SUSE-SU-2017:1247-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:1247-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2017:1247-1
- Related
- Published
- 2017-05-11T14:24:14Z
- Modified
- 2017-05-11T14:24:14Z
- Summary
- Security update for the Linux Kernel
- Details
-
The SUSE Linux Enterprise 12 GA LTSS kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2015-1350: The VFS subsystem in the Linux kernel provided an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allowed local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program (bnc#914939).
- CVE-2016-2117: The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel incorrectly enabled scatter/gather I/O, which allowed remote attackers to obtain sensitive information from kernel memory by reading packet data (bnc#968697).
- CVE-2016-3070: The tracewritebackdirty_page implementation in include/trace/events/writeback.h in the Linux kernel improperly interacted with mm/migrate.c, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by triggering a certain page move (bnc#979215).
- CVE-2016-5243: The tipcnlcompatlinkdump function in net/tipc/netlink_compat.c in the Linux kernel did not properly copy a certain string, which allowed local users to obtain sensitive information from kernel stack memory by reading a Netlink message (bnc#983212).
- CVE-2016-7117: Use-after-free vulnerability in the _sysrecvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bnc#1003077).
- CVE-2016-9588: arch/x86/kvm/vmx.c in the Linux kernel mismanages the #BP and #OF exceptions, which allowed guest OS users to cause a denial of service (guest OS crash) by declining to handle an exception thrown by an L2 guest (bnc#1015703).
- CVE-2016-10044: The aiomount function in fs/aio.c in the Linux kernel did not properly restrict execute access, which made it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an iosetup system call (bnc#1023992).
- CVE-2016-10200: Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCKZAPPED status, related to net/l2tp/l2tpip.c and net/l2tp/l2tp_ip6.c (bnc#1028415).
- CVE-2016-10208: The ext4fillsuper function in fs/ext4/super.c in the Linux kernel did not properly validate meta block groups, which allowed physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image (bnc#1023377).
- CVE-2017-2671: The pingunhash function in net/ipv4/ping.c in the Linux kernel is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allowed local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTOICMP in a socket system call (bnc#1031003).
- CVE-2017-5669: The do_shmat function in ipc/shm.c in the Linux kernel did not restrict the address calculated by a certain rounding operation, which allowed local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context (bnc#1026914).
- CVE-2017-5897: The ip6greerr function in net/ipv6/ip6gre.c in the Linux kernel allowed remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access (bnc#1023762).
- CVE-2017-5970: The ipv4pktinfoprepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bnc#1024938).
- CVE-2017-5986: Race condition in the sctpwaitfor_sndbuf function in net/sctp/socket.c in the Linux kernel allowed local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state (bnc#1025235).
- CVE-2017-6074: The dccprcvstateprocess function in net/dccp/input.c in the Linux kernel mishandled DCCPPKTREQUEST packet data structures in the LISTEN state, which allowed local users to obtain root privileges or cause a denial of service (double free) via an application that made an IPV6RECVPKTINFO setsockopt system call (bnc#1026024).
- CVE-2017-6214: The tcpspliceread function in net/ipv4/tcp.c in the Linux kernel allowed remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag (bnc#1026722).
- CVE-2017-6345: The LLC subsystem in the Linux kernel did not ensure that a certain destructor exists in required circumstances, which allowed local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls (bnc#1027190).
- CVE-2017-6346: Race condition in net/packet/afpacket.c in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that made PACKETFANOUT setsockopt system calls (bnc#1027189).
- CVE-2017-6348: The hashbin_delete function in net/irda/irqueue.c in the Linux kernel improperly managed lock dropping, which allowed local users to cause a denial of service (deadlock) via crafted operations on IrDA devices (bnc#1027178).
- CVE-2017-6353: net/sctp/socket.c in the Linux kernel did not properly restrict association peel-off operations during certain wait states, which allowed local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986 (bnc#1027066).
- CVE-2017-7187: The sgioctl function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SGNEXTCMDLEN ioctl call, leading to out-of-bounds write access in the sg_write function (bnc#1030213).
- CVE-2017-7261: The vmwsurfacedefineioctl function in drivers/gpu/drm/vmwgfx/vmwgfxsurface.c in the Linux kernel did not check for a zero value of certain levels data, which allowed local users to cause a denial of service (ZEROSIZEPTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031052).
- CVE-2017-7294: The vmwsurfacedefineioctl function in drivers/gpu/drm/vmwgfx/vmwgfxsurface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031440).
- CVE-2017-7308: The packetsetring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bnc#1031579).
- CVE-2017-7616: Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel allowed local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation (bnc#1033336).
The following non-security bugs were fixed:
- ext4: fix fencepost in sfirstmeta_bg validation (bsc#1029986).
- hwrng: virtio - ensure reads happen after successful probe (bsc#954763 bsc#1032344).
- kgr/module: make a taint flag module-specific (fate#313296).
- l2tp: fix address test in _l2tpip6bindlookup() (bsc#1028415).
- l2tp: fix lookup for sockets not bound to a device in l2tp_ip (bsc#1028415).
- l2tp: fix racy socket lookup in l2tpip and l2tpip6 bind() (bsc#1028415).
- l2tp: hold socket before dropping lock in l2tpip{, 6}recv() (bsc#1028415).
- l2tp: hold tunnel socket when handling control frames in l2tpip and l2tpip6 (bsc#1028415).
- l2tp: lock socket before checking flags in connect() (bsc#1028415).
- mm/hugememory.c: respect FOLLFORCE/FOLL_COW for thp (bnc#1030118).
- module: move addtaintmodule() to a header file (fate#313296).
- netfilter: bridge: Fix the build when IPV6 is disabled (bsc#1027149).
- nfs: flush out dirty data on file fput() (bsc#1021762).
- powerpc: Blacklist GCC 5.4 6.1 and 6.2 (boo#1028895).
- powerpc: Reject binutils 2.24 when building little endian (boo#1028895).
- revert 'procfs: mark thread stack correctly in proc/<pid>/maps' (bnc#1030901).
- taint/module: Clean up global and module taint flags handling (fate#313296).
- usb: serial: kl5kusb105: fix line-state error handling (bsc#1021256).
- xfsdmapi: fix the debug compilation of xfsdmapi (bsc#989056).
- xfs: fix buffer overflow dmgetdirattrs/dmgetdirattrs2 (bsc#989056).
- References
-
- https://www.suse.com/support/update/announcement/2017/suse-su-20171247-1/
- https://bugzilla.suse.com/1003077
- https://bugzilla.suse.com/1015703
- https://bugzilla.suse.com/1021256
- https://bugzilla.suse.com/1021762
- https://bugzilla.suse.com/1023377
- https://bugzilla.suse.com/1023762
- https://bugzilla.suse.com/1023992
- https://bugzilla.suse.com/1024938
- https://bugzilla.suse.com/1025235
- https://bugzilla.suse.com/1026024
- https://bugzilla.suse.com/1026722
- https://bugzilla.suse.com/1026914
- https://bugzilla.suse.com/1027066
- https://bugzilla.suse.com/1027149
- https://bugzilla.suse.com/1027178
- https://bugzilla.suse.com/1027189
- https://bugzilla.suse.com/1027190
- https://bugzilla.suse.com/1028415
- https://bugzilla.suse.com/1028895
- https://bugzilla.suse.com/1029986
- https://bugzilla.suse.com/1030118
- https://bugzilla.suse.com/1030213
- https://bugzilla.suse.com/1030901
- https://bugzilla.suse.com/1031003
- https://bugzilla.suse.com/1031052
- https://bugzilla.suse.com/1031440
- https://bugzilla.suse.com/1031579
- https://bugzilla.suse.com/1032344
- https://bugzilla.suse.com/1033336
- https://bugzilla.suse.com/914939
- https://bugzilla.suse.com/954763
- https://bugzilla.suse.com/968697
- https://bugzilla.suse.com/979215
- https://bugzilla.suse.com/983212
- https://bugzilla.suse.com/989056
- https://www.suse.com/security/cve/CVE-2015-1350
- https://www.suse.com/security/cve/CVE-2016-10044
- https://www.suse.com/security/cve/CVE-2016-10200
- https://www.suse.com/security/cve/CVE-2016-10208
- https://www.suse.com/security/cve/CVE-2016-2117
- https://www.suse.com/security/cve/CVE-2016-3070
- https://www.suse.com/security/cve/CVE-2016-5243
- https://www.suse.com/security/cve/CVE-2016-7117
- https://www.suse.com/security/cve/CVE-2016-9588
- https://www.suse.com/security/cve/CVE-2017-2671
- https://www.suse.com/security/cve/CVE-2017-5669
- https://www.suse.com/security/cve/CVE-2017-5897
- https://www.suse.com/security/cve/CVE-2017-5970
- https://www.suse.com/security/cve/CVE-2017-5986
- https://www.suse.com/security/cve/CVE-2017-6074
- https://www.suse.com/security/cve/CVE-2017-6214
- https://www.suse.com/security/cve/CVE-2017-6345
- https://www.suse.com/security/cve/CVE-2017-6346
- https://www.suse.com/security/cve/CVE-2017-6348
- https://www.suse.com/security/cve/CVE-2017-6353
- https://www.suse.com/security/cve/CVE-2017-7187
- https://www.suse.com/security/cve/CVE-2017-7261
- https://www.suse.com/security/cve/CVE-2017-7294
- https://www.suse.com/security/cve/CVE-2017-7308
- https://www.suse.com/security/cve/CVE-2017-7616
Affected packages
SUSE:Linux Enterprise Module for Public Cloud 12 / kernel-ec2
Package
- Name
- kernel-ec2
- Purl
- purl:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012
SUSE:Linux Enterprise Server for SAP Applications 12 / kernel-default
Package
- Name
- kernel-default
- Purl
- purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.12.61-52.72.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.61-52.72.1",
"kernel-devel": "3.12.61-52.72.1",
"kernel-default-base": "3.12.61-52.72.1",
"kernel-xen": "3.12.61-52.72.1",
"kernel-xen-devel": "3.12.61-52.72.1",
"kernel-xen-base": "3.12.61-52.72.1",
"kernel-default": "3.12.61-52.72.1",
"kernel-source": "3.12.61-52.72.1",
"kernel-syms": "3.12.61-52.72.1",
"kgraft-patch-3_12_61-52_72-xen": "1-2.1",
"kernel-default-devel": "3.12.61-52.72.1",
"kgraft-patch-3_12_61-52_72-default": "1-2.1"
}
]
}
SUSE:Linux Enterprise Server for SAP Applications 12 / kernel-source
Package
- Name
- kernel-source
- Purl
- purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.12.61-52.72.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.61-52.72.1",
"kernel-devel": "3.12.61-52.72.1",
"kernel-default-base": "3.12.61-52.72.1",
"kernel-xen": "3.12.61-52.72.1",
"kernel-xen-devel": "3.12.61-52.72.1",
"kernel-xen-base": "3.12.61-52.72.1",
"kernel-default": "3.12.61-52.72.1",
"kernel-source": "3.12.61-52.72.1",
"kernel-syms": "3.12.61-52.72.1",
"kgraft-patch-3_12_61-52_72-xen": "1-2.1",
"kernel-default-devel": "3.12.61-52.72.1",
"kgraft-patch-3_12_61-52_72-default": "1-2.1"
}
]
}
SUSE:Linux Enterprise Server for SAP Applications 12 / kernel-syms
Package
- Name
- kernel-syms
- Purl
- purl:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.12.61-52.72.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.61-52.72.1",
"kernel-devel": "3.12.61-52.72.1",
"kernel-default-base": "3.12.61-52.72.1",
"kernel-xen": "3.12.61-52.72.1",
"kernel-xen-devel": "3.12.61-52.72.1",
"kernel-xen-base": "3.12.61-52.72.1",
"kernel-default": "3.12.61-52.72.1",
"kernel-source": "3.12.61-52.72.1",
"kernel-syms": "3.12.61-52.72.1",
"kgraft-patch-3_12_61-52_72-xen": "1-2.1",
"kernel-default-devel": "3.12.61-52.72.1",
"kgraft-patch-3_12_61-52_72-default": "1-2.1"
}
]
}
SUSE:Linux Enterprise Server for SAP Applications 12 / kernel-xen
Package
- Name
- kernel-xen
- Purl
- purl:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.12.61-52.72.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.61-52.72.1",
"kernel-devel": "3.12.61-52.72.1",
"kernel-default-base": "3.12.61-52.72.1",
"kernel-xen": "3.12.61-52.72.1",
"kernel-xen-devel": "3.12.61-52.72.1",
"kernel-xen-base": "3.12.61-52.72.1",
"kernel-default": "3.12.61-52.72.1",
"kernel-source": "3.12.61-52.72.1",
"kernel-syms": "3.12.61-52.72.1",
"kgraft-patch-3_12_61-52_72-xen": "1-2.1",
"kernel-default-devel": "3.12.61-52.72.1",
"kgraft-patch-3_12_61-52_72-default": "1-2.1"
}
]
}
SUSE:Linux Enterprise Server for SAP Applications 12 / kgraft-patch-SLE12_Update_21
Package
- Name
- kgraft-patch-SLE12_Update_21
- Purl
- purl:rpm/suse/kgraft-patch-SLE12_Update_21&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1-2.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.61-52.72.1",
"kernel-devel": "3.12.61-52.72.1",
"kernel-default-base": "3.12.61-52.72.1",
"kernel-xen": "3.12.61-52.72.1",
"kernel-xen-devel": "3.12.61-52.72.1",
"kernel-xen-base": "3.12.61-52.72.1",
"kernel-default": "3.12.61-52.72.1",
"kernel-source": "3.12.61-52.72.1",
"kernel-syms": "3.12.61-52.72.1",
"kgraft-patch-3_12_61-52_72-xen": "1-2.1",
"kernel-default-devel": "3.12.61-52.72.1",
"kgraft-patch-3_12_61-52_72-default": "1-2.1"
}
]
}
SUSE:Linux Enterprise Server 12-LTSS / kernel-default
Package
- Name
- kernel-default
- Purl
- purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.12.61-52.72.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.61-52.72.1",
"kernel-devel": "3.12.61-52.72.1",
"kernel-default-base": "3.12.61-52.72.1",
"kernel-xen": "3.12.61-52.72.1",
"kernel-default-man": "3.12.61-52.72.1",
"kernel-xen-devel": "3.12.61-52.72.1",
"kernel-xen-base": "3.12.61-52.72.1",
"kernel-default": "3.12.61-52.72.1",
"kernel-source": "3.12.61-52.72.1",
"kernel-syms": "3.12.61-52.72.1",
"kgraft-patch-3_12_61-52_72-xen": "1-2.1",
"kernel-default-devel": "3.12.61-52.72.1",
"kgraft-patch-3_12_61-52_72-default": "1-2.1"
}
]
}
SUSE:Linux Enterprise Server 12-LTSS / kernel-source
Package
- Name
- kernel-source
- Purl
- purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.12.61-52.72.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.61-52.72.1",
"kernel-devel": "3.12.61-52.72.1",
"kernel-default-base": "3.12.61-52.72.1",
"kernel-xen": "3.12.61-52.72.1",
"kernel-default-man": "3.12.61-52.72.1",
"kernel-xen-devel": "3.12.61-52.72.1",
"kernel-xen-base": "3.12.61-52.72.1",
"kernel-default": "3.12.61-52.72.1",
"kernel-source": "3.12.61-52.72.1",
"kernel-syms": "3.12.61-52.72.1",
"kgraft-patch-3_12_61-52_72-xen": "1-2.1",
"kernel-default-devel": "3.12.61-52.72.1",
"kgraft-patch-3_12_61-52_72-default": "1-2.1"
}
]
}
SUSE:Linux Enterprise Server 12-LTSS / kernel-syms
Package
- Name
- kernel-syms
- Purl
- purl:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.12.61-52.72.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.61-52.72.1",
"kernel-devel": "3.12.61-52.72.1",
"kernel-default-base": "3.12.61-52.72.1",
"kernel-xen": "3.12.61-52.72.1",
"kernel-default-man": "3.12.61-52.72.1",
"kernel-xen-devel": "3.12.61-52.72.1",
"kernel-xen-base": "3.12.61-52.72.1",
"kernel-default": "3.12.61-52.72.1",
"kernel-source": "3.12.61-52.72.1",
"kernel-syms": "3.12.61-52.72.1",
"kgraft-patch-3_12_61-52_72-xen": "1-2.1",
"kernel-default-devel": "3.12.61-52.72.1",
"kgraft-patch-3_12_61-52_72-default": "1-2.1"
}
]
}
SUSE:Linux Enterprise Server 12-LTSS / kernel-xen
Package
- Name
- kernel-xen
- Purl
- purl:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.12.61-52.72.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.61-52.72.1",
"kernel-devel": "3.12.61-52.72.1",
"kernel-default-base": "3.12.61-52.72.1",
"kernel-xen": "3.12.61-52.72.1",
"kernel-default-man": "3.12.61-52.72.1",
"kernel-xen-devel": "3.12.61-52.72.1",
"kernel-xen-base": "3.12.61-52.72.1",
"kernel-default": "3.12.61-52.72.1",
"kernel-source": "3.12.61-52.72.1",
"kernel-syms": "3.12.61-52.72.1",
"kgraft-patch-3_12_61-52_72-xen": "1-2.1",
"kernel-default-devel": "3.12.61-52.72.1",
"kgraft-patch-3_12_61-52_72-default": "1-2.1"
}
]
}
SUSE:Linux Enterprise Server 12-LTSS / kgraft-patch-SLE12_Update_21
Package
- Name
- kgraft-patch-SLE12_Update_21
- Purl
- purl:rpm/suse/kgraft-patch-SLE12_Update_21&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1-2.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.61-52.72.1",
"kernel-devel": "3.12.61-52.72.1",
"kernel-default-base": "3.12.61-52.72.1",
"kernel-xen": "3.12.61-52.72.1",
"kernel-default-man": "3.12.61-52.72.1",
"kernel-xen-devel": "3.12.61-52.72.1",
"kernel-xen-base": "3.12.61-52.72.1",
"kernel-default": "3.12.61-52.72.1",
"kernel-source": "3.12.61-52.72.1",
"kernel-syms": "3.12.61-52.72.1",
"kgraft-patch-3_12_61-52_72-xen": "1-2.1",
"kernel-default-devel": "3.12.61-52.72.1",
"kgraft-patch-3_12_61-52_72-default": "1-2.1"
}
]
}