-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 03 Oct 2018 20:33:06 +0000 Source: graphicsmagick Binary: graphicsmagick libgraphicsmagick-q16-3 libgraphicsmagick1-dev libgraphicsmagick++-q16-12 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg Architecture: source amd64 all Version: 1.3.30+hg15796-1~deb9u1 Distribution: stretch-security Urgency: high Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org> Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org> Description: graphicsmagick - collection of image processing tools graphicsmagick-dbg - format-independent image processing - debugging symbols graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface libgraphics-magick-perl - format-independent image processing - perl interface libgraphicsmagick++-q16-12 - format-independent image processing - C++ shared library libgraphicsmagick++1-dev - format-independent image processing - C++ development files libgraphicsmagick-q16-3 - format-independent image processing - C shared library libgraphicsmagick1-dev - format-independent image processing - C development files Closes: 842787 863564 867060 867077 867085 867746 870149 870153 870154 870155 870156 870157 870158 871306 872574 872575 872576 873119 873129 873130 873538 874724 876460 878511 879999 881391 881524 884904 884905 887158 894396 Changes: graphicsmagick (1.3.30+hg15796-1~deb9u1) stretch-security; urgency=high . * Security backport for Stretch. * Relax g++ build dependency. * Relax debhelper build dependency. * Relax Standards-Version to 3.9.8 . . graphicsmagick (1.3.30+hg15796-1) unstable; urgency=high . * Mercurial snapshot, fixing the following security issues: - WEBP: Fix compiler warnings regarding uninitialized structure members, - ReadJPEGImage(): Allow libjpeg to use 1/5th of the total memory limit, - ReadJPEGImage(): Make sure that JPEG pixels array is initialized in case libjpeg fails to completely initialize it, - WriteOnePNGImage(): Free png_pixels as soon as possible, - ReadMIFFImage(): Detect EOF when reading using ReadBlobZC() and avoid subsequent heap read overflow, - ReadMVGImage(): Don't assume that in-memory MVG blob is a null-terminated C string, - ReadMVGImage(): Don't allow MVG files to side-load a file as the drawing primitive using '@' syntax, - FileToBlob(): Use confirm access APIs to verify that read access is allowed, and verify that file is a regular file, - ExtractTokensBetweenPushPop() needs to always return a valid pointer into the primitive string, - DrawPolygonPrimitive(): Fix leak of polygon set when object is completely outside image, - SetNexus(): For requests one pixel tall, SetNexus() was wrongly using pixels in-core rather than using a staging area for the case where the nexus rows extend beyond the image raster boundary, - ReadCINEONImage(): Quit immediately on EOF and detect short files, - ReadMVGImage(): Fix memory leak, - Add mechanism to approve embedded subformats in WPG, - ReadXBMImage(): Add validations for row and column dimensions, - MAT InsertComplexFloatRow(): Avoid signed overflow, - InsertComplexFloatRow(): Try not to lose the previous intention while avoiding signed overflow, - XBMInteger(): Limit the number of hex digits parsed to avoid signed integer overflow, - MAT: More aggresive data corruption checking, - MAT: Correctly check GetBlobSize(image) even for zipstreams inside blob, - MAT: Explicitly reject non-seekable streams, - DrawImage(): Add missing error-reporting logic to return immediately upon memory reallocation failure. Apply memory resource limits to PrimitiveInfo array allocation, - MagickAtoFChk(): Add additional validation checks for floating point values. NAN and +/- INFINITY values also map to 0.0 , - ReadMPCImage()/(ReadMIFFImage(): Insist that the format be identified prior to any comment, and that there is only one comment, - ConvertPrimitiveToPath(): Enlarge PathInfo array allocation to avoid possible heap write overflow, - WPG: Fix intentional 64 bit file offset overflow, - DrawImage(): Be more precise about error detection and reporting, - TranslateTextEx(): Fix off-by-one in loop bounds check which allowed a one-byte stack write overflow, - DrawImage(): Fix excessive memory consumption due to SetImageAttribute() appending values, - QuantumTransferMode(): CIE Log images with an alpha channel are not supported, - ConvertPrimitiveToPath(): Second attempt to prevent heap write overflow of PathInfo array, - ExtractTileJPG(): Enforce that JPEG tiles are read by the JPEG coder, - MIFF and MPC, need to avoid leaking value allocation (day-old bug), - ReadSFWImage(): Enforce that file is read using the JPEG reader, - FindEXIFAttribute()/GenerateEXIFAttribute(): Change size types from signed to unsigned and check for unsigned overflow, - GenerateEXIFAttribute(): Eliminate undefined shift, - TraceEllipse(): Detect arithmetic overflow when computing the number of points to allocate for an ellipse, - ReadMNGImage(): mng_LOOP chunk must be at least 5 bytes long, - ReadJPEGImage(): Apply a default limit of 100 progressive scans before the reader quits with an error. * Update library symbols for this release. . graphicsmagick (1.3.30-1) unstable; urgency=high . * New upstream release, including many security fixes. * Build with all hardening enabled. . graphicsmagick (1.3.29+hg15665-1) unstable; urgency=high . * Mercurial snapshot, fixing the following security issues: - use of uninitialized value in IsMonochromeImage() , - divide by zero in GetPixelOpacity() , - write beyond array bounds in TraceStrokePolygon() , - use of uninitialized value in format8BIM() , - assertion failure in WriteBlob() , - out of bounds write in TraceEllipse() , - memory leak and use of uninitialized memory when handling eXIf chunk in png_malloc() , - floating point exception in WriteTIFFImage() , - leak of Image when TIFFReadRGBAImage() reports failure, - potentional leak when compressed object is corrupted, - floating point exception in WriteTIFFImage() , - heap double free in Magick::BlobRef::~BlobRef() , - direct leak in TIFFClientOpen() , - indirect leak in CloneImage() , - direct leak in ReadOneJNGImage() , - heap buffer overflow in put1bitbwtile() , - use of uninitialized value in SyncImageCallBack() , - validate tile memory requests for TIFFReadRGBATile() . * Remove profiles/sRGB Color Space Profile.ICM and jp2/data/colorprofiles/srgb.icm for being non-free. * Remove zlib/contrib/dotzlib/DotZLib.chm for no source available. . graphicsmagick (1.3.29-1) unstable; urgency=high . * New upstream release, including many security fixes. * Remove previously backported security patches. * Update library symbols for this release. * Update debhelper level to 11 . * Update Standards-Version to 4.1.4 . . graphicsmagick (1.3.28-2) unstable; urgency=high . * Backport security fixes: - don't use rescale map if it was not allocated, - validate number of colormap bits to avoid undefined shift behavior, - defend against partial scanf() expression matching, resulting in benign use of uninitialized data, - don't use rescale map if it was not allocated, - fix tile index overflow, - reject XPM if it contains non-whitespace control characters, - fix forged amount of frames 6755, - validate header length and offset properties, - fixed memory leak when tile overflows, - fix forged amount of frames 7076, - check for forged image that overflows file size, - validate size request prior to allocation, - validate that file size is sufficient for claimed image properties, - fix signed integer overflow when computing pixels size, - include number of FITS scenes in file size validations, - allocate space for null termination and null terminate string, - validate that samples per pixel is in valid range, - check whether datablock is really read, - verify that sufficient backing data exists before allocating memory to read it, - duplicate image check for data with fixed geometry, - CVE-2018-9018: avoid divide-by-zero if delay or timeout properties changed while ticks_per_second is zero (closes: #894396), - add checks for EOF, - validate that PICT rectangles do not have zero dimensions, - check image pixel limits before allocating memory for tile. * Backport patch to redesign ReadBlobDwordLSB() to be more effective. * Backport patch to destroy tile_image in ThrowPICTReaderException() macro to simplify logic. * Backport patch to remove shadowed tile_image variable which defeats new ThrowPICTReaderException() implementation. . graphicsmagick (1.3.28-1) unstable; urgency=high . * New upstream release, fixing the following security issues among others: - BMP: Fix non-terminal loop due to unexpected bit-field mask value (DOS opportunity), - PALM: Fix heap buffer underflow in builds with QuantumDepth=8, - SetNexus() Fix heap overwrite under certain conditions due to using a wrong destination buffer, - TIFF: Fix heap buffer read overflow in LocaleNCompare() when parsing NEWS profile. * Remove previously backported security patches. . graphicsmagick (1.3.27-4) unstable; urgency=high . * Fix CVE-2018-5685: infinite loop in ReadBMPImage() (closes: #887158). * Fix memory leak of global colormap. * Fix memory leak of chunk and mng_info in error path. * Update Standards-Version to 4.1.3 . . graphicsmagick (1.3.27-3) unstable; urgency=high . * Fix heap-buffer-overflow on LocaleNCompare() . * Add some assertions to verify that the image pointer provided by libwebp is valid. * Fix NULL pointer dereference in ReadMNGImage() . * Fix CVE-2017-17913: stack-buffer-overflow in WriteWEBPImage() . * Fix CVE-2017-17915: heap-buffer-overflow in ReadMNGImage() . . graphicsmagick (1.3.27-2) unstable; urgency=high . * Fix CVE-2017-17782: heap-based buffer over-read in ReadOneJNGImage() (closes: #884905). * Fix CVE-2017-17783: buffer over-read in ReadPALMImage() (closes: #884904). . graphicsmagick (1.3.27-1) unstable; urgency=medium . * New upstream release. * Remove previously backported security patches. * Update library symbols for this release. * Add libwebp-dev dependency to libgraphicsmagick1-dev (closes: #863564). * Update Standards-Version to 4.1.2 . . graphicsmagick (1.3.26-19) unstable; urgency=high . * Fix CVE-2017-16669: heap buffer overflow in AcquireCacheNexus() (closes: #881391). * Fix CVE-2017-13134: heap buffer overflow in SFWScan() (closes: #881524). . graphicsmagick (1.3.26-18) unstable; urgency=high . * Fix CVE-2017-16547: remote denial of service (negative strncpy and application crash). * Fix CVE-2017-16545: NULL pointer dereference (write) with malformed WPG image. . graphicsmagick (1.3.26-17) unstable; urgency=high . * Fix CVE-2017-16353: heap read overflow vulnerability in DescribeImage() . * Fix CVE-2017-16352: heap-based buffer overflow vulnerability in DescribeImage() . . graphicsmagick (1.3.26-16) unstable; urgency=high . * Fix CVE-2017-15930: NULL pointer dereference while transferring JPEG scanlines (closes: #879999). . graphicsmagick (1.3.26-15) unstable; urgency=high . * Fix CVE-2017-13737: invalid free in MagickFree() (closes: #878511). . graphicsmagick (1.3.26-14) unstable; urgency=high . * Fix CVE-2017-15277: assure that global colormap is fully initialized in ReadGIFImage() . * Fix memory leak in WriteGIFImage() . * Fix CVE-2017-15238: use after free in ReadJNGImage() . . graphicsmagick (1.3.26-13) unstable; urgency=high . * Fix CVE-2017-14733: heap out of bounds read in ReadRLEImage() . * Fix CVE-2017-14994: NULL pointer dereference in DICOM Decoder. * Fix CVE-2017-14997: memory allocation error due to malformed image file. * Update Standards-Version to 4.1.1 . . graphicsmagick (1.3.26-12) unstable; urgency=high . * Update upstream changelog for CVE-2017-14103 . * Fix CVE-2017-14649: denial of service due to assertion failure in AcquireImagePixels() (closes: #876460). * Update Standards-Version to 4.1.0: - change graphicsmagick-dbg priority to optional. . graphicsmagick (1.3.26-11) unstable; urgency=high . * Fix CVE-2017-14504: NULL pointer dereference triggered by malformed file. . graphicsmagick (1.3.26-10) unstable; urgency=high . * Fix CVE-2017-14314: heap-based buffer over-read in DrawDashPolygon() . . graphicsmagick (1.3.26-9) unstable; urgency=high . * Fix CVE-2017-14165: remote denial of service due to memory allocation failure in magickmalloc (closes: #874724). * Fix CVE-2017-14042: memory allocation failure in MagickRealloc() (closes: #873538). . graphicsmagick (1.3.26-8) unstable; urgency=high . * Fix CVE-2017-13775: denial of service issue in ReadJNXImage() . * Fix CVE-2017-13776 and CVE-2017-13777: denial of service issue in ReadXBMImage() . * Fix memory leak vulnerability in ReadJNGImage() which allow attackers to cause a denial of service via a crafted file. * Fix double-free after reading a malformed JNG. * Fix CVE-2017-14103: the ReadJNGImage() and ReadOneJNGImage() functions do not properly manage image pointers after certain error conditions, which allows remote use-after-free attacks via a crafted file, related to a ReadMNGImage() out-of-order CloseBlob() call. This vulnerability exists because of an incomplete fix for CVE-2017-11403 . * Fix CVE-2017-8350: crash while reading a malformed JNG file. . graphicsmagick (1.3.26-7) unstable; urgency=high . * Fix CVE-2017-13063: heap-based buffer overflow vulnerability in the GetStyleTokens() function (closes: #873130). * Fix CVE-2017-13064: another heap-based buffer overflow vulnerability in the GetStyleTokens() function (closes: #873129). * Fix CVE-2017-13065: NULL pointer dereference vulnerability in the SVGStartElement() function (closes: #873119). . graphicsmagick (1.3.26-6) unstable; urgency=high . * Fix CVE-2017-12935: invalid memory read in the SetImageColorCallBack() with large MNG images (closes: #872576). * Fix CVE-2017-12936: use-after-free issue for data associated with exception reporting in the ReadWMFImage() function (closes: #872575). * Fix CVE-2017-12937: colormap heap-based buffer over-read in the ReadSUNImage() function (closes: #872574). . graphicsmagick (1.3.26-5) unstable; urgency=medium . * Handle mangling change for conversion operators in GCC 7 (closes: #871306). . [ John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de> ] * Honor 'nocheck' in DEB_BUILD_OPTIONS (closes: #842787). . graphicsmagick (1.3.26-4) unstable; urgency=high . * Fix CVE-2017-11643: heap overflow in the WriteCMYKImage() function (closes: #870157). * Fix CVE-2017-11636: heap overflow in the WriteRGBImage() function (closes: #870149). * Fix CVE-2017-11638 and CVE-2017-11642: null pointer dereference or SEGV if input is not colormapped (closes: #870154, #870156). * Fix CVE-2017-11641: memory leak while writing Magick Persistent Cache format (closes: #870155). * Fix CVE-2017-11637: NULL pointer dereference in the WritePCLImage() function (closes: #870153). * Fix CVE-2017-11722: denial of service via a crafted file (closes: #870158). * Remove autotools-dev and dh-autoreconf build dependencies. . graphicsmagick (1.3.26-3) unstable; urgency=high . * Fix CVE-2017-11140: denial of service (resource consumption) via crafted JPEG files. * Fix apparent off-by-one error in MNG FRAM change_clipping processing. * Fix out-of-order CloseBlob() and DestroyImageList() . . graphicsmagick (1.3.26-2) unstable; urgency=high . * Fix CVE-2017-11102: remote denial of service during JNG reading via a zero-length color_image data structrure in ReadOneJNGImage (png.c) (closes: #867746). * Add new DestroyJNGInfo@Base and remove DestroyJNG@Base obsolete symbols. . graphicsmagick (1.3.26-1) unstable; urgency=high . * New upstream release, fixing the following security issues among others: - META: Fix heap overflow while parsing 8BIM chunk (CVE-2016-7800). - WPG: Fix heap overflow (CVE-2016-7996). Fix assertion crash (CVE-2016-7997). - PNG: Enforce spec requirement that the dimensions of the JPEG embedded in a JDAT chunk must match the JHDR dimensions (CVE-2016-9830). - TIFF: Fix out of bounds read when reading CMYKA TIFF which claims to have only 2 samples per pixel (CVE-2017-6335). - JNG: Fix memory leak when reading invalid JNG image (CVE-2017-8350). - TIFF: Fix out of bounds read when reading RGB TIFF which claims to have only 1 sample per pixel (CVE-2017-10794) (closes: #867085). - DPX: Fix excessive use of memory (DOS issue) due to file header claiming large image dimensions but insufficient backing data. (CVE-2017-10799) (closes: #867077). - MAT: Fix excessive use of memory (DOS issue) due to continuing processing with insufficient data and claimed large image size. Verify each file extent to make sure that it is within range of file size. (CVE-2017-10800) (closes: #867060). * Remove previously backported security patches. * Self-tests build hack no longer needed. * Update library symbols for this release. * Update Standards-Version to 4.0.0 and debhelper level to 10 . Checksums-Sha1: d68d1991ef6d0d8c3c6ed77b296d7736d4c1e385 2870 graphicsmagick_1.3.30+hg15796-1~deb9u1.dsc e2a3a50bb3c609f4625b6a2a38de46357b881fe6 27390756 graphicsmagick_1.3.30+hg15796.orig.tar.xz 8636383effee1bd65d84ae173808858567031346 142500 graphicsmagick_1.3.30+hg15796-1~deb9u1.debian.tar.xz 0b7b425ccb7e8408d5a39c3a4c3ab23cd8020b31 3416140 graphicsmagick-dbg_1.3.30+hg15796-1~deb9u1_amd64.deb eb14efd6e32e610d14cb7107053ed7f1313684ef 50358 graphicsmagick-imagemagick-compat_1.3.30+hg15796-1~deb9u1_all.deb b324bad157ecf7e379b5b1c3c42c03671c802557 53792 graphicsmagick-libmagick-dev-compat_1.3.30+hg15796-1~deb9u1_all.deb d0e2aaa2fca7a611f0661bcd136a4ee862c8073d 12075 graphicsmagick_1.3.30+hg15796-1~deb9u1_amd64.buildinfo 38ae530eb82601994d1b403aaad2d1bd64a29bbf 953120 graphicsmagick_1.3.30+hg15796-1~deb9u1_amd64.deb 3ef9152817fb3289d7c3d654d6a27b3fc2c48ee7 96980 libgraphics-magick-perl_1.3.30+hg15796-1~deb9u1_amd64.deb 0649f8222a972bb0b8b3f09a60607f7c833e5354 144776 libgraphicsmagick++-q16-12_1.3.30+hg15796-1~deb9u1_amd64.deb cb9d2d9897996457f4493e0b117f463baa3597fb 331646 libgraphicsmagick++1-dev_1.3.30+hg15796-1~deb9u1_amd64.deb 8f545c239c193b4abc9cdb02065e9cb50677a6d9 1174436 libgraphicsmagick-q16-3_1.3.30+hg15796-1~deb9u1_amd64.deb 0a1d30d5503c7269f64ebc7c346c9f9bde6dc460 1408204 libgraphicsmagick1-dev_1.3.30+hg15796-1~deb9u1_amd64.deb Checksums-Sha256: 1d4030c972ce9ccadb38cae5514691a64f07d127c0453788a05d90f48fddd146 2870 graphicsmagick_1.3.30+hg15796-1~deb9u1.dsc b6748d7368f686c346c90b9077699568d1b60a25e820b7fe2d68168bad4c80b7 27390756 graphicsmagick_1.3.30+hg15796.orig.tar.xz ffdc1963e96ed6e67c04af89a26505faa63033eeafaf8826e54ad96b4d362e3b 142500 graphicsmagick_1.3.30+hg15796-1~deb9u1.debian.tar.xz f2443c59c7c114e8db8597490577a20f96814ca28fe6b3885d520c1eeffd42e6 3416140 graphicsmagick-dbg_1.3.30+hg15796-1~deb9u1_amd64.deb 7b1eb26ddfe3b7cd665629715b1f3088dbac02f91db4a70b6f60412d67b99b20 50358 graphicsmagick-imagemagick-compat_1.3.30+hg15796-1~deb9u1_all.deb 3614bf4bccb831f39771ed6b2e0c2a9bde56334c66461a5ec7a200c3d528825b 53792 graphicsmagick-libmagick-dev-compat_1.3.30+hg15796-1~deb9u1_all.deb 99776a1f309c5526cfcc2d7535187dd05dc9e9ca09143da0fe34526a4c497840 12075 graphicsmagick_1.3.30+hg15796-1~deb9u1_amd64.buildinfo 070949a267eef6c3ad808f27bfb314e04d50f630c4c0a60e00ac732b57e6bc8d 953120 graphicsmagick_1.3.30+hg15796-1~deb9u1_amd64.deb e3b1981f06371994fb7eb79001b0665e18d98b2ff203902ec9c33aae13bf0bbb 96980 libgraphics-magick-perl_1.3.30+hg15796-1~deb9u1_amd64.deb beed8172f246c925482a525a017ec41ce58ce90661d476b174183fa9422a7db3 144776 libgraphicsmagick++-q16-12_1.3.30+hg15796-1~deb9u1_amd64.deb c6977a0ff003b135eaa771343d967249dfc6edbabddf6e296fdb8af0fdda371e 331646 libgraphicsmagick++1-dev_1.3.30+hg15796-1~deb9u1_amd64.deb e422dc328b2c57e568f5b967e60ea5c620ac1d217fa265c2dfd7d7290d398bb1 1174436 libgraphicsmagick-q16-3_1.3.30+hg15796-1~deb9u1_amd64.deb 377182ec3d70c8bf0204a4f86a13363b815b52876098a3fb0c6e13d7fb1ad67c 1408204 libgraphicsmagick1-dev_1.3.30+hg15796-1~deb9u1_amd64.deb Files: e341ee97094ae7d3a9920be306b9f714 2870 graphics optional graphicsmagick_1.3.30+hg15796-1~deb9u1.dsc a03ab1fdd46b33ad7d45a56289ec7ba2 27390756 graphics optional graphicsmagick_1.3.30+hg15796.orig.tar.xz 1a26002f0f1ac64ccf83fa49a527911e 142500 graphics optional graphicsmagick_1.3.30+hg15796-1~deb9u1.debian.tar.xz f09f80dab4ecce3e2d97ce8c882c3dd6 3416140 debug optional graphicsmagick-dbg_1.3.30+hg15796-1~deb9u1_amd64.deb 441e8db8d26aca20e10d3e0b12b14afc 50358 graphics optional graphicsmagick-imagemagick-compat_1.3.30+hg15796-1~deb9u1_all.deb 6e0d144895c60effb6e2d8e85ec249ba 53792 graphics optional graphicsmagick-libmagick-dev-compat_1.3.30+hg15796-1~deb9u1_all.deb 9b6fff554d1e873c082b678a763f7706 12075 graphics optional graphicsmagick_1.3.30+hg15796-1~deb9u1_amd64.buildinfo 5a9ca5ec8ae53376394ac4f8b5e3d899 953120 graphics optional graphicsmagick_1.3.30+hg15796-1~deb9u1_amd64.deb a1617193004eb6f75f5a648e6f264da2 96980 perl optional libgraphics-magick-perl_1.3.30+hg15796-1~deb9u1_amd64.deb 7a0fb1bf1d3d98e197a635d324e1fe07 144776 libs optional libgraphicsmagick++-q16-12_1.3.30+hg15796-1~deb9u1_amd64.deb e453800e686a3f43c96550e6f1bd3a27 331646 libdevel optional libgraphicsmagick++1-dev_1.3.30+hg15796-1~deb9u1_amd64.deb 0b491de97d61176afadd6e9aba415a92 1174436 libs optional libgraphicsmagick-q16-3_1.3.30+hg15796-1~deb9u1_amd64.deb 00a22c5f203215d199923c9e233d9ee6 1408204 libdevel optional libgraphicsmagick1-dev_1.3.30+hg15796-1~deb9u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIyBAEBCAAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAlvAqAwACgkQ3OMQ54ZM yL95FQ/3ddmtrGDuOUTD3Z6jNe8iqxXkT10eKn/tv7GIRj6Y9VcwrwU1e2o0Klpz f8EwO9ZnfGkck/7a2YZ9Uz/R5N1i3PIVs9Tl9Xr0WaVcRhHFYKBmJzgiYMB85Xa5 LlqnGvrkqgHFDulifn65Cs6kxoQjhL4k+uG9LM3NfGa1Obsd8/zpHww9ZX7YuwnQ P+FA/1Io+b/Sxgd/3qTXMdVlfsV21bntORtEaOAsLkQ40CZPbnJEWTh+dHjGzeip BLgWVQ3tjlB4J6sEmTiF1m39BtoRrNqO1f2rCrlKtJr1sLw4AxOP785KafMxOirv n878ElycQmoSI2SFwJr8wK/kHxf6sNfURei8EzDsLlR6vd8OzvgznfGc04guuwZM +odas76zzVyKF7hzHeV65SuauGCf254zFgV+dft1ay6V8JFq71+3wQBVBcufwlUi 0spWH4vyrhzLaiARY00AGperEEAip9If/bjcRQCf/WZVDeqnbP+QwoQuJ9yAer3F kiV0m7NrYyKCo+hIo38EPVFtgA/PCjGXWYNClVyCIE9eDNbC/CBHkxnayIGGvKSv tgWF2VjC116e3hXZeW45au2Z2nObFwul9PHWABpAKL7q/JEAtkTailtYOtK90sbC dpEpl+pObKN7wntWXSdLrqP2rfeDoSN9rC8QBUyY5f9xJKTXxQ== =KRFO -----END PGP SIGNATURE-----