Accepted linux 3.16.68-1 (all source) into oldstable, oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 22 May 2019 23:27:42 +0100
Binary: linux-doc-3.16 linux-manual-3.16 linux-source-3.16 linux-support-3.16.0-9
Source: linux
Architecture: all source
Version: 3.16.68-1
Distribution: jessie-security
Urgency: high
Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Changed-By: Ben Hutchings <ben@decadent.org.uk>
Closes: 927781
Description:
linux-doc-3.16 - Linux kernel specific documentation for version 3.16
linux-manual-3.16 - Linux kernel API manual pages for version 3.16
linux-source-3.16 - Linux kernel source for version 3.16 with Debian patches
linux-support-3.16.0-9 - Support files for Linux 3.16
Changes:
linux (3.16.68-1) jessie-security; urgency=high
.
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.65
- wireless: airo: potential buffer overflow in sprintf()
- [x86] drm/i915/ringbuffer: Delay after EMIT_INVALIDATE for gen4/gen5
- [x86] PCI: Fix Broadcom CNB20LE unintended sign extension (redux)
- pcrypt: use format specifier in kobject_add
- dlm: fixed memory leaks after failed ls_remove_names allocation
- dlm: possible memory leak on error path in create_lkb()
- dlm: lost put_lkb on error path in receive_convert() and receive_unlock()
- dlm: memory leaks on error path in dlm_user_request()
- [i386] power: supply: olpc_battery: correct the temperature units
- panic: avoid deadlocks in re-entrant console drivers
- f2fs: read page index before freeing
- [armhf] serial: imx: fix error handling in console_setup
- b43: Fix error in cordic routine
- ext4: missing unlock/put_page() in ext4_try_to_write_inline_data()
- sunrpc: fix cache_head leak due to queued request
- tty/ldsem: Wake up readers after timed out down_write()
- [armhf] misc: vexpress: Off by one in vexpress_syscfg_exec()
- ALSA: emux: Fix potential Spectre v1 vulnerabilities (CVE-2017-5753)
- ALSA: pcm: Fix potential Spectre v1 vulnerability (CVE-2017-5753)
- crypto: user - support incremental algorithm dumps
- [armel/versatile] gpiolib: Fix return value of gpio_to_desc() stub if
!GPIOLIB
- [x86] kvm: vmx: Set IA32_TSC_AUX for legacy mode guests
- btrfs: dev-replace: go back to suspended state if target device is
missing
- Btrfs: fill ->last_trans for delayed inode in btrfs_fill_inode.
- Btrfs: fix stale dir entries after unlink, inode eviction and fsync
- Btrfs: fix fsync of files with multiple hard links in new directories
- net/mlx5: Continue driver initialization despite debugfs failure
- [armhf] KVM: Fix VMID alloc race by reverting to lock-less
- IB/qib: Fix an error code in qib_sdma_verbs_send()
- ALSA: rme9652: Fix potential Spectre v1 vulnerability (CVE-2017-5753)
- ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities (CVE-2017-5753)
- ext4: include terminating u32 in size of xattr entries when expanding
inodes
- ext4: avoid declaring fs inconsistent due to invalid file handles
- ext4: force inode writes when nfsd calls commit_metadata()
- ext4: check for shutdown and r/o file system in ext4_write_inode()
- scsi: megaraid_sas: Use 63-bit DMA addressing
- ath6kl: Only use match sets when firmware supports it
- cdc-acm: fix abnormal DATA RX issue for Mediatek Preloader.
- fbdev: fbmem: behave better with small rotated displays and many CPUs
- fbdev: fbcon: Fix unregister crash when more than one framebuffer
- igb: Fix an issue that PME is not enabled during runtime suspend
- kvm: Disallow wraparound in kvm_gfn_to_hva_cache_init
- [x86] KVM: Use jmp to invoke kvm_spurious_fault() from .fixup
- CIFS: Fix error mapping for SMB2_LOCK command which caused OFD lock
problem
- ext4: make sure enough credits are reserved for dioread_nolock writes
- ext4: ext4_inline_data_fiemap should respect callers argument
- ext4: fix a potential fiemap/page fault deadlock w/ inline_data
- 9p/net: put a lower bound on msize
- 9p/net: fix memory leak in p9_client_create
- ceph: don't update importing cap's mseq when handing cap export
- sunrpc: use SVC_NET() in svcauth_gss_* functions
- mm: rmap use pte lock not mmap_sem to set PageMlocked
- mm: migration: fix migration of huge PMD shared pages
- mm, memory_hotplug: do not clear numa_node association after hot_remove
- hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined
- ext4: avoid kernel warning when writing the superblock to a dead device
- ext4: fix special inode number checks in __ext4_iget()
- net/hamradio/6pack: use mod_timer() to rearm timers
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.66
- batman-adv: Avoid WARN on net_device without parent in netns
- batman-adv: Force mac header to start of data on xmit
- [x86] ACPI: power: Skip duplicate power resource references in _PRx
- ALSA: usb-audio: Avoid access before bLength check in
build_audio_procunit()
- ALSA: usb-audio: Always check descriptor sizes in parser code
- ALSA: usb-audio: Fix an out-of-bound read in create_composite_quirks
- USB: serial: simple: add Motorola Tetra TPG2200 device id
- usb: cdc-acm: send ZLP for Telit 3G Intel based modems
- USB: storage: don't insert sane sense for SPC3+ when bad sense specified
- USB: storage: add quirk for SMI SM3350
- USB: Add USB_QUIRK_DELAY_CTRL_MSG quirk for Corsair K70 RGB
- [x86] ASoC: atom: fix a missing check of snd_pcm_lib_malloc_pages
- ALSA: cs46xx: Potential NULL dereference in probe
- packet: validate address length
- packet: validate address length if non-zero
- packet: Do not leak dev refcounts on error exit
- sd: Clear PS bit before Mode Select.
- scsi: sd: Fix cache_type_store()
- scsi: isci: initialize shost fully before calling scsi_add_host()
- [x86] Drivers: hv: vmbus: Check for ring when getting debug info
- drm/fb-helper: Partially bring back workaround for bugs of SDL 1.2
- drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock
- rbd: don't return 0 on unmap if RBD_DEV_FLAG_REMOVING is set
- [armel/kirkwood] dts: Fix polarity of GPIO fan lines
- crypto: authenc - fix parsing key with misaligned rta_len
- i2c: dev: prevent adapter retries and timeout being set as minus value
- CIFS: Do not hide EINTR after sending network packets
- cifs: Fix potential OOB access of lock element array
- [armhf] omap2fb: Fix stack memory disclosure
- [i386] kaslr: Fix incorrect i8254 outb() parameters
- staging: rtl8188eu: Add device code for D-Link DWA-121 rev B1
- net/phy: micrel: Add workaround for bad autoneg
- net/phy: micrel: configure intterupts after autoneg workaround
- net: phy: micrel: ksz9031: reconfigure autoneg after phy autoneg
workaround
- net: phy: micrel: set soft_reset callback to genphy_soft_reset for
KSZ9031
- fuse: handle zero sized retrieve correctly
- fuse: call pipe_buf_release() under pipe lock
- fuse: decrement NR_WRITEBACK_TEMP on the right page
- media: v4l: ioctl: Validate num_planes for debug messages
- USB: serial: pl2303: add new PID to support PL2303TB
- net: bridge: Fix ethernet header pointer before check skb forwardable
- uart: Fix crash in uart_write and uart_put_char
- tty/n_hdlc: fix __might_sleep warning
- vt: always call notifier with the console lock held
- vt: invoke notifier on screen size change
- char/mwave: fix potential Spectre v1 vulnerability (CVE-2017-5753)
- tty: Handle problem if line discipline does not have receive_buf
- can: dev: __can_get_echo_skb(): fix bogous check for non-existing skb by
removing it
- can: bcm: check timer values before ktime conversion
- ipmi: msghandler: Fix potential Spectre v1 vulnerabilities
(CVE-2017-5753)
- drm/modes: Prevent division by zero htotal
- [x86] iommu/amd: Fix IOMMU page flush when detach device from a domain
- net/mlx4_core: Add masking for a few queries on HCA caps
- debugfs: fix debugfs_rename parameter checking
- [x86] KVM: Fix single-step debugging
- IB/ipoib: Fix for use-after-free in ipoib_cm_tx_start
- kallsyms: Handle too long symbols in kallsyms.c
- [armhf] usb: phy: am335x: fix race condition in _probe
- scsi: bnx2fc: Fix error handling in probe()
- CIFS: Do not count -ENODATA as failure for query directory
- CIFS: Do not consider -ENODATA as stat failure for reads
- [armhf] usb: gadget: musb: fix short isoc packets with inventra dma
- fs/dcache: Fix incorrect nr_dentry_unused accounting in shrink_dcache_sb()
- l2tp: copy 4 more bytes to linear part if necessary
- mac80211: ensure that mgmt tx skbs have tailroom for encryption
- skge: potential memory corruption in skge_get_regs()
- mm, oom: fix use-after-free in oom_kill_process
- mm: hwpoison: use do_send_sig_info() instead of force_sig()
- mm: migrate: don't rely on __PageMovable() of newpage after unlocking it
- [armhf] dmaengine: imx-dma: fix wrong callback invoke
- [x86] perf/intel/uncore: Add Node ID mask
- perf/core: Don't WARN() for impossible ring-buffer sizes
- [x86] drm/vmwgfx: Return error code from vmw_execbuf_copy_fence_user
- [x86] drm/vmwgfx: Fix setting of dma masks
- ALSA: compress: Fix stop handling on compressed capture streams
- [armhf] mtd: rawnand: gpmi: fix MX28 bus master lockup problem
- libata: Add NOLPM quirk for SAMSUNG MZ7TE512HMHP-000L1 SSD
- signal: tracehook_signal_handler: Remove sig, info, ka and regs
- signal: Clean up signal_delivered()
- signal: Rip out get_signal_to_deliver()
- signal: Always notice exiting tasks
- signal: Better detection of synchronous signals
- sit: check if IPv6 enabled before calling ip6_err_gen_icmpv6_unreach()
- ALSA: usb-audio: Fix implicit fb endpoint setup by quirk
- [x86] Input: elantech - force needed quirks on Fujitsu H760
- [x86] Input: elantech - enable 3rd button support on Fujitsu CELSIUS H780
- [x86] vsock: cope with memory allocation failure at socket creation time
- [x86] perf: Add check_period PMU callback
- vxlan: test dev->flags & IFF_UP before calling netif_rx()
- net: fix IPv6 prefix route residue
- [x86] kvm/nVMX: read from MSR_IA32_VMX_PROCBASED_CTLS2 only when it is
available
- batman-adv: fix uninit-value in batadv_interface_tx()
- net/packet: fix 4gb buffer limit due to overflow check
- net/packet: Set __GFP_NOWARN upon allocation in alloc_pg_vec
- team: avoid complex list operations in team_nl_cmd_options_set()
- perf/core: Fix impossible ring-buffer sizes warning
- [x86] a.out: Clear the dump structure initially
- signal: Restore the stop PTRACE_EVENT_EXIT
- netfilter: nft_compat: fix crash when related match/target module is
removed
- netfilter: nf_tables: nft_compat: fix refcount leak on xt module
- netfilter: nft_compat: use-after-free when deleting targets
- dm thin: fix bug where bio that overwrites thin block ignores FUA
- netfilter: nf_tables: fix flush after rule deletion in the same batch
- KEYS: allow reaching the keys quotas exactly
- assoc_array: Fix shortcut creation
- scsi: libsas: Fix rphy phy_identifier for PHYs with end devices attached
- ceph: avoid repeatedly adding inode to mdsc->snap_flush_list
- [armhf] net: stmmac: Fix a race in EEE enable callback
- tmpfs: fix link accounting when a tmpfile is linked in
- KEYS: user: Align the payload buffer
- KEYS: restrict /proc/keys by credentials at open time
- KEYS: always initialize keyring_index_key::desc_len
- mdio_bus: Fix use-after-free on device_register fails
- mmc: spi: Fix card detection during probe
- [x86] uaccess: Don't leak the AC flag into __put_user() value evaluation
- tmpfs: fix uninitialized return value in shmem_link
- net: phy: Micrel KSZ8061: link failure after cable connect
- net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails
- netlabel: fix out-of-bounds memory accesses
- net: netem: fix skb length BUG_ON in __skb_to_sgvec
- ipc/shm: Fix pid freeing. (Closes: #927781)
- media: em28xx-dvb - fix em28xx_dvb_resume() to not unregister i2c and dvb
- media: em28xx: Fix use-after-free when disconnecting (CVE-2019-2024)
- Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer
(CVE-2019-3459)
- Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt
(CVE-2019-3460)
- vfio/type1: Limit DMA mappings per container (CVE-2019-3882)
- coredump: fix race condition between mmget_not_zero()/get_task_mm() and
core dumping (CVE-2019-11599)
- perf/core: Fix perf_event_open() vs. execve() race (CVE-2019-3901)
- brcmfmac: consolidate ifp lookup in driver core
- brcmfmac: make brcmf_proto_hdrpull() return struct brcmf_if instance
- brcmfmac: screening firmware event packet
- brcmfmac: fix incorrect event channel deduction
- brcmfmac: revise handling events in receive path
- brcmfmac: add subtype check for event handling in data path
(CVE-2019-9503)
- binfmt_elf: Fix missing SIGKILL for empty PIE
- binfmt_elf: switch to new creds when switching to new mm
(CVE-2019-11190)
- apparmor: provide userspace flag indicating binfmt_elf_mmap change
- tty: mark Siemens R3964 line discipline as BROKEN (CVE-2019-11486)
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.67
- brcmfmac: add length checks in scheduled scan result handler
- inet: update the IP ID generation algorithm to higher standards.
- ipv4: fix a race in update_or_create_fnhe()
- KVM: VMX: Fix x2apic check in vmx_msr_bitmap_mode()
- fork: record start_time late (CVE-2019-6133)
- percpu: stop printing kernel addresses (CVE-2018-5995)
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.68
- Backport static_key/jump_label changes:
+ module: add within_module() function
+ jump_label: Fix small typos in the documentation
+ jump_label: Allow asm/jump_label.h to be included in assembly
+ jump_label: Allow jump labels to be used in assembly
+ module, jump_label: Fix module locking
+ jump_label: Rename JUMP_LABEL_{EN,DIS}ABLE to JUMP_LABEL_{JMP,NOP}
+ jump_label, locking/static_keys: Rename JUMP_LABEL_TYPE_* and related
helpers to the static_key* pattern
+ jump_label: Add jump_entry_key() helper
+ locking/static_keys: Rework update logic
+ locking/static_keys: Add a new static_key interface
+ jump label, locking/static_keys: Update docs
+ jump_label/x86: Work around asm build bug on older/backported GCCs
+ locking/static_keys: Fix a silly typo
+ locking/static_keys: Fix up the static keys documentation
+ jump_label: make static_key_enabled() work on static_key_true/false
types too
+ x86/asm: Error out if asm/jump_label.h is included inappropriately
+ x86/asm: Add asm macros for static keys/jump labels
+ x86/headers: Don't include asm/processor.h in asm/atomic.h
+ x86/cpufeature: Carve out X86_FEATURE_*
+ locking/static_key: Fix concurrent static_key_slow_inc()
+ locking/static_keys: Provide DECLARE and well as DEFINE macros
- [x86] Update speculation mitigations:
+ x86/cpufeature: Add bug flags to /proc/cpuinfo
+ x86/speculation: Support Enhanced IBRS on future CPUs
+ x86/speculation: Simplify the CPU bug detection logic
+ x86/speculation: Remove SPECTRE_V2_IBRS in enum spectre_v2_mitigation
+ x86/cpu: Sanitize FAM6_ATOM naming
+ x86/speculation: Apply IBPB more strictly to avoid cross-process data
leak
+ x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation
+ x86/speculation: Propagate information about RSB filling mitigation to
sysfs
+ x86/speculation: Update the TIF_SSBD comment
+ x86/speculation: Clean up spectre_v2_parse_cmdline()
+ x86/speculation: Remove unnecessary ret variable in cpu_show_common()
+ x86/speculation: Move STIPB/IBPB string conditionals out of
cpu_show_common()
+ x86/speculation: Disable STIBP when enhanced IBRS is in use
+ x86/speculation: Rename SSBD update functions
+ x86/speculation: Reorganize speculation control MSRs update
+ x86/Kconfig: Select SCHED_SMT if SMP enabled
+ sched: Add sched_smt_active()
+ x86/speculation: Rework SMT state change
+ x86/speculation: Reorder the spec_v2 code
+ x86/speculation: Mark string arrays const correctly
+ x86/speculataion: Mark command line parser data __initdata
+ x86/speculation: Unify conditional spectre v2 print functions
+ x86/speculation: Add command line control for indirect branch
speculation
+ x86/speculation: Prepare for per task indirect branch speculation
control
+ x86/process: Consolidate and simplify switch_to_xtra() code
+ x86/speculation: Avoid __switch_to_xtra() calls
+ x86/speculation: Prepare for conditional IBPB in switch_mm()
+ x86/speculation: Split out TIF update
+ x86/speculation: Prepare arch_smt_update() for PRCTL mode
+ x86/speculation: Prevent stale SPEC_CTRL msr content
+ x86/speculation: Add prctl() control for indirect branch speculation
+ x86/speculation: Enable prctl mode for spectre_v2_user
+ x86/speculation: Add seccomp Spectre v2 user space protection mode
+ x86/speculation: Provide IBPB always command line options
+ kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
+ x86/msr-index: Cleanup bit defines
+ x86/speculation: Consolidate CPU whitelists
+ Documentation: Move L1TF to separate directory
+ x86/speculation/l1tf: Document l1tf in sysfs
+ cpu/speculation: Add 'mitigations=' cmdline option
+ x86/speculation: Support 'mitigations=' cmdline option
+ x86/speculation/mds: Add 'mitigations=' support for MDS
+ x86/cpu/bugs: Use __initconst for 'const' init data
+ x86/bugs: Change L1TF mitigation string to match upstream
- [x86] Mitigate Microarchitectural Data Sampling (MDS) vulnerabilities
(CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091):
+ x86/speculation/mds: Add basic bug infrastructure for MDS
+ x86/speculation/mds: Add BUG_MSBDS_ONLY
+ x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
+ x86/speculation/mds: Add mds_clear_cpu_buffers()
+ x86/speculation/mds: Clear CPU buffers on exit to user
+ x86/speculation/mds: Conditionally clear CPU buffers on idle entry
+ x86/speculation/mds: Add mitigation control for MDS
+ x86/speculation/mds: Add sysfs reporting for MDS
+ x86/speculation/mds: Add mitigation mode VMWERV
+ Documentation: Add MDS vulnerability documentation
+ x86/speculation: Move arch_smt_update() call to after mitigation
decisions
+ x86/speculation/mds: Add SMT warning message
+ x86/speculation/mds: Fix comment
+ x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
+ x86/mds: Add MDSUM variant to the MDS documentation
+ Documentation: Correct the possible MDS sysfs values
+ x86/speculation/mds: Fix documentation typo
.
[ Ben Hutchings ]
* Bump ABI to 9
Checksums-Sha1:
3eae399c017f487f3a51ed5397dc9934d4dd3983 140642 linux_3.16.68-1.dsc
38968c380eb5b28f98fe73c1a57b319b60cb476a 82049616 linux_3.16.68.orig.tar.xz
89a7f5b7cc3a4f9a0a7c292943fb19f23b9aa803 1162424 linux_3.16.68-1.debian.tar.xz
76c991716ae9a73efd947f437a565657d2bbe270 454548 linux-support-3.16.0-9_3.16.68-1_all.deb
d4d4f17899d8b1ed7759d358ac870e2e8fd74585 8400604 linux-doc-3.16_3.16.68-1_all.deb
46014ad97cf1a36fda0c1de442dca61cf02cf331 3779944 linux-manual-3.16_3.16.68-1_all.deb
18ba94588678e26ac0344246a4d7ab89ef16a256 83888866 linux-source-3.16_3.16.68-1_all.deb
Checksums-Sha256:
11e64570089a7023060e09a05079a410540efb882fc5380695455faa36f9e9f6 140642 linux_3.16.68-1.dsc
a2e0794223f055e8a7919c63d40330a08a857a46c3d20cc05b651bc34d08e672 82049616 linux_3.16.68.orig.tar.xz
ff234bde2f1331188ba02e1159d9cc888dac7309c2ace8b4463b473cf587e83c 1162424 linux_3.16.68-1.debian.tar.xz
66edf30e7053e495d721a8c8c04d18cf5bb196bf8ca7994e7276a00163f92795 454548 linux-support-3.16.0-9_3.16.68-1_all.deb
8aad51f87ade35357d6e7c7cbf8722641823f51785f0022c24a2d12dd53c675a 8400604 linux-doc-3.16_3.16.68-1_all.deb
fe3da76547df4f3c13cb8daf71a7b4e159e225a20fd34705be313580025920ca 3779944 linux-manual-3.16_3.16.68-1_all.deb
8e33edd7f25faec9fbbd48376d3744806f31ee040d99f5f83acb218bac0d0a78 83888866 linux-source-3.16_3.16.68-1_all.deb
Files:
db8941c9a7bcf8ec4d6541d6ebb95ada 140642 kernel optional linux_3.16.68-1.dsc
a9962cee63f51b6ed3665a14d1e9fcd8 82049616 kernel optional linux_3.16.68.orig.tar.xz
d1a4faa60e731c6f88b4402a4ec2a6ed 1162424 kernel optional linux_3.16.68-1.debian.tar.xz
a5f56273135e940a2b030e425d979279 454548 devel optional linux-support-3.16.0-9_3.16.68-1_all.deb
89e6ca15df5ffee4401e5cf2b04f0a78 8400604 doc optional linux-doc-3.16_3.16.68-1_all.deb
ff0e1997dcfcfda52a8fe09c80274723 3779944 doc optional linux-manual-3.16_3.16.68-1_all.deb
a46e462af31a55570498f94bdb45efac 83888866 kernel optional linux-source-3.16_3.16.68-1_all.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlzmdyEACgkQ57/I7JWG
EQlS5RAAmQU7H/anTBQzCBjmSJw/OBUE/Ec9rkwqq198f9uHWDGK/yUJx8q8HoIa
SeK0stOBZ9suZuh4pM6K5zzPZy/vIfzJOD0o+MT9hjM+vkTnFCn8usjHpizmfEDR
kgfa1zC8ri/dQLWJDAm0vrclo1d9EPH0oo+bTPmHmtib4TQYyxaUFS6D/2fv7NWO
3fk3ckjAlkzfUrkqrcFqeLoxGk03Sx7+DV3PANmyUcbbuRwQDLDvPd/moxUDcVWc
J8eDP5Ije8TGv/7ZpoIj9EILM9Fa3hTrNjpzLAm7GLa/HXSWYsbby7NK402Dp5Zu
9YUutMFx/vrevf2IQalRNrmjT6QfTl49U+eN92hTq6ifJ+vCX49u7I3piAFiV6tD
SIb+9Db4zFCCqXZayvv7MrqY7D982OT3FlPtggwTlHcjgK09L9rXvUcXvAErAMq3
yH5BEvHpzfLZj5AhfvqUabuphvKPSm7BV7tD32JBvGh20yntO5Xh/ueD32z5LPiY
9Qz+h49ItvoekOYMj8wivEDUNW9HJldAjgjnfGliqTQVjoZ+Nff58PeFsU39cIvl
8QZmAsgIyVPiuQxirJi/32zWSdr0F1lEiB4Y2pPLnq/Or63aomE9C27X4y+ylVO9
Z8OuWwvk/mPA5Xsigw9OLhm6XI5im5HnA2Ovx6osRNWr66kRfMc=
=EiyZ
-----END PGP SIGNATURE-----