From unknown Mon May 18 05:25:43 2026 MIME-Version: 1.0 X-Mailer: MIME-tools 5.502 (Entity 5.502) X-Loop: owner@bugs.x2go.org From: owner@bugs.x2go.org (X2Go Bug Tracking System) Subject: Bug#334 closed by Mike Gabriel (X2Go issue (in src:python-x2go) has been marked as closed) Message-ID: References: <20141020105022.83C485DB40@ymir.das-netzwerkteam.de> X-X2go-PR-Keywords: pending X-X2go-PR-Message: they-closed 334 X-X2go-PR-Package: python-x2go X-X2go-PR-Source: python-x2go Date: Mon, 20 Oct 2014 10:55:20 +0000 Content-Type: multipart/mixed; boundary="----------=_1413802520-3543-0" This is a multi-part message in MIME format... ------------=_1413802520-3543-0 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 This is an automatic notification regarding your Bug report which was filed against the python-x2go package: #334: Don't allow users to override X2Go commands via ~/bin (or similar) It has been closed by Mike Gabriel . Their explanation is attached below along with your original report. If this explanation is unsatisfactory and you have not received a better one in a separate message then please contact Mike Gabriel by replying to this email. --=20 X2Go Bug Tracking System Contact owner@bugs.x2go.org with problems ------------=_1413802520-3543-0 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at control) by bugs.x2go.org; 20 Oct 2014 10:50:47 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,NO_RELAYS, URIBL_BLOCKED autolearn=unavailable version=3.3.2 Received: by ymir.das-netzwerkteam.de (Postfix, from userid 1005) id 83C485DB40; Mon, 20 Oct 2014 12:50:22 +0200 (CEST) From: Mike Gabriel To: 334-submitter@bugs.x2go.org Cc: control@bugs.x2go.org, 334@bugs.x2go.org Subject: X2Go issue (in src:python-x2go) has been marked as closed Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit Message-Id: <20141020105022.83C485DB40@ymir.das-netzwerkteam.de> Date: Mon, 20 Oct 2014 12:50:22 +0200 (CEST) close #334 thanks Hello, we are very hopeful that X2Go issue #334 reported by you has been resolved in the new release (0.5.0.0) of the X2Go source project »src:python-x2go«. You can view the complete changelog entry of src:python-x2go (0.5.0.0) below, and you can use the following link to view all the code changes between this and the last release of src:python-x2go. http://code.x2go.org/gitweb?p=python-x2go.git;a=commitdiff;h=3fec411b839b53c0e51a73dd05c7a77dcde800e8;hp=3088eda9bf1494527afecc4b36c56a8caff314d0 If you feel that the issue has not been resolved satisfyingly, feel free to reopen this bug report or submit a follow-up report with further observations described based on the new released version of src:python-x2go. Thanks a lot for contributing to X2Go!!! light+love X2Go Git Admin (on behalf of the sender of this mail) --- X2Go Component: src:python-x2go Version: 0.5.0.0-0x2go1 Status: RELEASE Date: Mon, 20 Oct 2014 12:40:34 +0200 Fixes: 334 358 500 508 532 537 588 602 Changes: python-x2go (0.5.0.0-0x2go1) RELEASED; urgency=low . [ Mike Gabriel ] * New upstream version (0.5.0.0): - Split up session profile backend into generic and storage specific parts. - Fully rework backend concept in Python X2Go. Breaks compatibility with earlier versions of Python X2Go concerning backends (probably not really used by third-party products, if at all). - Fix setting default values in X2GoClientXConfig class. - Default to xdg-open as default PDF viewer command. - Provide session profile backend for a http broker. - Make session profile backends more unicode robust. - X2GoSessionProfile.get_server_hostname must return unicode objects. - Speed-optimize session profile ID <-> name mapping. - Handle injection of PKey (Paramiko SSH key) objects for authentication from the broker session profiles backend. - Allow catching "connection refused" errors while talking to an X2Go Session Broker (X2GoBrokerConnectionException). - Support cookie based authentication against a http(s) session broker. - On Windows: Improve debugging when a new X-Server port has to be allocated. - Capture broker connection problems during selectsession calls to the broker via a HOOK method. - Allow user interaction via a HOOK if broker connection problems occur. - Handle broker setups that don't require credentials. Connection can be established simply by leaving the password (and authid) empty. - Fix detection of matching path names in X2GoIniFiles. - Make sure X2GoClientXConfig config file really gets written to disk (after we changed the internas of X2GoIniFile for this new major release). - Rename hook method HOOK_no_known_xserver_found to HOOK_no_installed_xservers_found. Call this new hook if no installed X-Servers could be found on the system. - Only check running X-Servers that have the same WMI SessionId as the current X2Go application. - Session profiles: default value type for exports session profile option is an empty dictionary. - Make X2GoClient's constructor aware of non-usable X-Server ports. - Windows: Fix crash while attempting to find the session window. - Support SSH proxy autologin feature of X2Go Session Broker. - Provide Telekinesis support in Python X2Go. - Stop manipulating session profiles in X2GoSshProxy class. Esp. stop manipulating session profiles with deprecated session options. - Type-hardening of X2GoSshProxy class. Accept hosts as list and strings. If hosts are given as a list, a random list element will be taken as host (for connecting and for the SSH proxy tunnel setup). - Type-hardening of X2GoControlSession class's C{connect()} method. Handle hostnames that come in as lists gracefully. - Don't construct the sshproxy_tunnel parameter in x2go/utils.py. Leave that to higher level classes that know more about X2Go internals. - Add support for a subsystem string when setting up port forwarding tunnels. - Use gevent to spawn the TeKi client start-up process (instead of waiting for it to return). - Provide support for new session parameter: clipboard. (Fixes: #508). - Split up NX output and NX errors into two separate files. - Silent ignore it if we cannot detect the local Xlib.display.Display() instance (happens with polyinstantiated /tmp dirs). - Don't start telekinesis client if not support server-side. Don't attempt at starting telekinesis client, if it is not installed. - Disallow server-side users to override X2Go Server commands via ~/bin (or similar). (Fixes: #334). - Handle non-available color depth in X2Go session name gracefully. (Fixes: #358). - Make sure that the x2gosuspend-session/x2goterminate-session commands are sent to the X2Go Server before we take down the NX proxy subprocess. - Create a "session.window" file in the session directory. This file for now contains one line "ID:". The file appears once a session window comes up (start/resume), and disappears once the session window closes (suspend/terminate). - Only enable Telekinesis client debugging if the logger instance is in debug mode. - Performance tests have shown, that enabling SSH compression is not a good idea. NX should handle that instead (and does). - Better control the startup bootstrap of the Telekinesis client subsystem. - Newly understand our own Paramiko/SSH forwarding tunnel code. Become aware of handling multiple connects on the same tunnel. - Rename LICENSE.txt to COPYING. - Be more exact when detecting the NX proxy window id. - On non-Windows platforms, enforce usage of the "ares" DNS resolver in python-gevent (which is available since Python gevent 1.0~). (Fixes: #588). - Use Xlib to detect client-side destop geometry. - For reverse port forwardings use IPv4 localhost address only. - Assure proper NX Proxy cleanup when sessions suspends/ terminates. - Assure proper Telekinesis client cleanup when sessions suspends/ terminates. - Clean up terminal sessions properly when the clean_sessions() method of the control session has got called. - Don't use compression on TeKi sshfs mounts. - Handle duplicate profile names gracefully (i.e. append a " (1)", " (2)", ... to the session profile name). (Fixes: #500). - Support server-side Telekinesis versions that ship their own (teki-)sftpserver. - Use session_name, not session_info object's __str__() method to obtain session name (in X2GoTelekinesis). - Handle socket errors on the reverse port forwarding tunnels more gracefully. - Handle sudden control session death during local folder sharing gracefully. - Don't choke on non-initialized SSH transport objects when initializing SFTP client. - Fix transport lock release in X2GoControlSession._x2go_sftp_put(). - Fix session lock release in various methods of the X2GoSession class. - Release _share_local_folder_lock on instance X2GoTerminalSession destruction. - Detect non-installed sshfs (required for Telekinesis). - X2GoControlSession: Don't mess with the associated_terminals dict if the control session has already died away (i.e. been forcefully disconnect). - If the listsessions command detects a terminated or suspended session, we have to destroy the corresponding X2GoTerminalSession() to trigger a proper cleanup of that instance. - Fix various hrefs in __doc__ strings. - Fix creating/renaming/reconfiguring session profiles. Handle host option properly (as list). - Make sure we do a deepcopy of the default session profile parameters. - Detect more exceptions in the requests module when authenticating against a session broker. - Only convert the value of the export session profile option if not already a Python dictionary. - Capture X2GoControlSessionException occurrences during client-side folder sharing initializaation while starting/resuming a session. - X2GoSessionRegistry: Don't report about sessions that have a not yet fully assigned session name / profile name / profile id. * debian/control: + Add dependencies: python-requests, python-simplejson. + Add R (python-x2go): sshfs. + Add S (python-x2go): telekinesis-client, mteleplayer-clientside. + Update D (python-x2go): python-paramiko (>= 1.15.1-0~). (Fixes: #602). * python-x2go.spec: + Add dependencies: python-requests, python-simplejson. + Additionally adapt to building on openSUSE/SLES. + Add all python packages under R to BR (for epydoc run). + Update R for python-x2go: python-paramiko >= 1.15.1. . [ Mike DePaulo ] * New upstream version (0.5.0.0): - Windows: Fix compatibility with PulseAudio 3.0 & later (Fixes: #532) - Windows: Prevent high PulseAudio CPU usage on Windows XP by lowering PulseAudio's CPU priority from "high" to "normal" on XP specifically. Also do so on Windows Server 2003 (R2) (Fixes: #537) ------------=_1413802520-3543-0 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by bugs.x2go.org; 29 Oct 2013 12:41:08 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,URIBL_BLOCKED autolearn=ham version=3.3.2 Received: from freya.das-netzwerkteam.de (freya.das-netzwerkteam.de [88.198.48.199]) by ymir (Postfix) with ESMTPS id 913DA5DA6C for ; Tue, 29 Oct 2013 13:41:07 +0100 (CET) Received: from grimnir.das-netzwerkteam.de (grimnir.das-netzwerkteam.de [78.46.204.98]) by freya.das-netzwerkteam.de (Postfix) with ESMTPS id 221F8BBE for ; Tue, 29 Oct 2013 13:41:07 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id 161983BA6D for ; Tue, 29 Oct 2013 13:41:07 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at grimnir.das-netzwerkteam.de Received: from grimnir.das-netzwerkteam.de ([127.0.0.1]) by localhost (grimnir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zUpYCMDwqQbT for ; Tue, 29 Oct 2013 13:41:07 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id DD3C53BB68 for ; Tue, 29 Oct 2013 13:41:06 +0100 (CET) Received: from grimnir.das-netzwerkteam.de (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTPSA id C21CA3BA6D for ; Tue, 29 Oct 2013 13:41:06 +0100 (CET) Received: from m-047.informatik.uni-kiel.de (m-047.informatik.uni-kiel.de [134.245.254.47]) by mail.das-netzwerkteam.de (Horde Framework) with HTTP; Tue, 29 Oct 2013 12:41:06 +0000 Date: Tue, 29 Oct 2013 12:41:06 +0000 Message-ID: <20131029124106.Horde.xagnkAt_UswgeDkpr-Foog9@mail.das-netzwerkteam.de> From: Mike Gabriel To: submit@bugs.x2go.org Subject: Don't allow users to override X2Go commands via ~/bin (or similar) User-Agent: Internet Messaging Program (IMP) H5 (6.1.4) Accept-Language: en,de Organization: DAS-NETZWERKTEAM X-Originating-IP: 134.245.254.47 X-Remote-Browser: Mozilla/5.0 (X11; Linux x86_64; rv:23.0) Gecko/20100101 Firefox/23.0 Iceweasel/23.0 Content-Type: multipart/signed; boundary="=_lGfiq-QSA4JmQ6s5KBI2Hg1"; protocol="application/pgp-signature"; micalg=pgp-sha1 MIME-Version: 1.0 This message is in MIME format and has been PGP signed. --=_lGfiq-QSA4JmQ6s5KBI2Hg1 Content-Type: multipart/mixed; boundary="=_vmLATebcaT7eOQOkde9xKg1" This message is in MIME format. --=_vmLATebcaT7eOQOkde9xKg1 Content-Type: text/plain; charset=UTF-8; format=flowed; DelSp=Yes Content-Disposition: inline Package: x2goclient Severity: important In X2Go it is currently possible to replace every command in X2Go Server by a command of the same name in ~/bin. An attacker could use this to infiltrate X2Go Client with arbitrary data. IMHO, we should make sure, X2Go Client only uses system-wide paths when evoking commands on X2Go Servers. This, of course, will boycott installing X2Go Server into ~ space, but actually, I prefer a safe setup to such custom installation tweaks. Feedback?!? Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb --=_vmLATebcaT7eOQOkde9xKg1 Content-Type: application/pgp-keys Content-Description: =?utf-8?b?w5ZmZmVudGxpY2hlciA=?= =?utf-8?b?UEdQLVNjaGzDvHNzZWw=?= -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.14 (GNU/Linux) mQINBFAI/RwBEAC882z9DZ0OqvdoswfZD6sWlHH43iTc2QUibyHEhz/Jov8UQLPK qUncNd9QMcQ3zp2NnU9tS4j5IY/QPcBMR96ZNdl9PWpV/Ubs6yZ9PK2/DBt3Noos FZUN2KrHbnbED5zf9sEHyRuBTnDtVRtskQlaFreX5NSZ1ndqJrC1Uqm64Mf+0mC8 7D1QRlNkH7OQmMK+u6EN8a1IZae7mDzzStgzvbvm1BZ6XDJ6ThNckvGEhgSbPF16 9zfW6a0mdlOjkmW50VIQg3wjtVHxlIYqFnH4KGp2kYslJR3SIB7ntbNW1wVQm8d2 vAnnnzXWNFFuIqOj7z6ylIL9lVTPEBen3rgDsha7/YCR5d4Kez4piKKbAMBxeSxZ yzz90YRtp/zIqjotfQt6Q05mAi9xVfvbi+XKBcGtoU89g5aekFi7bkrpxDB/JCAA VaLz0Mrpz0/33Pffhnf5a9JUvk6UhNmYBEknLn7fuO3WF0Q6Q58QvMYvHxpxAr3X nywyYFic8o71lxWB8D/Y2bhwHE3098BJhI80DLznx7cmuInORg0AnV5AArkdCBNa p+bh0rVbQXxOzKT3ETPkKBKbMRhAWtCiQfGGzOzVvtGzMw+yZMnGIEfJ7Dqe5URF rvRPJYlIJLPsa3josVtIMjaeK6xIG2o7c8qN/H89nNyplQkt+Vx28x3dewARAQAB tC9NaWtlIEdhYnJpZWwgPG1pa2UuZ2FicmllbEBkYXMtbmV0endlcmt0ZWFtLmRl PokCPQQTAQgAJwIbAwULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAUCUWUgMAUJCsIk hAAKCRCa9GswJXcbMYLlD/9Ov0PPICrmOD5LG2W3eF/bEqSd5Lnvc0njkI0IOKhJ Ww/jjGcQpnclfxsDNIvhXtHcZHL3b50320p7neKL/MaO6NYRo+UMkOzmwsEFQL3b 6Cea70QRgvn+cxjpnDP5a5wLKyiezwE3GdlPV2+Aohlq1BrY1N3OAVby5/QylYoz Ezb4zlhg2ncvp3N4FZh7BBDkaK1d+ZObBP/uxrkwoapAXqp4S8iSE46d2/R1W20v 7edGN21+qi8DkKI69hTzo4OgyRPwF0LIQnJlGL0eI0cMA1P1SqJpLePKPPFPqHYY haBvDlGXWVwEflKBNh06CqT7fwi7nnRV7EkIP+kXDYYGxn05DsFqIbNB2fFRrPaO 4x2NCE7eCU9kf1Xazv6MRGudzTndeFGFKyqIrx4fRZHnrytL11vxxGw207mx/TCx +6zQwwGu3bMtv9QUnEjDvZWXkMU+emz7kDjg+3Bnb9lC78zKJRWXSpp3StTgMFi5 Cu+QzVVkzywEqmNzcLySIoyFqjUhhvVlXTQjzNU1JI3hRETG/sRQmftsIJNJQFf3 0/euiRD48rQvjH9s82sniUCI+l+DXUOyFkGofz5045Q7z8gky+W98q/c7Y8YG1d6 Cba1Im2tMaiR2m/jUzai1T3q+7AmdKxCVELvxpaSDSKLWR+UxVR8yjirhmGtwo1L eIkCQAQTAQgAKgIbAwULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAIZAQUCUWUgKQUJ CsIkhAAKCRCa9GswJXcbMSVTEACKK4yB3eZJHV1F2bm8lvJCYsqhnuxmIGrZgXPa Apv2gItUdqiaHLTboa0MFIfhT29tJ7FYSD3xto9VX7tocegoUoRct+YVFiubiqge PTe1GU7eNER5i3UyG+b/o8jhDAQzv+GDH8jPFQ3CfbR5DyW9JMhncKbOrCtSI0Zy s2QdGjZJf22wUdkJF67Aac/Ohktjg/Lriv/swZXo4azE3BoCfPBVnxqQ0f5Cno/J NyLDRYEHvU6+vRsX0nsfmLi8AMYu0OD2/WSluRDLUK59fumBJSHNdxxnQ0aU4pZk FvLvP6XVG/RjnLiYpzTi78cSNLzcTxC2GqrZh4s6NVho70ZVhyAc8xFp2zcoD/YT iOI8cbetnxWDtMOY9i+0GKYK/FAlUkBhcKPKJfpWcBxGsUnV5XI2XDKMsL1sQafo eYz0afVcXEOnNoHiwJ2/Ez6G+TrJU8cSNsLd3eClimIoRNLUE0m4eE+SnVJSJxeq VlJhTFAtILSJ75u+N+SoP5d+PZc1aR88M3oVbjbNkQlVxqah6Ag5Tg/mOKX5lsbx Par35hhpQU1YukRDOFoAcvry79yp+Kh+OU/S3TNp2z6epTgAoSwZz+k+s9R/WG5s qUEarWQLbOM3J7740qkrvz7C949fgXO4GwLBl6p4skQZonIFNqp6QlqIUsTATlDu 94h2GLQwTWlrZSBHYWJyaWVsIDxtaWtlLmdhYnJpZWxAaXQtenVrdW5mdC1zY2h1 bGUuZGU+iQI9BBMBCAAnAhsDBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheABQJRZSAw BQkKwiSEAAoJEJr0azAldxsxfC8P/3hCWeFjbOp4tXfHTJy/C6d+vSIfUEwJ8RmV uMp7VledcGN9NffT3F1Qw+x9jX37M0kqa4RdAl2hes6h1c0fMUG/imAFpVt17E7k PT5BrTz4jMqRQAU0JHnuos0F2MiaoWc5/w22W8vwmj+NrdL8Bagu3OYUV66KGaIO YDsWLCw6Qqaj33on4AqAOcnsylvNyrV0zttB0x9ZvIY8sDPpgkfZ5iyA/eRBqlsc 1UShbbN7ucirfN5vJFnOXGTKABIVis/29o56KvlT571WRPK56H3U6U6f3402+gjW vaAYKTm5Ma8MelzPciXRVEj7CMWJ7+CvlRTUaOuPQfwDxPTLAE6K8t7Dbo8SCuai MYDLfd5cAO5Fs3zwdO0QOgnc/RUT/vKT6d/iskFdTXuMr3iNBuEOt0jW2elP3OeA OMKcITryYQZ73uOlDnns3P+WDDezMMMUHNoboy4mO7G3SKXsLCaJHXF1Meg/NWwN 0W38vLnHyqABlN2F3KwoXtCQzeJE6j3kVD76hAyL2KoSmB55UXP9mdfSwe17XUnS BEyYzdBdoJIlPKVTh8EzcNwHcxOCNMbV9FEFaNAVpBp5tDrkO6Og+XE+wohTJJAj fRSLD76+0O3jhYqbnqxsxaOMrtazxQv0mB2+ZNa4MoZWIBOzeA1SncZhAOdoqhgs eL3HVU3QtCxNaWtlIEdhYnJpZWwgPG0uZ2FicmllbEBkYXMtbmV0endlcmt0ZWFt LmRlPokCPQQTAQgAJwIbAwULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAUCUWUgMQUJ CsIkhAAKCRCa9GswJXcbMekMD/9KeqniddnMyKAz9pLbY94YpkmRizhygOnLhxL+ Q3m68vKHfaexDGSa2SXiSOqY1DBeDbj8VQbwJfSu7TDN6JHzvoa6p9IufrkHwJzt bI4gz+GsGBlJsCD/2/tEf9AqKwnxPNK+5RmED4rKyG9uCs3Sdvte30ZF3yQia6JU zgDwCGMCWwNJUe+Diya7oOpW0R+O+T3Lyt7PGqi9xndC/pIZBPybysTzq+GLu1mj e7BNlSU8wc0AcVMIBusGPdby9uTCfN5/dPTlb5g0oOAg0lc381HsrUQYTP+pGPCJ azkz7GkTWJnarMEk1OTUVdjpXd5oW6Zn1JVI06VlpxV1D7lixtBXk1alwecj4TZP bAl4qVNloNX7J7FOWK2o58qXiNU56i9RhmurFMes4O66WvznGaUMH9RW/Agd6SVV Su+Obu7fvIg1W5tJ6wtkXWSMYebro9zmBcTnIC61VRqIgHW/miqw69Ds0KpNPW0I yxUUzuq+g+gby4PwF2RhAIKCE324JMVl7cCexobHuO/pB3PFv7Fo0lcAQ1S6W72l C+ksgQHVzpLDTRl9PYF+nmI7T/70orhN+J7zxzV2Zuu+iJSTA/DAIGN9o9CNJdwt P0Y+m3FQUYuMk7NyIdSYqYPuCa8NqOn/Z1oN/VDIstF0JuCwN+wZcr3B/+5B+tLF m+NGubQdTWlrZSBHYWJyaWVsIDxtaWtlQHVidW50dS5kZT6JAj0EEwEIACcCGwMF CwkIBwMFFQoJCAsFFgIDAQACHgECF4AFAlFlIDEFCQrCJIQACgkQmvRrMCV3GzHv SBAAsLX0Y3ov6kKk1tfYms+V51+1rqCcAn6Dm5Zj+CUnMmsxAkJoDqsStrKaEh6H aJglVg8+ddvHU7Hd9f/rALRttpMEN8crIYugv2PevK2u4+WAxyCuTqM+CQyRLaSo o0ndfDqc5NCZggKD3Xr3RNUQgmNqIaXuGeVG2BqEaPreurP2MYpakYJYTgRkj10z p+srw0RujzCOyq2t4r0JkElEJQx1eTXnxo1ByOO0E8kZkN9hQ9Jg0a34EwGvxqk4 qXfb8rQM5qFQRymOI2OCKvjb7ehkaQZR9nSobVQtFWRX5cVauZL5pmfOmHl+tjwn qSMiR9+fdulOTLZ7jsr1JBYb4czs1y7ShbbcZD1BCvF17oNGqi2up27jDD290jJU xBy7Z0RkWlPRsFO2B/9d1ic7arYIDjN4PZETMXIogVp9doaU9M+t3vWK7nEf8/1+ dNuyBLZBgFbGt9zOnoeLqFlhUQVHlJjpjjwn1CvfPIBd6eAiyfa4OE7YAkZySu2E pazJ02xDw+DJ+8NVGFqQrbOc9JN/Vc9zusrf4YTxxWRbSysR8QgrTjF5WPy4CbAo QoS8qGrWnNuOn8YJ/d5z6icOd7VGNjCRREEyAVXU1kIQUXbIJWuUjyYNWdzoaLWx qIt+CB/bcQDngqjUEDZ2CZkWNL58vd8aAXjprqRElB2hvtK0I01pa2UgR2Ficmll bCA8c3Vud2VhdmVyQGRlYmlhbi5vcmc+iQI4BBMBAgAiBQJRSD+9AhsDBgsJCAcD AgYVCAIJCgsEFgIDAQIeAQIXgAAKCRCa9GswJXcbMYtjEAClP1Fz+ID1p8RxxCeR jYjL1oeeLRwXTuIS1wQfeAoz5wbLMMn/HsKKQ2YDebxzhiroW7Moa0FMO++O9Wmd ua9rVwV1g4qShrmDzSwWmRBrowlAav0IbcCM2vcbi845tSyGWmR2i6bJZpK8NZAS Cug5hijNdXwRVfAmNGFElcIXC1aa6U2kIVuh45tG/IuO5YmZWC5LQdK8VgTLs/yk HBlNt8sdo7TgzRpKHmEZG1jCpmYRuxgJPTroPdzvwqTKamh+LIqC8Z+E9pGlZeQf 44dKpvHJuSdEy1UBTOnvCiRgFP4ZX735Arc9WA83qFzrNFjLiy3zNQp9pcCdBY2x aLhsyfG8EBtZE9GXEgc52EuTqDZSAyBi5IeRcG7FvdHvLV8zypEHK3Hn9g3Eq2OS PDOw6/EL7KnVbhvogEujPlgD3wJW0FItrE6iR05TAeK0jE0gUBNMzGnyUbFRxJZX RTHEsFyIc9oMqoNEUOSblH8cgGY+HLEWFWaqfkTLBC6kVKP/RxZOVypNvtHZn86q 85x6XucfCoBpVqRzrHmOcAXuA6YHGEamoK7OdvkOrV1Nc1OMxYWnxG/4WYjokxEc Hx2Jg7CAlzi1/NFHAQD4o9TJaAraQjy0nqFiobHHzyLmiPBDKMfjTXdsSRjjVm3k m5mV6Bpy15KNVamTcINasFCChbkCDQRQCP0cARAAocrlXanxu815kLU6zhFP6Jp3 sQHcTRXucq28BgWf7Dz8galugBPTEEdKTkrxxAiSGZ3iHEJsmW8H4XNy56Jh+jpL OqW0+4RvPc6Eemv1MzgfdAuEkKNA+3ar3ETqhVnn54olI6rMo0FulDCopNE/0LIC AjSLekPXTlPj2swClmyl35hXJYiTgtwwLCkoQHMxz2L1+igyoGdR/O3lEwQJ1pI7 oaanWV8fda4jQkLpDf1q6bY2tEdUZx2uR5J79pjpjNkxpCbD1TvGRWjekkZP9Yi7 4ZgtyTh86hAPVP1x30a7/Hb0ysfeqJ63f8sQEqLtrfjPYO0IRoaPvL/RXxXrO2nV RMmLVeeho6GHk0LqubfA8gzZ1Vu9Rfag1EMMNy6ZkvdHNJm8sSaec90tn59aPLUP taBe5d4Ji6tlpJu2ez75A6tmt3JMDrQ6crfN5eZ0ISAGHwWHN9SPDhAcVcGBZrKQ QQaKIcQ2gVbGcnO3lOCY4MkxgyCiJX+MepnWOpvB2pyv4ftJLv7rxfOQ3Z/3yewS GRfwrT+AW/i1jcW/C+c5sLZPGFtG8gBXPwUj2CYbAGI74eFhGk6Ksu3f2qxFOVDM IJdiBJatEYojN64Gzap2nzZfhUHPqOnBeI/cL+Z/YbakUuIAcva3o1UuOLvGg+Fo 9kFdPLDXRhPOqMywdDUAEQEAAYkCHwQYAQgACQUCUAj9HAIbDAAKCRCa9GswJXcb MZubEAC8GzMcU5CVNqDGOHiStowzKgU3njez9aYa70Gsmtm62WPkJSTVw7Nw6wfC val84JLqy0wL8tq90px0du/Ep7lE3laKlhREXiDLFGTccLH2XzK9CcnRygqjhPV9 yTY7YGorNbYKpwwgL889Ld6dhXlwDfR4PmvEKZjzqdhwDAXWsivkMYsEwC3oKC1m Ra3Nzf/oHUNrPwKSW55EKswc88u+T7553BUpGMyp2lktuA6jFSgbal3KdA0Ipbr7 C8elt7IapSz03MjcGTfVvnax5M8m/6dejdjKjGi8UFpaTbIiufQw8gpCFJhwRMpK MzU9qmDwOpeg5yL+a/k41wvBEZx4hHHkpcMfTF9vigZb+h8WHgwN/Zu+mCS84MyS g/oGwYs0flIPi/FJ9KrcMJFzB+d8YNYdx1mZaxY1b2gs4RtmTrhhRXbdcNeHNEH4 xHaRhSfDGW8UFuFVY4LKz4iF/mnoo6jMXds2HLKz7OaEneDbeDlZc8EViXvOtL7Q 8nS7ta8cWLCDd9n42hzf6Dw+dq4B/OLVJTFYGMrhouA6xr3GzhgcgAeUmFEPoBbU fX5Gy108fh4YQh1w+QsJxznorI+2rqOD1RxG2dxxBlHKSfDbY4gT35U4SrSfV6rW P6TFT0JSxqgibbegXJUN0jSUL4HibtLXHS2/vpV/wTceVaGB/g== =uwZl -----END PGP PUBLIC KEY BLOCK----- --=_vmLATebcaT7eOQOkde9xKg1-- --=_lGfiq-QSA4JmQ6s5KBI2Hg1 Content-Type: application/pgp-signature Content-Description: Digitale PGP-Signatur Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) iQIcBAABAgAGBQJSb6ziAAoJEJr0azAldxsxAOEP/jMM855HsHbMeRsBNEKpPhI3 CF68tAXh0aTowGmIDwVFyUsCy7z/jvFWOx68bBt6axy67BAtw/x05JNoKUrIqx5i tGXZgzO4l3ikorRlvtL4gJ6QswCYaQyedr3umJZW0zeNPXCR76x38ddWAjk3k2Dn pYrBeOcBAbQgZ46ZaQh/ZzBf2r5Vhv2bB3tIgx1F1nglVvo4ifunmcXr+Ec/26BS b+QdoolEEaHUvGvmTfWDNYxZIcQjgWVgIGD1JlB3cIxkiY13eIefEZLfEMlVOi3/ 7C1dpSG11R8n4DuaHBOPabb+9K6o+T5Uk4eKTvGX1VP329cHNZFsCsICQmrPnysy Hu/vtJpfLBrxE0QWAL4wkCsIl3YwjCdb2Y9LpSwSR+XVGys7Wtk2Dx5gP+90xqJ2 9VxHd88OEEuEjq80vy/iOReVVDI+DW4q+XizBeBVd9PJxnXTNyEC7aUdpCdvPUmo CBs7HpgrXcQgMDT9vUkP3puYUuwMZsGMtQK+QJCM9++9/jrSBDvl2AQRVU6enfth zjip1HWz7PcwrmuC/KCukDeikKPiYsNZbnQLSie95duheFf1GgssWhEaW2cxz39x st/qiBSKlMxaej4LbsfgebSN9vnjpC/n7vFyg0r/VLx/5IbY1VLbbC5E+vy6nmBq QBL4r1GBMgHasKg0dT97 =26HI -----END PGP SIGNATURE----- --=_lGfiq-QSA4JmQ6s5KBI2Hg1-- ------------=_1413802520-3543-0--