https://www.suse.com/security/cve/CVE-2016-2180.html https://www.suse.com/security/cve/CVE-2016-2181.html https://www.suse.com/security/cve/CVE-2016-2182.html https://www.suse.com/security/cve/CVE-2016-2183.html https://www.suse.com/security/cve/CVE-2016-2381.html https://www.suse.com/security/cve/CVE-2016-3075.html https://www.suse.com/security/cve/CVE-2016-3191.html https://www.suse.com/security/cve/CVE-2016-3627.html https://www.suse.com/security/cve/CVE-2016-3705.html https://www.suse.com/security/cve/CVE-2016-3706.html https://www.suse.com/security/cve/CVE-2016-4008.html https://www.suse.com/security/cve/CVE-2016-4429.html https://www.suse.com/security/cve/CVE-2016-4447.html https://www.suse.com/security/cve/CVE-2016-4448.html https://www.suse.com/security/cve/CVE-2016-4449.html https://www.suse.com/security/cve/CVE-2016-4483.html https://www.suse.com/security/cve/CVE-2016-4574.html https://www.suse.com/security/cve/CVE-2016-4579.html https://www.suse.com/security/cve/CVE-2016-4658.html https://www.suse.com/security/cve/CVE-2016-5011.html https://www.suse.com/security/cve/CVE-2016-5300.html https://www.suse.com/security/cve/CVE-2016-5419.html https://www.suse.com/security/cve/CVE-2016-5420.html https://www.suse.com/security/cve/CVE-2016-5421.html https://www.suse.com/security/cve/CVE-2016-6185.html https://www.suse.com/security/cve/CVE-2016-6261.html https://www.suse.com/security/cve/CVE-2016-6262.html https://www.suse.com/security/cve/CVE-2016-6263.html https://www.suse.com/security/cve/CVE-2016-6302.html https://www.suse.com/security/cve/CVE-2016-6303.html https://www.suse.com/security/cve/CVE-2016-6304.html https://www.suse.com/security/cve/CVE-2016-6306.html https://www.suse.com/security/cve/CVE-2016-6313.html https://www.suse.com/security/cve/CVE-2016-6318.html https://www.suse.com/security/cve/CVE-2016-7056.html https://www.suse.com/security/cve/CVE-2016-7141.html https://www.suse.com/security/cve/CVE-2016-7167.html https://www.suse.com/security/cve/CVE-2016-7543.html https://www.suse.com/security/cve/CVE-2016-7796.html https://www.suse.com/security/cve/CVE-2016-8610.html https://www.suse.com/security/cve/CVE-2016-8615.html https://www.suse.com/security/cve/CVE-2016-8616.html https://www.suse.com/security/cve/CVE-2016-8617.html https://www.suse.com/security/cve/CVE-2016-8618.html https://www.suse.com/security/cve/CVE-2016-8619.html https://www.suse.com/security/cve/CVE-2016-8620.html https://www.suse.com/security/cve/CVE-2016-8621.html https://www.suse.com/security/cve/CVE-2016-8622.html https://www.suse.com/security/cve/CVE-2016-8623.html https://www.suse.com/security/cve/CVE-2016-8624.html https://www.suse.com/security/cve/CVE-2016-9063.html https://www.suse.com/security/cve/CVE-2016-9318.html https://www.suse.com/security/cve/CVE-2016-9586.html https://www.suse.com/security/cve/CVE-2016-9597.html https://www.suse.com/security/cve/CVE-2016-9840.html https://www.suse.com/security/cve/CVE-2016-9841.html https://www.suse.com/security/cve/CVE-2016-9842.html https://www.suse.com/security/cve/CVE-2016-9843.html https://www.suse.com/security/cve/CVE-2017-1000100.html https://www.suse.com/security/cve/CVE-2017-1000101.html https://www.suse.com/security/cve/CVE-2017-1000366.html https://www.suse.com/security/cve/CVE-2017-10684.html https://www.suse.com/security/cve/CVE-2017-10685.html https://www.suse.com/security/cve/CVE-2017-11112.html https://www.suse.com/security/cve/CVE-2017-11113.html https://www.suse.com/security/cve/CVE-2017-2616.html https://www.suse.com/security/cve/CVE-2017-3731.html https://www.suse.com/security/cve/CVE-2017-6507.html https://www.suse.com/security/cve/CVE-2017-7407.html https://www.suse.com/security/cve/CVE-2017-7526.html https://www.suse.com/security/cve/CVE-2017-9047.html https://www.suse.com/security/cve/CVE-2017-9048.html https://www.suse.com/security/cve/CVE-2017-9049.html https://www.suse.com/security/cve/CVE-2017-9050.html https://www.suse.com/security/cve/CVE-2017-9233.html https://bugzilla.suse.com/1056193 https://bugzilla.suse.com/975726 ================================================ SUSE Security Update: Security update for SLES 12-SP2 Docker image ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:2701-1 Rating: important References: #1056193 Cross-References: CVE-2012-6702 CVE-2015-3238 CVE-2016-10156 CVE-2016-1839 CVE-2016-2037 CVE-2016-4658 CVE-2016-5011 CVE-2016-5300 CVE-2016-7055 CVE-2016-9063 CVE-2016-9318 CVE-2016-9401 CVE-2016-9586 CVE-2016-9597 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-0663 CVE-2017-1000100 CVE-2017-1000101 CVE-2017-1000366 CVE-2017-10684 CVE-2017-10685 CVE-2017-11112 CVE-2017-11113 CVE-2017-2616 CVE-2017-3731 CVE-2017-3732 CVE-2017-5969 CVE-2017-6507 CVE-2017-7375 CVE-2017-7376 CVE-2017-7407 CVE-2017-7435 CVE-2017-7436 CVE-2017-7526 CVE-2017-8872 CVE-2017-9047 CVE-2017-9048 CVE-2017-9049 CVE-2017-9050 CVE-2017-9217 CVE-2017-9233 CVE-2017-9269 CVE-2017-9287 CVE-2017-9445 Affected Products: SUSE Linux Enterprise Module for Containers 12 ______________________________________________________________________________ An update that fixes 47 vulnerabilities is now available. Description: The SUSE Linux Enterprise Server 12 SP2 container image has been updated to include security and stability fixes. The following issues related to building of the container images have been fixed: - Included krb5 package to avoid the inclusion of krb5-mini which gets selected as a dependency by the Build Service solver. (bsc#1056193) A number of security issues that have been already fixed by updates released for SUSE Linux Enterprise Server 12 are now included in the base image. A package/CVE cross-reference is available below. bash: - CVE-2016-9401 expat: - CVE-2012-6702 - CVE-2016-5300 - CVE-2016-9063 - CVE-2017-9233 curl: - CVE-2016-9586 - CVE-2017-1000100 - CVE-2017-1000101 - CVE-2017-7407 glibc: - CVE-2017-1000366 openssl: - CVE-2017-3731 - CVE-2017-3732 - CVE-2016-7055 pam: - CVE-2015-3238 apparmor: - CVE-2017-6507 ncurses: - CVE-2017-10684 - CVE-2017-10685 - CVE-2017-11112 - CVE-2017-11113 libgcrypt: - CVE-2017-7526 libxml2: - CVE-2016-1839 - CVE-2016-4658 - CVE-2016-9318 - CVE-2016-9597 - CVE-2017-0663 - CVE-2017-5969 - CVE-2017-7375 - CVE-2017-7376 - CVE-2017-8872 - CVE-2017-9047 - CVE-2017-9048 - CVE-2017-9049 - CVE-2017-9050 libzypp: - CVE-2017-9269 - CVE-2017-7435 - CVE-2017-7436 openldap2: - CVE-2017-9287 systemd: - CVE-2016-10156 - CVE-2017-9217 - CVE-2017-9445 util-linux: - CVE-2016-5011 - CVE-2017-2616 zlib: - CVE-2016-9840 - CVE-2016-9841 - CVE-2016-9842 - CVE-2016-9843 zypper: - CVE-2017-7436 Finally, the following packages received non-security fixes: - binutils - cpio - cryptsetup - cyrus-sasl - dbus-1 - dirmngr - e2fsprogs - gpg2 - insserv-compat - kmod - libsolv - libsemanage - lvm2 - lua51 - netcfg - procps - sed - sg3_utils - shadow Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Containers 12: zypper in -t patch SUSE-SLE-Module-Containers-12-2017-1674=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64): sles12sp2-docker-image-1.0.2-20171006 References: https://www.suse.com/security/cve/CVE-2012-6702.html https://www.suse.com/security/cve/CVE-2015-3238.html https://www.suse.com/security/cve/CVE-2016-10156.html https://www.suse.com/security/cve/CVE-2016-1839.html https://www.suse.com/security/cve/CVE-2016-2037.html https://www.suse.com/security/cve/CVE-2016-4658.html https://www.suse.com/security/cve/CVE-2016-5011.html https://www.suse.com/security/cve/CVE-2016-5300.html https://www.suse.com/security/cve/CVE-2016-7055.html https://www.suse.com/security/cve/CVE-2016-9063.html https://www.suse.com/security/cve/CVE-2016-9318.html https://www.suse.com/security/cve/CVE-2016-9401.html https://www.suse.com/security/cve/CVE-2016-9586.html https://www.suse.com/security/cve/CVE-2016-9597.html https://www.suse.com/security/cve/CVE-2016-9840.html https://www.suse.com/security/cve/CVE-2016-9841.html https://www.suse.com/security/cve/CVE-2016-9842.html https://www.suse.com/security/cve/CVE-2016-9843.html https://www.suse.com/security/cve/CVE-2017-0663.html https://www.suse.com/security/cve/CVE-2017-1000100.html https://www.suse.com/security/cve/CVE-2017-1000101.html https://www.suse.com/security/cve/CVE-2017-1000366.html https://www.suse.com/security/cve/CVE-2017-10684.html https://www.suse.com/security/cve/CVE-2017-10685.html https://www.suse.com/security/cve/CVE-2017-11112.html https://www.suse.com/security/cve/CVE-2017-11113.html https://www.suse.com/security/cve/CVE-2017-2616.html https://www.suse.com/security/cve/CVE-2017-3731.html https://www.suse.com/security/cve/CVE-2017-3732.html https://www.suse.com/security/cve/CVE-2017-5969.html https://www.suse.com/security/cve/CVE-2017-6507.html https://www.suse.com/security/cve/CVE-2017-7375.html https://www.suse.com/security/cve/CVE-2017-7376.html https://www.suse.com/security/cve/CVE-2017-7407.html https://www.suse.com/security/cve/CVE-2017-7435.html https://www.suse.com/security/cve/CVE-2017-7436.html https://www.suse.com/security/cve/CVE-2017-7526.html https://www.suse.com/security/cve/CVE-2017-8872.html https://www.suse.com/security/cve/CVE-2017-9047.html https://www.suse.com/security/cve/CVE-2017-9048.html https://www.suse.com/security/cve/CVE-2017-9049.html https://www.suse.com/security/cve/CVE-2017-9050.html https://www.suse.com/security/cve/CVE-2017-9217.html https://www.suse.com/security/cve/CVE-2017-9233.html https://www.suse.com/security/cve/CVE-2017-9269.html https://www.suse.com/security/cve/CVE-2017-9287.html https://www.suse.com/security/cve/CVE-2017-9445.html https://bugzilla.suse.com/1056193 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWd2t6Ix+lLeg9Ub1AQijMw/7BkZdDRSghqR0RnlYhoV8CK3HLnUOoSZW qIlhy8h5R7o7K62B+QH+OEAoahVc7aVKtoXyNZq1XqFSqkYn2CMfVVze1jFEy/oz X38bY6E89c2pB8PLqJapYW0lc4x1OJxJM2l6yI+thDkD3bzGRzhrxLkUvVMNmo6t 7kseU/w0Gtf9mUEfjuLMLYGtAEb/Fxm9ji5y8xE2SoZEj5vma2Jami/pRLIPNd8O jjApnF1uIY4XhmZF6sr8TXT+niqNxAASVHUEBdkgxzZXHxxxFgd7HgG8ayhPuVl5 wM9XcK5SA77Q8KAtCi2DR6nmnaEDnhe1B/4cz42OBZHgGTCY+qeFfntHj3pJYwvO 8onaN8RPm2XP6f/eAcOnrBGO37dwO4CZXWQh0As8m2D1fgcQcW7/gKziguAsQA8v gME15DiQ8WacV3ZYJe/80D70IdKHm+r/BtTy0ojTFCYNCI50i8zeQ7Jyu5ufsaIH aQqGFoKkqRPAJYq/WtM6htPGue8U68Y3OCtY1aXcjLOX8yXrJ9jyO//OMKsIwzSm VUgkrmGcOaCxXsS8R/n0gGsETA3aOkgD4shVngKl7ib4io6I7J8Abh4axUJvaGJD 8niJJ5yzfibpgj0FKJPqDwih2k985QLe6fQw1nFRMhvNZ3Mbvd/YUzYlqw+WaknK iROWE8L61o4= =0DYC -----END PGP SIGNATURE-----