í«îÛ    sssd-krb5-1.13.3-56.el6                                                             Ž­è          $   >           è            ì          4äå.¢«…>|ß<ji 3¾   >   ÿÿÿÐ       Ž­è       5 À   ?    °      d            è           é           ê           ì   	        í   	   L     î      °     ï      ´     ñ      Ì     ó      Ð     ö      ×     ÷      Þ     ø   	  
     ü          ý     <     þ     B          H          h     	     x     
     ˆ          ¨          p          x          ˜          À          è                    $          P   .          .       õ   .       X          \          a     (     p     8     x  Â  9     €  Â  :     bj  Â  G    ‹(     H    ‹H     I    ‹h     X    ‹x     Y    ‹„     \    ‹¤     ]    ‹Ä     ^    Œ7     b    Œì     d    Š     e         f    ’     l    ”     “    ¬   C sssd-krb5 1.13.3 56.el6 The Kerberos authentication back end for the SSSD Provides the Kerberos back end that the SSSD can utilize authenticate
against a Kerberos server.    XÒ¿úc1bm.rdu2.centos.org      YCentOS GPLv3+ CentOS BuildSystem <http://bugs.centos.org> Applications/System http://fedorahosted.org/sssd/ linux i686    œ     ‰K    W  9  ð  ÚíAí¤¤¤¤¤¤                XÒ¿£XÒ¿ãVpn¸XÒ¿“XÒ¿“XÒ¿“XÒ¿“XÒ¿“8eb049ac9f0c1570af3755f13412b7cd149e7ecc4e86faf0b98739c75ff238e1  8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903 809cf6327eb8bd1f572db0df0d2632eaf4f6b7b0917df630ee6cdda0b659b7e3 8bcab2b6988fabbb0c63be7140567a31b68e5cf771275e984b0429f500b05048 a86bfd2197afb05c24c125dc5c2cdc023100d3fab0ca191ccd5b2665741f3da3 c03da6ba4953eeadaf5a6dedc67ebc8dd6fa6f891a4764ec7c5e88e02cc5f90e d73d911ec35718491d5e084eb33462d8defc95b6f00fc15aae0d96eea8e49f1c                                   root root root root root root root root root root root root root root root root sssd-1.13.3-56.el6.src.rpm  ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿlibsss_krb5.so sssd-krb5 sssd-krb5(x86-32)          
  
  
  @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   
sssd-common sssd-krb5-common rpmlib(FileDigests) rpmlib(PayloadFilesHavePrefix) rpmlib(CompressedFileNames) libbasicobjects.so.0 libcollection.so.4 libcom_err.so.2 libc.so.6 libc.so.6(GLIBC_2.0) libc.so.6(GLIBC_2.1.3) libdbus-1.so.3 libdhash.so.1 libdl.so.2 libglib-2.0.so.0 libini_config.so.5 libk5crypto.so.3 libkeyutils.so.1 libkrb5.so.3 liblber-2.4.so.2 libldap-2.4.so.2 libldb.so.1 libnspr4.so libnss3.so libnssutil3.so libpcre.so.0 libplc4.so libplds4.so libpopt.so.0 libpthread.so.0 libref_array.so.1 librt.so.1 libsmime3.so libssl3.so libsss_cert.so libsss_child.so libsss_crypt.so libsss_debug.so libsss_krb5_common.so libsss_util.so libtalloc.so.2 libtalloc.so.2(TALLOC_2.0.2) libtdb.so.1 libtevent.so.0 rtld(GNU_HASH) rpmlib(PayloadIsXz) 1.13.3-56.el6 1.13.3-56.el6 4.6.0-1 4.0-1 3.0.4-1                                         5.2-1       sssd 1.10.0-8.beta2 4.8.0   X‹6@X‹6@XS×@XOâÀXJœÀXGùÀXF¨@X@ÀX6Ö@X6Ö@X-›ÀX!¾@X!¾@X&ÀX÷ÀX÷ÀX÷ÀWû‚ÀWû‚ÀWû‚ÀWôë@Wí@Wê_@Wê_@WãÇÀWãÇÀWßÓ@WßÓ@WßÓ@WßÓ@Wi,@WYZ@WPÀWPÀVêœ@VéJÀVéJÀVæ§ÀVâ³@VÕ„@VÕ„@VÃ@V»&@V³=@V³=@V¨±@V È@V È@VŸvÀVž%@Vž%@Vž%@VœÓÀVœÓÀV”êÀV”êÀVp ÀVii@V\:@VXEÀVVô@VVô@VVô@VM¹ÀV2
@Vf@Vf@Vf@UäAÀU‡øÀUuƒÀUnì@UmšÀUj÷ÀUcÀUcÀUUßÀUUßÀUJ@UB@UB@U@ÇÀU?v@U>$ÀU8ÞÀU.RÀU.RÀU-@U-@U-@U-@UF@UF@UôÀUôÀUôÀUôÀUôÀUÀUÀUÀUÑ@UÑ@UÑ@UÑ@Tü9ÀTù–ÀTù–ÀTù–ÀTöóÀTöóÀTöóÀTõ¢@Tõ¢@Tä~ÀTä~ÀTk4ÀTk4ÀT$ÀTÔÀTT@SüvÀSüvÀSüvÀSû%@S÷0ÀSó<@Só<@Só<@Sì¤ÀSì¤ÀSì¤ÀSì¤ÀSì¤ÀSì¤ÀSÚ/ÀSÚ/ÀSÖ;@SÒFÀSÐõ@SÐõ@SÐõ@SÐõ@SÐõ@SÐõ@SÆi@SÃÆ@S¸ÀS¸ÀS‡!@SsZÀSp·ÀSNpÀS4@S4@R²ßÀR‹RÀR‹RÀRfhÀRD!ÀR1¬ÀR%Ï@R ‰@R ‰@RÀR|ÀR|ÀR|ÀR|ÀR|ÀRÙÀRÙÀRÙÀRÙÀRÙÀRÙÀRÙÀRÙÀRÙÀRÙÀRÙÀRÙÀRˆ@Rˆ@Rˆ@Rˆ@Rˆ@Rˆ@Rˆ@Rˆ@Rˆ@Rˆ@Qñ@Qñ@QïÁÀQé*@Q§?@QÀQvwÀQkëÀQI¤ÀQ5Þ@Q0˜@Q']ÀQ	@PÿÐÀPÿÐÀPÿÐÀPþ@Pþ@Pþ@Pý-ÀPö–@Pö–@Pö–@PõDÀPõDÀPõDÀPõDÀPí[ÀPê¸ÀPê¸ÀPê¸ÀPê¸ÀPæÄ@PæÄ@PæÄ@PæÄ@PÒýÀPÒýÀPÒýÀPÒýÀPÒýÀPÒýÀPÒýÀPÏ	@PÏ	@PÏ	@PÏ	@PÏ	@PÏ	@PÌf@PËÀPËÀPËÀPËÀPÇ @PÇ @PÇ @PÇ @PÁÚ@PÁÚ@PÁÚ@PÀˆÀPÀˆÀPÀˆÀPÀˆÀPµüÀPµüÀPµüÀP´«@P´«@P¬Â@P«pÀP«pÀP«pÀPª@Pª@Pª@Pª@Pª@Pª@Pª@P¨ÍÀP¤Ù@P£‡ÀPŸ“@PŸ“@PŸ“@PŸ“@PŸ“@P˜ûÀP–XÀP“µÀP{úÀP{úÀP{úÀPz©@PqnÀPl(ÀPaœÀP`K@P#¦@OÄº@O¾"ÀO¾"ÀO»ÀO³–ÀO¬ÿ@O«­ÀOž~ÀO—ç@O‘OÀO‚Ï@O‚Ï@Ou @Ou @Oc+@O]å@OYðÀOOdÀON@OLÁÀOLÁÀOLÁÀOLÁÀOLÁÀO;ž@O5ÀO1@ObÀNÔÉ@N®ÀN®ÀN®ÀN§ö@N¦¤ÀN¦¤ÀNj@NœÀN˜$@N˜$@N–ÒÀN˜@N…¯@Nx€@Nmô@Ng\ÀN[@NTçÀN?ÏÀN:‰ÀN:‰ÀN:‰ÀNˆÀNˆÀN|@Mç{@Mç{@Mß’@MÜï@MÛÀMÛÀM¿î@M¾œÀMº¨@Mº¨@M¨3@M¦áÀM¤>ÀM¤>ÀM¢í@MžøÀM•¾@M“@Mx@MŒƒÀM‡=ÀM‡=ÀMwkÀMwkÀMv@MtÈÀMtÈÀMc¥@Mc¥@MbSÀM_°ÀMQ0@MJ˜ÀMGõÀMA^@MA^@MA^@M.é@M9ÀLþ!ÀL÷Š@L÷Š@Lôç@Lìþ@LÑNÀLÑNÀL²ü@L²ü@L›A@L€ã@LkË@LYV@LR¾ÀLI„@L7@L(ŽÀL_ÀLÓÀLGÀKúj@KóÒÀKò@Kä ÀKµÜ@K´ŠÀK§[ÀK Ä@K…ÀK~}@K]‡ÀKY“@KO@KKÀK/c@K+nÀK"4@K³ÀJæàÀJå@JášÀJ×ÀJÔkÀJÁöÀJÀ¥@J’€ÀJp9ÀJlE@J?r@J0ñÀJ,ý@IìcÀIìcÀIäzÀIã)@Iã)@Iã)@I¶V@I¶V@I³³@I±@I¯¾ÀI¢ÀI”@Lukas Slebodnik <lslebodn@redhat.com> - 1.13.3-56 Lukas Slebodnik <lslebodn@redhat.com> - 1.13.3-55 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-54 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-53 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-52 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-51 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-50 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-49 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-48 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-47 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-46 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-45 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-44 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-43 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-42 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-41 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-40 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-39 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-38 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-37 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-36 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-35 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-34 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-33 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-32 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-31 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-30 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-29 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-28 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-27 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-26 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-25 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-24 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-23 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-22 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-21 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-20 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-19 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-18 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-17 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-16 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-15 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-14 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-14 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-13 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-12 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-11 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-10 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-9 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-8 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-7 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-6 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-5 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-4 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-3 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-2 Jakub Hrozek <jhrozek@redhat.com> - 1.13.3-1 Jakub Hrozek <jhrozek@redhat.com> - 1.13.2-7 Jakub Hrozek <jhrozek@redhat.com> - 1.13.2-6 Jakub Hrozek <jhrozek@redhat.com> - 1.13.2-5 Jakub Hrozek <jhrozek@redhat.com> - 1.13.2-4 Jakub Hrozek <jhrozek@redhat.com> - 1.13.2-3 Jakub Hrozek <jhrozek@redhat.com> - 1.13.2-2 Jakub Hrozek <jhrozek@redhat.com> - 1.13.2-1 Jakub Hrozek <jhrozek@redhat.com> - 1.13.1-1 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-51 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-50 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-49 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-48 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-47 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-46 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-45 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-44 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-43 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-42 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-41 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-40 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-39 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-38 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-37 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-36 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-35 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-34 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-33 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-32 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-31 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-30 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-29 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-28 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-27 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-26 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-25 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-24 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-23 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-22 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-21 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-20 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-19 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-18 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-17 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-16 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-15 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-14 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-13 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-12 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-11 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-10 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-9 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-8 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-7 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-6 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-5 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-4 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-3 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-2 Jakub Hrozek <jhrozek@redhat.com> - 1.12.4-1 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-33 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-32 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-31 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-30 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-29 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-28 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-27 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-26 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-25 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-24 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-23 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-22 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-21 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-20 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-19 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-18 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-17 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-16 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-15 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-14 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-13 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-12 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-11 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-10 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-9 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-8 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-7 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-6 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-5 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-4 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-3 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-2 Jakub Hrozek <jhrozek@redhat.com> - 1.11.6-1 Jakub Hrozek <jhrozek@redhat.com> - 1.11.5.1-4 Jakub Hrozek <jhrozek@redhat.com> - 1.11.5.1-3 Jakub Hrozek <jhrozek@redhat.com> - 1.11.5.1-2 Jakub Hrozek <jhrozek@redhat.com> - 1.11.5.1-1 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-134 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-133 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-132 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-131 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-130 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-129 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-128 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-127 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-126 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-125 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-124 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-123 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-122 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-121 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-120 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-119 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-118 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-117 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-116 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-115 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-114 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-113 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-112 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-111 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-110 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-109 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-108 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-107 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-106 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-105 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-104 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-103 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-102 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-101 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-100 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-99 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-98 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-97 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-96 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-95 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-94 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-93 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-92 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-91 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-90 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-89 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-88 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-87 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-86 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-85 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-84 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-83 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-82 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-81 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-80 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-79 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-78 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-77 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-76 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-75 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-74 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-73 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-72 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-71 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-70 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-69 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-68 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-67 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-66 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-65 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-64 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-63 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-62 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-61 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-60 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-59 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-58 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-57 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-56 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-55 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-54 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-53 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-52 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-51 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-50 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-49 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-48 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-47 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-46 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-45 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-44 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-43 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-42 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-41 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-40 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-39 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-38 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-37 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-36 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-35 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-34 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-33 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-32 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-31 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-30 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-29 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-28 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-27 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-26 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-25 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-24 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-23 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-22 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-21 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-20 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-20 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-19 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-18 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-17 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-16 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-15 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-14 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-13 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-12 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-11 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-10 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-9 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-8 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-7 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-6 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-5 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-4 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-3 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-2 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-1 Jakub Hrozek <jhrozek@redhat.com> - 1.9.1-1 Jakub Hrozek <jhrozek@redhat.com> - 1.9.0-3 Jakub Hrozek <jhrozek@redhat.com> - 1.9.0-2 Jakub Hrozek <jhrozek@redhat.com> - 1.9.0-1.rc1 Jakub Hrozek <jhrozek@redhat.com> - 1.8.0-33 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-32 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-31 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-30 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-29 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-28 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-27 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-26 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-25 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-24 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-23 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-22 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-21 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-20 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-18 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-17 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-15 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-12 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-11 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-10 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-9 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-8 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-7 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-6 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-5 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-4.beta3 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-3.beta2 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-2.beta2 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-68 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-67 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-66 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-65 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-64 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-63 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-62 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-61 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-60 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-59 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-58 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-57 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-56 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-55 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-53 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-52 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-51 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-50 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-49 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-48 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-47 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-46 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-45 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-44 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-43 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-42 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-41 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-40 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-39 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-38 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-37 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-36 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-35 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-34 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-33 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-32 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-31 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-30 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-29 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-28 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-27 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-26 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-25 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-24 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-23 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-21 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-20 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-17 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-16 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-15 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-14 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-13 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-12 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-11 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-10 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-9 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-8 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-7 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-6 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-5 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-4 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-3 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-2 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-1 Stephen Gallagher <sgallagh@redhat.com> - 1.5.0-2 Stephen Gallagher <sgallagh@redhat.com> - 1.5.0-1 Stephen Gallagher <sgallagh@redhat.com> - 1.2.1-28.4 Stephen Gallagher <sgallagh@redhat.com> - 1.2.1-36 Stephen Gallagher <sgallagh@redhat.com> - 1.2.1-35 Stephen Gallagher <sgallagh@redhat.com> - 1.2.1-28.3 Stephen Gallagher <sgallagh@redhat.com> - 1.2.1-34 Stephen Gallagher <sgallagh@redhat.com> - 1.2.1-28.2 Stephen Gallagher <sgallagh@redhat.com> - 1.2.1-33 Stephen Gallagher <sgallagh@redhat.com> - 1.2.1-28.1 Stephen Gallagher <sgallagh@redhat.com> - 1.2.1-32 Stephen Gallagher <sgallagh@redhat.com> - 1.2.1-29 Stephen Gallagher <sgallagh@redhat.com> - 1.2.1-28 Stephen Gallagher <sgallagh@redhat.com> - 1.2.1-27 Stephen Gallagher <sgallagh@redhat.com> - 1.2.1-26 Stephen Gallagher <sgallagh@redhat.com> - 1.2.1-23 Stephen Gallagher <sgallagh@redhat.com> - 1.2.1-21 Stephen Gallagher <sgallagh@redhat.com> - 1.2.1-20 Stephen Gallagher <sgallagh@redhat.com> - 1.2.1-19 Stephen Gallagher <sgallagh@redhat.com> - 1.2.1-15 Stephen Gallagher <sgallagh@redhat.com> - 1.2.0-14 Stephen Gallagher <sgallagh@redhat.com> - 1.2.0-13 Stephen Gallagher <sgallagh@redhat.com> - 1.2.0-12 Stephen Gallagher <sgallagh@redhat.com> - 1.1.92-11.1 Stephen Gallagher <sgallagh@redhat.com> - 1.1.92-11 Stephen Gallagher <sgallagh@redhat.com> - 1.1.91-10 Simo Sorce <ssorce@redhat.com> - 1.1.1-3 Stephen Gallagher <sgallagh@redhat.com> - 1.1.1-1 Stephen Gallagher <sgallagh@redhat.com> - 1.1.0-2 Stephen Gallagher <sgallagh@redhat.com> - 1.1.0-1.pre20100317git0ea7f19 Stephen Gallagehr <sgallagh@redhat.com> - 1.0.5-2 Stephen Gallagher <sgallagh@redhat.com> - 1.0.5-1 Stephen Gallagher <sgallagh@redhat.com> - 1.0.4-1 Stephen Gallagher <sgallagh@redhat.com> - 1.0.3-1 Stephen Gallagher <sgallagh@redhat.com> - 1.0.2-1 Stephen Gallagher <sgallagh@redhat.com> - 1.0.1-1 Stephen Gallagher <sgallagh@redhat.com> - 1.0.0-2 Stephen Gallagher <sgallagh@redhat.com> - 1.0.0-1 Stephen Gallagher <sgallagh@redhat.com> - 0.99.1-1 Stephen Gallagher <sgallagh@redhat.com> - 0.99.0-1 Stephen Gallagher <sgallagh@redhat.com> - 0.7.1-1 Stephen Gallagher <sgallagh@redhat.com> - 0.7.0-2 Stephen Gallagher <sgallagh@redhat.com> - 0.7.0-1 Stephen Gallagher <sgallagh@redhat.com> - 0.6.1-2 Stephen Gallagher <sgallagh@redhat.com> - 0.6.1-1 Stephen Gallagher <sgallagh@redhat.com> - 0.6.0-1 Sumit Bose <sbose@redhat.com> - 0.6.0-0 Simo Sorce <ssorce@redhat.com> - 0.5.0-0 Jakub Hrozek <jhrozek@redhat.com> - 0.4.1-4 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.4.1-3 Simo Sorce <ssorce@redhat.com> - 0.4.1-2 Simo Sorce <ssorce@redhat.com> - 0.4.1-1 Simo Sorce <ssorce@redhat.com> - 0.4.1-0 Simo Sorce <ssorce@redhat.com> - 0.3.2-2 Jakub Hrozek <jhrozek@redhat.com> - 0.3.2-1 Simo Sorce <ssorce@redhat.com> - 0.3.1-2 Simo Sorce <ssorce@redhat.com> - 0.3.1-1 Simo Sorce <ssorce@redhat.com> - 0.3.0-2 Simo Sorce <ssorce@redhat.com> - 0.3.0-1 Simo Sorce <ssorce@redhat.com> - 0.2.1-1 Simo Sorce <ssorce@redhat.com> - 0.2.0-1 Jakub Hrozek <jhrozek@redhat.com> - 0.1.0-5.20090309git691c9b3 Jakub Hrozek <jhrozek@redhat.com> - 0.1.0-4 Sumit Bose <sbose@redhat.com> - 0.1.0-3 Jakub Hrozek <jhrozek@redhat.com> - 0.1.0-2 Stephen Gallagher <sgallagh@redhat.com> - 0.1.0-1 - Resolves: rhbz#1404697 - SSSD does not skip GPO if no gpcFunctionalityVersion present
- Resolves: rhbz#1374813 - SSSD fails to process GPO from Active Directory - Resolves: rhbz#1415785 - ldap_child does not remove temporary files
                           when it's killed with  SIGTERM - Apply several more smartcard-related patches.
- Related: rhbz#1300421 - Screen locks and smart card is removed - must
                          show a message to insert the correct smartcard - Resolves: rhbz#1400643 - sssd prevents sudo from getting data from LDAP - Resolves: rhbz#1393592 - SSH-CERT: always initialize cert_verify_opts - Revert the ding-libs requirement
- Related: rhbz#1374813 - SSSD fails to process GPO from Active Directory. - Related: rhbz#1369921 - Members of nested netgroups configured in IdM
                          cannot be seen by getent on clients - Require the matching version of ding-libs
- Related: rhbz#1374813 - SSSD fails to process GPO from Active Directory. - Fix a coverity warning
- Related: rhbz#1382395 - sudo: ignore case on case insensitive domains - Resolves: rhbz#1382395 - sudo: ignore case on case insensitive domains - Resolves: rhbz#1369921 - Members of nested netgroups configured in IdM
                           cannot be seen by getent on clients - Resolves: rhbz#1324428 - [RFE] Discover forest's root SID even if
                           subdomains_provider = none - Resolves: rhbz#1367802 - using overides causes segfault in libldb - Resolves: rhbz#1329378 - pam_sss set KRB5CCNAME with sudo logins - Resolves: rhbz#1382603 - autofs map resolution doesn't work offline - Resolves: rhbz#1339986 - [sssd-ldap] man page needs attention - Resolves: rhbz#1321884 - IPA sudo: support the externalUser attribute - Resolves: rhbz#1299994 - ssh client checks only the first certificate
                           on a smartcard when the card has multiple certs
- Resolves: rhbz#1300421 - Screen locks and smart card is removed - must
                           show a message to insert the correct smartcard
- Resolves: rhbz#1372681 - ssh with Smartcards - skip invalid certificates - Resolves: rhbz#1329648 - Protocol error with IPA on RHEL-6
- Resolves: rhbz#1329647 - IPA view: view name not stored properly with
                           default FreeIPA installation - Resolves: rhbz#1339986 - [sssd-ldap] man page needs attention - Resolves: rhbz#1327272 - local overrides: issues with sub-domain users
                           and mixed case names - Resolves: rhbz#1293168 - Inconsistent user synching between IPA and AD - Resolves: rhbz#1374813 - SSSD fails to process GPO from Active Directory. - Resolves: rhbz#1377782 - sssd is looking at a server in the GC of a
                           subdomain, not the root domain. - Resolves: rhbz#1365218 - SSSD does not fail over to next GC - Resolves: rhbz#1367435 - Intermittent sssd auth failures - Resolves: rhbz#1369079 - sssd runs out of available child slots and
                           starts queuing requests in proxy mode - Resolves: rhbz#1338619 - segmentation fault in sssd after upgrade to
                           sssd-1.13.3-22.el6.x86_64 when upgrading cache - Resolves: rhbz#1324107 - GPO: Access denied after blocking connection to AD. - Resolves: rhbz#1293168 - Inconsistent user synching between IPA and AD - Resolves: rhbz#1340927 - sssd-common requires libnfsidmap - Resolves: rhbz#1340176 - The AD keytab renewal task leaks a file descriptor - Resolves: rhbz#1335400 - In IPA-AD trust environment access is granted
                           to AD user even if the user is disabled on AD. - Resolves: rhbz#1336453 - sssd_be doesn't terminate forked child process
                           if adcli is not installed - Resolves: rhbz#1312062 - sssd does not pass LDAP rules to sudo - Resolves: rhbz#1313940 - SSSD PAM module does not support multiple
                           password prompts (e.g. Password + Token) with sudo - Actually apply patches from previous build
- Resolves: rhbz#1313940 - sudorule not working with ipa sudo_provider - Resolves: rhbz#1313940 - sudorule not working with ipa sudo_provider - Resolves: rhbz#1209600 - Getting ERROR (getpwnam() failed): Broken pipe
                           with 1.11.6 - Backport of a more minimal dependency patch to avoid changes to AD
  provider behaviour
- Related: rhbz#1264705 - Allow SSSD to notify user of denial due to AD
                          account lockout - Resolves: rhbz#1308939 - After removing certificate from user in IPA
                           and even after sss_cache, FindByCertificate
                           still finds the user - Require a newer selinux-policy to avoid issues when prompting for SC PIN
- Related: rhbz#1299066 - smartcard login does not prompt for pin when
                          ocsp checking is enabled (default config) - Resolves: rhbz#1264705 - Allow SSSD to notify user of denial due to AD
                           account lockout - Resolves: rhbz#1259687 - sssd_nss memory usage keeps growing on
                            sssd-1.12.4-47.el6.x86_64 (RHEL6.7) when
                            trying to retrieve non-existing netgroups - Update sssd-ldap man page for the recent ID mapping changes
- Related: rhbz#1268902 - SSSD doesn't set the ID mapping range automatically - Resolves: rhbz#1295883 - refresh_expired_interval stops sss_cache
                           from working - Resolves: rhbz#1268902 - SSSD doesn't set the ID mapping range automatically - Resolves: rhbz#1298253 - Screen lock prompts for smartcard user password
                           and not smartcard pin when logged in using smartcard
                           pin - Resolves: rhbz#1292458 - sssd_be AD segfaults on missing A record - Resolves: rhbz#1262981 - sssd dereference processing failed : Input/output
                           error - Resolves: rhbz#1290761 - [RFE] Support Automatic Renewing of Kerberos
                           Host Keytabs - Resolves: rhbz#1244957 - [RFE] SUDO: Support the IPA schema - Resolves: rhbz#1298634 - Cannot retrieve users after upgrade from 1.12
                           to 1.13 - Resolves: rhbz#1287807 - SRV lookup for KDC servers doesn't work - Resolves: rhbz#1273802 - ad_site parameter does not work - Fix memory leak in the NFS plugin
- Related: rhbz#1269820 - Rebase SSSD to 1.13.x in RHEL-6.8
- Resolves: rhbz#1296620 - Properly remove OriginalMemberOf attribute in
                           SSSD cache if user has no secondary groups anymore
- Resolves: rhbz#1283898 - MAN: Clarify that subdomains always use service
                           discovery - Rebase to 1.13.3
- Remove setuid bit from proxy_child, RHEL-6 doesn't support running
  SSSD as a non-privileged user
- Resolves: rhbz#1269820 - Rebase SSSD to 1.13.x in RHEL-6.8 - Don't own files as the SSSD user
- Resolves: rhbz#1289482 - warning: user sssd does not exist - using root - Resolves: rhbz#1279971 - groups get deleted from the cache - The p11_child doesn't have to run privileged anymore, remove the
  setuid bit
- Related: rhbz#1270027 - [RFE] Support for smart cards - Resolves: rhbz#1266108 - Check next certificate on smart card if first
                           is not valid
- Also enable OCSP checks - Resolves: rhbz#1285852 - sssd: [sysdb_add_user] (0x0400): Error: 17
                           (File exists) - Silence compilation warnings and Coverity issues
- Related: rhbz#1269820 - Rebase SSSD to 1.13.x in RHEL-6.8 - Resolves: rhbz#1269820 - Rebase SSSD to 1.13.x in RHEL-6.8
- Squash in packaging review changes by lslebodn@redhat.com - Resolves: rhbz#1269820 - Rebase SSSD to 1.13.x in RHEL-6.8
- The rebase also resolves the following bugzillas:
- Resolves: rhbz#1270029 - [RFE] Add a way to lookup users based on CAC
                           identity certificates
- Resolves: rhbz#1270027 - [RFE] Support for smart cards 
- Resolves: rhbz#1269422 - [FEAT] UID and GID mapping on individual clients
- Resolves: rhbz#1269421 - [RFE] The fast memory cache should cache initgroups
- Resolves: rhbz#1265429 - If the site discovery fails, ad-site option is
                           not taken into account.
- Resolves: rhbz#1254193 - Fix for cyclic dependencies between
                           sssd-{krb5,}-common
- Resolves: rhbz#1247997 - [IPA/IdM] sudoOrder not honored as expected
- Resolves: rhbz#1237142 - [RFE] authenticate against cache in SSSD
- Resolves: rhbz#1232632 - Kerberos-based providers other than krb5 do
                           not queue requests
- Resolves: rhbz#1227804 - Group members are not turned into ghost entries
                           when the user is purged from the SSSD cache
- Resolves: rhbz#1227685 - sssd with ldap backend throws error domain log
- Resolves: rhbz#1221365 - [RFE] Support GPOs from different domain controllers
- Resolves: rhbz#1215195 - Override for IPA users with login does not list
                           user all groups
- Resolves: rhbz#1196204 - sssd cache holding gid values for nss, but not
                           the alpha group name representation
- Resolves: rhbz#1194039 - [RFE] User's home directories are not
                           taken from AD when there is an IPA trust with AD - Resolves: rhbz#1266404 - Memory leak / possible DoS with krb auth. - Resolves: rhbz#1264524 - SSSD POSIX attribute check is too strict - Resolves: rhbz#1255285 - cleanup_groups should sanitize dn of groups - Resolves: rhbz#1251349 - sysdb sudo search doesn't escape special
                           characters - Resolves: rhbz#1232738 - Cache is not updated after user is deleted from
                           ldap server - Resolves: rhbz#1227860 - Provide a way to disable the cleanup task
- Resolves: rhbz#1227863 - ignore_group_members doesn't work for subdomains - Resolves: rhbz#1226834 - id lookup for non-root domain users doesn't
                           return all groups on first attempt - Resolves: rhbz#1225614 - IPA enumeration provider crashes - Resolves: rhbz#1212610 - sssd ad groups work intermittently - Resolves: rhbz#1215765 - sssd nss responder gets wrong number of
                           secondary groups - Resolves: rhbz#1221358 - SSSD doesn't work with ID mapping and disabled
                           subdomains - Resolves: rhbz#1219844 - Unable to resolve group memberships for AD
                           users when using sssd-1.12.2-58.el7_1.6.x86_64
                           client in combination with
                           ipa-server-3.0.0-42.el6.x86_64 with AD Trust - Resolves: rhbz#1216094 - /usr/libexec/sssd/selinux_child crashes and
                           gets avc denial when ssh - Include several upstream fixes related to ID views
- Resolves: rhbz#1215195 - Override for IPA users with login does not list
                           user all groups
- Resolves: rhbz#1213947 - Group resolution is inconsistent with group
                           overrides
- Resolves: rhbz#1213822 - Overrides with --login work in second attempt - Resolves: rhbz#1217328 - autofs provider fails when default_domain_suffix
                           and use_fully_qualified_names set - Resolves: rhbz#1212387 - sssd_be segfault id_provider = ad
                           src/providers/ad/ad_gpo.c:843 - Resolves: rhbz#1213940 - Overridde with --login fails trusted adusers
                           group membership resolution - Resolves: rhbz#1170910 - SSSD should not fail authentication when only
                           allow rules are used - Resolves: rhbz#1213716 - idoverridegroup for ipa group with --group-name
                           does not work
- Resolves: rhbz#1213822 - Overrides with --login work in second attempt - Resolves: rhbz#1212017 - Sudo responder does not respect filter_users
                           and filter_groups - Resolves: rhbz#1203642 - GPO access control looks for computer object
                           in user's domain only - Related: rhbz#1211728 - Only set the selinux context if the context
                          differs from the local one - Package the localauth plugin
- Related: rhbz#1168357 - [RFE] Implement localauth plugin for MIT krb5 1.12 - Resolves: rhbz#1207720 - id lookup resolves "Domain Local" group and
                           errors appear in domain log - BuildRequire the proper libkrb5 version for correct localauth plugin build
- Related: rhbz#1168357 - [RFE] Implement localauth plugin for MIT krb5 1.12 - Resolves: rhbz#1194367 - sssd_be dumping core - Resolves: rhbz#1206121 - ldap_access_order=ppolicy: Explicitly mention in
                           manpage that unsupported time specification will
                           lead to sssd denying access - Resolves: rhbz#1205382 - Properly handle AD's binary objectGUID - Resolves: rhbz#1205716 - Installing sssd-common-1.12.4-18.el6 might
                           install with wrong user account (root) - Fix a typo in DEBUG message
- Related: rhbz#1173198 - [RFE] Have OpenLDAP lock out ssh keys when
                          account naturally expires - Handle TTL=0 in SRV queries correctly
- Resolves: rhbz#1171378 - Read and use the TTL value when resolving a
                           SRV query - Cherry-pick unit test changes from upstream to allow cherry-picking
  sssd-1-12 patches
- Remove unused LDAP provider code to avoid static analyser warnings
- Related: rhbz#1168347 - Rebase sssd to 1.12.x - Resolves: rhbz#1206092 - sssd crashes intermittently in GPO code - Resolves: rhbz#1202728 - sssd-ad requires samba3, but ipa-server-trust-ad
                           requires samba4 - Resolves: rhbz#1203630 - SSSD doesn't own the GPO cache directory - Fix warning in SELinux code
- Handle setups with empty default and no SELinux maps
- Related: rhbz#1194302 - With empty ipaselinuxusermapdefault security
                          context on client is staff_u
- Resolves: rhbz#1202305 - sssd_be segfault on IPA(when auth with AD
                           trusted domain) client at
                           src/providers/ipa/ipa_s2n_exop.c:1605
- Resolves: rhbz#1201847 - SSSD downloads too much information when fetching
                           information about groups - Fix PAM responder initgroups cache for subdomain users
- Log extop failures better
- Related: rhbz#1168344 - [RFE] ID Views: Support migration from the sync
                          solution to the trust solution - Fix internal error codes broken when fixing rhbz#1036745
- Related: rhbz#1036745 - [RFE] Allow SSSD to issue shadow expiration
                          warning even if alternate authentication method
                          is used - Resolves: rhbz#1200093 - sssd_nss segfaults if initgroups request is by
                           UPN and doesn't find anything - Fix Coverity warning in ldap_child
- Add better debugging
- Related: rhbz#1198478 - ccname_file_dummy is not unlinked on error - Resolves: rhbz#1098147 - [RFE] Implement background refresh for users,
                           groups or other cache objects - Resolves: rhbz#1173198 - [RFE] Have OpenLDAP lock out ssh keys when
                           account naturally expires - Initialize a pointer in ldap_child to NULL
- Resolves: rhbz#1198478 - ccname_file_dummy is not unlinked on error - Relax the ldb requirement
- Related: rhbz#1168347 - Rebase sssd to 1.12.x - Resolves: rhbz#1194302 - With empty ipaselinuxusermapdefault security
                           context on client is staff_u - Resolves: rhbz#1198478 - ccname_file_dummy is not unlinked on error - Resolves: rhbz#1171378 - Read and use the TTL value when resolving a
                           SRV query - Resolves: rhbz#1171378 - Read and use the TTL value when resolving a
                           SRV query
- Rebuild against latest krb5, add a versioned BuildRequires
- Resolves: rhbz#1168357 - [RFE] Implement localauth plugin for MIT krb5 1.12 -  Related: rhbz#1036745 - [RFE] Allow SSSD to issue shadow expiration
                           warning even if alternate authentication method
                           is used - Do not mark the selinux_child helper as setuid, we don't support rootless
  SSSD in 6.7
- Related: rhbz#1168347 - Rebase sssd to 1.12.x - Resolves: rhbz#1168347 - Rebase sssd to 1.12.x
- The rebase resolves the following RHEL bugzillas
- Resolves: rhbz#1172865 - sssd.conf(5) man page gives bad advice about
                           domains parameter
- Resolves: rhbz#1172494 - PAC: krb5_pac_verify failures should not
                           be fatal (backport fix from upstream)
- Resolves: rhbz#1171782 - [RFE]: SSSD should preserve case for user
                           uid field
- Resolves: rhbz#1170910 - SSSD should not fail authentication when only
                           allow rules are used
- Resolves: rhbz#1168377 - [RFE] User's home directories and shells are
                           not taken from AD when there is an IPA trust with AD
- Resolves: rhbz#1168363 - [RFE] Add domains= option to pam_sss
- Resolves: rhbz#1168344 - [RFE] ID Views: Support migration from the sync
                           solution to the trust solution
- Resolves: rhbz#1161564 - [RFE]ad provider dns_discovery_domain option:
                           kerberos discovery is not using this option
- Resolves: rhbz#1148582 - inconsistent group information when multiple
                           ad domain sections are configured in sssd
- Resolves: rhbz#1140909 - sssd.conf man page missing subdomains_provider
                           ad support
- Resolves: rhbz#1139878 - SSSD connection terminated after failing
                           anonymous bind to IBM Tivoli Directory Server
- Resolves: rhbz#1135838 - Man sssd-ldap shows parameter
                           ldap_purge_cache_timeout with "Default: 10800
                           (12 hours)"
- Resolves: rhbz#1135432 - Dereference code errors out when dereferencing
                           entries protected by ACIs
- Resolves: rhbz#1134942 - sssd does not recognize Windows server 2012
                           R2's LDAP as AD
- Resolves: rhbz#1123291 - automount segfaults in sss_nss_check_header
- Resolves: rhbz#1088402 - [RFE] Allow login through SSSD using multiple
                           attributes - Resolves: rhbz#1154042 - RHEL6.6 sssd (1.11) doesn't return all group
                           memberships against an IPA server - Resolves: rhbz#1160713 - TokenGroups for LDAP provider breaks in corner
                           cases - Resolves: rhbz#1141814 - Password expiration policies are not being
                           enforced by SSSD - Resolves: rhbz#1139044 - RHEL6.6 ipa user private group not found - Resolves: rhbz#1103487 - CVE-2014-0249 - sssd: incorrect expansion of group
                           membership when encountering a non-POSIX group - Resolves: rhbz#1125187 - simple_allow_groups does not lookup groups from
                           other AD domains - Resolves: rhbz#1127270 - sssd connect to ipa-server is long - Resolves: rhbz#1130017 - Saving group membership fails if provider is AD,
                           POSIX attributes are used and primary group contains
                           the user as a member - Resolves: rhbz#1111528 - Expired shadow policy user(shadowLastChange=0)
                           is not prompted for password change - Resolves: rhbz#1132361 - use-after-free in dyndns code - Resolves: rhbz#1099290: RFE: Be able to configure sssd to honor openldap
                          account lock to restrict access via ssh key - Use the correct sudo iterator
- Related: rhbz#1118336 - sudo: invalid sudoHost filter with asterisk - Add notes about offline mode to sssd.conf
- Related: rhbz#1110226 - Requests queued during transition from offline
                           to online mode - Resolves: rhbz#1127278 -  Auth fails when space in username is
                            replaced with character set by
                            override_default_whitespace - Resolves: rhbz#1127757 - sssd can't retrieve sudo rules when using the
                           "default_domain_suffix" option - Resolves: rhbz#1127265 - Problems with tokengroups and ldap_group_search_base - Resolves: rhbz#1126636 - RHEL6.6 sssd not running after upgrade - Resolves: rhbz#1128612 - IFP: FQDN lookups are broken - Resolves: rhbz#1118336 - sudo: invalid sudoHost filter with asterisk - Resolves: rhbz#1110226 - Requests queued during transition from offline
                           to online mode - Resolves: rhbz#1122873 -  Failover does not always happen from SRV
                            to hostname resolution(via /etc/hosts)
- Remove spurious systemctl call on %postun - Resolves: rhbz#1111317 - [RFE] Add option for sssd to replace space with
                           specified character in LDAP group - Resolves: rhbz#1109188 - dereferencing control failure against openldap
                           server - Resolves: rhbz#1084532 - sssd_sudo process segfaults - Resolves: rhbz#1122158 - ad: group membership is empty when id mapping
                           is off and tokengroups are enabled - Resolves: rhbz#1118541 - Floating point exception using ldap - Resolves: rhbz#1042922 - [RFE] Add fallback to sudoRunAs when sudoRunAsUser
                           is not defined and no ldap_sudorule_runasuser mapping
                           has been defined in SSSD - Resolves: rhbz#1120508 - tokengroups do not work with id_provider=ldap - Fix potential NULL dereference in IFP code
- Related: rhbz#1110369 - sssd is started before messagebus, making
                          sssd-ifp fail - BuildRequire the latest libini_config
- Related: #1051164 - Rebase SSSD to 1.11+ in RHEL6 - Resolves: rhbz#1110369 - sssd is started before messagebus, making
                           sssd-ifp fail - Resolves: rhbz#1104145 - public key validator is too strict and does not
                           allow newlines anywhere in the public key string,
                           not even at the end - Rebase to 1.11.6
- Resolves: #1051164 - Rebase SSSD to 1.11+ in RHEL6 - Rebuild against new ding-libs
- Related: #1051164 - Rebase SSSD to 1.11+ in RHEL6 - Backport the InfoPipe patches needed for Sat6 integration
- Related: #1051164 - Rebase SSSD to 1.11+ in RHEL6 - Resolves: #1085412 - SSSD Crashes when storage experiences high latency - Resolves: #1051164 - Rebase SSSD to 1.11+ in RHEL6 Resolves: #1036168 - sssd can't retrieve auto.master when using the
                     "default_domain_suffix" - Resolves: #1065534 - SSSD pam module accepts usernames with leading spaces - Resolves: #1038098 - sssd_nss grows memory footprint when netgroups
                       are requested - Allow combination of proxy id backend and LDAP auth backend
- Resolves: #1025813 - SSSD: Allow for custom attributes in RDN when using
                       id_provider = proxy - Inherit UID limits for subdomains
- Resolves: #1020905 - Creating system accounts on a IdM client takes up
                       to 10 minutes when AD trust is configured in the IdM. - Do not crash when LDAP disconnects while a search is still in progress
- Resolves: #1019979 - sssd_be segfault when authenticating against active
                       directory - More upstream fixes to prevent memcache crashes
- Related: #997406 - sssd_nss core dumps under load - Resolves: #1002929 - sssd_be segfaults if IPA dynamic DNS update times out - Make IPA SELinux provider aware of subdomain users
- A better version of already committed patch
- Resolves: #954342 - In IPA AD trust setup, the sssd logs throws
                      'sysdb_search_user_by_name failed' error when
                      AD user tries to login via ipa client. - Resolves: #997406 - sssd_nss core dumps under load
- Resolves: #984814 - sssd_nss terminated with segmentation fault - Resolves: #1002161 - large number of sudo rules results in error -
                       Unable to create response: Invalid argument - Silence restorecon on clean install
- Resolves: #987456 - RHEL6 sssd upgrade restorecon workaround for
                      /var/lib/sss/mc context - Make IPA SELinux provider aware of subdomain users
- Resolves: #954342 - In IPA AD trust setup, the sssd logs throws
                      'sysdb_search_user_by_name failed' error when
                      AD user tries to login via ipa client. - Print password complexity hint when password change fails with
  constraint violation
- Related: #983028 - passwd returns "Authentication token manipulation
                     error" when entering wrong current password - Resolves: #983028 - passwd returns "Authentication token manipulation
                      error" when entering wrong current password - Resolves: #948830 - sssd do too many disk writes causing delay in
                      "getent netgroup allmachines-netgroup" nested netgroups. - Resolves: #984814 - sssd_nss terminated with segmentation fault - Resolves: #966757 - SSSD failover doesn't work if the first DNS server
                     in resolv.conf is unavailable - Resolves: #963235 - sssd_be crashing with nested ldap groups - Apply a forgotten dependency for patch #254
- Related: #916997 - getgrnam / getgrgid for large user groups
                     is too slow due to range retrieval functionality
- Add two fixes for better handling of faulty SRV processing
- Related: #954275 - sssd fails connect to IPA server during boot when
                     spanning tree is enabled in network router.
- Remove enumerate=true from example in man page
- Related: #988381 - clarify the disadvantages of enumeration in sssd.conf - Resolves: #914433 - sssd pam write_selinux_login_file creating the temp
                      file for SELinux data failed - Resolves: #916997 - getgrnam / getgrgid for large user groups
                      is too slow due to range retrieval functionality - Resolves: #918394 - sssd etas 99% CPU and runs out of file descriptors
                      when clearing cache - Resolves: #924113 - man sssd-sudo has wrong title - Resolves: #924397 - document what does access_provider=ad do - Use permissive control when adding ghost users
- Resolves: #928797 - cyclic group memberships may not work depending on
                      order of operations - Set correct state of SRV servers on resolving error
- Resolves: #954275 - sssd fails connect to IPA server during boot when
                      spanning tree is enabled in network router. - Resolves: #954323 - SSSD doesn't display warning for last grace login. - Format patch to configure sysv script differently
- RHEL-6 patch(1) apparently doesn't like the output of git format-patch
 -M -C and doesn't properly copy files on renames
- Resolves: #971435 - Enhance sssd init script so that it would source a
  configuration. - Resolves: #973345 - SSSD service randomly dies - Resolves: #971435 - Enhance sssd init script so that it would source
                      a configuration - Resolves: #961356 - SUDO is not working for users from trusted AD domain - Resolves: #970519 - [RFE] Add support for suppressing group members - Resolves: #976273 - [RFE] Add a new override_homedir expansion for the
                      "original value" - Resolves: #978966 - sudoHost mismatch response is incorrect sometimes - Clarify the min_id/max_id limits further
- Resolves: #978994 - SSSD filter out ldap user/group if uid/gid is zero - Resolves: #979046 - sssd_be goes to 99% CPU and causes significant login
                      delays when client is under load - Resolves: #986379 - sss_cache -N/-n should invalidate the hash table
                      in sssd_nss - Resolves: #988525 - sssd fails instead of skipping when a sudo ldap
                      filter returns entries with multiple CNs - Mention that enumeration should be discouraged
- Resolves: #988381 - clarify the disadvantages of enumeration in sssd.conf - Call restorecon on memcache files to force the right context on upgrades
- Resolves: #987456 - RHEL6 sssd upgrade restorecon workaround for
                      /var/lib/sss/mc context - Resolves: #987479 - libsss_sudo should depend on sudo package with
                      sssd support - Resolves: #951086 - sssd_pam segfaults if sssd_be is stuck - Resolves: #967636 - SSSD frequently fails to return automount maps
                      from LDAP - Resolves: #953165 - Enabling enumeration causes sssd_be process to
                      utilize 100% of the CPU - Resolves: #906398 - sssd_be crashes sometimes - Resolves: #950874: Simple access control always denies uppercased users
                     in case insensitive domain - Resolves: #921454: Resolve local group members in LDAP groups - Resolves: rhbz#911299 - sssd: simple access provider flaw prevents intended
                          ACL use when client to an AD provider - Fix pwd_expiration_warning=0
- Resolves: rhbz#911329 - pwd_expiration_warning has wrong default for
                          Kerberos - Resolves: rhbz#911329 - pwd_expiration_warning has wrong default for
                          Kerberos - Resolves: rhbz#872827 - Serious performance regression in sssd - Resolves: rhbz#888614 - Failure in memberof can lead to failed
                          database update - Resolves: rhbz#903078 - TOCTOU race conditions by copying
                          and removing directory trees - Resolves: rhbz#903078 - Out-of-bounds read flaws in
                          autofs and ssh services responders - Resolves: rhbz#902716 - Rule mismatch isn't noticed before smart refresh
                          on ppc64 and s390x - Resolves: rhbz#896476 - SSSD should warn when pam_pwd_expiration_warning
                          value is higher than passwordWarning LDAP attribute. - Resolves: rhbz#902436 - possible segfault when backend callback is removed - Resolves: rhbz#895132 - Modifications using sss_usermod tool are not
                          reflected in memory cache - Resolves: rhbz#894302 - sssd fails to update to changes on autofs maps - Resolves: rhbz894381 - memory cache is not updated after user is deleted
                         from ldb cache - Resolves: rhbz895615 - ipa-client-automount: autofs failed in s390x and
                         ppc64 platform - Resolves: rhbz#894997 - sssd_be crashes looking up members with groups
                          outside the nesting limit - Resolves: rhbz#895132 - Modifications using sss_usermod tool are not
                          reflected in memory cache - Resolves: rhbz#894428 - wrong filter for autofs maps in sss_cache - Resolves: rhbz#894738 - Failover to ldap_chpass_backup_uri doesn't work - Resolves: rhbz#887961 - AD provider: getgrgid removes nested group
                          memberships - Resolves: rhbz#878583 - IPA Trust does not show secondary groups for AD
                          Users for commands like id and getent - Resolves: rhbz#874579 - sssd caching not working as expected for selinux
                          usermap contexts - Resolves: rhbz#892197 - Incorrect principal searched for in keytab - Resolves: rhbz#891356 - Smart refresh doesn't notice "defaults" addition
                          with OpenLDAP - Resolves: rhbz#878419 - sss_userdel doesn't remove entries from in-memory
                          cache - Resolves: rhbz#886848 - user id lookup fails for case sensitive users
                          using proxy provider - Resolves: rhbz#890520 - Failover to krb5_backup_kpasswd doesn't work - Resolves: rhbz#874618 - sss_cache: fqdn not accepted - Resolves: rhbz#889182 - crash in memory cache - Resolves: rhbz#889168 - krb5 ticket renewal does not read the renewable
                          tickets from cache - Resolves: rhbz#886091 - Disallow root SSH public key authentication
- Add default section to switch statement (Related: rhbz#884666) - Resolves: rhbz#886038 - sssd components seem to mishandle sighup - Resolves: rhbz#888800 - Memory leak in new memcache initgr cleanup function - Resolves: rhbz#888614 - Failure in memberof can lead to failed database
                          update - Resolves: rhbz#885078 - sssd_nss crashes during enumeration if the
                          enumeration is taking too long - Related: rhbz#875851 - sysdb upgrade failed converting db to 0.11
- Include more debugging during the sysdb upgrade - Resolves: rhbz#877972 - ldap_sasl_authid no longer accepts full principal - Resolves: rhbz#870045 - always reread the master map from LDAP
- Resolves: rhbz#876531 - sss_cache does not work for automount maps - Resolves: rhbz#884666 - sudo: if first full refresh fails, schedule
                          another first full refresh - Resolves: rhbz#880956 - Primary server status is not always reset after
                          failover to backup server happened
- Silence a compilation warning in the memberof plugin (Related: rhbz#877974)
- Do not steal resolv result on error (Related: rhbz#882076) - Resolves: rhbz#882923 - Negative cache timeout is not working for proxy
                          provider - Resolves: rhbz#884600 - ldap_chpass_uri failover fails on using same
                          hostname - Resolves: rhbz#858345 - pam_sss(crond:account): Request to sssd
                          failed. Timer expired - Resolves: rhbz#878419 - sss_userdel doesn't remove entries from in-memory
                          cache - Resolves: rhbz#880176 - memberUid required for primary groups to match
                          sudo rule - Resolves: rhbz#885105 - sudo denies access with disabled
                          ldap_sudo_use_host_filter - Resolves: rhbz#883408 - Option ldap_sudo_include_regexp named incorrectly - Resolves: rhbz#880546 - krb5_kpasswd failover doesn't work
- Fix the error handler in sss_mc_create_file (Related: #789507) - Resolves: rhbz#882221 - Offline sudo denies access with expired
                          entry_cache_timeout
- Fix several bugs found by Coverity and clang:
- Check the return value of diff_gid_lists (Related: #869071)
- Move misplaced sysdb assignment (Related: #827606)
- Remove dead assignment (Related: #827606)
- Fix copy-n-paste error in the memberof plugin (Related: #877974) - Resolves: rhbz#882923 - Negative cache timeout is not working for proxy
                          provider
- Link sss_ssh_authorizedkeys and sss_ssh_knowhostsproxy with the client
  libraries (Related: #870060)
- Move sss_ssh_knownhosts documentation to the correct section
  (Related: #870060) - Resolves: rhbz#884480 - user is not removed from group membership during
                          initgroups
- Fix incorrect synchronization in mmap cache (Related: #789507) - Resolves: rhbz#883336 - sssd crashes during start if id_provider is
                          not mentioned - Resolves: rhbz#882290 - arithmetic bug in the SSSD causes netgroup
                          midpoint refresh to be always set to 10 seconds - Resolves: rhbz#877974 - updating top-level group does not reflect ghost
                          members correctly
- Resolves: rhbz#880159 - delete operation is not implemented for ghost users - Resolves: rhbz#881773 - mmap cache needs update after db changes - Resolves: rhbz#875677 - password expiry warning message doesn't appear
                          during auth
- Fix potential NULL dereference when skipping built-in AD groups
  (Related: rhbz#874616)
- Add missing parameter to DEBUG message (Related: rhbz#829742) - Resolves: rhbz#882076 - SSSD crashes when c-ares returns success but an
                          empty hostent during the DNS update
- Do not version libsss_sudo, it's not supposed to be linked against, but
  dlopened (Related: rhbz#761573) - Resolves: rhbz#880140 - sssd hangs at startup with broken configurations - Resolves: rhbz#878420 - SIGSEGV in IPA provider when ldap_sasl_authid is not set - Resolves: rhbz#874616 - Silence the DEBUG messages when ID mapping code
                          skips a built-in group - Resolves: rhbz#824244 - sssd does not warn into sssd.log for broken
                          configurations - Resolves: rhbz#874673 - user id lookup fails using proxy provider
- Fix a possibly uninitialized variable in the LDAP provider
- Related: rhbz#877130 - Resolves: rhbz#878262 - ipa password auth failing for user principal
                          name when shorter than IPA Realm name
- Resolves: rhbz#871843 - Nested groups are not retrieved appropriately
                          from cache - Resolves: rhbz#870238 - IPA client cannot change AD Trusted User password - Resolves: rhbz#877972 - ldap_sasl_authid no longer accepts full principal - Resolves: rhbz#861075 - SSSD_NSS failure to gracefully restart
                          after sbus failure - Resolves: rhbz#877354 - ldap_connection_expire_timeout doesn't expire
                          ldap connections - Related: rhbz#877126 - Bump the release tag - Resolves: rhbz#877126 - subdomains code does not save the proper
                          user/group name - Resolves: rhbz#877130 - LDAP provider fails to save empty groups
- Related: rhbz#869466 - check the return value of waitpid() - Resolves: rhbz#870039 - sss_cache says 'Wrong DB version' - Resolves: rhbz#875740 - "defaults" entry ignored - Resolves: rhbz#875738 - offline authentication failure always returns
                          System Error - Resolves: rhbz#875851 - sysdb upgrade failed converting db to 0.11 - Resolves: rhbz#870278 -  ipa client setup should configure host properly
                           in a trust is in place - Resolves: rhbz#871160 - sudo failing for ad trusted user in IPA environment - Resolves: rhbz#870278 -  ipa client setup should configure host properly
                           in a trust is in place - Resolves: rhbz#869678 - sssd not granting access for AD trusted user in HBAC rule - Resolves: rhbz#872180 - subdomains: Invalid sub-domain request type
- Related: rhbz#867933 - invalidating the memcache with sss_cache doesn't work
                         if the sssd is not running - Resolves: rhbz#873988 - Man page issue to list 'force_timeout' as an
                          option for the [sssd] section - Resolves: rhbz#873032 - Move sss_cache to the main subpackage - Resolves: rhbz#873032 - Move sss_cache to the main subpackage
- Resolves: rhbz#829740 - Init script reports complete before sssd is actually
                          working
- Resolves: rhbz#869466 - SSSD starts multiple processes due to syntax error in
                          ldap_uri
- Resolves: rhbz#870505 - sss_cache: Multiple domains not handled properly
- Resolves: rhbz#867933 - invalidating the memcache with sss_cache doesn't work
                          if the sssd is not running
- Resolves: rhbz#872110 - User appears twice on looking up a nested group - Resolves: rhbz#871576 - sssd does not resolve group names from AD
- Resolves: rhbz#872324 - pam: fd leak when writing the selinux login file
                          in the pam responder
- Resolves: rhbz#871424 - authconfig chokes on sssd.conf with chpass_provider
                          directive - Do not send SIGKILL to service right after sending SIGTERM
- Resolves: #771975
- Fix the initial sudo smart refresh
- Resolves: #869013
- Implement password authentication for users from trusted domains
- Resolves: #869071
- LDAP child crashed with a wrong keytab
- Resolves: #869150
- The sssd_nss process grows the memory consumption over time
- Resolves: #869443 - BuildRequire selinux-policy so that selinux login support is built in
- Resolves: #867932 - Do not segfault if namingContexts contain no values or multiple values
- Resolves: rhbz#866542 - Fix the "ca" translation of the sssd-simple manual page
- Related: rhbz#827606 - Rebase SSSD to 1.9 in 6.4 - New upstream release 1.9.2 - Rebase to 1.9.1 - Require the latest libldb - Rebase to 1.9.0
- Resolves: rhbz#827606 - Rebase SSSD to 1.9 in 6.4 - Rebase to 1.9.0 RC1
- Resolves: rhbz#827606 - Rebase SSSD to 1.9 in 6.4
- Bump the selinux-policy version number to pull in required fixes - Resolves: rhbz#840089 - Update the shadowLastChange attribute
                          with days since the Epoch, not seconds - Fix protocol break for services map
- Related:  rhbz#825028 - Service lookups by port number doesn't work on
                          s390x/ppc64 arches - Resolves: rhbz#825028 - Service lookups by port number doesn't work on
                          s390x/ppc64 arches - Resolves: rhbz#824616 - sssd_nss crashes when configured with
                          use_fully_qualified_names = true - Resolves: rhbz#824062 - sssd_be crashed with SIGSEGV in
                          _tevent_schedule_immediate() - Resolves: rhbz#822236 - SSSD netgroups do not honor
                          entry_cache_nowait_percentage - Resolves: rhbz#820759 - AVC denial seen on sssd upgrade during ipa-client
                          upgrade
- Resolves: rhbz#821044 - sss_groupadd no longer detects duplicate GID numbers - Resolves: rhbz#818642 - Auth fails for user with non-default attribute names
- Resolves: rhbz#819063 - sssd fails to provide partial data till paged search
                          returns "Size Limit Exceeded"
- Resolves: rhbz#820585 - Group enumeration fails in proxy provider - Resolves: rhbz#816616 - group members are now lowercased in case insensitive
                          domains - Resolves: rhbz#805431 - NFS files/folders are mapped to nobody user if NFS
                          top level directory is chowned by a SSSD user - Resolves: rhbz#805924 - SSSD should attempt to get the RootDSE after binding
- Resolves: rhbz#814237 - sdap_check_aliases must not error when detects the
                          same user
- Resolves: rhbz#812281 - autofs client: map name length used as key length
- Related:  rhbz#784870 - SSSD fails during autodetection of search bases for
                          new LDAP features
- Related:  rhbz#814269 - sssd-1.5.1-66.el6_2.3.x86_64 freezes - Fix typo in patch for SSH umask
- Related:  rhbz#808107 - Coverity revealed memory management defects - Resolves: rhbz#808458 - Authconfig crashes when sets krb realm
- Resolves: rhbz#808597 - sssd_nss crashes on request when no back end is
                          running
- Resolves: rhbz#808107 - Coverity revealed memory management defects - Related: rhbz#805452  - Unable to lookup user, group, netgroup aliases with
                          case_sensitive=false - Resolves: rhbz#804057 - Initial service lookups having name with uppercase
                          alphabets doesn't work
- Resolves: rhbz#804065 - Service lookup using case-sensitive protocol names
                          doesn't work when case_sensitive=false
- Resolves: rhbz#805281 - sssd: Uses the wrong key when there a multiple
                          realms in a single keytab
- Resolves: rhbz#805452 - Unable to lookup user, group, netgroup aliases with
                          case_sensitive=false
- Resolves: rhbz#805918 - Wrong resolv_status might cause crash when name
                          resolution times out
- Resolves: rhbz#805431 - NFS files/folders are mapped to nobody user if NFS
                          top level directory is chowned by a SSSD user - Related:  rhbz#802207 - getent netgroup hangs when
                          "use_fully_qualified_names = TRUE" in sssd
- Resolves: rhbz#801719 - "Error looking up public keys" while ssh to replica
                          using IP address
- Resolves: rhbz#803659 - Service lookup shows case sensitive names twice with
                          case_sensitive=false
- Resolves: rhbz#803842 - Unable to bind to LDAP server when minssf set
- Resolves: rhbz#805034 - accessing an undefined variable might cause crash
- Resolves: rhbz#805108 - sss_ssh_knownhostproxy infinite loop hangs SSH login - Update translations
- Resolves: rhbz#802372 - Pick up latest translation files for SSSD
- Resolves: rhbz#802207 - getent netgroup hangs when
                          "use_fully_qualified_names = TRUE" in sssd
- Related:  rhbz#801451 - Logging in with ssh pub key should consult
                          authentication authority policies - Resolves: rhbz#801407 - sssd_nss gets hung processing identical search
                          requests
- Resolves: rhbz#801451 - Logging in with ssh pub key should consult
                          authentication authority policies
- Resolves: rhbz#795562 - Infinite loop checking Kerberos credentials
- Resolves: rhbz#798317 - sssd crashes when ipa_hbac_support_srchost is set to
                          true
- Resolves: rhbz#799039 - --debug option for sss_debuglevel doesn't work
- Resolves: rhbz#799915 - Unable to lookup netgroups with case_sensitive=false
- Resolves: rhbz#799929 - Raise limits for max num of files sssd_nss/sssd_pam
                          can use
- Resolves: rhbz#799971 - sssd_be crashes on shutdown
- Resolves: rhbz#801533 - sssd_be crashes when resolving non-trivial nested
                          group structure
- Resolves: rhbz#801368 - Group lookups doesn't return members with proxy
                          provider configured
- Resolves: rhbz#801377 - getent returns non-existing netgroup name, when sssd
                          is configured as proxy provider - Do not auto-upgrade debug levels
- Tool still available for manual use
- Reverts:  rhbz#753763 - Provide logging configuration compatibility on
                          SSSD 1.5/1.6 upgrade
- Resolves: rhbz#798881 - Install-time warnings
- Resolves: rhbz#798774 - IPA provider should assume that ipa_domain is also
                          the dns_discovery_domain
- Resolves: rhbz#798655 - Password logins failing due to a process with high
                          UID - Fix explicit requires to use openldap instead of openldap-libs
- Related:  rhbz#797282 - sssd-1.5.1-66.el6.x86_64 needs
                          openldap >= openldap-2.4.23-20.el6.x86_64 - Fix multilib-clean issue due to upgrade script
- Remove old copy from the spec file
- Related:  rhbz#753763 - Provide logging configuration compatibility on
                          SSSD 1.5/1.6 upgrade - Fix multilib-clean issue due to upgrade script
- Fix typo in the patch
- Related:  rhbz#753763 - Provide logging configuration compatibility on
                          SSSD 1.5/1.6 upgrade - Fix multilib-clean issue due to upgrade script
- Use a patch and install the script to python_sitelib
- Related:  rhbz#753763 - Provide logging configuration compatibility on
                          SSSD 1.5/1.6 upgrade - Fix multilib-clean issue due to upgrade script
- Related:  rhbz#753763 - Provide logging configuration compatibility on
                          SSSD 1.5/1.6 upgrade - Resolves: rhbz#753763 - Provide logging configuration compatibility on
                          SSSD 1.5/1.6 upgrade
- Resolves: rhbz#785871 - wrong build dependency on nscd
- Resolves: rhbz#785873 - IPA host search base cannot be set
- Resolves: rhbz#791208 - Entries lacking a POSIX username value break group
                          lookups
- Resolves: rhbz#796307 - Simple Paged Search control needs to be used more
                          sparingly
- Resolves: rhbz#797282 - sssd-1.5.1-66.el6.x86_64 needs
                          openldap >= openldap-2.4.23-20.el6.x86_64
- Resolves: rhbz#787035 - ipa - sssd slow response with thousands of user
                          entries
- Resolves: rhbz#742509 - [RFE] Add SSSD Tool to purge cache
- Resolves: rhbz#772297 - Fails to update if all nisNetgroupTriple or
                          memberNisNetgroup entries are deleted from a
                          netgroup
- Resolves: rhbz#783138 - Backend occasionally goes offline under heavy load
- Resolves: rhbz#797975 - sssd_be: The requested target is not configured is
                          logged at each login
- Resolves: rhbz#735422 - Rebase SSSD to 1.8.0 in RHEL 6.3 - Resolves: rhbz#761570 - [RFE] support looking up autofs maps via SSSD
- Resolves: rhbz#788979 - sssd crashes during initgroups against a user
                          belonging to nested rfc2307bis group - Handle filtering python Provides in a safer way
- Related:  rhbz#735422 - Rebase SSSD to 1.8.0 in RHEL 6.3 - Related:  rhbz#735422 - Rebase SSSD to 1.8.0 in RHEL 6.3
- Resolves: rhbz#786553 - sssd on ppc64 doesn't pull cyrus-sasl-gssapi.ppc as
                          a dependancy
- Resolves: rhbz#785909 - --debug-timestamps=1 is not passed to providers
- Resolves: rhbz#785908 - ldap_*_search_base doesn't fully limit the group and
                          netgroup search base correctly
- Resolves: rhbz#785907 - [RFE] Add support to request canonicalization on krb
                          AS requests
- Resolves: rhbz#785905 - [RFE] DEBUG timestamps should offer higher precision
- Resolves: rhbz#785904 - [RFE] SSSD should have --version option
- Resolves: rhbz#785902 - Errors with empty loginShell and proxy provider
- Resolves: rhbz#785898 - Enable midway cache refresh by default
- Resolves: rhbz#785888 - sssd returns empty netgroup at a second request for
                          a non-existing netgroup
- Resolves: rhbz#785884 - Honour TTL when resolving host names
- Resolves: rhbz#785883 - check DNS records before updates
- Resolves: rhbz#785881 - List the keytab to pick the princiapl to use instead
                          of guessing
- Resolves: rhbz#785880 - debug_level in sssd.conf overrides command-line
- Resolves: rhbz#785879 - sss_obfuscate/python config parser modifies config
                          file too much
- Resolves: rhbz#785877 - on reconnect we need to detect that a ipa/ds server
                          has been reinitialized
- Resolves: rhbz#785741 - sssd.api.conf and sssd.api.d should not be in /etc
- Resolves: rhbz#773660 - Kerberos errors should go to syslog
- Resolves: rhbz#772163 - Iterator loop reuse cases a tight loop in the native
                          IPA netgroups code
- Resolves: rhbz#771706 - sssd_be crashes during auth when there exists UTF
                          source host group in an hbacrule
- Resolves: rhbz#771702 - sssd_pam crashes during change password operation
                          against a IPA server
- Resolves: rhbz#771361 - case_sensitive function not working as intended for
                          ldap
- Resolves: rhbz#768935 - Crash when applying settings
- Resolves: rhbz#766941 - The full dyndns update message should be logged into
                          debug logs
- Resolves: rhbz#766930 - [RFE] Add a new option to override home directory
                          value
- Resolves: rhbz#766913 - [RFE] Add option to select validate and FAST keytab
                          principal name
- Resolves: rhbz#766907 - Use [...] for IPv6 addresses in kdc info files
- Resolves: rhbz#766904 - [RFE] Create a command line tool to change the debug
                          levels on the fly
- Resolves: rhbz#766876 - [RFE] Make HBAC srchost processing optional
- Resolves: rhbz#766141 - [RFE] SSSD should support FreeIPA's internal
                          netgroup representation
- Resolves: rhbz#761582 - [RFE] Add ldap_sasl_minssf option
- Resolves: rhbz#759186 - [abrt] sssd-1.6.3-1.fc16: ping_check: Process
                          /usr/sbin/sssd was killed by signal 11 (SIGSEGV)
- Resolves: rhbz#755506 - [RFE] Add host-based (pam_host_attr) access control
- Resolves: rhbz#753876 - [RFE] Add support for the services map
- Resolves: rhbz#746181 - "getgrgid call returned more than one result" after
                          group name change in MSAD
- Resolves: rhbz#744197 - [RFE] close LDAP connection to the server when idle
                          for some (configurable) time
- Resolves: rhbz#742510 - [RFE] Separate Cache Timeouts for SSSD
- Related:  rhbz#742509 - [RFE] Add SSSD Tool to purge cache
- Resolves: rhbz#742052 - id -G group resolution takes extremely long
- Resolves: rhbz#739312 - [RFE] sssd does not set shadowLastChange
- Resolves: rhbz#736150 - [RFE] SSSD should support multiple search bases
- Resolves: rhbz#735827 - [RFE] Ability to set a domain as case sensitive or
                          insensitive
- Resolves: rhbz#735405 - [RFE] Option to disable warnings for unknown users
- Resolves: rhbz#728212 - [RFE] sssd does not handle when paging control
                          disabled for openldap
- Resolves: rhbz#726467 - SSSD takes 30+ seconds to login
- Resolves: rhbz#721289 - Process /usr/libexec/sssd/sssd_be was killed by
                          signal 11 during auth when password for the user is
                          not set - Resolves: rhbz#773655 - Race-condition bug in LDAP auth provider - Resolves: rhbz#753842 - sssd_nss crashes when passed invalid UTF-8 for the
                          username in getpwnam()
- Resolves: rhbz#758157 - LDAP failover not working if server refuses
                          connections - Related:  rhbz#750359 - Major cached entry performance regression - Resolves: rhbz#750359 - Major cached entry performance regression - Resolves: rhbz#749822 - SSSD may go into infinite loop during RFC2307bis
                          initgroups when groups appear in multiple nesting
                          levels - Resolves: rhbz#749256 - SELinux errors with SSSD Downgrade - Resolves: rhbz#748924 - RHEL6.1/sssd_pam segmentation fault - Resolves: rhbz#748412 - Memory leaks during the initgroups() operation - Related:  rhbz#743841 - SSSD can crash due to dbus server removing a UNIX
                          socket - Resolves: rhbz#742288 - RFC2307bis initgroups calls are slow
- Resolves: rhbz#746654 - SSSD backend gets killed on slow systems
- Related:  rhbz#743925 - HBAC processing is very slow when dealing with
                          FreeIPA deployments with large numbers of hosts
                          Fixes a crash introduced by the earlier patch.
- Related:  rhbz#733382 - SSSD should pick a user/group name when there are
                          multi-valued names
                          Fixes for internationalization - Related:  rhbz#742278 - Rework the example config - Resolves: rhbz#743925 - HBAC processing is very slow when dealing with
                          FreeIPA deployments with large numbers of hosts
- Resolves: rhbz#745966 - sssd_pam segfaults on sssd restart
- Related:  rhbz#743841 - SSSD can crash due to dbus server removing a UNIX
                          socket - Resolves: rhbz#742278 - Rework the example config
- Resolves: rhbz#746037 - Only access sssd_nss internal hash table if it was
                          initialized
- Resolves: rhbz#742526 - SSSD's man pages are missing information
- Resolves: rhbz#743841 - SSSD can crash due to dbus server removing a UNIX
                          socket - Resolves: rhbz#738621 - Lookup fails for non-primary usernames with
                          multi-valued uid
- Resolves: rhbz#738629 - Group lookups doesn't return it's member for
                          sometime when the member has multi-valued uid
- Resolves: rhbz#742295 - Use an explicit base 10 when converting uidNumber
                          to integer
- Resolves: rhbz#733382 - SSSD should pick a user/group name when there are
                          multi-valued names - Resolves: rhbz#741751 - HBAC rule evaluation does not properly handle host
                          groups
- Resolves: rhbz#740501 - SSSD not functional after "self" reboot
- Resolves: rhbz#742539 - HBAC: Hostname comparisons should be
                          case-insensitive - Resolves: rhbz#728343 - SSSD taking 5 minutes to log in
- Resolves: rhbz#739850 - Coverity defects newly introduced in rhel 6.2 - Resolves: rhbz#737157 - "System error" appears in log during change password
                          operation of a user in openldap server with ppolicy
                          enabled
- Resolves: rhbz#737172 - "Unknown (private extension) error(21853), (null)"
                          messages are logged during change password operation
                          of a user in openldap server with ppolicy enabled - Resolves: rhbz#736314 - sssd crashes during auth while there exists multiple
                          external hosts along with managed host
- Resolves: rhbz#732974 - [RFE] Have SSSD cache properly with
  krb5_validate = True and SElinux enabled - Resolves: rhbz#732010 - LDAP+GSSAPI needs explicit Kerberos realm
- Resolves: rhbz#733382 - SSSD should pick a user/group name when there are
                          multi-valued names
- Resolves: rhbz#733409 - Improve password policy error message
- Resolves: rhbz#733663 - Authentication fails when there exists an empty
                          hbacsvcgroup
- Resolves: rhbz#732935 - Add LDAP provider option to set
                          LDAP_OPT_X_SASL_NOCANON
- Resolves: rhbz#734101 - sssd blocks login of ipa-users - Related:  rhbz#728353 - Resolve RPMDiff errors in SSSD - Resolves: rhbz#728961 - Provide a mechanism for vetoing the use of certain
                          shells - Related:  rhbz#728267 - When non-posix groups are skipped, initgroups
                          returns random GID - Related:  rhbz#726466 - HBAC rule evaluation does not support extended
                          UTF-8 languages
- Related:  rhbz#718250 - Remove DENY rules from the HBAC access provider
- Fixes an issue on big endian platforms - Resolves: rhbz#700828 - Process /usr/libexec/sssd/sssd_be was killed by
                          signal 11 (SIGSEGV) when ldap_uri is misconfigured
- Resolves: rhbz#726438 - sssd doesn't honor ldap supportedControls 
- Resolves: rhbz#726466 - HBAC rule evaluation does not support extended
                          UTF-8 languages
- Resolves: rhbz#718250 - Remove DENY rules from the HBAC access provider
- Resolves: rhbz#728267 - When non-posix groups are skipped, initgroups
                          returns random GID
- Resolves: rhbz#726475 - sssd_pam leaks file descriptors
- Resolves: rhbz#725868 - Explicitly ignore groups with gidNumber = 0 - Related:  rhbz#721052 - sssd does not handle kerberos server IP change
-                         Use ares_search instead of ares_query to honor
-                         search entries in /etc/resolv.conf - Resolves: rhbz#711416 - During the change password operation the ccache is
-                         not replaced by a new one if the old one isn't
-                         active anymore
- Resolves: rhbz#715609 - Certificate validation fails with message
-                         "Connection error: TLS: hostname does not match CN
-                         in peer certificate"
- Resolves: rhbz#719089 - IPA dynamic DNS update mangles AAAA records
- Resolves: rhbz#721052 - sssd does not handle kerberos server IP change
-                         Honor TTL values when resolving hostnames - Resolves: rhbz#713961 - libsss_ldap segfault at login against OpenLDAP
- Resolves: rhbz#713438 - sssd shuts down if inotify crashes - Resolves: rhbz#709081 - sssd.$arch should require sssd-client.$arch - Resolves: rhbz#709342 - Typo in negative cache notification for initgroups()
- Resolves: rhbz#708009 - "renew_all_tgts" and "renew_handlers" messages are
-                         being logged multiple times when the provider comes
-                         back online
- Resolves: rhbz#707997 - The IPA provider does not work with IPv6
- Resolves: rhbz#677327 - [RFE] Support overriding attribute value
- Resolves: rhbz#692090 - SSSD is not populating nested groups in
-                         Active Directory - Resolves: rhbz#707627 - Include valid "ldap_uri" formats in sssd-ldap man
-                         page - Resolves: rhbz#707513 - Unable to authenticate users when username
-                         contains "\0" - Resolves: rhbz#698723 - kpasswd fails when using sssd and
-                         kadmin server != kdc server - Resolves: rhbz#707282 - latest sssd fails if ldap_default_authtok_type is
-                         not mentioned
- Resolves: rhbz#692404 - rfc2307bis groups are being enumerated even when the
-                         gidNumber is out of the range of min_id,max_id.
- Resolves: rhbz#699530 - Users with a local group as their primary GID are
-                         denied access by the simple access provider
- Resolves: rhbz#700172 - RFE: SSSD should support paged LDAP lookups
- Resolves: rhbz#705434 - IPA provider fails initgroups() if user is not a
-                         member of any group
- Resolves: rhbz#703624 - SSSD's async resolver only tries the first
-                         nameserver in /etc/resolv.conf - Resolves: rhbz#701700 - sssd client libraries use select() but should use
-                         poll() instead - Related: rhbz#693818 - Automatic TGT renewal overwrites cached password
- Fix segfault in TGT renewal - Related: rhbz#693818 - Automatic TGT renewal overwrites cached password
- Fix typo causing build breakage - Resolves: rhbz#693818 - Automatic TGT renewal overwrites cached password - Resolves: rhbz#696972 - Filters not honoured against fully-qualified users - Resolves: rhbz#694146 - SSSD consumes GBs of RAM, possible memory leak - Related:  rhbz#691678 - SSSD needs to fall back to 'cn' for GECOS
-                         information - Related:  rhbz#694783 - SSSD crashes during getent when anonymous bind is
-                         disabled - Resolves: rhbz#694444 - Unable to resolve SRV record when called with
-                         _srv_,<fixed ldap uri> in ldap_uri
- Related:  rhbz#694783 - SSSD crashes during getent when anonymous bind is
-                         disabled - Resolves: rhbz#694783 - SSSD crashes during getent when anonymous bind is
-                         disabled - Resolves: rhbz#692472 - Process /usr/libexec/sssd/sssd_be was killed by
-                         signal 11 (SIGSEGV)
-                         Fix is to not attempt to resolve nameless servers - Resolves: rhbz#691678 - SSSD needs to fall back to 'cn' for GECOS
-                         information - Resolves: rhbz#690866 - Groups with a zero-length memberuid attribute can
-                         cause SSSD to stop caching and responding to
-                         requests - Resolves: rhbz#690131 - Traceback messages seen while interrupting
-                         sss_obfuscate using ctrl+d
- Resolves: rhbz#690421 - [abrt] sssd-1.2.1-28.el6_0.4: _talloc_free: Process
-                         /usr/libexec/sssd/sssd_be was killed by signal 11
-                         (SIGSEGV) - Related: rhbz#683885 - SSSD should skip over groups with multiple names - Resolves: rhbz#683158 - SSSD breaks on RDNs with a comma in them
- Resolves: rhbz#689886 - group memberships are not populated correctly during
-                         IPA provider initgroups
- Resolves: rhbz#683885 - SSSD should skip over groups with multiple names - Resolves: rhbz#683860 - Skip users and groups that have incomplete contents
- Resolves: rhbz#688491 - authconfig fails when access_provider is set as krb5
-                         in sssd.conf - Resolves: rhbz#683255 - sudo/ldap lookup via sssd gets stuck for 5min
-                         waiting on netgroup
- Resolves: rhbz#683431 - sssd consumes 100% CPU
- Related: rhbz#680440  - sssd does not handle kerberos server IP change - Related: rhbz#680440 - sssd does not handle kerberos server IP change
-   SSSD was staying with the old server if it was still online - Resolves: rhbz#682850 - IPA provider should use realm instead of ipa_domain
-                         for base DN - Resolves: rhbz#682340 - sssd-be segmentation fault - ipa-client on
-                         ipa-server
- Resolves: rhbz#680440 - sssd does not handle kerberos server IP change
- Resolves: rhbz#680442 - Dynamic DNS update fails if multiple servers are
-                         given in ipa_server config option
- Resolves: rhbz#680932 - Do not delete sysdb memberOf if there is no memberOf
-                         attribute on the server
- Resolves: rhbz#682807 - sssd_nss core dumps with certain lookups - Related: rhbz#678614 - SSSD needs to look at IPA's compat tree for netgroups
- Related: rhbz#679082 - SSSD IPA provider should honor the krb5_realm option - Resolves: rhbz#679082 - SSSD IPA provider should honor the krb5_realm option
- Resolves: rhbz#677318 - Does not read renewable ccache at startup - Resolves: rhbz#678593 - User information not updated on login for secondary
-                         domains
- Resolves: rhbz#678777 - IPA provider does not update removed group
-                         memberships on initgroups - Resolves: rhbz#677588 - sssd crashes at the next tgt renewals it tries
- Resolves: rhbz#678410 - name service caches names, so id command shows
-                         recently deleted users
- Resolves: rhbz#678614 - SSSD needs to look at IPA's compat tree for
-                         netgroups - Resolves: rhbz#670511 - SSSD and sftp-only jailed users with pubkey login
- Resolves: rhbz#675284 - "no matching rule" message logged on all successful
-                         requests
- Resolves: rhbz#676911 - SSSD attempts to use START_TLS over LDAPS for
-                         authentication - Resolves: rhbz#674164 - sss_obfuscate fails if there's no domain named
-                         "default"
- Resolves: rhbz#674515 - -p option always uses empty string to obfuscate
-                         password
- Resolves: rhbz#674141 - Traceback call messages displayed while
-                         "sss_obfuscate" command is executed as a non-root
-                         user - Resolves: rhbz#674172 - Group members are not sanitized in nested group
- processing
- Put translated tool manpages into the sssd-tools subpackage - Related:  rhbz#670259 - Refresh SSSD in 6.1 to 1.5.1
- Also add the updated ding-libs to the BuildRequires - Related:  rhbz#670259 - Refresh SSSD in 6.1 to 1.5.1
- Explicitly require updated ding-libs - Resolves: rhbz#670259 - Refresh SSSD in 6.1 to 1.5.1
- New upstream release 1.5.1
- Addresses CVE-2010-4341 - DoS in sssd PAM responder can prevent logins
- Vast performance improvements when enumerate = true
- All PAM actions will now perform a forced initgroups lookup instead of just
- a user information lookup
-   This guarantees that all group information is available to other
-   providers, such as the simple provider.
- For backwards-compatibility, DNS lookups will also fall back to trying the
- SSSD domain name as a DNS discovery domain.
- Support for more password expiration policies in LDAP
-    389 Directory Server
-    FreeIPA
-    ActiveDirectory
- Support for ldap_tls_{cert,key,cipher_suite} config options
- Assorted bugfixes - Add noverify to sssd.conf
- Resolves: rhbz#627165 - TPS VerifyTest failure - Related: rhbz#644072 - Rebase SSSD to 1.5
- New upstream release 1.5.0
- Fixed issues with LDAP search filters that needed to be escaped
- Add Kerberos FAST support on platforms that support it
- Reduced verbosity of PAM_TEXT_INFO messages for cached credentials
- Added a Kerberos access provider to honor .k5login
- Addressed several thread-safety issues in the sss_client code
- Improved support for delayed online Kerberos auth
- Significantly reduced time between connecting to the network/VPN and
- acquiring a TGT
- Added feature for automatic Kerberos ticket renewal
- Provides the kerberos ticket for long-lived processes or cron jobs
- even when the user logs out
- Added several new features to the LDAP access provider
- Support for 'shadow' access control
- Support for authorizedService access control
- Ability to mix-and-match LDAP access control features
- Added an option for a separate password-change LDAP server for those
- platforms where LDAP referrals are not supported
- Added support for manpage translations - Resolves: rhbz#660592 - SSSD shutdown sometimes hangs
- Resolves: rhbz#660585 - getent passwd <username>' returns nothing if its
-                         uidNumber gt 2147483647 - Resolves: rhbz#659401 - SSSD shutdown sometimes hangs - Resolves: rhbz#645449 - 'getent passwd <username>' returns nothing if its
-                         uidNumber gt 2147483647 - Resolves: rhbz#658374 - sssd stops on upgrade - Resolves: rhbz#658158 - sssd stops on upgrade - Resolves: rhbz#649312 - SSSD will sometimes lose groups from the cache - Resolves: rhbz#649286 - SSSD will sometimes lose groups from the cache - Resolves: rhbz#637070 - the krb5 locator plugin isn't packaged for multilib
- Resolves: rhbz#642412 - SSSD initgroups does not behave as expected - Resolves: rhbz#633406 - the krb5 locator plugin isn't packaged for multilib
- Resolves: rhbz#633487 - SSSD initgroups does not behave as expected - Resolves: rhbz#633406 - the krb5 locator plugin isn't packaged for multilib - Resolves: rhbz#629949 - sssd stops on upgrade - Resolves: rhbz#625122 - GNOME Lock Screen unocks without a password - Resolves: rhbz#621307 - Password changes are broken on LDAP - Resolves: rhbz#617623 - SSSD suffers from serious performance issues on
-                         initgroups calls - Resolves: rhbz#607233 - SSSD users cannot log in through GDM
-                       - Real issue was that long-running services
-                       - do not reconnect if sssd is restarted - Resolves: rhbz#591715 - sssd should emit warnings if there are problems with
-                         /etc/krb5.keytab file - Resolves: rhbz#606836 - libcollection needs an soname bump before RHEL 6
-                         final
- Resolves: rhbz#608661 - SASL with OpenLDAP server fails
- Resolves: rhbz#608688 - SSSD doesn't properly request RootDSE attributes - New upstream bugfix release 1.2.1
- Resolves: rhbz#601770 - SSSD in RHEL 6.0 should ship with zero open Coverity
-                         bugs.
- Resolves: rhbz#603041 - Remove unnecessary option krb5_changepw_principal
- Resolves: rhbz#604704 - authconfig should provide error with no trace back
-                         if disabling sssd when sssd is not enabled
- Resolves: rhbz#591873 - Connecting to the network after an offline kerberos
-                         auth logs continuous error messages to sssd_ldap.log
- Resolves: rhbz#596295 - Authentication fails for user from the second domain
-                         when the same user name is filtered out from the
-                         first domain
- Related:  rhbz#598559 - Update translation files for SSSD before RHEL 6
-                         final - Resolves: rhbz#593696 - Empty list of simple_allow_users causes sssd service
-                         to fail while restart
- Resolves: rhbz#600352 - Wrapping the value for "ldap_access_filter" in
-                         parentheses causes ldap_search_ext to fail
- Resolves: rhbz#600468 - Segfault in krb5_child
- Related:  rhbz#601770 - SSSD in RHEL 6.0 should ship with zero open Coverity
-                         bugs. - Resolves: rhbz#598670 - Ccache file of a user is removed too early
- Resolves: rhbz#599057 - Incomplete comparison of a service name in
-                         IPA access provider
- Resolves: rhbz#598496 - Failure with IPA access provider
- Resolves: rhbz#599027 - Makefile typo causes SSSD not to use the
-                         kernel keyring - New stable upstream version 1.2.0
- Support ServiceGroups for FreeIPA v2 HBAC rules
- Fix long-standing issue with auth_provider = proxy
- Better logging for TLS issues in LDAP
- Resolves: rhbz#584001 - Rebase sssd to 1.2
- Resolves: rhbz#584017 - Unconfiguring sssd leaves KDC locator file
- Resolves: rhbz#587384 - authconfig fails if krb5_kpasswd in sssd.conf
- Resolves: rhbz#587743 - Need to replicate pam_ldap's pam_filter in sssd.conf
- Resolves: rhbz#590134 - sssd: auth_provider = proxy regression
- Resolves: rhbz#591131 - Kerberos provider needs to rewrite kdcinfo file when
-                         going online
- Resolves: rhbz#591136 - Change SSSD ipa BE to handle new structure of the
-                         HBAC rule - Improve DEBUG logs for STARTTLS failures - New LDAP access provider allows for filtering user access by LDAP attribute
- Reduced default timeout for detecting offline status with LDAP
- GSSAPI ticket lifetime made configurable
- Better offline->online transition support in Kerberos - Release new upstream version 1.1.91
- Enhancements when using SSSD with FreeIPA v2
- Support for deferred kinit
- Support for DNS SRV records for failover - Bump up release number to avoid library sub-packages version issues with
  previous releases. - New upstream release 1.1.1
- Fixed the IPA provider (which was segfaulting at start)
- Fixed a bug in the SSSDConfig API causing some options to revert to
- their defaults
- This impacted the Authconfig UI
- Ensure that SASL binds to LDAP auto-retry when interrupted by a signal - Release SSSD 1.1.0 final
- Fix two potential segfaults
- Fix memory leak in monitor
- Better error message for unusable confdb - Release candidate for SSSD 1.1
- Add simple access provider
- Create subpackages for libcollection, libini_config, libdhash and librefarray
- Support IPv6
- Support LDAP referrals
- Fix cache issues
- Better feedback from PAM when offline - Rebuild against new libtevent - Fix licenses in sources and on RPMs - Fix regression on 64-bit platforms - Fixes link error on platforms that do not do implicit linking
- Fixes double-free segfault in PAM
- Fixes double-free error in async resolver
- Fixes support for TCP-based DNS lookups in async resolver
- Fixes memory alignment issues on ARM processors
- Manpage fixes - Fixes a bug in the failover code that prevented the SSSD from detecting when it went back online
- Fixes a bug causing long (sometimes multiple-minute) waits for NSS requests
- Several segfault bugfixes - Fix CVE-2010-0014 - Patch SSSDConfig API to address
- https://bugzilla.redhat.com/show_bug.cgi?id=549482 - New upstream stable release 1.0.0 - New upstream bugfix release 0.99.1 - New upstream release 0.99.0 - Fix segfault in sssd_pam when cache_credentials was enabled
- Update the sample configuration
- Fix upgrade issues caused by data provider service removal - Fix upgrade issues from old (pre-0.5.0) releases of SSSD - New upstream release 0.7.0 - Fix missing file permissions for sssd-clients - Add SSSDConfig API
- Update polish translation for 0.6.0
- Fix long timeout on ldap operation
- Make dp requests more robust - Ensure that the configuration upgrade script always writes the config
  file with 0600 permissions
- Eliminate an infinite loop in group enumerations - New upstream release 0.6.0 - New upstream release 0.5.0 - Fix for CVE-2009-2410 - Native SSSD users with no password set could log in
  without a password. (Patch by Stephen Gallagher) - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild - Fix a couple of segfaults that may happen on reload - add missing configure check that broke stopping the daemon
- also fix default config to add a missing required option - latest upstream release.
- also add a patch that fixes debugging output (potential segfault) - release out of the official 0.3.2 tarball - bugfix release 0.3.2
- includes previous release patches
- change permissions of the /etc/sssd/sssd.conf to 0600 - Add last minute bug fixes, found in testing the package - Version 0.3.1
- includes previous release patches - Try to fix build adding automake as an explicit BuildRequire
- Add also a couple of last minute patches from upstream - Version 0.3.0
- Provides file based configuration and lots of improvements - Version 0.2.1 - Version 0.2.0 - package git snapshot - fixed items found during review
- added initscript - added sss_client - Small cleanup and fixes in the spec file - Initial release (based on version 0.1.0 upstream code)                                                      de fr ja  uk   €        1.13.3-56.el6 1.13.3-56.el6                             libsss_krb5.so sssd-krb5-1.13.3 COPYING sssd-krb5.5.gz sssd-krb5.5.gz sssd-krb5.5.gz sssd-krb5.5.gz sssd-krb5.5.gz /usr/lib/sssd/ /usr/share/doc/ /usr/share/doc/sssd-krb5-1.13.3/ /usr/share/man/de/man5/ /usr/share/man/fr/man5/ /usr/share/man/ja/man5/ /usr/share/man/man5/ /usr/share/man/uk/man5/ -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables drpm xz 2 i686-redhat-linux-gnu         ?   ÿÿü°   ý7zXZ  
áû¡ !   PH6à„É„¹] "ÌkÀ%{f}§}`Ê›Î_¬†AÒ’*rù3P¬{T»ÞõÎNøòö3¹Õ3æòÙb·/n­fè¢òƒ‰d@Ž‘¨Eqöjr÷-ëW‰<†U6¦XIÎ¤ñ6Ýprl`»2F2!P`Ùª%c¨d0éAr;Ðm5L­<U¼LÎIÆ­X©÷Ó••ú¿[n5TÌçÌANÌáêóÛö‚U˜=Ãã“Ðµ0©OËÐþ†7.ÿlÎ¥3‘=7G
ÒüKÉÞô¾Unfâ[O^úž­ãu)¡@ˆïWÆ6qäb‰®€@Ì0Heœä²Å¯B!®.6\Ýµ¤(üÿI7©JŽhÁÉ²?ü8ª«è½.}éŽ{º±º,ìý¥ª‚«Î¯ü&Ñ)§70F®uÿëYá,0†
¡;GŠ€Â˜+Sûõ3ÝÖ.Ç1#å%`Z;£<å’94»‹žƒ´‹Öòèfx°rªÑ „c;voún/ãÚÌNåÙÂ©ûZ,Wr÷Ìa”NÁÎ?ÂÀ›qæšzSŠ&¡àcë!Á×~Îu¨@'–;ž àYuÑ¼šoNM±oÐ“Š	s5¯ì×²C1›èü£S	#Í™Ž'í²€g=Wè(j³Š4¤ü€­£À0@OþðœHÞv÷÷¬ ÏÎN9baOyf—÷ä>U¸fvûqxŠ?¥`Ó½p£¥`mWóûû¡t¯õ
B°DÚA²fìRßððµ”ÃJ¤
¡Ø?Wþ{ßrwÕ»G°<šc§nkSCº Ì.Ô ¬õ¶.ÉÜiSŠT¡jYIE[K$^O~u÷â4gtá,~móŒêÐÃ¨’ üï@ ÑáëOÎÇHˆo~Óáåô“9íêrIÚ	,Ñ5ƒ06«éKë62!ã_¸¹3pÞ/Ú_Ö rûk¯^¢™ÇÌ—¡_§ãÏÊr!!­é×S°¬“ÍÌM+U¾º·F¨	/+8N§ê­eûbV\p°™UÔ¯'R`p>ÚÌ~Œ4ÀªYîßÙò(Ð0—bÑÝ³¿âëÍ[šìòÉuqæÌ4œ?.!>gÃàü‹p˜)7õÕ%ñ°Ê¤“rp‘Õ)£Ê=?¡Ã¢gv­sq§;BD,gØ²¢ŽAÜ°¹dÊhdÇéG‰Òô}T\£r²S#xD KÃ¾ ÈÀ {çÎJóÿ†O¿½¨#¬˜Óø„Õ¶¦;×{$}^WLTÁ¸Q¶ÖÃiwÞ7É¬¾œÚÍ¦ß¥œLE];0…ú:OæË‘çÛ1ÿVñZfø:£ƒCn¤+WX Å{°ÍyDª÷ w­z©Ekuß Ä<è“Û²@îGp€Oë€Ö“9Ä;‰÷–ãF¿4©>Í™&÷tKL ½KçU`kÂTËjüè±ÔýßfGxÝmÞåæ9ÑDé¥Ñ›üñ®Ò[oàÁ‡€
¿,Ó:Ñ5¸zÑ‚ÑEO~Hnè¢»ñÒ£!cÎ£1‘ø_?X¾¸Ýo«í<d\BK—XÓÍNÈÖáCmÕô`e¥;îgÑ±GS¸sYšåÓAv.AóUÑ~büåü‘&tÆ >¢dã¨UX~£õ®—àÚ&åE¨¨9X~z°Q¼óã7Îíš”V 7¼7¡Ù—ÁšÃ
ÓHÂ((Õþ?7¢Ûò’Mp3eó]k«
63t¢r0gP^âézá÷8qõ…Å)øÍ_„vÒIì«ID¶ínRˆ]t	úÂ ’ãÓdVjñÁA/uàKÎÙqçÑŸmÃÈžµ÷ÿ'®o½:;ZÍäç)@t4i‚’ b
rz$Hß‚ÞTZ]²â¡ÓÖ}Ž¦æD¹]‰ÍŠµ‘xÉÊô¸Ý™ó­¬8)54í‡æî‰I W–ùZí|ØÉ›½Æ†è¨ÿ\>ZcþÂ[’.‚Aç^&B—FŽ\.™‡*43Ò^ýèÔXÿ[]¡hUÂ@¥¡iH,
Œ+ ¹H‚ç(©1‘¢AL«½‚ÚKì\i&kàó´Ñõ­sædœ°9N?BÎî&•´Lô¼]€/“»ZÛ<ZZ…2ù3äG{Ø’:âÜÖ1'ò•eY£z|9œ‰­~8D @'uªa	4s;Lå7ÇNõ‡ñ†‚`›ëp@”ä¾ÑŠ ÏŽÌLn"6p=Dåáá†ŠŠ|¬9qØuk‚éhÀu;ÎXò·å"Ï)RÅRìÕOúOÓ«BlƒEÙ™åäÀvâaÌÅùtà%¾+TÓbO²›ÂX¨å¢bBfõæ€š9H,ŠáPÙý¬Kz=š ¿þ ’³UµPJ>EÆ}VØñKIl)NW›m%:‘óUpñš]DaÈ3‰÷o.x(mÙïM‘_×Dh§
]K?jqr/›Ö'K°sn¢\¨icƒgNÍÕ­ÚOt!khÙÚ¦RYŒµ­$EWß!ÁÊ]¾ËŸ˜{C381µü×†@5ZÏ3ßd
/ÔPYÿÈ]˜Ò‘PgPC¸Ý‰¾¡ôÊøm¿‚ZáI"oÉ:K&LÅpN88å-¼EÄPm.Ì„B,5^aÞ±2*Ž²¬|õ[€l!C$ÿ@B_Nz`PÃÝ–º”)½Oé/‰zæ½±CÏN’—	Q¬Ð]¯ßÐ=^>õfä* VˆJr˜”c;š;VÔzÒM}…eÆ+s©¦]áÍD™…Èƒ*ÿ~ÎÅ†[ÁQC¬Ô?Ð:æ¢G˜©~Ì_036²ö,3¡Ý€æÛ/_•’5ñ1Tb+·ÇUÔËFí!kÂcó#£ê~uÅH3¾l~Cž´Sa-]ç?¡â¾ãÞÇ¹.ôÝ,Yxcmps4ÛzXòú³žZõv\mçUcw¥ðÅu5Ûõþd‰Åºz‡G6•ùZ7UÜŽmQMd ÎŸõe]oÓ:TÜr–z¤q[è/
·,­H@A¯ƒªM:¹†þ-m3,Öc§´þ(ðó™a"ˆœ9Ó$éM$(9)z™¡ãÃûAÅƒ4ï}ùP¸(¢9‰7åB™ôN1ýåœ 9U õ¾‘øãÙßJœ§yyÌðð¸Õ•Ú¸›e1\C ënm?ÀÌÏPMfëQƒzFõ£(Oý˜yEµdÓâ[¨(X[¸$yS´¯}“1ãMÐáUA#õLÒ	²©´ÜELý8€Aüæwüt™x[Ù†euzµ ¦•>­
µOo#ùE£€•‰¼&)8/ßÂC$6Þw…„]éÃŽ?;ó2«ž.’­+ÕCN{&Fíùºä§UÆGÙ‹I¦¥×ÌKŒ›Cõ~..A‘NhR¨°^]úfx¢1‡Š»p»9(JXûóiEjd2Qº}†-K¡-‹{`˜µ	3ƒê$‚Ç€‘!p—mÂ`Åf:!QÑ‘@+OÎŠ÷¸–í¡`k…38 Ñ*‘-,åð‰«…àsy+ß»úLireØ^;}ƒ«€	*ípÉ!BŒ&Wf´Wh-l"×°ÎN¹‚´QôËµY¥.8~OSV‚¨'b¶â˜WMPÉiËrj¸”æ°ï'Æ “;‹o¹íG<îsúXÿÒ¢›Wk<Â_:q‰Ó1Ò†þ¡ïOÐè£d•t[—¢Ó.û®á·[v¾EÑ™vGM”AJ—*ÉÅù¹ãÜMÁÂrfg1[LÛ[‚â
Ñ²‚Œº5I×Fa¾l§¡ŠµÍÿŒîñÑÌƒêºC$Y¬”ujÕµX
z¢5Œ»†ŒàW	Ï{¸ÏÛÔýÜ=<;ŸÜºÏ[Um¿Øí¹HŠ°\¬Pöá@ö‡å”"mö%©C v!¹ÇÕ ’1ÆQ¥µ
Ÿë1 ?a´8@’ûcU]¿¬Ìˆ©«AjZÑêë_‘öŽ±IƒÓZvÕä–5"kLÔìœå2çOÊ@-·hžïM:èßo¶2:9OgnLZÚ6ÉöíÒ58Y7êyÎñÍùÜqé†=xV'NöHCN%ï|á!H¤^8œ·Â¨ž‰î¯ÑôPd:üåI[l¯fê‘CÏ¦EŠE@¢ÿË!»WÔþå‚`D÷aÉ+pÝ¿å=û/iàû¦ÙNf£À×=Ôú”ð­¡9o1•aÝ*VÞxhõ‰	ú½)†°s¸4™ìáÍ9³³õûÍP^Ù‚ ´ÙƒÐE C;Ü×«Kvþ?bÜ}’j®QŒ58n‡?>´ÞkåÂ½œ±àT¯¹&–‚&ðÚ˜|‘ýØÃýÿsÓ¨çzkp!¾;98ËÌw¾<•	x1†’R½þû?Õ+À‡‚VÃ:.Ù¿UŒ[6 —¨|0.ì?ïó0ûX5äüB÷k%"°ª{òÁ°ÿŽ#öªøÆDv6î9ð”ÏæS“ò?|Íbo]aDÛÕµ¨ï	õ—:P¤Ž|Vg]²i”5ÂöØ¯ÎÐ¼~Á¶˜9L€¾#q;º¾×Ò"ÀˆŠì/ûÿÆÓœš”ÕIx|`S="˜åØñ,ßØ\ÙºÐ1Úø¬xÌîÊDÈ‚oGûVóì“«’ÑTú\…uÐ·§$û® ÈËsN‚îAjç2“6å‰Ç…¸«OÔÀ õ¨q¦pÙ¬dñ(C(v«—ÄK¬0&¤ëqU$¼`ò©ƒq×í±ù‰)²à!h³!²çÅÊ×”+P…¥	è‹1O¼Rq½
8I E©°YÊ¸® …Ã³…äö®K©Ú‹"6{[R<=ÿcþå°JÞ§ü*Ë\Ûï]h‡:—b‹‡%hÎ_ñ}…Øó×Q6ïMä×—‚jQ&–z6‘-UŒMñõÄxµcáíÛ:~5ü¤GôqÉ´ºB´–±gâ8r¼§x+M\N0ÔlhXYºžÆVÌ×Sr‡°ðú{³‡& QŸ4–©÷1~¿0ÂÕÿP¨JFÄîAgÿ’¿¬TIôñÝÍ£åŸŸP -Nº‰±„Le™D_a^”…çY¯XŸv¶ûpsàOpÚ¬ä©«Åiùu=t£u-{Ðß˜ï0r1Î°ëÇ÷-•d-‹úÎñJÏ˜ÓSÓñ„UÒ¸±®C•?Äº¶òÃ•0!®>mnvÎ…(*BkÝ0Ž%•$o9ò0à,+"ƒ¡D ¸HJhÙ¡‰ž¬ºÅ‡&‹Ét·À§qƒÍo«3ª%ÞQ2«j/¬¼aš¸ dÇWªA	-péåC¦´RT£	ïv`'/†Q 4`»¾5rpQäÉzrâË¹Ntž-áE"3õš|FÒýÎCŸ\ž·çº;»pºø„òTc —kÎªÚ–ÂÎÚÜ9s¡ˆ.×÷¶*Ø‰ß\±’r	!³uÇ
Yû\mŽw®ýÏÆv9ÛK`F–60t™5…Z =S/Y9x­Ô¸bœ|Ò˜Žsƒ‚ÊVáA¬x"†û™dùMÌN!ø2LÞº) ÖØvX—8!¦ˆåõ ÌuÆ0Ï¼ns"dÓÌ/úG {4„®þ`ózw&ÁÇ—%«¾ë[Ë·Ì}LSÊânäž;¡ìQÁývÊŸ C¨è…áâ"25ÿUø™‡G\„Ü9&;‘½ÏŸMŒDeY¼ÊïS){bã|þŠýX$¼©8j>ÿ¹­³ÍùNÁMÅ”‘Ýxvªñ×á·qØš4*”ÿ"HX(g5£¾Õ="eg6c¬&Ê6º+kÊÉÚÂ&«|á'›äúk}&S0Þ\E@…$Þ¹‚æ­¸\ÑÜÍåì-Ä%7Øq D3Ÿ-œÓ#·Æ)ÀÿéçAú¨ùH)Y¹¬ôÓ¬…º¯‹ö3µj¨·¹Ž8›>pèŸÍÉyh(ˆLnhNMÞŠÃçâ(ÙæŽúâœ8íºù•$|¡Úßn*gÐqžèÝY„ýÙâC—¸/>ºÚXHQt×ŽtÀWÀûÍýàwþý/gß/¾}ŸÚh ‘p¹eb«ìFôéØ&ÅØ`¯zÇ> üÅââ?ÔÜ«óÜQÎ.Í$ƒÃ¢sBÖ s…$/‘øœ(t8GÒ™<"HåÇVÅ¹»'t€ª!u<1ÞÊ¨¥½ìÏ#M¿žú]ƒÃ| Ð ‘wI½y­|CVUì-áøo¼¨Q|O¨€ä}õ]œY§ˆòô§°èûŒªIŽˆŠM3sÞM[Tç4†ê…0“hœ¯,øZ¥ëõÔÏäJ‹©P7Òž–?ÖÔà1ë!;Ñiá®Ø5Å¹VH#»Uq­è/e>Gäÿ–#Ž«¿Ò^nRì]…¡$R¼©‰`A)®à›©£TÃ'T!5ÃtJµ2QñŠ~QiÿÃÐƒ·,¡6Ð1±à‰^ Â®úDzBê™Þtn÷Þ‹Ô¸À·=_gXTÚõµ¯Ûß`ËFËtb¥K°ðt+‚íÎ0=F‹*}ŽÓg¡	.êcpa]ÙË$m‹ª`49}i6{K´?ið±nc%0Wƒ^è
z«÷(v¿ÍCÖYÓ6ÊÕÈ™—Å¦|ä°«qO§v‡€9Ø´éê|ö©²DÂ‘]h—’cØ¡F2º`&Q—G#ãt÷ø)©ƒ.Ði÷‚Ï˜ç‘yAuÇMÿ/?A‹\=æ=$˜O«â•H#§`îø$žómîJÿL
búÕrQÆ#¨øÅGKTl£å$Îz­“Wéi$ž
1ÉÌÈ2{(9¢|,œßLÕ?@ p%zÛ¸ít“‚†‰¹àj~"3nŽ¹ü)Jºu6dúð¡J
ž ð“þž!cÞ@ú [Ä¾• ?€;Å:7TÀáC?ßCôM)
=¿ò
‰§ûÇ
LHØãÉ7øÎ”èÍz»ö˜ÐœÄaÖ•ÖMVJð×EX'n·esTþÞ>~4¸r“iï3îJj_Uoß÷ÙÜ¡Ý-a
Ý;ùÕ­YÄÿCªAŸàs à¨kQMÌ« 8¬mä™rÕJëóÄâª$1ó€ï™…«Ž4ÁB¥¢ËÄÂñ 
iÐ +Ó{Rú¾Wf£5l#¯Hƒ©ÓÆ›ÒUA„f]v¨4—*<žëøßgƒÐkÚïQR¢#;…‹I^íæÞE«én]GY’Ü]ø¿H"¼høÊÇå`âZÆ†;õ¶%øMTÉmJýº¨ÒKMN4¹ÞQ„U¹þ²zW{.}‡E?Ò§	˜ñƒ4º–Ì!†Ž˜}à=$O-LB“–/G®ÓjcÅ¡Ä8õl‰ÁÚ6›à´Ä«væ¹‡è³÷ÔPº ŽX“¦wNg›gå¼®Î•ÍfÌ»NRe¶ii„EEýBìpˆí•Ÿá‡ïêNö¶ß&Ö4D³–1þÀEÉH"Ò„³ˆÌÔ×vãgD·óN„»J\”pÌ8³/À+¥BLuiöúe&¤30ÐìÙ}u÷?›¯D£¤ôµiý»>–.a@–§sOÍ	]„Jçøì%,|»w+jËe1Ë…6YßTÁ'=c7Ýœ;K}‡¯íé°¼JÉçUÛRÍÄÕDñ`Î²„àßgäü©SÒÙ­hD.¿œ€søÈ`úòÈØÛyˆdRoG NöêÎB)óëäÑ»6$­ÿcIh—ÊM:Ÿ,ÈÈöX¨&hÎB@¦R: ÉtJàÍË ›îZAB÷¸mÚt½›‘ŠÓÕŒÂšx'Xù~´+¢Ê`÷È_<gÆMº…¹# ã\§Ïj1ÝÞNÎ{ bjû€ñHF×Wq'ö`‘#M¬i}y˜þ4LÆ•p.ÌÊ²äÈò1ò,ÄÿŸº*ªõ-Þ$<&øXÈøÎ§~×/¨íŽž^s>!Qs=¿-šTr¼jÉ"·;ÚœI¾õ@sÔ^pdÍ9{*ØãyP5L´Ûë;­ÞM±gK7m?ìÃÃuŽ«òñ¦"®5Y¬hddì¦&ÄÇ!X®¡t1ÉoœH}‰¢qîA•ÓæaR›cÂN])aûYÂÍÓŠÙ‡Ÿ‰õ+Ë„Ü¿²8ñÀîÚ`ÿî±=c(ãÂÃbgc„Çï%¾® èâÊ²W>ã‚Ë´–®w&ÿ2¡Ë ÂÕ2.Éüö.n.3,–¯[XèjæÒs|§Rh"sL­ \èS«œFáÒaeØ,tK¡Ÿß
y âŒõtƒÁºÆZ¯Æ´{yÉ"Í«ÙÃìHóAQYg4¼œ7ùÌ´aê\½[ÏæE» )Ç·í¦O°Ãù’¡+¾ÝÐ—è9&1Ið=9²f/5YVünõf?ÃUÐ>Ð\66ß.)ÆÄ-7”ó-ÕÉ~¾®"¹iÖ&GU·T4ZÀ6w·!¬¾&Íž¦è¾ñžzÏª±9™ÙñÈ:X¾Ã¬¯ ŽÉÍ’ÏÀQÉ—ì®nJ·Gô[eù­hwÕà`3qÏ#´³M¼¸íågQ 96¥.ÐX·‰/žqX×Ñíµæð|3<ñ8/ ¸6fZfW`´ý]`¦"¾Þ(\2•oŠ¨!âšS¦K¸‚ã^ÏÁ’#ñä¿h]’šÖR¯îPÝãå¡ÍÝv7hAß’“éÃrÛzKBB2Œ‡½ÌŒ&&sQN¹€ÒÓÊ•Tvòeƒ²Ãn*ýD¶ÖŒgÇV{_Ç¤$8aÄ¨¼øƒáî)ØÿBxÆ6&¼f/s¨Ú
ãó‹çnh´Œ?”„÷À¾öv•ÆùŠïwjï¥8f‘R#ËaÿdzF ÷$N&¸$¹
,7jL2»%7ò(¾Í£ý]ï\Ó³Î×Å–˜ˆ^J‘É%ü½Â(ÂhQèH±¼oÞsÂh—Ìz?Y°M]1+`Ñ-Å"ÔLd]èöìß‹veˆ>¡ª¹2Í+å¢ïD1¼¥K7jû ;ýY£ƒáeY#/š5pŠ¼¡”"óƒ~ÉüÚmââ™åóq2 	€½BŸy±«û'³ƒ`Ê[@Õ-ÜxBÝÜ’çÝzÌGòû+¹µmå=ç^™¤‘çšš³]ñÁ'².©‹7Î	¾ë›¾½ˆõÔB*4õúÏôñìèkÛ~Üš_wÔß%˜K‚ÌvÜÕ;ÒùäÆeÜ×U‚v<¤/¢¶Ðg†8ž!3£jíÛ¹ì–0®Ùˆzß­w½QØÐÑ^%¾-ÚœlÒÇé-¼‰]>ÊßA<Jl«žã‡Cf;zoyEÓoLàX;æ”Htóæ Q¼vþö¢é{Ÿ+ÍÔz6˜8£„t²E±àÄðL’ Gc&óDÊŽÀ¨6èŽFU"¡`¼°(øTjcÕùÜ¦ÙŠÞC¡îÀ„9‹ãœ]Jû`$l%ÅÃ´•ùÈ7‚ð?íîú¿H}gÁ'ôÓ3µ×¡}$}¸3–*·Dá©}øþ\À&Ö‰ÿ;È•æð±ã~RYaA…Nm•b-Êä7*õìmç¼)àãæ°£f¾axÝv›X•¢õ†Æ…åšB‡¹Nx¿òP”}ÌH.‰{¶Ð®/DV%Sçß¯IÄÏ]ß0Ð47æŠ/Ÿ×Ü‘±Ø³½{ŠìâÁ=`èÒYÈ†\?òöKÌ­nx•ýyë·'KJ(Ú 4Ç3Â='©ÕÌ*ÄB§¹¥Ø£”¶ÓÃ)ÛåŒ—Žù/'™oWÞ!CN¼¿ïÌ­ ê{r]ä¡*¬ip<;·I7¢§CÉ²NØ±¤ÒßË=«à~‚=é{^‡h';b]1böøã½¨T¸øÎð4übÉY/Â½ßggóçCu×$œ_Œêª_³ÈUEéûíF‚QHkM¹gÀˆºmméäsqÐ4¢¤ÖÓÐýl… 9šÆÔ^j®kë`:G&?»â1þ/|G`WØÅï%°©Õ¹;¢ãÒƒ÷j§ÇpñìDE•)˜Å‡GÕ/ãÂÃ¤›pºeÜ¥z
K2(ó÷Ëø³îvˆôá¡<,
}P–hô[ž|öQH2$—œÜ*4Ò°Ä©SX9°xËûA‚Ÿq\ë{ƒ× RÇS½¿ +§[˜?‹XŽ&~5ÆÝ|Õz_(ËŸ@¶Bó3¾^üž(J·p™¤&1•výr–x¨!ô>Ž2ØÉ¾0mÈ5¾~[¯‘†ÔhGù:>Ï´.âUxÑçÿœõ<$6ø–«î€¬Mf&*è'%â€Ï:[Âç”d^¡¶åéÚñ@U!;ñ7Ú6aúÈëÕØ.µ”'’º­|¦ÕÕ÷—3«J³œ×B„¾æ@kªÓrá	A7:õÄé´óîøÑ4¢»!Äa¡ò¬=Ö¶k¼»ªòzûÝM®¯¬=ÓW}s“:l÷!$cÖxÀ¢_Õg¦MŸS=ÇŠ_*Ayî£éH0±r®¤Úm_{01R9€¼/¿:3J*Ñ,?¢?Ãá˜']G„`žIñnÓYßrÒÌÜŸäá-}»P…ÖÛAÛR,S9 J¥ýÑ¼ÖºÞ¸ñpftrý½T"¿,`{ÑãÎE¥ÎšŽEi¦üš½â!ìù…&³Ò¤Ì’9ÄôK5•žE³G„o­!PÔ>ð°»\¼{‰<0ßØ¤§Ò÷hÙ'T¹î<4:›mÓ.7wëû¾‚Ä@}|,í¸#u;ÂáEñwœ;6pº( ew÷Ñ-^t(ACK¬ƒŽ3üæÝ‘Q)ÃgÛUBþ÷÷9ó‰À#jÏ®
òåâ+9@lÈ¤-áŽýØ©®þd”¨2Cì– ž@ãzÙ=ú£J`ÂàL•a{ýË„[q^Þ*)†âTë'„kÝ¶YŸ2ø·^fíÜºÐ¯M@œ½„¹ÍO5uÚ$¹ø22…£ÛˆR·féÍÒhÃ‹JltÑ´‡¢œ ·7<ÎÚMpžCÅ$˜wGÔ*æ«²ñ‰syóÿD¾ÎCçï|Lnïw…kCQ+mþYwT²bÜèÙµm^,Ñeý¿A²^›û@±˜<Ò—\²cŽEcpŸÛ]P«º%¯Ý#öŒðäfE™T€Up…µ­f”Ë´¹,(×
r|Á’CÅ¼ÂGÉ¡;!âAplefÁ)E…šÎÁ¨™Ì•’XênnC³¬òÙ¯Ç¢ÎïˆÜîÎaŽÆé¢ïi$ðvèëJŽM¤b¬“¥f}ê¶Œß6coP>LkžÚAßCm„/‚{£¾®wŽ_D0,´—12Î<ÚCåV
ÐÍÒ´³>àƒñ<uÚ‘.ÒÂªÓ]“¦';©9NÜ×)e´ÅÉ´*Ø¶uÁdo“.×o5Û±®Žc‰^
A*5–ø*Ål[Æ9¨Û;¡ÔCÌ¦ ¸ùÈÇbè¾œ{œ{¶äJŠ>³ÄAúâ¶2ºÄ'ûp£.c¿ö½-íR¬,ö€~Ï2ëž^è'$™}Û!ótþ›p „Æ-iC³:±C¥ 7D½ÆÄÆuJêL±ÑùE(ÖC¡e¼Ð¨[Á Y:Õ¦ø÷ldN–lÞ÷<¿Ò|0†üßn|…eãNîgR‹Ï‚eBˆùA¬©õ"qi°¢Qm–ò £Øà=%B¢PµöŽµ\	‹ëÉòñµî¨Ì6+j!?nÜ¯£ùGX0[R¢•)oz¹}Êþ\£0ß¸˜…² øœòx8÷¬f©§©;Ç…Ì -˜÷"=Þr’bjÅÄ˜îEž8ld¨ÞÍ”€¸ÐàW»^ÍóÿßèÁ‘&«}É@)l/Qq`´ÎøÕ˜îÔñr™Älb‚d¥pÄ.·cw”Dï¾ÎÜ­‡ÓÒ>‰5rå‚¾nNóŸ^Þ³ýÎcºƒQIÞ)s	ž5%JÍB2.±Zø¾ÄÍÉuÉrV¨îÒS)‰ÏìÐ§êù£FlfXÀyOç´žÐC›÷•îZ B?„üêuÍª8¨Bµå™€ç×æëiµÓ³@oI¡‘ØgÑà¿mJÞ±12w†hDz¥¬Œpè¦tÞðç)ÀÛWJãS/ô¬okèrjœöñëõ8®Ç½† ªïáhNô›¡Þ\ôn5š~ƒV®%Â F¸þkN©dG,´z¢²¯`ö†c9£(]±lc,©O4o…ÌÃìEË‹p0rsÃ3#S#G€ñÆ<æ‘‚@Z	Š
@­–¾Û-‡ U*uWÁ[‚fx#:‹ý«0Úhïz%ý((k²R6ƒ%§´ç©dÝ&ßvù·æ7F`jIÍ¡ú°€_–•Ì«æ#È]¤YRI¸î)#'¤hHZ‘ø‘_ËÀ1´{K1o¸Á{ÛñpÀU3tþåÀd	/Ü)jjJrókY^çuÃ’ERÏ'ïa;E$Í¡{S¦¤›pÕãÒèqØk½bX&KÉ:@½ÂA`—´õ!¿-=ñ?!1æ¹Sò©\áåGL<7šÇþpÓèÑµ>ÅºiÂÙ­NñçRtçâ£mÉ»Á\áõÀ&¨$8³§û +\°±CvÚp‘’~±Àž3Ð“¹1Š-ÅŒân]á!m99é¨ÆÝÛ	r«~‚QR€ó`UÛ‡þ|êÙÒÑñÚFO°îN©£Ë£jq]4¼Ü§8[kº—‰ º_“'›¯É27˜s™Ð‹¦apáS(!š ò*¢—cÞú4ŠQƒO eq¿µn­ä¤f_`XE¿ÖÕ!ÐúÐÍìvr/ «™'0l—Á ÏçÐäÈÿõMXm†‘õƒ'ð:PÕkif†‚eÒ,Q'àKvoVh÷Ë9^TË0«õžæ‰i×©Ñ³-2Ð2Ã"âÕdd–vÐ	ËôqN°Oõ¡ÅÉG€@ç “Þm;ú½	Göá»ØÖ&ûè¯»4òU«åUFû?XÏ.Ö_/Ö×æs}m¶“tƒ^Î‹Þ×ºéS¸Å[fÁ;ÓÁoçºto#Çq÷…A;0‰PœÑkÞq†Òv‘"Î‹Xq%¥0%¡´ñÌÀ<Y«èG®Ñ\áƒÂ*k+™È^Þ,ƒl m² ^N».û€Ã&ÑÖU3/Ð3Á¼÷(ÿÂ+† Åg¸$×èá^®,ÓŸÎ‹?ÿÀýPšªûYÒÿ]Põé?‰zJûÛ5JËÆÌZñ1²G}ÀU°ISÚ*;DA¨ù¬Óe
ÝF,}Ûˆ¿èlÌõ|téøã‹—°˜ã9/H›Õž|Òø<Ü§†p>üåUåœÁN°pÖ8œùs,ÚŒñC±¢ì˜ŠÒõ;°•´Å£ôùÕp`¶å/óŠfšU}L£gÍÔïâF4]íÂ…|kFñwŸ¶*àå|ÉHSÚšÞXl­å<¯ãJéAB\‚ÛêÓÒ;gLN±`J7	:‡ô²pc2qÔoQ•Û$«SžûDÛÚ…E»)t£­íTÀ €ïéÃ0†ß^y¿ågÕ~‚ëÊ©(0˜¹ LO8õ[S*Ïdp<’uªD—;ý¤
ê‚Æ¾#p¡æ>ŠÖµÓ‹aÓ»E«{-ÑtT—!—5‹LÚ¤ê]áû›KÏçp^c >ˆ©hü¹ÄsFö²ßõD-žŠ­›¸ÌÇ“4ºpˆÆ1Þ–ŠˆÙÕ ­¿IuÃáH”~]Ô‰ë~Hc2Ñ± 
cXd3"§—òÓš=V(¼ü,ŠSxI%¡g–ßcN¾x«Fl=ÂtÆŒ}¶°;`
ÁMR¹Yò=²uZâe›p®ü4ã‰Þð­E)žÎœ¥××Êû¿ÛŠOQÍÉ…mµâv†+ù½ƒÚé„Ô@$_{jóSååGrìžØo[	G½ÞÚ7|/bMÆo- OÁ&Ï$´.ÕÀQùmhËl™¢œz­€·¹ç¸¢Æ9¶!AT6/ÒI Ø—lK¥„-•/¡ G)´3Í0”%ôZÍE£‡â'«øwÞ¼†SDT;™p—Å.µðý±£åéI¥8æ”¡u:åLM8söÕÔy“Ý¬
X}ƒ›úæ]ÑÊ.©Vß`ðTùWä¼èåõJy Š˜~¶Ÿ2×\œ¹ÓU™ß>pÓþÌG´žtxè-} e¯À¦“d5ùt2"+É¹|ý¦ðP³e­yÿ Á/Am*yAxmx)´JIë³{ã-Ùä©A¬œâÈË‡Ó_,&ßÊ[ÙJ¡ÑŽ]î7Ah´‹>£/Î»çÃ¬Á&º…°€o\1‹‰Ùgi¡øêgÿüT_jw,‡ˆxzGß›s;”éóÑÆÈ¢¼J¿k_Ü# ¡£‰tEŽ!]­þPF“[þËŽ³ÏÛ%êF¤ºQÄ¡Í½­ñYQÕ™©) {SeË!R·×øL~bºÕéÈBU¡ÿm@¹Üë!]2O˜‹Éûx¾•û8‰¢Ý`{£•Û€kPuÉXsÐQW6cFÀ÷›m(­×Æ5iúù=vÎTRD‚
W,»ô“²¨?Ç'¹l@Æ²J°Üû‡{’¹d‰NñpgeQPS!õ‹½?ã/ÎŠ–ÌdŸ2ßÜw4ÐÔÌRÔ0óˆØdÂ$¬^râÉÙ¥]Khû}r]0€Ú;ag%“•}%(-Ã>ô¬¼j)Pƒ/hÀ?‰ƒüÏ¥ëÊùñÖÓÆÔ²¸ø³ùK„ÿ@V$xâ$•N±û£•¡vó=mÎfÍ…*È¼¯¨BŒ<“[´c\•ß(ú ˆp¡Þ÷$Ž2h”œüeàáA“)zA)‡ R„¢Ó‡‚pËý¯{<KøT%ùŽ2VÒ)>ç3
9G+½à™–œº12îÊyIôC§f,—«ns`†â×vþEu«Ìwq-kNKìéo<’Ä'Oà™¾å¨_é08±µT»:ÍÐHTÓy-‚ÎVzðW™ìì»xüäshbí×Ë
º'ATZpþ¨…UE@LØ«O>Úœfií±pILhÜ'r»,w<OëÔX9ä6úiÕe!…pd’²*}[‰hœ0/B¡»³a7½vÑ€¨!Ø‡2ÁUðø¯‚»o©Iðªt¸À¤—ü1
”j'U${r yÆŒÙZ4Ó™BžOJ”ž¾	+ô¦µh§¯9yçYNN=Â·ÏJu-±¥±Ö‡×yV#•µûÝ4Æë‡‚IsÒD\Ï5\SÕ=Ï=¿@ß‹O´KG8Èµ“¾»\bêß²œ4BÑ;96Ÿß>ð3ýâG+%Œ^	„ä3[’¢\Ð—Úó‰‹3‚Ü	E«„‘ñTÚx°&´¹KZü¨¹ÿïüãvá5ù*Å±õ”è’Ü XûOS|(Ûµ`/Â¶oA¦®_ûu{¾ ÜÃ0QØtvùcª¯§gOú¬w+¢:§ÔÈ¾DîÞ]˜ƒHg'	áø
ê=j°YÛ¸³§¿nYJi¹™ÀºzV†Gþ#¯‘EÚé†ðd=<%~àÏ"é\gkRjkëß®%re‘†€Ö	’°Qè·¡irY8²êÂnÝö˜x»ZŠiÍØß JáÐ£àshD^Hwti>\Uu{ Ö-Ý,½œ6kFˆ›:À¦ pùêcÿ_lÆu®åLÀeÊ©om.ûñ`¹½¦¢œ¾›+²5§v0ÿU„uEò2~!1 ;¬®9OIPÛñ-‰ÀM+äVf1•çS¯3ÒÒíõ|K·>+¨±Ö#91AÑ¼kÖÔŽvLLÆr?ùŸÓŽA~BÆ«ñƒ,ç/õ°Um×ãÕj\šP’š’ÃNÄ±Ëš5Úú§“ÎÏN $—$CCxú²	^!ò‹²^bÚËá¸d&Cæ/‡Ño; €„-;(n0‹å¯rËîHµ¸¯E‚ªÀwŒ0mÄ¯š°Wï‘³ê‘‚u?RÙ§i&XÊøšo/ºŸ¡bˆ6ÍšŽŠ4z¹”¼áüÚ0
 Æ&¢¹ÉV±²ë«¼’Š•½•*øxÞºEQlï¬¬X ti¬S)˜à ?#ìô‘V—[ó6#ãî¸¢¥H÷S„
_a^?Á…;|ü°ê¼û8Ó ÆË~KSB$%šû(¹kšÑ–w4?¿"øæþ6f–¿+}Ð¾àaþ†Ý°ÝoÖ˜’(ßò©eóÞIE§OÓžúÉ$™âwåo˜?øj«"3:Ý*?âøB8æï®÷^ oby 5,®6bºÞ‰þ“I¥C#»…šg‡‘øþD¡q²L},|(¶SpVëU®J-P·)d
JÎÖ]i=åŸ;	â0hmÞb›J|Ð£¾X'qÉ=Ò³ËVHÔ¥‰Œ•„ÅåÈO˜×9Yþ¡üEõ²'Ï|¨Œ{’üÄ¶P€ç=Î÷¾9JI(oYžÃ({O€cƒä¬^ŸÏª2‰iQ`HH#
PÏ~™jÿ¸³u,°rTV[k–éÄ*¼•U-ÓbùQad F×¤é`)Teå;Q”JKû[gïMœûKs? E°…}Dâ»Õ•XìÏ§Ú„ù]£‡»ùû(Y:t•î—ei.y…ðÞÜËh_dHÉn›FË'&ö‹"Q÷Y£zÅµ)=ì™ÛPÚ·f•'ÈÖbº÷¥ÀC£‹ ÊÃy ¿‚‚Ä¢3…céjímÓZÒç"“–ý˜É;£¾õ™^Û0V%©4Â¬½ïaE@ë0¥/=3ÉŠ{'ûäÍÙz¸¬…ÈŸ „9"h­> lÿ^Lžl¼rœÄ{¸NKlôIñçT–M“^}ó-V‹Í"º’]Á¯²XÜ4óÞëøâ>t+ùn½±§Éf‘ÔoµÅüQ.}N÷qlx“ÞTöHfiâJ=™]2 ï„¥}¦ç{~	¬-á„|…¹à»Htn“¿¯¡ wÃC‚ùzÆqÏ©Ù<t¡SŽêûÍ)­ÑAI³°ÈÜ˜³!8oUæÍ»x¯€Pò5bÌ¨Mü#mûfSê¯¤ß£ˆm˜ï&?Þ¥72±Áà<vª:	ËÝÝk>ûLÉúü'}xw…ˆ/ÆKE¡º¿Î×é\}¶2Íõn)8Þ[>¯ªÈ<Î§ß§«ÅsûþLþ´å;²ëˆäÞFVIÀÓT/å•P—úx…€§
 Gœ ?ÁšPw0ÊçcnnÙ—V¤7~'×ÏßS²_Õkô‡ˆCKÿQþóE5Þç+OÐþ3<J,…Ê"ÛBV•?ÀG[±ƒ¡RVHjû3CÙHÝaë"Õ©þ”nb¯ñšÃ9V±¸ç9=hžLƒ•5¬ ©?&’åïZ:¶çÂ}­R5fx!‘`Í‹æŒîõû!M KîŒô&o­ÿ¢ïç\½Lg‰·iY7½áIÆR?Bôû:'Œ9|Ë÷;ˆ
x§èVV"×épØrA*¾CjÜ0¢ÔvÆÔØÎÎENœòó·^?Aø4€óRÑ¢ý,k0÷¤hlI™Dxa¨àUožº;Km¿…”ßo.Á¯ÉPÂCBÀü”m—£”íd ¬k\VDã•“/i	Ö4øt%S5#¾ÕÈó³È°‹ûì<tü@Àad¹kTIÎâ9°¿à¨_¬V¡_m>õž2ßƒ–ÏÄFC®ùoOï¦Z{þyÅpdPËFLÐÈÿ…™WÓÐýuèä:Š¾€.W$Þ÷6?L•Aº=0Ø+ÙÛêµ•©c®Ès4ÍµËímB´`£ˆÖ‰¾ûáûç¬=0VkegkI×†ñ^©Â”úb_ÈÊ­Å[ƒ›±¦è½5°®(hŒêØ“W“¾ÛëßÚ/š0Î8Ô6ÀLÔñÍZ>Òº·àsÝ°ðÜ–õ3ƒK¶Ëû«Cƒr”Øõr1F :‰O³ÓÛÑ™™Üô÷­íý*Ý`Ž¦b#:´Ð¼ Öõvõf”¹ýŠ05myZ{b§ÆñS® ¿éŒi…¤ôùéÒu”˜ùpÀ+ëõi²î@wßwßTzÒ‰9Æ
Bw /i¶ƒ©á”ï¡IáLãäjˆ\F¹?ÃàBBJCGyÂ‹,¶ºªØœ½¦@?½BeìNX»3îI"»­è°ÿìhëmÆo«KÁïÝ³&6BißÁ|
ºrÑ(nî¬„ªÑt‚ñ:·¾vP‹2Á™Yô/98Ü KÙnü2/Hc…ò›é’Ü±ÁÈm¼gJQ¼ÉäŸÛœï3	œªÐù3FFŠúÆ^1dÔ€ÞâYâ§MØ¬gp¨ƒ¿íŽåÚSÚr¼–'Úáec—^Òym Äîor¨7èÚáwu›J;§•®d‹IïräN|äÌ7&§ç]MvsÈVÆ¡‚¢Ôü<É´\s›¡õ”rüå’»ŒÊ4‹÷	çòâ×§‘Æ‰_ùWøF{4B"	tÐàºÞÇ¤ô¡ ;‡ç¤å &¶YsËêJ+±Î.iWl²æ›]«KÔô©¹00ö°eîñæd`ŽKéBf¤E½³ºQöKkèÐTMy ŠÞ¢›NÂ;ù:óÜIˆ	Š¤Îs};®²å7w.‚Qêƒ>æ"Çí? ¯Ò³0XæÆéÕ¬×–Vó4-Nk€É+ßo#¨ô¦ë¼¶/!Å›šìÀÿ”áUÍ$E·î˜WÕ`2ÎØqæGè×úý½{+mPJG…¸â…Bí#³À¹¬ÿ´wv„~Ry§s×gë%ªã¾HG÷‘ïJ'õÆüšÊ}¸DZ\AuTÇÐuäJI“ßª8ìoÙ~‚}~aÐAôTåLpgçˆ±o÷ÅˆÓaëÌ„AgHé~ÓÌ’ÎÀUy>üì¥fŽ­½ÜUöðåñ´,¸û .ôŒÚ_!oµ*d™ýPÆ'±¸6VíS|LO»AŒXJ)sm "®ÝÕ?è©„¢÷^ ÐíQóßã×ˆKÒÌ{™”b¤šÁá}<H}•9¯Ò:®/íS1Ìe×ˆ}Í]Èµ¯¢_vÞºþ ­
ó÷Æ¡"3Ëüí(„²dWDŠjóƒvœ²O4­º®ÌöPX/ÜŠó¡Ö6	q'Ã¾óÈî58Åç©®˜ü:rbêAëÅë¯qxQ'†!¨mZAzHŒ¡`’È…T§Ì¶{y™ñ´•9æXq!&hÛPg”ql7—ƒ]çStDõÕf¥jw·õíri·öT]´¶†»`Ñ¥¢ûÞëúY4-m"&`ñe€V™WÛÞó–!
É¡¹[Ü¹çÃÈTõP½ÆÕÌ¿<ìãôeàÅ¥Xÿþ²óAtPRt÷Ç<»rˆ³¾ßEEEÞi˜óF¦mFÐ‰Ë¸©ÞáåÂû-~íðn×}$º³Ó?U°>eÿ‡Â­_œªìK:&¹9e—„hàV…f	è%“LÂ¥IF %üí¶&Î¨…ÌØ¤?¡ x”³+uêÕ^ÓZ-›k<¸ŠÊ¬]ïÓ)B‡AþË[
Ö£d'½OdÃÞ0P_&íî,=™¸tý¥Fx(‡ÿ¼Ú_1{ÊƒÛ$92?²e73[6ÀDá$ùÁd,g BBåÑjýBíÕ¥*~æO]ÉŽEªZ¿ÝŠ ¤ß.Ûn}—¥ç÷¬YëÝ£0v˜j-?¢ÙÜ~gïz»Úß2­¢‚Wº 4Q±o¿ø¥cçgë™èòú™À+aBŸSNíBU«4MeBj?ù&×ëæ $láXÔ30×CÓD-*"Ú‡@öŽÚ*:çOŽ°Œêé†ÒÞˆ•Š¼ZÃ¾2dR‘Ë½5ÎÄ~ÊZ>>± _J¦¯=„uþíVË;@ yÓž—Çüé6š§—Ž°GÏþ^N{_i¾s„  +X‚!Lõ,²Á²Õé®ò4ÿZÇ"#*y,H¿òPc–¢XË›Þ&ÂfY©_‰¡¿‹œzÄô±Â´Lj b¢õËüAáüª™å¾»wo'|õ„?
]²-$)l­*æj¥$äè³ˆÒSR'õ‰‘EòIs³¯}­0HÍÊ¯²…ñ|if^9þ šˆDøü¢&]úag¦²ûq³CÉýº ú¬IQ5ˆ\Š}p6E?¿ÍWÄA²Pã‚(Q‡àÇ)e£±Ò/+[â8¥92µš‡®“9Ï;T¤¦ü¶Ø”Î&ÇŠÁr¡Æä€>o
«7Mx8ß‡„Èœ„Ö	N›Zf5¢ê¾„p<jà¿½k0ßøûðlåªa¶	ÊmÐ´t;’¹À/ŠS§jY´ä€#8Oá¯ôY¼Q?·[Â ]ØhcðÇdÄh—`¥â~‡¾áÂ`Qûàƒ(QAÎ–Ôvè+-d§œúPlÄDˆ»Ç‰÷‘@RÇƒþ}Þ³åðØzTTí¸¬áŽI×Õ:I1y=Ú¥<*ìÊX^ªm]éÀ©¾¢E®â+j]ÿŠR—½¤'Ïšu…ãñš,‰7ÇÐ÷!!|&¬Å
Vi„:ím:Ñ.ÃV"Iœ DáMFºù©gF%_f÷ÀË.u)vl¾ ñ0µ¥JôJ“¡ */$< jŸòåeÕÁÇ`Â·o‡HRÑ¯z"LëÅ-&-v^Õç3%»m€¤¥Æ¦r±ê!˜¹öx—¸yÖ
ABŽ¥
|*-ìJ‡zŠB•Ìª±OX0#YÝÁŒ"qèÿ—ÿJPxTYÓ…–¨‘³ÈÊ]KÂ¦}¿J‡Ì»áŒµl&wié×7ºqZ˜AhM{T“K"~RcíN9îsJZ—O•]}VJîŒÝµòþoæ/W%"aÃæëûŠ2Éž$@‡³h1ÑTP«vpQ8†B'1oæO‚s"âxwn Á0¿ÚØ«Ó™û}ë`Ù&þ·›ßy}±‹maí‘ƒç­±O’‘¹{èa`[®+ry
´Ý2NùžÖéðÁ×Œ<éä{A,üÚì7v\&¿y}$]°g®!²«0L•™ÐÊYôÒOŠ©¿}—¥Ü«j~×1äé»oà€àÏõŽ@*…’ÜÖ.V*ª„À$/zçÐmÒuI´í9»ÆP†ía¦M‰G( gpxÿó§‰Xd@äSÍ»ŒM›ò´Ô¥/`±CÐ!K,ÕR¤.²ƒÚ ?Ôþ4É=iOtI¥¤³éôRÁ6q+¯èÉS3Ší¸ßÂ¼fåÖF×+á2˜
ˆ•Fx7;™³V¿êLÂd±õÑ1§2åûmÀêPJòK	wÓjH$ËFæQ‡¾p%ëç7æyX%n ¨È©ÿ¬ö„Óq©ù•ª[Zã0§ûB«ÿÑ”x«Ã[;ìuB°Ï…mÄ~;Ñ\î·ÙB¿ŒWˆÕz¾&{o.Öa(
Ó¸^ù¥_û‘IeI–ü¡œúñ—tBÖ„æé€é—¹€Ox¥Èˆ¥¿³¾2ªÙ5ái‡WV=°œÚÌã[c‡5Øï@-o¸5pë«¹#ÈD¢a¡ãÆ • 36%ç X9oT!NÏiC²®ˆ¯"Ûw½q™”>¸í•¦Œ‘µö`ý¨+ƒ•5Ñ¤+ØÙ—-óÙÅÿ²˜áAûÛ]Õ¥KêEr^pÑÈ
H\%Ü*dÜåT-ÞQŒ²g-EŸŠ•tZ8Ù½Ùp LG™¬-—É:t»qMòši±§ÿðªÿØ©4€Ý(o=gM+®¨@Î“lõ;ßIeÕJÂtÑƒü
èÑãèÎ;!’ý'û‡ÙÑÜ7ÇÚOìÅl ƒ"í§fKlàûïx—1¬Âmh†¥TÍÖ—caÅC¸Bç/JÛŽãTmÂÒö)qÂG]	°gQ*÷Ð(oñÆA¤úÂ sþêïre`ôøí¢p5‚pÚ<Þ²áºÔ?GïðOªœ#Ã"Ó=ÓáìcŠ?â¡iÐ~'žïË±\HŸRAK*‡	&úx÷eíÜ8cD£à“ô@³:‡=°NÄÐ-*¼MßGÀKÔziŸÓ^äw®}¼§“ÙR°_¿À³mZQ‘5¶ÀíúØUý‰£.tµJ\±+’9j©Î.[UK#u i^fN©/è”û)MX…D+Všˆ¹èåOrÕâÆûŸ¬,\ìt«ÝVà_ÇíºzŸª7)#rM[Ð>Ô\Nv}ö£ÿE½Ò“Lò²Hé5îË—ÉÙäÎ$•ûWT*ÉKPùh‚Ôf¡àÕ[~˜\÷Ï¶Š.eMLzx¾yŽ"jh°ý5£ö©•tHk`qfîdŸÞIëŒö}ë@ni5²L{Ÿ­Š°ÔÙÀ|ðï_ZIÁTó†]ûgÚB·bp¦¤ç$¢h®6~,'
ZãwP}øÖaÎ¦pàÏÞÚQ\$¾çu×ƒ/å[dòxUw'ÆÊ¬Èµþ¯/¹Io}äœˆÊjµ·ÿHÅà¶Žf^éô¾±"‘!„é?LÖ k{“è¢`|ÛÇ8Ë“úŸsµõ©d³í¾‘¦òÆ/û~o\G0Ïm· ÿÓ_ËRuÑhiµÏ› /À	9D%‚qXÒDãllždÙÄ¹kBÞ›PFXrC¿àÕµ=@ÔI™„€ó³¾ÿ»#Ûð×wË¿ñ]ôŸ5°Èq“òkmåvìq¿Ø£-ý"œxæt½’×ñÇEìîý¢š£3¢žÎæœïªnM –?¨PØÉ„vU†•cè%,Æÿ¹âÂo	žy}UÒªÞ0ýçšPQùï¸,dæ¡@•+…ª£ü‚áÞ~b¬Ù»±Ëþ÷Òi[Çf (>³²“Š<ÌƒÕâTJ¹‹ÃØ“ßtït!~F ÿ‰%ïû=ASxg@(úô„œ8é¾8´-?U›•œö~ð¿J<”K‡ÏâNDIa¿wyYÙŸ-v@»0=¶$ç5oê˜†ºIŒnÅs?†Ÿ°¢Íïí ¦EßÈ['Ë™%†’õ-Î£òßñF÷»·ÔÛOGW%¹·âïJa˜ëFNÈ¥|o®; ÷‹«À'Øî©ÆÍ \Æ½^ò¾ª¶±÷•—ÜïIŽß~&‡T~ûZn¥³2o#ôAæêý–þBtè% ŸÌ1„¥ÃXºNùI`èÈ3Øo—¤ó)D‡Vú²¨CCØTŠV ÈŽ	•V·-î¤ˆüôoUQ)Y·7ßÉôá]b\÷²¶Zeo'~»^ÈÁyHA»¤YøöÿaÑ™£©$•ZªÀO’äëý¯'*Gx¬’ íÍváçñI÷FD¤ªÃj÷@F)JÐÀ_¯Äa2zöìN—ëá6†ó®³ê'5ˆ„è„mƒø»ãW/Ï1d;¡¶ ¸aàÉ›„çeWÕåôýèì]b4–š,}aøTÿÐû+Q~—!Ìòí½T…íàî0HO©düØ	§b<æÇ¢É«wokÿ.%ŸRS“]¯±×ŽïèŸ…&€NOùPmï|jpá/ —¾3\Ôu%dl-¦–Á:¼ü9«Ë¨ÔBŽQNÞápwT>¿Æ¡°èWh7rïB„2#€Põÿ„ž¤#™2LoW’Û^knGÜùæ~ý <	Mú?@'J]×à_°
¼ ‹…­>vØà |É=/4~ïÆ“~³¦5cE¦7»ilï”j»_ éëŠa­zícöp/(w±YÏ%ƒ@¼¬¥`§î99Ìÿâ**;Îž ‘Ø“ºÉÿç>&½ìmñÛÄBÊ%ò$Y2Çr2È=?3ŒFùÈ‘ÜŽåàœ¼5Õ¡(ÐVº9û=1È?œ¼TlÖÎŸ‡³>EåÌpÏ@Ï<\9'JÄ½~eÆ?~å‡KÇ¶÷ä±B4¸“¬‰ãF”‹vnŸÙsR÷k"^‰ÑèMù÷¤iô)Uþî‰äX^eImà<úéhH¬&G!z@saG4®|®bN¹®œêÐæª4<
d±D›þ\´yµVÙ2}²ZüFÙÞ®¨Í>Šh£¤bÝ—,çÐ?)OUyæà½sCúTî·q/¤;0¶e‡R;ƒ<ëe»µÁª!jùûgÉÝÕÞµé[EÔëLßïh½,SãR‘/¹u$ñïz‰GœŠÜ›šk0ÍoE¶Mø}ÁßéÈ¥*N=êw³RV„M¬|»å÷ÉË$Ýœ@Ø—Öwúh¦‚á„ÐmÔ;Ô ×‡V•Q¢èÓIJ„­ÐB¹TŽ|©)“—¶ùpgÛóIÎL€DL;¢ô-8±6	6¬Ç£æ)û°lœ!s$;'¶'íÁ–Ÿãà|ÎY_iºŠQöqA¼¬£y‘’„”5nøD!”E!Þf-ú«G5—dñ@<ìÚCË¦V€m¨ÅóøÝ÷k²ÎÃð×È7|XSîCÕH39Û¹O=?Ê„Î´5Ó‹RoØÛ2¢ONxøJ5ñ<T¹ÈQ•¢¹PIY³{À—ó­r‡cÒ”£ÊYóÚ>
åéƒn	ŸþÿÐzÔuþ«e÷Æ  #…Fìj¼:AV($õ«Ž‰ýúAÕþ ·H"mæs@æfÎú.RX·DŸ-5ßóí!¥¼·U}'™€ÉÎ.¹Ëâ¬²Sd•ëÄ¼yUu¼¸€pÊâ9`´ØÄt!!ð´iYMyó	¾ªëV1Æ¼$ù–â˜G»lGu,ÝÌî3¹f<ß¯àµHtF˜?>ZIæåÙÊ&ÍX.OcÅah_R9éÓ¹ÇŽAw*™¥: ÷ê€$EuìÜOá‡)¯€ƒôª}ntˆ,‰à|‡×§ê"Få½ÇõUèŸ×Žq0R¡y@³È Õd¡?Ršÿf¢:„™è_Çaú¾0$£Åø¤z2š!×­F‰YqrÜË.EÃZãßÃÒl-bù£wŽ»Ù@ÃCª(u’Ý£®{cÄÖæ"1•Ñ	ÓÏñ*’?ÝˆC\}¬‘|‚û‹ëŠ¾êªª)Aš+›FŒ@[$DL†qÆªËóíôßµ—°ØB[î,èv`üÐÁ¹I:£GC?Ja™C—Û4½û¥GÉbÂ?›/è°ù]*”Æ†½ÐW-N„lÙVù9Åï÷„(³O=ÁÅn;weÞÊÈ¯ˆÐ
¹eä`L×öÞ…A
	\í¢ì‚*XaQu™$¸…ë¦“oó—7[O/QÁ‹Ç8©K‹f—&µ@ØÅíQø.¢+ÓÎ¡NÈ k¬ˆ¡E(wPÁ”¥ó©.œƒÛ@À5ØLH—æõ)ú™ {…‰Ž½~÷•a~‰-ÖŸ¸‹Fk«Ia$åûÎöÊ[÷,Ïáßð$Œ?"ZqCÜïyIIôËEXD½ÙÙºËU@Q·í4ÐVÜÖc oQ vè;ÎÐ–?¹¼&h|2‰ÜQ…½ÚÞÚpÐ®Žfkˆž½ÓLÒRáÝ.±P«HKÃ'à²fùEÊB¡âûic°¢å´Ÿ¦X’"æf)w¤O¼À—Í¡*º÷J¯kôO™t©·Ÿ«\¦[—¡íä­>èBWs»r$úelF7žÓÆ•CÀ×…Éé?}M¥ÔoØ‰n?3&hÒ~Tó•ü¼ŽÇÒ20‚½£Uê8ÑÁ\tã	RxDn5S
%Õkh0š|T*‹~ýøgf&êÃP—(„¶i¯Ñèp­¦Ü8œ¼BICãÂ˜Ñ‡VtD,rYP×OŸÐr2W„°´„ªÇa¸ÿˆºôé™-©Áu‘
æÂ¦¶—E³ô¨>N¥ ôð¨bÌ¹{«Ú s¿>‹Ò½‘¾ÎÂAI×D®ñ¸-c\12þðáðxã¥ª™ˆÖY^¾vpæ1&øOëUfeåôüPšg¿å`ßúGÌF³1×¥!-Ei[néŽQ«‡¼y%@rßA 0ßdì¯µ¸ð¨íH¢fúŒ;4FŠ“îú ‚—C¸+EQÒ›ÐaV„j˜$¬³zs~Ô\ëŸŒ%cÄSõÄâ»žÓÅiÙ¨ø)½Äˆ—S-ÌH72ˆ¥—–tJð!.|ƒ›€»ÆýR¡~í¬©ñ÷™_SÝº)ÄšLöióv #¤/ÄÕdrØÒL1.ý òá;^Ð~€\þˆ¬ŠÀz+Èˆ%ÕD"†ž] F\ÖÔfI¨Ìëxù\Y,òIV E—¿ï…u^k¿Çd¥.‡Â_Àú“ò¶§~aÉã&JAœ¯äFE_ù#8@Í<àÀ1•‡”{ôvX¸êâz5¯¤™òÔý!jáÅ<ŸácibFÆ[:¹&ç$Ë6•7ºÊ›²ÚÂÕ2[Æ¢àõch”D¼p‘•½`²iU¡Ï5¼,Ì/ª.8àTò;œç¯iÖo£èÎqþé…T1ûÒ–µÇÐ‰ïbè7û„7œúÃ‰uˆ<±9¾’û<PW.ÝS†Ó%FŸÊÂ¤S¤þ®Ìëe£[lá—ÜƒZ7ëºÂ7îÑB—òRøsÆ/MÂÐµ0Kî;€”oMŽ BsDHQX³€ß5”[•ó„¼<xyCìr½«>MùÉÞ4{<_G³”pÑ# àå½Ÿ˜KÆ9.„‹{ŠCW>¦"¢+äÄ›önž7Íùž¹Ö_˜œ(úF23ÙZ&i»Uú0ò¼)¦øKgø@ÊoIÏ4‚ãx¢¾à~ŠÍ>ä°´cjšŸOâµ2¹sˆ™c–KÓ¦0‰7hÅ1ªR”‘¢øX¥¯´%ÞÆÅFÎæ}‘+”ÏRò~–Ó›µ¢´>ú³Ú\¡sŠš‡pi[mùÀw.ì!³’Ó„là†
Uz²&è4^º™<Åÿ¶~KÄÝ$Í›`I&Ó¾Î¢~òËk¿Ic”¹NÔmÇ±azEJï‡VíÎŽC—Ó9-¾Äº;Ø^³??½îŠÀâ	å	2Š\VÛE|©(™t^_3ÿ{Š>ú=kˆU
Š(ÿohk:Èªd°£˜L¯ú÷ÅF<W×g Kéq¹ù¶JØ¨k™) )‡a‰¬Ž£Vû±†ï=€vÞ¢N¾"ºuæÍ"ÅââwfµŽá!;kC<Z@o%¦ãV¦p€MT¡(¾˜Š?’·£Xß’É[ò™[O £g	ºd¸¼—Yš¤ú8å–”y'ú¥:»uöDªãñt¬’raêTh	mGë7“Ï1yù¦uÝB$óÓìü-HRÔ+2à[ ©>wSnM]Çdì§#Øý„–®¼Ûúõ9›{ŠßÊ~Ä7+£‹¦]ÆÐ¿è·ÉakwLsŒVOž½,|Žh÷ªBõi;O$·ÁtðA÷#·&õñ0Á“FË°NJçzusµ=,H¼˜{7låÓüsX¿ÿÉêýNq%ÜÈIÁÖ$­7IÐIÄD¯|‹œ	d¡ #n=¸Ü­Ùdd©Nÿ–4*‡+b£êˆ
2ÎfµÚàa«·VîX_ãå.‹JÎA3™.×ljPºÇ|~é%·¶ Úl^ûyÎd¹ ë<÷ÿ~÷5¾ÃA¿à–‘ ,QÒÄÎL¶¬<,Æ©³aP„õ;&tmá*Pv	Øh8ˆå Å*î”Ïïñ\6â¶ÂÇóW¨%œŽf•ƒ/™æšŒÞì¯ Þ†,7ŽªÎ…A¹€ŽàPÇBÈ£t
q®âÝ¯šý¶ˆŒ•Ò*¶&·ØYÅŸõæ|aŸ°Œúr^B îìps§1!cˆ$ê—{P²eO—#f4F¾]âý÷ªÏ‰ˆôÿÑœø„*Ëo/×<:uTu‰†Œñ]–['çr¸fÖ`œÍVµv­ßfiÔ	Òü8’" í¡\9Ö}bx#gàÒÅä…R‹Òo›]ŠCåªóæ(Ôü6}{	P;˜{È©ûãntQÊÀXëÃµ?ÈLöÌìJWQ€ü ÐÊU‚J›té»öún`ñ|SºxH(›ãRˆsá™
»^ZÂ»õë=¹D•ýÄéNSzÑpyCuÊÏ1wZLßyN(¼Ô©Lõ;À–Ç±a`¨i‘u½Ð <q1WfyŠTøÞñ	1ïÛ ]¹ÛÄY¤f‘h)#äŠE‰0¨sh5ùé]o”¡~—ÍÎÌá©DtÅäTTYªvJNbLÇê·¥¥mèlº^€t³‚+ï ®4ô`9–³t¼ù“UåÖzHU»÷üý’'Ž6PfGÅ9À)¹¹ÏÏ°lÁW4åKOçüºÒ/üƒ¥—ü¿äT÷=3®ã)"“Õ{©ÛumËaa¶­¥xÊÿ£÷£ÙôþÌÍRJšœð0Ø›xvò4ñéê8žu—f…’1uL†ÇD€ŠxaùnenŸ ZÙý:a ˆ©À%¡ˆvÁ8Ü’]g‚éd>fÇK¦c…ð¨ïÜFÙ!òÑf h{;ÖpÑÐL°˜KyzÂ4Þ_?ˆYzÍ»ß%6ÅŒNwß¡ÑØüJV!NZÿ-ÝðÓõÎø4
éè­ƒ#•§?^óóß³Z¾Ü§íÎÒrhSLdØõ	€	œ‡¹‰Ž;¨ƒÅ§±jp^>¥Æü!y>@«p¦Jv±_I:04>¯o¾—PËjªd ["1†D¨z}ˆ\cá\—DõÚ?ÉE´ó
s.¼Š»‡NCÌ×<Iòp»m‹Ê?S‹Éý —×ºZ¿Å¦WhÃ‡ Áy‹‚[ž™è…¡zAB^ò£}ªÆÍ–‘ïyÅ´Y[ù ¶c&s½ÐÃö7÷"!-™„3 ¥_hÕ¨dFPÒ´äã)ºg÷‘U<$5"q‡Cn@Ñéqrz€[hÛS˜7æªVÏøá\HÐQ•ß÷ ‹ƒíú “
PÑ}öô¿^”¢£ü"_7ŠvÖ„ÇZònkb±L`y¤l Ø­”ñgv˜(¯G©‰ÌißÌA¾0œ)à2'ÖG1m£ùø«+ÿÝàíÃÑ„UûéDd&5yêg*[X6QàóÂNV\úŽ{+!€¶pOå…½Ö»Í^.Ô=ÔR®D8|)x³.[b½g•³a«R6Ç)Ù`/O&Æ|Ú]÷k	s€ýt‡œéžŸ!kUªf!
Ùˆ7¦êMß<²©ŸÖMùTß#’&+À÷™Ùèê0Ï«7®ì*j ~TQpC”]Ÿ+ý5ÅÞÚBv6åF±ümƒz9§ÖÉüì,P=‚·œ©³!m“§~ð«”n`NÕÐº$‡Ê¨þ^1M‰|¢=÷ëe:¸´A™aŒ=êßÁíæ>HöˆžÇâ^$ªéÓ“¹‰…>õØÏB‘uºyâmá•8³U®úDþ¢ðå¬Þ¤çh÷ñyöí+øQYZµŸŠÙupÆ¶€Dm­Ü÷O[ÓºÓ·ì>Hš/u©ih’SoæÿD%o9éô-À-ezmUÞ\GQà¹Ù p¢)$BÒýÖ	(†ÿ´/šZG±Ž­[ªž€ZîV*xM1Uº¨ÏÞÑöQ£XIqÇ£Sâî—I×½™|!B(qð°­ÙI³¬üxE`Ud¿x[=ò¿5ÃRÝ@póFäŠÑ¾Àñ<Ö²}:ƒçÉÝg3cÈ1~¦(Z8Û£"ÛÄÇžB~j(ýÃ~á#°©šÊß=Ër 9^,LHá‡\îC,ª|Þák1ü„óÛÏ¥+XÏÈÑ|6”ëC*¾Wê ž¸òÿn]Ñ¼ºž×!2í:H=´óp²­B£SŸ®+¢Ío±¼Ðð|ËÊÏÁBÏþ±QŒŒKå…ÊVù„à¿Àð¸¶ßHüètYíâÆÀ ‹¼pôES%ãOÐKù¯NE`™]û;N	„ZÈ[U
yÀ?ž÷#’ã%¬/Ûâ’ÄÏ©e´+ sY“W#R”3›˜){ÚZ&ú•±Ÿ¸è½Ó±dÈ½ð®
ü}-"Ë¼PJ*&ðBH˜}²Ú–²” »K #Õœ9gîòC.Yf>lSÓ“Ü·=—1!=ËÅ ó7l=]û{Š›@Z^¦ÒœcËÉcy”ós‚ÂÃh¬)“ŠÈ©D´, N3Ôþýuœ“•ÐpmÞr™Õ¶<|Èb»dÃæZI»º6"ˆ¼Wà–OÓ/ßéŸ\ï—òÞŒ¥ÐŽ0’÷!827:!Ùumûg‘ëƒƒ¨áGð‡nREz’…)ÿÂÛÖ¶L3µ8È_È9Y'Ã„´Td*âDUcÄ¤@?Ü9íK2Ð'nþ ßuÒtÒoòí::¥2ªó_ "zOžg‘ð]—Óðv‚÷sÞ^OæD61ËˆTsê®ï¼ëte–n {¨Ÿ—çY>”¶ñ<õµ¨2vƒÔîðb&&ê†D[Àwn‡¦ñVo´}CÅ	Èg—*øï’<×œ²1Ô¡´yO¯žÅh}vLÄÂ'Z.“ú—ÎüB-¨V¼Ï3Ýüàé5ó_å
É	§/ƒŽê°ˆñ™K€;pàr'ë×>EQdÀA;Q}jâ˜òdí2œTÐ1¢œ”p  ˆÍšÚÏ„á`'Í¶V²ÙgòßŒRšTçÞ5uBþ §4Ø%òðÛð¶8#MÕÚ;|
›ž—’¿;»UMŠÇö÷à*†}c?v|zg”'{£²í¢;.2	â•â`‰ëŽdùË¦½ã«giÇo8ôN¯r]`YÃbâVæü:ã d&º$â|ªij¼“Úµõ£´3ˆlšWU„NRÖP	¦Ö}pJ[>•:S!lÝeM°nÉdÝŒÂS¨í v‚å²ˆðÔŒrÜBî ¼Ì`»Ã…9õ_ÀQÜÂÃØ§z}&sâ„*ñ6xÛáÑ–´O¾h„ž[õøÀiú÷æU¿bzéhžðâÐžTÀB>É!¹]
˜ê+Ã8ý<í ªçHÀçÁÛnDå«pö!{hM¸î3W„k5
–E.'®•âXÆIl.øWW‘ Øâæg°%tØ+\5ªÂÇÓLÈ¥‰÷_¼û¤Ê.’äù²»íä61¿xÚñ°¢m>@ô#d‘ãgBMQŽžÊú†1¤·ÃÖ¬æÚºMÆK)ú qÊ>¦»ÉNÆ¶O5Õ; àa˜¸( G\(IÞtŠ`8ÅùÍ£ÙûÎÏ'ÿ™PÒÏ°×S¥ÃT`-ùZ>°=$KˆÑ»W£,µá–+á‘BøØ>j±³HëAøð™êx+©–òÒ„&t<‰Äèãó—¡þp&y!ªŠ–ŒBe·Å†œ—?‰¨T¶T3D¥^
„ v©DÿgÔÕý²Õ|üVáëÈ?ùÍø8– 3É‡œ].Ï%z!w/ÞÒ”Èm!e©+e’ŸyZŒùS'ºCÝgRJâÀëKÝ‡0ÅR‰7ëì1>y‚Ê¬ù¤©%1³‚ö2ëBõ%>OB+3ç§bÛøïÚÕbÇFÆÞá—'ÌÇñZoyf:ÊÀç‹§ÁIë$¥X‘r½²}nª5óçoyBsÚßÏöSëó{Ðõ‰„ø¥M“\ÿ®Ÿáô¼ÈNs)Š_²ŸÛ‚’·œ»—T§ºÝ{ZÕY#ÛÒŒp©ý%»Ún…›Ïý;œ©ÁLšEª(°­|ò‘ŸoyÊ/êª #Œª,›Ñ	M¹<E
Î^×òMWÔþ.í×³øyÔ »sXz*Õ·Â ÚKy .Î×Z`¡ 3‘{òmú,N ˆðÈ=5öÀd1#‘M¬jJ$c‰ŠHJ¡©úáç×CÓ‹*ß„¥¸Ê¹Ðœ…?ªÖ%™/ÚPª7B[uoµÊïòMÝƒÚgo”ªÈ@y±ˆ$'FÆÆÐuT¾iž
Ö¨Ô6rÀè×kz4O¾‹Xã#yõ[¾ö½öõV	Àgt;8 h/_õUQÐMzïnƒ—_6âp91éÁè¬ªú•û	>LÜpœ;_gðNžÕ/`Ã­©{‹­¡OŠ¶ð›MŸG…WÓì¶ÆÍ”½{Pƒâv×3JÔ¢OVô—Up?ÊaWxó4ÜÈ'îØxü’º-L•>ß	ƒ•ì)|-º‡ ]+$†ÁgÁÐX{íd÷ýÜ„>JlËÅàtçÏaÌ†
¶ýè>‹“Ó49ŸSÏNP<~¹h3óò¥tTcÞþ×¾ùÿŸ†H¿Ô†ã‹HÑ<( ?,±plëÅZÞì[†®Súßçyó[×¶MCÃ£ŸyÄFþ¨k÷VbSiè#?ÅMØepÓãª–`N§ˆK’!/to’ç{½ü…WYÜMÂçZšî½)ƒ'¿”e Á£õˆ¸‡±°ù)ÓðB@î ÖúFÐi›{pà¬îâ/s#€ž~§6ë¥LŽkøùÒ*Ë-N"J.…%™"ÎÙÔï’Õ*Åñ,Q›¿ò×uwF"$SC)*®¦œFö»N%[xÊ9.œeHy¯’¬Éeê­¾f((±8C5ö¬Á€ø¼CÝ©8~1€äo¹c¦wìþî\¥÷Rsá¯¶Áÿòr[@îpªøs÷>ÎkwÌ ˆÜiÜ´= Ùì‰`„†úÓï—ï u2]KuÔ« >†æøLèñ*¦)NÖñß¯Ž›©\{»„ÒN©ÿ¡zñÞí$xò{–‡iW¤J€²¢$äªwÑ@WÐç.:èÒüaK íÉY‡âÇÅó½/ò¥æ«ÍP ±ñvEUî$J\—Tðgá5ñÔÚ(h›¼GÙ‡*—~-ÂGœÇÄGBæƒÍ0CQ˜n¬H­Äty¥~Ž2¼ò‚æ4¿ªá§%kÛmGZ‚—Äè?¦˜õøÀÖ+EBNô³¨÷ÕÎê8]9’<cÌÛëSZHb¤²¦BþÛÔµ<¼¦º¹Ð¯7£vëÜlPlì(–L±¬ 	#“m†Jhƒv“á&T¤Å\ƒùû…Ò¦°bÙ)és£vüX`róž6zoåÙÍÖ’;7˜‚‚[/üÐœQþ°¡=±uÀp ûýÉ¥ã÷¸#ºÛˆîÂ°‘€òïšæÿ]®˜ùJ³Œ$ÅášÖ­äÔË•Ú'œžùTŸ\Æ‡4Ô$ïˆ ÈTÈ{<0I(ˆö`M³<ÅbÄ%‚¦kØË$uÌ„Ý%8kIMçF\!Î°•b¼WÞp©ÛúÎ4¤ì¡mÝ~(X!¼ñÛ÷œtÞl7®¡£+€¹\Ô9!„M_wcl)*â5ðð	À·§ó`>/[FíË½ÍÒ·»Å‚^à=¯ç¸T¿Ü÷÷†û<þ¤.UDÜ×IýÞ±¿°×âçÉzLaC'UVhˆ3q:±°Q‚Ð/Â2Ö¾Àq@µçåopO<•Ü½óä6¹7@ ÄÈ–Åæôñ?W÷¼õGŽ>JÏh£;ŽN	ŠE»NZ±²‹=•ÂÍ†:ö$åF…<úõ0í$Š5êˆÐ%7rEûmæ\$üƒpyÙýÃ{Ot’¨˜-ˆUœ
ß‡­Öç6¼Ø°Í/	¥žEûQžçªÃÁÔCš/Ý7&·  eC«œDþÔîî©‡8Œ“Ÿ©™”4ÿÊÜi®˜‚ýxþÜ§äL"
ÿGqiÏ;áG·êP¨yÜXýñnªÈÏïY¯X±G¤ïŠýÉ(nõ~˜h¨Ý› â‹»Éjr¢è‹~jûª†Ò6‰˜Ý*2yCMÞxiÏ#þ(…Ü§-šneêŸ¹Xr˜Û†Zwµ“pD‘¼Š¯g’Úö±dzÇßðÝzVK1öíIÞj2@/ÆIK­]9¾!uŠÏ"Xƒëå•‰=uÎ(Ù9o€|PªÂuqÐÈÁd«	×œ]éL¤=´‰âõSPÑœ·›H‚8tÔºÖÍƒQI%#ÂQ3cþw•ÏkË¿^E¥¿Ÿãw¾:ˆYKžÎ'-´üžË’<E4.Ä1WÜ‘R«»GÖÏµmOHz‚f¾Û*\6êJuR&¬ÏÅ$hø8/Hâ~y-+f6<" w“Kö}HÞóLycT.}ãÌ)ÂÙgú)Ú²·T}öÑsúÁž #Ð†ÀÛ8lÆ!À~á¹'Ñ§'…]¥)Òƒd£Ø‹×ŠbH·¦ÂË„Âç²Úàš€­Í”‘(°Kã+ƒà¦ºÆ½½°®b%¯ù~æ8øQmzL«9rŽeº—‘âzH¡É_s××
öq$?‹Ä•8Óæç]ŽDÈc°"?ïˆºZ=„>ÐjjH3†"àAö;!MD®ð¶ü)½žt¨ÖÉ2[öl»Ì¼‰zØ¥šºë|­|„žâbŒÂîd|2¼†þúXIXMÐïXƒPO­e64Ú*v'áúM}?ž³(%F˜ 9VB(ö‡ÐíºíÏ—Áªôµ€U2WÇâ:è<RðDj'eE²arçÐ_YÜD²½ä.çÕt0ÅËü¶Ì˜(Z¢"®±ê¤•¿a\CìíÜ'7÷ºÀ‰ 	™åæ*?1éÜü‡ÚuÙea¹Ê#bè„ÃÀPù·xÂy¢›Ë))$&bò¹Kp¿S”)•3N„Žrq Z'Fêÿ•š^ŽÌcœ >
5ø„¨™3ÏDÉqÖÉ§¡Uœ¥Ó¼ ";òW#´î–=’ïuÓ†:ZÊ…´¡P#0|¤$›^ MŠ–ÉüµdýLŠ;’&:¾Û|²¡„+-LYÓ Ø…´4, ‡6Ýdº¼þf@ñ‘·ôŠ4ú£*ü`<–—ëŸ¯ ØAŽÍ^¢§œJ8æÃàbÞŸÌ8¯žò±køë/žœ÷@"Âú{Î¦Âø€ÌÑ«rkOBÂPñû6v²ínÔ('ÏQé^k%Õ=M¿i>5¾…täÇ\˜Å$ÉU¦¹×v‰ã³ keÑ|Npø‘`o	ÿoó'Íþ‡ø2i€dòøÄÉm«\äêî]2O˜åæO°®œnE¶ø¿viÉv‘Å’=âûeº†¶aHÊÎr
2~Zú$‰© ’ª×Û÷úÃÀ{Ké…ªÉÄP1y" ía@£(£Õrælþ»KÚÍrú_e¡OÍñ/ßŒ|ÓaÌ¼ÚÆ<^kô¾ÞósÕNn£!ÈÚ¹“ÌW!Žé™‚²©]b!µÙBûÛ|Í¦øäïÀé´ÞÓ6(^Cr&¦š¯#+%¥|É˜Kf£[Ï{òtGŽ¸eÍFRNéjyž7¤ýŽpÏäôÕŽy`Ò˜èÞw4¡(ÄJ÷²¸qq½øÙêgÐ!{#ze.µõ’18S}S«¦ñ^†]QddCßGË(‘Ou‡ëD3àOQŠêGCeEŸr
ÒÄô°mXØ[.Z;¸	×{±¸z1#K{Kî»5ÏdÊ˜zžw•
è¶EÝÔ÷¾\qã	‹‡Èj¬.3‘ÞÃ‚(yðÀß˜7$Wó&]²qãÖGL"Ì\
×.¿GÐûÆ²ËÈ5¹Òo.kð%KÆ¿˜ºªuDéš»¥÷+Š¤Mbÿ’ìsØ;ªûßgÅ™îÕÆÝ¾ðZ*Ñ«0šFc‚+³Uöªö<œýØS	Bßc¯¼„®-Aü}Ë-:­«~
ôîh9‹¹(EÓ¬™($†	ø)‹ÓLŒ#ÒÏÕ×ª¶?3sþ›°¶ðÛ	 IÐ§D•óôã°¦´ë97÷{“rÏöüžaØ…*Ì*M^U÷Çéq(cû
o^\*¥¬ó~oÞ_ã)žûÚSÏË*…+¢#Ž}qû™£ƒ˜yzaSh§4(ÐÄ¼´	üSE†Tsö?´”"›þ[®ƒzSWîÑ©}©¤AS”Â6Å¹Ë„+ì¿¥€œìöš§Tãè]Ñ˜YQnhåXvÃî.éöž•9Äƒ.²ÅÓÛDz÷Yslà û>@†Ü¿>ƒ!$åÁ[êä–Í¿Ó®¬Úc418ï§˜œE½#¯áÁý¾…ÍHÀI_ée©€#c*÷î»Îÿ¤¶ÿò’!ûdóŠ˜úDé-n½I'ô«Ø0w)Àþ”ŽpYˆC€ÍúúÜ3ÙöîÅŠ.z˜Z½¼ÆxŠ•‚±‹M(*®šÖÍ>é¼ØPPyÀ¬)rœ,à/ü‰üA¡æ¾õý*­©¼ä«1)j˜­¹Yü=éûaÉùz`h‚h“L&·pÓ¬]c|¸Š-~§P%­ÃD RK-eöüo× ¼rëcGïƒž]´Í½WB°±!à_ä¼³Ø·ÁÎú,}IØ
ðÔN“Ž¼\r ¼õ~Z§léKôxª3‘K}š»h,Âå.Zyƒ§e¼ p_ý 5}‡VxVÅÍ#Ññó‡íˆª¸Û9¿œÿÞÆ@^‚hõ´ÚÙ‰íÉ[¤ì$I~šÄ÷Ç˜‰ÚþõEªm>çñ¿ç?Þ‚î_‚ÿHB#	"ìÀìÎ(qhobÁvHÊø"Þ8ŽëÞÒ‚ºãG íòfò‡-1;¿«Òµ¬@À«X ÈÕ¥¨és¨i}`v‚Â«tmBR[[ :ïÝÒjÕY)-^§2Åkª¶$º÷SWÅx†Í¼ànF2]rõƒÌí»}³­ÿÆƒÅp2ŸÐJTHåÀ°x/¤l8›ÂC"&ž¶¨ÖÕy-ëÚöÒ4eŒkÅ¥äÊÙQû&í/[]ih©M½U¨[¿G‘b‹1å¯˜g£¤Z6S¿\¶ã.•Õ{‚Õ×òHçì<ê{f¼¢YÕ	1Ý T/›Q®’K¤HxÚmð;å”ùºvMÔÖÁ„ÊÚ8ÍvÂz}›óIP×Îú7 À<1ÓÎp Óx“WË^Û×eÆþ:ÏÅÇ#ŽŠZÎÐ`Éò»ß­5t‰¥
cò—Ëò4ÏRønï3Í¬€ŽÒÖ»Ë3Xóð§–sŸÍ¢Lºé["­ÈÄYªCåDÄ[Ú;c½SpŽ¬ÿO[eu•ÕC¹ k>É]¬©³ÅÑ´ƒOû¾4ÍÜwjÔÎ ¤]Œ•“k[A[2s:>£á«_Î­j,•QÄvÙƒ”ðög×áIÑ¢â3]c4ÒtûŒÒTÄ>hA(n ô®Q~á»¶ÆJê…s¬jäôú£bË«§¯'²HžÙG‡¾HòÆCnäÚíbjOqPy9=Ýf@ž‘dDu÷óÕ@œy\2šž¸âŸLr²¾r—ð±Ç¡×?§Å>/¬~ 9C×o¼—î&W©ƒ¾Ó°e½­‚Í&XÇPÝS<(ˆí×è¼*€fŽ³™q;½Â§Jæ9ïlº¸nå}!…ÔÔËÌ¶
)ƒ4š¥áê.‹_ÀW”¾4Ù©ªjns$¤pÌäÌ€ò&7ê,øÖÛ«Ä¹ˆjè}Þu¯oÇªÞy¾âß£,Í¾Ò„¼>ô³2ä$Àxâ4Œ»g¢Fi¶;©œïaÈ¦E~XÎ­V¨Îœ˜><,I–3pwi­g)Ê0-Þ57;o«©¬œ;ñ×ÎF+#9šVmtv‘ºDXkt0ì=†$)±8ˆ8CŠÈ:ô7Äpf‡râØ,2ûËÛ„*­„1n-ÐãW?3ŽpÎ÷ZKŒÏGŠ§ß¤P=*…tê˜"ó×>'d'«Htu»º3C‡¾ÛÞ6´ôÅ™J
N9¦ˆÙéã2NiÄ°p“híW§ü	ÿŠ{´@Oa›$Ï¯Ô
{5vfLlKÓÄ^¥Ï˜þw¡¶8­r®l~…ŒšÏõSçŠ¶í+,Ö_7m^îI&Ž@x¤°)uÿ+qNÙ™’ÈÙz·þ§ P&Ñªã"G.
‹˜A3›ÝÅ®PJö-iú>íKƒ%®ì-o…9ÆŽøq¸“#¬(üôÛ±¹Óãá°/ØèÄm36 «ÇÃk¿àÉ¡ÀòÝ?îø3/§ðn„]L¬/ù¿¹ÝâHÊoO‘Ä×Ñ)B°rDX.Œ±ÌRGèbœ¾íM/Ñ•°¿ážn¾pË7ð
†8Óøt¢û Ë“Â7ÌGq”tx“™`è[y»_w7ýök,wuyäÏÃ\;ì$Ðbú)æÇÇí)2æöŽ*T)W§;EÊkãÄ±P™m"þ&â‹L°ms€WW+íz]ˆB/ÒêuU½¶!d_CˆEÄL²ÓQZÙêØ¹þ“ü2íÕÍH0©Õ‘ñ»ëM<¼ºØ?ÜÓ7C¤\–¸;Eì¨"Çò
Woåk§L)pDéõ®V¯Óû·\>*€ÌOÿ¸n*&.•ítk~ãêÓ·¾Á	ö±}áÒ&=Á…“ÎÛ{1Ò5¸ÛAjKÝ¡þŽ ”¹Ã?|etlŽO8·ìJ.:Ô‘gç$ å§‰/GI£ñx)õø#¸kOìÚ´|PÆ×”hšè&Nƒ)CÓìL×Hcìø.‰IxÙ	Õ"ðÒ-‹’™í.‘âà'#D«|ô®Zß&¢íÃŠ“çœ_yR”¿]Nz7(ÊøDiHÑq½Hz•+nºgÊvìYb¹vŽFK«•1Ÿ±ìâ´%Êy±Ý„ß‡	Qf¾×>b=‹p8&¾ÌÜ¨Ò/0k_!T,ŒÓ¯Aæª$”¤×ß1C™µâŸÎ¬œFÝlÅEÛJÎ~²XUâäup¨±Y¼¬ÒãN¹{ÆÅY(ÌÝ ÂÉ…|Û/Wñƒcåª³or­Ì–zñ* Há‹jMŠG.0Ú|¿©èktëzh€Þ±/£+„Vª…€BÀÝWƒ‚êYRÐULû€RA«z_„¦"*wÐ÷¬’ûÓdäV‹Ÿh,fšé!·Kü$õV*2´ÝRù
pB0ÕÞ»"úzü(XõU—‡vx³»À54®_ÿËÄ“ IIiß"­BïC“·2d‰«Lˆ!œŸU6
“u6ÍíÇë€¢‘»GQ£œ‡ÁÆÒ(C¦†ß6²31‚4ï*À5ÓÎRê³m$¿œÓ½Râ6¶Fyàd‰* ¿fqQléªq,v‰	%FByLA=#\™dTís¹±t>2mRk`úeôfŸô¾oJ` \,åèþ‡…Jàoãâ,À@L¼2ªrS¿ä4øpp«Î\2¾´itÝâÑ¶¸ýÔB¼jx¸…Ãÿ?¦ÌZ'Ñ3Ê–v	ä–jý1mD 5kmª'zÍÖÞN6	œÜ>.ˆÉ>\w6z„»¯Hö›|y…ù†}S3åÁ—vN¥ŽÊ_poèó!A´ÏoRu<—_Ô5,·Ñ’Œåû[N_m‹Ü¸'æJÇq¬JèŸ+“–$Á<N …—SH1Tœ†€3c.'«!Ü­$˜/È/`zŸü>œ5³öé`c4¸Á×±<¶Ü³+À®ÉÚ¨vÙjò%?±%ñ…³N)Ô^{À=ÀpŒgÁ4"ívã›ÁßîfOGcÅýùçF÷½ìòÇO]y’“‡Íÿæ?²ÜkjM!ˆ	«“ßÆÃ¸`2[³6®=ä$ïwMÕ=hèÞT>eL$’?8.áL3ñË”<Š»"Cv)šÜ©lÉJó™úŽò4Ìþ3ok×ÑTÖE	_BBÜa§›¤ûÄ¢>EÒ`ÇDƒ%ÒárÃJ?ƒ.|áh¤Ûý˜ýF·pmåi£N¸¦g}‹åÃúaG$m¯jN¤2N-`]®â;¶ßfZ@‹—Ež\þËçìÈN©ýýãµ¢Ž1g²)›Ù~áëµùMx;€m9šf!³.â¡¶‰kþ¼ÕÒšæˆã[SÕ¤5™½Û;QLc:ƒ‚É¤ðj1‹XG›0,\‚`t“éêäî>yµ|ðÿY×ðÔ0W68^ÊÎ‘Uv.È=ÚÃ’ü¨n'lzÀÎÀkç(â Dô$f$€‹D7¢ñ'e¿ê63~
ÇÌ‡` ,Þ}ã—qt4·]5LºÌ{{càƒ¨ÙÓÀ™ª“vú³Uq‘®z›ä˜z}’z@o¡îä´Íõxp#žë0§£_uÊ"üVÇ{ýé[3·k}@^,iÞ’Ê.£u?¼Š÷M;9‡tBÏIðR¼ŒÛò4ZépÖá|ioô^U{—‡çC\¼<(±„~;1	§Œ]okâ†X¶Í!wšØÍÈ`JPý¨•Wá$Óle½§Q­"Ô|Mâµª[±ý¥á¤ÁŒ²ñß;®,…cž„§Ë |Ö“¯„EÓ„“‡²lîÁ*ŒT»†	ÎT&‚HîmÓµR,\£B2jôˆ7vßŽ~Ÿ;‚º#·ú8Ü\—¢I4·k]TDÎÌ£)*f¶ûæþÎÐœèz,nLVLz¹ë[ÿù'+¡Ž¶n±¿†3|ù6[ÀˆÕ .,9î5_n3‡	4ÔÄH+V°î¤ª`5£*c6M0™{Tmµø:uøý™¬?S=ï’©wki_ÁÒ–ë^t‘·û@Yßiy'¾H)†Ó­@,uQ¿ÉMüñlªë3Ç;d$Mcî…÷©æ¸È>®KŒ¬þ3£Ômë÷Fü"àÚ¥}N@}Nfü¬!èÛrÀãS(,Ñs‰É{'Éé(1ge9ñ;/§‘ ¦ûê¾Ð;ÿñ‹ã‘Ñ|ÄÊâMù ÚÈ>Å R˜”ë{˜Ì­¡w‹¬þ½õzúé‡ÿNF)Üù<xž!{fæÊÐ
&â›^æ~üÂÈÒœ‹YBU‰'—y:¿Äk ÷J~K²—Ó(Ônc©èx¤FUmžuttDŒ@‘?Oâ¦¢üÍtöW°ºôE"•„€)$ˆ1)¢ŽnHÑðQËêòçv%}o-ö•7nóFÂÙ-/v9ºÁÑ%ÝSãnˆ{­F*æ5x/»Ž”Ë V3IÏH
žu4û‰Í~Í®}p;!Ç.…RB*§ªù‡¡SÞ†À»<Jþ´~àlíº2È(³q–¾–4Èµ£ÌÑvf„2ë‚`@<½]×'b€{†cº&§¼¸D•Õ‰Â ÝÏ(M”'Ã’=4‘létÉðˆâ€}’Ý#£Æ_×á¹lú%˜TÚ;gã©RÊÓÐÜ¬äÈ3ñÓûõÞûÔ¬ÊÖ(Ú·MpnIHúá¼”±hÔ–H3]dzmty,y;¹Ù6¹-œŠoGs; €õ„ªY«´2íàá@æKHnÖŽíîÑ D¿¶P•Ì-á8l›ÿÎ^$Æ"@Z¤‰lDÁ£u’R³¬ÿ+\£‹­MÍàˆÁŒ× ËGÌª@©eð^FÚQm{|x¾s9,Ï–$šk¶½Âû™•@ð"&ëR³Õ
k¬ø¿æßªhæDj/±8ñÄ±¬i~uÀ^[«éàM„½?T†Í'ÎwTc§Ê¤•×¨_E—0i9òœ^@žW0Çøû:;õ÷&~Î‰dÞÍüâœwÈ¯“N°B¶Ø+d#g¸=\JM(~I¬aÀ€Ã6®ä	ˆú>†zS²Ñï’ÎQS‚*†:tqô©®”!ÔAŸùÈÑˆ¦7µ'}Ýê.l‘³rµ*ì@1p·3ÂElAdöï X«(ß&mã­ÊMè†ÈãÛ%…«%Z{ÞxÓ‘\Û+æiÉšã‹d¤hø^ŸÀ*bÕjÚ@ŽNžcyÈ3¢¥Šà¾±)u.V È·u\,î7«ë#Æ+ÄÖÆ\”–ôDƒh~šoc/dÊiÉiÑPP+ÅY/9s~€6mþÝøÚEyã;ôÿPßÖ_šqõÊx*“ïçâoGÕ›–Äök¦n\÷©z8sìý¨D¡v(#+89ÔñN0ñÎËÂEÁn£¬½ì 8æN5æôéü¨H	ŽˆƒESòem1Ðõ=`¹bqšÜæ“æ›…îÇÎ‚ˆ$x²0~%ÂWoæ
¤@À‘#;š ‹ÉY)Êúž¯žûþÛz½oSðþ)”“Wå§‰z]‘páM¯&.µ¡ÑTXoÿ'õ‰ì+z{k4+ý¸Öý£z[è*¬ÿšÂþ`0šñ+AÁ8ËTäc#"vº<ô—@BÖÝ¢.&Œ	êÑO§_Q;v†qIÉTÐo§LTµú«à¶ÛK•FÇÊB»‹GóSSú¸†á/'Ÿ›¿BÒn˜lMöo¯:þÌ°Ûÿl |™“„}b&éÅW)œ­rƒ·¯R$Žk88É›S½#ãð±”3íGò~áTCNˆÔ8Vó[·òÑÇ¶lÆÏú›™Ûhðò™/:FIG@[Ý¦P¡8ñ˜6Xl›’å§"É‰$ia;RË¼ÇØ#ˆêÌ&œN¼Š•qIxÂtï·ÝY³ksfÖºhÌ
eÀ~Lwì=ÕkLÐU]v™ “¾£–àJ vü¥zq9TÉ­BØÄØÇlô“*“4±µ³}”Ë3ca}›•…‚ƒ¦y`EÃ}¯ü·P/hÐy#}NŽ—{úúDé?B{µ¨èRgs¾¥Y"l/ú;ÞÊ´šÃ‘Øf®0õÍ’¬}ˆ¶ÐÇ›ìð‰SñK^Ë$Ã¯ !¬;/¹çcWz
l·ÜLMN³6ïuÚiŸ$FÔ»18Äj?ÀQc ŸLÙ’qéGQGwˆÁ)|Í½ŠÀÈ c§­<Þ+n!Ÿÿ¼æMEµ¦MeŠB3«ðÞ’×…5÷:Eœ!57Ó©ÆÆ’¶)JÑ.æòÄ¡%ÐÄøQZÛò‡K|{üÈ»Ý„žUí¥Y–rÆœì·5vÚ±Z\†$”%õt~EÃN?]nÊkÎ¦Z!¢|Nîí ¶bF‰ý ¼	ÛÃTX•´Q›@{¤Ù ³”ýîæ0Ò‚N[„K÷tåóÕ8_ÿÃA…¢ ¿!q0¬øø¦±vdRzg¬Œ°qoˆ}ä±î ƒÅ¾ÿR¨èÅNõÆ?Ì«â4rÓƒ÷/
vÖYûi9Ï“eL¸C?ùØF$dÝOC¢9xsvô†×mIw&ò‚¬ÊqZ”•ûâô«s§ÕrtTØW„7·)FBy£-À‚¿>–þ&¬šéò1´Cü?Ä	å‰Wü±®Öº«b“/õ`ÉÞìð·RÏÏ÷,–È«‚ïßÝÓ×ÊX›{!ŠìÐ*’+CÞChæa°ÌÌCÑs¶G|ŽÃÂ>M‘qxµæ7~Cüá1ÒQûnaqJþû†qŸv€¨Æ»Ø‡	$Ã¢­Ä;/g‚…ãefÜ¦Q’3Õ¸{q$šê[EâM^„Éøëð^p¬NI·;j˜MÖ¢üîÒlL
î;fæs”«ú26D± ±~mF…ÕÐNÒ±ˆ<ùv8IÌ×!ñ]^M²ûæøîTâ¢ðòœNíÀÌYýjMLx!ìp×`?.~7TÇ[‚7Ykû²Ž›saÎÔT÷ÓäIé‹Àz!‚•É&'ZÉÞü¹0’lkÚŽøt×uê.£Y.þåÛm‰TéÃ‘¡øÄ4Ì]/Þ¹Ã!ª°PËÄŠŽ:ƒüó›5ÎLý)öuípÂh{í‚ë™ìÑ€ðöâ¾,Áíƒ¸!ª
³t‡¤NùÖô¼„>Jñd'Ç–îçmÐ¯$R9¶aÄ´‰Õ$R7ªúIWÙpAŠ¹o¶æêQø3@FÃh™·‡ü‹Ì†ªÿÍ‡ßý]))üY¸h“c±$L¨–ÂÅþhœ2€2¨¨5$; â˜8iê·¦”EÄü+õË?­•önR]‘æC“X¯î$Úp'?œñ!—F˜C½e?ò¸ñ¶åÄ’5FC†2c~Hò.º×ÕŠmí#/(ZD{ HÏiî=|ün­F(xî›é´D\	sNt7êÖñËãd½FË7¹²êµg©qz’Û+½D&K–Hº1¼+Óu“OšÂª“®04¤0FHÕ„i$ø»£ÃÞPÅ;À¾*hÏÖÈ®ì?Ô<¥Ïº|Zƒiöþ×å¾™~ãßEõq³jŠÓÑo¸4ËÁ\Œ;éð: »ÑÃôé.˜±Õ¶0!¬CÙ˜V`;£—Ë•âJ‡E¹Ö'~Û²Z¨œ­f]¾I­³o”»¨žL/»Z7×…ÚL0MÚ%[SÉú/Â¹Û}T%Â%5AS× 3Døº¯^Ä,ãŒë…/¥å²fr¬\Õ¨{]¸xM°8X&ÏH+mç=AÚ“?ÀÌf;|«û+Î\í­W
¥¤.6µ…¸KgU&»8²¾vã=¼„°Ïí!ð7SŒQ[í¶1>…Œ#¯­ûò@ ì!ËŒÀ±ÅwÑ¿ :¤e,³¨)à{¡Yy?7¤Iés`Ð×ïËÖY>–Éeç>}ÁrŽU1¨åÄ°xE{ðå$ÀiøáSG"RY÷µ÷H<éåX4‰ð‡À(A
ÚõçC.p=LABíêÚtá–»-­vÃÝ<0ð§l§K'²î›Ôîð1óŠY¡¸±“¬Ç°»¯›hJVëÕÌšÆ±»œw‹2BûìÌ    ¸Ÿ¥¢Æ}uëc;¢>“Œ‹ ¯ÛX¼˜;É±šµ¯ í‰Ê‰Q—ç¶éß    
YZ