tiff: CVE-2012-4447

Debian Bug report logs - #688944
tiff: CVE-2012-4447

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Moritz Muehlenhoff <jmm@inutil.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: tiff: CVE-2012-4447

Date: Thu, 27 Sep 2012 09:27:23 +0200

Package: tiff
Severity: grave
Tags: security
Justification: user security hole

Another buffer overflow, please see here for details:
https://bugzilla.redhat.com/show_bug.cgi?id=860198

Cheers,
        Moritz

Message #10 received at 688944@bugs.debian.org (full text, mbox, reply):

From: Jay Berkenbilt <qjb@debian.org>

To: Moritz Muehlenhoff <jmm@inutil.org>

Cc: 688944@bugs.debian.org, team@security.debian.org

Subject: Re: Bug#688944: tiff: CVE-2012-4447

Date: Fri, 05 Oct 2012 17:11:51 -0400

[Message part 1 (text/plain, inline)]

Moritz Muehlenhoff <jmm@inutil.org> wrote:

> Package: tiff
> Severity: grave
> Tags: security
> Justification: user security hole
>
> Another buffer overflow, please see here for details:
> https://bugzilla.redhat.com/show_bug.cgi?id=860198

I have 3.9.4-5+squeeze6, built against squeeze, ready to upload.  Should
I proceed?  The patch is attached.

[tiff-3.9.4-5+squeeze5-to-6.patch (text/x-diff, inline)]

diff -urN ../tiff-3.9.4-5+squeeze5/debian/changelog ./debian/changelog
--- ../tiff-3.9.4-5+squeeze5/debian/changelog	2012-09-26 13:46:28.000000000 -0400
+++ ./debian/changelog	2012-10-05 16:54:07.553605838 -0400
@@ -1,3 +1,11 @@
+tiff (3.9.4-5+squeeze6) stable-security; urgency=high
+
+  * Add fix for CVE-2012-4777, a buffer overrun.  (Closes: #688944)
+  * CVE-2012-2088 was actually included in previous version but not listed
+    in the change log.
+
+ -- Jay Berkenbilt <qjb@debian.org>  Fri, 05 Oct 2012 16:54:07 -0400
+
 tiff (3.9.4-5+squeeze5) stable-security; urgency=high
 
   * Added several additional security patches taken from the Ubuntu Natty
diff -urN ../tiff-3.9.4-5+squeeze5/debian/patches/CVE-2012-4777.patch ./debian/patches/CVE-2012-4777.patch
--- ../tiff-3.9.4-5+squeeze5/debian/patches/CVE-2012-4777.patch	1969-12-31 19:00:00.000000000 -0500
+++ ./debian/patches/CVE-2012-4777.patch	2012-10-05 16:51:57.205609335 -0400
@@ -0,0 +1,13 @@
+Index: tiff-3.9.4/libtiff/tif_pixarlog.c
+===================================================================
+--- tiff-3.9.4.orig/libtiff/tif_pixarlog.c	2010-06-08 14:50:42.000000000 -0400
++++ tiff-3.9.4/libtiff/tif_pixarlog.c	2012-10-05 16:51:49.201609547 -0400
+@@ -663,7 +663,7 @@
+ 				      td->td_rowsperstrip), sizeof(uint16));
+ 	if (tbuf_size == 0)
+ 		return (0);
+-	sp->tbuf = (uint16 *) _TIFFmalloc(tbuf_size);
++	sp->tbuf = (uint16 *) _TIFFmalloc(tbuf_size+sizeof(uint16)*sp->stride);
+ 	if (sp->tbuf == NULL)
+ 		return (0);
+ 	if (sp->user_datafmt == PIXARLOGDATAFMT_UNKNOWN)
diff -urN ../tiff-3.9.4-5+squeeze5/debian/patches/series ./debian/patches/series
--- ../tiff-3.9.4-5+squeeze5/debian/patches/series	2012-07-16 09:50:46.000000000 -0400
+++ ./debian/patches/series	2012-10-05 16:51:20.493610319 -0400
@@ -16,3 +16,4 @@
 CVE-2012-2088.patch
 CVE-2012-2113.patch
 CVE-2012-3401.patch
+CVE-2012-4777.patch

Message #15 received at 688944@bugs.debian.org (full text, mbox, reply):

From: Jay Berkenbilt <qjb@debian.org>

To: Moritz Muehlenhoff <jmm@inutil.org>

Cc: 688944@bugs.debian.org, team@security.debian.org

Subject: Re: Bug#688944: tiff: CVE-2012-4447

Date: Fri, 05 Oct 2012 17:31:46 -0400

Jay Berkenbilt <qjb@debian.org> wrote:

> Moritz Muehlenhoff <jmm@inutil.org> wrote:
>
>> Package: tiff
>> Severity: grave
>> Tags: security
>> Justification: user security hole
>>
>> Another buffer overflow, please see here for details:
>> https://bugzilla.redhat.com/show_bug.cgi?id=860198
>
> I have 3.9.4-5+squeeze6, built against squeeze, ready to upload.  Should
> I proceed?  The patch is attached.

I'm sorry, I put 4777 instead of 4447 in the CVE number.  I'm preparing
it again except the changelog says 4447 and the patch is named
CVE-2012-4447.patch.  Ugh.

Message #20 received at 688944-close@bugs.debian.org (full text, mbox, reply):

From: Jay Berkenbilt <qjb@debian.org>

To: 688944-close@bugs.debian.org

Subject: Bug#688944: fixed in tiff 4.0.2-3

Date: Fri, 05 Oct 2012 21:32:38 +0000

Source: tiff
Source-Version: 4.0.2-3

We believe that the bug you reported is fixed in the latest version of
tiff, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 688944@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jay Berkenbilt <qjb@debian.org> (supplier of updated tiff package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 05 Oct 2012 17:04:38 -0400
Source: tiff
Binary: libtiff5 libtiffxx5 libtiff5-dev libtiff5-alt-dev libtiff-tools libtiff-opengl libtiff-doc
Architecture: source all amd64
Version: 4.0.2-3
Distribution: unstable
Urgency: high
Maintainer: Jay Berkenbilt <qjb@debian.org>
Changed-By: Jay Berkenbilt <qjb@debian.org>
Description: 
 libtiff-doc - TIFF manipulation and conversion documentation
 libtiff-opengl - TIFF manipulation and conversion tools
 libtiff-tools - TIFF manipulation and conversion tools
 libtiff5   - Tag Image File Format (TIFF) library
 libtiff5-alt-dev - Tag Image File Format library (TIFF), alternative development fil
 libtiff5-dev - Tag Image File Format library (TIFF), development files
 libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface
Closes: 688944
Changes: 
 tiff (4.0.2-3) unstable; urgency=high
 .
   * Add fix for CVE-2012-4777, a buffer overrun.  (Closes: #688944)
Checksums-Sha1: 
 c31bd291517d0441e70624ee079677dcce7463ab 2124 tiff_4.0.2-3.dsc
 e590a716c05913fe0c76b630ec477c2100b73e8b 15269 tiff_4.0.2-3.debian.tar.gz
 50a6cb10ab7b4c73319865332402ea2843fd98bf 395272 libtiff-doc_4.0.2-3_all.deb
 d4f86bb9cbd0624f8df50bf184b45fbd6dcf3f6f 233810 libtiff5_4.0.2-3_amd64.deb
 41f9c9e23b7d5cdd7aa3eaaf8b54d99149428560 72964 libtiffxx5_4.0.2-3_amd64.deb
 bd1a544fb8a17d8383e61ffcf956d7e18309f6ca 375662 libtiff5-dev_4.0.2-3_amd64.deb
 812a117b8ee38591c3fd656d6f0d73d9603242c9 295616 libtiff5-alt-dev_4.0.2-3_amd64.deb
 d56371ecfac5aa3c946f9dca0a54eaccc7995820 336634 libtiff-tools_4.0.2-3_amd64.deb
 5a67e1d612019efaa12a2c3b826da6cff110ae38 78636 libtiff-opengl_4.0.2-3_amd64.deb
Checksums-Sha256: 
 6dd04279cb1c8785a1ac50f275e3797b8e11c6bb46078f9a55477f72e893cdad 2124 tiff_4.0.2-3.dsc
 8113e4bbdc2db222076b041fad83c284e24f4fd5ac1ccb818cde65f35f62b5e7 15269 tiff_4.0.2-3.debian.tar.gz
 8056564de4d597885041068edf3f0cd6d756d042f74aadd5cce7e7f27b97c913 395272 libtiff-doc_4.0.2-3_all.deb
 ad3b3f35de2ebb01b85a8e62ef8e29c602928dd4b9e59f3980dfc7197cec6b00 233810 libtiff5_4.0.2-3_amd64.deb
 600ef60d2a6b778530095b8dad2cc4aeaeb7b87303c1f5cb6553e6542def95a3 72964 libtiffxx5_4.0.2-3_amd64.deb
 9696c2df0f8c51e20cfd515b564d4a3350a748f1debbf0ce09b6680c0d1e2e08 375662 libtiff5-dev_4.0.2-3_amd64.deb
 464feda62d0e6507a767f929b146e54739f0132a83395d4983c9792e5810844c 295616 libtiff5-alt-dev_4.0.2-3_amd64.deb
 3440ea05d3e364995085d2df8d6efb9095f69b6e205886466c6bc0929a65ce5b 336634 libtiff-tools_4.0.2-3_amd64.deb
 03db6310d525324494d770c98c0850619c6a5c4953b698bf4cb51d0b2893a050 78636 libtiff-opengl_4.0.2-3_amd64.deb
Files: 
 5108f6b9e7380889d8717208b183cbd3 2124 libs optional tiff_4.0.2-3.dsc
 fb07fbe2c407941eaada78b0da90c6a9 15269 libs optional tiff_4.0.2-3.debian.tar.gz
 83c8b561a33fdab32e701737aa4b654c 395272 doc optional libtiff-doc_4.0.2-3_all.deb
 875df8c3c3e703d9839959fc3d9b212f 233810 libs optional libtiff5_4.0.2-3_amd64.deb
 e6857d51834761e556a07526939c1a11 72964 libs optional libtiffxx5_4.0.2-3_amd64.deb
 297ce925546458840be4b819f97f865b 375662 libdevel optional libtiff5-dev_4.0.2-3_amd64.deb
 03a637057334ebf11137bfe03b492e68 295616 libdevel optional libtiff5-alt-dev_4.0.2-3_amd64.deb
 a68282f3a4539a7329c767c54b9d29b0 336634 graphics optional libtiff-tools_4.0.2-3_amd64.deb
 a6bb256d85230eeee5baea8601d0e7d3 78636 graphics optional libtiff-opengl_4.0.2-3_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJQb0+ZAAoJEIp10QmYASx+85AQALbIm4s8uToJNWGJGkiWkUz1
Wsz2v5e125tEXHFNe9HI5K2idqCiOgQnS74y5ROg6P6OC9KI7bks7bLKi3CJiREL
mkcU0/YXRhjpvdYNCutkUvCEQvnANGKm7sbFaeFMNtr4Ogd1/j/ZjbNomYCfnVQG
YNbZAvnJMeadt8fFRJubK5ot4j8ZwA+6fjrGyNafJEz5NBwzn2haDvy8rICmkEIR
BE2Nl3BLieP+/YAID9YqOHUfXjjIyYnD3cmk6XK/vuQwALZ+zhnq/oOp3EPY+4wu
9TS8aLMFQp1g2ruP7x2mxvWLjLVROjQi/oU1xTSYKcZQCgkOYD6BpQqUKk0RK8DK
HC051dPAjUNvFWud6Qx31JsiIOUtzjh98fIQdwvpiVcPpKxGsPfO2rsbGzGEafmk
W2vCfEMtfRHw/Pp48YR0rRH+uCbYanjY7bHkEJPeCu6TeaBWB/d0gkHkS5Rz0Y9O
xiDb4N4DpD5WH5/UrjhLqbX6S4J9475aHxLYEmoUBmgJJkFoDaqkPkxDp8hC0eMO
rNbtG9lBmS9Q48YFLdX3VsB4mFkhQBcLRaE+/KS4mkE/7WtKKCxZUSu79QkuRi8D
campCL2WGuEeg6sWpYPhDMXNJVfpEXts7rHSX19ho8fubc7l2q/4hHhvNVpUSl59
JnqwxS2VDiMZneY169wY
=ec5h
-----END PGP SIGNATURE-----

Message #25 received at 688944@bugs.debian.org (full text, mbox, reply):

From: Jay Berkenbilt <qjb@debian.org>

To: Moritz Muehlenhoff <jmm@inutil.org>

Cc: 688944@bugs.debian.org, team@security.debian.org

Subject: Re: Bug#688944: tiff: CVE-2012-4447

Date: Fri, 05 Oct 2012 17:49:29 -0400

[Message part 1 (text/plain, inline)]

Jay Berkenbilt <qjb@debian.org> wrote:

> Jay Berkenbilt <qjb@debian.org> wrote:
>
>> Moritz Muehlenhoff <jmm@inutil.org> wrote:
>>
>>> Package: tiff
>>> Severity: grave
>>> Tags: security
>>> Justification: user security hole
>>>
>>> Another buffer overflow, please see here for details:
>>> https://bugzilla.redhat.com/show_bug.cgi?id=860198
>>
>> I have 3.9.4-5+squeeze6, built against squeeze, ready to upload.  Should
>> I proceed?  The patch is attached.

Here is the corrected patch.  I will not upload until I get
confirmation.

[tiff-3.9.4-5+squeeze5-to-6.patch (text/x-diff, inline)]

diff -urN ../tiff-3.9.4-5+squeeze5/debian/changelog ./debian/changelog
--- ../tiff-3.9.4-5+squeeze5/debian/changelog	2012-09-26 13:46:28.000000000 -0400
+++ ./debian/changelog	2012-10-05 16:54:07.553605838 -0400
@@ -1,3 +1,11 @@
+tiff (3.9.4-5+squeeze6) stable-security; urgency=high
+
+  * Add fix for CVE-2012-4447, a buffer overrun.  (Closes: #688944)
+  * CVE-2012-2088 was actually included in previous version but not listed
+    in the change log.
+
+ -- Jay Berkenbilt <qjb@debian.org>  Fri, 05 Oct 2012 16:54:07 -0400
+
 tiff (3.9.4-5+squeeze5) stable-security; urgency=high
 
   * Added several additional security patches taken from the Ubuntu Natty
diff -urN ../tiff-3.9.4-5+squeeze5/debian/patches/CVE-2012-4447.patch ./debian/patches/CVE-2012-4447.patch
--- ../tiff-3.9.4-5+squeeze5/debian/patches/CVE-2012-4447.patch	1969-12-31 19:00:00.000000000 -0500
+++ ./debian/patches/CVE-2012-4447.patch	2012-10-05 16:51:57.205609335 -0400
@@ -0,0 +1,13 @@
+Index: tiff-3.9.4/libtiff/tif_pixarlog.c
+===================================================================
+--- tiff-3.9.4.orig/libtiff/tif_pixarlog.c	2010-06-08 14:50:42.000000000 -0400
++++ tiff-3.9.4/libtiff/tif_pixarlog.c	2012-10-05 16:51:49.201609547 -0400
+@@ -663,7 +663,7 @@
+ 				      td->td_rowsperstrip), sizeof(uint16));
+ 	if (tbuf_size == 0)
+ 		return (0);
+-	sp->tbuf = (uint16 *) _TIFFmalloc(tbuf_size);
++	sp->tbuf = (uint16 *) _TIFFmalloc(tbuf_size+sizeof(uint16)*sp->stride);
+ 	if (sp->tbuf == NULL)
+ 		return (0);
+ 	if (sp->user_datafmt == PIXARLOGDATAFMT_UNKNOWN)
diff -urN ../tiff-3.9.4-5+squeeze5/debian/patches/series ./debian/patches/series
--- ../tiff-3.9.4-5+squeeze5/debian/patches/series	2012-07-16 09:50:46.000000000 -0400
+++ ./debian/patches/series	2012-10-05 16:51:20.493610319 -0400
@@ -16,3 +16,4 @@
 CVE-2012-2088.patch
 CVE-2012-2113.patch
 CVE-2012-3401.patch
+CVE-2012-4447.patch

Message #30 received at 688944@bugs.debian.org (full text, mbox, reply):

From: Jay Berkenbilt <qjb@debian.org>

To: Moritz Mühlenhoff <jmm@inutil.org>

Cc: Lee Garrett <lgarrett@programmfabrik.de>, 688944@bugs.debian.org, Luciano Bello <luciano@debian.org>, team@security.debian.org

Subject: Re: CVE-2012-4447

Date: Mon, 08 Oct 2012 09:43:26 -0400

Moritz Mühlenhoff <jmm@inutil.org> wrote:

> Looks good, please upload.
>
> Cheers,
>         Moritz

Uploaded tiff_3.9.4-5+squeeze6 to address CVE_2012-4447 and also to
mention CVE-2012-2088 (addressed by squeeze5 but not mentioned) in the
change log.

Also new versions of tiff3 (3.9.6-9) and tiff (4.0.2-4) have been
uploaded to unstable with urgency high and unblocked by the release
team, so those versions should appear in wheezy soon.

-- 
Jay Berkenbilt <qjb@debian.org>

Message #35 received at 688944-close@bugs.debian.org (full text, mbox, reply):

From: Jay Berkenbilt <qjb@debian.org>

To: 688944-close@bugs.debian.org

Subject: Bug#688944: fixed in tiff 3.9.4-5+squeeze6

Date: Tue, 23 Oct 2012 12:47:04 +0000

Source: tiff
Source-Version: 3.9.4-5+squeeze6

We believe that the bug you reported is fixed in the latest version of
tiff, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 688944@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jay Berkenbilt <qjb@debian.org> (supplier of updated tiff package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 05 Oct 2012 16:54:07 -0400
Source: tiff
Binary: libtiff4 libtiffxx0c2 libtiff4-dev libtiff-tools libtiff-opengl libtiff-doc
Architecture: source all amd64
Version: 3.9.4-5+squeeze6
Distribution: stable-security
Urgency: high
Maintainer: Jay Berkenbilt <qjb@debian.org>
Changed-By: Jay Berkenbilt <qjb@debian.org>
Description: 
 libtiff-doc - TIFF manipulation and conversion documentation
 libtiff-opengl - TIFF manipulation and conversion tools
 libtiff-tools - TIFF manipulation and conversion tools
 libtiff4   - Tag Image File Format (TIFF) library
 libtiff4-dev - Tag Image File Format library (TIFF), development files
 libtiffxx0c2 - Tag Image File Format (TIFF) library -- C++ interface
Closes: 688944
Changes: 
 tiff (3.9.4-5+squeeze6) stable-security; urgency=high
 .
   * Add fix for CVE-2012-4447, a buffer overrun.  (Closes: #688944)
   * CVE-2012-2088 was actually included in previous version but not listed
     in the change log.
Checksums-Sha1: 
 40d63cae7fce65cd2dc8d3bc7fe998d04fe17686 1872 tiff_3.9.4-5+squeeze6.dsc
 826fd16f944029acf961200a8f39bad6b883e2cd 23461 tiff_3.9.4-5+squeeze6.debian.tar.gz
 a28d858df070aa2ba88bf14e32e4834f38dfc972 386210 libtiff-doc_3.9.4-5+squeeze6_all.deb
 d0fb357ea0bed3cfe8070c0669e2562f912ae690 195236 libtiff4_3.9.4-5+squeeze6_amd64.deb
 9e6819492c905ac67b2f32dee00b067646d0b4e8 59156 libtiffxx0c2_3.9.4-5+squeeze6_amd64.deb
 32527cd6eec9c784796d58841c8b42202cdb8556 322238 libtiff4-dev_3.9.4-5+squeeze6_amd64.deb
 5ea4c865bea04e25fcaf66fb7ff1ca2d73bed481 302624 libtiff-tools_3.9.4-5+squeeze6_amd64.deb
 11b0ce5b09f8ec3874dc43c052c339ee5622c278 64584 libtiff-opengl_3.9.4-5+squeeze6_amd64.deb
Checksums-Sha256: 
 98bfadeee93b550978a749770da018b5d609d9a28ccb14e3d483a73e33522e0c 1872 tiff_3.9.4-5+squeeze6.dsc
 518f411acb06f11e0ced8b35a146f6a5af13e75a08a9b76771e9bec28bb6717c 23461 tiff_3.9.4-5+squeeze6.debian.tar.gz
 7b05eb3e00fcc30be34c1d422def0631a25c5e8f770b12715eb2f50c315f66a2 386210 libtiff-doc_3.9.4-5+squeeze6_all.deb
 75c55b8bca6be18d4d601ad527e4ab011d1a39cee7a73d721e28da90485b9279 195236 libtiff4_3.9.4-5+squeeze6_amd64.deb
 33f66d8c63cbcdbdf24b384609af64faeeb3c181d62cd89afbf8e4e0c90daa26 59156 libtiffxx0c2_3.9.4-5+squeeze6_amd64.deb
 5fc7b86a31e0f974d06e0ac8b5b7f0f214c15cdd2f4bdb4ed5322bf1fbd7e4d9 322238 libtiff4-dev_3.9.4-5+squeeze6_amd64.deb
 28085274adcd5763038a82bdd3f11255ac6b61c26c80aeddc59359adc77eb49e 302624 libtiff-tools_3.9.4-5+squeeze6_amd64.deb
 76fe7f3d38559b4cc4989745193dc3121db5200af2b6fc95a211e7c388c97266 64584 libtiff-opengl_3.9.4-5+squeeze6_amd64.deb
Files: 
 25abb92033975fd729cf217e25124fe8 1872 libs optional tiff_3.9.4-5+squeeze6.dsc
 9a5c313688e6dedd4794e41075601c98 23461 libs optional tiff_3.9.4-5+squeeze6.debian.tar.gz
 76114ec8cd1be06d6ab086dbba683df0 386210 doc optional libtiff-doc_3.9.4-5+squeeze6_all.deb
 0ae16ee48239438fb09bad92f2426303 195236 libs optional libtiff4_3.9.4-5+squeeze6_amd64.deb
 509849af062fbe2e3f71cc9d7c17a49b 59156 libs optional libtiffxx0c2_3.9.4-5+squeeze6_amd64.deb
 8693c0158ca318631f0d0e776589f3ce 322238 libdevel optional libtiff4-dev_3.9.4-5+squeeze6_amd64.deb
 e819e927a359cd0714fd697bc162700e 302624 graphics optional libtiff-tools_3.9.4-5+squeeze6_amd64.deb
 7758668b72e0c9fc5b1d70310b909674 64584 graphics optional libtiff-opengl_3.9.4-5+squeeze6_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJQb1WfAAoJEIp10QmYASx+a/gP/iaI7J1jb8o2Kp/jy1YDoaOz
h/CQKHXdTyAsVaE95ybokQspK4OpE8NBkDu65QNN2J8LhlWxwXGg73K0fZtbS5yh
ZoL0tuSH4MS3lS6FbV8oSvwvVJQ8CRwBYNHoHm8gl9ZENYClZJ8DwmAFtUoKS6xz
radlYSE9kHQZVwAOCIlPH3S/0zGwI5ySH0H86YLpVEqZ8CP3149yUqWJG9bfi4Sf
LfwpR8mXF0jEPnFG4Z0SgZjshAbUiMbjvioZesp+KLo8WNOeizozbJ3DBWZmxinj
FrO8N9gUZ3mD9QH3PPgbMUvoROHkLJ2kBqdf2wj71cmD2Jb09BrHcJZwVjVWTSPg
lPUi5g6CGy7BQ1Nmk/DV6Ly/7lj4ODyOb+Nrr+XkrC6znt8QYH00rc39UNw0D6hg
iktCeBKrpvAc89wvCMkQ8uYtxR6VCnDIkO8+lJOn4OB9HoApfItwGiwoa6oX0ey/
cL1i0o7kHDO2uigXmSEPM3k9QzJW7/Psckg7/XhuB30MuHE4gFDZ8WJRiYHMNawd
+iID2LjGv/x7ATy86uI/8C9nI6tKuTcpz1TR84AwkPTnGAS87Yd8UttePYIJGK2a
xJcm1xUD1Umpq5LnedOJs8UvVBrUEzTmzQR+GJz4E3zueq7Pz8eKHToeiWdVuqRX
I+/lttGYPq9ZJUwcfyii
=N6rn
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.