Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package runc.16502 for openSUSE:Leap:15.2:Update checked in at 2021-06-16 15:54:12 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2:Update/runc.16502 (Old) and /work/SRC/openSUSE:Leap:15.2:Update/.runc.16502.new.32437 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "runc.16502" Wed Jun 16 15:54:12 2021 rev:1 rq:899506 version:1.0.0~rc93 Changes: -------- New Changes file: --- /dev/null 2021-05-27 11:03:55.685848939 +0200 +++ /work/SRC/openSUSE:Leap:15.2:Update/.runc.16502.new.32437/runc.changes 2021-06-16 15:54:12.429829461 +0200 @@ -0,0 +1,473 @@ +------------------------------------------------------------------- +Thu Apr 29 06:18:55 UTC 2021 - Aleksa Sarai <asa...@suse.com> + +- Add fix for CVE-2021-30465. bsc#1185405 + + CVE-2021-30465.patch + +------------------------------------------------------------------- +Mon Apr 26 07:54:54 UTC 2021 - Aleksa Sarai <asa...@suse.com> + +- Backport patch to fix build on SLE-12 ppc64le. + + 0001-cloned_binary-switch-from-error-to-warning-for-SYS_m.patch + +------------------------------------------------------------------- +Wed Feb 3 04:09:17 UTC 2021 - Aleksa Sarai <asa...@suse.com> + +- Update to runc v1.0.0~rc93. Upstream changelog is available from + https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc93 + bsc#1182451 bsc#1184962 + + * Cgroupv2 support is no longer considered experimental. + * Mountinfo parsing code has been reworked significantly. + * Special ENOSYS handling for seccomp profiles to avoid making new + syscalls unusable for glibc. + * Various rootless containers improvements. + * The "selinux" and "apparmor" buildtags have been removed, and now all runc + builds will have SELinux and AppArmor support enabled. + +------------------------------------------------------------------- +Tue Feb 2 05:53:17 UTC 2021 - Aleksa Sarai <asa...@suse.com> + +- Update to handle the docker-runc removal. bsc#1181677 +- Modernise go building for runc now that it has go.mod. + +------------------------------------------------------------------- +Fri Aug 28 07:38:29 UTC 2020 - Ralf Haferkamp <rha...@suse.com> + +- Upgrade to runc v1.0.0~rc92 (bsc#1175821). Upstream changelog is available + from https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc92 + + * Updates to CRIU support. + * Improvements to cgroupfs performance and correctness. + +------------------------------------------------------------------- +Thu Jul 2 01:24:49 UTC 2020 - Aleksa Sarai <asa...@suse.com> + +- Upgrade to runc v1.0.0~rc91. Upstream changelog is available from + https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc91 + + * This release of runc has experimental support for cgroupv2-only systems. + +- Remove upstreamed patches: + - bsc1149954-0001-sd-notify-do-not-hang-when-NOTIFY_SOCKET-is-used-wit.patch + - bsc1168481-0001-cgroup-devices-major-cleanups-and-minimal-transition.patch + +------------------------------------------------------------------- +Thu Jun 25 22:34:03 UTC 2020 - Aleksa Sarai <asa...@suse.com> + +- Switch to Go 1.13 for build. + +------------------------------------------------------------------- +Wed May 13 06:49:44 UTC 2020 - Aleksa Sarai <asa...@suse.com> + +- Backport https://github.com/opencontainers/runc/pull/2391 to help fix + bsc#1168481. + + bsc1168481-0001-cgroup-devices-major-cleanups-and-minimal-transition.patch + +------------------------------------------------------------------- +Tue Apr 14 10:16:21 UTC 2020 - Ralf Haferkamp <rha...@suse.com> + +- Renamed patch: + 0001-sd-notify-do-not-hang-when-NOTIFY_SOCKET-is-used-wit.patch + to + bsc1149954-0001-sd-notify-do-not-hang-when-NOTIFY_SOCKET-is-used-wit.patch + +------------------------------------------------------------------- +Wed Mar 18 08:57:34 UTC 2020 - Ralf Haferkamp <rha...@suse.com> + +- Added fix for bsc#1149954 + * 0001-sd-notify-do-not-hang-when-NOTIFY_SOCKET-is-used-wit.patch + (cherry pick of https://github.com/opencontainers/runc/pull/1807) + +------------------------------------------------------------------- +Thu Jan 23 17:18:05 UTC 2020 - Aleksa Sarai <asa...@suse.com> + +- Upgrade to runc v1.0.0~rc10. Upstream changelog is available from + https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc10 +- Drop upstreamed patches: + - CVE-2019-19921.patch + +------------------------------------------------------------------- +Tue Jan 21 22:10:58 UTC 2020 - Bj??rn Lie <bjorn....@gmail.com> + +- Change packagewide go version to be greater or equal to 1.10. + +------------------------------------------------------------------- +Fri Jan 17 03:02:46 UTC 2020 - Aleksa Sarai <asa...@suse.com> + +- Update CVE-2019-19921 patch to match upstream PR. + * CVE-2019-19921.patch + +------------------------------------------------------------------- +Tue Jan 14 04:44:36 UTC 2020 - Aleksa Sarai <asa...@suse.com> + +- Add backported fix for CVE-2019-19921. bsc#1160452 + + CVE-2019-19921.patch + +------------------------------------------------------------------- +Sat Oct 5 11:40:13 UTC 2019 - Aleksa Sarai <asa...@suse.com> + +- Upgrade to runc v1.0.0~rc9. Upstream changelog is available from + https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc9 +- Remove upstreamed patches: + - CVE-2019-16884.patch + +------------------------------------------------------------------- +Thu Sep 26 14:54:07 UTC 2019 - Aleksa Sarai <asa...@suse.com> + +- Add backported fix for CVE-2019-16884. bsc#1152308 + + CVE-2019-16884.patch +- Add runc-rpmlintrc to drop runc-test rpmlint warnings. + +------------------------------------------------------------------- +Mon Apr 29 11:56:21 UTC 2019 - Aleksa Sarai <asa...@suse.com> + +- Upgrade to runc v1.0.0~rc8. Upstream changelog is available from + https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc8 +- Includes upstreamed patches for regressions (bsc#1131314 bsc#1131553). +- Remove upstreamed patches: + - CVE-2019-5736.patch + +------------------------------------------------------------------- +Wed Feb 6 08:10:47 UTC 2019 - Aleksa Sarai <asa...@suse.com> + +- Add fix for CVE-2019-5736 (effectively copying /proc/self/exe during re-exec + to avoid write attacks to the host runc binary). bsc#1121967 + + CVE-2019-5736.patch + +------------------------------------------------------------------- +Wed Dec 19 19:55:11 UTC 2018 - c...@suse.com + +- Update go requirements to >= go1.10 to fix + * bsc#1118897 CVE-2018-16873 + go#29230 cmd/go: remote command execution during "go get -u" + * bsc#1118898 CVE-2018-16874 + go#29231 cmd/go: directory traversal in "go get" via curly braces in import paths + * bsc#1118899 CVE-2018-16875 + go#29233 crypto/x509: CPU denial of service + +------------------------------------------------------------------- +Thu Dec 13 04:34:25 UTC 2018 - d...@suse.com + +- Require golang = 1.10. + +------------------------------------------------------------------- +Thu Nov 29 09:10:09 UTC 2018 - Aleksa Sarai <asa...@suse.com> + +- Upgrade to runc v1.0.0~rc6. Upstream changelog is available from + https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc6 + +------------------------------------------------------------------- +Wed Oct 31 14:01:03 UTC 2018 - Valentin Rothberg <vrothb...@suse.com> + +- Create a symlink in /usr/bin/runc to enable rootless Podman and Buildah. + +------------------------------------------------------------------- +Wed Jun 13 12:59:09 UTC 2018 - dcass...@suse.com + +- Make use of %license macro + +------------------------------------------------------------------- +Tue Jun 5 06:38:40 UTC 2018 - asa...@suse.com + +- Remove 'go test' from %check section, as it has only ever caused us problems + and hasn't (as far as I remember) ever caught a release-blocking issue. Smoke + testing has been far more useful. boo#1095817 + +------------------------------------------------------------------- +Tue Feb 27 17:18:32 UTC 2018 - asa...@suse.com + +- Upgrade to runc v1.0.0~rc5. Upstream changelog is available from + https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc5 +- Remove patch now merged upstream. + - bsc1053532-0001-makefile-drop-usage-of-install.patch + +------------------------------------------------------------------- +Thu Aug 17 04:39:56 UTC 2017 - asa...@suse.com + +- Use .tar.xz provided by upstream, as well as include the keyring to allow + full provenance of the source. + +------------------------------------------------------------------- +Sun Aug 13 14:25:32 UTC 2017 - asa...@suse.com + +- Use the upstream Makefile, to ensure that we always include the version + information in runc. This was confusing users (and Docker). bsc#1053532 +- Add a backported patch to fix a Makefile bug. + https://github.com/opencontainers/runc/pull/1555 ++++ 276 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:Leap:15.2:Update/.runc.16502.new.32437/runc.changes New: ---- 0001-cloned_binary-switch-from-error-to-warning-for-SYS_m.patch CVE-2021-30465.patch runc-1.0.0-rc93.tar.xz runc-1.0.0-rc93.tar.xz.asc runc-rpmlintrc runc.changes runc.keyring runc.spec ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ runc.spec ++++++ # # spec file for package runc # # Copyright (c) 2021 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via https://bugs.opensuse.org/ # # nodebuginfo # MANUAL: Make sure you update this each time you update runc. %define git_version 12644e614e25b05da6fd08a38ffa0cfe1903fdec # Package-wide golang version %define go_version 1.13 %define _version 1.0.0-rc93 %define project github.com/opencontainers/runc Name: runc Version: 1.0.0~rc93 Release: 0 Summary: Tool for spawning and running OCI containers License: Apache-2.0 Group: System/Management URL: https://github.com/opencontainers/runc Source0: https://github.com/opencontainers/runc/releases/download/v%{_version}/runc.tar.xz#/runc-%{_version}.tar.xz Source1: https://github.com/opencontainers/runc/releases/download/v%{_version}/runc.tar.xz.asc#/runc-%{_version}.tar.xz.asc Source2: runc.keyring Source3: runc-rpmlintrc # SUSE-FIX: SLE-12 has too old a glibc for memfd_create(2) and __ppc64__ # doesn't appear to match ppc64le for some reason. This is a backport # of <https://github.com/opencontainers/runc/pull/2919>. Patch1: 0001-cloned_binary-switch-from-error-to-warning-for-SYS_m.patch # CVE-2021-30465 bsc#1185405 Patch2: CVE-2021-30465.patch BuildRequires: fdupes BuildRequires: go-go-md2man # Due to a limitation in openSUSE's Go packaging we cannot have a BuildRequires # for 'golang(API) >= 1.x' here, so just require 1.x exactly. bsc#1172608 BuildRequires: go%{go_version} BuildRequires: libseccomp-devel BuildRequires: libselinux-devel Recommends: criu # There used to be a docker-runc package which was specifically for Docker. # Since Docker now tracks upstream more consistently, we use the same package # but we need to obsolete the old one. bsc#1181677 # NOTE: We can't use the package version here because docker-runc used a # different versioning scheme by accident (1.0.0rc92 vs 1.0.0~rc92 -- and # GNU sort considers the former to be newer than the latter, in fact # 1.0.0rc92 is newer than 1.0.0 according to GNU sort). So we invent a # fake 1.0.0.1 version. Obsoletes: docker-runc < 1.0.0.1 Provides: docker-runc = 1.0.0.1.%{version} # KUBIC-SPECIFIC: There used to be a kubic-specific docker-runc package, but # now it's been merged into the one package. bsc#1181677 Obsoletes: docker-runc-kubic < 1.0.0.1 Provides: docker-runc-kubic = 1.0.0.1.%{version} Obsoletes: docker-runc = 0.1.1+gitr2819_50a19c6 Obsoletes: docker-runc_50a19c6 %description runc is a CLI tool for spawning and running containers according to the OCI specification. It is designed to be as minimal as possible, and is the workhorse of Docker. It was originally designed to be a replacement for LXC within Docker, and has grown to become a separate project entirely. %prep %setup -q -n %{name}-%{_version} # fix build on SLE-12 ppc64le %patch1 -p1 # CVE-2021-30465 bsc#1185405 %patch2 -p1 %build # build runc make BUILDTAGS="seccomp" COMMIT_NO="%{git_version}" runc # build man pages man/md2man-all.sh %install # We install to /usr/sbin/runc as per upstream and create a symlink in /usr/bin # for rootless tools. install -D -m0755 %{name} %{buildroot}%{_sbindir}/%{name} install -m0755 -d %{buildroot}%{_bindir} ln -s %{_sbindir}/%{name} %{buildroot}%{_bindir}/%{name} # Man pages. install -d -m0755 %{buildroot}%{_mandir}/man8 install -m0644 man/man8/runc*.8 %{buildroot}%{_mandir}/man8 %fdupes %{buildroot} %files %defattr(-,root,root) %doc README.md %license LICENSE %{_sbindir}/%{name} %{_bindir}/%{name} %{_mandir}/man8/runc*.8.gz %changelog ++++++ 0001-cloned_binary-switch-from-error-to-warning-for-SYS_m.patch ++++++ >From dd7444d3bba4ae2e461b41026f5f37416d7ee158 Mon Sep 17 00:00:00 2001 From: Aleksa Sarai <asa...@suse.de> Date: Mon, 26 Apr 2021 17:41:29 +1000 Subject: [PATCH] cloned_binary: switch from #error to #warning for SYS_memfd_create hardcode We shouldn't refuse to build on architectures just because we don't know what the syscall number of memfd_create(2) is. In addition, use the correct defined(...) macros for ppc64 (these are the ones glibc uses). Fixes: 3aead32ea246 ("nsenter: hard-code memfd_create(2) syscall numbers") Signed-off-by: Aleksa Sarai <asa...@suse.de> --- libcontainer/nsenter/cloned_binary.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libcontainer/nsenter/cloned_binary.c b/libcontainer/nsenter/cloned_binary.c index 2667cd65c293..b78000fec317 100644 --- a/libcontainer/nsenter/cloned_binary.c +++ b/libcontainer/nsenter/cloned_binary.c @@ -75,12 +75,12 @@ # define SYS_memfd_create 385 # elif defined(__aarch64__) // arm64 # define SYS_memfd_create 279 -# elif defined(__ppc__) || defined(__ppc64__) // ppc + ppc64 +# elif defined(__ppc__) || defined(__PPC64__) || defined(__powerpc64__) // ppc + ppc64 # define SYS_memfd_create 360 # elif defined(__s390__) || defined(__s390x__) // s390(x) # define SYS_memfd_create 350 # else -# error "unknown architecture -- cannot hard-code SYS_memfd_create" +# warning "unknown architecture -- cannot hard-code SYS_memfd_create" # endif # endif #endif -- 2.31.1 ++++++ CVE-2021-30465.patch ++++++ ++++ 755 lines (skipped) ++++++ runc-rpmlintrc ++++++ # -test is something that is used internally and isn't actually shipped -- it's a pseudo-source package. addFilter ("^runc(-kubic)?-test.*") ++++++ runc.keyring ++++++ pub rsa4096 2016-06-21 [SC] [expires: 2031-06-18] 5F36C6C61B5460124A75F5A69E18AA267DDB8DB4 uid [ultimate] Aleksa Sarai <asa...@suse.com> uid [ultimate] Aleksa Sarai <asa...@suse.de> sub rsa4096 2016-06-21 [E] [expires: 2031-06-18] -----BEGIN PGP PUBLIC KEY BLOCK----- mQINBFdpGN0BEADMEmLpnUel7OI2SM8f88i7w0iRgJd4kOvF1z673+zWCgaw9QW8 ha7wAm/+3isas9IqlvGx61i6hbO7TFwcYi472VHhs4HP8jMtWytHHkjc3O9xlMc0 CfekjIpoR1CffYtCvkLr8/f74jHNRfqsmZ1Oxa9GjbhgDnbw4Baztp6WctzMXyOJ j5bJuSfQTcgFbIeQ27zx7gNjbnHyEP5TEm1/CeoWpGPpZLJPiKHdI/TBCyFexHJ0 IlabKc4DC43RZyh0Btuf+FiX9K2NkoCC7l5nQdde8B6YG7SA6xEhwhQ73bSs7A56 rlZxfIFmLCB/81FyXk5eH0Eu9Lbwj69YQ81EdkLnLAyP3ZB+MRGuiWVD88Jr1He2 25m3dxTVzaP0TAV4LqdbuqTwr2wagu9MZQ5XXDiaEuiPwTrO10xlmivOjRaWxoWA E0I3fOdrzqfg9XK6g1pG23v2WhHFIejqVCXrf5oPcCd62lGeh0ghEdNN89ikXbka 1PJRiWI3uDQ6STSKa+6uC5eUM7tK/ymqS8JYSQf4d3eIaC2H403psPt5kbq1bHdx nRPX2eh/t1QzR1dhPxzai4CzLERIYJ9iD4nGiSscwy0P44AgyeuywSg4qXzr9Sfe igOj+6lfJb3iZRN3dKLTRAKWvo7yfdi/UOycodlaQyW8v0yXAx7Yh1NgJQARAQAB tB1BbGVrc2EgU2FyYWkgPGFzYXJhaUBzdXNlLmRlPokCPQQTAQgAJwUCV2kY3QIb AwUJHDIEgAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRCeGKomfduNtGecEACZ JLVdeKHKsSUqTLOjbC6t9uKfKlNpu+iQ2/TS9YazLWXoFEc8f/uWB8BpHcJBFrqz j+mI34ShEkbbNJArxR76njnAtPF+73GiD0dAjRDWz8YtQgSg5UhYm6O2Si/EM4I8 TDzflyjaZltCkDe2U+2T8dTkYxqOi11IuCukPBNe0moxGKvLGPWEqZQMPCfBgllD lv2Toiry2Fp1bkBlT6hk0C684rfAwzPQuH0BBv8vgfgroRMJg/qfZb64lhMCXaPr rCtVHP+F1bVXKZCBCt7ETTtcteUEKaFmGgDGpXGnIqPL5iWLK5u8DQL/1lGcinj9 QdD9IUNqsrsNAbdyMMqQvZKQwIVDgFMXrCwSRymOi6cppN7eF0VyFN7YsATttRGx CZBoSMhVW6VVxuJFGaQWFXWthVGVEd2jkvny1TX8Nm8KBHC2G/wNVU3pKrCPhMCt rYc8xWZ+6uisQ6XWs8H4nyBOVN6RvhIqqXJL1nvViOSFMLSDyFgPA16368krgxYE pVDvie04aDjKZj2/0LSogNQPqZxs8uKIjLZ1NYQQmCQ8Dx9/nshg1wbyDD/c///M EmVFmZhlNLZ8tV/iTlwfD/4vjbeaAQTVanhPFRbUtmL/iuz5f0gH0b0xc+mc+yQ1 egjBwMuKr+h7jbSXIWoFGZLrqT3WswTg0Khk6oEL57QeQWxla3NhIFNhcmFpIDxh c2FyYWlAc3VzZS5jb20+iQI9BBMBCAAnBQJXaRngAhsDBQkcMgSABQsJCAcCBhUI CQoLAgQWAgMBAh4BAheAAAoJEJ4YqiZ924202mIQAIjGrikF7OPBCbV5Oo4oC0QQ 7HcG+DM9cN6UcFO+rzWQxZ/atEpiULa4O3YKoGOkSV5WAjUpaY5Rf7Obt3EjgrwE PhtGvOpC6kkkTV43RmmK06CxHiZPrUJBwcpbW1rf2JZx7PPBMbZfsmWdVZc+LjzC D3KtJ7xhzT0mi+zN5ONNHody6sDQO6n0mN+bRVxiVdcxwjYHfJYGobI6aaKyupvl +xCGK4ekzNCVzaxudzqmbFE6qk+cWcvcA8HpggA63rCvCLfK1embNOtqzKAcJh1o cJvrtpe18qBvd4yXFWEqQBW6IoDLvdzaLY7eNMI97UDInciz/GUtbxhqbs1lAOBz V1y9fi0+NIIq1qmhbLxpUFC2BWsZRuWEqYWdr4FFJCuYEEXX6KXM7d9CSdWlErCU mqKYsx6X4E7Iy1yupYbIqXRea9wBr8aPoFk+gLdNbCWAE4o7InKJY1uqOt141ffs +6XJe2wVvA2xLr0ZphlcyF0EHZX8tMWLCYdQJdLMps2hl5oFpi7ccdM1GpE/Kwt5 pEBqsJ6vP59BsbmciYmNkYKvFIKJcasImglQP6nrQiBwjTd7fYXpMDeO0yNtklaZ IZlbNvxOe1TqbRzfVFk3oSBbEaFzPAx/W0uU1evZynpu2PcIvOuadScc9j0jMzt8 0wknTD5AqhD/fkfZlwRouQINBFdpGN0BEADfqvO6AkGOWf+lcQZfWBMSMpzneCCS JvQvD65VrFt0CCbSlJv1pc3GwLlL2dMulIxQGg0JMTjfPZcCYqrnOcWe0gedETRV nOucY7zWmohR7L70YWwh46FlAPifY6bIIYGYTHyI9w1adS9K4tAJW/XS0WrvZ5KA l7htrAzUAsMhag9y9jtQJVPLErGJta3jZJASs8PZWWmLYZE+oy1R3W52w/HqGQHS 8BPgo4oL+lrjPmjAwouhhNETTq9W2xmCe18EJodOjNKdF5ODOq1LOkPNHIaIdG0s sY3qbifcRLVDvSmb8++4WRYl1HLy2vpsTQ31mZ3KyRKR6cP61ivTZy8idwD+Qt1t 3uKTCGNZj96OCob8ZeZsak6enuFZleVbLty1eULIw/IZuq8g6E+/V7mbFo4vkXMN q4YrX0Q3XEzB8Cdxd5vsnz7Uga35j44gwJ+BUsCyaRUyGzLqhUWHJS73Vy3IxHfX Rj7TQUBFYDKbOS9oKearmvTb1SQzH7NM5jQUFzXeJQE03jetRneNQ5hkh9UhUr64 gtRnnKXTimXkczEMU9eDSTgQoaebdPnWEnzoStS5ln03zH+CNTQF9qjcpYBrJ2mZ wnxO9OP/45KQL4hPAi2+hGkq2yjuIzeCkFJabAc7sF6lwJqH82XtiIIR+AGTM8QC Eno0eqAytg8YawARAQABiQIlBBgBCAAPBQJXaRjdAhsMBQkcMgSAAAoJEJ4YqiZ9 2420AuIP/1PYZDKFLv//+iY6Z9xGz4zHL+9nWND/Kll3xHeuWjYGZ2nmcovSnEW4 0eiMn1c6KMgs/CCR4+9bm7MdgaF73pjM4xzHBIBetLLkcKQIrniX2Fq+WgscJfFx +0ha7Xb2TTpSy8PRiYHowVUaMPwyqSsAUwrSenLuwyiKr+EW4Wzo+YM2w9a86yw1 GfWuiyk0Z4sGoPoPEjmD4y6Xlf8kIfuZeb+joHd6W1nMf7cxDkNLQqX6sWvs62Tv Lsx2jApPKD2PyTyyxItJKc6NXFVM+Uww323ZYVWMkz+VKalHRiv6xzGqArhpAIH6 fn+1WjjqkrrLU4I7smjlulZCy/NZLOKqQYaqM+7BgC2mOPMb5CM99cg4SrK86dFr 3Cf22+OTmC6/Wb5Gu4PzTzkYIJDnt3BJQYjJlp4zyOHluN6notrWagLIB06oX+jQ pxGySHW++Cha/JCUb0mfeHIJKvRor3v7YaSJoFIo//rz6XJ9WVZfsKnOte/3s9m7 qkEvLArbe2o7pUJ2mxZZw/nAk/Y39FYAMvgMA9f+uv18O7u+ojYjS6DlrmNuIEg/ mp8FqVxVNdIS2capSF4+eOn3a4kcF0018xbTLA2AwQ2o9eF5G9qTdSVrN865VPCd KWr9ByCKAwVHsaSgVSJE/dse4f1toqeEHHbWk682U4RqOWZR4bA0 =3/jE -----END PGP PUBLIC KEY BLOCK-----
