From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:42368) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d6S7F-0004sN-NR for guix-patches@gnu.org; Thu, 04 May 2017 21:33:08 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1d6S7C-0008JZ-Gw for guix-patches@gnu.org; Thu, 04 May 2017 21:33:05 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:56865) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1d6S7C-0008JV-Dt for guix-patches@gnu.org; Thu, 04 May 2017 21:33:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1d6S7C-0000BJ-5k for guix-patches@gnu.org; Thu, 04 May 2017 21:33:02 -0400 Subject: bug#26781: rpcbind, libtirpc CVE-2017-8779 Resent-Message-ID: Received: from eggs.gnu.org ([2001:4830:134:3::10]:42331) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d6S6p-0004sE-I5 for guix-patches@gnu.org; Thu, 04 May 2017 21:32:41 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1d6S6m-00087z-3B for guix-patches@gnu.org; Thu, 04 May 2017 21:32:39 -0400 Received: from out4-smtp.messagingengine.com ([66.111.4.28]:36339) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1d6S6l-00086G-N7 for guix-patches@gnu.org; Thu, 04 May 2017 21:32:36 -0400 Received: from localhost (ma15a36d0.tmodns.net [208.54.90.161]) by mail.messagingengine.com (Postfix) with ESMTPA id AE3527E2B0 for ; Thu, 4 May 2017 21:32:30 -0400 (EDT) Date: Thu, 4 May 2017 21:32:27 -0400 From: Leo Famulari Message-ID: <20170505013227.GA6479@jasmine> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="WYTEVAkct0FjGQmd" Content-Disposition: inline List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: 26781@debbugs.gnu.org --WYTEVAkct0FjGQmd Content-Type: multipart/mixed; boundary="BXVAT5kNtrzKuDFl" Content-Disposition: inline --BXVAT5kNtrzKuDFl Content-Type: text/plain; charset=us-ascii Content-Disposition: inline These patches update libtirpc and rpcbind to the latest release and fix CVE-2017-8779 ("rpcbomb"). https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8779 https://guidovranken.wordpress.com/2017/05/03/rpcbomb-remote-rpcbind-denial-of-service-patches/ --BXVAT5kNtrzKuDFl Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: attachment; filename="0001-gnu-rpcbind-Update-to-0.2.4.patch" Content-Transfer-Encoding: quoted-printable =46rom a021cd8f8302a69d7865e696675b1de1d55a5b43 Mon Sep 17 00:00:00 2001 =46rom: Leo Famulari Date: Thu, 4 May 2017 21:04:33 -0400 Subject: [PATCH 1/3] gnu: rpcbind: Update to 0.2.4. * gnu/packages/onc-rpc.scm (rpcbind): Update to 0.2.4. --- gnu/packages/onc-rpc.scm | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/gnu/packages/onc-rpc.scm b/gnu/packages/onc-rpc.scm index 5f67823a4..31e2388f0 100644 --- a/gnu/packages/onc-rpc.scm +++ b/gnu/packages/onc-rpc.scm @@ -1,6 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright =A9 2014, 2017 Ludovic Court=E8s ;;; Copyright =A9 2016 John Darrington +;;; Copyright =A9 2017 Leo Famulari ;;; ;;; This file is part of GNU Guix. ;;; @@ -66,7 +67,7 @@ IPv4 and IPv6. ONC RPC is notably used by the network fi= le system (NFS).") (define-public rpcbind (package (name "rpcbind") - (version "0.2.3") + (version "0.2.4") (source (origin (method url-fetch) @@ -75,7 +76,7 @@ IPv4 and IPv6. ONC RPC is notably used by the network fi= le system (NFS).") name "-" version ".tar.bz2")) (sha256 (base32 - "0yyjzv4161rqxrgjcijkrawnk55rb96ha0pav48s03l2klx855wq")))) + "0rjc867mdacag4yqvs827wqhkh27135rp9asj06ixhf71m9rljh7")))) (build-system gnu-build-system) (arguments `(#:configure-flags --=20 2.12.2 --BXVAT5kNtrzKuDFl Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="0002-gnu-libtirpc-Update-to-1.0.1.patch" Content-Transfer-Encoding: quoted-printable =46rom 66b36606fe00d3720cd20ec1ce1a1280bde627ec Mon Sep 17 00:00:00 2001 =46rom: Leo Famulari Date: Thu, 4 May 2017 21:05:44 -0400 Subject: [PATCH 2/3] gnu: libtirpc: Update to 1.0.1. * gnu/packages/onc-rpc.scm (libtirpc): Update to 1.0.1. --- gnu/packages/onc-rpc.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/onc-rpc.scm b/gnu/packages/onc-rpc.scm index 31e2388f0..c852f9a4a 100644 --- a/gnu/packages/onc-rpc.scm +++ b/gnu/packages/onc-rpc.scm @@ -29,7 +29,7 @@ (define-public libtirpc (package (name "libtirpc") - (version "0.2.4") + (version "1.0.1") (source (origin (method url-fetch) (uri (string-append "mirror://sourceforge/libtirpc/libtirpc/" @@ -37,7 +37,7 @@ version ".tar.bz2")) (sha256 (base32 - "18a337wa4amf0k21wnimp3yzs5l3cxqndz4x3x8bm993zhfy5hs5")))) + "17mqrdgsgp9m92pmq7bvr119svdg753prqqxmg4cnz5y657rfmji")))) (build-system gnu-build-system) (arguments `(#:phases --=20 2.12.2 --BXVAT5kNtrzKuDFl Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="0003-gnu-rpcbind-libtirpc-Fix-CVE-2017-8779.patch" Content-Transfer-Encoding: quoted-printable =46rom 6045f61a68907491ffb2637c5e8315e94b31dcee Mon Sep 17 00:00:00 2001 =46rom: Leo Famulari Date: Thu, 4 May 2017 21:26:03 -0400 Subject: [PATCH 3/3] gnu: rpcbind, libtirpc: Fix CVE-2017-8779. * gnu/packages/patches/libtirpc-CVE-2017-8779.patch, gnu/packages/patches/rpcbind-CVE-2017-8779.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/onc-rpc.scm (rpcbind, libtirpc)[source]: Use them. --- gnu/local.mk | 2 + gnu/packages/onc-rpc.scm | 3 + gnu/packages/patches/libtirpc-CVE-2017-8779.patch | 263 ++++++++++++++++++= ++++ gnu/packages/patches/rpcbind-CVE-2017-8779.patch | 29 +++ 4 files changed, 297 insertions(+) create mode 100644 gnu/packages/patches/libtirpc-CVE-2017-8779.patch create mode 100644 gnu/packages/patches/rpcbind-CVE-2017-8779.patch diff --git a/gnu/local.mk b/gnu/local.mk index ce7ecc36c..6dbee2b5e 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -744,6 +744,7 @@ dist_patch_DATA =3D \ %D%/packages/patches/libtiff-invalid-read.patch \ %D%/packages/patches/libtiff-null-dereference.patch \ %D%/packages/patches/libtiff-tiffcp-underflow.patch \ + %D%/packages/patches/libtirpc-CVE-2017-8779.patch \ %D%/packages/patches/libtorrent-rasterbar-boost-compat.patch \ %D%/packages/patches/libtool-skip-tests2.patch \ %D%/packages/patches/libunwind-CVE-2015-3239.patch \ @@ -924,6 +925,7 @@ dist_patch_DATA =3D \ %D%/packages/patches/readline-6.2-CVE-2014-2524.patch \ %D%/packages/patches/readline-7.0-mingw.patch \ %D%/packages/patches/ripperx-missing-file.patch \ + %D%/packages/patches/rpcbind-CVE-2017-8779.patch \ %D%/packages/patches/rpm-CVE-2014-8118.patch \ %D%/packages/patches/rsem-makefile.patch \ %D%/packages/patches/ruby-concurrent-ignore-broken-test.patch \ diff --git a/gnu/packages/onc-rpc.scm b/gnu/packages/onc-rpc.scm index c852f9a4a..a76ac36ea 100644 --- a/gnu/packages/onc-rpc.scm +++ b/gnu/packages/onc-rpc.scm @@ -22,6 +22,7 @@ #:use-module (guix licenses) #:use-module (guix packages) #:use-module (guix download) + #:use-module (gnu packages) #:use-module (gnu packages kerberos) #:use-module (gnu packages pkg-config) #:use-module (guix build-system gnu)) @@ -35,6 +36,7 @@ (uri (string-append "mirror://sourceforge/libtirpc/libtirpc/" version "/libtirpc-" version ".tar.bz2")) + (patches (search-patches "libtirpc-CVE-2017-8779.patch")) (sha256 (base32 "17mqrdgsgp9m92pmq7bvr119svdg753prqqxmg4cnz5y657rfmji")))) @@ -74,6 +76,7 @@ IPv4 and IPv6. ONC RPC is notably used by the network fi= le system (NFS).") (uri (string-append "mirror://sourceforge/" name "/" name "/" version "/" name "-" version ".tar.bz2")) + (patches (search-patches "rpcbind-CVE-2017-8779.patch")) (sha256 (base32 "0rjc867mdacag4yqvs827wqhkh27135rp9asj06ixhf71m9rljh7")))) diff --git a/gnu/packages/patches/libtirpc-CVE-2017-8779.patch b/gnu/packag= es/patches/libtirpc-CVE-2017-8779.patch new file mode 100644 index 000000000..742e64df2 --- /dev/null +++ b/gnu/packages/patches/libtirpc-CVE-2017-8779.patch @@ -0,0 +1,263 @@ +Fix CVE-2017-8779: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-8779 + +Patch copied from the bug reporter's 3rd-party repository: + +https://github.com/guidovranken/rpcbomb/blob/master/libtirpc_patch.txt + +diff --git a/src/rpc_generic.c b/src/rpc_generic.c +index 2f09a8f..589cbd5 100644 +--- a/src/rpc_generic.c ++++ b/src/rpc_generic.c +@@ -615,6 +615,9 @@ __rpc_taddr2uaddr_af(int af, const struct netbuf *nbuf) +=20 + switch (af) { + case AF_INET: ++ if (nbuf->len < sizeof(*sin)) { ++ return NULL; ++ } + sin =3D nbuf->buf; + if (inet_ntop(af, &sin->sin_addr, namebuf, sizeof namebuf) + =3D=3D NULL) +@@ -626,6 +629,9 @@ __rpc_taddr2uaddr_af(int af, const struct netbuf *nbuf) + break; + #ifdef INET6 + case AF_INET6: ++ if (nbuf->len < sizeof(*sin6)) { ++ return NULL; ++ } + sin6 =3D nbuf->buf; + if (inet_ntop(af, &sin6->sin6_addr, namebuf6, sizeof namebuf6) + =3D=3D NULL) +@@ -667,6 +673,8 @@ __rpc_uaddr2taddr_af(int af, const char *uaddr) +=20 + port =3D 0; + sin =3D NULL; ++ if (uaddr =3D=3D NULL) ++ return NULL; + addrstr =3D strdup(uaddr); + if (addrstr =3D=3D NULL) + return NULL; +diff --git a/src/rpcb_prot.c b/src/rpcb_prot.c +index 43fd385..a923c8e 100644 +--- a/src/rpcb_prot.c ++++ b/src/rpcb_prot.c +@@ -41,6 +41,7 @@ + #include + #include + #include ++#include "rpc_com.h" +=20 + bool_t + xdr_rpcb(xdrs, objp) +@@ -53,13 +54,13 @@ xdr_rpcb(xdrs, objp) + if (!xdr_u_int32_t(xdrs, &objp->r_vers)) { + return (FALSE); + } +- if (!xdr_string(xdrs, &objp->r_netid, (u_int)~0)) { ++ if (!xdr_string(xdrs, &objp->r_netid, RPC_MAXDATASIZE)) { + return (FALSE); + } +- if (!xdr_string(xdrs, &objp->r_addr, (u_int)~0)) { ++ if (!xdr_string(xdrs, &objp->r_addr, RPC_MAXDATASIZE)) { + return (FALSE); + } +- if (!xdr_string(xdrs, &objp->r_owner, (u_int)~0)) { ++ if (!xdr_string(xdrs, &objp->r_owner, RPC_MAXDATASIZE)) { + return (FALSE); + } + return (TRUE); +@@ -159,19 +160,19 @@ xdr_rpcb_entry(xdrs, objp) + XDR *xdrs; + rpcb_entry *objp; + { +- if (!xdr_string(xdrs, &objp->r_maddr, (u_int)~0)) { ++ if (!xdr_string(xdrs, &objp->r_maddr, RPC_MAXDATASIZE)) { + return (FALSE); + } +- if (!xdr_string(xdrs, &objp->r_nc_netid, (u_int)~0)) { ++ if (!xdr_string(xdrs, &objp->r_nc_netid, RPC_MAXDATASIZE)) { + return (FALSE); + } + if (!xdr_u_int32_t(xdrs, &objp->r_nc_semantics)) { + return (FALSE); + } +- if (!xdr_string(xdrs, &objp->r_nc_protofmly, (u_int)~0)) { ++ if (!xdr_string(xdrs, &objp->r_nc_protofmly, RPC_MAXDATASIZE)) { + return (FALSE); + } +- if (!xdr_string(xdrs, &objp->r_nc_proto, (u_int)~0)) { ++ if (!xdr_string(xdrs, &objp->r_nc_proto, RPC_MAXDATASIZE)) { + return (FALSE); + } + return (TRUE); +@@ -292,7 +293,7 @@ xdr_rpcb_rmtcallres(xdrs, p) + bool_t dummy; + struct r_rpcb_rmtcallres *objp =3D (struct r_rpcb_rmtcallres *)(void *)p; +=20 +- if (!xdr_string(xdrs, &objp->addr, (u_int)~0)) { ++ if (!xdr_string(xdrs, &objp->addr, RPC_MAXDATASIZE)) { + return (FALSE); + } + if (!xdr_u_int(xdrs, &objp->results.results_len)) { +@@ -312,6 +313,11 @@ xdr_netbuf(xdrs, objp) + if (!xdr_u_int32_t(xdrs, (u_int32_t *) &objp->maxlen)) { + return (FALSE); + } ++ ++ if (objp->maxlen > RPC_MAXDATASIZE) { ++ return (FALSE); ++ } ++ + dummy =3D xdr_bytes(xdrs, (char **)&(objp->buf), + (u_int *)&(objp->len), objp->maxlen); + return (dummy); +diff --git a/src/rpcb_st_xdr.c b/src/rpcb_st_xdr.c +index 08db745..28e6a48 100644 +--- a/src/rpcb_st_xdr.c ++++ b/src/rpcb_st_xdr.c +@@ -37,6 +37,7 @@ +=20 +=20 + #include ++#include "rpc_com.h" +=20 + /* Link list of all the stats about getport and getaddr */ +=20 +@@ -58,7 +59,7 @@ xdr_rpcbs_addrlist(xdrs, objp) + if (!xdr_int(xdrs, &objp->failure)) { + return (FALSE); + } +- if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) { ++ if (!xdr_string(xdrs, &objp->netid, RPC_MAXDATASIZE)) { + return (FALSE); + } +=20 +@@ -109,7 +110,7 @@ xdr_rpcbs_rmtcalllist(xdrs, objp) + IXDR_PUT_INT32(buf, objp->failure); + IXDR_PUT_INT32(buf, objp->indirect); + } +- if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) { ++ if (!xdr_string(xdrs, &objp->netid, RPC_MAXDATASIZE)) { + return (FALSE); + } + if (!xdr_pointer(xdrs, (char **)&objp->next, +@@ -147,7 +148,7 @@ xdr_rpcbs_rmtcalllist(xdrs, objp) + objp->failure =3D (int)IXDR_GET_INT32(buf); + objp->indirect =3D (int)IXDR_GET_INT32(buf); + } +- if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) { ++ if (!xdr_string(xdrs, &objp->netid, RPC_MAXDATASIZE)) { + return (FALSE); + } + if (!xdr_pointer(xdrs, (char **)&objp->next, +@@ -175,7 +176,7 @@ xdr_rpcbs_rmtcalllist(xdrs, objp) + if (!xdr_int(xdrs, &objp->indirect)) { + return (FALSE); + } +- if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) { ++ if (!xdr_string(xdrs, &objp->netid, RPC_MAXDATASIZE)) { + return (FALSE); + } + if (!xdr_pointer(xdrs, (char **)&objp->next, +diff --git a/src/xdr.c b/src/xdr.c +index f3fb9ad..b9a1558 100644 +--- a/src/xdr.c ++++ b/src/xdr.c +@@ -42,8 +42,10 @@ + #include + #include +=20 ++#include + #include + #include ++#include +=20 + typedef quad_t longlong_t; /* ANSI long long type */ + typedef u_quad_t u_longlong_t; /* ANSI unsigned long long type */ +@@ -53,7 +55,6 @@ typedef u_quad_t u_longlong_t; /* ANSI unsigned= long long type */ + */ + #define XDR_FALSE ((long) 0) + #define XDR_TRUE ((long) 1) +-#define LASTUNSIGNED ((u_int) 0-1) +=20 + /* + * for unit alignment +@@ -629,6 +630,7 @@ xdr_bytes(xdrs, cpp, sizep, maxsize) + { + char *sp =3D *cpp; /* sp is the actual string pointer */ + u_int nodesize; ++ bool_t ret, allocated =3D FALSE; +=20 + /* + * first deal with the length since xdr bytes are counted +@@ -652,6 +654,7 @@ xdr_bytes(xdrs, cpp, sizep, maxsize) + } + if (sp =3D=3D NULL) { + *cpp =3D sp =3D mem_alloc(nodesize); ++ allocated =3D TRUE; + } + if (sp =3D=3D NULL) { + warnx("xdr_bytes: out of memory"); +@@ -660,7 +663,14 @@ xdr_bytes(xdrs, cpp, sizep, maxsize) + /* FALLTHROUGH */ +=20 + case XDR_ENCODE: +- return (xdr_opaque(xdrs, sp, nodesize)); ++ ret =3D xdr_opaque(xdrs, sp, nodesize); ++ if ((xdrs->x_op =3D=3D XDR_DECODE) && (ret =3D=3D FALSE)) { ++ if (allocated =3D=3D TRUE) { ++ free(sp); ++ *cpp =3D NULL; ++ } ++ } ++ return (ret); +=20 + case XDR_FREE: + if (sp !=3D NULL) { +@@ -754,6 +764,7 @@ xdr_string(xdrs, cpp, maxsize) + char *sp =3D *cpp; /* sp is the actual string pointer */ + u_int size; + u_int nodesize; ++ bool_t ret, allocated =3D FALSE; +=20 + /* + * first deal with the length since xdr strings are counted-strings +@@ -793,8 +804,10 @@ xdr_string(xdrs, cpp, maxsize) + switch (xdrs->x_op) { +=20 + case XDR_DECODE: +- if (sp =3D=3D NULL) ++ if (sp =3D=3D NULL) { + *cpp =3D sp =3D mem_alloc(nodesize); ++ allocated =3D TRUE; ++ } + if (sp =3D=3D NULL) { + warnx("xdr_string: out of memory"); + return (FALSE); +@@ -803,7 +816,14 @@ xdr_string(xdrs, cpp, maxsize) + /* FALLTHROUGH */ +=20 + case XDR_ENCODE: +- return (xdr_opaque(xdrs, sp, size)); ++ ret =3D xdr_opaque(xdrs, sp, size); ++ if ((xdrs->x_op =3D=3D XDR_DECODE) && (ret =3D=3D FALSE)) { ++ if (allocated =3D=3D TRUE) { ++ free(sp); ++ *cpp =3D NULL; ++ } ++ } ++ return (ret); +=20 + case XDR_FREE: + mem_free(sp, nodesize); +@@ -823,7 +843,7 @@ xdr_wrapstring(xdrs, cpp) + XDR *xdrs; + char **cpp; + { +- return xdr_string(xdrs, cpp, LASTUNSIGNED); ++ return xdr_string(xdrs, cpp, RPC_MAXDATASIZE); + } +=20 + /* diff --git a/gnu/packages/patches/rpcbind-CVE-2017-8779.patch b/gnu/package= s/patches/rpcbind-CVE-2017-8779.patch new file mode 100644 index 000000000..6ca93ff12 --- /dev/null +++ b/gnu/packages/patches/rpcbind-CVE-2017-8779.patch @@ -0,0 +1,29 @@ +Fix CVE-2017-8779: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-8779 + +Patch copied from the bug reporter's 3rd-party repository: + +https://github.com/guidovranken/rpcbomb/blob/master/rpcbind_patch.txt + +diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c +index 5862c26..e11f61b 100644 +--- a/src/rpcb_svc_com.c ++++ b/src/rpcb_svc_com.c +@@ -48,6 +48,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -432,7 +433,7 @@ rpcbproc_taddr2uaddr_com(void *arg, struct svc_req *rq= stp /*__unused*/, + static bool_t + xdr_encap_parms(XDR *xdrs, struct encap_parms *epp) + { +- return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), ~0)); ++ return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), RPC_MAXD= ATASIZE)); + } +=20 + /* --=20 2.12.2 --BXVAT5kNtrzKuDFl-- --WYTEVAkct0FjGQmd Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlkL1igACgkQJkb6MLrK fwgQwRAA6tM/HFdANdPEmtttV425GFHsKnJ0p9kHLzVoIZNF9gnOsTyiin47ysHe bYDvsFB8GueHThletDOqICwhwlL6AYAe7IEZMjODGdHNAnQxG1Wz/ToqYWLd+uVc F5q8vbf5+Y3O8OH5qvADw7xt3ooPLnzhVAaV1jW+kFTzI+3A1UoU8GIsLT9Kd55u JASn1cDpzTrNndSgSYg+A+VduMFCFbPfBvBlo7QldXCMQCtL2/5oOlwfguST8/FA FzOlTioRPYG4mO+zPdPgQI+8xP2Lvt15h7zGMPPOYdA01mKB7FtRD9oNSaEc6csS 4TP5nWOCEtFfu/dk76Ie7Dd/4ndro1jjQDOX4Ud1XEdWXBEjzNaph4RseUIxfko1 thMVutlCB54WRSPet5cL217bF7DbTUnxi8L1tdeIyyI/2W45j8m6AYL3hnpHFT1m TU8kfRrK/PjUl4HgqcCWOcRlF1Whz2YeQgZa7JpH88IjAZUEnwZ/Th7IB3nmP5KS 7ZvV+Z7h66gJsHLoaB1AAaCeNUsTNGM/pJITOlq3UeTI3nM+I3t/imvoMtt4N6fg wziu6JLWcWDgIuo2IdxA65wCUMb+lXWWJOSHfToi25wyMa/ETr4BSccgyUDJKt9C XSHOBI7UVJe6DGSPz9mgClULo8PeLa7dIKy5sT5dkAH69QOQxQE= =+oo+ -----END PGP SIGNATURE----- --WYTEVAkct0FjGQmd--