-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 7 security update Advisory ID: RHSA-2020:3638-01 Product: Red Hat JBoss Enterprise Application Platform Advisory URL: https://access.redhat.com/errata/RHSA-2020:3638 Issue date: 2020-09-07 CVE Names: CVE-2019-14900 CVE-2020-1695 CVE-2020-1710 CVE-2020-1748 CVE-2020-6950 CVE-2020-8840 CVE-2020-9546 CVE-2020-9547 CVE-2020-9548 CVE-2020-10672 CVE-2020-10673 CVE-2020-10683 CVE-2020-10687 CVE-2020-10693 CVE-2020-10714 CVE-2020-10718 CVE-2020-10740 CVE-2020-14297 CVE-2020-14307 ===================================================================== 1. Summary: An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat JBoss EAP 7.2 for RHEL 7 Server - noarch 3. Description: This release of Red Hat JBoss Enterprise Application Platform 7.2.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.9 Release Notes for information about the most significant bug fixes and enhancements included in this release. Security Fix(es): * jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547) * jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840) * jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548) * jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672) * jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673) * jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546) * undertow: EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710) * wildfly-undertow: Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests (CVE-2020-10687) * jsf-impl: Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371 (CVE-2020-6950) * resteasy-jaxrs: resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695) * wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714) * dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683) * wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748) * hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693) * hibernate-core: hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900) * wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718) • wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740) * jboss-ejb-client: wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service (CVE-2020-14307) * jboss-ejb-client: wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297) For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section. 4. Solution: Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications. For details about how to apply this update, which includes the changes described in this advisory, see: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1666499 - CVE-2019-14900 hibernate: SQL injection issue in Hibernate ORM 1694235 - CVE-2020-10683 dom4j: XML External Entity vulnerability in default SAX parser 1730462 - CVE-2020-1695 resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class 1785049 - CVE-2020-10687 Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests 1793970 - CVE-2020-1710 EAP: field-name is not parsed in accordance to RFC7230 1805006 - CVE-2020-6950 Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371 1805501 - CVE-2020-10693 hibernate-validator: Improper input validation in the interpolation of constraint error messages 1807707 - CVE-2020-1748 Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain 1815470 - CVE-2020-10673 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution 1815495 - CVE-2020-10672 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution 1816330 - CVE-2020-8840 jackson-databind: Lacks certain xbean-reflect/JNDI blocking 1816332 - CVE-2020-9546 jackson-databind: Serialization gadgets in shaded-hikari-config 1816337 - CVE-2020-9547 jackson-databind: Serialization gadgets in ibatis-sqlmap 1816340 - CVE-2020-9548 jackson-databind: Serialization gadgets in anteros-core 1825714 - CVE-2020-10714 wildfly-elytron: session fixation when using FORM authentication 1828476 - CVE-2020-10718 wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API 1834512 - CVE-2020-10740 wildfly: unsafe deserialization in Wildfly Enterprise Java Beans 1851327 - CVE-2020-14307 wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service 1853595 - CVE-2020-14297 wildfly: Some EJB transaction objects may get accumulated causing Denial of Service 6. JIRA issues fixed (https://issues.jboss.org/): JBEAP-18366 - [GSS](7.2.z) Upgrade Hibernate ORM from 5.3.15 to 5.3.16 JBEAP-18667 - [GSS](7.2.z) Upgrade wildfly-http-client from 1.0.20.Final-redhat-00001 to 1.0.21.Final-redhat-00001 JBEAP-18849 - [GSS](7.2.z) Upgrade RESTEasy from 3.6.1.SP8 to 3.6.1.SP9 JBEAP-18880 - [GSS](7.2.z) Upgrade JSF based on Mojarra 2.3.5.SP3-redhat-00009 to 2.3.5.SP4-redhat-00001 JBEAP-18906 - [GSS](7.2.z) Upgrade weld from 3.0.6.Final-redhat-00003 to 3.0.7.Final-redhat-00001 JBEAP-18919 - [GSS](7.2.z) Upgrade HAL from 3.0.21.Final to 3.0.22.Final JBEAP-18965 - (7.2.z) Upgrade IronJacamar from 1.4.20.Final to 1.4.21.Final JBEAP-19039 - Tracker bug for the EAP 7.2.9 release for RHEL-7 JBEAP-19058 - [GSS] (7.2.z) Upgrade Undertow from 2.0.30.SP1-redhat-00001 to 2.0.30.SP2-redhat-00001 JBEAP-19120 - [GSS](7.2.z) Upgrade org.jboss.genericjms from 2.0.2.Final-redhat-00001 to 2.0.4.Final-redhat-00001 JBEAP-19163 - [GSS](7.2.z) Upgrade Infinispan from 9.3.8.Final-redhat-00001 to 9.3.9.Final-redhat-00001 JBEAP-19255 - (7.2.z) Upgrade jboss-logmanager from 2.1.14.Final to 2.1.15.Final JBEAP-19271 - (7.2.z) Upgrade WildFly Core from 6.0.27.Final-redhat-00001 to 6.0.28.Final-redhat-00001 JBEAP-19315 - [GSS](7.2.z) Upgrade XNIO from 3.7.6.SP2 to 3.7.6.SP3 JBEAP-19463 - (7.2.z) Upgrade wildfly-transaction-client from 1.1.10.Final-redhat-00001 to 1.1.11.Final-redhat-00001 JBEAP-19565 - (7.2.z) Upgrade jboss-ejb-client from 4.0.31.Final-redhat-00001 to 4.0.33.Final-redhat-00001 JBEAP-19587 - [GSS](7.2.z) Upgrade org.jboss.genericjms from 2.0.2.Final-redhat-00001 to 2.0.6.Final-redhat-00001 JBEAP-19620 - (7.2.z) Upgrade JBoss JSF API from 2.3.5.SP2-redhat-00003 to 2.3.5.SP2-redhat-00005 JBEAP-19624 - (7.2.z) Upgrade wildfly-naming-client from 1.0.12.Final-redhat-00001 to 1.0.13.Final-redhat-00001 JBEAP-19703 - [GSS](7.2.z) Upgrade JBoss Modules from 1.8.9 to 1.8.10 JBEAP-19704 - (7.2.z) Upgrade WildFly Core from 6.0.28.Final-redhat-00001 to 6.0.29.Final-redhat-00001 JBEAP-19798 - [GSS](7.2.z) Upgrade HAL from 3.0.22.Final to 3.0.23.Final JBEAP-19837 - (7.2.z) Upgrade WildFly Core from 6.0.29.Final-redhat-00001 to 6.0.30.Final-redhat-00001 JBEAP-19875 - [GSS](7.2.z) Upgrade wildfly-http-ejb-client from 1.0.21.Final to 1.0.22.Final 7. Package List: Red Hat JBoss EAP 7.2 for RHEL 7 Server: Source: eap7-dom4j-2.1.3-1.redhat_00001.1.el7eap.src.rpm eap7-elytron-web-1.2.5-1.Final_redhat_00001.1.el7eap.src.rpm eap7-glassfish-jsf-2.3.5-13.SP3_redhat_00011.1.el7eap.src.rpm eap7-hal-console-3.0.23-1.Final_redhat_00001.1.el7eap.src.rpm eap7-hibernate-5.3.17-1.Final_redhat_00001.1.el7eap.src.rpm eap7-hibernate-validator-6.0.20-1.Final_redhat_00001.1.el7eap.src.rpm eap7-ironjacamar-1.4.22-1.Final_redhat_00001.1.el7eap.src.rpm eap7-jackson-databind-2.9.10.4-1.redhat_00001.1.el7eap.src.rpm eap7-jboss-genericjms-2.0.6-1.Final_redhat_00001.1.el7eap.src.rpm eap7-jboss-jsf-api_2.3_spec-2.3.5-7.SP2_redhat_00005.1.el7eap.src.rpm eap7-jboss-logmanager-2.1.15-1.Final_redhat_00001.1.el7eap.src.rpm eap7-jboss-modules-1.8.10-1.Final_redhat_00001.1.el7eap.src.rpm eap7-jboss-server-migration-1.3.1-13.Final_redhat_00014.1.el7eap.src.rpm eap7-jboss-xnio-base-3.7.6-4.SP3_redhat_00001.1.el7eap.src.rpm eap7-resteasy-3.6.1-10.SP9_redhat_00001.1.el7eap.src.rpm eap7-undertow-2.0.30-4.SP4_redhat_00001.1.el7eap.src.rpm eap7-weld-core-3.0.6-4.Final_redhat_00004.1.el7eap.src.rpm eap7-wildfly-7.2.9-4.GA_redhat_00003.1.el7eap.src.rpm eap7-wildfly-elytron-1.6.8-1.Final_redhat_00001.1.el7eap.src.rpm eap7-wildfly-http-client-1.0.22-1.Final_redhat_00001.1.el7eap.src.rpm eap7-wildfly-transaction-client-1.1.11-1.Final_redhat_00001.1.el7eap.src.rpm noarch: eap7-dom4j-2.1.3-1.redhat_00001.1.el7eap.noarch.rpm eap7-glassfish-jsf-2.3.5-13.SP3_redhat_00011.1.el7eap.noarch.rpm eap7-hal-console-3.0.23-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-hibernate-5.3.17-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-hibernate-core-5.3.17-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-hibernate-entitymanager-5.3.17-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-hibernate-envers-5.3.17-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-hibernate-java8-5.3.17-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-hibernate-validator-6.0.20-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-hibernate-validator-cdi-6.0.20-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-ironjacamar-1.4.22-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-ironjacamar-common-api-1.4.22-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-ironjacamar-common-impl-1.4.22-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-ironjacamar-common-spi-1.4.22-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-ironjacamar-core-api-1.4.22-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-ironjacamar-core-impl-1.4.22-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-ironjacamar-deployers-common-1.4.22-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-ironjacamar-jdbc-1.4.22-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-ironjacamar-validator-1.4.22-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-jackson-databind-2.9.10.4-1.redhat_00001.1.el7eap.noarch.rpm eap7-jboss-genericjms-2.0.6-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-jboss-jsf-api_2.3_spec-2.3.5-7.SP2_redhat_00005.1.el7eap.noarch.rpm eap7-jboss-logmanager-2.1.15-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-jboss-modules-1.8.10-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-jboss-server-migration-1.3.1-13.Final_redhat_00014.1.el7eap.noarch.rpm eap7-jboss-server-migration-cli-1.3.1-13.Final_redhat_00014.1.el7eap.noarch.rpm eap7-jboss-server-migration-core-1.3.1-13.Final_redhat_00014.1.el7eap.noarch.rpm eap7-jboss-server-migration-eap6.4-1.3.1-13.Final_redhat_00014.1.el7eap.noarch.rpm eap7-jboss-server-migration-eap6.4-to-eap7.2-1.3.1-13.Final_redhat_00014.1.el7eap.noarch.rpm eap7-jboss-server-migration-eap7.0-1.3.1-13.Final_redhat_00014.1.el7eap.noarch.rpm eap7-jboss-server-migration-eap7.0-to-eap7.2-1.3.1-13.Final_redhat_00014.1.el7eap.noarch.rpm eap7-jboss-server-migration-eap7.1-1.3.1-13.Final_redhat_00014.1.el7eap.noarch.rpm eap7-jboss-server-migration-eap7.1-to-eap7.2-1.3.1-13.Final_redhat_00014.1.el7eap.noarch.rpm eap7-jboss-server-migration-eap7.2-1.3.1-13.Final_redhat_00014.1.el7eap.noarch.rpm eap7-jboss-server-migration-wildfly10.0-1.3.1-13.Final_redhat_00014.1.el7eap.noarch.rpm eap7-jboss-server-migration-wildfly10.0-to-eap7.2-1.3.1-13.Final_redhat_00014.1.el7eap.noarch.rpm eap7-jboss-server-migration-wildfly10.1-1.3.1-13.Final_redhat_00014.1.el7eap.noarch.rpm eap7-jboss-server-migration-wildfly10.1-to-eap7.2-1.3.1-13.Final_redhat_00014.1.el7eap.noarch.rpm eap7-jboss-server-migration-wildfly11.0-1.3.1-13.Final_redhat_00014.1.el7eap.noarch.rpm eap7-jboss-server-migration-wildfly11.0-to-eap7.2-1.3.1-13.Final_redhat_00014.1.el7eap.noarch.rpm eap7-jboss-server-migration-wildfly12.0-1.3.1-13.Final_redhat_00014.1.el7eap.noarch.rpm eap7-jboss-server-migration-wildfly12.0-to-eap7.2-1.3.1-13.Final_redhat_00014.1.el7eap.noarch.rpm eap7-jboss-server-migration-wildfly13.0-server-1.3.1-13.Final_redhat_00014.1.el7eap.noarch.rpm eap7-jboss-server-migration-wildfly14.0-server-1.3.1-13.Final_redhat_00014.1.el7eap.noarch.rpm eap7-jboss-server-migration-wildfly8.2-1.3.1-13.Final_redhat_00014.1.el7eap.noarch.rpm eap7-jboss-server-migration-wildfly8.2-to-eap7.2-1.3.1-13.Final_redhat_00014.1.el7eap.noarch.rpm eap7-jboss-server-migration-wildfly9.0-1.3.1-13.Final_redhat_00014.1.el7eap.noarch.rpm eap7-jboss-server-migration-wildfly9.0-to-eap7.2-1.3.1-13.Final_redhat_00014.1.el7eap.noarch.rpm eap7-jboss-xnio-base-3.7.6-4.SP3_redhat_00001.1.el7eap.noarch.rpm eap7-resteasy-3.6.1-10.SP9_redhat_00001.1.el7eap.noarch.rpm eap7-resteasy-atom-provider-3.6.1-10.SP9_redhat_00001.1.el7eap.noarch.rpm eap7-resteasy-cdi-3.6.1-10.SP9_redhat_00001.1.el7eap.noarch.rpm eap7-resteasy-client-3.6.1-10.SP9_redhat_00001.1.el7eap.noarch.rpm eap7-resteasy-client-microprofile-3.6.1-10.SP9_redhat_00001.1.el7eap.noarch.rpm eap7-resteasy-crypto-3.6.1-10.SP9_redhat_00001.1.el7eap.noarch.rpm eap7-resteasy-jackson-provider-3.6.1-10.SP9_redhat_00001.1.el7eap.noarch.rpm eap7-resteasy-jackson2-provider-3.6.1-10.SP9_redhat_00001.1.el7eap.noarch.rpm eap7-resteasy-jaxb-provider-3.6.1-10.SP9_redhat_00001.1.el7eap.noarch.rpm eap7-resteasy-jaxrs-3.6.1-10.SP9_redhat_00001.1.el7eap.noarch.rpm eap7-resteasy-jettison-provider-3.6.1-10.SP9_redhat_00001.1.el7eap.noarch.rpm eap7-resteasy-jose-jwt-3.6.1-10.SP9_redhat_00001.1.el7eap.noarch.rpm eap7-resteasy-jsapi-3.6.1-10.SP9_redhat_00001.1.el7eap.noarch.rpm eap7-resteasy-json-binding-provider-3.6.1-10.SP9_redhat_00001.1.el7eap.noarch.rpm eap7-resteasy-json-p-provider-3.6.1-10.SP9_redhat_00001.1.el7eap.noarch.rpm eap7-resteasy-multipart-provider-3.6.1-10.SP9_redhat_00001.1.el7eap.noarch.rpm eap7-resteasy-rxjava2-3.6.1-10.SP9_redhat_00001.1.el7eap.noarch.rpm eap7-resteasy-spring-3.6.1-10.SP9_redhat_00001.1.el7eap.noarch.rpm eap7-resteasy-validator-provider-11-3.6.1-10.SP9_redhat_00001.1.el7eap.noarch.rpm eap7-resteasy-yaml-provider-3.6.1-10.SP9_redhat_00001.1.el7eap.noarch.rpm eap7-undertow-2.0.30-4.SP4_redhat_00001.1.el7eap.noarch.rpm eap7-undertow-server-1.2.5-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-weld-core-3.0.6-4.Final_redhat_00004.1.el7eap.noarch.rpm eap7-weld-core-impl-3.0.6-4.Final_redhat_00004.1.el7eap.noarch.rpm eap7-weld-core-jsf-3.0.6-4.Final_redhat_00004.1.el7eap.noarch.rpm eap7-weld-ejb-3.0.6-4.Final_redhat_00004.1.el7eap.noarch.rpm eap7-weld-jta-3.0.6-4.Final_redhat_00004.1.el7eap.noarch.rpm eap7-weld-probe-core-3.0.6-4.Final_redhat_00004.1.el7eap.noarch.rpm eap7-weld-web-3.0.6-4.Final_redhat_00004.1.el7eap.noarch.rpm eap7-wildfly-7.2.9-4.GA_redhat_00003.1.el7eap.noarch.rpm eap7-wildfly-elytron-1.6.8-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-wildfly-http-client-common-1.0.22-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-wildfly-http-ejb-client-1.0.22-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-wildfly-http-naming-client-1.0.22-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-wildfly-http-transaction-client-1.0.22-1.Final_redhat_00001.1.el7eap.noarch.rpm eap7-wildfly-java-jdk11-7.2.9-4.GA_redhat_00003.1.el7eap.noarch.rpm eap7-wildfly-java-jdk8-7.2.9-4.GA_redhat_00003.1.el7eap.noarch.rpm eap7-wildfly-javadocs-7.2.9-4.GA_redhat_00003.1.el7eap.noarch.rpm eap7-wildfly-modules-7.2.9-4.GA_redhat_00003.1.el7eap.noarch.rpm eap7-wildfly-transaction-client-1.1.11-1.Final_redhat_00001.1.el7eap.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 8. References: https://access.redhat.com/security/cve/CVE-2019-14900 https://access.redhat.com/security/cve/CVE-2020-1695 https://access.redhat.com/security/cve/CVE-2020-1710 https://access.redhat.com/security/cve/CVE-2020-1748 https://access.redhat.com/security/cve/CVE-2020-6950 https://access.redhat.com/security/cve/CVE-2020-8840 https://access.redhat.com/security/cve/CVE-2020-9546 https://access.redhat.com/security/cve/CVE-2020-9547 https://access.redhat.com/security/cve/CVE-2020-9548 https://access.redhat.com/security/cve/CVE-2020-10672 https://access.redhat.com/security/cve/CVE-2020-10673 https://access.redhat.com/security/cve/CVE-2020-10683 https://access.redhat.com/security/cve/CVE-2020-10687 https://access.redhat.com/security/cve/CVE-2020-10693 https://access.redhat.com/security/cve/CVE-2020-10714 https://access.redhat.com/security/cve/CVE-2020-10718 https://access.redhat.com/security/cve/CVE-2020-10740 https://access.redhat.com/security/cve/CVE-2020-14297 https://access.redhat.com/security/cve/CVE-2020-14307 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/ https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/ 9. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX1Ywn9zjgjWX9erEAQiaxw/9GUwW8rs5kCQhoFGewAAKlLrjaZmRxPA1 JUUz7/j4qRQHiWbmo799UshmPZ1vD9yrWrI0W5BLGIlNRbbWCxGYbSBzgHgbD5Rw he2rAiZ0LDDh3ch2IpBis23s4TSQxgw7JSmvciCXT43kt54U/+NeADqJtlJQWR9d sFQQGCOE5GvlZMLC7YxRD7XLyFJvrFJUjeRPKP5UfcFf4ZkxdYw+NOK8QxalKr3e nL8uPXE5aAhONxmYVeF/UuLx65rwl8qYY4RPsCQKiGciyhEkYK+azhbu05YMn4w5 uizSEF5+sR+vA8zMniJiVgdO9Mc+qgyJySW70M5Ct6+TvO15FDovMfwdEV6uN45S r4EHbRM+u5ch1AXCZGCnfDXR0MImrXDThGaO2Z/r2deDK9bnhKtBuEE6a0JC6UW/ M1YQAW2aIUqSsCIxnokCtiwDqvblersM/y7MweuTzZbedHej8FXWpArKjs45DMET qDAcl1b3TV5YLNGQmQpeTf3gV5PtOFnQxDWpg68dN2QvHaRYo6OqyNmiItfz18dR CH/qO6Y4vpXOFmG1AUdT8iT9JoUovvHeO3V/DVKfnbsQtHwtXETCVhqG+T/soKoE QHGTdrdnyK8eB+X4QmRJu2hO7r2MY7dODDkyLaUb5Msled0u8g8fRVHWbPlrXl97 LyRiimtLgQA= =z8HK -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce