VARIoT IoT vulnerabilities database

Buffer overflow in installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially cause a buffer overflow potentially leading to a denial of service via local access. Installer is its installer. A local attacker could exploit this vulnerability to cause a denial of service

Escalation of privilege in Installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially execute code or disclose information as administrator via local access. Intel Extreme Tuning Utility Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Extreme Tuning Utility is a Windows-based performance debugging tool developed by Intel Corporation. Installer is its installer. There is a security vulnerability in the Installer in versions earlier than 6.4.1.21 of Intel Extreme Tuning Utility

Buffer overflow in input handling in Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially deny service to the application via local access. A local attacker could exploit this vulnerability to cause an application denial of service

Privilege escalation in file permissions in Intel Driver and Support Assistant before 3.5.0.1 may allow an authenticated user to potentially execute code as administrator via local access. Intel Driver and Support Assistant is an Intel driver and support management tool of Intel Corporation. This tool is mainly used to get the latest applications provided by Intel. A local attacker could exploit this vulnerability to elevate privileges and execute code as an administrator

Fuji Electric V-Server 4.0.3.0 and prior, Multiple untrusted pointer dereference vulnerabilities have been identified, which may allow remote code execution. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of a VPR file. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code under the context of the process. Fuji Electric V-Server VPR is a data collection software from Fuji Electric of Japan. Fuji Electric V-Server is prone to multiple security vulnerabilities: 1. A use-after-free vulnerability 2. A heap-based buffer overflow vulnerability 4. Multiple out-of-bounds write vulnerabilities 5. An integer underflow vulnerability 6. An out-of-bounds read vulnerability 7. V-Server 4.0.3.0 and prior are vulnerable

Fuji Electric V-Server 4.0.3.0 and prior, Several out-of-bounds write vulnerabilities have been identified, which may allow remote code execution. Fuji Electric V-Server Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of a VPR file. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the V-Server process. Fuji Electric V-server is Fuji Electric Co., Ltd. to collect and manage real-time field data. Real-time monitoring of the plant from a remote location to solve problems without having to visit the site. A use-after-free vulnerability 2. Multiple untrusted pointer dereference remote code-execution vulnerabilities 3. A heap-based buffer overflow vulnerability 4. An integer underflow vulnerability 6. V-Server 4.0.3.0 and prior are vulnerable

Fuji Electric V-Server 4.0.3.0 and prior, An out-of-bounds read vulnerability has been identified, which may allow remote code execution. Fuji Electric V-Server Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of a VPR file. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code under the context of the V-Server process. Fuji Electric V-Server VPR is a data collection software from Fuji Electric of Japan. Fuji Electric V-Server is prone to multiple security vulnerabilities: 1. A use-after-free vulnerability 2. Multiple untrusted pointer dereference remote code-execution vulnerabilities 3. A heap-based buffer overflow vulnerability 4. Multiple out-of-bounds write vulnerabilities 5. An integer underflow vulnerability 6. An out-of-bounds read vulnerability 7. V-Server 4.0.3.0 and prior are vulnerable

A maliciously crafted project file may cause a buffer overflow, which may allow the attacker to execute arbitrary code that affects Fuji Electric V-Server Lite 4.0.3.0 and prior. Fuji Electric V-Server Lite Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of VPR files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a buffer. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current process. Failed exploit attempts will likely cause a denial-of-service condition. V-Server Lite 4.0.3.0 and prior versions are vulnerable

Fuji Electric V-Server 4.0.3.0 and prior, A stack-based buffer overflow vulnerability has been identified, which may allow remote code execution. Fuji Electric V-Server Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of a VPR file. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the process. Fuji Electric V-Server VPR is a data collection software from Fuji Electric of Japan. Fuji Electric V-Server is prone to multiple security vulnerabilities: 1. A use-after-free vulnerability 2. Multiple untrusted pointer dereference remote code-execution vulnerabilities 3. Multiple out-of-bounds write vulnerabilities 5. An integer underflow vulnerability 6. An out-of-bounds read vulnerability 7. V-Server 4.0.3.0 and prior are vulnerable

Fuji Electric V-Server 4.0.3.0 and prior, A heap-based buffer overflow vulnerability has been identified, which may allow remote code execution. Fuji Electric V-Server Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of a VPR file. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the process. Fuji Electric V-Server VPR is a data collection software from Fuji Electric of Japan. Fuji Electric V-Server is prone to multiple security vulnerabilities: 1. A use-after-free vulnerability 2. Multiple untrusted pointer dereference remote code-execution vulnerabilities 3. Multiple out-of-bounds write vulnerabilities 5. An integer underflow vulnerability 6. An out-of-bounds read vulnerability 7. V-Server 4.0.3.0 and prior are vulnerable

A denial of service vulnerability exists when System.IO.Pipelines improperly handles requests, aka "System.IO.Pipelines Denial of Service." This affects .NET Core 2.1, System.IO.Pipelines, ASP.NET Core 2.1. The vendor System.IO.Pipelines As a "denial of service".Service operation interruption (DoS) There is a possibility of being put into a state. Microsoft .NET Core is a free and open source development platform. The platform has features such as multi-language support and cross-platform. ASP.NET Core is a cross-platform open source framework. The framework is used to build cloud-based applications such as web applications, IoT applications, and mobile backends. System.IO.Pipelines is a library for performing high-performance IO in .NET. A remote attacker can use this vulnerability to cause a denial of service by submitting a specially crafted request to the application

The logon application of SAP NetWeaver AS Java 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user-controlled inputs, resulting in a cross-site scripting (XSS) vulnerability. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. SAP NetWeaver AS Java 7.10 through 7.11, 7.20, 7.30, 7.31, 7.40 and 7.50 are vulnerable

Fuji Electric V-Server 4.0.3.0 and prior, An integer underflow vulnerability has been identified, which may allow remote code execution. Fuji Electric V-Server VPR is a data collection software from Fuji Electric of Japan. A remote attacker could exploit the vulnerability to execute code. Fuji Electric V-Server is prone to multiple security vulnerabilities: 1. A use-after-free vulnerability 2. Multiple untrusted pointer dereference remote code-execution vulnerabilities 3. A heap-based buffer overflow vulnerability 4. Multiple out-of-bounds write vulnerabilities 5. An integer underflow vulnerability 6. An out-of-bounds read vulnerability 7. V-Server 4.0.3.0 and prior are vulnerable

A vulnerability has been identified in SCALANCE X300 (All versions < V4.0.0), SCALANCE X408 (All versions < V4.0.0), SCALANCE X414 (All versions). The web interface on port 443/tcp could allow an attacker to cause a Denial-of-Service condition by sending specially crafted packets to the web server. The device will automatically reboot, impacting network availability for other devices. An attacker must have network access to port 443/tcp to exploit the vulnerability. Neither valid credentials nor interaction by a legitimate user is required to exploit the vulnerability. There is no confidentiality or integrity impact, only availability is temporarily impacted. This vulnerability could be triggered by publicly available tools. SCALANCE X300 , X408 , X414 Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. SiemensSCALANCEXSwitches is an industrial Ethernet switch from Siemens AG. Multiple Siemens SCALANCE X Switches are prone to a denial-of-service vulnerability. Successfully exploiting this issue allows an attacker to reboot the affected device, denying service to legitimate users

A vulnerability has been identified in SIMATIC WinCC OA V3.14 and prior (All versions < V3.14-P021). Improper access control to a data point of the affected product could allow an unauthenticated remote user to escalate its privileges in the context of SIMATIC WinCC OA V3.14. This vulnerability could be exploited by an attacker with network access to port 5678/TCP of the SIMATIC WinCC OA V3.14 server. Successful exploitation requires no user privileges and no user interaction. This vulnerability could allow an attacker to compromise integrity and availability of the SIMATIC WinCC OA system. At the time of advisory publication no public exploitation of this vulnerability was known. SIMATIC WinCC OA Contains an access control vulnerability.Tampering with information and disrupting service operations (DoS) There is a possibility of being put into a state. The client-server HMI (Human Machine Interface) system SIMATIC WinCC Open Architecture (OA) is part of the SIMATIC HMI family. It is designed for applications that require a high degree of customer-specific adaptation, large or complex applications, and projects that impose specific system requirements or functionality. A privilege elevation vulnerability exists in SIMATIC WinCC OAV 3.14 and earlier, allowing unauthenticated remote users to upgrade their rights in the context of SIMATIC WinCC OAV 3.14. Siemens SIMATIC WinCC OA is prone to an access-bypass vulnerability. An attacker can exploit this issue to gain elevated privileges. Siemens SIMATIC WinCC OA (Open Architecture) is a SCADA system of Siemens (Siemens) in Germany, and it is also an integral part of the HMI series. The system is mainly applicable to industries such as rail transit, building automation and public power supply

A vulnerability has been identified in SIEMENS TD Keypad Designer (All versions). A DLL hijacking vulnerability exists in all versions of SIEMENS TD Keypad Designer which could allow an attacker to execute code with the permission of the user running TD Designer. The attacker must have write access to the directory containing the TD project file in order to exploit the vulnerability. A legitimate user with higher privileges than the attacker must open the TD project in order for this vulnerability to be exploited. At the time of advisory publication no public exploitation of this security vulnerability was known. SIEMENS TD Keypad Designer Contains an uncontrolled search path element vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state

SAP WebDynpro Java, versions 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in a stored Cross-Site Scripting (XSS) vulnerability. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks

In certain cases, BEx Web Java Runtime Export Web Service in SAP NetWeaver BI 7.30, 7.31. 7.40, 7.41, 7.50, does not sufficiently validate an XML document accepted from an untrusted source. SAP NetWeaver BI Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SAP NetWeaver Business Intelligence is prone to an XML External Entity injection vulnerability. Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions. NetWeaver Business Intelligence 7.30, 7.31. 7.40, 7.41, and 7.50 are vulnerable

A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access. Multiple Intel Products are prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to potentially modify or disclose sensitive information. This may lead to further attacks. Intel CSME is a converged security management engine. Intel Trusted Execution Engine is a trusted execution engine with hardware authentication function used in CPU (Central Processing Unit)

A flaw was found in the 389 Directory Server that allows users to cause a crash in the LDAP server using ldapsearch with server side sort. 389 Directory Server Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. RedHat389DirectoryServer (formerly known as FedoraDirectoryServer) is an enterprise-class Linux directory server from RedHat. The server fully supports the LDAPv3 specification and features scalable, multi-master replication. A security vulnerability exists in RedHat389DirectoryServer. An attacker could exploit the vulnerability to cause a denial of service (crash). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: 389-ds-base security and bug fix update Advisory ID: RHSA-2018:2757-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:2757 Issue date: 2018-09-25 CVE Names: CVE-2018-10850 CVE-2018-10935 CVE-2018-14624 CVE-2018-14638 ==================================================================== 1. Summary: An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, ppc64le Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, ppc64le, s390x 3. Security Fix(es): * 389-ds-base: race condition on reference counter leads to DoS using persistent search (CVE-2018-10850) * 389-ds-base: ldapsearch with server side sort allows users to cause a crash (CVE-2018-10935) * 389-ds-base: Server crash through modify command with large DN (CVE-2018-14624) * 389-ds-base: Crash in delete_passwdPolicy when persistent search connections are terminated unexpectedly (CVE-2018-14638) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. The CVE-2018-10850 issue was discovered by Thierry Bordaz (Red Hat) and the CVE-2018-14638 issue was discovered by Viktor Ashirov (Red Hat). Bug Fix(es): * Previously, the nucn-stans framework was enabled by default in Directory Server, but the framework is not stable. As a consequence, deadlocks and file descriptor leaks could occur. This update changes the default value of the nsslapd-enable-nunc-stans parameter to "off". (BZ#1614836) * When a search evaluates the "shadowAccount" entry, Directory Server adds the shadow attributes to the entry. If the fine-grained password policy is enabled, the "shadowAccount" entry can contain its own "pwdpolicysubentry" policy attribute. Previously, to retrieve this attribute, the server started an internal search for each "shadowAccount" entry, which was unnecessary because the entry was already known to the server. As a result, the performance of searches, such as response time and throughput, is improved. (BZ#1615924) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the 389 server service will be restarted automatically. 5. Package List: Red Hat Enterprise Linux Client Optional (v. 7): Source: 389-ds-base-1.3.7.5-28.el7_5.src.rpm x86_64: 389-ds-base-1.3.7.5-28.el7_5.x86_64.rpm 389-ds-base-debuginfo-1.3.7.5-28.el7_5.x86_64.rpm 389-ds-base-devel-1.3.7.5-28.el7_5.x86_64.rpm 389-ds-base-libs-1.3.7.5-28.el7_5.x86_64.rpm 389-ds-base-snmp-1.3.7.5-28.el7_5.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: 389-ds-base-1.3.7.5-28.el7_5.src.rpm x86_64: 389-ds-base-1.3.7.5-28.el7_5.x86_64.rpm 389-ds-base-debuginfo-1.3.7.5-28.el7_5.x86_64.rpm 389-ds-base-devel-1.3.7.5-28.el7_5.x86_64.rpm 389-ds-base-libs-1.3.7.5-28.el7_5.x86_64.rpm 389-ds-base-snmp-1.3.7.5-28.el7_5.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: 389-ds-base-1.3.7.5-28.el7_5.src.rpm ppc64le: 389-ds-base-1.3.7.5-28.el7_5.ppc64le.rpm 389-ds-base-debuginfo-1.3.7.5-28.el7_5.ppc64le.rpm 389-ds-base-libs-1.3.7.5-28.el7_5.ppc64le.rpm x86_64: 389-ds-base-1.3.7.5-28.el7_5.x86_64.rpm 389-ds-base-debuginfo-1.3.7.5-28.el7_5.x86_64.rpm 389-ds-base-libs-1.3.7.5-28.el7_5.x86_64.rpm Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7): Source: 389-ds-base-1.3.7.5-28.el7_5.src.rpm aarch64: 389-ds-base-1.3.7.5-28.el7_5.aarch64.rpm 389-ds-base-debuginfo-1.3.7.5-28.el7_5.aarch64.rpm 389-ds-base-libs-1.3.7.5-28.el7_5.aarch64.rpm ppc64le: 389-ds-base-1.3.7.5-28.el7_5.ppc64le.rpm 389-ds-base-debuginfo-1.3.7.5-28.el7_5.ppc64le.rpm 389-ds-base-libs-1.3.7.5-28.el7_5.ppc64le.rpm Red Hat Enterprise Linux Server Optional (v. 7): Source: 389-ds-base-1.3.7.5-28.el7_5.src.rpm ppc64: 389-ds-base-1.3.7.5-28.el7_5.ppc64.rpm 389-ds-base-debuginfo-1.3.7.5-28.el7_5.ppc64.rpm 389-ds-base-devel-1.3.7.5-28.el7_5.ppc64.rpm 389-ds-base-libs-1.3.7.5-28.el7_5.ppc64.rpm 389-ds-base-snmp-1.3.7.5-28.el7_5.ppc64.rpm ppc64le: 389-ds-base-debuginfo-1.3.7.5-28.el7_5.ppc64le.rpm 389-ds-base-devel-1.3.7.5-28.el7_5.ppc64le.rpm 389-ds-base-snmp-1.3.7.5-28.el7_5.ppc64le.rpm s390x: 389-ds-base-1.3.7.5-28.el7_5.s390x.rpm 389-ds-base-debuginfo-1.3.7.5-28.el7_5.s390x.rpm 389-ds-base-devel-1.3.7.5-28.el7_5.s390x.rpm 389-ds-base-libs-1.3.7.5-28.el7_5.s390x.rpm 389-ds-base-snmp-1.3.7.5-28.el7_5.s390x.rpm x86_64: 389-ds-base-debuginfo-1.3.7.5-28.el7_5.x86_64.rpm 389-ds-base-devel-1.3.7.5-28.el7_5.x86_64.rpm 389-ds-base-snmp-1.3.7.5-28.el7_5.x86_64.rpm Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7): Source: 389-ds-base-1.3.7.5-28.el7_5.src.rpm aarch64: 389-ds-base-debuginfo-1.3.7.5-28.el7_5.aarch64.rpm 389-ds-base-devel-1.3.7.5-28.el7_5.aarch64.rpm 389-ds-base-snmp-1.3.7.5-28.el7_5.aarch64.rpm ppc64le: 389-ds-base-debuginfo-1.3.7.5-28.el7_5.ppc64le.rpm 389-ds-base-devel-1.3.7.5-28.el7_5.ppc64le.rpm 389-ds-base-snmp-1.3.7.5-28.el7_5.ppc64le.rpm s390x: 389-ds-base-1.3.7.5-28.el7_5.s390x.rpm 389-ds-base-debuginfo-1.3.7.5-28.el7_5.s390x.rpm 389-ds-base-devel-1.3.7.5-28.el7_5.s390x.rpm 389-ds-base-libs-1.3.7.5-28.el7_5.s390x.rpm 389-ds-base-snmp-1.3.7.5-28.el7_5.s390x.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: 389-ds-base-1.3.7.5-28.el7_5.src.rpm x86_64: 389-ds-base-1.3.7.5-28.el7_5.x86_64.rpm 389-ds-base-debuginfo-1.3.7.5-28.el7_5.x86_64.rpm 389-ds-base-libs-1.3.7.5-28.el7_5.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: 389-ds-base-debuginfo-1.3.7.5-28.el7_5.x86_64.rpm 389-ds-base-devel-1.3.7.5-28.el7_5.x86_64.rpm 389-ds-base-snmp-1.3.7.5-28.el7_5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-10850 https://access.redhat.com/security/cve/CVE-2018-10935 https://access.redhat.com/security/cve/CVE-2018-14624 https://access.redhat.com/security/cve/CVE-2018-14638 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBW6qI2dzjgjWX9erEAQgW5g//Xn0tMzXPX9ttN9u/n6vEr3kEio7meGc8 g70R7mtWsJj5z3VfnvFD5mRmQQinsMJXI0/IUfBU+X/oZb7rGI33ALYh0lg1rerc 2jxXBAwJKpSwkstFvJiUs2XOznh3VaYkwg/UxqEtkh4xSnO1WfbFJpHhoPIf6d8Y Cu7ymH+3VGLTR3N11HJzbrmKdmyt3p/s8UGuKO0Lh6rtnSdtM7eq5mfOYgRAp/Wm PZgVCLexexfVNzqzIjkt/KzpNrobFJUryZbXrafVpq14nUAWFRWDN4TCzUdDd0GA um46apVZHH2mAZuq+FIvokFBIIxW2DEvxj/c2UiZqDv2o7TOocssOJXw4CUIsitD QZBLnlmH/jq/L4HHwnT/4eshz2kX6yEYVNP7Nhv4bamEC7eu0y8anItyErZ7+w2L aY/3kL3uWssWnU9ESyIXvex34HmcHK0FzeBKV5ZUEwBXfdjBAGf5k8l0MyoyiS7D FK+OxXsLaORs66GaPA1MHAyAscIVTElu0GQRInDQKCgRf3uvzKT3UammoPF6Djk4 DxxIVjFV7ZExade0XdjlpkI4kUItvxXRnvAX7nT34D+jBny3WuWuVCLHUcrvYaZl hf1pBHkwR/kuK/BHh99QM/JrfvJixe0Nwosdi+ra1TO2eB2/TPtJUdeoiMcoF7qA emssayK3UGk=rOwt -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce