ESB-2017.2778 - [OSX] Apple macOS: Multiple vulnerabilities 2017-11-02

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2017.2778
 APPLE-SA-2017-10-31-2 macOS High Sierra 10.13.1, Security Update 2017-001
                Sierra, Security Update 2017-004 El Capita
                              2 November 2017

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Apple macOS
Publisher:         Apple
Operating System:  OS X
Impact/Access:     Root Compromise                -- Remote with User Interaction
                   Access Privileged Data         -- Remote/Unauthenticated      
                   Denial of Service              -- Remote/Unauthenticated      
                   Provide Misleading Information -- Remote/Unauthenticated      
                   Unauthorised Access            -- Remote/Unauthenticated      
                   Access Confidential Data       -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2017-1000101 CVE-2017-1000100 CVE-2017-13846
                   CVE-2017-13843 CVE-2017-13842 CVE-2017-13841
                   CVE-2017-13840 CVE-2017-13838 CVE-2017-13836
                   CVE-2017-13834 CVE-2017-13832 CVE-2017-13831
                   CVE-2017-13830 CVE-2017-13828 CVE-2017-13826
                   CVE-2017-13825 CVE-2017-13824 CVE-2017-13823
                   CVE-2017-13822 CVE-2017-13821 CVE-2017-13820
                   CVE-2017-13819 CVE-2017-13818 CVE-2017-13817
                   CVE-2017-13816 CVE-2017-13815 CVE-2017-13814
                   CVE-2017-13813 CVE-2017-13812 CVE-2017-13811
                   CVE-2017-13810 CVE-2017-13809 CVE-2017-13808
                   CVE-2017-13807 CVE-2017-13804 CVE-2017-13801
                   CVE-2017-13800 CVE-2017-13799 CVE-2017-13786
                   CVE-2017-13782 CVE-2017-13725 CVE-2017-13690
                   CVE-2017-13689 CVE-2017-13688 CVE-2017-13687
                   CVE-2017-13080 CVE-2017-13078 CVE-2017-13077
                   CVE-2017-13055 CVE-2017-13054 CVE-2017-13053
                   CVE-2017-13052 CVE-2017-13051 CVE-2017-13050
                   CVE-2017-13049 CVE-2017-13048 CVE-2017-13047
                   CVE-2017-13046 CVE-2017-13045 CVE-2017-13044
                   CVE-2017-13043 CVE-2017-13042 CVE-2017-13041
                   CVE-2017-13040 CVE-2017-13039 CVE-2017-13038
                   CVE-2017-13037 CVE-2017-13036 CVE-2017-13035
                   CVE-2017-13034 CVE-2017-13033 CVE-2017-13032
                   CVE-2017-13031 CVE-2017-13030 CVE-2017-13029
                   CVE-2017-13028 CVE-2017-13027 CVE-2017-13026
                   CVE-2017-13025 CVE-2017-13024 CVE-2017-13023
                   CVE-2017-13022 CVE-2017-13021 CVE-2017-13020
                   CVE-2017-13019 CVE-2017-13018 CVE-2017-13017
                   CVE-2017-13016 CVE-2017-13015 CVE-2017-13014
                   CVE-2017-13013 CVE-2017-13012 CVE-2017-13011
                   CVE-2017-13010 CVE-2017-13009 CVE-2017-13008
                   CVE-2017-13007 CVE-2017-13006 CVE-2017-13005
                   CVE-2017-13004 CVE-2017-13003 CVE-2017-13002
                   CVE-2017-13001 CVE-2017-13000 CVE-2017-12999
                   CVE-2017-12998 CVE-2017-12997 CVE-2017-12996
                   CVE-2017-12995 CVE-2017-12994 CVE-2017-12993
                   CVE-2017-12992 CVE-2017-12991 CVE-2017-12990
                   CVE-2017-12989 CVE-2017-12988 CVE-2017-12987
                   CVE-2017-12986 CVE-2017-12985 CVE-2017-12902
                   CVE-2017-12901 CVE-2017-12900 CVE-2017-12899
                   CVE-2017-12898 CVE-2017-12897 CVE-2017-12896
                   CVE-2017-12895 CVE-2017-12894 CVE-2017-12893
                   CVE-2017-11543 CVE-2017-11542 CVE-2017-11541
                   CVE-2017-11108 CVE-2017-11103 CVE-2017-9789
                   CVE-2017-9788 CVE-2017-7679 CVE-2017-7668
                   CVE-2017-7659 CVE-2017-7132 CVE-2017-3169
                   CVE-2017-3167 CVE-2016-8743 CVE-2016-8740
                   CVE-2016-5387 CVE-2016-4736 CVE-2016-2161
                   CVE-2016-736  

Reference:         ASB-2017.0181
                   ASB-2017.0107
                   ESB-2017.2769
                   ESB-2017.2476
                   ESB-2017.2437
                   ESB-2017.2423
                   ESB-2017.2318

Original Bulletin: 
   https://support.apple.com/en-au/HT208221

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-10-31-2 macOS High Sierra 10.13.1,
Security Update 2017-001 Sierra, Security Update 2017-004 El Capitan

macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, Security
Update 2017-004 El Capitan are now available and address the
following:

802.1X
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An attacker may be able to exploit weaknesses in TLS 1.0
Description: A protocol security issue was addressed by enabling TLS
1.1 and TLS 1.2.
CVE-2017-13832: an anonymous researcher

apache
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Multiple issues in Apache
Description: Multiple issues were addressed by updating to version
2.4.27.
CVE-2016-736
CVE-2016-2161
CVE-2016-5387
CVE-2016-8740
CVE-2016-8743
CVE-2017-3167
CVE-2017-3169
CVE-2017-7659
CVE-2017-7668
CVE-2017-7679
CVE-2017-9788
CVE-2017-9789

APFS
Available for: macOS High Sierra 10.13
Impact: A malicious Thunderbolt adapter may be able to recover
unencrypted APFS filesystem data
Description: An issue existed in the handling of DMA. This issue was
addressed by limiting the time the FileVault decryption buffers are
DMA mapped to the duration of the I/O operation.
CVE-2017-13786: an anonymous researcher

APFS
Available for: macOS High Sierra 10.13
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13800: Sergej Schumilo of Ruhr-University Bochum

AppleScript
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Decompiling an AppleScript with osadecompile may lead to
arbitrary code execution
Description: A validation issue was addressed with improved input
sanitization.
CVE-2017-13809: an anonymous researcher

ATS
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Processing a maliciously crafted font may result in the
disclosure of process memory
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2017-13820: John Villamil, Doyensec

Audio
Available for: macOS Sierra 10.12.6
Impact: Parsing a maliciously crafted QuickTime file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory consumption issue was addressed through
improved memory handling.
CVE-2017-13807: Yangkang (@dnpushme) of Qihoo 360 Qex Team

CFString
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2017-13821: Australian Cyber Security Centre â\x{128}\x{147} Australian Signals
Directorate

CoreText
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A memory consumption issue was addressed through
improved memory handling.
CVE-2017-13825: Australian Cyber Security Centre â\x{128}\x{147} Australian Signals
Directorate

curl
Available for: macOS High Sierra 10.13, macOS Sierra 10.12.6, OS X El
Capitan 10.11.6
Impact: Uploading using TFTP to a maliciously crafted URL with
libcurl may disclose application memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2017-1000100: Even Rouault, found by OSS-Fuzz

curl
Available for: macOS High Sierra 10.13, macOS Sierra 10.12.6, OS X El
Capitan 10.11.6
Impact: Processing a maliciously crafted URL with libcurl may cause
unexpected application termination or read process memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2017-1000101: Brian Carpenter, Yongji Ouyang

Dictionary Widget
Available for: macOS High Sierra 10.13, macOS Sierra 10.12.6, OS X El
Capitan 10.11.6
Impact: Searching pasted text in the Dictionary widget may lead to
compromise of user information
Description: A validation issue existed which allowed local file
access. This was addressed with input sanitization.
CVE-2017-13801: xisigr of Tencent's Xuanwu Lab (tencent.com)

file
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Multiple issues in file
Description: Multiple issues were addressed by updating to version
5.31.
CVE-2017-13815

Fonts
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Rendering untrusted text may lead to spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2017-13828: an anonymous researcher

fsck_msdos
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13811: an anonymous researcher

Heimdal
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An attacker in a privileged network position may be able
to impersonate a service
Description: A validation issue existed in the handling of
the KDC-REP service name. This issue was addressed through improved
validation.
CVE-2017-11103: Jeffrey Altman, Viktor Duchovni, and Nico Williams

HelpViewer
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: A quarantined HTML file may execute arbitrary JavaScript
cross-origin
Description: A cross-site scripting issue existed in HelpViewer. This
issue was addressed by removing the affected file.
CVE-2017-13819: an anonymous researcher

HFS
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13830: Sergej Schumilo of Ruhr-University Bochum

ImageIO
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-13814: Australian Cyber Security Centre â\x{128}\x{147} Australian Signals
Directorate

ImageIO
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: An information disclosure issue existed in the
processing of disk images. This issue was addressed through improved
memory management.
CVE-2017-13831: an anonymous researcher

Kernel
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: A local user may be able to leak sensitive user information
Description: A permissions issue existed in kernel packet counters.
This issue was addressed through improved permission validation.
CVE-2017-13810: an anonymous researcher

Kernel
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: A local user may be able to read kernel memory
Description: An out-of-bounds read issue existed that led to the
disclosure of kernel memory. This was addressed through improved
input validation.
CVE-2017-13817: Maxime Villard (m00nbsd)

Kernel
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2017-13818: The UK's National Cyber Security Centre (NCSC)
CVE-2017-13836: an anonymous researcher, an anonymous researcher
CVE-2017-13841: an anonymous researcher
CVE-2017-13840: an anonymous researcher
CVE-2017-13842: an anonymous researcher
CVE-2017-13782: Kevin Backhouse of Semmle Ltd.

Kernel
Available for: macOS High Sierra 10.13, macOS Sierra 10.12.6
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13799: an anonymous researcher

Kernel
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13843: an anonymous researcher

Kernel
Available for: macOS Sierra 10.12.6
Impact: Processing a malformed mach binary may lead to arbitrary code
execution
Description: A memory corruption issue was addressed through improved
validation.
CVE-2017-13834: Maxime Villard (m00nbsd)

libarchive
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Unpacking a maliciously crafted archive may lead to arbitrary
code execution
Description: A buffer overflow issue was addressed through improved
memory handling.
CVE-2017-13813: found by OSS-Fuzz
CVE-2017-13816: found by OSS-Fuzz

libarchive
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Unpacking a maliciously crafted archive may lead to arbitrary
code execution
Description: Multiple memory corruption issues existed in libarchive.
These issues were addressed through improved input validation.
CVE-2017-13812: found by OSS-Fuzz

libarchive
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2016-4736: Proteas of Qihoo 360 Nirvan Team

Open Scripting Architecture
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Decompiling an AppleScript with osadecompile may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13824: an anonymous researcher

PCRE
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Multiple issues in pcre
Description: Multiple issues were addressed by updating to version
8.40.
CVE-2017-13846

Postfix
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Multiple issues in Postfix
Description: Multiple issues were addressed by updating to version
3.2.2.
CVE-2017-13826: an anonymous researcher

Quick Look
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2017-13822: Australian Cyber Security Centre â\x{128}\x{147} Australian Signals
Directorate

Quick Look
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: Parsing a maliciously crafted office document may lead to an
unexpected application termination or arbitrary code execution
Description: A memory consumption issue was addressed through
improved memory handling.
CVE-2017-7132: Australian Cyber Security Centre â\x{128}\x{147} Australian Signals
Directorate

QuickTime
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2017-13823: an anonymous researcher

Remote Management
Available for: macOS Sierra 10.12.6
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13808: an anonymous researcher

Sandbox
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13838: an anonymous researcher

StreamingZip
Available for: macOS High Sierra 10.13, macOS Sierra 10.12.6, OS X El
Capitan 10.11.6
Impact: A malicious zip file may be able modify restricted areas of
the file system
Description: A path handling issue was addressed with improved
validation.
CVE-2017-13804: @qwertyoruiopz at KJC Research Intl. S.R.L.

tcpdump
Available for: macOS High Sierra 10.13, macOS Sierra 10.12.6
Impact: Multiple issues in tcpdump
Description: Multiple issues were addressed by updating to version
4.9.2.
CVE-2017-11108
CVE-2017-11541
CVE-2017-11542
CVE-2017-11543
CVE-2017-12893
CVE-2017-12894
CVE-2017-12895
CVE-2017-12896
CVE-2017-12897
CVE-2017-12898
CVE-2017-12899
CVE-2017-12900
CVE-2017-12901
CVE-2017-12902
CVE-2017-12985
CVE-2017-12986
CVE-2017-12987
CVE-2017-12988
CVE-2017-12989
CVE-2017-12990
CVE-2017-12991
CVE-2017-12992
CVE-2017-12993
CVE-2017-12994
CVE-2017-12995
CVE-2017-12996
CVE-2017-12997
CVE-2017-12998
CVE-2017-12999
CVE-2017-13000
CVE-2017-13001
CVE-2017-13002
CVE-2017-13003
CVE-2017-13004
CVE-2017-13005
CVE-2017-13006
CVE-2017-13007
CVE-2017-13008
CVE-2017-13009
CVE-2017-13010
CVE-2017-13011
CVE-2017-13012
CVE-2017-13013
CVE-2017-13014
CVE-2017-13015
CVE-2017-13016
CVE-2017-13017
CVE-2017-13018
CVE-2017-13019
CVE-2017-13020
CVE-2017-13021
CVE-2017-13022
CVE-2017-13023
CVE-2017-13024
CVE-2017-13025
CVE-2017-13026
CVE-2017-13027
CVE-2017-13028
CVE-2017-13029
CVE-2017-13030
CVE-2017-13031
CVE-2017-13032
CVE-2017-13033
CVE-2017-13034
CVE-2017-13035
CVE-2017-13036
CVE-2017-13037
CVE-2017-13038
CVE-2017-13039
CVE-2017-13040
CVE-2017-13041
CVE-2017-13042
CVE-2017-13043
CVE-2017-13044
CVE-2017-13045
CVE-2017-13046
CVE-2017-13047
CVE-2017-13048
CVE-2017-13049
CVE-2017-13050
CVE-2017-13051
CVE-2017-13052
CVE-2017-13053
CVE-2017-13054
CVE-2017-13055
CVE-2017-13687
CVE-2017-13688
CVE-2017-13689
CVE-2017-13690
CVE-2017-13725

Wi-Fi
Available for: macOS High Sierra 10.13, macOS Sierra 10.12.6, OS X El
Capitan 10.11.6
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA
clients (Key Reinstallation Attacks - KRACK)
Description: A logic issue existed in the handling of state
transitions. This was addressed with improved state management.
CVE-2017-13077: Mathy Vanhoef of the imec-DistriNet group at KU
Leuven
CVE-2017-13078: Mathy Vanhoef of the imec-DistriNet group at KU
Leuven
CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU
Leuven

Installation note:

macOS High Sierra 10.13.1 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://www.apple.com/support/downloads/

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
- -----BEGIN PGP SIGNATURE-----

iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAln4u74pHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEZL1A//
WjcVy4745VcW+I0+qKZta734BUyZNPmQ+Jq5t5wt5tJN87UjQGfxNOtw8/BMC2hy
bd9FOtfIPzPvEyjiVJCE2LZPNAIh/DUWzo8XozKHgbjjN4vxodnVwLXQ3rMMXqBI
yiQseOurBofRKXyQwi+6nx6DhzvX63d0dsdXHfnpEKYDjPLRWDQOk92d6SxJqtYM
tpYWiDJkssYEIS/oTlffOfwSvo2P5qffSEgsKjS4MvXLmG98IEAacEGmszpddeDZ
8SALW7QFrlYQNXi8YY0U9jc9em2aiaLKs0icuCKSxrcnvkB1T/8b23tG/SmnZ6vu
yaFKFdMShtnmtMOr2FRg6tvQOn0traIbUMbh+7MDpr7IZIq2Nj5PanqMvQZ3R/tQ
wfIN7buS/HACZycceaJu7y5GNjL3u2y3fsNLcMzUADkf5Z1LwcihPuh3563uzlho
HcGolNk19S0Q/+ixWYDvJoLEaQmA7PPOdsCIlj8IGJgw42P78iuE+NBhQuttn/35
siLGxUUpWyXlFWoZvbLVM1jk7SUnrCSQWyRTvnh80Gdq+zym5N986uP7+9/GUIZ/
4e4I5edR85eC1Nfhqbceg4U0wc2/Ox+l9Cah+awIbemt1MtigjT9Hkwd+xUMwTN6
/49TlNfE12+rdM9LB5L7+zgUPbhsQzH/l23fK6mIPAs=
=pFCC
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWfqL74x+lLeg9Ub1AQg4rhAAhkuW4rlLDe6B9qM9lMT9KGcVX+dg/4Zg
JuWkpEgt6kMpaDS+T/Wqma49p14SDS95DAIwK1nawfmBqMa8w249E+lPRs9FJn6l
IFVoeRYZLqZK8m03P2r8gPMOLKhu9GnRqvzcD5vR4Qe3UA7hA+SZNE2qH4tzgoc4
IWQAi8CZ7Fyc7R3DEfGqi764WnvHovE8CpjvcD9CFlJ15DpTQUyH+jBkxQ2r66TP
4CLksewfbtlQdOFx6TomgE8XrsJJ/Wwakz5yO8h+hBqYsgTEpNk/JSOriNIH6B4a
xDyIAKNnDSmMHIoO/COvGxS9wuxmGai7g5KN5rPl9BeXuy2o2ZhzPwyFLy3grFar
sqVmvZgVd1BguWILMQQczrCNuwdicPfLiIb5dpEIaxJGcHEBdmJZu0+PjZQv8jvk
c29v3EphWYWWsJ5pm5D+EL2mTO6DvrNeYR6dCnfxELQVETXt6cKRumMrBGKgtv8n
sbqfXqBKPHlzyBsF+SfNtScPReekNmx7TXMPiaKgoz5FRWC4CAQfdv0T1NeLdaij
VXf6TPEKDa7jkCJ2zN9QUSJIYVsTnc6HIsu8QYVhTrjWu8/nnpGKzgOtplGriH21
gMNc71UaiiQPGqUZxrJy3e8PHo1IDvRIgaFAx951TZQGJDBebqR11U0gVUC6z2RO
K40WPyvJp4c=
=DslB
-----END PGP SIGNATURE-----

« Back to bulletins