Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2019.3003 exiv2 security, bug fix, and enhancement update 8 August 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: exiv2 Publisher: Red Hat Operating System: Red Hat Enterprise Linux Server 7 Red Hat Enterprise Linux WS/Desktop 7 Impact/Access: Denial of Service -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2018-20099 CVE-2018-20098 CVE-2018-20097 CVE-2018-20096 CVE-2018-19607 CVE-2018-19535 CVE-2018-19108 CVE-2018-19107 CVE-2018-18915 CVE-2018-17581 CVE-2018-17282 CVE-2018-14046 CVE-2018-12265 CVE-2018-12264 CVE-2018-11037 CVE-2018-10998 CVE-2018-10958 CVE-2018-10772 CVE-2018-9305 CVE-2018-8977 CVE-2018-8976 CVE-2017-17724 Reference: ESB-2019.2617 ESB-2019.0108 ESB-2018.1933.2 Original Bulletin: https://access.redhat.com/errata/RHSA-2019:2101 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Low: exiv2 security, bug fix, and enhancement update Advisory ID: RHSA-2019:2101-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:2101 Issue date: 2019-08-06 CVE Names: CVE-2017-17724 CVE-2018-8976 CVE-2018-8977 CVE-2018-9305 CVE-2018-10772 CVE-2018-10958 CVE-2018-10998 CVE-2018-11037 CVE-2018-12264 CVE-2018-12265 CVE-2018-14046 CVE-2018-17282 CVE-2018-17581 CVE-2018-18915 CVE-2018-19107 CVE-2018-19108 CVE-2018-19535 CVE-2018-19607 CVE-2018-20096 CVE-2018-20097 CVE-2018-20098 CVE-2018-20099 ===================================================================== 1. Summary: An update for exiv2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 (0.27.0). (BZ#1652637) Security Fix(es): * exiv2: heap-buffer-overflow in Exiv2::IptcData::printStructure in src/iptc.cpp (CVE-2017-17724) * exiv2: out-of-bounds read in Exiv2::Internal::stringFormat image.cpp (CVE-2018-8976) * exiv2: invalid memory access in Exiv2::Internal::printCsLensFFFF function in canonmn_int.cpp (CVE-2018-8977) * exiv2: out of bounds read in IptcData::printStructure in iptc.c (CVE-2018-9305) * exiv2: OOB read in pngimage.cpp:tEXtToDataBuf() allows for crash via crafted file (CVE-2018-10772) * exiv2: SIGABRT caused by memory allocation in types.cpp:Exiv2::Internal::PngChunk::zlibUncompress() (CVE-2018-10958) * exiv2: SIGABRT by triggering an incorrect Safe::add call (CVE-2018-10998) * exiv2: information leak via a crafted file (CVE-2018-11037) * exiv2: integer overflow in getData function in preview.cpp (CVE-2018-12264) * exiv2: integer overflow in the LoaderExifJpeg class in preview.cpp (CVE-2018-12265) * exiv2: heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp (CVE-2018-14046) * exiv2: NULL pointer dereference in Exiv2::DataValue::copy in value.cpp leading to application crash (CVE-2018-17282) * exiv2: Stack overflow in CiffDirectory::readDirectory() at crwimage_int.cpp leading to denial of service (CVE-2018-17581) * exiv2: infinite loop in Exiv2::Image::printIFDStructure function in image.cpp (CVE-2018-18915) * exiv2: heap-based buffer over-read in Exiv2::IptcParser::decode in iptc.cpp (CVE-2018-19107) * exiv2: infinite loop in Exiv2::PsdImage::readMetadata in psdimage.cpp (CVE-2018-19108) * exiv2: heap-based buffer over-read in PngChunk::readRawProfile in pngchunk_int.cpp (CVE-2018-19535) * exiv2: NULL pointer dereference in Exiv2::isoSpeed in easyaccess.cpp (CVE-2018-19607) * exiv2: Heap-based buffer over-read in Exiv2::tEXtToDataBuf function resulting in a denial of service (CVE-2018-20096) * exiv2: Segmentation fault in Exiv2::Internal::TiffParserWorker::findPrimaryGroups function (CVE-2018-20097) * exiv2: Heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service (CVE-2018-20098) * exiv2: Infinite loop in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service (CVE-2018-20099) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1465061 - There is an invalid free in Image::printIFDStructure that leads to a Segmentation fault at exiv2. A crafted input will lead to remote denial of service attack. 1470729 - There is a heap overflow in the software exiv2. 1470737 - There is an invalid free in Action::TaskFactory::cleanup funtion of actions.cpp in exiv2. A crafted input will lead to remote denial of service attack. 1470913 - There is an infinite loop in Exiv2::Image::printIFDStructure funtion of image.cpp in exiv2. A crafted input will lead to remote denial of service attack. 1470946 - There is a heap-buffer-overflow in image.cpp of exiv2. 1470950 - There is a Segmentation fault in the software exiv2 while the function Exiv2::XmpParser::terminate() is finished. 1471772 - There is an illegal address access in basicio.cpp of exiv2. 1473888 - There is a Floating point exception in Exiv2::ValueType of exiv2. 1473889 - There is alloc-dealloc-mismatch in Exiv2::FileIo::seek of exiv2. 1475123 - There is an assertion aborted in tiffvisitor.cpp of exiv2/libexiv2. 1475124 - There is an assertion aborted in tiffvisitor.cpp of exiv2/libexiv2. 1482295 - There is a heap-buffer-overflow in basicio.cpp of exiv2. 1482296 - There is an illegal address access in Exiv2::FileIo::path[abi:cxx11]() of exiv2 1482423 - There is a heap-buffer-overflow in the software exiv2 which is triggered in Exiv2::Image::io function. 1494443 - Null pointer dereference vulnerability in Exiv2::Image::printIFDStructure (image.cpp:408) 1494467 - Invalid memory address dereference in Exiv2::getULong(types.cpp:246) 1494776 - It is a heap-buffer-overflow in Exiv2::Jp2Image::readMetadata (jp2image.cpp:277) 1494778 - It is a heap-buffer-overflow in Exiv2::us2Data (types.cpp:346) 1494780 - Invalid memory address dereference in Exiv2::StringValueBase::read ( in value.cpp:302) 1494781 - It is a heap-buffer-overflow in Exiv2::s2Data (types.cpp:383) 1494782 - It is a heap-buffer-overflow in Exiv2::l2Data (types.cpp:398) 1494786 - Invalid memory address dereference in Exiv2::DataValue::read (value.cpp:193) 1494787 - it is a stack-overflow vulnerability in Exiv2::Internal::stringFormat[abi:cxx11] ( in image.cpp:975 ) 1495043 - bad free in Exiv2::Image::~Image (image.cpp:173) 1524104 - exiv2 library: heap-based buffer over-read in Exiv2::Image::byteSwap4 (image.cpp) 1524107 - exiv2 library: heap-based buffer over-read in Exiv2::IptcData::printStructure (iptc.cpp) 1524116 - exiv2 library: assertion aborted in Exiv2::(anonymous namespace)::readHeader (bigtiffimage.cpp) 1525055 - exiv2 library: heap-buffer-overflow in Exiv2::getULong (types.cpp) 1537353 - Exiv2: integer overflow in floatToRationalCast function (src/types.cpp) 1545237 - CVE-2017-17724 exiv2: heap-buffer-overflow in Exiv2::IptcData::printStructure in src/iptc.cpp 1561213 - CVE-2018-8976 exiv2: out-of-bounds read in Exiv2::Internal::stringFormat image.cpp 1561217 - CVE-2018-8977 exiv2: invalid memory access in Exiv2::Internal::printCsLensFFFF function in canonmn_int.cpp 1566260 - There is a Segmentation fault in the software exiv2 when the function Exiv2::tEXtToDataBuf() is finished 1566735 - CVE-2018-9305 exiv2: out of bounds read in IptcData::printStructure in iptc.c 1578659 - CVE-2018-10958 exiv2: SIGABRT caused by memory allocation in types.cpp:Exiv2::Internal::PngChunk::zlibUncompress() 1579481 - CVE-2018-10998 exiv2: SIGABRT by triggering an incorrect Safe::add call 1579544 - CVE-2018-11037 exiv2: information leak via a crafted file 1590993 - CVE-2018-12264 exiv2: integer overflow in getData function in preview.cpp 1590994 - CVE-2018-12265 exiv2: integer overflow in the LoaderExifJpeg class in preview.cpp 1594627 - CVE-2018-10772 exiv2: OOB read in pngimage.cpp:tEXtToDataBuf() allows for crash via crafted file 1601628 - CVE-2018-14046 exiv2: heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp 1632490 - CVE-2018-17282 exiv2: NULL pointer dereference in Exiv2::DataValue::copy in value.cpp leading to application crash 1635045 - CVE-2018-17581 exiv2: Stack overflow in CiffDirectory::readDirectory() at crwimage_int.cpp leading to denial of service 1646555 - CVE-2018-18915 exiv2: infinite loop in Exiv2::Image::printIFDStructure function in image.cpp 1649094 - CVE-2018-19107 exiv2: heap-based buffer over-read in Exiv2::IptcParser::decode in iptc.cpp 1649101 - CVE-2018-19108 exiv2: infinite loop in Exiv2::PsdImage::readMetadata in psdimage.cpp 1652637 - Rebase exiv2 to 0.27 1656187 - CVE-2018-19535 exiv2: heap-based buffer over-read in PngChunk::readRawProfile in pngchunk_int.cpp 1656195 - CVE-2018-19607 exiv2: NULL pointer dereference in Exiv2::isoSpeed in easyaccess.cpp 1660423 - CVE-2018-20096 exiv2: Heap-based buffer over-read in Exiv2::tEXtToDataBuf function resulting in a denial of service 1660424 - CVE-2018-20097 exiv2: Segmentation fault in Exiv2::Internal::TiffParserWorker::findPrimaryGroups function 1660425 - CVE-2018-20098 exiv2: Heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service 1660426 - CVE-2018-20099 exiv2: Infinite loop in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service 1664361 - Gwenview + Exiv2 crash in Pentax camera files 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: exiv2-0.27.0-2.el7_6.src.rpm x86_64: exiv2-0.27.0-2.el7_6.x86_64.rpm exiv2-debuginfo-0.27.0-2.el7_6.i686.rpm exiv2-debuginfo-0.27.0-2.el7_6.x86_64.rpm exiv2-libs-0.27.0-2.el7_6.i686.rpm exiv2-libs-0.27.0-2.el7_6.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: exiv2-doc-0.27.0-2.el7_6.noarch.rpm x86_64: exiv2-debuginfo-0.27.0-2.el7_6.i686.rpm exiv2-debuginfo-0.27.0-2.el7_6.x86_64.rpm exiv2-devel-0.27.0-2.el7_6.i686.rpm exiv2-devel-0.27.0-2.el7_6.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: exiv2-0.27.0-2.el7_6.src.rpm x86_64: exiv2-0.27.0-2.el7_6.x86_64.rpm exiv2-debuginfo-0.27.0-2.el7_6.i686.rpm exiv2-debuginfo-0.27.0-2.el7_6.x86_64.rpm exiv2-libs-0.27.0-2.el7_6.i686.rpm exiv2-libs-0.27.0-2.el7_6.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: exiv2-doc-0.27.0-2.el7_6.noarch.rpm x86_64: exiv2-debuginfo-0.27.0-2.el7_6.i686.rpm exiv2-debuginfo-0.27.0-2.el7_6.x86_64.rpm exiv2-devel-0.27.0-2.el7_6.i686.rpm exiv2-devel-0.27.0-2.el7_6.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: exiv2-0.27.0-2.el7_6.src.rpm ppc64: exiv2-0.27.0-2.el7_6.ppc64.rpm exiv2-debuginfo-0.27.0-2.el7_6.ppc.rpm exiv2-debuginfo-0.27.0-2.el7_6.ppc64.rpm exiv2-libs-0.27.0-2.el7_6.ppc.rpm exiv2-libs-0.27.0-2.el7_6.ppc64.rpm ppc64le: exiv2-0.27.0-2.el7_6.ppc64le.rpm exiv2-debuginfo-0.27.0-2.el7_6.ppc64le.rpm exiv2-libs-0.27.0-2.el7_6.ppc64le.rpm s390x: exiv2-0.27.0-2.el7_6.s390x.rpm exiv2-debuginfo-0.27.0-2.el7_6.s390.rpm exiv2-debuginfo-0.27.0-2.el7_6.s390x.rpm exiv2-libs-0.27.0-2.el7_6.s390.rpm exiv2-libs-0.27.0-2.el7_6.s390x.rpm x86_64: exiv2-0.27.0-2.el7_6.x86_64.rpm exiv2-debuginfo-0.27.0-2.el7_6.i686.rpm exiv2-debuginfo-0.27.0-2.el7_6.x86_64.rpm exiv2-libs-0.27.0-2.el7_6.i686.rpm exiv2-libs-0.27.0-2.el7_6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: exiv2-doc-0.27.0-2.el7_6.noarch.rpm ppc64: exiv2-debuginfo-0.27.0-2.el7_6.ppc.rpm exiv2-debuginfo-0.27.0-2.el7_6.ppc64.rpm exiv2-devel-0.27.0-2.el7_6.ppc.rpm exiv2-devel-0.27.0-2.el7_6.ppc64.rpm ppc64le: exiv2-debuginfo-0.27.0-2.el7_6.ppc64le.rpm exiv2-devel-0.27.0-2.el7_6.ppc64le.rpm s390x: exiv2-debuginfo-0.27.0-2.el7_6.s390.rpm exiv2-debuginfo-0.27.0-2.el7_6.s390x.rpm exiv2-devel-0.27.0-2.el7_6.s390.rpm exiv2-devel-0.27.0-2.el7_6.s390x.rpm x86_64: exiv2-debuginfo-0.27.0-2.el7_6.i686.rpm exiv2-debuginfo-0.27.0-2.el7_6.x86_64.rpm exiv2-devel-0.27.0-2.el7_6.i686.rpm exiv2-devel-0.27.0-2.el7_6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: exiv2-0.27.0-2.el7_6.src.rpm x86_64: exiv2-0.27.0-2.el7_6.x86_64.rpm exiv2-debuginfo-0.27.0-2.el7_6.i686.rpm exiv2-debuginfo-0.27.0-2.el7_6.x86_64.rpm exiv2-libs-0.27.0-2.el7_6.i686.rpm exiv2-libs-0.27.0-2.el7_6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: exiv2-doc-0.27.0-2.el7_6.noarch.rpm x86_64: exiv2-debuginfo-0.27.0-2.el7_6.i686.rpm exiv2-debuginfo-0.27.0-2.el7_6.x86_64.rpm exiv2-devel-0.27.0-2.el7_6.i686.rpm exiv2-devel-0.27.0-2.el7_6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-17724 https://access.redhat.com/security/cve/CVE-2018-8976 https://access.redhat.com/security/cve/CVE-2018-8977 https://access.redhat.com/security/cve/CVE-2018-9305 https://access.redhat.com/security/cve/CVE-2018-10772 https://access.redhat.com/security/cve/CVE-2018-10958 https://access.redhat.com/security/cve/CVE-2018-10998 https://access.redhat.com/security/cve/CVE-2018-11037 https://access.redhat.com/security/cve/CVE-2018-12264 https://access.redhat.com/security/cve/CVE-2018-12265 https://access.redhat.com/security/cve/CVE-2018-14046 https://access.redhat.com/security/cve/CVE-2018-17282 https://access.redhat.com/security/cve/CVE-2018-17581 https://access.redhat.com/security/cve/CVE-2018-18915 https://access.redhat.com/security/cve/CVE-2018-19107 https://access.redhat.com/security/cve/CVE-2018-19108 https://access.redhat.com/security/cve/CVE-2018-19535 https://access.redhat.com/security/cve/CVE-2018-19607 https://access.redhat.com/security/cve/CVE-2018-20096 https://access.redhat.com/security/cve/CVE-2018-20097 https://access.redhat.com/security/cve/CVE-2018-20098 https://access.redhat.com/security/cve/CVE-2018-20099 https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXUl4bdzjgjWX9erEAQhIrQ//V7JR9iNhhKmRGzdLWT0ZhhPaDy9h+drU L49Fdzs6fgmtBZQxPOqo8mfngBjX4gRn7oomdXGYJfLMmwIhwZcXMEmMVs3FI88v qj7k8nDZczVVbtDYNYcEE1IfD8+rhsfO4yYoZPwnNIeUWe2Je2gM+rqH87x9ZI+G k/0/c1zV9JILe1L9j1MhEnAd79HtTzKrhiDdEBf08If9VjyoTsWDFqMFqINu4OkB JCfzirKgRsnFXkEsvgeJ+Nxs9WDC2uWdzMESSoxtsQmEjPM8lKwbo3r5a5bb8vvh AXVTZelSsk8TXo+IVaz8V6bi4e8D4QxeQk9ufAKSxOtoe4eZQtqpuMP2N9/OpL9x YSI9rT1LXdJvgjB1KLTi62HKr1JGfe6N8lWQmSLCR2KS/Os0+yxTQwFMZI+MS8as NjIbYEOCdFq6+jKmqkEfwTRZ+ywvVE/06LioZ+FNbpG8CUIxlwUYt2JqVouA6zw6 DsDmUhHpBSZCHZw/0+0zxgSecXRDqhvBpIzN2ZQpYvd+82595EuTlCYGlRkrVkQD /nd02Ttu7nvrNiXEomJgmMmFqvkPKl3RZyIakakZtvSWDrhIIsDDoK77t7ySYq/a IpJHXO3Z6aCGqd8hvbtxBETd3T+INuVHCaSGyjiPvOeUD6dwUofmzHw2YcgijfrR plPqbBj3BWo= =6+K4 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXUuBQWaOgq3Tt24GAQhvRw/7BnRVXTs7PPWOYRZOeGxGjQ+CQtoBZnpb Wk2RLmE/CLY2nDRvB2AkbcN7ds2oJIxQSLqjj6Ht/bCyH9XNExE8C7DvO4FiLP/v CEuGb2jYpRVMZn6zbYM9DjHQGifVsHWp6NkSJt0i/yyFaEJck1rcDx5wFJZx+y/I t+yBJ2IQnCRGWNUrJZX66tymIHKobB4WrXIx7ZIstFkWXTRL5y5iqJMUFm+CtWKW Ucu5yaArMOgBOQkI8SQU/FbPfdadWcPO8mkWNodyHfkxjBVC/ozSryBOWlYUeMK3 oZaCQ6koXmCF3BmSiIYKrGTXp/IRWT7loF/D66li2AUYrpJERkXtGSK6klXe+Bwi CncC21cryzHzlQNxZgyLrxIJXxpUtvgYYH8xAAooN/cwNjQhudyZUZ8tJpW2NNhw yo1ZNOijUb99cCsDcKVuQjtUBQ4FU5UPb8iHD5HPSm7BQOPKlZNCnb4tMoi1UmPN hHsleVrPIwBUs8ecs05lzxHY0ngsTNfZylsbDTj95iCkHQj5audRnTz8Ww3fPQMr JyyjY/y/D2UAiznfpf/JtkGbza6MkE7BFxLn1fYNl8HOWZ+mNsp7Rnhzg3A2FTnB gxj0Z8olAbNNBNsCBRXiHy7S/S2qFZFkhvUgc+j8SqMnWcoWbAKk3QGkrNMatrAy Uqib+rsVvwk= =BWE8 -----END PGP SIGNATURE-----