MESSAGE
| DATE | 2006-09-28 |
| FROM | Ruben Safir
|
| SUBJECT | Subject: [NYLXS - HANGOUT] Re: [suse-security-announce] SUSE Security Announcement: openssl
|
Here we go again
On Thu, 2006-09-28 at 12:40, Marcus Meissner wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> ______________________________________________________________________________
>
> SUSE Security Announcement
>
> Package: openssl
> Announcement ID: SUSE-SA:2006:058
> Date: Thu, 28 Sep 2006 18:00:00 +0000
> Affected Products: Novell Linux Desktop 9
> Novell Linux POS 9
> Open Enterprise Server
> SUSE LINUX 10.1
> SUSE LINUX 10.0
> SUSE LINUX 9.3
> SUSE LINUX 9.2
> SuSE Linux Desktop 1.0
> SuSE Linux Enterprise Server 8
> SuSE Linux Openexchange Server 4
> SUSE LINUX Retail Solution 8
> SuSE Linux School Server
> SuSE Linux Standard Server 8
> SUSE SLED 10
> SUSE SLES 10
> SUSE SLES 9
> UnitedLinux 1.0
> Vulnerability Type: remote denial of service
> Severity (1-10): 7
> SUSE Default Package: yes
> Cross-References: CVE-2006-2937, CVE-2006-2940, CVE-2006-3738
> CVE-2006-4343, VU#547300, VU#386964
>
> Content of This Advisory:
> 1) Security Vulnerability Resolved:
> several security problems in openssl
> Problem Description
> 2) Solution or Work-Around
> 3) Special Instructions and Notes
> 4) Package Location and Checksums
> 5) Pending Vulnerabilities, Solutions, and Work-Arounds:
> See SUSE Security Summary Report.
> 6) Authenticity Verification and Additional Information
>
> ______________________________________________________________________________
>
> 1) Problem Description and Brief Discussion
>
> Several security problems were found and fixed in the OpenSSL
> cryptographic library.
>
> CVE-2006-3738/VU#547300:
> A Google security audit found a buffer overflow condition within the
> SSL_get_shared_ciphers() function which has been fixed.
>
> CVE-2006-4343/VU#386964:
> The above Google security audit also found that the OpenSSL SSLv2
> client code fails to properly check for NULL which could lead to a
> server program using openssl to crash.
>
> CVE-2006-2937:
> Fix mishandling of an error condition in parsing of certain invalid
> ASN1 structures, which could result in an infinite loop which consumes
> system memory.
>
> CVE-2006-2940:
> Certain types of public key can take disproportionate amounts of time
> to process. This could be used by an attacker in a denial of service
> attack to cause the remote side top spend an excessive amount of time
> in computation.
>
> 2) Solution or Work-Around
>
> There is no known workaround, please install the update packages.
>
> 3) Special Instructions and Notes
>
> None.
>
> 4) Package Location and Checksums
>
> The preferred method for installing security updates is to use the YaST
> Online Update (YOU) tool. YOU detects which updates are required and
> automatically performs the necessary steps to verify and install them.
> Alternatively, download the update packages for your distribution manually
> and verify their integrity by the methods listed in Section 6 of this
> announcement. Then install the packages using the command
>
> rpm -Fhv
>
> to apply the update, replacing with the filename of the
> downloaded RPM package.
>
>
> x86 Platform:
>
> SUSE LINUX 10.1:
> ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/openssl-0.9.8a-18.10.i586.rpm
> f5d7a08e60a52b7816cae88e9def7762
> ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/openssl-devel-0.9.8a-18.10.i586.rpm
> a583491fc985dff2f3f405776fa8554a
>
> SUSE LINUX 10.0:
> ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/openssl-0.9.7g-2.10.i586.rpm
> 13d07a7a3b81fdef9ba68b0f0670f14c
> ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/openssl-devel-0.9.7g-2.10.i586.rpm
> 1198085023a60d99ce90207b5498db45
>
> SUSE LINUX 9.3:
> ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/openssl-0.9.7e-3.6.i586.rpm
> 51606d0da43bc5c61562bb8d4679ca8b
> ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/openssl-devel-0.9.7e-3.6.i586.rpm
> c6a9122fec64b5a82f433c56b602f2b5
>
> SUSE LINUX 9.2:
> ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/openssl-0.9.7d-25.6.i586.rpm
> 96b59a2af5663ae1f780626da0b5756a
> ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/openssl-devel-0.9.7d-25.6.i586.rpm
> e33a86104b85919dda444b4a9901a10b
>
> Power PC Platform:
>
> SUSE LINUX 10.1:
> ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/openssl-0.9.8a-18.10.ppc.rpm
> 8310266cd6da01baaf964ed8cac841c0
> ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/openssl-devel-0.9.8a-18.10.ppc.rpm
> 8ff4b94e685be05d00599ecc6cc939e7
>
> SUSE LINUX 10.0:
> ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/openssl-0.9.7g-2.10.ppc.rpm
> 0678839057c3170dc84fab28b3dd202f
> ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/openssl-devel-0.9.7g-2.10.ppc.rpm
> e86965c19538073b15c2131a04c20260
>
> x86-64 Platform:
>
> SUSE LINUX 10.1:
> ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/openssl-0.9.8a-18.10.x86_64.rpm
> 28dc138c088450b753fdd419c487023e
> ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/openssl-32bit-0.9.8a-18.10.x86_64.rpm
> 651d62cab3c31d0bc3e18b91a4ba9ac3
> ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/openssl-devel-0.9.8a-18.10.x86_64.rpm
> 2a3e98aca1aa613a58f09b39f12e84a4
> ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/openssl-devel-32bit-0.9.8a-18.10.x86_64.rpm
> 81bb446763424df4c18eac760e0ed80e
>
> SUSE LINUX 10.0:
> ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/openssl-0.9.7g-2.10.x86_64.rpm
> 5a612bd7a6756e2926a3ef59a72fd197
> ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/openssl-32bit-0.9.7g-2.10.x86_64.rpm
> 840e98707317d9cef51837a486541be7
> ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/openssl-devel-0.9.7g-2.10.x86_64.rpm
> 46b1a289d445c5304001aba4417e73a9
> ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/openssl-devel-32bit-0.9.7g-2.10.x86_64.rpm
> a4e2a59c151ff22ed683e115da8fce48
>
> SUSE LINUX 9.3:
> ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/openssl-0.9.7e-3.6.x86_64.rpm
> 3bf35d8e03848aa87a662b93a8c14fe1
> ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/openssl-32bit-9.3-7.3.x86_64.rpm
> 35ce818f05f655397c4b1b13ba3a93b3
> ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/openssl-devel-0.9.7e-3.6.x86_64.rpm
> dcfbcadb626de068028ac546f07ba685
> ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/openssl-devel-32bit-9.3-7.3.x86_64.rpm
> da50170edc9a2596954c2453030494d6
>
> SUSE LINUX 9.2:
> ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/openssl-0.9.7d-25.6.x86_64.rpm
> 32ec53e71eefb0ebe893034ac2e552ac
> ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/openssl-32bit-9.2-200609270647.x86_64.rpm
> 0b7706ce568832eb1b2e86bdd7cbe51d
> ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/openssl-devel-0.9.7d-25.6.x86_64.rpm
> c8671a7a77dcc5a08e2c19f9a6ff056c
> ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/openssl-devel-32bit-9.2-200609270647.x86_64.rpm
> 2bebb0fea9579ca5e659fca63c7beac0
>
> Sources:
>
> SUSE LINUX 10.1:
> ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/openssl-0.9.8a-18.10.src.rpm
> 2613501ca4ea03f1a79548014b13ff67
>
> SUSE LINUX 10.0:
> ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/openssl-0.9.7g-2.10.src.rpm
> c5b1ff892ff74af82ddbceaf757c6fb3
>
> SUSE LINUX 9.3:
> ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/openssl-0.9.7e-3.6.src.rpm
> f62e34422fc77343fd15a1790e6ef8d8
>
> SUSE LINUX 9.2:
> ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/openssl-0.9.7d-25.6.src.rpm
> 8c451560ea55a3bec1b01f0b36943048
>
> Our maintenance customers are notified individually. The packages are
> offered for installation from the maintenance web:
>
> UnitedLinux 1.0
> http://support.novell.com/techcenter/psdb/16e2a93b390a1ceb86b0945a88a4d415.html
>
> SuSE Linux Openexchange Server 4
> http://support.novell.com/techcenter/psdb/16e2a93b390a1ceb86b0945a88a4d415.html
>
> Open Enterprise Server
> http://support.novell.com/techcenter/psdb/16e2a93b390a1ceb86b0945a88a4d415.html
>
> Novell Linux POS 9
> http://support.novell.com/techcenter/psdb/16e2a93b390a1ceb86b0945a88a4d415.html
>
> Novell Linux Desktop 9
> http://support.novell.com/techcenter/psdb/16e2a93b390a1ceb86b0945a88a4d415.html
>
> SuSE Linux Enterprise Server 8
> http://support.novell.com/techcenter/psdb/16e2a93b390a1ceb86b0945a88a4d415.html
>
> SuSE Linux Standard Server 8
> http://support.novell.com/techcenter/psdb/16e2a93b390a1ceb86b0945a88a4d415.html
>
> SuSE Linux School Server
> http://support.novell.com/techcenter/psdb/16e2a93b390a1ceb86b0945a88a4d415.html
>
> SUSE LINUX Retail Solution 8
> http://support.novell.com/techcenter/psdb/16e2a93b390a1ceb86b0945a88a4d415.html
>
> SuSE Linux Desktop 1.0
> http://support.novell.com/techcenter/psdb/16e2a93b390a1ceb86b0945a88a4d415.html
>
> SUSE SLES 10
> http://support.novell.com/techcenter/psdb/16e2a93b390a1ceb86b0945a88a4d415.html
>
> SUSE SLED 10
> http://support.novell.com/techcenter/psdb/16e2a93b390a1ceb86b0945a88a4d415.html
>
> SUSE SLES 9
> http://support.novell.com/techcenter/psdb/16e2a93b390a1ceb86b0945a88a4d415.html
>
> ______________________________________________________________________________
>
> 5) Pending Vulnerabilities, Solutions, and Work-Arounds:
>
> See SUSE Security Summary Report.
> ______________________________________________________________________________
>
> 6) Authenticity Verification and Additional Information
>
> - Announcement authenticity verification:
>
> SUSE security announcements are published via mailing lists and on Web
> sites. The authenticity and integrity of a SUSE security announcement is
> guaranteed by a cryptographic signature in each announcement. All SUSE
> security announcements are published with a valid signature.
>
> To verify the signature of the announcement, save it as text into a file
> and run the command
>
> gpg --verify
>
> replacing with the name of the file where you saved the
> announcement. The output for a valid signature looks like:
>
> gpg: Signature made using RSA key ID 3D25D3D9
> gpg: Good signature from "SuSE Security Team "
>
> where is replaced by the date the document was signed.
>
> If the security team's key is not contained in your key ring, you can
> import it from the first installation CD. To import the key, use the
> command
>
> gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc
>
> - Package authenticity verification:
>
> SUSE update packages are available on many mirror FTP servers all over the
> world. While this service is considered valuable and important to the free
> and open source software community, the authenticity and the integrity of
> a package needs to be verified to ensure that it has not been tampered
> with.
>
> There are two verification methods that can be used independently from
> each other to prove the authenticity of a downloaded file or RPM package:
>
> 1) Using the internal gpg signatures of the rpm package
> 2) MD5 checksums as provided in this announcement
>
> 1) The internal rpm package signatures provide an easy way to verify the
> authenticity of an RPM package. Use the command
>
> rpm -v --checksig
>
> to verify the signature of the package, replacing with the
> filename of the RPM package downloaded. The package is unmodified if it
> contains a valid signature from build-at-suse.de with the key ID 9C800ACA.
>
> This key is automatically imported into the RPM database (on
> RPMv4-based distributions) and the gpg key ring of 'root' during
> installation. You can also find it on the first installation CD and at
> the end of this announcement.
>
> 2) If you need an alternative means of verification, use the md5sum
> command to verify the authenticity of the packages. Execute the command
>
> md5sum
>
> after you downloaded the file from a SUSE FTP server or its mirrors.
> Then compare the resulting md5sum with the one that is listed in the
> SUSE security announcement. Because the announcement containing the
> checksums is cryptographically signed (by security-at-suse.de), the
> checksums show proof of the authenticity of the package if the
> signature of the announcement is valid. Note that the md5 sums
> published in the SUSE Security Announcements are valid for the
> respective packages only. Newer versions of these packages cannot be
> verified.
>
> - SUSE runs two security mailing lists to which any interested party may
> subscribe:
>
> suse-security-at-suse.com
> - General Linux and SUSE security discussion.
> All SUSE security announcements are sent to this list.
> To subscribe, send an e-mail to
> .
>
> suse-security-announce-at-suse.com
> - SUSE's announce-only mailing list.
> Only SUSE's security announcements are sent to this list.
> To subscribe, send an e-mail to
> .
>
> For general information or the frequently asked questions (FAQ),
> send mail to or
> .
>
> =====================================================================
> SUSE's security contact is or .
> The public key is listed below.
> =====================================================================
> ______________________________________________________________________________
>
> The information in this advisory may be distributed or reproduced,
> provided that the advisory is not modified in any way. In particular, the
> clear text signature should show proof of the authenticity of the text.
>
> SUSE Linux Products GmbH provides no warranties of any kind whatsoever
> with respect to the information contained in this security advisory.
>
> Type Bits/KeyID Date User ID
> pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team
> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key
>
> - -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: GnuPG v1.4.2 (GNU/Linux)
>
> mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
> BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
> JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
> 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
> P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
> cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
> VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
> yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
> tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
> xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
> Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
> choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
> BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
> v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
> x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
> Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
> MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
> saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
> L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU
> F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS
> FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW
> tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It
> Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF
> AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+
> 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk
> YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP
> +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR
> 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U
> 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S
> cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh
> ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB
> UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo
> AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n
> KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi
> BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro
> nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg
> KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx
> yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn
> B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV
> wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh
> UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF
> 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3
> D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu
> zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd
> 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi
> a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13
> CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp
> 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE
> t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG
> B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw
> rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt
> IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL
> rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H
> RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa
> g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA
> CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO
> =ypVs
> - -----END PGP PUBLIC KEY BLOCK-----
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2 (GNU/Linux)
>
> iQEVAwUBRRv66Xey5gA9JdPZAQL7fgf/WskObtJd6xDwy4d+F9TjeGy+K3Mi8iNC
> Meb8Chs08TaVuuuvp6+UwtUpek+zuMTimdUZdedF4Tc3xBjwQL6GmIvdh5Kr5vdA
> UZRnHUMWdD9ClKyc3KPKVHXrDGOmgytWVtaQdD4pSmrh6k7j5aE9Gsss1MSrI64u
> BefsTWYnoJ0OJ/iXFVIIh964A/6wBcFV6f0C9YWKMYjfylXPBTWlSBzhY69g722N
> kmgboFffBkxD37ILQSKygJrJ3N2fn6acN7pRylCEb+n0XWu5nPMf/xTWVVzH4f/I
> FS5jdzJc7gfb096tWsNoB48ULkLENIaauHZup1p6NCyt5/R3eLmgcQ==
> =TSxY
> -----END PGP SIGNATURE-----
|
|
