From bugzilla at redhat.com Thu Jan 14 18:51:10 2016 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 14 Jan 2016 18:51:10 +0000 Subject: [RHSA-2016:0040-01] Critical: Red Hat JBoss Operations Network 3.1.2 Hotfix 11 update Message-ID: <201601141851.u0EIpALO029090@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: Red Hat JBoss Operations Network 3.1.2 Hotfix 11 update Advisory ID: RHSA-2016:0040-01 Product: Red Hat JBoss Operations Network Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0040.html Issue date: 2016-01-14 CVE Names: CVE-2015-7501 ===================================================================== 1. Summary: An update for Red Hat JBoss Operations Network 3.1.2 that fixes one security issue is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Description: JBoss Operations Network provides an integrated solution for managing JBoss middleware, other network infrastructure, and applications built on Red Hat Enterprise Application Platform (EAP). The Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. (CVE-2015-7501) Further information about this security flaw may be found at: https://access.redhat.com/solutions/2045023 All users of JBoss Operations Network 3.1.2 as provided from the Red Hat Customer Portal are advised to apply this update. This patch supersedes the 3.2.1 Hotfix 10. 3. Solution: The References section of this erratum contains a download link (you must log in to download the update). Before applying this update, back up your existing JBoss Operations Network installation (including its databases, applications, configuration files, the JBoss Operations Network server's file system directory, and so on). Note: This update provides fixes for the server, agent, and core GUI components of Red Hat JBoss Operations Network. It is recommended to apply all the patches provided by this update. 4. Bugs fixed (https://bugzilla.redhat.com/): 1279330 - CVE-2015-7501 apache-commons-collections: InvokerTransformer code execution during deserialisation 5. References: https://access.redhat.com/security/cve/CVE-2015-7501 https://access.redhat.com/security/updates/classification/#critical https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=em&downloadType=securityPatches&version=3.1.2 6. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFWl+2yXlSAg2UNWIIRApJUAKCYw0fJYeAg0QIkY+WDvpPbdukVmACeLNOh tfkh1qn+2Q6qwxTnHLUoeWg= =1Ruc -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jan 14 18:51:29 2016 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 14 Jan 2016 18:51:29 +0000 Subject: [RHSA-2016:0041-01] Moderate: Red Hat JBoss BRMS 6.1.5 update Message-ID: <201601141851.u0EIpUEr027864@int-mx14.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat JBoss BRMS 6.1.5 update Advisory ID: RHSA-2016:0041-01 Product: Red Hat JBoss BRMS Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0041.html Issue date: 2016-01-14 CVE Names: CVE-2015-0250 ===================================================================== 1. Summary: Red Hat JBoss BRMS 6.1.5, which fixes one security issue, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Description: Red Hat JBoss BRMS is a business-rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This release of Red Hat JBoss BRMS 6.1.5 serves as a replacement for Red Hat JBoss BRMS 6.1.2, and includes bug fixes and enhancements that are documented in the README.txt file included with the patch files. The following security issue is also fixed with this release: It was found that batik was vulnerable to XML External Entity attacks when parsing SVG files. A remote attacker able to send malicious SVG content to the affected server could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks. (CVE-2015-0250) All users of Red Hat JBoss BRMS 6.1.2 as provided from the Red Hat Customer Portal are advised to upgrade to Red Hat JBoss BRMS 6.1.5. 3. Solution: The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so forth. It is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process. 4. Bugs fixed (https://bugzilla.redhat.com/): 1203762 - CVE-2015-0250 batik: XML External Entity (XXE) injection in SVG parsing 5. References: https://access.redhat.com/security/cve/CVE-2015-0250 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=brms&downloadType=securityPatches&version=6.1.0 6. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFWl+4lXlSAg2UNWIIRAmgWAKDBTzPF9EfBz3JZ80q+6ijyVMQAyQCfRrps Dlo2OLBP+i21sKwc5hauCrA= =d8cs -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jan 14 18:51:41 2016 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 14 Jan 2016 18:51:41 +0000 Subject: [RHSA-2016:0042-01] Moderate: Red Hat JBoss BPM Suite 6.1.5 update Message-ID: <201601141851.u0EIpg7I010214@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat JBoss BPM Suite 6.1.5 update Advisory ID: RHSA-2016:0042-01 Product: Red Hat JBoss BPM Suite Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0042.html Issue date: 2016-01-14 CVE Names: CVE-2015-0250 ===================================================================== 1. Summary: Red Hat JBoss BPM Suite 6.1.5, which fixes one security issue, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Description: Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes. This release of Red Hat JBoss BPM Suite 6.1.5 serves as a replacement for Red Hat JBoss BPM Suite 6.1.2, and includes bug fixes and enhancements, which are documented in the README.txt file included with the patch files. The following security issue is also fixed with this release: It was found that batik was vulnerable to XML External Entity attacks when parsing SVG files. A remote attacker able to send malicious SVG content to the affected server could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks. (CVE-2015-0250) All users of Red Hat JBoss BPM Suite 6.1.2 as provided from the Red Hat Customer Portal are advised to upgrade to Red Hat JBoss BPM Suite 6.1.5. 3. Solution: The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on. It is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process. 4. Bugs fixed (https://bugzilla.redhat.com/): 1203762 - CVE-2015-0250 batik: XML External Entity (XXE) injection in SVG parsing 5. References: https://access.redhat.com/security/cve/CVE-2015-0250 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=bpm.suite&downloadType=securityPatches&version=6.1.0 6. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFWl+42XlSAg2UNWIIRAn3TAKC6ZsWXqLEERo9ZJJJpet2GoqoCOQCfVCmc e10Uy9q25tuBeXrgagKiGFM= =QoLp -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jan 21 15:55:52 2016 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 21 Jan 2016 10:55:52 -0500 Subject: [RHSA-2016:0061-01] Moderate: httpd and httpd22 security update Message-ID: <201601211555.u0LFtqGB006458@int-mx10.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: httpd and httpd22 security update Advisory ID: RHSA-2016:0061-01 Product: Red Hat JBoss Web Server Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0061.html Issue date: 2016-01-21 CVE Names: CVE-2013-5704 CVE-2015-3183 ===================================================================== 1. Summary: Updated httpd and httpd22 packages that fix two security issues are now available for Red Hat JBoss Web Server 2.1.0 for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat JBoss Web Server 2 for RHEL 5 Server - i386, x86_64 Red Hat JBoss Web Server 2 for RHEL 6 Server - i386, x86_64 Red Hat JBoss Web Server 2 for RHEL 7 Server - x86_64 3. Description: Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library. Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks. (CVE-2015-3183) A flaw was found in the way httpd handled HTTP Trailer headers when processing requests using chunked encoding. A malicious client could use Trailer headers to set additional HTTP headers after header processing was performed by other modules. This could, for example, lead to a bypass of header restrictions defined with mod_headers. (CVE-2013-5704) Users of httpd or httpd22 are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the httpd or httpd22 service must be restarted manually for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1082903 - CVE-2013-5704 httpd: bypass of mod_headers rules via chunked requests 1243887 - CVE-2015-3183 httpd: HTTP request smuggling attack against chunked request parser 6. Package List: Red Hat JBoss Web Server 2 for RHEL 5 Server: Source: httpd-2.2.26-41.ep6.el5.src.rpm mod_cluster-native-1.2.9-6.Final_redhat_2.ep6.el5.src.rpm i386: httpd-2.2.26-41.ep6.el5.i386.rpm httpd-debuginfo-2.2.26-41.ep6.el5.i386.rpm httpd-devel-2.2.26-41.ep6.el5.i386.rpm httpd-manual-2.2.26-41.ep6.el5.i386.rpm httpd-tools-2.2.26-41.ep6.el5.i386.rpm mod_cluster-native-1.2.9-6.Final_redhat_2.ep6.el5.i386.rpm mod_cluster-native-debuginfo-1.2.9-6.Final_redhat_2.ep6.el5.i386.rpm mod_ssl-2.2.26-41.ep6.el5.i386.rpm x86_64: httpd-2.2.26-41.ep6.el5.x86_64.rpm httpd-debuginfo-2.2.26-41.ep6.el5.x86_64.rpm httpd-devel-2.2.26-41.ep6.el5.x86_64.rpm httpd-manual-2.2.26-41.ep6.el5.x86_64.rpm httpd-tools-2.2.26-41.ep6.el5.x86_64.rpm mod_cluster-native-1.2.9-6.Final_redhat_2.ep6.el5.x86_64.rpm mod_cluster-native-debuginfo-1.2.9-6.Final_redhat_2.ep6.el5.x86_64.rpm mod_ssl-2.2.26-41.ep6.el5.x86_64.rpm Red Hat JBoss Web Server 2 for RHEL 6 Server: Source: httpd-2.2.26-41.ep6.el6.src.rpm mod_cluster-native-1.2.9-6.Final_redhat_2.ep6.el6.src.rpm i386: httpd-2.2.26-41.ep6.el6.i386.rpm httpd-debuginfo-2.2.26-41.ep6.el6.i386.rpm httpd-devel-2.2.26-41.ep6.el6.i386.rpm httpd-manual-2.2.26-41.ep6.el6.i386.rpm httpd-tools-2.2.26-41.ep6.el6.i386.rpm mod_cluster-native-1.2.9-6.Final_redhat_2.ep6.el6.i386.rpm mod_cluster-native-debuginfo-1.2.9-6.Final_redhat_2.ep6.el6.i386.rpm mod_ssl-2.2.26-41.ep6.el6.i386.rpm x86_64: httpd-2.2.26-41.ep6.el6.x86_64.rpm httpd-debuginfo-2.2.26-41.ep6.el6.x86_64.rpm httpd-devel-2.2.26-41.ep6.el6.x86_64.rpm httpd-manual-2.2.26-41.ep6.el6.x86_64.rpm httpd-tools-2.2.26-41.ep6.el6.x86_64.rpm mod_cluster-native-1.2.9-6.Final_redhat_2.ep6.el6.x86_64.rpm mod_cluster-native-debuginfo-1.2.9-6.Final_redhat_2.ep6.el6.x86_64.rpm mod_ssl-2.2.26-41.ep6.el6.x86_64.rpm Red Hat JBoss Web Server 2 for RHEL 7 Server: Source: httpd22-2.2.26-42.ep6.el7.src.rpm mod_cluster-native-1.2.9-6.Final_redhat_2.ep6.el7.src.rpm x86_64: httpd22-2.2.26-42.ep6.el7.x86_64.rpm httpd22-debuginfo-2.2.26-42.ep6.el7.x86_64.rpm httpd22-devel-2.2.26-42.ep6.el7.x86_64.rpm httpd22-manual-2.2.26-42.ep6.el7.x86_64.rpm httpd22-tools-2.2.26-42.ep6.el7.x86_64.rpm mod_cluster-native-1.2.9-6.Final_redhat_2.ep6.el7.x86_64.rpm mod_cluster-native-debuginfo-1.2.9-6.Final_redhat_2.ep6.el7.x86_64.rpm mod_ssl22-2.2.26-42.ep6.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2013-5704 https://access.redhat.com/security/cve/CVE-2015-3183 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFWoP+GXlSAg2UNWIIRAl+vAJ0Xcs6ZW4dyE4Po3FbTYRTnC5eibwCghna6 uwTN3stBd2AbzXGPk9SFRDI= =n95V -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jan 21 15:55:59 2016 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 21 Jan 2016 10:55:59 -0500 Subject: [RHSA-2016:0062-01] Moderate: Red Hat JBoss Web Server 2.1.0 security update Message-ID: <201601211556.u0LFtx0w011434@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat JBoss Web Server 2.1.0 security update Advisory ID: RHSA-2016:0062-01 Product: Red Hat JBoss Web Server Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0062.html Issue date: 2016-01-21 CVE Names: CVE-2012-0876 CVE-2012-1148 CVE-2013-5704 CVE-2015-3183 ===================================================================== 1. Summary: An update for Red Hat JBoss Web Server 2.1.0 that fixes four security issues is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Description: Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library. Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks. (CVE-2015-3183) A denial of service flaw was found in the implementation of hash arrays in Expat. An attacker could use this flaw to make an application using Expat consume an excessive amount of CPU time by providing a specially-crafted XML file that triggers multiple hash function collisions. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-0876) A memory leak flaw was found in Expat. If an XML file processed by an application linked against Expat triggered a memory re-allocation failure, Expat failed to free the previously allocated memory. This could cause the application to exit unexpectedly or crash when all available memory is exhausted. (CVE-2012-1148) A flaw was found in the way httpd handled HTTP Trailer headers when processing requests using chunked encoding. A malicious client could use Trailer headers to set additional HTTP headers after header processing was performed by other modules. This could, for example, lead to a bypass of header restrictions defined with mod_headers. (CVE-2013-5704) All users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat Customer Portal are advised to apply this update. The Red Hat JBoss Web Server process must be restarted for the update to take effect. 3. Solution: The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files). 4. Bugs fixed (https://bugzilla.redhat.com/): 786617 - CVE-2012-0876 expat: hash table collisions CPU usage DoS 801648 - CVE-2012-1148 expat: Memory leak in poolGrow 1082903 - CVE-2013-5704 httpd: bypass of mod_headers rules via chunked requests 1243887 - CVE-2015-3183 httpd: HTTP request smuggling attack against chunked request parser 5. References: https://access.redhat.com/security/cve/CVE-2012-0876 https://access.redhat.com/security/cve/CVE-2012-1148 https://access.redhat.com/security/cve/CVE-2013-5704 https://access.redhat.com/security/cve/CVE-2015-3183 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver&downloadType=securityPatches&version=2.1.0 6. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFWoP+OXlSAg2UNWIIRAmwSAJ9P8tubWwCMgf0/pn0FHW0+9lJi5gCfRjzk uZNZSNVSpGDhmFbDwlBzdyw= =oXVf -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Jan 25 22:25:58 2016 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 25 Jan 2016 22:25:58 +0000 Subject: [RHSA-2016:0066-01] Moderate: Red Hat JBoss Data Virtualization 6.2.0 security update Message-ID: <201601252225.u0PMPwfd013378@int-mx11.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat JBoss Data Virtualization 6.2.0 security update Advisory ID: RHSA-2016:0066-01 Product: Red Hat JBoss Data Virtualization Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-0066.html Issue date: 2016-01-25 CVE Names: CVE-2015-3253 ===================================================================== 1. Summary: Red Hat JBoss Data Virtualization 6.2.0 update 2, which fixes one security issue and various bugs, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Description: Red Hat JBoss Data Virtualization is a lean data integration solution that provides easy, real-time, and unified data access across disparate sources to multiple applications and users. JBoss Data Virtualization makes data spread across physically distinct systems?such as multiple databases, XML files, and even Hadoop systems?appear as a set of tables in a local database. This update serves as a cumulative upgrade for Red Hat JBoss Data Virtualization 6.2.0. It includes various bug fixes, which are listed in the README file included with the patch files. The following security issue is also fixed with this release: A flaw was discovered in the way applications using Groovy used the standard Java serialization mechanism. A remote attacker could use a specially crafted serialized object that would execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects are subject to this vulnerability. (CVE-2015-3253) All users of Red Hat JBoss Data Virtualization 6.2.0 as provided from the Red Hat Customer Portal are advised to apply this update. 3. Solution: The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Data Virtualization installation (including its databases, applications, configuration files, and so on). Note that it is recommended to halt the Red Hat JBoss Data Virtualization server by stopping the JBoss Application Server process before installing this update, and then after installing the update, restart the Red Hat JBoss Data Virtualization server by starting the JBoss Application Server process. 4. Bugs fixed (https://bugzilla.redhat.com/): 1243934 - CVE-2015-3253 groovy: remote execution of untrusted code in class MethodClosure 5. References: https://access.redhat.com/security/cve/CVE-2015-3253 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=data.services.platform&downloadType=securityPatches&version=6.2.0 6. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFWpqDSXlSAg2UNWIIRAicnAJ9RkyXUZZ/eeigDl6nPrb17GXpfdACgkpxG JcTENOX131yN4GZTQJ0/k+I= =SVKO -----END PGP SIGNATURE-----