reportbug: CVE-2008-2230 code execution by preparing module files in os.curdir

Debian Bug report logs - #484311
reportbug: CVE-2008-2230 code execution by preparing module files in os.curdir

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Thomas Arendsen Hein <thomas@intevation.de>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: reportbug adds os.curdir to sys.path

Date: Tue, 3 Jun 2008 18:26:29 +0200

Package: reportbug
Version: 3.31
Severity: grave
Tags: security
Justification: user security hole

sys.path = [os.curdir, '/usr/share/reportbug'] + sys.path

To "exploit":

$ echo 'raise "FOO"' > token.py
$ reportbug
Traceback (most recent call last):
  File "/usr/bin/reportbug", line 39, in ?
    import optparse, re, os, pwd, time, locale, commands, checkversions
  File "/usr/lib/python2.4/optparse.py", line 73, in ?
    from gettext import gettext as _
  File "/usr/lib/python2.4/gettext.py", line 49, in ?
    import locale, copy, os, re, struct, sys
  File "/usr/lib/python2.4/copy.py", line 65, in ?
    import inspect
  File "/usr/lib/python2.4/inspect.py", line 31, in ?
    import sys, os, types, string, re, dis, imp, tokenize, linecache
  File "/usr/lib/python2.4/tokenize.py", line 30, in ?
    from token import *
  File "./token.py", line 1, in ?
    raise "FOO"
FOO

-- Package-specific info:
** Environment settings:
EDITOR="vim"
EMAIL="Thomas Arendsen Hein <thomas@intevation.de>"

** /home/thomas/.reportbugrc:
mutt
email "thomas@intevation.de"
realname "Thomas Arendsen Hein"

-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.24.3-id1-k8-2
Locale: LANG=en_US, LC_CTYPE=de_DE@euro (charmap=ISO-8859-15)

Versions of packages reportbug depends on:
ii  python                        2.4.4-2    An interactive high-level object-o
ii  python-central                0.5.12     register and build utility for Pyt

Versions of packages reportbug recommends:
pn  python-cjkcodecs | python-ico <none>     (no description available)

-- no debconf information

-- 
thomas@intevation.de - http://intevation.de/~thomas/ - OpenPGP key: 0x5816791A
Intevation GmbH, Osnabrueck - Register: Amtsgericht Osnabrueck, HR B 18998
Geschaeftsfuehrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner

Message #10 received at 484311@bugs.debian.org (full text, mbox, reply):

From: Nico Golde <nion@debian.org>

To: Thomas Arendsen Hein <thomas@intevation.de>, 484311@bugs.debian.org

Subject: Re: Bug#484311: reportbug adds os.curdir to sys.path

Date: Wed, 4 Jun 2008 12:39:45 +0200

[Message part 1 (text/plain, inline)]

Hi Thomas,
* Thomas Arendsen Hein <thomas@intevation.de> [2008-06-03 18:51]:
[...] 
> sys.path = [os.curdir, '/usr/share/reportbug'] + sys.path
> 
> To "exploit":
[...] 
Please use CVE-2008-2230 if you fix this bug and reference 
this CVE id in the changelog when closing the bug.
Cheers
Nico
-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.

[Message part 2 (application/pgp-signature, inline)]

Message #15 received at 484311@bugs.debian.org (full text, mbox, reply):

From: "Thijs Kinkhorst" <thijs@debian.org>

To: "Thomas Arendsen Hein" <thomas@intevation.de>, 484311@bugs.debian.org

Cc: team@security.debian.org, nion@debian.org

Subject: Re: Bug#484311: reportbug adds os.curdir to sys.path

Date: Wed, 4 Jun 2008 12:48:52 +0200 (CEST)

Hi,

On Tue, June 3, 2008 18:26, Thomas Arendsen Hein wrote:
> Package: reportbug
> Version: 3.31
> Severity: grave
> Tags: security
> Justification: user security hole
>
>
> sys.path = [os.curdir, '/usr/share/reportbug'] + sys.path
>
> To "exploit":
> $ echo 'raise "FOO"' > token.py
> $ reportbug

Can you explain how this is a practical user security hole? Your exploit
shows how to "exploit yourself", but it seems very unlikely to me that an
attacker can
1) create a file token.py
2) make sure the user is in that curdir
3) AND invoke reportbug.

That seems rather contrived to me.


Thijs

Message #20 received at 484311@bugs.debian.org (full text, mbox, reply):

From: Nico Golde <nion@debian.org>

To: undisclosed-recipients:;

Cc: Thomas Arendsen Hein <thomas@intevation.de>, 484311@bugs.debian.org, team@security.debian.org

Subject: Re: Bug#484311: reportbug adds os.curdir to sys.path

Date: Wed, 4 Jun 2008 13:14:44 +0200

[Message part 1 (text/plain, inline)]

Hi Thijs,
* Thijs Kinkhorst <thijs@debian.org> [2008-06-04 12:52]:
> On Tue, June 3, 2008 18:26, Thomas Arendsen Hein wrote:
> > Package: reportbug
> > Version: 3.31
> > Severity: grave
> > Tags: security
> > Justification: user security hole
> >
> >
> > sys.path = [os.curdir, '/usr/share/reportbug'] + sys.path
> >
> > To "exploit":
> > $ echo 'raise "FOO"' > token.py
> > $ reportbug
> 
> Can you explain how this is a practical user security hole? Your exploit
> shows how to "exploit yourself", but it seems very unlikely to me that an
> attacker can
> 1) create a file token.py
> 2) make sure the user is in that curdir
> 3) AND invoke reportbug.
> 
> That seems rather contrived to me.

I agree that it is of a low impact but I disagree that this 
is not a security issue, people are using reportbug in /tmp 
and I don't see a reason to assume people are not doing 
that.

Cheers
Nico
-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.

[Message part 2 (application/pgp-signature, inline)]

Message #23 received at 484311@bugs.debian.org (full text, mbox, reply):

From: Y Giridhar Appaji Nag <giridhar@appaji.net>

To: Thomas Arendsen Hein <thomas@intevation.de>, 484311@bugs.debian.org

Subject: Re: Bug#484311: reportbug adds os.curdir to sys.path

Date: Wed, 4 Jun 2008 16:51:01 +0530

[Message part 1 (text/plain, inline)]

On 08/06/03 18:26 +0200, Thomas Arendsen Hein said ...
> sys.path = [os.curdir, '/usr/share/reportbug'] + sys.path

It looks like os.curdir has been added to sys.path only for temporary
debugging purposes (code modified in local directory and wanting to test it
without installing reportbug).

Chris, can you confirm that this is case?  We can remove os.curdir or add it
as the last entry in sys.path.

As an aside, I noticed that /usr/share/reportbug is added to sys.path once
again in __main__ in reportbug_submit.py.

And in querybts too:

 27 import sys, os
 28 sys.path = [os.curdir, '/usr/share/reportbug'] + sys.path

Cheers,

Giridhar

-- 
Y Giridhar Appaji Nag | http://appaji.net/

[signature.asc (application/pgp-signature, inline)]

Message #28 received at 484311@bugs.debian.org (full text, mbox, reply):

From: "Sandro Tosi" <matrixhasu@gmail.com>

To: "Nico Golde" <nion@debian.org>, team@security.debian.org, "Reportbug Maintainers" <reportbug-maint@lists.alioth.debian.org>

Cc: "Thomas Arendsen Hein" <thomas@intevation.de>, 484311@bugs.debian.org, "Thijs Kinkhorst" <thijs@debian.org>

Subject: Re: Bug#484311: reportbug adds os.curdir to sys.path

Date: Wed, 4 Jun 2008 13:30:41 +0200

Hi all,

>> > sys.path = [os.curdir, '/usr/share/reportbug'] + sys.path
>> >
>> > To "exploit":
>> > $ echo 'raise "FOO"' > token.py
>> > $ reportbug
>>
>> Can you explain how this is a practical user security hole? Your exploit
>> shows how to "exploit yourself", but it seems very unlikely to me that an
>> attacker can
>> 1) create a file token.py
>> 2) make sure the user is in that curdir
>> 3) AND invoke reportbug.
>>
>> That seems rather contrived to me.
>
> I agree that it is of a low impact but I disagree that this
> is not a security issue, people are using reportbug in /tmp
> and I don't see a reason to assume people are not doing
> that.

Thanks a lot for the promptly support! I'm currently at work, with no
svn (+ssh keys) access: once at home I'll prepare an upload for
reportbug fixing this issue; just for reference, I'll remove all
os.curdir from list below:

$ grep sys.path *
querybts:sys.path = [os.curdir, '/usr/share/reportbug'] + sys.path
reportbug:sys.path = ['/usr/share/reportbug'] + sys.path
reportbug:    sys.path.append('/usr/share/reportbug')
reportbug.py:    for d in sys.path:
reportbug_submit.py:sys.path = [os.curdir, '/usr/share/reportbug'] + sys.path
reportbug_submit.py:    sys.path.append('/usr/share/reportbug')

Kindly,
Sandro

PS: link to CVE: http://security-tracker.debian.net/tracker/CVE-2008-2230

-- 
Sandro Tosi (aka morph, Morpheus, matrixhasu)
My website: http://matrixhasu.altervista.org/
Me at Debian: http://wiki.debian.org/SandroTosi

Message #31 received at 484311@bugs.debian.org (full text, mbox, reply):

From: Y Giridhar Appaji Nag <giridhar@appaji.net>

To: Thomas Arendsen Hein <thomas@intevation.de>, 484311@bugs.debian.org

Subject: Re: Bug#484311: reportbug adds os.curdir to sys.path

Date: Wed, 4 Jun 2008 17:35:05 +0530

[Message part 1 (text/plain, inline)]

# Bcc: control
tags 484311 + patch
thanks

On 08/06/04 16:51 +0530, Y Giridhar Appaji Nag said ...
> Chris, can you confirm that this is case?  We can remove os.curdir or add it
> as the last entry in sys.path.
> 
> As an aside, I noticed that /usr/share/reportbug is added to sys.path once
> again in __main__ in reportbug_submit.py.
> 
> And in querybts too:

Attached patch.  This can be modified -- the parts in the patch that change
sys.path.append should be removed -- for a minimally modified reportbug for
the security upload queues.

Giridhar

-- 
Y Giridhar Appaji Nag | http://appaji.net/

[reportbug_3.40_484311.diff (text/x-diff, attachment)]

[signature.asc (application/pgp-signature, inline)]

Message #38 received at 484311@bugs.debian.org (full text, mbox, reply):

From: "Thijs Kinkhorst" <thijs@debian.org>

To: "Nico Golde" <nion@debian.org>

Cc: "Thomas Arendsen Hein" <thomas@intevation.de>, 484311@bugs.debian.org, team@security.debian.org

Subject: Re: Bug#484311: reportbug adds os.curdir to sys.path

Date: Wed, 4 Jun 2008 14:13:12 +0200 (CEST)

On Wed, June 4, 2008 13:14, Nico Golde wrote:
> I agree that it is of a low impact but I disagree that this
> is not a security issue, people are using reportbug in /tmp and I don't see
> a reason to assume people are not doing that.

The chance of succesful exploitation still seems very small, and indeed
even then the problem is limited to just a regular user account. It's good
that Sandro is fixing the bug directly so I'm not going to argue over bug
severity, but I'm marking it as no-dsa for stable.


Thijs

Message #43 received at 484311@bugs.debian.org (full text, mbox, reply):

From: Thomas Arendsen Hein <thomas@intevation.de>

To: Thijs Kinkhorst <thijs@debian.org>

Cc: Nico Golde <nion@debian.org>, 484311@bugs.debian.org, team@security.debian.org

Subject: Re: Bug#484311: reportbug adds os.curdir to sys.path

Date: Wed, 4 Jun 2008 14:27:00 +0200

* Thijs Kinkhorst <thijs@debian.org> [20080604 14:13]:
> On Wed, June 4, 2008 13:14, Nico Golde wrote:
> > I agree that it is of a low impact but I disagree that this
> > is not a security issue, people are using reportbug in /tmp and I don't see
> > a reason to assume people are not doing that.
> 
> The chance of succesful exploitation still seems very small, and indeed
> even then the problem is limited to just a regular user account. It's good
> that Sandro is fixing the bug directly so I'm not going to argue over bug
> severity, but I'm marking it as no-dsa for stable.

I encountered this bug in the real world: I extracted a tarball
which contained a file named token.py, then I wanted to report a
problem and therefore started reportbug.

This tarball did not contain harmful code, but as I did not verify
it before (because I did not intend to execute parts of it), it
could have been harmful.

And of course there is /tmp as mentioned by Nico Golde.

Regards,
Thomas

-- 
thomas@intevation.de - http://intevation.de/~thomas/ - OpenPGP key: 0x5816791A
Intevation GmbH, Osnabrueck - Register: Amtsgericht Osnabrueck, HR B 18998
Geschaeftsfuehrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner

Message #48 received at 484311@bugs.debian.org (full text, mbox, reply):

From: "Thijs Kinkhorst" <thijs@debian.org>

To: "Thomas Arendsen Hein" <thomas@intevation.de>

Cc: "Nico Golde" <nion@debian.org>, 484311@bugs.debian.org, team@security.debian.org

Subject: Re: Bug#484311: reportbug adds os.curdir to sys.path

Date: Wed, 4 Jun 2008 14:33:49 +0200 (CEST)

On Wed, June 4, 2008 14:27, Thomas Arendsen Hein wrote:
> I encountered this bug in the real world: I extracted a tarball
> which contained a file named token.py, then I wanted to report a problem
> and therefore started reportbug.
>
> This tarball did not contain harmful code, but as I did not verify
> it before (because I did not intend to execute parts of it), it could have
> been harmful.
>
> And of course there is /tmp as mentioned by Nico Golde.

That it can happen by accident does not mean that it is easy to explicitly
exploit. I still believe that those chances are small enough to not
consider an update to stable (needs local malicious user, needs victim
user to run reportbug in exactly the right dir, and only then provides
access to "just" the user account).

If the maintainer wants to provide an update through a stable point update
that is of course fine.


Thijs

Message #53 received at 484311@bugs.debian.org (full text, mbox, reply):

From: "Chris Lawrence" <lordsutch@gmail.com>

To: 484311@bugs.debian.org, nion@debian.org, reportbug-maint@lists.alioth.debian.org, team@security.debian.org, thijs@debian.org, thomas@intevation.de

Subject: Re: Bug#484311: reportbug adds os.curdir to sys.path

Date: Wed, 4 Jun 2008 10:53:51 -0400

Per my vac message if you guys can put together a quick release in the
next day or so that would be great. It will otherwise be Tuesday at
the earliest. Chris.

On 6/4/08, Thijs Kinkhorst <thijs@debian.org> wrote:
> On Wed, June 4, 2008 14:27, Thomas Arendsen Hein wrote:
>> I encountered this bug in the real world: I extracted a tarball
>> which contained a file named token.py, then I wanted to report a problem
>> and therefore started reportbug.
>>
>> This tarball did not contain harmful code, but as I did not verify
>> it before (because I did not intend to execute parts of it), it could have
>> been harmful.
>>
>> And of course there is /tmp as mentioned by Nico Golde.
>
> That it can happen by accident does not mean that it is easy to explicitly
> exploit. I still believe that those chances are small enough to not
> consider an update to stable (needs local malicious user, needs victim
> user to run reportbug in exactly the right dir, and only then provides
> access to "just" the user account).
>
> If the maintainer wants to provide an update through a stable point update
> that is of course fine.
>
>
> Thijs
>
>
>
>

-- 
Sent from Gmail for mobile | mobile.google.com

Christopher N. Lawrence, Ph.D. <clawren@tulane.edu>
Visiting Assistant Professor of Political Science
Tulane University
309 Norman Mayer Building
New Orleans, Louisiana 70118-5698

Website: http://www.cnlawrence.com/

Message #58 received at 484311@bugs.debian.org (full text, mbox, reply):

From: Nico Golde <nion@debian.org>

To: Thomas Arendsen Hein <thomas@intevation.de>, 484311@bugs.debian.org, team@security.debian.org

Subject: Re: Bug#484311: reportbug adds os.curdir to sys.path

Date: Wed, 4 Jun 2008 17:38:37 +0200

[Message part 1 (text/plain, inline)]

Hi Thijs,
* Thijs Kinkhorst <thijs@debian.org> [2008-06-04 14:14]:
> On Wed, June 4, 2008 13:14, Nico Golde wrote:
> > I agree that it is of a low impact but I disagree that this
> > is not a security issue, people are using reportbug in /tmp and I don't see
> > a reason to assume people are not doing that.
> 
> The chance of succesful exploitation still seems very small, and indeed
> even then the problem is limited to just a regular user account. It's good
> that Sandro is fixing the bug directly so I'm not going to argue over bug
> severity, but I'm marking it as no-dsa for stable.

Ok I thought you were also arguing about the severity in the 
tracker. No-dsa seems fine to me.

Cheers
Nico
-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.

[Message part 2 (application/pgp-signature, inline)]

Message #63 received at 484311@bugs.debian.org (full text, mbox, reply):

From: Nico Golde <nion@debian.org>

To: 484311@bugs.debian.org

Subject: Re: Bug#484311: reportbug adds os.curdir to sys.path

Date: Wed, 4 Jun 2008 18:01:50 +0200

[Message part 1 (text/plain, inline)]

Hi,
please also fix:

diff -Nru reportbug-3.40/checks/compare_pseudo-pkgs_lists.py reportbug-3.40+nmu1/checks/compare_pseudo-pkgs_lists.py
--- reportbug-3.40/checks/compare_pseudo-pkgs_lists.py  2008-05-22 03:21:42.000000000 +0200
+++ reportbug-3.40+nmu1/checks/compare_pseudo-pkgs_lists.py     2008-06-04 17:53:30.000000000 +0200
@@ -8,7 +8,6 @@
 # agaists the official list on ftp-master
 
 import sys, os
-sys.path = ['.'] + sys.path
 
 import debianbts
 

Cheers
Nico

-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.

[Message part 2 (application/pgp-signature, inline)]

Message #68 received at 484311@bugs.debian.org (full text, mbox, reply):

From: "Sandro Tosi" <matrixhasu@gmail.com>

To: "Nico Golde" <nion@debian.org>, 484311@bugs.debian.org

Subject: Re: Bug#484311: reportbug adds os.curdir to sys.path

Date: Wed, 4 Jun 2008 18:26:14 +0200

> please also fix:
>
> diff -Nru reportbug-3.40/checks/compare_pseudo-pkgs_lists.py reportbug-3.40+nmu1/checks/compare_pseudo-pkgs_lists.py
> --- reportbug-3.40/checks/compare_pseudo-pkgs_lists.py  2008-05-22 03:21:42.000000000 +0200
> +++ reportbug-3.40+nmu1/checks/compare_pseudo-pkgs_lists.py     2008-06-04 17:53:30.000000000 +0200
> @@ -8,7 +8,6 @@
>  # agaists the official list on ftp-master
>
>  import sys, os
> -sys.path = ['.'] + sys.path
>
>  import debianbts

As discussed with Nico on #debian-security@OFTC, I don't change that
file: we need to use the 'debianbts.py' file stored in the current
directory, since we need to diff the local version (possibly changed)
of pseudo-packages list with the one on ftp-master.

I've just uploaded reportbug version 3.41, that fix the CVE and this bug.

I'd like to thank everyone for the prompt reply: Giridhar for the
first commit, Nico for the fast reply from sec team, Thomas for
reporting this bug, and the director because believed in me, my
mother... :D

Cheers,
Sandro

-- 
Sandro Tosi (aka morph, Morpheus, matrixhasu)
My website: http://matrixhasu.altervista.org/
Me at Debian: http://wiki.debian.org/SandroTosi

Message #73 received at 484311-close@bugs.debian.org (full text, mbox, reply):

From: Sandro Tosi <matrixhasu@gmail.com>

To: 484311-close@bugs.debian.org

Subject: Bug#484311: fixed in reportbug 3.41

Date: Wed, 04 Jun 2008 16:32:06 +0000

Source: reportbug
Source-Version: 3.41

We believe that the bug you reported is fixed in the latest version of
reportbug, which is due to be installed in the Debian FTP archive:

reportbug_3.41.dsc
  to pool/main/r/reportbug/reportbug_3.41.dsc
reportbug_3.41.tar.gz
  to pool/main/r/reportbug/reportbug_3.41.tar.gz
reportbug_3.41_all.deb
  to pool/main/r/reportbug/reportbug_3.41_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 484311@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sandro Tosi <matrixhasu@gmail.com> (supplier of updated reportbug package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 04 Jun 2008 18:07:23 +0200
Source: reportbug
Binary: reportbug
Architecture: source all
Version: 3.41
Distribution: unstable
Urgency: high
Maintainer: Reportbug Maintainers <reportbug-maint@lists.alioth.debian.org>
Changed-By: Sandro Tosi <matrixhasu@gmail.com>
Description: 
 reportbug  - reports bugs in the Debian distribution
Closes: 484245 484311
Changes: 
 reportbug (3.41) unstable; urgency=high
 .
   [ Sandro Tosi ]
   * Security bugfix release, hence urgency is set to high
   * querybts, reportbug_submit.py
     - os.curdir is not added to sys.path anymore, thanks to Thomas Arendsen
       Hein <thomas@intevation.de> for the report; Fixes: CVE-2008-2230;
       Closes: #484311
 .
   [ Chris Lawrence ]
   * debian/control
     - Added self to Uploaders
     - Set Maintainer to new list on alioth.
 .
   [ Y Giridhar Appaji Nag ]
   * debianbts.py
     - Remove kde, ximian (and helixcode) and mandriva, they use bugzilla
     - Remove grml, they use roundup
   * --body-file doesn't allow preview of report, don't suggest using it with
     saved files.  Thanks Shai Berger <shai@platonix.com> for the bug report
     (Closes: #484245)
   * remove calls to sys.path.append('/usr/share/reportbug') from reportbug
Checksums-Sha1: 
 9b4ad4e509620acc725bf19760ed36194a2720de 1174 reportbug_3.41.dsc
 76e3a22e05258209aa7a104b9742ac70c876e758 172667 reportbug_3.41.tar.gz
 95b495f14e36fb9c74ee51fc6b78636f80068202 155342 reportbug_3.41_all.deb
Checksums-Sha256: 
 ff10275b722545b23d6f4ec1af438d982fb2b9e4c8ffc3ff2d1303d04d18fea6 1174 reportbug_3.41.dsc
 79c8ba196e732952f6b1124ce02e54271c265d1b7d19fcd7dff6e65798c96ea5 172667 reportbug_3.41.tar.gz
 d93976de5c6817715adf596920848dfd82070a96e02eab65eba08133d92ab872 155342 reportbug_3.41_all.deb
Files: 
 993b549aaae186b33c7f2cf7176f34c0 1174 utils standard reportbug_3.41.dsc
 4881aec921882b98fe2c878a4960d0b4 172667 utils standard reportbug_3.41.tar.gz
 17e428b316b9debf00966c200be34c89 155342 utils standard reportbug_3.41_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkhGv3wACgkQAukwV0RN2VDrBQCdF24VjfV1R+inSqnY4YK/ScAN
s8sAnj/5M70OjHTYzb2L6upNcGthvDpI
=/2sB
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.