forked from pool/openssl-1_1
Accepting request 1101937 from security:tls
OBS-URL: https://build.opensuse.org/request/show/1101937 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl-1_1?expand=0&rev=50
This commit is contained in:
commit
19fa66a431
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:e2f8d84b523eecd06c7be7626830370300fbcc15386bf5142d72758f6963ebc6
|
||||
size 9892176
|
@ -1,16 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCAAdFiEE3HAyZir4heL0fyQ/UnRmohynnm0FAmR171cACgkQUnRmohyn
|
||||
nm0f7RAAj+ZssEY1hiRWhuLTmmFJIR1vhEpP9addj8oaXvlJSrA6QzHZrUcuzTL0
|
||||
jtOkS4gTIla8iNNe1alwQdYXnhW46IrQAy2+bYuHCLXJm55/0PKCs2Cdy3naPU3N
|
||||
9zxo+jAEx3X7hBJAzyLbGwrzpIUe9mbkyheSGxtEpW53ZvX1jo73uxyVYzq6BwJx
|
||||
ngCeyBDrRrP6GgwMrpR6zExUyOwltBl/Jvx813AvXXbczJgMe3wCeQOa9Y1QWaVA
|
||||
eTKz2lT7reZ80VzfXNMdPT+33+vABfwGEPsdXy7JIWGJubiC5vkHq2Im/U6wzU9v
|
||||
9WsKk9MGQ4OV52gcRiYVyb9+nvGWUgfgV8c268nwWHIdYA85FjBb8xGzK1vHgA3o
|
||||
E4rRT6e94l+NQChjmm7NwALLcQ+oFtqXsK+CiG9Ek6BMXJ/RitmQUHuhnRDyNL2u
|
||||
OtbF549NrxwPe3CskJzP+tUizcQbM6HJtaKi+U49f1+EYZObxJ57qom34eFgET8N
|
||||
GvnY6ikBccGEMjphL7dOzEnKYMRBSTCYAQfjBLFvwth2yLjM5f8AC+z6KhGiKnDY
|
||||
JI+hHdca4rfrsKXxon+62x8gFmP8waHacR6Sh0OqDiYqNYn+G9q3nuLZMGpRJD2M
|
||||
WgXyeu43LEXwhbCGzxnQH0mxFWSMB/2trWTTFzr5BrS7TmujVCw=
|
||||
=EBqr
|
||||
-----END PGP SIGNATURE-----
|
BIN
openssl-1.1.1v.tar.gz
(Stored with Git LFS)
Normal file
BIN
openssl-1.1.1v.tar.gz
(Stored with Git LFS)
Normal file
Binary file not shown.
16
openssl-1.1.1v.tar.gz.asc
Normal file
16
openssl-1.1.1v.tar.gz.asc
Normal file
@ -0,0 +1,16 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCAAdFiEE78CkZ9YTy4PH7W0w2JTizos9efUFAmTJDewACgkQ2JTizos9
|
||||
efVPDBAAjgNq842XSAhmH3CBHHFtMuVlg5RV+tAV7PF7tDm/Bu0VPxZecvDhEHyk
|
||||
y1bIzYki9kPQrnDc5Cz3UYHjnBp2n2GH+JDShedSJMH3qbsAlSB4j5b15UFjE8b4
|
||||
yDl4rlcug3SydqEdYJAGnOD3QBghsX7GiS6S9BgnU1D1XDZ1LYF6NumrjeypGm2r
|
||||
vodcjel0tD+Xu2Du398sGmXLZLfK7eBT8dYtzWHAZubf+dNQmfRRDALo2Q5Xux6p
|
||||
xIDlEQvTUkt5mF+Rx0CI1boIKeaFoZFOReUW0zkKYfwNkfq1WvGj3sGA+StQsgn1
|
||||
Dvfx6ONoS9UT+6KTegsLOIX2xOAHa8k4UgtW19eCovYzJNkBwNnq83lrvIEMoLY7
|
||||
brALTqBmlFq4prPgzpDHlTeC78uDcf/Ao95CeBw5yKVsKAN7W7vA2u6Gr2ZgUWsF
|
||||
zVnrxJ9difkrvkFxm6uO2qu1qA/84Bow77M6/7FSHFZ+oDB3tjGXtq4Tf6iBkhpf
|
||||
XIRu79S1LxCY7HxKVHHfpKuGSfefV/tgPeOac8CvucIq6r1Be20h0crRnDEGJt8G
|
||||
Otznvt04iX+FkSVC7PjiAVZqubQQWjXUZxDngQgUOye/suExGwEoaTMmhj95eiVu
|
||||
ufee+jDrVGOjhLLoEClP/+zpl2Wplq3KzLVsvvJa8v5KTVot9r4=
|
||||
=mu7b
|
||||
-----END PGP SIGNATURE-----
|
@ -24,8 +24,10 @@
|
||||
tools/c_rehash.in | 6 ++--
|
||||
23 files changed, 71 insertions(+), 68 deletions(-)
|
||||
|
||||
--- a/Configurations/descrip.mms.tmpl
|
||||
+++ b/Configurations/descrip.mms.tmpl
|
||||
Index: openssl-1.1.1v/Configurations/descrip.mms.tmpl
|
||||
===================================================================
|
||||
--- openssl-1.1.1v.orig/Configurations/descrip.mms.tmpl
|
||||
+++ openssl-1.1.1v/Configurations/descrip.mms.tmpl
|
||||
@@ -142,8 +142,8 @@ INSTALL_SHLIBS={- join(", ", map { "-\n\
|
||||
INSTALL_ENGINES={- join(", ", map { "-\n\t".$_.".EXE" } @{$unified_info{install}->{engines}}) -}
|
||||
INSTALL_PROGRAMS={- join(", ", map { "-\n\t".$_.".EXE" } @{$unified_info{install}->{programs}}) -}
|
||||
@ -37,8 +39,10 @@
|
||||
{- output_on() if $disabled{apps}; "" -}
|
||||
|
||||
APPS_OPENSSL={- use File::Spec::Functions;
|
||||
--- a/Configurations/unix-Makefile.tmpl
|
||||
+++ b/Configurations/unix-Makefile.tmpl
|
||||
Index: openssl-1.1.1v/Configurations/unix-Makefile.tmpl
|
||||
===================================================================
|
||||
--- openssl-1.1.1v.orig/Configurations/unix-Makefile.tmpl
|
||||
+++ openssl-1.1.1v/Configurations/unix-Makefile.tmpl
|
||||
@@ -140,8 +140,8 @@ INSTALL_SHLIB_INFO={- join(" ", map { "\
|
||||
INSTALL_ENGINES={- join(" ", map { dso($_) } @{$unified_info{install}->{engines}}) -}
|
||||
INSTALL_PROGRAMS={- join(" ", map { $_.$exeext } @{$unified_info{install}->{programs}}) -}
|
||||
@ -82,8 +86,10 @@
|
||||
|
||||
generate_crypto_bn:
|
||||
( cd $(SRCDIR); $(PERL) crypto/bn/bn_prime.pl > crypto/bn/bn_prime.h )
|
||||
--- a/Configure
|
||||
+++ b/Configure
|
||||
Index: openssl-1.1.1v/Configure
|
||||
===================================================================
|
||||
--- openssl-1.1.1v.orig/Configure
|
||||
+++ openssl-1.1.1v/Configure
|
||||
@@ -35,7 +35,7 @@ my $usage="Usage: Configure [no-<cipher>
|
||||
# directories bin, lib, include, share/man, share/doc/openssl
|
||||
# This becomes the value of INSTALLTOP in Makefile
|
||||
@ -93,8 +99,10 @@
|
||||
# If it's a relative directory, it will be added on the directory
|
||||
# given with --prefix.
|
||||
# This becomes the value of OPENSSLDIR in Makefile and in C.
|
||||
--- a/INSTALL
|
||||
+++ b/INSTALL
|
||||
Index: openssl-1.1.1v/INSTALL
|
||||
===================================================================
|
||||
--- openssl-1.1.1v.orig/INSTALL
|
||||
+++ openssl-1.1.1v/INSTALL
|
||||
@@ -296,7 +296,7 @@
|
||||
be undesirable if small executable size is an objective.
|
||||
|
||||
@ -104,11 +112,13 @@
|
||||
Typically OpenSSL will automatically load a system config
|
||||
file which configures default ssl options.
|
||||
|
||||
--- a/NEWS
|
||||
+++ b/NEWS
|
||||
@@ -5,6 +5,9 @@
|
||||
This file gives a brief overview of the major changes between each OpenSSL
|
||||
release. For more details please read the CHANGES file.
|
||||
Index: openssl-1.1.1v/NEWS
|
||||
===================================================================
|
||||
--- openssl-1.1.1v.orig/NEWS
|
||||
+++ openssl-1.1.1v/NEWS
|
||||
@@ -10,6 +10,9 @@
|
||||
o Fix excessive time spent checking DH q parameter value (CVE-2023-3817)
|
||||
o Fix DH_check() excessive time with over sized modulus (CVE-2023-3446)
|
||||
|
||||
+ IMPORTANT: For compatibility with OpenSSL 3.0, the OpenSSL master
|
||||
+ configuration file openssl.cnf has been renamed to openssl-1_1.cnf.
|
||||
@ -116,8 +126,10 @@
|
||||
Major changes between OpenSSL 1.1.1t and OpenSSL 1.1.1u [30 May 2023]
|
||||
|
||||
o Mitigate for very slow `OBJ_obj2txt()` performance with gigantic
|
||||
--- a/VMS/openssl_utils.com.in
|
||||
+++ b/VMS/openssl_utils.com.in
|
||||
Index: openssl-1.1.1v/VMS/openssl_utils.com.in
|
||||
===================================================================
|
||||
--- openssl-1.1.1v.orig/VMS/openssl_utils.com.in
|
||||
+++ openssl-1.1.1v/VMS/openssl_utils.com.in
|
||||
@@ -8,7 +8,7 @@ $ OPENSSL :== $OSSL$EXE:OPENSSL'v'
|
||||
$
|
||||
$ IF F$TYPE(PERL) .EQS. "STRING"
|
||||
@ -127,8 +139,10 @@
|
||||
$ ELSE
|
||||
$ WRITE SYS$ERROR "NOTE: no perl => no C_REHASH"
|
||||
$ ENDIF
|
||||
--- a/apps/CA.pl.in
|
||||
+++ b/apps/CA.pl.in
|
||||
Index: openssl-1.1.1v/apps/CA.pl.in
|
||||
===================================================================
|
||||
--- openssl-1.1.1v.orig/apps/CA.pl.in
|
||||
+++ openssl-1.1.1v/apps/CA.pl.in
|
||||
@@ -113,10 +113,10 @@ sub run
|
||||
|
||||
|
||||
@ -144,8 +158,10 @@
|
||||
exit 0;
|
||||
}
|
||||
if ($WHAT eq '-newcert' ) {
|
||||
--- a/apps/build.info
|
||||
+++ b/apps/build.info
|
||||
Index: openssl-1.1.1v/apps/build.info
|
||||
===================================================================
|
||||
--- openssl-1.1.1v.orig/apps/build.info
|
||||
+++ openssl-1.1.1v/apps/build.info
|
||||
@@ -73,7 +73,7 @@ IF[{- !$disabled{apps} -}]
|
||||
GENERATE[progs.h]=progs.pl $(APPS_OPENSSL)
|
||||
DEPEND[progs.h]=../configdata.pm
|
||||
@ -157,8 +173,10 @@
|
||||
+ SOURCE[CA-1_1.pl]=CA.pl.in
|
||||
+ SOURCE[tsget-1_1.pl]=tsget.in
|
||||
ENDIF
|
||||
--- a/apps/tsget.in
|
||||
+++ b/apps/tsget.in
|
||||
Index: openssl-1.1.1v/apps/tsget.in
|
||||
===================================================================
|
||||
--- openssl-1.1.1v.orig/apps/tsget.in
|
||||
+++ openssl-1.1.1v/apps/tsget.in
|
||||
@@ -47,7 +47,7 @@ sub create_curl {
|
||||
$curl->setopt(CURLOPT_VERBOSE, 1) if $options{d};
|
||||
$curl->setopt(CURLOPT_FAILONERROR, 1);
|
||||
@ -168,8 +186,10 @@
|
||||
|
||||
# Options for POST method.
|
||||
$curl->setopt(CURLOPT_UPLOAD, 1);
|
||||
--- a/doc/HOWTO/certificates.txt
|
||||
+++ b/doc/HOWTO/certificates.txt
|
||||
Index: openssl-1.1.1v/doc/HOWTO/certificates.txt
|
||||
===================================================================
|
||||
--- openssl-1.1.1v.orig/doc/HOWTO/certificates.txt
|
||||
+++ openssl-1.1.1v/doc/HOWTO/certificates.txt
|
||||
@@ -16,7 +16,7 @@ Certificate authorities should read http
|
||||
In all the cases shown below, the standard configuration file, as
|
||||
compiled into openssl, will be used. You may find it in /etc/,
|
||||
@ -179,8 +199,10 @@
|
||||
You can specify a different configuration file using the
|
||||
'-config {file}' argument with the commands shown below.
|
||||
|
||||
--- a/doc/man1/CA.pl.pod
|
||||
+++ b/doc/man1/CA.pl.pod
|
||||
Index: openssl-1.1.1v/doc/man1/CA.pl.pod
|
||||
===================================================================
|
||||
--- openssl-1.1.1v.orig/doc/man1/CA.pl.pod
|
||||
+++ openssl-1.1.1v/doc/man1/CA.pl.pod
|
||||
@@ -2,16 +2,16 @@
|
||||
|
||||
=head1 NAME
|
||||
@ -283,8 +305,10 @@
|
||||
|
||||
can be used and the B<OPENSSL_CONF> environment variable changed to point to
|
||||
the correct path of the configuration file.
|
||||
--- a/doc/man1/ca.pod
|
||||
+++ b/doc/man1/ca.pod
|
||||
Index: openssl-1.1.1v/doc/man1/ca.pod
|
||||
===================================================================
|
||||
--- openssl-1.1.1v.orig/doc/man1/ca.pod
|
||||
+++ openssl-1.1.1v/doc/man1/ca.pod
|
||||
@@ -698,7 +698,7 @@ the database has to be kept in memory.
|
||||
The B<ca> command really needs rewriting or the required functionality
|
||||
exposed at either a command or interface level so a more friendly utility
|
||||
@ -303,8 +327,10 @@
|
||||
L<config(5)>, L<x509v3_config(5)>
|
||||
|
||||
=head1 COPYRIGHT
|
||||
--- a/doc/man1/rehash.pod
|
||||
+++ b/doc/man1/rehash.pod
|
||||
Index: openssl-1.1.1v/doc/man1/rehash.pod
|
||||
===================================================================
|
||||
--- openssl-1.1.1v.orig/doc/man1/rehash.pod
|
||||
+++ openssl-1.1.1v/doc/man1/rehash.pod
|
||||
@@ -6,7 +6,7 @@ Original text by James Westby, contribut
|
||||
=head1 NAME
|
||||
|
||||
@ -340,8 +366,10 @@
|
||||
uses the B<openssl> program to compute the hashes and
|
||||
fingerprints. If not found in the user's B<PATH>, then set the
|
||||
B<OPENSSL> environment variable to the full pathname.
|
||||
--- a/doc/man1/tsget.pod
|
||||
+++ b/doc/man1/tsget.pod
|
||||
Index: openssl-1.1.1v/doc/man1/tsget.pod
|
||||
===================================================================
|
||||
--- openssl-1.1.1v.orig/doc/man1/tsget.pod
|
||||
+++ openssl-1.1.1v/doc/man1/tsget.pod
|
||||
@@ -35,7 +35,7 @@ line.
|
||||
The tool sends the following HTTP request for each timestamp request:
|
||||
|
||||
@ -360,8 +388,10 @@
|
||||
OpenSSL utility. Either option B<-C> or option B<-P> must be given in case of
|
||||
HTTPS. (Optional)
|
||||
|
||||
--- a/doc/man1/verify.pod
|
||||
+++ b/doc/man1/verify.pod
|
||||
Index: openssl-1.1.1v/doc/man1/verify.pod
|
||||
===================================================================
|
||||
--- openssl-1.1.1v.orig/doc/man1/verify.pod
|
||||
+++ openssl-1.1.1v/doc/man1/verify.pod
|
||||
@@ -75,7 +75,7 @@ The file should contain one or more cert
|
||||
A directory of trusted certificates. The certificates should have names
|
||||
of the form: hash.0 or have symbolic links to them of this
|
||||
@ -371,8 +401,10 @@
|
||||
create symbolic links to a directory of certificates.
|
||||
|
||||
=item B<-no-CAfile>
|
||||
--- a/doc/man1/x509.pod
|
||||
+++ b/doc/man1/x509.pod
|
||||
Index: openssl-1.1.1v/doc/man1/x509.pod
|
||||
===================================================================
|
||||
--- openssl-1.1.1v.orig/doc/man1/x509.pod
|
||||
+++ openssl-1.1.1v/doc/man1/x509.pod
|
||||
@@ -932,7 +932,7 @@ The hash algorithm used in the B<-subjec
|
||||
before OpenSSL 1.0.0 was based on the deprecated MD5 algorithm and the encoding
|
||||
of the distinguished name. In OpenSSL 1.0.0 and later it is based on a
|
||||
@ -382,8 +414,10 @@
|
||||
|
||||
=head1 COPYRIGHT
|
||||
|
||||
--- a/doc/man3/OPENSSL_config.pod
|
||||
+++ b/doc/man3/OPENSSL_config.pod
|
||||
Index: openssl-1.1.1v/doc/man3/OPENSSL_config.pod
|
||||
===================================================================
|
||||
--- openssl-1.1.1v.orig/doc/man3/OPENSSL_config.pod
|
||||
+++ openssl-1.1.1v/doc/man3/OPENSSL_config.pod
|
||||
@@ -15,7 +15,7 @@ OPENSSL_config, OPENSSL_no_config - simp
|
||||
|
||||
=head1 DESCRIPTION
|
||||
@ -393,8 +427,10 @@
|
||||
reads from the application section B<appname>. If B<appname> is NULL then
|
||||
the default section, B<openssl_conf>, will be used.
|
||||
Errors are silently ignored.
|
||||
--- a/doc/man3/SSL_CTX_load_verify_locations.pod
|
||||
+++ b/doc/man3/SSL_CTX_load_verify_locations.pod
|
||||
Index: openssl-1.1.1v/doc/man3/SSL_CTX_load_verify_locations.pod
|
||||
===================================================================
|
||||
--- openssl-1.1.1v.orig/doc/man3/SSL_CTX_load_verify_locations.pod
|
||||
+++ openssl-1.1.1v/doc/man3/SSL_CTX_load_verify_locations.pod
|
||||
@@ -63,7 +63,7 @@ If more than one CA certificate with the
|
||||
extension must be different (e.g. 9d66eef0.0, 9d66eef0.1 etc). The search
|
||||
is performed in the ordering of the extension number, regardless of other
|
||||
@ -413,8 +449,10 @@
|
||||
|
||||
=head1 SEE ALSO
|
||||
|
||||
--- a/doc/man5/config.pod
|
||||
+++ b/doc/man5/config.pod
|
||||
Index: openssl-1.1.1v/doc/man5/config.pod
|
||||
===================================================================
|
||||
--- openssl-1.1.1v.orig/doc/man5/config.pod
|
||||
+++ openssl-1.1.1v/doc/man5/config.pod
|
||||
@@ -7,7 +7,7 @@ config - OpenSSL CONF library configurat
|
||||
=head1 DESCRIPTION
|
||||
|
||||
@ -424,8 +462,10 @@
|
||||
and in a few other places like B<SPKAC> files and certificate extension
|
||||
files for the B<x509> utility. OpenSSL applications can also use the
|
||||
CONF library for their own purposes.
|
||||
--- a/include/internal/cryptlib.h
|
||||
+++ b/include/internal/cryptlib.h
|
||||
Index: openssl-1.1.1v/include/internal/cryptlib.h
|
||||
===================================================================
|
||||
--- openssl-1.1.1v.orig/include/internal/cryptlib.h
|
||||
+++ openssl-1.1.1v/include/internal/cryptlib.h
|
||||
@@ -51,7 +51,7 @@ typedef struct app_mem_info_st APP_INFO;
|
||||
typedef struct mem_st MEM;
|
||||
DEFINE_LHASH_OF(MEM);
|
||||
@ -435,8 +475,10 @@
|
||||
|
||||
# ifndef OPENSSL_SYS_VMS
|
||||
# define X509_CERT_AREA OPENSSLDIR
|
||||
--- a/test/recipes/80-test_ca.t
|
||||
+++ b/test/recipes/80-test_ca.t
|
||||
Index: openssl-1.1.1v/test/recipes/80-test_ca.t
|
||||
===================================================================
|
||||
--- openssl-1.1.1v.orig/test/recipes/80-test_ca.t
|
||||
+++ openssl-1.1.1v/test/recipes/80-test_ca.t
|
||||
@@ -27,27 +27,27 @@ plan tests => 5;
|
||||
SKIP: {
|
||||
$ENV{OPENSSL_CONFIG} = '-config "'.srctop_file("test", "CAss.cnf").'"';
|
||||
@ -470,8 +512,10 @@
|
||||
'creating new pre-certificate');
|
||||
}
|
||||
|
||||
--- a/tools/build.info
|
||||
+++ b/tools/build.info
|
||||
Index: openssl-1.1.1v/tools/build.info
|
||||
===================================================================
|
||||
--- openssl-1.1.1v.orig/tools/build.info
|
||||
+++ openssl-1.1.1v/tools/build.info
|
||||
@@ -1,5 +1,5 @@
|
||||
{- our $c_rehash_name =
|
||||
- $config{target} =~ /^(VC|vms)-/ ? "c_rehash.pl" : "c_rehash";
|
||||
@ -479,8 +523,10 @@
|
||||
"" -}
|
||||
IF[{- !$disabled{apps} -}]
|
||||
SCRIPTS={- $c_rehash_name -}
|
||||
--- a/tools/c_rehash.in
|
||||
+++ b/tools/c_rehash.in
|
||||
Index: openssl-1.1.1v/tools/c_rehash.in
|
||||
===================================================================
|
||||
--- openssl-1.1.1v.orig/tools/c_rehash.in
|
||||
+++ openssl-1.1.1v/tools/c_rehash.in
|
||||
@@ -8,7 +8,7 @@
|
||||
# in the file LICENSE in the source distribution or at
|
||||
# https://www.openssl.org/source/license.html
|
||||
|
@ -1,3 +1,42 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 1 16:12:36 UTC 2023 - Pedro Monreal <pmonreal@suse.com>
|
||||
|
||||
- Update to 1.1.1v:
|
||||
* Fix excessive time spent checking DH q parameter value
|
||||
(bsc#1213853, CVE-2023-3817). The function DH_check() performs
|
||||
various checks on DH parameters. After fixing CVE-2023-3446 it
|
||||
was discovered that a large q parameter value can also trigger
|
||||
an overly long computation during some of these checks. A
|
||||
correct q value, if present, cannot be larger than the modulus
|
||||
p parameter, thus it is unnecessary to perform these checks if
|
||||
q is larger than p. If DH_check() is called with such q parameter
|
||||
value, DH_CHECK_INVALID_Q_VALUE return flag is set and the
|
||||
computationally intensive checks are skipped.
|
||||
* Fix DH_check() excessive time with over sized modulus
|
||||
(bsc#1213487, CVE-2023-3446). The function DH_check() performs
|
||||
various checks on DH parameters. One of those checks confirms
|
||||
that the modulus ("p" parameter) is not too large. Trying to use
|
||||
a very large modulus is slow and OpenSSL will not normally use
|
||||
a modulus which is over 10,000 bits in length. However the
|
||||
DH_check() function checks numerous aspects of the key or
|
||||
parameters that have been supplied. Some of those checks use the
|
||||
supplied modulus value even if it has already been found to be
|
||||
too large. A new limit has been added to DH_check of 32,768 bits.
|
||||
Supplying a key/parameters with a modulus over this size will
|
||||
simply cause DH_check() to fail.
|
||||
* Update openssl.keyring with the OTC members that sign releases
|
||||
* Rebase openssl-1_1-openssl-config.patch
|
||||
* Remove security patches fixed upstream:
|
||||
- openssl-CVE-2023-3446.patch
|
||||
- openssl-CVE-2023-3446-test.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jul 24 12:40:38 UTC 2023 - Otto Hollmann <otto.hollmann@suse.com>
|
||||
|
||||
- Dont pass zero length input to EVP_Cipher because assembler
|
||||
optimized AES cannot handle zero size. [bsc#1213517]
|
||||
* Add openssl-dont-pass-zero-length-input-to-EVP_Cipher.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jul 20 07:48:20 UTC 2023 - Pedro Monreal <pmonreal@suse.com>
|
||||
|
||||
|
@ -41,7 +41,7 @@
|
||||
%define _rname openssl
|
||||
Name: openssl-1_1
|
||||
# Don't forget to update the version in the "openssl" meta-package!
|
||||
Version: 1.1.1u
|
||||
Version: 1.1.1v
|
||||
Release: 0
|
||||
Summary: Secure Sockets and Transport Layer Security
|
||||
License: OpenSSL
|
||||
@ -132,9 +132,8 @@ Patch78: openssl-1_1-Fixed-conditional-statement-testing-64-and-256-bytes
|
||||
Patch79: openssl-1_1-Fix-AES-GCM-on-Power-8-CPUs.patch
|
||||
#PATCH-FIX-OPENSUSE bsc#1205042 Set OpenSSL 3.0 as the default openssl
|
||||
Patch80: openssl-1_1-openssl-config.patch
|
||||
# PATCH-FIX-UPSTREAM: bsc#1213487 CVE-2023-3446 DH_check() excessive time with over sized modulus
|
||||
Patch81: openssl-CVE-2023-3446.patch
|
||||
Patch82: openssl-CVE-2023-3446-test.patch
|
||||
# PATCH-FIX-SUSE bsc#1213517 Dont pass zero length input to EVP_Cipher
|
||||
Patch81: openssl-dont-pass-zero-length-input-to-EVP_Cipher.patch
|
||||
BuildRequires: pkgconfig
|
||||
BuildRequires: pkgconfig(zlib)
|
||||
Provides: ssl
|
||||
|
@ -1,58 +0,0 @@
|
||||
From e9ddae17e302a7e6a0daf00f25efed7c70f114d4 Mon Sep 17 00:00:00 2001
|
||||
From: Matt Caswell <matt@openssl.org>
|
||||
Date: Fri, 7 Jul 2023 14:39:48 +0100
|
||||
Subject: [PATCH] Add a test for CVE-2023-3446
|
||||
|
||||
Confirm that the only errors DH_check() finds with DH parameters with an
|
||||
excessively long modulus is that the modulus is too large. We should not
|
||||
be performing time consuming checks using that modulus.
|
||||
|
||||
Reviewed-by: Paul Dale <pauli@openssl.org>
|
||||
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
|
||||
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
|
||||
Reviewed-by: Tomas Mraz <tomas@openssl.org>
|
||||
(Merged from https://github.com/openssl/openssl/pull/21452)
|
||||
---
|
||||
test/dhtest.c | 15 +++++++++++++--
|
||||
1 file changed, 13 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/test/dhtest.c b/test/dhtest.c
|
||||
index 9d5609b943ab..00b3c471015d 100644
|
||||
--- a/test/dhtest.c
|
||||
+++ b/test/dhtest.c
|
||||
@@ -63,7 +63,7 @@ static int dh_test(void)
|
||||
|| !TEST_true(DH_set0_pqg(dh, p, q, g)))
|
||||
goto err1;
|
||||
|
||||
- if (!DH_check(dh, &i))
|
||||
+ if (!TEST_true(DH_check(dh, &i)))
|
||||
goto err2;
|
||||
if (!TEST_false(i & DH_CHECK_P_NOT_PRIME)
|
||||
|| !TEST_false(i & DH_CHECK_P_NOT_SAFE_PRIME)
|
||||
@@ -123,6 +123,17 @@ static int dh_test(void)
|
||||
/* check whether the public key was calculated correctly */
|
||||
TEST_uint_eq(BN_get_word(pub_key2), 3331L);
|
||||
|
||||
+ /* Modulus of size: dh check max modulus bits + 1 */
|
||||
+ if (!TEST_true(BN_set_word(p, 1))
|
||||
+ || !TEST_true(BN_lshift(p, p, OPENSSL_DH_CHECK_MAX_MODULUS_BITS)))
|
||||
+ goto err3;
|
||||
+
|
||||
+ /*
|
||||
+ * We expect no checks at all for an excessively large modulus
|
||||
+ */
|
||||
+ if (!TEST_false(DH_check(dh, &i)))
|
||||
+ goto err3;
|
||||
+
|
||||
/*
|
||||
* II) key generation
|
||||
*/
|
||||
@@ -137,7 +148,7 @@ static int dh_test(void)
|
||||
goto err3;
|
||||
|
||||
/* ... and check whether it is valid */
|
||||
- if (!DH_check(a, &i))
|
||||
+ if (!TEST_true(DH_check(a, &i)))
|
||||
goto err3;
|
||||
if (!TEST_false(i & DH_CHECK_P_NOT_PRIME)
|
||||
|| !TEST_false(i & DH_CHECK_P_NOT_SAFE_PRIME)
|
@ -1,105 +0,0 @@
|
||||
From 8780a896543a654e757db1b9396383f9d8095528 Mon Sep 17 00:00:00 2001
|
||||
From: Matt Caswell <matt@openssl.org>
|
||||
Date: Thu, 6 Jul 2023 16:36:35 +0100
|
||||
Subject: [PATCH] Fix DH_check() excessive time with over sized modulus
|
||||
|
||||
The DH_check() function checks numerous aspects of the key or parameters
|
||||
that have been supplied. Some of those checks use the supplied modulus
|
||||
value even if it is excessively large.
|
||||
|
||||
There is already a maximum DH modulus size (10,000 bits) over which
|
||||
OpenSSL will not generate or derive keys. DH_check() will however still
|
||||
perform various tests for validity on such a large modulus. We introduce a
|
||||
new maximum (32,768) over which DH_check() will just fail.
|
||||
|
||||
An application that calls DH_check() and supplies a key or parameters
|
||||
obtained from an untrusted source could be vulnerable to a Denial of
|
||||
Service attack.
|
||||
|
||||
The function DH_check() is itself called by a number of other OpenSSL
|
||||
functions. An application calling any of those other functions may
|
||||
similarly be affected. The other functions affected by this are
|
||||
DH_check_ex() and EVP_PKEY_param_check().
|
||||
|
||||
CVE-2023-3446
|
||||
|
||||
Reviewed-by: Paul Dale <pauli@openssl.org>
|
||||
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
|
||||
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
|
||||
Reviewed-by: Tomas Mraz <tomas@openssl.org>
|
||||
(Merged from https://github.com/openssl/openssl/pull/21452)
|
||||
---
|
||||
crypto/dh/dh_check.c | 6 ++++++
|
||||
crypto/dh/dh_err.c | 3 ++-
|
||||
crypto/err/openssl.txt | 3 ++-
|
||||
include/openssl/dh.h | 3 +++
|
||||
include/openssl/dherr.h | 3 ++-
|
||||
5 files changed, 15 insertions(+), 3 deletions(-)
|
||||
|
||||
Index: openssl-1.1.1u/crypto/dh/dh_check.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1u.orig/crypto/dh/dh_check.c
|
||||
+++ openssl-1.1.1u/crypto/dh/dh_check.c
|
||||
@@ -101,6 +101,12 @@ int DH_check(const DH *dh, int *ret)
|
||||
BN_CTX *ctx = NULL;
|
||||
BIGNUM *t1 = NULL, *t2 = NULL;
|
||||
|
||||
+ /* Don't do any checks at all with an excessively large modulus */
|
||||
+ if (BN_num_bits(dh->p) > OPENSSL_DH_CHECK_MAX_MODULUS_BITS) {
|
||||
+ DHerr(DH_F_DH_CHECK, DH_R_MODULUS_TOO_LARGE);
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
if (!DH_check_params(dh, ret))
|
||||
return 0;
|
||||
|
||||
Index: openssl-1.1.1u/crypto/dh/dh_err.c
|
||||
===================================================================
|
||||
--- openssl-1.1.1u.orig/crypto/dh/dh_err.c
|
||||
+++ openssl-1.1.1u/crypto/dh/dh_err.c
|
||||
@@ -18,6 +18,7 @@ static const ERR_STRING_DATA DH_str_func
|
||||
{ERR_PACK(ERR_LIB_DH, DH_F_DHPARAMS_PRINT_FP, 0), "DHparams_print_fp"},
|
||||
{ERR_PACK(ERR_LIB_DH, DH_F_DH_BUILTIN_GENPARAMS, 0),
|
||||
"dh_builtin_genparams"},
|
||||
+ {ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK, 0), "DH_check"},
|
||||
{ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK_EX, 0), "DH_check_ex"},
|
||||
{ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK_PARAMS_EX, 0), "DH_check_params_ex"},
|
||||
{ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK_PUB_KEY_EX, 0), "DH_check_pub_key_ex"},
|
||||
Index: openssl-1.1.1u/crypto/err/openssl.txt
|
||||
===================================================================
|
||||
--- openssl-1.1.1u.orig/crypto/err/openssl.txt
|
||||
+++ openssl-1.1.1u/crypto/err/openssl.txt
|
||||
@@ -401,6 +401,7 @@ CT_F_SCT_SET_VERSION:104:SCT_set_version
|
||||
DH_F_COMPUTE_KEY:102:compute_key
|
||||
DH_F_DHPARAMS_PRINT_FP:101:DHparams_print_fp
|
||||
DH_F_DH_BUILTIN_GENPARAMS:106:dh_builtin_genparams
|
||||
+DH_F_DH_CHECK:126:DH_check
|
||||
DH_F_DH_CHECK_EX:121:DH_check_ex
|
||||
DH_F_DH_CHECK_PARAMS_EX:122:DH_check_params_ex
|
||||
DH_F_DH_CHECK_PUB_KEY_EX:123:DH_check_pub_key_ex
|
||||
Index: openssl-1.1.1u/include/openssl/dh.h
|
||||
===================================================================
|
||||
--- openssl-1.1.1u.orig/include/openssl/dh.h
|
||||
+++ openssl-1.1.1u/include/openssl/dh.h
|
||||
@@ -29,6 +29,9 @@ extern "C" {
|
||||
# ifndef OPENSSL_DH_MAX_MODULUS_BITS
|
||||
# define OPENSSL_DH_MAX_MODULUS_BITS 10000
|
||||
# endif
|
||||
+# ifndef OPENSSL_DH_CHECK_MAX_MODULUS_BITS
|
||||
+# define OPENSSL_DH_CHECK_MAX_MODULUS_BITS 32768
|
||||
+# endif
|
||||
|
||||
# define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024
|
||||
# define OPENSSL_DH_FIPS_MIN_MODULUS_BITS_GEN 2048
|
||||
Index: openssl-1.1.1u/include/openssl/dherr.h
|
||||
===================================================================
|
||||
--- openssl-1.1.1u.orig/include/openssl/dherr.h
|
||||
+++ openssl-1.1.1u/include/openssl/dherr.h
|
||||
@@ -30,6 +30,7 @@ int ERR_load_DH_strings(void);
|
||||
# define DH_F_COMPUTE_KEY 102
|
||||
# define DH_F_DHPARAMS_PRINT_FP 101
|
||||
# define DH_F_DH_BUILTIN_GENPARAMS 106
|
||||
+# define DH_F_DH_CHECK 126
|
||||
# define DH_F_DH_CHECK_EX 121
|
||||
# define DH_F_DH_CHECK_PARAMS_EX 122
|
||||
# define DH_F_DH_CHECK_PUB_KEY_EX 123
|
16
openssl-dont-pass-zero-length-input-to-EVP_Cipher.patch
Normal file
16
openssl-dont-pass-zero-length-input-to-EVP_Cipher.patch
Normal file
@ -0,0 +1,16 @@
|
||||
---
|
||||
crypto/evp/e_aes.c | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
--- a/crypto/evp/e_aes.c
|
||||
+++ b/crypto/evp/e_aes.c
|
||||
@@ -2742,6 +2742,9 @@ static int aes_cbc_cipher(EVP_CIPHER_CTX
|
||||
{
|
||||
EVP_AES_KEY *dat = EVP_C_DATA(EVP_AES_KEY,ctx);
|
||||
|
||||
+ if (!len)
|
||||
+ return 1;
|
||||
+
|
||||
if (dat->stream.cbc)
|
||||
(*dat->stream.cbc) (in, out, len, &dat->ks,
|
||||
EVP_CIPHER_CTX_iv_noconst(ctx),
|
208
openssl.keyring
208
openssl.keyring
@ -1,10 +1,102 @@
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Comment: 8657 ABB2 60F0 56B1 E519 0839 D9C4 D26D 0E60 4491
|
||||
Comment: Matt Caswell <matt@openssl.org>
|
||||
Comment: Matt Caswell <frodo@baggins.org>
|
||||
|
||||
mQENBFGALsIBCADBkh6zfxbewW2KJjaMaishSrpxuiVaUyvWgpe6Moae7JNCW8ay
|
||||
hJbwAtsQ69SGA4gUkyrR6PBvDMVYEiYqZwXB/3IErStESjcu+gkbmsa0XcwHpkE3
|
||||
iN7I8aU66yMt710nGEmcrR5E4u4NuNoHtnOBKEh+RCLGp5mo6hwbUYUzG3eUI/zi
|
||||
2hLApPpaATXnD3ZkhgtHV3ln3Z16nUWQAdIVToxYhvVno2EQsqe8Q3ifl2Uf0Ypa
|
||||
N19BDBrxM3WPOAKbJk0Ab1bjgEadavrFBCOl9CrbThewRGmkOdxJWaVkERXMShlz
|
||||
UzjJvKOUEUGOxJCmnfQimPQoCdQyVFLgHfRFABEBAAG0H01hdHQgQ2Fzd2VsbCA8
|
||||
bWF0dEBvcGVuc3NsLm9yZz6JATgEEwECACIFAlPevrwCGwMGCwkIBwMCBhUIAgkK
|
||||
CwQWAgMBAh4BAheAAAoJENnE0m0OYESRoD0H/1lEJXfr66rdvskyOi0zU0ARvUXH
|
||||
jbmmYkZ7ETkdXh7Va/Tjn81T3pwmr3F4IcLGNLDz4Eg67xbq/T8rrsEPOx5nV/mR
|
||||
nUT97UmsQuLnR2wLGbRBu24FKM7oX3KQvgIdJWdxHHJsjpGCViE1mIFARAzlN+6p
|
||||
3tPbnQzANjRy7i/PYU/niGdqVcMhcnZCX5F7YH6w6t0ZmYH3m1QeREnWqfxu7eyH
|
||||
sIvebMgKTI/bMG8Z7KlLZha9HwrFXQAPIST6sfc1blKJ9INUDM9iK6DR/ulkw7e0
|
||||
hmHLqjWqYs5PzyXeoNnsPXJt69wiADYqj4KNDIdNp1RoF9qfb1nE+DM6rga0IE1h
|
||||
dHQgQ2Fzd2VsbCA8ZnJvZG9AYmFnZ2lucy5vcmc+iQE4BBMBAgAiBQJRgC7CAhsD
|
||||
BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRDZxNJtDmBEkWP+B/0SsWSeLGo+
|
||||
viob8935Uirei4FvnzGOUV1w/dgDLSzavmysVxb4q9psp1vj1KEtm18vzZO79AeA
|
||||
RGwWTQYGmFmrNRWZ2DgbjGyJ4LS5kLBqQ9FaF7vUFtml6R04yx+RTgQTg601XsAj
|
||||
eU8uSarmeZgGVMAInsdMrUc74lJeWKSnovr4IFOdgiU/env19tK355bsfTvb0ksE
|
||||
5Q7wnnoRXdLyNet0AWf4ednWDEnRb6cIVDF28URjxH6yIfqAVe7VnuDB4Sfuck4R
|
||||
4gYFS/xGfTgocPUDZ4rUz8wleGLwDIiU7GpilmtZTl1FTPkFa/mqbcJgdVTJqLZO
|
||||
5vISJkZvqE5UuQENBFGALsIBCADPZ1CQBKbFQWMCvdjz/TJaNf3rV6eiYASOvLDg
|
||||
icU8Mwa208yJXr1UF6lvc3Tgw+jmynIBjbhvhujcJ+eD+jHEaXdncaK/WAPsmiNM
|
||||
k+glZ4cbF48HP77kOLQQC+rX7jAF0VSHhFZNtnCpOByQevCJlwgkXckYvRyBOYk6
|
||||
2R7BwuLIwLIq4ZXNKPIVN4KpCodhIcGuvlPJczcdOoaBRGcSFUbXqM9Y8whyJhex
|
||||
F87RHAyGpjvLnJFSgLimyYBRpFN25LzYFpXPD4MeLUVDSRgtSxOJ2KmkhMHntUqQ
|
||||
P1XsIgzm4/ez6Mwkxc0QlAQp0r2gJU56QPdE5zgx+2q/i+WhABEBAAGJAR8EGAEC
|
||||
AAkFAlGALsICGwwACgkQ2cTSbQ5gRJELNgf/elwfYchaV/24buNWDa+50gOuXQ4v
|
||||
Xfj5DKry6aYnJBt1UeMV1ssMxCU8OltgzTMhTupjrXV1oDXYAxexymWLxwa+qcrb
|
||||
SwDD+wX1gb1O2GOfbiplEnOb5dDc7Gkm8eTw0kBJEiAiyPv4SMLhFzm+me4Dq1+x
|
||||
dbsvN05hxTjow9pi5eYrFMxYWi1ZNH2UmPpgoIN/4p28G/IN9fdWG5Ni315p3WhL
|
||||
HRMzC609IOsCIJsm8+lHVblT30jxpctFVlQBtbDTzgqQLiaTVevlca3VYgMd70D2
|
||||
8d186gxUtSEpZ3dKkv+0V8DLhQ6VR/wQ780HKIpFp6UWP5aDxpEoOEwe2g==
|
||||
=Z0q9
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Comment: B7C1 C143 60F3 53A3 6862 E4D5 231C 84CD DCC6 9C45
|
||||
Comment: Paul Dale <pauli@openssl.org>
|
||||
|
||||
mQINBGApr7sBEACoyczHMNgWiVg4jMjtdkb5j7csKPdFx8B7FJNMFrL/Z/I1BjwM
|
||||
TQ7fxKvDN6z3mjAMKhU+wCL9vUSSMUtyze/fox09n84jYDwN3n37ozkrhcDB01ia
|
||||
iKCCeRNEW6meTs3/aJPGCznIOk/kMHlnZnQPcSphIexo/ZUyB59h6smz2LvoTZg0
|
||||
aeZeJwe0cfaVnWYA1a9wr+QJDQwRkEqdy772cM03Phs/sRWd4+nBqP1XxWlX30Yj
|
||||
VGjDsY3gH9AAy4oUnb7tOmk5S9FIKuMdkkWeU0Abm8/36OfZyMFbZDAMbO8i3un4
|
||||
eIQOg5tjynSXYel3nlJ/fwoSHefPgavCkBdknk842LM9xr22t+IKmy99uW7FDqvj
|
||||
wbPoMg6z2Jarl0Fqu3GhIjCmKMe6TBfkYwB4fp5KtzRwrSjDo16vkMoM69mXqA7w
|
||||
f1JV+BKvE6QTePNt8ix4ib5c6mPOrFnYG1X3tkNOc4/q6KcGbvS1xMax12q2/zSZ
|
||||
PmoJvzWTrSF8lQDZKjMnXnhrZMY8h7lu/QE4DQ1M9U1PFdf6vwLrNaHHfi/rWKTe
|
||||
fsrGp2TIqU4lm45p0fDroYqDML+gp8RMUZBU8M4wGwhludEiCoOFjXu2ECvvgrB7
|
||||
JHrh+FtMuuRPx4q2eRO75NepDfZqmp48PIqkt2b3VjisNceB70uYiUQ2eQARAQAB
|
||||
tB1QYXVsIERhbGUgPHBhdWxpQG9wZW5zc2wub3JnPokCTgQTAQoAOBYhBLfBwUNg
|
||||
81OjaGLk1SMchM3cxpxFBQJgKa+7AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheA
|
||||
AAoJECMchM3cxpxFa0YQAIAnnNek3+UXZL/u4R6hs/lJopC9p/MFbCnL0b1zZnbz
|
||||
Kbbva10PA3PEv+szhylDKeDIbDKF1yEjI4BTNCLS8sLKEZWSLTMW1MZhmxWm5TdF
|
||||
ebhoj6Tjjfxme4ETyk3+v3hC3Ylm0jiqHHErutRAPIW1VDFQVxKZPasv1yj3YNiB
|
||||
SktTSH1MjZZtlDYjp9z3VTczvrO3BBJJSxQ5CY749pEwtjwdLTqOVtoJL8thZ3J9
|
||||
jSnSDsgFVp/pPNVxxV98Yd89JqM34MvOuD3jYSOEtMUCJgMFXNZ/c2+BpWrX+ssP
|
||||
qrY9vBrq7o91K+OQHbb4Z1pjK/dzDq183E32uTOYbco7ga/JqE7c997zY0fgQsIz
|
||||
hdEveC4oMydzwHQ9WzHUYR7AtTgF9kKsTHy8H6ye3uaJMIMSEdAvI4mxG/k/zG/Q
|
||||
KrIt1nUJh/M7uu2IT9fM+AoR+2VV1u1vimxpCpOXpTB4mTIR5YfiaRfXnHm55iq/
|
||||
odxVj/yVqFUcujy+YC9SAoKRGJRQV0KZur1xAOJsgwUJ1iXJZwypowkI59jpwl2q
|
||||
WCfZIS1ZrpIebiVk4ZBaHDe1v178uLO3IasZR7HLvcD7ESX8U88ng8J1nXHq+Uc7
|
||||
4j5Dc6CMTd5WYTkFvhjO33JiHncK8CLYOFsndIGXts/OEhp08N5JELHCeSuu4UIb
|
||||
uQINBGApr7sBEADNQ6w6jQNqxWxHDjJzcXclQJFPB2qlT/5eMa7QeOYiJ5DmY2VQ
|
||||
P0Mltkmrc8T/I9NfRFpaB7Z+8zE5lmjSi3N5fYWjhoZp9oP0WYfSLef4KpD7KfEE
|
||||
TaBohn8cw0Kt+nmEN904w9kpLE+WAvD0qRKnilcCUWE5Es719W8dMh/8cB6FiCI5
|
||||
8myIvV63yDV1DiNyEcKNeasIFF8n3FCd0gWPXXS9Fe7muQpIJ4Lb2p3ylqcY9UaU
|
||||
8n+LQAb1LL1kC468MU0LBhhkCnZ2BacWnJu7JrzQ1Nihk+JRyXt0QARcgsITt8+3
|
||||
rQdZDb6o6jTixClNXOJ2LGZMAI2NrQppfn3uBny06veyde9l3riwtOYwqEfETt6O
|
||||
Ndy0gOd4zelPOnfMtzwDePC0m0b5ibNsMGVYGu5bmu4XFZrk8ivcAiEg4TJHcYtU
|
||||
meONyuhmaCbcG8in0GZvUgb/YLcBpLBhFFUUd1ALBfi6cXlvFlSU0HHQoNRIAyFt
|
||||
C1DQaAOWQ9v21KSF6zFG9Qg3yHKy+xBjXjfp0IZOqN5jrmXxbfl/+LWqUHD54tmS
|
||||
iHrUf1CiW6no+4WBI9f6/+QCVLFBoStlNgoRt/OcIXmq1cTJ2pTSPl3S0+HobCEa
|
||||
llEGEDXqsGxmV2kNmxsUks/knEGFElp/XtMrhykicIdQYntMaRebljrpiwARAQAB
|
||||
iQI2BBgBCgAgFiEEt8HBQ2DzU6NoYuTVIxyEzdzGnEUFAmApr7sCGwwACgkQIxyE
|
||||
zdzGnEW2ew/+IzGVXgB34NeHnaLVDTtiUXgrNoOV4xFTS+kvZXrGC5i+mMhae9Pc
|
||||
gvAyjssJ7dVP2RJBSNkfdxrRd2D4HFcf3dn/n646HNiTinirfvoUf4VIA1jdDp9q
|
||||
ixi//tO7fsPyn35d672OA9AC3ccBgji6V9XA58REonF+ap2bE0JBJYTJZrET9Wny
|
||||
BPEjefdpORSHaXqimfHN59QV5gXEFZ4Ci1jCt9n6WEb0oo+kQTkUb8z7F9P+7ojj
|
||||
Q+4KrgtlXb9ijxCwMfGRPNInnumqyKJ0PhTVwhM1JNdi53nwVY98OGEZXWiKPFQ6
|
||||
lAGyLLXwaOSztKGSdsFPK/tpyVihwoqHjJCU5St/PVlpvRKhbtq24FfDu7YyDO2Q
|
||||
Dp2/F+QIdVnUFO2I1xeb2k+/Tx+3nfKYNui+AFaudOblrYQzPrlswJzCmmB/OTkt
|
||||
wuOqr2nvQr2JUwmSaRvdCAe8EI/HAa/ujlA87T69L4T66KwBWuBkIYZQxFtCiC+B
|
||||
mksPCYe9TBTZm2+8xk6UiSMKurwESTkDj/uUGmtGHi3cSJPSQ5x41COSEc+/yZ0k
|
||||
eQTSnnkVrB71cMr2yVe9WWiUqUoHbkwiiy9YAHkp76jHbTRsCjs8O2otioAW06Yb
|
||||
7r1iWp6twh/giBzsVJndeP5Ss/85TQfrl8x8yJjv1OQiIRrTTz6GdU0=
|
||||
=AbiA
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Comment: A21F AB74 B008 8AA3 6115 2586 B8EF 1A6B A9DA 2D5C
|
||||
Comment: Tomáš Mráz <tm@t8m.info>
|
||||
Comment: Tomáš Mráz <tomas@arleto.cz>
|
||||
Comment: Tomáš Mráz <tomas@openssl.org>
|
||||
|
||||
xsFNBGDxTCUBEACi0J1AgwXxjrAV/Gam5o4aZSVcPFBcO0bfWML5mT8ZUc3xO1cr
|
||||
mQINBGDxTCUBEACi0J1AgwXxjrAV/Gam5o4aZSVcPFBcO0bfWML5mT8ZUc3xO1cr
|
||||
55DscbkXb27OK/FSdrq1YP7+pCtSZOstNPY/7k4VzNS1o8VoMzJZ3LAiXI5WB/LH
|
||||
F8XSyzGuFEco/VT1hjTvb8EW2KlcBCR6Y22z5Wm1rVLqu7Q8b/ff1+M/kaWM6BFi
|
||||
UKqfBZdqJuDDNFRGqFr0JjCol0D1v1vollm612OARKpzuUSOERdc11utidkGihag
|
||||
@ -15,7 +107,7 @@ laOARZw7EENz3c+hdgo+C+kXostNsbiuQTQnlFFaIM7Uy029wWnlCKSEmyElW9ZB
|
||||
HnPhcihi8WbfoRdTcdfMraxCEIU1G/oVxYKfzV2koZTSkwPpqJYckyjHs7Zez5A3
|
||||
zVlAXPFEVLECEr02ESpWxFabk8itAz0oMZSn5tb3lBHs1XFqDvJaqME1unasjj06
|
||||
YUuDgKHxCWZLxo/cfJRrVxlRcsDgZ3s4PjxKkAmzUXt5yb7K3EVWDQri0wARAQAB
|
||||
zRtUb23DocWhIE1yw6F6IDx0bUB0OG0uaW5mbz7CwZQEEwEIAD4WIQSiH6t0sAiK
|
||||
tBtUb23DocWhIE1yw6F6IDx0bUB0OG0uaW5mbz6JAlQEEwEIAD4WIQSiH6t0sAiK
|
||||
o2EVJYa47xprqdotXAUCYPFMkQIbAwUJEswDAAULCQgHAgYVCgkICwIEFgIDAQIe
|
||||
AQIXgAAKCRC47xprqdotXEGoD/9CyRFM8tzcdQsQBeQewKGTGdJvPx9saDLO6EVy
|
||||
U9lEy8vLKMHnmAk+9myVBf0UHxCjVZblvXEL6U/eCINW8TBu9ZH56AMkPQgvfZkE
|
||||
@ -28,7 +120,7 @@ IMyRTU3zqJfJcXrVDslvB1mMbBGIR7gmL2HSToNvN5E2xiEamHbSOv0ze0Vw5A1M
|
||||
8S71i+jLUSenGTgjLdu52+K7SGLtyhG/kA5NpvMyCLBOYZ+4HPgbIwKLlcm5SRJ6
|
||||
z4sKLSZmU7HLMp69jXfGQqjYbJoUEHsCsLOeVMGiOVZqoZWQWcMHy9VvOA0FVx41
|
||||
xrpdDLft9ad+cM/oaiYXEWhqYRnBM5eIH0B3HOk/kmLZ6crNE+X5xG1qhoZgAurM
|
||||
MriPFc0fVG9tw6HFoSBNcsOheiA8dG9tYXNAYXJsZXRvLmN6PsLBlAQTAQgAPhYh
|
||||
MriPFbQfVG9tw6HFoSBNcsOheiA8dG9tYXNAYXJsZXRvLmN6PokCVAQTAQgAPhYh
|
||||
BKIfq3SwCIqjYRUlhrjvGmup2i1cBQJg8UxqAhsDBQkSzAMABQsJCAcCBhUKCQgL
|
||||
AgQWAgMBAh4BAheAAAoJELjvGmup2i1cessP/jG7dFv/YEIn7p47wA+q+43Korjk
|
||||
8LLpdb+YhVEpXgLK3yUNOcghs+e+UxSlS4jDV9ThpKgBEgTCn6V8vEWe5djvLVcO
|
||||
@ -41,8 +133,8 @@ Tf+W/vrfyAKVl7DgPk+n360frxmR8n7pkSpDq12s9J4eimX7aUlbhDX2XiMo/kGS
|
||||
kjtD994kD2Jf1GCqFIWPx+J88VXp5UbobOENYBGWvc5Pki541aFKkXe5mvK9n2Fm
|
||||
T3fOeBnyhT27J79UYSkOg9Zk0o7lcLKvgX3TqOwRrwMOGqyBIrHkLprIbeX5KOBI
|
||||
yvtovyTuq3piF6OcfOYuZJOcV4LnnW6Ok9sgia1WgqNyJ+FSdSl6tLabzcM6sZ1I
|
||||
8tmXB4BcoHFB9N0AzSFUb23DocWhIE1yw6F6IDx0b21hc0BvcGVuc3NsLm9yZz7C
|
||||
wZQEEwEIAD4WIQSiH6t0sAiKo2EVJYa47xprqdotXAUCYPFMJQIbAwUJEswDAAUL
|
||||
8tmXB4BcoHFB9N0AtCFUb23DocWhIE1yw6F6IDx0b21hc0BvcGVuc3NsLm9yZz6J
|
||||
AlQEEwEIAD4WIQSiH6t0sAiKo2EVJYa47xprqdotXAUCYPFMJQIbAwUJEswDAAUL
|
||||
CQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRC47xprqdotXJUfD/9qFJURXryr8/Uh
|
||||
KJIAYQawc3rgSCeMaSi60fgPhteBf9VPA5w84OKLtnZFcPcpvGpaHuRxj+mchOSo
|
||||
2HkYz7eseTsWbfguDiBNf1sA0IW6/WfIjqfGliw/ikLn/mA8GgLzgPPEiEbZH+gZ
|
||||
@ -54,7 +146,7 @@ Vi+hFt1DQ2tWMo6peu1sNDDONYKL7/NhFedJhIRoYUiQtcEuWqtTjOUn7ErkaC2y
|
||||
q8hzWgYCe2afy1sUvyDtUjuldVTNzV1ic4MPC+QZ5ZEw2uHfP2oELlK2zUlLZIpt
|
||||
Bwvgzqw5qcxj0nBHoaDTRyJXrXDWf/DsyS6Df1t8Uidoc6W3zNEhKbabvTb4gtWj
|
||||
hh/QezJNtyRSg4SZ2Zx+ExgAngFdhKUk01XytLcEqYHjOjO6ZHpP0/+E7T8yZ7sI
|
||||
w5AnBC/mkTbqp5Nsbk/spoN0Wl7PZc7BTQRg8UyoARAApiWRrHjdEu9Fp2yd7K93
|
||||
w5AnBC/mkTbqp5Nsbk/spoN0Wl7PZbkCDQRg8UyoARAApiWRrHjdEu9Fp2yd7K93
|
||||
VpttsAWGeZo6adA7kKrdB+DFwyQdQQIGF1MoxzKb3rcO2sxoU/SnY/TpxdVbSO27
|
||||
1MLUcqoEc5F+uxuXsp4Tx5s6iXY9xTwQeBi8pAUQSLlWc/yoakF4sahG+5+0NUDp
|
||||
djCEevRw2nHVbMbyzACgB0VRErhpY6gOBK7LkHwXAEXh1pN836P1s3DLLInjoM50
|
||||
@ -65,7 +157,7 @@ NA84/fhVa9/Tug8zyzRj9p5Ge7b1yMbtVy9Ret8e1xB3yOJH8rjwmd13ocNBrFYh
|
||||
D4b1+P0DScr4TburR3S4gwzawB2juIToELQGseR8nQg8k6Fk5vZ8MaYslMU2za7H
|
||||
a379C8+A9h0C2mobqtw7Gq8NzDH2H4Bgpy0Ce8ByWnRHEIrZcK4vZDTzBfW+lYJB
|
||||
HFlNc0mheV2ih6vjmz940cakzLvGF65UA69tsS8Q/3sWH2QLFTywdcEUZNgZRWnc
|
||||
nAaLOI/nw1ydegw8F+s1ALEAEQEAAcLDsgQYAQgAJhYhBKIfq3SwCIqjYRUlhrjv
|
||||
nAaLOI/nw1ydegw8F+s1ALEAEQEAAYkEcgQYAQgAJhYhBKIfq3SwCIqjYRUlhrjv
|
||||
Gmup2i1cBQJg8UyoAhsCBQkLRzUAAkAJELjvGmup2i1cwXQgBBkBCAAdFiEE3HAy
|
||||
Zir4heL0fyQ/UnRmohynnm0FAmDxTKgACgkQUnRmohynnm3v+Q/+NpYQuO+0a57+
|
||||
otwvuN3xoMsOmiingnd6u5fefi8qCjHgYJxnZQhihk4MOyiY46CxJImFKI6M13H5
|
||||
@ -89,7 +181,7 @@ DDWQCr1Tud3GZ634BowTlQRgJpGJc2s4wOMaARnhVtr/GZQhfCzOhcaHAVMBX0FE
|
||||
ce+LktihEnzEJJgc/bzTH+t3fIW8bS4c65YlwCzMCJ1oYyALlD1BlZ6whFSVUZro
|
||||
uYVu8diJ4Alf9+hcYOU/Gnbyi3bFbRGhBVz8lB3TcEeP02+gSSFD7iDi2Wt3hkmY
|
||||
YaT7k3YGM2ksXdQ25SGM1aW4drxaqAj5sZ48OXTMNT9ira3TL/o/Xp6GRhVE8iOl
|
||||
JKbGoqC+wchHmOLOwU0EYPFMJQEQAN/J6BypHYuzqwVDH8hrCQJ0s9I1fFdiu60u
|
||||
JKbGoqC+wchHmOK5Ag0EYPFMJQEQAN/J6BypHYuzqwVDH8hrCQJ0s9I1fFdiu60u
|
||||
aeLTQPeB2JVwV4t9WZsM6mVMEUZJGIobk2Y5FFzLsHtbPlSs7MXtLhlLa05iiMXq
|
||||
oZsS7EYI+GDNO6OP1j8h9On2Ik5EnK/0dWGQglSY/ryw+5ShdAjHSd4hCRvBxfX7
|
||||
FJGNrvIkIp8AxlTvNBQyuR4rluOnfS1LXFDlaTWxRAZBJdB/GyAbCqKmkfbkXZbM
|
||||
@ -100,7 +192,7 @@ PftDlv/iDqzAxAobNJzlsKQrcRmEPIOqNxi3TP+H85ekwHTdwwdPb5u8pgehpDum
|
||||
ciyHfYZ7A3eNl6RubQMIWQgQzxUbreUJkKjHwLoqkTHDafJeKI7+2nII4r3peQfE
|
||||
N0jZ5HSXHTHu4520FUBHNutvuHqCy0nQrhvoXEfD4woYk27OOwSKHu1ZdEFa6iJH
|
||||
eAW0f6pSOMkEMDRtFWv0/hVpNDbhA+jAswzD4+XYDk+xZdDONua9inO930MGI2Bs
|
||||
LQ1kotFTABEBAAHCwXwEGAEIACYWIQSiH6t0sAiKo2EVJYa47xprqdotXAUCYPFM
|
||||
LQ1kotFTABEBAAGJAjwEGAEIACYWIQSiH6t0sAiKo2EVJYa47xprqdotXAUCYPFM
|
||||
JQIbDAUJEswDAAAKCRC47xprqdotXBU2D/4vF/5FrkPz78jSl7YN77gc/sTpBGMh
|
||||
QxhZxKpf+8xE/oig9/F90BMKaFAflChiEMPc+Dj0VrCGwP2xMTVO4J7lw7bTr3RB
|
||||
uETuVq8S3XgtmTlXwoRQL91XtoGjAjhfgpXbi/DEyZ6+34QwMYr474rsKiMsBcMS
|
||||
@ -113,5 +205,101 @@ qaQzuigCRxlv8nF97SUGLDCuvqC5ejmecQBYmLCrgIiRcI+FXSVnZhUYkeBbg9sX
|
||||
Cla8mCgxF1RhH2S9z9blrLEf2r+l/8P0+IWmmaTvCbZ7kIrUsbGv7FNCubVA3UXc
|
||||
zPrDR7hQC/xNAX1RXMGNmPru9wVtgnn72UneoD/dLYY65U/ZFLNeQAnq9c3VJKQ2
|
||||
TIdjvGbJ/k4qxw==
|
||||
=fnGl
|
||||
=Ctij
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Comment: EFC0 A467 D613 CB83 C7ED 6D30 D894 E2CE 8B3D 79F5
|
||||
Comment: OpenSSL security team <openssl-security@openssl.org>
|
||||
Comment: OpenSSL OMC <openssl-omc@openssl.org>
|
||||
Comment: OpenSSL Security <openssl-security@openssl.org>
|
||||
|
||||
mQINBFQv6Z8BEACuJwJkw/Iniec6U1RzocYHBFKl1eE0WBu1vthYmcn0D/GJKvWM
|
||||
kRhx9GSlWMqj9mgSFUOsFWrpPIm3Jzh4bLweUjH5I7R0Frh39dDFh1hhwHEholBy
|
||||
yUGFTb8TppptXnzzDoNz4yUQcRP2oeG1vC/ePXPWHKgtp+0hmM3MQ3WIN+gSmpdt
|
||||
4vMIoWKKCq+E1tYcsFk9URBWWEwBw+OJ37o7TrernyxwtXwdPOjYhA4mLtnKHs+5
|
||||
QivuOvK7gNf5hggyv6fp6d2ixvJZ9CdUYFdlOwaHA97B694RcAMxaMtzUpfkiJ/Q
|
||||
2zR83QG4az6COKK38W6Kp7bLveMF6Rb4Y+gOjV4KvHKpzNAP2sNkmCIohlmoPhT9
|
||||
Ce9tWq6oK+o1MEc1Ejb1/kn9CeCloKlF8HkzhFLpqqkZ//3j73/6kuK45UVg5PbO
|
||||
3GLcyTJW4enmTUFxy0d24Bfdgu7FpH1vHIisDkON3QO4TMwCJoLWGULqpJKP7kUf
|
||||
5HCnafDroN5wF9jMVxFhmDOOdXyIeYkBVF6swwIlyq8VlYSjYWGAUtIb3rOiUNWc
|
||||
zYY6spdAN6VtKTMnXTm608yH118p+UOB5rJuKBqk3tMaiIjoyOcya4ImenX85rfK
|
||||
eCOVNtdOC/0N8McfO0eFc6fZxcy7ykZ1a7FLyqQDexpZM7OLoM5SXObX1QARAQAB
|
||||
tDRPcGVuU1NMIHNlY3VyaXR5IHRlYW0gPG9wZW5zc2wtc2VjdXJpdHlAb3BlbnNz
|
||||
bC5vcmc+iQJUBBMBCgA+AhsDBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAFiEE78Ck
|
||||
Z9YTy4PH7W0w2JTizos9efUFAmPX/PkFCRGJRs4ACgkQ2JTizos9efWXgg/+Negn
|
||||
a1HZIWs18LDktjV49a3IeKhjJV+UrTvQnFpSNXbwpnKa6iVX9PlE+3nLkIrkz6HJ
|
||||
uBl1MZElcmrqIsVCKHcrbcJSgZM4fV0AgEEm5gNfK19gbJjs1qdbtwTYccDiHwGl
|
||||
4EeTkPsOCo20QEC8jvkdHvMsvoD11c57NprQVVsOyuyz7B7LwV+6hZ2MAv6BZrNE
|
||||
XBjzqxHGKcq4iyOKTGwRAufiXdq2+kV7GVjihH41YjV08f/b7O2uAm4k/IbULtvY
|
||||
3Y/9rVvtU/Na044FQBGObH7/DbEOc8uFAH8Vy7M32rZmQet7pO8M5BrBMAaU2OAz
|
||||
ZQ5CqauGvjTJ4GXi+pBoCVafPvsGkB1W6IxnPPJZsFw9kxOKSV1Md4jh90OdaIGe
|
||||
HW4qagRaLDtDRtkFnIkbtc38HC/e30ANoNS3Enws7XSNvQ+O7HfeSsATsM/2cjL8
|
||||
c281Nv9o+xaNI4TN3KsfRswcQtnsN2cCkPZWKgTJcjpdANkX9CK7mYNS8bu6YsAV
|
||||
nRF2iAB25Vjcz/92Dd28/nPI2CkKkOMhDtnFty8B2LZ2tbfoU1DsNzg+b3ejaXLZ
|
||||
jhnZdL3b3F4iKpyzDhTpDHo4P/yxrtV8LOmHJN63oc1JljqgkU+RcxndSZ/LDHqt
|
||||
VH02VwVHMVt4no62mZj2UNT2+Ci5p+tze4Rhfl60JU9wZW5TU0wgT01DIDxvcGVu
|
||||
c3NsLW9tY0BvcGVuc3NsLm9yZz6JAlQEEwEKAD4CGwMFCwkIBwMFFQoJCAsFFgID
|
||||
AQACHgECF4AWIQTvwKRn1hPLg8ftbTDYlOLOiz159QUCY9f87QUJEYlGzgAKCRDY
|
||||
lOLOiz159XBzD/9InUdyS1hdC7f2uEbD5A+5UFUwy9hqzy8sXLrGfUMtJC3Ur+CA
|
||||
RqpHw6LC9oqFlAMhdSpIINzswLvpYqYKUllQWw0bStqWed6wuonC7nQk4fJhaWhT
|
||||
MEyVNC7gpy1FcFQYZZ/rwVxftvV6EesOIL+cM9Tg2IKvdrJsuFtmhcrEmrAVrPuO
|
||||
VkIBbOjylU5iHbs3hW15DqMXiu6s9wLlxSJtqWWcGT4Xp3SjUy2XRzsWwFPrdsnZ
|
||||
cj1h1C1onglIpNuq7yQF6rrBmKUdy7FClXswEg+He6qV6zLhZo6bRAZO2b/g4aNX
|
||||
NVOh5BS9ZpQds5FejHx3la6GzfPM/szC0WJR2r/6RqR/dizrPlhsJX3g5I+fRnNG
|
||||
mOrUa7S/OrR3QlWyE5pvytKTno0UvPuITA7MGtQf3z4n4UbM7bYyLmCIVEkDQl9K
|
||||
ax1vtEYLKKx7sVLmJUQVqo8RmmjottRZ6+B5UWOB+dXvt3Z+mJLHt92y6NLk4iOX
|
||||
q3bgO9eMPgk+GdLXjgtgeu7S33BNE984/0B+jDLqhgEjK2spA50uPXBUtDm+Au+s
|
||||
1zfePJVfQxdaoKY00iOltujRS6sqE1PtbebTHgDakxnr9MClzTmRz6ymAglxo72o
|
||||
gk0OJCNELdckK0HHd5hGLEKBlSVGYSx2J985o7VE/raBr7/YULm4k0LXJbQvT3Bl
|
||||
blNTTCBTZWN1cml0eSA8b3BlbnNzbC1zZWN1cml0eUBvcGVuc3NsLm9yZz6JAlUE
|
||||
EwEKAD8CGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAFiEE78CkZ9YTy4PH7W0w
|
||||
2JTizos9efUFAmIp6vAFCRdgAsUACgkQ2JTizos9efWbyA//cw5h9kzqjHNPrWyU
|
||||
nqchSA/BAxGAfv8IW5vTXKIGou/vbF+2eV4pGe8cjYErfiEMI2XEqgW3NqtB8Ie1
|
||||
JpvHb/JARDpXRAeO0nAz68UZiv0s+BYG1cL0MJgxSmwLEo1XIxx+NYQRPaIPhWId
|
||||
gdJmhOylGHRbZPfUu0gsX3JvFYYJvqSbZYJx47JzLgvsaRtY06oOt89hqVOp9geS
|
||||
4HtwcZiIohq1E4Fy8+TYR7iMv62lBAG0xOoLCy4UzM3pVbChzcfmLLtH4ZbDO2ks
|
||||
vhafec6lUetxMJuvqClp4oYDp9ucrcZF3pJA0feSGF6EXOmYo3KMiVbG35DqfJrI
|
||||
8gva6QPTFo8WRsTZ7hUrn/BioXx7Orrmtl5++IPAU7c/0JPHCVordxinD/XDdcFV
|
||||
s2IIf5iL914/CaI8AXmeM4H0m9kuaS9N0UI8+3gIBhO19cP1VJBw/EWdwjwHtUlf
|
||||
d6mOAbwuVAjPEWQmcf0jIxoUR9t+3ieZjPdcHus5d9/xH2iOLdEHYQRHRiLlKFtu
|
||||
PhWgqy7UgpWRye/628at5C9m5TfGQBldSoOkUzPQGGpV3pUiHeJlQPBAYl1AAvAK
|
||||
8+Y2T9iSZXUuMXiMp3lplDEzXKHjUaXXUkgFuGs/L8YB+BBNBSE/GS078kQrc6Wu
|
||||
y7mmnE22aFf7G0N/hin+9QeIWJq0J09wZW5TU0wgdGVhbSA8b3BlbnNzbC10ZWFt
|
||||
QG9wZW5zc2wub3JnPokCWQQwAQoAQxYhBO/ApGfWE8uDx+1tMNiU4s6LPXn1BQJZ
|
||||
2fY1JR0gUmVwbGFjZWQgYnkgb3BlbnNzbC1vbWNAb3BlbnNzbC5vcmcACgkQ2JTi
|
||||
zos9efVQIg/8C1c/ChPOM/ojwXA1yUeIa4rD6BXlLDetE3KIqD1MvR251xV8Ox21
|
||||
3GYFHW+6CEfQ82xiy02CB+VsYh58tMi41NDWq6fkZOW4vFnJbFx/pYk8xFMl0ml3
|
||||
LkGsh9cVoesSiEBAsF4vQ/bmCNfM68DsLtjAK7GQobcW5ArIqvgc3LlYXUspkgE9
|
||||
yMcQcPqyMsNrEPgrFCcd3fWzXF1qsO8Rtd4bwyaJACkpQnZ832wY91uuMGzWcG2A
|
||||
+SxkdOFPuDkWm5l8hbA6+DpdFp/YiDnfwAZqr6uoqdkcT0e8IRsGqJ2FJ7qHeGSv
|
||||
kFjkGHaOPkJM69lJIEFMCrjvBQVN4b8HhcqbnJbnrWVGFDxgSdjNvXqzBDJgDqMh
|
||||
GN5ZHJhGhiZDi02uzqJ0p+OUzK1CiEo0/Mc7Nb5sVfvYrP4LoqKRceNePgwZp8Jw
|
||||
OnC5U84TWa6pHYm3rijfrBPPMFex9NDQQ/KEFINhAMQVMUtj2iy5ANPpqsftOIjs
|
||||
RfWWn+7QIi4EuYRADcllRaHJaTBAzI56ngkDaA55oyaMnSUnu0fjgWTiD4CEVbsS
|
||||
rR0nWJKhCg5DbVwq/dImoN1iK78ziR6cJdeQhe3GY+AdWe7Ci+75TiYy8Zlh9Sz4
|
||||
mpl81xRz9eYcO/g0xG6wpPE/fqua8/AgeKArEKJWN1uvKCCFZzRB7uq5Ag0EVC/p
|
||||
nwEQAMB3s+8dq5T8fW+b3OcGujEcbhyguc6D5shlNWsuCV3W7+izsVUe+0hD1YwD
|
||||
30C6zj2+CJrMxPQ/BB3u3SbyHMDP5fKL7GQiA/n192hX2DuHxvQwnDNkHxYghtrF
|
||||
KOlXAyte2awA0fC+e0o8lHa1Yd2ZZNqlDC23qJtLMJH8bX8CIr59KckNyv64bF+h
|
||||
VPIN3evnh1Ajn4A85848EZMQcjedg72MsA3TW2D4omayY7eXE5uut7FYcY6SM4pT
|
||||
hIB2X9DM39Rgy3qC4ObvEkEfaWnJfHxyXiA8XF+FZukXc/iM68P0VS/sMml9QPsY
|
||||
MWnMHcGlOcuzQJRAalqZJwuK0ZIvobh/Y9rYLxrHtNCgSjaFuSN9K/YhpAxs80H6
|
||||
lVa7GCSASTRrS3OvmY++fTsUPzSOvit0kqQfimziYx7QcJIagG92mvUmuf2PEfzv
|
||||
Si6iaIqMhaTaJq5qxOR0q430KakQktNPX53HflWL7YenDPYw1rEyQFxGqjaBY1X8
|
||||
NtuzZ0P4cahgsBFc8HgYu2u3Ysd5wmvSTsOXld8Qsns1KIUOpzgWw56AJ6dxS3lK
|
||||
4QSUFwjzbZW9H0jJ49eBMAaA+hCjv8c/4BFuZq9Gvsafn425Lx1V/3PFJlPu55V+
|
||||
7qWjeOkSzNctMlmCqPQVetbZ/pHLAJO5IUO3SoTs5kl6bARzABEBAAGJAjwEGAEK
|
||||
ACYCGwwWIQTvwKRn1hPLg8ftbTDYlOLOiz159QUCY9f9DQUJEYlG7gAKCRDYlOLO
|
||||
iz159f5RD/9Dhv5+muyWX9U4wNH7Dt7KHOtFyQ6+YrlLGj6WgZlFQD3sz1hVabJs
|
||||
HwFuiaIjnZmQwiUJm72jCMUncL3OsWrQXm6SU60aG20XeQl1oXWmSD9D/len23hO
|
||||
Yo/3WsC3o1AIkLA9cJ3h/oo3I7RE30skw4MwQ4oCFlmidmOLvkz3TD22qxf+WaK7
|
||||
KO0vJRVHQIVl1ZdsBSSULcr8BcupKXaKSBJQDya2TkEh6OUf1B/7EIk811oeNSaL
|
||||
9eJXS9VGDytVyjGGXSbudBw2XAV0/oiPPDKYElbOZH66d6marGwCCdc29cNono/7
|
||||
zf0+/hyunzY3m1PkYGyzUmfWq4WNulJ9GEAz0O1rss/4hxnGqn/m3gue+aQx4hji
|
||||
/K/vAV+531YT9MEp6m6e3074a7Hvn2l/tsBoL1Xseb6J9ZGL8fnZiuG6RF4sP1Lz
|
||||
sQXmyjgr1yTlCShgNQCYXAgprWXPCwv176kL0WxkGhcI+GmSe3kNWr3HYoeTfBQ/
|
||||
G8GWaIZ2qJRY/d/P9bgWu3oztWcVqEDorK3Pbu5/VeIeEfIkc717EgvdZU4EB70v
|
||||
E/jnY1V9GLFzdPcygy7bz5aA4IA/Y12VFdhQ9/E7HFvEv0KUa294rQiH86lRyCJI
|
||||
aEUqeymypLjoU2oeR4Cujkne+5spQHBfn2/RWGqH28v+vqHysb/8GA==
|
||||
=Q+Oa
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
|
Loading…
Reference in New Issue
Block a user