Ubuntu Security Notice 6057-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.

==========================================================================  
Ubuntu Security Notice USN-6057-1  
May 05, 2023

linux-intel-iotg vulnerabilities  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:  
- linux-intel-iotg: Linux kernel for Intel IoT platforms

Details:

It was discovered that the Traffic-Control Index (TCINDEX) implementation  
in the Linux kernel contained a use-after-free vulnerability. A local  
attacker could use this to cause a denial of service (system crash) or  
possibly execute arbitrary code. (CVE-2023-1281)

It was discovered that the OverlayFS implementation in the Linux kernel did  
not properly handle copy up operation in some conditions. A local attacker  
could possibly use this to gain elevated privileges. (CVE-2023-0386)

Haowei Yan discovered that a race condition existed in the Layer 2  
Tunneling Protocol (L2TP) implementation in the Linux kernel. A local  
attacker could possibly use this to cause a denial of service (system  
crash). (CVE-2022-4129)

It was discovered that the network queuing discipline implementation in the  
Linux kernel contained a null pointer dereference in some situations. A  
local attacker could use this to cause a denial of service (system crash).  
(CVE-2022-47929)

It was discovered that the NTFS file system implementation in the Linux  
kernel contained a null pointer dereference in some situations. A local  
attacker could use this to cause a denial of service (system crash).  
(CVE-2022-4842)

Kyle Zeng discovered that the IPv6 implementation in the Linux kernel  
contained a NULL pointer dereference vulnerability in certain situations. A  
local attacker could use this to cause a denial of service (system crash).  
(CVE-2023-0394)

It was discovered that the Human Interface Device (HID) support driver in  
the Linux kernel contained a type confusion vulnerability in some  
situations. A local attacker could use this to cause a denial of service  
(system crash). (CVE-2023-1073)

It was discovered that a memory leak existed in the SCTP protocol  
implementation in the Linux kernel. A local attacker could use this to  
cause a denial of service (memory exhaustion). (CVE-2023-1074)

It was discovered that the NFS implementation in the Linux kernel did not  
properly handle pending tasks in some situations. A local attacker could  
use this to cause a denial of service (system crash) or expose sensitive  
information (kernel memory). (CVE-2023-1652)

Lianhui Tang discovered that the MPLS implementation in the Linux kernel  
did not properly handle certain sysctl allocation failure conditions,  
leading to a double-free vulnerability. An attacker could use this to cause  
a denial of service or possibly execute arbitrary code. (CVE-2023-26545)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 22.04 LTS:  
   linux-image-5.15.0-1028-intel-iotg  5.15.0-1028.33  
   linux-image-intel-iotg          5.15.0.1028.27

After a standard system update you need to reboot your computer to make  
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have  
been given a new version number, which requires you to recompile and  
reinstall all third party kernel modules you might have installed.  
Unless you manually uninstalled the standard kernel metapackages  
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,  
linux-powerpc), a standard system upgrade will automatically perform  
this as well.

References:  
   https://ubuntu.com/security/notices/USN-6057-1  
   CVE-2022-4129, CVE-2022-47929, CVE-2022-4842, CVE-2023-0386,  
   CVE-2023-0394, CVE-2023-1073, CVE-2023-1074, CVE-2023-1281,  
   CVE-2023-1652, CVE-2023-26545

Package Information:  
   https://launchpad.net/ubuntu/+source/linux-intel-iotg/5.15.0-1028.33

Ubuntu Security Notice USN-6057-1

Ubuntu Security Notice 6056-1 - It was discovered that a race condition existed in the Xen transport layer implementation for the 9P file system protocol in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or expose sensitive information.

    ==========================================================================Ubuntu Security Notice USN-6056-1May 05, 2023linux-oem-6.1 vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTSSummary:The guest VM system could be made to crash or expose sensitive information.Software Description:- linux-oem-6.1: Linux kernel for OEM systemsDetails:It was discovered that a race condition existed in the Xen transport layerimplementation for the 9P file system protocol in the Linux kernel, leadingto a use-after-free vulnerability. A local attacker could use this to causea denial of service (guest crash) or expose sensitive information (guestkernel memory).Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS:   linux-image-6.1.0-1010-oem      6.1.0-1010.10   linux-image-oem-22.04c          6.1.0.1010.10After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:   https://ubuntu.com/security/notices/USN-6056-1   CVE-2023-1859Package Information:   https://launchpad.net/ubuntu/+source/linux-oem-6.1/6.1.0-1010.10

Ubuntu Security Notice USN-6056-1

A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service.

**Tested version:**  
libheif-1.15.1

**Description of the bug:**  
Floating point exception is triggered when processing a crafted heif image, caused by divide by zero error, which leads to a crash.  
This can be used for denial of service attacks.

**Steps to reproduce the bug:**  
Compile with Address Sanitizer (ASan) :  
./fuzzer ./poc.heif

**Address Sanitizer log:**

    min@skensita:~/heif/fuzzer$ ./fuzzer dbg/classifiedCrashes/7e74fe547c83f1da6453572ddfe6832d1da6109c
    AddressSanitizer:DEADLYSIGNAL
    =================================================================
    ==8030==ERROR: AddressSanitizer: FPE on unknown address 0x55722e2d29ed (pc 0x55722e2d29ed bp 0x7ffebc2cd170 sp 0x7ffebc2cd160 T0)
        #0 0x55722e2d29ec in heif::Fraction::round() const (/home/min/heif/fuzzer/fuzzer+0x1189ec)
        #1 0x55722e2f32da in heif::Box_clap::bottom_rounded(int) const (/home/min/heif/fuzzer/fuzzer+0x1392da)
        #2 0x55722e22568c in heif::HeifContext::decode_image_planar(unsigned int, std::shared_ptr<heif::HeifPixelImage>&, heif_colorspace, heif_decoding_options const*, bool) const (/home/min/heif/fuzzer/fuzzer+0x6b68c)
        #3 0x55722e222609 in heif::HeifContext::decode_image_user(unsigned int, std::shared_ptr<heif::HeifPixelImage>&, heif_colorspace, heif_chroma, heif_decoding_options const*) const (/home/min/heif/fuzzer/fuzzer+0x68609)
        #4 0x55722e1dd8dc in heif_decode_image (/home/min/heif/fuzzer/fuzzer+0x238dc)
        #5 0x55722e1d46fa in TestDecodeImage(heif_context*, heif_image_handle const*) (/home/min/heif/fuzzer/fuzzer+0x1a6fa)
        #6 0x55722e1d4c4c in main (/home/min/heif/fuzzer/fuzzer+0x1ac4c)
        #7 0x7fed2bb83082 in __libc_start_main ../csu/libc-start.c:308
        #8 0x55722e1d42bd in _start (/home/min/heif/fuzzer/fuzzer+0x1a2bd)
    
    AddressSanitizer can not provide additional info.
    SUMMARY: AddressSanitizer: FPE (/home/min/heif/fuzzer/fuzzer+0x1189ec) in heif::Fraction::round() const
    ==8030==ABORTING
    

Please check the attached POC.

POC.zip

CVE-2023-29659: FPE in box.cc - heif::Fraction::round() · Issue #794 · strukturag/libheif

IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow a remote attacker to cause a denial of service due to an error processing invalid data.  IBM X-Force ID:  248418.

  

**Summary**

IBM MQ Appliance has resolved a denial of service vulnerability.

**Vulnerability Details**

**CVEID:**   CVE-2023-26285  
**DESCRIPTION:**   IBM MQ could allow a remote attacker to cause a denial of service due to an error processing invalid data.  
CVSS Base score: 5.9  
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/248418 for the current score.  
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

**Affected Products and Versions**

Affected Product(s)

Version(s)

IBM MQ Appliance

9.3 LTS

IBM MQ Appliance

9.2 CD

IBM MQ Appliance

9.2 LTS

IBM MQ Appliance

9.3 CD

**Remediation/Fixes**

This vulnerability is addressed under IT43381

**IBM strongly recommends addressing the vulnerability now.**

**IBM MQ Appliance version 9.2 LTS**

**IBM MQ Appliance version 9.2 CD**

**IBM MQ Appliance version 9.3 LTS**

**IBM MQ Appliance version 9.3 CD**

**Workarounds and Mitigations**

None

**References**

Off

**Acknowledgement**

The vulnerability was reported to IBM by Praveen KSM Squad X – CIO Security ING

**Change History**

27 Apr 2023: Initial Publication

\*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

**Disclaimer**

According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. "Affected Products and Versions" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.

**Document Location**

Worldwide

\[{"Type":"MASTER","Line of Business":{"code":"LOB36","label":"IBM Automation"},"Business Unit":{"code":"BU053","label":"Cloud \\u0026 Data Platform"},"Product":{"code":"SS5K6E","label":"IBM MQ Appliance"},"ARM Category":\[{"code":"a8m0z00000008MzAAI","label":"Security"}\],"ARM Case Number":"","Platform":\[{"code":"PF025","label":"Platform Independent"}\],"Version":"9.2.0;9.3.0"}\]

CVE-2023-26285: Security Bulletin: IBM MQ Appliance could allow a remote attacker to cause a denial of service (CVE-2023-26285)

IBM MQ Clients 9.2 CD, 9.3 CD, and 9.3 LTS are vulnerable to a denial of service attack when processing configuration files.  IBM X-Force ID:  244216.

**Security Bulletin**

  

**Summary**

An issue was identified that may cause IBM MQ Clients to be vulnerable to a denial of service attack when processing configuration files.

**Vulnerability Details**

**CVEID:**   CVE-2023-22874  
**DESCRIPTION:**   IBM MQ Clients are vulnerable to a denial of service attack when processing configuration files.  
CVSS Base score: 5.5  
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/244216 for the current score.  
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)

**Affected Products and Versions**

Affected Product(s)

Version(s)

IBM MQ

9.2 CD

IBM MQ

9.3 CD

IBM MQ

9.3 LTS

**Remediation/Fixes**

**Workarounds and Mitigations**

None

**References**

Off

**Change History**

26 Apr 2023: Initial Publication

\*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

**Disclaimer**

According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. "Affected Products and Versions" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.

**Document Location**

Worldwide

\[{"Business Unit":{"code":"BU059","label":"IBM Software w\\/o TPS"},"Product":{"code":"SSYHRD","label":"IBM MQ"},"Component":"","Platform":\[{"code":"PF002","label":"AIX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF051","label":"Linux on IBM Z Systems"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}\],"Version":"9.2.4, 9.2.5, 9.3.0, 9.3.1, 9.3.2","Edition":"All","Line of Business":{"code":"LOB45","label":"Automation"}}\]

CVE-2023-22874: Security Bulletin: IBM MQ Clients are vulnerable to a denial of service attack (CVE-2023-22874)

IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow an authenticated attacker with authorization to craft messages to cause a denial of service.  IBM X-Force ID:  241354.

CVE-2022-43919: IBM MQ denial of service CVE-2022-43919 Vulnerability Report

Tenda AC18 v15.03.05.19(6318_)_cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function.

Permalink

Cannot retrieve contributors at this time

Tenda AC18 Unauthorized command injection

****1\. Affected version:****

Tenda ac18\_kf\_V15.03.05.19(6318\_)\_cn

****2\. Firmware download address****

AC18升级软件\_腾达(Tenda)官方网站

****3\. Vulnerability details****

The function "setUsbUnload" contains a command injection vulnerability. As a result, by requesting the page, an attacker can easily execute a denial of service attack or remote code execution with carefully crafted overflow data.

****4\. Recurring vulnerabilities and POC****

**5\. Author**

Drizzling\_Sun @KRlab

CVE-2023-30135: Tenda/8.md at main · DrizzlingSun/Tenda

A Regular Expression Denial of Service (ReDoS) issue was discovered in Puppet Server 7.9.2 certificate validation. An issue related to specifically crafted certificate names significantly slowed down server operations.

**CVSS 3 Base Score:

5.3

****Posted On:

May 2, 2023

****Assessed Risk Level:

Medium

**

A Regular Expression Denial of Service (ReDoS) issue was discovered in Puppet Server 7.9.2 certificate validation. An issue related to specifically crafted certificate names significantly slowed down server operations.

**Status:**

**Affected software versions:**

*   Puppet Enterprise 2021.7.1 

*   Puppet Enterprise 2023.0 
    
*   Puppet Server 7.9.2
    

**Resolved in:**

*   Puppet Enterprise 2021.7.3 

*   Puppet Enterprise 2023.1 
    
*   Puppet Server 7.11.0 and 8.0.0
    

← Back to CVE Listings

CVE-2023-1894: CVE-2023-1894 - Puppet Server ReDoS

Ubuntu Security Notice 6055-1 - It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue is being addressed only for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.

==========================================================================  
Ubuntu Security Notice USN-6055-1  
May 04, 2023

ruby2.3, ruby2.5, ruby2.7 vulnerabilities  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS  
- Ubuntu 18.04 LTS  
- Ubuntu 16.04 ESM

Summary:

Several security issues were fixed in Ruby.

Software Description:  
- ruby2.7: Object-oriented scripting language  
- ruby2.5: Object-oriented scripting language  
- ruby2.3: Object-oriented scripting language

Details:

It was discovered that Ruby incorrectly handled certain regular expressions.  
An attacker could possibly use this issue to cause a denial of service.  
(CVE-2023-28755)

It was discovered that Ruby incorrectly handled certain regular expressions.  
An attacker could possibly use this issue to cause a denial of service.  
This issue is being addressed only for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.  
(CVE-2023-28756)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 20.04 LTS:  
  libruby2.7                      2.7.0-5ubuntu1.9  
  ruby2.7                         2.7.0-5ubuntu1.9

Ubuntu 18.04 LTS:  
  libruby2.5                      2.5.1-1ubuntu1.14  
  ruby2.5                         2.5.1-1ubuntu1.14

Ubuntu 16.04 ESM:  
  libruby2.3                      2.3.1-2~ubuntu16.04.16+esm5  
  ruby2.3                         2.3.1-2~ubuntu16.04.16+esm5

In general, a standard system update will make all the necessary changes.

References:  
  https://ubuntu.com/security/notices/USN-6055-1  
  CVE-2023-28755, CVE-2023-28756

Package Information:  
  https://launchpad.net/ubuntu/+source/ruby2.7/2.7.0-5ubuntu1.9  
  https://launchpad.net/ubuntu/+source/ruby2.5/2.5.1-1ubuntu1.14

Ubuntu Security Notice USN-6055-1

Red Hat Security Advisory 2023-2107-01 - The Migration Toolkit for Containers (MTC) 1.7.9 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. Issues addressed include a denial of service vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: Migration Toolkit for Containers (MTC) 1.7.9 security and bug fix update  
Advisory ID:       RHSA-2023:2107-01  
Product:           Red Hat Migration Toolkit  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:2107  
Issue date:        2023-05-04  
CVE Names:         CVE-2022-4304 CVE-2022-4450 CVE-2022-41724   
                   CVE-2022-41725 CVE-2023-0215 CVE-2023-0286   
                   CVE-2023-0361 CVE-2023-23916 CVE-2023-25173   
                   CVE-2023-28617   
=====================================================================

1. Summary:

The Migration Toolkit for Containers (MTC) 1.7.9 is now available.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Description:

The Migration Toolkit for Containers (MTC) enables you to migrate  
Kubernetes resources, persistent volume data, and internal container images  
between OpenShift Container Platform clusters, using the MTC web console or  
the Kubernetes API.

Security Fix(es) from Bugzilla:

* golang: crypto/tls: large handshake records may cause panics  
(CVE-2022-41724)

* golang: net/http, mime/multipart: denial of service from excessive  
resource consumption (CVE-2022-41725)

* containerd: Supplementary groups are not set up properly (CVE-2023-25173)

For more details about the security issue(s), including the impact, a CVSS  
score, and other related information, refer to the CVE page(s) listed in  
the References section.

3. Solution:

Before applying this update, make sure all previously released errata  
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

4. Bugs fixed (https://bugzilla.redhat.com/):

2174485 - CVE-2023-25173 containerd: Supplementary groups are not set up properly  
2178488 - CVE-2022-41725 golang: net/http, mime/multipart: denial of service from excessive resource consumption  
2178492 - CVE-2022-41724 golang: crypto/tls: large handshake records may cause panics

5. References:

https://access.redhat.com/security/cve/CVE-2022-4304  
https://access.redhat.com/security/cve/CVE-2022-4450  
https://access.redhat.com/security/cve/CVE-2022-41724  
https://access.redhat.com/security/cve/CVE-2022-41725  
https://access.redhat.com/security/cve/CVE-2023-0215  
https://access.redhat.com/security/cve/CVE-2023-0286  
https://access.redhat.com/security/cve/CVE-2023-0361  
https://access.redhat.com/security/cve/CVE-2023-23916  
https://access.redhat.com/security/cve/CVE-2023-25173  
https://access.redhat.com/security/cve/CVE-2023-28617  
https://access.redhat.com/security/updates/classification/#moderate

6. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZFNIXdzjgjWX9erEAQjZLg//Qss/RATn6qEdUmxr+5ca7dZB7vRc5xr2  
hZOh4YEIKdQ5ka8aFz05fUIJhHmRIO0FZn8KUDWoLZNy20VcQXRgDqJAp3qaZ8e5  
soWpeqcKTaEnHBGA0pa4QZP24yS/XVMiDdSvwYvSiRBXF0TDq0BLlo4t5bw5oMiv  
DvicfYK0OnbmNho3NotXo9URmdo3xW1b62DKFPVXnZjQeRLbvlpQrwvNDLY1itV1  
r1Cz4lIEEX6atNhBU7y8yE3TTg8S1ss4BtcM6FmkbyKuPz2m9f3AFGOlplXIhVq0  
zNKegjfQR0xeRLvs71rJd+rSRZ/8L326SEHS+2+zmil+Krfx0dE26FwYwBE83sk9  
PEWRQLhSweQonxthKSstoThHbaKQamIOm2pdOdYjqy1LAX8hV45QFTf8Yc4UD5o8  
gGLU3+xdlLlGvo4rtgY4eK0/Sn+wxF5omrBxb4hdKMRcs1fdTQKx9tkAatzAEnzS  
aOxtU2TLvxbp/O5kS9Ayqg1MuhL4sb3rN+RZMXEMSGu8cI97PGMNRLrtgbgoGCOI  
jX/K4gA3IynIbqIt5m0xP7KA5KqMB/10iVIpwsZFR7Q8VkmSHX5pWyc3Of6Y/yHf  
apspLbSdLGSE33VaVa5O4oxTt0U+OM1+3kwNXNSNuqL9I6uLqbTCcXYadSim+ycQ  
i5zGVFwZRVQ=  
=ODYu  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Tag

#dos