Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2017.2778
APPLE-SA-2017-10-31-2 macOS High Sierra 10.13.1, Security Update 2017-001
Sierra, Security Update 2017-004 El Capita
2 November 2017
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Apple macOS
Publisher: Apple
Operating System: OS X
Impact/Access: Root Compromise -- Remote with User Interaction
Access Privileged Data -- Remote/Unauthenticated
Denial of Service -- Remote/Unauthenticated
Provide Misleading Information -- Remote/Unauthenticated
Unauthorised Access -- Remote/Unauthenticated
Access Confidential Data -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2017-1000101 CVE-2017-1000100 CVE-2017-13846
CVE-2017-13843 CVE-2017-13842 CVE-2017-13841
CVE-2017-13840 CVE-2017-13838 CVE-2017-13836
CVE-2017-13834 CVE-2017-13832 CVE-2017-13831
CVE-2017-13830 CVE-2017-13828 CVE-2017-13826
CVE-2017-13825 CVE-2017-13824 CVE-2017-13823
CVE-2017-13822 CVE-2017-13821 CVE-2017-13820
CVE-2017-13819 CVE-2017-13818 CVE-2017-13817
CVE-2017-13816 CVE-2017-13815 CVE-2017-13814
CVE-2017-13813 CVE-2017-13812 CVE-2017-13811
CVE-2017-13810 CVE-2017-13809 CVE-2017-13808
CVE-2017-13807 CVE-2017-13804 CVE-2017-13801
CVE-2017-13800 CVE-2017-13799 CVE-2017-13786
CVE-2017-13782 CVE-2017-13725 CVE-2017-13690
CVE-2017-13689 CVE-2017-13688 CVE-2017-13687
CVE-2017-13080 CVE-2017-13078 CVE-2017-13077
CVE-2017-13055 CVE-2017-13054 CVE-2017-13053
CVE-2017-13052 CVE-2017-13051 CVE-2017-13050
CVE-2017-13049 CVE-2017-13048 CVE-2017-13047
CVE-2017-13046 CVE-2017-13045 CVE-2017-13044
CVE-2017-13043 CVE-2017-13042 CVE-2017-13041
CVE-2017-13040 CVE-2017-13039 CVE-2017-13038
CVE-2017-13037 CVE-2017-13036 CVE-2017-13035
CVE-2017-13034 CVE-2017-13033 CVE-2017-13032
CVE-2017-13031 CVE-2017-13030 CVE-2017-13029
CVE-2017-13028 CVE-2017-13027 CVE-2017-13026
CVE-2017-13025 CVE-2017-13024 CVE-2017-13023
CVE-2017-13022 CVE-2017-13021 CVE-2017-13020
CVE-2017-13019 CVE-2017-13018 CVE-2017-13017
CVE-2017-13016 CVE-2017-13015 CVE-2017-13014
CVE-2017-13013 CVE-2017-13012 CVE-2017-13011
CVE-2017-13010 CVE-2017-13009 CVE-2017-13008
CVE-2017-13007 CVE-2017-13006 CVE-2017-13005
CVE-2017-13004 CVE-2017-13003 CVE-2017-13002
CVE-2017-13001 CVE-2017-13000 CVE-2017-12999
CVE-2017-12998 CVE-2017-12997 CVE-2017-12996
CVE-2017-12995 CVE-2017-12994 CVE-2017-12993
CVE-2017-12992 CVE-2017-12991 CVE-2017-12990
CVE-2017-12989 CVE-2017-12988 CVE-2017-12987
CVE-2017-12986 CVE-2017-12985 CVE-2017-12902
CVE-2017-12901 CVE-2017-12900 CVE-2017-12899
CVE-2017-12898 CVE-2017-12897 CVE-2017-12896
CVE-2017-12895 CVE-2017-12894 CVE-2017-12893
CVE-2017-11543 CVE-2017-11542 CVE-2017-11541
CVE-2017-11108 CVE-2017-11103 CVE-2017-9789
CVE-2017-9788 CVE-2017-7679 CVE-2017-7668
CVE-2017-7659 CVE-2017-7132 CVE-2017-3169
CVE-2017-3167 CVE-2016-8743 CVE-2016-8740
CVE-2016-5387 CVE-2016-4736 CVE-2016-2161
CVE-2016-736
Reference: ASB-2017.0181
ASB-2017.0107
ESB-2017.2769
ESB-2017.2476
ESB-2017.2437
ESB-2017.2423
ESB-2017.2318
Original Bulletin:
https://support.apple.com/en-au/HT208221
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-10-31-2 macOS High Sierra 10.13.1,
Security Update 2017-001 Sierra, Security Update 2017-004 El Capitan
macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, Security
Update 2017-004 El Capitan are now available and address the
following:
802.1X
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An attacker may be able to exploit weaknesses in TLS 1.0
Description: A protocol security issue was addressed by enabling TLS
1.1 and TLS 1.2.
CVE-2017-13832: an anonymous researcher
apache
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Multiple issues in Apache
Description: Multiple issues were addressed by updating to version
2.4.27.
CVE-2016-736
CVE-2016-2161
CVE-2016-5387
CVE-2016-8740
CVE-2016-8743
CVE-2017-3167
CVE-2017-3169
CVE-2017-7659
CVE-2017-7668
CVE-2017-7679
CVE-2017-9788
CVE-2017-9789
APFS
Available for: macOS High Sierra 10.13
Impact: A malicious Thunderbolt adapter may be able to recover
unencrypted APFS filesystem data
Description: An issue existed in the handling of DMA. This issue was
addressed by limiting the time the FileVault decryption buffers are
DMA mapped to the duration of the I/O operation.
CVE-2017-13786: an anonymous researcher
APFS
Available for: macOS High Sierra 10.13
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13800: Sergej Schumilo of Ruhr-University Bochum
AppleScript
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Decompiling an AppleScript with osadecompile may lead to
arbitrary code execution
Description: A validation issue was addressed with improved input
sanitization.
CVE-2017-13809: an anonymous researcher
ATS
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Processing a maliciously crafted font may result in the
disclosure of process memory
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2017-13820: John Villamil, Doyensec
Audio
Available for: macOS Sierra 10.12.6
Impact: Parsing a maliciously crafted QuickTime file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory consumption issue was addressed through
improved memory handling.
CVE-2017-13807: Yangkang (@dnpushme) of Qihoo 360 Qex Team
CFString
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2017-13821: Australian Cyber Security Centre â\x{128}\x{147} Australian Signals
Directorate
CoreText
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A memory consumption issue was addressed through
improved memory handling.
CVE-2017-13825: Australian Cyber Security Centre â\x{128}\x{147} Australian Signals
Directorate
curl
Available for: macOS High Sierra 10.13, macOS Sierra 10.12.6, OS X El
Capitan 10.11.6
Impact: Uploading using TFTP to a maliciously crafted URL with
libcurl may disclose application memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2017-1000100: Even Rouault, found by OSS-Fuzz
curl
Available for: macOS High Sierra 10.13, macOS Sierra 10.12.6, OS X El
Capitan 10.11.6
Impact: Processing a maliciously crafted URL with libcurl may cause
unexpected application termination or read process memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2017-1000101: Brian Carpenter, Yongji Ouyang
Dictionary Widget
Available for: macOS High Sierra 10.13, macOS Sierra 10.12.6, OS X El
Capitan 10.11.6
Impact: Searching pasted text in the Dictionary widget may lead to
compromise of user information
Description: A validation issue existed which allowed local file
access. This was addressed with input sanitization.
CVE-2017-13801: xisigr of Tencent's Xuanwu Lab (tencent.com)
file
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Multiple issues in file
Description: Multiple issues were addressed by updating to version
5.31.
CVE-2017-13815
Fonts
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Rendering untrusted text may lead to spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2017-13828: an anonymous researcher
fsck_msdos
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13811: an anonymous researcher
Heimdal
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An attacker in a privileged network position may be able
to impersonate a service
Description: A validation issue existed in the handling of
the KDC-REP service name. This issue was addressed through improved
validation.
CVE-2017-11103: Jeffrey Altman, Viktor Duchovni, and Nico Williams
HelpViewer
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: A quarantined HTML file may execute arbitrary JavaScript
cross-origin
Description: A cross-site scripting issue existed in HelpViewer. This
issue was addressed by removing the affected file.
CVE-2017-13819: an anonymous researcher
HFS
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13830: Sergej Schumilo of Ruhr-University Bochum
ImageIO
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-13814: Australian Cyber Security Centre â\x{128}\x{147} Australian Signals
Directorate
ImageIO
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: An information disclosure issue existed in the
processing of disk images. This issue was addressed through improved
memory management.
CVE-2017-13831: an anonymous researcher
Kernel
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: A local user may be able to leak sensitive user information
Description: A permissions issue existed in kernel packet counters.
This issue was addressed through improved permission validation.
CVE-2017-13810: an anonymous researcher
Kernel
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: A local user may be able to read kernel memory
Description: An out-of-bounds read issue existed that led to the
disclosure of kernel memory. This was addressed through improved
input validation.
CVE-2017-13817: Maxime Villard (m00nbsd)
Kernel
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2017-13818: The UK's National Cyber Security Centre (NCSC)
CVE-2017-13836: an anonymous researcher, an anonymous researcher
CVE-2017-13841: an anonymous researcher
CVE-2017-13840: an anonymous researcher
CVE-2017-13842: an anonymous researcher
CVE-2017-13782: Kevin Backhouse of Semmle Ltd.
Kernel
Available for: macOS High Sierra 10.13, macOS Sierra 10.12.6
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13799: an anonymous researcher
Kernel
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13843: an anonymous researcher
Kernel
Available for: macOS Sierra 10.12.6
Impact: Processing a malformed mach binary may lead to arbitrary code
execution
Description: A memory corruption issue was addressed through improved
validation.
CVE-2017-13834: Maxime Villard (m00nbsd)
libarchive
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Unpacking a maliciously crafted archive may lead to arbitrary
code execution
Description: A buffer overflow issue was addressed through improved
memory handling.
CVE-2017-13813: found by OSS-Fuzz
CVE-2017-13816: found by OSS-Fuzz
libarchive
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Unpacking a maliciously crafted archive may lead to arbitrary
code execution
Description: Multiple memory corruption issues existed in libarchive.
These issues were addressed through improved input validation.
CVE-2017-13812: found by OSS-Fuzz
libarchive
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2016-4736: Proteas of Qihoo 360 Nirvan Team
Open Scripting Architecture
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Decompiling an AppleScript with osadecompile may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13824: an anonymous researcher
PCRE
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Multiple issues in pcre
Description: Multiple issues were addressed by updating to version
8.40.
CVE-2017-13846
Postfix
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Multiple issues in Postfix
Description: Multiple issues were addressed by updating to version
3.2.2.
CVE-2017-13826: an anonymous researcher
Quick Look
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2017-13822: Australian Cyber Security Centre â\x{128}\x{147} Australian Signals
Directorate
Quick Look
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Parsing a maliciously crafted office document may lead to an
unexpected application termination or arbitrary code execution
Description: A memory consumption issue was addressed through
improved memory handling.
CVE-2017-7132: Australian Cyber Security Centre â\x{128}\x{147} Australian Signals
Directorate
QuickTime
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2017-13823: an anonymous researcher
Remote Management
Available for: macOS Sierra 10.12.6
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13808: an anonymous researcher
Sandbox
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13838: an anonymous researcher
StreamingZip
Available for: macOS High Sierra 10.13, macOS Sierra 10.12.6, OS X El
Capitan 10.11.6
Impact: A malicious zip file may be able modify restricted areas of
the file system
Description: A path handling issue was addressed with improved
validation.
CVE-2017-13804: @qwertyoruiopz at KJC Research Intl. S.R.L.
tcpdump
Available for: macOS High Sierra 10.13, macOS Sierra 10.12.6
Impact: Multiple issues in tcpdump
Description: Multiple issues were addressed by updating to version
4.9.2.
CVE-2017-11108
CVE-2017-11541
CVE-2017-11542
CVE-2017-11543
CVE-2017-12893
CVE-2017-12894
CVE-2017-12895
CVE-2017-12896
CVE-2017-12897
CVE-2017-12898
CVE-2017-12899
CVE-2017-12900
CVE-2017-12901
CVE-2017-12902
CVE-2017-12985
CVE-2017-12986
CVE-2017-12987
CVE-2017-12988
CVE-2017-12989
CVE-2017-12990
CVE-2017-12991
CVE-2017-12992
CVE-2017-12993
CVE-2017-12994
CVE-2017-12995
CVE-2017-12996
CVE-2017-12997
CVE-2017-12998
CVE-2017-12999
CVE-2017-13000
CVE-2017-13001
CVE-2017-13002
CVE-2017-13003
CVE-2017-13004
CVE-2017-13005
CVE-2017-13006
CVE-2017-13007
CVE-2017-13008
CVE-2017-13009
CVE-2017-13010
CVE-2017-13011
CVE-2017-13012
CVE-2017-13013
CVE-2017-13014
CVE-2017-13015
CVE-2017-13016
CVE-2017-13017
CVE-2017-13018
CVE-2017-13019
CVE-2017-13020
CVE-2017-13021
CVE-2017-13022
CVE-2017-13023
CVE-2017-13024
CVE-2017-13025
CVE-2017-13026
CVE-2017-13027
CVE-2017-13028
CVE-2017-13029
CVE-2017-13030
CVE-2017-13031
CVE-2017-13032
CVE-2017-13033
CVE-2017-13034
CVE-2017-13035
CVE-2017-13036
CVE-2017-13037
CVE-2017-13038
CVE-2017-13039
CVE-2017-13040
CVE-2017-13041
CVE-2017-13042
CVE-2017-13043
CVE-2017-13044
CVE-2017-13045
CVE-2017-13046
CVE-2017-13047
CVE-2017-13048
CVE-2017-13049
CVE-2017-13050
CVE-2017-13051
CVE-2017-13052
CVE-2017-13053
CVE-2017-13054
CVE-2017-13055
CVE-2017-13687
CVE-2017-13688
CVE-2017-13689
CVE-2017-13690
CVE-2017-13725
Wi-Fi
Available for: macOS High Sierra 10.13, macOS Sierra 10.12.6, OS X El
Capitan 10.11.6
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA
clients (Key Reinstallation Attacks - KRACK)
Description: A logic issue existed in the handling of state
transitions. This was addressed with improved state management.
CVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU
Leuven
CVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU
Leuven
CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU
Leuven
Installation note:
macOS High Sierra 10.13.1 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
- -----BEGIN PGP SIGNATURE-----
iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAln4u74pHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEZL1A//
WjcVy4745VcW+I0+qKZta734BUyZNPmQ+Jq5t5wt5tJN87UjQGfxNOtw8/BMC2hy
bd9FOtfIPzPvEyjiVJCE2LZPNAIh/DUWzo8XozKHgbjjN4vxodnVwLXQ3rMMXqBI
yiQseOurBofRKXyQwi+6nx6DhzvX63d0dsdXHfnpEKYDjPLRWDQOk92d6SxJqtYM
tpYWiDJkssYEIS/oTlffOfwSvo2P5qffSEgsKjS4MvXLmG98IEAacEGmszpddeDZ
8SALW7QFrlYQNXi8YY0U9jc9em2aiaLKs0icuCKSxrcnvkB1T/8b23tG/SmnZ6vu
yaFKFdMShtnmtMOr2FRg6tvQOn0traIbUMbh+7MDpr7IZIq2Nj5PanqMvQZ3R/tQ
wfIN7buS/HACZycceaJu7y5GNjL3u2y3fsNLcMzUADkf5Z1LwcihPuh3563uzlho
HcGolNk19S0Q/+ixWYDvJoLEaQmA7PPOdsCIlj8IGJgw42P78iuE+NBhQuttn/35
siLGxUUpWyXlFWoZvbLVM1jk7SUnrCSQWyRTvnh80Gdq+zym5N986uP7+9/GUIZ/
4e4I5edR85eC1Nfhqbceg4U0wc2/Ox+l9Cah+awIbemt1MtigjT9Hkwd+xUMwTN6
/49TlNfE12+rdM9LB5L7+zgUPbhsQzH/l23fK6mIPAs=
=pFCC
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBWfqL74x+lLeg9Ub1AQg4rhAAhkuW4rlLDe6B9qM9lMT9KGcVX+dg/4Zg
JuWkpEgt6kMpaDS+T/Wqma49p14SDS95DAIwK1nawfmBqMa8w249E+lPRs9FJn6l
IFVoeRYZLqZK8m03P2r8gPMOLKhu9GnRqvzcD5vR4Qe3UA7hA+SZNE2qH4tzgoc4
IWQAi8CZ7Fyc7R3DEfGqi764WnvHovE8CpjvcD9CFlJ15DpTQUyH+jBkxQ2r66TP
4CLksewfbtlQdOFx6TomgE8XrsJJ/Wwakz5yO8h+hBqYsgTEpNk/JSOriNIH6B4a
xDyIAKNnDSmMHIoO/COvGxS9wuxmGai7g5KN5rPl9BeXuy2o2ZhzPwyFLy3grFar
sqVmvZgVd1BguWILMQQczrCNuwdicPfLiIb5dpEIaxJGcHEBdmJZu0+PjZQv8jvk
c29v3EphWYWWsJ5pm5D+EL2mTO6DvrNeYR6dCnfxELQVETXt6cKRumMrBGKgtv8n
sbqfXqBKPHlzyBsF+SfNtScPReekNmx7TXMPiaKgoz5FRWC4CAQfdv0T1NeLdaij
VXf6TPEKDa7jkCJ2zN9QUSJIYVsTnc6HIsu8QYVhTrjWu8/nnpGKzgOtplGriH21
gMNc71UaiiQPGqUZxrJy3e8PHo1IDvRIgaFAx951TZQGJDBebqR11U0gVUC6z2RO
K40WPyvJp4c=
=DslB
-----END PGP SIGNATURE-----