Product
Security

NVIDIA takes security concerns seriously and works to quickly evaluate and address them. Once a security concern is reported, NVIDIA commits the appropriate resources to analyze, validate and provide corrective actions to address the issue.

  • SECURITY BULLETINS
  • REPORT VULNERABILITY
  • PSIRT POLICIES
  • ACKNOWLEDGEMENTS
  • PGP KEY

Below is a list of published NVIDIA Security Bulletins and Notices. NVIDIA recommends following the guidance given in these bulletins regarding driver or software package updates, or specified mitigations.

Customers are advised to subscribe to notifications to stay informed of initial release or major revisions to NVIDIA Security Bulletins.
You may subscribe to receive email notifications here.

2019
Security Bulletin ID Title Potential Security Impact CVEs Publish Date Last Updated
4907 Security Bulletin: NVIDIA GPU Display Driver - November 2019 Denial of service, escalation of privileges, code execution, information disclosure

CVE‑2019‑5690, CVE-2019-2019-5691, CVE-2019-5692, CVE-2019-5693, CVE-2019-5694, CVE-2019-5695, CVE-2019-5696, CVE-2019-5697, CVE-2019-5698

11/6/2019 11/6/2019
4680 Security Bulletin: NVIDIA GeForce Experience - November 2019 Denial of service, escalation of privileges, code execution, information disclosure

CVE‑2019‑5701, CVE-2019-2019-5689, CVE-2019-5695

11/6/2019 11/6/2019
4928 Security Bulletin: NVIDIA NVFlash Tool - November 2019 Denial of service, escalation of privileges, information disclosure

CVE‑2019‑5688

11/6/2019 11/6/2019
4875 Security Bulletin: NVIDIA SHIELD TV - October 2019 Denial of service, escalation of privileges, code execution, information disclosure

CVE‑2019‑5699, CVE‑2019‑5700

10/7/2019 10/7/2019
4804 Security Bulletin: NVIDIA SHIELD TV - August 2019 Denial of service, escalation of privileges, code execution

CVE‑2019‑5679, CVE‑2018‑6267, CVE‑2018‑6268, CVE‑2018‑6269, CVE‑2019‑5680, CVE‑2019‑5681, CVE‑2019‑5682, CVE‑2018‑6241, CVE‑2017‑6275, CVE-2018-6240

8/2/2019 9/23/2019
4841 Security Bulletin: NVIDIA GPU Display Driver - August 2019 Denial of service, escalation of privileges, code execution

CVE‑2019‑5683, CVE‑2019‑5684, CVE‑2019‑5685, CVE‑2019‑5686, CVE‑2019‑5687

8/2/2019 8/29/2019
4835 Security Bulletin: NVIDIA Jetson TX1 and Jetson Nano L4T - July 2019 Denial of service, escalation of privileges, code execution

CVE‑2019‑5680

7/18/2019 7/29/2019
4806 Security Bulletin: NVIDIA GeForce Experience - May 2019 Denial of service, escalation of privileges, code execution, or information disclosure

CVE‑2019‑5678, CVE‑2019‑5676

5/30/2019 5/30/2019
4797 Security Bulletin: NVIDIA GPU Display Driver - May 2019 Denial of service, escalation of privileges, code execution, or information disclosure

CVE‑2019‑5675, CVE‑2019‑5676, CVE‑2019‑5677

5/9/2019 5/30/2019
4787 Security Bulletin: NVIDIA Jetson TX1 and TX2 L4T - April 2019 Denial of service, escalation of privileges, code execution, or information disclosure

CVE-2019-5673, CVE-2019-5672, CVE-2018-6271, CVE-2018-6269, CVE-2018-6268, CVE-2018 6267, CVE-2018-3665, CVE-2018-3639, CVE-2018-6239, CVE-2017-6284, CVE-2017-6278, CVE 2017-6274, CVE-2017-0330

4/2/2019 4/2/2019
4784 Security Bulletin: NVIDIA GeForce Experience – March 2019 Denial of service, escalation of privileges, code execution

CVE-2019-5674

3/26/2019 3/27/2019
4772 Security Bulletin: NVIDIA GPU Display Driver - February 2019 Denial of service, escalation of privileges, code execution, or information disclosure

CVE-2019-5665, CVE-2019-5666, CVE-2019-5667, CVE-2019-5668, CVE-2019-5669, CVE-2019-5670, CVE-2019-5671, CVE-2018-6260

2/22/2019 3/19/2019

2018

2017

2016

2015

2014

2013

If you need to report a security issue, please use the appropriate contact points outlined below:

Problem or issue

NVIDIA contact or resource

How do I report a potential security vulnerability in a NVIDIA product?

To report a potential security vulnerability in any NVIDIA product:

OEM Partners should contact their NVIDIA Customer Program Manager

How do I report a security issue in a NVIDIA.com web page?

Email your findings to Application Security team

Where do I learn about security updates for NVIDIA products?

For information about NVIDIA Security Bulletins, see the Security Bulletins section of this Product Security page

How do I subscribe to NVIDIA Security Bulletin notifications?

You can subscribe to receive email notifications on future NVIDIA Security Bulletins and Notices here.

How do I provide feedback on a NVIDIA product or service?

Visit NVIDIA Support Website

Where do I get technical support for my NVIDIA product?

Visit NVIDIA Support Website

How do I report an email, website or pop-up window that falsely claims to represent NVIDIA?

Visit NVIDIA Support Website

How do I report the abuse or misuse of an NVIDIA product or service for malicious or illegal purposes?

Visit NVIDIA Support Website

How do I report software piracy (copying, selling, or use of software that hasn't been properly licensed)?

Visit NVIDIA Support Website

 *If reporting a potential vulnerability via email please encrypt using NVIDIA’s public PGP key (see PGP Key page) and include the following information:

  1. Product/Driver name and version/branch that contains the vulnerability
  2. Type of vulnerability (XSS, buffer overflow, etc.)
  3. Instructions to reproduce the vulnerability
  4. Proof-of-concept or exploit code
  5. Potential impact of the vulnerability, including how an attacker could exploit the vulnerability

NVIDIA PSIRT – Vulnerability Management

The NVIDIA Product Security Incident Response Team (PSIRT) goal is to minimize customers’ risk associated with security vulnerabilities by providing timely information, guidance and remediation of vulnerabilities in our products. NVIDIA PSIRT is a global team that manages the receipt, investigation, internal coordination, remediation and disclosure of security vulnerability information related to NVIDIA products.


One of the key responsibilities of NVIDIA’s PSIRT is to coordinate the response and disclosure for all externally identified NVIDIA product vulnerabilities.

Reporting Potential Security Vulnerability

NVIDIA welcomes reports from independent researchers, industry organizations, vendors, customers, and other sources concerned with product security.

To find out more information on how to report a potential vulnerability visit the Report Vulnerability page.

Coordinated Vulnerability Disclosure

NVIDIA strives to follow Coordinated Vulnerability Disclosure (CVD). CVD is a process by which independent reporters who discover a vulnerability in our product contact NVIDIA directly and allow us the opportunity to investigate and remediate the vulnerability before the reporter discloses the information to the public.

NVIDIA PSIRT will coordinate with the reporter throughout the vulnerability investigation and will provide the reporter with updates on progress as appropriate. With the agreement of the reporter, NVIDIA PSIRT may recognize the reporter on our Acknowledgement page for finding a valid product vulnerability and privately reporting the issue. After an update or mitigation information is publicly released by NVIDIA, the reporter is welcome to discuss the vulnerability publicly.

Following NVIDIA’s CVD allows us to protect our customers and at the same time, coordinate public disclosures and appropriately acknowledge the reporter(s) for their finding.

If a reported vulnerability involves a vendor product, the NVIDIA PSIRT will notify the vendor directly, coordinate with the reporter, or engage a third-party coordination center.

Subscribing to Security Bulletins and Updates

The list of published Security Bulletins can be found on the NVIDIA Security Bulletins page.

Customers are strongly advised to subscribe to NVIDIA Security Bulletin notifications to stay informed of initial release or major revisions to NVIDIA Security Bulletins.

You can subscribe to notifications here.

For information about NVIDIA Security Bulletins, see the Security Bulletin section of this document.

Media or PR Inquiries Regarding NVIDIA Security Vulnerability Information

Please reach out to one of the Corporate Communication contacts listed here.

NVIDIA PSIRT Vulnerability Management Process

The following graphic illustrates the NVIDIA PSIRT process at a high level.

Figure 1. NVIDIA Product Security Incident Response Team Process

policies-image-400

Assessing Security Risk using Common Vulnerability Scoring System (CVSS)

NVIDIA currently uses the Common Vulnerability Scoring System version 3.0 (CVSS v3.0) to evaluate the severity level of identified vulnerabilities. CVSS enables a common scoring method and a common language to communicate the characteristics and impacts of vulnerabilities. CVSS attempts to establish a measurement of how much concern a vulnerability warrants. The CVSS model uses three distinct measurements or scores that include Base, Temporal, and Environmental calculations, each consisting of a set of metrics. The full standard, which is maintained by the Forum of Incident Response and Security Teams (FIRST), can be found at: https://www.first.org/cvss .

NVIDIA follows CVSS v3.0 Specification Document Qualitative Severity Rating Scale (https://www.first.org/cvss/specification-document) to define Severity Ratings as shown in the table below:

Security Impact Rating CVSS Score
Critical 9.0 – 10.0
High 7.0 – 8.9
Medium 4.0 – 6.9
Low 0.1 – 3.9
None 0.0

NVIDIA reserves the right to deviate from these guidelines in specific cases if additional factors are not properly captured in the CVSS score.

When and where applicable, NVIDIA Security Bulletins will provide the CVSS v3.0 Base Score. NVIDIA focuses on the Base metric group only, because it will bring the most value to our customers, and represents the intrinsic characteristics of a vulnerability. NVIDIA’s risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk of your local installation.

NVIDIA recommends consulting a security or IT professional to evaluate the risk of your specific configuration and encourages you to compute the Environmental score based on your network parameters. NVIDIA recommends that all customers take into account the Base Score and any Temporal and/or Environmental Scores that may be relevant to their environment to assess their overall risk. This overall score represents a moment in time and is tailored to your specific environment. You should use a security or IT professional’s assessment of the issue and this final score to prioritize responses in your own environment.

Vulnerability Communication Policy

NVIDIA uses the following guidelines for non-third-party software vulnerabilities to determine the appropriate Communication Plan:

Security Impact Rating CVSS Score Communication Plan
Critical 9.0–10.0 NVIDIA Security Bulletin
High 7.0–8.9
Medium 4.0–6.9
Low 3.9 or below Product Release Note

If there is a security issue with a third-party software component that is used in an NVIDIA product, NVIDIA may publish a Security Bulletin. If a Security Bulletin is published for a third-party software component vulnerability, then NVIDIA typically uses the CVSS score provided by the component creator. In some cases, NVIDIA may adjust the CVSS score to reflect the impact to the NVIDIA product.

NVIDIA reserves the right to deviate from these guidelines in specific cases if additional factors are not properly captured in the CVSS score.

Security Bulletins

In most cases, NVIDIA intends to notify customers when there is an identified practical workaround or security update for a security vulnerability. The notification is through either targeted communications or by posting a Security Bulletin. Before posting the Security Bulletin, NVIDIA PSIRT will first complete the vulnerability response process and determine that sufficient software updates or workarounds exist to address the vulnerability, or subsequent public disclosure of remediation is planned to address the vulnerabilities.

Security Bulletins attempt to balance the right amount of information by providing sufficient details so that customers can protect themselves, but not verbose details allowing malicious users to take advantage of the information. NVIDIA Security Bulletins will typically include the following information where applicable:

  1. Products and versions affected
  2. Common Vulnerability Enumeration (CVE) identifier for the vulnerability (see https://cve.mitre.org)
  3. Brief description of the vulnerability and potential impact if exploited
  4. The Common Vulnerability Scoring System (CVSS) severity rating for the vulnerability (see https://www.first.org/cvss/user-guide.html)
  5. Remediation details such as security update, mitigation, or other action required by the customer
  6. Credit to the reporter of the identified vulnerability and acknowledgment for working with NVIDIA on the Coordinated Vulnerability Disclosure

NVIDIA will not provide additional information about the specifics of vulnerabilities beyond what is provided in the Security Bulletin and related documentation such as release notes, knowledge base articles, FAQs, etc. NVIDIA does not distribute exploit/proof of concept code for identified vulnerabilities.

In accordance with industry practices, NVIDIA does not share the findings from internal security testing or other types of security activities with external entities. It is important to note that any scan of NVIDIA’s Security production systems will be considered an attack. If you are an OEM partner, please coordinate your needs with your NVIDIA program manager.

NVIDIA Security Bulletins are posted on the Security Bulletin page.  You can subscribe to notifications here.

Security Notice

NVIDIA may release a special communication to respond quickly and appropriately to public disclosures where the vulnerability may have received significant public attention, is likely to have exploits available, or is expected to be actively exploited. In such an event, NVIDIA may expedite the communication and may or may not include a complete set of patches or workarounds.  This will be labeled as a Security Notice and posted on the Security Bulletin page.

Vulnerability Remediation

NVIDIA takes security concerns seriously and works to evaluate and address them in a timely manner. Response timelines will depend on many factors, including: the severity, the product affected, the current development cycle, QA cycles, and whether the issue can only be updated in a major release. 

Remediation may take one or more of the following forms:

  1. A new release
  2. An NVIDIA-provided security update
  3. Instructions to download and install an update or patch from a third-party
  4. A workaround to mitigate the vulnerability

Notwithstanding the foregoing, NVIDIA does not guarantee a specific resolution for issues and not all issues identified may be addressed.

Customer Rights: Warranties, Support, and Maintenance

NVIDIA customers’ rights with respect to warranties and support and maintenance, including vulnerabilities, in any NVIDIA software product are governed by the applicable agreement between NVIDIA and each customer.

The statements on this web page do not modify or expand any customer rights or create any additional warranties. Any information provided to NVIDIA regarding vulnerabilities in NVIDIA products including all information in a product vulnerability report shall become the sole information of NVIDIA.

Disclaimer

All aspects of NVIDIA’s PSIRT process and policies are subject to change without notice and on a case-by-case basis. Response is not guaranteed for any specific issue or class of issues. Your use of the information on the document or materials linked from the document is at your own risk. NVIDIA reserves the right to change or update this document without notice at any time.

ALL NVIDIA INFORMATION, DESIGN SPECIFICATIONS, REFERENCE BOARDS, FILES, DRAWINGS, DIAGNOSTICS, LISTS, AND OTHER DOCUMENTS (TOGETHER AND SEPARATELY, “MATERIALS”) ARE BEING PROVIDED “AS IS.” NVIDIA MAKES NO WARRANTIES, EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE WITH RESPECT TO THE MATERIALS, AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OR CONDITION OF TITLE, MERCHANTABILITY, SATISFACTORY QUALITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, ARE HEREBY EXCLUDED TO THE MAXIMUM EXTENT PERMITTED BY LAW.

Information is believed to be accurate and reliable at the time it is furnished. However, NVIDIA Corporation assumes no responsibility for the consequences of use of such information or for any infringement of patents or other rights of third parties that may result from its use. No license is granted by implication or otherwise under any patent or patent rights of NVIDIA Corporation. Specifications mentioned in this publication are subject to change without notice. This publication supersedes and replaces all information previously supplied. NVIDIA Corporation products are not authorized for use as critical components in life support devices or systems without express written approval of NVIDIA Corporation.

NVIDIA encourages Coordinated Vulnerability Disclosure of security vulnerabilities through the Security Vulnerability Submission Form.

NVIDIA thanks the following individuals and organizations for their contribution towards making our products more secure.

2019
Security Bulletin ID CVE(s) Acknowledgement
4680 CVE-2019-5701 Hashim Jawad of ACTIVELabs
4680 CVE-2019-5695 Peleg Hadar of SafeBreach Labs
4680 CVE-2019-5689 Siyuan Yi of Chengdu University of Technology
4907 CVE-2019-5694
CVE-2019-5695
Peleg Hadar of SafeBreach Labs
4928 CVE-2019-5688 Jesse Michael and Mickey Shkatov of Eclypsium
4875 CVE-2019-5700 Ryan Grachek
4804 CVE-2019-5681 Yousra Aafer
4804 CVE-2019-5682 Leron Gray (daddycocoaman)
4841 CVE-2019-5684
CVE-2019-5685
Piotr Bania of Cisco Talos
4835 CVE-2019-5680 Balázs Triszka
4806 CVE-2019-5678 David Yesland of Rhino Security Labs
4797 CVE-2019-5676 Kushal Arvind Shah of Fortinet's FortiGuard Labs; Łukasz 'zaeek'; Yasin Soliman; Marius Gabriel Mihai; and Stefan Kanthak
4787 CVE-2019-5672 Jesse Raffa
4784 CVE-2019-5674 David Yesland of Rhino Security Labs
4772 CVE-2019-5665 Christoffer Wiman
N/A N/A Pankaj Kumar Thakur
Taeyun Jang
Jesse Michael and Mickey Shkatov of Eclypsium
Rich Mirch
Raghavendra Singh
Sameer Phad
Hamdi Maamri

2018

2017

2016

2015

2014

2013

NVIDIA Public PGP Key for communication.

 

-----BEGIN PGP PUBLIC KEY BLOCK-----

Version: PGP Universal 3.4.2 (Build 1298)

mQENBF1gT/cBCADNWfruPik0NHJqaS2O61EdpuD3xlQVTXylc18/fXfR6YztS80n ogo3DrvKLk3VoSgoBEm70rgOOCayUBkoVJwIOuh4eV1GsdIZjRu9vuYTu5nfGLrF +hm2i/LjyiuFjm7tfA0Os936ay0pblY407HIUDLzpzGhb0LuMzRFW3e2RGuobRwU yZaO+o60o+J4gXRgJWPWh8JsLmgGrm/dOZVOSCOTzjXRydNMsG1JUQAXHPlN6pOD 98ajG9Eg+ryR1ubV1fMFr+lFfNG0yG1Ea0M7RVhQ+IfLIbMYN7YUw3DDrJOFG4+t QhP7f6XANEBdubBjomL9ylBBBxm1SW+4QslzABEBAAG0H05WSURJQSBQU0lSVCA8 UFNJUlRAbnZpZGlhLmNvbT6JAgUEEAEIAO8FAl2uqa4FCQIu/AAXCgABz0udN2P/ U/UrSP5cwde64OncVEgXCgARSPZUEJ5X3hhvBYl74uBto5wFRRIgFAAAAAAAFgAB a2V5LXVzYWdlLW1hc2tAcGdwLmNvbY4bFAAAAAAAEQABa2V5LXVzYWdlQHBncC5j b22PMBSAAAAAACAAB3ByZWZlcnJlZC1lbWFpbC1lbmNvZGluZ0BwZ3AuY29tcGdw bWltZQYLAgkDAQoCGQEFF4AAAAAfGGxkYXA6Ly9ocXBncGdhdGUxMDIubnZpZGlh LmNvbQUbgwAAAAMWAgEFHgEAAAAEFQgJCgAKCRB2cg4WaADfq64BB/0aqv+h7Hbx c4eITTajM9L+Z+wsRZcFW0udywRbWjuHNInLkZ2PkD1SwpIg9rZyQu4v7e4njral 91XacM1t5FM+Tr/uxwFgL4WCJljvNh6Vza3UMGdufxnwB8s3eLSeOakguAhPRPE5 1gqofSpCVtU3EYT22S+P35f4M1iJR18QQCvqfqjJn8bnUyLYv5ZwPED3dYkzeGRc ynrAv1q5h0P5p60upWy0lcxJ6+TL46e6pNPFbADKdPYva9Sslb5QWI8P2aRWpfu3 9EH/aBLy8GNMjuX2d6wch1+G3nRuizYJutAwf/kZZba3kpaCrgXtHZ9MYfXsvq44 UVoUcUFbRhHIiQEiBBABCAAMBQJdrqmuBQMB4TOAAAoJEMnqNS1+v1vuMqAIAKLw MHW43otmfUUZ0hhs6Dc98uym/1nYH0Ggl0SIsr22W04Q1Hg/p3bsWku6mNEmRgZ2 sOqKUuiunoFTyVJ+AM0gec2uqSNTCjVANheJug9FsiOWz9EdUHaWv1fCKSzj8xml SQ2jVHiGV6byJaSoQNPqh71ae9woWX2DDBxjQjyqLHkGDUUDynDcl8to0qB65A/m fBvxxu54nW+0IFG/YnCBK1uHcKT9HNChLuNcSfPv6BLpKGu2twfP8Af/oGcD2M6o /qG3w0Bb1D2d49tiY5B+67ZuRvmc6xg74PP/VprhSVQEkjqzhVU3NGsMXi8zTqam D/Xy173TYVtoRt2fB460KE5WSURJQSBQU0lSVCA8UFNJUlRAZXhjaGFuZ2UubnZp ZGlhLmNvbT6JAgIEEAEIAOwFAl2uqa4FCQIu/AAXCgABz0udN2P/U/UrSP5cwde6 4OncVEgXCgARSPZUEJ5X3hhvBYl74uBto5wFRRIgFAAAAAAAFgABa2V5LXVzYWdl LW1hc2tAcGdwLmNvbY4bFAAAAAAAEQABa2V5LXVzYWdlQHBncC5jb22PMBSAAAAA ACAAB3ByZWZlcnJlZC1lbWFpbC1lbmNvZGluZ0BwZ3AuY29tcGdwbWltZQYLAgkD AQoFF4AAAAAfGGxkYXA6Ly9ocXBncGdhdGUxMDIubnZpZGlhLmNvbQUbgwAAAAMW AgEFHgEAAAAEFQgJCgAKCRB2cg4WaADfq40VB/41pjkYrBA86QibzUnOC6/eolYa VfuXPUJ0VHECIRGbcxs7kprC09NkT4K1IiIhuefu/YCvUH21m6hl4rBRewFJ/SZu Ma27/mBR7uos5/GS3tNJvJq5vgBsO0/7+HOHJ4SKWpD8fzmlZCnHjikxw2LRs2tY chnpNX291ynLq4abDq+LkkfRjURRrJxN1+GYjoaCclCr5zfDoqk31+7AKqLN5pCr AD8BcI2+ObcBmkexRr3/JuTMq9s2VtB+nFcdjtxqVZVPf3xIEPSa+Thg+SvVHTRm 2+a6t/4pdRXBysO8GQTp7Z4oLb5Q/uXytOuj5pvwWYxnXlidKEJ8j9nAQr2ZiQEi BBABCAAMBQJdrqmuBQMB4TOAAAoJEMnqNS1+v1vueVQH/Ron+uzcsTEe7ibhNTLG nC+3gjqwTiXCmPUyA3E+sy1ySBHgAxFS9s1ODoBNsOuelCS6mlUKZ0VVe3kYYKXB 1HlEVewlxv5csnndUJPnO0aZcOO6caJM0nxd9aY3ef5TxdGF/468ATxOAcmsGoCx w3X/n3JuMUSSBXd2yphZQ29Nhdz20gOdDJqaT8Rvuwo/+CJPP4FpGyZekhQxsRVL YWpFCbGbkwJzpG9mq/WiOZ9bL9eVKGELa+nalJxagn2S0Mw6R/aJMNgCJDbN18Cr rT7q07+1kLWe1G2ZaBbTJTB3vzJJqL3IBEYbiKnqr+rNeJipFOeZv8Qn18Lr4awP xam0Hk5WSURJQSBQU0lSVCA8cHNpcnRAbnZpZGlhLml0PokCAgQQAQgA7AUCXa6p rgUJAi78ABcKAAHPS503Y/9T9StI/lzB17rg6dxUSBcKABFI9lQQnlfeGG8FiXvi 4G2jnAVFEiAUAAAAAAAWAAFrZXktdXNhZ2UtbWFza0BwZ3AuY29tjhsUAAAAAAAR AAFrZXktdXNhZ2VAcGdwLmNvbY8wFIAAAAAAIAAHcHJlZmVycmVkLWVtYWlsLWVu Y29kaW5nQHBncC5jb21wZ3BtaW1lBgsCCQMBCgUXgAAAAB8YbGRhcDovL2hxcGdw Z2F0ZTEwMi5udmlkaWEuY29tBRuDAAAAAxYCAQUeAQAAAAQVCAkKAAoJEHZyDhZo AN+rHowH/R8XjETjYkqhGCkhyExg/H4cOxN5yK6DWrrvASPiv7l3UgkT1yvMf+us amluoHXnGeIHR0jOBhNJCTOf+xu127bTi4DWnatoeMiSroEDZKoPkOd+j5LW/JLV AbiQJ+J7AjPX54oMSEaV1BK2u5/OPcWmkjtg4V8xN9f6WmBTsEUvqRsP7iuFAON5 ebW2GOLCWU6ZxOOBlmfcjbVktleLJ2ESrMRFCFVxQ3c9UXKaPwUCis1Wmf7n7QSz XWnVPq1g/f/MloHEU0a0BIo0b+79twL6lkLvpN6W+okuUITgcDBDJjE3FNwYodGc QLaaAbGsgtldSmojHlUiw2I1m/F/TviJASIEEAEIAAwFAl2uqa4FAwHhM4AACgkQ yeo1LX6/W+5zXQgAk0R275Ko8t+ecvCaXo1gReZdMVFx5QduCVDr0k4+dlwNHIBn BUyNnb62HEm4HW0KnLVZTlzCgZVBHcWZRlCiDkb+iZ14HCamUFY9FuGQb2vpzWAY okGpCPyH72ZXwQkZgqNzs4Zd2V3n0lar1kKieUWN2ZNkCVM1ABNtUZs/PyaCIDSq MVL71alHXlvhhYfZGz+3mk2bviIVz6RUDbKaFspNI6YmzjTIMHsMTvYqohPCH5uv qZj7u/9oD+50cgD9NZ+T0D6tjANJQ24uPFxbGUBdknWhmxC/K/7/714jgruIugEH DtgfM9ZrHHeunXU13t4MT66LshvEUHwxTtZpK7QkTlZJRElBIFBTSVJUIDxQU0lS VEBzbXRwLm52aWRpYS5jb20+iQICBBABCADsBQJdrqmuBQkCLvwAFwoAAc9LnTdj /1P1K0j+XMHXuuDp3FRIFwoAEUj2VBCeV94YbwWJe+LgbaOcBUUSIBQAAAAAABYA AWtleS11c2FnZS1tYXNrQHBncC5jb22OGxQAAAAAABEAAWtleS11c2FnZUBwZ3Au Y29tjzAUgAAAAAAgAAdwcmVmZXJyZWQtZW1haWwtZW5jb2RpbmdAcGdwLmNvbXBn cG1pbWUGCwIJAwEKBReAAAAAHxhsZGFwOi8vaHFwZ3BnYXRlMTAyLm52aWRpYS5j b20FG4MAAAADFgIBBR4BAAAABBUICQoACgkQdnIOFmgA36vD4AgApx/t8W7akdtV Hclp1RcFsjoEjZsZuF5Y8eELFt3FabElgEagfWUYL1HINSpaY+X/6f9OQPK9lsY8 5//yF8jpJI/KDfYQmrGFr45iBf4sJhZy3lKFSzXLAGhp6l/8gqfVE2n//kWTru3g bP/tgSYEpm2FX7N4xQJ1SYdOjvebTAGsOD1//mH6a1DETB1Zq3ALHAMV2UA0KRUM W7pjE2iGDTzVGDwDyIZB+xHBudhwedGCPiAfUYQ0vm39U1ZCsOWZg5d3VVmUtm4Q iN8jfbJMDPlRM3keTcL1tHB3yyti1hjUio5E8vor8FXFUTA1QKRN4quDs8y1IyYy aOeQY7LjqYkBIgQQAQgADAUCXa6prgUDAeEzgAAKCRDJ6jUtfr9b7s7PB/9pNtdF sveUBPNy1jmEbJ2vaytMaCzX8VuahhRphCa/MkwrXIC7maBZvnEam8ro6xKi+rL6 0tVnUhtuV962UbrYCiusZvXDjIrsCF6C/5y16xUN1cK3qNdXCwqgNxBhAS5bhLkK Z9NbOOnSzP/tfhi/nEUx8uHX33oILUr17dKPXeDZoAqTV5eanFFqX+pSJoRyzek6 WLEGG+HAt64fWEoYuAmo/G3fug37/ZVTE+u/YgK0TS9s2FZvJqz9bYdGD7YV7t61 nABLR3tj6DSr5rm4+5FoC3V6LUJzsXPBbU12/ffdBiu4a/jkODj9vmGLuhUPSzMW 6r7WvKIZM53vV+sXuQENBF1gT/gBCADnlTMagdzi8hIOCFvumDtohVXyemGekYxS SoqZaPOzQfAsoXeBWrYGipNAWOQ8MlLoG5LzGNHD1ePeNknPAh8GC/mClFFubMFv SZFq+ew1NHCUP4lk1/RXe+jr/fnJsJAGt/6nqzBdePvMnW2MPFUIpDR8MkYw4aej +y91FE2jsIEccB0mOkB1l8tNplz+dpAdP4YTUS0jrIlgU+FjeaB9UbO3yT2LN8c2 TZk7WsyNl2ufySboG79/1O4NKUDfca2K0y0MZ2NMLudMH7CN5ETdICQuaNdW15/O GJTP1KpJWg4YXpGU1bmCaFuxnCigQ1VxqcymVJqgsII4i5kijQ7jABEBAAGJAkcE GAECATEFAl2uqa4FCQIu/AAFGwwAAADAXSAEGQEIAAYFAl1gT/gACgkQJ0vXrbyG XbGH1gf/XdJQovgUoqjblmeh/KCMNL7H19MaATXr3mAGNshF9Eb4qTus6yVUfBcm hL7UhwsUKqN0H3mqDml+ciguF0nnzqxiLSBpQW/uoKpLD+EOzYyvFDwwowXYeZZK SVpJ3ZZFPRaXFQIDdYPo2Zb4TxaTSblN6VSEgjBMrDzQV0wAOeiX1A5Fn9iKIlyK 0is2sZyTZt+7NxWEuox90jqb39f7uV+OHBpUl3zt4y9qanuaGxMwS3/HmbPX3kuD KZ8fgt2FE0axyNkJ/BW693BRpobGaRPrH9L8gfitqwWM9Yv6hifau7JJ4m1oxoqq b0QjEe6f8STDSIxlucr+Ha8IT03xdgAKCRB2cg4WaADfq4KLCAC3zbr+Syjwk8DU XodW6+hpjG0raTM0b9ZCKZafVg3cgLXla2VSJ9jHg9rLOKJKbSbXWftdgAtajsoC NP3h6bniTljzhuMEuETzQ//J6YPzr1JiFuPqVSQLw1I6ZJcGBIEYKhK3lNcmKftI OPSldO4qzyxrq+Hd44XbdJpvcpjDMzw99FwjgyVGeJoSa2oTNmAVqEXaa4u9N8dR WImbC1YtAUniON2/H0hKuh1G2rM1X+XnTzIT3Vqck//RVwCt/4PBZXdlT6ZGw1RT b+2VT6ipweDx0R1zm5rOVCamHbxRYZJRSKBEkPrKjVgcJeXBoGNyPo6TgL9hSajx VkgpkSbr =4n6H

-----END PGP PUBLIC KEY BLOCK-----