From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:470:142:3::10]:38598)
 by lists.gnu.org with esmtp (Exim 4.86_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hjBVI-0004ZK-Bl
 for guix-patches@gnu.org; Thu, 04 Jul 2019 19:51:05 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hjBVG-0002zk-L9
 for guix-patches@gnu.org; Thu, 04 Jul 2019 19:51:04 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:43284)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
 (Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1hjBVG-0002zc-GL
 for guix-patches@gnu.org; Thu, 04 Jul 2019 19:51:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1hjBVG-0006Xn-Dx
 for guix-patches@gnu.org; Thu, 04 Jul 2019 19:51:02 -0400
Subject: [bug#36424] expat-2.2.7 for CVE-2018-20843
Resent-Message-ID: <handler.36424.B36424.156228421525089@debbugs.gnu.org>
Date: Thu, 4 Jul 2019 19:49:57 -0400 (EDT)
From: Jack Hill <jackhill@jackhill.us>
In-Reply-To: <alpine.DEB.2.20.1907021647200.17508@marsh.hcoop.net>
Message-ID: <alpine.DEB.2.20.1907041947340.17508@marsh.hcoop.net>
References: <alpine.DEB.2.20.1906281553100.17508@marsh.hcoop.net>
 <87o92fv0u1.fsf@devup.no>
 <alpine.DEB.2.20.1907021647200.17508@marsh.hcoop.net>
MIME-Version: 1.0
Content-Type: multipart/mixed;
 BOUNDARY="925712948-1618475577-1562284198=:17508"
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+kyle=kyleam.com@gnu.org>
To: Marius Bakke <mbakke@fastmail.com>
Cc: 36424@debbugs.gnu.org

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

--925712948-1618475577-1562284198=:17508
Content-Type: text/plain; charset=US-ASCII; format=flowed

On Tue, 2 Jul 2019, Jack Hill wrote:

>> Apparently these symbols were never supposed to be exported:
>> <https://github.com/libexpat/libexpat/pull/197>.  However, there could
>> be packages "in the wild" that uses these symbols and would silently
>> break with the grafted Expat.
>> 
>> IIUC the fix for CVE-2018-20843 is this commit:
>> <https://github.com/libexpat/libexpat/commit/11f8838bf99ea0a6f0b76f9760c43704d00c4ff6>.
>> 
>> I think it's better to graft a variant with only this patch to be on the
>> safe side.  Can you try that?
>
> Good idea. I didn't think to check. Yes, I can try to do that.
>
>> Could you also submit a second patch that adds GitHub as an additional
>> download location for the regular Expat package?  :-)
>
> I'll try that as well.

I've prepared the two attached patches that I believe implement Marius's 
proposed solution.

Thanks,
Jack
--925712948-1618475577-1562284198=:17508
Content-Type: text/x-diff; name=0001-gnu-expat-Add-additional-source-URI.patch
Content-Transfer-Encoding: BASE64
Content-ID: <alpine.DEB.2.20.1907041949570.17508@marsh.hcoop.net>
Content-Description: 
Content-Disposition: attachment; filename=0001-gnu-expat-Add-additional-source-URI.patch

RnJvbSA0MTg2YTY4YjY2MGM5M2I1ODAwYmU4ZjEyNjA1MWRhOTI3NDlkYzlh
IE1vbiBTZXAgMTcgMDA6MDA6MDAgMjAwMQ0KRnJvbTogSmFjayBIaWxsIDxq
YWNraGlsbEBqYWNraGlsbC51cz4NCkRhdGU6IFRodSwgNCBKdWwgMjAxOSAx
NzowMDoyNyAtMDQwMA0KU3ViamVjdDogW1BBVENIIDEvMl0gZ251OiBleHBh
dDogQWRkIGFkZGl0aW9uYWwgc291cmNlIFVSSQ0KDQpUaGUgZXhwYXQgc291
cmNlZm9yZ2UgcGFnZSBhbm5vdW5jZXMgdGhhdCB0aGUgcHJvamVjdCBpcyBp
biB0aGUgcHJvY2VzcyBvZg0KbW92aW5nIHRvIEdpdEh1Yi4NCg0KKiBnbnUv
cGFja2FnZXMveG1sLnNjbSAoZXhwYXQpW3NvdXJjZV06IEFkZCBHaXRIdWIg
VVJJLg0KLS0tDQogZ251L3BhY2thZ2VzL3htbC5zY20gfCAzOSArKysrKysr
KysrKysrKysrKysrKysrKy0tLS0tLS0tLS0tLS0tLS0NCiAxIGZpbGUgY2hh
bmdlZCwgMjMgaW5zZXJ0aW9ucygrKSwgMTYgZGVsZXRpb25zKC0pDQoNCmRp
ZmYgLS1naXQgYS9nbnUvcGFja2FnZXMveG1sLnNjbSBiL2dudS9wYWNrYWdl
cy94bWwuc2NtDQppbmRleCBmYzYwNzU4NzI0Li5kYWI2NTk3NjkwIDEwMDY0
NA0KLS0tIGEvZ251L3BhY2thZ2VzL3htbC5zY20NCisrKyBiL2dudS9wYWNr
YWdlcy94bWwuc2NtDQpAQCAtMjAsNiArMjAsNyBAQA0KIDs7OyBDb3B5cmln
aHQgwqkgMjAxNyBQZXR0ZXIgPHBldHRlckBteWtvbGFiLmNoPg0KIDs7OyBD
b3B5cmlnaHQgwqkgMjAxNyBTdGVmYW4gUmVpY2jDtnIgPHN0ZWZhbkB4c3Rl
dmUuYXQ+DQogOzs7IENvcHlyaWdodCDCqSAyMDE4IFBpZXJyZSBOZWlkaGFy
ZHQgPG1haWxAYW1icmV2YXIueHl6Pg0KKzs7OyBDb3B5cmlnaHQgwqkgMjAx
OSBKYWNrIEhpbGwgPGphY2toaWxsQGphY2toaWxsLnVzPg0KIDs7Ow0KIDs7
OyBUaGlzIGZpbGUgaXMgcGFydCBvZiBHTlUgR3VpeC4NCiA7OzsNCkBAIC02
MywyNCArNjQsMzAgQEANCiAgICM6dXNlLW1vZHVsZSAoZ251IHBhY2thZ2Vz
IHBrZy1jb25maWcpKQ0KIA0KIChkZWZpbmUtcHVibGljIGV4cGF0DQotICAo
cGFja2FnZQ0KLSAgICAobmFtZSAiZXhwYXQiKQ0KLSAgICAodmVyc2lvbiAi
Mi4yLjYiKQ0KLSAgICAoc291cmNlIChvcmlnaW4NCi0gICAgICAgICAgICAg
KG1ldGhvZCB1cmwtZmV0Y2gpDQotICAgICAgICAgICAgICh1cmkgKHN0cmlu
Zy1hcHBlbmQgIm1pcnJvcjovL3NvdXJjZWZvcmdlL2V4cGF0L2V4cGF0LyIN
Ci0gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB2ZXJzaW9uICIv
ZXhwYXQtIiB2ZXJzaW9uICIudGFyLmJ6MiIpKQ0KLSAgICAgICAgICAgICAo
c2hhMjU2DQotICAgICAgICAgICAgICAoYmFzZTMyDQotICAgICAgICAgICAg
ICAgIjF3bDF4OTNiNXc0NTdkZHNkZ2owbGg3eWpxNHE2bDd3ZmJnd2hhZ2tj
OGZtMnFra3JkMHAiKSkpKQ0KLSAgICAoYnVpbGQtc3lzdGVtIGdudS1idWls
ZC1zeXN0ZW0pDQotICAgIChob21lLXBhZ2UgImh0dHBzOi8vbGliZXhwYXQu
Z2l0aHViLmlvLyIpDQotICAgIChzeW5vcHNpcyAiU3RyZWFtLW9yaWVudGVk
IFhNTCBwYXJzZXIgbGlicmFyeSB3cml0dGVuIGluIEMiKQ0KLSAgICAoZGVz
Y3JpcHRpb24NCi0gICAgICJFeHBhdCBpcyBhbiBYTUwgcGFyc2VyIGxpYnJh
cnkgd3JpdHRlbiBpbiBDLiAgSXQgaXMgYQ0KKyAgKGxldCAoKGRvdC0+dW5k
ZXJzY29yZSAobGFtYmRhIChjKSAoaWYgKGVxdWFsPyAjXC4gYykgI1xfIGMp
KSkpDQorICAgICAgKHBhY2thZ2UNCisgICAgICAgIChuYW1lICJleHBhdCIp
DQorICAgICAgICAodmVyc2lvbiAiMi4yLjYiKQ0KKyAgICAgICAgKHNvdXJj
ZSAob3JpZ2luDQorICAgICAgICAgICAgICAgICAgKG1ldGhvZCB1cmwtZmV0
Y2gpDQorICAgICAgICAgICAgICAgICAgKHVyaSAobGlzdCAoc3RyaW5nLWFw
cGVuZA0KKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICJtaXJyb3I6
Ly9zb3VyY2Vmb3JnZS9leHBhdC9leHBhdC8iDQorICAgICAgICAgICAgICAg
ICAgICAgICAgICAgICAgdmVyc2lvbiAiL2V4cGF0LSIgdmVyc2lvbiAiLnRh
ci5iejIiKQ0KKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgKHN0cmlu
Zy1hcHBlbmQNCisgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAiaHR0
cHM6Ly9naXRodWIuY29tL2xpYmV4cGF0L2xpYmV4cGF0L3JlbGVhc2VzL2Rv
d25sb2FkL1JfIg0KKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIChz
dHJpbmctbWFwIGRvdC0+dW5kZXJzY29yZSB2ZXJzaW9uKQ0KKyAgICAgICAg
ICAgICAgICAgICAgICAgICAgICAgICIvZXhwYXQtIiB2ZXJzaW9uICIudGFy
LmJ6MiIpKSkNCisgICAgICAgICAgICAgICAgICAoc2hhMjU2DQorICAgICAg
ICAgICAgICAgICAgIChiYXNlMzINCisgICAgICAgICAgICAgICAgICAgICIx
d2wxeDkzYjV3NDU3ZGRzZGdqMGxoN3lqcTRxNmw3d2ZiZ3doYWdrYzhmbTJx
a2tyZDBwIikpKSkNCisgICAgICAgIChidWlsZC1zeXN0ZW0gZ251LWJ1aWxk
LXN5c3RlbSkNCisgICAgICAgIChob21lLXBhZ2UgImh0dHBzOi8vbGliZXhw
YXQuZ2l0aHViLmlvLyIpDQorICAgICAgICAoc3lub3BzaXMgIlN0cmVhbS1v
cmllbnRlZCBYTUwgcGFyc2VyIGxpYnJhcnkgd3JpdHRlbiBpbiBDIikNCisg
ICAgICAgIChkZXNjcmlwdGlvbg0KKyAgICAgICAgICJFeHBhdCBpcyBhbiBY
TUwgcGFyc2VyIGxpYnJhcnkgd3JpdHRlbiBpbiBDLiAgSXQgaXMgYQ0KIHN0
cmVhbS1vcmllbnRlZCBwYXJzZXIgaW4gd2hpY2ggYW4gYXBwbGljYXRpb24g
cmVnaXN0ZXJzIGhhbmRsZXJzIGZvcg0KIHRoaW5ncyB0aGUgcGFyc2VyIG1p
Z2h0IGZpbmQgaW4gdGhlIFhNTCBkb2N1bWVudCAobGlrZSBzdGFydCB0YWdz
KS4iKQ0KLSAgICAobGljZW5zZSBsaWNlbnNlOmV4cGF0KSkpDQorICAgICAg
ICAobGljZW5zZSBsaWNlbnNlOmV4cGF0KSkpKQ0KIA0KIChkZWZpbmUtcHVi
bGljIGxpYmVibWwNCiAgIChwYWNrYWdlDQotLSANCjIuMjIuMA0KDQo=

--925712948-1618475577-1562284198=:17508
Content-Type: text/x-diff; name=0002-gnu-expat-fix-CVE-2018-20843.patch
Content-Transfer-Encoding: BASE64
Content-ID: <alpine.DEB.2.20.1907041949571.17508@marsh.hcoop.net>
Content-Description: 
Content-Disposition: attachment; filename=0002-gnu-expat-fix-CVE-2018-20843.patch

RnJvbSAyZjgyNjhhMGI1NDliOWMwODc0NGQ4YmMwNWUyY2YxMzVlNDBiZTk5
IE1vbiBTZXAgMTcgMDA6MDA6MDAgMjAwMQ0KRnJvbTogSmFjayBIaWxsIDxq
YWNraGlsbEBqYWNraGlsbC51cz4NCkRhdGU6IFRodSwgNCBKdWwgMjAxOSAx
OTo0MTozMCAtMDQwMA0KU3ViamVjdDogW1BBVENIIDIvMl0gZ251OiBleHBh
dDogZml4IENWRS0yMDE4LTIwODQzLg0KDQoqIGdudS9wYWNrYWdlcy94bWwu
c2NtIChleHBhdClbcmVwbGFjZW1lbnRdOiBOZXcgZmllbGQuDQooZXhwYXQv
Zml4ZWQpOiBOZXcgdmFyaWFibGUuDQoqIGdudS9wYWNrYWdlcy9wYXRjaGVz
L2V4cGF0LUNWRS0yMDE4LTIwODQzLnBhdGNoOiBOZXcgZmlsZS4NCiogZ251
L2xvY2FsLm1rIChkaXN0X3BhdGNoX0RBVEEpOiBBZGQgcGF0Y2ggZmlsZS4N
Ci0tLQ0KIGdudS9sb2NhbC5tayAgICAgICAgICAgICAgICAgICAgICAgICAg
ICAgICAgICAgIHwgIDcgKysrKy0tLQ0KIGdudS9wYWNrYWdlcy9wYXRjaGVz
L2V4cGF0LUNWRS0yMDE4LTIwODQzLnBhdGNoIHwgMTYgKysrKysrKysrKysr
KysrKw0KIGdudS9wYWNrYWdlcy94bWwuc2NtICAgICAgICAgICAgICAgICAg
ICAgICAgICAgIHwgIDkgKysrKysrKysrDQogMyBmaWxlcyBjaGFuZ2VkLCAy
OSBpbnNlcnRpb25zKCspLCAzIGRlbGV0aW9ucygtKQ0KIGNyZWF0ZSBtb2Rl
IDEwMDY0NCBnbnUvcGFja2FnZXMvcGF0Y2hlcy9leHBhdC1DVkUtMjAxOC0y
MDg0My5wYXRjaA0KDQpkaWZmIC0tZ2l0IGEvZ251L2xvY2FsLm1rIGIvZ251
L2xvY2FsLm1rDQppbmRleCA2ZTkwZDg4Njg5Li5iY2Y0N2Q3Mzc4IDEwMDY0
NA0KLS0tIGEvZ251L2xvY2FsLm1rDQorKysgYi9nbnUvbG9jYWwubWsNCkBA
IC03NjQsMjAgKzc2NCwyMSBAQCBkaXN0X3BhdGNoX0RBVEEgPQkJCQkJCVwN
CiAgICVEJS9wYWNrYWdlcy9wYXRjaGVzL2VpbnN0ZWluLWJ1aWxkLnBhdGNo
CQkJXA0KICAgJUQlL3BhY2thZ2VzL3BhdGNoZXMvZW1hY3MtZXhlYy1wYXRo
LnBhdGNoCQkJXA0KICAgJUQlL3BhY2thZ2VzL3BhdGNoZXMvZW1hY3MtZml4
LXNjaGVtZS1pbmRlbnQtZnVuY3Rpb24ucGF0Y2gJXA0KLSAgJUQlL3BhY2th
Z2VzL3BhdGNoZXMvZW1hY3MtanNvbi1yZWZvcm1hdC1maXgtdGVzdHMucGF0
Y2gJXA0KICAgJUQlL3BhY2thZ2VzL3BhdGNoZXMvZW1hY3MtaGlnaGxpZ2h0
LXN0YWdlcy1hZGQtZ2V4cC5wYXRjaAlcDQorICAlRCUvcGFja2FnZXMvcGF0
Y2hlcy9lbWFjcy1qc29uLXJlZm9ybWF0LWZpeC10ZXN0cy5wYXRjaAlcDQog
ICAlRCUvcGFja2FnZXMvcGF0Y2hlcy9lbWFjcy1zY2hlbWUtY29tcGxldGUt
c2NoZW1lLXI1cnMtaW5mby5wYXRjaAlcDQogICAlRCUvcGFja2FnZXMvcGF0
Y2hlcy9lbWFjcy1zb3VyY2UtZGF0ZS1lcG9jaC5wYXRjaAkJXA0KLSAgJUQl
L3BhY2thZ2VzL3BhdGNoZXMvZW1hY3MtdW5wYWNrYWdlZC1yZXEucGF0Y2gJ
CVwNCiAgICVEJS9wYWNrYWdlcy9wYXRjaGVzL2VtYWNzLXVuZG9oaXN0LWln
bm9yZWQucGF0Y2gJXA0KKyAgJUQlL3BhY2thZ2VzL3BhdGNoZXMvZW1hY3Mt
dW5wYWNrYWdlZC1yZXEucGF0Y2gJCVwNCiAgICVEJS9wYWNrYWdlcy9wYXRj
aGVzL2VtYWNzLXdvcmRudXQtcmVxdWlyZS1hZGFwdGl2ZS13cmFwLnBhdGNo
CVwNCiAgICVEJS9wYWNrYWdlcy9wYXRjaGVzL2VtYWNzLXpvbmVzLWNhbGxl
ZC1pbnRlcmFjdGl2ZWx5LnBhdGNoCVwNCiAgICVEJS9wYWNrYWdlcy9wYXRj
aGVzL2VubGlnaHRlbm1lbnQtZml4LXNldHVpZC1wYXRoLnBhdGNoCVwNCiAg
ICVEJS9wYWNrYWdlcy9wYXRjaGVzL2VybGFuZy1tYW4tcGF0aC5wYXRjaAkJ
CVwNCiAgICVEJS9wYWNrYWdlcy9wYXRjaGVzL2V1ZGV2LXJ1bGVzLWRpcmVj
dG9yeS5wYXRjaAkJXA0KICAgJUQlL3BhY2thZ2VzL3BhdGNoZXMvZXZpbHdt
LWxvc3QtZm9jdXMtYnVnLnBhdGNoCQlcDQotICAlRCUvcGFja2FnZXMvcGF0
Y2hlcy9leGl2Mi1DVkUtMjAxNy0xNDg2MC5wYXRjaAkJXA0KICAgJUQlL3Bh
Y2thZ2VzL3BhdGNoZXMvZXhpdjItQ1ZFLTIwMTctMTQ4NTktMTQ4NjItMTQ4
NjQucGF0Y2gJXA0KKyAgJUQlL3BhY2thZ2VzL3BhdGNoZXMvZXhpdjItQ1ZF
LTIwMTctMTQ4NjAucGF0Y2gJCVwNCisgICVEJS9wYWNrYWdlcy9wYXRjaGVz
L2V4cGF0LUNWRS0yMDE4LTIwODQzLnBhdGNoCQlcDQogICAlRCUvcGFja2Fn
ZXMvcGF0Y2hlcy9leHR1bmRlbGV0ZS1lMmZzcHJvZ3MtMS40NC5wYXRjaAkJ
XA0KICAgJUQlL3BhY2thZ2VzL3BhdGNoZXMvZmFzdGNhcC1tdWxHbG9iYWwu
cGF0Y2gJCQlcDQogICAlRCUvcGFja2FnZXMvcGF0Y2hlcy9mYXN0Y2FwLW11
bFNldHVwLnBhdGNoCQkJXA0KZGlmZiAtLWdpdCBhL2dudS9wYWNrYWdlcy9w
YXRjaGVzL2V4cGF0LUNWRS0yMDE4LTIwODQzLnBhdGNoIGIvZ251L3BhY2th
Z2VzL3BhdGNoZXMvZXhwYXQtQ1ZFLTIwMTgtMjA4NDMucGF0Y2gNCm5ldyBm
aWxlIG1vZGUgMTAwNjQ0DQppbmRleCAwMDAwMDAwMDAwLi5kZDY0YjkxOTY1
DQotLS0gL2Rldi9udWxsDQorKysgYi9nbnUvcGFja2FnZXMvcGF0Y2hlcy9l
eHBhdC1DVkUtMjAxOC0yMDg0My5wYXRjaA0KQEAgLTAsMCArMSwxNiBAQA0K
K0ZpeCBleHRyYWN0aW9uIG9mIG5hbWVzcGFjZSBwcmVmaXggZnJvbSBYTUwg
bmFtZS4NCitGaXhlcyBDVkUtMjAxOC0yMDg0Mw0KKw0KK2RpZmYgLS1naXQg
YS9leHBhdC9saWIveG1scGFyc2UuYyBiL2V4cGF0L2xpYi94bWxwYXJzZS5j
DQoraW5kZXggMzBkNTVjNS4uNzM3ZDdjZCAxMDA2NDQNCistLS0gYS9leHBh
dC9saWIveG1scGFyc2UuYw0KKysrKyBiL2V4cGF0L2xpYi94bWxwYXJzZS5j
DQorQEAgLTYwNzEsNyArNjA3MSw3IEBAIHNldEVsZW1lbnRUeXBlUHJlZml4
KFhNTF9QYXJzZXIgcGFyc2VyLCBFTEVNRU5UX1RZUEUgKmVsZW1lbnRUeXBl
KQ0KKyAgICAgICBlbHNlDQorICAgICAgICAgcG9vbERpc2NhcmQoJmR0ZC0+
cG9vbCk7DQorICAgICAgIGVsZW1lbnRUeXBlLT5wcmVmaXggPSBwcmVmaXg7
DQorLQ0KKysgICAgICBicmVhazsNCisgICAgIH0NCisgICB9DQorICAgcmV0
dXJuIDE7DQpkaWZmIC0tZ2l0IGEvZ251L3BhY2thZ2VzL3htbC5zY20gYi9n
bnUvcGFja2FnZXMveG1sLnNjbQ0KaW5kZXggZGFiNjU5NzY5MC4uOGMyODlj
NWNiZSAxMDA2NDQNCi0tLSBhL2dudS9wYWNrYWdlcy94bWwuc2NtDQorKysg
Yi9nbnUvcGFja2FnZXMveG1sLnNjbQ0KQEAgLTY3LDYgKzY3LDcgQEANCiAg
IChsZXQgKChkb3QtPnVuZGVyc2NvcmUgKGxhbWJkYSAoYykgKGlmIChlcXVh
bD8gI1wuIGMpICNcXyBjKSkpKQ0KICAgICAgIChwYWNrYWdlDQogICAgICAg
ICAobmFtZSAiZXhwYXQiKQ0KKyAgICAgICAgKHJlcGxhY2VtZW50IGV4cGF0
L2ZpeGVkKQ0KICAgICAgICAgKHZlcnNpb24gIjIuMi42IikNCiAgICAgICAg
IChzb3VyY2UgKG9yaWdpbg0KICAgICAgICAgICAgICAgICAgIChtZXRob2Qg
dXJsLWZldGNoKQ0KQEAgLTg5LDYgKzkwLDE0IEBAIHN0cmVhbS1vcmllbnRl
ZCBwYXJzZXIgaW4gd2hpY2ggYW4gYXBwbGljYXRpb24gcmVnaXN0ZXJzIGhh
bmRsZXJzIGZvcg0KIHRoaW5ncyB0aGUgcGFyc2VyIG1pZ2h0IGZpbmQgaW4g
dGhlIFhNTCBkb2N1bWVudCAobGlrZSBzdGFydCB0YWdzKS4iKQ0KICAgICAg
ICAgKGxpY2Vuc2UgbGljZW5zZTpleHBhdCkpKSkNCiANCisoZGVmaW5lIGV4
cGF0L2ZpeGVkDQorICAocGFja2FnZQ0KKyAgICAoaW5oZXJpdCBleHBhdCkN
CisgICAgKHNvdXJjZQ0KKyAgICAgKG9yaWdpbg0KKyAgICAgICAoaW5oZXJp
dCAocGFja2FnZS1zb3VyY2UgZXhwYXQpKQ0KKyAgICAgICAocGF0Y2hlcyAo
c2VhcmNoLXBhdGNoZXMgImV4cGF0LUNWRS0yMDE4LTIwODQzLnBhdGNoIikp
KSkpKQ0KKw0KIChkZWZpbmUtcHVibGljIGxpYmVibWwNCiAgIChwYWNrYWdl
DQogICAgIChuYW1lICJsaWJlYm1sIikNCi0tIA0KMi4yMi4wDQoNCg==

--925712948-1618475577-1562284198=:17508--