nss-devel-3.28.4-1.0.el7_3$>vtYIΠʴunk=>8H?8d   Q CIP4 4 4 4 4 4 4444   (@8HJ9pJ:XJG4H4IԠ4XY\ 4]4^׼bdeflt 4u4vڬwۀ4xP4y 4Cnss-devel3.28.41.0.el7_3Development libraries for Network Security ServicesHeader and Library files for doing development with Network Security Services.Xƃc1bm.rdu2.centos.org CICentOSMPLv2.0CentOS BuildSystem Development/Librarieshttp://www.mozilla.org/projects/security/pki/nss/linuxi686  YRCyQ@V`VpV'~@U6@U6@UAU@UUUݪ@UUȒ@UU@U'U3@UUx&Ux&Uq@U?v@U8U0U-@U'@U:TTq@TTto@Td@T)IS@S@Sہ@S@SnS@RJ@RRUR۾@R۾@R@R@Rx@RΏ@RkR@R;RiR@Rz/@Rv:Rt@RrF@Ro@Ro@RnQRe@RW@RSR@QQQ@QKQ@QQW@Q'@Qq1QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.28.4-1.0Daiki Ueno - 3.28.2-1.6Daiki Ueno - 3.28.2-1.5Daiki Ueno - 3.28.2-1.4Daiki Ueno - 3.28.2-1.3Daiki Ueno - 3.28.2-1.2Daiki Ueno - 3.28.2-1.1Daiki Ueno - 3.28.2-1.0Kai Engert - 3.21.3-2Kai Engert - 3.21.3-1.1Daiki Ueno - 3.21.3-1Kai Engert - 3.21.0-17Kai Engert - 3.21.0-16Kai Engert - 3.21.0-15Kai Engert - 3.21.0-14Elio Maldonado - 3.21.0-13Elio Maldonado - 3.21.0-12Elio Maldonado - 3.21.0-11Elio Maldonado - 3.21.0-10Kai Engert - 3.21.0-9Kai Engert - 3.21.0-8Elio Maldonado - 3.21.0-7Kai Engert - 3.21.0-6Kai Engert - 3.21.0-5Elio Maldonado - 3.21.0-2Elio Maldonado - 3.21.0-1Elio Maldonado - 3.19.1-19Kai Engert - 3.19.1-18Elio Maldonado - 3.19.1-17Elio Maldonado - 3.19.1-16Elio Maldonado - 3.19.1-15Elio Maldonado - 3.19.1-14Elio Maldonado - 3.19.1-13Elio Maldonado - 3.19.1-12Elio Maldonado - 3.19.1-11Elio Maldonado - 3.19.1-10Elio Maldonado - 3.19.1-9Elio Maldonado - 3.19.1-8Elio Maldonado - 3.19.1-7Elio Maldonado - 3.19.1-6Kai Engert - 3.19.1-5Elio Maldonado - 3.19.1-4Elio Maldonado - 3.19.1-3Elio Maldonado - 3.19.1-2Elio Maldonado - 3.19.1-1Kai Engert - 3.18.0-6Kai Engert - 3.18.0-5Elio Maldonado - 3.18.0-4Elio Maldonado - 3.18.0-3Elio Maldonado - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.16.2.3-5Elio Maldonado - 3.16.2.3-4Elio Maldonado - 3.16.2.3-3Elio Maldonado - 3.16.2.3-2Elio Maldonado - 3.16.2-10Elio Maldonado - 3.16.2-9Elio Maldonado - 3.16.2-4Elio Maldonado 3.16.2-3Elio Maldonado - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.15.4-6Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Daniel Mach - 3.15.4-2Elio Maldonado - 3.15.3-9Elio Maldonado - 3.15.3-8Elio Maldonado - 3.15.3-7Elio Maldonado - 3.15.3-6Elio Maldonado - 3.15.3-5Elio Maldonado - 3.15.3-4Daniel Mach - 3.15.3-3Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-10Elio Maldonado - 3.15.2-9Elio Maldonado - 3.15.2-8Elio Maldonado - 3.15.2-7Elio Maldonado - 3.15.2-6Elio Maldonado - 3.15.2-5Elio Maldonado - 3.15.2-4Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15-6Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.14.3-13.0Kai Engert - 3.14.3-12.0Kai Engert - 3.14.3-11Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- Rebase to NSS 3.28.4- Restore ssl-server-min-key-sizes.patch - Disable TLS_ECDHE_{RSA,ECDSA}_WITH_AES_128_CBC_SHA256 by default - Enable 4 AES_256_GCM_SHA384 ciphersuites, enabled by the downstream patch in the previous release - Fix crash with tstclnt -W- Always enable gtests for supported features - Prevent ABI incompatibilty of SECKEYECPublicKey- Add patch to fix bash syntax error in tests/ssl.sh - Build with support for SSLKEYLOGFILE - Disable the use of RSA-PSS with SSL/TLS- Remove %nss_cycles setting, which was also mistakenly added- Reorder cipher suites for compatibility - Re-enable BUILD_OPT, mistakenly disabled in the previous build- Remove mistakenly added R: nss-pem- Rebase to NSS 3.28.2 - Remove NSS_ENABLE_ECC and NSS_ECC_MORE_THAN_SUITE_B setting, which is no-op now - Enable gtests when requested - Remove nss-646045.patch and fix-nss-test-filtering.patch, which are not necessary - Remove sslauth-no-v2.patch and nss-sslstress-txt-ssl3-lower-value-in-range.patch, as SSLv2 is already disabled in upstream - Remove ssl-server-min-key-sizes.patch, as we decided to support DH key size greater than 1023 bits - Remove local patches for SHA384 cipher suites (now supported in upstream): dhe-sha384-dss-support.patch, client_auth_for_sha384_prf_support.patch, nss-fix-client-auth-init-hashes.patch, nss-map-oid-to-hashalg.patch, nss-enable-384-cipher-tests.patch, nss-fix-signature-and-hash.patch, fix-allowed-sig-alg.patch, tests-extra.patch - Remove upstreamed patches: rh1238290.patch, fix-reuse-of-session-cache-entry.patch, flexible-certverify.patch, call-restartmodules-in-nssinit.patch- Mozilla #1314604 / Red Hat CVE-2016-8635- rebuild- Rebase to NSS 3.21.3 - Resolves: #1383887- remove additional false duplicates from sha384 downstream patches- enable ssl_gtests (without extended master secret tests), Bug 1298692 - call SECMOD_RestartModules in nss_Init, Bug 1317691- escape all percent characters in all changelog comments- Support TLS 1.2 certificate_verify hashes other than PRF, backported fix from NSS 3.25 (upstream bug 1179338).- Fix reuse of session cache entry - Resolves: Bug 1241172 - Certificate verification fails with multiple https urls- Fix a flaw in %check for nss not building on arm - Resolves: Bug 1200856- Cleanup: Remove unnecessary %posttrans script from nss.spec - Resolves: Bug 1174201- Merge fixes from the rhel-7.2 branch - Fix a bogus %changelog entry - Resolves: Bug 1297941- Rebuild to require the latest nss-util build and nss-softokn build.- Update the minimum nss-softokn build required at runtime.- Delete duplicates from one table- Fix missing support for sha384/dsa in certificate_request- Merge fixes from the rhel-7.2 branch - Fix the SigAlgs sent in certificate_request - Ensure all ssl.sh tests are executed - Update sslauth test patch to run additional tests- Fix sha384 support and testing patches- Rebase to NSS-3.21- Prevent TLS 1.2 Transcript Collision attacks against MD5 in key exchange protocol - Fix a mockbuild reported bad %if condition when using the __isa_bits macro instead of list of 64-bit architectures - Change the test to %if 0%{__isa_bits} == 64 as required for building the srpm which is noarch - Resolves: Bug 1289884- Rebuild against updated NSPR- Change the required_softokn_build_version back to -13 - Ensure we use nss-softokn-3.16.2.3-13.el7_1- Fix check for public key size of DSA certificates - Use size of prime P not the size of dsa.publicValue- Reorder the cipher suites and enable two more by default- Update the required_softokn_build_version to -14 - Add references to bugs filed upstream for new patches - Merge ocsp stapling and sslauth sni tests patches into one- Reorder the cipher suites and enable two more by default - Fix some of the ssauth sni and ocsp stapling tests- Support TLS > 1.0 by support while still allowing to connect to SSL3 only servers - Enable ECDSA cipher suites by default, a subset of the ones requested- Support TLS > 1.0 by support while still allowing to connect to SSL3 only servers- Fix to correctly report integrity mechanism for TLS_RSA_WITH_AES_256_GCM_SHA384- Fix checks to skip ssl2/export cipher suites tests to not skip needed tests - Fix libssl ssl2/export disabling patch to handle NULL cipher cases - Enable additional cipher suites by default- Add links to filed upstream bugs to better track patches in spec file- Package listsuites as part of the unsupported tools- Bump the release tag- Incremental patches to fix SSL/TLS test suite execution, fix the earlier SHA384 patch, and inform clients to use SHA384 with certificate_verify if required by NSS.- Add support for sha384 tls cipher suites - Add support for server-side hde key exchange - Add support for DSS+SHA256 ciphersuites- Reenable a patch that had been mistakenly disabled- Build against nss-softokn-3.16.2.3-9- Rebase to nss-3.19.1 - Resolves: Bug 1228913 - Rebase to nss-3.19.1 for CVE-2015-4000 [RHEL-7.1]- Backport mozbz#1155922 to support SHA512 signatures with TLS 1.2- Update to CKBI 2.4 from NSS 3.18.1 (the only change in NSS 3.18.1)- Update and reeneable nss-646045.patch on account of the rebase - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Fix shell syntax error on nss/tests/all.sh - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Replace expired PayPal test certificate that breaks the build - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Reverse the sense of a test in patch to fix pk12util segfault - Resolves: Bug 1174527 - Segfault in pk12util when using -l option with certain .p12 files- Fix race condition - Resolves: Bug 1094468 - 389-ds-base server reported crash in stan_GetCERTCertificate - under the replication replay failure condition- Resolves: Bug 1174527 - Segfault in pk12util when using -l option with certain .p12 files- Restore patch for certutil man page - supply missing options descriptions - Resolves: Bug 1158161 - Upgrade to NSS 3.16.2.3 for Firefox 31.3- Resolves: Bug 1158161 - Upgrade to NSS 3.16.2.3 for Firefox 31.3 - Support TLS_FALLBACK_SCSV in tstclnt and ssltap- Resolves: Bug 1145434 - CVE-2014-1568 - Using a release number higher than on rhel-7.0 branch- Fix crash in stan_GetCERTCertificate - Resolves: Bug 1094468- Generic 32/64 bit platform detection (fix ppc64le build) - Resolves: Bug 1125619 - nss fails to build on arch: ppc64le (missing dependencies) - Fix contributed by Peter Robinson - Fix libssl and test patches that disable ssl2 support - Resolves: Bug 1123435 - Replace expired PayPal test certificate with current one- Rebase to nss-3.16.2 - Resolves: Bug 1103252 - Rebase RHEL 7.1 to at least NSS 3.16.1 (FF 31) - Fix test failure detection in the %check section - Move removal of unwanted source directories to the end of the %prep section - Update various patches on account of the rebase - Remove unused patches rendered obsolete by the rebase- Disallow disabling the internal module - Resolves: Bug 1056036 - nss segfaults with opencryptoki module- Pick up a fix from rhel-6 and fix an rpm conflict - Don't hold issuer cert handles in crl cache - Resolves: Bug 1034409 - deadlock in trust domain and object lock - Move nss shared db files to the main package - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Update pem sources to latest from nss-pem upstream - Pick up pem module fixes verified on RHEL and applied upstream - Remove no loger needed pem patches on acccount on this update - Add comments documenting the iquote.patch - Resolves: Bug 1054457 - CVE-2013-1740- Remove spurious man5 wildcard entry as all manpages are listed by name - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Mass rebuild 2014-01-24- Rebase to nss-3.15.4 - Resolves: Bug 1054457 - CVE-2013-1740 nss: false start PR_Recv information disclosure security issue - Remove no longer needed patches for manpages that were applied upstream - Remove no longer needed patch to disable ocsp stapling tests - Update iquote.patch on account of upstream changes - Update and rename patch to pem/rsawrapr.c on account of upstream changes - Use the pristine upstream sources for nss without repackaging - Avoid unneeded manual step which may introduce errors- Fix the spec file to apply the nss ecc list patch for bug 752980 - Resolves: Bug 752980 - Support ECDSA algorithm in the nss package via puggable ecc- Move several nss-sysinit manpages tar archives to the %files - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Fix a coverity scan compile time warning for the pem module - Resolves: Bug 1002271 - NSS pem module should not require unique base file names- Resolves: Bug 1002271 - NSS pem module should not require unique base file names- Improve pluggable ECC support for ECDSA - Resolves: Bug 752980 - [7.0 FEAT] Support ECDSA algorithm in the nss package- Mass rebuild 2013-12-27- Revoke trust in one mis-issued anssi certificate - Resolves: Bug 1040284 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) [rhel-7.0]- Update to NSS_3_15_3_RTM - Resolves: Bug 1031463 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741- Fix path to script and remove -- from some options in nss-sysinit man page - Resolves: rhbz#982723 - man page of nss-sysinit worong path and other flaws- Fix certutil man page options names to be consistent with help - Resolves: rhbz#948495 - man page scan results for nss - Remove incorrect count argument in status description in nss-sysinit man page - Resolves: rhbz#982723 - man page of nss-sysinit incorrect option descriptions- Fix patch for disabling ssl2 in ssl to correctly set error code - Fix syntax error reported in the build.log even tough it succeeds - Add patch top ignore setpolicy result - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites - Resolves: rhbz#1026677 - Attempt to run ipa-client-install fails- Fix bash syntax error in patch for disabling ssl2 tests - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Fix errors in ssl disabling patches for both library and tests - Add s390x to the multilib_arches definition used for alt_ckbi - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Fix errors in nss-sysinit manpage options descriptions - Resolves: rhbz#982723- Enable fips when system is in fips mode - Resolves: rhbz#852023 - FIPS mode detection does not work- Remove unused and obsoleted patches - Related: rhbz#1012656- Add description of the certutil's --email option to it's manpage - Resolves: rhbz#Bug 948495 - Man page scan results for nss- Rebase to nss-3.15.2 - Resolves: rhbz#1012656 - pick up NSS 3.15.2 to fix CVE-2013-1739 and disable MD5 in OCSP/CRL- Install symlink to nss-sysinit.sh without the .sh suffix - Resolves: rhbz#982723 - nss-sysinit man page has wrong path for the script- Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Add upstream bug URL for a patch subitted upstream and remove obsolete script- Update to NSS_3_15_1_RTM - Apply various fixes to the man pages and add new ones - Enable the iquote.patch to access newly introduced types - Add man page for pkcs11.txt configuration file and cert and key databases - Add missing option descriptions for {cert|cms|crl}util - Resolves: rhbz#948495 - Man page scan results for nss - Resolves: rhbz#982723 - Fix path to script in man page for nss-sysinit- Use the unstripped source tar ball- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Reactivate nss-ssl-cbc-random-iv-off-by-default.patch- Add upstream patch to fix rhbz#872761- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build  !"#$%&'()*+,-./012343.28.4-1.0.el7_33.28.4-1.0.el7_33.28.4-1.0.el7_33.28.4nss-confignss3cert.hcertdb.hcertt.hcmmf.hcmmft.hcms.hcmsreclist.hcmst.hcrmf.hcrmft.hcryptohi.hcryptoht.hjar-ds.hjar.hjarfile.hkey.hkeyhi.hkeyt.hkeythi.hnss.hnssckbi.hnsspem.hocsp.hocspt.hp12.hp12plcy.hp12t.hpk11func.hpk11pqg.hpk11priv.hpk11pub.hpk11sdr.hpkcs12.hpkcs12t.hpkcs7t.hpreenc.hsechash.hsecmime.hsecmod.hsecmodt.hsecpkcs5.hsecpkcs7.hsmime.hssl.hsslerr.hsslproto.hsslt.hlibcrmf.anss.pcnss-config.1.gz/usr/bin//usr/include//usr/include/nss3//usr/lib//usr/lib/pkgconfig//usr/share/man/man1/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m32 -march=x86-64 -mtune=generic -mfpmath=sse -fasynchronous-unwind-tablesdrpmxz2i686-redhat-linux-gnuPOSIX shell script, ASCII text executabledirectoryC source, ASCII textASCII textcurrent ar archivepkgconfig filetroff or preprocessor input, ASCII text (gzip compressed data, from Unix, max compression)RPRRR?7zXZ !PH6]D]"k%nÍdڴ4AGc5ꪵG#o{LpA&aτ; Q>X*PC3^iڪ/CVOL;pZ_ au<*\;5G雵QW|LP֜@Tr ]N|"V/Jd=fKp{߸?JYWH[k:P_5htxU!*u.<ɡ XR/ymNfl|3%dF1#tXϷ~5 }u' =b`3UU$!tqȏg{c!Q؇.ϯ JCی17V. Ц}W?lUnH:c^E l:s'"Of4-%5IhzW`2f%Pk:͵Z6Ԡl[.B{P&xӹC (htԴ>COGv1Q ekRHFRT3`dk⡊}Wm}t4j(ʎ =?-Xg[4fKNN$anulc.2h7pgN==Ԍ1R ē@zzMgz1`|VJk݉y}NS /#VR:/IBCV( ^Q)~EY|I+.{IH.6R0Q~  (EKmP/͊r".KgÇxވѪ[3Gwuy'pxVT4z{#^;a@\Xxi ; ees+Pm<3G5G= d2)qW5^BRp#)BP*x84shLm?NdjuY,XQko ϼ`vrA$"ur6_ZY. 8/9z=jkww\57s!<P+*;r8-,&H P\\G6xO|/o_C,?Bg~Q>(JO_ ~eWS;lM(՚N h/svRp'Do%UDu,~ob/ZU+'^^WЕ&ߟvo( 懕L Xܡ0wH1vY ؤC9<g<~crۈn%"m䞳̩7hȡ 6t8WVk:וWj|H'9/va+06 GӽbFwMF> ؽs|WpѺ΅gXI]O8Mbܹ}#XVq?t>9PT;eWq]'[\NAe O%yGk|M];KS!phgT)b>:z֚mv%vW1BF5#촧t3a].%b#SiN`>@}:z^dT=03fU ba%,'h'}G W#TCNbhI8;Vو{n hK6v&Mg ϳL6:7QҼc8槍{*?#c3"LHOon$nm4W-Ԡ}^ u9ʬ œsdR7"$G3e-ڦmu 1T6l!{nW4]gsxRLݭןAC̋VeMpbԠįks a ק;go(J$#|mwl vb5J ) #_{@3t,;3G7Rt|meH&Vns(n} _5{(XA"jL>rVļYkqqeENTHd6VJ-Yԕ _{ƆbTcptwU!ъary썭6|gt|RŇwi)8؇})PZcUnK92憺4uFJҴwH@TUK$uю}&˃>|$p'9lIUnDTaA PdEakΒSV4']EI4;sھr*R)b^Y6BS0묋KZ(A TYVF/vOؠ/{DBA5T7ˤk;?.}=a+B*W0Bp7\=\Ñ,֦ki9SFjKvBxG.v< >yl{! EP5M7#=:F"yDp"逹;Y_hs$$,&> WTDx5\3H_tV$l;nLw"'^UGų9&K0YU5`F>dP6R8 ·T_:B3-Zi)&v,?u^4!* [wξ[sV.>^0) &ZT,ܰ}9&zVZSIO̷a~&VYX?e 4Q4;p͜X&^aVƧQڔJ.!1|™,jPI!ߗN8.$z׸i1y׏d  SVP0{`@N8M;wyZ0Pd'u6lSMͲϏC ݑ=yۇIQ0{nDہ`9;ΧiyWj>[@s BwxYu ̔,k@O@>o\^D0ѣ,aĻ-35~={(r "+dEC^PW{am#.fcUݨH9ta~p_ck$RɌ"{LeFաHLfZ{Jup^̀)9c_`~R*X񚳸2a|5fpDGwJ7"(,ßկ=kh4ZDDw]:u fV&ګGGllUʨ@y`&4 6HzTtWOg}n=rzڽDžÒRwiWߠb, FNE?>ڽ(PZA| l@)Ik'tM?@^5 @3(Tm44! Kh]( *t'nX`$ 9@B_ؓs3L:(O9kj?>oy8cw߫Y ymlui/zFIě4B(`|\N-Gd̡ϥYߘxԍ\{ 4b$$E»^҉V툳EI~G)f\Ψp]ʤ``E@| C/?aΟ.聢S8a96 XehWQIOGjၘ5Yjaʕ#~Pg ( f R3 4C lc@[ Sa Q_.ڄ;E )%.w|<2"OSW(f+ 4 K ̎}@Z_zm$_`ދe6^}pHN_zdJL߽ ¸H8m%ytL ޔ'P uҰDV1.#wyJYIE'YD W69x qq?$55B)!"!GN%.5$d}lEd(ô yw#^3Zӷ /i*%xlvjp(K W s~(Q;K 9ė;gMJ?BGw9HΟR\ QYq>i[]1TsjZٳ{DEޔ!"ӢL+%FE7OǃtK^_+4D"  ($6[Ѐ(Pu|Rv9zg~Ӷ= ,QC٫.d MMmv`3YQ`J=p ycB O?Օ]1gvCO.ε`;*=w>YcޱNyvHLJz8Җ8H.Kl [&Y ,~M K$޽JqEw|즭P+Efmx$u8Jb%Qoc°Zu1 SE?h_ #+<:m>Plnwh}?r%ɻEKG)#K`հ׺4YŃᝤ0 *o,; X-b5KsyͤN9~Im8$].•ҕ!s%}Mfo/ `6(o`插2s}p@\FXG7+{{W fU,Wl? ɱMؠn|ڽ[b.BDy&k  ţrv@[#]k]s`PhM2GьӐ≃7\tovC-:zaO〔QH/rx̨G`3]吝Qg:Wk$3*In=. \J78 *KGQx蔽C(#5sJbbK>/7 3ߓ}2A$l@Xm" s!Km-^yڣ'sZZQP'w(ڮ+uhY2ou|OFqAVDU(aJL"]8 aq:b<uFYoI&h*:G;)}eWl71 wUЯ*rYj$c>=A2)=~`4.N7"'9"D]7<f0cyUBڽEni&ǎBA>VMc$mu1:E'Af<ɒd$r^aWNtPr0P S 1qUs_+kSo¶?I׭$}!fy, 2'*^u)Y(4 dӣ{ITu.KuF4W]EQ h/St _:3CxN'5 ZQ*AvZAsp)'͹l 5 ?>H҅?<`DiC \kDžߐ;7D^i~N!.S`,m ~,S'2^p+Za?|% [䔕1 )BIGB÷N6{8VߵI#[8 s8sv|YB(*./ SY<TWXY'\w,ikϩC~ƚ ^{7Z ؃g+"}1DtDS{ܩW΅ݓ=[E9'>GsAaRZvfU=.#(o9шN%Y>MFHŭx% G5| nAڬ}ڏ7Qp ~. F8D6#@sl]N ^kX7#LY5;' ?7hBݐXVJ WU%"< .G Gf! d:PcW M*ʃԱ*~-~M]b}Eɍ哫{ T$TPp;h}tꅙF;6KŮs 1Asiksdi>Cۿ&^6z+ʂ?Fe*_`jM}iZPK}DI|A#a08!]A/Nc&F",=SDX,їw1gPob wsFܑ<] g!K4 ԣ=% 쾅VxsE7+uGm*¤1JO1%:͒+fJ?F|QN&Z%&iys3aXLnV|;h -LT"$ꄄ_Ŀ6}hX/Q4OXܩk8K4fByzK n3fX^eֵCW]S #eK02qٲċel鄞c( b4&X9.Eug^>; kDC`wG 7Pwlɽ6ԵFJ0~>Tb4U"5.c@pfJ+ƒ=;A+gHxժe"}T cߖ _x!ִ@ Rw6 ʛ&Yd6b r,`y^z+>.tDBjo_zjxt VbWe5rHPN8V`7oO%Nba-ň="RIUkYjV,/U$Oi<(S@'k/v30Zk z[&xa`,a=~A-9AW=0<NXBCAMӤX /}{ u4,+2*jm'!肑T6]2 ,4ƅ&t:l4aMNj < J'Gre@H2SngOH=R *8G0Rǚ/S{_:&T ɑ:ƕ@jǘ" ̮dN!Fԍ3!OU{rHy~Z&wӮj0h[hGQ]_/>i3i_h$ Tmc~0M ]LHQp:*IE3ҁc+H% i43; ]֬ ͘f 1xN^Q&WvVGi^g5& oe!%+ תEdE6 3/apn}E;Ʈ ~0 reA>>׹sx9Vv7p0;{nȇv|cw}MyǨnZeiPuky6͋o9 FIڊÍMs!t,pbw:lLBk->yp6qqvG5;mfgGeL; +~M.GFڪ=*xposEh??jEF2r!vG`LW8W":)5fK+&8CKG3Hhʪ-!f|PyHdbiwAKPZ>tQ Y +NRht@Vvo@yw9.R#2q-^Eu9@H'E\9`L;=6峾<ˊ48Wlx C ?06Z{[G2u@1&?ʊ8`J+=2l$uQ8gPX0-]֑ˏ(G 9u \u@Sv/P)"xf6\i5|dxo)a^oqxu%3.M=~Fl9t5Բbyď4fg tnpkn^ Tf5]!r JG q|d⣥"ʚ 'oa>^6vG/L?]ҿ=<j$k#B`0#_hsof+\ 󎭑BV*\BxeRr!~metcm? <71?}87j]s"j.=D>Zh 17kL +DQL`%<2nG}詙I$_f ҢRc$(%*h1 ,k9-W -Ŀ68 )6І6=xIDy%5{X W%ewnTfxjN.l[Wsn/^8Gmd0q7D<>TjgNU@9Q!a!v 7,@xnԝ_MFSwU f.\+fI\9t \eQ[ۛp|[-Ri 7`xj/k5Vt9o$%x:jA ~^@?S'ْg 6;Z ,pBw"}gvNL'@:$TЫF@ fron9CV .PSHs̚r l h"*Ncs`::L;D, EbPQV)XT0r$ Dq,CҜwX2)wNglbRd E@`N0^ߚR)2x_?Qn חaf i*%|M:js*nQWU݉lJ;-DQJ37S35b{ig7 Z+A5)O}&b?hjp(71ڦ^0aorq*GGIQ̭y+2TV3OZbff3n Xx/҄Ɍ %\y"X!WrYFc7f`P4RKX'7k=Z~u)E|YlkTT܄[\ZX8f;ܵp-g@}[VF /J!GjĶ |ӻ:!ءLJXغ5ymeWPtvNEau~^TEYsz֚~SQ辊ErMfڦh99ZDQʡ `>s1¤%A#O*td;d :#=p<Qؽ{HsߟG^Blwka(k]}/̰P?M57n[W~[Ib< Bȃ˯qSkXglvX ,eX=N4/z,;oK(P1|GeT.c~_zoz2șK`aivOi י$)w/ 7@`OƊ094хO0U,y@-6y}AeQ,z`D݂vi *z*!' DQ/ۣS&Mz((-ػ!(||dm43~? ʶߓ}+6;U[4lkYdo7Kr!V#I!XamkDw.ou_Y6S74"!*+$T*۾(Lu'%9aPqj{WW'1f*a׷u?>Fkvs+%!mtlA X޴}h!R&+ [? ScOGHg} GucmUmv#L[01о7$Li8uEerחPN!M:v%#1q74ϒ e]C?2ۡ&stQ9Swفl 3M"5FoqBC`PR.?5 |&:q}Dq+]P?"B>-xGIa]PRl@Jt]/*DO,dTP`ΙC+\F?g  j qt^0+_m_czy]`B W&;/̍z]"z3fFDEu8W,QIӞA*eGرs2R;l#uW B^Ϡu#md%ހXxg ENSi#5F#f۟VBOj5HazUy X8'3"DwxwM"Jrlp1eŜ* sܹR)bzU&Ui&{ 6cHP-0?8mc)Z{[軠[@RF &ٳF`zZulaS6z\-̦UT K6EcKno`؀ O} Es&*Q K"n@qr%>ζ|vxe^8Aq6j͵b̐h)%Tw1rz CTyᇩr$ДxVK=Ijµ}Oօd|p'#Iy K_V)dB|*<*|2`K+?9ErH+kMegK3ߏodX7LzWK&rº <݈$X`'X+wˈel,UC?6l׭'JąBߘ+bXnx DABYOЗA7d5Zmdك)ycZlfh|yOflk}& #ƅ: 2 {\T!"Cֹ'MN?Q,{ksOX9 Bg 5tH/5L7of(Z4YS\ Q7\mHS<@}b0F.GÍV+83 뷵!l me ڋmK_"3$]|c\ @#ru d@;UFYwZNގ3,ߟx3P'!7Orֆz7fy|w%"+i`tyi!ySVEc2Nojy.柰Z.Y!嵓- H(d@AH0.jAEWRF~ > 4Z23J5,+2iQ+ dLO]]ڇ:f$ V5ֶ+ש7?ļ֋hueFyBjqf~B`w&dC᠃mZpv<[4dۓDzefTZ ٛHnm=yLy3!+Nvn)?C/Mg,C",r 8W4T lo}@`Vg-Ȟn\ĖE*hf!>A&u֫)[rsMKC{2sFSL]#h-p_<4Q๗ߎ='% 6iH6!9NfH^̓5C&qb}$'mrߒRvg }j;}yv"6=(| Ԫ?'e{ zO k6\i)pVHc鬗l*Rze}n]3!ݠ8g=[=̠=c:dEYcW]6A5*LZ }\6!J3WjTySHvמjba }hXӫok fbtNI ʅj ЈQbq' Ey|N@~OɟpT+a/$Gl3 -`2]DX{vlיC揪A'7v?+qAvxدyGG}hӋ|` k7݉ӌӒičpc6MDNT۸ςN_rDw ѓh0؅mEs#ba} -B#̣фa',ђтe/00ؕ)J4}d4Kwm5i*ؕ;& lytr"Vj3izs|g^ƨeaQyJ~ъGaH.ׯ,4pymJ! Y5;'GGLMKr%9J: ;A|M 2$Y#ٸ2a5Od 3x%]Wb ;.z('yo XBBhؚA';8f~O?. siiG4H0!MI&Sj/4!cCKc{./,o m/ %O@4Ufefؐ\.hR5v3)Vƍ&3t3ED%+m@ uu(//+QBLwv4S?Poԧ9 vRoѬp41`aM%v)4[bOdա76$UlV4o!L7Nd雨*'s8AKųQQ\FL+WfF7t7VaoHh71H[Ӫ)i:_Q< ^+p M{kLI`ۨ!g H_ z>fƬvLޡ{pA8o䑒⧈\0e г_|uu -xʵljŎxv]twtdp#<-+pT q1R72@> o|`` z,fu{ 16}37>QnwDd3=bף)}FF{xZRb=bLnz 8LQuY?^ ;=HB[i-D4\Z+A4fþSmE\~6cxVarסӰNk%Y3[ZӠ"5f% )^TVii:siWk{rMg+`Q($,lrClEP+r^KVWЄkGKU2%'I6G4a%Om#qM9Es/w#LP1ޯhf4YQ@32^bx< nqB>Z cGӈcǜ3C$AP?{^rGie Au|Hc7+SjZ)G&l_-رsb7Z:3z[N Wߧ==h5q}t$|Ub1WF8򁁜"l#]ꏩ/?R5zZp7'tP1 d*V(1=)ݴ^k\3Xsrw GfC^!"}ȩ5 %z)Sr}.NRl#PI~gɽw)-~5A3ʮ_axM;^>ØZ1鬩gy-;ugDvG>D !u96n =jFh-j"ؾW]cR- cQ@y;NkREAkP%KY/ I9V6s%M =*ݎgS5\#ܛuvhNvGq+PM˭u(5-B9CE,fJҢtD]$>{E'=VK+@5MD9Gn7}J:4fbV2MSZ#hֆeH DKҷU~o j["K;,YiD?kUszvvE! g륃 yN\7N#djZz>衔|!D"?S?V(0[g,B 2pGA&9*|K:abŇQg{(!/16“#b/-4($XDCv8\[E |Gtx*׿JA:$mzAJ:~q;AJݪ ?_c~@3& 3bqH-kԝ4(bJ(BbՐx­1@DñJ-9B׹S;\|˫lGW9q&{U;:~?P_S3fl~Ru/+:d#wM8Q@]=-`Dp 4}4p뎟y6{JzϤ+2+p'H[Caa-兀ot|)挥ZCȩōXV 4I%n1=Mcu%E_ $&11+ (X'1w=) 3V^FWǝtx)]f2&3d4}f_a^Ug#kgaSo=/* U͎5"ʉvW;6CԮR['͵/0iSGHML qL eèp4}PNrȨl0~kJ>JI!&AHB_V\4llN @o0Wl/%rR؀ר_>Ƒ45D8N"ae> t膅GCff1i!c_N"e<0|bI5ucjrE[J: ,Iݟ$^\uy/Tpl-Y8y\G[^6UޕU foƷhn"~ɽO7ZC @;>4\6*9aRc.yW9q"]*%/ Uc'fEi y;c(m$0N¬ k.S. *s2z#hoD0!rCSywm ,/!Νl޿>X. ,tPh)QXE@Fi?Ĭ`4uEbb &ԽT̎}LF`qڭM'1E__7t/Hy|*AwlM [7^R97ήKBJ3 l It Gʘ<<i;t/[U/չYmZ`1V8Z$#aN02kTAucG¸VcK.8`J2Fg<ëls[>0 1v7i:ZwkdD,& RTaGWܟAkoKH<<4;{Ɩ8 y~0UZklBD֣NiX'mMhF[KgMXA[-%*du;1Ao_]|v|. ӟM\4̇!2gd*2n4@LYgKhvoPq"[idNؔJ3#MU_=\2Bل[Q*?UHq r ,!`U!ʸJ "8&o79qfjXCK7| ҝy *.ios>. ;%4J5ii޾^DŹw9L>PSejq99FXd=3uѭ-*Mg<IrDj#fnK= npaҁgNCYµ: K-GnN;~Bi3&X ]NZS߄vO*()0x?;hZBpw ZPQRse&@C+6bզ-VuŒz㉟kp5Zo0ѥ3mSxx@$ҵ y\REZZ{+"4X[zSĵo,Wdlyɕ41Z Y_v=7I(MT(ݫ㉭:Tਫ h,߰O&AcJ3Y΍>8 ׇrbśC7Vwߪ1r`&ѸE_%n'0J[ 8ԉp#i{ M?Syɹᑲ̜~۔}ԙ*3lsGUCWB@Ǿ}O [~Nt&0z;q[;Դ ©OrT՜6x erf3;Yqv*){篓Axs9kw:xճ[X OW\yclzzJX tvCMk.MܷKVD‡ 74|0u#JIXnm"8 I?:fCʾ}PaTI-3"`ܰ* n\a=@{WpUsiN{%J_|;7¿U6\R~GXRd'q_plt]6#N *e[@1:%b>#k@rMd$5}CmpN{s .saӳh@@Zs8o# @}$ jY- Jmah_wh*i"ҩ3@* +g['$ "tRM{Ӣ}--5蠉 a62Kp(G<3O K,U/3^fS9G}g.qUx~ ds<\{j'$  xLpX5SDe!D%sͿBXTDY`HFA%{t@ҝ/~%:H6lj? [|MwQu`Zq4Ce[INWG\EmZUQg)S_),wchUMnt"֨K67P޵vHYlҺZfb Zd&xPdz`xj8/gi)"';tFAm̊bkx\X*,Ê8S~'Tͨ ؁A`g;y OeZ7i'۩: F;)'{ӯ 'rB{t=U rKХor>soC:b%2AlپpרҰ1 y&TӥBYw C PJC,( Ǧ{8J) &gr/b*eo6THXC\߈ FBa>qߧBl9}sh\I|t>%h-@1it,) ԕ\W/91z UO_yAuLt>6?J^7KD"P*)E57 -K>VQzy-[4"nRo<ie4C=W,PKNq@(Ylv6 hQt(78&|l2fo#}Uao҂+{IJ rVG5{R4&/9,/$>.8ikuƇONmM'8p R{뉭puCY rOnGI 93[ We% Gp) }g l Px&ەmR>f@G` <Rc>& &*ݿFOfujQX"XJ'1~D"EwbZ #Z9ܓJ0|T3=~8 8! 3To!*KE,l o &Ss6Q$9_F]Z*Gkcu6u$!%6zhs6ofH;Oʞ[r,6K+rSE#ZK0ղgx)l[h?%z eFY ##Q.޸#jo)!1:N_4K,c?**I_~zF[>JB_ --M1V5as![3JN_@2vQԠ#O(svSζp@Q:Df+@뿺@Д"/w?q.dnbVπ'6,#iᲜJT{yuU 9aYw.Wo0lVnV2sy2.~YAG WRpTi-݌G߫)Ez:0vi{Gdj>M\+}!{$:_ GJP=Kᠯי4#%j["m |` y+6-$Nc00O-~xvE?-.seKn nK3~]^<҇}E y\3v]wZβJKhM8A'T0dJl]\mUZ8SU riJyh.v s|{gW5S0|J8&VJt~or4 H_Yho1=z65n 4iU;2KMѺ9}+B3kx5/5XO L{1,mE%^=ezGH)9YTDkT&"0|Je}T #J+F[p'xFЗO>*%2b-[K5ٕb  Jx~Ho16#ɜIP'{bMYl1Prg]%N 5h0EY〤t﯂ 7w ]{D82G ,|ϩ"4"'g/oa¼ͭx5_b&Uc< u3Bƙ2[6 ӠC_)l>dfZ5!|y6I>9n[ ME([+kIكÆ}zfS:雋sPv&n:E(j;2X4Jn~an%z_BCCh%h;`Ehm~&kEf/F_*.1[†Rl- [ܸFd$\8?f=ΩpOsQ h LD7d}QO7 dƘ,YS HFaW hڼa4cl:/=uS%7znxsq{>ݒ@ץȰ;Twb!yK!-Z'S_>沎?R 鑉N^&}4. w֓bBwa6u&|'Utuj)v)@)"îB ;Uݬ jg$|UzǓW~1`5],=էXf҆yx O6zx9z2pU\LmNpw EJHsVw`1^Kmxvcw(S۞,kYci ăƯdێڵy<)c(=aqCNhYF֧=OLӉr[Rj :H8)D贌EKB)_f=~L;Snש?\d+КDB&"<9v=$C“V28J:]V J GE kٓfHt{h-,l,.~Krw]-DU?.@6/Asmg.uRp\Ob1ǧ5@aa7IӀu%8[5ma~A%1 tBu睘j xg(oF[-Хgpg$#mC"OE#Tn.UKom Z+`jVg]Itj.,^GUWAkEDKd'u U`Yw;p3zo V.?(:L턪Ѧ6?}; \A׻*5Һge7i&C$ ?)Z9rWva,T̸)B&nZ Nr C Doؘ3]6҆d(:Í=%k$Fm}贁5`'zG y, "A7q1Mb|mBt` , Eq ^3# G2eWTahp!U(M&&XTK6fo9%1^~ ^ $AH("j!`Ѱ"yam >AV8qcKD !(Z$ ;MKs+B"e^Ab1""0Vf֟Mr|B߹=k٪Q~jU/Ѻŋ=iь80.(bh}QR!_::b\m b b*ۨaH7D%50 a&Z#DqE%6f˥{qeo5<{$ /5r#̚WJIŬH0Ż!S*$ZໄxdU!VJAD'd E "{>w@ gQ cC5MʶZ 2|z|eu3O G)S1m/5LǙ~o[86蠏) $4MqHIeܾS@Jn ] rRT6ÕFd& .@7`e7ЉVO2s*-$zzUqO򁘦ѧuT3@wLeh`%q *; h_3Bi//P@ #U󤔺xH4t},ɴ $k]U,`>C!#'֍1 [M+y Go-0PfsրӿPBר=J8l&g> )Cn{ǧs?ѧfJCG2{8/u(( UJinYkZy6*p}݉^kȊz!= ¸&~`Ԃk,tJ݇9ևvQuGX%;C*h?Zu<^H:J@1(;$fw^Bl+;̹6[XMp]h#z;k{E4h]ݤj=@tk:mBo-O=u=-lϳf$?4dk^ڠ?^z}DM)M}ʹ.7rGA V j}#%xaMra%ݵ2v$gF%Djd6ncgJn>FTńZ$v3lvm &*q/DI$ǚ`4zѧle5v`nQd b?l3*\K*R'd>+ܘu:/'.X9G,_4Rew]PQ~nߏlu]ȀpZG$$'K$B ('|PKŘ|dϹ,,;*NNm4zua7dNfm6e;] Y;"($?WBfMbs9GY m5&iUF1Z\rh #_6 S+B Z{/yNwʳ:ymZ/E~)aR  ^o806ϊ+Ɛ @*@碇Wf'dL u=J1]D"B#$%U!!4K!$ZGُⶉ?65M "R>3v鲹E( c Mo`RsMBs^aѷOg5eg2lŝlTX@Yt&nz oxASh$BGAL+ .xڡP&ݝ]P %`&C3ZWd\PxhMEӐUߡ|T|d_.tIz_.Ȱי4_ވ<owD%_ŌHDԏVP#nkv&(q&;tdNZ͕{H++at}Bv;nT)u0Ϙ]oȨ`P SM`Cα 6n5kz7'ä: v>w <ۡ `'WU2dV{AړHO'k&o?17D1khXbg5dbL)p<,V n':bmCQ&hϹ? n\R59<1h-\&J832̰&8:0>ط!{TT/? mE9$g)MĻl@)κ~*ׂ_UUhkSW\6B;Z&>lHK8{?}_rt'3Mx@sL m6|54ߍ-v97>^G ? UA^,#ľOwmwXmS<iQZZx_|߉3ѿ޲;#ۀ.}qWxKɜA΢;!,T`\*JC* = &7Ƞ#i.S>W(&۞e}mUL?2Lya 'mA&l|_vb<+ycٰAgV7wK҂<4Tւz$u?5VD|'dtYqh:~ . 4=8jsP\*wU-i a~4z/D%CCLr>亝b){zE1 *[G,1XN>;,FSkt mMjIbLH``+JQ;2H+V۰hƸ[MkKB|(sEb_E[oqtW.;|CyUGҶEwېi!iI%IxT+Nҏ⋎RquJB%/ yHBdlwC1s!q?cf̒g.yiB2e6Z2_Qr12)1\-x_-FvD¹bjOb^U8]_+gjqpgƍ{2  KzfzE\s\N4E5 |+gcԭ)PoZ 9u(x(A,RtevƪlU{-$-*,=ӜA4 puϵ;õdk82QAG40,BpifqܤJqs' =9@ M=ZqiroX>w@z,?INQC զ0DzFj|+{

0Xvr BZqIep1pN ^ˢDJ69'fF '1[FAA˲׬+LE= M Ww%k-Ǡ&㡝y\1"f?]ML`fML16eBPNz2M AL<-w`X5] %x0{}>rkM7ҧaX~!L 9q@2I~8hd׫j8a,TS:uIxra? CUĔ Wx'LəS+6W 1jzC>91FmX >*Kz;GGk\eܞrUaaaeEP;x'<51-ׅwSkM.c̡JtMx#PŎG0f:&}9ԒoVU @yDLl\OWƞ<4(õ<4hSXaf;-)TW4ݚEt;G㹞ޟՑ*p8 ;,{.;CT ǐtM->J\fL6XiF2ղNgMنǥ ;'Eۇ"X4}KnvoӲJ$6 ѧ|/őfYN \`,!T=T^^k ZQDvEbKJ_qu5(HkK$G1IFsgBJ{rTtOnjvJ JnN^;ębK*\4V?k_ʛ)v|k}BQU"Wl>~J_'n-dbxUQ=jxNmT:0P?;mSCq>IWvo!]ll$t|Ҥy۵A=9mvUxpu0e+هoLK85Ov B:D5uAٕs=bK,EJ$H!jؘ 3U& u`KK| gȶ [mQ .oURM j<*CC2I.pbK{` oQP/rPRچfRӷ_}dQkV 6ḛo&)gzk= {kM[)b.PZl: Nܭ<  \Jpv0TWDrUP%}ocZO|N5t!Ňb`{+_cM*A>ܞ 2>b.HXT%Vq-[l<WC~V"X388Dܐ!iCOt ö́gOpsfՐeGt(t؆W{';^IM UD>Wv4>bΥ oȢ}~hb#4ٶU-u\4pV BqOg v9h#," >|[dMSmq"fy}dP[E}w"edt_qڿVPVtJ;]kTp{L%YP ]CMyD#MRQŔh\O|5Q˧Q37UXrm" &SRzXSYR@UPQfP)wyįgĮ<]MGς[zO@\UjIqوM$^īTˈ[&_2ʀItpӁ fE/؏)o4-e6|{BH9'J-ETWQd$BLtc:q jSn% A%5ّwo֠8ZOcԕ+8vJ^cEקGt=X@W!ȺJjUWЂ =z ݠ&2K/D$,/S8e݌9MZ5^g'<W?4m#zR#WNjy"v ,ӋixhyV&[oarO%Bn0e)5zh0ȯ(\Llgl +\K(EB:r2!^s(}D@.?8={@"@[ӫ[h-aVo6WJ} מiJԈ#$SI;q_JW҂d([Gn՜`ALʐ9oBzB+Ʃ%3 trv[p w}N|LE}#hGf&OdDd$\f%"o]lJRj*y1q۾Cfr6kr q4N>̈p4;DŽ=B qmݛgˣf@_v'׮9Al\8r<5*-)IQ*0t#qx K \j+#x:7ZcsIIMrjPv8o2a7Sj5KD 7ݕTY> v˜[XAO;Nh@f|xT4>ߞLV|Q_"7etܽ4.MB!lĉfre {®`{.?;M(ͽvIvX;ةKn(՗WQ+ DPޥ\fjك_3שrq`<cnƞ,#(ԒE\lQrVJFˌJ6W2&I@+. U\kqLPTȨd?i#q芚Ŋ]J঴~z2exPTRPA B[cءC%'DJEw<0РR,^I18+fp*,=l5XKQͧAX2P~RqVB$V+1 ؞{7b .w}F­[ jT+.#]pAX COUcBZt$#sз]@>k&/uY^ &ސD-4{'K]]QGcV3ƭSM:$py n|\`{)I4Ps1{Ү߀ĭkQ#~qLz,e5 #$-ЮF${74s)ve:7l桓u=遫zy@yqr)=F޴Rc`hiR%ezXO3؅O|Ö TQ _U~ɬ8g^ p #X`p {`K_?\%cX`pƛTdǰK&1d9ޖW=`͙¢/g6P,nj7} 9i9n+צRg!RccE-K-]Ի=ǫ"N͹]E<])Ҷ|2*#@xvLe*-S}If=DAB }ѣr Ω5 wk2{ n9`?L$YiQR\ߦ:Tb-b}lʅF̸BU; ,oS[Mg% u *V9ǂ2~ 37[8&ELVdKY''יޏ#mzxO_]fjwؗe ۘP%{ Vpr?)%FޣYRcoj#)^!ܫi n - PNHq%KwDW̺R*^A N'(>2;KaC0B FU-V\CK1, YZ