gentoo resync : 07.10.2018

author: V3n3RiX <venerix@redcorelinux.org> 2018-10-07 11:03:14 +0100
committer: V3n3RiX <venerix@redcorelinux.org> 2018-10-07 11:03:14 +0100
commit: 957235cf19a691360c720f7913672adda4258ed0 (patch)
tree: 812bba7928f4293ead05a7ee9c1ac39c5ef9f12e /metadata/glsa
parent: 62f67115b5c46134c34f88f4b1cbdacc19384c0a (diff)
8 files changed, 316 insertions, 17 deletions
diff --git a/metadata/glsa/Manifest b/metadata/glsa/Manifest
index 6f5bd9aa2648..8c5348102f55 100644
--- a/metadata/glsa/Manifest
+++ b/metadata/glsa/Manifest
@@ -1,23 +1,23 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA512
 
-MANIFEST Manifest.files.gz 428048 BLAKE2B 5834bbfc1927ee7e2cae3faeae917bb164749c31d96c4c2668b07723f350b9742d5ef21ebbf7f78fbff1cc985eb00ece32e39d04e065bfb0d6824a4107935d0a SHA512 038811f6891b17d7f2be8dde22716fa2af520867cd5808ca4a095d817a75e7d94ee52dc46317f62740ddbc4cd55248f9f02d26404d1805e220ae95187a8b3764
-TIMESTAMP 2018-09-30T09:38:32Z
+MANIFEST Manifest.files.gz 428688 BLAKE2B ad7b0e93dc8d25ffce2b6b151e2b2f9d3f4644e2e0bd01b04b2cf32db642d1d55604ebfba538d50e5bffd72012f36cafeebb5fa8b059c51e9495a17ed7d24e61 SHA512 38eef2b8a964d52745f651dc5c44cb508b253654c94f1704d61e63093636d75a72c2f7e2db78f40261fe9fecdede9dacd2401b62f42b01813651f01c9fe87245
+TIMESTAMP 2018-10-07T09:08:39Z
 -----BEGIN PGP SIGNATURE-----
 
-iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAluwmZhfFIAAAAAALgAo
+iQKTBAEBCgB9FiEE4dartjv8+0ugL98c7FkO6skYklAFAlu5zRdfFIAAAAAALgAo
 aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
 RDZBQkI2M0JGQ0ZCNEJBMDJGREYxQ0VDNTkwRUVBQzkxODkyNTAACgkQ7FkO6skY
-klDJARAAh0z1anjPsytfUjKeRgnvIu+i02utg9a9WYiG612J3d5UTXaygQRqozJ2
-bPBi2/1jAvtrRERcxHncKO439qZQqwTTYToeXeN87afmAtk2ZNb0XOhdRwl3pZVk
-Gn8SxtqQVUyPWTXvI+lO2fys4JUEC+goWbIhAp+UNCxlVNXwwJ0HsfjDEEx4L6kA
-nCyrR4P5Dj73BWxIX9N4hPBFo4kv6YNABFbOXqzBiGEr+rtdgl3rUgkWipywHTRQ
-JapTC4j49JJG5aXR+jXhEdGTilo5fSepOcAunIvQtXSaVL0NBLJgPbMcCwhU/zlB
-lJSqjjn4NwPTxQ3IAknB8homdfXCfsqK9gPUeOwXGKk1v4UM4o8zBOHU9DvDgNKh
-UNCv2EQulcpLqkauc+XbAMa8p7ILNODXw2DMNE38FhflmvVdkHXejoJ05ThvAedX
-TVUtfw5HJaV9SHgcwhb6kZjAk2tkZgnF0aDFW+qNNmlQRuivOTQ2XzmswQslbx2R
-3tSSXHKAEvZUugBITvmMYr20fPAoKVLapblSTSBb/UqUIWhbJLd684/zCXC3zhq6
-Ko7ns7/7HrSu3WBUBzs0aYt3f//0kTudChygow2ZZVRA4NfbW/w7nKKsS61KT0ux
-fFjoYaP9G6D4KaL666KAWM8FPbTSt1qTjoi7DHnoDT3qAQwbmaE=
-=MhTS
+klAvZhAArNAbUYnMpMArimd1S2hFpCTziOUiqu1V9fc4XSwsfgo0Ho05PKzJaA+i
+AA6FZwaN8QJPxuXZDCci2Yf2nXTtYHUDr+PPL2ETb/P9iDdsnWIpgy3/zW5vdEJK
+Ad2C8a6Hdcad0hhE5h1xkHx2FwTcOyjyl97/p726W464sTeLCrMs2SIRjFbPzTrs
+mT5MEaUm3ChYYcGWhPqWfqKA+OPpJ9U85+xg4HVGDDEzI5s5jjSfMex4lMiPdtBq
+q7St1k276FTc5GYKeQA+f+fvtzKcTajD/heVR9ZEBS6mRzA154d7U+tMAGth6CvU
+boNW7Bl21PQejpYlpCpz3W1n3xZxAG/atSfODLxeP55JuSLFuizgxQJQy4BHkWrA
+P6IEI0lVTXWg378PFrcOmq6cWoi9YfKPjJ/lkNbBg8XBFjQlcwhK6IGcnL9+XEeZ
+TAf2+Adi+Nj/aM7B+37LNVmVrsTe/Ncl3NqFlrjjT/mC1rfHW19T+ijrJQwqwFhH
+9t+M0OKr7EXAzaOtLtgyiwOvr39GAIl/c3OD4KlVwY7Grr8gMUTlzpPcS+1aycJw
+DUMMsKZ2FFmRpEO0TMsbrR8bOmc2xoIwGVrgkuxIecodppGFjkGW4VNtN7h5tHtb
+8CeyFCiZQHF/XqfGSBdII9QSg7JkNe1zvmY+4zUlvSp3Ar6pxu0=
+=edFR
 -----END PGP SIGNATURE-----
diff --git a/metadata/glsa/Manifest.files.gz b/metadata/glsa/Manifest.files.gz
index efd7310b81fc..aab66931c134 100644
--- a/metadata/glsa/Manifest.files.gz
+++ b/metadata/glsa/Manifest.files.gz
diff --git a/metadata/glsa/glsa-201810-01.xml b/metadata/glsa/glsa-201810-01.xml
new file mode 100644
index 000000000000..ebe9c30ed5f3
--- /dev/null
+++ b/metadata/glsa/glsa-201810-01.xml
@@ -0,0 +1,115 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="201810-01">
+  <title>Mozilla Firefox: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in Mozilla Firefox, the
+    worst of which may allow execution of arbitrary code.
+  </synopsis>
+  <product type="ebuild">firefox</product>
+  <announced>2018-10-02</announced>
+  <revised count="1">2018-10-02</revised>
+  <bug>650422</bug>
+  <bug>657976</bug>
+  <bug>659432</bug>
+  <bug>665496</bug>
+  <bug>666760</bug>
+  <bug>667612</bug>
+  <access>remote</access>
+  <affected>
+    <package name="www-client/firefox" auto="yes" arch="*">
+      <unaffected range="ge">60.2.2</unaffected>
+      <vulnerable range="lt">60.2.2</vulnerable>
+    </package>
+    <package name="www-client/firefox-bin" auto="yes" arch="*">
+      <unaffected range="ge">60.2.2</unaffected>
+      <vulnerable range="lt">60.2.2</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>Mozilla Firefox is a popular open-source web browser from the Mozilla
+      Project.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in Mozilla Firefox. Please
+      review the referenced CVE identifiers for details.
+    </p>
+  </description>
+  <impact type="high">
+    <p>A remote attacker could entice a user to view a specially crafted web
+      page, possibly resulting in the execution of arbitrary code with the
+      privileges of the process or a Denial of Service condition. Furthermore,
+      a remote attacker may be able to perform Man-in-the-Middle attacks,
+      obtain sensitive information, spoof the address bar, conduct clickjacking
+      attacks, bypass security restrictions and protection mechanisms, or have
+      other unspecified impact.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All Mozilla Firefox users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-60.2.2"
+    </code>
+    
+    <p>All Mozilla Firefox binary users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=www-client/firefox-bin-60.2.2"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2017-16541">CVE-2017-16541</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12358">CVE-2018-12358</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12359">CVE-2018-12359</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12360">CVE-2018-12360</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12361">CVE-2018-12361</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12362">CVE-2018-12362</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12363">CVE-2018-12363</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12364">CVE-2018-12364</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12365">CVE-2018-12365</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12366">CVE-2018-12366</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12367">CVE-2018-12367</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12368">CVE-2018-12368</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12369">CVE-2018-12369</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12370">CVE-2018-12370</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12371">CVE-2018-12371</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12376">CVE-2018-12376</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12377">CVE-2018-12377</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12378">CVE-2018-12378</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12379">CVE-2018-12379</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12381">CVE-2018-12381</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12383">CVE-2018-12383</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12385">CVE-2018-12385</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12386">CVE-2018-12386</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-12387">CVE-2018-12387</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-5125">CVE-2018-5125</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-5127">CVE-2018-5127</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-5129">CVE-2018-5129</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-5130">CVE-2018-5130</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-5131">CVE-2018-5131</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-5144">CVE-2018-5144</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-5150">CVE-2018-5150</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-5154">CVE-2018-5154</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-5155">CVE-2018-5155</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-5156">CVE-2018-5156</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-5157">CVE-2018-5157</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-5158">CVE-2018-5158</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-5159">CVE-2018-5159</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-5168">CVE-2018-5168</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-5178">CVE-2018-5178</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-5183">CVE-2018-5183</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-5186">CVE-2018-5186</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-5187">CVE-2018-5187</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-5188">CVE-2018-5188</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-6126">CVE-2018-6126</uri>
+  </references>
+  <metadata tag="requester" timestamp="2018-10-02T09:03:17Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2018-10-02T22:17:52Z">irishluck83</metadata>
+</glsa>
diff --git a/metadata/glsa/glsa-201810-02.xml b/metadata/glsa/glsa-201810-02.xml
new file mode 100644
index 000000000000..20bc31cf4a1d
--- /dev/null
+++ b/metadata/glsa/glsa-201810-02.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="201810-02">
+  <title>SoX: Multiple vulnerabilities</title>
+  <synopsis>Multiple vulnerabilities have been found in SoX, the worst of which
+    may lead to a Denial of Service condition.
+  </synopsis>
+  <product type="ebuild">sox</product>
+  <announced>2018-10-06</announced>
+  <revised count="1">2018-10-06</revised>
+  <bug>626702</bug>
+  <bug>627570</bug>
+  <bug>634450</bug>
+  <bug>634814</bug>
+  <access>remote</access>
+  <affected>
+    <package name="media-sound/sox" auto="yes" arch="*">
+      <unaffected range="ge">14.4.2-r1</unaffected>
+      <vulnerable range="lt">14.4.2-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>SoX is a command line utility that can convert various formats of
+      computer audio files in to other formats.
+    </p>
+  </background>
+  <description>
+    <p>Multiple vulnerabilities have been discovered in SoX. Please review the
+      referenced CVE identifiers for details.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker, by enticing a user to process a crafted WAV, HCOM,
+      SND, or AIFF file, could cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All SoX users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=media-sound/sox-14.4.2-r1"
+    </code>
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2017-11332">CVE-2017-11332</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2017-11358">CVE-2017-11358</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2017-11359">CVE-2017-11359</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2017-15370">CVE-2017-15370</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2017-15371">CVE-2017-15371</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2017-15372">CVE-2017-15372</uri>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2017-15642">CVE-2017-15642</uri>
+  </references>
+  <metadata tag="requester" timestamp="2018-09-30T21:36:08Z">BlueKnight</metadata>
+  <metadata tag="submitter" timestamp="2018-10-06T16:59:06Z">irishluck83</metadata>
+</glsa>
diff --git a/metadata/glsa/glsa-201810-03.xml b/metadata/glsa/glsa-201810-03.xml
new file mode 100644
index 000000000000..9165083ac1cb
--- /dev/null
+++ b/metadata/glsa/glsa-201810-03.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="201810-03">
+  <title>OpenSSH: User enumeration vulnerability</title>
+  <synopsis>A vulnerability in OpenSSH might allow remote attackers to
+    determine valid usernames.
+  </synopsis>
+  <product type="ebuild">openssh</product>
+  <announced>2018-10-06</announced>
+  <revised count="1">2018-10-06</revised>
+  <bug>664264</bug>
+  <access>remote</access>
+  <affected>
+    <package name="net-misc/openssh" auto="yes" arch="*">
+      <unaffected range="ge">7.7_p1-r8</unaffected>
+      <vulnerable range="lt">7.7_p1-r8</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>OpenSSH is a complete SSH protocol implementation that includes SFTP
+      client and server support.
+    </p>
+  </background>
+  <description>
+    <p>It was discovered that OpenSSH was prone to a user enumeration
+      vulnerability.
+    </p>
+  </description>
+  <impact type="low">
+    <p>A remote attacker could conduct user enumeration.</p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All OpenSSH users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose "&gt;=net-misc/openssh-7.7_p1-r8"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://nvd.nist.gov/vuln/detail/CVE-2018-15473">CVE-2018-15473</uri>
+  </references>
+  <metadata tag="requester" timestamp="2018-08-23T00:18:32Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2018-10-06T17:02:32Z">whissi</metadata>
+</glsa>
diff --git a/metadata/glsa/glsa-201810-04.xml b/metadata/glsa/glsa-201810-04.xml
new file mode 100644
index 000000000000..8b1b96e811df
--- /dev/null
+++ b/metadata/glsa/glsa-201810-04.xml
@@ -0,0 +1,76 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="201810-04">
+  <title>ImageMagick: Security hardening</title>
+  <synopsis>Due to multiple vulnerabilities in various coders used by
+    ImageMagick, Gentoo Linux now installs a policy.xml file which will
+    restrict coder usage by default.
+  </synopsis>
+  <product type="ebuild">imagemagick</product>
+  <announced>2018-10-06</announced>
+  <revised count="1">2018-10-06</revised>
+  <bug>664236</bug>
+  <access>local, remote</access>
+  <affected>
+    <package name="media-gfx/imagemagick" auto="yes" arch="*">
+      <unaffected range="ge">6.9.10.10-r1</unaffected>
+      <unaffected range="ge">7.0.8.10-r1</unaffected>
+      <vulnerable range="lt">6.9.10.10-r1</vulnerable>
+      <vulnerable range="lt">7.0.8.10-r1</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>ImageMagick is a collection of tools and libraries for many image
+      formats.
+    </p>
+  </background>
+  <description>
+    <p>If you process an image with ImageMagick and don’t validate the file
+      before (e.g. check magic byte), ImageMagick will call any coders found in
+      the given file. So if ImageMagick will find Ghostscript for example, it
+      will call Ghostscript.
+    </p>
+    
+    <p>Due to multiple -dSAFER sandbox bypass vulnerabilities in Ghostscript,
+      this can lead to arbitrary code execution.
+    </p>
+    
+    <p>To mitigate this problem we install a policy.xml file by default which
+      will disable PS, EPS, PDF, and XPS coders.
+    </p>
+  </description>
+  <impact type="normal">
+    <p>A remote attacker, by enticing a user to process a specially crafted
+      image file, could execute arbitrary code with the privileges of the
+      process or cause a Denial of Service condition.
+    </p>
+  </impact>
+  <workaround>
+    <p>There is no known workaround at this time.</p>
+  </workaround>
+  <resolution>
+    <p>All ImageMagick 6 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=media-gfx/imagemagick-6.9.10.10-r1"
+    </code>
+    
+    <p>All ImageMagick 7 users should upgrade to the latest version:</p>
+    
+    <code>
+      # emerge --sync
+      # emerge --ask --oneshot --verbose
+      "&gt;=media-gfx/imagemagick-7.0.8.10-r1"
+    </code>
+    
+  </resolution>
+  <references>
+    <uri link="https://www.kb.cert.org/vuls/id/332928">Ghostscript contains
+      multiple -dSAFER sandbox bypass vulnerabilities (VU#332928)
+    </uri>
+  </references>
+  <metadata tag="requester" timestamp="2018-08-22T17:43:38Z">whissi</metadata>
+  <metadata tag="submitter" timestamp="2018-10-06T17:09:35Z">whissi</metadata>
+</glsa>
diff --git a/metadata/glsa/timestamp.chk b/metadata/glsa/timestamp.chk
index bc54edd0cd8e..4b5c84dd0035 100644
--- a/metadata/glsa/timestamp.chk
+++ b/metadata/glsa/timestamp.chk
@@ -1 +1 @@
-Sun, 30 Sep 2018 09:38:28 +0000
+Sun, 07 Oct 2018 09:08:36 +0000
diff --git a/metadata/glsa/timestamp.commit b/metadata/glsa/timestamp.commit
index 48b67b89a28e..6add75c1308d 100644
--- a/metadata/glsa/timestamp.commit
+++ b/metadata/glsa/timestamp.commit
@@ -1 +1 @@
-369717e703607f113d1aa3954217fedba2e18a69 1534973538 2018-08-22T21:32:18+00:00
+b914ac7ce64b6f61d701c5cf4173dd03fafdca0e 1538845801 2018-10-06T17:10:01+00:00
author	V3n3RiX <venerix@redcorelinux.org>	2018-10-07 11:03:14 +0100
committer	V3n3RiX <venerix@redcorelinux.org>	2018-10-07 11:03:14 +0100
commit	957235cf19a691360c720f7913672adda4258ed0 (patch)
tree	812bba7928f4293ead05a7ee9c1ac39c5ef9f12e /metadata/glsa
parent	62f67115b5c46134c34f88f4b1cbdacc19384c0a (diff)