Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.1001 Red Hat Single Sign-On 7.4.6 security update 24 March 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Red Hat Single Sign-On Publisher: Red Hat Operating System: Red Hat Impact/Access: Cross-site Scripting -- Remote/Unauthenticated Denial of Service -- Remote/Unauthenticated Access Confidential Data -- Remote/Unauthenticated Provide Misleading Information -- Existing Account Read-only Data Access -- Existing Account Reduced Security -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2021-20250 CVE-2021-20220 CVE-2020-35510 CVE-2020-28052 CVE-2020-14302 CVE-2020-8908 CVE-2020-7676 Reference: ESB-2020.4248 Original Bulletin: https://access.redhat.com/errata/RHSA-2021:0967 https://access.redhat.com/errata/RHSA-2021:0968 https://access.redhat.com/errata/RHSA-2021:0969 https://access.redhat.com/errata/RHSA-2021:0974 Comment: This bulletin contains four (4) Red Hat security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Single Sign-On 7.4.6 security update on RHEL 6 Advisory ID: RHSA-2021:0967-01 Product: Red Hat Single Sign-On Advisory URL: https://access.redhat.com/errata/RHSA-2021:0967 Issue date: 2021-03-23 CVE Names: CVE-2020-7676 CVE-2020-14302 ===================================================================== 1. Summary: New Red Hat Single Sign-On 7.4.6 packages are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Single Sign-On 7.4 for RHEL 6 Server - noarch 3. Description: Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.6 on RHEL 6 serves as a replacement for Red Hat Single Sign-On 7.4.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix(es): * nodejs-angular: XSS due to regex-based HTML replacement (CVE-2020-7676) * keycloak: reusable "state" parameter at redirect_uri endpoint enables possibility of replay attacks (CVE-2020-14302) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1849206 - CVE-2020-7676 nodejs-angular: XSS due to regex-based HTML replacement 1849584 - CVE-2020-14302 keycloak: reusable "state" parameter at redirect_uri endpoint enables possibility of replay attacks 6. Package List: Red Hat Single Sign-On 7.4 for RHEL 6 Server: Source: rh-sso7-keycloak-9.0.12-1.redhat_00001.1.el6sso.src.rpm noarch: rh-sso7-keycloak-9.0.12-1.redhat_00001.1.el6sso.noarch.rpm rh-sso7-keycloak-server-9.0.12-1.redhat_00001.1.el6sso.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-7676 https://access.redhat.com/security/cve/CVE-2020-14302 https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.4/html/release_notes/index 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYFn0rtzjgjWX9erEAQiooQ//UTbMYHInn8lC+HnAC3IZVlfgmNtu3EHx eSOuE9rR1zgWoiRAAMaCiVJQ6GncFM/iLwzpUv0pcKxObiisQTgV5b/q4rZrCMPc hg/4DjwJhqXf2elomoLMzzQH8uUhLFbHJ5ybO64/PKql/3Gz7zvVXqederiHVsHE LMPT9OaTIG9rIC+54gZZDgPUeE3+gL1oyDV3zixGCyvWK7pTkKYozR9zanbIRsom yNLxT6qIyFqBRoGJq2ztJlhrJFw55A/d97RB5Aq1MHc2pAWm9ZY7Q/ZU4gs8yXf4 oSwQXDgz07g5q+61c7v/yETR7oTlTLSYTzVHepYzkVC2IKPAOU6qyDgqhgFcz15Z TnRlvkAd5SqFO3g0hfsatDIop2VFm/uvK1g1tJtTZDQtVCGXV8+E/DQVI0J3DwHd xNaAxj4u+n3Dadeg5FEsqTYiya5uwQmlqNRrUtWPKnWWJZL0k5wM26sH2cPeE9EX LGmXcK8lCPL2/Ouy3ap+Dkbwuza0cdqGafToQfTtjHywrCP6ZQifFLDaV8SQy/Vg /R9Sex6S0A+ciUjizqJChyemu4mbeLc6Hp7YXa4+n5aJ9mcgwnard/HOx9X36qNO Mu4GbhDG7kCD82yyG/gKlX2WJFuyf8hQwd3diJd/D421yTjaKvxYq2e5Q1OEmVz7 yqpFAdQPxaQ= =JHY7 - -----END PGP SIGNATURE----- - -------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Single Sign-On 7.4.6 security update on RHEL 7 Advisory ID: RHSA-2021:0968-01 Product: Red Hat Single Sign-On Advisory URL: https://access.redhat.com/errata/RHSA-2021:0968 Issue date: 2021-03-23 CVE Names: CVE-2020-7676 CVE-2020-14302 ===================================================================== 1. Summary: New Red Hat Single Sign-On 7.4.6 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Single Sign-On 7.4 for RHEL 7 Server - noarch 3. Description: Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.6 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.4.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix(es): * nodejs-angular: XSS due to regex-based HTML replacement (CVE-2020-7676) * keycloak: reusable "state" parameter at redirect_uri endpoint enables possibility of replay attacks (CVE-2020-14302) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1849206 - CVE-2020-7676 nodejs-angular: XSS due to regex-based HTML replacement 1849584 - CVE-2020-14302 keycloak: reusable "state" parameter at redirect_uri endpoint enables possibility of replay attacks 6. Package List: Red Hat Single Sign-On 7.4 for RHEL 7 Server: Source: rh-sso7-keycloak-9.0.12-1.redhat_00001.1.el7sso.src.rpm noarch: rh-sso7-keycloak-9.0.12-1.redhat_00001.1.el7sso.noarch.rpm rh-sso7-keycloak-server-9.0.12-1.redhat_00001.1.el7sso.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-7676 https://access.redhat.com/security/cve/CVE-2020-14302 https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.4/html/release_notes/index 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYFn0ydzjgjWX9erEAQi49xAAkB5+0q6+kkltQQfyh1kGIkyNeTEPIUAg Dpy2bmOY10cUny0PlIuWIVCEbCdhvDr9pAlxCehLznUzyFP+gxxTlvI/Is28erRZ 3cvLo8Yw7EGfOGxYyy1l0MrQfmoAW+NLrRV4TENs2oFxJp8up8H4dEefKIVL/e09 WKxO2AzyZjYnc2XoJgKBoRifo9whuQPhnnM7eqqDCBHGsyTQevNhuAGhnPTK7EP3 mJZihUUp81RARIB94hyVj1BtsVGj++tmZgoDAoAvd528+nZs6jin3tGzS/55Witd pJhQKYIfi7ulgM2Zxqk06/QPmQXLeR23r6VLqSaxgDjOc+waP8g8udJ5sNNjGOXG sGUH061rH7xyqMah0vT+r7X9QcZzAi2tbEjOQkpaTyH7C/LBwSQlJd5bGWcRTG0U 8pemHh3xPdP5/kRlItrjw5fY9+rfx4nqv4zo7ZvIxBkuS/hFc0wu87fYInTOupxT fli0qNDtGT4PaRlKuEOgwn3wCW/aWDiJP0eTwNOjzk1XYJP+G1IO9g4XZXc2lL74 T3VeAO1hlS8P6Sem5e55BQfEgt4QfbvwBcxYutq0ZAm/uKDKnIpmWeDStTC1H/A9 aFrvENcCyHiB6C9FkkHOu+mW1+x+q1TYDZoUUbO0mADUI++THdubQHLMOvvaWIU0 3E4ZZjw6WOk= =lpNt - -----END PGP SIGNATURE----- - -------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Single Sign-On 7.4.6 security update on RHEL 8 Advisory ID: RHSA-2021:0969-01 Product: Red Hat Single Sign-On Advisory URL: https://access.redhat.com/errata/RHSA-2021:0969 Issue date: 2021-03-23 CVE Names: CVE-2020-7676 CVE-2020-14302 ===================================================================== 1. Summary: New Red Hat Single Sign-On 7.4.6 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Single Sign-On 7.4 for RHEL 8 - noarch 3. Description: Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.6 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.4.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix(es): * nodejs-angular: XSS due to regex-based HTML replacement (CVE-2020-7676) * keycloak: reusable "state" parameter at redirect_uri endpoint enables possibility of replay attacks (CVE-2020-14302) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1849206 - CVE-2020-7676 nodejs-angular: XSS due to regex-based HTML replacement 1849584 - CVE-2020-14302 keycloak: reusable "state" parameter at redirect_uri endpoint enables possibility of replay attacks 6. Package List: Red Hat Single Sign-On 7.4 for RHEL 8: Source: rh-sso7-keycloak-9.0.12-1.redhat_00001.1.el8sso.src.rpm noarch: rh-sso7-keycloak-9.0.12-1.redhat_00001.1.el8sso.noarch.rpm rh-sso7-keycloak-server-9.0.12-1.redhat_00001.1.el8sso.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-7676 https://access.redhat.com/security/cve/CVE-2020-14302 https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.4/html/release_notes/index 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYFn2ytzjgjWX9erEAQiKiQ//XGaHcQRb0WvvvgLUkKOQt32NA/vCGG/a 7jfsVlKcchO646XO2e1iUzpaEAwBv66uEuaxlvlr5Zyno5wbuPI/gP4klNJ93I/+ IWkb7C7ZjJKJQPsSVx9NCEWuE8W/ZdZ50zd91z3+UGA1uhm3y049BeXHLFFM8sAS euMDgXVBl47McjpwLZAW4Whwk9xh4UvFETuVpJikAVkgN+NwozddUSFcZUBfPyqR JZg199PJExRev4sSM86Hy4ciKQtJ8T2NEtXeNQ6kmpCQUVlMNQsm9SJN7uM6jZ/5 ABB05JoZJl4+0bYhFim6bImSPIksiv1bNjVih4rfekeeHTdMgLJ51c/WUUSyPM39 vr8szaN7JfK5evG93P789OTLfbZ26lNYuvAXulDUbq+y0BDjZgHG8VmXk2AQI4vI etJ61ke31RdHHowMCC81fFGnQaUUI31uuSQQT0VwV3jaTqu3798yA3dTc/S05fQR Mc6KzEN0JbGMTTBCT/p42bKL+cumr4iHgij73K3QkdYNTrLuayRzEtjw4ggLq+Xr ttYNNp5dK4ha8g7v3WCWiaY8U0TQ1t+gNPGbaJkdRSxv59OLVjqa9GVuR2OGHBqc QWXLw0KzlISxLsYrIjxbAwhcLLK6bAtLrilR5pIrZYshS32F2q+JvrBlQ07OJOwr 3d3B7y+QZtw= =RYPD - -----END PGP SIGNATURE----- - -------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat Single Sign-On 7.4.6 security update Advisory ID: RHSA-2021:0974-01 Product: Red Hat Single Sign-On Advisory URL: https://access.redhat.com/errata/RHSA-2021:0974 Issue date: 2021-03-23 CVE Names: CVE-2020-7676 CVE-2020-8908 CVE-2020-14302 CVE-2020-28052 CVE-2020-35510 CVE-2021-20220 CVE-2021-20250 ===================================================================== 1. Summary: A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.6 serves as a replacement for Red Hat Single Sign-On 7.4.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix(es): * bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible (CVE-2020-28052) * nodejs-angular: XSS due to regex-based HTML replacement (CVE-2020-7676) * jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client (CVE-2020-35510) * undertow: Possible regression in fix for CVE-2020-10687 (CVE-2021-20220) * wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client (CVE-2021-20250) * guava: local information disclosure via temporary directory created with unsafe permissions (CVE-2020-8908) * keycloak: reusable "state" parameter at redirect_uri endpoint enables possibility of replay attacks (CVE-2020-14302) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 3. Solution: Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on. The References section of this erratum contains a download link (you must log in to download the update). 4. Bugs fixed (https://bugzilla.redhat.com/): 1849206 - CVE-2020-7676 nodejs-angular: XSS due to regex-based HTML replacement 1849584 - CVE-2020-14302 keycloak: reusable "state" parameter at redirect_uri endpoint enables possibility of replay attacks 1905796 - CVE-2020-35510 jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client 1906919 - CVE-2020-8908 guava: local information disclosure via temporary directory created with unsafe permissions 1912881 - CVE-2020-28052 bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible 1923133 - CVE-2021-20220 undertow: Possible regression in fix for CVE-2020-10687 1929479 - CVE-2021-20250 wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client 5. References: https://access.redhat.com/security/cve/CVE-2020-7676 https://access.redhat.com/security/cve/CVE-2020-8908 https://access.redhat.com/security/cve/CVE-2020-14302 https://access.redhat.com/security/cve/CVE-2020-28052 https://access.redhat.com/security/cve/CVE-2020-35510 https://access.redhat.com/security/cve/CVE-2021-20220 https://access.redhat.com/security/cve/CVE-2021-20250 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso&downloadType=securityPatches&version=7.4 https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.4/ 6. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYFn45tzjgjWX9erEAQg+fxAAn32fXM3qcJfEbR4Cw2r0YJHxaDsJnW2s AnhFbAqKJ8456CVDp5U2TeMir0ol0fa341TkZR1yY7ZewXJ4TBjoKII5t5xg9d3a QK1tbPdhjH1cQXtO2mKd9uJkiWhCiGCiHP8u66+B8Su9yfsKufzN8L6IymU1KWRH sfVXwDiD4p1j7b4jHzKH/eRgawRUjwzKNbYQyDsWZQaG5AB8gcSbBb9xB2Ao5LGF 5wwwBh7Dwp+mv8avZPReQAcOKsOhsPJUzGgKw7GuoHVcC0ebGmiFmeKdGH6fp3oL 2mizHxSz2CYaZpa92gqXOfF2+589jvtmZITLpxCKsHrLFzdJFWO/BfVGE5ope4/v FVg7zLKRceMpsbKGV/+9EjteDWuJIN5Pmx7dgjBWvevMrGXQxxmFaY3ceQk00gzc 7I/QseunDrBKkhbqwBgzRYB9722ed2GKv3cMatjD7igRenGmi9HQpx7F+GvGifE3 L+2WVn2VIpjI+s6ET3eAgju1vagkezJOifAVp1MJJ1MWZuKntxj4H0TB+88BtzNJ 54bL+R5OZhc0vmCE5VtjMZwamc7umRzjef43GUYZNG7dMLMAHRE5aRpMLSni9R2l 1TCfjFXRcno2v/xRNIObAW4BJpY8GqnxOBapw5RwBGeIA+lH2nrVrblpuFVG37HR AyZ4UFtY23c= =l/2h - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYFqHwuNLKJtyKPYoAQjWCw/+JVbJZ06/5Z+FrqQFJn1ZEPQ+VVAVoqtY 2ccR73KMu+dXpZKnZceUsCUQXutkTytjNnXK5ZZ/0X9Fetfh6j42mRp8RLzMYlxq giA8MWVpSfIzma0yDRLVA6rVuu24Em6h5m9imRBBawr3ws6VuqkCr5NRgDvJi4t7 EqoKKqXbP681x7G5a5tICUHkl4pfF/6iiC8IdmbogFWol/LEQPLkKimGqXYDdqB4 BK6d4kk+hwPMz7ckH3NIGCSFzORKmPZuATOwt8gEeA/HqIRBgyD/mcKt9a2aQHCT 5eF3B53WgTqM0WdeX/7yIV5MfDWvtEEoslHn9WMHagYZmHMs4efOEurTmcPu1/Xf uNAIWNfmuchrJuKivS+OuP4KFIl7oVA8EqqA5EEELkUaD1VzKT3lC8wrFgz3EY3k sQlHIB0C0MplQgOGrfv+2G/fSNJLeh2qAInvvExepIPVw8jd4exm/pyFVDgoCnh4 BlFVjHVeom7h2J+1wK/Ok0M+vPRQBdGC3FIm1h59ZidoIm8ON15LChycE+QlA5+9 jBTyo+DR0vTdIs+wWnKlnF5MpEIPmrH3D93ablt0Ocy6Vek8n/p4rAL1OIJbHV7V iQbryQ9F+64RRuRLBUPD7FkW+IB4RNCTz4FeWBC2bcyE5sZfYvz3GGdaLOacYILY UVjFZPxHEBY= =aRa2 -----END PGP SIGNATURE-----