freexl: CVE-2017-2924: Heap-based buffer overflow in the read_legacy_biff function

Debian Bug report logs - #875691
freexl: CVE-2017-2924: Heap-based buffer overflow in the read_legacy_biff function

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: freexl: CVE-2017-2924: Heap-based buffer overflow in the read_legacy_biff function

Date: Wed, 13 Sep 2017 19:06:18 +0200

Source: freexl
Version: 1.0.3-1
Severity: grave
Tags: upstream security

Hi,

the following vulnerability was published for freexl.

CVE-2017-2923[0]:
Heap-based buffer overflow in the read_biff_next_record function

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-2923
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2923
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1490896
[2] https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0431

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Message #10 received at 875691@bugs.debian.org (full text, mbox, reply):

From: Bas Couwenberg <sebastic@xs4all.nl>

To: Salvatore Bonaccorso <carnil@debian.org>,875690@bugs.debian.org,875691@bugs.debian.org

Subject: Fixed in FreeXL 1.0.4

Date: Wed, 13 Sep 2017 19:27:26 +0200

Control: tags -1 fixed-upstream

Should be fixed in the new upstream release:

https://groups.google.com/forum/m/#!topic/spatialite-users/Wpj62XSzcZY

I'm not able to work on this until I return from VAC.

Kind Regards,

Bas

Message #21 received at 875691-close@bugs.debian.org (full text, mbox, reply):

From: Bas Couwenberg <sebastic@debian.org>

To: 875691-close@bugs.debian.org

Subject: Bug#875691: fixed in freexl 1.0.4-1

Date: Fri, 15 Sep 2017 21:05:59 +0000

Source: freexl
Source-Version: 1.0.4-1

We believe that the bug you reported is fixed in the latest version of
freexl, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 875691@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bas Couwenberg <sebastic@debian.org> (supplier of updated freexl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 15 Sep 2017 21:37:56 +0200
Source: freexl
Binary: libfreexl-dev libfreexl1 libfreexl1-dbg
Architecture: source amd64
Version: 1.0.4-1
Distribution: unstable
Urgency: medium
Maintainer: Debian GIS Project <pkg-grass-devel@lists.alioth.debian.org>
Changed-By: Bas Couwenberg <sebastic@debian.org>
Description:
 libfreexl-dev - library for direct reading of Microsoft Excel spreadsheets - deve
 libfreexl1 - library for direct reading of Microsoft Excel spreadsheets
 libfreexl1-dbg - library for direct reading of Microsoft Excel spreadsheets - debu
Closes: 875690 875691
Changes:
 freexl (1.0.4-1) unstable; urgency=medium
 .
   * New upstream release.
     Fixes TALOS-2017-430 (CVE-2017-2923) & TALOS-2017-431 (CVE-2017-2924).
     (closes: #875690, #875691)
Checksums-Sha1:
 1015eabe9afeea2ed3dfd27fe06167536bd5dbec 2111 freexl_1.0.4-1.dsc
 e909bdfb4590debb16b75f5c6df7f33cbccdff33 938754 freexl_1.0.4.orig.tar.gz
 7c1396d7ec1c8bc05238603481b8fe82a750a9ae 12840 freexl_1.0.4-1.debian.tar.xz
 3d10efcbcd56172f09a4ec2777bfb1b921197b61 6371 freexl_1.0.4-1_amd64.buildinfo
 d23d3c5688168ff1385896785d8a1a3484b3c9fd 32396 libfreexl-dev_1.0.4-1_amd64.deb
 b5be9df5bd3fc7561d564a0c03d24168dc47fab8 50010 libfreexl1-dbg_1.0.4-1_amd64.deb
 63e4d452eb9ddfc7520b589d4a358cc46135af53 33542 libfreexl1_1.0.4-1_amd64.deb
Checksums-Sha256:
 393ed1b6110bf55bcc8e02d376f854276b9f3dccdaf63a0502732cab3f917df0 2111 freexl_1.0.4-1.dsc
 500ff1010bbceee26d4ce1b991515736bd8c0ae6894f8c38468c05c224fe7c25 938754 freexl_1.0.4.orig.tar.gz
 12b4a7c4d57d97d044ccc2b05b7fd4d6ce7ad00297788a53bce7217027e73404 12840 freexl_1.0.4-1.debian.tar.xz
 31c5de8fad1bbdb99724ab3595af2c0d15ce3613fa824c320278e26f56c81712 6371 freexl_1.0.4-1_amd64.buildinfo
 ea3591305dc1882cd78b6430989896b63dcbdec8d5d8ffbc408fdb472ea25366 32396 libfreexl-dev_1.0.4-1_amd64.deb
 22f08e874b8b50f588c93265aa4fcada40f75b913c59ece329cad34dd053279d 50010 libfreexl1-dbg_1.0.4-1_amd64.deb
 e35d789c4e7810d7fd5c198a1c04c9b82473e2ec179688b19c730c714890de35 33542 libfreexl1_1.0.4-1_amd64.deb
Files:
 14b43120889cf24008d77fababe66378 2111 libs optional freexl_1.0.4-1.dsc
 2629f8690054a9f50479e16ade3d1f66 938754 libs optional freexl_1.0.4.orig.tar.gz
 e12ef5570186484afbaf4179b531af54 12840 libs optional freexl_1.0.4-1.debian.tar.xz
 4816b795a6740575e6367dbd73ae4271 6371 libs optional freexl_1.0.4-1_amd64.buildinfo
 01297d5bb8454cd0bb1f841f88967c3c 32396 libdevel optional libfreexl-dev_1.0.4-1_amd64.deb
 f5690ae04684fed546509d0b6523cc25 50010 debug extra libfreexl1-dbg_1.0.4-1_amd64.deb
 28b1b50add69a58412070f19152508bb 33542 libs optional libfreexl1_1.0.4-1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEgYLeQXBWQI1hRlDRZ1DxCuiNSvEFAlm8L3QACgkQZ1DxCuiN
SvFjdhAAncMij7x4A8/ylHoPPfd7X4tM0uLUZhx1D78AgbHej6aW357+GDW7bMml
LIdeRtLDn/SB0aS1Qr2HoFeWrPgFX71D8vCBjiY7JcdzJmfHr1u0nhNWZPZfCSTl
jS8bIzWNa859H6omNYC2CU6Eqa0dCzrdDLNzurf8LOTZHajX5Zp8aoBu+Ucg8Nna
OteC1PyYynoZP1J4M2RpYOpOkH0Vz2oRNlN6/dgyPJcCq0I4PDjG6EXE39m5l6K/
C7F6X3Hy6QBfvyBdsXuNiGnAGia9WKNazov0AIlKjt9gF16M4eYwoXaUXBXOPam2
gUMNPZfYJjbVCJQCVPdeDCDdI3DzjCSqJumalTvs9Oby3hgTkRTLHfENtgnXYi7z
egtOSVHXUMvJ0rtxkc9bf4049zGrFifWFGPqO667Tm/qZPjve1u00L0rW9BAKjd5
Effn6ZQMDYvxGssUHqj/ih0mG0UJXvzw+3QOGw44kb+inzsulcJDQWenE9QDN6go
i4lh7KKnJPCT0Wmj/+x5UKtJta63UgGQcmADjI6iZbHbHEcG72v3IF1oBwoqtoAC
4GJkaX5Xm2Ttrzs3SP8qHP9pv44xzTBKCrHx3rjDyfGEpmEg+q5FokOzWcmfDG44
HhdctmdsPThmF1OcBTapDlaVuw2/0W4CXez4gvROhaVZrUYespw=
=qmum
-----END PGP SIGNATURE-----

Message #26 received at 875691@bugs.debian.org (full text, mbox, reply):

From: Sebastiaan Couwenberg <sebastic@xs4all.nl>

To: Salvatore Bonaccorso <carnil@debian.org>, 875690@bugs.debian.org, 875691@bugs.debian.org

Subject: Fixed in FreeXL 1.0.4

Date: Sun, 17 Sep 2017 00:01:53 +0200

[Message part 1 (text/plain, inline)]

Hi Salvatore,

On 09/13/2017 07:27 PM, Bas Couwenberg wrote:
> Should be fixed in the new upstream release:
> 
> https://groups.google.com/forum/m/#!topic/spatialite-users/Wpj62XSzcZY
> 
> I'm not able to work on this until I return from VAC.

I've cherry-picked the changes from 1.0.4 and prepared updates for
stretch, jessie & wheezy. The changes are available in git, and the
debdiffs are attached.

 * https://anonscm.debian.org/cgit/pkg-grass/freexl.git/log/?h=stretch
 * https://anonscm.debian.org/cgit/pkg-grass/freexl.git/log/?h=jessie
 * https://anonscm.debian.org/cgit/pkg-grass/freexl.git/log/?h=wheezy

Are these OK to upload?

Kind Regards,

Bas

-- 
 GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1

[freexl_1.0.0b-1+deb7u4.debdiff (text/plain, attachment)]

[freexl_1.0.0g-1+deb8u4.debdiff (text/plain, attachment)]

[freexl_1.0.2-2+deb9u1.debdiff (text/plain, attachment)]

Message #31 received at 875691@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Bas Couwenberg <sebastic@xs4all.nl>

Cc: 875691@bugs.debian.org, 875690@bugs.debian.org, team@security.debian.org

Subject: Re: Fixed in FreeXL 1.0.4

Date: Sun, 17 Sep 2017 09:02:50 +0200

[Message part 1 (text/plain, inline)]

Hi Bas,

On Sun, Sep 17, 2017 at 12:01:53AM +0200, Sebastiaan Couwenberg wrote:
> Hi Salvatore,
> 
> On 09/13/2017 07:27 PM, Bas Couwenberg wrote:
> > Should be fixed in the new upstream release:
> > 
> > https://groups.google.com/forum/m/#!topic/spatialite-users/Wpj62XSzcZY
> > 
> > I'm not able to work on this until I return from VAC.
> 
> I've cherry-picked the changes from 1.0.4 and prepared updates for
> stretch, jessie & wheezy. The changes are available in git, and the
> debdiffs are attached.
> 
>  * https://anonscm.debian.org/cgit/pkg-grass/freexl.git/log/?h=stretch
>  * https://anonscm.debian.org/cgit/pkg-grass/freexl.git/log/?h=jessie
>  * https://anonscm.debian.org/cgit/pkg-grass/freexl.git/log/?h=wheezy
> 
> Are these OK to upload?

Thanks for those for jessie- and stretch-security, debdiffs look good
to me. Assuming you got a chance to test the resulting packages please
do upload the jessie- and stretch-security ones. Remember to build the
one for stretch-security with -sa since it's new to dak on
security-master.

For wheezy, there is a dedicated team taking care of LTS. So you might
want to contact debian-lts@l.d.o.

Thanks for your work, much appreciated!

Regards,
Salvatore

FTR, for future references, please Cc the security team when you have
debdiffs ready for a security-upload, this way we can distribute the
DSA load for the available team members :)

[signature.asc (application/pgp-signature, inline)]

Message #36 received at 875691-close@bugs.debian.org (full text, mbox, reply):

From: Bas Couwenberg <sebastic@debian.org>

To: 875691-close@bugs.debian.org

Subject: Bug#875691: fixed in freexl 1.0.2-2+deb9u1

Date: Sat, 23 Sep 2017 10:02:57 +0000

Source: freexl
Source-Version: 1.0.2-2+deb9u1

We believe that the bug you reported is fixed in the latest version of
freexl, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 875691@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bas Couwenberg <sebastic@debian.org> (supplier of updated freexl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 16 Sep 2017 23:19:22 +0200
Source: freexl
Binary: libfreexl-dev libfreexl1 libfreexl1-dbg
Architecture: source amd64
Version: 1.0.2-2+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Debian GIS Project <pkg-grass-devel@lists.alioth.debian.org>
Changed-By: Bas Couwenberg <sebastic@debian.org>
Description:
 libfreexl-dev - library for direct reading of Microsoft Excel spreadsheets - deve
 libfreexl1 - library for direct reading of Microsoft Excel spreadsheets
 libfreexl1-dbg - library for direct reading of Microsoft Excel spreadsheets - debu
Closes: 875690 875691
Changes:
 freexl (1.0.2-2+deb9u1) stretch-security; urgency=high
 .
   * Update branch in gbp.conf & Vcs-Git URL.
   * Add upstream patch to fix CVE-2017-2923 & CVE-2017-2924.
     (closes: #875690, #875691)
Checksums-Sha1:
 8b199325e69e45329b018617d27e56790ae1984a 2127 freexl_1.0.2-2+deb9u1.dsc
 9878a2dfb23ba00be34605557ac454539411071d 939064 freexl_1.0.2.orig.tar.gz
 aecd0e7490172e709c5b43a15e8000c13026109d 14600 freexl_1.0.2-2+deb9u1.debian.tar.xz
 a80e757eb7672d77f9da5369e50b7d6e5555c872 6362 freexl_1.0.2-2+deb9u1_amd64.buildinfo
 c53b2efd9d716d86e5679c66bf80b59e60ab86f9 32648 libfreexl-dev_1.0.2-2+deb9u1_amd64.deb
 9baafc2c8a0c533e9b6da15da45efedd7ef1eb84 50660 libfreexl1-dbg_1.0.2-2+deb9u1_amd64.deb
 e674a4005930e2cc8f9e89cc00f7d167ca2cdab2 33792 libfreexl1_1.0.2-2+deb9u1_amd64.deb
Checksums-Sha256:
 dc86625a56096baf01db9e8ada0e29cd63ae2f1c26101f4b095b136bee098bfe 2127 freexl_1.0.2-2+deb9u1.dsc
 b39a4814a0f53f5e09a9192c41e3e51bd658843f770399023a963eb064f6409d 939064 freexl_1.0.2.orig.tar.gz
 9f5e6b71205c650b89d9e781dde7eb0010cef84400588b33f8a1865f0939b88f 14600 freexl_1.0.2-2+deb9u1.debian.tar.xz
 8833dc2ab9b48d65dc3b368b07dcc95c8df7d3ed897afce3b22781faab64099f 6362 freexl_1.0.2-2+deb9u1_amd64.buildinfo
 2fc42244c0645579dc7c794a834ba249fe390c97ec357140427ce3a4b8fb0e81 32648 libfreexl-dev_1.0.2-2+deb9u1_amd64.deb
 8a56b7440676c4063c1e6688dc5208c180920ebeaf7ded1a4d32142d453e71ff 50660 libfreexl1-dbg_1.0.2-2+deb9u1_amd64.deb
 b0c09bd3e99f008066f4112a3448ab6a7da466aa8d38204ff849b9c4c0ef24b4 33792 libfreexl1_1.0.2-2+deb9u1_amd64.deb
Files:
 ccfea2082d0aaea7bb19d2046c96eb09 2127 libs optional freexl_1.0.2-2+deb9u1.dsc
 9954640e5fed76a5d9deb9b02b0169a0 939064 libs optional freexl_1.0.2.orig.tar.gz
 d2f44db313e993e954c6e1114dd45e3f 14600 libs optional freexl_1.0.2-2+deb9u1.debian.tar.xz
 1a9b1864e0d22cc5e4bd7a1825f9fcca 6362 libs optional freexl_1.0.2-2+deb9u1_amd64.buildinfo
 9f18dd57b25e6466b3be0cc439a9600f 32648 libdevel optional libfreexl-dev_1.0.2-2+deb9u1_amd64.deb
 f769906ff983949c3169d2871552e906 50660 debug extra libfreexl1-dbg_1.0.2-2+deb9u1_amd64.deb
 497618d4ab7105ebe448b7d218c3db09 33792 libs optional libfreexl1_1.0.2-2+deb9u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEgYLeQXBWQI1hRlDRZ1DxCuiNSvEFAlm+fXIACgkQZ1DxCuiN
SvHfNxAAuh9eJdfoXd6N4Oer5rzrbBqoM1I+3qDG0N/tUqrrjr7fxWHD/P/rS5uK
9TCgAlwiKYOpTxLHop86B52gS79K3H81A5XeieQ2Q9DpC9S6TfIpWkpgmcq20ywI
MI2VCwfy5P5hbhNHMU2GDQVMTgzmdysJij5UyT+ASp9MI1tC4UIxIbFtAm90ApJa
tU7y+EgbeJLAjf7Qh4lFyKDMG+cJz2KsfNusMLMwXc1byhxXrgbbM7vUAJaibgM9
LhO7GEQKFIVFOdQqhvnqmYG84ASAczmMwT0rk7vZgC/fxMYk84S5UPjKqXeJFbZd
hEbRAdAER/Qmu7kZBb/DrkDJkFmYXD92a87o8Cul0FvsIvSaECb21rTfPRJ73MfW
RRILDnN8r3H215gNJU6bxp/bhOYNZC42eSs0GwJXtsLcfChWGjkGegpFIMMNqN3L
fDfgstBLgzimVI9SkLXIa+keOngxmhc3aqu/WN5To8kY7cClsAWVu+X0QlihVSFl
t42g/nuek0jOSeJLjvKbLgWTwsUNMS44ofTl7jSVgwe1xLyMtfMXI1tp2XtT7dU7
eY0HAmKexfVBinGGefdF98CC3mjbX7l26p8ABfnSK+0POqDqpO4WAZVtu7HCa1Nc
6+h7lFsfyrpXVc1NctsGNKAP3QF3zl3z7cO41XKNCwjQoLIqrm0=
=X+xI
-----END PGP SIGNATURE-----

Message #41 received at 875691-close@bugs.debian.org (full text, mbox, reply):

From: Bas Couwenberg <sebastic@debian.org>

To: 875691-close@bugs.debian.org

Subject: Bug#875691: fixed in freexl 1.0.0g-1+deb8u4

Date: Sat, 23 Sep 2017 11:33:10 +0000

Source: freexl
Source-Version: 1.0.0g-1+deb8u4

We believe that the bug you reported is fixed in the latest version of
freexl, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 875691@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bas Couwenberg <sebastic@debian.org> (supplier of updated freexl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 16 Sep 2017 23:26:04 +0200
Source: freexl
Binary: libfreexl-dev libfreexl1 libfreexl1-dbg
Architecture: source amd64
Version: 1.0.0g-1+deb8u4
Distribution: jessie-security
Urgency: high
Maintainer: Debian GIS Project <pkg-grass-devel@lists.alioth.debian.org>
Changed-By: Bas Couwenberg <sebastic@debian.org>
Description:
 libfreexl-dev - library for direct reading of Microsoft Excel spreadsheets - deve
 libfreexl1 - library for direct reading of Microsoft Excel spreadsheets
 libfreexl1-dbg - library for direct reading of Microsoft Excel spreadsheets - debu
Closes: 875690 875691
Changes:
 freexl (1.0.0g-1+deb8u4) jessie-security; urgency=high
 .
   * Add upstream patch to fix CVE-2017-2923 & CVE-2017-2924.
     (closes: #875690, #875691)
Checksums-Sha1:
 37e7320897f6dbecc864d0d01ee39cbabfafecfe 2131 freexl_1.0.0g-1+deb8u4.dsc
 a38ea11e82f3d6794f19f554696203d05e4d3aba 14028 freexl_1.0.0g-1+deb8u4.debian.tar.xz
 3209ae37043ea7566847c02dca3c82d60100e283 31010 libfreexl-dev_1.0.0g-1+deb8u4_amd64.deb
 fc34b2728d93ebe3df6161a7aa6c919eb079c917 26638 libfreexl1_1.0.0g-1+deb8u4_amd64.deb
 dfc7842df5806bacc222682fcd16540f1b8029f5 54720 libfreexl1-dbg_1.0.0g-1+deb8u4_amd64.deb
Checksums-Sha256:
 a3a7e548c738707bdd6bfa2d9afe49f733f5d0ee26f0944e77ec833a129927be 2131 freexl_1.0.0g-1+deb8u4.dsc
 1f90a7fbeb4e8d75aba9a8b6042154b6935f809c6738430a7ff47acef40d422d 14028 freexl_1.0.0g-1+deb8u4.debian.tar.xz
 fc8ca1b04cdb2541112c03117ef96a6398e3d148f17e67f1c695a54a8f498220 31010 libfreexl-dev_1.0.0g-1+deb8u4_amd64.deb
 3a7a2e42a8664d88087c8497ff6139b93751668daa596e14642994fad1f266dd 26638 libfreexl1_1.0.0g-1+deb8u4_amd64.deb
 e88913f2355a70eb2fb9f162a69624c3ebff547684c450181c9b97cb4062555a 54720 libfreexl1-dbg_1.0.0g-1+deb8u4_amd64.deb
Files:
 79e835759a08472d9df0f6b29cdf1bae 2131 libs optional freexl_1.0.0g-1+deb8u4.dsc
 93aa9cf71c481ae99d7780c007c17571 14028 libs optional freexl_1.0.0g-1+deb8u4.debian.tar.xz
 94fe5f461cdff98627396c7788863a2f 31010 libdevel optional libfreexl-dev_1.0.0g-1+deb8u4_amd64.deb
 fd975d654b94507842bdcedfef799919 26638 libs optional libfreexl1_1.0.0g-1+deb8u4_amd64.deb
 e992eb74a2f8bd51adac082954fcaa24 54720 debug extra libfreexl1-dbg_1.0.0g-1+deb8u4_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEgYLeQXBWQI1hRlDRZ1DxCuiNSvEFAlm+fioACgkQZ1DxCuiN
SvHZXg/+Py9XK8VxNotvcM+FdsLKvz7096hH/rN9vyaIy7ggiyUshpCgtIVqOn+E
2uEKRSOM63YjtEL3sgufe01pTVXvaLiugTa4XriNk4Mnx55UFIUNuLrx0+eKZ55H
P3TGx1ArAs8+u44kUgCo8q6OuKr/7g3B096XhQvijw38BNOEssAIvZ3WIr4TVGd9
l0/iVfMWw0+ActthgLVZgZd0r3hbh4M3sbnqbJ2dqAIBDMTaI+lC9MEPBofQ7ew6
MHkp9CoSCVZA9Hru613IKXfwnpOgpNw4Av7EzjHBprVcoT4tCuiAP8PWRpo6bfNV
DBzv9DRc3o3syKn0HntzsHcJIMwoZ27+/saVk3bXlOVP63GANqs9g7MDvvkv/aCO
L4k0rE4gLi/U/EsJAI2jeUmbV+qP9SlVE2DTz87lRyYIAVyRw8OrpcrJ5KssjTnJ
0a9LjYtK8PBNlAalOCKhEqqO2/Ulfqe9V1UCTvnX9I3QOv+MhnU4O8FN6nqEVKIj
c6sc0bKy8Z9s5jlzOmLsBpxTvUx5M6YXYsvmimICN9wMk93N3/7Yz5WgLBeFSeAV
Fb5Xz+jDUwnG0KMwHpvhZ1stUInJ6h8BPYWHwERsNiZvv/fxkVxntIASeEUGNBC2
pB7841X7pXkcnirAOzPB2nxbVtixgRZ5buKdhAfrobZFVGuTrqw=
=jsWo
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.