SuSE alert: squid

Posted by dave on Oct 30, 2001 2:34 AM EDT
Mailing list
Mail this story
Print this story

The squid proxy server can be crashed with a malformed request, resulting in a denial of service attack. After the crash, the squid proxy must be restarted. The weakness can only be triggered from an address that is allowed to send requests, as configured in the squid configuration file.

-----BEGIN PGP SIGNED MESSAGE-----

______________________________________________________________________________

                        SuSE Security Announcement

        Package: squid
        Announcement-ID: SuSE-SA:2001:037
        Date: Tuesday, Oct 30th 2001 12:30 MEST
        Affected SuSE versions: 6.3, 6.4, 7.0, 7.1, 7.2, 7.3
        Vulnerability Type: remote denial of service
        Severity (1-10): 4
        SuSE default package: no
        Other affected systems: Systems running the squid proxy server

    Content of this advisory:
        1) security vulnerability resolved: squid
           problem description, discussion, solution and upgrade information
        2) pending vulnerabilities, solutions, workarounds
        3) standard appendix (further information)

______________________________________________________________________________

1) problem description, brief discussion, solution, upgrade information

    The squid proxy server can be crashed with a malformed request, resulting
    in a denial of service attack. After the crash, the squid proxy must be
    restarted. The weakness can only be triggered from an address that
    is allowed to send requests, as configured in the squid configuration
    file.

    An upgrade to a fixed version of the squid package is the only reasonable
    countermeasure against the bug. Please download the package for your
    distribution, verify its integrity according to section 3) of this
    SuSE Security announcement, then apply the update using the command
        rpm -Uhv <package.rpm>
    where <package.rpm> is the filename of the package that you downloaded.

    NOTE:
    SuSE Linux distributions come with two different squid packages: One
    development package and one stable package. The respective package
    for your installation can be found using the command
        rpm -qa|grep squid
    Please download and update only the package that is installed on your
    system as determined by the version of the package installed.
    Both packages for your distribution are listed below.

    SPECIAL INSTALL INSTRUCTIONS:
    The squid proxy has to be restarted in order for the fix to become
    effective. Use the command
        rcsquid restart
    after successful installation of the upgrade to do this. Please note
    that the start of the squid daemon can use several seconds so that
    the daemon refuses to accept connections during that time.

    i386 Intel Platform:

    SuSE-7.3
    ftp://ftp.suse.com/pub/suse/i386/update/7.3/n2/squid-2.3.STABLE4-132.i386.rpm
      f36c9784ca566b2cf54f75396e512ff6
    ftp://ftp.suse.com/pub/suse/i386/update/7.3/n2/squid-beta-2.4.STABLE2-33.i386.rpm
      3f49f2edbda920c97c0833752f82a451
    source rpm:
    ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/squid-2.3.STABLE4-132.src.rpm
      5f6432889116c0adba9a3d485690477b
    source rpm:
    ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/squid-beta-2.4.STABLE2-33.src.rpm
      0d13b2e11000515d48b9813d7e015a11

    SuSE-7.2
    ftp://ftp.suse.com/pub/suse/i386/update/7.2/n2/squid-2.3.STABLE4-131.i386.rpm
      8f73f7b4ae29cd57ad476845737cca76
    SuSE-7.2
    ftp://ftp.suse.com/pub/suse/i386/update/7.2/n2/squid-beta-2.4.STABLE1-85.i386.rpm
      408c3d5b79ff05078e0ed1ca2a7c7835
    source rpm:
    ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/squid-2.3.STABLE4-131.src.rpm
      87200955fd04b95b53121c91daf08508
    source rpm:
    ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/squid-beta-2.4.STABLE1-85.src.rpm
      ac991ef42ffd20242b62a79b4f9a8298

    SuSE-7.1
    ftp://ftp.suse.com/pub/suse/i386/update/7.1/n2/squid2-2.2.STABLE5-203.i386.rpm
      d88eb53e568e282e399e63247dd21f17
    SuSE-7.1
    ftp://ftp.suse.com/pub/suse/i386/update/7.1/n2/squid23-2.3.STABLE4-57.i386.rpm
      ed15547d3d898de69705206865bc5e3d
    source rpm:
    ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/squid2-2.2.STABLE5-203.src.rpm
      6e96b682734434243216955801ca3966
    source rpm:
    ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/squid23-2.3.STABLE4-57.src.rpm
      286132a8a084117c13ecd20963e4e026

    SuSE-7.0
    ftp://ftp.suse.com/pub/suse/i386/update/7.0/n1/squid2-2.2.STABLE5-203.i386.rpm
      cc05027b083f96f5ecb8d74ee5af48c3
    SuSE-7.0
    ftp://ftp.suse.com/pub/suse/i386/update/7.0/n1/squid23-2.3.STABLE4-57.i386.rpm
      27812ca7b960ca891d14056f8e50d93d
    source rpm:
    ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/squid2-2.2.STABLE5-203.src.rpm
      3821655bdf3a93b1b3607c786e31e4b5
    source rpm:
    ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/squid23-2.3.STABLE4-57.src.rpm
      20a5cd54b491baa98ef062e59222043a

    SuSE-6.4
    ftp://ftp.suse.com/pub/suse/i386/update/6.4/n1/squid2-2.2.STABLE5-203.i386.rpm
      6241edb66ce49d7c0c99e4d4eee5f62d
    SuSE-6.4
    ftp://ftp.suse.com/pub/suse/i386/update/6.4/n1/squid23-2.3.STABLE4-57.i386.rpm
      73e2338db1a51b0f2c3fd06c692b9433
    source rpm:
    ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/squid2-2.2.STABLE5-203.src.rpm
      cca2eac81e9da884b68547a10753e3aa
    source rpm:
    ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/squid23-2.3.STABLE4-57.src.rpm
      41b0f0f3d3ba588a69d4d3bdbbaa67f0

    SuSE-6.3
    ftp://ftp.suse.com/pub/suse/i386/update/6.3/n1/squid-1.NOVM.22-0.i386.rpm
      287c56b9f60ebc6f0592ebd82aaafdbd
    SuSE-6.3
    ftp://ftp.suse.com/pub/suse/i386/update/6.3/n1/squid2-2.2.STABLE5-25.i386.rpm
      7ebcf1942316bc7dd9ccc81aa02d22a6
    source rpm:
    ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/squid-1.NOVM.22-0.src.rpm
      96b7d50fa8548c4a62602d9a6c30ee15
    source rpm:
    ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/squid2-2.2.STABLE5-25.src.rpm
      ec16fdc160c4bab2447903843de38e96

    Sparc Platform:

    SuSE-7.1
    ftp://ftp.suse.com/pub/suse/sparc/update/7.1/n2/squid2-2.2.STABLE5-199.sparc.rpm
      32c7b23fae7195f85bc641076020f525
    SuSE-7.1
    ftp://ftp.suse.com/pub/suse/sparc/update/7.1/n2/squid23-2.3.STABLE4-52.sparc.rpm
      58ef46972e17b4c18934705ad1e119fc
    source rpm:
    ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/squid2-2.2.STABLE5-199.src.rpm
      fdd0149a27a9ce2dc62b6cd3d36bf5d9
    source rpm:
    ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/squid23-2.3.STABLE4-52.src.rpm
      ae95420b0cabfcec6ea8e45cafbec98a

    SuSE-7.0
    ftp://ftp.suse.com/pub/suse/sparc/update/7.0/n1/squid2-2.2.STABLE5-200.sparc.rpm
      7ea9ebf4033748dc2926681f91b757a2
    SuSE-7.0
    ftp://ftp.suse.com/pub/suse/sparc/update/7.0/n1/squid23-2.3.STABLE4-53.sparc.rpm
      f5182a0ee681e1038ce9a27a5669dc78
    source rpm:
    ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/squid2-2.2.STABLE5-200.src.rpm
      2df8efacd6309d282ddf1a9fd85f5b0d
    source rpm:
    ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/squid23-2.3.STABLE4-53.src.rpm
      7283004306500f6af0945a127eb7cb10

    AXP Alpha Platform:

    SuSE-7.1
    ftp://ftp.suse.com/pub/suse/axp/update/7.1/n2/squid2-2.2.STABLE5-211.alpha.rpm
      5731678da53fefafd8b598b4bdd0b1c5
    SuSE-7.1
    ftp://ftp.suse.com/pub/suse/axp/update/7.1/n2/squid23-2.3.STABLE4-59.alpha.rpm
      131ddb39a0642abd01ac7758b1ee1659
    source rpm:
    ftp://ftp.suse.com/pub/suse/axp/update/7.1/zq1/squid2-2.2.STABLE5-211.src.rpm
      2a455ab029dfa08d93b8f0882d27f3c0
    source rpm:
    ftp://ftp.suse.com/pub/suse/axp/update/7.1/zq1/squid23-2.3.STABLE4-59.src.rpm
      af85f07cc967e2c0afd58c15757901b9

    SuSE-7.0
    ftp://ftp.suse.com/pub/suse/axp/update/7.0/n1/squid2-2.2.STABLE5-211.alpha.rpm
      6c8717d3ecc33f36fda8b9126f5aa9c4
    SuSE-7.0
    ftp://ftp.suse.com/pub/suse/axp/update/7.0/n1/squid23-2.3.STABLE4-59.alpha.rpm
      f601abe230336f0aff1e2dd794905746
    source rpm:
    ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/squid2-2.2.STABLE5-211.src.rpm
      0c286031c7261283c51ecc7b181f5c5a
    source rpm:
    ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/squid23-2.3.STABLE4-59.src.rpm
      c13de698610cfbe85c9db43c0b46c33a

    SuSE-6.4
    ftp://ftp.suse.com/pub/suse/axp/update/6.4/n1/squid2-2.2.STABLE5-211.alpha.rpm
      72ed52eb121cf09af0085eade83c31e9
    SuSE-6.4
    ftp://ftp.suse.com/pub/suse/axp/update/6.4/n1/squid23-2.3.STABLE4-59.alpha.rpm
      d00639d8014cadfaaf0f877600fc265b
    source rpm:
    ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/squid2-2.2.STABLE5-211.src.rpm
      9654093482932c0c5b6e19641c12e515
    source rpm:
    ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/squid23-2.3.STABLE4-59.src.rpm
      93956c1d356b14d1c0ce4f6176b6bc82

    SuSE-6.3
    ftp://ftp.suse.com/pub/suse/axp/update/6.3/n1/squid-1.NOVM.22-0.alpha.rpm
      963dab91fe801b0db5b8bc1290c510ac
    SuSE-6.3
    ftp://ftp.suse.com/pub/suse/axp/update/6.3/n1/squid2-2.2.STABLE5-24.alpha.rpm
      0a2cc791d49c12e43318166b18fbf4c9
    source rpm:
    ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/squid-1.NOVM.22-0.src.rpm
      d4bed546b971e980e013a19524dfe0a6
    source rpm:
    ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/squid2-2.2.STABLE5-24.src.rpm
      1911f50775e228ba85801afe14b4127c

    PPC Power PC Platform:

    SuSE-7.1
    ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n2/squid2-2.2.STABLE5-191.ppc.rpm
      8570b7b727184e65e06bbc94952dd1c1
    SuSE-7.1
    ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n2/squid23-2.3.STABLE4-59.ppc.rpm
      06b6a7d709dd647f877cd2c49c8a25b0
    source rpm:
    ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/squid2-2.2.STABLE5-191.src.rpm
      01f3d3f73ff7f707aaa5915904f04816
    source rpm:
    ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/squid23-2.3.STABLE4-59.src.rpm
      e3d908e3f6f4d29e5fe6b47ee63efe71

    SuSE-7.0
    ftp://ftp.suse.com/pub/suse/ppc/update/7.0/n1/squid2-2.2.STABLE5-191.ppc.rpm
      080ede69d095009d348d66575d737ded
    SuSE-7.0
    ftp://ftp.suse.com/pub/suse/ppc/update/7.0/n1/squid23-2.3.STABLE4-59.ppc.rpm
      815f6081346eea1883e269c5349687b9
    source rpm:
    ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/squid2-2.2.STABLE5-191.src.rpm
      67036c2982d2e353a5063b4f173bd994
    source rpm:
    ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/squid23-2.3.STABLE4-59.src.rpm
      d69897df473cf8added443549fe90614

    SuSE-6.4
    ftp://ftp.suse.com/pub/suse/ppc/update/6.4/n1/squid2-2.2.STABLE5-191.ppc.rpm
      059e627ca63f48176d310321bd1d6715
    SuSE-6.4
    ftp://ftp.suse.com/pub/suse/ppc/update/6.4/n1/squid23-2.3.STABLE4-59.ppc.rpm
      f90c456e8d7ba561f585f388ead58f3e
    source rpm:
    ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/squid2-2.2.STABLE5-191.src.rpm
      31db9a010dcbcfe98e966042cd3aac0f
    source rpm:
    ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/squid23-2.3.STABLE4-59.src.rpm
      80b5f2f0325aaeeeee413f9fedc9eacb

______________________________________________________________________________

2) Pending vulnerabilities in SuSE Distributions and Workarounds:

  - openssh
    After stabilizing the openssh package, updates for the distributions
    6.4-7.2 are currently being prepared. The update packages fix a security
    problem related to the recently discovered problems with source ip
    based access restrictions in a user's ~/.ssh/authorized_keys2 file.
    The packages will appear shortly on our ftp servers. Please note that
    packages for the distributions 6.3 and up including 7.0 containing
    cryptographic software are located on the German ftp server http://ftp.suse.de,
    all other packages can be found on http://ftp.suse.com at the usual location.
    We will issue a dedicated Security announcement for the openssh package.

______________________________________________________________________________

3) standard appendix: authenticity verification, additional information

  - Package authenticity verification:

    SuSE update packages are available on many mirror ftp servers all over
    the world. While this service is being considered valuable and important
    to the free and open source software community, many users wish to be
    sure about the origin of the package and its content before installing
    the package. There are two verification methods that can be used
    independently from each other to prove the authenticity of a downloaded
    file or rpm package:
    1) md5sums as provided in the (cryptographically signed) announcement.
    2) using the internal gpg signatures of the rpm package.

    1) execute the command
        md5sum <name-of-the-file.rpm>
       after you downloaded the file from a SuSE ftp server or its mirrors.
       Then, compare the resulting md5sum with the one that is listed in the
       announcement. Since the announcement containing the checksums is
       cryptographically signed (usually using the key security@suse.de),
       the checksums show proof of the authenticity of the package.
       We disrecommend to subscribe to security lists which cause the
       email message containing the announcement to be modified so that
       the signature does not match after transport through the mailing
       list software.
       Downsides: You must be able to verify the authenticity of the
       announcement in the first place. If RPM packages are being rebuilt
       and a new version of a package is published on the ftp server, all
       md5 sums for the files are useless.

    2) rpm package signatures provide an easy way to verify the authenticity
       of an rpm package. Use the command
        rpm -v --checksig <file.rpm>
       to verify the signature of the package, where <file.rpm> is the
       filename of the rpm package that you have downloaded. Of course,
       package authenticity verification can only target an uninstalled rpm
       package file.
       Prerequisites:
        a) gpg is installed
        b) The package is signed using a certain key. The public part of this
           key must be installed by the gpg program in the directory
           ~/.gnupg/ under the user's home directory who performs the
           signature verification (usually root). You can import the key
           that is used by SuSE in rpm packages for SuSE Linux by saving
           this announcement to a file ("announcement.txt") and
           running the command (do "su -" to be root):
            gpg --batch; gpg < announcement.txt | gpg --import
           SuSE Linux distributions version 7.1 and thereafter install the
           key "build@suse.de" upon installation or upgrade, provided that
           the package gpg is installed. The file containing the public key
           is placed at the toplevel directory of the first CD (pubring.gpg)
           and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de .

  - SuSE runs two security mailing lists to which any interested party may
    subscribe:

    suse-security@suse.com
        - general/linux/SuSE security discussion.
            All SuSE security announcements are sent to this list.
            To subscribe, send an email to
                <suse-security-subscribe@suse.com>.

    suse-security-announce@suse.com
        - SuSE's announce-only mailing list.
            Only SuSE's security annoucements are sent to this list.
            To subscribe, send an email to
                <suse-security-announce-subscribe@suse.com>.

    For general information or the frequently asked questions (faq)
    send mail to:
        <suse-security-info@suse.com> or
        <suse-security-faq@suse.com> respectively.

    ===================================================
    SuSE's security contact is <security@suse.com>.
    The <security@suse.com> public key is listed below.
    ===================================================
______________________________________________________________________________

    The information in this advisory may be distributed or reproduced,
    provided that the advisory is not modified in any way. In particular,
    it is desired that the cleartext signature shows proof of the
    authenticity of the text.
    SuSE GmbH makes no warranties of any kind whatsoever with respect
    to the information contained in this security advisory.

Type Bits/KeyID Date User ID
pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security@suse.de>
pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build@suse.de>

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
L0oixF12CpkBogQ57vSBEQQAk/GN+ftr7+DBlSoixDDpfRnUk+jApGEt8hCnrnjV
nPs/9Cr33+CXLQbILOO7Y5oiPbJdHh45t4E0fKyLVzDerCRFB1swz/mNDxT26DLy
sdBV5fwNHTPhxa67goAZVrehQPqJEckkIpYriOaYcKpF3n5fQIZMEfMaHEElQhcX
ML8AoJVXDkJYh7vI8EUB8ZURNLZMEECNA/sH0MCnb4Q6ZcRyeZ3+1PHP8hP73b6T
epRdLZhaylwVF/iu7uIn62ZUL4//NTOCDY7V63qg4iba/fUbOsWtEnGaiE7mQuAl
sSWvRspwRA9/g9rdVf3/JdLJrLmKBTheyG+PSJE3W7cAE4ZWafGxIRCwXhmj3TQn
Jn2euqylHRubEQP/aL53NZK0kBdvrKgff6O8Of6tqoss8Dkk55I7QVFSp+My1Dn+
mngQKFejTAgtyo/WmR3wPjQ9HoT2lRiYI2lTRYT4uMdHuwVC3b4DqAKmoy375FER
wHkrMVyKBJslv8QtbAWw5A1CAUseaHo+91wmYJ4/4p6YUahqbG/tZyhbxfq0KFN1
U0UgUGFja2FnZSBTaWduaW5nIEtleSA8YnVpbGRAc3VzZS5kZT6IXAQTEQIAHAUC
Oe70gQUJA8JnAAQLCgMEAxUDAgMWAgECF4AACgkQqE7a6JyACspfLACffAYA+NM8
NBhyRyH+nTX58CNjwLIAoIx9fj52BJe0xY7WbKoXs1+72b2AiEYEEBECAAYFAjpw
XlIACgkQnkDjEAAKq6TczgCgi+ddhWb7+FWcfeE6WwPZccqAHowAnjjtRyGwHLQH
r5OTFAYTXi2Wv6jNiQEVAwUQOnBgb3ey5gA9JdPZAQE1pwf/QJ+b34lFBNVUJ7fk
/xGJJREt7V12iSafaRzGuH8xWvIz1bb+VARxnnt16FDQ1cDNjoEhCEmcW83Vxp6i
JXE9PE8wVA/Yue/bon5JS7J69+UiQ2eq2pudfwljp52lYVM53jgPYEz0q/v3091n
lZ8CYkAkN9JDS1lV1gEzJ7J0+POngDpU+lDQT2EC6VKaxeWK8pNt6UFDwICRDQxK
nlOoiDvTrdWT7QdJZ4sPv8Qotdw9+tKNbWQ2DqdIRxyTdw9xDfAtcj6mXeQr7852
Lwem1gSKVnEYHZ9g1FTJqVOutY8KhpUc9RfOCRv8XuIxrs4KSbfSF0s8qIRCQelx
ufg9AbkCDQQ57vSSEAgAhJHQTejMX+Vr6g1pHDEcusJ63fQ2CfFFE5iE9okH9O7U
VCiSfb9CV38dmeHdPCEEjDUWquFYEnvj3WICMtH249t1Ymuf4Du3yRKQ9oXdn/qT
Jzlrx9qzjiG3mH7ocwHOgUIwCrZoEdBEVE2n0zPVm+hddwjWWTWXw6pxQz+i9dsN
89xexRV5M9O0bNwCLaNWX2GXeLAkqTK/9EuZy6x2yLxi6du9YYUAXkZpqBhCjtiU
XpRoFCdglMznbcAyCk9C2wqb2j/D1Z2BeSBaGCSFkR6pRLebnE17LWcu72Iy+r0z
+JecbPiyDpDZj4apn7IC81aNFGi7fNITsHODbwwjiwADBgf/YPvVdzkc8OC7ztac
EWCanwylKvxCdKzTDA+DfES6WUYShyiVJvZzRy25LJ5WcK20kzOS6Qv1OrIXiz/p
dGy1aKtJZrAnFEsofpmOj8VoqyyFgp/yAGQBp12+mXek7SCZRhuqalDfEMRiWEJ6
J5dLkyShyRDWyPbFh0HXE7QTHN+IKKxxQqNQXL6Z3NSxS61p+5n6BseiDUI39xxk
KTFwFrkgUIc5Gs2Or2lhaWvGwSfoCmwbsklszZt6xbU+R0SjFqTvjPWx6eHfqbmN
C9WMDdTjGrXDDKXFp2aYlokfN6It9vsbVlGNlOwHt/JjGoPMxW6Xqj0FLA7/Vewg
CdXW64hMBBgRAgAMBQI57vSSBQkDwmcAAAoJEKhO2uicgArKSyIAmwUHf/vtKQfc
mVg4asR7U6XQl0bAAJ4pO22B5U8UH6IYl2LBCXFqw5+5fA==
=rVRn
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQEVAwUBO96LF3ey5gA9JdPZAQFlqwf/YderpUXkQgPJtsLnEzHNmjTMm6E5rCEP
R6iBGPPga1BwV9/23FHtbXalc1Gkqa9RPcBJ58mkxcbzaLHacAZZmnHj7jv2VocE
edg9HcOdhjAiPA5KSePczFOb7+f51Y9aLTFn+5wfEAP0eMOmGvqvn0YnOCEl9vu5
6A1QbLhMIsc1ATTOCo9bWAJPeIVpU34HRXg1ojYqf+HObLDdAfZAKbKxxQ8ZkDR/
i/qI1x5A0OER1NJhhTs4nLvJPCIpuHajZhOnjQU0yqy25JlUHYcCvMpj7VOyQUR9
JZngqFLi/KDiQiZ2vIBy0kItFJ6iv5pq9rf5jYw45nQMSak/mbRcLg==
=elKB
-----END PGP SIGNATURE-----

-- 
To unsubscribe, e-mail: suse-security-announce-unsubscribe@suse.com
For additional commands, e-mail: suse-security-announce-help@suse.com

  Nav
» Read more about: Story Type: Security; Groups: SUSE

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.