225477 CVE-2008-1947 2008-06-08 23:02 0000 www-servers/tomcat <5.5.27 <6.0.18 Information disclosure and XSS (CVE-2008-{1232,1947,2370,2938}) 2008-11-26 18:40:55 0000 1 1 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED FIXED http://marc.info/?l=tomcat-user&m=121244319501278&w=2 B3 [noglsa] P2 minor --- 234684 237409 1 rbu@gentoo.org security@gentoo.org gentili@gerix.it java@gentoo.org wltjr@gentoo.org rbu@gentoo.org 2008-06-08 23:02:47 0000 CVE-2008-1947 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1947): Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add. rbu@gentoo.org 2008-06-08 23:05:02 0000 http://tomcat.apache.org/security-6.html: "Fixed in Apache Tomcat 6.0.SVN low: Cross-site scripting CVE-2008-1947 The Host Manager web application did not escape user provided data before including it in the output. This enabled a XSS attack. This application now filters the data before use. This issue may be mitigated by logging out (closing the browser) of the application once the management tasks have been completed. Affects: 6.0.0-6.0.16" http://tomcat.apache.org/security-5.html: "Fixed in Apache Tomcat 5.5.SVN low: Cross-site scripting CVE-2008-1947 The Host Manager web application did not escape user provided data before including it in the output. This enabled a XSS attack. This application now filters the data before use. This issue may be mitigated by logging out (closing the browser) of the application once the management tasks have been completed. Affects: 5.5.9-5.5.26" wltjr@gentoo.org 2008-06-16 15:53:08 0000 Seems like a re-occurrence of bug 182262, and http://cve.mitre.org/cgi-bin/cvename.cgi?name=2007-2450 There have been warnings in the ebuild for manager and example apps for a while now. I don't see a reason or need to take further action. At least till upstream releases another version. Hopefully with a fix, but with the re-occurrence of bugs relating to unescaped stuff. I would just assume leave the warnings for a period even beyond upstream addressing the issue. As I have since the last bug, and here we have another :) anton.bugs@gmail.com 2008-08-01 22:43:19 0000 The new version is out. It fixes another vulnerability: CVE-2008-1232 Mitigation: 6.0.x users should upgrade to 6.0.18 5.5.x users should obtain the latest source from svn or apply this patch which will be included from 5.5.27 http://svn.apache.org/viewvc?rev=680947&view=rev rbu@gentoo.org 2008-08-02 12:12:12 0000 wltjr, there's a 6.0.18 release fixing the three issues. For 5.5, there is none yet. Do you know if there is one planned for the near future? wltjr@gentoo.org 2008-08-02 20:50:22 0000 I added 6.0.18, I am traveling on business I have no info on 5.5.x at this time. I will comment when I have more info there. anton.bugs@gmail.com 2008-08-12 02:48:19 0000 One more critical vulnerability has been published: CVE-2008-2938: Title: Apache Tomcat Directory Traversal Vulnerability Severity: High Impact: Remote File Disclosure Solution: upgrade to 6.0.18 I guess 6.0.18 should go stable as soon as possible. wltjr@gentoo.org 2008-08-13 22:23:28 0000 *** Bug 234441 has been marked as a duplicate of this bug. *** rbu@gentoo.org 2008-08-14 11:29:23 0000 Stabling of =www-servers/tomcat-6.0.18 is handled in blocking bug. We're still waiting for the 5.5* release. wltjr@gentoo.org 2008-08-15 21:17:45 0000 5.5.x might see a new release sometime first part of next week. wltjr@gentoo.org 2008-08-27 11:29:38 0000 6.0.18 is stable now, I think we can close the other bug, but will let someone from security do that. This one can remain. Still waiting on upstream for 5.5.x. They are having issues with patching and building. Present status is discussion under a thread on the tomcat -dev ml called 5.5.27 blocker: URIEncoding UTF-8 broken for 5.5.trunk So once they resolve that, can build 5.5.27 or what ever version when released. Not much I can do. I don't think I can even patch the one in tree, based on what I am seeing going on with upstream. They aren't having an easy time, so I doubt I will do any better :) rbu@gentoo.org 2008-08-27 13:50:25 0000 (In reply to comment #10) > Still waiting on upstream for 5.5.x. They are having issues with patching and > building. Thanks, please keep us updated when the issue is resolved. wltjr@gentoo.org 2008-08-29 12:25:19 0000 5.5.27 release testing binaries are out. A full release should be coming in a couple days. I will bump as soon as upstream stamps and releases 5.5.27 sources. rbu@gentoo.org 2008-09-11 15:15:47 0000 Anyone able to bump to 5.5.27 ? fordfrog@gentoo.org 2008-09-11 17:29:36 0000 As wltjr does not maintain tomcat anymore, I bumped tomcat to 5.5.27. I suppose this bug should be closed so closing it. If not then pls reopen it. rbu@gentoo.org 2008-09-11 17:53:47 0000 Miroslav, please do not close security bugs. Also, we're usually handling stablings on the bug itself. rbu@gentoo.org 2008-09-11 17:54:08 0000 (reopening) rbu@gentoo.org 2008-09-11 17:54:37 0000 *** Bug 237409 has been marked as a duplicate of this bug. *** rbu@gentoo.org 2008-09-11 17:56:37 0000 Arches, please test and mark stable: =www-servers/tomcat-5.5.27 Target keywords : "amd64 x86" maekke@gentoo.org 2008-09-11 19:40:11 0000 Created an attachment (id=165211) www-servers:tomcat-5.5.27:20080911-193515.log fails on amd64/x86 with ibm-jdk-1.{4,6}. www-servers/tomcat-5.5.27 [5.5.26] USE="doc examples java5 source test -admin*" GENTOO_VM=ibm-jdk-bin-1.6 CLASSPATH="" JAVA_HOME="/opt/ibm-jdk-bin-1.6.0.1" JAVACFLAGS="-source 1.5 -target 1.5" COMPILER="javac" Portage 2.1.4.4 (default/linux/amd64/2008.0/desktop, gcc-4.1.2, glibc-2.6.1-r0, 2.6.26.3 x86_64) ================================================================= System uname: 2.6.26.3 x86_64 Intel(R) Core(TM)2 Duo CPU T8300 @ 2.40GHz Timestamp of tree: Thu, 11 Sep 2008 19:00:01 +0000 app-shells/bash: 3.2_p33 dev-java/java-config: 1.3.7, 2.1.6 dev-lang/python: 2.5.2-r7 dev-python/pycrypto: 2.0.1-r6 sys-apps/baselayout: 1.12.11.1 sys-apps/sandbox: 1.2.18.1-r2 sys-devel/autoconf: 2.13, 2.61-r2 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.1 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.23-r3 ACCEPT_KEYWORDS="amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /opt/openfire/resources/security/ /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/config /var/bind /var/lib/hsqldb /var/spool/torque" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/splash /etc/terminfo /etc/texmf/web2c /etc/udev/rules.d" CXXFLAGS="-O2 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="collision-protect distlocks metadata-transfer multilib-strict parallel-fetch sandbox sfperms strict test unmerge-orphans userfetch userpriv usersandbox" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" LDFLAGS="-Wl,-O1" MAKEOPTS="-j2" PKGDIR="/mnt/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="X acl acpi alsa amd64 apache2 berkdb bluetooth branding bzip2 cairo cdr cli cracklib crypt cups dbus doc dri dvd dvdr dvdread eds emboss encode esd evo examples fam firefox fortran gdbm gif gnome gpm gstreamer gtk hal iconv ipv6 isdnlog jpeg kde kerberos ldap libnotify mad midi mikmod mmx mp3 mpeg mudflap multilib ncurses nls nptl nptlonly nsplugin ogg opengl openmp pam pcre pdf perl png ppds pppd python qt3 qt3support qt4 quicktime readline reflection sdl session source spell spl sse sse2 ssl startup-notification svg sysfs tcpd test tiff truetype unicode usb vorbis xml xorg xv zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU" VIDEO_CARDS="fbdev glint i810 mach64 mga neomagic nv r128 radeon savage sis tdfx trident vesa vga via vmware voodoo" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY fordfrog@gentoo.org 2008-09-12 10:12:49 0000 The same problem occurs with tomcat-5.5.26 which was made stable. The problem is tomcat uses Sun specific packages so tomcat will build only with Sun JDKs. I'll look for a solution that will fail more user friendly. fordfrog@gentoo.org 2008-09-12 17:14:16 0000 The problem with com.sun.* packages should be fixed in CVS now. Please also stabilize java-virtuals/jdk-with-com-sun-20080505-r1, I had to add blackdown-jdk-1.4.2 to the virtuals so a 1.4 JDK with com.sun.* packages is available on amd64 systems. maekke@gentoo.org 2008-09-17 21:46:13 0000 amd64/x86 stable, thanks for the quick responses in #gentoo-java. all arches done. py@gentoo.org 2008-09-18 22:00:11 0000 both 5.5 and 6.0 are stable, now time to vote... I vote NO glsa. craig@gentoo.org 2008-10-04 01:54:08 0000 Shouldn't 5.5.26 get masked? rbu@gentoo.org 2008-11-26 18:40:55 0000 NO as well, closing. 165211 2008-09-11 19:40 0000 www-servers:tomcat-5.5.27:20080911-193515.log www-servers:tomcat-5.5.27:20080911-193515.log text/plain IBtbMzI7MDFtKhtbMG0gVXNpbmc6IGlibS1qZGstYmluLTEuNgo+Pj4gVW5wYWNraW5nIHNvdXJj ZS4uLgo+Pj4gVW5wYWNraW5nIGFwYWNoZS10b21jYXQtNS41LjI3LXNyYy50YXIuZ3ogdG8gL3Zh ci90bXAvcG9ydGFnZS93d3ctc2VydmVycy90b21jYXQtNS41LjI3L3dvcmsKIBtbMzI7MDFtKhtb MG0gQXBwbHlpbmcgMjYtbWFpbl90b21jYXRfY2F0YWxpbmFfamFzcGVyX2J1aWxkX3htbC5wYXRj aCAuLi4KG1tBG1sxNDlDICAbWzM0OzAxbVsgG1szMjswMW1vaxtbMzQ7MDFtIF0bWzBtCiAbWzMy OzAxbSobWzBtIEFwcGx5aW5nIGpzcjE1Ml9qc3IxNTRfZXhhbXBsZXNfYnVpbGRfeG1sLnBhdGNo IC4uLgobW0EbWzE0OUMgIBtbMzQ7MDFtWyAbWzMyOzAxbW9rG1szNDswMW0gXRtbMG0KPj4+IFNv dXJjZSB1bnBhY2tlZC4KPj4+IENvbXBpbGluZyBzb3VyY2UgaW4gL3Zhci90bXAvcG9ydGFnZS93 d3ctc2VydmVycy90b21jYXQtNS41LjI3L3dvcmsvYXBhY2hlLXRvbWNhdC01LjUuMjctc3JjIC4u LgpSZXdyaXRpbmcgc291cmNlIGF0dHJpYnV0ZXMKVXNpbmcgU2F4IHRvIHJld3JpdGUgdGhlIGJ1 aWxkLnhtbCBmaWxlcwpSZXdyaXRpbmcgLi9jb250YWluZXIvbW9kdWxlcy9ncm91cGNvbS9idWls ZC54bWwKUmV3cml0aW5nIC4vY29udGFpbmVyL21vZHVsZXMvaGEvYnVpbGQueG1sClJld3JpdGlu ZyAuL2NvbnRhaW5lci9tb2R1bGVzL2J1aWxkLnhtbApSZXdyaXRpbmcgLi9jb250YWluZXIvbW9k dWxlcy9jbHVzdGVyL2J1aWxkLnhtbApSZXdyaXRpbmcgLi9jb250YWluZXIvbW9kdWxlcy9jbHVz dGVyL3Rlc3QvYnVpbGQueG1sClJld3JpdGluZyAuL2NvbnRhaW5lci9tb2R1bGVzL3N0b3JlY29u ZmlnLWhhL2J1aWxkLnhtbApSZXdyaXRpbmcgLi9jb250YWluZXIvbW9kdWxlcy9zdG9yZWNvbmZp Zy1oYS90ZXN0L2J1aWxkLnhtbApSZXdyaXRpbmcgLi9jb250YWluZXIvbW9kdWxlcy9zdG9yZWNv bmZpZy9idWlsZC54bWwKUmV3cml0aW5nIC4vY29udGFpbmVyL21vZHVsZXMvc3RvcmVjb25maWcv dGVzdC9idWlsZC54bWwKUmV3cml0aW5nIC4vY29udGFpbmVyL2J1aWxkLnhtbApSZXdyaXRpbmcg Li9jb250YWluZXIvdGVzdGVyL2J1aWxkLnhtbApSZXdyaXRpbmcgLi9jb250YWluZXIvY2F0YWxp bmEvYnVpbGQueG1sClJld3JpdGluZyAuL2NvbnRhaW5lci93ZWJhcHBzL21hbmFnZXIvYnVpbGQu eG1sClJld3JpdGluZyAuL2NvbnRhaW5lci93ZWJhcHBzL2hvc3QtbWFuYWdlci9idWlsZC54bWwK UmV3cml0aW5nIC4vY29udGFpbmVyL3dlYmFwcHMvYnVpbGQueG1sClJld3JpdGluZyAuL2NvbnRh aW5lci93ZWJhcHBzL1JPT1QvYnVpbGQueG1sClJld3JpdGluZyAuL2NvbnRhaW5lci93ZWJhcHBz L2pteHJlbW90ZS9idWlsZC54bWwKUmV3cml0aW5nIC4vY29udGFpbmVyL3dlYmFwcHMvd2ViZGF2 L2J1aWxkLnhtbApSZXdyaXRpbmcgLi9jb250YWluZXIvd2ViYXBwcy9kb2NzL2J1aWxkLnhtbApS ZXdyaXRpbmcgLi9jb250YWluZXIvd2ViYXBwcy9iYWxhbmNlci9idWlsZC54bWwKUmV3cml0aW5n IC4vY29udGFpbmVyL3dlYmFwcHMvYWRtaW4vYnVpbGQueG1sClJld3JpdGluZyAuL2J1aWxkL3Jl c291cmNlcy9idWlsZC54bWwKUmV3cml0aW5nIC4vYnVpbGQvcmVzb3VyY2VzL2RlcGxveWVyL2J1 aWxkLnhtbApSZXdyaXRpbmcgLi9idWlsZC9idWlsZC54bWwKUmV3cml0aW5nIC4vYnVpbGQvYmlu L2J1aWxkLnhtbApSZXdyaXRpbmcgLi9idWlsZC9iaW4vZGVwbG95ZXIvYnVpbGQueG1sClJld3Jp dGluZyAuL2J1aWxkLnhtbApSZXdyaXRpbmcgLi9qYXNwZXIvYnVpbGQueG1sClJld3JpdGluZyAu L3NlcnZsZXRhcGkvanNyMTUyL2J1aWxkLnhtbApSZXdyaXRpbmcgLi9zZXJ2bGV0YXBpL2pzcjE1 NC9idWlsZC54bWwKUmV3cml0aW5nIC4vY29ubmVjdG9ycy9odHRwMTEvYnVpbGQueG1sClJld3Jp dGluZyAuL2Nvbm5lY3RvcnMvam5pL2J1aWxkLnhtbApSZXdyaXRpbmcgLi9jb25uZWN0b3JzL2pu aS94ZG9jcy9idWlsZC54bWwKUmV3cml0aW5nIC4vY29ubmVjdG9ycy9idWlsZC54bWwKUmV3cml0 aW5nIC4vY29ubmVjdG9ycy9qay9idWlsZC54bWwKUmV3cml0aW5nIC4vY29ubmVjdG9ycy9qay94 ZG9jcy9idWlsZC54bWwKUmV3cml0aW5nIC4vY29ubmVjdG9ycy9qay9uYXRpdmUvYnVpbGQueG1s ClJld3JpdGluZyAuL2Nvbm5lY3RvcnMvamsvamtzdGF0dXMvYnVpbGQueG1sClJld3JpdGluZyAu L2Nvbm5lY3RvcnMvamsvamtzdGF0dXMvdGVzdC9idWlsZC54bWwKUmV3cml0aW5nIC4vY29ubmVj dG9ycy9qdWxpL2J1aWxkLnhtbApSZXdyaXRpbmcgLi9jb25uZWN0b3JzL3V0aWwvYnVpbGQueG1s ClJld3JpdGluZyAuL2Nvbm5lY3RvcnMvY295b3RlL2J1aWxkLnhtbApSZXdyaXRpbmcgdGFyZ2V0 IGF0dHJpYnV0ZXMKVXNpbmcgU2F4IHRvIHJld3JpdGUgdGhlIGJ1aWxkLnhtbCBmaWxlcwpSZXdy aXRpbmcgLi9jb250YWluZXIvbW9kdWxlcy9ncm91cGNvbS9idWlsZC54bWwKUmV3cml0aW5nIC4v Y29udGFpbmVyL21vZHVsZXMvaGEvYnVpbGQueG1sClJld3JpdGluZyAuL2NvbnRhaW5lci9tb2R1 bGVzL2J1aWxkLnhtbApSZXdyaXRpbmcgLi9jb250YWluZXIvbW9kdWxlcy9jbHVzdGVyL2J1aWxk LnhtbApSZXdyaXRpbmcgLi9jb250YWluZXIvbW9kdWxlcy9jbHVzdGVyL3Rlc3QvYnVpbGQueG1s ClJld3JpdGluZyAuL2NvbnRhaW5lci9tb2R1bGVzL3N0b3JlY29uZmlnLWhhL2J1aWxkLnhtbApS ZXdyaXRpbmcgLi9jb250YWluZXIvbW9kdWxlcy9zdG9yZWNvbmZpZy1oYS90ZXN0L2J1aWxkLnht bApSZXdyaXRpbmcgLi9jb250YWluZXIvbW9kdWxlcy9zdG9yZWNvbmZpZy9idWlsZC54bWwKUmV3 cml0aW5nIC4vY29udGFpbmVyL21vZHVsZXMvc3RvcmVjb25maWcvdGVzdC9idWlsZC54bWwKUmV3 cml0aW5nIC4vY29udGFpbmVyL2J1aWxkLnhtbApSZXdyaXRpbmcgLi9jb250YWluZXIvdGVzdGVy L2J1aWxkLnhtbApSZXdyaXRpbmcgLi9jb250YWluZXIvY2F0YWxpbmEvYnVpbGQueG1sClJld3Jp dGluZyAuL2NvbnRhaW5lci93ZWJhcHBzL21hbmFnZXIvYnVpbGQueG1sClJld3JpdGluZyAuL2Nv bnRhaW5lci93ZWJhcHBzL2hvc3QtbWFuYWdlci9idWlsZC54bWwKUmV3cml0aW5nIC4vY29udGFp bmVyL3dlYmFwcHMvYnVpbGQueG1sClJld3JpdGluZyAuL2NvbnRhaW5lci93ZWJhcHBzL1JPT1Qv YnVpbGQueG1sClJld3JpdGluZyAuL2NvbnRhaW5lci93ZWJhcHBzL2pteHJlbW90ZS9idWlsZC54 bWwKUmV3cml0aW5nIC4vY29udGFpbmVyL3dlYmFwcHMvd2ViZGF2L2J1aWxkLnhtbApSZXdyaXRp bmcgLi9jb250YWluZXIvd2ViYXBwcy9kb2NzL2J1aWxkLnhtbApSZXdyaXRpbmcgLi9jb250YWlu ZXIvd2ViYXBwcy9iYWxhbmNlci9idWlsZC54bWwKUmV3cml0aW5nIC4vY29udGFpbmVyL3dlYmFw cHMvYWRtaW4vYnVpbGQueG1sClJld3JpdGluZyAuL2J1aWxkL3Jlc291cmNlcy9idWlsZC54bWwK UmV3cml0aW5nIC4vYnVpbGQvcmVzb3VyY2VzL2RlcGxveWVyL2J1aWxkLnhtbApSZXdyaXRpbmcg Li9idWlsZC9idWlsZC54bWwKUmV3cml0aW5nIC4vYnVpbGQvYmluL2J1aWxkLnhtbApSZXdyaXRp bmcgLi9idWlsZC9iaW4vZGVwbG95ZXIvYnVpbGQueG1sClJld3JpdGluZyAuL2J1aWxkLnhtbApS ZXdyaXRpbmcgLi9qYXNwZXIvYnVpbGQueG1sClJld3JpdGluZyAuL3NlcnZsZXRhcGkvanNyMTUy L2J1aWxkLnhtbApSZXdyaXRpbmcgLi9zZXJ2bGV0YXBpL2pzcjE1NC9idWlsZC54bWwKUmV3cml0 aW5nIC4vY29ubmVjdG9ycy9odHRwMTEvYnVpbGQueG1sClJld3JpdGluZyAuL2Nvbm5lY3RvcnMv am5pL2J1aWxkLnhtbApSZXdyaXRpbmcgLi9jb25uZWN0b3JzL2puaS94ZG9jcy9idWlsZC54bWwK UmV3cml0aW5nIC4vY29ubmVjdG9ycy9idWlsZC54bWwKUmV3cml0aW5nIC4vY29ubmVjdG9ycy9q ay9idWlsZC54bWwKUmV3cml0aW5nIC4vY29ubmVjdG9ycy9qay94ZG9jcy9idWlsZC54bWwKUmV3 cml0aW5nIC4vY29ubmVjdG9ycy9qay9uYXRpdmUvYnVpbGQueG1sClJld3JpdGluZyAuL2Nvbm5l Y3RvcnMvamsvamtzdGF0dXMvYnVpbGQueG1sClJld3JpdGluZyAuL2Nvbm5lY3RvcnMvamsvamtz dGF0dXMvdGVzdC9idWlsZC54bWwKUmV3cml0aW5nIC4vY29ubmVjdG9ycy9qdWxpL2J1aWxkLnht bApSZXdyaXRpbmcgLi9jb25uZWN0b3JzL3V0aWwvYnVpbGQueG1sClJld3JpdGluZyAuL2Nvbm5l Y3RvcnMvY295b3RlL2J1aWxkLnhtbApSZXdyaXRpbmcgbm93YXJuIGF0dHJpYnV0ZXMKVXNpbmcg U2F4IHRvIHJld3JpdGUgdGhlIGJ1aWxkLnhtbCBmaWxlcwpSZXdyaXRpbmcgLi9jb250YWluZXIv bW9kdWxlcy9ncm91cGNvbS9idWlsZC54bWwKUmV3cml0aW5nIC4vY29udGFpbmVyL21vZHVsZXMv aGEvYnVpbGQueG1sClJld3JpdGluZyAuL2NvbnRhaW5lci9tb2R1bGVzL2J1aWxkLnhtbApSZXdy aXRpbmcgLi9jb250YWluZXIvbW9kdWxlcy9jbHVzdGVyL2J1aWxkLnhtbApSZXdyaXRpbmcgLi9j b250YWluZXIvbW9kdWxlcy9jbHVzdGVyL3Rlc3QvYnVpbGQueG1sClJld3JpdGluZyAuL2NvbnRh aW5lci9tb2R1bGVzL3N0b3JlY29uZmlnLWhhL2J1aWxkLnhtbApSZXdyaXRpbmcgLi9jb250YWlu ZXIvbW9kdWxlcy9zdG9yZWNvbmZpZy1oYS90ZXN0L2J1aWxkLnhtbApSZXdyaXRpbmcgLi9jb250 YWluZXIvbW9kdWxlcy9zdG9yZWNvbmZpZy9idWlsZC54bWwKUmV3cml0aW5nIC4vY29udGFpbmVy L21vZHVsZXMvc3RvcmVjb25maWcvdGVzdC9idWlsZC54bWwKUmV3cml0aW5nIC4vY29udGFpbmVy L2J1aWxkLnhtbApSZXdyaXRpbmcgLi9jb250YWluZXIvdGVzdGVyL2J1aWxkLnhtbApSZXdyaXRp bmcgLi9jb250YWluZXIvY2F0YWxpbmEvYnVpbGQueG1sClJld3JpdGluZyAuL2NvbnRhaW5lci93 ZWJhcHBzL21hbmFnZXIvYnVpbGQueG1sClJld3JpdGluZyAuL2NvbnRhaW5lci93ZWJhcHBzL2hv c3QtbWFuYWdlci9idWlsZC54bWwKUmV3cml0aW5nIC4vY29udGFpbmVyL3dlYmFwcHMvYnVpbGQu eG1sClJld3JpdGluZyAuL2NvbnRhaW5lci93ZWJhcHBzL1JPT1QvYnVpbGQueG1sClJld3JpdGlu ZyAuL2NvbnRhaW5lci93ZWJhcHBzL2pteHJlbW90ZS9idWlsZC54bWwKUmV3cml0aW5nIC4vY29u dGFpbmVyL3dlYmFwcHMvd2ViZGF2L2J1aWxkLnhtbApSZXdyaXRpbmcgLi9jb250YWluZXIvd2Vi YXBwcy9kb2NzL2J1aWxkLnhtbApSZXdyaXRpbmcgLi9jb250YWluZXIvd2ViYXBwcy9iYWxhbmNl ci9idWlsZC54bWwKUmV3cml0aW5nIC4vY29udGFpbmVyL3dlYmFwcHMvYWRtaW4vYnVpbGQueG1s ClJld3JpdGluZyAuL2J1aWxkL3Jlc291cmNlcy9idWlsZC54bWwKUmV3cml0aW5nIC4vYnVpbGQv cmVzb3VyY2VzL2RlcGxveWVyL2J1aWxkLnhtbApSZXdyaXRpbmcgLi9idWlsZC9idWlsZC54bWwK UmV3cml0aW5nIC4vYnVpbGQvYmluL2J1aWxkLnhtbApSZXdyaXRpbmcgLi9idWlsZC9iaW4vZGVw bG95ZXIvYnVpbGQueG1sClJld3JpdGluZyAuL2J1aWxkLnhtbApSZXdyaXRpbmcgLi9qYXNwZXIv YnVpbGQueG1sClJld3JpdGluZyAuL3NlcnZsZXRhcGkvanNyMTUyL2J1aWxkLnhtbApSZXdyaXRp bmcgLi9zZXJ2bGV0YXBpL2pzcjE1NC9idWlsZC54bWwKUmV3cml0aW5nIC4vY29ubmVjdG9ycy9o dHRwMTEvYnVpbGQueG1sClJld3JpdGluZyAuL2Nvbm5lY3RvcnMvam5pL2J1aWxkLnhtbApSZXdy aXRpbmcgLi9jb25uZWN0b3JzL2puaS94ZG9jcy9idWlsZC54bWwKUmV3cml0aW5nIC4vY29ubmVj dG9ycy9idWlsZC54bWwKUmV3cml0aW5nIC4vY29ubmVjdG9ycy9qay9idWlsZC54bWwKUmV3cml0 aW5nIC4vY29ubmVjdG9ycy9qay94ZG9jcy9idWlsZC54bWwKUmV3cml0aW5nIC4vY29ubmVjdG9y cy9qay9uYXRpdmUvYnVpbGQueG1sClJld3JpdGluZyAuL2Nvbm5lY3RvcnMvamsvamtzdGF0dXMv YnVpbGQueG1sClJld3JpdGluZyAuL2Nvbm5lY3RvcnMvamsvamtzdGF0dXMvdGVzdC9idWlsZC54 bWwKUmV3cml0aW5nIC4vY29ubmVjdG9ycy9qdWxpL2J1aWxkLnhtbApSZXdyaXRpbmcgLi9jb25u ZWN0b3JzL3V0aWwvYnVpbGQueG1sClJld3JpdGluZyAuL2Nvbm5lY3RvcnMvY295b3RlL2J1aWxk LnhtbAogG1szMjswMW0qG1swbSBVc2luZyBmb2xsb3dpbmcgQU5UX1RBU0tTOiBhbnQtdHJheApC dWlsZGZpbGU6IGJ1aWxkLnhtbAoKY2hlY2suc291cmNlOgoKZ2V0LnNvdXJjZToKCmJ1aWxkOgoK cHJveHlmbGFnczoKCmRvd25sb2FkOgoKaW5pdDoKICAgIFtta2Rpcl0gQ3JlYXRlZCBkaXI6IC92 YXIvdG1wL3BvcnRhZ2Uvd3d3LXNlcnZlcnMvdG9tY2F0LTUuNS4yNy93b3JrL2FwYWNoZS10b21j YXQtNS41LjI3LXNyYy9idWlsZC9idWlsZC9jbGFzc2VzCgpidWlsZC1kZXBlbmRzOgoKYnVpbGQt c2VydmxldGFwaToKCmJ1aWxkLWpzcGFwaToKCmluaXQ6CgpkZXBsb3ktc3RhdGljOgoKYnVpbGQ6 Cgppbml0OgoKYnVpbGQtdG9tY2F0YXByOgogICAgIFtlY2hvXSA9PT09PT09PT09IEJ1aWxkaW5n OiB0b21jYXQtYXByIAoKY29tcGlsZS1vbmx5OgogICAgW2phdmFjXSBDb21waWxpbmcgMzQgc291 cmNlIGZpbGVzIHRvIC92YXIvdG1wL3BvcnRhZ2Uvd3d3LXNlcnZlcnMvdG9tY2F0LTUuNS4yNy93 b3JrL2FwYWNoZS10b21jYXQtNS41LjI3LXNyYy9idWlsZC9idWlsZC9jbGFzc2VzCiAgICAgW2Nv cHldIENvcHlpbmcgMiBmaWxlcyB0byAvdmFyL3RtcC9wb3J0YWdlL3d3dy1zZXJ2ZXJzL3RvbWNh dC01LjUuMjcvd29yay9hcGFjaGUtdG9tY2F0LTUuNS4yNy1zcmMvYnVpbGQvYnVpbGQvY2xhc3Nl cwogICAgICBbamFyXSBCdWlsZGluZyBqYXI6IC92YXIvdG1wL3BvcnRhZ2Uvd3d3LXNlcnZlcnMv dG9tY2F0LTUuNS4yNy93b3JrL2FwYWNoZS10b21jYXQtNS41LjI3LXNyYy9idWlsZC9idWlsZC9z ZXJ2ZXIvbGliL3RvbWNhdC1hcHIuamFyCgpidWlsZC10b21jYXR1dGlsOgogICAgIFtlY2hvXSA9 PT09PT09PT09IEJ1aWxkaW5nOiB0b21jYXQtdXRpbCB0byAvdmFyL3RtcC9wb3J0YWdlL3d3dy1z ZXJ2ZXJzL3RvbWNhdC01LjUuMjcvd29yay9hcGFjaGUtdG9tY2F0LTUuNS4yNy1zcmMvYnVpbGQv YnVpbGQgCgpkZXRlY3Q6CgpidWlsZC1wcmVwYXJlOgoKdG9tY2F0LXV0aWwuamFyOgogICAgIFtl Y2hvXSAtLS0tLSBKYXZhLXV0aWxzIC0tLS0tCiAgICAgW2VjaG9dIC0tIHB1cmV0bHMucHJlc2Vu dCA9ICR7cHVyZXRscy5wcmVzZW50fQogICAgIFtlY2hvXSAtLSBqc3NlLnByZXNlbnQgPSB0cnVl IC92YXIvdG1wL3BvcnRhZ2Uvd3d3LXNlcnZlcnMvdG9tY2F0LTUuNS4yNy90ZW1wL2pzc2UtMS4w LjMvbGliL2pzc2UuamFyCiAgICAgW2VjaG9dIC0tIGNvbW1vbnMtbG9nZ2luZyA9IHRydWUKICAg ICBbZWNob10gLS0gam14ID0gJHtqbXgucHJlc2VudH0gL3Zhci90bXAvcG9ydGFnZS93d3ctc2Vy dmVycy90b21jYXQtNS41LjI3L3RlbXAvbXg0ai0zLjAuMi9saWIvbXg0ai5qYXIKICAgICBbZWNo b10gLS0gbW9kZWxlciA9IHRydWUgL3Vzci9zaGFyZS9jb21tb25zLW1vZGVsZXIvbGliL2NvbW1v bnMtbW9kZWxlci5qYXIKICAgICBbZWNob10gLS0gc2tpcC5kaWdlc3RlciA9ICR7c2tpcC5kaWdl c3Rlcn0KICAgICBbZWNob10gLS0gSkRLMTQgPSB0cnVlCiAgICAgW2VjaG9dIC0tIEpESzE1ID0g dHJ1ZQogICAgW2phdmFjXSBDb21waWxpbmcgOTQgc291cmNlIGZpbGVzIHRvIC92YXIvdG1wL3Bv cnRhZ2Uvd3d3LXNlcnZlcnMvdG9tY2F0LTUuNS4yNy93b3JrL2FwYWNoZS10b21jYXQtNS41LjI3 LXNyYy9idWlsZC9idWlsZC9jbGFzc2VzCiAgICBbamF2YWNdIC92YXIvdG1wL3BvcnRhZ2Uvd3d3 LXNlcnZlcnMvdG9tY2F0LTUuNS4yNy93b3JrL2FwYWNoZS10b21jYXQtNS41LjI3LXNyYy9jb25u ZWN0b3JzL3V0aWwvamF2YS9vcmcvYXBhY2hlL3RvbWNhdC91dGlsL25ldC9qc3NlL0pTU0UxM1Nv Y2tldEZhY3RvcnkuamF2YTo3NzogcGFja2FnZSBjb20uc3VuLm5ldC5zc2wuaW50ZXJuYWwuc3Ns IGRvZXMgbm90IGV4aXN0CiAgICBbamF2YWNdICAgICAgICAgICAgIFNlY3VyaXR5LmFkZFByb3Zp ZGVyIChuZXcgY29tLnN1bi5uZXQuc3NsLmludGVybmFsLnNzbC5Qcm92aWRlcigpKTsKICAgIFtq YXZhY10gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgXgogICAgW2phdmFjXSAvdmFyL3RtcC9wb3J0YWdlL3d3dy1zZXJ2ZXJz L3RvbWNhdC01LjUuMjcvd29yay9hcGFjaGUtdG9tY2F0LTUuNS4yNy1zcmMvY29ubmVjdG9ycy91 dGlsL2phdmEvb3JnL2FwYWNoZS90b21jYXQvdXRpbC9uZXQvanNzZS9KU1NFMTNTb2NrZXRGYWN0 b3J5LmphdmE6OTU6IHBhY2thZ2UgY29tLnN1bi5uZXQuc3NsIGRvZXMgbm90IGV4aXN0CiAgICBb amF2YWNdICAgICAgICAgICAgIGNvbS5zdW4ubmV0LnNzbC5LZXlNYW5hZ2VyRmFjdG9yeSBrbWYg PSAKICAgIFtqYXZhY10gICAgICAgICAgICAgICAgICAgICAgICAgICAgXgogICAgW2phdmFjXSAv dmFyL3RtcC9wb3J0YWdlL3d3dy1zZXJ2ZXJzL3RvbWNhdC01LjUuMjcvd29yay9hcGFjaGUtdG9t Y2F0LTUuNS4yNy1zcmMvY29ubmVjdG9ycy91dGlsL2phdmEvb3JnL2FwYWNoZS90b21jYXQvdXRp bC9uZXQvanNzZS9KU1NFMTNTb2NrZXRGYWN0b3J5LmphdmE6OTY6IHBhY2thZ2UgY29tLnN1bi5u ZXQuc3NsIGRvZXMgbm90IGV4aXN0CiAgICBbamF2YWNdICAgICAgICAgICAgICAgICBjb20uc3Vu Lm5ldC5zc2wuS2V5TWFuYWdlckZhY3RvcnkuZ2V0SW5zdGFuY2UoYWxnb3JpdGhtKTsKICAgIFtq YXZhY10gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIF4KICAgIFtqYXZhY10gL3Zhci90 bXAvcG9ydGFnZS93d3ctc2VydmVycy90b21jYXQtNS41LjI3L3dvcmsvYXBhY2hlLXRvbWNhdC01 LjUuMjctc3JjL2Nvbm5lY3RvcnMvdXRpbC9qYXZhL29yZy9hcGFjaGUvdG9tY2F0L3V0aWwvbmV0 L2pzc2UvSlNTRTEzU29ja2V0RmFjdG9yeS5qYXZhOjEwNjogcGFja2FnZSBjb20uc3VuLm5ldC5z c2wgZG9lcyBub3QgZXhpc3QKICAgIFtqYXZhY10gICAgICAgICAgICAgY29tLnN1bi5uZXQuc3Ns LlRydXN0TWFuYWdlcltdIHRtID0gbnVsbDsKICAgIFtqYXZhY10gICAgICAgICAgICAgICAgICAg ICAgICAgICAgXgogICAgW2phdmFjXSAvdmFyL3RtcC9wb3J0YWdlL3d3dy1zZXJ2ZXJzL3RvbWNh dC01LjUuMjcvd29yay9hcGFjaGUtdG9tY2F0LTUuNS4yNy1zcmMvY29ubmVjdG9ycy91dGlsL2ph dmEvb3JnL2FwYWNoZS90b21jYXQvdXRpbC9uZXQvanNzZS9KU1NFMTNTb2NrZXRGYWN0b3J5Lmph dmE6MTEzOiBwYWNrYWdlIGNvbS5zdW4ubmV0LnNzbCBkb2VzIG5vdCBleGlzdAogICAgW2phdmFj XSAgICAgICAgICAgICAgICAgY29tLnN1bi5uZXQuc3NsLlRydXN0TWFuYWdlckZhY3RvcnkgdG1m ID0KICAgIFtqYXZhY10gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIF4KICAgIFtqYXZh Y10gL3Zhci90bXAvcG9ydGFnZS93d3ctc2VydmVycy90b21jYXQtNS41LjI3L3dvcmsvYXBhY2hl LXRvbWNhdC01LjUuMjctc3JjL2Nvbm5lY3RvcnMvdXRpbC9qYXZhL29yZy9hcGFjaGUvdG9tY2F0 L3V0aWwvbmV0L2pzc2UvSlNTRTEzU29ja2V0RmFjdG9yeS5qYXZhOjExNDogcGFja2FnZSBjb20u c3VuLm5ldC5zc2wgZG9lcyBub3QgZXhpc3QKICAgIFtqYXZhY10gICAgICAgICAgICAgICAgICAg ICBjb20uc3VuLm5ldC5zc2wuVHJ1c3RNYW5hZ2VyRmFjdG9yeS5nZXRJbnN0YW5jZSgiU3VuWDUw OSIpOwogICAgW2phdmFjXSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIF4KICAg IFtqYXZhY10gL3Zhci90bXAvcG9ydGFnZS93d3ctc2VydmVycy90b21jYXQtNS41LjI3L3dvcmsv YXBhY2hlLXRvbWNhdC01LjUuMjctc3JjL2Nvbm5lY3RvcnMvdXRpbC9qYXZhL29yZy9hcGFjaGUv dG9tY2F0L3V0aWwvbmV0L2pzc2UvSlNTRTEzU29ja2V0RmFjdG9yeS5qYXZhOjEyMDogcGFja2Fn ZSBjb20uc3VuLm5ldC5zc2wgZG9lcyBub3QgZXhpc3QKICAgIFtqYXZhY10gICAgICAgICAgICAg Y29tLnN1bi5uZXQuc3NsLlNTTENvbnRleHQgY29udGV4dCA9IAogICAgW2phdmFjXSAgICAgICAg ICAgICAgICAgICAgICAgICAgICBeCiAgICBbamF2YWNdIC92YXIvdG1wL3BvcnRhZ2Uvd3d3LXNl cnZlcnMvdG9tY2F0LTUuNS4yNy93b3JrL2FwYWNoZS10b21jYXQtNS41LjI3LXNyYy9jb25uZWN0 b3JzL3V0aWwvamF2YS9vcmcvYXBhY2hlL3RvbWNhdC91dGlsL25ldC9qc3NlL0pTU0UxM1NvY2tl dEZhY3RvcnkuamF2YToxMjE6IHBhY2thZ2UgY29tLnN1bi5uZXQuc3NsIGRvZXMgbm90IGV4aXN0 CiAgICBbamF2YWNdICAgICAgICAgICAgICAgICBjb20uc3VuLm5ldC5zc2wuU1NMQ29udGV4dC5n ZXRJbnN0YW5jZShwcm90b2NvbCk7IAogICAgW2phdmFjXSAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgXgogICAgW2phdmFjXSBOb3RlOiBTb21lIGlucHV0IGZpbGVzIHVzZSBvciBvdmVy cmlkZSBhIGRlcHJlY2F0ZWQgQVBJLgogICAgW2phdmFjXSBOb3RlOiBSZWNvbXBpbGUgd2l0aCAt WGxpbnQ6ZGVwcmVjYXRpb24gZm9yIGRldGFpbHMuCiAgICBbamF2YWNdIE5vdGU6IFNvbWUgaW5w dXQgZmlsZXMgdXNlIHVuY2hlY2tlZCBvciB1bnNhZmUgb3BlcmF0aW9ucy4KICAgIFtqYXZhY10g Tm90ZTogUmVjb21waWxlIHdpdGggLVhsaW50OnVuY2hlY2tlZCBmb3IgZGV0YWlscy4KICAgIFtq YXZhY10gOCBlcnJvcnMKCkJVSUxEIEZBSUxFRAovdmFyL3RtcC9wb3J0YWdlL3d3dy1zZXJ2ZXJz L3RvbWNhdC01LjUuMjcvd29yay9hcGFjaGUtdG9tY2F0LTUuNS4yNy1zcmMvYnVpbGQueG1sOjQy OiBUaGUgZm9sbG93aW5nIGVycm9yIG9jY3VycmVkIHdoaWxlIGV4ZWN1dGluZyB0aGlzIGxpbmU6 Ci92YXIvdG1wL3BvcnRhZ2Uvd3d3LXNlcnZlcnMvdG9tY2F0LTUuNS4yNy93b3JrL2FwYWNoZS10 b21jYXQtNS41LjI3LXNyYy9idWlsZC9idWlsZC54bWw6NDc5OiBUaGUgZm9sbG93aW5nIGVycm9y IG9jY3VycmVkIHdoaWxlIGV4ZWN1dGluZyB0aGlzIGxpbmU6Ci92YXIvdG1wL3BvcnRhZ2Uvd3d3 LXNlcnZlcnMvdG9tY2F0LTUuNS4yNy93b3JrL2FwYWNoZS10b21jYXQtNS41LjI3LXNyYy9idWls ZC9idWlsZC54bWw6MTUxOiBUaGUgZm9sbG93aW5nIGVycm9yIG9jY3VycmVkIHdoaWxlIGV4ZWN1 dGluZyB0aGlzIGxpbmU6Ci92YXIvdG1wL3BvcnRhZ2Uvd3d3LXNlcnZlcnMvdG9tY2F0LTUuNS4y Ny93b3JrL2FwYWNoZS10b21jYXQtNS41LjI3LXNyYy9jb25uZWN0b3JzL3V0aWwvYnVpbGQueG1s OjcwOiBDb21waWxlIGZhaWxlZDsgc2VlIHRoZSBjb21waWxlciBlcnJvciBvdXRwdXQgZm9yIGRl dGFpbHMuCgpUb3RhbCB0aW1lOiA0IHNlY29uZHMKIBtbMzE7MDFtKhtbMG0gCiAbWzMxOzAxbSob WzBtIEVSUk9SOiB3d3ctc2VydmVycy90b21jYXQtNS41LjI3IGZhaWxlZC4KIBtbMzE7MDFtKhtb MG0gQ2FsbCBzdGFjazoKIBtbMzE7MDFtKhtbMG0gICAgICAgICAgICAgICBlYnVpbGQuc2gsIGxp bmUgICA0OTogIENhbGxlZCBzcmNfY29tcGlsZQogG1szMTswMW0qG1swbSAgICAgICAgICAgICBl bnZpcm9ubWVudCwgbGluZSA0MTQwOiAgQ2FsbGVkIGVhbnQgJ3NyY19jb21waWxlJyAnc3JjX2Nv bXBpbGUnICctRGJhc2UucGF0aD0vdmFyL3RtcC9wb3J0YWdlL3d3dy1zZXJ2ZXJzL3RvbWNhdC01 LjUuMjcvdGVtcCcgJy1Ec2VydmxldGFwaS5idWlsZC5ub3RyZXF1aXJlZD10cnVlJyAnLURqc3Bh cGkuYnVpbGQubm90cmVxdWlyZWQ9dHJ1ZScgJy1EY29tbW9ucy1iZWFudXRpbHMuamFyPS91c3Iv c2hhcmUvY29tbW9ucy1iZWFudXRpbHMtMS43L2xpYi9jb21tb25zLWJlYW51dGlscy5qYXInICct RGNvbW1vbnMtY29sbGVjdGlvbnMuamFyPS91c3Ivc2hhcmUvY29tbW9ucy1jb2xsZWN0aW9ucy9s aWIvY29tbW9ucy1jb2xsZWN0aW9ucy5qYXInICctRGNvbW1vbnMtZGFlbW9uLmphcj0vdXNyL3No YXJlL2NvbW1vbnMtZGFlbW9uL2xpYi9jb21tb25zLWRhZW1vbi5qYXInICctRGNvbW1vbnMtZGln ZXN0ZXIuamFyPS91c3Ivc2hhcmUvY29tbW9ucy1kaWdlc3Rlci9saWIvY29tbW9ucy1kaWdlc3Rl ci5qYXInICctRGNvbW1vbnMtZGJjcC5qYXI9L3Vzci9zaGFyZS9jb21tb25zLWRiY3AvbGliL2Nv bW1vbnMtZGJjcC5qYXInICctRGNvbW1vbnMtZWwuamFyPS91c3Ivc2hhcmUvY29tbW9ucy1lbC9s aWIvY29tbW9ucy1lbC5qYXInICctRGNvbW1vbnMtZmlsZXVwbG9hZC5qYXI9L3Vzci9zaGFyZS9j b21tb25zLWZpbGV1cGxvYWQvbGliL2NvbW1vbnMtZmlsZXVwbG9hZC5qYXInICctRGNvbW1vbnMt aHR0cGNsaWVudC5qYXI9L3Vzci9zaGFyZS9jb21tb25zLWh0dHBjbGllbnQvbGliL2NvbW1vbnMt aHR0cGNsaWVudC5qYXInICctRGNvbW1vbnMtaW8uamFyPS91c3Ivc2hhcmUvY29tbW9ucy1pby0x L2xpYi9jb21tb25zLWlvLmphcicgJy1EY29tbW9ucy1sYXVuY2hlci5qYXI9L3Vzci9zaGFyZS9j b21tb25zLWxhdW5jaGVyL2xpYi9jb21tb25zLWxhdW5jaGVyLmphcicgJy1EY29tbW9ucy1sb2dn aW5nLmphcj0vdXNyL3NoYXJlL2NvbW1vbnMtbG9nZ2luZy9saWIvY29tbW9ucy1sb2dnaW5nLmph cicgJy1EY29tbW9ucy1sb2dnaW5nLWFwaS5qYXI9L3Vzci9zaGFyZS9jb21tb25zLWxvZ2dpbmcv bGliL2NvbW1vbnMtbG9nZ2luZy1hcGkuamFyJyAnLURjb21tb25zLXBvb2wuamFyPS91c3Ivc2hh cmUvY29tbW9ucy1wb29sL2xpYi9jb21tb25zLXBvb2wuamFyJyAnLURjb21tb25zLW1vZGVsZXIu amFyPS91c3Ivc2hhcmUvY29tbW9ucy1tb2RlbGVyL2xpYi9jb21tb25zLW1vZGVsZXIuamFyJyAn LURqZHQuamFyPS91c3Ivc2hhcmUvZWNsaXBzZS1lY2otMy4zL2xpYi9lY2ouamFyJyAnLURqc3At YXBpLmphcj0vdXNyL3NoYXJlL3RvbWNhdC1zZXJ2bGV0LWFwaS0yLjQvbGliL2pzcC1hcGkuamFy JyAnLURqdW5pdC5qYXI9L3Vzci9zaGFyZS9qdW5pdC9saWIvanVuaXQuamFyJyAnLURsb2c0ai5q YXI9L3Vzci9zaGFyZS9sb2c0ai9saWIvbG9nNGouamFyJyAnLURtYWlsLmphcj0vdXNyL3NoYXJl L3N1bi1qYXZhbWFpbC9saWIvbWFpbC5qYXInICctRHNheHBhdGguamFyPS91c3Ivc2hhcmUvc2F4 cGF0aC9saWIvc2F4cGF0aC5qYXInICctRHNlcnZsZXQtYXBpLmphcj0vdXNyL3NoYXJlL3RvbWNh dC1zZXJ2bGV0LWFwaS0yLjQvbGliL3NlcnZsZXQtYXBpLmphcicgJy1EYWRtaW4uYnVpbGQubm90 cmVxdWlyZWQ9dHJ1ZScKIBtbMzE7MDFtKhtbMG0gICAgICAgICAgICAgZW52aXJvbm1lbnQsIGxp bmUgIDkzMjogIENhbGxlZCBkaWUKIBtbMzE7MDFtKhtbMG0gVGhlIHNwZWNpZmljIHNuaXBwZXQg b2YgY29kZToKIBtbMzE7MDFtKhtbMG0gICAgICAgYW50ICR7YW50ZmxhZ3N9ICIke0B9IiB8fCBk aWUgImVhbnQgZmFpbGVkIgogG1szMTswMW0qG1swbSAgVGhlIGRpZSBtZXNzYWdlOgogG1szMTsw MW0qG1swbSAgIGVhbnQgZmFpbGVkCiAbWzMxOzAxbSobWzBtIAogG1szMTswMW0qG1swbSBJZiB5 b3UgbmVlZCBzdXBwb3J0LCBwb3N0IHRoZSB0b3Btb3N0IGJ1aWxkIGVycm9yLCBhbmQgdGhlIGNh bGwgc3RhY2sgaWYgcmVsZXZhbnQuCiAbWzMxOzAxbSobWzBtIEEgY29tcGxldGUgYnVpbGQgbG9n IGlzIGxvY2F0ZWQgYXQgJy92YXIvbG9nL3BvcnRhZ2Uvd3d3LXNlcnZlcnM6dG9tY2F0LTUuNS4y NzoyMDA4MDkxMS0xOTM1MTUubG9nJy4KIBtbMzE7MDFtKhtbMG0gVGhlIGVidWlsZCBlbnZpcm9u bWVudCBmaWxlIGlzIGxvY2F0ZWQgYXQgJy92YXIvdG1wL3BvcnRhZ2Uvd3d3LXNlcnZlcnMvdG9t Y2F0LTUuNS4yNy90ZW1wL2Vudmlyb25tZW50Jy4KIBtbMzE7MDFtKhtbMG0gCiEhISBXaGVuIHlv dSBmaWxlIGEgYnVnIHJlcG9ydCwgcGxlYXNlIGluY2x1ZGUgdGhlIGZvbGxvd2luZyBpbmZvcm1h dGlvbjoKR0VOVE9PX1ZNPWlibS1qZGstYmluLTEuNiAgQ0xBU1NQQVRIPSIiIEpBVkFfSE9NRT0i L29wdC9pYm0tamRrLWJpbi0xLjYuMC4xIgpKQVZBQ0ZMQUdTPSItc291cmNlIDEuNSAtdGFyZ2V0 IDEuNSIgQ09NUElMRVI9ImphdmFjIgphbmQgb2YgY291cnNlLCB0aGUgb3V0cHV0IG9mIGVtZXJn ZSAtLWluZm8K