CVE-2011-1024 CVE-2011-1025

Debian Bug report logs - #617606
CVE-2011-1024 CVE-2011-1025

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Moritz Muehlenhoff <jmm@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: CVE-2011-1024 CVE-2011-1025

Date: Wed, 09 Mar 2011 22:43:13 +0100

Package: openldap
Severity: important
Tags: security

Dear OpenLDAP maintainers,
two minor security issues have been reported in OpenLDAP:

Verbose descriptions and links to patches can be found in
the Red Hat bugzilla:

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-1024
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-1025

These issue don't warrant a DSA, but they can be fixed in a
point update. I'm CCing the stable point update coordinator
(Jonathan) on this matter.

Cheers,
        Moritz

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.37-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Message #12 received at 617606@bugs.debian.org (full text, mbox, reply):

From: Jamie Strandboge <jamie@ubuntu.com>

To: Debian Bug Tracking System <617606@bugs.debian.org>

Subject: openldap: [PATCH] CVE-2011-1024 CVE-2011-1025 and CVE-2011-1081

Date: Thu, 07 Apr 2011 12:50:51 -0500

[Message part 1 (text/plain, inline)]

Package: openldap
Version: 2.4.23-6
Severity: normal
Tags: patch
User: ubuntu-devel@lists.ubuntu.com
Usertags: origin-ubuntu natty ubuntu-patch



*** /tmp/tmplKX1Up
In Ubuntu, the attached patch was applied to achieve the following:
  * SECURITY UPDATE: fix successful anonymous bind via chain overlay when
    using forwarded authentication failures
    - debian/patches/CVE-2011-1024
    - CVE-2011-1024
  * SECURITY UPDATE: verify password when authenticating to rootdn and using ndb
    backend. Note: Ubuntu is not compiled with --enable-ndb by default
    - debian/patches/CVE-2011-1025
    - CVE-2011-1025
  * SECURITY UPDATE: fix DoS when processing unauthenticated modrdn requests
    and requestDN is empty
    - debian/patches/CVE-2011-1081
    - CVE-2011-1081
    - LP: #742104

Upstream patchsets and information are located in DEP-3 comments of the
patch. While CVE-2011-1024 and CVE-2011-1025 are pretty minor,
CVE-2011-1081 is at least a medium as a crafted unauthenticated modrdn
request can DoS the server. Attaching all patches here since the Debian
CVE tracker[1] lists this bug for CVE-2011-1081. Thanks for considering
the patch.

Jamie

[1] http://security-tracker.debian.org/tracker/CVE-2011-1081

-- System Information:
Debian Release: squeeze/sid
  APT prefers natty-updates
  APT policy: (500, 'natty-updates'), (500, 'natty-security'), (500, 'natty')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.38-8-generic (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

[tmpEEoouf (text/x-diff, attachment)]

Message #17 received at 617606-close@bugs.debian.org (full text, mbox, reply):

From: Matthijs Möhlmann <matthijs@cacholong.nl>

To: 617606-close@bugs.debian.org

Subject: Bug#617606: fixed in openldap 2.4.25-1

Date: Mon, 11 Apr 2011 21:54:26 +0000

Source: openldap
Source-Version: 2.4.25-1

We believe that the bug you reported is fixed in the latest version of
openldap, which is due to be installed in the Debian FTP archive:

ldap-utils_2.4.25-1_amd64.deb
  to main/o/openldap/ldap-utils_2.4.25-1_amd64.deb
libldap-2.4-2-dbg_2.4.25-1_amd64.deb
  to main/o/openldap/libldap-2.4-2-dbg_2.4.25-1_amd64.deb
libldap-2.4-2_2.4.25-1_amd64.deb
  to main/o/openldap/libldap-2.4-2_2.4.25-1_amd64.deb
libldap2-dev_2.4.25-1_amd64.deb
  to main/o/openldap/libldap2-dev_2.4.25-1_amd64.deb
openldap_2.4.25-1.diff.gz
  to main/o/openldap/openldap_2.4.25-1.diff.gz
openldap_2.4.25-1.dsc
  to main/o/openldap/openldap_2.4.25-1.dsc
openldap_2.4.25.orig.tar.gz
  to main/o/openldap/openldap_2.4.25.orig.tar.gz
slapd-dbg_2.4.25-1_amd64.deb
  to main/o/openldap/slapd-dbg_2.4.25-1_amd64.deb
slapd-smbk5pwd_2.4.25-1_amd64.deb
  to main/o/openldap/slapd-smbk5pwd_2.4.25-1_amd64.deb
slapd_2.4.25-1_amd64.deb
  to main/o/openldap/slapd_2.4.25-1_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 617606@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Matthijs Möhlmann <matthijs@cacholong.nl> (supplier of updated openldap package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Mon, 11 Apr 2011 22:10:14 +0200
Source: openldap
Binary: slapd slapd-smbk5pwd ldap-utils libldap-2.4-2 libldap-2.4-2-dbg libldap2-dev slapd-dbg
Architecture: source amd64
Version: 2.4.25-1
Distribution: unstable
Urgency: low
Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel@lists.alioth.debian.org>
Changed-By: Matthijs Möhlmann <matthijs@cacholong.nl>
Description: 
 ldap-utils - OpenLDAP utilities
 libldap-2.4-2 - OpenLDAP libraries
 libldap-2.4-2-dbg - Debugging information for OpenLDAP libraries
 libldap2-dev - OpenLDAP development libraries
 slapd      - OpenLDAP server (slapd)
 slapd-dbg  - Debugging information for the OpenLDAP server (slapd)
 slapd-smbk5pwd - Keeps Samba and Kerberos passwords in sync within slapd.
Closes: 555409 555867 598361 601569 606815 608699 608813 616164 616703 617606 618904 621925
Changes: 
 openldap (2.4.25-1) unstable; urgency=low
 .
   * New upstream version (Closes: #617606, #618904, #606815, #608813)
     - Fixes CVE-2011-1024, CVE-2011-1025, CVE-2011-1081
     - slapd server process frequently hangs during everyday usage is fixed in
       newer versions of openldap according to the bug submitter
   * Refresh all patches
   * Remove manpage-tlscyphersuite-additions, applied upstream
   * Remove issue-6534-patch, applied upstream
   * Add Slovak translation, thanks Slavko <linux@slavino.sk> (Closes: #608699)
   * Add debian specific patch for ldap.conf. Add TLS_CACERT option and set it
     by default to /etc/ssl/certs/ca-certificates.crt (Closes: #555409, #616703)
   * Add patch to fix a FTBFS with binutils-gold (Closes: #555867)
   * Add slapschema, just hardlink it (Closes: #601569)
   * Update patch service-operational-before-detach (Closes: #616164, #598361)
   * Add ldif_* symbols to libldap-2.4-2
   * Add upstream patch for a locking issue in libldap_r
   * Fix build failure, use @SHELL@ instead of hardcoded /bin/sh (build/top.mk)
     (Closes: #621925)
Checksums-Sha1: 
 d26deae49f9e2afce8d1457633b7c0d6ef31a431 2501 openldap_2.4.25-1.dsc
 7826c6f63a07617ba853d053e33c3775997d0f0f 4541300 openldap_2.4.25.orig.tar.gz
 8d040121feb1d54fa89e24635c3a31f8b8422974 157791 openldap_2.4.25-1.diff.gz
 662bce7e578ea5de1fce3ae1f560c420463b8947 1646490 slapd_2.4.25-1_amd64.deb
 d56b40ef1da54ed6ace57716bcfc4770109a2f11 59154 slapd-smbk5pwd_2.4.25-1_amd64.deb
 ff14b95ff4d2f96d08f3e580fe2b988d9cc9abc4 302482 ldap-utils_2.4.25-1_amd64.deb
 7666bb55d8e0af2ee21a089f9883a9fc9a70d01e 220810 libldap-2.4-2_2.4.25-1_amd64.deb
 ed87662814278c3c1b8d7011865e68c2f723a000 349124 libldap-2.4-2-dbg_2.4.25-1_amd64.deb
 163642795f21291af3465704efe3d17948d6dc97 1103104 libldap2-dev_2.4.25-1_amd64.deb
 25dc045dc786aece54f50f1ba20c96c738bcd292 4434304 slapd-dbg_2.4.25-1_amd64.deb
Checksums-Sha256: 
 32bd4fb81d50037959d62eacbf72f4d96894be864e1befbdda0beed60a5f4732 2501 openldap_2.4.25-1.dsc
 a59a89768e6c63219a0da34cbbb6250a208b7d576e0b40a9a90b150de480ec0c 4541300 openldap_2.4.25.orig.tar.gz
 9896b00d9e85564b996797fdce731f48aa7680a1d89f761873dbf36a3e1ffab9 157791 openldap_2.4.25-1.diff.gz
 c8710dc8d7c2c191b6a6a1aad31a52121cd84f663e7ad66049a2b77da8dd83a2 1646490 slapd_2.4.25-1_amd64.deb
 92645e531e8b1995955d20fd9672019536c7f544ddfe0f97cd016e75afc0a420 59154 slapd-smbk5pwd_2.4.25-1_amd64.deb
 8bc27e9cf9ca653de398f3a1a295bdec79dc1f51cbd926f8040388c3b432f9f4 302482 ldap-utils_2.4.25-1_amd64.deb
 6803988ac52826dc9ffe16a76799061bf8a517459a72243956c218bd4978eb9c 220810 libldap-2.4-2_2.4.25-1_amd64.deb
 89d82462fc765a9eacc0faecbdff77ce6eeb0da919ce70689a6c4c2b861ba364 349124 libldap-2.4-2-dbg_2.4.25-1_amd64.deb
 8a1737bb9ede6f5a95f20e0e9d983aeac6a60d912441267d3697f3bc1712d304 1103104 libldap2-dev_2.4.25-1_amd64.deb
 61e03ba289bfa23ec621941c650dad0d4a392b0d1af44646ab0c8304f524649b 4434304 slapd-dbg_2.4.25-1_amd64.deb
Files: 
 98eef6672dbe2454faf12327bf112541 2501 net optional openldap_2.4.25-1.dsc
 0ecf35eeaf859d59b529b424c7275e6a 4541300 net optional openldap_2.4.25.orig.tar.gz
 5b45b6c3f1a3771883a6b49e3e08a693 157791 net optional openldap_2.4.25-1.diff.gz
 0fe51be7b6ba407ee80c6a85361083ab 1646490 net optional slapd_2.4.25-1_amd64.deb
 bc77940d181a72d0d040dc4fa90b6eeb 59154 net extra slapd-smbk5pwd_2.4.25-1_amd64.deb
 e0b95b9a939c5118dcd80052c0a76446 302482 net optional ldap-utils_2.4.25-1_amd64.deb
 3cd9b7f19298cdb94305a0b0dde1f71a 220810 libs standard libldap-2.4-2_2.4.25-1_amd64.deb
 d2d5c2e31ccdddbc9977d771e0ffb82f 349124 debug extra libldap-2.4-2-dbg_2.4.25-1_amd64.deb
 a73b5b3b625d7d15654f3ffddd168ac5 1103104 libdevel extra libldap2-dev_2.4.25-1_amd64.deb
 da0dce16855c9938787f8141ccd8ab7e 4434304 debug extra slapd-dbg_2.4.25-1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBAgAGBQJNo2m3AAoJEBXBjvSJ+ky+PqoP/2hQMz+Huu/N8ZC5B/GjvYjw
zIgq4CO25thbJn3/n6Vo5JwZTzViOiNVzJUhRHLnP+Ov+dfWBVS34MCFbhi9PssK
iMx3S8RjfgEt7kjISEzT9FKoGLVNdHxE5vgkD+1I9k1b958hWkTn9b8MuhLXTtmo
nmGvkMsNiy8kw8oj6ujDiULVZKkNHniMQLULNx+pThnOdWQWp/qivqE/k5wB1gPv
nZYqN8yNjcUmZqNcW6qKw3Wkc06lCE09FXqriYqv5+KHmY1PXD8e4klivMCUlEgr
Bf9VD14k8iezEWHMWqHhBAP0zDOgbvOKUjIYP9Az/EBbDpJDmbvk5CN9nM9UmJFp
SmxF5yeur5QsdwL3F5EdmpIBY72voYJ7ATgzE4Pgu/1Nk4SPkhlr0SbjmtNPcZqO
OI9JBFMYW/d53CLgwQqcSnNRFpIGqddiMieR0y0i3n7KpMabiJ9TINSw0n2WbJOX
zAfdnk0JPcxqXOVxtHsml5Q//Fj6bqiEWj04CuRp5GN7miIJ9aNIuKo3E7DH53Ic
vTppzpdXqcUN+MTX+gYj+pIv8C21wnydCsjvXRsGJTiK75uK9c9sNgZVeghTOWzJ
uMouOzIdMz/JyBm06cX+ILLv2KTnuCaSkw1D6qggTvEsBC6Q8n2QsTMW0wGifD6x
puXTTJP+63akq2ellXoz
=Mcq3
-----END PGP SIGNATURE-----

Message #26 received at 617606@bugs.debian.org (full text, mbox, reply):

From: Jonathan Wiltshire <jmw@debian.org>

To: 617606@bugs.debian.org

Cc: debian-release@lists.debian.org

Subject: openldap: diff for NMU version 2.4.11-1+lenny2.1

Date: Mon, 25 Jul 2011 19:56:26 +0100

[Message part 1 (text/plain, inline)]

Dear maintainer,

The CVE identifiers in this bug are outstanding for the version in lenny.
The attached patch is a proposed NMU to fix this.

RT: Please consider the attached for oldstable. There is some .po noise
caused by debconf-updatepo being called during the package build. The
paches come from upstream's commits via Ubuntu.

If there are no objections, I will upload this package in the next couple
of days.

Thanks,

-- 
Jonathan Wiltshire                                      jmw@debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

[openldap-2.4.11-1+lenny2.1-nmu.diff (text/x-diff, attachment)]

[signature.asc (application/pgp-signature, inline)]

Message #31 received at 617606-close@bugs.debian.org (full text, mbox, reply):

From: Jonathan Wiltshire <jmw@debian.org>

To: 617606-close@bugs.debian.org

Subject: Bug#617606: fixed in openldap 2.4.11-1+lenny2.1

Date: Thu, 28 Jul 2011 20:09:21 +0000

Source: openldap
Source-Version: 2.4.11-1+lenny2.1

We believe that the bug you reported is fixed in the latest version of
openldap, which is due to be installed in the Debian FTP archive:

ldap-utils_2.4.11-1+lenny2.1_amd64.deb
  to main/o/openldap/ldap-utils_2.4.11-1+lenny2.1_amd64.deb
libldap-2.4-2-dbg_2.4.11-1+lenny2.1_amd64.deb
  to main/o/openldap/libldap-2.4-2-dbg_2.4.11-1+lenny2.1_amd64.deb
libldap-2.4-2_2.4.11-1+lenny2.1_amd64.deb
  to main/o/openldap/libldap-2.4-2_2.4.11-1+lenny2.1_amd64.deb
libldap2-dev_2.4.11-1+lenny2.1_amd64.deb
  to main/o/openldap/libldap2-dev_2.4.11-1+lenny2.1_amd64.deb
openldap_2.4.11-1+lenny2.1.diff.gz
  to main/o/openldap/openldap_2.4.11-1+lenny2.1.diff.gz
openldap_2.4.11-1+lenny2.1.dsc
  to main/o/openldap/openldap_2.4.11-1+lenny2.1.dsc
slapd-dbg_2.4.11-1+lenny2.1_amd64.deb
  to main/o/openldap/slapd-dbg_2.4.11-1+lenny2.1_amd64.deb
slapd_2.4.11-1+lenny2.1_amd64.deb
  to main/o/openldap/slapd_2.4.11-1+lenny2.1_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 617606@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jonathan Wiltshire <jmw@debian.org> (supplier of updated openldap package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Mon, 25 Jul 2011 13:40:32 +0100
Source: openldap
Binary: slapd ldap-utils libldap-2.4-2 libldap-2.4-2-dbg libldap2-dev slapd-dbg
Architecture: source amd64
Version: 2.4.11-1+lenny2.1
Distribution: oldstable
Urgency: low
Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel@lists.alioth.debian.org>
Changed-By: Jonathan Wiltshire <jmw@debian.org>
Description: 
 ldap-utils - OpenLDAP utilities
 libldap-2.4-2 - OpenLDAP libraries
 libldap-2.4-2-dbg - Debugging information for OpenLDAP libraries
 libldap2-dev - OpenLDAP development libraries
 slapd      - OpenLDAP server (slapd)
 slapd-dbg  - Debugging information for the OpenLDAP server (slapd)
Closes: 617606
Changes: 
 openldap (2.4.11-1+lenny2.1) oldstable; urgency=low
 .
   * Non-maintainer upload.
   * Backport security fixes: (Closes: #617606)
     - CVE-2011-1024 Authentication bypass in back-ldap
     - CVE-2011-1081 DoS in modrdn operation
Checksums-Sha1: 
 d7e6868a52625467bcb013c730219e114edebe2e 2477 openldap_2.4.11-1+lenny2.1.dsc
 7c59f7b049784aa333b525ea0590944719b30254 151495 openldap_2.4.11-1+lenny2.1.diff.gz
 9e1b4fac0a7235df6b15db874cd25c5d60e72670 1512908 slapd_2.4.11-1+lenny2.1_amd64.deb
 114ce73800aa22a401f2e9b07ef6690424e67059 267456 ldap-utils_2.4.11-1+lenny2.1_amd64.deb
 b865fe0c05db54120f868184283f87f32fbbe917 205280 libldap-2.4-2_2.4.11-1+lenny2.1_amd64.deb
 215382a53af6cf421e5dc9d2b11e7fd53da211f1 299246 libldap-2.4-2-dbg_2.4.11-1+lenny2.1_amd64.deb
 52b0846180f969a935312f8a60763a6cd9f01c64 978246 libldap2-dev_2.4.11-1+lenny2.1_amd64.deb
 cbf2d1d383e56c31a15c51c80a381a26577f94db 3660812 slapd-dbg_2.4.11-1+lenny2.1_amd64.deb
Checksums-Sha256: 
 7bf49f5419ac0f5b50e7a47b3df5110fc171ae847208b2d0773382462dedb873 2477 openldap_2.4.11-1+lenny2.1.dsc
 34547ada1da11fe024afa15cc422bfd22e3c576ce40da50353083dcd30ced81d 151495 openldap_2.4.11-1+lenny2.1.diff.gz
 7e073762c90e5795c042380652b8b82ef7db29506fc8962fc08af5ba4808c350 1512908 slapd_2.4.11-1+lenny2.1_amd64.deb
 504a301fbfd027d1246693c4806c26126d52d9e28e1f64c0c057cb6f1b1182e4 267456 ldap-utils_2.4.11-1+lenny2.1_amd64.deb
 821c8df4f67ce162af05b2c7c95c8e5b2c7095f99b6cee1be06173eb72424211 205280 libldap-2.4-2_2.4.11-1+lenny2.1_amd64.deb
 0bd3c36cb193019b9444c5a07ac641a2efdb211eede3f9affcec11559d063e98 299246 libldap-2.4-2-dbg_2.4.11-1+lenny2.1_amd64.deb
 8566c6dbeffca9ce21d3e260f1599ba57ff612d3f4766e756bdcbc34d5c70bda 978246 libldap2-dev_2.4.11-1+lenny2.1_amd64.deb
 06d90e862f9f9a85a52aae2dce27e0ba9a394fc3af19c5bbd39f32ecef52b068 3660812 slapd-dbg_2.4.11-1+lenny2.1_amd64.deb
Files: 
 3755f205bcc58e8cee098e17f5081f77 2477 net optional openldap_2.4.11-1+lenny2.1.dsc
 0436222f3153bcf3be3b5069d054fde6 151495 net optional openldap_2.4.11-1+lenny2.1.diff.gz
 ea3415b67f8d8fd7fc35d775f2ab63c0 1512908 net optional slapd_2.4.11-1+lenny2.1_amd64.deb
 eb936da27fdaefa98e61fc2b6e2c30c2 267456 net optional ldap-utils_2.4.11-1+lenny2.1_amd64.deb
 5c7a37e09cf87050fbdc209dbf57dabc 205280 libs optional libldap-2.4-2_2.4.11-1+lenny2.1_amd64.deb
 178875e9e1575ce19b14e0ff1d4392aa 299246 libdevel extra libldap-2.4-2-dbg_2.4.11-1+lenny2.1_amd64.deb
 b9fecdc5d0f9f35209878258ad3d6c29 978246 libdevel extra libldap2-dev_2.4.11-1+lenny2.1_amd64.deb
 65558593e76f797bec3dba72ffdb0c97 3660812 net extra slapd-dbg_2.4.11-1+lenny2.1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBAgAGBQJOMGZNAAoJEFOUR53TUkxRB1EP/iymeBxYqcV+2VBNT8gglg/g
2Xd6cVpd0HBvpAlRPbVwXlOLyTyS0enl7rD6duq8T6Nm9JrFkjHb8qcL+unI9mbF
RkE6Spr3XVHPsHiY3RudvxX+EkrXR5bM73tq/xlG3wcpWYdRBNr1y82gK5BJcia1
pYoHitYNVIt7bauzdVjMjwemXofj+X1fstk2mxEKcuF4//6+5bmNfXHkQt1je4uk
C19SSR0YzNHs5DgZdk92NDVbVqXvWVKS/hB/b/jfIZLmirRxljCjoTaEfhWbWdJL
OZQtpxVxEI1kfm7awzMvt40o3CeNqt/FjilzN6bDVvA/nFSFJTe+LUpm4gm5x4sv
iiZwv1F9nbdWkAbbQx4uySPz5/MIAJ6txFYIYwZA1kVWZkEr8+1kPJLv92d5uk+I
7PnOLS3G6cXDD7w0m9clWjzP8ITRTCovbnk2BYrnMS+d5fe45dtP+q2vRwZOB8rg
4uwA7R5PZV8a5N0YjfVEC2V3jVpwgx6Jn9yKN1bBi1a/kgRyE7OAyfwbRj5egrbM
W9yd8b6BqgH8tuNOku1an4vND0JtICjJicEQciDBdgAcDcxGbtZ+D99GmZPb3kWi
6oq//VIciT1vU81umnWvljZInMInR0SFmg5gOsc6I8r9uVNUuZ05oHle7uGar5qq
+vnqI4MmDzjSLh+jpdBI
=sAf6
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.