Debian Bug report logs -
#870187
supervisor: CVE-2017-11610: Command injection via malicious XML-RPC request
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Orestis Ioannou <orestis@oioannou.com>:
Bug#870187; Package src:supervisor.
(Sun, 30 Jul 2017 20:03:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Orestis Ioannou <orestis@oioannou.com>.
(Sun, 30 Jul 2017 20:03:05 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: supervisor
Version: 3.0r1-1
Severity: grave
Tags: upstream security patch
Forwarded: https://github.com/Supervisor/supervisor/issues/964
Hi,
the following vulnerability was published for supervisor.
CVE-2017-11610[0]:
Command injection via malicious XML-RPC request
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-11610
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11610
[1] https://github.com/Supervisor/supervisor/issues/964
Regards,
Salvatore
Information forwarded
to debian-bugs-dist@lists.debian.org, Orestis Ioannou <orestis@oioannou.com>:
Bug#870187; Package src:supervisor.
(Sun, 30 Jul 2017 20:09:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Orestis Ioannou <orestis@oioannou.com>.
(Sun, 30 Jul 2017 20:09:04 GMT) (full text, mbox, link).
Message #10 received at 870187@bugs.debian.org (full text, mbox, reply):
I should add: I have choosen severity grave due to the potential of
code execution as root if the service is enabled. Am I right that in
*any* version present in Debian the web interface is started?
If so we might lower the severity.
Regards,
Salvatore
Information forwarded
to debian-bugs-dist@lists.debian.org, Orestis Ioannou <orestis@oioannou.com>:
Bug#870187; Package src:supervisor.
(Sun, 30 Jul 2017 20:18:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Orestis Ioannou <orestis@oioannou.com>.
(Sun, 30 Jul 2017 20:18:03 GMT) (full text, mbox, link).
Message #15 received at 870187@bugs.debian.org (full text, mbox, reply):
On Sun, Jul 30, 2017 at 10:07:42PM +0200, Salvatore Bonaccorso wrote:
> I should add: I have choosen severity grave due to the potential of
> code execution as root if the service is enabled. Am I right that in
> *any* version present in Debian the web interface is started?
>
> If so we might lower the severity.
Actually the unix_http_server is started by default. Still in default
installation it might be harder to exploit. Details are in the
upstream bug at https://github.com/Supervisor/supervisor/issues/964
CRIT Server 'unix_http_server' running without any HTTP authentication checking
Regards,
Salvatore
Merged 870187 870188
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Sun, 30 Jul 2017 20:24:11 GMT) (full text, mbox, link).
Merged 870187 870188
Request was from Markus Koschany <apo@debian.org>
to control@bugs.debian.org.
(Sun, 30 Jul 2017 20:30:04 GMT) (full text, mbox, link).
Added tag(s) fixed-upstream.
Request was from bts-link-upstream@lists.alioth.debian.org
to control@bugs.debian.org.
(Thu, 03 Aug 2017 17:33:16 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Orestis Ioannou <orestis@oioannou.com>:
Bug#870187; Package src:supervisor.
(Sat, 12 Aug 2017 09:03:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Orestis Ioannou <orestis@oioannou.com>.
(Sat, 12 Aug 2017 09:03:03 GMT) (full text, mbox, link).
Message #26 received at 870187@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Control: tags 870187 + pending
Dear maintainer,
I've prepared an NMU for supervisor (versioned as 3.3.1-1.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.
Regards,
Salvatore
[supervisor-3.3.1-1.1-nmu.diff (text/x-diff, attachment)]
Added tag(s) pending.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to 870187-submit@bugs.debian.org.
(Sat, 12 Aug 2017 09:03:03 GMT) (full text, mbox, link).
Reply sent
to Salvatore Bonaccorso <carnil@debian.org>:
You have taken responsibility.
(Mon, 14 Aug 2017 09:39:24 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Mon, 14 Aug 2017 09:39:24 GMT) (full text, mbox, link).
Message #33 received at 870187-close@bugs.debian.org (full text, mbox, reply):
Source: supervisor
Source-Version: 3.3.1-1.1
We believe that the bug you reported is fixed in the latest version of
supervisor, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 870187@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated supervisor package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 12 Aug 2017 10:55:14 +0200
Source: supervisor
Binary: supervisor supervisor-doc
Architecture: source
Version: 3.3.1-1.1
Distribution: unstable
Urgency: medium
Maintainer: Orestis Ioannou <orestis@oioannou.com>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
supervisor - System for controlling process state
supervisor-doc - Documentation for a supervisor
Closes: 870187
Changes:
supervisor (3.3.1-1.1) unstable; urgency=medium
.
* Non-maintainer upload.
* Disable object traversal in XML-RPC dispatch (CVE-2017-11610)
(Closes: #870187)
Checksums-Sha1:
933d06eb5198b75b2129ba8d30285e9035e3b4df 2202 supervisor_3.3.1-1.1.dsc
d8dc4e7a091301cef1a212ac8ea9c12e3d157e29 415246 supervisor_3.3.1.orig.tar.gz
9f0bd7de2797cc15759810436778ce7e5ef41b44 34864 supervisor_3.3.1-1.1.debian.tar.xz
b00ef39a22593c532782867b152987445f4bde98 6553 supervisor_3.3.1-1.1_source.buildinfo
Checksums-Sha256:
44bf2dd0da13e4c69300ccfcc0966485158c69d133fa283cbdd81de1d267859f 2202 supervisor_3.3.1-1.1.dsc
fc3af22e5a7af2f6c3be787acf055c1c17777f5607cd4dc935fe633ab97061fd 415246 supervisor_3.3.1.orig.tar.gz
a4cccfaa35e22bd081ae2a01f184e7493270d0cee8d4e242099e9383002746e6 34864 supervisor_3.3.1-1.1.debian.tar.xz
bf886b75f6e4f8ca69fd7f6b0176af708e435c8d5170e84ab21ea4f46e4f300b 6553 supervisor_3.3.1-1.1_source.buildinfo
Files:
7d15aff5e2472e972e83bc540531f208 2202 admin optional supervisor_3.3.1-1.1.dsc
202f760f9bf4930ec06557bac73e5cf2 415246 admin optional supervisor_3.3.1.orig.tar.gz
659160561fbc467ef329e94756863fb3 34864 admin optional supervisor_3.3.1-1.1.debian.tar.xz
b1227a5383eeb9d5c18200af29effe9a 6553 admin optional supervisor_3.3.1-1.1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlmOw5VfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89Ec9oP/i5zLLNv7cE/QLoaUQ3xr/JPW/uv8693
f0w5lP+c+VB6faFOP5ZQI/MvYDS5pwHzN6GKS8uvmlJlQ0xCFKDLDKuj4rBmJgcJ
dxkKz04v4KOU9NOUVgkwESg7vINac46XCl20Tv+qGzaOBNt5Pxssmi5F2/78O3ri
tSjw3Kz5qfqPENYRq+xCO6BRLwAbr6lIpD3D5id3nvRw6/ma6wnMwKF663jhz6L8
B1GvvUxIihnAvzoJ165cHPTuNZrB6afm8n+fxD5jiEXQbZOuzbl/Fcx0EJJYMxmg
EL084NJxGeK97tYUsjAPyEBgy1y+xXNTyQSX79Hfb7neJCjIe3wi1A8NNaDt8Zfn
lXHMft4WiX1pxc3TlpbI7TYgNgaXr78y57lMuUDU2BYvSUcdjpRSbEnIViFNfkvA
n6+JnVj7llezLMGYCNpzZKZ7gvKrrmnyV9hqbFJkaktQFC6YQFFkfK2OQc1UZj3q
4vJQ0WsgABcqsQ4UJlAzZi00x2W1ifbRIRi1skfpJKusK/0fKpcRRXL7BmL+COeT
VTVaC3dFEdD2Q+realt95KADOznDLvMxyQ2ikY8O4DKpd1PdBxT+IEAbOfwGlyOP
u4g2/cDprX5m4Mf1loGqe96hErJwsUyRdissvBpvawG6sZDMHnNFtLlDjHZQXRM1
fuw+ivF1r80Q
=dKYt
-----END PGP SIGNATURE-----
Reply sent
to Salvatore Bonaccorso <carnil@debian.org>:
You have taken responsibility.
(Mon, 14 Aug 2017 09:39:25 GMT) (full text, mbox, link).
Notification sent
to Markus Koschany <apo@debian.org>:
Bug acknowledged by developer.
(Mon, 14 Aug 2017 09:39:25 GMT) (full text, mbox, link).
Reply sent
to Salvatore Bonaccorso <carnil@debian.org>:
You have taken responsibility.
(Tue, 22 Aug 2017 21:51:07 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Tue, 22 Aug 2017 21:51:07 GMT) (full text, mbox, link).
Message #42 received at 870187-close@bugs.debian.org (full text, mbox, reply):
Source: supervisor
Source-Version: 3.0r1-1+deb8u1
We believe that the bug you reported is fixed in the latest version of
supervisor, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 870187@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated supervisor package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 12 Aug 2017 08:08:04 +0200
Source: supervisor
Binary: supervisor
Architecture: all source
Version: 3.0r1-1+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Qijiang Fan <fqj1994@gmail.com>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 870187
Description:
supervisor - A system for controlling process state
Changes:
supervisor (3.0r1-1+deb8u1) jessie-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Disable object traversal in XML-RPC dispatch (CVE-2017-11610)
(Closes: #870187)
Checksums-Sha1:
d3a6bf5a01fa81a2239ef8838b4c7f7a844bb35c 2088 supervisor_3.0r1-1+deb8u1.dsc
560ed627498e51a147d98749d11fb908d5c70f9e 460340 supervisor_3.0r1.orig.tar.gz
f4301bdbbe3b36d92e1b36e4ac5b0f0657413baa 10864 supervisor_3.0r1-1+deb8u1.debian.tar.xz
fe9000671ec3f618a2de165ccdd114e0b02564d1 266718 supervisor_3.0r1-1+deb8u1_all.deb
Checksums-Sha256:
71d86a09a64ead4210265e833474386c10f79c7a4ce1022a137b0a379346e75a 2088 supervisor_3.0r1-1+deb8u1.dsc
f46aec68df0ea74fe76c6cdea04b4b61fa4ad883f6f9ba4fb667223dc06ac20d 460340 supervisor_3.0r1.orig.tar.gz
afa6075c352437c5f0ba329d2516fe84d3516cf180d3a4626b3ec236e6eedda1 10864 supervisor_3.0r1-1+deb8u1.debian.tar.xz
da3b7ecb28d8d830632d6f9efaf6438aaea72960eec5e80a13e60ad5fc263327 266718 supervisor_3.0r1-1+deb8u1_all.deb
Files:
5182b444c142de8d8bf3f8c6bcecbf2d 2088 admin extra supervisor_3.0r1-1+deb8u1.dsc
fe9bbfaf5eb9cc3156d35dd1662354ca 460340 admin extra supervisor_3.0r1.orig.tar.gz
4d35718ffa70ee002ebde4ca2a196381 10864 admin extra supervisor_3.0r1-1+deb8u1.debian.tar.xz
97bf2a8145eab1b1d144ca3cfa6a8436 266718 admin extra supervisor_3.0r1-1+deb8u1_all.deb
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlmOuGhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EA1sP/AgyzSp814GcmQbARyWkgKNkL5WP9C9S
7URqnIaulwPi5RJSlYUmnfHYVzh7xTIIeyJAvzxvQRk2CFjSju4B9CIIS7vumVUL
cViOLK6d58alUAZI2677/E9MYmrjrqw9Sw8nuTIEulfMhyJmx7qt6IPRiQQD095Q
TSVulTvqKdUuBkYJ3k9zC4hsDdxSSF7gnvbObXzxK+thyIfMdhI8fJX+jQ26gdbT
3XJX9oxO41aiOjaKhO6R26SLudmAiDd0gQlvQHhy4+3t7Wr1T0MJQojeUBYIbpLG
s0d49BS4wyHXHCYs0IDHJbhA7Qsc7+66NDeF25fjWdw+1RsgijB/QhcmS0iAX7wh
PuDLji6sGIVt7Wl1DkSBZ48fFAkQgeO/M7QeM/GonwIkjV/EKFA9oUB6h9AnDg/h
gE7LX8fcpShJ5sUybjswPd7GhyFdeHoghtMDCIKys9pdj6C9/lsU5JiFxElSGKJx
avJdMMMs7ECLx2QBA8q4RBSvO4j0mr8V0xB/RC0OxqFbYdpWG8cRdGz/NsjMhkH4
TGeqmjmr2LiPKtLpS19HRlwR/0U3J/EofOHMitI6sX6mMZDQE89Cx5EBSHzH8ol0
opUq3Y5F1M7vyN+ZqLpV2DIFr6QkCuqRrnkXguvcDX42q+rY/D8hva2ZMl6qbEB7
DrqgprhpdCZv
=mqQN
-----END PGP SIGNATURE-----
Reply sent
to Salvatore Bonaccorso <carnil@debian.org>:
You have taken responsibility.
(Tue, 22 Aug 2017 21:51:08 GMT) (full text, mbox, link).
Notification sent
to Markus Koschany <apo@debian.org>:
Bug acknowledged by developer.
(Tue, 22 Aug 2017 21:51:08 GMT) (full text, mbox, link).
Reply sent
to Salvatore Bonaccorso <carnil@debian.org>:
You have taken responsibility.
(Fri, 29 Sep 2017 21:33:08 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Fri, 29 Sep 2017 21:33:08 GMT) (full text, mbox, link).
Message #51 received at 870187-close@bugs.debian.org (full text, mbox, reply):
Source: supervisor
Source-Version: 3.3.1-1+deb9u1
We believe that the bug you reported is fixed in the latest version of
supervisor, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 870187@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated supervisor package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 12 Aug 2017 10:36:46 +0200
Source: supervisor
Binary: supervisor supervisor-doc
Architecture: source
Version: 3.3.1-1+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Orestis Ioannou <orestis@oioannou.com>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
supervisor - System for controlling process state
supervisor-doc - Documentation for a supervisor
Closes: 870187
Changes:
supervisor (3.3.1-1+deb9u1) stretch-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Disable object traversal in XML-RPC dispatch (CVE-2017-11610)
(Closes: #870187)
Checksums-Sha1:
470f28256bcad718f41d88a49778c36febccdcbd 2222 supervisor_3.3.1-1+deb9u1.dsc
d8dc4e7a091301cef1a212ac8ea9c12e3d157e29 415246 supervisor_3.3.1.orig.tar.gz
7cfc9ac153cc7c146926a60c1649790fce60ef70 34884 supervisor_3.3.1-1+deb9u1.debian.tar.xz
f17aa4c231a9f391c9a2cfa7d3e47605f567f09e 6573 supervisor_3.3.1-1+deb9u1_source.buildinfo
Checksums-Sha256:
f529b5f882436e56663c955a2716baddc2fc85896c39da8da54f53d557571ccf 2222 supervisor_3.3.1-1+deb9u1.dsc
fc3af22e5a7af2f6c3be787acf055c1c17777f5607cd4dc935fe633ab97061fd 415246 supervisor_3.3.1.orig.tar.gz
15f063ff773949747e1e541a3cb44c25ee9bd2bde58fed1a8ba01b93ae8ed8d2 34884 supervisor_3.3.1-1+deb9u1.debian.tar.xz
a05aa6fbf009a53c89a20ae37f8c185bca19480c1106f10af8e0f40a8a6572f3 6573 supervisor_3.3.1-1+deb9u1_source.buildinfo
Files:
64b1269941a56b35013bad712a3270c8 2222 admin optional supervisor_3.3.1-1+deb9u1.dsc
202f760f9bf4930ec06557bac73e5cf2 415246 admin optional supervisor_3.3.1.orig.tar.gz
009afbdd4663c04a0ea64aa0db539643 34884 admin optional supervisor_3.3.1-1+deb9u1.debian.tar.xz
808eac9fddf02bb9899f26949f02f8c6 6573 admin optional supervisor_3.3.1-1+deb9u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlmOweVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EZJkP/0//xteXzOPVqpAgs2Fh4rsFC+ZJlf1A
yWuNQY8coknAezZF+sO/isx/El0QjPRmDWAj0Wykx/j4Vkz7eTblgrtwJjq71vRO
ASgHwYpHCJx8vQgS4iGK02URg7m8xzgJQOhd5KeRe+zfMH+pyAF5ZyeWjxl58Pvo
ItkbCIEvolbMtwxZPSLq39acqmGLECtSD9RfkQu9FVRdGlCuCPbuQbZ6ikdXVqua
+nSojrQAndFYtreudYYwEInaufXLyfHl78rPpBJje5kOoQdqCsQ2eyCOWrGMm6Os
f2NkY9SY0AuplWmJAf6XudHbp7RbFCv2MEbASG5rev78/8ViuBUEmtZwuegSEV2j
oA9HOdfte8HSeBiKRR0HCUySp4yR0KH+cHAK0VdllmadNOBgp0kPB1p34LW2uyrk
hC4rvB5KWs1aM5vX9Iys84dIb8nvWj6Iv5T6D17v+xiKpkNUvL09PowHyKEnzXfS
/jWNj9sRh4vuu2r2kG+vvnsmEs0XbgZqf6IUHUmKtpVz0boJhbPcS7gq2kUcDr2X
CQQmoghoVaTQfc5lu2uz1KBce6sSgYr+s+OjXW4UL/dfRXY6ZSzb/IOxE3BK1Srl
BgfBsLWJsQ0BYQgprBQCsEte+RDHM3F9sD+zkjbKKrJiySzVa04Q22eIWPUKGY/i
TJ4JFFd3c8xt
=mV0F
-----END PGP SIGNATURE-----
Reply sent
to Salvatore Bonaccorso <carnil@debian.org>:
You have taken responsibility.
(Fri, 29 Sep 2017 21:33:09 GMT) (full text, mbox, link).
Notification sent
to Markus Koschany <apo@debian.org>:
Bug acknowledged by developer.
(Fri, 29 Sep 2017 21:33:09 GMT) (full text, mbox, link).
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sat, 28 Oct 2017 07:28:33 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 18:15:16 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon