Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2019.3003
exiv2 security, bug fix, and enhancement update
8 August 2019
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: exiv2
Publisher: Red Hat
Operating System: Red Hat Enterprise Linux Server 7
Red Hat Enterprise Linux WS/Desktop 7
Impact/Access: Denial of Service -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2018-20099 CVE-2018-20098 CVE-2018-20097
CVE-2018-20096 CVE-2018-19607 CVE-2018-19535
CVE-2018-19108 CVE-2018-19107 CVE-2018-18915
CVE-2018-17581 CVE-2018-17282 CVE-2018-14046
CVE-2018-12265 CVE-2018-12264 CVE-2018-11037
CVE-2018-10998 CVE-2018-10958 CVE-2018-10772
CVE-2018-9305 CVE-2018-8977 CVE-2018-8976
CVE-2017-17724
Reference: ESB-2019.2617
ESB-2019.0108
ESB-2018.1933.2
Original Bulletin:
https://access.redhat.com/errata/RHSA-2019:2101
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Low: exiv2 security, bug fix, and enhancement update
Advisory ID: RHSA-2019:2101-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2019:2101
Issue date: 2019-08-06
CVE Names: CVE-2017-17724 CVE-2018-8976 CVE-2018-8977
CVE-2018-9305 CVE-2018-10772 CVE-2018-10958
CVE-2018-10998 CVE-2018-11037 CVE-2018-12264
CVE-2018-12265 CVE-2018-14046 CVE-2018-17282
CVE-2018-17581 CVE-2018-18915 CVE-2018-19107
CVE-2018-19108 CVE-2018-19535 CVE-2018-19607
CVE-2018-20096 CVE-2018-20097 CVE-2018-20098
CVE-2018-20099
=====================================================================
1. Summary:
An update for exiv2 is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64
3. Description:
The exiv2 packages provide a command line utility which can display and
manipulate image metadata such as EXIF, LPTC, and JPEG comments.
The following packages have been upgraded to a later upstream version:
exiv2 (0.27.0). (BZ#1652637)
Security Fix(es):
* exiv2: heap-buffer-overflow in Exiv2::IptcData::printStructure in
src/iptc.cpp (CVE-2017-17724)
* exiv2: out-of-bounds read in Exiv2::Internal::stringFormat image.cpp
(CVE-2018-8976)
* exiv2: invalid memory access in Exiv2::Internal::printCsLensFFFF function
in canonmn_int.cpp (CVE-2018-8977)
* exiv2: out of bounds read in IptcData::printStructure in iptc.c
(CVE-2018-9305)
* exiv2: OOB read in pngimage.cpp:tEXtToDataBuf() allows for crash via
crafted file (CVE-2018-10772)
* exiv2: SIGABRT caused by memory allocation in
types.cpp:Exiv2::Internal::PngChunk::zlibUncompress() (CVE-2018-10958)
* exiv2: SIGABRT by triggering an incorrect Safe::add call (CVE-2018-10998)
* exiv2: information leak via a crafted file (CVE-2018-11037)
* exiv2: integer overflow in getData function in preview.cpp
(CVE-2018-12264)
* exiv2: integer overflow in the LoaderExifJpeg class in preview.cpp
(CVE-2018-12265)
* exiv2: heap-based buffer over-read in WebPImage::decodeChunks in
webpimage.cpp (CVE-2018-14046)
* exiv2: NULL pointer dereference in Exiv2::DataValue::copy in value.cpp
leading to application crash (CVE-2018-17282)
* exiv2: Stack overflow in CiffDirectory::readDirectory() at
crwimage_int.cpp leading to denial of service (CVE-2018-17581)
* exiv2: infinite loop in Exiv2::Image::printIFDStructure function in
image.cpp (CVE-2018-18915)
* exiv2: heap-based buffer over-read in Exiv2::IptcParser::decode in
iptc.cpp (CVE-2018-19107)
* exiv2: infinite loop in Exiv2::PsdImage::readMetadata in psdimage.cpp
(CVE-2018-19108)
* exiv2: heap-based buffer over-read in PngChunk::readRawProfile in
pngchunk_int.cpp (CVE-2018-19535)
* exiv2: NULL pointer dereference in Exiv2::isoSpeed in easyaccess.cpp
(CVE-2018-19607)
* exiv2: Heap-based buffer over-read in Exiv2::tEXtToDataBuf function
resulting in a denial of service (CVE-2018-20096)
* exiv2: Segmentation fault in
Exiv2::Internal::TiffParserWorker::findPrimaryGroups function
(CVE-2018-20097)
* exiv2: Heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header
resulting in a denial of service (CVE-2018-20098)
* exiv2: Infinite loop in Exiv2::Jp2Image::encodeJp2Header resulting in a
denial of service (CVE-2018-20099)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.7 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1465061 - There is an invalid free in Image::printIFDStructure that leads to a Segmentation fault at exiv2. A crafted input will lead to remote denial of service attack.
1470729 - There is a heap overflow in the software exiv2.
1470737 - There is an invalid free in Action::TaskFactory::cleanup funtion of actions.cpp in exiv2. A crafted input will lead to remote denial of service attack.
1470913 - There is an infinite loop in Exiv2::Image::printIFDStructure funtion of image.cpp in exiv2. A crafted input will lead to remote denial of service attack.
1470946 - There is a heap-buffer-overflow in image.cpp of exiv2.
1470950 - There is a Segmentation fault in the software exiv2 while the function Exiv2::XmpParser::terminate() is finished.
1471772 - There is an illegal address access in basicio.cpp of exiv2.
1473888 - There is a Floating point exception in Exiv2::ValueType of exiv2.
1473889 - There is alloc-dealloc-mismatch in Exiv2::FileIo::seek of exiv2.
1475123 - There is an assertion aborted in tiffvisitor.cpp of exiv2/libexiv2.
1475124 - There is an assertion aborted in tiffvisitor.cpp of exiv2/libexiv2.
1482295 - There is a heap-buffer-overflow in basicio.cpp of exiv2.
1482296 - There is an illegal address access in Exiv2::FileIo::path[abi:cxx11]() of exiv2
1482423 - There is a heap-buffer-overflow in the software exiv2 which is triggered in Exiv2::Image::io function.
1494443 - Null pointer dereference vulnerability in Exiv2::Image::printIFDStructure (image.cpp:408)
1494467 - Invalid memory address dereference in Exiv2::getULong(types.cpp:246)
1494776 - It is a heap-buffer-overflow in Exiv2::Jp2Image::readMetadata (jp2image.cpp:277)
1494778 - It is a heap-buffer-overflow in Exiv2::us2Data (types.cpp:346)
1494780 - Invalid memory address dereference in Exiv2::StringValueBase::read ( in value.cpp:302)
1494781 - It is a heap-buffer-overflow in Exiv2::s2Data (types.cpp:383)
1494782 - It is a heap-buffer-overflow in Exiv2::l2Data (types.cpp:398)
1494786 - Invalid memory address dereference in Exiv2::DataValue::read (value.cpp:193)
1494787 - it is a stack-overflow vulnerability in Exiv2::Internal::stringFormat[abi:cxx11] ( in image.cpp:975 )
1495043 - bad free in Exiv2::Image::~Image (image.cpp:173)
1524104 - exiv2 library: heap-based buffer over-read in Exiv2::Image::byteSwap4 (image.cpp)
1524107 - exiv2 library: heap-based buffer over-read in Exiv2::IptcData::printStructure (iptc.cpp)
1524116 - exiv2 library: assertion aborted in Exiv2::(anonymous namespace)::readHeader (bigtiffimage.cpp)
1525055 - exiv2 library: heap-buffer-overflow in Exiv2::getULong (types.cpp)
1537353 - Exiv2: integer overflow in floatToRationalCast function (src/types.cpp)
1545237 - CVE-2017-17724 exiv2: heap-buffer-overflow in Exiv2::IptcData::printStructure in src/iptc.cpp
1561213 - CVE-2018-8976 exiv2: out-of-bounds read in Exiv2::Internal::stringFormat image.cpp
1561217 - CVE-2018-8977 exiv2: invalid memory access in Exiv2::Internal::printCsLensFFFF function in canonmn_int.cpp
1566260 - There is a Segmentation fault in the software exiv2 when the function Exiv2::tEXtToDataBuf() is finished
1566735 - CVE-2018-9305 exiv2: out of bounds read in IptcData::printStructure in iptc.c
1578659 - CVE-2018-10958 exiv2: SIGABRT caused by memory allocation in types.cpp:Exiv2::Internal::PngChunk::zlibUncompress()
1579481 - CVE-2018-10998 exiv2: SIGABRT by triggering an incorrect Safe::add call
1579544 - CVE-2018-11037 exiv2: information leak via a crafted file
1590993 - CVE-2018-12264 exiv2: integer overflow in getData function in preview.cpp
1590994 - CVE-2018-12265 exiv2: integer overflow in the LoaderExifJpeg class in preview.cpp
1594627 - CVE-2018-10772 exiv2: OOB read in pngimage.cpp:tEXtToDataBuf() allows for crash via crafted file
1601628 - CVE-2018-14046 exiv2: heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp
1632490 - CVE-2018-17282 exiv2: NULL pointer dereference in Exiv2::DataValue::copy in value.cpp leading to application crash
1635045 - CVE-2018-17581 exiv2: Stack overflow in CiffDirectory::readDirectory() at crwimage_int.cpp leading to denial of service
1646555 - CVE-2018-18915 exiv2: infinite loop in Exiv2::Image::printIFDStructure function in image.cpp
1649094 - CVE-2018-19107 exiv2: heap-based buffer over-read in Exiv2::IptcParser::decode in iptc.cpp
1649101 - CVE-2018-19108 exiv2: infinite loop in Exiv2::PsdImage::readMetadata in psdimage.cpp
1652637 - Rebase exiv2 to 0.27
1656187 - CVE-2018-19535 exiv2: heap-based buffer over-read in PngChunk::readRawProfile in pngchunk_int.cpp
1656195 - CVE-2018-19607 exiv2: NULL pointer dereference in Exiv2::isoSpeed in easyaccess.cpp
1660423 - CVE-2018-20096 exiv2: Heap-based buffer over-read in Exiv2::tEXtToDataBuf function resulting in a denial of service
1660424 - CVE-2018-20097 exiv2: Segmentation fault in Exiv2::Internal::TiffParserWorker::findPrimaryGroups function
1660425 - CVE-2018-20098 exiv2: Heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service
1660426 - CVE-2018-20099 exiv2: Infinite loop in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service
1664361 - Gwenview + Exiv2 crash in Pentax camera files
6. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
exiv2-0.27.0-2.el7_6.src.rpm
x86_64:
exiv2-0.27.0-2.el7_6.x86_64.rpm
exiv2-debuginfo-0.27.0-2.el7_6.i686.rpm
exiv2-debuginfo-0.27.0-2.el7_6.x86_64.rpm
exiv2-libs-0.27.0-2.el7_6.i686.rpm
exiv2-libs-0.27.0-2.el7_6.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
noarch:
exiv2-doc-0.27.0-2.el7_6.noarch.rpm
x86_64:
exiv2-debuginfo-0.27.0-2.el7_6.i686.rpm
exiv2-debuginfo-0.27.0-2.el7_6.x86_64.rpm
exiv2-devel-0.27.0-2.el7_6.i686.rpm
exiv2-devel-0.27.0-2.el7_6.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
exiv2-0.27.0-2.el7_6.src.rpm
x86_64:
exiv2-0.27.0-2.el7_6.x86_64.rpm
exiv2-debuginfo-0.27.0-2.el7_6.i686.rpm
exiv2-debuginfo-0.27.0-2.el7_6.x86_64.rpm
exiv2-libs-0.27.0-2.el7_6.i686.rpm
exiv2-libs-0.27.0-2.el7_6.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
noarch:
exiv2-doc-0.27.0-2.el7_6.noarch.rpm
x86_64:
exiv2-debuginfo-0.27.0-2.el7_6.i686.rpm
exiv2-debuginfo-0.27.0-2.el7_6.x86_64.rpm
exiv2-devel-0.27.0-2.el7_6.i686.rpm
exiv2-devel-0.27.0-2.el7_6.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
exiv2-0.27.0-2.el7_6.src.rpm
ppc64:
exiv2-0.27.0-2.el7_6.ppc64.rpm
exiv2-debuginfo-0.27.0-2.el7_6.ppc.rpm
exiv2-debuginfo-0.27.0-2.el7_6.ppc64.rpm
exiv2-libs-0.27.0-2.el7_6.ppc.rpm
exiv2-libs-0.27.0-2.el7_6.ppc64.rpm
ppc64le:
exiv2-0.27.0-2.el7_6.ppc64le.rpm
exiv2-debuginfo-0.27.0-2.el7_6.ppc64le.rpm
exiv2-libs-0.27.0-2.el7_6.ppc64le.rpm
s390x:
exiv2-0.27.0-2.el7_6.s390x.rpm
exiv2-debuginfo-0.27.0-2.el7_6.s390.rpm
exiv2-debuginfo-0.27.0-2.el7_6.s390x.rpm
exiv2-libs-0.27.0-2.el7_6.s390.rpm
exiv2-libs-0.27.0-2.el7_6.s390x.rpm
x86_64:
exiv2-0.27.0-2.el7_6.x86_64.rpm
exiv2-debuginfo-0.27.0-2.el7_6.i686.rpm
exiv2-debuginfo-0.27.0-2.el7_6.x86_64.rpm
exiv2-libs-0.27.0-2.el7_6.i686.rpm
exiv2-libs-0.27.0-2.el7_6.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
noarch:
exiv2-doc-0.27.0-2.el7_6.noarch.rpm
ppc64:
exiv2-debuginfo-0.27.0-2.el7_6.ppc.rpm
exiv2-debuginfo-0.27.0-2.el7_6.ppc64.rpm
exiv2-devel-0.27.0-2.el7_6.ppc.rpm
exiv2-devel-0.27.0-2.el7_6.ppc64.rpm
ppc64le:
exiv2-debuginfo-0.27.0-2.el7_6.ppc64le.rpm
exiv2-devel-0.27.0-2.el7_6.ppc64le.rpm
s390x:
exiv2-debuginfo-0.27.0-2.el7_6.s390.rpm
exiv2-debuginfo-0.27.0-2.el7_6.s390x.rpm
exiv2-devel-0.27.0-2.el7_6.s390.rpm
exiv2-devel-0.27.0-2.el7_6.s390x.rpm
x86_64:
exiv2-debuginfo-0.27.0-2.el7_6.i686.rpm
exiv2-debuginfo-0.27.0-2.el7_6.x86_64.rpm
exiv2-devel-0.27.0-2.el7_6.i686.rpm
exiv2-devel-0.27.0-2.el7_6.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
exiv2-0.27.0-2.el7_6.src.rpm
x86_64:
exiv2-0.27.0-2.el7_6.x86_64.rpm
exiv2-debuginfo-0.27.0-2.el7_6.i686.rpm
exiv2-debuginfo-0.27.0-2.el7_6.x86_64.rpm
exiv2-libs-0.27.0-2.el7_6.i686.rpm
exiv2-libs-0.27.0-2.el7_6.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
noarch:
exiv2-doc-0.27.0-2.el7_6.noarch.rpm
x86_64:
exiv2-debuginfo-0.27.0-2.el7_6.i686.rpm
exiv2-debuginfo-0.27.0-2.el7_6.x86_64.rpm
exiv2-devel-0.27.0-2.el7_6.i686.rpm
exiv2-devel-0.27.0-2.el7_6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2017-17724
https://access.redhat.com/security/cve/CVE-2018-8976
https://access.redhat.com/security/cve/CVE-2018-8977
https://access.redhat.com/security/cve/CVE-2018-9305
https://access.redhat.com/security/cve/CVE-2018-10772
https://access.redhat.com/security/cve/CVE-2018-10958
https://access.redhat.com/security/cve/CVE-2018-10998
https://access.redhat.com/security/cve/CVE-2018-11037
https://access.redhat.com/security/cve/CVE-2018-12264
https://access.redhat.com/security/cve/CVE-2018-12265
https://access.redhat.com/security/cve/CVE-2018-14046
https://access.redhat.com/security/cve/CVE-2018-17282
https://access.redhat.com/security/cve/CVE-2018-17581
https://access.redhat.com/security/cve/CVE-2018-18915
https://access.redhat.com/security/cve/CVE-2018-19107
https://access.redhat.com/security/cve/CVE-2018-19108
https://access.redhat.com/security/cve/CVE-2018-19535
https://access.redhat.com/security/cve/CVE-2018-19607
https://access.redhat.com/security/cve/CVE-2018-20096
https://access.redhat.com/security/cve/CVE-2018-20097
https://access.redhat.com/security/cve/CVE-2018-20098
https://access.redhat.com/security/cve/CVE-2018-20099
https://access.redhat.com/security/updates/classification/#low
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBXUl4bdzjgjWX9erEAQhIrQ//V7JR9iNhhKmRGzdLWT0ZhhPaDy9h+drU
L49Fdzs6fgmtBZQxPOqo8mfngBjX4gRn7oomdXGYJfLMmwIhwZcXMEmMVs3FI88v
qj7k8nDZczVVbtDYNYcEE1IfD8+rhsfO4yYoZPwnNIeUWe2Je2gM+rqH87x9ZI+G
k/0/c1zV9JILe1L9j1MhEnAd79HtTzKrhiDdEBf08If9VjyoTsWDFqMFqINu4OkB
JCfzirKgRsnFXkEsvgeJ+Nxs9WDC2uWdzMESSoxtsQmEjPM8lKwbo3r5a5bb8vvh
AXVTZelSsk8TXo+IVaz8V6bi4e8D4QxeQk9ufAKSxOtoe4eZQtqpuMP2N9/OpL9x
YSI9rT1LXdJvgjB1KLTi62HKr1JGfe6N8lWQmSLCR2KS/Os0+yxTQwFMZI+MS8as
NjIbYEOCdFq6+jKmqkEfwTRZ+ywvVE/06LioZ+FNbpG8CUIxlwUYt2JqVouA6zw6
DsDmUhHpBSZCHZw/0+0zxgSecXRDqhvBpIzN2ZQpYvd+82595EuTlCYGlRkrVkQD
/nd02Ttu7nvrNiXEomJgmMmFqvkPKl3RZyIakakZtvSWDrhIIsDDoK77t7ySYq/a
IpJHXO3Z6aCGqd8hvbtxBETd3T+INuVHCaSGyjiPvOeUD6dwUofmzHw2YcgijfrR
plPqbBj3BWo=
=6+K4
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXUuBQWaOgq3Tt24GAQhvRw/7BnRVXTs7PPWOYRZOeGxGjQ+CQtoBZnpb
Wk2RLmE/CLY2nDRvB2AkbcN7ds2oJIxQSLqjj6Ht/bCyH9XNExE8C7DvO4FiLP/v
CEuGb2jYpRVMZn6zbYM9DjHQGifVsHWp6NkSJt0i/yyFaEJck1rcDx5wFJZx+y/I
t+yBJ2IQnCRGWNUrJZX66tymIHKobB4WrXIx7ZIstFkWXTRL5y5iqJMUFm+CtWKW
Ucu5yaArMOgBOQkI8SQU/FbPfdadWcPO8mkWNodyHfkxjBVC/ozSryBOWlYUeMK3
oZaCQ6koXmCF3BmSiIYKrGTXp/IRWT7loF/D66li2AUYrpJERkXtGSK6klXe+Bwi
CncC21cryzHzlQNxZgyLrxIJXxpUtvgYYH8xAAooN/cwNjQhudyZUZ8tJpW2NNhw
yo1ZNOijUb99cCsDcKVuQjtUBQ4FU5UPb8iHD5HPSm7BQOPKlZNCnb4tMoi1UmPN
hHsleVrPIwBUs8ecs05lzxHY0ngsTNfZylsbDTj95iCkHQj5audRnTz8Ww3fPQMr
JyyjY/y/D2UAiznfpf/JtkGbza6MkE7BFxLn1fYNl8HOWZ+mNsp7Rnhzg3A2FTnB
gxj0Z8olAbNNBNsCBRXiHy7S/S2qFZFkhvUgc+j8SqMnWcoWbAKk3QGkrNMatrAy
Uqib+rsVvwk=
=BWE8
-----END PGP SIGNATURE-----