ntp: CVE-2015-1798 CVE-2015-1799

Debian Bug report logs - #782095
ntp: CVE-2015-1798 CVE-2015-1799

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: ntp: CVE-2015-1798 CVE-2015-1799

Date: Tue, 07 Apr 2015 22:09:18 +0200

Source: ntp
Version: 1:4.2.6.p2+dfsg-1
Severity: important
Tags: security upstream fixed-upstream

Hi,

the following vulnerabilities were published for ntp.

CVE-2015-1798[0]:
ntpd accepts unauthenticated packets with symmetric key crypto

CVE-2015-1799[1]:
Authentication doesn't protect symmetric associations against DoS attacks

If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2015-1798
    http://bugs.ntp.org/2779
[1] https://security-tracker.debian.org/tracker/CVE-2015-1799
    http://bugs.ntp.org/2781
[2] http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities

Regards,
Salvatore

Message #10 received at 782095-close@bugs.debian.org (full text, mbox, reply):

From: Kurt Roeckx <kurt@roeckx.be>

To: 782095-close@bugs.debian.org

Subject: Bug#782095: fixed in ntp 1:4.2.6.p5+dfsg-6

Date: Fri, 10 Apr 2015 18:33:45 +0000

Source: ntp
Source-Version: 1:4.2.6.p5+dfsg-6

We believe that the bug you reported is fixed in the latest version of
ntp, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 782095@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Kurt Roeckx <kurt@roeckx.be> (supplier of updated ntp package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 10 Apr 2015 20:08:24 +0200
Source: ntp
Binary: ntp ntpdate ntp-doc
Architecture: source all amd64
Version: 1:4.2.6.p5+dfsg-6
Distribution: unstable
Urgency: high
Maintainer: Debian NTP Team <pkg-ntp-maintainers@lists.alioth.debian.org>
Changed-By: Kurt Roeckx <kurt@roeckx.be>
Description:
 ntp        - Network Time Protocol daemon and utility programs
 ntp-doc    - Network Time Protocol documentation
 ntpdate    - client for setting system time from NTP servers
Closes: 782095
Changes:
 ntp (1:4.2.6.p5+dfsg-6) unstable; urgency=high
 .
   * Fix CVE-2015-1798 and CVE-2015-1799 (Closes: #782095)
Checksums-Sha1:
 d6deefae1ebb7ed7ccf6b5413e929959e4e74d74 2209 ntp_4.2.6.p5+dfsg-6.dsc
 1aa21c0f74544a26d4b1bcb41fdfe89e97753b10 80996 ntp_4.2.6.p5+dfsg-6.debian.tar.xz
 209c748a4d8802612e104f27d090c545d8c8f445 1030768 ntp-doc_4.2.6.p5+dfsg-6_all.deb
 4b576346aba67fe605fa4b6a917e86df1b751d6d 393176 ntp_4.2.6.p5+dfsg-6_amd64.deb
 d3c5944c577b519ba930876a392c953b78970a62 74136 ntpdate_4.2.6.p5+dfsg-6_amd64.deb
Checksums-Sha256:
 7817bbbce692a3c82a63a6799a1b4f86cd8bbfc7dacf7abf5be8d0482cf36dcc 2209 ntp_4.2.6.p5+dfsg-6.dsc
 a0f7817966b22f20a91e7c96e82822a29aef586999d93a65295267ac45eda330 80996 ntp_4.2.6.p5+dfsg-6.debian.tar.xz
 e3090c84000c0ee992a4057647cceed141e4d5319ef6f6438528caa66c5dd613 1030768 ntp-doc_4.2.6.p5+dfsg-6_all.deb
 29f0b9f2c3404cc2c0680303972a84d530a958e9e4747387f92bdfdda77b52f3 393176 ntp_4.2.6.p5+dfsg-6_amd64.deb
 9cbc2e42ab4b9310ca6b81de1b0743acf6754aaabec68006b7a1f6b369eee34f 74136 ntpdate_4.2.6.p5+dfsg-6_amd64.deb
Files:
 08f7662cd515a95ff5191618abae97bd 2209 net optional ntp_4.2.6.p5+dfsg-6.dsc
 671eacf12e69b169648c6695311b8788 80996 net optional ntp_4.2.6.p5+dfsg-6.debian.tar.xz
 d53e6b73687f9e009f15ee12370aceec 1030768 doc optional ntp-doc_4.2.6.p5+dfsg-6_all.deb
 3bf1fbb3208b073a09ca57ba5922cd45 393176 net optional ntp_4.2.6.p5+dfsg-6_amd64.deb
 4d684819bca996902a36b518d4c543e4 74136 net optional ntpdate_4.2.6.p5+dfsg-6_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJVKBShAAoJEOPE3c0eTBJEYLAQAJq38J7y633p+/Sdenj/mKAi
r4clJ9xq81cEblPnv7bZylLyC2G4ad11LjPi5HWi9+SX2PV+c+sdczVow1rwuEPa
XXl4dK2VZPiWTH90D2LxeYfo4f7bU+QIzgw5dysXlHqt8s2y6OI1v2JHiwKUDaR9
aHdXm5h99WnUMujc6+wagR2e8U7raYtbfe3RMBWitn417UNwJZlGHIOSX5Z7VgRa
BzZfKxjkr0NTWVQscz39EfVuAk+RBH4w8CWXE6nXTHOkmCAAgKeCjSDfaiSrH7c6
SLJZw/jnvkDJdQUIeMWfsLrWNCjkCP2PYcSOxtz1AX50cUXpefv5Itt0fiPmmDfx
etYnnHWiRNqjhFZOdLYKUBVkXRhmYNKLTerzErrLcbRXK+bVWDN/z2s5xWYL/Uai
fKwl3C1dJ3SRMaS0TyI+utGxBUV9P6ldSOHh9+ZV4XYMz0VdqhYeLGkr5hoPlv59
VascOpfmfu4GMP00IwVof0Dhju3AQwowtA6/BCQRhm/vpgFuZr8QANe4V0NEjW0Z
oRXVTxcUHtn/eio06X5ueOeEBseIRLsyPfvEMMZfuDcxuYP0wf3/Pr7yW8LLZ2F0
lvvoeCtWla2k1/mFgI5637di3LLhog/QSF4E7rZ2+9DO+8oVlc77ogbJmidP8rQX
unwye4B6px/GDNMsdcbF
=VyGC
-----END PGP SIGNATURE-----

Message #15 received at 782095@bugs.debian.org (full text, mbox, reply):

From: Raphael Hertzog <hertzog@debian.org>

To: Kurt Roeckx <kurt@roeckx.be>

Cc: debian-lts@lists.debian.org, 782095@bugs.debian.org

Subject: squeeze update of ntp?

Date: Fri, 10 Apr 2015 23:05:47 +0200

Hello dear maintainer(s),

the Debian LTS team would like to fix the security issues which are
currently open in the Squeeze version of ntp:
https://security-tracker.debian.org/tracker/CVE-2015-1798
https://security-tracker.debian.org/tracker/CVE-2015-1799
https://security-tracker.debian.org/tracker/TEMP-0000000-C29A8D

Would you like to take care of this yourself? We are still understaffed so
any help is always highly appreciated.

If yes, please follow the workflow we have defined here:
http://wiki.debian.org/LTS/Development

If that workflow is a burden to you, feel free to just prepare an
updated source package and send it to debian-lts@lists.debian.org
(via a debdiff, or with an URL pointing to the the source package,
or even with a pointer to your packaging repository), and the members
of the LTS team will take care of the rest. Indicate clearly whether you
have tested the updated package or not.

If you don't want to take care of this update, it's not a problem, we
will do our best with your package. Just let us know whether you would
like to review and/or test the updated package before it gets released.

Thank you very much.

Raphaël Hertzog,
  on behalf of the Debian LTS team.

PS: A member of the LTS team might start working on this update at
any point in time. You can verify whether someone is registered
on this update in this file:
https://anonscm.debian.org/viewvc/secure-testing/data/dla-needed.txt?view=markup
-- 
Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/

Message #20 received at 782095@bugs.debian.org (full text, mbox, reply):

From: Kurt Roeckx <kurt@roeckx.be>

To: Raphael Hertzog <hertzog@debian.org>, debian-lts@lists.debian.org, 782095@bugs.debian.org

Subject: Re: squeeze update of ntp?

Date: Fri, 10 Apr 2015 23:13:55 +0200

On Fri, Apr 10, 2015 at 11:05:47PM +0200, Raphael Hertzog wrote:
> Hello dear maintainer(s),
> 
> the Debian LTS team would like to fix the security issues which are
> currently open in the Squeeze version of ntp:
> https://security-tracker.debian.org/tracker/CVE-2015-1798
> https://security-tracker.debian.org/tracker/CVE-2015-1799
> https://security-tracker.debian.org/tracker/TEMP-0000000-C29A8D
> 
> Would you like to take care of this yourself? We are still understaffed so
> any help is always highly appreciated.

You really don't have patience do you?


Kurt

Message #25 received at 782095@bugs.debian.org (full text, mbox, reply):

From: Raphael Hertzog <hertzog@debian.org>

To: Kurt Roeckx <kurt@roeckx.be>

Cc: debian-lts@lists.debian.org, 782095@bugs.debian.org

Subject: Re: squeeze update of ntp?

Date: Fri, 10 Apr 2015 23:33:22 +0200

Hi,

On Fri, 10 Apr 2015, Kurt Roeckx wrote:
> On Fri, Apr 10, 2015 at 11:05:47PM +0200, Raphael Hertzog wrote:
> > Would you like to take care of this yourself? We are still understaffed so
> > any help is always highly appreciated.
> 
> You really don't have patience do you?

I do, but contacting maintainers is just part of the workflow of CVE
triage we defined for Debian LTS. Sorry if this mail bothered you. Is
there a way to do it that would have been better received on your side?

And thanks again for caring about Squeeze!

Cheers,
-- 
Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/

Message #30 received at 782095-close@bugs.debian.org (full text, mbox, reply):

From: Kurt Roeckx <kurt@roeckx.be>

To: 782095-close@bugs.debian.org

Subject: Bug#782095: fixed in ntp 1:4.2.6.p2+dfsg-1+deb6u3

Date: Fri, 10 Apr 2015 21:35:07 +0000

Source: ntp
Source-Version: 1:4.2.6.p2+dfsg-1+deb6u3

We believe that the bug you reported is fixed in the latest version of
ntp, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 782095@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Kurt Roeckx <kurt@roeckx.be> (supplier of updated ntp package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 10 Apr 2015 23:22:29 +0200
Source: ntp
Binary: ntp ntpdate ntp-doc
Architecture: source all amd64
Version: 1:4.2.6.p2+dfsg-1+deb6u3
Distribution: squeeze-lts
Urgency: medium
Maintainer: Debian NTP Team <pkg-ntp-maintainers@lists.alioth.debian.org>
Changed-By: Kurt Roeckx <kurt@roeckx.be>
Description: 
 ntp        - Network Time Protocol daemon and utility programs
 ntp-doc    - Network Time Protocol documentation
 ntpdate    - client for setting system time from NTP servers
Closes: 782095
Changes: 
 ntp (1:4.2.6.p2+dfsg-1+deb6u3) squeeze-lts; urgency=medium
 .
   * Fix CVE-2015-1798 and CVE-2015-1799 (Closes: #782095)
   * Fix endless loop and non-random key generation using
     ntp-keygen on big endian machines.
Checksums-Sha1: 
 412799b68a3a4dbd1f000e37e8d7afa88fb8acca 2111 ntp_4.2.6.p2+dfsg-1+deb6u3.dsc
 40959f891054960a316cb9d42919a1c30965a495 436291 ntp_4.2.6.p2+dfsg-1+deb6u3.debian.tar.gz
 457fc27d9b18d05cb231c78d01b9bd91a936bb9f 1141828 ntp-doc_4.2.6.p2+dfsg-1+deb6u3_all.deb
 7054123a164c8ca9dd2f96e85b09c7471d00bbe4 500428 ntp_4.2.6.p2+dfsg-1+deb6u3_amd64.deb
 0a781e97fbf709c5c3bb6d4bc64d1a90cdc573f1 80452 ntpdate_4.2.6.p2+dfsg-1+deb6u3_amd64.deb
Checksums-Sha256: 
 fb0930cd3017d6c44c26c269079a88ec1fa829175ab17218b5016c70bbf3f788 2111 ntp_4.2.6.p2+dfsg-1+deb6u3.dsc
 c41558d862bef37a7ae1126f152be928f4772d6ca06c5f8382a9d72e8fc33107 436291 ntp_4.2.6.p2+dfsg-1+deb6u3.debian.tar.gz
 e497a10f11934f93360890d57bc04f7c54c2856dc934323e14d8b7704d237017 1141828 ntp-doc_4.2.6.p2+dfsg-1+deb6u3_all.deb
 9dc62d6233d357fdbed792421d2946c3a3b2acd3426c2fe1c9fb58ddf95ea070 500428 ntp_4.2.6.p2+dfsg-1+deb6u3_amd64.deb
 db8208e536cfac2c1fa0e7bea5e7eb8a27c6138663ae02e4933d8d662d1ce28d 80452 ntpdate_4.2.6.p2+dfsg-1+deb6u3_amd64.deb
Files: 
 5e1e9a9894bb25e9d9a5709da9767001 2111 net optional ntp_4.2.6.p2+dfsg-1+deb6u3.dsc
 c9b9c036153f19d4a659b15aa694e03e 436291 net optional ntp_4.2.6.p2+dfsg-1+deb6u3.debian.tar.gz
 21d8b128994ef51aeaaeefc6d9c94f2e 1141828 doc optional ntp-doc_4.2.6.p2+dfsg-1+deb6u3_all.deb
 14d6ca105ca3ba2a90f1c737381cbab2 500428 net optional ntp_4.2.6.p2+dfsg-1+deb6u3_amd64.deb
 ecdfd8914bdb7dbd015102af6d230b12 80452 net optional ntpdate_4.2.6.p2+dfsg-1+deb6u3_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJVKECoAAoJEOPE3c0eTBJEfdUP/3+yAt9CheaggADrYkaATYjk
WYmkgOeuRTouqa1iTPxOHcVm0Xc7HCvLIQS+qmXx/nkLiOlZpKnZT5yJKNwR3+gn
E6MRwo8uSGu8+s4iKnSJ2oO9me/nG+tCfnPa0icJYEQs9ybDjKaRfVWD63RGVwTy
VRlQQSnVvCFnB+j6VymSxKOb+owX+UbdE9k5ulS/nchHlR9+1TLWa2SCXSF08Afw
FYWZRKdwGUNZewWzP8wfK/hPn2fC/enzrptulid3aZYtB/olgHkx+keIJSI4aGa0
6vpL8nsGxou4oO7UXcOzjU2Lk8IYbzWxkdjX7kFmo5IwBDnuO+FCR+cvcwboBqnC
KZrwU93hkJsFfLv8au/MViD/3VSpGfGLnVD+ylzChnr39pYvIxXVCdPW+s8Ao3CL
z0wAJ9tyrJDTYD6NN9cdIsMnzHCtH5dbcomnQ5arKiWtcssgcOHvj4CIRSUi9LuB
cM+ihM0cH7HiumimufWstmekH1p2Bh7HmUucRfNCltkrqI5+kkbCfcfUr2EHOWrD
mHvTEN3xEjeAkS5Npt1r0YrKbpBj5tjjs1eubPE26VKJd8/5na2/ibXdNDAqkiKI
zIGbgFExu8+RLhkW3mdACOci2PZcaN9PJythdf+yt7IXvGuBrW9E5osaIawkC/zm
waCBcwM8ulZilILYW4qF
=fBHF
-----END PGP SIGNATURE-----

Message #35 received at 782095@bugs.debian.org (full text, mbox, reply):

From: Kurt Roeckx <kurt@roeckx.be>

To: Raphael Hertzog <hertzog@debian.org>, debian-lts@lists.debian.org, 782095@bugs.debian.org

Subject: Re: squeeze update of ntp?

Date: Fri, 10 Apr 2015 23:56:49 +0200

On Fri, Apr 10, 2015 at 11:33:22PM +0200, Raphael Hertzog wrote:
> Hi,
> 
> On Fri, 10 Apr 2015, Kurt Roeckx wrote:
> > On Fri, Apr 10, 2015 at 11:05:47PM +0200, Raphael Hertzog wrote:
> > > Would you like to take care of this yourself? We are still understaffed so
> > > any help is always highly appreciated.
> > 
> > You really don't have patience do you?
> 
> I do, but contacting maintainers is just part of the workflow of CVE
> triage we defined for Debian LTS. Sorry if this mail bothered you. Is
> there a way to do it that would have been better received on your side?

The upload to unstable (and wheezy) only happened a few hours ago
because I didn't have time before.


Kurt

Message #40 received at 782095-close@bugs.debian.org (full text, mbox, reply):

From: Kurt Roeckx <kurt@roeckx.be>

To: 782095-close@bugs.debian.org

Subject: Bug#782095: fixed in ntp 1:4.2.6.p5+dfsg-2+deb7u4

Date: Wed, 15 Apr 2015 21:33:17 +0000

Source: ntp
Source-Version: 1:4.2.6.p5+dfsg-2+deb7u4

We believe that the bug you reported is fixed in the latest version of
ntp, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 782095@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Kurt Roeckx <kurt@roeckx.be> (supplier of updated ntp package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 10 Apr 2015 20:36:48 +0200
Source: ntp
Binary: ntp ntpdate ntp-doc
Architecture: source all amd64
Version: 1:4.2.6.p5+dfsg-2+deb7u4
Distribution: wheezy-security
Urgency: medium
Maintainer: Debian NTP Team <pkg-ntp-maintainers@lists.alioth.debian.org>
Changed-By: Kurt Roeckx <kurt@roeckx.be>
Description: 
 ntp        - Network Time Protocol daemon and utility programs
 ntp-doc    - Network Time Protocol documentation
 ntpdate    - client for setting system time from NTP servers
Closes: 782095
Changes: 
 ntp (1:4.2.6.p5+dfsg-2+deb7u4) wheezy-security; urgency=medium
 .
   * Fix CVE-2015-1798 and CVE-2015-1799 (Closes: #782095)
   * Fix endless loop and non-random key generation using
     ntp-keygen on big endian machines.
Checksums-Sha1: 
 baa88379e198d778fb12e19c32dbd11a174836e0 2217 ntp_4.2.6.p5+dfsg-2+deb7u4.dsc
 fcd8cda81ee4a6b6bb959fc5234079d490dde19d 112585 ntp_4.2.6.p5+dfsg-2+deb7u4.debian.tar.gz
 17d6dfe118675cbcbe5706136d08f5b4c9469312 1143784 ntp-doc_4.2.6.p5+dfsg-2+deb7u4_all.deb
 1c7343b7c6a727617c9da4d1ceb44e16e5d75390 563330 ntp_4.2.6.p5+dfsg-2+deb7u4_amd64.deb
 4336264c7608f14bb5168a702d615415d3d8b99e 82864 ntpdate_4.2.6.p5+dfsg-2+deb7u4_amd64.deb
Checksums-Sha256: 
 622748793415fbc97b5643d3a7cfba405a54b5f89ab7c7cad04efbd325299fee 2217 ntp_4.2.6.p5+dfsg-2+deb7u4.dsc
 f05adb830e70e9486fd9ef5414057585860bf160e19a7600b6b7523914f6fe00 112585 ntp_4.2.6.p5+dfsg-2+deb7u4.debian.tar.gz
 0df118054e9b06a331ccce09bbc31fe09280abd570f7835ffafdff590ae42f3c 1143784 ntp-doc_4.2.6.p5+dfsg-2+deb7u4_all.deb
 50203e41eea5cc5ff01d8239195164a85550ccb0e34923f2c281a330316e479e 563330 ntp_4.2.6.p5+dfsg-2+deb7u4_amd64.deb
 b16c9e79de116be44025131218f9c5f4e5f3ba062e6a257322a9a3a5af04a542 82864 ntpdate_4.2.6.p5+dfsg-2+deb7u4_amd64.deb
Files: 
 e55e71cbeef451fd76858e5bf28090b4 2217 net optional ntp_4.2.6.p5+dfsg-2+deb7u4.dsc
 b9227ae602868d804028684187574a00 112585 net optional ntp_4.2.6.p5+dfsg-2+deb7u4.debian.tar.gz
 6ce843298ba670ec489afea332e9532c 1143784 doc optional ntp-doc_4.2.6.p5+dfsg-2+deb7u4_all.deb
 c7fdc3127d295f26bdb0da021c6421b8 563330 net optional ntp_4.2.6.p5+dfsg-2+deb7u4_amd64.deb
 780e66ac21fa0a857defe502b55fe3b6 82864 net optional ntpdate_4.2.6.p5+dfsg-2+deb7u4_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJVKB0SAAoJEOPE3c0eTBJEoIkQAIraBQ5N+H4MoxJptwtqOvKZ
kV8trPMh+6r2oefkD7uRMICZlnG4eRYtOStM/QFaysQgk83Hb0QBnrng9ZZ6U+hk
vzikX6fFGo2xMznpp/1EdpjyRfz4ADi14tfDr5QaROAnlOt4i6WpSl6HwbW3+wQV
znu8Hd1n46rHRxtlOsb1s4VcjyMNp7vD7KZ5caLs5CI+T9RBaA4pEwKHa3eELRhu
YBmgfp7i1jsuuYyAr8oTCFA3zC2z00OytPPFTnaglXG5Fw9Mb9f102lq7blCKoac
6AedsBvj06uCBaim7Rv3ey4R+bcN2/iJFFcKlsEUgufWxigOHuWxoH2CmC6Bgv/b
at/vGNrKd5O0KrWsGUyQ5IFLiDCqlU/lqrMBdjtkv8Aw+h5DR1o/28SRximoohuF
hMBSEzkVW6Mk2GICl2pla5drY44bHVL/E3g6KkY3sOvzhh5wcuj12gUD+1qaIOfp
PTobLEMD1bllvYQeWlB0VhBURxOkp+cn8Z+vs725UTj0y//p1AxCJhUKXyPfciSC
9XemCv3tGwKEgu5GGbvZTwgfc0lW6bavC0G7l7KxzgPMkxZHfqE1hl9Q2PO4mwUM
PWmMRGDwcF1syjvICvAefLxtFGKSO4J0i0vlIaHol/XhljcbLJZBVqor5SVUK/fF
ugdvmomk9qMA9x3/fKZi
=7Czr
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.