Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2020.2283
Red Hat OpenShift Service Mesh multiple security updates
2 July 2020
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Red Hat OpenShift Service Mesh servicemesh-grafana
Publisher: Red Hat
Operating System: Red Hat
Impact/Access: Modify Arbitrary Files -- Remote/Unauthenticated
Denial of Service -- Remote/Unauthenticated
Cross-site Scripting -- Remote with User Interaction
Access Confidential Data -- Remote/Unauthenticated
Unauthorised Access -- Remote/Unauthenticated
Provide Misleading Information -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2020-14306 CVE-2020-13430 CVE-2020-13379
CVE-2020-12605 CVE-2020-12604 CVE-2020-12603
CVE-2020-12245 CVE-2020-12052 CVE-2020-8663
CVE-2020-7662 CVE-2020-7660 CVE-2019-16769
CVE-2019-11253
Reference: ESB-2020.2171.2
ESB-2020.0922
ESB-2019.4368
Original Bulletin:
https://access.redhat.com/errata/RHSA-2020:2796
https://access.redhat.com/errata/RHSA-2020:2798
https://access.redhat.com/errata/RHSA-2020:2795
https://access.redhat.com/errata/RHSA-2020:2799
Comment: This bulletin contains four (4) Red Hat security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: Red Hat OpenShift Service Mesh servicemesh-grafana security update
Advisory ID: RHSA-2020:2796-01
Product: Red Hat OpenShift Service Mesh
Advisory URL: https://access.redhat.com/errata/RHSA-2020:2796
Issue date: 2020-07-01
CVE Names: CVE-2019-11253 CVE-2019-16769 CVE-2020-7660
CVE-2020-7662 CVE-2020-12052 CVE-2020-12245
CVE-2020-13379 CVE-2020-13430
=====================================================================
1. Summary:
An update for servicemesh-grafana is now available for OpenShift Service
Mesh 1.1.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
OpenShift Service Mesh 1.1 - x86_64
3. Description:
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio
service mesh project, tailored for installation into an on-premise
OpenShift Container Platform installation.
Security Fix(es):
* kubernetes: YAML parsing vulnerable to "Billion Laughs" attack, allowing
for remote denial of service (CVE-2019-11253)
* grafana: SSRF incorrect access control vulnerability allows
unauthenticated users to make grafana send HTTP requests to any URL
(CVE-2020-13379)
* npm-serialize-javascript: XSS via unsafe characters in serialized regular
expressions (CVE-2019-16769)
* npm-serialize-javascript: allows remote attackers to inject arbitrary
code via the function deleteFunctions within index.js (CVE-2020-7660)
* npmjs-websocket-extensions: ReDoS vulnerability in
Sec-WebSocket-Extensions parser (CVE-2020-7662)
* grafana: XSS annotation popup vulnerability (CVE-2020-12052)
* grafana: XSS via column.title or cellLinkTooltip (CVE-2020-12245)
* grafana: XSS via the OpenTSDB datasource (CVE-2020-13430)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
The OpenShift Service Mesh release notes provide information on the
features and
known issues:
https://docs.openshift.com/container-platform/latest/service_mesh/serviceme
sh-release-notes.html
5. Bugs fixed (https://bugzilla.redhat.com/):
1757701 - CVE-2019-11253 kubernetes: YAML parsing vulnerable to "Billion Laughs" attack, allowing for remote denial of service
1843640 - CVE-2020-13379 grafana: SSRF incorrect access control vulnerability allows unauthenticated users to make grafana send HTTP requests to any URL
1844228 - CVE-2020-7660 npm-serialize-javascript: allows remote attackers to inject arbitrary code via the function deleteFunctions within index.js
1845982 - CVE-2020-7662 npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser
1848089 - CVE-2020-12052 grafana: XSS annotation popup vulnerability
1848092 - CVE-2019-16769 npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions
1848108 - CVE-2020-13430 grafana: XSS via the OpenTSDB datasource
1848643 - CVE-2020-12245 grafana: XSS via column.title or cellLinkTooltip
6. Package List:
OpenShift Service Mesh 1.1:
Source:
servicemesh-grafana-6.4.3-11.el8.src.rpm
x86_64:
servicemesh-grafana-6.4.3-11.el8.x86_64.rpm
servicemesh-grafana-prometheus-6.4.3-11.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2019-11253
https://access.redhat.com/security/cve/CVE-2019-16769
https://access.redhat.com/security/cve/CVE-2020-7660
https://access.redhat.com/security/cve/CVE-2020-7662
https://access.redhat.com/security/cve/CVE-2020-12052
https://access.redhat.com/security/cve/CVE-2020-12245
https://access.redhat.com/security/cve/CVE-2020-13379
https://access.redhat.com/security/cve/CVE-2020-13430
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBXvzaUdzjgjWX9erEAQhi3A/+MVLfbEyP2WyjpwoXIKm55dQVMYIdMGiV
Sp5NTTBjURnzM8or86n/QsW3XNLD+LHZiz9GJvsgJU6rXol2X0HR3W13QzexMqO8
sRwNZeHH7qUMSZW9ND19QWX4/ffrOeh0SWAhxkXWwxbZFDRQwhQy19zbeR8vSij+
2/4DEnLqUHmyRamn/l7sz4QfAQB2NmqdpOsIG4D3ryoZ6Qiv9Am3H/p/TMjBNgWl
865TKEeNgu9+YT0apQnL/49wAMvY27CpuPksCnNowfF7UgDwcSHN3UFa9CleOtDr
rKio2rBbz3FI/KUcAeHvLwWV0sPyQWSI/KpMQwZ1Nj5euVwjMRCx6is83SdfTgnO
eklHKvgtktQIA1EUuFx6GNOVNS+oN/xBdim0fgvTNkMjtYAwoQ/d25tqv+Y+7ior
jZ/mEDpvpzDPlSH2PdQhNjIVUmgvhNf7xSixFUT1SiOI3cPqCyunOqrENZW3D9Ov
lroKD0obyo53+5bOpg6L/vXBkyYv0IIPZZ7wY0cRUj1TLpDp7vVQnK6ozfU4VHBO
Q1UTCg7HR5hcShg7Eb4EEDLiJ4dpzlALP1XSZ6rIvyfBDCR0qVXeRp8dZ73fxCRn
ST7eewJGelgAYwECS1iofZGEtQneLLF23PH3GWJApLrdmMPdVxmylg3wsFjfQ3VY
SpJTijfX++c=
=oiZC
- -----END PGP SIGNATURE-----
- ------------------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: Red Hat OpenShift Service Mesh 1.1 servicemesh-proxy security update
Advisory ID: RHSA-2020:2798-01
Product: Red Hat OpenShift Service Mesh
Advisory URL: https://access.redhat.com/errata/RHSA-2020:2798
Issue date: 2020-07-01
CVE Names: CVE-2020-8663 CVE-2020-12603 CVE-2020-12604
CVE-2020-12605
=====================================================================
1. Summary:
An update for servicemesh-proxy is now available for OpenShift Service Mesh
1.1.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
OpenShift Service Mesh 1.1 - x86_64
3. Description:
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio
service mesh project, tailored for installation into an on-premise
OpenShift Container Platform installation.
Security Fix(es):
* envoy: Resource exhaustion when accepting too many connections
(CVE-2020-8663)
* envoy: Resource exhaustion when proxying HTTP/2 requests or responses
with small data frames (CVE-2020-12603)
* envoy: Resource exhaustion when processing HTTP/1.1 headers with long
field names (CVE-2020-12605)
* envoy: Resource exhaustion via HTTP/2 client requests with large payloads
and improper stream windows (CVE-2020-12604)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
The OpenShift Service Mesh release notes provide information on the
features and
known issues:
https://docs.openshift.com/container-platform/latest/service_mesh/serviceme
sh-release-notes.html
5. Bugs fixed (https://bugzilla.redhat.com/):
1844251 - CVE-2020-12603 envoy: Resource exhaustion when proxying HTTP/2 requests or responses with small data frames
1844252 - CVE-2020-12605 envoy: Resource exhaustion when processing HTTP/1.1 headers with long field names
1844254 - CVE-2020-8663 envoy: Resource exhaustion when accepting too many connections
1844255 - CVE-2020-12604 envoy: Resource exhaustion via HTTP/2 client requests with large payloads and improper stream windows
6. Package List:
OpenShift Service Mesh 1.1:
Source:
servicemesh-proxy-1.1.4-2.el8.src.rpm
x86_64:
servicemesh-proxy-1.1.4-2.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-8663
https://access.redhat.com/security/cve/CVE-2020-12603
https://access.redhat.com/security/cve/CVE-2020-12604
https://access.redhat.com/security/cve/CVE-2020-12605
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBXvzaNtzjgjWX9erEAQj4IhAAhgMCzAk2639kt37LqaNfZ//M4inVC8/Z
uYK1yF4//rWkd2oK0i5MIYK2z1MWiODQQ55B3/NNMiBnJOu5IqhsXUkbpKzTx1a4
Mth5vnJM4GFYhO0Eb1EZ/wS932x5bcI7jcA+VEU3nNIsUYcKscF30e/AHJE0DkpR
UV3N8mI8X/UE+GyoRidIst4UhQMarO4frRCJQq9WufZ+kyFq2FFEvRIPdjuJYyx5
cfzuJtJpZxDJySI3GCT3bAIk6qenQU8N8UEyRIwEkk9J/1J8zXvTxBERzNUPuoo8
LuIjnTCdlJDaFimYF8pvsaPGSZnvbWNkSwa/l4McKXoqAGKYSZknKCRmqYOWrZ9Q
Zs7j1H0sptAiYlFwWah1AdxPyUOIGzSVHhskpAdMKtb7v6F96fkA7M30ZtQPoUiZ
t+K0g0ywPU5f0KKZOUcUiX0M4sICFjcQ2rqGLb4TIzMpY82v5LCBXZTjMVKmDrD7
hLaEKjMt5/7VzJj9VT87yr0JYkyNio92RClhPFJ7fJy89/WqCGU5YSEYMgwwWAL0
UILo6ELF5MLfyqJgVrHWHT6zaYYVtnrYtYcSKI83ICkyrp4sgh+Gi3Bca/TG4DE9
0XdRkS7X9HEWmgQIDcxgBmPG8Dxgs/VQxaOTMp/yK5L2A5kNFHmhES6Rgsymh/5p
TGRKSwSbM9o=
=srVm
- -----END PGP SIGNATURE-----
- ------------------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: Red Hat OpenShift Service Mesh 1.1 servicemesh-operator security update
Advisory ID: RHSA-2020:2795-01
Product: Red Hat OpenShift Service Mesh
Advisory URL: https://access.redhat.com/errata/RHSA-2020:2795
Issue date: 2020-07-01
CVE Names: CVE-2019-11253 CVE-2020-14306
=====================================================================
1. Summary:
An update for servicemesh-operator is now available for OpenShift Service
Mesh 1.1.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
OpenShift Service Mesh 1.1 - x86_64
3. Description:
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio
service mesh project, tailored for installation into an on-premise
OpenShift Container Platform installation.
Security Fix(es):
* kubernetes: YAML parsing vulnerable to "Billion Laughs" attack, allowing
for remote denial of service (CVE-2019-11253)
* openshift-service-mesh/istio-rhel8-operator: control plane can deploy
gateway image to any namespace (CVE-2020-14306)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
The OpenShift Service Mesh release notes provide information on the
features and
known issues:
https://docs.openshift.com/container-platform/latest/service_mesh/serviceme
sh-release-notes.html
5. Bugs fixed (https://bugzilla.redhat.com/):
1757701 - CVE-2019-11253 kubernetes: YAML parsing vulnerable to "Billion Laughs" attack, allowing for remote denial of service
1850380 - CVE-2020-14306 openshift-service-mesh/istio-rhel8-operator: control plane can deploy gateway image to any namespace
6. Package List:
OpenShift Service Mesh 1.1:
Source:
servicemesh-operator-1.1.4-3.el8.src.rpm
x86_64:
servicemesh-operator-1.1.4-3.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2019-11253
https://access.redhat.com/security/cve/CVE-2020-14306
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBXvzahNzjgjWX9erEAQg6tA/7BGN9yUAhd3bJQ4Qa59K/jX98qJyo3PVN
uWpKNC3iPwMJJT3UGIhcUgfDVsyEt3hcBqlYFyW7ZKO5UK7y3yKv12fjIX93NHbd
LfiH7pha+OyqylRuZJDW5ibJyYhcD0FLGaoGA7JDhXbFoIEXuFcsf+C7JmS6P5OV
yqKYEah6hX1ggTw1KSeaGc+2TN22n0YLuTueaRJ76vjiwFLPmdzfB1VwbDRGkcCG
4pJKHQtRl+HH1EJ0ZnElD9zBX1sEwRWtU8bAc3wagS3l/VoB2BRB5jas7xzu3LWY
XAT2RPlea/jkBVXkK7m76KBD2Dhzb3gshZb0G6asLbskhFww/pYN+p674rbENPlE
PBJRK7B7ofQSZUqsJvpctcOILA8oW4YyWsmWKUUiJT5wJBY5s0T/zmGav/4F7uSy
fJGFhtMpRpIc8Vb7Gj3M/BtoZ1/mb1SdaCVJJ5N27PFaZt6VK3ICP7wXI+NQ4Ab8
ei5v1BDFPr66gME5BLROzzfNRzK3EMjQtfQm2JE9wBJDP7uiPxvuwkG2JpNf1cKX
WAvpWMe2jVLkvwiQphlZJj96w32xgQ/qiPz3D+pbiihTj/SMZxaNpB6oY4obU1zT
ToykkEUsrL/KOdv9Cwx3n09R/1QkVVL1ITklyAUuspRpVa/uaSfwmQx2LKu+uPEY
8zfguJ+XOXQ=
=javv
- -----END PGP SIGNATURE-----
- ------------------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: Red Hat OpenShift Service Mesh servicemesh-cni security update
Advisory ID: RHSA-2020:2799-01
Product: Red Hat OpenShift Service Mesh
Advisory URL: https://access.redhat.com/errata/RHSA-2020:2799
Issue date: 2020-07-01
CVE Names: CVE-2019-11253
=====================================================================
1. Summary:
An update for servicemesh-cni is now available for OpenShift Service Mesh
1.1.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
OpenShift Service Mesh 1.1 - x86_64
3. Description:
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio
service mesh project, tailored for installation into an on-premise
OpenShift Container Platform installation.
Security Fix(es):
* kubernetes: YAML parsing vulnerable to "Billion Laughs" attack, allowing
for remote denial of service (CVE-2019-11253)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
The OpenShift Service Mesh release notes provide information on the
features and
known issues:
https://docs.openshift.com/container-platform/latest/service_mesh/serviceme
sh-release-notes.html
5. Bugs fixed (https://bugzilla.redhat.com/):
1757701 - CVE-2019-11253 kubernetes: YAML parsing vulnerable to "Billion Laughs" attack, allowing for remote denial of service
6. Package List:
OpenShift Service Mesh 1.1:
Source:
servicemesh-cni-1.1.4-2.el8.src.rpm
x86_64:
servicemesh-cni-1.1.4-2.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2019-11253
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBXvzaatzjgjWX9erEAQirWw/+OruhU2zC0726Jw+DmkprA2QTgD1rWpw/
Wx2yQfbYQQb+s+YHEJ4IM8XcHAnH7WzA3oGHO4uBx8lUT8omH8nyguzn44mNwOaU
kJysFD6SSofx0eptkrP01PoRltEJEvZyqFau1cv1BsLGw6G/mayYyO/JM8LoQ1rU
xKiHW9hkEWufu+f2ex0QcLqvAIzA/S+fsxQvZUoiYF8Vgu61+BHpO4VaH6/jVTOM
f/4OPI6iv/dZBt3LsbZQTkFhBXQC390Nz2k8YitEPkZ2myiMaAHRmlavba0k5i1Q
qoLpigPRp6mL6SHAF29OzjyUHyRzOhDw6u3ISX2MQ7c8GJwyViLdxSQfRQhWeSsJ
PDsZ5Q1YEmbyBzLrzIOZSm1qoyI35M111Rx4iRNBG2zFnmMGtMoTbCzvzxKjWKLA
AmBdInd+nuUrd19Gk9BroKHR1NEKpi+LvGvuJdY7tmUU+wIWgRAn1X7+1kroDMn7
kpZzkj6JCerZddL1EKi9M3UDlTMpiB+Zl3I9Fk2DakaJX936IjXOY1JIgga2aCWy
t+v06fzVFfc7OOsag5CMTMPL9UCgVwiDcD6ArQO0BqidcD7lKrzF8JUc+ecN+iIL
M5jz14A/tDIYZz67aZF80QwicpkejC2Yqxj0YR2WLtHLtvA2Wx8xFxbn5m5WP4FQ
1oJOnV+7ikE=
=kr8e
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXv1iluNLKJtyKPYoAQiUXBAAp7s5HNrY3TFDin36v7a2EWFCG8HQ3NHK
XxxK4CToi6mERQbSYdXJ9AqAz+sOVAfu5vYkEQlSpj7Bqq9asFUDZNCtG6A0XzEq
Jh1o5uN80eEp9z/yzqCN5Z1YFdQrI0Dntan+D3tllZ6/VdaLSuJYNNEuKtpVwynD
GRh/jSI7JGue/bj8Y3pTS3opqMVL1fggHLm40bFavZhdal6B39ybz5r4+XdNRNRp
shbWaTcfAqHgnk6k5UzkDynpdkKoND6RL3/mgw1R6uiyeVjo89kXKt+nfd9DpZVP
62ytM4meBzoYsx6YLwXZzl9F/Lm3CTTaMEDZyovhIafbsVsaw0OoG87vOppyaZWn
wpj/j/EDAn7wbrMDRtQxHRZNN3rKg8IhrrOwS0LB77mghWjsU8gf/otWUnpOSNV5
ktXMGw3X5x/SDTQtmhiMKHlGu+fsxB17AvQ77qGXRAgP3h8aW8Zjaft8E6HFr9zZ
ZnUvnSVMysyGHFHohLkDweo7Z4TnpKyJ92JL5VarIPcl/fSxzif2ZgY63B8Jt5+2
RcvSEOx5r3gTsQkabhHoWvbShZRopju2DkpjMrOqgZZvMk2tUsV1wwn06wWZZlJb
F38YkcKKZ7UsUpeCUmQIWJnqpUVGMUMSfGg8oek1CxqdKQl1zLtbdeKGHuxUxxac
H3eX//1R5IU=
=UuBQ
-----END PGP SIGNATURE-----