Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2021.1001
Red Hat Single Sign-On 7.4.6 security update
24 March 2021
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Red Hat Single Sign-On
Publisher: Red Hat
Operating System: Red Hat
Impact/Access: Cross-site Scripting -- Remote/Unauthenticated
Denial of Service -- Remote/Unauthenticated
Access Confidential Data -- Remote/Unauthenticated
Provide Misleading Information -- Existing Account
Read-only Data Access -- Existing Account
Reduced Security -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2021-20250 CVE-2021-20220 CVE-2020-35510
CVE-2020-28052 CVE-2020-14302 CVE-2020-8908
CVE-2020-7676
Reference: ESB-2020.4248
Original Bulletin:
https://access.redhat.com/errata/RHSA-2021:0967
https://access.redhat.com/errata/RHSA-2021:0968
https://access.redhat.com/errata/RHSA-2021:0969
https://access.redhat.com/errata/RHSA-2021:0974
Comment: This bulletin contains four (4) Red Hat security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Low: Red Hat Single Sign-On 7.4.6 security update on RHEL 6
Advisory ID: RHSA-2021:0967-01
Product: Red Hat Single Sign-On
Advisory URL: https://access.redhat.com/errata/RHSA-2021:0967
Issue date: 2021-03-23
CVE Names: CVE-2020-7676 CVE-2020-14302
=====================================================================
1. Summary:
New Red Hat Single Sign-On 7.4.6 packages are now available for Red Hat
Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Single Sign-On 7.4 for RHEL 6 Server - noarch
3. Description:
Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak
project, that provides authentication and standards-based single sign-on
capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.4.6 on RHEL 6 serves as a
replacement for Red Hat Single Sign-On 7.4.5, and includes bug fixes and
enhancements, which are documented in the Release Notes document linked to
in the References.
Security Fix(es):
* nodejs-angular: XSS due to regex-based HTML replacement (CVE-2020-7676)
* keycloak: reusable "state" parameter at redirect_uri endpoint enables
possibility of replay attacks (CVE-2020-14302)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1849206 - CVE-2020-7676 nodejs-angular: XSS due to regex-based HTML replacement
1849584 - CVE-2020-14302 keycloak: reusable "state" parameter at redirect_uri endpoint enables possibility of replay attacks
6. Package List:
Red Hat Single Sign-On 7.4 for RHEL 6 Server:
Source:
rh-sso7-keycloak-9.0.12-1.redhat_00001.1.el6sso.src.rpm
noarch:
rh-sso7-keycloak-9.0.12-1.redhat_00001.1.el6sso.noarch.rpm
rh-sso7-keycloak-server-9.0.12-1.redhat_00001.1.el6sso.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-7676
https://access.redhat.com/security/cve/CVE-2020-14302
https://access.redhat.com/security/updates/classification/#low
https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.4/html/release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYFn0rtzjgjWX9erEAQiooQ//UTbMYHInn8lC+HnAC3IZVlfgmNtu3EHx
eSOuE9rR1zgWoiRAAMaCiVJQ6GncFM/iLwzpUv0pcKxObiisQTgV5b/q4rZrCMPc
hg/4DjwJhqXf2elomoLMzzQH8uUhLFbHJ5ybO64/PKql/3Gz7zvVXqederiHVsHE
LMPT9OaTIG9rIC+54gZZDgPUeE3+gL1oyDV3zixGCyvWK7pTkKYozR9zanbIRsom
yNLxT6qIyFqBRoGJq2ztJlhrJFw55A/d97RB5Aq1MHc2pAWm9ZY7Q/ZU4gs8yXf4
oSwQXDgz07g5q+61c7v/yETR7oTlTLSYTzVHepYzkVC2IKPAOU6qyDgqhgFcz15Z
TnRlvkAd5SqFO3g0hfsatDIop2VFm/uvK1g1tJtTZDQtVCGXV8+E/DQVI0J3DwHd
xNaAxj4u+n3Dadeg5FEsqTYiya5uwQmlqNRrUtWPKnWWJZL0k5wM26sH2cPeE9EX
LGmXcK8lCPL2/Ouy3ap+Dkbwuza0cdqGafToQfTtjHywrCP6ZQifFLDaV8SQy/Vg
/R9Sex6S0A+ciUjizqJChyemu4mbeLc6Hp7YXa4+n5aJ9mcgwnard/HOx9X36qNO
Mu4GbhDG7kCD82yyG/gKlX2WJFuyf8hQwd3diJd/D421yTjaKvxYq2e5Q1OEmVz7
yqpFAdQPxaQ=
=JHY7
- -----END PGP SIGNATURE-----
- --------------------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Low: Red Hat Single Sign-On 7.4.6 security update on RHEL 7
Advisory ID: RHSA-2021:0968-01
Product: Red Hat Single Sign-On
Advisory URL: https://access.redhat.com/errata/RHSA-2021:0968
Issue date: 2021-03-23
CVE Names: CVE-2020-7676 CVE-2020-14302
=====================================================================
1. Summary:
New Red Hat Single Sign-On 7.4.6 packages are now available for Red Hat
Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Single Sign-On 7.4 for RHEL 7 Server - noarch
3. Description:
Red Hat Single Sign-On is a standalone server, based on the Keycloak
project, that provides authentication and standards-based single sign-on
capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.4.6 on RHEL 7 serves as a
replacement for Red Hat Single Sign-On 7.4.5, and includes bug fixes and
enhancements, which are documented in the Release Notes document linked to
in the References.
Security Fix(es):
* nodejs-angular: XSS due to regex-based HTML replacement (CVE-2020-7676)
* keycloak: reusable "state" parameter at redirect_uri endpoint enables
possibility of replay attacks (CVE-2020-14302)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1849206 - CVE-2020-7676 nodejs-angular: XSS due to regex-based HTML replacement
1849584 - CVE-2020-14302 keycloak: reusable "state" parameter at redirect_uri endpoint enables possibility of replay attacks
6. Package List:
Red Hat Single Sign-On 7.4 for RHEL 7 Server:
Source:
rh-sso7-keycloak-9.0.12-1.redhat_00001.1.el7sso.src.rpm
noarch:
rh-sso7-keycloak-9.0.12-1.redhat_00001.1.el7sso.noarch.rpm
rh-sso7-keycloak-server-9.0.12-1.redhat_00001.1.el7sso.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-7676
https://access.redhat.com/security/cve/CVE-2020-14302
https://access.redhat.com/security/updates/classification/#low
https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.4/html/release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYFn0ydzjgjWX9erEAQi49xAAkB5+0q6+kkltQQfyh1kGIkyNeTEPIUAg
Dpy2bmOY10cUny0PlIuWIVCEbCdhvDr9pAlxCehLznUzyFP+gxxTlvI/Is28erRZ
3cvLo8Yw7EGfOGxYyy1l0MrQfmoAW+NLrRV4TENs2oFxJp8up8H4dEefKIVL/e09
WKxO2AzyZjYnc2XoJgKBoRifo9whuQPhnnM7eqqDCBHGsyTQevNhuAGhnPTK7EP3
mJZihUUp81RARIB94hyVj1BtsVGj++tmZgoDAoAvd528+nZs6jin3tGzS/55Witd
pJhQKYIfi7ulgM2Zxqk06/QPmQXLeR23r6VLqSaxgDjOc+waP8g8udJ5sNNjGOXG
sGUH061rH7xyqMah0vT+r7X9QcZzAi2tbEjOQkpaTyH7C/LBwSQlJd5bGWcRTG0U
8pemHh3xPdP5/kRlItrjw5fY9+rfx4nqv4zo7ZvIxBkuS/hFc0wu87fYInTOupxT
fli0qNDtGT4PaRlKuEOgwn3wCW/aWDiJP0eTwNOjzk1XYJP+G1IO9g4XZXc2lL74
T3VeAO1hlS8P6Sem5e55BQfEgt4QfbvwBcxYutq0ZAm/uKDKnIpmWeDStTC1H/A9
aFrvENcCyHiB6C9FkkHOu+mW1+x+q1TYDZoUUbO0mADUI++THdubQHLMOvvaWIU0
3E4ZZjw6WOk=
=lpNt
- -----END PGP SIGNATURE-----
- --------------------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Low: Red Hat Single Sign-On 7.4.6 security update on RHEL 8
Advisory ID: RHSA-2021:0969-01
Product: Red Hat Single Sign-On
Advisory URL: https://access.redhat.com/errata/RHSA-2021:0969
Issue date: 2021-03-23
CVE Names: CVE-2020-7676 CVE-2020-14302
=====================================================================
1. Summary:
New Red Hat Single Sign-On 7.4.6 packages are now available for Red Hat
Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Single Sign-On 7.4 for RHEL 8 - noarch
3. Description:
Red Hat Single Sign-On is a standalone server, based on the Keycloak
project, that provides authentication and standards-based single sign-on
capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.4.6 on RHEL 8 serves as a
replacement for Red Hat Single Sign-On 7.4.5, and includes bug fixes and
enhancements, which are documented in the Release Notes document linked to
in the References.
Security Fix(es):
* nodejs-angular: XSS due to regex-based HTML replacement (CVE-2020-7676)
* keycloak: reusable "state" parameter at redirect_uri endpoint enables
possibility of replay attacks (CVE-2020-14302)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1849206 - CVE-2020-7676 nodejs-angular: XSS due to regex-based HTML replacement
1849584 - CVE-2020-14302 keycloak: reusable "state" parameter at redirect_uri endpoint enables possibility of replay attacks
6. Package List:
Red Hat Single Sign-On 7.4 for RHEL 8:
Source:
rh-sso7-keycloak-9.0.12-1.redhat_00001.1.el8sso.src.rpm
noarch:
rh-sso7-keycloak-9.0.12-1.redhat_00001.1.el8sso.noarch.rpm
rh-sso7-keycloak-server-9.0.12-1.redhat_00001.1.el8sso.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-7676
https://access.redhat.com/security/cve/CVE-2020-14302
https://access.redhat.com/security/updates/classification/#low
https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.4/html/release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYFn2ytzjgjWX9erEAQiKiQ//XGaHcQRb0WvvvgLUkKOQt32NA/vCGG/a
7jfsVlKcchO646XO2e1iUzpaEAwBv66uEuaxlvlr5Zyno5wbuPI/gP4klNJ93I/+
IWkb7C7ZjJKJQPsSVx9NCEWuE8W/ZdZ50zd91z3+UGA1uhm3y049BeXHLFFM8sAS
euMDgXVBl47McjpwLZAW4Whwk9xh4UvFETuVpJikAVkgN+NwozddUSFcZUBfPyqR
JZg199PJExRev4sSM86Hy4ciKQtJ8T2NEtXeNQ6kmpCQUVlMNQsm9SJN7uM6jZ/5
ABB05JoZJl4+0bYhFim6bImSPIksiv1bNjVih4rfekeeHTdMgLJ51c/WUUSyPM39
vr8szaN7JfK5evG93P789OTLfbZ26lNYuvAXulDUbq+y0BDjZgHG8VmXk2AQI4vI
etJ61ke31RdHHowMCC81fFGnQaUUI31uuSQQT0VwV3jaTqu3798yA3dTc/S05fQR
Mc6KzEN0JbGMTTBCT/p42bKL+cumr4iHgij73K3QkdYNTrLuayRzEtjw4ggLq+Xr
ttYNNp5dK4ha8g7v3WCWiaY8U0TQ1t+gNPGbaJkdRSxv59OLVjqa9GVuR2OGHBqc
QWXLw0KzlISxLsYrIjxbAwhcLLK6bAtLrilR5pIrZYshS32F2q+JvrBlQ07OJOwr
3d3B7y+QZtw=
=RYPD
- -----END PGP SIGNATURE-----
- --------------------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: Red Hat Single Sign-On 7.4.6 security update
Advisory ID: RHSA-2021:0974-01
Product: Red Hat Single Sign-On
Advisory URL: https://access.redhat.com/errata/RHSA-2021:0974
Issue date: 2021-03-23
CVE Names: CVE-2020-7676 CVE-2020-8908 CVE-2020-14302
CVE-2020-28052 CVE-2020-35510 CVE-2021-20220
CVE-2021-20250
=====================================================================
1. Summary:
A security update is now available for Red Hat Single Sign-On 7.4 from the
Customer Portal.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Description:
Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak
project, that provides authentication and standards-based single sign-on
capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.4.6 serves as a replacement for
Red Hat Single Sign-On 7.4.5, and includes bug fixes and enhancements,
which are documented in the Release Notes document linked to in the
References.
Security Fix(es):
* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility
possible (CVE-2020-28052)
* nodejs-angular: XSS due to regex-based HTML replacement (CVE-2020-7676)
* jboss-remoting: Threads hold up forever in the EJB server by suppressing
the ack from an EJB client (CVE-2020-35510)
* undertow: Possible regression in fix for CVE-2020-10687 (CVE-2021-20220)
* wildfly: Information disclosure due to publicly accessible privileged
actions in JBoss EJB Client (CVE-2021-20250)
* guava: local information disclosure via temporary directory created with
unsafe permissions (CVE-2020-8908)
* keycloak: reusable "state" parameter at redirect_uri endpoint enables
possibility of replay attacks (CVE-2020-14302)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
3. Solution:
Before applying the update, back up your existing installation, including
all applications, configuration files, databases and database settings, and
so on.
The References section of this erratum contains a download link (you must
log in to download the update).
4. Bugs fixed (https://bugzilla.redhat.com/):
1849206 - CVE-2020-7676 nodejs-angular: XSS due to regex-based HTML replacement
1849584 - CVE-2020-14302 keycloak: reusable "state" parameter at redirect_uri endpoint enables possibility of replay attacks
1905796 - CVE-2020-35510 jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client
1906919 - CVE-2020-8908 guava: local information disclosure via temporary directory created with unsafe permissions
1912881 - CVE-2020-28052 bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible
1923133 - CVE-2021-20220 undertow: Possible regression in fix for CVE-2020-10687
1929479 - CVE-2021-20250 wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client
5. References:
https://access.redhat.com/security/cve/CVE-2020-7676
https://access.redhat.com/security/cve/CVE-2020-8908
https://access.redhat.com/security/cve/CVE-2020-14302
https://access.redhat.com/security/cve/CVE-2020-28052
https://access.redhat.com/security/cve/CVE-2020-35510
https://access.redhat.com/security/cve/CVE-2021-20220
https://access.redhat.com/security/cve/CVE-2021-20250
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso&downloadType=securityPatches&version=7.4
https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.4/
6. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYFn45tzjgjWX9erEAQg+fxAAn32fXM3qcJfEbR4Cw2r0YJHxaDsJnW2s
AnhFbAqKJ8456CVDp5U2TeMir0ol0fa341TkZR1yY7ZewXJ4TBjoKII5t5xg9d3a
QK1tbPdhjH1cQXtO2mKd9uJkiWhCiGCiHP8u66+B8Su9yfsKufzN8L6IymU1KWRH
sfVXwDiD4p1j7b4jHzKH/eRgawRUjwzKNbYQyDsWZQaG5AB8gcSbBb9xB2Ao5LGF
5wwwBh7Dwp+mv8avZPReQAcOKsOhsPJUzGgKw7GuoHVcC0ebGmiFmeKdGH6fp3oL
2mizHxSz2CYaZpa92gqXOfF2+589jvtmZITLpxCKsHrLFzdJFWO/BfVGE5ope4/v
FVg7zLKRceMpsbKGV/+9EjteDWuJIN5Pmx7dgjBWvevMrGXQxxmFaY3ceQk00gzc
7I/QseunDrBKkhbqwBgzRYB9722ed2GKv3cMatjD7igRenGmi9HQpx7F+GvGifE3
L+2WVn2VIpjI+s6ET3eAgju1vagkezJOifAVp1MJJ1MWZuKntxj4H0TB+88BtzNJ
54bL+R5OZhc0vmCE5VtjMZwamc7umRzjef43GUYZNG7dMLMAHRE5aRpMLSni9R2l
1TCfjFXRcno2v/xRNIObAW4BJpY8GqnxOBapw5RwBGeIA+lH2nrVrblpuFVG37HR
AyZ4UFtY23c=
=l/2h
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYFqHwuNLKJtyKPYoAQjWCw/+JVbJZ06/5Z+FrqQFJn1ZEPQ+VVAVoqtY
2ccR73KMu+dXpZKnZceUsCUQXutkTytjNnXK5ZZ/0X9Fetfh6j42mRp8RLzMYlxq
giA8MWVpSfIzma0yDRLVA6rVuu24Em6h5m9imRBBawr3ws6VuqkCr5NRgDvJi4t7
EqoKKqXbP681x7G5a5tICUHkl4pfF/6iiC8IdmbogFWol/LEQPLkKimGqXYDdqB4
BK6d4kk+hwPMz7ckH3NIGCSFzORKmPZuATOwt8gEeA/HqIRBgyD/mcKt9a2aQHCT
5eF3B53WgTqM0WdeX/7yIV5MfDWvtEEoslHn9WMHagYZmHMs4efOEurTmcPu1/Xf
uNAIWNfmuchrJuKivS+OuP4KFIl7oVA8EqqA5EEELkUaD1VzKT3lC8wrFgz3EY3k
sQlHIB0C0MplQgOGrfv+2G/fSNJLeh2qAInvvExepIPVw8jd4exm/pyFVDgoCnh4
BlFVjHVeom7h2J+1wK/Ok0M+vPRQBdGC3FIm1h59ZidoIm8ON15LChycE+QlA5+9
jBTyo+DR0vTdIs+wWnKlnF5MpEIPmrH3D93ablt0Ocy6Vek8n/p4rAL1OIJbHV7V
iQbryQ9F+64RRuRLBUPD7FkW+IB4RNCTz4FeWBC2bcyE5sZfYvz3GGdaLOacYILY
UVjFZPxHEBY=
=aRa2
-----END PGP SIGNATURE-----