From owner-freebsd-announce@FreeBSD.ORG Mon Nov 24 17:47:13 2008 Return-Path: Delivered-To: freebsd-announce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 427A71065675; Mon, 24 Nov 2008 17:47:13 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 310DC8FC0C; Mon, 24 Nov 2008 17:47:13 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (cperciva@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id mAOHlDor034718; Mon, 24 Nov 2008 17:47:13 GMT (envelope-from security-advisories@freebsd.org) Received: (from cperciva@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id mAOHlDSE034716; Mon, 24 Nov 2008 17:47:13 GMT (envelope-from security-advisories@freebsd.org) Date: Mon, 24 Nov 2008 17:47:13 GMT Message-Id: <200811241747.mAOHlDSE034716@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: cperciva set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Precedence: bulk Cc: Subject: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-08:11.arc4random X-BeenThere: freebsd-announce@freebsd.org X-Mailman-Version: 2.1.5 Reply-To: freebsd-security@freebsd.org List-Id: "Project Announcements \[moderated\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Nov 2008 17:47:13 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08.11.arc4random Security Advisory The FreeBSD Project Topic: arc4random(9) predictable sequence vulnerability Category: core Module: sys Announced: 2008-11-24 Credits: Robert Woolley, Mark Murray, Maxim Dounin, Ruslan Ermilov Affects: All supported versions of FreeBSD. Corrected: 2008-11-24 17:39:39 UTC (RELENG_7, 7.1-PRERELEASE) 2008-11-24 17:39:39 UTC (RELENG_7_0, 7.0-RELEASE-p6) 2008-11-24 17:39:39 UTC (RELENG_6, 6.4-STABLE) 2008-11-24 17:39:39 UTC (RELENG_6_4, 6.4-RELEASE) 2008-11-24 17:39:39 UTC (RELENG_6_3, 6.3-RELEASE-p6) CVE Name: CVE-2008-5162 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background arc4random(9) is a generic-purpose random number generator based on the key stream generator of the RC4 cipher. It is expected to be cryptographically strong, and used throughout the FreeBSD kernel for a variety of purposes, some of which rely on its cryptographic strength. arc4random(9) is periodically reseeded with entropy from the FreeBSD kernel's Yarrow random number generator, which gathers entropy from a variety of sources including hardware interrupts. During the boot process, additional entropy is provided to the Yarrow random number generator from userland, helping to ensure that adequate entropy is present for cryptographic purposes. II. Problem Description When the arc4random(9) random number generator is initialized, there may be inadequate entropy to meet the needs of kernel systems which rely on arc4random(9); and it may take up to 5 minutes before arc4random(9) is reseeded with secure entropy from the Yarrow random number generator. III. Impact All security-related kernel subsystems that rely on a quality random number generator are subject to a wide range of possible attacks for the 300 seconds after boot or until 64k of random data is consumed. The list includes: * GEOM ELI providers with onetime keys. When a provider is configured in a way so that it gets attached at the same time during boot (e.g. it uses the rc subsystem to initialize) it might be possible for an attacker to recover the encrypted data. * GEOM shsec providers. The GEOM shsec subsytem is used to split a shared secret between two providers so that it can be recovered when both of them are present. This is done by writing the random sequence to one of providers while appending the result of the random sequence on the other host to the original data. If the provider was created within the first 300 seconds after booting, it might be possible for an attacker to extract the original data with access to only one of the two providers between which the secret data is split. * System processes started early after boot may receive predictable IDs. * The 802.11 network stack uses arc4random(9) to generate initial vectors (IV) for WEP encryption when operating in client mode and WEP authentication challenges when operating in hostap mode, which may be insecure. * The IPv4, IPv6 and TCP/UDP protocol implementations rely on a quality random number generator to produce unpredictable IP packet identifiers, initial TCP sequence numbers and outgoing port numbers. During the first 300 seconds after booting, it may be easier for an attacker to execute IP session hijacking, OS fingerprinting, idle scanning, or in some cases DNS cache poisoning and blind TCP data injection attacks. * The kernel RPC code uses arc4random(9) to retrieve transaction identifiers, which might make RPC clients vulnerable to hijacking attacks. IV. Workaround No workaround is available for affected systems. V. Solution NOTE WELL: Any GEOM shsec providers which were created or written to during the first 300 seconds after booting should be re-created after applying this security update. Perform one of the following: 1) Upgrade your vulnerable system to 6-STABLE, or 7-STABLE, or to the RELENG_7_0, or RELENG_6_3 security branch dated after the correction date. 2) To patch your present system: The following patches have been verified to apply to FreeBSD 6.3 and 7.0 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 7.x] # fetch http://security.FreeBSD.org/patches/SA-08:11/arc4random.patch # fetch http://security.FreeBSD.org/patches/SA-08:11/arc4random.patch.asc [FreeBSD 6.x] # fetch http://security.FreeBSD.org/patches/SA-08:11/arc4random6x.patch # fetch http://security.FreeBSD.org/patches/SA-08:11/arc4random6x.patch.asc b) Apply the patch. # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Branch Revision Path - ------------------------------------------------------------------------- RELENG_6 src/sys/dev/random/randomdev.c 1.59.2.2 src/sys/dev/random/randomdev_soft.c 1.11.2.3 RELENG_6_4 src/UPDATING 1.416.2.40.2.2 src/sys/dev/random/randomdev.c 1.59.2.1.8.2 src/sys/dev/random/randomdev_soft.c 1.11.2.2.6.2 RELENG_6_3 src/UPDATING 1.416.2.37.2.11 src/sys/conf/newvers.sh 1.69.2.15.2.10 src/sys/dev/random/randomdev.c 1.59.2.1.6.1 src/sys/dev/random/randomdev_soft.c 1.11.2.2.4.1 RELENG_7 src/sys/dev/random/randomdev.c 1.61.2.1 src/sys/dev/random/randomdev_soft.c 1.15.2.1 RELENG_7_0 src/UPDATING 1.507.2.3.2.10 src/sys/conf/newvers.sh 1.72.2.5.2.10 src/sys/dev/random/randomdev.c 1.61.4.1 src/sys/dev/random/randomdev_soft.c 1.15.4.1 - ------------------------------------------------------------------------- VII. References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5162 The latest revision of this advisory is available at http://security.FreeBSD.org/advisories/FreeBSD-SA-08:11.arc4random.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEYEARECAAYFAkkq550ACgkQFdaIBMps37K3SwCfcj0iiFxH2tljR1N7/qhXWiW1 N/cAoIjgcsh6sZG/upobud4TVme9QJPf =SKuK -----END PGP SIGNATURE----- From owner-freebsd-announce@FreeBSD.ORG Wed Nov 26 16:10:45 2008 Return-Path: Delivered-To: freebsd-announce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E31F71065674 for ; Wed, 26 Nov 2008 16:10:45 +0000 (UTC) (envelope-from deb@freebsd.org) Received: from aslan.scsiguy.com (www.scsiguy.com [70.89.174.89]) by mx1.freebsd.org (Postfix) with ESMTP id 9D4908FC33 for ; Wed, 26 Nov 2008 16:10:45 +0000 (UTC) (envelope-from deb@freebsd.org) Received: from [192.168.16.103] (c-75-71-72-123.hsd1.co.comcast.net [75.71.72.123]) (authenticated bits=0) by aslan.scsiguy.com (8.14.3/8.14.3) with ESMTP id mAQGAirw081815 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 26 Nov 2008 09:10:44 -0700 (MST) (envelope-from deb@freebsd.org) Message-ID: <492D74FC.3070407@freebsd.org> Date: Wed, 26 Nov 2008 09:10:36 -0700 From: Deb Goodkin User-Agent: Thunderbird 2.0.0.18 (Windows/20081105) MIME-Version: 1.0 To: freebsd-announce@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Wed, 26 Nov 2008 16:54:26 +0000 Subject: [FreeBSD-Announce] FreeBSD Foundation Project Announcement X-BeenThere: freebsd-announce@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Project Announcements \[moderated\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Nov 2008 16:10:46 -0000 Dear FreeBSD Community, The FreeBSD Foundation is pleased to announce continued funding of the network stack virtualization project, made possible by a grant from NLNet. The virtualized network stack will significantly enhance FreeBSD's jail functionality, allowing jails to have their own complete and locally administered network stacks, including firewalls, routing, and IPsec configurations. The Foundation will be sponsoring Bjoern Zeeb, a FreeBSD network developer, to enhance the existing prototype, now being merged into FreeBSD 8.x, as well as provide code review. Sincerely, The FreeBSD Foundation From owner-freebsd-announce@FreeBSD.ORG Fri Nov 28 18:22:28 2008 Return-Path: Delivered-To: freebsd-announce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 849241065672 for ; Fri, 28 Nov 2008 18:22:28 +0000 (UTC) (envelope-from kensmith@FreeBSD.org) Received: from myers.cse.buffalo.edu (myers.cse.buffalo.edu [128.205.32.88]) by mx1.freebsd.org (Postfix) with ESMTP id 506E28FC21 for ; Fri, 28 Nov 2008 18:22:28 +0000 (UTC) (envelope-from kensmith@FreeBSD.org) Received: from myers.cse.buffalo.edu (localhost [127.0.0.1]) by myers.cse.buffalo.edu (8.14.2/8.12.4) with ESMTP id mASIBHeD019550 for ; Fri, 28 Nov 2008 13:11:17 -0500 (EST) Received: (from kensmith@localhost) by myers.cse.buffalo.edu (8.14.2/8.14.2/Submit) id mASIBHo3019549 for freebsd-announce@freebsd.org; Fri, 28 Nov 2008 13:11:17 -0500 (EST) (envelope-from kensmith) Date: Fri, 28 Nov 2008 13:11:17 -0500 From: Ken Smith To: freebsd-announce@freebsd.org Message-ID: <20081128181117.GA19512@myers.cse.buffalo.edu> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="dDRMvlgZJXvWKvBx" Content-Disposition: inline User-Agent: Mutt/1.4.2.3i Subject: [FreeBSD-Announce] FreeBSD 6.4-RELEASE Available X-BeenThere: freebsd-announce@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Project Announcements \[moderated\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Nov 2008 18:22:28 -0000 --dDRMvlgZJXvWKvBx Content-Type: text/plain; charset=us-ascii Content-Disposition: inline The FreeBSD Release Engineering Team is pleased to announce the availability of FreeBSD 6.4-RELEASE. At this time 6.4-RELEASE is expected to be the last of the 6-STABLE releases. Some of the highlights: - New and much-improved NFS Lock Manager (NLM) client - Support for the Camellia cipher - boot loader changes allow, among other things, booting from USB devices and booting from GPT-labeled devices with GPT-enabled BIOSes - DVD install ISO images for amd64/i386 - KDE updated to 3.5.10, GNOME updated to 2.22.3 - Updates for BIND, sendmail, OpenPAM, and others For a complete list of new features and known problems, please see the online release notes and errata list, available at: http://www.FreeBSD.org/releases/6.4R/relnotes.html http://www.FreeBSD.org/releases/6.4R/errata.html For more information about FreeBSD release engineering activities, please see: http://www.FreeBSD.org/releng/ The FreeBSD Security Team intends to support 6.4-RELEASE until November 30th, 2010. Availability ------------- FreeBSD 6.4-RELEASE is now available for the amd64, i386, pc98, and sparc64 architectures. The builds for the alpha architecture have not completed yet and will be announced later. FreeBSD 6.4-RELEASE can be installed from bootable ISO images or over the network; the required files can be downloaded via FTP or BitTorrent as described in the sections below. While some of the smaller FTP mirrors may not carry all architectures, they will all generally contain the more common ones, such as i386 and amd64. MD5 and SHA256 hashes for the release ISO images are included at the bottom of this message. The contents of the ISO images provided as part of the release has changed for most of the architectures. Using the i386 architecture as an example, there are ISO images named "bootonly", "disc1", "disc2", "disc3", "docs", and "dvd1". The "bootonly" image is suitable for booting a machine to do a network based installation using FTP or NFS. The "disc1", "disc2", and "disc3" images are CDROM-sized (700MB media) and are used to do a full installation that includes a basic set of packages and does not require network access to an FTP or NFS server during the installation. In addition, "disc1" supports booting into a "live CD-based filesystem" and system rescue mode. The "docs" image has all of the documentation for all supported languages. The "dvd1" image is DVD-sized and includes everything that is on the CDROM discs. So "dvd1" can be used to do a full installation that includes a basic set of packages, it has all of the documentation for all supported languages, and it can be used for booting into a "live CD-based filesystem" and system rescue mode. Most people will find that "disc1", "disc2" and "disc3" are all that are needed if their machine does not have a DVD-capable drive. For people with machines that do have a DVD-capable drive "dvd1" should be all that is required. If you intend to install ports from source instead of using the pre-built packages included with the release only "disc1" is needed. FreeBSD 6.4-RELEASE can also be purchased on CD-ROM from several vendors. One of the vendors that will be offering FreeBSD 6.4-based products is: ~ FreeBSD Mall, Inc. http://www.freebsdmall.com/ BitTorrent ---------- 6.4-RELEASE ISOs are available via BitTorrent. A collection of torrent files to download the images is available at: http://torrents.freebsd.org:8080/ FTP --- At the time of this announcement the following FTP sites have FreeBSD 6.4-RELEASE available. ftp://ftp.freebsd.org/pub/FreeBSD/ ftp://ftp3.freebsd.org/pub/FreeBSD/ ftp://ftp7.freebsd.org/pub/FreeBSD/ ftp://ftp9.freebsd.org/pub/FreeBSD/ ftp://ftp10.freebsd.org/pub/FreeBSD/ ftp://ftp12.freebsd.org/pub/FreeBSD/ ftp://ftp.at.freebsd.org/pub/FreeBSD/ ftp://ftp.cz.freebsd.org/pub/FreeBSD/ ftp://ftp.dk.freebsd.org/pub/FreeBSD/ ftp://ftp.fi.freebsd.org/pub/FreeBSD/ ftp://ftp.fr.freebsd.org/pub/FreeBSD/ ftp://ftp2.ie.freebsd.org/pub/FreeBSD/ ftp://ftp.se.freebsd.org/pub/FreeBSD/ ftp://ftp.si.freebsd.org/pub/FreeBSD/ ftp://ftp1.ru.freebsd.org/pub/FreeBSD/ ftp://ftp2.uk.freebsd.org/pub/FreeBSD/ ftp://ftp3.us.freebsd.org/pub/FreeBSD/ ftp://ftp7.us.freebsd.org/pub/FreeBSD/ ftp://ftp9.us.freebsd.org/pub/FreeBSD/ ftp://ftp11.us.freebsd.org/pub/FreeBSD/ However before trying these sites you may want to check your regional mirror(s) first by going to: ftp://ftp..FreeBSD.org/pub/FreeBSD Any additional mirror sites will be labeled ftp2, ftp3 and so on. More information about FreeBSD mirror sites can be found at: http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/mirrors-ftp.html For instructions on installing FreeBSD, please see Chapter 2 of The FreeBSD Handbook. It provides a complete installation walk-through for users new to FreeBSD, and can be found online at: http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/install.html FreeBSD Update -------------- The freebsd-update(8) utility supports binary upgrades of i386 and amd64 systems running earlier FreeBSD releases. Systems running 6.3-RELEASE, 6.4-BETA, 6.4-RC1, or 6.4-RC2 can upgrade as follows: # freebsd-update upgrade -r 6.4-RELEASE During this process, FreeBSD Update may ask the user to help by merging some configuration files or by confirming that the automatically performed merging was done correctly. # freebsd-update install The system must be rebooted with the newly installed kernel before continuing. # shutdown -r now After rebooting, freebsd-update needs to be run again to install the new userland components, and the system needs to be rebooted again: # freebsd-update install # shutdown -r now Note that FreeBSD Update stores downloaded upgrades in /var/db/freebsd-update, so at least 400MB should be free in /var before running freebsd-update; if the /var partition is too small, the -d option to freebsd-update can be used to indicate that the upgrades should be stored in a different directory. For more information, see: http://www.daemonology.net/blog/2007-11-10-freebsd-minor-version-upgrade.html Acknowledgments ---------------- Many companies donated equipment, network access, or man-hours to finance the release engineering activities for FreeBSD 6.4 including The FreeBSD Foundation, FreeBSD Systems, Hewlett-Packard, Yahoo!, Network Appliances, and Sentex Communications. The release engineering team for 6.4-RELEASE includes: Ken Smith Release Engineering, amd64, i386, sparc64 Release Building, Mirror Site Coordination Robert Watson Release Engineering, Security Konstantin Belousov Release Engineering Marc Fonvieille Release Engineering, Documentation Maxime Henrion Release Engineering Bruce A. Mah Release Engineering, Documentation George Neville-Neil Release Engineering Hiroki Sato Release Engineering, Documentation Murray Stokely Release Engineering Wilko Bulte Alpha Release Building Takahashi Yoshihiro PC98 Release Building Kris Kennaway Package Building Joe Marcus Clarke Package Building Erwin Lansing Package Building Mark Linimon Package Building Pav Lucistnik Package Building Colin Percival Security Officer Peter Wemm Bittorrent Coordination Trademark --------- FreeBSD is a registered trademark of The FreeBSD Foundation. ISO Image Checksums ------------------- MD5 (6.4-RELEASE-amd64-bootonly.iso) = 922fa2b990b3fd58bc558e08707dec47 MD5 (6.4-RELEASE-amd64-disc1.iso) = 33e9801d546a9bd379d97c4dc9bf833f MD5 (6.4-RELEASE-amd64-disc2.iso) = 10e4a74cd4e80b52845adbabeb017532 MD5 (6.4-RELEASE-amd64-disc3.iso) = 986d99df8a44cb3e8647b53e1551a56b MD5 (6.4-RELEASE-amd64-docs.iso) = be48876a37812fa19fb67aebe0c847de MD5 (6.4-RELEASE-amd64-dvd1.iso) = efd0dd71c5b13b8464d8a7fce8a90cbc MD5 (6.4-RELEASE-i386-bootonly.iso) = d3704b309b224fadeba29423511fbcff MD5 (6.4-RELEASE-i386-disc1.iso) = 3bf0054bf0d650c1c7289e3076f2a24f MD5 (6.4-RELEASE-i386-disc2.iso) = 2e5c68f0e8e82907e28394248973f2f6 MD5 (6.4-RELEASE-i386-disc3.iso) = 75c4b9ed4bfc836471ca6aad7ff071db MD5 (6.4-RELEASE-i386-docs.iso) = a7e89a2006b34d5904ce74c907932918 MD5 (6.4-RELEASE-i386-dvd1.iso) = 01d1b4445bbb70e643e7a096562ca4a3 MD5 (6.4-RELEASE-pc98-bootonly.iso) = 6137dac091894d4eb620b02a94e3ddb6 MD5 (6.4-RELEASE-pc98-disc1.iso) = 1ac648575affdb79e6f345b1210fee1b MD5 (6.4-RELEASE-sparc64-bootonly.iso) = 060cdc6c4fbcc96dcc13a88c09005079 MD5 (6.4-RELEASE-sparc64-disc1.iso) = 2e2f264f9cdbfd73c531943631174dac MD5 (6.4-RELEASE-sparc64-docs.iso) = 33187d3f0459dbb2d1145aa8a4731497 SHA256 (6.4-RELEASE-amd64-bootonly.iso) = 228cfe8b5d06bdf3131a656972d94919b594371464e5f1c68e068af17b88f382 SHA256 (6.4-RELEASE-amd64-disc1.iso) = 6e8f24e153d78518268129db62e5efd3cd7b75e428a3c22bddf89eb901efa79e SHA256 (6.4-RELEASE-amd64-disc2.iso) = 33697f3290e9754baada1feeb560f5797a8794f80ea36ecc8b0305c0ab32f07a SHA256 (6.4-RELEASE-amd64-disc3.iso) = 59905ac81bc49be620e6a1465aba667be78b9276d999d820cca30357b073c263 SHA256 (6.4-RELEASE-amd64-docs.iso) = 1bf1445e2cf19c108adfa973cab26891c3c9ee19664de3650f38fc11c67d9f9e SHA256 (6.4-RELEASE-amd64-dvd1.iso) = 88a0bd7818ecc2c26a6d304bffa9257f9bd192d6fb3b51ab1b538a5ef0e78130 SHA256 (6.4-RELEASE-i386-bootonly.iso) = 82377be5c922610e7613f70066919da6d39c1e3fc753b6b925eae9bdd22ac946 SHA256 (6.4-RELEASE-i386-disc1.iso) = c4f688013a27632e97caefc71296f59c9597abdb4e724385130d72dbd9abd218 SHA256 (6.4-RELEASE-i386-disc2.iso) = 4936aaede7c55c29f1acb07724a86690ae220f53ba2f67b441f15fa0a4b282e8 SHA256 (6.4-RELEASE-i386-disc3.iso) = 0c0ea48e2a07f2fc78c7d9448ad7cc24ffd224bbe4a9c1f7731358d7ce00d377 SHA256 (6.4-RELEASE-i386-docs.iso) = 13ef3a3fe8799b71130ac2041e63156b30751d292d9d2df68f2b4a4318cbcc98 SHA256 (6.4-RELEASE-i386-dvd1.iso) = 40b70eb8b36a5a13ef012592335d8e53cb9dea129a8b59971a999e84659ec6a8 SHA256 (6.4-RELEASE-pc98-bootonly.iso) = 2d0fc39c377c8bf6e3ff1ab61b8ecd9b94231e3331bc442be7f26b37ed4cf59d SHA256 (6.4-RELEASE-pc98-disc1.iso) = dd2679fe503f7936fd4f7a6f5aa30e9c699d7eb78d382bef46eb9106dd0ab892 SHA256 (6.4-RELEASE-sparc64-bootonly.iso) = eeabf33aa11cc764f41ea9bb50ae9109817953a60d22ed4af8c6bf61885ed648 SHA256 (6.4-RELEASE-sparc64-disc1.iso) = c20f0a43732d72071cfdc17d788f3e04c1ac33e5ba122ce82fbd705ade482860 SHA256 (6.4-RELEASE-sparc64-docs.iso) = 1728658de8be72e62afbc10bc50243cf07c532b8b4cf7426c5f74f09dc5b8243 --dDRMvlgZJXvWKvBx Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) iD8DBQFJMDRE/G14VSmup/YRArEqAJ46xl+gSQY3w8ah4sJg58Wi8DU5AACdEoct 992uCqE2LuE2S2RpCJUDWNs= =H8CP -----END PGP SIGNATURE----- --dDRMvlgZJXvWKvBx--