135141 2006-06-01 05:23 0000 mail-mta/sendmail malformed MIME multipart messages (CVE-2006-1173) 2007-06-24 23:35:00 0000 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED FIXED http://www.kb.cert.org/vuls/id/146718 B3 [glsa/stable] jaervosz P2 enhancement --- 1 lcars@gentoo.org security@gentoo.org net-mail@gentoo.org tcort@gentoo.org lcars@gentoo.org 2006-06-01 05:23:53 0000 CERT reported (VU#146718) a vulnerability in Sendmail (up to 8.13.6) triggered by malformed multipart messages, a PoC is available and has been tested. The issue results in a denial of service condition due to stack space memory exhaustion. A forked process (not the main daemon) will exit abnormally and core dump in some cases when triggered with this condition. The issue can be worked around by limiting the maximum message size accepted with the MaxMessageSize option. This issue will be public Wednesday June 14 at 16:00 UTC 2006. I'm attaching an ebuild for 8.13.6 with provided patch. This is not likely to be the only change that will be present in the soon to be released 8.13.7 but if we manage to get it stable we'll likely able to provide an updated ebuild before waiting for 8.13.7 ebuild arch stabilization. lcars@gentoo.org 2006-06-01 05:24:41 0000 Created an attachment (id=88081) sendmail-CVE-2006-1173.patch sendmail patch for CVE-2006-1173 lcars@gentoo.org 2006-06-01 05:25:53 0000 Created an attachment (id=88082) sendmail-8.13.6-r1.ebuild sendmail-8.13.6-r1 ebuild dercorny@gentoo.org 2006-06-01 06:29:53 0000 Arch liaisons (sp?), please test and report back if stable, _don't_ commit anything yet as this is sekrit. Thanks dercorny@gentoo.org 2006-06-01 06:31:10 0000 blah, exchanging sparc <-> gustavoz ... I'm an idiot halcy0n@gentoo.org 2006-06-01 20:23:05 0000 seems sane on x86 tcort@gentoo.org 2006-06-02 06:05:49 0000 looks fine for amd64. corsair@gentoo.org 2006-06-02 07:14:55 0000 looks good on ppc64 gustavoz@gentoo.org 2006-06-02 08:36:49 0000 Looks ok to me (sparc). jokey@gentoo.org 2006-06-02 11:05:31 0000 Looking good on arm dertobi123@gentoo.org 2006-06-02 13:35:26 0000 Looks good on ppc killerfox@gentoo.org 2006-06-03 02:13:06 0000 Looks good on hppa jaervosz@gentoo.org 2006-06-10 06:11:04 0000 Still missing test on: alpha ia64 s390, of which only alpha is security supported. Kloeri please test and report back. tcort@gentoo.org 2006-06-10 09:14:56 0000 (In reply to comment #12) > Still missing test on: alpha ia64 s390, of which only alpha is security > supported. > > Kloeri please test and report back. I haven't been able to reach kloeri today and jaervosz asked me to test it on alpha, so I did. Looks good on alpha. jaervosz@gentoo.org 2006-06-14 11:47:36 0000 Andrea please commit, this is public now. frilled@gentoo.org 2006-06-14 12:22:04 0000 Unless anybody can point to arbitrary code execution, this sounds more like a B3. jaervosz@gentoo.org 2006-06-15 01:17:09 0000 @Arches please test and mark 8.13.7 stable. 8.13.6-r1 comitted directly to stable. Upstream release 8.13.7 uses a different patch than 8.13.6-r1 so marking the upstream stable to be safe. @Security: This one is theoretically ready for GLSA decision. I vote YES. lcars@gentoo.org 2006-06-15 01:30:59 0000 I vote YES too. More info here http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc After committing the ebuilds I tested 8.13.7 and it looks good on x86 and amd to me (in case this helps). jaervosz@gentoo.org 2006-06-15 08:45:57 0000 @Security please vote, the draft is ready. sejo@gentoo.org 2006-06-15 08:50:07 0000 I vote yes for this one. dercorny@gentoo.org 2006-06-15 08:50:41 0000 /me says yes jaervosz@gentoo.org 2006-06-15 10:15:07 0000 GLSA 200606-19 Moving to enhancement for stable marking. falco@gentoo.org 2006-06-19 03:54:10 0000 Hi arches, regarding comment #16, and the 2 errata from sendmail.org / see ebuild ChangeLog : 16 Jun 2006; Andrea Barisani <lcars@gentoo.org> +files/errata-8.13.7-1.patch, +files/errata-8.13.7-2.patch, +sendmail-8.13.7-r1.ebuild: Revision bump with 2 errata published by sendmail.org. please stabilize 8.13.7-r1 Letting in enhancement scope since the GLSA has already been sent. gustavoz@gentoo.org 2006-06-19 14:31:31 0000 sparc stable, again! tsunam@gentoo.org 2006-06-19 21:59:03 0000 x86 motivated for now... corsair@gentoo.org 2006-06-20 10:18:46 0000 ppc64 stable tcort@gentoo.org 2006-06-20 10:35:54 0000 stable on alpha and amd64. killerfox@gentoo.org 2006-06-24 11:10:09 0000 stable on hppa dertobi123@gentoo.org 2006-06-24 23:42:18 0000 ppc stable falco@gentoo.org 2006-06-25 11:37:18 0000 Closing since all "supported" arches are now stable, thanks to all. s390 & ia64, don't forget to mark stable too when you want to. 88081 2006-06-01 05:24 0000 sendmail-CVE-2006-1173.patch sendmail-CVE-2006-1173.patch text/plain LS0tIHNlbmRtYWlsL21pbWUuYwkyNCBNYXIgMjAwNiAwMzoxNzowNiAtMDAwMAk4LjE0MAorKysg c2VuZG1haWwvbWltZS5jCTI3IEFwciAyMDA2IDIyOjU2OjE2IC0wMDAwCTguMTQxCkBAIC0yNDIs NyArMjQyLDkgQEAKIAkqLwoKIAlpZiAoc21fc3RyY2FzZWNtcCh0eXBlLCAibXVsdGlwYXJ0Iikg PT0gMCAmJgotCSAgICAoIWJpdHNldChNODdGX05POEJJVCwgZmxhZ3MpIHx8IGJpdHNldChNODdG X05POFRPNywgZmxhZ3MpKSkKKwkgICAgKCFiaXRzZXQoTTg3Rl9OTzhCSVQsIGZsYWdzKSB8fCBi aXRzZXQoTTg3Rl9OTzhUTzcsIGZsYWdzKSkgJiYKKwkgICAgIWJpdHNldChFRl9UT09ERUVQLCBl LT5lX2ZsYWdzKQorCSAgICkKIAl7CgogCQlpZiAoc21fc3RyY2FzZWNtcChzdWJ0eXBlLCAiZGln ZXN0IikgPT0gMCkKQEAgLTI4NiwxMCArMjg4LDEzIEBACiAJCX0KIAkJaWYgKGkgPj0gTUFYTUlN RU5FU1RJTkcpCiAJCXsKLQkJCXVzcmVycigibWltZTh0bzc6IG11bHRpcGFydCBuZXN0aW5nIGJv dW5kYXJ5IHRvbyBkZWVwIik7CisJCQlpZiAodFRkKDQzLCA0KSkKKwkJCQlzbV9kcHJpbnRmKCJt aW1lOHRvNzogdG9vIGRlZXAsIGk9JWRcbiIsIGkpOworCQkJaWYgKCFiaXRzZXQoRUZfVE9PREVF UCwgZS0+ZV9mbGFncykpCisJCQkJdXNyZXJyKCJtaW1lOHRvNzogbXVsdGlwYXJ0IG5lc3Rpbmcg Ym91bmRhcnkgdG9vIGRlZXAiKTsKCiAJCQkvKiBhdm9pZCBib3VuY2UgbG9vcHMgKi8KLQkJCWUt PmVfZmxhZ3MgfD0gRUZfRE9OVF9NSU1FOworCQkJZS0+ZV9mbGFncyB8PSBFRl9ET05UX01JTUV8 RUZfVE9PREVFUDsKIAkJfQogCQllbHNlCiAJCXsKQEAgLTM3NCw3ICszNzksOCBAQAoKIAlpZiAo c21fc3RyY2FzZWNtcCh0eXBlLCAibWVzc2FnZSIpID09IDApCiAJewotCQlpZiAoIXdvcmRpbmNs YXNzKHN1YnR5cGUsICdzJykpCisJCWlmICghd29yZGluY2xhc3Moc3VidHlwZSwgJ3MnKSB8fAor CQkgICAgYml0c2V0KEVGX1RPT0RFRVAsIGUtPmVfZmxhZ3MpKQogCQl7CiAJCQlmbGFncyB8PSBN ODdGX05POEJJVDsKIAkJfQotLS0gc2VuZG1haWwvc2VuZG1haWwuaAkyMiBNYXIgMjAwNiAyMjo1 ODozOSAtMDAwMAk4LjEwMDcKKysrIHNlbmRtYWlsL3NlbmRtYWlsLmgJMjcgQXByIDIwMDYgMjI6 NTY6MTYgLTAwMDAJOC4xMDA4CkBAIC05NDIsNiArOTQyLDcgQEAKICNkZWZpbmUgRUZfVE9PQklH CTB4MDIwMDAwMDBMCS8qIG1lc3NhZ2UgaXMgdG9vIGJpZyAqLwogI2RlZmluZSBFRl9TUExJVAkw eDA0MDAwMDAwTAkvKiBlbnZlbG9wZSBoYXMgYmVlbiBzcGxpdCAqLwogI2RlZmluZSBFRl9VTlNB RkUJMHgwODAwMDAwMEwJLyogdW5zYWZlOiByZWFkIGZyb20gdW50cnVzdGVkIHNvdXJjZSAqLwor I2RlZmluZSBFRl9UT09ERUVQCTB4MTAwMDAwMDBMCS8qIG1lc3NhZ2UgaXMgbmVzdGVkIHRvbyBk ZWVwICovCgogI2RlZmluZSBETFZSX05PVElGWQkweDAxCiAjZGVmaW5lIERMVlJfUkVUVVJOCTB4 MDIKCg== 88082 2006-06-01 05:25 0000 sendmail-8.13.6-r1.ebuild sendmail-8.13.6-r1.ebuild text/plain IyBDb3B5cmlnaHQgMTk5OS0yMDA2IEdlbnRvbyBGb3VuZGF0aW9uCiMgRGlzdHJpYnV0ZWQgdW5k ZXIgdGhlIHRlcm1zIG9mIHRoZSBHTlUgR2VuZXJhbCBQdWJsaWMgTGljZW5zZSB2MgojICRIZWFk ZXI6IC92YXIvY3Zzcm9vdC9nZW50b28teDg2L21haWwtbXRhL3NlbmRtYWlsL3NlbmRtYWlsLTgu MTMuNi5lYnVpbGQsdiAxLjEgMjAwNi8wMy8yMiAxODo0NTowMCBsY2FycyBFeHAgJAoKaW5oZXJp dCBldXRpbHMKCkRFU0NSSVBUSU9OPSJXaWRlbHktdXNlZCBNYWlsIFRyYW5zcG9ydCBBZ2VudCAo TVRBKSIKSE9NRVBBR0U9Imh0dHA6Ly93d3cuc2VuZG1haWwub3JnLyIKU1JDX1VSST0iZnRwOi8v ZnRwLnNlbmRtYWlsLm9yZy9wdWIvJHtQTn0vJHtQTn0uJHtQVn0udGFyLmd6IgoKTElDRU5TRT0i U2VuZG1haWwiClNMT1Q9IjAiCktFWVdPUkRTPSJhbHBoYSBhbWQ2NCBocHBhIGlhNjQgcHBjIHBw YzY0IHMzOTAgc3BhcmMgeDg2IgpJVVNFPSJzc2wgbGRhcCBzYXNsIHRjcGQgbWJveCBtYWlsd3Jh cHBlciBpcHY2IgoKREVQRU5EPSJuZXQtbWFpbC9tYWlsYmFzZQoJc3lzLWRldmVsL200CglzYXNs PyAoID49ZGV2LWxpYnMvY3lydXMtc2FzbC0yLjEuMTAgKQoJdGNwZD8gKCBzeXMtYXBwcy90Y3At d3JhcHBlcnMgKQoJc3NsPyAoIGRldi1saWJzL29wZW5zc2wgKQoJbGRhcD8gKCBuZXQtbmRzL29w ZW5sZGFwICkKCT49c3lzLWxpYnMvZGItMy4yCgkhbmV0LW1haWwvdmFjYXRpb24KCSIKUkRFUEVO RD0iJHtERVBFTkR9CgkJPj1uZXQtbWFpbC9tYWlsYmFzZS0wLjAwCgkJIW1haWx3cmFwcGVyPyAo ICF2aXJ0dWFsL210YSApCgkJbWFpbHdyYXBwZXI/ICggPj1uZXQtbWFpbC9tYWlsd3JhcHBlci0w LjIgKSIKUERFUEVORD0iIW1ib3g/ICggbWFpbC1maWx0ZXIvcHJvY21haWwgKSIKUFJPVklERT0i dmlydHVhbC9tdGEiCgpzcmNfdW5wYWNrKCkgewoJdW5wYWNrICR7QX0KCWNkICR7U30KCgllcGF0 Y2ggJHtGSUxFU0RJUn0vc2VuZG1haWwtZGVsaXZlcmVkX2hkci5wYXRjaCB8fCBkaWUKCWVwYXRj aCAke0ZJTEVTRElSfS9zZW5kbWFpbC1DVkUtMjAwNi0xMTczLnBhdGNoIHx8IGRpZQoKCWNvbmZD Q09QVFM9IiR7Q0ZMQUdTfSIKCWNvbmZNQVBERUY9Ii1ETUFQX1JFR0VYIgoJY29uZl9zZW5kbWFp bF9MSUJTPSIiCgl1c2Ugc2FzbCAmJiBjb25mTElCUz0iJHtjb25mTElCU30gLWxzYXNsMiIgIFwK CQkmJiBjb25mRU5WREVGPSIke2NvbmZFTlZERUZ9IC1EU0FTTD0yIiBcCgkJJiYgY29uZkNDT1BU Uz0iJHtjb25mQ0NPUFRTfSAtSS91c3IvaW5jbHVkZS9zYXNsIiBcCgkJJiYgY29uZl9zZW5kbWFp bF9MSUJTPSIke2NvbmZfc2VuZG1haWxfTElCU30gLWxzYXNsMiIKCXVzZSB0Y3BkICYmIGNvbmZF TlZERUY9IiR7Y29uZkVOVkRFRn0gLURUQ1BXUkFQUEVSUyIgXAoJCSYmIGNvbmZMSUJTPSIke2Nv bmZMSUJTfSAtbHdyYXAiCgl1c2Ugc3NsICYmIGNvbmZFTlZERUY9IiR7Y29uZkVOVkRFRn0gLURT VEFSVFRMUyAtRF9GRlJfREVBTF9XSVRIX0VSUk9SX1NTTCIgXAoJCSYmIGNvbmZMSUJTPSIke2Nv bmZMSUJTfSAtbHNzbCAtbGNyeXB0byIgXAoJCSYmIGNvbmZfc2VuZG1haWxfTElCUz0iJHtjb25m X3NlbmRtYWlsX0xJQlN9IC1sc3NsIC1sY3J5cHRvIgoJdXNlIGxkYXAgJiYgY29uZk1BUERFRj0i JHtjb25mTUFQREVGfSAtRExEQVBNQVAiIFwKCQkmJiBjb25mTElCUz0iJHtjb25mTElCU30gLWxs ZGFwIC1sbGJlciIKCXVzZSBpcHY2ICYmIGNvbmZFTlZERUY9IiR7Y29uZkVOVkRFRn0gLURORVRJ TkVUNiIKCXNlZCAtZSAiczpAQGNvbmZDQ09QVFNAQDoke2NvbmZDQ09QVFN9OiIgXAoJCS1lICJz L0BAY29uZk1BUERFRkBALyR7Y29uZk1BUERFRn0vIiBcCgkJLWUgInMvQEBjb25mRU5WREVGQEAv JHtjb25mRU5WREVGfS8iIFwKCQktZSAicy9AQGNvbmZMSUJTQEAvJHtjb25mTElCU30vIiBcCgkJ LWUgInMvQEBjb25mX3NlbmRtYWlsX0xJQlNAQC8ke2NvbmZfc2VuZG1haWxfTElCU30vIiBcCgkJ JHtGSUxFU0RJUn0vc2l0ZS5jb25maWcubTQgPiAke1N9L2RldnRvb2xzL1NpdGUvc2l0ZS5jb25m aWcubTQKfQoKc3JjX2NvbXBpbGUoKSB7CglzaCBCdWlsZCB8fCBkaWUgImNvbXBpbGF0aW9uIGZh aWxlZCBpbiBtYWluIEJ1aWxkIHNjcmlwdCIKCXB1c2hkIGxpYm1pbHRlcgoJc2ggQnVpbGQgfHwg ZGllICJsaWJtaWx0ZXIgY29tcGlsYXRpb24gZmFpbGVkIgoJcG9wZAp9CgpzcmNfaW5zdGFsbCAo KSB7CglPQkpESVI9Im9iai5gdW5hbWUgLXNgLmB1bmFtZSAtcmAuYGFyY2hgIgoJZG9kaXIgL3Vz ci9iaW4gL3Vzci9saWIKCWRvZGlyIC91c3Ivc2hhcmUvbWFuL21hbnsxLDUsOH0gL3Vzci9zYmlu IC92YXIvbG9nIC91c3Ivc2hhcmUvc2VuZG1haWwtY2YKCWRvZGlyIC92YXIvc3Bvb2wve21xdWV1 ZSxjbGllbnRtcXVldWV9IC9ldGMvY29uZi5kCglrZWVwZGlyIC92YXIvc3Bvb2wve2NsaWVudG1x dWV1ZSxtcXVldWV9Cglmb3IgZGlyIGluIGxpYnNtdXRpbCBzZW5kbWFpbCBtYWlsc3RhdHMgcHJh bGlhc2VzIHNtcnNoIG1ha2VtYXAgdmFjYXRpb24gZWRpdG1hcAoJZG8KCQltYWtlIERFU1RESVI9 JHtEfSBNQU5ST09UPS91c3Ivc2hhcmUvbWFuL21hbiBcCgkJCVNCSU5PV049cm9vdCBTQklOR1JQ PXJvb3QgVUJJTk9XTj1yb290IFVCSU5HUlA9cm9vdCBcCgkJCU1BTk9XTj1yb290IE1BTkdSUD1y b290IElOQ09XTj1yb290IElOQ0dSUD1yb290IFwKCQkJTElCT1dOPXJvb3QgTElCR1JQPXJvb3Qg R0JJTk9XTj1yb290IEdCSU5HUlA9cm9vdCBcCgkJCU1TUFFPV049cm9vdCBDRk9XTj1yb290IENG R1JQPXJvb3QgXAoJCQlpbnN0YWxsIC1DICR7T0JKRElSfS8ke2Rpcn0gXAoJCQl8fCBkaWUgImlu c3RhbGwgZmFpbGVkIgoJZG9uZQoJZm9yIGRpciBpbiBybWFpbCBtYWlsLmxvY2FsCglkbwoJCW1h a2UgREVTVERJUj0ke0R9IE1BTlJPT1Q9L3Vzci9zaGFyZS9tYW4vbWFuIFwKCQkJU0JJTk9XTj1y b290IFNCSU5HUlA9cm9vdCBVQklOT1dOPXJvb3QgVUJJTkdSUD1yb290IFwKCQkJTUFOT1dOPXJv b3QgTUFOR1JQPXJvb3QgSU5DT1dOPXJvb3QgSU5DR1JQPXJvb3QgXAoJCQlMSUJPV049cm9vdCBM SUJHUlA9cm9vdCBHQklOT1dOPXJvb3QgR0JJTkdSUD1yb290IFwKCQkJTVNQUU9XTj1yb290IENG T1dOPXJvb3QgQ0ZHUlA9cm9vdCBcCgkJCWZvcmNlLWluc3RhbGwgLUMgJHtPQkpESVJ9LyR7ZGly fSBcCgkJCXx8IGRpZSAiaW5zdGFsbCBmYWlsZWQiCglkb25lCgoJZG9kaXIgL3Vzci9pbmNsdWRl L2xpYm1pbHRlcgoJCW1ha2UgREVTVERJUj0ke0R9IE1BTlJPT1Q9L3Vzci9zaGFyZS9tYW4vbWFu IFwKCQkJU0JJTk9XTj1yb290IFNCSU5HUlA9cm9vdCBVQklOT1dOPXJvb3QgVUJJTkdSUD1yb290 IFwKCQkJTUFOT1dOPXJvb3QgTUFOR1JQPXJvb3QgSU5DT1dOPXJvb3QgSU5DR1JQPXJvb3QgXAoJ CQlMSUJPV049cm9vdCBMSUJHUlA9cm9vdCBHQklOT1dOPXJvb3QgR0JJTkdSUD1yb290IFwKCQkJ TVNQUU9XTj1yb290IENGT1dOPXJvb3QgQ0ZHUlA9cm9vdCBcCgkJCWluc3RhbGwgLUMgJHtPQkpE SVJ9L2xpYm1pbHRlciBcCgkJCXx8IGRpZSAiaW5zdGFsbCBmYWlsZWQiCgoJZm93bmVycyByb290 OnNtbXNwIC91c3Ivc2Jpbi9zZW5kbWFpbAoJZnBlcm1zIDI1NTUgL3Vzci9zYmluL3NlbmRtYWls Cglmb3duZXJzIHNtbXNwOnNtbXNwIC92YXIvc3Bvb2wvY2xpZW50bXF1ZXVlCglmcGVybXMgNzcw IC92YXIvc3Bvb2wvY2xpZW50bXF1ZXVlCglmcGVybXMgNzAwIC92YXIvc3Bvb2wvbXF1ZXVlCglk b3N5bSAvdXNyL3NiaW4vbWFrZW1hcCAvdXNyL2Jpbi9tYWtlbWFwCglkb2RvYyBGQVEgTElDRU5T RSBLTk9XTkJVR1MgUkVBRE1FIFJFTEVBU0VfTk9URVMgZG9jL29wL29wLnBzCgluZXdkb2Mgc2Vu ZG1haWwvUkVBRE1FIFJFQURNRS5zZW5kbWFpbAoJbmV3ZG9jIHNlbmRtYWlsL1NFQ1VSSVRZIFNF Q1VSSVRZCgluZXdkb2Mgc2VuZG1haWwvVFVOSU5HIFRVTklORwoJbmV3ZG9jIHNtcnNoL1JFQURN RSBSRUFETUUuc21yc2gKCW5ld2RvYyBsaWJtaWx0ZXIvUkVBRE1FIFJFQURNRS5saWJtaWx0ZXIK CgluZXdkb2MgY2YvUkVBRE1FIFJFQURNRS5jZgoJbmV3ZG9jIGNmL2NmL1JFQURNRSBSRUFETUUu aW5zdGFsbC1jZgoJY3AgLXBQUiBjZi8qICR7RH0vdXNyL3NoYXJlL3NlbmRtYWlsLWNmCglpbnNp bnRvIC9ldGMvbWFpbAoJaWYgdXNlIG1ib3gKCXRoZW4KCQlkb2lucyAke0ZJTEVTRElSfS9zZW5k bWFpbC5tYwoJZWxzZQoJCW5ld2lucyAke0ZJTEVTRElSfS9zZW5kbWFpbC1wcm9jbWFpbC5tYyBz ZW5kbWFpbC5tYwoJZmkKCW00ICR7RH0vdXNyL3NoYXJlL3NlbmRtYWlsLWNmL200L2NmLm00ICR7 RH0vZXRjL21haWwvc2VuZG1haWwubWMgXAoJCT4gJHtEfS9ldGMvbWFpbC9zZW5kbWFpbC5jZgoJ ZWNobyAiaW5jbHVkZShcYC91c3Ivc2hhcmUvc2VuZG1haWwtY2YvbTQvY2YubTQnKWRubCIgXAoJ CT4gJHtEfS9ldGMvbWFpbC9zdWJtaXQubWMKCWNhdCAke0R9L3Vzci9zaGFyZS9zZW5kbWFpbC1j Zi9jZi9zdWJtaXQubWMgPj4gJHtEfS9ldGMvbWFpbC9zdWJtaXQubWMKCWVjaG8gIiMgbG9jYWwt aG9zdC1uYW1lcyAtIGluY2x1ZGUgYWxsIGFsaWFzZXMgZm9yIHlvdXIgbWFjaGluZSBoZXJlIiBc CgkJPiAke0R9L2V0Yy9tYWlsL2xvY2FsLWhvc3QtbmFtZXMKCWNhdCA8PC0gRU9GID4gJHtEfS9l dGMvbWFpbC90cnVzdGVkLXVzZXJzCgkJIyB0cnVzdGVkLXVzZXJzIC0gdXNlcnMgdGhhdCBjYW4g c2VuZCBtYWlsIGFzIG90aGVycyB3aXRob3V0IGEgd2FybmluZwoJCSMgYXBhY2hlLCBtYWlsbWFu LCBtYWpvcmRvbW8sIHV1Y3AgYXJlIGdvb2QgY2FuZGlkYXRlcwoJRU9GCgljYXQgPDwtIEVPRiA+ ICR7RH0vZXRjL21haWwvYWNjZXNzCgkJIyBDaGVjayB0aGUgL3Vzci9zaGFyZS9kb2Mvc2VuZG1h aWwvUkVBRE1FLmNmIGZpbGUgZm9yIGEgZGVzY3JpcHRpb24KCQkjIG9mIHRoZSBmb3JtYXQgb2Yg dGhpcyBmaWxlLiAoc2VhcmNoIGZvciBhY2Nlc3NfZGIgaW4gdGhhdCBmaWxlKQoJCSMgVGhlIC91 c3Ivc2hhcmUvZG9jL3NlbmRtYWlsL1JFQURNRS5jZiBpcyBwYXJ0IG9mIHRoZSBzZW5kbWFpbC1k b2MKCQkjIHBhY2thZ2UuCgkJIwoKCUVPRgoJY2F0IDw8LSBFT0YgPiAke0R9L2V0Yy9jb25mLmQv c2VuZG1haWwKCQkjIENvbmZpZyBmaWxlIGZvciAvZXRjL2luaXQuZC9zZW5kbWFpbAoJCSMgYWRk IHN0YXJ0LXVwIG9wdGlvbnMgaGVyZQoJCVNFTkRNQUlMX09QVFM9Ii1iZCAtcTMwbSAtTCBzbS1t dGEiICMgZGVmYXVsdCBkYWVtb24gbW9kZQoJCUNMSUVOVE1RVUVVRV9PUFRTPSItQWMgLXEzMG0g LUwgc20tY20iICMgY2xpZW50bXF1ZXVlCgkJS0lMTF9PUFRTPSIiICMgYWRkIC05Ly0xNS95b3Vy IGZhdm9yaXRlIGV2aWwgU0lHIGxldmVsIGhlcmUKCglFT0YKCWV4ZWludG8gL2V0Yy9pbml0LmQK CWRvZXhlICR7RklMRVNESVJ9L3NlbmRtYWlsCglrZWVwZGlyIC91c3IvYWRtL3NtLmJpbgoKCWlm IHVzZSBtYWlsd3JhcHBlcgoJdGhlbgoJCW12ICR7RH0vdXNyL3NiaW4vc2VuZG1haWwgJHtEfS91 c3Ivc2Jpbi9zZW5kbWFpbC5zZW5kbWFpbAoJCWluc2ludG8gL2V0Yy9tYWlsCgkJZG9pbnMgJHtG SUxFU0RJUn0vbWFpbGVyLmNvbmYKCQlybSAke0R9L3Vzci9iaW4vbWFpbHEKCQlybSAke0R9L3Vz ci9iaW4vbmV3YWxpYXNlcwoJCW12ICR7RH0vdXNyL3NoYXJlL21hbi9tYW44L3NlbmRtYWlsLjgg XAoJCQkke0R9L3Vzci9zaGFyZS9tYW4vbWFuOC9zZW5kbWFpbC1zZW5kbWFpbC44CgkJbXYgJHtE fS91c3Ivc2hhcmUvbWFuL21hbjEvbWFpbHEuMSBcCgkJCSR7RH0vdXNyL3NoYXJlL21hbi9tYW4x L21haWxxLXNlbmRtYWlsLjEKCQltdiAke0R9L3Vzci9zaGFyZS9tYW4vbWFuMS9uZXdhbGlhc2Vz LjEgXAoJCQkke0R9L3Vzci9zaGFyZS9tYW4vbWFuMS9uZXdhbGlhc2VzLXNlbmRtYWlsLjEKCQlt diAke0R9L3Vzci9zaGFyZS9tYW4vbWFuNS9hbGlhc2VzLjUgXAoJCQkke0R9L3Vzci9zaGFyZS9t YW4vbWFuNS9hbGlhc2VzLXNlbmRtYWlsLjUKCQlkb3NlZCAncy99IHNlbmRtYWlsL30gc2VuZG1h aWwuc2VuZG1haWwvJyAvZXRjL2luaXQuZC9zZW5kbWFpbAoJCWRvc2VkICdzL3NiaW5cL3NlbmRt YWlsL3NiaW5cL3NlbmRtYWlsLnNlbmRtYWlsLycgL2V0Yy9pbml0LmQvc2VuZG1haWwKCWZpCgp9 Cgpwa2dfc2V0dXAoKSB7CgllaW5mbyAiY2hlY2tpbmcgZm9yIHNtbXNwIGdyb3VwLi4uICAgIGNy ZWF0ZSBpZiBtaXNzaW5nLiIKCWVuZXdncm91cCBzbW1zcCAyMDkgfHwgZGllICJwcm9ibGVtIGFk ZGluZyBncm91cCBzbW1zcCIKCWVpbmZvICJjaGVja2luZyBmb3Igc21tc3AgdXNlci4uLiAgICAg Y3JlYXRlIGlmIG1pc3NpbmcuIgoJZW5ld3VzZXIgc21tc3AgMjA5IC0xIC92YXIvc3Bvb2wvbXF1 ZXVlIHNtbXNwIFwKCQl8fCBkaWUgInByb2JsZW0gYWRkaW5nIHVzZXIgc21tc3AiCn0KCnBrZ19w b3N0aW5zdCgpIHsKCWlmICEgdXNlIG1haWx3cmFwcGVyICYmIFtbIC1lIC9ldGMvbWFpbGVyLmNv bmYgXV0KCXRoZW4KCQllaW5mbwoJCWVpbmZvICJTaW5jZSB5b3UgZW1lcmdlZCBzZW5kbWFpbCB3 aXRob3V0IG1haWx3cmFwcGVyIGluIFVTRSwiCgkJZWluZm8gInlvdSBwcm9iYWJseSB3YW50IHRv ICdlbWVyZ2UgLUMgbWFpbHdyYXBwZXInIG5vdy4iCgkJZWluZm8KCWZpCn0K