ESB-2018.0064.7 - UPDATE [Cisco] Cisco Products: Access privileged data - Existing account 2018-01-23

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                              ESB-2018.0064.7
          CPU Side-Channel Information Disclosure Vulnerabilities
                              23 January 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Cisco Products
Publisher:         Cisco Systems
Operating System:  Cisco
Impact/Access:     Access Privileged Data -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2017-5754 CVE-2017-5753 CVE-2017-5715

Reference:         ASB-2018.0002.3
                   ESB-2018.0059
                   ESB-2018.0057
                   ESB-2018.0046
                   ESB-2018.0044
                   ESB-2018.0042

Original Bulletin: 
   https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel

Revision History:  January 23 2018: Updated Products Under Investigation and Vulnerable Products sections. 
                                    Removed UCS M5 server firmware release date. The UCS M5 BIOS updates 
                                    have been removed from cisco.com at this time. Customers are advised 
                                    to wait for the next revision of these updates before updating their 
                                    devices.
                   January 22 2018: Updated Products Under Investigation and Vulnerable Products.
                   January 19 2018: Updated Summary section to provide guidance on updating underlying 
                                    operating systems and hypervisors within virtual environments. 
                                    Updated Affected Products sections and fixed release table.
                   January 18 2018: Updated vulnerable products section with fixed release availability and estimates
                   January 15 2018: Updated information about vulnerable products, products under 
                                    investigation, and products confirmed not vulnerable.
                   January 10 2018: Updated information about affected products
                   January  5 2018: Initial Release

- --------------------------BEGIN INCLUDED TEXT--------------------

Cisco Security Advisory

CPU Side-Channel Information Disclosure Vulnerabilities

Medium
Advisory ID:
cisco-sa-20180104-cpusidechannel
First Published:
2018 January 4 22:20 GMT
Last Updated:
2018 January 22 20:45 GMT
Version 1.13:
Interim
Workarounds:
No workarounds available
CVE-2017-5715
CVE-2017-5753
CVE-2017-5754
CWE-200
CVE-2017-5715
CVE-2017-5753
CVE-2017-5754
CWE-200
Download CVRF
Download PDF
Email

Summary

  o On January 3, 2018, researchers disclosed three vulnerabilities that take
    advantage of the implementation of speculative execution of instructions on
    many modern microprocessor architectures to perform side-channel
    information disclosure attacks. These vulnerabilities could allow an
    unprivileged local attacker, in specific circumstances, to read privileged
    memory belonging to other processes or memory allocated to the operating
    system kernel.

    The first two vulnerabilities, CVE-2017-5753 and CVE-2017-5715, are
    collectively known as Spectre. The third vulnerability, CVE-2017-5754, is
    known as Meltdown. The vulnerabilities are all variants of the same attack
    and differ in the way that speculative execution is exploited.

    To exploit any of these vulnerabilities, an attacker must be able to run
    crafted code on an affected device. Although the underlying CPU and
    operating system combination in a product or service may be affected by
    these vulnerabilities, the majority of Cisco products are closed systems
    that do not allow customers to run custom code and are, therefore, not
    vulnerable. There is no vector to exploit them. Cisco products are
    considered potentially vulnerable only if they allow customers to execute
    custom code side-by-side with Cisco code on the same microprocessor.

    A Cisco product that may be deployed as a virtual machine or a container,
    even while not directly affected by any of these vulnerabilities, could be
    targeted by such attacks if the hosting environment is vulnerable. Cisco
    recommends that customers harden their virtual environments, tightly
    control user access, and ensure that all security updates are installed.
    Customers who are deploying products as a virtual device in multi-tenant
    hosting environments should ensure that the underlying hardware, as well as
    operating system or hypervisor, is patched against the vulnerabilities in
    question.

    Although Cisco cloud services are not directly affected by these
    vulnerabilities, the infrastructure on which they run may be impacted.
    Refer to the "Affected Products" section of this advisory for information
    about the impact of these vulnerabilities on Cisco cloud services.

    Cisco will release software updates that address these vulnerabilities.

    This advisory is available at the following link:
    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20180104-cpusidechannel

Affected Products

  o Cisco is investigating its product line to determine which products and
    cloud services may be affected by these vulnerabilities. As the
    investigation progresses, Cisco will update this advisory with information
    about affected products and services, including the Cisco bug ID for each
    affected product or service.

    Any product or service not listed in the "Products Under Investigation" or
    "Vulnerable Products" section of this advisory is to be considered not
    vulnerable. The criteria for considering whether a product is vulnerable is
    explained in the "Summary" section of this advisory. Because this is an
    ongoing investigation, please be aware that products and services currently
    considered not vulnerable may subsequently be considered vulnerable as
    additional information becomes available.


    Products Under Investigation

    Routing and Switching - Enterprise and Service Provider
      - Cisco c800 Series Integrated Services Routers (IOx feature)

    Vulnerable Products

    The following table lists Cisco products and cloud services that are
    affected by the vulnerabilities described in this advisory:

                         Product                      Cisco Bug  Fixed Release
                                                          ID      Availability
                  Network Application, Service, and Acceleration
    Cisco Cloud Services Platform 2100                CSCvh32644
    Cisco Network Functions Virtualization            CSCvh49919
    Infrastructure Software
    Cisco Wide Area Application Services (WAAS)       CSCvh49646
    Cisco vBond Orchestrator                          N/A
    Cisco vEdge 5000                                  N/A
    Cisco vEdge Cloud                                 N/A
    Cisco vManage NMS                                 N/A
    Cisco vSmart Controller                           N/A
                        Network Management and Provisioning
    Cisco Application Policy Infrastructure           CSCvh58549
    Controller (APIC)
    Cisco Virtual Application Policy Infrastructure   CSCvh58549
    Controller (APIC)
              Routing and Switching - Enterprise and Service Provider
    Cisco 4000 Series Integrated Services Routers     CSCvh32416
    (IOS XE Open Service Containers)
    Cisco 800 Industrial Integrated Services Routers  CSCvh31418
    (IOx feature)
    Cisco ASR 1000 Series Aggregation Services Router CSCvh32416
    with RP2 or RP3 (IOS XE Open Service Containers)
    Cisco ASR 1001-HX Series Aggregation Services     CSCvh32416
    Routers (IOS XE Open Service Containers)
    Cisco ASR 1001-X Series Aggregation Services      CSCvh32416
    Routers (IOS XE Open Service Containers)
    Cisco ASR 1002-HX Series Aggregation Services     CSCvh32416
    Routers (IOS XE Open Service Containers)
    Cisco ASR 1002-X Series Aggregation Services      CSCvh32416
    Routers (IOS XE Open Service Containers)
    Cisco ASR 9000 XR 64-bit Series Routers           CSCvh32429
    Cisco CGR 1000 Compute Module (IOx feature)       CSCvh32516
    Cisco Catalyst 9400 Series Switches (Open Service CSCvh44165
    Container or IOx feature)
    Cisco Cloud Services Router 1000V Series (IOS XE  CSCvh32416
    Open Service Containers)
    Cisco Industrial Ethernet 4000 Series Switches    CSCvh32594
    (IOx feature)
    Cisco NCS 1000 Series Routers                     CSCvh32429
    Cisco NCS 5000 Series Routers                     CSCvh32429
    Cisco NCS 5500 Series Routers                     CSCvh32429
    Cisco Nexus 3000 Series Switches                  CSCvh32392
    Cisco Nexus 3500 Series Switches                  CSCvh32393
    Cisco Nexus 5000 Series Switches (OAC feature)    CSCvh32394
    Cisco Nexus 6000 Series Switches (OAC feature)    CSCvh32390
    Cisco Nexus 7000 Series Switches (OAC feature,    CSCvh32390
    Feature Bash)
    Cisco Nexus 9000 Series Switches - Standalone,    CSCvh32392
    NX-OS mode
    Cisco XRv 9000 Series Routers                     CSCvh32429
                                 Unified Computing
    Cisco C880 M4 Server                              N/A
    Cisco C880 M5 Server                              N/A
    Cisco Enterprise Network Compute System 5100      CSCvh48274
    Series Servers
    Cisco Enterprise Network Compute System 5400      CSCvh48274
    Series Servers
    Cisco UCS B-Series M2 Blade Servers               CSCvh31576 Fix Pending
    Cisco UCS B-Series M3 Blade Servers               CSCvg97965 Fix Pending
    Cisco UCS B-Series M4 Blade Servers (except B260, CSCvg97979 Fix pending
    B460)
    Cisco UCS B-Series M5 Blade Servers               CSCvh31577 Fix Pending
    Cisco UCS B260 M4 Blade Server                    CSCvg98015 Fix pending
    Cisco UCS B460 M4 Blade Server                    CSCvg98015 Fix pending
    Cisco UCS C-Series M2 Rack Servers                CSCvh31576 Fix Pending
    Cisco UCS C-Series M3 Rack Servers                CSCvg97965 Fix Pending
    Cisco UCS C-Series M4 Rack Servers (except C460)  CSCvg97979 Fix pending
    ^1
    Cisco UCS C-Series M5 Rack Servers ^1             CSCvh31577 Fix Pending
    Cisco UCS C460 M4 Rack Server                     CSCvg98015 Fix pending
    Cisco UCS E-Series M2 Servers                     CSCvh48274
    Cisco UCS E-Series M3 Servers                     CSCvh48274
    Cisco UCS M-Series Modular Servers                CSCvh55760 No fix
                                                                 expected
                     Voice and Unified Communications Devices
    Cisco Remote Expert Mobile                        CSCvh58132
                                     Wireless
    Cisco Wireless Gateway for LoRaWAN                CSCvh58504
                            Cisco Cloud Hosted Services
    Cisco Metacloud                                   CSCvh53992 (2-Mar-2018)
    Cisco Threat Grid                                 N/A        (28-Feb-2018)


    ^1 Cisco UCS M4 and M5 Rack Servers are used as part of the Cisco HyperFlex
    Solution.

    Products Confirmed Not Vulnerable

    No other Cisco products or cloud services are currently known to be
    affected by these vulnerabilities.

    Cisco has confirmed that these vulnerabilities do not affect the following
    products or cloud services:

    Collaboration and Social Media
      - Cisco Meeting Server

    Network Application, Service, and Acceleration
      - Cisco vEdge 1000
      - Cisco vEdge 100
      - Cisco vEdge 2000

    Routing and Switching - Enterprise and Service Provider
      - Cisco 1000 Series Connected Grid Routers
      - Cisco 500 Series WPAN Industrial Routers (IOx feature)
      - Cisco ASR 1001 Fixed Configuration Aggregation Services Router
      - Cisco ASR 1002 Fixed Configuration Aggregation Services Router
      - Cisco ASR 1002-F Fixed Configuration Aggregation Services Router
      - Cisco Catalyst 3650 Series Switches
      - Cisco Catalyst 3850 Series Switches
      - Cisco Nexus 4000 Series Blade Switches
      - Cisco Nexus 9000 Series Fabric Switches - ACI mode

    Cisco Cloud Hosted Services
      - Cisco Cloudlock
      - Cisco Managed Services
      - Cisco Meraki
      - Cisco Spark
      - Cisco Umbrella
      - Cisco WebEx Centers - Meeting Center, Training Center, Event Center,
        Support Center

Details

  o Details about the vulnerabilities are as follows.

    Modern CPU Process Prediction Information Disclosure Vulnerability

    A vulnerability due to the design of most modern CPUs could allow a local
    attacker to access sensitive information on a targeted system.

    The vulnerability is due to improper implementation of the speculative
    execution of instructions by the affected software. This vulnerability can
    by triggered by utilizing branch target injection. An attacker could
    exploit this vulnerability by executing arbitrary code and performing a
    side-channel attack on a targeted system. A successful exploit could allow
    the attacker to read sensitive memory information.

    This vulnerability has been assigned the following CVE ID: CVE-2017-5715

    Modern CPU Process Branch Prediction Information Disclosure Vulnerability

    A vulnerability due to the design of most modern CPUs could allow a local
    attacker to access sensitive information on a targeted system.

    The vulnerability is due to improper implementation of the speculative
    execution of instructions by the affected software. This vulnerability can
    by triggered by performing a bounds check bypass. An attacker could exploit
    this vulnerability by executing arbitrary code and performing a
    side-channel attack on a targeted system. A successful exploit could allow
    the attacker to read sensitive memory information.

    This vulnerability has been assigned the following CVE ID: CVE-2017-5753

    Intel CPU Indirect Branch Prediction Information Disclosure Vulnerability

    A vulnerability in Intel CPU hardware could allow a local attacker to gain
    access to sensitive information on a targeted system.

    The vulnerability is due to side-channel attacks, which are also referred
    to as Meltdown attacks. A local attacker could exploit this vulnerability
    by executing arbitrary code on the affected system. A successful exploit
    could allow the attacker to gain access to sensitive information on the
    targeted system, including accessing memory from the CPU cache.

    This vulnerability has been assigned the following CVE ID: CVE-2017-5754

Workarounds

  o Any workarounds will be documented in the product-specific Cisco bugs,
    which are accessible through the Cisco Bug Search Tool.

Fixed Software

  o For information about fixed software releases, consult the Cisco bugs
    identified in the "Vulnerable Products" section of this advisory.

    When considering software upgrades, customers are advised to regularly
    consult the advisories for Cisco products, which are available from the
    Cisco Security Advisories and Alerts page, to determine exposure and a
    complete upgrade solution.

    In all cases, customers should ensure that the devices to be upgraded
    contain sufficient memory and confirm that current hardware and software
    configurations will continue to be supported properly by the new release.
    If the information is not clear, customers are advised to contact the Cisco
    Technical Assistance Center (TAC) or their contracted maintenance
    providers.

Exploitation and Public Announcements

  o The vulnerabilities described in this advisory were discussed in several
    articles and discussion forums as of January 3, 2018.

    The Cisco Product Security Incident Response Team (PSIRT) is not aware of
    any malicious use of the vulnerabilities that are described in this
    advisory.

Cisco Security Vulnerability Policy

  o To learn about Cisco security vulnerability disclosure policies and
    publications, see the Security Vulnerability Policy. This document also
    contains instructions for obtaining fixed software and receiving security
    vulnerability information from Cisco.

Subscribe to Cisco Security Notifications

  o Subscribe

Action Links for This Advisory

  o Snort Rule 45357
    Snort Rule 45358
    Snort Rule 45359
    Snort Rule 45360
    Snort Rule 45361
    Snort Rule 45362
    Snort Rule 45363
    Snort Rule 45364
    Snort Rule 45365
    Snort Rule 45366
    Snort Rule 45367
    Snort Rule 45368
    Show All 12...

Related to This Advisory

  o CPU Side-Channel Information Disclosure Vulnerabilities
    Intel CPU Process Prediction Information Disclosure Vulnerability
    Intel CPU Indirect Branch Prediction Information Disclosure Vulnerability

URL

  o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/
    cisco-sa-20180104-cpusidechannel

Revision History

  o
    +---------+-------------------------+-------------+---------+-----------------+
    | Version |       Description       |   Section   | Status  |      Date       |
    +---------+-------------------------+-------------+---------+-----------------+
    |         | Updated Products Under  |             |         |                 |
    |         | Investigation and       |             |         |                 |
    |         | Vulnerable Products     |             |         |                 |
    |         | sections. Removed UCS   |             |         |                 |
    |         | M5 server firmware      |             |         |                 |
    |         | release date. The UCS   | Affected    |         |                 |
    | 1.13    | M5 BIOS updates have    | Products,   | Interim | 2018-January-22 |
    |         | been removed from       | Vulnerable  |         |                 |
    |         | cisco.com at this time. | Products    |         |                 |
    |         | Customers are advised   |             |         |                 |
    |         | to wait for the next    |             |         |                 |
    |         | revision of these       |             |         |                 |
    |         | updates before updating |             |         |                 |
    |         | their devices.          |             |         |                 |
    +---------+-------------------------+-------------+---------+-----------------+
    |         | Updated Products Under  | Affected    |         |                 |
    | 1.12    | Investigation and       | Products,   | Interim | 2018-January-19 |
    |         | Vulnerable Products.    | Vulnerable  |         |                 |
    |         |                         | Products    |         |                 |
    +---------+-------------------------+-------------+---------+-----------------+
    |         | Updated Summary section |             |         |                 |
    |         | to provide guidance on  |             |         |                 |
    |         | updating underlying     | Summary,    |         |                 |
    |         | operating systems and   | Affected    |         |                 |
    | 1.11    | hypervisors within      | Products,   | Interim | 2018-January-18 |
    |         | virtual environments.   | Vulnerable  |         |                 |
    |         | Updated Affected        | Products.   |         |                 |
    |         | Products sections and   |             |         |                 |
    |         | fixed release table.    |             |         |                 |
    +---------+-------------------------+-------------+---------+-----------------+
    |         | Updated Vulnerable      |             |         |                 |
    |         | Products section with   | Vulnerable  |         |                 |
    | 1.10    | fixed release           | Products    | Interim | 2018-January-17 |
    |         | availability and        |             |         |                 |
    |         | estimates.              |             |         |                 |
    +---------+-------------------------+-------------+---------+-----------------+
    |         | Updated information     | Affected    |         |                 |
    |         | about products under    | Products    |         |                 |
    | 1.9     | investigation and       | and         | Interim | 2018-January-16 |
    |         | vulnerable products,    | Vulnerable  |         |                 |
    |         | including fixed release | Products    |         |                 |
    |         | availability.           |             |         |                 |
    +---------+-------------------------+-------------+---------+-----------------+
    |         | Updated information     | Affected    |         |                 |
    |         | about products under    | Products    |         |                 |
    | 1.8     | investigation and       | and         | Interim | 2018-January-15 |
    |         | vulnerable products,    | Vulnerable  |         |                 |
    |         | including fixed release | Products    |         |                 |
    |         | availability.           |             |         |                 |
    +---------+-------------------------+-------------+---------+-----------------+
    |         |                         | Affected    |         |                 |
    |         | Updated information     | Products,   |         |                 |
    |         | about vulnerable        | Vulnerable  |         |                 |
    | 1.7     | products, products      | Products,   | Interim | 2018-January-12 |
    |         | under investigation,    | Products    |         |                 |
    |         | and products confirmed  | Confirmed   |         |                 |
    |         | not vulnerable.         | Not         |         |                 |
    |         |                         | Vulnerable  |         |                 |
    +---------+-------------------------+-------------+---------+-----------------+
    |         |                         | Affected    |         |                 |
    |         | Updated information     | Products,   |         |                 |
    |         | about vulnerable        | Vulnerable  |         |                 |
    | 1.6     | products, products      | Products,   | Interim | 2018-January-11 |
    |         | under investigation,    | Products    |         |                 |
    |         | and products confirmed  | Confirmed   |         |                 |
    |         | not vulnerable.         | Not         |         |                 |
    |         |                         | Vulnerable  |         |                 |
    +---------+-------------------------+-------------+---------+-----------------+
    |         | Updated the summary to  |             |         |                 |
    |         | indicate the status of  | Summary,    |         |                 |
    |         | Cisco cloud services    | Affected    |         |                 |
    |         | and remind              | Products,   |         |                 |
    |         | administrators to       | Vulnerable  |         |                 |
    | 1.5     | control user access.    | Products,   | Interim | 2018-January-10 |
    |         | Updated information     | Products    |         |                 |
    |         | about vulnerable        | Confirmed   |         |                 |
    |         | products, products      | Not         |         |                 |
    |         | under investigation,    | Vulnerable  |         |                 |
    |         | and products confirmed  |             |         |                 |
    |         | not vulnerable.         |             |         |                 |
    +---------+-------------------------+-------------+---------+-----------------+
    |         | Updated information     | Affected    |         |                 |
    | 1.4     | about products under    | Products,   | Interim | 2018-January-09 |
    |         | investigation and       | Vulnerable  |         |                 |
    |         | vulnerable products.    | Products    |         |                 |
    +---------+-------------------------+-------------+---------+-----------------+
    |         | Updated vulnerability   |             |         |                 |
    |         | details and information | Affected    |         |                 |
    |         | about products under    | Products,   |         |                 |
    |         | investigation and       | Vulnerable  |         |                 |
    | 1.3     | products confirmed not  | Products,   | Interim | 2018-January-08 |
    |         | vulnerable. Added the   | Details,    |         |                 |
    |         | Vulnerable Products     | Fixed       |         |                 |
    |         | table, including        | Software    |         |                 |
    |         | information about fixed |             |         |                 |
    |         | release availability.   |             |         |                 |
    +---------+-------------------------+-------------+---------+-----------------+
    |         | Updated Summary and     | Summary,    |         |                 |
    |         | Products Under          | Affected    |         |                 |
    |         | Investigation, added    | Products,   |         |                 |
    | 1.2     | the Vulnerable Products | Vulnerable  | Interim | 2018-January-05 |
    |         | table with information  | Products,   |         |                 |
    |         | about fixes.            | Fixed       |         |                 |
    |         |                         | Software    |         |                 |
    +---------+-------------------------+-------------+---------+-----------------+
    |         | Clarified the           | Products    |         |                 |
    | 1.1     | non-vulnerable product  | Confirmed   | Interim | 2018-January-04 |
    |         | section.                | Not         |         |                 |
    |         |                         | Vulnerable  |         |                 |
    +---------+-------------------------+-------------+---------+-----------------+
    | 1.0     | Initial public release. | --           | Interim | 2018-January-04|
    +---------+-------------------------+-------------+---------+-----------------+


Legal Disclaimer

  o THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND
    OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR
    FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT
    OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES
    THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. CISCO EXPECTS TO
    UPDATE THIS DOCUMENT AS NEW INFORMATION BECOMES AVAILABLE.

    A standalone copy or paraphrase of the text of this document that omits the
    distribution URL is an uncontrolled copy and may lack important information
    or contain factual errors. The information in this document is intended for
    end users of Cisco products.

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWmaK5Ix+lLeg9Ub1AQij9g/+JGkVgTx2ckgWzjjxyL9j/R59YP8SH/ee
amk12sbUtoI0+PltTDpYyHrMBQ0ABW8UUcsn7QJAAuL4aoYEnHmlqcj4YmIxBPHx
d3c+InIyWLbHgSUBd84LD6JiY/Hr60ESYZu8ffqBwZSkoelzscuscWOoNVaENsBh
bOqiux5oUeWF3ZWCq0t9TrUa80f3Q0Lx/sPt6DwxfhIYu42J7mF954z3widasQBO
kerjZ9ozYxBO6hPuSwjTiRPh1Bh8eZr5RH1T/5ONDdHs4uU8e+7dko7eKrdFd9wT
vSqD8eYCPGp44KXMrzDUrNsdW+jN0I3DuiESG7jPMcqZCgT5uy8d+i5g89uMox3g
hNDGZ5wxV/O0ybXy4H2JrwQSGz0FFJJF4zFyqu/YIeCqwZgN0ds8KyQw2I7dUQKq
FTWfqK+uax0xFFcqXUX+GIvzr9kp190HUPpGxQg22SVufh3u1z9y4cMLfhcb8LV7
ouz1bQk3whs8kSQQ9bNsjyjnzuklokZ4VJ13y1JfGktF9zQDAKcK+gG4lCGxaniL
lLG45ry2QbcJKB3yZWjmecWQoVJNg6MZO7UfDFWcXi8B7F8dN3x6+bn3ThW09gF8
MZKAO1MmR24WmhxqpQJxMCmjBf2lMcp4NpGs9IoMkvFwWPjiWiggiCvwbSCMfFZg
NLZneqOImPU=
=wyiY
-----END PGP SIGNATURE-----

« Back to bulletins