[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] SUSE Security Announcement: cvs (SuSE-SA:2004:015)



Hi.

I have recently updated my companie's cvs server with this patch, and every 
time someone tries to add a file to any repository, this error is returned:

"protocol error: Malformed Entry"

AFAIK, there has not been any of this errors before the update.

May have something to do or maybe not, but checking the snort and cvs logs, I 
found this:

Jun 10 04:42:22 cvs_server cvs[31084]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:23 cvs_server cvs[31085]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:23 cvs_server cvs: login refused for /cvs
Jun 10 04:42:23 cvs_server cvs[31086]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:23 cvs_server cvs: login refused for /cvsroot
Jun 10 04:42:23 cvs_server cvs[31087]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:23 cvs_server cvs: login refused for /var/cvs
Jun 10 04:42:24 cvs_server cvs[31088]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:24 cvs_server cvs: login refused for /anoncvs
Jun 10 04:42:24 cvs_server cvs[31089]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:24 cvs_server cvs: login refused for /repository
Jun 10 04:42:24 cvs_server cvs[31090]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:24 cvs_server cvs: login refused for /home/CVS
Jun 10 04:42:25 cvs_server cvs[31091]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:25 cvs_server cvs: login refused for /home/cvspublic
Jun 10 04:42:25 cvs_server cvs[31092]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:25 cvs_server cvs[31093]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:25 cvs_server cvs: login refused for /var/lib/cvs
Jun 10 04:42:26 cvs_server cvs[31094]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:26 cvs_server cvs: login refused for /var/cvsroot
Jun 10 04:42:26 cvs_server cvs[31095]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:26 cvs_server cvs: login refused for /usr/lib/cvs
Jun 10 04:42:26 cvs_server cvs[31096]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:26 cvs_server cvs: login refused for /usr/CVSroot
Jun 10 04:42:26 cvs_server cvs[31097]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:26 cvs_server cvs: login refused for /usr/share/cvsroot
Jun 10 04:42:27 cvs_server cvs[31098]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:27 cvs_server cvs: login refused for /usr/local/cvsroot
Jun 10 04:42:27 cvs_server cvs[31099]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:27 cvs_server cvs: login refused for /usr/local/cvs
Jun 10 04:42:27 cvs_server cvs[31100]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:27 cvs_server cvs: login refused for /webcvs
Jun 10 04:42:28 cvs_server cvs[31101]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:28 cvs_server cvs[31102]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:28 cvs_server cvs[31103]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:29 cvs_server cvs[31104]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:29 cvs_server cvs[31105]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:29 cvs_server cvs[31106]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:30 cvs_server cvs[31107]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:30 cvs_server cvs[31108]: connect from X.Y.Z.P (X.Y.Z.P)
Jun 10 04:42:30 cvs_server cvs[31109]: connect from X.Y.Z.P (X.Y.Z.P)


Snort gave this alert 25 times:

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

[**] MISC CVS invalid user authentication response [**]
06/10-04:42:30.736186 cvs_server:2401 -> X.Y.Z.P:38751
TCP TTL:64 TOS:0x0 ID:8780 IpLen:20 DgmLen:108 DF
***AP*** Seq: 0x9E843F90  Ack: 0x4575EB7C  Win: 0x16A0  TcpLen: 32
TCP Options (3) => NOP NOP TS: 218918232 84681280
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

Whoever it was, it seems he/she was able to enter the cvs at 04:42:28. The 
patch wa applied at 11:48. From y2log-2:

2004-06-10 11:48:01 <0> cvs_server(15042) [packagemanager] 
RpmDb.cc(checkPackage):1142 rpm command:  rpm --checksig /var/lib/YaST2/you/
i386/update/8.1/rpm/i586/cvs-1.11.1p1-332.i586.patch.rpm

chkrootkit reports nothing, but I'm afraid someone may have taken advantage of 
any of the cvs vulnerabilities.

Please, anyone can give me a hint on this? Is the "Malformed Entry" error 
being caused by the attack (if any) or by the patch itself? Maybe by both of 
them?

Thanks.

El Miércoles, 9 de Junio de 2004 15:42, Thomas Biege escribió:
> 
> 
______________________________________________________________________________
> 
>                         SUSE Security Announcement
> 
>         Package:                cvs
>         Announcement-ID:        SuSE-SA:2004:015
>         Date:                   Wed Jun  9 15:00:00 MEST 2004
>         Affected products:      8.0, 8.1, 8.2, 9.0, 9.1
>                                 SuSE Firewall on CD 2 - VPN
>                                 SuSE Firewall on CD 2
>                                 SuSE Linux Enterprise Server 7, 8
>                                 SuSE Linux Office Server
>                                 UnitedLinux 1.0
>         Vulnerability Type:     remote command execution
>         Severity (1-10):        6
>         SUSE default package:   No.
>         Cross References:       CAN-2004-0416
>                                 CAN-2004-0417
>                                 CAN-2004-0418
> 
>     Content of this advisory:
>         1) security vulnerability resolved: various security issues in cvs
>            problem description, discussion, solution and upgrade information
>         2) pending vulnerabilities, solutions, workarounds:
>              - icecast
>              - sitecopy
>              - cadaver
>              - tla
>              - OpenOffice_org
>              - tripwire
>              - postgresql
>              - lha
>              - apache/mod_ssl
>         3) standard appendix (further information)
> 
> 
______________________________________________________________________________
> 
> 1)  problem description, brief discussion, solution, upgrade information
> 
>     The Concurrent Versions System (CVS) offers tools which allow developers
>     to share and maintain large software projects.
>       Various remotely exploitable conditions have been found during a
>     source code review of CVS done by Stefan Esser and Sebastian Krahmer
>     (SuSE Security-Team).
>     These bugs allow remote attackers to execute arbitrary code as the user
>     the CVS server runs as. Since there is no easy workaround we strongly
>     recommend to update the cvs package.
>       The update packages fix vulnerabilities which have been assigned the
>     CAN numbers CAN-2004-0416, CAN-2004-0417 and CAN-2004-0418.
>     The cvs packages shipped by SUSE (as well as our recent updates for CVS)
>     are not vulnerable to CAN-2004-0414.
> 
>     Please download the update package for your distribution and verify its
>     integrity by the methods listed in section 3) of this announcement.
>     Then, install the package using the command "rpm -Fhv file.rpm" to apply
>     the update.
>     Our maintenance customers are being notified individually. The packages
>     are being offered to install from the maintenance web.
> 
> 
>     Intel i386 Platform:
> 
>     SuSE-9.1:
>     ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/
cvs-1.11.14-24.6.i586.rpm
>       47731cff36f671c97e90a8b304dfa508
>     patch rpm(s):
>     ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/
cvs-1.11.14-24.6.i586.patch.rpm
>       d9aaad71404029c53d3972f035f58b41
>     source rpm(s):
>     ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/
cvs-1.11.14-24.6.src.rpm
>       f3fdcd3355df637c34d1c2058be48fba
> 
>     SuSE-9.0:
>     ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/
cvs-1.11.6-83.i586.rpm
>       b2c14b51a074fd8059af6d084d2684bd
>     patch rpm(s):
>     ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/
cvs-1.11.6-83.i586.patch.rpm
>       e22c93b42f31ac7e9319cf31a266f6c0
>     source rpm(s):
>     ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/
cvs-1.11.6-83.src.rpm
>       211950707baf445fbe87fd73b243da18
> 
>     SuSE-8.2:
>     ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/
cvs-1.11.5-114.i586.rpm
>       c9e1680bd0fa4fb5239e89747add07e9
>     patch rpm(s):
>     ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/
cvs-1.11.5-114.i586.patch.rpm
>       8cabcc36b298326e738311cad37f32dc
>     source rpm(s):
>     ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/
cvs-1.11.5-114.src.rpm
>       ebeca38a0d002044c68c20bfc051b14f
> 
>     SuSE-8.1:
>     ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/
cvs-1.11.1p1-332.i586.rpm
>       597bac9a562582828b1f5cadd30f004f
>     patch rpm(s):
>     ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/
cvs-1.11.1p1-332.i586.patch.rpm
>       fc1a12767ad7e2fbfb7294cc4112b2f7
>     source rpm(s):
>     ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/
cvs-1.11.1p1-332.src.rpm
>       fb51cfd019b7f84857b6c6454b21418d
> 
>     SuSE-8.0:
>     ftp://ftp.suse.com/pub/suse/i386/update/8.0/d3/cvs-1.11.1p1-332.i386.rpm
>       67de2e7aed4d0cc282965118bd1afb66
>     patch rpm(s):
>     ftp://ftp.suse.com/pub/suse/i386/update/8.0/d3/
cvs-1.11.1p1-332.i386.patch.rpm
>       9a1a381eba6312ab168e22c7d519a93a
>     source rpm(s):
>     ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/cvs-1.11.1p1-332.src.rpm
>       b10baa53b3e0e4a1d0839cb5d4696215
> 
> 
>     Opteron x86_64 Platform:
> 
>     SuSE-9.1:
>     ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/
cvs-1.11.14-24.6.x86_64.rpm
>       6aec551d7128a714e40cc30e94b8f885
>     patch rpm(s):
>     ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/
cvs-1.11.14-24.6.x86_64.patch.rpm
>       64cb1180ab428731febd8259da9cf15d
>     source rpm(s):
>     ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/
cvs-1.11.14-24.6.src.rpm
>       98bb92fa2691254c2928cb54a9b40767
> 
>     SuSE-9.0:
>     ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/
cvs-1.11.6-83.x86_64.rpm
>       c913bf7436b3e7b9ccc1dda4a4af6f41
>     patch rpm(s):
>     ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/
cvs-1.11.6-83.x86_64.patch.rpm
>       5bbdbaf7ea7df6d57c8c1581e2ca5d87
>     source rpm(s):
>     ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/
cvs-1.11.6-83.src.rpm
>       f2953162aa93eb55b9f4c5200bedde6d
> 
> 
______________________________________________________________________________
> 
> 2)  Pending vulnerabilities in SUSE Distributions and Workarounds:
> 
>     - icecast
>     The icecast service is vulnerable to a remote denial-of-service
>     attack. Update packages will be available soon.
> 
>     - sitecopy
>     The sitecopy package includes a vulnerable version of the
>     neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be
>     available soon.
> 
>     - cadaver
>     The cadaver package includes a vulnerable version of the
>     neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be
>     available soon.
> 
>     - tla
>     The tla package includes a vulnerable version of the
>     neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be
>     available soon.
> 
>     - OpenOffice_org
>     The OpenOffice_org package includes a vulnerable version
>     of the neon library (CAN-2004-0179, CAN-2004-0398). Update packages
>     will be available soon.
> 
>     - tripwire
>     A format string bug in tripwire can be exploited locally
>     to gain root permissions. Update packages will be available soon.
> 
>     - postgresql
>     A buffer overflow in psqlODBC could be exploited to crash the
>     application using it. E.g. a PHP script that uses ODBC to access a
>     PostgreSQL database can be utilized to crash the surrounding Apache
>     webserver. Other parts of PostgreSQL are not affected.
>     Update packages will be available soon.
> 
>     - lha
>     Minor security fix for a buffer overflow while handling command
>     line options. This buffer overflow could be exploited in conjunction
>     with other mechanisms to gain higher privileges or access the system
>     remotely.
> 
>     - apache/mod_ssl
>     A buffer overflow in a uuencode function of mod_ssl has been fixed as
>     well as various minor bugs (CAN-2003-0987, CAN-2003-0020, CAN-2004-0174
>     and CAN-2003-0993). New packages are available on our ftp servers.
> 
> 
______________________________________________________________________________
> 
> 3)  standard appendix: authenticity verification, additional information
> 
>   - Package authenticity verification:
> 
>     SUSE update packages are available on many mirror ftp servers all over
>     the world. While this service is being considered valuable and important
>     to the free and open source software community, many users wish to be
>     sure about the origin of the package and its content before installing
>     the package. There are two verification methods that can be used
>     independently from each other to prove the authenticity of a downloaded
>     file or rpm package:
>     1) md5sums as provided in the (cryptographically signed) announcement.
>     2) using the internal gpg signatures of the rpm package.
> 
>     1) execute the command
>         md5sum <name-of-the-file.rpm>
>        after you downloaded the file from a SUSE ftp server or its mirrors.
>        Then, compare the resulting md5sum with the one that is listed in the
>        announcement. Since the announcement containing the checksums is
>        cryptographically signed (usually using the key security@xxxxxxx),
>        the checksums show proof of the authenticity of the package.
>        We disrecommend to subscribe to security lists which cause the
>        email message containing the announcement to be modified so that
>        the signature does not match after transport through the mailing
>        list software.
>        Downsides: You must be able to verify the authenticity of the
>        announcement in the first place. If RPM packages are being rebuilt
>        and a new version of a package is published on the ftp server, all
>        md5 sums for the files are useless.
> 
>     2) rpm package signatures provide an easy way to verify the authenticity
>        of an rpm package. Use the command
>         rpm -v --checksig <file.rpm>
>        to verify the signature of the package, where <file.rpm> is the
>        filename of the rpm package that you have downloaded. Of course,
>        package authenticity verification can only target an un-installed rpm
>        package file.
>        Prerequisites:
>         a) gpg is installed
>         b) The package is signed using a certain key. The public part of 
this
>            key must be installed by the gpg program in the directory
>            ~/.gnupg/ under the user's home directory who performs the
>            signature verification (usually root). You can import the key
>            that is used by SUSE in rpm packages for SUSE Linux by saving
>            this announcement to a file ("announcement.txt") and
>            running the command (do "su -" to be root):
>             gpg --batch; gpg < announcement.txt | gpg --import
>            SUSE Linux distributions version 7.1 and thereafter install the
>            key "build@xxxxxxx" upon installation or upgrade, provided that
>            the package gpg is installed. The file containing the public key
>            is placed at the top-level directory of the first CD 
(pubring.gpg)
>            and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de .
> 
> 
>   - SUSE runs two security mailing lists to which any interested party may
>     subscribe:
> 
>     suse-security@xxxxxxxx
>         -   general/linux/SUSE security discussion.
>             All SUSE security announcements are sent to this list.
>             To subscribe, send an email to
>                 <suse-security-subscribe@xxxxxxxx>.
> 
>     suse-security-announce@xxxxxxxx
>         -   SUSE's announce-only mailing list.
>             Only SUSE's security announcements are sent to this list.
>             To subscribe, send an email to
>                 <suse-security-announce-subscribe@xxxxxxxx>.
> 
>     For general information or the frequently asked questions (faq)
>     send mail to:
>         <suse-security-info@xxxxxxxx> or
>         <suse-security-faq@xxxxxxxx> respectively.
> 
>     =====================================================================
>     SUSE's security contact is <security@xxxxxxxx> or <security@xxxxxxx>.
>     The <security@xxxxxxx> public key is listed below.
>     =====================================================================
> 
______________________________________________________________________________
> 
>     The information in this advisory may be distributed or reproduced,
>     provided that the advisory is not modified in any way. In particular,
>     it is desired that the clear-text signature shows proof of the
>     authenticity of the text.
>     SUSE Linux AG makes no warranties of any kind whatsoever with respect
>     to the information contained in this security advisory.
> 
> Type Bits/KeyID    Date       User ID
> pub  2048R/3D25D3D9 1999-03-06 SuSE Security Team <security@xxxxxxx>
> pub  1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build@xxxxxxx>
> 
> -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: GnuPG v1.0.6 (GNU/Linux)
> Comment: For info see http://www.gnupg.org
> 
> mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff
> 4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d
> M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO
> QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK
> XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE
> D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd
> G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM
> CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE
> myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr
> YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD
> wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d
> NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe
> QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe
> LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t
> XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU
> D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3
> 0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot
> 1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW
> cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E
> ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f
> AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E
> Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/
> HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h
> t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT
> tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM
> 523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q
> 2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8
> QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw
> JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ
> 1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH
> ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1
> wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY
> EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol
> 0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK
> CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co
> SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo
> omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt
> A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J
> /LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE
> GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf
> ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT
> ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8
> RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ
> 8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb
> B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X
> 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA
> 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj
> qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p
> WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL
> hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG
> BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+
> AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi
> RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0
> zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM
> /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7
> whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl
> D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz
> dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI
> RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI
> DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE=
> =LRKC
> -----END PGP PUBLIC KEY BLOCK-----
> 
> 
> 
> -- 
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
> 
> 

-- 
---------------------------------------------------------------------------------
Manuel Balderrábano

e-mail: garibolo@xxxxxxxxxx
---------------------------------------------------------------------------------


--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here