From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bug-guix-bounces+larch=yhetil.org@gnu.org>
Received: from mp1.migadu.com ([2001:41d0:303:e224::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms1.migadu.com with LMTPS
	id QJQqFaAVDmbikQAA62LTzQ:P1
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Thu, 04 Apr 2024 04:51:12 +0200
Received: from aspmx1.migadu.com ([2001:41d0:303:e224::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp1.migadu.com with LMTPS
	id QJQqFaAVDmbikQAA62LTzQ
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Thu, 04 Apr 2024 04:51:12 +0200
X-Envelope-To: larch@yhetil.org
Authentication-Results: aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=protonmail.com header.s=protonmail3 header.b=G+rUptL5;
	spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org";
	dmarc=pass (policy=none) header.from=gnu.org
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
	s=key1; t=1712199072;
	h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:resent-cc:resent-from:resent-sender:
	 resent-message-id:in-reply-to:in-reply-to:references:references:
	 list-id:list-help:list-unsubscribe:list-subscribe:list-post:
	 dkim-signature; bh=B7Sf2Nx+quo+7OUcwh8eoBkM5p26J68Gqe1N5Y2MAXM=;
	b=mG2z5zgTDSfUCmnc+49LnsI6UwI/KQ42QuDVX4gRzrYANBJ3ap90Flt7/e0jnITr8wcrFA
	nB4dZaUQSrDRryQdIQWoyYlgykfOvoaeXb/fmlx/YjnD3TUsoiR0t/Ve1gmnpqRQPPu5BJ
	3kkRHrW+beq+2hEOjLFnAXHuqjPpF2mYR9ihplhopT8BFdI+p2SVsvQbQ2bGDMkAETYAZw
	ONjF31LomhRgGpGCq5flCQrdYKh6RprxuOdqF8XAUPUwUIxc3pB7s2Cp06af+uQZK+hQh0
	1Nb5zmVLJOdZ66Wp6NZaeAH4HRG9j5jfTj1XjkZ+AREhC292HdduqpGHwp26yQ==
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1712199072; a=rsa-sha256; cv=none;
	b=b1pCrhMctOKWJ1E/62lT9MS/hVJbN5sXq+RIapadJd0WJKn3Tag2EptZ0Qqx549DYdT9oW
	MGqm6E1dZSF0H/kFiGCpFonYDLsiBH3OkTeTrKe77pex9c9l+XOAulLcZehBHQ80LF0xv+
	pg35dhvp9NpEoMOpgtyDfTkGkiTG0WduqlWLFtR5EAt++ZarMFJNYgZ1cYQX2Ff2Hq8ZMT
	y4IKd2xaprLHlgci2jaCiZtsWeERgrAJGYpQQrH6dEUKadec298eIAZW+6oz/r+fwVO4zt
	oyKVt6PvZsJm79pksslkPlRNSXNvqK0gj+EeyTTdHXzma6Rr3TN4mMOVpMbymw==
ARC-Authentication-Results: i=1;
	aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=protonmail.com header.s=protonmail3 header.b=G+rUptL5;
	spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org";
	dmarc=pass (policy=none) header.from=gnu.org
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id C04A21C4AF
	for <larch@yhetil.org>; Thu,  4 Apr 2024 04:51:11 +0200 (CEST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <bug-guix-bounces@gnu.org>)
	id 1rsDBr-0003hW-Du; Wed, 03 Apr 2024 22:50:59 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1rsDBp-0003hD-NT
 for bug-guix@gnu.org; Wed, 03 Apr 2024 22:50:57 -0400
Received: from debbugs.gnu.org ([2001:470:142:5::43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1rsDBp-000683-FQ
 for bug-guix@gnu.org; Wed, 03 Apr 2024 22:50:57 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1rsDBu-0006gz-2c
 for bug-guix@gnu.org; Wed, 03 Apr 2024 22:51:02 -0400
X-Loop: help-debbugs@gnu.org
Subject: bug#70174: OpenEXR is vulnerable to CVE-2023-5841 and CVE-2021-45942
References: <dc687d2e-19fc-4cb6-aca9-5328d2c6c8f1@posteo.net>
In-Reply-To: <dc687d2e-19fc-4cb6-aca9-5328d2c6c8f1@posteo.net>
Resent-From: John Kehayias <john.kehayias@protonmail.com>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-guix@gnu.org
Resent-Date: Thu, 04 Apr 2024 02:51:02 +0000
Resent-Message-ID: <handler.70174.B70174.171219904925635@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 70174
X-GNU-PR-Package: guix
X-GNU-PR-Keywords: 
To: Vinicius Monego <monego@posteo.net>
Cc: 70174@debbugs.gnu.org
Received: via spool by 70174-submit@debbugs.gnu.org id=B70174.171219904925635
 (code B ref 70174); Thu, 04 Apr 2024 02:51:02 +0000
Received: (at 70174) by debbugs.gnu.org; 4 Apr 2024 02:50:49 +0000
Received: from localhost ([127.0.0.1]:60084 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1rsDBh-0006fO-50
 for submit@debbugs.gnu.org; Wed, 03 Apr 2024 22:50:49 -0400
Received: from mail-4316.protonmail.ch ([185.70.43.16]:12771)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <john.kehayias@protonmail.com>) id 1rsDBd-0006eT-Sq
 for 70174@debbugs.gnu.org; Wed, 03 Apr 2024 22:50:47 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com;
 s=protonmail3; t=1712199034; x=1712458234;
 bh=B7Sf2Nx+quo+7OUcwh8eoBkM5p26J68Gqe1N5Y2MAXM=;
 h=Date:To:From:Cc:Subject:Message-ID:Feedback-ID:From:To:Cc:Date:
 Subject:Reply-To:Feedback-ID:Message-ID:BIMI-Selector;
 b=G+rUptL5Vh8jluWknpVLFYUb23JLPV196xWozNoJAS66pkq4lORjEemqPCoJnjzTN
 1BfeRN6zZ5qgLEiSv1oOohyuFPVdiWwI0z8gi2SEW8EctPN0xlDe+laXKlyUn/TfhZ
 9nXV5mBN9gTBqhcjHjBB1wsfS+i5ZIjjH7dRqlMhy6ov+tznsvWY3fvOaXdFXHzmMB
 u+cFxsssroBCYV4zoG9caOAzoFoavqYxMPH2ChcNRS2cdQrvTy/r0JztKX3zmclAKR
 SdxDoCfL0VEKS8dgci4ZgF9cHugw9wgnvHRsrlfI5uo5SKqsIaxJtO4uxYSF2Gc/gF
 Bqb8gHe12MBHA==
Date: Thu, 04 Apr 2024 02:50:28 +0000
Message-ID: <87zfu9vo28.fsf@protonmail.com>
Feedback-ID: 7805494:user:proton
MIME-Version: 1.0
Content-Type: multipart/mixed;
 boundary="b1_BRWXhPwGgCEGzc0gKGbk0ZBfR1TWcqNDy0o3Oebhc"
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: bug-guix@gnu.org
List-Id: Bug reports for GNU Guix <bug-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-guix>,
 <mailto:bug-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/bug-guix>
List-Post: <mailto:bug-guix@gnu.org>
List-Help: <mailto:bug-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-guix>,
 <mailto:bug-guix-request@gnu.org?subject=subscribe>
Reply-to:  John Kehayias <john.kehayias@protonmail.com>
From:  John Kehayias via Bug reports for GNU Guix <bug-guix@gnu.org>
Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org
Sender: bug-guix-bounces+larch=yhetil.org@gnu.org
X-Migadu-Flow: FLOW_IN
X-Migadu-Country: US
X-Migadu-Spam-Score: -5.76
X-Spam-Score: -5.76
X-Migadu-Queue-Id: C04A21C4AF
X-Migadu-Scanner: mx12.migadu.com
X-TUID: 7YZ1FPktAjaJ

This is a multi-part message in MIME format.

--b1_BRWXhPwGgCEGzc0gKGbk0ZBfR1TWcqNDy0o3Oebhc
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Hello,

On Thu, Apr 04, 2024 at 01:07 AM, Vinicius Monego wrote:

> OpenEXR suffers from these vulnerabilities which were fixed in version
> 3.2.2 [1] and 3.1.4 [2], respectively, while our version is currently
> 3.1.3.
>
> The package contains 448 dependents, and a change in derivation
> shouldn't be pushed to master, at least according to the patch
> submission guidelines.
>
> [1] https://nvd.nist.gov/vuln/detail/CVE-2023-5841
>
> [2] https://nvd.nist.gov/vuln/detail/CVE-2021-45942

Thanks for passing this along.

I've applied a patch, attached, locally to the mesa-updates branch which
 updates openexr to the latest version, 3.2.4. It required a few minor
 changes (fix a phase, an input) but it builds.

I may wait to queue up some more fixes for that branch, but don't
currently have anything pending. Either way, it will be there soon and
hopefully merged to master (just need to wait for everything to build
and look good).

Thanks!
John

--b1_BRWXhPwGgCEGzc0gKGbk0ZBfR1TWcqNDy0o3Oebhc
Content-Type: text/x-patch; name=0001-gnu-openexr-Update-to-3.2.4-security-fixes.patch
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=0001-gnu-openexr-Update-to-3.2.4-security-fixes.patch

RnJvbSA4NzAzNTkzNTFlODBhM2QxNDMwNGE0ZjZhMWI3MzRmNjdjMWVhMTY3IE1vbiBTZXAgMTcg
MDA6MDA6MDAgMjAwMQ0KTWVzc2FnZS1JRDogPDg3MDM1OTM1MWU4MGEzZDE0MzA0YTRmNmExYjcz
NGY2N2MxZWExNjcuMTcxMjE5ODg1OC5naXQuam9obi5rZWhheWlhc0Bwcm90b25tYWlsLmNvbT4N
CkZyb206IEpvaG4gS2VoYXlpYXMgPGpvaG4ua2VoYXlpYXNAcHJvdG9ubWFpbC5jb20+DQpEYXRl
OiBXZWQsIDMgQXByIDIwMjQgMjI6NDU6NTAgLTA0MDANClN1YmplY3Q6IFtQQVRDSF0gZ251OiBv
cGVuZXhyOiBVcGRhdGUgdG8gMy4yLjQgW3NlY3VyaXR5IGZpeGVzXS4NCg0KUHJldmlvdXMgdmVy
c2lvbnMsIDMuMi4yIGFuZCAzLjEuNCwgZml4ZWQgQ1ZFLTIwMjMtNTg0MSBhbmQgQ1ZFLTIwMjEt
NDU5NDIsDQpyZXNwZWN0aXZlbHkuDQoNCiogZ251L3BhY2thZ2VzL2dyYXBoaWNzLnNjbSAob3Bl
bmV4cik6IFVwZGF0ZSB0byAzLjIuNC4NCg0KUmVwb3J0ZWQtYnk6IFZpbmljaXVzIE1vbmVnbyA8
bW9uZWdvQHBvc3Rlby5uZXQ+DQpDaGFuZ2UtSWQ6IEk3MmY4MmU2MjNjOWI4OTg4Y2FlNDMzOTQ3
MTE3Y2Q4MWY0MGNkYmMzDQotLS0NCiBnbnUvcGFja2FnZXMvZ3JhcGhpY3Muc2NtIHwgOCArKyst
LS0tLQ0KIDEgZmlsZSBjaGFuZ2VkLCAzIGluc2VydGlvbnMoKyksIDUgZGVsZXRpb25zKC0pDQoN
CmRpZmYgLS1naXQgYS9nbnUvcGFja2FnZXMvZ3JhcGhpY3Muc2NtIGIvZ251L3BhY2thZ2VzL2dy
YXBoaWNzLnNjbQ0KaW5kZXggYWQwODE0MWM5Ni4uMTg4ZTA2Njc2NiAxMDA2NDQNCi0tLSBhL2du
dS9wYWNrYWdlcy9ncmFwaGljcy5zY20NCisrKyBiL2dudS9wYWNrYWdlcy9ncmFwaGljcy5zY20N
CkBAIC0xMjAwLDcgKzEyMDAsNyBAQCAoZGVmaW5lLXB1YmxpYyBvZ3JlDQogKGRlZmluZS1wdWJs
aWMgb3BlbmV4cg0KICAgKHBhY2thZ2UNCiAgICAgKG5hbWUgIm9wZW5leHIiKQ0KLSAgICAodmVy
c2lvbiAiMy4xLjMiKQ0KKyAgICAodmVyc2lvbiAiMy4yLjQiKQ0KICAgICAoc291cmNlIChvcmln
aW4NCiAgICAgICAgICAgICAgIChtZXRob2QgZ2l0LWZldGNoKQ0KICAgICAgICAgICAgICAgKHVy
aSAoZ2l0LXJlZmVyZW5jZQ0KQEAgLTEyMTAsNyArMTIxMCw3IEBAIChkZWZpbmUtcHVibGljIG9w
ZW5leHINCiAgICAgICAgICAgICAgIChmaWxlLW5hbWUgKGdpdC1maWxlLW5hbWUgbmFtZSB2ZXJz
aW9uKSkNCiAgICAgICAgICAgICAgIChzaGEyNTYNCiAgICAgICAgICAgICAgICAoYmFzZTMyDQot
ICAgICAgICAgICAgICAgICIwYzl2bGEwa2JzYmJoa2s0MmpsYmY5NG56ZmIxYW5xaDdkeTliMGIz
bm5hMXFyNnY0Ymg2IikpKSkNCisgICAgICAgICAgICAgICAgIjAwczFhMDVrZ2drNzF2ZmJuc3Z5
a3lqYzJqN3k2eXl6Z2w2M3N5NHlpZGRzaHoyazJtY3IiKSkpKQ0KICAgICAoYnVpbGQtc3lzdGVt
IGNtYWtlLWJ1aWxkLXN5c3RlbSkNCiAgICAgKGFyZ3VtZW50cw0KICAgICAgKGxpc3QgIzpwaGFz
ZXMNCkBAIC0xMjE4LDggKzEyMTgsNiBAQCAoZGVmaW5lLXB1YmxpYyBvcGVuZXhyDQogICAgICAg
ICAgICAgICAgKGFkZC1hZnRlciAndW5wYWNrICdwYXRjaC10ZXN0LWRpcmVjdG9yeQ0KICAgICAg
ICAgICAgICAgICAgKGxhbWJkYSBfDQogICAgICAgICAgICAgICAgICAgIChzdWJzdGl0dXRlKiAo
bGlzdA0KLSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICJzcmMvdGVzdC9PcGVuRVhS
VXRpbFRlc3QvdG1wRGlyLmgiDQotICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgInNy
Yy90ZXN0L09wZW5FWFJGdXp6VGVzdC90bXBEaXIuaCINCiAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgICAic3JjL3Rlc3QvT3BlbkVYUlRlc3QvdG1wRGlyLmgiDQogICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgInNyYy90ZXN0L09wZW5FWFJDb3JlVGVzdC9tYWluLmNwcCIp
DQogICAgICAgICAgICAgICAgICAgICAgKCgiL3Zhci90bXAiKQ0KQEAgLTEyNDcsNyArMTI0NSw3
IEBAIChkZWZpbmUtcHVibGljIG9wZW5leHINCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICIiKQ0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAoKCJURVNUIFxcKHRlc3RP
cHRpbWl6ZWRJbnRlcmxlYXZlUGF0dGVybnMsIFwiYmFzaWNcIlxcKTsiKQ0KICAgICAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgIiIpKSkpKSkpKSkNCi0gICAgKGlucHV0cyAobGlzdCBpbWF0
aCB6bGliKSkNCisgICAgKGlucHV0cyAobGlzdCBpbWF0aCBsaWJkZWZsYXRlIHpsaWIpKQ0KICAg
ICAoaG9tZS1wYWdlICJodHRwczovL3d3dy5vcGVuZXhyLmNvbS8iKQ0KICAgICAoc3lub3BzaXMg
IkhpZ2gtZHluYW1pYy1yYW5nZSBmaWxlIGZvcm1hdCBsaWJyYXJ5IikNCiAgICAgKGRlc2NyaXB0
aW9uDQoNCmJhc2UtY29tbWl0OiAxY2JhMWY4Y2U2Zjg0YzQ3Mzc2NTA0MDFjMGViMDQ3M2E0NWY5
ZmY3DQpwcmVyZXF1aXNpdGUtcGF0Y2gtaWQ6IGZhMWYyM2UxMzQwYTNlZWI5ZjM0N2VkNzE5Yjli
MGZhMDU1OGZiM2YNCnByZXJlcXVpc2l0ZS1wYXRjaC1pZDogYTFlYjVmMDk1NWI5OTg4ZDNiZmUz
YmU4NDAzYzc1OTk5YTFjYWU1Zg0KcHJlcmVxdWlzaXRlLXBhdGNoLWlkOiAyODg5YmUxOWM0YTA0
Njc2MGYyZjYwOGNlZmZmOTg3YjExYjY1YTMxDQpwcmVyZXF1aXNpdGUtcGF0Y2gtaWQ6IGVhOTNi
NjY2MjI3NWFlZWMxZTAxNGE5YmM5ZmU3YTk2ZjI2YWM2MDANCnByZXJlcXVpc2l0ZS1wYXRjaC1p
ZDogMTc3NDQwYTEyYjdjNzk3ZDIyZjhiYjEyNTNkYjEzM2QyZmJhZDM0OA0KcHJlcmVxdWlzaXRl
LXBhdGNoLWlkOiAzYTUxODljMWU4ZTQ2MTJjZWI2ZjFiNzBjYzNjODNlMzlhOTc3ZWI5DQpwcmVy
ZXF1aXNpdGUtcGF0Y2gtaWQ6IDdkZGZhNzk2OTE0ZjA3ODYxNTcyNDk0OWRiN2MxYWM2YzE0OGQw
OWYNCnByZXJlcXVpc2l0ZS1wYXRjaC1pZDogMzAzN2I1NmM3MzFiYzBhNjJjNmI0YTJjZmVjYmFk
YzhlYWQzODQ1Mw0KcHJlcmVxdWlzaXRlLXBhdGNoLWlkOiAxNjM1ODE1OTdjMTQxZTcwMWZjODA4
OWE2MzM3NjgzYWJjZTgyODk0DQpwcmVyZXF1aXNpdGUtcGF0Y2gtaWQ6IGYyZjExNmQ5ZmVkYWRi
MzQ0M2JjNjFmZjM4MjRjNDc5Y2RhNWZjZjANCnByZXJlcXVpc2l0ZS1wYXRjaC1pZDogNTc4MDc4
MTRmZTk4YTY4ZmZjNjhmYjllYmRiOTJhNzExNTk1OWUwYg0KcHJlcmVxdWlzaXRlLXBhdGNoLWlk
OiA5NWY1MThjZDZiZDQwMDE0YTJjYjFiODNmNWFmODA3YjA2OWE4NGNmDQpwcmVyZXF1aXNpdGUt
cGF0Y2gtaWQ6IDA0MGVjZjhmODQzNDk4YjdiY2VkYWMzMzVjZmYxYjg0YWYxN2ZhZDkNCnByZXJl
cXVpc2l0ZS1wYXRjaC1pZDogMDZiNTRjMjdmNWVjZDE4MjU3NGJlMjIyYTUwZjU5MmM1ZmIzZmE0
ZA0KcHJlcmVxdWlzaXRlLXBhdGNoLWlkOiA1MGYxYmQwYWM3MzZkMTc1MTE2ODkzZDc5ODY5Nzgw
MDcwYTJlYTU5DQpwcmVyZXF1aXNpdGUtcGF0Y2gtaWQ6IDAzYmUwZTZkMjhjZDZjMTFlYWFmN2I5
Nzg0YmEwMzJmYTcyYmU0ZmYNCnByZXJlcXVpc2l0ZS1wYXRjaC1pZDogZGNlNGViYzhjN2RjMjZk
Zjg3YjFhOTFmNjc2ZjY2MGE4NzM3OWM4YQ0KcHJlcmVxdWlzaXRlLXBhdGNoLWlkOiBlM2YyMTI5
MGJhYTZlYzgyYjY3MzM4Nzk3NGFlMjU2MWNhYWQ3ZTY0DQpwcmVyZXF1aXNpdGUtcGF0Y2gtaWQ6
IDE1ZjI2NmY0M2MxOTE4Y2M4NTI2NDA2MjgzYWY4MzM2OWM0ZGM4MGUNCnByZXJlcXVpc2l0ZS1w
YXRjaC1pZDogNzhlZWRkMzA3ODZjNzdlMGUwYTA2ZjFkOTU5ZWU5YjY4NzkwMmQ4Zg0KcHJlcmVx
dWlzaXRlLXBhdGNoLWlkOiAzYWQ1NzFkNDk3NWYxNzIxNmM3YWIwMDhmM2U4MWM1ZTAzOGVjNjVi
DQpwcmVyZXF1aXNpdGUtcGF0Y2gtaWQ6IDhiY2YwM2Y0ODliMmYxMzlkMjc3ZDBlNDY1NTJhYzAy
MTFiMDYxYjINCnByZXJlcXVpc2l0ZS1wYXRjaC1pZDogMGU5MjU3NmQ2Yjc2N2U3NWQ2NGFjY2Y1
YjVkMzhlZGEwOGRhZTc4ZQ0KLS0gDQoyLjQxLjANCg0K

--b1_BRWXhPwGgCEGzc0gKGbk0ZBfR1TWcqNDy0o3Oebhc--