<<< Date Index >>>     <<< Thread Index >>>

SUSE Security Announcement: PostgreSQL buffer overflow problems (SUSE-SA-2005:027)



-----BEGIN PGP SIGNED MESSAGE-----

______________________________________________________________________________

                        SUSE Security Announcement

        Package:                postgresql
        Announcement-ID:        SUSE-SA:2005:027
        Date:                   Wed, 20 Apr 2005 09:00:00 +0000
        Affected products:      8.2, 9.0, 9.1, 9.2, 9.3
                                SUSE Linux Desktop 1.0
                                SUSE Linux Enterprise Server 8, 9
                                Novell Linux Desktop 9
        Vulnerability Type:     remote code execution
        Severity (1-10):        5
        SUSE default package:   no
        Cross References:       CAN-2005-0247

    Content of this advisory:
        1) security vulnerability resolved:
             code execution due to bugs in several SQL commands
           problem description
        2) solution/workaround
        3) special instructions and notes
        4) package location and checksums
        5) pending vulnerabilities, solutions, workarounds:
            none
        6) standard appendix (further information)

______________________________________________________________________________

1) problem description, brief discussion

    Several problems were identified and fixed in the PostgreSQL
    database server.

    Multiple buffer overflows in the low level parsing routines may
    allow attackers to execute arbitrary code via:

    (1) a large number of variables in a SQL statement being handled by
        the read_sql_construct() function,

    (2) a large number of INTO variables in a SELECT statement being
        handled by the make_select_stmt function,

    (3) a large number of arbitrary variables in a SELECT statement being
        handled by the make_select_stmt function, and

    (4) a large number of INTO variables in a FETCH statement being
        handled by the make_fetch_stmt function.


    This is tracked by the Mitre CVE ID CAN-2005-0247.

2) solution/workaround

    None, please install the updated packages.

3) special instructions and notes

    If you are running a PostgreSQL server please make sure that it
    is stopped or at least doesn't have any client connections during
    the update.

4) package location and checksums

    Please download the update package for your distribution and verify its
    integrity by the methods listed in section 3) of this announcement.
    Then, install the package using the command "rpm -Fhv file.rpm" to apply
    the update.
    Our maintenance customers are being notified individually. The packages
    are being offered to install from the maintenance web.


    x86 Platform:

    SUSE Linux 9.3:
    
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/postgresql-8.0.1-6.i586.rpm
           678cf8fac25f43217a75ff1b69afa1e1
    
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/postgresql-contrib-8.0.1-6.i586.rpm
           9f71e3a477cb37e96b6252d3e41af5d0
    
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/postgresql-devel-8.0.1-6.i586.rpm
           13befe8d62a70898b576f46332b04016
    
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/postgresql-docs-8.0.1-6.i586.rpm
           d51a60a473567c87c3f94cc0d5abde2d
    
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/postgresql-libs-8.0.1-6.i586.rpm
           50af9cba7571c4859b033a420782c5c3
    
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/postgresql-pl-8.0.1-6.i586.rpm
           3d68c0e2f026e3c1f1d33ec828ade723
    
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/postgresql-server-8.0.1-6.i586.rpm
           4601a1e4308348a7a27fbe4dd0bfe029
    
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/postgresql-libs-32bit-9.3-7.1.x86_64.rpm
           55c4a7c5b510b4a05b789540adbcca00

    SUSE Linux 9.2:
    
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/postgresql-7.4.7-0.3.i586.rpm
           6d5ca6b626a70cee2b34e49d33855648
    
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/postgresql-contrib-7.4.7-0.3.i586.rpm
           62020a1c26ed41635cf07f37f1c22817
    
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/postgresql-devel-7.4.7-0.3.i586.rpm
           eb20f825e8c1ee955e6904bd718ad1ba
    
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/postgresql-docs-7.4.7-0.3.i586.rpm
           79194edc8a6a6ad10104b964e66cf789
    
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/postgresql-libs-7.4.7-0.3.i586.rpm
           67353952335be148e0f3719a50edf8c5
    
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/postgresql-pl-7.4.7-0.3.i586.rpm
           caad51baf0dfca24df09fec5d4385555
    
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/postgresql-server-7.4.7-0.3.i586.rpm
           55a89a0f695e5dc892fa31af6140e367
    
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/postgresql-libs-32bit-9.2-200504131606.x86_64.rpm
           91ac32a40b548d187ca78fb095f182ac

    SUSE Linux 9.1:
    
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/postgresql-7.4.7-0.5.i586.rpm
           7027aa706e60a5074b294edba529479c
    
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/postgresql-contrib-7.4.7-0.5.i586.rpm
           f7f3ef933b3cef23e892ede41d30b7e2
    
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/postgresql-devel-7.4.7-0.5.i586.rpm
           8b48f30541f0834d14c7c1297202a55f
    
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/postgresql-docs-7.4.7-0.5.i586.rpm
           e4456b0be9e08ffab52bc8476d2a25c8
    
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/postgresql-libs-7.4.7-0.5.i586.rpm
           9a936afc00a75b243c7c7bd040eb3e97
    
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/postgresql-pl-7.4.7-0.5.i586.rpm
           7037b8f9f9ca4d0c3325b1f52a38338c
    
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/postgresql-server-7.4.7-0.5.i586.rpm
           a6699829779cf0f1adc9eb899e028cce
    
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/i586/postgresql-libs-32bit-9.1-200504131537.i586.rpm
           6d7c782b577a97024d5b388957686eb9
    source rpm(s):
    
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/postgresql-7.4.7-0.5.src.rpm
           10074702f7983e615b0d4da932915419

    SUSE Linux 9.0:
    
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/postgresql-7.3.9-7.i586.rpm
           dbefa2ff236099277275e050196832f9
    
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/postgresql-contrib-7.3.9-7.i586.rpm
           9e933821ae869b86c9dbb9899df86d75
    
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/postgresql-devel-7.3.9-7.i586.rpm
           8c2f83c0acb4bda10989a90082126324
    
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/postgresql-docs-7.3.9-7.i586.rpm
           4fa5151ac425ef2765600082c8772d38
    
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/postgresql-libs-7.3.9-7.i586.rpm
           c038222567e7692081dfef91f56fa73b
    
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/postgresql-pl-7.3.9-7.i586.rpm
           57730936587d5214f45d498721abc0d4
    
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/postgresql-server-7.3.9-7.i586.rpm
           a66b7aa7172c4accefad29b98b725452
    
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/postgresql-test-7.3.9-7.i586.rpm
           c2d0256ea4ce83f12e73e4f23a0f4929
    
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/i586/postgresql-libs-32bit-9.0-4.i586.rpm
           0a754eb5f8535cd7a291ffefb724f537
    source rpm(s):
    
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/postgresql-7.3.9-7.src.rpm
           174eb88726ae089eb80327613d0191c9

    SUSE Linux 8.2:
    
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/postgresql-7.3.9-6.i586.rpm
           a2b5993ddc330ffc4caf596b95cd44da
    
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/postgresql-contrib-7.3.9-6.i586.rpm
           80f40fb76c5eb8b04634836f5da87839
    
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/postgresql-devel-7.3.9-6.i586.rpm
           e97783f94a2e103b4f36d8309525e03b
    
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/postgresql-docs-7.3.9-6.i586.rpm
           df6f2407af9063765d3100efda4e9fd7
    
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/postgresql-libs-7.3.9-6.i586.rpm
           158525f64b5ce8b4e84307442c55cf69
    
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/postgresql-pl-7.3.9-6.i586.rpm
           b214dab6c7691e408c8cb94f3d89266b
    
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/postgresql-server-7.3.9-6.i586.rpm
           ef2c190ddcca664c6d24c30cee18b06a
    
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/postgresql-test-7.3.9-6.i586.rpm
           598bc10d2956c68c44bbc15c1048b961
    source rpm(s):
    
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/postgresql-7.3.9-6.src.rpm
           b9607afe3c591211cd4828387b78e844

    x86-64 Platform:

    SUSE Linux 9.3:
    
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/postgresql-8.0.1-6.x86_64.rpm
           a608a80f0c5e52244ef0e06f71179eec
    
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/postgresql-contrib-8.0.1-6.x86_64.rpm
           3fc4c4e413857244670ec31d132ecf6e
    
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/postgresql-devel-8.0.1-6.x86_64.rpm
           604493537efd3eefdb6c2268c76d9fce
    
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/postgresql-docs-8.0.1-6.x86_64.rpm
           4f9cdf3fef5cbc05655a61c0d40188ac
    
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/postgresql-libs-8.0.1-6.x86_64.rpm
           1693e687c7175143a8417a1971b7561d
    
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/postgresql-pl-8.0.1-6.x86_64.rpm
           231201858f97d931a342cc54197fede0
    
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/postgresql-server-8.0.1-6.x86_64.rpm
           cf53838797c30f7c0d6c20780b3df994
    source rpm(s):
    
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/postgresql-8.0.1-6.src.rpm
           72d273fb0e710ce3b36f8a75760faca0
    
ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/postgresql-pl-8.0.1-6.nosrc.rpm
           b12ca9ab8d1e1403d64608447cef61af

    SUSE Linux 9.2:
    
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/postgresql-7.4.7-0.3.x86_64.rpm
           376426e12fa067ed9750ff729e7af64f
    
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/postgresql-contrib-7.4.7-0.3.x86_64.rpm
           a2a1174114c9f2cd8b0bd24dc15603ad
    
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/postgresql-devel-7.4.7-0.3.x86_64.rpm
           52c49022348810ee55dc74a986a10324
    
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/postgresql-docs-7.4.7-0.3.x86_64.rpm
           c4ffdce772938cb5ca851a09eb05ccb9
    
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/postgresql-libs-7.4.7-0.3.x86_64.rpm
           b89fbdd68337b6f6d557e030fdee385c
    
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/postgresql-pl-7.4.7-0.3.x86_64.rpm
           6fe8b6011a779152b659b85278176084
    
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/postgresql-server-7.4.7-0.3.x86_64.rpm
           94bd74ce6d5e215c0cc910227606b081
    source rpm(s):
    
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/postgresql-7.4.7-0.3.src.rpm
           b8c6138e39ecc4c75537c7bf99cbcee4
    
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/postgresql-pl-7.4.7-0.3.src.rpm
           e9c71d98739d760557aa9719ac45083b

    SUSE Linux 9.1:
    
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/postgresql-7.4.7-0.5.x86_64.rpm
           000d9921b17457f420806deb0b52b864
    
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/postgresql-contrib-7.4.7-0.5.x86_64.rpm
           7ae07a0f82e1c752a43f1d2f1d6f76a4
    
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/postgresql-devel-7.4.7-0.5.x86_64.rpm
           959493267003db19075030c88b288e53
    
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/postgresql-docs-7.4.7-0.5.x86_64.rpm
           452dc62ada42a821a7d6e8bc79e6fbd8
    
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/postgresql-libs-7.4.7-0.5.x86_64.rpm
           6d07eec96e67f4c3b316b980db2ded02
    
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/postgresql-pl-7.4.7-0.5.x86_64.rpm
           a9a394f502ce7d45b72e8d037513cc60
    
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/postgresql-server-7.4.7-0.5.x86_64.rpm
           090f72759ce39af0b49170ff3b0e939a
    source rpm(s):
    
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/postgresql-7.4.7-0.5.src.rpm
           8bd7c2894ca62fe59e52f5ee79a13a8c

    SUSE Linux 9.0:
    
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/postgresql-7.3.9-7.x86_64.rpm
           d9b71b21317c17281a1d0b5ac058ee7e
    
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/postgresql-contrib-7.3.9-7.x86_64.rpm
           df00a736fbbc1fe396ca802f28556a6e
    
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/postgresql-devel-7.3.9-7.x86_64.rpm
           b1bc20c65730504cb68204644b53c3b1
    
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/postgresql-docs-7.3.9-7.x86_64.rpm
           aa2a266f6cfb859e248d7c6a9168cd5d
    
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/postgresql-libs-7.3.9-7.x86_64.rpm
           ff5014d8c7d7c2d3b044bb2f268c0bf8
    
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/postgresql-pl-7.3.9-7.x86_64.rpm
           9e9dc0405761bde26676ad71b71d18c8
    
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/postgresql-server-7.3.9-7.x86_64.rpm
           0235a9bd3d8b582c8eeec89ae5cc02ff
    
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/postgresql-test-7.3.9-7.x86_64.rpm
           2cd64de68e37398c11448271c87d8f9b
    source rpm(s):
    
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/postgresql-7.3.9-7.src.rpm
           cb17afaeae94a5d9c982654047c46b7f


______________________________________________________________________________

5)  Pending vulnerabilities in SUSE Distributions and Workarounds:

    none
______________________________________________________________________________

6)  standard appendix: authenticity verification, additional information

  - Package authenticity verification:

    SUSE update packages are available on many mirror ftp servers all over
    the world. While this service is being considered valuable and important
    to the free and open source software community, many users wish to be
    sure about the origin of the package and its content before installing
    the package. There are two verification methods that can be used
    independently from each other to prove the authenticity of a downloaded
    file or rpm package:
    1) md5sums as provided in the (cryptographically signed) announcement.
    2) using the internal gpg signatures of the rpm package.

    1) execute the command
        md5sum <name-of-the-file.rpm>
       after you downloaded the file from a SUSE ftp server or its mirrors.
       Then, compare the resulting md5sum with the one that is listed in the
       announcement. Since the announcement containing the checksums is
       cryptographically signed (usually using the key security@xxxxxxx),
       the checksums show proof of the authenticity of the package.
       We disrecommend to subscribe to security lists which cause the
       email message containing the announcement to be modified so that
       the signature does not match after transport through the mailing
       list software.
       Downsides: You must be able to verify the authenticity of the
       announcement in the first place. If RPM packages are being rebuilt
       and a new version of a package is published on the ftp server, all
       md5 sums for the files are useless.

    2) rpm package signatures provide an easy way to verify the authenticity
       of an rpm package. Use the command
        rpm -v --checksig <file.rpm>
       to verify the signature of the package, where <file.rpm> is the
       filename of the rpm package that you have downloaded. Of course,
       package authenticity verification can only target an un-installed rpm
       package file.
       Prerequisites:
        a) gpg is installed
        b) The package is signed using a certain key. The public part of this
           key must be installed by the gpg program in the directory
           ~/.gnupg/ under the user's home directory who performs the
           signature verification (usually root). You can import the key
           that is used by SUSE in rpm packages for SUSE Linux by saving
           this announcement to a file ("announcement.txt") and
           running the command (do "su -" to be root):
            gpg --batch; gpg < announcement.txt | gpg --import
           SUSE Linux distributions version 7.1 and thereafter install the
           key "build@xxxxxxx" upon installation or upgrade, provided that
           the package gpg is installed. The file containing the public key
           is placed at the top-level directory of the first CD (pubring.gpg)
           and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de .


  - SUSE runs two security mailing lists to which any interested party may
    subscribe:

    suse-security@xxxxxxxx
        -   general/linux/SUSE security discussion.
            All SUSE security announcements are sent to this list.
            To subscribe, send an email to
                <suse-security-subscribe@xxxxxxxx>.

    suse-security-announce@xxxxxxxx
        -   SUSE's announce-only mailing list.
            Only SUSE's security announcements are sent to this list.
            To subscribe, send an email to
                <suse-security-announce-subscribe@xxxxxxxx>.

    For general information or the frequently asked questions (faq)
    send mail to:
        <suse-security-info@xxxxxxxx> or
        <suse-security-faq@xxxxxxxx> respectively.

    =====================================================================
    SUSE's security contact is <security@xxxxxxxx> or <security@xxxxxxx>.
    The <security@xxxxxxx> public key is listed below.
    =====================================================================
______________________________________________________________________________

    The information in this advisory may be distributed or reproduced,
    provided that the advisory is not modified in any way. In particular,
    it is desired that the clear-text signature shows proof of the
    authenticity of the text.
    SUSE Linux AG makes no warranties of any kind whatsoever with respect
    to the information contained in this security advisory.

Type Bits/KeyID    Date       User ID
pub  2048R/3D25D3D9 1999-03-06 SuSE Security Team <security@xxxxxxx>
pub  1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build@xxxxxxx>

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff
4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d
M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO
QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK
XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE
D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd
G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM
CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE
myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr
YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD
wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d
NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe
QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe
LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t
XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU
D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3
0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot
1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW
cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E
ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f
AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E
Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/
HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h
t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT
tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM
523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q
2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8
QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw
JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ
1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH
ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1
wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY
EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol
0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK
CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co
SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo
omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt
A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J
/LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE
GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf
ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT
ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8
RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ
8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb
B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X
11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA
8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj
qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p
WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL
hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG
BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+
AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi
RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0
zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM
/3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7
whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl
D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz
dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI
RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI
DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE=
=LRKC
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iQEVAwUBQmYWjXey5gA9JdPZAQE2hgf9HiTUk55ar7ggbJwBwSxOOqxLt5fJ4z/E
REl6bZM0ti5xuk0dlbQpM4ZlSkQfajpp3SMmou2lsD8ZFteEbmbN/NZvgp3CBZRA
Ci8EnTldo3/Sfv9cUj1Obd1CGFYAost0pK+khX3QNGJOfTBOu2HVi6DCaY4PNGcP
8V09PM/8INpcWvvuX+FLZpiHMJlu3JpDArTTsTtulNoIPoe3zKa1Bjns9SdMzD/S
9o5+0xG/ObuOZqomhsBBbb4+u66Rd0fVsLTflEvbaulcvavIhgkyDQn6dkrj9za7
SvJG2vYYXtY3WZWQRJsUiM1AfMAy9mCXflk+Yj7vh1x5iKcCRBntpw==
=IWpL
-----END PGP SIGNATURE-----