apache2: CVE-2017-9798: HTTP OPTIONS method can leak Apache's server memory

Debian Bug report logs - #876109
apache2: CVE-2017-9798: HTTP OPTIONS method can leak Apache's server memory

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: apache2: CVE-2017-9798: HTTP OPTIONS method can leak Apache's server memory

Date: Mon, 18 Sep 2017 16:20:15 +0200

Source: apache2
Version: 2.4.10-10
Severity: important
Tags: upstream security

Hi,

the following vulnerability was published for apache2.

CVE-2017-9798[0]:
HTTP OPTIONS method can leak Apache's server memory

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-9798
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798
[1] https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html

Regards,
Salvatore

Message #10 received at 876109@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: 876109@bugs.debian.org

Subject: Re: Bug#876109: apache2: CVE-2017-9798: HTTP OPTIONS method can leak Apache's server memory

Date: Fri, 22 Sep 2017 21:09:33 +0200

Control: severity -1 serious

Rationale: Raising the severity to RC / serious, due to fix beeing
available in stable but not yet in unstable.

Regards,
Salvatore

Message #17 received at 876109-close@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: 876109-close@bugs.debian.org

Subject: Bug#876109: fixed in apache2 2.4.25-3+deb9u3

Date: Sat, 23 Sep 2017 10:02:09 +0000

Source: apache2
Source-Version: 2.4.25-3+deb9u3

We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 876109@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated apache2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 19 Sep 2017 20:58:57 +0200
Source: apache2
Binary: apache2 apache2-data apache2-bin apache2-utils apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-ssl-dev apache2-dbg
Architecture: source
Version: 2.4.25-3+deb9u3
Distribution: stretch-security
Urgency: high
Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-data - Apache HTTP Server (common files)
 apache2-dbg - Apache debugging symbols
 apache2-dev - Apache HTTP Server (development headers)
 apache2-doc - Apache HTTP Server (on-site documentation)
 apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
Closes: 876109
Changes:
 apache2 (2.4.25-3+deb9u3) stretch-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2017-9798: Use-after-free by limiting unregistered HTTP method
     (Closes: #876109)
Checksums-Sha1:
 32c05335652d59d7f178b7fc4553cbc977e25b18 3141 apache2_2.4.25-3+deb9u3.dsc
 bd6d138c31c109297da2346c6e7b93b9283993d2 6398218 apache2_2.4.25.orig.tar.bz2
 fd3f9f214aea072abf784035c75a16dc1721b16e 698644 apache2_2.4.25-3+deb9u3.debian.tar.xz
 283ced6ae9890d5a3aff3134227797f50130551c 6521 apache2_2.4.25-3+deb9u3_source.buildinfo
Checksums-Sha256:
 8d8882881188bdbc7b91018ee8227ff64dc0225761a8b29fd65fb7a7bd0e411d 3141 apache2_2.4.25-3+deb9u3.dsc
 f87ec2df1c9fee3e6bfde3c8b855a3ddb7ca1ab20ca877bd0e2b6bf3f05c80b2 6398218 apache2_2.4.25.orig.tar.bz2
 5d70639e0bce0c17dc67c867898e5b4f2ca765baf4f2779b9ced6e6d07077a34 698644 apache2_2.4.25-3+deb9u3.debian.tar.xz
 7cac0dea06098736d5e2b28d03b837dc9ead14032fef7ec5343d877f3a418c90 6521 apache2_2.4.25-3+deb9u3_source.buildinfo
Files:
 3481582dd442d200d076857f26e08d68 3141 httpd optional apache2_2.4.25-3+deb9u3.dsc
 2826f49619112ad5813c0be5afcc7ddb 6398218 httpd optional apache2_2.4.25.orig.tar.bz2
 22691ac7783269d9148553bffe6e5c41 698644 httpd optional apache2_2.4.25-3+deb9u3.debian.tar.xz
 3cc9f858a5823d805dac2613dca20157 6521 httpd optional apache2_2.4.25-3+deb9u3_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlnBabJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EP2IQAKFk0AG58i4bunUbVYbWvuUGaV3lKZTC
FtOZm8wi+s+5G3TdZ7BtKpbAysNnsCQFopcE+hWxZiSAGMEbkHc4eTHZK4u1iddE
iB2FSZkip9Uq37KSK8e/wG9NnoYRO4p3W5GRNyZy/TUN/mJLTkCPC8r2Pp31km/L
ifj8eg7W1a7PyXFesDUs5yVGG9qTbUxmc7HVGplah/KckNE5i+TxVH+MZeJlekOl
yB7cjSPfAaquxGferl2mCkJlXa82vXMxyF7LP5wFltRvXsFYb6VO1ByPEi6TnR+N
uY6BOPxci4cBPYvRPAe8ll6R1VBcoxKPUucBv25S7gd67Dyd/wyhCud5QpPGgAwd
JDw473SE1S3+9nEMuOH0L/EUSYt1B93UNBYh75q1r5FGYRvOF98e6g4jnzW8YxA4
HDCDFmrS5waFVSMafVlmToKgKp3rrpUFlE9l7wVMIMHgcRTeI8VOTjN7J6RsZH/o
ptHZ6FA8+SE8E/0ET4TopqMRRRLHChZoUSnfWvtJKmObQv1EwSMfXDtcFONSkIbq
XRGuo6uLTZV4Usr94d95n8ZXDmy0VWI0v9zwSoCJJ51EwJHuYUui+urCddj0GYjd
0EXSp7n9d7sx3ub9qAtordQr0pSR7t5OAs5edNPCu5KPw5J3BeQZq7EimUdrBG7C
q+pzswy2vWhE
=5koK
-----END PGP SIGNATURE-----

Message #22 received at 876109-close@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: 876109-close@bugs.debian.org

Subject: Bug#876109: fixed in apache2 2.4.10-10+deb8u11

Date: Sat, 23 Sep 2017 11:32:33 +0000

Source: apache2
Source-Version: 2.4.10-10+deb8u11

We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 876109@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated apache2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 19 Sep 2017 21:08:12 +0200
Source: apache2
Binary: apache2 apache2-data apache2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-itk apache2.2-bin apache2.2-common libapache2-mod-proxy-html libapache2-mod-macro apache2-utils apache2-suexec apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-dbg
Architecture: all source
Version: 2.4.10-10+deb8u11
Distribution: jessie-security
Urgency: high
Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 876109
Description: 
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-data - Apache HTTP Server (common files)
 apache2-dbg - Apache debugging symbols
 apache2-dev - Apache HTTP Server (development headers)
 apache2-doc - Apache HTTP Server (on-site documentation)
 apache2-mpm-event - transitional event MPM package for apache2
 apache2-mpm-itk - transitional itk MPM package for apache2
 apache2-mpm-prefork - transitional prefork MPM package for apache2
 apache2-mpm-worker - transitional worker MPM package for apache2
 apache2-suexec - transitional package for apache2-suexec-pristine
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
 apache2.2-bin - Transitional package for apache2-bin
 apache2.2-common - Transitional package for apache2
 libapache2-mod-macro - Transitional package for apache2-bin
 libapache2-mod-proxy-html - Transitional package for apache2-bin
Changes:
 apache2 (2.4.10-10+deb8u11) jessie-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2017-9798: Use-after-free by limiting unregistered HTTP method
     (Closes: #876109)
Checksums-Sha1: 
 608aeea1a1d6378053e6cfc7542deaf641db133a 3436 apache2_2.4.10-10+deb8u11.dsc
 0e43217d3abf45fc3aff93e01f8a4ca1f1b31c67 559340 apache2_2.4.10-10+deb8u11.debian.tar.xz
 3202741a602f1f5c62e8f2071aaf9f90fab21ba4 162836 apache2-data_2.4.10-10+deb8u11_all.deb
 883b37d03fbe9b5e2516f76753de6a0e6c3ed2da 2703768 apache2-doc_2.4.10-10+deb8u11_all.deb
Checksums-Sha256: 
 0fd4c2213d354fe793456deba9f20c7e57fa3976a83eec85a766d781841bf4e8 3436 apache2_2.4.10-10+deb8u11.dsc
 32b6254c73e6a1c637d34c0ccb95832d219de1cdaa44276b226aaae53f28446f 559340 apache2_2.4.10-10+deb8u11.debian.tar.xz
 8181932677228a49cc946054a661da99fcd4f9f471397af825a1df4ccc71e950 162836 apache2-data_2.4.10-10+deb8u11_all.deb
 4c0cb26fdbb29dcfa87f43bd9abff135a14785b9390c3b7fb7c02b228e79e1e4 2703768 apache2-doc_2.4.10-10+deb8u11_all.deb
Files: 
 72adeb0f8c14fc13ce25f7bf4e32e7c3 3436 httpd optional apache2_2.4.10-10+deb8u11.dsc
 d2a879fd8bdc79917ade9ce22ddd60f5 559340 httpd optional apache2_2.4.10-10+deb8u11.debian.tar.xz
 3c82c9812642f476e3b29041687297d4 162836 httpd optional apache2-data_2.4.10-10+deb8u11_all.deb
 11fb46ac0eeba63bc99f1853b0d3b857 2703768 doc optional apache2-doc_2.4.10-10+deb8u11_all.deb

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlnBbPpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89ENUMQAJtLbO7mXt/APfTUzhupn6huT8mnLOz8
N4Ck5aKzcMSGw2ESLG8QF9c9826VZMgHKpi+enw0Ht0gWAPtd5Zf9kat2KDZtP2z
2O/X6UvQQYg21H77/9Jt3ctHjXyP0scantu2dfq4L4YWCjc871SE9E9YDtGcdQGB
FLY8NJbBz0BtjpRKVLn5K/kXkEL2BhK15yFTmonH1ObL1fIy7bp4jWkTmN4svnj0
Hn+ro9DoEZmSW2Eckeuv65ulo5JrbgEBiT/a4a/o+i2hSspyky2iDSkq7j3L9btb
L5bsgXVs3YxDXiiGDLjBxLYBCD7CcDbNB74NWsz2vJm3d6uLsKI2VlyojvowTayI
OSbfxSMeQMt15goiY+BE/dgabukkeVOsXNrq9Ts84RQr75bBkdDQOwMHFNFiGukt
Tj12Rp/+APFwnNBy3uUAslUnt7VRm8HOxW9ZJcgLXiYXFUrLoGYT1Shul73tTCpJ
qt9laEJr1/FhNTpo49fyS4C3jZ7E1amYHkujkrEE6vYRiNCLGuYmIjIsRC1RoVv/
v0ZuC/bigX+mBDREORuHRY6bYxB3nNytPdv8vf7T76yyyPeQelH0c6LO+cE9MB9a
z3nGyPsJbbSKvruW51F22D8dBjW77hs+qYFV49nj5gScn4L8NJRiKbEDlYDQ9WJa
Q40RFS1kZFzb
=8+/K
-----END PGP SIGNATURE-----

Message #27 received at 876109-close@bugs.debian.org (full text, mbox, reply):

From: Stefan Fritsch <sf@debian.org>

To: 876109-close@bugs.debian.org

Subject: Bug#876109: fixed in apache2 2.4.27-6

Date: Sat, 23 Sep 2017 22:34:32 +0000

Source: apache2
Source-Version: 2.4.27-6

We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 876109@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Stefan Fritsch <sf@debian.org> (supplier of updated apache2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 24 Sep 2017 00:08:01 +0200
Source: apache2
Binary: apache2 apache2-data apache2-bin apache2-utils apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-ssl-dev apache2-dbg
Architecture: source amd64 all
Version: 2.4.27-6
Distribution: unstable
Urgency: high
Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>
Changed-By: Stefan Fritsch <sf@debian.org>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-data - Apache HTTP Server (common files)
 apache2-dbg - Apache debugging symbols
 apache2-dev - Apache HTTP Server (development headers)
 apache2-doc - Apache HTTP Server (on-site documentation)
 apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
Closes: 876109 876384
Changes:
 apache2 (2.4.27-6) unstable; urgency=high
 .
   * CVE-2017-9798: Don't allow new methods to be registered in .htaccess files
     which could result in HTTP OPTIONS method leaking Apache's server memory.
     Closes: #876109
   * Fix argument escaping in apachectl. Closes: #876384
Checksums-Sha1:
 277dbd6c4dbdc35de716edf93e5922779c416aec 3037 apache2_2.4.27-6.dsc
 4e20690dd882e2d1cf2862c352efffff7e86d361 702204 apache2_2.4.27-6.debian.tar.xz
 8e7a2fe92669793a8107922b226ab01d821f4860 1210944 apache2-bin_2.4.27-6_amd64.deb
 c2591565e07e0bc67cce92e03f15aa2545bfc2ba 162070 apache2-data_2.4.27-6_all.deb
 614d34e21df7ffba21e6a5780c01a1650a12279f 3985494 apache2-dbg_2.4.27-6_amd64.deb
 f11c3bb32a3b5e9c774bce80bbeeeeea074bfa7d 317878 apache2-dev_2.4.27-6_amd64.deb
 e6959269c5bad03c01bf95ebd2b063b9b06c614d 3820886 apache2-doc_2.4.27-6_all.deb
 fce4d0a7e7c005469a5a7935f045ed14c2aab9fd 2248 apache2-ssl-dev_2.4.27-6_amd64.deb
 ff3d0a5f3b6af50c0032c4232b8c320e61bcb610 159126 apache2-suexec-custom_2.4.27-6_amd64.deb
 97bc0b212e076876599136f68542a1648f28f2da 157570 apache2-suexec-pristine_2.4.27-6_amd64.deb
 7b1ec81bedc5a6e3791b70aa4aee926538c4a5ac 222218 apache2-utils_2.4.27-6_amd64.deb
 0e24ef4593cfe87844f79bdde90b8fc5aae9b617 9723 apache2_2.4.27-6_amd64.buildinfo
 f32bfa0db625289c1a1a6fcf0b39917b4c410841 239556 apache2_2.4.27-6_amd64.deb
Checksums-Sha256:
 b73ffa8787be3039dac0da8a6db6f10936da81412f72d2d814c4087237071c3b 3037 apache2_2.4.27-6.dsc
 f8eb526bee4afb66daf91ebec40a832c3949ba0ebb00e08994d005a9e06d47bd 702204 apache2_2.4.27-6.debian.tar.xz
 f94f7f705dfc39b53c199f1f7ac5f9c04d6923833c096050f102ad1bbb55da69 1210944 apache2-bin_2.4.27-6_amd64.deb
 e0fb8f9aa28f431db06d1c86ac1993d9e4686e82786b22e77e57acb4ce0dbd57 162070 apache2-data_2.4.27-6_all.deb
 c0dab7c9a9035d1e6241f4fef0fb3c7165ba575b25e0fabd2f9804b8a5446639 3985494 apache2-dbg_2.4.27-6_amd64.deb
 7867f7ccd249394c6afcb3b4558bd564509caaad124a30f8841760309e82c043 317878 apache2-dev_2.4.27-6_amd64.deb
 0e839b308a748774f512f6ce2e2edbf22c857e76514095af5c50b0f1992f4aa9 3820886 apache2-doc_2.4.27-6_all.deb
 a15f9c384a507cbec9786e17dcc9984b4624366b15397f360d34a2e1e4955713 2248 apache2-ssl-dev_2.4.27-6_amd64.deb
 30e87074f8bde2e73384aacb2e3b747638efb17ae513ecf5722b636eee5f3c23 159126 apache2-suexec-custom_2.4.27-6_amd64.deb
 b45618254d316d399e625fb204e3539f1ac78747a1e843fc7c253b486dfd5a80 157570 apache2-suexec-pristine_2.4.27-6_amd64.deb
 6e120b0278fca3366b22126117dcb0ba188553b4e032fe11b80967212fb1c312 222218 apache2-utils_2.4.27-6_amd64.deb
 e7b607a1abae8ef0149670442737d35bca58c92d96cc1050a67f83eb058de6a5 9723 apache2_2.4.27-6_amd64.buildinfo
 27c6222645a1b500a23fadc91867239ce38f1bdadff9dcb2672c5c88ee6e5a3a 239556 apache2_2.4.27-6_amd64.deb
Files:
 0ae173b9951fb71c08cd9d512be9302b 3037 httpd optional apache2_2.4.27-6.dsc
 03166ef9bcde309ec44cbc43fdb4bf3a 702204 httpd optional apache2_2.4.27-6.debian.tar.xz
 1db293eac26f0561c24ee37cd5f9412c 1210944 httpd optional apache2-bin_2.4.27-6_amd64.deb
 b6f135ad85621ee1147930c3d022d55a 162070 httpd optional apache2-data_2.4.27-6_all.deb
 403a3bd6d89baa156fbc280de6517d81 3985494 debug optional apache2-dbg_2.4.27-6_amd64.deb
 fe1c8351ad734dd026696412e9227a76 317878 httpd optional apache2-dev_2.4.27-6_amd64.deb
 e6c5ae8b7fc464e10a6f334f160d00f4 3820886 doc optional apache2-doc_2.4.27-6_all.deb
 112ed5139c769bbba0e3cd6667621f9c 2248 httpd optional apache2-ssl-dev_2.4.27-6_amd64.deb
 24b4216f42d471cbeee699cef2a44bc4 159126 httpd optional apache2-suexec-custom_2.4.27-6_amd64.deb
 2dfdc02dab9dc95e4653dc666dd6dde8 157570 httpd optional apache2-suexec-pristine_2.4.27-6_amd64.deb
 003ceb6dd12add2bdb45e584fcbc6334 222218 httpd optional apache2-utils_2.4.27-6_amd64.deb
 197710fae3790cd5e47c356c007934ec 9723 httpd optional apache2_2.4.27-6_amd64.buildinfo
 a3b860ebe329e38769e78dfcd89bfef6 239556 httpd optional apache2_2.4.27-6_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOpiNza8JqByyYYsxxodfNUHO/eAFAlnG3ZoACgkQxodfNUHO
/eDbyxAArF6+L/M1yUDDoqV4PxSY+Ru+LDiunnFjVAt0ef5bZOAuJLcG+7IfY2Di
QIWpqjojdEfC1cn6/AmDAoxIakk2hbbmFlBsWr9jlB/xcKrDGBx4EZGDKYlx95+T
6depFJXpMgM0Dd4tUyYkr7Yo24b6vgl7CR7HUpfaSH6cSJm8KupVUBg2EeeIhiEl
zzF+Byf0cXs9hthsdY6M9w4qpLqOHChZjzIT8epz3s+hfS3Hg+HzJPjU8tydeARY
HG4CBrnvR5Kq/jLLVvyEPAYoMBT2MOGTkA6bFBs0LAWF2TwX/q304NQwlSmjl6re
gPPwzHW9QFA8SBkAER7U0yXAD/2xK+4AOi6Wt0j2bNfb2S4FrG4gAohRPqnvy4eb
dJGg/ALK/NI/AcoAhv2pYg2QBXorFIX5i02GjubIWCxTkXQvQsczxFffOlPleerB
NZVoPofG8ZEDVQXY+V9j2luz8b7Ll9ljBlhRkiYiZdZ35+tVtdZILc2zI8eKXcDq
lZapqdBnqpR7ds0zlioTz/w4oM8D9jZHgESDAGTpF0jZdnJFV6CSDOaNCMTRKTZq
g+SqosyqzrwYN2V2F/GdJziG/opXJ68g00Piq29j9TloZvQjV5S/GzvMDkd58hAx
VTWrpi6ajTFzcQK6Wa8rnWtZpFwY5sUN+2VcFoKqkdtoaT78tnw=
=r8In
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.