-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2014.2195
  Multiple vulnerabilities identified in IBM Security Network Protection
                             21 November 2014

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           IBM Security Network Protection
Publisher:         IBM
Operating System:  Network Appliance
Impact/Access:     Execute Arbitrary Code/Commands -- Remote/Unauthenticated      
                   Access Privileged Data          -- Remote/Unauthenticated      
                   Denial of Service               -- Remote/Unauthenticated      
                   Access Confidential Data        -- Remote with User Interaction
                   Reduced Security                -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2014-6183 CVE-2014-4345 CVE-2014-4344
                   CVE-2014-4343 CVE-2014-4342 CVE-2014-4341
                   CVE-2014-3660 CVE-2014-1568 CVE-2013-6800
                   CVE-2013-1418  

Reference:         ASB-2014.0108
                   ASB-2014.0107
                   ESB-2014.2190
                   ESB-2014.1836
                   ESB-2014.1666
                   ESB-2014.1663
                   ESB-2014.1611
                   ESB-2014.1604
                   ESB-2014.1352

Original Bulletin: 
   http://www-01.ibm.com/support/docview.wss?uid=swg21690821
   http://www-01.ibm.com/support/docview.wss?uid=swg21690823
   http://www-01.ibm.com/support/docview.wss?uid=swg21690820
   http://www-01.ibm.com/support/docview.wss?uid=swg21690824
   http://www-01.ibm.com/support/docview.wss?uid=swg21690822

Comment: This bulletin contains five (5) IBM security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

Security Bulletin: IBM Security Network Protection is affected by Network 
Security Services vulnerability (CVE-2014-1568)

Security Bulletin

Document information

More support for:

IBM Security Network Protection

Software version:

5.1, 5.1.1, 5.1.2, 5.1.2.1, 5.2.0

Operating system(s):

Firmware

Reference #:

1690821

Modified date:

2014-11-19

Summary

A security vulnerability has been discovered in Network Security Services 
(NSS) versions used by IBM Security Network Protection. NSS is a component 
that supports the development of security-enabled applications.

Vulnerability Details

CVE-ID: CVE-2014-1568

Description: Mozilla Network Security Services (NSS) could allow a remote 
attacker to bypass security restrictions, caused by the failure to properly 
parse ASN.1 values in a digital signature. An attacker could exploit this 
vulnerability using a Bleichenbacher attack variant against the RSA algorithm
to forge RSA certificates and gain unauthorized access to secure data.

CVSS:

CVSS Base Score: 8.8

CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/96194 for more 
information

CVSS Environmental Score*: Undefined

CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:N)

Affected Products and Versions

Products: IBM Security Network Protection (XGS) models 3100, 4100, 5100

Firmware versions: 5.1, 5.1.1, 5.1.2, 5.1.2.1, 5.2

Remediation/Fixes

IBM has provided patches for all affected versions. Follow the installation 
instructions in the README files included with the patch.

    5.1.0.0-ISS-XGS-All-Models-Hotfix-FP0013 for IBM Security Network 
    Protection products at version 5.1

    5.1.1.0-ISS-XGS-All-Models-Hotfix-FP0008 for IBM Security Network 
    Protection products at version 5.1.1

    5.1.2.0-ISS-XGS-All-Models-Hotfix-FP0009 for IBM Security Network 
    Protection products at version 5.1.2

    5.1.2.1-ISS-XGS-All-Models-Hotfix-FP0005 for IBM Security Network 
    Protection products at version 5.1.2.1

    5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0005 for IBM Security Network 
    Protection products at version 5.2

Workarounds and Mitigations

None

References

Complete CVSS Guide

On-line Calculator V2

Related information

IBM Secure Engineering Web Portal

IBM Product Security Incident Response Blog

*The CVSS Environment Score is customer environment specific and will 
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the links in the 
Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the 
Common Vulnerability Scoring System (CVSS) is an "industry open standard 
designed to convey vulnerability severity and help to determine urgency and 
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY 
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT 
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

- -------------------------------------------------------------------------------

Security Bulletin: IBM Security Network Protection is affected by Shell 
Command Injection vulnerability (CVE-2014-6183)

Security Bulletin

Document information

More support for:

IBM Security Network Protection

Software version:

5.1, 5.1.1, 5.1.2, 5.1.2.1, 5.2.0, 5.3

Operating system(s):

Firmware

Reference #:

1690823

Modified date:

2014-11-19

Summary

A Shell Command Injection vulnerability has been discovered in IBM Security 
Network Protection.

Vulnerability Details

CVE-ID: CVE-2014-6183

Description: IBM Security Network Protection could allow a remote attacker to
execute arbitrary commands on the system. An authenticated attacker could 
exploit this vulnerability to inject and execute arbitrary shell commands on 
the system.

CVSS:

CVSS Base Score: 9.0

CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/98519 for the 
current score

CVSS Environmental Score*: Undefined

CVSS Vector: (AV:N/AC:L/Au:S/C:C/I:C/A:C)

Affected Products and Versions

Products: IBM Security Network Protection (XGS) models 3100, 4100, 5100, 7100

Firmware versions: 5.1, 5.1.1, 5.1.2, 5.1.2.1, 5.2, 5.3

Remediation/Fixes

IBM has provided patches for all affected versions. Follow the installation 
instructions in the README files included with the patch.

    5.1.0.0-ISS-XGS-All-Models-Hotfix-FP0013 for IBM Security Network 
    Protection products at version 5.1

    5.1.1.0-ISS-XGS-All-Models-Hotfix-FP0008 for IBM Security Network 
    Protection products at version 5.1.1

    5.1.2.0-ISS-XGS-All-Models-Hotfix-FP0009 for IBM Security Network
    Protection products at version 5.1.2

    5.1.2.1-ISS-XGS-All-Models-Hotfix-FP0005 for IBM Security Network 
    Protection products at version 5.1.2.1

    5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0005 for IBM Security Network 
    Protection products at version 5.2

    5.3.0.0-ISS-XGS-All-Models-Hotfix-FP0001 for IBM Security Network 
    Protection products at version 5.3

Workarounds and Mitigations

None

References

Complete CVSS Guide

On-line Calculator V2

Related information

IBM Secure Engineering Web Portal

IBM Product Security Incident Response Blog

Acknowledgement

IBM Security Systems Ethical Hacking Team: Paul Ionescu, Brennan Brazeau, John
Zuccato, Jonathan Fitz-Gerald, Warren Moynihan

*The CVSS Environment Score is customer environment specific and will 
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the links in the 
Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the 
Common Vulnerability Scoring System (CVSS) is an "industry open standard 
designed to convey vulnerability severity and help to determine urgency and 
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY 
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT 
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

- -------------------------------------------------------------------------------

Security Bulletin: IBM Security Network Protection is affected by krb5 
vulnerability (CVE-2014-1568)

Security Bulletin

Document information

More support for:

IBM Security Network Protection

Software version:

5.1, 5.1.1, 5.1.2, 5.1.2.1, 5.2.0, 5.3

Operating system(s):

Firmware

Reference #:

1690820

Modified date:

2014-11-19

Summary

Kerberos is a network authentication system which allows clients and servers 
to authenticate to each other with the help of a trusted third party. Multiple
security vulnerabilities have been discovered in the Kerberos krb5 component 
used by IBM Security Network Protection.

Vulnerability Details

CVE-ID: CVE-2013-1418

Description: MIT Kerberos is vulnerable to a denial of service, caused by a 
NULL pointer dereference in the setup_server_realm() function. If a KDC serves
multiple realms, a remote attacker could exploit this vulnerability to cause 
KDC to crash.

CVSS:

CVSS Base Score: 4.3

CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/88565 for more 
information

CVSS Environmental Score*: Undefined

CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVE-ID: CVE-2013-6800

Description: MIT Kerberos is vulnerable to a denial of service, caused by a 
NULL pointer dereference in an unspecified third-party database module for the
Key Distribution Center (KDC). By sending a specially-crafted request, a 
remote authenticated attacker could exploit this vulnerability to cause daemon
to crash.

CVSS:

CVSS Base Score: 4

CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/89060 for more 
information

CVSS Environmental Score*: Undefined

CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P)

CVE-ID: CVE-2014-4341

Description: MIT Kerberos is vulnerable to a denial of service, caused by a 
NULL pointer dereference. By injecting invalid tokens into a GSSAPI 
application session, a remote attacker could exploit this vulnerability to 
cause the application to crash.

CVSS:

CVSS Base Score: 5

CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/94904 for more 
information

CVSS Environmental Score*: Undefined

CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVE-ID: CVE-2014-4342

Description: MIT Kerberos is vulnerable to a denial of service, caused by a 
NULL pointer dereference. By injecting invalid tokens into a GSSAPI 
application session, a remote attacker could exploit this vulnerability to 
cause the application to crash.

CVSS:

CVSS Base Score: 5

CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/94903 for more 
information

CVSS Environmental Score*: Undefined

CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVE-ID: CVE-2014-4343

Description: MIT Kerberos 5 (krb5) is vulnerable to a denial of service, 
caused by a double-free error in the init_ctx_reselect() function. By sending
a specially-crafted request, a remote attacker could exploit this 
vulnerability to cause a GSSAPI initiator to crash.

CVSS:

CVSS Base Score: 5

CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/95211 for more 
information

CVSS Environmental Score*: Undefined

CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVE-ID: CVE-2014-4344

Description: MIT Kerberos 5 (krb5) is vulnerable to a NULL pointer dereference
in the acc_ctx_cont() function within the SPNEGO Acceptor for Continuation 
Tokens. By sending a specially-crafted request, an attacker could exploit this
vulnerability to cause the application to crash.

CVSS:

CVSS Base Score: 5

CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/95210 for more 
information

CVSS Environmental Score*: Undefined

CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVE-ID: CVE-2014-4345

Description: MIT Kerberos 5 is vulnerable to a buffer overflow, caused by 
improper bounds checking by the krb5_encode_krbsecretkey() function. By 
sending an overly long array, a remote authenticated attacker could overflow a
buffer and execute arbitrary code on the system or cause the application to 
crash.

CVSS:

CVSS Base Score: 8.5

CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/95212 for more 
information

CVSS Environmental Score*: Undefined

CVSS Vector: (AV:N/AC:M/Au:S/C:C/I:C/A:C)

Affected Products and Versions

Products: IBM Security Network Protection (XGS) models 3100, 4100, 5100, 7100

Firmware versions: 5.1, 5.1.1, 5.1.2, 5.1.2.1, 5.2, 5.3

Remediation/Fixes

IBM has provided patches for all affected versions. Follow the installation 
instructions in the README files included with the patch.

    5.1.0.0-ISS-XGS-All-Models-Hotfix-FP0013 for IBM Security Network 
    Protection products at version 5.1

    5.1.1.0-ISS-XGS-All-Models-Hotfix-FP0008 for IBM Security Network 
    Protection products at version 5.1.1

    5.1.2.0-ISS-XGS-All-Models-Hotfix-FP0009 for IBM Security Network 
    Protection products at version 5.1.2

    5.1.2.1-ISS-XGS-All-Models-Hotfix-FP0005 for IBM Security Network 
    Protection products at version 5.1.2.1

    5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0005 for IBM Security Network 
    Protection products at version 5.2

    5.3.0.0-ISS-XGS-All-Models-Hotfix-FP0001 for IBM Security Network 
    Protection products at version 5.3

Workarounds and Mitigations

None

References

Complete CVSS Guide

On-line Calculator V2

Related information

IBM Secure Engineering Web Portal

IBM Product Security Incident Response Blog

*The CVSS Environment Score is customer environment specific and will 
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the links in the 
Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the 
Common Vulnerability Scoring System (CVSS) is an "industry open standard 
designed to convey vulnerability severity and help to determine urgency and 
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY 
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT 
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

- -------------------------------------------------------------------------------

Security Bulletin: IBM Security Network Protection is affected by libxml2 
vulnerability (CVE-2014-3660)

Security Bulletin

Document information

More support for:

IBM Security Network Protection

Software version:

5.1, 5.1.1, 5.1.2, 5.1.2.1, 5.2.0, 5.3

Operating system(s):

Firmware

Reference #:

1690824

Modified date:

2014-11-19

Summary

A security vulnerability has been discovered in libxml2 versions used by IBM 
Security Network Protection.

Vulnerability Details

CVE-ID: CVE-2014-3660

Description: Libxml2 is vulnerable to a denial of service, caused by the 
expansion of recursive entities. A remote attacker could exploit this 
vulnerability using a specially-crafted XML document processed by an 
application using libxml2 to consume all available CPU resources.

CVSS:

CVSS Base Score: 5

CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/97656 for more 
information

CVSS Environmental Score*: Undefined

CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

Affected Products and Versions

Products: IBM Security Network Protection (XGS) models 3100, 4100, 5100, 7100

Firmware versions: 5.1, 5.1.1, 5.1.2, 5.1.2.1, 5.2, 5.3

Remediation/Fixes

IBM has provided patches for all affected versions. Follow the installation 
instructions in the README files included with the patch.

    5.1.0.0-ISS-XGS-All-Models-Hotfix-FP0013 for IBM Security Network 
    Protection products at version 5.1

    5.1.1.0-ISS-XGS-All-Models-Hotfix-FP0008 for IBM Security Network 
    Protection products at version 5.1.1

    5.1.2.0-ISS-XGS-All-Models-Hotfix-FP0009 for IBM Security Network 
    Protection products at version 5.1.2

    5.1.2.1-ISS-XGS-All-Models-Hotfix-FP0005 for IBM Security Network 
    Protection products at version 5.1.2.1

    5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0005 for IBM Security Network 
    Protection products at version 5.2

    5.3.0.0-ISS-XGS-All-Models-Hotfix-FP0001 for IBM Security Network 
    Protection products at version 5.3

Workarounds and Mitigations

None

References

Complete CVSS Guide

On-line Calculator V2

Related information

IBM Secure Engineering Web Portal

IBM Product Security Incident Response Blog

*The CVSS Environment Score is customer environment specific and will 
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the links in the 
Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the 
Common Vulnerability Scoring System (CVSS) is an "industry open standard 
designed to convey vulnerability severity and help to determine urgency and 
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY 
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT 
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

- -------------------------------------------------------------------------------

Security Bulletin: Vulnerability in SSLv3 affects Network Protection 
(CVE-2014-3566)

Security Bulletin

Document information

More support for:

IBM Security Network Protection

Software version:

5.1, 5.1.1, 5.1.2, 5.1.2.1, 5.2.0, 5.3

Operating system(s):

Firmware

Reference #:

1690822

Modified date:

2014-11-19

Summary

SSLv3 contains a vulnerability that has been referred to as the Padding Oracle
On Downgraded Legacy Encryption (POODLE) attack. SSLv3 is enabled in the IBM 
Security Network Protection Local Management Interface (LMI).

Vulnerability Details

CVE-ID: CVE-2014-3566

DESCRIPTION: Product could allow a remote attacker to obtain sensitive 
information, caused by a design error when using the SSLv3 protocol. A remote
user with the ability to conduct a man-in-the-middle attack could exploit this
vulnerability via a POODLE (Padding Oracle On Downgraded Legacy Encryption) 
attack to decrypt SSL sessions and access the plaintext of encrypted 
connections.

CVSS Base Score: 4.3

CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/97013 for the 
current score

CVSS Environmental Score*: Undefined

CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)

Affected Products and Versions

Products: IBM Security Network Protection (XGS) models 3100, 4100, 5100, 7100

Firmware versions: 5.1, 5.1.1, 5.1.2, 5.1.2.1, 5.2, 5.3

Remediation/Fixes

IBM has provided patches for all affected versions. Follow the installation 
instructions in the README files included with the patch.

    5.1.0.0-ISS-XGS-All-Models-Hotfix-FP0013 for IBM Security Network 
    Protection products at version 5.1

    5.1.1.0-ISS-XGS-All-Models-Hotfix-FP0008 for IBM Security Network 
    Protection products at version 5.1.1

    5.1.2.0-ISS-XGS-All-Models-Hotfix-FP0009 for IBM Security Network 
    Protection products at version 5.1.2

    5.1.2.1-ISS-XGS-All-Models-Hotfix-FP0005 for IBM Security Network 
    Protection products at version 5.1.2.1

    5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0005 for IBM Security Network 
    Protection products at version 5.2

    5.3.0.0-ISS-XGS-All-Models-Hotfix-FP0001 for IBM Security Network 
    Protection products at version 5.3

IBM recommends that you review your entire environment to identify areas that
enable the SSLv3 protocol and take appropriate mitigation and remediation 
actions. The most immediate mitigation action that can be taken is disabling 
SSLv3. You should verify disabling SSLv3 does not cause any compatibility 
issues.

Workarounds and Mitigations

FIPS mode is not vulnerable to this exploit. FIPS mode can be enabled on the 
appliance only during the initial setup; it can not be enabled after the 
appliance has been initially configured.

References

Complete CVSS Guide

On-line Calculator V2

Related information

IBM Secure Engineering Web Portal

IBM Product Security Incident Response Blog

*The CVSS Environment Score is customer environment specific and will 
ultimately impact the Overall CVSS Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the links in the 
Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the 
Common Vulnerability Scoring System (CVSS) is an "industry open standard 
designed to convey vulnerability severity and help to determine urgency and 
priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY 
OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT 
OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVG668xLndAQH1ShLAQIe8BAAn2GwpzHM0USWnOUxxC7WhTk+3BFD5iNG
Bug1NpdebvlvwD22mF5aFyZXNUaykSsZwVIr6Od/ZNhoAY4WjuQ1g7B2VvLouv17
U5AR6ZW2+7cssDBh8ulOGEvXn/NLBJLhvCbEm0qJmB8ILqMtHHnofbX7Y5hPsNey
hHJtHMrRkNZgHIrKhWQ4pdwLDF7A8oZDqCAEdJrbph1tJPZEaFJX3Aor0GiR86Qm
1WFm+96Dec1V12IMuQsZ+XEikP81tzvEg3I7MTK/nxnloTDp+RlE1QqHAm1PYdaO
z6hWVAdVfnu7fuFk5uVZ+vh/e+yYPeY+FzG6jtOTeb6DrUf39eB/eaM51GJR4eW5
oPqT+jdSAmnWwfDgx4UFX6RFsFwPqo7THOmU/9AbJ9OvOxgktXTNlT8r2poxT2Dg
tA6fIJtiE/Ewi1eWqGHQVyGTvA79bKuRaEf3PVKoTM/feKHwsVgHtgy0SPHo4xTX
maAYM2ZeBVC3g/kPxn6EGHzIF4gs3CC01Z5bYsjZpH7e9E5NF5B9nBXZEgJM0wLQ
UlUba3VVX2Z6s98agq9frdq++izgU8EqFh0rKg7M4ILvBAXw4g/DWCugIE7kgsAm
okuDIynyFWsINaCcz7ub9wHJa0nFbxSnT950kUbJFWGmti4co+3oT4W4xtBwVAAH
USU2i7hL5uU=
=1WPi
-----END PGP SIGNATURE-----