Debian Bug report logs - #921688
Electrum vulnerable to malware

Display info messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: darknetwhiteknight <darknetwhiteknight@riseup.net>

To: submit@bugs.debian.org

Subject: Electrum vulnerable to malware

Date: Thu, 07 Feb 2019 22:22:00 +0000

Package: electrum
Version: 3.1.3-1~bpo9+1

When electrum connects to certain malicious servers they issue a warning
message telling the user to upgrade by following a phishing link. The
link prompts the user to enter their credentials and install malware
which results in the loss of all their funds. A new version of electrum
has been realeased to address these problems.

The issue is being discussed here:
https://github.com/spesmilo/electrum/issues/4968 complete with
screenshots of the phishing messages.

Given the severity and urgency of this exploit, the appropriate new
version should be added to the official Debian repos ASAP to avoid
further attacks on users.

I am using Debian GNU/Linux 9 (stretch) 64-bit
Kernel 4.9.0-8-amd64

Message #10 received at 921688@bugs.debian.org (full text, mbox, reply):

From: Vincas Dargis <vindrg@gmail.com>

To: 921688@bugs.debian.org

Subject: Re: Electrum vulnerable to malware

Date: Wed, 20 Feb 2019 20:22:00 +0200

Shouldn't we mark it as Critical or Grave?

Message #15 received at 921688@bugs.debian.org (full text, mbox, reply):

From: Vincas Dargis <vindrg@gmail.com>

To: 921688@bugs.debian.org

Subject: Re: Electrum vulnerable to malware

Date: Sun, 17 Mar 2019 11:22:45 +0200

Control: severity -1 serious

From electrum.org:

"Warning: Electrum versions older than 3.3 can no longer connect to public servers, and must be 
upgraded."

Electrum in Debian no longer "syncs", servers does not provide information for this version. It's 
unusable, unless you install older electrumx server by yourself, and it is not available in Debian.

Message #26 received at 921688@bugs.debian.org (full text, mbox, reply):

From: Ivan <ivan@vershinin.net>

To: 921688@bugs.debian.org

Subject: Electrum update

Date: Sat, 6 Apr 2019 11:35:19 +0300

[Message part 1 (text/plain, inline)]

Hi, Dear Maintainer!
Is it possible to update electrum wallet to new version, because it is
completely unusable now?
Thanks.

[Message part 2 (text/html, inline)]

Message #31 received at 921688@bugs.debian.org (full text, mbox, reply):

From: Joey Hess <id@joeyh.name>

To: 921688@bugs.debian.org

Subject: saw this

Date: Wed, 17 Apr 2019 21:22:30 -0400

[Message part 1 (text/plain, inline)]

This is still happening, the legitimate public servers may not work with
electrum 3.3, but there are dozens of rogue servers that do and that are
exploiting this bug.

-- 
see shy jo

[signature.asc (application/pgp-signature, inline)]

Message #40 received at 921688@bugs.debian.org (full text, mbox, reply):

From: Sam Hartman <leader@debian.org>

To: security@debian.org,ftpmaster@debian.org

Cc: 921688@bugs.debian.org

Subject: electrum being actively used for phishing

Date: Tue, 30 Apr 2019 10:59:16 -0400

[Message part 1 (text/plain, inline)]

I realize that we normally don't care about packages only in sid, but
the version of electrum in sid is apparently only useful to funnel your
bitcoin to attackers.
The issue is that versions prior to 3.3  are vulnerable to mallware, and
as a result all the public servers refuse to talk to the version in sid,
but rogue servers are happy to  take your credentials and money.

The maintainer has not addressed this bug since Feb 7.

I don't have time to go look into the package and upgrade before leaving
on a trip tomorrow.

If we can't get this fixed really quick would ftpmaster accept a request
to remove the package?

--Sam

[signature.asc (application/pgp-signature, inline)]

Message #49 received at 921688@bugs.debian.org (full text, mbox, reply):

From: Joerg Jaspert <joerg@ganneff.de>

To: Sam Hartman <leader@debian.org>, security@debian.org, ftpmaster@debian.org

Cc: 921688@bugs.debian.org

Subject: Re: electrum being actively used for phishing

Date: Tue, 30 Apr 2019 23:33:23 +0200

On 15388 March 1977, Sam Hartman wrote:

> If we can't get this fixed really quick would ftpmaster accept a request
> to remove the package?

Yes.

-- 
bye, Joerg

Message #54 received at 921688@bugs.debian.org (full text, mbox, reply):

From: Laurent Bigonville <bigon@debian.org>

To: Sam Hartman <leader@debian.org>, security@debian.org

Cc: 921688@bugs.debian.org

Subject: Re: electrum being actively used for phishing

Date: Wed, 1 May 2019 12:40:18 +0200

On Tue, 30 Apr 2019 10:59:16 -0400 Sam Hartman <leader@debian.org> wrote:
>
> I realize that we normally don't care about packages only in sid, but
> the version of electrum in sid is apparently only useful to funnel your
> bitcoin to attackers.
> The issue is that versions prior to 3.3 are vulnerable to mallware, and
> as a result all the public servers refuse to talk to the version in sid,
> but rogue servers are happy to take your credentials and money.
>
> The maintainer has not addressed this bug since Feb 7.
>
> I don't have time to go look into the package and upgrade before leaving
> on a trip tomorrow.
>
> If we can't get this fixed really quick would ftpmaster accept a request
> to remove the package?
>

FTR, I looked at 3.3.4 and it requires 2 new python modules that are not 
yet in the archive: aiohttp_socks and aiorpcx

My work on the package is at https://salsa.debian.org/bigon/electrum

Message #61 received at 921688@bugs.debian.org (full text, mbox, reply):

From: Sam Hartman <hartmans@debian.org>

To: Sam Hartman <leader@debian.org>, 921688@bugs.debian.org

Subject: Re: Bug#921688: NMU Diff

Date: Mon, 06 May 2019 22:26:57 -0400

[Message part 1 (text/plain, inline)]

Dear maintainer.
I made the following 0-day NMU of electrum.
I suspect that once you update to a new version you will not wish to
include these changes, but in the interest of awareness of your package
I wanted to make sure you were aware.

diff --git a/debian/changelog b/debian/changelog
index 4aaaaff..c30a279 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+electrum (3.2.3-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * On startup print a warning that this version in insecure and then
+    exit, Closes: #928518
+
+
+ -- Sam Hartman <hartmans@debian.org>  Mon, 06 May 2019 22:11:19 -0400
+
 electrum (3.2.3-1) unstable; urgency=medium
 
   * New upstream release.
diff --git a/debian/patches/replace-with-security-warning.patch b/debian/patches/replace-with-security-warning.patch
new file mode 100644
index 0000000..e8f409e
--- /dev/null
+++ b/debian/patches/replace-with-security-warning.patch
@@ -0,0 +1,60 @@
+From: Sam Hartman <hartmans@debian.org>
+Date: Mon, 6 May 2019 22:10:51 -0400
+X-Dgit-Generated: 3.2.3-1.1 3afceceac2d1042645e470189c13edb4f965e7a9
+Subject: Replace with security warning
+
+On startup print to GUI and stdio a security warning and then exit.
+
+---
+
+--- electrum-3.2.3.orig/electrum/electrum
++++ electrum-3.2.3/electrum/electrum
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env python3
++#!/usr/bin/python3
+ # -*- mode: python -*-
+ #
+ # Electrum - lightweight Bitcoin client
+@@ -30,13 +30,42 @@ script_dir = os.path.dirname(os.path.rea
+ is_bundle = getattr(sys, 'frozen', False)
+ is_local = not is_bundle and os.path.exists(os.path.join(script_dir, "electrum.desktop"))
+ is_android = 'ANDROID_DATA' in os.environ
++try:
++    import PyQt5
++except Exception:
++    sys.exit("Error: Could not import PyQt5 on Linux systems, you may try 'sudo apt-get install python3-pyqt5'")
+ 
++from PyQt5.QtGui import *
++from PyQt5.QtWidgets import *
++from PyQt5.QtCore import *
++import PyQt5.QtCore as QtCore
+ # move this back to gui/kivy/__init.py once plugins are moved
+ os.environ['KIVY_DATA_DIR'] = os.path.abspath(os.path.dirname(__file__)) + '/electrum/gui/kivy/data/'
+ 
+ if is_local or is_android:
+     sys.path.insert(0, os.path.join(script_dir, 'packages'))
+ 
++security_message = ''' \
++This version of Electrum is vulnerable to malicious code inserted by
++attackers and is being actively exploited to try and convince users to
++give their private credentials to attackers.  See
++https://bugs.debian.org/921688 for details.  Until the version in
++Debian is updated, please see https://electrum.org/download.html
++'''
++sys.stderr.write(security_message)
++
++
++from electrum.gui.qt.util import MessageBoxMixin
++class Window(QMainWindow, MessageBoxMixin):
++
++    def __init__(self, *args, **kwargs):
++        super().__init__(*args, **kwargs)
++        self.show_warning(msg = security_message, title = "THIS APPLICATION is INSECURE")
++
++        
++app = QApplication(["electrum", "gui"])
++window = Window()
++sys.exit(2)
+ 
+ def check_imports():
+     # pure-python dependencies need to be imported here for pyinstaller
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..8ffe66a
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+replace-with-security-warning.patch
diff --git a/electrum/electrum b/electrum/electrum
index dd35c35..8c5ef37 100755
--- a/electrum/electrum
+++ b/electrum/electrum
@@ -1,4 +1,4 @@
-#!/usr/bin/env python3
+#!/usr/bin/python3
 # -*- mode: python -*-
 #
 # Electrum - lightweight Bitcoin client
@@ -30,13 +30,42 @@ script_dir = os.path.dirname(os.path.realpath(__file__))
 is_bundle = getattr(sys, 'frozen', False)
 is_local = not is_bundle and os.path.exists(os.path.join(script_dir, "electrum.desktop"))
 is_android = 'ANDROID_DATA' in os.environ
-
+try:
+    import PyQt5
+except Exception:
+    sys.exit("Error: Could not import PyQt5 on Linux systems, you may try 'sudo apt-get install python3-pyqt5'")
+
+from PyQt5.QtGui import *
+from PyQt5.QtWidgets import *
+from PyQt5.QtCore import *
+import PyQt5.QtCore as QtCore
 # move this back to gui/kivy/__init.py once plugins are moved
 os.environ['KIVY_DATA_DIR'] = os.path.abspath(os.path.dirname(__file__)) + '/electrum/gui/kivy/data/'
 
 if is_local or is_android:
     sys.path.insert(0, os.path.join(script_dir, 'packages'))
 
+security_message = ''' \
+This version of Electrum is vulnerable to malicious code inserted by
+attackers and is being actively exploited to try and convince users to
+give their private credentials to attackers.  See
+https://bugs.debian.org/921688 for details.  Until the version in
+Debian is updated, please see https://electrum.org/download.html
+'''
+sys.stderr.write(security_message)
+
+
+from electrum.gui.qt.util import MessageBoxMixin
+class Window(QMainWindow, MessageBoxMixin):
+
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        self.show_warning(msg = security_message, title = "THIS APPLICATION is INSECURE")
+
+        
+app = QApplication(["electrum", "gui"])
+window = Window()
+sys.exit(2)
 
 def check_imports():
     # pure-python dependencies need to be imported here for pyinstaller

[signature.asc (application/pgp-signature, inline)]

Message #66 received at 921688@bugs.debian.org (full text, mbox, reply):

From: Tristan Seligmann <mithrandi@mithrandi.net>

To: Sam Hartman <hartmans@debian.org>, 921688@bugs.debian.org

Cc: Sam Hartman <leader@debian.org>

Subject: Re: Bug#921688: NMU Diff

Date: Tue, 7 May 2019 10:16:27 +0200

[Message part 1 (text/plain, inline)]

Thank you for taking care of this; I plan to package a new upstream version
when I can, but the need to package new dependencies makes this non-trivial
and due to personal circumstances I have not yet had the opportunity to
handle this.

On Tue, 7 May 2019 at 04:30, Sam Hartman <hartmans@debian.org> wrote:

>
> Dear maintainer.
> I made the following 0-day NMU of electrum.
> I suspect that once you update to a new version you will not wish to
> include these changes, but in the interest of awareness of your package
> I wanted to make sure you were aware.
>
> diff --git a/debian/changelog b/debian/changelog
> index 4aaaaff..c30a279 100644
> --- a/debian/changelog
> +++ b/debian/changelog
> @@ -1,3 +1,12 @@
> +electrum (3.2.3-1.1) unstable; urgency=medium
> +
> +  * Non-maintainer upload.
> +  * On startup print a warning that this version in insecure and then
> +    exit, Closes: #928518
> +
> +
> + -- Sam Hartman <hartmans@debian.org>  Mon, 06 May 2019 22:11:19 -0400
> +
>  electrum (3.2.3-1) unstable; urgency=medium
>
>    * New upstream release.
> diff --git a/debian/patches/replace-with-security-warning.patch
> b/debian/patches/replace-with-security-warning.patch
> new file mode 100644
> index 0000000..e8f409e
> --- /dev/null
> +++ b/debian/patches/replace-with-security-warning.patch
> @@ -0,0 +1,60 @@
> +From: Sam Hartman <hartmans@debian.org>
> +Date: Mon, 6 May 2019 22:10:51 -0400
> +X-Dgit-Generated: 3.2.3-1.1 3afceceac2d1042645e470189c13edb4f965e7a9
> +Subject: Replace with security warning
> +
> +On startup print to GUI and stdio a security warning and then exit.
> +
> +---
> +
> +--- electrum-3.2.3.orig/electrum/electrum
> ++++ electrum-3.2.3/electrum/electrum
> +@@ -1,4 +1,4 @@
> +-#!/usr/bin/env python3
> ++#!/usr/bin/python3
> + # -*- mode: python -*-
> + #
> + # Electrum - lightweight Bitcoin client
> +@@ -30,13 +30,42 @@ script_dir = os.path.dirname(os.path.rea
> + is_bundle = getattr(sys, 'frozen', False)
> + is_local = not is_bundle and os.path.exists(os.path.join(script_dir,
> "electrum.desktop"))
> + is_android = 'ANDROID_DATA' in os.environ
> ++try:
> ++    import PyQt5
> ++except Exception:
> ++    sys.exit("Error: Could not import PyQt5 on Linux systems, you may
> try 'sudo apt-get install python3-pyqt5'")
> +
> ++from PyQt5.QtGui import *
> ++from PyQt5.QtWidgets import *
> ++from PyQt5.QtCore import *
> ++import PyQt5.QtCore as QtCore
> + # move this back to gui/kivy/__init.py once plugins are moved
> + os.environ['KIVY_DATA_DIR'] = os.path.abspath(os.path.dirname(__file__))
> + '/electrum/gui/kivy/data/'
> +
> + if is_local or is_android:
> +     sys.path.insert(0, os.path.join(script_dir, 'packages'))
> +
> ++security_message = ''' \
> ++This version of Electrum is vulnerable to malicious code inserted by
> ++attackers and is being actively exploited to try and convince users to
> ++give their private credentials to attackers.  See
> ++https://bugs.debian.org/921688 for details.  Until the version in
> ++Debian is updated, please see https://electrum.org/download.html
> ++'''
> ++sys.stderr.write(security_message)
> ++
> ++
> ++from electrum.gui.qt.util import MessageBoxMixin
> ++class Window(QMainWindow, MessageBoxMixin):
> ++
> ++    def __init__(self, *args, **kwargs):
> ++        super().__init__(*args, **kwargs)
> ++        self.show_warning(msg = security_message, title = "THIS
> APPLICATION is INSECURE")
> ++
> ++
> ++app = QApplication(["electrum", "gui"])
> ++window = Window()
> ++sys.exit(2)
> +
> + def check_imports():
> +     # pure-python dependencies need to be imported here for pyinstaller
> diff --git a/debian/patches/series b/debian/patches/series
> new file mode 100644
> index 0000000..8ffe66a
> --- /dev/null
> +++ b/debian/patches/series
> @@ -0,0 +1 @@
> +replace-with-security-warning.patch
> diff --git a/electrum/electrum b/electrum/electrum
> index dd35c35..8c5ef37 100755
> --- a/electrum/electrum
> +++ b/electrum/electrum
> @@ -1,4 +1,4 @@
> -#!/usr/bin/env python3
> +#!/usr/bin/python3
>  # -*- mode: python -*-
>  #
>  # Electrum - lightweight Bitcoin client
> @@ -30,13 +30,42 @@ script_dir =
> os.path.dirname(os.path.realpath(__file__))
>  is_bundle = getattr(sys, 'frozen', False)
>  is_local = not is_bundle and os.path.exists(os.path.join(script_dir,
> "electrum.desktop"))
>  is_android = 'ANDROID_DATA' in os.environ
> -
> +try:
> +    import PyQt5
> +except Exception:
> +    sys.exit("Error: Could not import PyQt5 on Linux systems, you may try
> 'sudo apt-get install python3-pyqt5'")
> +
> +from PyQt5.QtGui import *
> +from PyQt5.QtWidgets import *
> +from PyQt5.QtCore import *
> +import PyQt5.QtCore as QtCore
>  # move this back to gui/kivy/__init.py once plugins are moved
>  os.environ['KIVY_DATA_DIR'] = os.path.abspath(os.path.dirname(__file__))
> + '/electrum/gui/kivy/data/'
>
>  if is_local or is_android:
>      sys.path.insert(0, os.path.join(script_dir, 'packages'))
>
> +security_message = ''' \
> +This version of Electrum is vulnerable to malicious code inserted by
> +attackers and is being actively exploited to try and convince users to
> +give their private credentials to attackers.  See
> +https://bugs.debian.org/921688 for details.  Until the version in
> +Debian is updated, please see https://electrum.org/download.html
> +'''
> +sys.stderr.write(security_message)
> +
> +
> +from electrum.gui.qt.util import MessageBoxMixin
> +class Window(QMainWindow, MessageBoxMixin):
> +
> +    def __init__(self, *args, **kwargs):
> +        super().__init__(*args, **kwargs)
> +        self.show_warning(msg = security_message, title = "THIS
> APPLICATION is INSECURE")
> +
> +
> +app = QApplication(["electrum", "gui"])
> +window = Window()
> +sys.exit(2)
>
>  def check_imports():
>      # pure-python dependencies need to be imported here for pyinstaller
>


-- 
mithrandi, i Ainil en-Balandor, a faer Ambar

[Message part 2 (text/html, inline)]

Message #71 received at 921688@bugs.debian.org (full text, mbox, reply):

From: Antoine Amarilli <a3nm@a3nm.net>

To: 921688@bugs.debian.org

Subject: Updates

Date: Sun, 2 Jun 2019 18:55:48 +0200

Hi,

Are there any updates on packaging a new version of electrum in Debian?

Many thanks for your work on this!

Best,

-- 
Antoine Amarilli

Message #76 received at 921688@bugs.debian.org (full text, mbox, reply):

From: Antoine Amarilli <a3nm@a3nm.net>

To: 921688@bugs.debian.org

Subject: Re: Updates

Date: Sat, 20 Jul 2019 11:46:37 +0200

[Message part 1 (text/plain, inline)]

Hello everyone,

This bug has been open and the electrum package has been unusable for
almost 6 months now. Tristan, are you planning on packaging a new
version at some point, or is the package no longer maintained?

Thanks for your work on this!

Best regards,

-- 
Antoine Amarilli


On Sun, Jun 02, 2019 at 06:55:48PM +0200, Antoine Amarilli wrote:
> Hi,
> 
> Are there any updates on packaging a new version of electrum in Debian?
> 
> Many thanks for your work on this!
> 
> Best,
> 
> -- 
> Antoine Amarilli
> 

[signature.asc (application/pgp-signature, inline)]

Message #83 received at 921688@bugs.debian.org (full text, mbox, reply):

From: Laurent Bigonville <bigon@debian.org>

To: Antoine Amarilli <a3nm@a3nm.net>

Cc: 921688@bugs.debian.org

Subject: Re: Updates

Date: Sat, 7 Sep 2019 10:54:42 +0200

On Sat, 20 Jul 2019 11:46:37 +0200 Antoine Amarilli <a3nm@a3nm.net> wrote:

> Hello everyone,

Hello,

>
> This bug has been open and the electrum package has been unusable for
> almost 6 months now. Tristan, are you planning on packaging a new
> version at some point, or is the package no longer maintained?

I've just uploaded a NMU with the last version of electrum (3.3.8) to 
unstable

My git branch can be found here: https://salsa.debian.org/bigon/electrum 
if anybody wants to merge it in the official git repository of the package

FTR, I'm not planning to take care of this package in the long run.

Kind regards,

Laurent Bigonville

Message #88 received at 921688-close@bugs.debian.org (full text, mbox, reply):

From: Laurent Bigonville <bigon@debian.org>

To: 921688-close@bugs.debian.org

Subject: Bug#921688: fixed in electrum 3.3.8-0.1

Date: Sat, 07 Sep 2019 12:35:32 +0000

Source: electrum
Source-Version: 3.3.8-0.1

We believe that the bug you reported is fixed in the latest version of
electrum, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 921688@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Laurent Bigonville <bigon@debian.org> (supplier of updated electrum package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 07 Sep 2019 10:34:31 +0200
Source: electrum
Architecture: source
Version: 3.3.8-0.1
Distribution: unstable
Urgency: medium
Maintainer: Tristan Seligmann <mithrandi@debian.org>
Changed-By: Laurent Bigonville <bigon@debian.org>
Closes: 912042 913760 921688
Changes:
 electrum (3.3.8-0.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * New upstream release.
     - Fix critical vulnerability allowing certain malicious servers to display
       fishing messages to the user (Closes: #921688)
     - debian/control: Update the build-dependencies
   * debian/rules: Stop calling pyrcc5, this is not needed anymore
   * Do not move files in debian/rules but use debian/*.install files
   * debian/control: Add proper Breaks/Replaces for electrum.png being moved
     between packages (Closes: #912042)
   * debian/control: revealer plugin seems to explicitly use "DejaVu Sans Mono"
     font, recommend fonts-dejavu-core accordingly. Do not delete
     SourceSansPro-Bold.otf font anymore as it's also explicitly used, but not
     part of any public font package
   * debian/control: Bump Standards-Version to 4.4.0 (no further changes)
   * debian/control: Add libsecp256k1-0 to the Recommends, it is used to speed
     up elliptic curve operations (Closes: #913760)
Checksums-Sha1:
 30ab85cf823ec41c691a2af9f1b487095ac40081 2125 electrum_3.3.8-0.1.dsc
 c95621c6b39618ed7c1edcc462c4bae2731903f2 8973635 electrum_3.3.8.orig.tar.gz
 64559f7ac5c56d0dd21461d6a35b80aa24601778 833 electrum_3.3.8.orig.tar.gz.asc
 11c52a2d6442994a8e9e8094d9272da53d0c8df4 15696 electrum_3.3.8-0.1.debian.tar.xz
 dda51da773226074fdd5146a16da8cbd0f2e4f06 14324 electrum_3.3.8-0.1_source.buildinfo
Checksums-Sha256:
 997dd541ccaaa0ebb0824515fbc6adc84158dba05ad0ee085e0b29881b751afc 2125 electrum_3.3.8-0.1.dsc
 af9206f397fb5f5e8d3f6e3a9f8b0db1389e1d147c88a6feba73c83f87ae1b0a 8973635 electrum_3.3.8.orig.tar.gz
 b9499cd93b4c1d17e34da88d200ab21cf76a987a5820345c3604864ce88fbe3b 833 electrum_3.3.8.orig.tar.gz.asc
 44854b78684e4ba21b8fb703e81f548a9498a074b950c0af9f0e127eb293b771 15696 electrum_3.3.8-0.1.debian.tar.xz
 18828ad1ba668b43577132410645015ca541571289557e5a914d59aee2d640af 14324 electrum_3.3.8-0.1_source.buildinfo
Files:
 3d4b1cf9bc0e787d6ef42950bf5d6078 2125 utils optional electrum_3.3.8-0.1.dsc
 a49a76d019afa88a683932642b53aa63 8973635 utils optional electrum_3.3.8.orig.tar.gz
 c4937b121ac5b72cfc0907b3812e54fc 833 utils optional electrum_3.3.8.orig.tar.gz.asc
 c38df56060beb6378d2af4535e611ee8 15696 utils optional electrum_3.3.8-0.1.debian.tar.xz
 371322010beb2ae15afce7bf6ea4ecb5 14324 utils optional electrum_3.3.8-0.1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQFFBAEBCAAvFiEEmRrdqQAhuF2x31DwH8WJHrqwQ9UFAl1zbCcRHGJpZ29uQGRl
Ymlhbi5vcmcACgkQH8WJHrqwQ9WfdQf/cgJSS9PRwKZuXuJ9pC8hZcXqU/5v3ruK
RTB4kWQtEW6Rd+0lEeqtr0FcIqsfypU9xAcA0JEItznkN5IaHgaJNDYLc33YtcrG
6B/O33UPXRZ5gsgK641uWrZZnR6nvxHniPOsGfs5Zs8dTigQF96i/Xp+lRyFd7a6
LWS7K3/YtXCcOaUBOmORE2HUS0IXn5G566DOA7cH3r0fL0t+tHIsZJZT2wjStyv8
2LFtboxuGenzAbRk3pfHpTuaEixCKkIGCrFWAFDIWAXlZiCsWEtxeYcVgWo0g7kt
LgY864KPs8j1SXka25okO9ab1DVVSly7m0O80naU2mRv0esOpqzaAg==
=DfM9
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.