-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.2470
                   SUSE: Security update for ldb, samba
                               21 July 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           ldb
                   samba
Publisher:         SUSE
Operating System:  SUSE
Impact/Access:     Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-14303 CVE-2020-10760 CVE-2020-10745
                   CVE-2020-10730 CVE-2020-10704 CVE-2020-10700

Reference:         ESB-2020.1546
                   ESB-2020.1543
                   ESB-2020.1466

Original Bulletin: 
   https://www.suse.com/support/update/announcement/2020/suse-su-20201948-1

- --------------------------BEGIN INCLUDED TEXT--------------------

SUSE Security Update: Security update for ldb, samba

______________________________________________________________________________

Announcement ID:   SUSE-SU-2020:1948-1
Rating:            important
References:        #1141320 #1162680 #1169095 #1169521 #1169850 #1169851
                   #1171437 #1172307 #1173159 #1173160 #1173161 #1173359
                   #1174120
Cross-References:  CVE-2020-10700 CVE-2020-10704 CVE-2020-10730 CVE-2020-10745
                   CVE-2020-10760 CVE-2020-14303
Affected Products:
                   SUSE Linux Enterprise Module for Python2 15-SP2
                   SUSE Linux Enterprise Module for Basesystem 15-SP2
                   SUSE Linux Enterprise High Availability 15-SP2
______________________________________________________________________________

An update that solves 6 vulnerabilities and has 7 fixes is now available.

Description:

This update for ldb, samba fixes the following issues:
Changes in samba:

  o Update to samba 4.11.11 + CVE-2020-10730: NULL de-reference in AD DC LDAP
    server when ASQ and VLV combined; (bso#14364); (bsc#1173159] +
    CVE-2020-10745: invalid DNS or NBT queries containing dots use several
    seconds of CPU each; (bso#14378); (bsc#1173160). + CVE-2020-10760:
    Use-after-free in AD DC Global Catalog LDAP server with paged_result or
    VLV; (bso#14402); (bsc#1173161) + CVE-2020-14303: Endless loop from empty
    UDP packet sent to AD DC nbt_server; (bso#14417); (bsc#1173359).
  o Update to samba 4.11.10 + Fix segfault when using SMBC_opendir_ctx()
    routine for share folder that contains incorrect symbols in any file name;
    (bso#14374). + vfs_shadow_copy2 doesn't fail case looking in
    snapdirseverywhere mode; (bso#14350) + ldb_ldap: Fix off-by-one increment
    in lldb_add_msg_attr; (bso#14413). + Malicous SMB1 server can crash
    libsmbclient; (bso#14366) + winbindd: Fix a use-after-free when winbind
    clients exit; (bso#14382) + ldb: Bump version to 2.0.11, LMDB databases can
    grow without bounds. (bso#14330)
  o Update to samba 4.11.9 + nmblib: Avoid undefined behaviour in
    handle_name_ptrs(); (bso#14242). + 'samba-tool group' commands do not
    handle group names with special chars correctly; (bso#14296). + smbd: avoid
    calling vfs_file_id_from_sbuf() if statinfo is not valid; (bso#14237). +
    Missing check for DMAPI offline status in async DOS attributes; (bso#
    14293). + smbd: Ignore set NTACL requests which contain S-1-5-88 NFS ACEs;
    (bso#14307). + vfs_recycle: Prevent flooding the log if we're called on
    non-existant paths; (bso#14316) + smbd mistakenly updates a file's
    write-time on close; (bso#14320). + RPC handles cannot be differentiated in
    source3 RPC server; (bso#14359). + librpc: Fix IDL for
    svcctl_ChangeServiceConfigW; (bso#14313). + nsswitch: Fix use-after-free
    causing segfault in _pam_delete_cred; (bso#14327). + Fix fruit:time machine
    max size on arm; (bso#13622) + CTDB recovery corner cases can cause record
    resurrection and node banning; (bso#14294). + ctdb: Fix a memleak; (bso#
    14348). + libsmb: Don't try to find posix stat info in SMBC_getatr(). +
    ctdb-tcp: Move free of inbound queue to TCP restart; (bso#14295); (bsc#
    1162680). + s3/librpc/crypto: Fix double free with unresolved credential
    cache; (bso#14344); (bsc#1169095) + s3:libads: Fix ads_get_upn(); (bso#
    14336). + CTDB recovery corner cases can cause record resurrection and node
    banning; (bso#14294) + Starting ctdb node that was powered off hard before
    results in recovery loop; (bso#14295); (bsc#1162680). + ctdb-recoverd:
    Avoid dereferencing NULL rec->nodemap; (bso#14324)
  o Update to samba 4.11.8 + CVE-2020-10700: Use-after-free in Samba AD DC LDAP
    Server with ASQ; (bso#14331); (bsc#1169850); + CVE-2020-10704: LDAP Denial
    of Service (stack overflow) in Samba AD DC; (bso#14334); (bsc#1169851);
  o Update to samba 4.11.7 + s3: lib: nmblib. Clean up and harden nmb packet
    processing; (bso#14239). + s3: VFS: full_audit. Use system session_info if
    called from a temporary share definition; (bso#14283) + dsdb: Correctly
    handle memory in objectclass_attrs; (bso#14258). + ldb: version 2.0.9,
    Samba 4.11 and later give incorrect results for SCOPE_ONE searches; (bso#
    14270) + auth: Fix CIDs 1458418 and 1458420 Null pointer dereferences; (bso
    #14247). + smbd: Handle EINTR from open(2) properly; (bso#14285) + winbind
    member (source3) fails local SAM auth with empty domain name; (bso#14247) +
    winbindd: Handling missing idmap in getgrgid(); (bso#14265). + lib:util:
    Log mkdir error on correct debug levels; (bso#14253). + wafsamba: Do not
    use 'rU' as the 'U' is deprecated in Python 3.9; (bso#14266). + ctdb-tcp:
    Make error handling for outbound connection consistent; (bso#14274).
  o Update to samba 4.11.6 + pygpo: Use correct method flags; (bso#14209). +
    vfs_ceph_snapshots: Fix root relative path handling; (bso#14216); (bsc#
    1141320). + Avoiding bad call flags with python 3.8, using METH_NOARGS
    instead of zero; (bso#14209). + source4/utils/oLschema2ldif: Include
    stdint.h before cmocka.h; (bso#14218). + docs-xml/winbindnssinfo: Clarify
    interaction with idmap_ad etc; (bso#14122). + smbd: Fix the build with
    clang; (bso#14251). + upgradedns: Ensure lmdb lock files linked; (bso#
    14199). + s3: VFS: glusterfs: Reset nlinks for symlink entries during
    readdir; (bso#14182). + smbc_stat() doesn't return the correct st_mode and
    also the uid/gid is not filled (SMBv1) file; (bso#14101). + librpc: Fix
    string length checking in ndr_pull_charset_to_null(); (bso#14219). +
    ctdb-scripts: Strip square brackets when gathering connection info; (bso#
    14227).


  o Add libnetapi-devel to baselibs conf, for wine usage; (bsc#1172307);


  o Installing: samba - samba-ad-dc.service does not exist and unit not found;
    (bsc#1171437);


  o Fix samba_winbind package is installing python3-base without python3
    package; (bsc#1169521);


Changes in ldb:

  o Update to version 2.0.12 + CVE-2020-10730: NULL de-reference in AD DC LDAP
    server when ASQ and VLV combined; (bso#14364); (bsc#1173159). + ldb_ldap:
    fix off-by-one increment in lldb_add_msg_attr; (bso#14413). + lib/ldb: add
    unit test for ldb_ldap internal code.
  o Update to version 2.0.11 + lib ldb: lmdb init var before calling
    mdb_reader_check. + lib ldb: lmdb clear stale readers on write txn start;
    (bso#14330). + ldb tests: Confirm lmdb free list handling

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Module for Python2 15-SP2:
    zypper in -t patch SUSE-SLE-Module-Python2-15-SP2-2020-1948=1
  o SUSE Linux Enterprise Module for Basesystem 15-SP2:
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2020-1948=1
  o SUSE Linux Enterprise High Availability 15-SP2:
    zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2020-1948=1

Package List:

  o SUSE Linux Enterprise Module for Python2 15-SP2 (aarch64 ppc64le s390x
    x86_64):
       samba-ad-dc-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-ad-dc-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-debugsource-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-dsdb-modules-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-dsdb-modules-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
  o SUSE Linux Enterprise Module for Basesystem 15-SP2 (aarch64 ppc64le s390x
    x86_64):
       ldb-debugsource-2.0.12-3.3.1
       ldb-tools-2.0.12-3.3.1
       ldb-tools-debuginfo-2.0.12-3.3.1
       libdcerpc-binding0-4.11.11+git.180.2cf3b203f07-4.5.1
       libdcerpc-binding0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libdcerpc-devel-4.11.11+git.180.2cf3b203f07-4.5.1
       libdcerpc-samr-devel-4.11.11+git.180.2cf3b203f07-4.5.1
       libdcerpc-samr0-4.11.11+git.180.2cf3b203f07-4.5.1
       libdcerpc-samr0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libdcerpc0-4.11.11+git.180.2cf3b203f07-4.5.1
       libdcerpc0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libldb-devel-2.0.12-3.3.1
       libldb2-2.0.12-3.3.1
       libldb2-debuginfo-2.0.12-3.3.1
       libndr-devel-4.11.11+git.180.2cf3b203f07-4.5.1
       libndr-krb5pac-devel-4.11.11+git.180.2cf3b203f07-4.5.1
       libndr-krb5pac0-4.11.11+git.180.2cf3b203f07-4.5.1
       libndr-krb5pac0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libndr-nbt-devel-4.11.11+git.180.2cf3b203f07-4.5.1
       libndr-nbt0-4.11.11+git.180.2cf3b203f07-4.5.1
       libndr-nbt0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libndr-standard-devel-4.11.11+git.180.2cf3b203f07-4.5.1
       libndr-standard0-4.11.11+git.180.2cf3b203f07-4.5.1
       libndr-standard0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libndr0-4.11.11+git.180.2cf3b203f07-4.5.1
       libndr0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libnetapi-devel-4.11.11+git.180.2cf3b203f07-4.5.1
       libnetapi0-4.11.11+git.180.2cf3b203f07-4.5.1
       libnetapi0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-credentials-devel-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-credentials0-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-credentials0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-errors-devel-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-errors0-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-errors0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-hostconfig-devel-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-hostconfig0-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-hostconfig0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-passdb-devel-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-passdb0-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-passdb0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-policy-devel-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-policy-python3-devel-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-policy0-python3-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-policy0-python3-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-util-devel-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-util0-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-util0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamdb-devel-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamdb0-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamdb0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libsmbclient-devel-4.11.11+git.180.2cf3b203f07-4.5.1
       libsmbclient0-4.11.11+git.180.2cf3b203f07-4.5.1
       libsmbclient0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libsmbconf-devel-4.11.11+git.180.2cf3b203f07-4.5.1
       libsmbconf0-4.11.11+git.180.2cf3b203f07-4.5.1
       libsmbconf0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libsmbldap-devel-4.11.11+git.180.2cf3b203f07-4.5.1
       libsmbldap2-4.11.11+git.180.2cf3b203f07-4.5.1
       libsmbldap2-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libtevent-util-devel-4.11.11+git.180.2cf3b203f07-4.5.1
       libtevent-util0-4.11.11+git.180.2cf3b203f07-4.5.1
       libtevent-util0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libwbclient-devel-4.11.11+git.180.2cf3b203f07-4.5.1
       libwbclient0-4.11.11+git.180.2cf3b203f07-4.5.1
       libwbclient0-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       python3-ldb-2.0.12-3.3.1
       python3-ldb-debuginfo-2.0.12-3.3.1
       python3-ldb-devel-2.0.12-3.3.1
       samba-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-client-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-client-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-core-devel-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-debugsource-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-libs-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-libs-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-libs-python3-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-libs-python3-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-python3-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-python3-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-winbind-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-winbind-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
  o SUSE Linux Enterprise Module for Basesystem 15-SP2 (aarch64 x86_64):
       samba-ceph-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-ceph-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
  o SUSE Linux Enterprise Module for Basesystem 15-SP2 (x86_64):
       libdcerpc-binding0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1
       libdcerpc-binding0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libdcerpc0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1
       libdcerpc0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libldb2-32bit-2.0.12-3.3.1
       libldb2-32bit-debuginfo-2.0.12-3.3.1
       libndr-krb5pac0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1
       libndr-krb5pac0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libndr-nbt0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1
       libndr-nbt0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libndr-standard0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1
       libndr-standard0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libndr0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1
       libndr0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libnetapi0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1
       libnetapi0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-credentials0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-credentials0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-errors0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-errors0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-hostconfig0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-hostconfig0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-passdb0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-passdb0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-util0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamba-util0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamdb0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1
       libsamdb0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libsmbconf0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1
       libsmbconf0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libsmbldap2-32bit-4.11.11+git.180.2cf3b203f07-4.5.1
       libsmbldap2-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libtevent-util0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1
       libtevent-util0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       libwbclient0-32bit-4.11.11+git.180.2cf3b203f07-4.5.1
       libwbclient0-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-libs-32bit-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-libs-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-winbind-32bit-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-winbind-32bit-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
  o SUSE Linux Enterprise High Availability 15-SP2 (aarch64 ppc64le s390x
    x86_64):
       ctdb-4.11.11+git.180.2cf3b203f07-4.5.1
       ctdb-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-debuginfo-4.11.11+git.180.2cf3b203f07-4.5.1
       samba-debugsource-4.11.11+git.180.2cf3b203f07-4.5.1


References:

  o https://www.suse.com/security/cve/CVE-2020-10700.html
  o https://www.suse.com/security/cve/CVE-2020-10704.html
  o https://www.suse.com/security/cve/CVE-2020-10730.html
  o https://www.suse.com/security/cve/CVE-2020-10745.html
  o https://www.suse.com/security/cve/CVE-2020-10760.html
  o https://www.suse.com/security/cve/CVE-2020-14303.html
  o https://bugzilla.suse.com/1141320
  o https://bugzilla.suse.com/1162680
  o https://bugzilla.suse.com/1169095
  o https://bugzilla.suse.com/1169521
  o https://bugzilla.suse.com/1169850
  o https://bugzilla.suse.com/1169851
  o https://bugzilla.suse.com/1171437
  o https://bugzilla.suse.com/1172307
  o https://bugzilla.suse.com/1173159
  o https://bugzilla.suse.com/1173160
  o https://bugzilla.suse.com/1173161
  o https://bugzilla.suse.com/1173359
  o https://bugzilla.suse.com/1174120

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXxZwCuNLKJtyKPYoAQhJ3A//f6/jJ1uzBgJRqygrni6dLVcQixdmmplr
cMmWXVrklh0rkqyVjCCrYgvl91ioJlO7bnwF6gEXnFXJIjLKwQ4l+vfMcxp6GoWk
3fafPxNpi63zPcoGOgOncT5Ur4qOcD4AUOAjNgZv5UfkFsEXiN6foP7d4mzjhbvv
mSazQ+tip6ZkcXvn2KjLkSOE89wPo2DTmm8i078sKrT4n0j2e1V5HpV+bFyG0M8Z
9QbfNcVxH4Pn6/rkTivj7IB67GBloV4l0TCZ7QXvz69uDbssvj14X2oSs6J5K0je
2+qDPgItfTlWdIk0f8ZPb9uOVyS986uCjGGfKb3QUeB7cW4+i64JtFBQoVHjlmKh
8u2WC4OlL+2hznLIq45bqdiRAqJn1cMAOwffr1E85KTgDDas74MoOIPO7WA8kk7p
DylVY98DqtrlVQxhm42005CQuwUkNbR9JE3T1nBZZ/a6CiiQlJFn8JoQua+x9aKn
2hw4UZFi561Xr1Vg46O7uYUSiDvvpTmJwxRrFdLs0+RaQRE6fo87WJOBOCM2TAvo
zTcM0I7YoStBmO7qA2gEmn3+boJxnRGPJTDmiftyV5Pjjs0O6YdZciS96pOlCk09
XSR8BjE1CJBbevkQqtvnnYvsvh1Ml3Qe7+DZEcMGfOZVHPQnsxzKwboLPJ/5hKsN
S5RKqH+bCH0=
=hxk6
-----END PGP SIGNATURE-----