Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package nginx for openSUSE:Factory checked in at 2026-02-06 21:30:22 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/nginx (Old) and /work/SRC/openSUSE:Factory/.nginx.new.1670 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "nginx" Fri Feb 6 21:30:22 2026 rev:107 rq:1331530 version:1.29.5 Changes: -------- --- /work/SRC/openSUSE:Factory/nginx/nginx.changes 2025-12-11 18:32:09.834353048 +0100 +++ /work/SRC/openSUSE:Factory/.nginx.new.1670/nginx.changes 2026-02-06 21:31:08.408211749 +0100 @@ -1,0 +2,13 @@ +Fri Feb 6 08:01:41 UTC 2026 - Илья Индиго <[email protected]> + +- Updated to 1.29.5 + * https://nginx.org/en/CHANGES + * Fixed an attacker might inject plain text data in the response from an SSL backend (CVE-2026-1642). + * Fixed use-after-free might occur after switching to the next gRPC or HTTP/2 backend. + * Fixed an invalid HTTP/2 request might be sent after switching to the next upstream. + * Fixed a response with multiple ranges might be larger than the source response. + * Fixed setting HTTP_HOST when proxying to FastCGI, SCGI, and uwsgi backends. + * Fixed warning when compiling with MSVC 2022 x86. + * Changed the logging level of the "ech_required" SSL error has been lowered from "crit" to "info". + +------------------------------------------------------------------- Old: ---- nginx-1.29.4.tar.gz nginx-1.29.4.tar.gz.asc New: ---- nginx-1.29.5.tar.gz nginx-1.29.5.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ nginx.spec ++++++ --- /var/tmp/diff_new_pack.OswFVm/_old 2026-02-06 21:31:09.212245483 +0100 +++ /var/tmp/diff_new_pack.OswFVm/_new 2026-02-06 21:31:09.212245483 +0100 @@ -1,7 +1,7 @@ # # spec file for package nginx # -# Copyright (c) 2025 SUSE LLC and contributors +# Copyright (c) 2026 SUSE LLC and contributors # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -23,7 +23,7 @@ %bcond_with ngx_google_perftools # Name: nginx -Version: 1.29.4 +Version: 1.29.5 Release: 0 Summary: A HTTP server and IMAP/POP3 proxy server License: BSD-2-Clause @@ -31,7 +31,8 @@ URL: https://github.com/nginx/nginx Source0: https://github.com/nginx/nginx/releases/download/release-%{version}/%{name}-%{version}.tar.gz Source1: https://github.com/nginx/nginx/releases/download/release-%{version}/%{name}-%{version}.tar.gz.asc -Source2: https://nginx.org/keys/pluknet.key#/%{name}.keyring +# https://nginx.org/en/pgp_keys.html +Source2: %{name}.keyring Source3: %{name}.rpmlintrc Source4: %{name}.logrotate Source5: %{name}.service ++++++ nginx-1.29.4.tar.gz -> nginx-1.29.5.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.29.4/CHANGES new/nginx-1.29.5/CHANGES --- old/nginx-1.29.4/CHANGES 2025-12-09 19:32:11.000000000 +0100 +++ new/nginx-1.29.5/CHANGES 2026-02-04 16:23:44.000000000 +0100 @@ -1,4 +1,27 @@ +Changes with nginx 1.29.5 04 Feb 2026 + + *) Security: an attacker might inject plain text data in the response + from an SSL backend (CVE-2026-1642). + + *) Bugfix: use-after-free might occur after switching to the next gRPC + or HTTP/2 backend. + + *) Bugfix: an invalid HTTP/2 request might be sent after switching to + the next upstream. + + *) Bugfix: a response with multiple ranges might be larger than the + source response. + + *) Bugfix: fixed setting HTTP_HOST when proxying to FastCGI, SCGI, and + uwsgi backends. + + *) Bugfix: fixed warning when compiling with MSVC 2022 x86. + + *) Change: the logging level of the "ech_required" SSL error has been + lowered from "crit" to "info". + + Changes with nginx 1.29.4 09 Dec 2025 *) Feature: the ngx_http_proxy_module supports HTTP/2. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.29.4/CHANGES.ru new/nginx-1.29.5/CHANGES.ru --- old/nginx-1.29.4/CHANGES.ru 2025-12-09 19:32:11.000000000 +0100 +++ new/nginx-1.29.5/CHANGES.ru 2026-02-04 16:23:43.000000000 +0100 @@ -1,4 +1,28 @@ +Изменения в nginx 1.29.5 04.02.2026 + + *) Безопасность: атакующий мог вставить незашифрованные данные в ответ + от SSL-бэкенда (CVE-2026-1642). + + *) Исправление: обращение к ранее освобождённой памяти могло произойти + после переключения на следующий gRPC- или HTTP/2-бэкенд. + + *) Исправление: некорректный HTTP/2-запрос мог быть отправлен после + переключения на следующий бэкенд. + + *) Исправление: ответ с несколькими диапазонами мог быть больше, чем + исходный ответ. + + *) Исправление: исправлена установка переменной HTTP_HOST при + проксировании на FastCGI-, SCGI- и uwsgi-бэкенды. + + *) Исправление: устранено предупреждение при компиляции при помощи MSVC + 2022 x86. + + *) Изменение: уровень логгирования ошибки SSL "ech_required" понижен с + уровня crit до info. + + Изменения в nginx 1.29.4 09.12.2025 *) Добавление: модуль ngx_http_proxy_module поддерживает HTTP/2. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.29.4/LICENSE new/nginx-1.29.5/LICENSE --- old/nginx-1.29.4/LICENSE 2025-12-09 19:28:10.000000000 +0100 +++ new/nginx-1.29.5/LICENSE 2026-02-04 16:12:20.000000000 +0100 @@ -1,5 +1,5 @@ Copyright (C) 2002-2021 Igor Sysoev -Copyright (C) 2011-2025 Nginx, Inc. +Copyright (C) 2011-2026 Nginx, Inc. All rights reserved. Redistribution and use in source and binary forms, with or without diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.29.4/man/nginx.8 new/nginx-1.29.5/man/nginx.8 --- old/nginx-1.29.4/man/nginx.8 2025-12-09 19:28:10.000000000 +0100 +++ new/nginx-1.29.5/man/nginx.8 2026-02-04 16:12:20.000000000 +0100 @@ -25,7 +25,7 @@ .\" SUCH DAMAGE. .\" .\" -.Dd November 5, 2020 +.Dd January 21, 2026 .Dt NGINX 8 .Os .Sh NAME @@ -98,7 +98,8 @@ Do not run, just test the configuration file. .Nm checks the configuration file syntax and then tries to open files -referenced in the configuration file. +referenced in the configuration file, including binding to configured +listen addresses. .It Fl V Print the .Nm diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.29.4/src/core/nginx.h new/nginx-1.29.5/src/core/nginx.h --- old/nginx-1.29.4/src/core/nginx.h 2025-12-09 19:28:10.000000000 +0100 +++ new/nginx-1.29.5/src/core/nginx.h 2026-02-04 16:12:20.000000000 +0100 @@ -9,8 +9,8 @@ #define _NGINX_H_INCLUDED_ -#define nginx_version 1029004 -#define NGINX_VERSION "1.29.4" +#define nginx_version 1029005 +#define NGINX_VERSION "1.29.5" #define NGINX_VER "nginx/" NGINX_VERSION #ifdef NGX_BUILD diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.29.4/src/core/ngx_output_chain.c new/nginx-1.29.5/src/core/ngx_output_chain.c --- old/nginx-1.29.4/src/core/ngx_output_chain.c 2025-12-09 19:28:10.000000000 +0100 +++ new/nginx-1.29.5/src/core/ngx_output_chain.c 2026-02-04 16:12:20.000000000 +0100 @@ -552,6 +552,11 @@ dst->flush = src->flush; dst->last_buf = src->last_buf; dst->last_in_chain = src->last_in_chain; + + } else { + dst->flush = 0; + dst->last_buf = 0; + dst->last_in_chain = 0; } } else { @@ -648,6 +653,11 @@ dst->flush = src->flush; dst->last_buf = src->last_buf; dst->last_in_chain = src->last_in_chain; + + } else { + dst->flush = 0; + dst->last_buf = 0; + dst->last_in_chain = 0; } } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.29.4/src/event/ngx_event_openssl.c new/nginx-1.29.5/src/event/ngx_event_openssl.c --- old/nginx-1.29.4/src/event/ngx_event_openssl.c 2025-12-09 19:28:10.000000000 +0100 +++ new/nginx-1.29.5/src/event/ngx_event_openssl.c 2026-02-04 16:12:20.000000000 +0100 @@ -4012,6 +4012,7 @@ || n == SSL_R_TLSV1_ALERT_USER_CANCELLED /* 1090 */ || n == SSL_R_TLSV1_ALERT_NO_RENEGOTIATION /* 1100 */ #endif + || n == 1121 /* SSL_R_TLSV1_ALERT_ECH_REQUIRED */ ) { switch (c->log_error) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.29.4/src/http/modules/ngx_http_fastcgi_module.c new/nginx-1.29.5/src/http/modules/ngx_http_fastcgi_module.c --- old/nginx-1.29.4/src/http/modules/ngx_http_fastcgi_module.c 2025-12-09 19:28:10.000000000 +0100 +++ new/nginx-1.29.5/src/http/modules/ngx_http_fastcgi_module.c 2026-02-04 16:12:20.000000000 +0100 @@ -656,9 +656,18 @@ }; +static ngx_keyval_t ngx_http_fastcgi_headers[] = { + { ngx_string("HTTP_HOST"), + ngx_string("$host$is_request_port$request_port") }, + { ngx_null_string, ngx_null_string } +}; + + #if (NGX_HTTP_CACHE) static ngx_keyval_t ngx_http_fastcgi_cache_headers[] = { + { ngx_string("HTTP_HOST"), + ngx_string("$host$is_request_port$request_port") }, { ngx_string("HTTP_IF_MODIFIED_SINCE"), ngx_string("$upstream_cache_last_modified") }, { ngx_string("HTTP_IF_UNMODIFIED_SINCE"), ngx_string("") }, @@ -3276,7 +3285,8 @@ conf->params_source = prev->params_source; } - rc = ngx_http_fastcgi_init_params(cf, conf, &conf->params, NULL); + rc = ngx_http_fastcgi_init_params(cf, conf, &conf->params, + ngx_http_fastcgi_headers); if (rc != NGX_OK) { return NGX_CONF_ERROR; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.29.4/src/http/modules/ngx_http_proxy_v2_module.c new/nginx-1.29.5/src/http/modules/ngx_http_proxy_v2_module.c --- old/nginx-1.29.4/src/http/modules/ngx_http_proxy_v2_module.c 2025-12-09 19:28:10.000000000 +0100 +++ new/nginx-1.29.5/src/http/modules/ngx_http_proxy_v2_module.c 2026-02-04 16:12:20.000000000 +0100 @@ -944,6 +944,8 @@ ctx->rst = 0; ctx->goaway = 0; ctx->connection = NULL; + ctx->in = NULL; + ctx->busy = NULL; return NGX_OK; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.29.4/src/http/modules/ngx_http_range_filter_module.c new/nginx-1.29.5/src/http/modules/ngx_http_range_filter_module.c --- old/nginx-1.29.4/src/http/modules/ngx_http_range_filter_module.c 2025-12-09 19:28:10.000000000 +0100 +++ new/nginx-1.29.5/src/http/modules/ngx_http_range_filter_module.c 2026-02-04 16:12:20.000000000 +0100 @@ -273,7 +273,7 @@ u_char *p; off_t start, end, size, content_length, cutoff, cutlim; - ngx_uint_t suffix; + ngx_uint_t suffix, max_ranges; ngx_http_range_t *range; ngx_http_range_filter_ctx_t *mctx; @@ -294,6 +294,8 @@ p = r->headers_in.range->value.data + 6; size = 0; + max_ranges = ranges; + content_length = r->headers_out.content_length_n; cutoff = NGX_MAX_OFF_T_VALUE / 10; @@ -401,10 +403,23 @@ return NGX_HTTP_RANGE_NOT_SATISFIABLE; } + if (ctx->ranges.nelts == 1) { + return NGX_OK; + } + if (size > content_length) { return NGX_DECLINED; } + if (max_ranges == NGX_MAX_INT32_VALUE) { + size += ctx->ranges.nelts * 256; + content_length += 4096; + + if (size > content_length) { + return NGX_DECLINED; + } + } + return NGX_OK; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.29.4/src/http/modules/ngx_http_scgi_module.c new/nginx-1.29.5/src/http/modules/ngx_http_scgi_module.c --- old/nginx-1.29.4/src/http/modules/ngx_http_scgi_module.c 2025-12-09 19:28:10.000000000 +0100 +++ new/nginx-1.29.5/src/http/modules/ngx_http_scgi_module.c 2026-02-04 16:12:20.000000000 +0100 @@ -453,9 +453,18 @@ }; +static ngx_keyval_t ngx_http_scgi_headers[] = { + { ngx_string("HTTP_HOST"), + ngx_string("$host$is_request_port$request_port") }, + { ngx_null_string, ngx_null_string } +}; + + #if (NGX_HTTP_CACHE) static ngx_keyval_t ngx_http_scgi_cache_headers[] = { + { ngx_string("HTTP_HOST"), + ngx_string("$host$is_request_port$request_port") }, { ngx_string("HTTP_IF_MODIFIED_SINCE"), ngx_string("$upstream_cache_last_modified") }, { ngx_string("HTTP_IF_UNMODIFIED_SINCE"), ngx_string("") }, @@ -1675,7 +1684,8 @@ conf->params_source = prev->params_source; } - rc = ngx_http_scgi_init_params(cf, conf, &conf->params, NULL); + rc = ngx_http_scgi_init_params(cf, conf, &conf->params, + ngx_http_scgi_headers); if (rc != NGX_OK) { return NGX_CONF_ERROR; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.29.4/src/http/modules/ngx_http_uwsgi_module.c new/nginx-1.29.5/src/http/modules/ngx_http_uwsgi_module.c --- old/nginx-1.29.4/src/http/modules/ngx_http_uwsgi_module.c 2025-12-09 19:28:10.000000000 +0100 +++ new/nginx-1.29.5/src/http/modules/ngx_http_uwsgi_module.c 2026-02-04 16:12:20.000000000 +0100 @@ -629,9 +629,18 @@ }; +static ngx_keyval_t ngx_http_uwsgi_headers[] = { + { ngx_string("HTTP_HOST"), + ngx_string("$host$is_request_port$request_port") }, + { ngx_null_string, ngx_null_string } +}; + + #if (NGX_HTTP_CACHE) static ngx_keyval_t ngx_http_uwsgi_cache_headers[] = { + { ngx_string("HTTP_HOST"), + ngx_string("$host$is_request_port$request_port") }, { ngx_string("HTTP_IF_MODIFIED_SINCE"), ngx_string("$upstream_cache_last_modified") }, { ngx_string("HTTP_IF_UNMODIFIED_SINCE"), ngx_string("") }, @@ -1995,7 +2004,8 @@ conf->params_source = prev->params_source; } - rc = ngx_http_uwsgi_init_params(cf, conf, &conf->params, NULL); + rc = ngx_http_uwsgi_init_params(cf, conf, &conf->params, + ngx_http_uwsgi_headers); if (rc != NGX_OK) { return NGX_CONF_ERROR; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.29.4/src/http/ngx_http_upstream.c new/nginx-1.29.5/src/http/ngx_http_upstream.c --- old/nginx-1.29.4/src/http/ngx_http_upstream.c 2025-12-09 19:28:10.000000000 +0100 +++ new/nginx-1.29.5/src/http/ngx_http_upstream.c 2026-02-04 16:12:20.000000000 +0100 @@ -1672,7 +1672,7 @@ u->writer.connection = c; u->writer.limit = clcf->sendfile_max_chunk; - if (u->request_sent) { + if (u->request_sent || u->response_received) { if (ngx_http_upstream_reinit(r, u) != NGX_OK) { ngx_http_upstream_finalize_request(r, u, NGX_HTTP_INTERNAL_SERVER_ERROR); @@ -1709,6 +1709,7 @@ u->request_sent = 0; u->request_body_sent = 0; u->request_body_blocked = 0; + u->response_received = 0; if (rc == NGX_AGAIN) { ngx_add_timer(c->write, u->conf->connect_timeout); @@ -2528,6 +2529,15 @@ return; } +#if (NGX_HTTP_SSL) + if (u->ssl && c->ssl == NULL) { + ngx_log_error(NGX_LOG_ERR, c->log, 0, + "upstream prematurely sent response"); + ngx_http_upstream_next(r, u, NGX_HTTP_UPSTREAM_FT_ERROR); + return; + } +#endif + u->state->bytes_received += n; u->buffer.last += n; @@ -2538,6 +2548,8 @@ u->peer.cached = 0; #endif + u->response_received = 1; + rc = u->process_header(r); if (rc == NGX_AGAIN) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.29.4/src/http/ngx_http_upstream.h new/nginx-1.29.5/src/http/ngx_http_upstream.h --- old/nginx-1.29.4/src/http/ngx_http_upstream.h 2025-12-09 19:28:10.000000000 +0100 +++ new/nginx-1.29.5/src/http/ngx_http_upstream.h 2026-02-04 16:12:20.000000000 +0100 @@ -412,6 +412,7 @@ unsigned request_body_sent:1; unsigned request_body_blocked:1; unsigned header_sent:1; + unsigned response_received:1; }; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.29.4/src/os/win32/ngx_shmem.c new/nginx-1.29.5/src/os/win32/ngx_shmem.c --- old/nginx-1.29.4/src/os/win32/ngx_shmem.c 2025-12-09 19:28:10.000000000 +0100 +++ new/nginx-1.29.5/src/os/win32/ngx_shmem.c 2026-02-04 16:12:20.000000000 +0100 @@ -82,7 +82,7 @@ shm->addr = MapViewOfFileEx(shm->handle, FILE_MAP_WRITE, 0, 0, 0, base); if (shm->addr != NULL) { - base += ngx_align(size, ngx_allocation_granularity); + base += ngx_align(shm->size, ngx_allocation_granularity); return NGX_OK; } ++++++ nginx.keyring ++++++ --- /var/tmp/diff_new_pack.OswFVm/_old 2026-02-06 21:31:09.884273679 +0100 +++ /var/tmp/diff_new_pack.OswFVm/_new 2026-02-06 21:31:09.900274350 +0100 @@ -1,66 +1,115 @@ -----BEGIN PGP PUBLIC KEY BLOCK----- -mQINBGKE4psBEADpHSM/IxFD1nXBmnODYXzcl2A+6b6m9m1m2Y4Dlr0ed+y5Lxne -QidE9I74A2KSm6+eHW2yh4i1ZwZbmwpmQqM+j5BMt7axoXOdKSyN+fYtUakzNbBN -EDRKT79q/zIzkgTJradHkCQkwF1W3go+qPXjR2ZEnLma9dZED9VNI6PmOpeYaASo -IkEfbKbwa/vPrvnDSSYY6Y02RXSRk5U1NvQgVUTJP9WGK7NlPUcTBDELLQv6fFPU -kjBOel6MecsQ+v8iq4RJF2cbVF0hNjbAiNldjLV74Xd7yWVRlCbdb2agyvQjMNrD -jHSvbEMiNB3R8yBHVW2Zldv8q0XjcwoDfdiZYFJe3lRUYmv6I2p+/DptD4r/3ILI -peGZtSeOdQEw+vvODL/Ehq03anTrzcpZ6sDLfLrYJhYcrltj0/LMUnLDAjciwRUq -XI46EfxwqsdLeqoZFQeO3LOFsh0kJKR2xOrUHIVy84NJ4Gmro6WmUkb1NfdjyHzF -z8Lfbo46NKoTcwFsFF0q74jVVIVNUyIS91DusiMqLCsP8jqDOz/kyP4bOJQ+aUXf -BANn4Ll1TFWsJ417moxz+Pi5sTaI0na8z2XB1N9WPsSml3FS75hJPJshN2T3VIea -zB7GFWqk33ynSDt+cAisG5nsK9fFdcH+t5wm59oobyFbFhKxwX6ROuxlZwARAQAB -tCRTZXJnZXkgS2FuZGF1cm92IDxwbHVrbmV0QG5naW54LmNvbT6JAk4EEwEKADgW -IQTWeGzjA9mpAimY3GzIRk1UmvdcCgUCYoTimwIbAwULCQgHAwUVCgkICwUWAwIB -AAIeAQIXgAAKCRDIRk1UmvdcCqbOD/9Htgk3mWvUFmrApkWQTIDNmLACZ1Sw1PXj -Uqte8StYB0bYY+nmAXs7O5eC2h1ViParl7En1joEEMQQmH0qSnw4X1CM/hA8TAYW -mBPITTNWo/R52WoyWeWGFnFNIperQmuIZc+pXm0VEFVPiX/2DXbCIu+jaXySvlCN -LekmOD4VC7dJS8/ohoaXOR2T8ufS+1CsyPXomEb+COhqRZ3EVBa+k7pnElkFft3Y -a1fR0AgatZFQpy+ukePhK7s/M5RGhDJWHgSAZFkf+X2jVV4NRJ+XsY80gU5DD2ZX -QT6Je6Knxqk7FnWNSxkhReH6Ss5flZSoGDCmJ2AsPtGeUhus2fGqeN+waGKTZC35 -die2V4/cro1SWswSI6Y5GFDZT1olIUztPmSXU/A3oyizJI7XZybwUbpk5kK83VXm -el3U/7Qr/VErlDWFefZWeUvT1RILZ8IRoNj4dv158RnKHt9G508A5qz4hUPKoSeq -SiXhYwfkc31WPzIJ4ev+X5Ka2sG/CKbEMJ7qwc0Kadiu+ePPfqqbXjpTWRyrbcRM -hRNcLNUi1SLWMBClOQG+5GNG1dPPHkbj4dO1OZuaUMwQdu8R8NlsGoVWS40bmVv5 -pXstzYCl7k/UnC/Ytlq61GeAoq8ILa6jGj0EWqlhvi0ZNMN+fROhzrRlTzIr/+WE -Xf8EiVNFSbQlU2VyZ2V5IEthbmRhdXJvdiA8cy5rYW5kYXVyb3ZAZjUuY29tPokC -TgQTAQoAOBYhBNZ4bOMD2akCKZjcbMhGTVSa91wKBQJihO2zAhsDBQsJCAcDBRUK -CQgLBRYDAgEAAh4BAheAAAoJEMhGTVSa91wKgLQQANaf4UMndkWoefDQPkJ5qR4K -fuV0WRz59riZEApTkVpPXzl8Y1i8Rgt9pa1v1i12vPyIXKav1rJXQcuDEzqrhQ2G -yvuAE2U/t2mYaMUmwxWO2d8JA3slvBSgOkiYpbLooDizAdKMT5UQWGyw31Wm51iz -HjoztebsyXeXgq9VDjv3D8LUBr/OY3Hguj6HV+zRtC95qgXYadW2FiCtvBK6RTDb -iShTuseLSheGh9dZIUSnzaOiJpDA61ZDYtFZxSpe67vEzhSfHVsF+ZdCjoWhhVv+ -+2wR4E0VQQtOM9uX1PMlZ5Ymr02/gidsXCM0ZjYXx4cDDhnq+nKomN64VloXWY9t -PIi86XmzcSWlGUd+Ac6LyW7/f64bUWs4Ih0Idl0PF0sAr/6axKUsIs1nbn5MEtXk -ZPAjcDLqLb9IIQaXRurm/il8v+bLXVBOJq33YUuGRuz8pu4vPA5Q97zglqhlIgbu -prHMJ9hl5q39JwS3As2rK0o6Q9VVKr29rqSEfk4wEttvk0QMMU5zEvVl8MtqPj42 -qURqpHOadFbYMTwhUmRBUszRZPa5/pWqq0gWOtpyCWFVAsHFWQGJM1Eo6gGEyHZM -YgBp+d29p2p409r1+06U67GBnXvUy0RyIpkLQtU+lyOJ6vvrBmmsDs/gc69GnlSC -tZmCt0pLesJ7ZJzGdDkduQINBGKE4psBEADQr/enuDeVT11v6ejuYrg7aaZaGFUe -3i28bQ4pRUKNfxs7zVYDDHi2i2bhS5j2yQnbsQtGcgoenw6lapmdQRzr4vjQAz9o -kT6l4qpqvFFQM0wZTnigVDmmO9vTHR8Uk3iCKTd2ax3oko/xPWWYJautJ6ex8cOA -coHSDeOjuIWSxCKq0BDFp6LoxkM8nuyLAX2cbhI3LncaZhVveMeN+Fmcsv+WpkKs -yhX92umZuGwlraSyFy23FiRWSZPu9qVIxMMHvVrQJIgfhyWaHFzoF4M4qDoSKx92 -uWfUWgFwPOxOJ6/YcPsX4T8qTl9htmwPN0BibPTlcWaIFXtiU5bE1MivUPeACrI/ -gwUfCR3Mg+GYc13C6jzepREUhI7PLi3+A203PlMZd/aaSZkP6j+h4cwdapH5P4uF -7T1EQ0MSdx3neAvu5p0IM6JpriwxfT3HsG+Y952T6MIeXcjNRebsBrygJhJ0/vyr -wV5t8jL0yQty4CiE/QFnBs42l+rngi7K7Y1AZRBGK7JA09XaoLrfLmS+PrbYPsaJ -flkM8GzUB7BBCLozxDHPzmPkf/A1w3XHZnYuZmS+pvjWCIoKpLQHI99oSUGho/TR -gMRO4v7EAzluqCiepMl0xwFfHB115ND/mATazc4Pt6FxUsqffzfZrN01e1UVPrp5 -4x6YLO80JnOY6QARAQABiQI2BBgBCgAgFiEE1nhs4wPZqQIpmNxsyEZNVJr3XAoF -AmKE4psCGwwACgkQyEZNVJr3XAp9ghAAgCgErxQYn/Lh/mzsxYXPnisggcBpceks -mGw7knj1EGkXqq9CHn3EjCw8dB5N857UFlUr++DHwpFL5O36PRQo33RIUFbmBypG -8C/xX1jWGu3xcaqS3P1ncsSSl6ckdvy9pjMxThm/RkXO0eJCn7FcanwPJXEB3Pbb -mm0wLI2OXl/m7l5QAr7kErnPvGNzcbX6G35Q/MY8mumBWQ9H53R5ZPpi+OS40Wfn -pZNKdh/Acwa7+2RokPqoOcJfxVdBOUigXTzb45qZgqEsSR7bkZAy2E80A/sJKPqs -OGjp9cog3rBYyNBn5dasfR9KeBtluKnjUbzutXsQoKUSECY00YGrtneSXMku5hoE -Dguk68w/L63ZApYHO/JTgJAYvqPOErAVUegPIw2CT1/2qi5vpClBcKkNS7RXrssA -X+lElE0zbzX3bNG+lQuXby7jNUFYltkEiz6vTtc4HuHy8u40DHMswzkoDr0T8IE0 -7ZRAWXwV1nlA/dI337cHCsWMJyqem5wZZO13iqe07qaCg1uvBPeqDo81hOCn1us7 -l5SYRUTlt7KSFEHZ+Sx4bmVneAuRi5okaQdmrepy/ss/vVpRwWuQxsPkvT8boS7s -mqOVsZFcNOuUJPUyOz1dHUL6FMYpk1dw+9n41gO4fLBzJekFTB/fxL6SRbYFWWn7 -x0VGHDmuaYQ= -=HmVo +mQINBGYXyiQBEAC4jm1y+ODV4+YDGj9vp2BgHB4FJeQdgrBiVX+Mb2qCrEqJgeKV +fVwKjkVYqnb76TTybdOKqCP5wdQrncKAKlXsMq6sdsiwPSrdRcjkeiE29WWrtbB4 +i+VObnoWklMblMxFQ1XQIkjs2wviidKjJw2VV3i4XnLSrHhWaWqviTLZCMQymoPs +F+Tfu1WX9OUfOquekZ5KjkyBxB4ep6+NPeuIkPnW0SiTUhU8tbi8v0aBZEHSZLqE +mq8KLROVuYSPvtU+NtaXAM09BHEVCfb409aDps9p6AFT+IN8yoOegGdEZjp6hJvS +HxbhuwqNEtg4dTEV515YUCgKabqU1QaqI/Y0+Pdkpep1KRFc9YUYttDkCw7Ybu2u +fwTGzwAbD+ThAIOdzmMDodzZaEMf+9fQG4bnO1PdNbXzyP7Kv9qzGa65+9oGCPOS +qTpISR8pvzoI8w/Z/vG71ob/nQ6Xm0L986ksErdGhu16ZI7lW2eDYqy2IoFfbeSz +HHxk484/pEibrlCRbP2Id+zULfxo1HGOGg+PAY9Q2uNzABsGDMnOhIvXHS+hP7oB +sO9A4Prqu6K6cMp3QI219tmmOUegJpmGGPzoNgxR7H30wNcjZPv4PWr/c0fP70Ny +ilgbdcEMDSHks30AmiuIvcUxo3A21p2nnpxsKAKYx42UJkyEK0HILMzcqwARAQAB +tCZSb21hbiBBcnV0eXVueWFuIDxyLmFydXR5dW55YW5AZjUuY29tPokCTgQTAQgA +OBYhBEM4eCXdsbuX7Da6XQB8jXwV2HNpBQJmF8pXAhsDBQsJCAcCBhUKCQgLAgQW +AgMBAh4BAheAAAoJEAB8jXwV2HNppvQP/AjzdPKkGRzJkb1ioto/IEP1YhA/Eayk +hvejJ0vyWVHXXH7FLW9fIZoApcsD1J8/7zIANm+62IfT3QNbL2R44IyhJB3AY22l +t0ToLxodfugegF3NPYYyFOSRUoPD4g2T/dMCPOBX4MNEAnAlCmxAMaJNmQUO76IY +GwELa3CH3Aqf7bthKy8P36G11hu7NgH6V9mVIRIpfnfpXFQIztj+vsWtswu4M5t7 +BNJwx4a2KTCVQpTdff5/0dO/5drQDxLbIg681WZk3Oe8Eu6nSc0Ud02NIkg1TQH/ +MryAp7o/ua3LRem+W/cktnT60p4uXPVZ3Rvg3zOmJSNJ+eIXY2+sDeZEPaROKldA +IbnBacTsZjdswIlrbzinY8ZVRosaFlvHg/ESTBRItALHWCRdzOR1Wv1qy/PQfEEL +qftDsCTQhssP1MHJWlejeqPlND3iT2vBDeOxqd6WhKuAc+L04iyBB6p867pwrgDF +ecg82DPehsAnO2XBAFuIE/SLewkYm0B9HK7/J4LZqPwTAksPf/dnbMAmHWoBDqsu +4U4U4SsJKsZ87R9ao8qO7IWCzHrXavHFmnbqweFfHToeKF/L4PB+tYoW3YmUOged +CglpJv13bNWmRwL7+x8b7BwpVwClxHBHteDX4RIN5iPH9h20J4jIpzRa1kNJsTu1 +v4ZkqLWJlkiiiQEzBBABCAAdFiEEcziXMGntP0Q/TTffpk/VsXrbOagFAmYdpjsA +CgkQpk/VsXrbOahISgf/U7ZO0yK0PsOcAFTB0TQBCNsAhxtJAEJoVoweuYiLk8jR +0OeDRCy0BC//qWDLFT7NKuP50SM2u0Csbg+n6b0bdy+vXbbGVzIAYzG09rPYe2Q5 +qwqyAx+MMzyICXul9lGNU2qN2qjUXMb0mCWUhxwMvzRUeS7shT1CBhGrnpoYkY56 +NhWj7iG1BbLwYVQzDZC/Rp6rvwJQgZo7+DjaMjryGAEI0ujpUp8ywrPaJpwIuXDI +D5BhcyUaEd3XOondHQNedlgERXHT4pN+oNMPWwN3+DeQYLS3FHiqyz05ZvoeWnao +A2/fWNA+BqIdjilp/TDDI4Ef7c9hp13weaZggYB3M4kBMwQQAQgAHRYhBFc7/Ws9 +j7xkEHmmq6v1vYJ72b9iBQJmHabkAAoJEKv1vYJ72b9iDgoIAP1QJjl4ynLAV9Bo +Ol4AAzxZ3x/2NEgLSnjLfhb/OduDxQlL9oPulWoLDG41xiZJkepEnQWmSsIYF6Xe +RsAB+eREU2uCxqCvBXpyIs5npXvVDV2/PQuVEop7HByx6Hjr9XK8hugihnEi1p+9 +Ecbu+89fi93m3C/5uIIil46cHByjRZ+5Yy1UFUB/wsYud1qMcYmvDaqEo5AqWNcM +gWUFhUfgGTtBbyvIWTeX0NHnrbzHP7lhmPfWsfOjAtO8PpM8Gz5RdNRq44DdRKdG +uWVby/kni868H+8/tHalDR0I9/Mmg2Uax0eggTVpECv/4+xBduqSB2iPwgRnSzhZ +6SVKJvKJAjMEEAEIAB0WIQT5TVS8DF1qZBfIzz/oLBEYr5TfbgUCZh5KVgAKCRDo +LBEYr5TfbitgD/wMamMFfFZnPS7JS1NWEMb5fbhHob1EkmedIpbpRDXUtj0ksehW +ZAEpmVF9btqS4B+B9tSK1VS2sy4XwEGodNVSGxdtF9W8+iAHAb6Hq1Z7ifWyb991 +Kt/pVk/8adxlU4G8h1fq0idhpnI8KvkAlPJR7+PoJOEN1+VdHS6tkE5LMTf6dF9F +iVxKQczOS1b/GmfL3kYfu6UvI07ZuaP+90mOt/TZTwkzsWjRY2vofCIPSDY94rLj +m6PmVFoU3PHLKW7yDz1YXkVE6SgQYGZ2bqB6OHJZnDXUTSHncHTbDVzZQekIs1lP +V6e5N8Xo/VOpv28feKAsBqQ8ML53djmGUL0azjEz1g2kgPmTuZdKzZ5kcUsULdQV +aRKcfyYD1oRpwwlw9GJAxliJHck1IdGGaCslrHtzkh3RMULlloAYitzD9jtKsrOj +R19s+JK/tIfFZZ5gR5qhzgOL8WgkSrIaq2o9R4sigBz1IxnXXC573RDA2F5FAeE/ +K6EmAO+BqVkImZcmP1JsLtr+OM+jihXIILACEJwhOKPtZth9zrLYkXWB1nCaDxHp +XEUpp6UPCQNgNX8NCghnJr5gis/SmYppgFlO9R9yZ7/LtP0tUX0CmhOeqGMnHt4R +F8n8D7EBwMWvWjlUbsDkMKX4JORgojguHJZciWQC1gVRwJ0iTH/ImtzDnbQhUm9t +YW4gQXJ1dHl1bnlhbiA8YXJ1dEBuZ2lueC5jb20+iQJOBBMBCAA4FiEEQzh4Jd2x +u5fsNrpdAHyNfBXYc2kFAmYXyiQCGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AA +CgkQAHyNfBXYc2kRFw//VFuCnW3EwoLCWWgWCikgI9kbVDr0/Qiyf2Gb9sfOyzBN +q/+ZGjTs7EqTHbYUiCTgjy8t0SNKizoCXjSWLToTAXhOeTY3wDuHkdc3C2OPMPgm +HPGmdnfplmsZjj689sy0MTnlLmU/87texR/f3REAKtchVjo5AojuZxXJi+ryBvoz +KXi82M1JaYlIr15T+OiRtfZ3cgfTkb5CRa0YRV7QQ1zhOiF0AFKVVikFwRuquphT +y2cSLILLzOpwG/CjMJzO4VOASmGJmdicIfYSsZSzz37RrcfeYwR6quJ55Y9QF9IU +fg5AHWufpXaf6FbMsW1U1mOq0tMvwvdcO+u5I5SBj6IkqO4zavmW/i5zkxaq96wF +Qn6+oRkqHnNNn0hl/B4MWdEjDJsaDXfkQ3Snn4Bfl1JPT6cH2NDVYQn1siIOim/W +G5lhGLNB1TOAVLHblQ2xILadK0T33y6lfRUV3BOW01BDoF0ndyd7LjG5Di/cjfSo +1hvhTkW7QJGfzVV4IAAxEyHKlmgONfggZoplqukuPsq7eNNRPhvlZq632QXIqt6Y +xE43Nk0O41rX/tWtB7eNcPvfNOc+sGljnCSwpRWyx9xO7plELVD9KdtcyHrIgora +Flh7KsSbppSQ/iUKRNP+lfCQsMa1yrnQyxazss8OGlB7YpUJL4trQW35f/jXFD+J +ATMEEAEIAB0WIQRzOJcwae0/RD9NN9+mT9Wxets5qAUCZh2mQQAKCRCmT9Wxets5 +qPBjB/0SDkET7h/Vw2PJKxuYujsL+tn3SKXshgyCM2u00njJM9TqpZbZV681unKM +l8uHtj9b0Z4U0nHoNEC37wI5FJlxy1hLBw5f2fd/yi8LsD1KP2htjMUW+I2xjcdo +FusQsIF0s8SyW1DZ3vvN2WcZpKHwub1sY9ZFBfxRc6w+33N4dJwXVXP57kj3Ci8j +LDLfkaKyiuYgMtFYZiKKX0tfvaM5pXxLvLOzma9vwfjIMIllooZHDSI65jrbmMv0 +rfDKOX9Ws5Xi8n85jq6Oyq28QPLZUsmymCbhvBwq4FcdiyTl9sxCY4HLq0MzmJJ5 +DMhlFd2Ds3BopFTWCB2fvYyVoXRaiQEzBBABCAAdFiEEVzv9az2PvGQQeaarq/W9 +gnvZv2IFAmYdpugACgkQq/W9gnvZv2Jk4Qf+N0P/7FIHowlO01XmBB5KaztBmVb2 +Tj+jtYgPDHRf86O0kW40Rjx++zMlIRNWK4Ue5PKAi82Yue5uvZcVlpWpx/sMvL+N +C4Xds3Q3qnkxkoemoIMqUKGvePjBpyUWArBkBQ3FrvZtywnzyFWNrvOpeM+5HIuz +WBri/SHBHzQm1/Jl2r5pHcbUdSxB2o1v3f+SaS2vGxwigIf8v44pRfyeWgkoxYgN ++2zR0Ing6URZCYkAbwILsmmWGxJIuq+N9Xs1CQ1WZd5S78p/JBMDQ1prUDLCLFMc +AvlZpQ0HvzEbKGiIVNa1LEQRF4ZWjQOHaPJhg/D3r/Q7VaFlgsOqrwtQaYkCMwQQ +AQgAHRYhBPlNVLwMXWpkF8jPP+gsERivlN9uBQJmHkpZAAoJEOgsERivlN9u8fYQ +AK0s0CvQNTXrg/Oe92Ajj+CpFIGhEUgXsufpg3OF+4doXOoRrVcv6y/0dGC+u899 +Qiz5rzP8JkgT3Bvs/oFbQnESX7zob/GuBiRAnaanQQGjQsc8tXUcIgIB8vZI6Hxr +BZYyjXMrc1fAp1zy6F3YfVtjntp6Zt740zlcFSHPL6pKeNC8lCas7f7EPGm9ERlf +XvPOsMyKVDRTrtYVrQ17pgmWzMFl9eYzAV81X/cK7O9BmTvLb9HB9THl9QM6iKWd +UPNNhMseMA55i1y1trvv2rQSP2tm7xAijlffNu/LHyVjOJA+63rk9JqpQi2O/sI6 +naCZ5kLky3+OisbzJLtsIv3KWGF4jnpZJwPI97UbRAxrBCPd8BDXW06qQ0xfF9GA +sW46IDnf5uNV5Fj9T1IhZUUCU6XwwhcTENwcaJ2hubPzW19gvxieRpxdvnXhjUxR +UgqgFjtlpyBSABYr2REiaBTHkR1qVMa8tThpSyzfmfBNe9chBGQBdDMzTTUDf4dU +cw4UGGPXqrBEapleoZBszXLrZxQxCNmLGFBW3vcJDfRRTvg/OMCIwD72kfd8KY1t +SRRi5vQ3CvV8E0EEXshjxVk0fwS+5muM1thWZM4xCSgyH6Ka/5biMeUv1VNcKJne +J51xs9jfS/JltrT/ahWG4J9msJFtmYyrLh/nMxccXK75uQINBGYXyiQBEAC5tT5O +uysy75BcwAg8jIK+Cw6hNy+riOoCIzsMen8ps4tyDFLmRdpJmVOpmtvESaix2MHf +Hc/t9hOsQ8LmF3kDG/JisDXcB/v28EOiDpp5Ug/5UOFBnbu4DkxbakJF8KF/rQ9t +i29lt03saGCf2XbqzTLI6FvZ2TT8hDwAZF5aOtDEHV3ChBPn6gplnJADiZ9DioMZ +ji1HnL8Zu4IYHMNOgpxULi6TMhBH/MkHbyycOdt/EsQFamnLGeV8KR2fubYjrpbH +pLZzSRepQyvKIhHAFj6DUeDyEt2XAitxI8YI40IVO75Zu8ZZq0qYGML8Am+t6ZjJ +3ZR8/DWjxRUYeo+YVEe5f+oRl5GRNkLtGvTAD38Nb2/7SUYdSXA3y3Ocfo/bySwa +qggeFpDqK5eHXmrO4hvRqYoEyNyW4VQlGyvYq4s2cLeCF/S2w6dV8OFsksIoq8uq +R1/IQ8Bonsf7iAYpsMAZZOGKiJzr01W3GA4Ka3B/MmZP5CysUhFlFxMsDr3/TWfg +p3CHd5yGAnuWWWkjqVQzx0tcub3gyDsHCPuws8P2OKJ2lzNPqpp08MjYMMRZb4Y6 +9REXkKw7kXU8zM5+1IpW2U+z83NU86QR08PTpjATz05ltdGqF82Z+Ygl2nav8oqV +RqNd/k+WE60e1eJmgykjmz6nPbm0S2jt1C7QLQARAQABiQI2BBgBCAAgFiEEQzh4 +Jd2xu5fsNrpdAHyNfBXYc2kFAmYXyiQCGwwACgkQAHyNfBXYc2mTihAAqB+sv9lw +kRorE6iXwvvj2Dt2iIy7jc1AhZQOH/j7B4GHpV3Ej/ptdUwuzj/aX5EnEeDPZ2JU +sSKy2q0RpKGKdKOvgy5yVfd8xqujkawXv26QU53mgyfgQCZLhFFhq0MIAqnxPb8h +SCQeol18Wqs++LjeDMwkgMrHJeNhW2U2llqTS37YfRMOo0Vr022ZHlMlkyMz1sQH ++C2/nzmmtkI4+vlPeccoN+3239YzndW1+XM8S3dXNcsGTyLAbkCowfpuqQdIP0MY +lBwx/Xj9fxBNAuqGVCjrjGMg7mozMkeCDzrAoZiaD3Kud8zSs9VpAyAymrPQJSSS +96b+vr2mDKbV11QJeJZv/d02n4JMjK7Ai//3j/TqkJF4UoYH45g5hvGSrym1UKrf +n8TqHdtTFjcxAMXLbWICHdDk7/0ole8Bl8csiSHyKy/sGJ0b/7zcB88CS8OfsR3C +OanK13emeD6rHOp8wEWA1/PA1JoAC5suS/uIgPWa5ujLaViJ9pW6ohfzMqOtLABF +BB/FgD/qgPF+uTPPLQZw3XO8Q61kFq6x0RJGNgBEOpseounx+T6FCxZqrvjWm/WK +VQUiRBtJIvD7Z8UCP+NUzdj3hwLAXpXrPz0gkcbI+hdlTJHCC6i61Qf5OIWnhtw6 +kZv2zEcTtzlAYNEumy8KrJzICmPLS7BEC8w= +=ilJ3 -----END PGP PUBLIC KEY BLOCK-----
