Public/Get-MsrcVulnerabilityReportHtml.ps1
|
Function Get-MsrcVulnerabilityReportHtml { <# .SYNOPSIS Use a CVRF document to create a Vulnerability summary .DESCRIPTION Use a CVRF document to create a Vulnerability summary .PARAMETER Vulnerability The Vulnerability node of a CVRF document .PARAMETER ProductTree The ProductTree node of a CVRF document .EXAMPLE Get-MsrcCvrfDocument -ID 2016-Aug -ApiKey 'YOUR API KEY' | Get-MsrcVulnerabilityReportHtml | Out-File -FilePath Cvrf-CVE-Summary.html It creates a report with all the Vulnerabilities in a CVRF document .EXAMPLE $cvrfDoc = Get-MsrcCvrfDocument -ID 2016-Nov $cvrfDoc.Vulnerability | Foreach-Object { Write-Verbose "Dealing with CVE: $($_.CVE)" -Verbose Get-MsrcVulnerabilityReportHtml -Vulnerability $_ -ProductTree $cvrfDoc.ProductTree | Out-File -FilePath "Cvrf-$($vulnerability.CVE)-Summary.html" } It creates a report for each of the Vulnerabilities in a CVRF document .EXAMPLE $cvrfDoc = Get-MsrcCvrfDocument -ID 2016-Nov $HT = @{ Vulnerability = ($cvrfDoc.Vulnerability | Where-Object {$_.CVE -In @('CVE-2016-0026','CVE-2016-7202','CVE-2016-3343')}) ProductTree = $cvrfDoc.ProductTree } Get-MsrcVulnerabilityReportHtml @HT | Out-File -FilePath Cvrf-CVE-Summary.html It creates a report for specific Vulnerabilities in a CVRF document #> [CmdletBinding()] [OutputType([string])] Param( [Parameter(Mandatory,ValueFromPipelineByPropertyName)] $Vulnerability, [Parameter(Mandatory,ValueFromPipelineByPropertyName)] $ProductTree, [Switch]$ShowNoProgress ) Begin{ $HT = @{ ErrorAction = 'Stop'} try { $JsonMetrics = Get-Content -Path (Join-Path -Path $PSScriptRoot -ChildPath 'CVSS-Metrics.json' @HT) @HT | Out-String @HT| ConvertFrom-Json @HT $JsonDescriptions = Get-Content -Path (Join-Path -Path $PSScriptRoot -ChildPath 'CVSS-Descriptions.json'@HT) @HT | Out-String @HT| ConvertFrom-Json @HT } catch { Throw "Failed to get required json files content because $($_.Exception.Message)" } $css = @' body { background-color: white; font-family: sans-serif; } h1 { color: black; } table { font-family: Arial, Helvetica, sans-serif; border-collapse: collapse; width: 100%; } table td, th { border: 1px solid #ddd; padding: 8px; } table tr:nth-child(even){ background-color: #ddd; } table tr:hover {background-color: #FAF0E6;} table th { padding-top: 12px; padding-bottom: 12px; text-align: left; background-color: #C0C0C0; } '@ } Process { $htmlDocumentTemplate = @' <html> <head> <!-- Created by module version {2} --> <!-- this is the css from the old bulletin site. Change this to better style your report to your liking --> <!-- <link rel="stylesheet" href="https://i-technet.sec.s-msft.com/Combined.css?resources=0:ImageSprite,0:TopicResponsive,0:TopicResponsive.MediaQueries,1:CodeSnippet,1:ProgrammingSelector,1:ExpandableCollapsibleArea,0:CommunityContent,1:TopicNotInScope,1:FeedViewerBasic,1:ImageSprite,2:Header.2,2:HeaderFooterSprite,2:Header.MediaQueries,2:Banner.MediaQueries,3:megabladeMenu.1,3:MegabladeMenu.MediaQueries,3:MegabladeMenuSpriteCluster,0:Breadcrumbs,0:Breadcrumbs.MediaQueries,0:ResponsiveToc,0:ResponsiveToc.MediaQueries,1:NavSidebar,0:LibraryMemberFilter,4:StandardRating,2:Footer.2,5:LinkList,2:Footer.MediaQueries,0:BaseResponsive,6:MsdnResponsive,0:Tables.MediaQueries,7:SkinnyRatingResponsive,7:SkinnyRatingV2;/Areas/Library/Content:0,/Areas/Epx/Content/Css:1,/Areas/Epx/Themes/TechNet/Content:2,/Areas/Epx/Themes/Shared/Content:3,/Areas/Global/Content:4,/Areas/Epx/Themes/Base/Content:5,/Areas/Library/Themes/Msdn/Content:6,/Areas/Library/Themes/TechNet/Content:7&v=9192817066EC5D087D15C766A0430C95"> --> <!-- this style section changes cell widths in the exec header table so that the affected products at the end are wide enough to read --> <style> {3} #execHeader td:first-child {{ width: 10% ;}} #execHeader td:nth-child(5) {{ width: 37% ;}} </style> <!-- this section defines explicit width for all cells in the affected software tables. This is so the column width is the same across each product --> <style> .affected_software td:first-child {{ width: 34% ; }} .affected_software td:nth-child(2) {{ width: 14% ; }} .affected_software td:nth-child(3) {{ width: 6% ; }} .affected_software td:nth-child(4) {{ width: 6% ; }} .affected_software td:nth-child(5) {{ width: 7.5% ; }} .affected_software td:nth-child(6) {{ width: 28.5% ; }} .affected_software td:nth-child(7) {{ width: 4% ; }} </style> <!-- remove spacing between table of contents cells --> <style> #tableOfContents tr td {{ padding: 2px; }} </style> <style> .cvss_table tr:nth-child(odd) {{background: #ededed}} </style> </head> <body lang=EN-US link=blue> <div id="documentWrapper" style="width: 90%; margin-left: auto; margin-right: auto;"> <h1 id="top">Microsoft CVE Summary</h1> <p style="margin:0; padding:0">This report contains detail for the following vulnerabilities:</p> <table id="tableOfContents" style="width:78%; margin-top:5"> <tr> <th>CVE Issued by</th> <th>Tag</th> <th>CVE ID</th> <th>CVE Title</th> </tr> {0} </table> {1} </div> <br> </body> </html> '@ $cveListHtmlObjects = @() $cveSectionHtml = '' $TotalCVE = $Vulnerability.Count $count = 0 $Vulnerability | ForEach-Object -Process { $count++ $v = $_ $Progress = @{ Activity = 'Getting Msrc Vulnerability Html Report' Status = "$($count)/$($TotalCVE) => $($v.CVE) " PercentComplete = ($count/$TotalCVE*100) ErrorAction = 'SilentlyContinue' } if (-not($ShowNoProgress)) { Write-Progress @Progress } Write-Verbose -Message "Dealing with $($_.CVE)" #region CVE Summary Table $cveSummaryTableHtml = @' <table id="execHeader" border=1 cellpadding=0 width="99%"> <thead style="background-color: #ededed"> <tr> <td><b>CVE ID</b></td> <td><b>Vulnerability Description</b></td> <td><b>Maximum Severity Rating</b></td> <td><b>Vulnerability Impact</b></td> </tr> </thead> <tr> <td>{0}</td> <td>{1}</td> <td>{2}</td> <td>{3}</td> </tr> </table> '@ $MaximumSeverity = Switch ( ($_.Threats | Where-Object {$_.Type -eq 3 }).Description.Value | Select-Object -Unique ) { 'Critical' { 'Critical' ; break } 'Important' { 'Important' ; break } 'Moderate' { 'Moderate' ; break } 'Low' { 'Low' ; break } 'None' { 'None' ; break } default { Write-Warning -Message "Could not determine the Maximum Severity from the Threats for $($v.CVE)" 'Unkwown' } } if (-not($MaximumSeverity)) { $MaximumSeverity = 'Unknown' } if ($ImpactValues = ($v.Threats | Where-Object { $_.Type -eq 0 }).Description.Value | Select-Object -Unique) { $impactColumn = $ImpactValues -join ',<br>' } else { Write-Warning -Message "Could not determine the Impact from the Threats for $($v.CVE)" $impactColumn = 'Unknown' } $vulnDescriptionColumnTemplate = @' <b>CVE Title:</b> {0} <br> <b>CVSS:</b> <br>{1} <br> <b>Executive Summary:</b> <br>{6} <br> <b>FAQ:</b><br>{2} <br> <b>Mitigations:</b><br>{3} <br> <b>Workarounds:</b><br>{4} <br> <b>Revision:</b><br>{5} <br> '@ $vulnDescriptionColumn = $vulnDescriptionColumnTemplate -f @( # $cveTitle $( if ($cveTitle = $v.Title.Value) { $cveTitle } else { Write-Warning -Message "Missing Title for $($v.CVE)" ($cveTitle = 'Unknown') } ), # $cvssScoreSet $( #Scores among the affected products can be different. So, just find the most severe. $highestBase = 0.0 $highestCvssScore = $null ForEach($score in $v.CvssScoreSets) { if ($score.BaseScore -gt $highestBase) { $highestBase = $score.BaseScore $highestCvssScore = $score } } if (($null -ne $highestCvssScore) -and ($null -ne $highestCvssScore.Vector) -and ($highestCvssScore.Vector.Split('/').Length -gt 1)) { $cvssArray = $highestCvssScore.Vector.Split('/') $cvssScoreTemplate = @' <br> <b>{0}</b> <table class="cvss_table" border=1 cellpadding=0 width="99%"> <thead> <tr> <td colspan="7"><b>Base score metrics</b></td> </tr> </thead> {1} </table> <table class="cvss_table" border=1 cellpadding=0 width="99%"> <thead> <tr> <td colspan="7"><b>Temporal score metrics</b></td> </tr> </thead> {2} </table> '@ $cvssScoreSet = $cvssScoreTemplate -f @( $rowTemplate = '<tr><td title="{0}"><b>{1}</b></td><td title="{2}"><b>{3}</b></td></tr>' $baseTags = 'AC', 'AV', 'A', 'C', 'I', 'PR', 'S', 'UI' $temporalTags = 'E', 'RC', 'RL' $baseRows = '' $temporalRows = '' for($i = 1; $i -lt $cvssArray.Length; $i++) { $element = $cvssArray[$i] $split0 = $element.Split(':')[0] $metric = $JsonMetrics.$split0 $value = $JsonMetrics.$element $metricDescription = $JsonDescriptions.$split0 $valueDescription = $JsonDescriptions.$element $row = '<tr><td><b>' + $metric + '</b></td>' $row += '<td><b>' + $value + '</b></td></tr>' if (($null -ne $metricDescription) -and ($null -ne $valueDescription)) { if ($baseTags.Contains($split0)) { $baseRows += $rowTemplate -f $metricDescription, $metric, $valueDescription, $value } else { if ($temporalTags.Contains($split0)) { $temporalRows += $rowTemplate -f $metricDescription, $metric, $valueDescription, $value } } } } $formattedScore = '{0} Highest BaseScore:{1}/TemporalScore:{2}' -f $cvssArray[0], $highestCvssScore.BaseScore, $highestCvssScore.TemporalScore $formattedScore, $baseRows, $temporalRows ) $cvssScoreSet } else { 'None' -join '<br>' } ), # $cveFaq $( if ($cveFaq = ($v.Notes | Where-Object {$_.Title -eq 'FAQ'}).Value) { $cveFaq -join '<br>' } else { 'None' -join '<br>' } ), # $cveMitigation $( if ($cveMitigation = $v.Remediations | Where-Object { $_.Type -eq 1 }) { ($cveMitigation).URL -join '<br>' } else { 'None' -join '<br>' } ), # $cveWorkaround $( if ( $cveWorkaround = ($v.Remediations | Where-Object {$_.Type -EQ 0}).Description.Value) { $cveWorkaround -join '<br>' } else { 'None' -join '<br>' } ), # $Revision $( $RevisionStrings = @() $v.RevisionHistory | ForEach-Object { $_ | Add-Member -MemberType NoteProperty -Name RevisionDate -Value ([datetime]$_.Date) -Force -PassThru } | Sort-Object RevisionDate | ForEach-Object { if ( $revision = $($_.Number, $_.RevisionDate.ToString('d'), $_.Description.Value) ) { $RevisionStrings += $($revision -join '    ') } } if ( $RevisionStrings ) { $RevisionStrings -join '<br>' } else { 'Unknown' -join '<br>' } ), # Executive Summary $( if ($cveExecSummary = ($v.Notes | Where-Object {$_.Title -eq 'Description'}).Value) { $cveExecSummary -join '<br>' } else { 'None' -join '<br>' } ) ) $cveSectionHtml += '<h1 id="{0}">{0} - {1}</h1> (<a href="#top">top</a>)' -f $v.CVE, $cveTitle #region CVE Summary List $cveListHtmlObjects += [PSCustomObject]@{ Tag = $($v.Notes | Where-Object type -eq 7).Value CNA = $($v.Notes | Where-Object type -eq 8).Value CVEID = $v.CVE CVETitle = $cveTitle } #endregion $cveSectionHtml += $cveSummaryTableHtml -f @( @" <a href=`"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/$($_.CVE)`">$($_.CVE)</a> <br> <a href=`"http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=$($_.CVE)`">MITRE</a> <br> <a href=`"https://web.nvd.nist.gov/view/vuln/detail?vulnId=$($_.CVE)`">NVD</a> <p>Issuing CNA: $($($v.Notes | Where-Object type -eq 8).Value)</p> "@, $vulnDescriptionColumn, $MaximumSeverity, $impactColumn ) #endregion #region Exploitability Index Table $exploitabilityIndexTableHtml = @' <h2>Exploitability Index</h2> <p>The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.</p> <table border=1 cellpadding=0 width="99%"> <thead style="background-color: #ededed"> <tr> <td><b>Exploitability Assessment</b></td> <td><b>Publicly Disclosed</b></td> <td><b>Exploited</b></td> </tr> </thead> <tr> <td>{0}</td> <td>{1}</td> <td>{2}</td> </tr> </table> '@ if ($ExploitStatusThreat = ($v.Threats | Where-Object { $_.Type -eq 1 } | Select-Object -Last 1).Description.Value) { $ExploitStatus = Get-MsrcThreatExploitStatus -ExploitStatusString $ExploitStatusThreat } else { Write-Warning -Message "Missing ExploitStatus for $($v.CVE)" } $cveSectionHtml += $exploitabilityIndexTableHtml -f @( # $LatestSoftwareRelease $( if ($ExploitStatus.LatestSoftwareRelease) { $ExploitStatus.LatestSoftwareRelease } else { 'Not Found' } ), # $publicly disclosed $( if ($ExploitStatus.PubliclyDisclosed) { $ExploitStatus.PubliclyDisclosed } else { 'Not Found' } ), # $Exploited $( if ($ExploitStatus.Exploited) { $ExploitStatus.Exploited } else { 'Not Found' } ) ) #endregion #region Affected Software Table $affectedSoftwareTableTemplate = @' <table class="affected_software" border=1 cellpadding=0 width="99%"> <thead style="background-color: #ededed"> <tr> <td colspan="8"><b>{0}</b></td> </tr> </thead> <tr> <td><b>Product</b></td> <td><b>KB Article</b></td> <td><b>Severity</b></td> <td><b>Impact</b></td> <td><b>Supercedence</b></td> <td><b>CVSS Score Set</b></td> <td><b>Restart Required</b></td> <td><b>Known Issue</b></td> </tr> {1} </table> <br> '@ $affectedSoftwareRowTemplate = @' <tr> <td>{0}</td> <td>{1}</td> <td>{2}</td> <td>{3}</td> <td>{4}</td> <td>{5}</td> <td>{6}</td> <td>{7}</td> </tr> '@ $cveSectionHtml += @' <h2>Affected Software</h2> <p>The following tables list the affected software details for the vulnerability.</p> '@ $affectedSoftware = Get-MsrcCvrfAffectedSoftware -Vulnerability $v -ProductTree $ProductTree $affectedSoftwareTableHtml = '' $affectedSoftware.FullProductName | Sort-Object -Unique | ForEach-Object { $PN = $_ $affectedSoftware | Where-Object {$_.FullProductName -eq $PN} | ForEach-Object { $affectedSoftwareTableHtml += $affectedSoftwareRowTemplate -f @( $PN, $( $_.KBArticle | Get-KBDownloadUrl ), $( if (-not($_.Severity)) { 'Unknown' } else { $($_.Severity | Select-Object -Unique) -join '<br />' } ), $( if (-not($_.Impact)) { 'Unknown' } else { $($_.Impact | Select-Object -Unique) -join '<br />' } ), $( if (-not($_.Supercedence)) { 'None' } else { $($_.Supercedence | Select-Object -Unique) -join '<br />' } ), $( 'Base: {0}<br />Temporal: {1}<br />Vector: {2}<br />' -f ( $( if(-not($_.CvssScoreSet.base)) { 'N/A' } else{ $_.CvssScoreSet.base } ) ), ( $( if(-not($_.CvssScoreSet.temporal)) { 'N/A' } else { $_.CvssScoreSet.temporal } ) ), ( $( if(-not($_.CvssScoreSet.vector)) { 'N/A' } else { $_.CvssScoreSet.vector } ) ) ), $( if (-not($_.RestartRequired)) { 'Unknown' } else { $($_.RestartRequired | Select-Object -Unique) -join '<br />' } ), $( if (-not($_.'Known Issue')) { 'None' } else { $_.'Known Issue' | Get-KBDownloadUrl } ) ) } } $cveSectionHtml += $affectedSoftwareTableTemplate -f @( $v.CVE, $affectedSoftwareTableHtml ) #endregion #region Acknowledgments Table $acknowledgmentsTableTemplate = @' <h2>Acknowledgements</h2> <table border=1 cellpadding=0 width="99%"> <thead style="background-color: #ededed"> <tr> <td><b>CVE ID</b></td> <td><b>Acknowledgements</b></td> </tr> </thead> <tr> <td>{0}</td> <td>{1}</td> </tr> </table> '@ if ($v.Acknowledgments) { $ackVal = '' $v.Acknowledgments | ForEach-Object { if ($_.Name.Value) { $ackVal += $_.Name.Value $ackVal += '<br>' } if ($_.URL) { $ackVal += $_.URL $ackVal += '<br>' } $ackVal += '<br><br>' } } else { Write-Warning -Message "No Acknowledgments for $($v.CVE)" $ackVal = 'None' } $cveSectionHtml += $acknowledgmentsTableTemplate -f @( $v.CVE, $ackVal ) } -End { Write-Progress -Activity 'Getting Msrc Vulnerability Html Report' -Completed } #endregion ( $htmlDocumentTemplate -f @( #sort the objects and put them into the table of contents format before injecting into the document template: ($( $cveListHtmlObjects | Sort-Object -Property Tag | ForEach-Object { '<tr><td>{3}</td><td>{0}</td> <td><a href="#{1}">{1}</a></td> <td>{2}</td></tr>' -f $_.Tag,$_.CVEID,$_.CVETitle,$_.CNA }) -join "`n"), $cveSectionHtml, "$($MyInvocation.MyCommand.Version.ToString())", $css ) ) } End {} } # SIG # Begin signature block # MIIjowYJKoZIhvcNAQcCoIIjlDCCI5ACAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCCscwQSrW4WBI3H # 9L1B3E2XXcn9RfvbErEqAVmf9uobfKCCDYUwggYDMIID66ADAgECAhMzAAABiK9S # 1rmSbej5AAAAAAGIMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMjAwMzA0MTgzOTQ4WhcNMjEwMzAzMTgzOTQ4WjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQCSCNryE+Cewy2m4t/a74wZ7C9YTwv1PyC4BvM/kSWPNs8n0RTe+FvYfU+E9uf0 # t7nYlAzHjK+plif2BhD+NgdhIUQ8sVwWO39tjvQRHjP2//vSvIfmmkRoML1Ihnjs # 9kQiZQzYRDYYRp9xSQYmRwQjk5hl8/U7RgOiQDitVHaU7BT1MI92lfZRuIIDDYBd # vXtbclYJMVOwqZtv0O9zQCret6R+fRSGaDNfEEpcILL+D7RV3M4uaJE4Ta6KAOdv # V+MVaJp1YXFTZPKtpjHO6d9pHQPZiG7NdC6QbnRGmsa48uNQrb6AfmLKDI1Lp31W # MogTaX5tZf+CZT9PSuvjOCLNAgMBAAGjggGCMIIBfjAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQUj9RJL9zNrPcL10RZdMQIXZN7MG8w # VAYDVR0RBE0wS6RJMEcxLTArBgNVBAsTJE1pY3Jvc29mdCBJcmVsYW5kIE9wZXJh # dGlvbnMgTGltaXRlZDEWMBQGA1UEBRMNMjMwMDEyKzQ1ODM4NjAfBgNVHSMEGDAW # gBRIbmTlUAXTgqoXNzcitW2oynUClTBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8v # d3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNDb2RTaWdQQ0EyMDExXzIw # MTEtMDctMDguY3JsMGEGCCsGAQUFBwEBBFUwUzBRBggrBgEFBQcwAoZFaHR0cDov # L3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0cy9NaWNDb2RTaWdQQ0EyMDEx # XzIwMTEtMDctMDguY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIB # ACnXo8hjp7FeT+H6iQlV3CcGnkSbFvIpKYafgzYCFo3UHY1VHYJVb5jHEO8oG26Q # qBELmak6MTI+ra3WKMTGhE1sEIlowTcp4IAs8a5wpCh6Vf4Z/bAtIppP3p3gXk2X # 8UXTc+WxjQYsDkFiSzo/OBa5hkdW1g4EpO43l9mjToBdqEPtIXsZ7Hi1/6y4gK0P # mMiwG8LMpSn0n/oSHGjrUNBgHJPxgs63Slf58QGBznuXiRaXmfTUDdrvhRocdxIM # i8nXQwWACMiQzJSRzBP5S2wUq7nMAqjaTbeXhJqD2SFVHdUYlKruvtPSwbnqSRWT # GI8s4FEXt+TL3w5JnwVZmZkUFoioQDMMjFyaKurdJ6pnzbr1h6QW0R97fWc8xEIz # LIOiU2rjwWAtlQqFO8KNiykjYGyEf5LyAJKAO+rJd9fsYR+VBauIEQoYmjnUbTXM # SY2Lf5KMluWlDOGVh8q6XjmBccpaT+8tCfxpaVYPi1ncnwTwaPQvVq8RjWDRB7Pa # 8ruHgj2HJFi69+hcq7mWx5nTUtzzFa7RSZfE5a1a5AuBmGNRr7f8cNfa01+tiWjV # Kk1a+gJUBSP0sIxecFbVSXTZ7bqeal45XSDIisZBkWb+83TbXdTGMDSUFKTAdtC+ # r35GfsN8QVy59Hb5ZYzAXczhgRmk7NyE6jD0Ym5TKiW5MIIHejCCBWKgAwIBAgIK # YQ6Q0gAAAAAAAzANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNV # BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv # c29mdCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlm # aWNhdGUgQXV0aG9yaXR5IDIwMTEwHhcNMTEwNzA4MjA1OTA5WhcNMjYwNzA4MjEw # OTA5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UE # BxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSgwJgYD # VQQDEx9NaWNyb3NvZnQgQ29kZSBTaWduaW5nIFBDQSAyMDExMIICIjANBgkqhkiG # 9w0BAQEFAAOCAg8AMIICCgKCAgEAq/D6chAcLq3YbqqCEE00uvK2WCGfQhsqa+la # UKq4BjgaBEm6f8MMHt03a8YS2AvwOMKZBrDIOdUBFDFC04kNeWSHfpRgJGyvnkmc # 6Whe0t+bU7IKLMOv2akrrnoJr9eWWcpgGgXpZnboMlImEi/nqwhQz7NEt13YxC4D # dato88tt8zpcoRb0RrrgOGSsbmQ1eKagYw8t00CT+OPeBw3VXHmlSSnnDb6gE3e+ # lD3v++MrWhAfTVYoonpy4BI6t0le2O3tQ5GD2Xuye4Yb2T6xjF3oiU+EGvKhL1nk # kDstrjNYxbc+/jLTswM9sbKvkjh+0p2ALPVOVpEhNSXDOW5kf1O6nA+tGSOEy/S6 # A4aN91/w0FK/jJSHvMAhdCVfGCi2zCcoOCWYOUo2z3yxkq4cI6epZuxhH2rhKEmd # X4jiJV3TIUs+UsS1Vz8kA/DRelsv1SPjcF0PUUZ3s/gA4bysAoJf28AVs70b1FVL # 5zmhD+kjSbwYuER8ReTBw3J64HLnJN+/RpnF78IcV9uDjexNSTCnq47f7Fufr/zd # sGbiwZeBe+3W7UvnSSmnEyimp31ngOaKYnhfsi+E11ecXL93KCjx7W3DKI8sj0A3 # T8HhhUSJxAlMxdSlQy90lfdu+HggWCwTXWCVmj5PM4TasIgX3p5O9JawvEagbJjS # 4NaIjAsCAwEAAaOCAe0wggHpMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRI # bmTlUAXTgqoXNzcitW2oynUClTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAL # BgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRyLToCMZBD # uRQFTuHqp8cx0SOJNDBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLm1pY3Jv # c29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFf # MDNfMjIuY3JsMF4GCCsGAQUFBwEBBFIwUDBOBggrBgEFBQcwAoZCaHR0cDovL3d3 # dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFf # MDNfMjIuY3J0MIGfBgNVHSAEgZcwgZQwgZEGCSsGAQQBgjcuAzCBgzA/BggrBgEF # BQcCARYzaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9kb2NzL3ByaW1h # cnljcHMuaHRtMEAGCCsGAQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAHAAbwBsAGkA # YwB5AF8AcwB0AGEAdABlAG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQBn # 8oalmOBUeRou09h0ZyKbC5YR4WOSmUKWfdJ5DJDBZV8uLD74w3LRbYP+vj/oCso7 # v0epo/Np22O/IjWll11lhJB9i0ZQVdgMknzSGksc8zxCi1LQsP1r4z4HLimb5j0b # pdS1HXeUOeLpZMlEPXh6I/MTfaaQdION9MsmAkYqwooQu6SpBQyb7Wj6aC6VoCo/ # KmtYSWMfCWluWpiW5IP0wI/zRive/DvQvTXvbiWu5a8n7dDd8w6vmSiXmE0OPQvy # CInWH8MyGOLwxS3OW560STkKxgrCxq2u5bLZ2xWIUUVYODJxJxp/sfQn+N4sOiBp # mLJZiWhub6e3dMNABQamASooPoI/E01mC8CzTfXhj38cbxV9Rad25UAqZaPDXVJi # hsMdYzaXht/a8/jyFqGaJ+HNpZfQ7l1jQeNbB5yHPgZ3BtEGsXUfFL5hYbXw3MYb # BL7fQccOKO7eZS/sl/ahXJbYANahRr1Z85elCUtIEJmAH9AAKcWxm6U/RXceNcbS # oqKfenoi+kiVH6v7RyOA9Z74v2u3S5fi63V4GuzqN5l5GEv/1rMjaHXmr/r8i+sL # gOppO6/8MO0ETI7f33VtY5E90Z1WTk+/gFcioXgRMiF670EKsT/7qMykXcGhiJtX # cVZOSEXAQsmbdlsKgEhr/Xmfwb1tbWrJUnMTDXpQzTGCFXQwghVwAgEBMIGVMH4x # CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt # b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01p # Y3Jvc29mdCBDb2RlIFNpZ25pbmcgUENBIDIwMTECEzMAAAGIr1LWuZJt6PkAAAAA # AYgwDQYJYIZIAWUDBAIBBQCgga4wGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQw # HAYKKwYBBAGCNwIBCzEOMAwGCisGAQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEINCD # 94z4XtMwv/0y0T2yw8EKsvXyzoAfuyle81DIb5uhMEIGCisGAQQBgjcCAQwxNDAy # oBSAEgBNAGkAYwByAG8AcwBvAGYAdKEagBhodHRwOi8vd3d3Lm1pY3Jvc29mdC5j # b20wDQYJKoZIhvcNAQEBBQAEggEAVFdRSfkXYrc+2Nnos2gyCs0FdZiFO2UE6o+D # VV/9WnNXNSo7brLBbhzkBf4+4PRADUWkuPoiRRF+RQ3CJY5Xf628wfYaxikjogqG # v363iloBuT/0daNNVUrFArtYmVMmz58+dEaPh2VWpGcr7N7E3cfY8woWy/XuFOBk # cmFijJ/l9NV6RvAL09VbNsF2awlE3nUcM36bFfrnjvM+AFWmXxT7n0styf4h6cm7 # 315qiGZ6O61bTxlwo3GEQJrHZuJsHC4RyrNRxsQsAKYtKJVGP1msjAzq2Z9hyXWj # ERoHPJr2kxi6de9jaXt6/yXF2llueGgtV3zfhzJIctIh+ngKd6GCEv4wghL6Bgor # BgEEAYI3AwMBMYIS6jCCEuYGCSqGSIb3DQEHAqCCEtcwghLTAgEDMQ8wDQYJYIZI # AWUDBAIBBQAwggFZBgsqhkiG9w0BCRABBKCCAUgEggFEMIIBQAIBAQYKKwYBBAGE # WQoDATAxMA0GCWCGSAFlAwQCAQUABCBPl32fIyeZA4KZlNBMf3ICQUHCORWHhPy5 # B0SD8QoSVQIGYCaGyLpcGBMyMDIxMDIxOTIwMzc1MS45MTFaMASAAgH0oIHYpIHV # MIHSMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMH # UmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMS0wKwYDVQQL # EyRNaWNyb3NvZnQgSXJlbGFuZCBPcGVyYXRpb25zIExpbWl0ZWQxJjAkBgNVBAsT # HVRoYWxlcyBUU1MgRVNOOjE3OUUtNEJCMC04MjQ2MSUwIwYDVQQDExxNaWNyb3Nv # ZnQgVGltZS1TdGFtcCBTZXJ2aWNloIIOTTCCBPkwggPhoAMCAQICEzMAAAE8i/25 # sz9Hl/0AAAAAATwwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UEBhMCVVMxEzARBgNV # BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv # c29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAg # UENBIDIwMTAwHhcNMjAxMDE1MTcyODIzWhcNMjIwMTEyMTcyODIzWjCB0jELMAkG # A1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQx # HjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEtMCsGA1UECxMkTWljcm9z # b2Z0IElyZWxhbmQgT3BlcmF0aW9ucyBMaW1pdGVkMSYwJAYDVQQLEx1UaGFsZXMg # VFNTIEVTTjoxNzlFLTRCQjAtODI0NjElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUt # U3RhbXAgU2VydmljZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJgQ # KulpA6r2OQ4GkLfjl9DQi86lGorycR76Oiklz/lc02rNqermGt33CJvhF2+m4+Pr # yfkOb9dm7a8KqdajGHLeLGtuBL+uDcJLduqnwCDVRCD/EDPfZO555M5jVw56VxdF # qGiwhyOWuuS/XcBpwVebgBtgwKBgzoHN1koBF5tzrMS/7hALLj7UBXxEdAcQ52iP # jY4mlsVaUe9grNe4zUAfi+aNP2j98KraZYPsiDb8Kloh3aAcrpH5L3T2Irbu5WSN # Vqnb9JvgBM4sltpVD5fT6FhsRwJ6x/3eD60BBe68Dx0frd2grkjnN1kIXlT/cOJt # +XtkIWxTqSz6mHiMmtsCAwEAAaOCARswggEXMB0GA1UdDgQWBBThoWfiyhL6NrNh # PyUY6hi/Jmc8RjAfBgNVHSMEGDAWgBTVYzpcijGQ80N7fEYbxTNoWoVtVTBWBgNV # HR8ETzBNMEugSaBHhkVodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2NybC9w # cm9kdWN0cy9NaWNUaW1TdGFQQ0FfMjAxMC0wNy0wMS5jcmwwWgYIKwYBBQUHAQEE # TjBMMEoGCCsGAQUFBzAChj5odHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL2Nl # cnRzL01pY1RpbVN0YVBDQV8yMDEwLTA3LTAxLmNydDAMBgNVHRMBAf8EAjAAMBMG # A1UdJQQMMAoGCCsGAQUFBwMIMA0GCSqGSIb3DQEBCwUAA4IBAQAy9xCMlN2XeW5I # zMWpGTFGSUn4pZFRSUHcjYolVZvgafp5Z0lOJZ0LW7F6MXag9fRv5f1AiGLy7UBp # Xv3Z4SK3aVDOpWA+J/JNkYuPMrY6i7g+P8Xnw+naboe6kZ+40B6GWf6FK+8gTmCA # ScKK/2VWQAk4yUscXfwNs+/unJazQvO/ayNnA8e92G1XyUG05iwTw3HOeVuzJzzS # 9GdF6qbwlArpnzEAPhJ5jx24UVeFyIRMbYTRuH783ebAafNcnMxtIoAqTMjDpjGp # /7MfNY8WKb0MZnCZyGr7okEq1vgQZPQQW1+oYKs48Pk7u4/BJ2PVqmBeqjsdy3Hu # FyzmqOnCMIIGcTCCBFmgAwIBAgIKYQmBKgAAAAAAAjANBgkqhkiG9w0BAQsFADCB # iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl # ZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMp # TWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTAwHhcNMTAw # NzAxMjEzNjU1WhcNMjUwNzAxMjE0NjU1WjB8MQswCQYDVQQGEwJVUzETMBEGA1UE # CBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9z # b2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQ # Q0EgMjAxMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkdDbx3EYo6 # IOz8E5f1+n9plGt0VBDVpQoAgoX77XxoSyxfxcPlYcJ2tz5mK1vwFVMnBDEfQRsa # lR3OCROOfGEwWbEwRA/xYIiEVEMM1024OAizQt2TrNZzMFcmgqNFDdDq9UeBzb8k # YDJYYEbyWEeGMoQedGFnkV+BVLHPk0ySwcSmXdFhE24oxhr5hoC732H8RsEnHSRn # EnIaIYqvS2SJUGKxXf13Hz3wV3WsvYpCTUBR0Q+cBj5nf/VmwAOWRH7v0Ev9buWa # yrGo8noqCjHw2k4GkbaICDXoeByw6ZnNPOcvRLqn9NxkvaQBwSAJk3jN/LzAyURd # XhacAQVPIk0CAwEAAaOCAeYwggHiMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQW # BBTVYzpcijGQ80N7fEYbxTNoWoVtVTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMA # QTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBTV9lbL # j+iiXGJo0T2UkFvXzpoYxDBWBgNVHR8ETzBNMEugSaBHhkVodHRwOi8vY3JsLm1p # Y3Jvc29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNSb29DZXJBdXRfMjAxMC0w # Ni0yMy5jcmwwWgYIKwYBBQUHAQEETjBMMEoGCCsGAQUFBzAChj5odHRwOi8vd3d3 # Lm1pY3Jvc29mdC5jb20vcGtpL2NlcnRzL01pY1Jvb0NlckF1dF8yMDEwLTA2LTIz # LmNydDCBoAYDVR0gAQH/BIGVMIGSMIGPBgkrBgEEAYI3LgMwgYEwPQYIKwYBBQUH # AgEWMWh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9QS0kvZG9jcy9DUFMvZGVmYXVs # dC5odG0wQAYIKwYBBQUHAgIwNB4yIB0ATABlAGcAYQBsAF8AUABvAGwAaQBjAHkA # XwBTAHQAYQB0AGUAbQBlAG4AdAAuIB0wDQYJKoZIhvcNAQELBQADggIBAAfmiFEN # 4sbgmD+BcQM9naOhIW+z66bM9TG+zwXiqf76V20ZMLPCxWbJat/15/B4vceoniXj # +bzta1RXCCtRgkQS+7lTjMz0YBKKdsxAQEGb3FwX/1z5Xhc1mCRWS3TvQhDIr79/ # xn/yN31aPxzymXlKkVIArzgPF/UveYFl2am1a+THzvbKegBvSzBEJCI8z+0DpZaP # WSm8tv0E4XCfMkon/VWvL/625Y4zu2JfmttXQOnxzplmkIz/amJ/3cVKC5Em4jns # GUpxY517IW3DnKOiPPp/fZZqkHimbdLhnPkd/DjYlPTGpQqWhqS9nhquBEKDuLWA # myI4ILUl5WTs9/S/fmNZJQ96LjlXdqJxqgaKD4kWumGnEcua2A5HmoDF0M2n0O99 # g/DhO3EJ3110mCIIYdqwUB5vvfHhAN/nMQekkzr3ZUd46PioSKv33nJ+YWtvd6mB # y6cJrDm77MbL2IK0cs0d9LiFAR6A+xuJKlQ5slvayA1VmXqHczsI5pgt6o3gMy4S # KfXAL1QnIffIrE7aKLixqduWsqdCosnPGUFN4Ib5KpqjEWYw07t0MkvfY3v1mYov # G8chr1m1rtxEPJdQcdeh0sVV42neV8HR3jDA/czmTfsNv11P6Z0eGTgvvM9YBS7v # DaBQNdrvCScc1bN+NR4Iuto229Nfj950iEkSoYIC1zCCAkACAQEwggEAoYHYpIHV # MIHSMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMH # UmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMS0wKwYDVQQL # EyRNaWNyb3NvZnQgSXJlbGFuZCBPcGVyYXRpb25zIExpbWl0ZWQxJjAkBgNVBAsT # HVRoYWxlcyBUU1MgRVNOOjE3OUUtNEJCMC04MjQ2MSUwIwYDVQQDExxNaWNyb3Nv # ZnQgVGltZS1TdGFtcCBTZXJ2aWNloiMKAQEwBwYFKw4DAhoDFQAdS3R6Wd5o8ttr # Xop7rdFHcHrk5qCBgzCBgKR+MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNo # aW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29y # cG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEw # MA0GCSqGSIb3DQEBBQUAAgUA49o/jjAiGA8yMDIxMDIxOTIxNDU1MFoYDzIwMjEw # MjIwMjE0NTUwWjB3MD0GCisGAQQBhFkKBAExLzAtMAoCBQDj2j+OAgEAMAoCAQAC # AhOTAgH/MAcCAQACAhHtMAoCBQDj25EOAgEAMDYGCisGAQQBhFkKBAIxKDAmMAwG # CisGAQQBhFkKAwKgCjAIAgEAAgMHoSChCjAIAgEAAgMBhqAwDQYJKoZIhvcNAQEF # BQADgYEAL/rLSUUl9VO0n8Dlo5FyWO4O1pFZEAMH2g5OkRgwC5Ran6lKSPkbwH5M # YylcA3lBwC6JrizmADuSM5KKD3ZgXIYaZAbOo9TfDTqMZIOAJd0hJ5yalhQgF4hY # 9Z34RzMZaxUwjlxWizBhR3cetTIPLJbc/Ki5YIun97poLsO3lcMxggMNMIIDCQIB # ATCBkzB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UE # BxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYD # VQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMAITMwAAATyL/bmzP0eX # /QAAAAABPDANBglghkgBZQMEAgEFAKCCAUowGgYJKoZIhvcNAQkDMQ0GCyqGSIb3 # DQEJEAEEMC8GCSqGSIb3DQEJBDEiBCAvjwjihOSwNKPExgnRzQdDEgU+Lv1x6M03 # 13paPda+QTCB+gYLKoZIhvcNAQkQAi8xgeowgecwgeQwgb0EIKBJArpNJL/A5zqp # t9R8Ea/tiGw98ZiFuBUhiuEm6FpGMIGYMIGApH4wfDELMAkGA1UEBhMCVVMxEzAR # BgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1p # Y3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3Rh # bXAgUENBIDIwMTACEzMAAAE8i/25sz9Hl/0AAAAAATwwIgQgT5ChnMLiYOCZIr1E # 1SVZkg88YGETe2R6lUOSXE/0UAIwDQYJKoZIhvcNAQELBQAEggEAfMZ4u269fTy9 # /mnL+sklrXPgFSghI0g9yqHoJ1fIuTh7wzd5h7ST9o/zrxZGNX3F7/leCWexiaS2 # BWFLfP25TdBIuCNOEeH4NThfWy3l6I+AIIDh6VWvqrS2YaqI7jxmht2jon8NXNIN # CQ0KhAJk1hB/ACtKTSdifZmN4XMOsO6KwDDQA3Zg7jK5EsP/Y8eELnSmVBo+GYYe # rL4uQgNVf2uj+vn3so28j5E9NoPLPR7Xyq3Ox0jUN18sJvw3Qz9zh+JUn39x6gxp # C5nQ2abt1Q9FURyOcFV6ekCUbfPI/leImcGsP7P0Qiz5A8y9ryLIZzFib808iJHd # /IDsJfAzxg== # SIG # End signature block |