Errata ALT-PU-2018-2344-1: Information
Fixes
Published: April 18, 2018
BDU:2018-01428
Уязвимость функции set_text_distance компонента pdfwrite набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: Sept. 28, 2018
BDU:2018-01519
Уязвимость компонента Sandbox Protection Mechanism набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, позволяющая нарушителю обойти защитный механизм песочницы и выполнить произвольный код
Severity: HIGH (8.6) Vector: AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Links:
Published: Aug. 21, 2018
BDU:2019-00972
Уязвимость набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, связанная с ошибками преобразования типов, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Severity: CRITICAL (9.6) Vector: AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Links:
Published: Oct. 5, 2016
BDU:2019-01634
Уязвимость библиотеки zfile.c интерпретатора PostScript/PDF Ghostscript, связанная с раскрытием информации, позволяющая нарушителю определить наличие и размер произвольных файлов
Severity: MEDIUM (5.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Links:
Published: April 3, 2017
BDU:2019-03986
Уязвимость функции fill_threshhold_buffer (base/gxht_thresh.c) набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Severity: MEDIUM (5.6) Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Links:
Published: Sept. 5, 2018
BDU:2019-04348
Уязвимость компонентов gssetresolution и gsgetresolution набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: Sept. 10, 2018
BDU:2019-04351
Уязвимость набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, существующая из-за недостаточной проверки входных данных, позволяющая нарушителю выполнить произвольный код
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: Sept. 19, 2018
BDU:2019-04352
Уязвимость набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, существующая из-за недостаточной проверки входных данных, позволяющая нарушителю выполнить произвольный код
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: May 11, 2017
BDU:2020-01870
Уязвимость реализации команды setdistillerkeys набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: Aug. 23, 2018
BDU:2020-01871
Уязвимость встроенного конвертера PDF14 набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: Aug. 21, 2018
BDU:2020-01872
Уязвимость компонента .tempfile набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, позволяющая нарушителю обойти защиту –dSAFER , удалить файлы или получить несанкционированный доступ к защищаемой информации
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: April 26, 2017
BDU:2021-05648
Уязвимость набора программного обеспечения для обработки, преобразования и генерации документов Ghostscript, связанная с недостатками преобразования типов данных, позволяющая нарушителю выполнить произвольные команды и обойти защиту –dSAFER
Severity: HIGH (8.8) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: April 3, 2017
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2016-10217
The pdf14_open function in base/gdevp14.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file that is mishandled in the color management module.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: April 3, 2017
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2016-10218
The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF Transparency module in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: April 3, 2017
Modified: Nov. 4, 2017
Modified: Nov. 4, 2017
CVE-2016-10219
The intersect function in base/gxfill.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: April 3, 2017
Modified: Nov. 4, 2017
Modified: Nov. 4, 2017
CVE-2016-10220
The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file that is mishandled in the PDF Transparency module.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: April 3, 2017
Modified: May 2, 2018
Modified: May 2, 2018
CVE-2016-10317
The fill_threshhold_buffer function in base/gxht_thresh.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document.
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: Aug. 7, 2017
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2016-7976
The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams.
Severity: HIGH (8.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: May 23, 2017
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2016-7977
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Links:
- https://ghostscript.com/doc/9.21/History9.htm
- https://bugs.ghostscript.com/show_bug.cgi?id=697169
- [oss-security] 20161005 Re: CVE Request - multiple ghostscript -dSAFER sandbox problems
- [oss-security] 20160928 Re: ImageMagick identify "d:" hangs
- 95334
- GLSA-201702-31
- DSA-3691
- RHSA-2017:0014
- RHSA-2017:0013
- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
- http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=8abd22010eb4db0fb1b10e430d5f5d83e015ef70
Published: May 23, 2017
Modified: Jan. 5, 2018
Modified: Jan. 5, 2018
CVE-2016-7978
Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice.
Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: May 23, 2017
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2016-7979
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser.
Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: April 14, 2017
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2016-8602
The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack.
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
- https://ghostscript.com/doc/9.21/History9.htm
- https://bugzilla.redhat.com/show_bug.cgi?id=1383940
- https://bugs.ghostscript.com/show_bug.cgi?id=697203
- 95311
- [oss-security] 20161011 Re: CVE Request - multiple ghostscript -dSAFER sandbox problems
- [oss-security] 20161011 Re: CVE Request - multiple ghostscript -dSAFER sandbox problems
- GLSA-201702-31
- DSA-3691
- RHSA-2017:0014
- RHSA-2017:0013
- http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=f5c7555c303
Published: April 24, 2018
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2016-9601
ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. A document (PostScript or PDF) with an embedded, specially crafted, jbig2 image could trigger a segmentation fault in ghostscript.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: April 3, 2017
Modified: Nov. 4, 2017
Modified: Nov. 4, 2017
CVE-2017-5951
The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: March 21, 2017
Modified: Jan. 5, 2018
Modified: Jan. 5, 2018
CVE-2017-7207
The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: April 27, 2017
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2017-8291
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
- https://bugs.ghostscript.com/show_bug.cgi?id=697808
- https://bugzilla.suse.com/show_bug.cgi?id=1036453
- https://bugzilla.redhat.com/show_bug.cgi?id=1446063
- http://openwall.com/lists/oss-security/2017/04/28/2
- 98476
- 41955
- GLSA-201708-06
- DSA-3838
- RHSA-2017:1230
- https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=04b37bbce174eed24edec7ad5b920eb93db4d47d
Published: April 19, 2018
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2018-10194
The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: June 1, 2018
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2018-11645
psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977.
Severity: MEDIUM (5.3) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Links:
Published: Aug. 27, 2018
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2018-15908
In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files.
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: Sept. 5, 2018
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2018-16511
An issue was discovered in Artifex Ghostscript before 9.24. A type confusion in "ztype" could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact.
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
- https://www.artifex.com/news/ghostscript-security-resolved/
- http://seclists.org/oss-sec/2018/q3/182
- https://bugs.ghostscript.com/show_bug.cgi?id=699659
- DSA-4288
- [debian-lts-announce] 20180913 [SECURITY] [DLA 1504-1] ghostscript security update
- USN-3768-1
- GLSA-201811-12
- RHSA-2018:3650
- http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=0edd3d6c634a577db261615a9dc2719bca7f6e01
Published: Sept. 5, 2018
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2018-16539
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Links:
- https://www.artifex.com/news/ghostscript-security-resolved/
- https://bugs.ghostscript.com/show_bug.cgi?id=699658
- DSA-4288
- [debian-lts-announce] 20180913 [SECURITY] [DLA 1504-1] ghostscript security update
- USN-3768-1
- GLSA-201811-12
- RHSA-2018:3650
- http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=a054156d425b4dbdaaa9fda4b5f1182b27598c2b
Published: Sept. 5, 2018
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2018-16540
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact.
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
- https://www.artifex.com/news/ghostscript-security-resolved/
- https://bugs.ghostscript.com/show_bug.cgi?id=699661
- DSA-4288
- [debian-lts-announce] 20180913 [SECURITY] [DLA 1504-1] ghostscript security update
- USN-3768-1
- GLSA-201811-12
- RHSA-2019:0229
- RHBA-2019:0327
- http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=c432131c3fdb2143e148e8ba88555f7f7a63b25e
Published: Sept. 5, 2018
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2018-16541
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
- https://www.artifex.com/news/ghostscript-security-resolved/
- https://bugs.ghostscript.com/show_bug.cgi?id=699664
- DSA-4288
- [debian-lts-announce] 20180913 [SECURITY] [DLA 1504-1] ghostscript security update
- USN-3768-1
- GLSA-201811-12
- RHSA-2018:3834
- http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=241d91112771a6104de10b3948c3f350d6690c1d
Published: Sept. 5, 2018
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2018-16542
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
- https://bugs.ghostscript.com/show_bug.cgi?id=699668
- http://seclists.org/oss-sec/2018/q3/182
- DSA-4288
- [debian-lts-announce] 20180913 [SECURITY] [DLA 1504-1] ghostscript security update
- 105337
- USN-3768-1
- RHSA-2018:2918
- GLSA-201811-12
- http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=b575e1ec42cc86f6a58c603f2a88fcc2af699cc8
Published: Sept. 5, 2018
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2018-16543
In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolution allow attackers to have an unspecified impact.
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: Sept. 6, 2018
Modified: May 17, 2024
Modified: May 17, 2024
CVE-2018-16585
An issue was discovered in Artifex Ghostscript before 9.24. The .setdistillerkeys PostScript command is accepted even though it is not intended for use during document processing (e.g., after the startup phase). This leads to memory corruption, allowing remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact. Note: A reputable source believes that the CVE is potentially a duplicate of CVE-2018-15910 as explained in Red Hat bugzilla (https://bugzilla.redhat.com/show_bug.cgi?id=1626193)
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
- https://seclists.org/oss-sec/2018/q3/182
- DSA-4288
- [debian-lts-announce] 20180913 [SECURITY] [DLA 1504-1] ghostscript security update
- USN-3768-1
- GLSA-201811-12
- https://bugzilla.redhat.com/show_bug.cgi?id=1626193
- http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=1497d65039885a52b598b137dd8622bd4672f9be
- http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=971472c83a345a16dac9f90f91258bb22dd77f22
Published: Sept. 10, 2018
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2018-16802
An issue was discovered in Artifex Ghostscript before 9.25. Incorrect "restoration of privilege" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. This is due to an incomplete fix for CVE-2018-16509.
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
- https://seclists.org/oss-sec/2018/q3/229
- [oss-security] 20180909 Re: Ghostscript 9.24 issues
- [debian-lts-announce] 20180913 [SECURITY] [DLA 1504-1] ghostscript security update
- DSA-4294
- USN-3768-1
- GLSA-201811-12
- RHSA-2018:3834
- https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=5812b1b78fc4d36fdc293b7859de69241140d590
- http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=643b24dbd002fb9c131313253c307cf3951b3d47
- http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=3e5d316b72e3965b7968bb1d96baa137cd063ac6
Published: Sept. 19, 2018
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2018-17183
Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code.
Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: Oct. 15, 2018
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2018-17961
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183.
Severity: HIGH (8.6) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Links:
- 45573
- https://bugs.ghostscript.com/show_bug.cgi?id=699816
- https://bugs.chromium.org/p/project-zero/issues/detail?id=1682&desc=2
- [oss-security] 20181009 ghostscript: bypassing executeonly to escape -dSAFER sandbox (CVE-2018-17961)
- [debian-lts-announce] 20181022 [SECURITY] [DLA 1552-1] ghostscript security update
- USN-3803-1
- DSA-4336
- RHSA-2018:3834
- http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=a5a9bf8c6a63
- http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=a6807394bd94
- http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=a54c9e61e7d0