í«îÛ    sssd-common-pac-1.14.0-43.el7_3.18                                                  Ž­è          $   >           è            ì          2LæFÁ²ë—%Â<5ÄÖPÎK   >   ÿÿÿÐ       Ž­è       8 ~\   ?    ~L      d            è           é           ê           ì   	   %     í   	   W     î      Ä     ï      È     ñ      à     ó      ä     ö      ë     ÷      ò     ø   	       ü     2     ý     P     þ     V          `          l     	     r     
     x          „                                        '          6          X          d          Œ   8       l   8       	%   8  (     	‡     8     	  º  9     x  º  :     bš  º  G    zÌ     H    zØ     I    zä     X    zè     Y    zð     \    {     ]    {$     ^    {L     b    {–     d    |[     e    |`     f    |c     l    |e     t    |€     u    |Œ     v    |˜     w    }d     x    }p     y    }|   3  “    ~H   C sssd-common-pac 1.14.0 43.el7_3.18 Common files needed for supporting PAC processing Provides common files needed by SSSD providers such as IPA and Active Directory
for handling Kerberos PACs.  YTEpc1bm.rdu2.centos.org     n3CentOS GPLv3+ CentOS BuildSystem <http://bugs.centos.org> Applications/System http://fedorahosted.org/sssd/ linux x86_64     äè     ‰KíAí¤      YTE_YTEoW~“èd8ecebafeaf11db71a821f229fbb69a95bd4cd816aaf1dca2c90db527ea31cc7  8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903                 root root root root root root sssd-1.14.0-43.el7_3.18.src.rpm   ÿÿÿÿÿÿÿÿÿÿÿÿsssd-common-pac sssd-common-pac(x86-64)   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   
  
  
  @      
libbasicobjects.so.0()(64bit) libc.so.6()(64bit) libc.so.6(GLIBC_2.2.5)(64bit) libc.so.6(GLIBC_2.3.4)(64bit) libc.so.6(GLIBC_2.4)(64bit) libcollection.so.2()(64bit) libdbus-1.so.3()(64bit) libdhash.so.1()(64bit) libdhash.so.1(DHASH_0.4.3)(64bit) libdl.so.2()(64bit) libglib-2.0.so.0()(64bit) libini_config.so.3()(64bit) liblber-2.4.so.2()(64bit) libldap-2.4.so.2()(64bit) libldb.so.1()(64bit) libldb.so.1(LDB_0.9.10)(64bit) libndr-krb5pac.so.0()(64bit) libndr-krb5pac.so.0(NDR_KRB5PAC_0.0.1)(64bit) libndr.so.0()(64bit) libndr.so.0(NDR_0.0.1)(64bit) libnspr4.so()(64bit) libnss3.so()(64bit) libnssutil3.so()(64bit) libpcre.so.1()(64bit) libplc4.so()(64bit) libplds4.so()(64bit) libpopt.so.0()(64bit) libpopt.so.0(LIBPOPT_0)(64bit) libpthread.so.0()(64bit) libpthread.so.0(GLIBC_2.2.5)(64bit) libref_array.so.1()(64bit) libsamba-util.so.0()(64bit) libselinux.so.1()(64bit) libsmime3.so()(64bit) libssl3.so()(64bit) libsss_cert.so()(64bit) libsss_child.so()(64bit) libsss_crypt.so()(64bit) libsss_debug.so()(64bit) libsss_idmap.so.0()(64bit) libsss_idmap.so.0(SSS_IDMAP_0.4)(64bit) libsss_util.so()(64bit) libsystemd.so.0()(64bit) libsystemd.so.0(LIBSYSTEMD_209)(64bit) libtalloc.so.2()(64bit) libtalloc.so.2(TALLOC_2.0.2)(64bit) libtdb.so.1()(64bit) libtdb.so.1(TDB_1.2.1)(64bit) libtevent.so.0()(64bit) libtevent.so.0(TEVENT_0.9.9)(64bit) rpmlib(CompressedFileNames) rpmlib(FileDigests) rpmlib(PayloadFilesHavePrefix) rtld(GNU_HASH) sssd-common rpmlib(PayloadIsXz)                                                   3.0.4-1 4.6.0-1 4.0-1  1.14.0-43.el7_3.18 5.2-1 4.11.3   Y(ÀY£ÀYtÀY ‹ÀX¤BÀX”pÀXv@XOâÀX8'ÀX6Ö@X5„ÀX5„ÀX.í@X.í@X)§@X#ÀX!¾@X lÀWá$ÀWÛÞÀWÙ;ÀWÙ;ÀWÙ;ÀWÖ˜ÀWÖ˜ÀWÐ@WÍ^@WÉiÀWÉiÀWÉiÀWÀ/@WÀ/@WÀ/@WÀ/@W¶ôÀW¶ôÀW¶ôÀW´QÀW´QÀW´QÀW³ @W³ @W³ @W¬hÀW«@W«@W¨t@W›E@W›E@W˜¢@W˜¢@WŽ@WŽ@WŒÄÀW‡~ÀW†-@W†-@W†-@W„ÛÀWƒŠ@W•ÀWu	ÀWgÚÀWDB@WDB@WDB@WBðÀW;ÀW;ÀWÌ@VþbÀVÍ›@VTQ@VCÀV	@V	@V	@VÎÀV”@VBÀVBÀVBÀVBÀVBÀUûüÀUûüÀUûüÀUå“@UÜXÀUÕÁ@UÕÁ@UÓ@UÑÌÀUÑÌÀUÑÌÀUÑÌÀUÑÌÀUÑÌÀUÑÌÀUÃL@UÃL@UÁúÀUÀ©@UÀ©@UÀ©@U·nÀU¶@U²(ÀU¨î@U¨î@U§œÀUšmÀUšmÀU“Ö@U‰J@U‡øÀU7@U7@U7@U
º@U@U@TøE@TøE@TøE@TÐ¸@TËr@TËr@TËr@TËr@TÇ}ÀTÇ}ÀTÇ}ÀTÇ}ÀTÇ}ÀTÂ7ÀTÂ7ÀT¿”ÀT¾C@T¼ñÀT¶Z@T¶Z@TµÀT”@T‘p@T‘p@TŽÍ@T{ÀTŒ*@TŒ*@T…’ÀT…’ÀT~û@T~û@TuÀÀTuÀÀTto@Tto@Tto@Tto@Tto@Tto@Tm×ÀTm×ÀTm×ÀTm×ÀTl†@Tl†@Tl†@Tl†@TcKÀTaú@T\´@TZ@TZ@TR(@TGœ@TGœ@TGœ@TGœ@TGœ@TDù@T6xÀTŽÀTëÀT	¥ÀSä»ÀSÐõ@S|•@Sr	@Sr	@Sr	@Sr	@S;ûÀS;ûÀS2Á@S2Á@S,)ÀS!ÀS L@SúÀSúÀS©@S©@SÀ@SÀ@SÀ@S×@S×@S×@S×@S×@S×@S×@S×@SùÀSùÀSùÀRûb@Rûb@Rûb@Rèí@Rèí@Rèí@Rèí@RâUÀRâUÀRâUÀRß²ÀRÝÀRÝÀRÖx@RÖx@RÖx@RÎ@RÎ@RÎ@RÍ=ÀRÍ=ÀR½kÀR²ßÀR²ßÀR²ßÀR±Ž@R±Ž@R©¥@R©¥@R©¥@Rœv@Rœv@Rœv@Rœv@Rœv@Rœv@Rœv@Rœv@Rœv@RpôÀREs@REs@R7ÀQûŸ@Qøü@Qøü@Qøü@Qøü@QçØÀQÝLÀQÚ©ÀQÒÀÀQÒÀÀQÑo@QÌ)@Q¾ú@Q½¨ÀQ¹´@Q¹´@Q¸bÀQ°yÀQŸV@Q’'@QˆìÀQƒ¦ÀQnŽÀQZÈ@Q0˜@QÑÀQÑÀQÝ@Q—@Q¢ÀQ	@Q¹ÀQh@PÀˆÀPÁ@PÁ@Pï@Pz©@Pz©@PqnÀPl(ÀPaœÀPaœÀPS@PH@PD›ÀP<²ÀP7lÀP2&ÀP.2@P$÷ÀPkÀP‚ÀPöÀP@OýjÀOýjÀOèRÀOá»@Oß@OÛ#ÀOÄº@OÄº@O¾"ÀO¬ÿ@O¢s@O‚Ï@OpZ@OiÂÀO]å@OLÁÀODØÀO;ž@O5ÀO/ÀÀO/ÀÀO))@O))@O))@On@NóÀNï'@NßU@NÔÉ@NÎ1ÀN»¼ÀN³ÓÀN§ö@N¤ÀN¡^ÀNž»ÀNj@N[@N98@N98@NüÀN¶ÀNe@Mß’@MÚL@M¾œÀMº¨@M®ÊÀM®ÊÀM®ÊÀM¬'ÀM¦áÀM¤>ÀM¤>ÀM‹2@M÷ÀMzÀMx½@Mj<ÀMbSÀMU$ÀMU$ÀMU$ÀMRÀMGõÀMA^@MA^@M,F@Mè@Lå@Lâr@LÎ«ÀL¼6ÀL¼6ÀL©ÁÀL©ÁÀL¥Í@L¡ØÀL’ÀLs´@LH2ÀL7@LT@Kúj@Kò@Kä ÀKµÜ@K´ŠÀK¨­@K Ä@K…ÀK~}@K]‡ÀKY“@KO@KKÀK/c@K+nÀK"4@K³ÀJæàÀJå@JášÀJ×ÀJÔkÀJÁöÀJÀ¥@J’€ÀJp9ÀJlE@J?r@J0ñÀJ,ý@IìcÀIìcÀIäzÀIã)@Iã)@Iã)@I¶V@I¶V@I³³@I±@I¯¾ÀI¢ÀI”@Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-43.18 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-43.17 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-43.16 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-43.15 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-43.14 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-43.13 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-43.12 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-43.11 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-43.10 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-43.9 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-43.8 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-43.7 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-43.6 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-43.5 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-43.4 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-43.3 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-43.2 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-43.1 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-43 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-42 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-41 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-40 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-39 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-38 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-37 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-36 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-35 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-34 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-33 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-32 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-31 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-30 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-29 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-28 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-27 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-26 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-25 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-24 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-23 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-22 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-21 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-20 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-19 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-18 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-17 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-16 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-15 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-14 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-13 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-12 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-11 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-10 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-9 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-8 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-7 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-6 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-5 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-4 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-3 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-2 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0-1 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0beta1-2 Jakub Hrozek <jhrozek@redhat.com> - 1.14.0alpha-1 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-50 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-49 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-48 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-47 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-46 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-45 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-44 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-43 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-42 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-41 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-40 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-39 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-38 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-37 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-36 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-35 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-34 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-33 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-32 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-31 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-30 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-29 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-28 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-27 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-26 Martin Kosek <mkosek@redhat.com> - 1.13.0-25 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-24 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-23 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-22 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-21 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-20 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-19 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-18 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-17 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-16 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-15 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-14 Lukas Slebodnik <lslebodn@redhat.com> - 1.13.0-13 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-12 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-11 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-10 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-9 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-8 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-7 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-6 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-5 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-4 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-3 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-2 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0-1 Jakub Hrozek <jhrozek@redhat.com> - 1.13.0.3alpha Jakub Hrozek <jhrozek@redhat.com> - 1.13.0.2alpha Jakub Hrozek <jhrozek@redhat.com> - 1.13.0.1alpha Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-61 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-60 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-59 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-58.6 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-58.5 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-58.4 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-58.3 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-58.2 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-58.1 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-57 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-56 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-55 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-54 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-53 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-52 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-51 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-50 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-49 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-48 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-47 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-46 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-45 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-44 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-43 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-42 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-41 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-40 Sumit Bose <sbose@redhat.com> - 1.12.2-39 Sumit Bose <sbose@redhat.com> - 1.12.2-38 Sumit Bose <sbose@redhat.com> - 1.12.2-37 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-35 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-35 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-34 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-33 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-32 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-31 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-30 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-29 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-28 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-27 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-26 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-25 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-24 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-23 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-22 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-21 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-20 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-19 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-18 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-17 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-16 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-15 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-14 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-13 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-12 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-11 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-10 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-9 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-8 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-7 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-6 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-5 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-4 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-3 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-2 Jakub Hrozek <jhrozek@redhat.com> - 1.12.2-1 Jakub Hrozek <jhrozek@redhat.com> - 1.12.1-2 Jakub Hrozek <jhrozek@redhat.com> - 1.12.1-1 Jakub Hrozek <jhrozek@redhat.com> - 1.12.1-1 Jakub Hrozek <jhrozek@redhat.com> - 1.12.0-3 Jakub Hrozek <jhrozek@redhat.com> - 1.12.0-2 Jakub Hrozek <jhrozek@redhat.com> - 1.12.0-1 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-70 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-69 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-68 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-67 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-66 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-65 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-64 Sumit Bose <sbose@redhat.com> - 1.11.2-63 Sumit Bose <sbose@redhat.com> - 1.11.2-62 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-61 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-60 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-59 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-58 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-57 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-56 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-55 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-54 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-53 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-52 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-51 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-50 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-49 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-48 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-47 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-46 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-45 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-44 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-43 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-42 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-41 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-40 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-39 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-38 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-37 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-36 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-35 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-34 Daniel Mach <dmach@redhat.com> - 1.11.2-33 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-32 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-31 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-30 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-29 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-28 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-27 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-26 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-25 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-24 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-23 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-22 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-21 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-20 Daniel Mach <dmach@redhat.com> - 1.11.2-19 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-18 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-17 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-16 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-15 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-14 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-13 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-12 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-11 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-10 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-9 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-8 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-7 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-6 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-5 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-4 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-3 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-2 Jakub Hrozek <jhrozek@redhat.com> - 1.11.2-1 Jakub Hrozek <jhrozek@redhat.com> - 1.11.1-2 Jakub Hrozek <jhrozek@redhat.com> - 1.11.1-1 Jakub Hrozek <jhrozek@redhat.com> - 1.11.0-1 Jakub Hrozek <jhrozek@redhat.com> - 1.11.0.1beta2 Jakub Hrozek <jhrozek@redhat.com> - 1.10.1-5 Jakub Hrozek <jhrozek@redhat.com> - 1.10.1-4 Jakub Hrozek <jhrozek@redhat.com> - 1.10.1-3 Jakub Hrozek <jhrozek@redhat.com> - 1.10.1-2 Jakub Hrozek <jhrozek@redhat.com> - 1.10.1-1 Jakub Hrozek <jhrozek@redhat.com> - 1.10.0-18 Jakub Hrozek <jhrozek@redhat.com> - 1.10.0-17 Stephen Gallagher <sgallagh@redhat.com> - 1.10.0-16 Stephen Gallagher <sgallagh@redhat.com> - 1.10.0-15 Stephen Gallagher <sgallagh@redhat.com> - 1.10.0-14 Jakub Hrozek <jhrozek@redhat.com> - 1.10.0-13 Dan HorÃ¡k <dan[at]danny.cz> - 1.10.0-12.beta2 Jakub Hrozek <jhrozek@redhat.com> - 1.10.0-11.beta2 Jakub Hrozek <jhrozek@redhat.com> - 1.10.0-10.beta2 Jakub Hrozek <jhrozek@redhat.com> - 1.10.0-9.beta2 Jakub Hrozek <jhrozek@redhat.com> - 1.10.0-8.beta2 Jakub Hrozek <jhrozek@redhat.com> - 1.10.0-7.beta1 Jakub Hrozek <jhrozek@redhat.com> - 1.10.0-6.beta1 Jakub Hrozek <jhrozek@redhat.com> - 1.10.0-5.beta1 Jakub Hrozek <jhrozek@redhat.com> - 1.10.0-4.beta1 Jakub Hrozek <jhrozek@redhat.com> - 1.10.0-3.beta1 Jakub Hrozek <jhrozek@redhat.com> - 1.10.0-2.alpha1 Jakub Hrozek <jhrozek@redhat.com> - 1.10.0-1.alpha1 Stephen Gallagher <sgallagh@redhat.com> - 1.9.4-9 Jakub Hrozek <jhrozek@redhat.com> - 1.9.4-8 Jakub Hrozek <jhrozek@redhat.com> - 1.9.4-7 Jakub Hrozek <jhrozek@redhat.com> - 1.9.4-6 Jakub Hrozek <jhrozek@redhat.com> - 1.9.4-5 Jakub Hrozek <jhrozek@redhat.com> - 1.9.4-4 Jakub Hrozek <jhrozek@redhat.com> - 1.9.4-3 Jakub Hrozek <jhrozek@redhat.com> - 1.9.4-2 Jakub Hrozek <jhrozek@redhat.com> - 1.9.4-1 Jakub Hrozek <jhrozek@redhat.com> - 1.9.3-1 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-5 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-4 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-3 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-2 Jakub Hrozek <jhrozek@redhat.com> - 1.9.2-1 Jakub Hrozek <jhrozek@redhat.com> - 1.9.1-1 Jakub Hrozek <jhrozek@redhat.com> - 1.9.0-24 Jakub Hrozek <jhrozek@redhat.com> - 1.9.0-24 Jakub Hrozek <jhrozek@redhat.com> - 1.9.0-23 Jakub Hrozek <jhrozek@redhat.com> - 1.9.0-22.rc1 Jakub Hrozek <jhrozek@redhat.com> - 1.9.0-21.beta7 Jakub Hrozek <jhrozek@redhat.com> - 1.9.0-20.beta6 Jakub Hrozek <jhrozek@redhat.com> - 1.9.0-19.beta6 Jakub Hrozek <jhrozek@redhat.com> - 1.9.0-18.beta6 Jakub Hrozek <jhrozek@redhat.com> - 1.9.0-17.beta6 Jakub Hrozek <jhrozek@redhat.com> - 1.9.0-16.beta6 Jakub Hrozek <jhrozek@redhat.com> - 1.9.0-14.beta6 Jakub Hrozek <jhrozek@redhat.com> - 1.9.0-13.beta6 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.9.0-13.beta5 Jakub Hrozek <jhrozek@redhat.com> - 1.9.0-12.beta5 Stephen Gallagher <sgallagh@redhat.com> - 1.9.0-11.beta4 Jakub Hrozek <jhrozek@redhat.com> - 1.9.0-10.beta4 Jakub Hrozek <jhrozek@redhat.com> - 1.9.0-9.beta4 Stephen Gallagher <sgallagh@redhat.com> - 1.9.0-8.beta3 Stephen Gallagher <sgallagh@redhat.com> - 1.9.0-7.beta2 Stephen Gallagher <sgallagh@redhat.com> - 1.9.0-6.beta2 Stephen Gallagher <sgallagh@redhat.com> - 1.9.0-5.beta2 Stephen Gallagher <sgallagh@redhat.com> - 1.9.0-4.beta1 Stephen Gallagher <sgallagh@redhat.com> - 1.9.0-3.beta1 Stephen Gallagher <sgallagh@redhat.com> - 1.9.0-2.beta1 Stephen Gallagher <sgallagh@redhat.com> - 1.9.0-1.beta1 Stephen Gallagher <sgallagh@redhat.com> - 1.8.3-11 Stephen Gallagher <sgallagh@redhat.com> - 1.8.2-10 Stephen Gallagher <sgallagh@redhat.com> - 1.8.1-9 Stephen Gallagher <sgallagh@redhat.com> - 1.8.1-8 Stephen Gallagher <sgallagh@redhat.com> - 1.8.1-7 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-6 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-5.beta3 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-4.beta3 Petr Pisar <ppisar@redhat.com> - 1.8.0-3.beta2 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-1.beta2 Stephen Gallagher <sgallagh@redhat.com> - 1.8.0-1.beta1 Stephen Gallagher <sgallagh@redhat.com> - 1.7.0-5 Stephen Gallagher <sgallagh@redhat.com> - 1.7.0-4 Stephen Gallagher <sgallagh@redhat.com> - 1.7.0-3 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.7.0-2 Stephen Gallagher <sgallagh@redhat.com> - 1.7.0-1 Stephen Gallagher <sgallagh@redhat.com> - 1.6.4-1 Stephen Gallagher <sgallagh@redhat.com> - 1.6.3-5 Stephen Gallagher <sgallagh@redhat.com> - 1.6.3-4 Jakub Hrozek <jhrozek@redhat.com> - 1.6.3-3 Stephen Gallagher <sgallagh@redhat.com> - 1.6.3-2 Stephen Gallagher <sgallagh@redhat.com> - 1.6.3-1 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.6.2-5 Stephen Gallagher <sgallagh@redhat.com> - 1.6.2-4 Stephen Gallagher <sgallagh@redhat.com> - 1.6.2-3 Stephen Gallagher <sgallagh@redhat.com> - 1.6.2-2 Stephen Gallagher <sgallagh@redhat.com> - 1.6.2-1 Stephen Gallagher <sgallagh@redhat.com> - 1.6.1-1 Stephen Gallagher <sgallagh@redhat.com> - 1.6.0-2 Stephen Gallagher <sgallagh@redhat.com> - 1.6.0-1 Stephen Gallagher <sgallagh@redhat.com> - 1.5.11-2 Stephen Gallagher <sgallagh@redhat.com> - 1.5.10-1 Stephen Gallagher <sgallagh@redhat.com> - 1.5.9-1 Stephen Gallagher <sgallagh@redhat.com> - 1.5.8-1 Stephen Gallagher <sgallagh@redhat.com> - 1.5.7-3 Stephen Gallagher <sgallagh@redhat.com> - 1.5.7-2 Stephen Gallagher <sgallagh@redhat.com> - 1.5.7-1 Stephen Gallagher <sgallagh@redhat.com> - 1.5.6.1-1 Stephen Gallagher <sgallagh@redhat.com> - 1.5.6-1 Stephen Gallagher <sgallagh@redhat.com> - 1.5.5-5 Stephen Gallagher <sgallagh@redhat.com> - 1.5.5-4 Stephen Gallagher <sgallagh@redhat.com> - 1.5.5-3 Stephen Gallagher <sgallagh@redhat.com> - 1.5.5-2 Stephen Gallagher <sgallagh@redhat.com> - 1.5.5-1 Stephen Gallagher <sgallagh@redhat.com> - 1.5.4-1 Stephen Gallagher <sgallagh@redhat.com> - 1.5.3-2 Stephen Gallagher <sgallagh@redhat.com> - 1.5.3-1 Stephen Gallagher <sgallagh@redhat.com> - 1.5.2-1 Simo Sorce <ssorce@redhat.com> - 1.5.1-9 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-8 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-7 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-6 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-5 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5.1-4 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-3 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-2 Stephen Gallagher <sgallagh@redhat.com> - 1.5.1-1 Stephen Gallagher <sgallagh@redhat.com> - 1.5.0-2 Stephen Gallagher <sgallagh@redhat.com> - 1.5.0-1 Stephen Gallagher <sgallagh@redhat.com> - 1.4.1-3 Stephen Gallagher <sgallagh@redhat.com> - 1.4.1-2 Stephen Gallagher <sgallagh@redhat.com> - 1.4.1-1 Stephen Gallagher <sgallagh@redhat.com> - 1.4.0-2 Stephen Gallagher <sgallagh@redhat.com> - 1.4.0-1 Stephen Gallagher <sgallagh@redhat.com> - 1.3.0-35 Stephen Gallagher <sgallagh@redhat.com> - 1.3.0-34 Stephen Gallagher <sgallagh@redhat.com> - 1.3.0-33 Stephen Gallagher <sgallagh@redhat.com> - 1.3.0-32 Stephen Gallagher <sgallagh@redhat.com> - 1.3.0-31 Stephen Gallagher <sgallagh@redhat.com> - 1.3.0-30 David Malcolm <dmalcolm@redhat.com> - 1.2.91-21 Stephen Gallagher <sgallagh@redhat.com> - 1.2.91-20 Stephen Gallagher <sgallagh@redhat.com> - 1.2.1-15 Stephen Gallagher <sgallagh@redhat.com> - 1.2.0-12 Stephen Gallagher <sgallagh@redhat.com> - 1.1.92-11 Stephen Gallagher <sgallagh@redhat.com> - 1.1.91-10 Simo Sorce <ssorce@redhat.com> - 1.1.1-3 Stephen Gallagher <sgallagh@redhat.com> - 1.1.1-1 Stephen Gallagher <sgallagh@redhat.com> - 1.1.0-2 Stephen Gallagher <sgallagh@redhat.com> - 1.1.0-1.pre20100317git0ea7f19 Stephen Gallagehr <sgallagh@redhat.com> - 1.0.5-2 Stephen Gallagher <sgallagh@redhat.com> - 1.0.5-1 Stephen Gallagher <sgallagh@redhat.com> - 1.0.4-1 Stephen Gallagher <sgallagh@redhat.com> - 1.0.3-1 Stephen Gallagher <sgallagh@redhat.com> - 1.0.2-1 Stephen Gallagher <sgallagh@redhat.com> - 1.0.1-1 Stephen Gallagher <sgallagh@redhat.com> - 1.0.0-2 Stephen Gallagher <sgallagh@redhat.com> - 1.0.0-1 Stephen Gallagher <sgallagh@redhat.com> - 0.99.1-1 Stephen Gallagher <sgallagh@redhat.com> - 0.99.0-1 Stephen Gallagher <sgallagh@redhat.com> - 0.7.1-1 Stephen Gallagher <sgallagh@redhat.com> - 0.7.0-2 Stephen Gallagher <sgallagh@redhat.com> - 0.7.0-1 Stephen Gallagher <sgallagh@redhat.com> - 0.6.1-2 Stephen Gallagher <sgallagh@redhat.com> - 0.6.1-1 Stephen Gallagher <sgallagh@redhat.com> - 0.6.0-1 Sumit Bose <sbose@redhat.com> - 0.6.0-0 Simo Sorce <ssorce@redhat.com> - 0.5.0-0 Jakub Hrozek <jhrozek@redhat.com> - 0.4.1-4 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.4.1-3 Simo Sorce <ssorce@redhat.com> - 0.4.1-2 Simo Sorce <ssorce@redhat.com> - 0.4.1-1 Simo Sorce <ssorce@redhat.com> - 0.4.1-0 Simo Sorce <ssorce@redhat.com> - 0.3.2-2 Jakub Hrozek <jhrozek@redhat.com> - 0.3.2-1 Simo Sorce <ssorce@redhat.com> - 0.3.1-2 Simo Sorce <ssorce@redhat.com> - 0.3.1-1 Simo Sorce <ssorce@redhat.com> - 0.3.0-2 Simo Sorce <ssorce@redhat.com> - 0.3.0-1 Simo Sorce <ssorce@redhat.com> - 0.2.1-1 Simo Sorce <ssorce@redhat.com> - 0.2.0-1 Jakub Hrozek <jhrozek@redhat.com> - 0.1.0-5.20090309git691c9b3 Jakub Hrozek <jhrozek@redhat.com> - 0.1.0-4 Sumit Bose <sbose@redhat.com> - 0.1.0-3 Jakub Hrozek <jhrozek@redhat.com> - 0.1.0-2 Stephen Gallagher <sgallagh@redhat.com> - 0.1.0-1 - Resolves: rhbz#1456013 - sssd intermittently failing to resolve groups
                           for an AD user in IPA-AD trust environment. - Resolves: rhbz#1450125 - Wrong pam return code for user from subdomain
                           with ad_access_filter - Resolves: rhbz#1446085 - D-Bus interface of sssd is giving inappropriate
                           group information for trusted AD users - Resolves: rhbz#1445821 - sssd does not evaluate AD UPN suffixes which
                           results in failed user logins - Resolves: rhbz#1422183 - Fails to accept any sudo rules if there are
                           two user entries in an ldap role with the same
                           sudo user. - Resolves: rhbz#1418943 - If a long-running task (e.g. enumeration) blocks the
                           sssd_be process, sssd_be can deadlock
- Also Require a new-enough version of selinux-policy so that setpgid() by sssd
  is allowed - Resolves: rhbz#1405584 - SSH: default_domain_suffix is not being used
                           for users' authorized keys - Resolves: rhbz#1404340 - Use-after free in resolver in case the fd is
                           writeable and readable at the same time - Resolves: rhbz#1398673 - autofs map resolution doesn't work offline - Resolves: rhbz#1398169 - sssd fails to start after upgrading to RHEL 7.3 - Resolves: rhbz#1392946 - sudo: ignore case on case insensitive domains - Resolves: rhbz#1393730 - No supplementary groups are resolved for users
                           in nested OUs when domain stanza differs from AD
                           domain - Related: rhbz#1396486 - bz - ldap group names don't resolve after
                          upgrading sssd to 1.14.0 if ldap_nesting_level
                          is set to 0 - Related: rhbz#1396485 - sssd_be keeps crashing - Revert the fix for ignoring sudoUser case as it breaks processing
  of rules that completely lack a sudoUser attribute
- Related: rhbz#1392946 - sudo: ignore case on case insensitive domains - Resolves: rhbz#1392946 - sudo: ignore case on case insensitive domains - Resolves: rhbz#1392893 - IPA: Uninitialized variable during subdomain check - Resolves: rhbz#1392896 - AD provider: SSSD does not retrieve a domain-local
                           group with the AD provider when following AGGUDLP
                           group structure across domains - Resolves: rhbz#1376831 - sssd-common is missing dependency on sssd-sudo - Resolves: rhbz#1371631 - login using gdm calls for gdm-smartcard when
                           smartcard authentication is not enabled - Resolves: rhbz#1373420 - sss_override fails to export - Resolves: rhbz#1375299 - sss_groupshow <user> fails with error "No such
                           group in local domain. Printing groups only
                           allowed in local domain" - Resolves: rhbz#1375182 - SSSD goes offline when the LDAP server returns
                           sizelimit exceeded - Resolves: rhbz#1372753 - Access denied for user when access_provider =
                           krb5 is set in sssd.conf - Resolves: rhbz#1373444 - unable to create group in sssd cache
- Resolves: rhbz#1373577 - unable to add local user in sssd to a group in sssd - Resolves: rhbz#1369118 - Don't enable the default shadowtils domain in RHEL - Fix permissions for the private pipe directory
- Resolves: rhbz#1362716 - selinux avc denial for vsftp login as ipa user - Resolves: rhbz#1371977 - resolving IPA nested user groups is broken in 1.14 - Resolves: rhbz#1368496 - sssd is not able to authenticate with alias - Resolves: rhbz#1371152 - SSSD qualifies principal twice in IPA-AD trust
                           if the principal attribute doesn't exist on the
                           AD side - Apply forgotten patch
- Resolves: rhbz#1368496 - sssd is not able to authenticate with alias
- Resolves: rhbz#1366470 - sssd: throw away the timestamp cache if
                           re-initializing the persistent cache
- Fix deleting non-existent secret
- Related: rhbz#1311056 - Add a Secrets as a Service component - Resolves: rhbz#1362716 - selinux avc denial for vsftp login as ipa user - Resolves: rhbz#1368496 - sssd is not able to authenticate with alias - Resolves: rhbz#1364033 - sssd exits if clock is adjusted backwards
                           after boot - Resolves: rhbz#1362023 - SSSD fails to start when ldap_user_extra_attrs
                           contains mail - Resolves: rhbz#1368324 - libsss_autofs.so is packaged in two packages
                           sssd-common and libsss_autofs - Fix RPM scriptlet plumbing for the sssd-secrets responder
- Related: rhbz#1311056 - Add a Secrets as a Service component - Add socket-activation plumbing for the sssd-secrets responder
- Related: rhbz#1311056 - Add a Secrets as a Service component - Own the secrets directory
- Related: rhbz#1311056 - Add a Secrets as a Service component - Resolves: rhbz#1268874 - Add an option to disable checking for trusted
                           domains in the subdomains provider - Resolves: rhbz#1271280 - sssd stores and returns incorrect information
                           about empty netgroup (ldap-server: 389-ds) - Resolves: rhbz#1290500 - [feat] command to manually list
                           fo_add_server_to_list information - Add several small fixes related to the config API
- Related: rhbz#1072458 - [RFE] SSSD configuration file test tool (sssd_check) - Resolves: rhbz#1349900 - gpo search errors out and gpo_cache file is
                           never created - Fix regressions in the simple access provider
- Resolves: rhbz#1360806 - sssd does not start if sub-domain user is used
                           with simple access provider
- Apply a number of specfile patches to better match the upstream spefile
- Related: rhbz#1290381 - Rebase SSSD to 1.14.x in RHEL-7.3 - Cherry-pick patches from upstream that fix several regressions
- Avoid checking local users in all cases
- Resolves: rhbz#1353951 - sssd_pam leaks file descriptors - Resolves: rhbz#1364118 - [abrt] [faf] sssd: unknown function():
                           /usr/libexec/sssd/sssd_nss killed by 11
- Resolves: rhbz#1361563 - Wrong pam error code returned for password
                           change in offline mode - Resolves: rhbz#1309745 - Support multiple principals for IPA users - Resolves: rhbz#1304992 - Handle overriden name of members in the
                           memberUid attribute - handle unresolvable sites more gracefully
- Resolves: rhbz#1346011 - sssd is looking at a server in the GC of a
                           subdomain, not the root domain.
- fix compilation warnings in unit tests - fix capaths output
- Resolves: rhbz#1344940 - GSSAPI error causes failures for child domain
                           user logins across IPA - AD trust
- also fix Coverity issues in the secrets responder and suppress noisy
  debug messages when setting the timestamp cache - Resolves: rhbz#1356577 - sssctl: Time stamps without time zone information - Resolves: rhbz#1354414 - New or modified ID-View User overrides are not
                           visible unless rm -f /var/lib/sss/db/*cache* - Resolves: rhbz#1211631 - [RFE] Support of UPN for IdM trusted domains - Resolves: rhbz#1350520 - [abrt] sssd-common: ipa_dyndns_update_send():
                           sssd_be killed by SIGSEGV - Resolves: rhbz#1349882 - sssd does not work under non-root user
- Also cherry-pick a few patches from upstream to fix config schema
- Related: rhbz#1072458 - [RFE] SSSD configuration file test tool (sssd_check) - Sync a few minor patches from upstream
- Fix sssctl manpage
- Fix nss-tests unit test on big-endian machines
- Fix several issues in the config schema
- Related: rhbz#1072458 - [RFE] SSSD configuration file test tool (sssd_check) - Bundle http-parser
- Resolves: rhbz#1311056 - Add a Secrets as a Service component - Sync a few minor patches from upstream
- Fix a failover issue
- Resolves: rhbz#1334749 - sssd fails to mark a connection as bad on
                           searches that time out - Explicitly BuildRequire newer ding-libs
- Resolves: rhbz#1072458 - [RFE] SSSD configuration file test tool (sssd_check) - New upstream release 1.14.0
- Resolves: rhbz#1290381 - Rebase SSSD to 1.14.x in RHEL-7.3
- Resolves: rhbz#835492 - [RFE] SSSD admin tool request - force reload
- Resolves: rhbz#1072458 - [RFE] SSSD configuration file test tool (sssd_check)
- Resolves: rhbz#1278691 - Please fix rfc2307 autofs schema defaults
- Resolves: rhbz#1287209 - default_domain_suffix Appended to User Name
- Resolves: rhbz#1300663 - Improve sudo protocol to support configurations
                           with default_domain_suffix
- Resolves: rhbz#1312275 - Support authentication indicators from IPA - Resolves: rhbz#1290381 - Rebase SSSD to 1.14.x in RHEL-7.3
- Resolves: rhbz#790113 - [RFE] "include" directive in sssd.conf
- Resolves: rhbz#874985 - [RFE] AD provider support for automount lookups
- Resolves: rhbz#879333 - [RFE] SSSD admin tool request - status overview
- Resolves: rhbz#1140022 - [RFE]Allow sssd to add a new option that would
                           specify which server to update DNS with
- Resolves: rhbz#1290380 - RFE: Improve SSSD performance in large
                           environments
- Resolves: rhbz#883886 - sssd: incorrect checks on length values during
                          packet decoding
- Resolves: rhbz#988207 - sssd does not detail which line in configuration
                          is invalid
- Resolves: rhbz#1007969 - sssd_cache does not remove have an option to
                           remove the sssd database
- Resolves: rhbz#1103249 - PAC responder needs much time to process large
                           group lists
- Resolves: rhbz#1118257 - Users in ipa groups, added to netgroups are
                           not resovable
- Resolves: rhbz#1269018 - Too much logging from sssd_be
- Resolves: rhbz#1293695 - sssd mixup nested group from AD trusted domains
- Resolves: rhbz#1308935 - After removing certificate from user in IPA
                           and even after sss_cache, FindByCertificate
                           still finds the user
- Resolves: rhbz#1315766 - SSSD PAM module does not support multiple
                           password prompts (e.g. Password + Token) with sudo
- Resolves: rhbz#1316164 - SSSD fails to process GPO from Active Directory
- Resolves: rhbz#1322458 - sssd_be[11010]: segfault at 0 ip 00007ff889ff61bb
                           sp 00007ffc7d66a3b0 error 4 in
                           libsss_ipa.so[7ff889fcf000+5d000] - Resolves: rhbz#1290381 - Rebase SSSD to 1.14.x in RHEL-7.3
- The rebase includes fixes for the following bugzillas:
- Resolves: rhbz#789477 - [RFE] SUDO: Support the IPA schema
- Resolves: rhbz#1059972 - RFE: SSSD: Automatically assign new slices for
                           any AD domain
- Resolves: rhbz#1233200 - man sssd.conf should clarify details about
                           subdomain_inherit option.
- Resolves: rhbz#1238144 - Need better libhbac debuging added to sssd
- Resolves: rhbz#1265366 - sss_override segfaults when accidentally adding
                           --help flag to some commands
- Resolves: rhbz#1269512 - sss_override: memory violation
- Resolves: rhbz#1278566 - crash in sssd when non-Englsh locale is used
                           and pam_strerror prints non-ASCII characters
- Resolves: rhbz#1283686 - groups get deleted from the cache
- Resolves: rhbz#1290378 - Smart Cards: Certificate in the ID View
- Resolves: rhbz#1292238 - extreme memory usage in libnfsidmap sss.so
                           plug-in when resolving groups with many members
- Resolves: rhbz#1292456 - sssd_be AD segfaults on missing A record
- Resolves: rhbz#1294670 - Local users with local sudo rules causes
                           LDAP queries
- Resolves: rhbz#1296618 - Properly remove OriginalMemberOf attribute in
                           SSSD cache if user has no secondary groups anymore
- Resolves: rhbz#1299553 - Cannot retrieve users after upgrade from 1.12
                           to 1.13
- Resolves: rhbz#1302821 - Cannot start sssd after switching to non-root
- Resolves: rhbz#1310877 - [RFE] Support Automatic Renewing of Kerberos
                           Host Keytabs
- Resolves: rhbz#1313014 - sssd is not closing sockets properly
- Resolves: rhbz#1318996 - SSSD does not fail over to next GC
- Resolves: rhbz#1327270 - local overrides: issues with sub-domain users
                           and mixed case names
- Resolves: rhbz#1342547 - sssd-libwbclient: wbcSidsToUnixIds should not
                           fail on lookup errors - Build the PAC plugin with krb5-1.14
- Related: rhbz#1336688 - sssd tries to resolve global catalog servers
                          from AD forest sub-domains in AD-IPA trust setup - Resolves: rhbz#1336688 - sssd tries to resolve global catalog servers
                           from AD forest sub-domains in AD-IPA trust setup - Resolves: rhbz#1290853 - [sssd] Trusted (AD) user's info stays in sssd
                           cache for much more than expected. - Resolves: rhbz#1336706 - sssd_nss memory usage keeps growing when trying
                           to retrieve non-existing netgroups - Resolves: rhbz#1296902 - In IPA-AD trust environment access is granted
                           to AD user even if the user is disabled on AD. - Resolves: rhbz#1334159 - IPA provider crashes if a netgroup from a
                           trusted domain is requested - Resolves: rhbz#1308913 - sssd be memory leak in sssd's memberof plugin
- More patches from upstream related to the memory leak - Resolves: rhbz#1308913 - sssd be memory leak in sssd's memberof plugin - Resolves: rhbz#1300740 - [RFE] IPA: resolve external group memberships
                           of IPA groups during getgrnam and getgrgid - Resolves: rhbz#1284814  - sssd: [sysdb_add_user] (0x0400): Error: 17 - Resolves: rhbz#1270827 - local overrides: don't contact server with
                           overridden name/id - Resolves: rhbz#1267837 - sssd_be crashed in ipa_srv_ad_acct_lookup_step - Resolves: rhbz#1267176 - Memory leak / possible DoS with krb auth. - Resolves: rhbz#1267836 - PAM responder crashed if user was not set - Resolves: rhbz#1266107 - AD: Conditional jump or move depends on
                           uninitialised value - Resolves: rhbz#1250135 - Detect re-established trusts in the IPA
                           subdomain code - Fix a Coverity warning in dyndns code
- Resolves: rhbz#1261155 - nsupdate exits on first GSSAPI error instead
                           of processing other commands - Resolves: rhbz#1261155 - nsupdate exits on first GSSAPI error instead
                           of processing other commands - Resolves: rhbz#1263735 - Could not resolve AD user from root domain - Remove -d from sss_override manpage
- Related: rhbz#1259512 - sss_override : The local override user is not found - Patches required for better handling of failover with one-way trusts
- Related: rhbz#1250135 - Detect re-established trusts in the IPA subdomain
                          code - Resolves: rhbz#1263587 - sss_override --name doesn't work with RFC2307
                           and ghost users - Resolves: rhbz#1259512 - sss_override : The local override user is not found - Resolves: rhbz#1260027 - sssd_be memory leak with sssd-ad in GPO code - Resolves: rhbz#1256398 - sssd cannot resolve user names containing
                           backslash with ldap provider - Resolves: rhbz#1254189 - sss_override contains an extra parameter --debug
                           but is not listed in the man page or in
                           the arguments help - Resolves: rhbz#1254518 - Fix crash in nss responder - Support import/export for local overrides
- Support FQDNs for local overrides
- Resolves: rhbz#1254184 - sss_override does not work correctly when
                           'use_fully_qualified_names = True' - Resolves: rhbz#1244950 - Add index for 'objectSIDString' and maybe to
                           other cache attributes - Resolves: rhbz#1250415 - sssd: p11_child hardening - Related: rhbz#1250135 - Detect re-established trusts in the IPA
                          subdomain code - Resolves: rhbz#1202724 - [RFE] Add a way to lookup users based on CAC
                           identity certificates - Resolves: rhbz#1232950 - [IPA/IdM] sudoOrder not honored as expected - Fix wildcard_limit=0
- Resolves: rhbz#1206571 - [RFE] Expose D-BUS interface - Fix race condition in invalidating the memory cache
- Related: rhbz#1206575 - [RFE] The fast memory cache should cache initgroups - Resolves: rhbz#1249015 - KDC proxy not working with SSSD krb5_use_kdcinfo
                           enabled - Bump release number
- Related: rhbz#1246489 - sss_obfuscate fails with "ImportError: No module
                          named pysss" - Fix missing dependency of sssd-tools
- Resolves: rhbz#1246489 - sss_obfuscate fails with "ImportError: No module
                           named pysss" - More memory cache related fixes
- Related: rhbz#1206575 - [RFE] The fast memory cache should cache initgroups - Remove binary blob from SC patches as patch(1) can't handle those
- Related: rhbz#854396 - [RFE] Support for smart cards - Resolves: rhbz#1244949 - getgrgid for user's UID on a trust client
                           prevents getpw* - Fix memory cache integration tests
- Resolves: rhbz#1206575 - [RFE] The fast memory cache should cache initgroups
- Resolves: rhbz#854396 - [RFE] Support for smart cards - Remove OTP from PAM stack correctly
- Related: rhbz#1200873 - [RFE] Allow smart multi step prompting when
                          user logs in with password and token code from IPA
- Handle sssd-owned keytabs when sssd runs as root
- Related: rhbz#1205144 - RFE: Support one-way trusts for IPA - Resolves: rhbz#1183747 - [FEAT] UID and GID mapping on individual clients - Resolves: rhbz#1206565 - [RFE] Add dualstack and multihomed support
- Resolves: rhbz#1187146 - If v4 address exists, will not create nonexistant
                           v6 in ipa domain - Resolves: rhbz#1242942 - well-known SID check is broken for NetBIOS prefixes - Resolves: rhbz#1234722 - sssd ad provider fails to start in rhel7.2 - Add support for InfoPipe wildcard requests
- Resolves: rhbz#1206571 - [RFE] Expose D-BUS interface - Also package the initgr memcache
- Related: rhbz#1205554 - Rebase SSSD to 1.13.x - Rebase to 1.13.0 upstream
- Related: rhbz#1205554 - Rebase SSSD to 1.13.x
- Resolves: rhbz#910187 - [RFE] authenticate against cache in SSSD
- Resolves: rhbz#1206575 - [RFE] The fast memory cache should cache initgroups - Don't default to SSSD user
- Related: rhbz#1205554 - Rebase SSSD to 1.13.x - Related: rhbz#1205554 - Rebase SSSD to 1.13.x
- GPO default should be permissve - Resolves: rhbz#1205554 - Rebase SSSD to 1.13.x
- Relax the libldb requirement
- Resolves: rhbz#1221992 - sssd_be segfault at 0 ip sp error 6 in
                           libtevent.so.0.9.21
- Resolves: rhbz#1221839 - SSSD group enumeration inconsistent due to
                           binary SIDs
- Resolves: rhbz#1219285 - Unable to resolve group memberships for AD
                           users when using sssd-1.12.2-58.el7_1.6.x86_64
                           client in combination with
                           ipa-server-3.0.0-42.el6.x86_64 with AD Trust
- Resolves: rhbz#1217559 - [RFE] Support GPOs from different domain controllers
- Resolves: rhbz#1217350 - ignore_group_members doesn't work for subdomains
- Resolves: rhbz#1217127 - Override for IPA users with login does not list
                           user all groups
- Resolves: rhbz#1216285 - autofs provider fails when default_domain_suffix
                           and use_fully_qualified_names set
- Resolves: rhbz#1214719 - Group resolution is inconsistent with group
                           overrides
- Resolves: rhbz#1214718 - Overridde with --login fails trusted adusers
                           group membership resolution
- Resolves: rhbz#1214716 - idoverridegroup for ipa group with --group-name
                           does not work
- Resolves: rhbz#1214337 - Overrides with --login work in second attempt
- Resolves: rhbz#1212489 - Disable the cleanup task by default
- Resolves: rhbz#1211830 - external users do not resolve with
                           "default_domain_suffix" set in IPA server sssd.conf
- Resolves: rhbz#1210854 - Only set the selinux context if the context
                           differs from the local one
- Resolves: rhbz#1209483 - When using id_provider=proxy with
                           auth_provider=ldap, it does not work as expected
- Resolves: rhbz#1209374 - Man sssd-ad(5) lists Group Policy Management
                           Editor naming for some policies but not for all
- Resolves: rhbz#1208507 - sysdb sudo search doesn't escape special characters
- Resolves: rhbz#1206571 - [RFE] Expose D-BUS interface
- Resolves: rhbz#1206566 - SSSD does not update Dynamic DNS records if
                           the IPA domain differs from machine hostname's
                           domain
- Resolves: rhbz#1206189 - [bug] sssd always appends default_domain_suffix
                           when checking for host keys
- Resolves: rhbz#1204203 - sssd crashes intermittently
- Resolves: rhbz#1203945 - [FJ7.0 Bug]: getgrent returns error because
                           sss is written in nsswitch.conf as default
- Resolves: rhbz#1203642 - GPO access control looks for computer object
                           in user's domain only
- Resolves: rhbz#1202245 - SSSD's HBAC processing is not permissive enough
                           with broken replication entries
- Resolves: rhbz#1201271 - sssd_nss segfaults if initgroups request is by
                           UPN and doesn't find anything
- Resolves: rhbz#1200873 - [RFE] Allow smart multi step prompting when
                           user logs in with password and token code from IPA
- Resolves: rhbz#1199541 - Read and use the TTL value when resolving a
                           SRV query
- Resolves: rhbz#1199533 - [RFE] Implement background refresh for users,
                           groups or other cache objects
- Resolves: rhbz#1199445 - Does sssd-ad use the most suitable attribute
                           for group name?
- Resolves: rhbz#1198477 - ccname_file_dummy is not unlinked on error
- Resolves: rhbz#1187103 - [RFE] User's home directories are not taken
                           from AD when there is an IPA trust with AD
- Resolves: rhbz#1185536 - In ipa-ad trust, with 'default_domain_suffix' set
                           to AD domain, IPA user are not able to log unless
                           use_fully_qualified_names is set
- Resolves: rhbz#1175760 - [RFE] Have OpenLDAP lock out ssh keys when
                           account naturally expires
- Resolves: rhbz#1163806 - [RFE]ad provider dns_discovery_domain option:
                           kerberos discovery is not using this option
- Resolves: rhbz#1205160 - Complain loudly if backend doesn't start due
                           to missing or invalid keytab - Resolves: rhbz#1226119 - Properly handle AD's binary objectGUID - Filter out domain-local groups during AD initgroups operation
- Related: rhbz#1201840 - SSSD downloads too much information when fetching
                          information about groups - Resolves: rhbz#1201840 - SSSD downloads too much information when fetching
                           information about groups - Initialize variable in the views code in one success and one failure path
- Resolves: rhbz#1202170 - sssd_be segfault on IPA(when auth with AD
                           trusted domain) client at
                           src/providers/ipa/ipa_s2n_exop.c:1605 - Resolves: rhbz#1202170 - sssd_be segfault on IPA(when auth with AD
                           trusted domain) client at
                           src/providers/ipa/ipa_s2n_exop.c:1605 - Handle case where there is no default and no rules
- Resolves: rhbz#1192314 - With empty ipaselinuxusermapdefault security
                           context on client is staff_u - Set a pointer in ldap_child to NULL to avoid warnings
- Related: rhbz#1198759 - ccname_file_dummy is not unlinked on error - Resolves: rhbz#1199143 - With empty ipaselinuxusermapdefault security
                           context on client is staff_u - Resolves: rhbz#1198759 - ccname_file_dummy is not unlinked on error - Run the restart in sssd-common posttrans
- Explicitly require libwbclient
- Resolves: rhbz#1187113 - sssd deamon was not running after RHEL 7.1 upgrade - Resolves: rhbz#1187113 - sssd deamon was not running after RHEL 7.1 upgrade - Fix endianess bug in fill_id()
- Related: rhbz#1109331 - [RFE] Allow SSSD to be used with smbd shares - Resolves: rhbz#1168904 - gid is overridden by uid in default trust view - Resolves: rhbz#1187192 - IPA initgroups don't work correctly in
                           non-default view - Resolves: rhbz#1184982 - Need to set different umask in selinux_child - Bump the release number
- Related: rhbz#1184140 - Users saved throug extop don't have the
                          originalMemberOf attribute - Add a patch dependency
- Related: rhbz#1184140 - Users saved throug extop don't have the
                          originalMemberOf attribute - Process ghost members only once
- Fix processing of universal groups with members from different domains
- Related: rhbz#1168904 - gid is overridden by uid in default trust view - Related: rhbz#1184140 - Users saved throug extop don't have the
                          originalMemberOf attribute - Resolves: rhbz#1185188 - Uncached SIDs cannot be resolved - Handle GID override in MPG domains
- Handle views with mixed-case domains
- Related: rhbz#1168904 - gid is overridden by uid in default trust view - Open socket to the PAC responder in krb5_child before dropping root
- Related: rhbz#1184140 - Users saved throug extop don't have the
                          originalMemberOf attribute - Resolves: rhbz#1184140 - Users saved throug extop don't have the
                           originalMemberOf attribute - Resolves: rhbz#1182183 - pam_sss(sshd:auth): authentication failure with
                           user from AD - Resolves: rhbz#889206 - On clock skew sssd returns system error - Related: rhbz#1168904 - gid is overridden by uid in default trust view - Resolves: rhbz#1177140 - gpo_child fails if "log level" is enabled in smb.conf
- Related: rhbz#1168904 - gid is overridden by uid in default trust view - Resolves: rhbz#1175408 - SSSD should not fail authentication when only allow
                           rules are used
- Resolves: rhbz#1175705 - sssd-libwbclient conflicts with Samba's and causes
                           crash in wbinfo
                           - in addition to the patch libwbclient.so is
                             filtered out of the Provides list of the package - Resolves: rhbz#1171215 - Crash in function get_object_from_cache
- Resolves: rhbz#1171383 - getent fails for posix group with AD users after
                           login
- Resolves: rhbz#1171382 - getent of AD universal group fails after group users
                           login
- Resolves: rhbz#1170300 - Access is not rejected for disabled domain
- Resolves: rhbz#1162486 - Error processing external groups with
                           getgrnam/getgrgid in the server mode
- Resolves: rhbz#1168904 - gid is overridden by uid in default trust view - Resolves: rhbz#1169459 - sssd-ad: The man page description to enable GPO HBAC
                           Policies are unclear
- Related: rhbz#1113783 - sssd should run under unprivileged user - Rebuild to add several forgotten Patch entries
- Resolves: rhbz#1173482 - MAN: Document that only user names are checked
                           for pam_trusted_users
- Resolves: rhbz#1167324 - pam_sss domains option: User auth should fail
                           when domains=<emtpy value> - Remove Coverity warnings in krb5_child code
- Related: rhbz#1113783 - sssd should run under unprivileged user - Resolves: rhbz#1173482 - MAN: Document that only user names are checked
                           for pam_trusted_users
- Resolves: rhbz#1167324 - pam_sss domains option: User auth should fail
                           when domains=<emtpy value> - Don't error out on chpass with OTPs
- Related: rhbz#1109756 - Rebase SSSD to 1.12 - Resolves: rhbz#1124320 - [FJ7.0 Bug]: getgrent returns error because sss
                           is written in nsswitch.conf as default. - Resolves: rhbz#1169739 - selinuxusermap rule does not apply to trusted
                           AD users
- Enable running unit tests without cmocka
- Related: rhbz#1113783 - sssd should run under unprivileged user - krb5_child and ldap_child do not call Kerberos calls as root
- Related: rhbz#1113783 - sssd should run under unprivileged user - Resolves: rhbz#1168735 - The Kerberos provider is not properly views-aware - Fix typo in libwbclient-devel alternatives invocation
- Related: rhbz#1109331 - [RFE] Allow SSSD to be used with smbd shares - Resolves: rhbz#1166727 - pam_sss domains option: Untrusted users from
                           the same domain are allowed to auth. - Handle migrating clients between views
- Related: rhbz#891984 - [RFE] ID Views: Support migration from the sync
                         solution to the trust solution - Use alternatives for libwbclient
- Related: rhbz#1109331 - [RFE] Allow SSSD to be used with smbd shares - Resolves: rhbz#1165794 - sssd does not work with custom value of option
                           re_expression - Add an option that describes where to put generated krb5 files to
- Related: rhbz#1135043 - [RFE] Implement localauth plugin for MIT krb5 1.12 - Handle IPA group names returned from the extop plugin
- Related: rhbz#891984 - [RFE] ID Views: Support migration from the sync
                         solution to the trust solution - Resolves: rhbz#1165792 - automount segfaults in sss_nss_check_header - Resolves: rhbz#1163742 - "debug_timestamps = false" and "debug_microseconds
                           = true" do not work after enabling journald
                           with sssd. - Resolves: rhbz#1153593 - Manpage description of case_sensitive=preserving
                          is incomplete - Support views for IPA users
- Related: rhbz#891984 - [RFE] ID Views: Support migration from the sync
                         solution to the trust solution - Update man page to clarify TGs should be disabled with a custom search base
- Related: rhbz#1161741 - TokenGroups for LDAP provider breaks in corner cases - Use upstreamed patches for the rootless sssd
- Related: rhbz#1113783 - sssd should run under unprivileged user - Resolves: rhbz#1153603 - Proxy Provider: Fails to lookup case sensitive
                           users and groups with case_sensitive=preserving - Resolves: rhbz#1161741 - TokenGroups for LDAP provider breaks in corner cases - Resolves: rhbz#1162480 - dereferencing failure against openldap server - Move adding the user from pretrans to pre, copy adding the user to
  sssd-krb5-common and sssd-ipa as well in order to work around yum
  ordering issue
- Related: rhbz#1113783 - sssd should run under unprivileged user - Resolves: rhbz#1113783 - sssd should run under unprivileged user - Fix two regressions in the new selinux_child process
- Related: rhbz#1113783 - sssd should run under unprivileged user
- Resolves: rhbz#1132365 - Remove password from the PAM stack if OTP is used - Include the ldap_child and selinux_child patches for rootless sssd
- Related: rhbz#1113783 - sssd should run under unprivileged user - Support overriding SSH public keys with views
- Support extended attributes via the extop plugin
- Related: rhbz#1109756 - Rebase SSSD to 1.12
- Resolves: rhbz#1137010 - disable midpoint refresh for netgroups if ptask
                           refresh is enabled - Resolves: rhbz#1153518 - service lookups returned in lowercase with
                           case_sensitive=preserving
- Resolves: rhbz#1158809 - Enumeration shows only a single group multiple
                           times - Include the responder and packaging patches for rootless sssd
- Related: rhbz#1113783 - sssd should run under unprivileged user - Amend the sssd-ldap man page with info about lockout setup
- Related: rhbz#1109756 - Rebase SSSD to 1.12
- Resolves: rhbz#1137014 - Shell fallback mechanism in SSSD 
- Resolves: rhbz#790854 - 4 functions with reference leaks within sssd (src/python/pyhbac.c) - Fix regressions caused by views patches when SSSD is connected to a
  pre-4.0 IPA server
- Related: rhbz#1109756 - Rebase SSSD to 1.12 - Add the low-level server changes for running as unprivileged user
- Package the libsss_semange library needed for SELinux label changes
- Related: rhbz#1113783 - sssd should run under unprivileged user 
- Resolves: rhbz#1113784 - sssd should audit selinux user map changes - Use libsemanage for SELinux label changes
- Resolves: rhbz#1113784 - sssd should audit selinux user map changes - Rebase SSSD to 1.12.2
- Related: rhbz#1109756 - Rebase SSSD to 1.12 - Sync with upstream
- Related: rhbz#1109756 - Rebase SSSD to 1.12 - Rebuild against ding-libs with fixed SONAME
- Related: rhbz#1109756 - Rebase SSSD to 1.12 - Rebase SSSD to 1.12.1
- Related: rhbz#1109756 - Rebase SSSD to 1.12 - Require ldb 2.1.17
- Related: rhbz#1133914 - Rebase libldb to version 1.1.17 or newer - Fix fully qualified IFP lookups
- Related: rhbz#1109756 - Rebase SSSD to 1.12 - Rebase SSSD to 1.12.0
- Related: rhbz#1109756 - Rebase SSSD to 1.12 - Squash in upstream review comments about the PAC patch
- Related: rhbz#1097286 - Expanding home directory fails when the request
                          comes from the PAC responder - Backport a patch to allow krb5-utils-test to run as root
- Related: rhbz#1097286 - Expanding home directory fails when the request
                          comes from the PAC responder - Resolves: rhbz#1097286 - Expanding home directory fails when the request
                           comes from the PAC responder - Fix a DEBUG message, backport two related fixes
- Related: rhbz#1090653 - segfault in sssd_be when second domain tree
                           users are queried while joined to child domain - Resolves: rhbz#1090653 - segfault in sssd_be when second domain tree
                           users are queried while joined to child domain - Resolves: rhbz#1082191 - RHEL7 IPA selinuxusermap hbac rule not always
                           matching - Resolves: rhbz#1077328 - other subdomains are unavailable when joined
                           to a subdomain in the ad forest - Resolves: rhbz#1078877 - Valgrind: Invalid read of int while processing
                           netgroup - Resolves: rhbz#1075092 - Password change w/ OTP generates error on success - Resolves: rhbz#1078840 -  Error during password change - Resolves: rhbz#1075663 - SSSD should create the SELinux mapping file
                           with format expected by pam_selinux - Related: rhbz#1075621 - Add another Kerberos error code to trigger IPA
                          password migration - Related: rhbz#1073635 - IPA SELinux code looks for the host in the wrong
                          sysdb subdir when a trusted user logs in - Related: rhbz#1066096 - not retrieving homedirs of AD users with
                          posix attributes - Related: rhbz#1072995 -  AD group inconsistency when using AD provider
                           in sssd-1.11-40 - Resolves: rhbz#1073631 - sssd fails to handle expired passwords
                           when OTP is used - Resolves: rhbz#1072067 - SSSD Does not cache SELinux map from FreeIPA
                           correctly - Resolves: rhbz#1071903 - ipa-server-mode: Use lower-case user name
                           component in home dir path - Resolves: rhbz#1068725 - Evaluate usage of sudo LDAP provider together
                           with the AD provider - Fix idmap documentation
- Bump idmap version info
- Related: rhbz#1067361 - Check IPA idranges before saving them to the cache - Pull some follow up man page fixes from upstream
- Related: rhbz#1060389 - Document that `sssd` cache needs to be cleared
                          manually, if ID mapping configuration changes
- Related: rhbz#1064908 - MAN: Remove misleading memberof example from
                          ldap_access_filter example - Resolves: rhbz#1060389 - Document that `sssd` cache needs to be cleared
                           manually, if ID mapping configuration changes - Resolves: rhbz#1064908 - MAN: Remove misleading memberof example from
                           ldap_access_filter example - Resolves: rhbz#1068723 - Setting int option to 0 yields the default value - Resolves: rhbz#1067361 - Check IPA idranges before saving them to the cache - Resolves: rhbz#1067476 - SSSD pam module accepts usernames with leading
                           spaces - Resolves: rhbz#1033069 - Configuring two different provider types might
                           start two parallel enumeration tasks - Resolves: rhbz#1068640 - 'IPA: Don't call tevent_req_post outside _send'
                           should be added to RHEL7 - Resolves: rhbz#1063977 - SSSD needs to enable FAST by default - Resolves: rhbz#1064582 - sss_cache does not reset the SYSDB_INITGR_EXPIRE
                           attribute when expiring users - Resolves: rhbz#1033081 - Implement heuristics to detect if POSIX attributes
                           have been replicated to the Global Catalog or not - Resolves: rhbz#872177 - [RFE] subdomain homedir template should be
                          configurable/use flatname by default - Resolves: rhbz#1059753 - Warn with a user-friendly error message when
                           permissions on sssd.conf are incorrect - Resolves: rhbz#1037653 - Enabling ldap_id_mapping doesn't exclude
                           uidNumber in filter - Resolves: rhbz#1059253 - Man page states default_shell option supersedes
                           other shell options but in fact override_shell does.
- Use the right domain for AD site resolution
- Related: rhbz#743503 -  [RFE] sssd should support DNS sites - Resolves: rhbz#1028039 - AD Enumeration reads data from LDAP while
                           regular lookups connect to GC - Resolves: rhbz#877438 - sudoNotBefore/sudoNotAfter not supported by sssd
                          sudoers plugin - Mass rebuild 2014-01-24 - Resolves: rhbz#1054639 - sssd_be aborts a request if it doesn't match
                           any configured idmap domain - Resolves: rhbz#1054899 - explicitly suggest krb5_auth_timeout in a loud
                           DEBUG message in case Kerberos authentication
                           times out - Resolves: rhbz#1037653 - Enabling ldap_id_mapping doesn't exclude
                           uidNumber in filter - Resolves: rhbz#1051360 - [FJ7.0 Bug]: [REG] sssd_be crashes when
                           ldap_search_base cannot be parsed.
- Fix a typo in the man page
- Related: rhbz#1034920 - RHEL7 sssd not setting IPA AD trusted user homedir - Resolves: rhbz#1054639 - sssd_be aborts a request if it doesn't match
                           any configured idmap domain
- Fix return value when searching for AD domain flat names
- Resolves: rhbz#1048102 - Access denied for users from gc domain when
                           using format DOMAIN\user - Resolves: rhbz#1034920 - RHEL7 sssd not setting IPA AD trusted user homedir - Resolves: rhbz#1048102 - Access denied for users from gc domain when
                           using format DOMAIN\user - Resolves: rhbz#1053106 - sssd ad trusted sub domain do not inherit
                           fallbacks and overrides settings - Resolves: rhbz#1051016 - FAST does not work in SSSD 1.11.2 in Fedora 20 - Resolves: rhbz#1033133 - "System Error" when invalid ad_access_filter
                            is used - Resolves: rhbz#1032983 - sssd_be crashes when ad_access_filter uses
                           FOREST keyword.
- Fix two memory leaks in the PAC responder (Related: rhbz#991065) - Resolves: rhbz#1048184 - Group lookup does not return member with multiple
                           names after user lookup - Resolves: rhbz#1049533 - Group membership lookup issue - Mass rebuild 2013-12-27 - Resolves: rhbz#894068 - sss_cache doesn't support subdomains - Re-initialize subdomains after provider startup
- Related: rhbz#1038637 - If SSSD starts offline, subdomains list is
                          never read - The AD provider is able to resolve group memberships for groups with
  Global and Universal scope
- Related: rhbz#1033096 - tokenGroups do not work reliable with Global
                          Catalog - Resolves: rhbz#1033096 - tokenGroups do not work reliable with Global
                           Catalog
- Resolves: rhbz#1030483 - Individual group search returned multiple
                           results in GC lookups - Resolves: rhbz#1040969 - sssd_nss grows memory footprint when netgroups
                           are requested - Resolves: rhbz#1023409 - Valgrind sssd "Syscall param
                           socketcall.sendto(msg) points to uninitialised
                           byte(s)" - Resolves: rhbz#1037936 - sssd_be crashes occasionally - Resolves: rhbz#1038637 - If SSSD starts offline, subdomains list is
                           never read - Resolves: rhbz#1029631 - sssd_be crashes on manually adding a cleartext
                           password to ldap_default_authtok - Resolves: rhbz#1036758 - SSSD: Allow for custom attributes in RDN when
                           using id_provider = proxy - Resolves: rhbz#1034050 - Errors in domain log when saving user to sysdb - Resolves: rhbz#1036157 - sssd can't retrieve auto.master when using the
                           "default_domain_suffix" option in - Resolves: rhbz#1028057 - Improve detection of the right domain when
                           processing group with members from several domains - Resolves: rhbz#1033084 - sssd_be segfaults if empty grop is resolved
                           using ad_matching_rule - Resolves: rhbz#1031562 - Incorrect mention of access_filter in sssd-ad
                           manpage - Resolves: rhbz#991549 - sssd fails to retrieve netgroups with multiple
                          CN attributes - Skip netgroups that don't provide well-formed triplets
- Related: rhbz#991549 -  sssd fails to retrieve netgroups with multiple
                          CN attributes - New upstream release 1.11.2
- Remove upstreamed patches
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.2
- Resolves: rhbz#991065 - Resolves: rhbz#1019882 - RHEL7 ipa ad trusted user lookups failed with
                           sssd_be crash
- Resolves: rhbz#1002597 - ad: unable to resolve membership when user is
                           from different domain than group - New upstream release 1.11.1
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.1
- Resolves: rhbz#991065 - Rebase SSSD to 1.11.0 - New upstream release 1.11.0
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.0
- Resolves: rhbz#991065 - New upstream release 1.11 beta 2
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.11.0beta2
- Related: rhbz#991065 - Resolves: #906427 - Do not use lib64 in specfile for the nss and
                      pam libraries - Resolves: #983587 - sss_debuglevel did not increase verbosity in
                      sssd_pac.log - Resolves: #983580 - Netgroups should ignore the 'use_fully_qualified_names'
                      setting - Apply several important fixes from upstream 1.10 branch
- Related: #966757 - SSSD failover doesn't work if the first DNS server
                     in resolv.conf is unavailable - New upstream release 1.10.1
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.1 - Remove libcmocka dependency - sssd-tools should require sssd-common, not sssd - Move sssd_pac to the sssd-ipa and sssd-ad subpackages
- Trim out RHEL5-specific macros since we don't build on RHEL 5
- Trim out macros for Fedora older than F18
- Update libldb requirement to 1.1.16
- Trim RPM changelog down to the last year - Move sssd_pac to the sssd-krb5 subpackage - Fix Obsoletes: to account for dist tag
- Convert post and pre scripts to run on the sssd-common subpackage
- Remove old conversion from SYSV - New upstream release 1.10
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.0 - the cmocka toolkit exists only on selected arches - Apply a number of patches from upstream to fix issues found post-beta,
  in particular:
  -- segfault with a high DEBUG level
  -- Fix IPA password migration (upstream #1873)
  -- Fix fail over when retrying SRV resolution (upstream #1886) - Only BuildRequire libcmocka on Fedora - Fix typo in Requires that prevented an upgrade (#973916)
- Use a hardcoded version in Conflicts, not less-than-current - New upstream release 1.10 beta2
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.0beta2
- BuildRequire libcmocka-devel in order to run all upstream tests during build
- BuildRequire libnl3 instead of libnl1
- No longer BuildRequire initscripts, we no longer use /sbin/service
- Remove explicit krb5-libs >= 1.10 requires; this platform doensn't carry any
  older krb5-libs version - Enable hardened build for RHEL7 - Apply a couple of patches from upstream git that resolve crashes when
  ID mapping object was not initialized properly but needed later - Resolves: rhbz#961357 - Missing dyndns_update entry in sssd.conf during
                          realm join
- Resolves: rhbz#961278 - Login failure: Enterprise Principal enabled by
                          default for AD Provider
- Resolves: rhbz#961251 - sssd does not create user's krb5 ccache dir/file
                          parent directory when logging in - Explicitly Require libini_config >= 1.0.0.1 to work around a SONAME bug
  in ding-libs
- Fix SSH integration with fully-qualified domains
- Add the ability to dynamically discover the NetBIOS name - New upstream release 1.10 beta1
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.0beta1 - Add a patch to fix krb5 ccache creation issue with krb5 1.11 - New upstream release 1.10 alpha1
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.10.0alpha1 - Split internal helper libraries into a shared object
- Significantly reduce disk-space usage - Fix the Kerberos password expiration warning (#912223) - Do not write out dots in the domain-realm mapping file (#905650) - Include upstream patch to build with krb5-1.11 - Rebuild against new libldb - Fix build with new automake versions - Recreate Kerberos ccache directory if it's missing
- Resolves: rhbz#853558 - [sssd[krb5_child[PID]]]: Credential cache
                          directory /run/user/UID/ccdir does not exist - Fix changelog dates to make F19 rpmbuild happy - New upstream release 1.9.4 - New upstream release 1.9.3 - Resolve groups from AD correctly - Check the validity of naming context - Move the sss_cache tool to the main package - Include the 1.9.2 tarball - New upstream release 1.9.2 - New upstream release 1.9.1 - require the latest libldb - Use mcpath insted of mcachepath macro to be consistent with
  upsteam spec file - New upstream release 1.9.0 - New upstream release 1.9.0 rc1 - New upstream release 1.9.0 beta7
- obsoletes patches #1-#3 - Rebuild against libldb 1.12 - Rebuild against libldb 1.11 - Change the default ccache location to DIR:/run/user/${UID}/krb5cc
  and patch man page accordingly
- Resolves: rhbz#851304 - Rebuild against libldb 1.10 - Only create the SELinux login file if there are SELinux mappings on
  the IPA server - Don't discard HBAC rule processing result if SELinux is on
  Resolves: rhbz#846792 (CVE-2012-3462) - New upstream release 1.9.0 beta 6
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta6
- A new option, override_shell was added. If this option is set, all users
  managed by SSSD will have their shell set to its value.
- Fixes for the support for setting default SELinux user context from FreeIPA.
- Fixed a regression introduced in beta 5 that broke LDAP SASL binds
- The SSSD supports the concept of a Primary Server and a Back Up Server in
  failover
- A new command-line tool sss_seed is available to help prime the cache with
  a user record when deploying a new machine
- SSSD is now able to discover and save the domain-realm mappings
  between an IPA server and a trusted Active Directory server.
- Packaging changes to fix ldconfig usage in subpackages (#843995)
- Rebuild against libldb 1.1.9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - New upstream release 1.9.0 beta 5
- Obsoletes the patch for missing DP_OPTION_TERMINATOR in AD provider options
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta5
- Many fixes for the support for setting default SELinux user context from
  FreeIPA, most notably fixed the specificity evaluation
- Fixed an incorrect default in the krb5_canonicalize option of the AD
  provider which was preventing password change operation
- The shadowLastChange attribute value is now correctly updated with the
  number of days since the Epoch, not seconds - Fix broken ARM build
- Add missing DP_OPTION_TERMINATOR in AD provider options - Own several directories create during make install (#839782) - New upstream release 1.9.0 beta 4
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta4
- Add a new AD provider to improve integration with Active Directory 2008 R2
  or later servers
- SUDO integration was completely rewritten. The new implementation works
  with multiple domains and uses an improved refresh mechanism to download
  only the necessary rules
- The IPA authentication provider now supports subdomains
- Fixed regression for setups that were setting default_tkt_enctypes
  manually by reverting a previous workaround. - New upstream release 1.9.0 beta 3
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta3
- Add a new PAC responder for dealing with cross-realm Kerberos trusts
- Terminate idle connections to the NSS and PAM responders - Switch unicode library from libunistring to Glib
- Drop unnecessary explicit Requires on keyutils
- Guarantee that versioned Requires include the correct architecture - Fix accidental disabling of the DIR cache support - New upstream release 1.9.0 beta 2
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta2
- Add support for the Kerberos DIR cache for storing multiple TGTs
  automatically
- Major performance enhancement when storing large groups in the cache
- Major performance enhancement when performing initgroups() against Active
  Directory
- SSSDConfig data file default locations can now be set during configure for
  easier packaging - Fix regression in endianness patch - Rebuild SSSD against ding-libs 0.3.0beta1
- Fix endianness bug in service map protocol - Fix several regressions since 1.5.x
- Ensure that the RPM creates the /var/lib/sss/mc directory
- Add support for Netscape password warning expiration control
- Rebuild against libldb 1.1.6 - New upstream release 1.9.0 beta 1
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta1
- Add native support for autofs to the IPA provider
- Support for ID-mapping when connecting to Active Directory
- Support for handling very large (> 1500 users) groups in Active Directory
- Support for sub-domains (will be used for dealing with trust relationships)
- Add a new fast in-memory cache to speed up lookups of cached data on
  repeated requests - New upstream release 1.8.3
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.3
- Numerous manpage and translation updates
- LDAP: Handle situations where the RootDSE isn't available anonymously
- LDAP: Fix regression for users using non-standard LDAP attributes for user
  information - New upstream release 1.8.2
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.2
- Several fixes to case-insensitive domain functions
- Fix for GSSAPI binds when the keytab contains unrelated principals
- Fixed several segfaults
- Workarounds added for LDAP servers with unreadable RootDSE
- SSH knownhostproxy will no longer enter an infinite loop preventing login
- The provided SYSV init script now starts SSSD earlier at startup and stops
  it later during shutdown
- Assorted minor fixes for issues discovered by static analysis tools - Don't duplicate libsss_autofs.so in two packages
- Set explicit package contents instead of globbing - Fix uninitialized value bug causing crashes throughout the code
- Resolves: rhbz#804783 - [abrt] Segfault during LDAP 'services' lookup - New upstream release 1.8.1
- Resolve issue where we could enter an infinite loop trying to connect to an
  auth server
- Fix serious issue with complex (3+ levels) nested groups
- Fix netgroup support for case-insensitivity and aliases
- Fix serious issue with lookup bundling resulting in requests never
  completing
- IPA provider will now check the value of nsAccountLock during pam_acct_mgmt
  in addition to pam_authenticate
- Fix several regressions in the proxy provider
- Resolves: rhbz#743133 - Performance regression with Kerberos authentication
                          against AD
- Resolves: rhbz#799031 - --debug option for sss_debuglevel doesn't work - New upstream release 1.8.0
- Support for the service map in NSS
- Support for setting default SELinux user context from FreeIPA
- Support for retrieving SSH user and host keys from LDAP (Experimental)
- Support for caching autofs LDAP requests (Experimental)
- Support for caching SUDO rules (Experimental)
- Include the IPA AutoFS provider
- Fixed several memory-corruption bugs
- Fixed a regression in group enumeration since 1.7.0
- Fixed a regression in the proxy provider
- Resolves: rhbz#741981 - Separate Cache Timeouts for SSSD
- Resolves: rhbz#797968 - sssd_be: The requested tar get is not configured is
                          logged at each login
- Resolves: rhbz#754114 - [abrt] sssd-1.6.3-1.fc16: ping_check: Process
                          /usr/sbin/sssd was killed by signal 11 (SIGSEGV)
- Resolves: rhbz#743133 - Performance regression with Kerberos authentication
                          against AD
- Resolves: rhbz#773706 - SSSD fails during autodetection of search bases for
                          new LDAP features
- Resolves: rhbz#786957 - sssd and kerberos should change the default location for create the Credential Cashes to /run/usr/USERNAME/krb5cc - Change default kerberos credential cache location to /run/user/<username> - New upstream release 1.8.0 beta 3
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.0beta3
- Fixed a regression in group enumeration since 1.7.0
- Fixed several memory-corruption bugs
- Finalized the ABI for the autofs support
- Fixed a regression in the proxy provider - Rebuild against PCRE 8.30 - New upstream release
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.0beta2
- Fix two minor manpage bugs
- Include the IPA AutoFS provider - New upstream release
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.0beta1
- Support for the service map in NSS
- Support for setting default SELinux user context from FreeIPA
- Support for retrieving SSH user and host keys from LDAP (Experimental)
- Support for caching autofs LDAP requests (Experimental)
- Support for caching SUDO rules (Experimental) - Resolves: rhbz#773706 - SSSD fails during autodetection of search bases for
                          new LDAP features - fix netgroups and sudo as well - Fixes a serious memory hierarchy bug causing unpredictable behavior in the
  LDAP provider. - Resolves: rhbz#773706 - SSSD fails during autodetection of search bases for
                          new LDAP features - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - New upstream release 1.7.0
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.7.0
- Support for case-insensitive domains
- Support for multiple search bases in the LDAP provider
- Support for the native FreeIPA netgroup implementation
- Reliability improvements to the process monitor
- New DEBUG facility with more consistent log levels
- New tool to change debug log levels without restarting SSSD
- SSSD will now disconnect from LDAP server when idle
- FreeIPA HBAC rules can choose to ignore srchost options for significant
  performance gains
- Assorted performance improvements in the LDAP provider - New upstream release 1.6.4
- Rolls up previous patches applied to the 1.6.3 tarball
- Fixes a rare issue causing crashes in the failover logic
- Fixes an issue where SSSD would return the wrong PAM error code for users
  that it does not recognize. - Rebuild against libldb 1.1.4 - Resolves: rhbz#753639 - sssd_nss crashes when passed invalid UTF-8 for the
                          username in getpwnam()
- Resolves: rhbz#758425 - LDAP failover not working if server refuses
                          connections - Rebuild for libldb 1.1.3 - Resolves: rhbz#752495 - Crash when apply settings - New upstream release 1.6.3
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.6.3
- Fixes a major cache performance issue introduced in 1.6.2
- Fixes a potential infinite-loop with certain LDAP layouts - Rebuilt for glibc bug#747377 - Change selinux policy requirement to Conflicts: with the old version,
  rather than Requires: the supported version. - Add explicit requirement on selinux-policy version to address new SBUS
  symlinks. - Remove %files reference to sss_debuglevel copied from wrong upstreeam
  spec file. - Improved handling of users and groups with multi-valued name attributes
  (aliases)
- Performance enhancements
    Initgroups on RFC2307bis/FreeIPA
    HBAC rule processing
- Improved process-hang detection and restarting
- Enabled the midpoint cache refresh by default (fewer cache misses on
  commonly-used entries)
- Cleaned up the example configuration
- New tool to change debug level on the fly - New upstream release 1.6.1
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.6.1
- Fixes a serious issue with LDAP connections when the communication is
  dropped (e.g. VPN disconnection, waking from sleep)
- SSSD is now less strict when dealing with users/groups with multiple names
  when a definitive primary name cannot be determined
- The LDAP provider will no longer attempt to canonicalize by default when
  using SASL. An option to re-enable this has been provided.
- Fixes for non-standard LDAP attribute names (e.g. those used by Active
  Directory)
- Three HBAC regressions have been fixed.
- Fix for an infinite loop in the deref code - Build with _hardened_build macro - New upstream release 1.6.0
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.6.0
- Add host access control support for LDAP (similar to pam_host_attr)
- Finer-grained control on principals used with Kerberos (such as for FAST or
- validation)
- Added a new tool sss_cache to allow selective expiring of cached entries
- Added support for LDAP DEREF and ASQ controls
- Added access control features for Novell Directory Server
- FreeIPA dynamic DNS update now checks first to see if an update is needed
- Complete rewrite of the HBAC library
- New libraries: libipa_hbac and libipa_hbac-python - New upstream release 1.5.11
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.11
- Fix a serious regression that prevented SSSD from working with ldaps:// URIs
- IPA Provider: Fix a bug with dynamic DNS that resulted in the wrong IPv6
- address being saved to the AAAA record - New upstream release 1.5.10
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.10
- Fixed a regression introduced in 1.5.9 that could result in blocking calls
- to LDAP - New upstream release 1.5.9
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.9
- Support for overriding home directory, shell and primary GID locally
- Properly honor TTL values from SRV record lookups
- Support non-POSIX groups in nested group chains (for RFC2307bis LDAP
- servers)
- Properly escape IPv6 addresses in the failover code
- Do not crash if inotify fails (e.g. resource exhaustion)
- Don't add multiple TGT renewal callbacks (too many log messages) - New upstream release 1.5.8
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.8
- Support for the LDAP paging control
- Support for multiple DNS servers for name resolution
- Fixes for several group membership bugs
- Fixes for rare crash bugs - Resolves: rhbz#706740 - Orphaned links on rc0.d-rc6.d
- Make sure to properly convert to systemd if upgrading from newer
- updates for Fedora 14 - Fix segfault in TGT renewal - Resolves: rhbz#700891 - CVE-2011-1758 sssd: automatic TGT renewal overwrites
-                         cached password with predicatable filename - Re-add manpage translations - New upstream release 1.5.6
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.6
- Fixed a serious memory leak in the memberOf plugin
- Fixed a regression with the negative cache that caused it to be essentially
- nonfunctional
- Fixed an issue where the user's full name would sometimes be removed from
- the cache
- Fixed an issue with password changes in the kerberos provider not working
- with kpasswd - Resolves: rhbz#697057 - kpasswd fails when using sssd and
-                         kadmin server != kdc server
- Upgrades from SysV should now maintain enabled/disabled status - Fix %postun - Fix systemd conversion. Upgrades from SysV to systemd weren't properly
- enabling the systemd service.
- Fix a serious memory leak in the memberOf plugin
- Fix an issue where the user's full name would sometimes be removed
- from the cache - Install systemd unit file instead of sysv init script - New upstream release 1.5.5
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.5
- Fixes for several crash bugs
- LDAP group lookups will no longer abort if there is a zero-length member
- attribute
- Add automatic fallback to 'cn' if the 'gecos' attribute does not exist - New upstream release 1.5.4
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.4
- Fixes for Active Directory when not all users and groups have POSIX attributes
- Fixes for handling users and groups that have name aliases (aliases are ignored)
- Fix group memberships after initgroups in the IPA provider - Resolves: rhbz#683267 - sssd 1.5.1-9 breaks AD authentication - New upstream release 1.5.3
- Support for libldb >= 1.0.0 - New upstream release 1.5.2
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.2
- Fixes for support of FreeIPA v2
- Fixes for failover if DNS entries change
- Improved sss_obfuscate tool with better interactive mode
- Fix several crash bugs
- Don't attempt to use START_TLS over SSL. Some LDAP servers can't handle this
- Delete users from the local cache if initgroups calls return 'no such user'
- (previously only worked for getpwnam/getpwuid)
- Use new Transifex.net translations
- Better support for automatic TGT renewal (now survives restart)
- Netgroup fixes - Rebuild sssd against libldb 1.0.2 so the memberof module loads again.
- Related: rhbz#677425 - Resolves: rhbz#677768 - name service caches names, so id command shows
-                         recently deleted users - Ensure that SSSD builds against libldb-1.0.0 on F15 and later
- Remove .la for memberOf - Fix memberOf install path - Add support for libldb 1.0.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Fix nested group member filter sanitization for RFC2307bis
- Put translated tool manpages into the sssd-tools subpackage - Restore Requires: cyrus-sasl-gssapi as it is not auto-detected during
- rpmbuild - New upstream release 1.5.1
- Addresses CVE-2010-4341 - DoS in sssd PAM responder can prevent logins
- Vast performance improvements when enumerate = true
- All PAM actions will now perform a forced initgroups lookup instead of just
- a user information lookup
-   This guarantees that all group information is available to other
-   providers, such as the simple provider.
- For backwards-compatibility, DNS lookups will also fall back to trying the
- SSSD domain name as a DNS discovery domain.
- Support for more password expiration policies in LDAP
-    389 Directory Server
-    FreeIPA
-    ActiveDirectory
- Support for ldap_tls_{cert,key,cipher_suite} config options
-Assorted bugfixes - CVE-2010-4341 - DoS in sssd PAM responder can prevent logins - New upstream release 1.5.0
- Fixed issues with LDAP search filters that needed to be escaped
- Add Kerberos FAST support on platforms that support it
- Reduced verbosity of PAM_TEXT_INFO messages for cached credentials
- Added a Kerberos access provider to honor .k5login
- Addressed several thread-safety issues in the sss_client code
- Improved support for delayed online Kerberos auth
- Significantly reduced time between connecting to the network/VPN and
- acquiring a TGT
- Added feature for automatic Kerberos ticket renewal
- Provides the kerberos ticket for long-lived processes or cron jobs
- even when the user logs out
- Added several new features to the LDAP access provider
- Support for 'shadow' access control
- Support for authorizedService access control
- Ability to mix-and-match LDAP access control features
- Added an option for a separate password-change LDAP server for those
- platforms where LDAP referrals are not supported
- Added support for manpage translations - Solve a shutdown race-condition that sometimes left processes running
- Resolves: rhbz#606887 - SSSD stops on upgrade - Log startup errors to the syslog
- Allow cache cleanup to be disabled in sssd.conf - New upstream release 1.4.1
- Add support for netgroups to the proxy provider
- Fixes a minor bug with UIDs/GIDs >= 2^31
- Fixes a segfault in the kerberos provider
- Fixes a segfault in the NSS responder if a data provider crashes
- Correctly use sdap_netgroup_search_base - Fix incorrect tarball URL - New upstream release 1.4.0
- Added support for netgroups to the LDAP provider
- Performance improvements made to group processing of RFC2307 LDAP servers
- Fixed nested group issues with RFC2307bis LDAP servers without a memberOf plugin
- Build-system improvements to support Gentoo
- Split out several libraries into the ding-libs tarball
- Manpage reviewed and updated - Fix pre and post script requirements - Resolves: rhbz#606887 - sssd stops on upgrade - Resolves: rhbz#626205 - Unable to unlock screen - Resolves: rhbz#637955 - libini_config-devel needs libcollection-devel but
-                         doesn't require it - Resolves: rhbz#632615 - the krb5 locator plugin isn't packaged for multilib - Resolves: CVE-2010-2940 - sssd allows null password entry to authenticate
-                           against LDAP - Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild - New upstream version 1.2.91 (1.3.0rc1)
- Improved LDAP failover
- Synchronous sysdb API (provides performance enhancements)
- Better online reconnection detection - New stable upstream version 1.2.1
- Resolves: rhbz#595529 - spec file should eschew %define in favor of
-                         %global
- Resolves: rhbz#593644 - Empty list of simple_allow_users causes sssd service
-                         to fail while restart.
- Resolves: rhbz#599026 - Makefile typo causes SSSD not to use the kernel
-                         keyring
- Resolves: rhbz#599724 - sssd is broken on Rawhide - New stable upstream version 1.2.0
- Support ServiceGroups for FreeIPA v2 HBAC rules
- Fix long-standing issue with auth_provider = proxy
- Better logging for TLS issues in LDAP - New LDAP access provider allows for filtering user access by LDAP attribute
- Reduced default timeout for detecting offline status with LDAP
- GSSAPI ticket lifetime made configurable
- Better offline->online transition support in Kerberos - Release new upstream version 1.1.91
- Enhancements when using SSSD with FreeIPA v2
- Support for deferred kinit
- Support for DNS SRV records for failover - Bump up release number to avoid library sub-packages version issues with
  previous releases. - New upstream release 1.1.1
- Fixed the IPA provider (which was segfaulting at start)
- Fixed a bug in the SSSDConfig API causing some options to revert to
- their defaults
- This impacted the Authconfig UI
- Ensure that SASL binds to LDAP auto-retry when interrupted by a signal - Release SSSD 1.1.0 final
- Fix two potential segfaults
- Fix memory leak in monitor
- Better error message for unusable confdb - Release candidate for SSSD 1.1
- Add simple access provider
- Create subpackages for libcollection, libini_config, libdhash and librefarray
- Support IPv6
- Support LDAP referrals
- Fix cache issues
- Better feedback from PAM when offline - Rebuild against new libtevent - Fix licenses in sources and on RPMs - Fix regression on 64-bit platforms - Fixes link error on platforms that do not do implicit linking
- Fixes double-free segfault in PAM
- Fixes double-free error in async resolver
- Fixes support for TCP-based DNS lookups in async resolver
- Fixes memory alignment issues on ARM processors
- Manpage fixes - Fixes a bug in the failover code that prevented the SSSD from detecting when it went back online
- Fixes a bug causing long (sometimes multiple-minute) waits for NSS requests
- Several segfault bugfixes - Fix CVE-2010-0014 - Patch SSSDConfig API to address
- https://bugzilla.redhat.com/show_bug.cgi?id=549482 - New upstream stable release 1.0.0 - New upstream bugfix release 0.99.1 - New upstream release 0.99.0 - Fix segfault in sssd_pam when cache_credentials was enabled
- Update the sample configuration
- Fix upgrade issues caused by data provider service removal - Fix upgrade issues from old (pre-0.5.0) releases of SSSD - New upstream release 0.7.0 - Fix missing file permissions for sssd-clients - Add SSSDConfig API
- Update polish translation for 0.6.0
- Fix long timeout on ldap operation
- Make dp requests more robust - Ensure that the configuration upgrade script always writes the config
  file with 0600 permissions
- Eliminate an infinite loop in group enumerations - New upstream release 0.6.0 - New upstream release 0.5.0 - Fix for CVE-2009-2410 - Native SSSD users with no password set could log in
  without a password. (Patch by Stephen Gallagher) - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild - Fix a couple of segfaults that may happen on reload - add missing configure check that broke stopping the daemon
- also fix default config to add a missing required option - latest upstream release.
- also add a patch that fixes debugging output (potential segfault) - release out of the official 0.3.2 tarball - bugfix release 0.3.2
- includes previous release patches
- change permissions of the /etc/sssd/sssd.conf to 0600 - Add last minute bug fixes, found in testing the package - Version 0.3.1
- includes previous release patches - Try to fix build adding automake as an explicit BuildRequire
- Add also a couple of last minute patches from upstream - Version 0.3.0
- Provides file based configuration and lots of improvements - Version 0.2.1 - Version 0.2.0 - package git snapshot - fixed items found during review
- added initscript - added sss_client - Small cleanup and fixes in the spec file - Initial release (based on version 0.1.0 upstream code)                                1.14.0-43.el7_3.18 1.14.0-43.el7_3.18             sssd_pac sssd-common-pac-1.14.0 COPYING /usr/libexec/sssd/ /usr/share/doc/ /usr/share/doc/sssd-common-pac-1.14.0/ -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1  -m64 -mtune=generic drpm xz 2 x86_64-redhat-linux-gnu                         ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.32, BuildID[sha1]=51d8616d4a6b7e0bc90f3a2db8df616175d3b446, stripped directory ASCII text                 3        R  /R  +R  R  R  R  R  1R  R  R  R  (R  R  -R  R  R  R  R  'R  )R  R  R  R  R  R   R  R  R  R  R   R  .R  
R  $R  #R  %R  "R  !R  R  R  R  R  R  R  &R  0R  ,R  R  *R  	R  R  5      ?   ÿÿü€   ý7zXZ  
áû¡ !   PH6áëƒ°] "ÌkÀ%™>eN5¿?æÚæ§è@aÄÜÅWLDÔx%Äñ·Òƒ¬íÈ#>6e:˜¿I[¯Î¢›Ì®0'üª`IäA&:×Cˆ%ËµÌ…—(eì»#¼’
Ä´%“­ë 'Õ ¶]ÿ‹Rf€Üœ+ÏÑz`·Ðí¬%ã~=A€œ9~¤ÂaJ¹‡ùáÉw4Ê$"šYÞCe”d0 (öhWWÓœõ¦¡ÞæëO„mŠ¦ùÆ1\]¹Êzœ/ÁMLdÝöDû;˜(ï½-JìÉÿùNÏ^é|§1	nPçÍ>XµoÁ;Š5ËQ¢ÝTÕÐoàÖ&*d¦{Â[S¼–M1CéxôŸ˜('jS¡ÈËï…Ìê¤¬ÓË(ˆúƒÇ,²!Üêø¿¤LW„OÄî´c—
p6˜ŒBÔ¯ŸKR»l«ù	PgŠXàÐ­~0®€Eâ­dâÏƒ§”–V“6¸ösX{·Y€6
c@s—ï*­‡QÑ€‘þÈÙë¢³÷B“P0Ú»­’ÁÉÿÏÎ«ã‹à!B¥v~?¨<æ¥K¸ÜŒo:¥"`‰“QL)‹ßöGÆùI5¿b”ÿ§G<Pw÷ã„mÍ‹¤,ÉÕ%ñE+Ä÷fÏd‚[é–×µˆT;>u’«†5Pñm .7)R˜Âšbãü’ì{lŽng+	X´¹þ(°UdµÆ'¼£†?’8VÏöã	Â<buØÔ=n¦†”t‰T"|p;¹­–˜oÌQàúðF®®•^×Ÿux"Òº¤”„ûmbþ15óÚ¤]1µä{<EN1®w<!ù%_o~'ý~ÃG—>Ð{ÆHÇ²‰f–m.¡HøÚÜ·£§¾TÜÊ‡í¡d%K½a1ÿ2«ÔX£÷Fûé¼Îýl4pSÒ’’ªˆÕÙ¡„E·ôÛø[œÎ{gæÌ©¢âšÆó¯9vÎ”yÐä%Ž#ß¢ü«Ëð<=Ð,j'FáÒ†Žÿ(u©ò-èÞE'ßLî´,ì>j\¥ÄÚA‰ÒýkÐz:®=ÊViš!Žq‚Õ¥N„þ„:â¹J‚oú*ê“òhË=Å“·UEÀ†<¬C‚IÀÉ×m¢á‚J¿qÇå·ò°Òqêã·cCÝ¼5ù’]0s9¶Š‡.ž]ž,ï®h×4ñ*HÚoËf3â®|­è;| u®üÚFfï×†±ô×ék3…9KµŠ}¶SLÌ²£#k9ÓÓÂ¿Ü».áõêNNq•Êùïc¶Ÿ‰xøh#ÙÖŸƒˆVhäŒàžÈIÓmEœÕ]\†G²»H@v'G²â<ÍH®‘¡Ì¢+µD­§#Ÿ¦	8"DCFÒ™ár°ìNWØ¥™à“/ô™;ã*ÜÇ\Ê6]J­œªL"Ò5€øìð6ìEZh°t­Óvå-Aì3øøUØ›mq¦>¶ËWD¯uŠÞªÛ¡9ù¢ö–Ÿ|9õ¨Uváý'|,ÖYËâQó+8mEõýšõ;`kÍ ú¸¥³;¾ØÀ½²àé8¨éS:9aK=ªÝ©»ž£š®¥õÅ,âïçöà|B\T]iRë,jmÂ¬ÁggÝßdVŽ§—ÿ5†ýÅ»R‘êOÅ?È‰z»¾-ÅBc`£¬J«·÷°Ë×zºZü²pÜˆ©Ð`«¯uZ,‹‰Ï\zaÄê—™9k½¨ìš_½¨cp€Ü.¤Z´1)·{"ýÏF·b…‹ÛÝµ—ß™¤¾Üà€ÈÀE¥¸Uµtœ¤¸ª”E7 iMfÓ ®A7â˜èÉ‘8¦¥…§Èu$ÞXi›‹_Úã¯l$Ïó˜”´ØÝ]O‚n;?á)ìsD54³%Ä’ÚÉêpCäã<M—óå4eÖü²|ŽÆ®£]XŠ{]Šã{j“”]îßxØ"!».^5]r"ÙÈÍ /Çåè†Ÿ”…$Ä9|ÕÃYˆ¯AŒüo’ ×V=<µ™’!-v?˜ {ýV•Úö~s‡[”FÉ‹Dt©¬XÄ.0Ë­CŠXavZÊË¤{Å3k WÅ&àš%ã²;›U‰ÁÞ“¹ÔëÎ”Ž8á$óÂbØ©6ªõTÎ7À-í Ó¬•YºŒ¾riga`’Rž7t>Üû|Í’ù­–C~¼¯p”t]Ñ(GŸ‡é¦>s¼`óF{ËkrP	Ý5m¬†ð¸’Ø zÀøí•NRÂÞB²$J—Å;^lfºþ¥-Öf8V“uÈr,ûW’4E¹6p–µsa¢I½ï ï#§=MØM[©((bçPìWä¥š<ÏÎq?BT-+)£Y	19Ùh0ÇP—7ñƒÛLJ³_öt¹EË9+„w:Ë&ëE¦É‚Xù.ï±3ÕÍ;vPtJlHáÈÎÏ1‹;¹‡)/ÎèÃeŸý#IzÖyC~n@f4X¼ÇàmóyÛéµŸw¾j:üö ™’2Ä´e(q«GH	N=)˜g¾ËCèÖŽRºP[ÿ’ªq7´gûšÜtÎÈ§êµ»«Þw¿*ÐoÅÚöf¦TÓ¿èRÐ?k9‘³IwÕÐq>²¢\ïi®:ÊmThÓ_!± ˆrD‰+ÑªV£ÂŒ½-‚óƒ6’×Nÿµrë	{Ê‘Åõä>:S!Ï 7˜oä@´|û¾ÆÔßZ%_é„N?ö	]6Je¨•zùéßãAÂ„¡Ø)V~³¥,ë»FUx%M•
¤F+C´3½¦‡åÊjéß åëÎB­aFÍÕE?Ø¥VÈqÚ,ß±Âö7l>­s¨cEŽêÉ±=É_áëãÑŸ±@Ðµ%v#Ëâ•‚“ñØI2¹”’“­ÃôKqR‡ï¢[Äˆ`ýX˜ŒsÉ|F×(‡çöû¢9†ªx2SôGŸÔæÏ¦[iï(ä_…¡©\î/BzDE]F•áø'æ7Ù)mñ ÚFætœž?üÇŠA&0‘ªDZô¾êÌ«ŽÐÜ»ððÛz2¾b/ý*æqR€ë›V&î°‰¾Æ |BÆ·Rßç„Þ4åa¨§-õM	˜òkç°ù—•M¦yÀ‰Vk¥}òÖhì·¸pUÀTýPJ‰Ë…?Âxë¸£”ù¿*‡ÐN,Z´ýëƒ>·ðÑw5…Rÿ©ø $Ä¢ˆ.=Çã®ŽŠƒ/þ“mÆ¥Ò ´¢ÈÐlrÀ¦zSš&ÊˆÚ¡*Stß
ç(ª¶
©¨ÓšìwjÀÅ÷lëÇà+fF€~aHH‚I]BwU4_<÷ñáþvRï~“¿‚©5¤Þl™ì=(“–‡)i·6Csñiúž·	³!ØëuJ y…è‡øŠp¹E+:‘Ða%Ir0¼ï[Ýtöå±·ÿ­µ% \J$2Ç›åÏ@C'¯R£«Z2îlkù!`z/x»~éá/cZ1É±·X(Ú¢dŽTÆÙŒA9^ç¯_"çrþ£üY…|%–*gÇÒj[¢)aÍ) =ÕCðV¼
ú§)µëŽaõ=ö®¿i]Ô-	\ãa>Ã5åzÞ±è¿e0À"0˜õmäª
&‚AÌoÂ×¾—2±91ak¢‰Øàõ†X¤Gñ´Å¨eÐ˜Ð¨Æ•ãb‡BKµlccÂ#ûÓE½/Ó4ßÊD
fŸ0› ˜ûîÇ;Íñ¢ËÍÐO°Ä¹æo§­ñÆrlÁ$uxÀz„!DjÁo;z»‘EYuÝßaµ"@ºÕÒØtÐHÝ˜ÌñÃÑ?TòS°CëÑº<>túï¯âG:¥¹NÆ4ó¾W2®¶c´m„')ö«t]5Ð*UŒ-V}õˆÂO!lªn='ÊFÁÕoÇÝÛ)¤³-Š’¥ÜpZÎFûÞfÐ3g¹mÐD»ÿ‚×!aÏ›	%åjeg;yåí_Á+y'µ­¾[úîži¶ŸWY*¼§9qÆ*˜QŸ&6Z`¥ä½æyb—˜üúª
ŒIáGm—~@&—ö”¯o0úÁüŒÄ1C¨³RòÄ:—ú:¢Ã Ýä…Ê—ÛV2qJàÜšÞˆxï8ñ[½èé	=m6r“D·Àv6(õy#Ê©/ÈÊí×ë;þ&÷Ò-].bÅNJšÔˆøRÞ§™ãÎ¥q^a:B.kÄZïbCêà„“/8qï$ô{®Xí\tÒøœ~>HƒŸ„Õ&ŠS£õ– ›,d-“à7Â‰­xiò­Ì‰¹ÇRç½”úë¨%+_ C¾gtÌ/Ð=*3Ýè"ü[älküÆYt13mÎÔi;‡u¬H¾-f{@`úÉñtÙj‡6‹
6ˆ{æÓ]þrV4Xi"eíÍ dÚ‚ïl:î|œEWÔ!pù
Þ£óXù®\‹uˆž(•ì^ŠàtòËŠÐñÞR‚KåòrmSº¢#qZ~|´›¢sÕ§ú¥‰åTrà‘Á9äö[ÒÌ¯íbç®I3Ððûme¿;mèú}ÂeýÐSÈU£tÑ}ÐÉ˜5ËùX·t‘šŽÞÊÐÔ ”€h¡hxcHú›çã¯ÃÇÚÄ¢aú‹ólkñs•wï8’cN¬w®‘{DñÛÞ§&äê)örØ|Àjÿâay«±M¶Ï,pYÌÕOGÌƒ÷´£9Z+û _/–Ïú‚®Îåô_^
-Ãf5TË(°6rÐÑ—µ½Èí—|·wö_'ZPpñ“çßŽÛ1©{Íy"Û`,¸ýi)IA}À½¹iùS=4Ô„-ŠO˜aðkß CÇ©J“ð’fs[\”Ó{ –8*b¥‡í¼I5\ù)®Y°0'3n¹¯z–ÏþH’õãxôã&¹{ÌBù=:Q >ÇÉ¾3Ë¨ŒaMb¹˜ ëódÂä ´HÏŠh¾ R¿ûÍ„¤ßÐXçìqVImg]þŒ™9a­öBá"7Â©Ía†úh(ÿ’–)u{d¾“îí‡KéÍŒ»­¿˜™µòsƒž/ê< @æÜ»I`8‹å#ÜaPWÆÎ­ÑH’#V,XãV-KnÎö‚  ö( øQl¬.Ú7$ 3ÃÏÓg'÷Ë£NÊ¦QÍ3âºmMåd'Æ÷ä@>7ÝÏ•©Jýæ‡¹ €«WîÍEù[8žÜ¹ÉÉwT<Âêf8ä™×RÉ´P’)ÙÁÉAn‚_rèZ®›²©4·­jòþÝ•“ò˜Ö¤5o$QK`¨¶ôy²{R?.F“J?!…YÏÕ2KõÿRëÀ¤@taý#Pú!™¤)ã<*÷ —À‹i“Ü­1ZpG[XÜJÀB¿¾Ô@¡¿DR‰ã®};HêÎêR—>õ%’k8X¸u@ÞšM´¯TåŒþÑÞˆ(öÓFzÞ—·—þa	ø·’¢ úëœ)×]f&4Ru.ª¹^ <rWÀÈý{1k(dbŽ<k–õº]Ý•7»#Ðî3ø®¡ ÅÐ+C_°Ê¡¢¥½É\<k¨÷Ò$`§í¤ø€ŽJ¢½ò°V)N‰zöGðõ†ýŸÞ¡ivß¿’ó'Ü×ë[c‘¤/S—„X>’Õ¡Ô?µšdnfvÀütq³fËU¥'šu$b—Â¬ 9;j•sÉK"T ð#JMök/1m![0“CZ.ÎÙ$]×IbÀ€ÊlP‰Å©ªð8%Û4”eÎÓÅX0Åo¥JÌãI4Í=h
÷•‘Ýªzöþ½K±1ærÞ[{9\›ÎÈ:Ù1MíkÁGÅ‡ŽVçÚ¶K
3ØÖ˜9RéÛ7®W›Çà 5ú†¸õN»{ñ—i©k/<ÏòÒ‚}þEÒÁX8h½¨-ˆºÏŒø¢¨Bõ‰xFtb¸ßKðbyÞ¦»WÔV	Jf“çŽEE2¶`?K°ÉYõµµa_	O2Rí-²-öv6î®/	_1ëý¬!áÞ{/,MÓo:ã“ø~½­aÆ+•ì÷ˆ3ñ¢út÷zxRäGÚÍö&lHPíïEÈç2#RÏ‘õöº™´æ§œØêœèsê±Öt n‡Ã
¨yw¤¢àÜˆaøÅæÊåÇûãk66A*¢G•×ÌsÅ£ÌÓº/ŒŒh2“«É4÷èÄåLDhâsìHæÑ$Ôå³æH<cÆuàdôF_uIn+5µ®%cMEúFŒþÆUp ö9û|ê™çVî½ÏQ ‘c¶~.B0–@‘<ÌØá]h	xµÜh×qT‘’D%ÃMðqôÖDª1¾¶§
¨ÝB­À®ÎµyIÏäÐUcìSS­Hdr÷jÍ¾š«‚sÇHÑ¯Ìã¯Aå ©®ÈxïÉØCQ ®*æ[= ›&^ë6G€¿QÙÊˆpÑY±"6	Ûº3ùˆààË¾’‘ì 8#ÔG,ÈÓ¨îö	ØÝ80NÉö¢_`›É%Áäž¿;Ü¶âµ’ŽÄJýœªm~¼ÊmàTììÍH°¹]HÍ³Ûc3é;¯1íÒÄIf£¢’kÓtƒeõ¡ù´ë×8?Â)Y†”ªðŠŽÍ£iíñ)9²‰0‹]vH$õúÚP(›·ˆ¥Þ+z:ôU3yoæ þ˜¥¡.-ö$*™®Ji(\ÛÃÁ›vófzó{FÂç—¸Ãæ?,‘ò¾—Ýk°J!ó O¾lÝj‹˜nû¡ëÕòSeéËŸÒw2¼¤E·YÐY×†øÐ]äŽÊšÆNib0zo=ÂÏmd”AÄvaãqdsTJ!òkq©Ì#‚K÷vH›Îpö„×e¸œh#@ÃÊÒÆ"A&.y'õsM±#æI¾¨½G£T Äƒ8ÁÎ)…u´¤%‰É,Ç@”Rt}v»Ôíã[ˆQ[
Ð‘uttííÄòÆ§8Ž Š7*@n¤‹¹ÞZö%ÝÿBP«J‚w]ªÊðëY3%ÊH$ÆCÿP
ý¼˜µ(?Z)’ÿ²4UØí–=-½”Ó7ísÔ­'­×û[¢^ŸË<Ãôr°‘Ý•ìÒFé‡\to`•:5•Iõ¶d‡ÛñôÊéùF)æ°AÅ´~”Õ´9—ŸÐ0ë*Ì”ŒK2¶ü®Kç;K„t$•6ùÕÑYþþèpå¬wÑóæ~¬|c:ÖLG~˜bŽÝ£šõ¦£‹‘¤ý¾E*sŒøßr³d‚VH]ó¿8(¾X4Õô!	l¦g»àÆ$MDÎU:¬t\æ!î)$¥W£0Üæ'gAÈ_g°†ÈóeûIƒ'°41½‹W}”ãfŠ·ÆÆŸGŒ™²îX¿Áá+C÷‹±š(g)Ý'}bÒdõ€ÀvëÚüð‹üÒ{àåí¿çqñyÖNÞö|\PÏ.J¬T
ý—Éôè®BO¼ªšCÆ‡-ÿyT9œ<VL*xVþrVaÝXë?b‚{ë¥žûÕk.*ö]•Í±ozŠžÓµlÉ=®"Y%ðSú—†6ßl(ÄeêÂÅHÆÎ†ÃûÐnÜ¾¸û˜ŠANTü¡¸3Õ„l%Ávÿ±‚Ú\ã«Xp#X$­•U ^C;ý*ïû!Àê]èùùÝK
-Žú¹8„ò„”):K¼†<âöó	ó( âû:H®ÍI­ °LàzíãcwÌp2ÚÀºœw%—fûÖSmí>â¥Ê’áÏã‰[0ªî€˜á|Vx	üt6Jõº*ÆËÚ,“­kªþà/"ËM¼#;hš#pdk@Ù¯M¯BŽÒÓ¯Ýêõ
&<5ËÒHùC—]æ[yä8~Æ¥XÃˆÎIÁÎ”ÇÃD&Î… ¨A¥Î-Ó¼‰9ý¨Ë¸ç §I|µ¤8ú®Ô ùY-æ68bK4Ž
FRï.ÄÖßÉw]Ô:È·#²Ù8Xæëã7j-3ÿ‹—þžÒçÇÞ¡ª~|qBà®BÄÛTdLèBÒ7ð3…tìq×nB‰›Á´'Õ¾³ir¼prAè¯o%i5ÏÁ#Ìx¸¢L ¥+vùR¾ŒÄ‡5¥vâ¤?
SÜ±áê'Rõ¥t—‹ªé@šŸl}IŒ'ay>)8+Äød:?s84øÍhIBñ|™­ÆÁ‚àHR¡<]Sv.ºûJEi¬G´×7$ãÓDý¡žå(òÞ>v,"	ÑûÎø4Ë•ËöÂ&ÕÝthÇ©`¤öX$ÝÌ¸›¯2l-÷‚$÷Ûß¤ãtv\4º7fÓcN;­Èà:åáé…†òƒüz–é¡¢(g÷Ó9£Ó€…A1/™775pX+‘§‘È cQÈÄëúÀâšŸ´Q(‹°ü?•ŸÙ¤Uz©{a>žQŒ_«oÔOÝðÜ— ¸'%0ØxBìÖ!TzãëbÛT7¨b°
ýöÃ7ˆñì¡œ<·HÞGÁðœƒ«×¥M¢PãÖá2q§—©È_ŠKQýOÙ
±rœRžM(3Ëfƒ$¨asn”£åðBà†è˜ªŒudð“ÆÊ-¥ì€{]ë§lÄ¾%§ám…TM1£]H¡ó;*ÞwjwZÉ$ÇZëXo<Ä(XçÛëB‘«5nómôy]Áˆ3Ýà¯Œlùðk#¥žk6¤hŠ2~pî‚žžjºs‘Ùò¼Gƒ?loØæªuº Ú¢>ÅDãÿÅí‘Ûl¢è›é¾ƒÍO.#›]l~¾t‘Ï»A.±ûžÉÊ™È—mÈI3xÅ£–wêXÝ#6›ýC"Œ¨S›ÐÎ?RH9'w´‘ÿ&1 ”OXWÂµb.Ò&–Ãjˆ]óGe9Âøj¹äçÄ2_Á›pEÌØd(_£³-ú]yIö!¶"’Á›¸á#<)/¾a‚ä
ÉÄ"4ä"i•V9\vnLúüš¡»_­ÃÚJsiÎ¤˜:ÄŸ/·zÂ’œbÆÞ
D
çÃ²ÝWöLN_9SÑ¦+1‡3en ¥±,y°Æ4v³Óëb¯{0Ö}–dmÝÝˆB£Éä
º?¹p·}°Çõ!ó’1¶5Ö‚·ùGé·äáœÛ2†ûR\«û„(œ¯7Êsºq¢£ÄsÒò2»Ïah.˜Ï\jø¨Ô5]ë6Š§¦ébe™_¹õP;wÎ€úC¯D‰ÜýL¥EÈ§‘^yMœçKá¥ó¦¢I
0"+…sæ{Qg°øq‡<ÜpÌUŒLÖ1>bX¥{¹ˆèjŽÊ²`X+¾îý?+P;SÈ^£&ÀÙá_ä"ó_Éþ0X54kbÜˆƒ¶œM‹­´ÜÛšÚ,àív	$;˜Çû©Á¢«p§‚¿¾àBÇ»BÁ•åñÕŽ°t[í+1ÖÄ!Q]}?]dÛŽZ4œÉI|ˆ2EUéË+tKJ&hTN|»(ä¢¼øl+°]fe«gÖ”`þ¢X€ª§®~`Ø·¬6»â½ËÅ­ö}¤ü¬TÓ!jŸ+‰ª½Î¢|€Yg7h‰3lz‘‡ÓO'Âk³&Ùv¹òTé3Ž»™íÔ\'áõoàkÏ)Š˜1¤¢qr²éßc¸˜Êr2Sê%¹Û‘¿¸Ów9eÊ'ÑˆK>ÏeV‘¸Bµ`©S1™R3W`æÆ¯^º’í¶%êƒúµzØù_ÿO<	GÕÞËÆ‹¶Ñ	Õ¸]ù•úø!Åè™Û	Ó¬-ž8ØûñŠòw`G)2à›ªà#cM6=ÍÃÅé ·Ã®öqÕg^cfß.ÿŸË7‡·Ø}â]l¶Ÿ`C
‡~OüÏ:Ê¾?É<êrô0ÑWÖéNf"&$ÑS]mÖÞHvk5©íÊdûyQŠÚÆk+<ÝRcIb: Q°é¥éîÚŽ×Úk ™:`SaTÛØŸ ¼Ù²©%ieØ“Úæ§ÓcM·¶—m€$1 1‡]/RJXwñtèÏzdóÇÓ¤VqƒšúýEPucOµ!ok÷$9”«L(õ°1ÇÒpXËìÅvŠÿ®RcùÀþ1{ïF‚Rldµëyn…ƒ^Xoä§5Pßz²ó—È?‹¸þ_ãóIV+O­êÓ8ÁZ–™]vm’ud,Þ¬¶Ü_<)Å\_N‘[_qñœlÄ
ýfîVŒùÌc~:çH[¼&þÛ
i)
séÑ&Èì¡Ï *Œ|wbjYæ34‡sÁ9ó@0ËÜ1·`@Œ­iÓŒÐ©Œòp™¿3øAhÀV÷~Häi…½XDt¡¯äU-Åšˆ•PA–ÛÑæªëž^áæq×>õ u²¨ûÎ¦¸e‡¢ð&êCX0®e7!ËãÙ¼Q]7šÎƒiÚi½¤I–Þ	wœ£yjÆÐ\Ç	›g
`N¯Ô«€&Á)—_.0w-Þó˜Q©9VüÁ ÊW{IW@¨f^¹•-)0!ü`™P¨@˜}°²'ïªÏ#·x
¯•y¢“ÞK¨Ö–[÷fº3 ãûÂ–ÊZ8wüòU“9»¨¼ûwJrjzb{A²÷Bö¾x‚RMœT—Pv|Æ²œ+µÜàI·oN³=^5U ¬_Dôö(k‹vÉ¾sh}yÐT±'öKA
¢¢Û2GQC†)¶e3x@‘u	"‘ø…üë'ÏqDNëÜ#n¦…1"ñ‘5*Æ§æò¶¯v^àsOG+ó Xi—èiÛi»=
jÓ6Ôšk$úæÚð=(æG¢ûÈ|;Nð¼Þ4ôXÞ Ô!Þ°ºùoNx¹0õ5œœôÅÒâÌ:pÐ3=k8’¤Ã3]ÀS~Áœ§ X>ËÇ`˜”»ÆÊWÂ™fÏJoÓù€bªqWÕc‡y4oª–»/YÖÀ…A€a"½ñQßªð±¤£©Qõ?ùÛAûjH²½¸-O(âCõº¹Ø$ýÀÚS…Ö£«úêu96ÆÿCê¼¨#eCAIviîÍŒEû ¾'*–¼êŸÚÐà‰ˆbcp@µFwð›>“à[’–M±×.¤&š²ïYVÉª'¨™íClŒßœü^ ±¨ùlnZµL„—I„‡lþ¥°¶³3 ÎvÖÞwƒxÀgú¬/4cY‹t³ô>.KÇR5 38<4×BûÌe¯bò‹yBžFµ•(c¤};Š0dYG¿duK5‘ÜNQµ=œéìlFG“ÜòÆ»ôuˆàk&€,ÂpìÑ;þß¤º‡Aó3gU±j¦fŒvxUŸYGÉZŸZÀY2›Ar+oçÛZ.[ïQuÇçÖþYˆ‰g%<HÔ/¨ŽóSb4^ÇeÑ‡ïø|Oä>¦NL úÚ%7\4lêüðÁ€Bøqy=•*!/â8“›'–Tõ$î2c3-|P6Í\“ÔÕpjˆ‚ïi”é.ÆæŸ#3NÓ9åÌM[>Š0JƒÅøXšzÈ4»W%¦±i>]9„<)³ÿ—äE±e yVÚÉÿHþŸÌ­Ê_×ûBÅ’2œqO"SpýtzÊ¸¦*¼ž24üY¶CÝRê¹¦Òþ¼F¤–ÃWˆ LÇ…9A«*œúÀìjÖ­Lì›wñB>¬õ4’SÈcÿŽ‹J-³‰Vª±•Y.f5Ú
	Ð,‰»¦Á}ù­PFµŸFÈ!ãðN’®—Ý¿¤³€8r0F˜¤|Ó§‹9›p_1¹qóþúx#a:ˆM±ŽóÄÀª“~1½Ôõþøy³3?ÚrÆ‚ˆo-ÁÁ’.¤#=¬ï+øY×„Œ?^Î(ÞÌï
ÔcÕiðqm+úË‹é„?¯Âq\=
Ï.!îÎ¥Ê	ú›"ÿÐqöÙæEC¡-¯ƒ?¦ñíŽžšÈ"HMÃ£0só7Ü¦J %]*¢(›žÑoî4°qî-G$41{Å‚rKˆ‰h{ ¤aÖÊÍd±&'&ŸkÊBû¹z®Ô­Ñg\y›Iº:ˆÂ˜ìêû4¢V†+Trçæ7„yV	ˆÓ‡×+gè…˜U±$Ð;ÅXvmƒ'4¼âÞ¥0ºÊû¿$:¶š^-l ¼ò/h.z¶—¶ô2ŸH1Ê¾ã%˜†¹-ß(!¾C©€X9YƒA~èì9ï†äãvêÓ0æŒ-ýo4Zj3 [ÜùôfŸYÿ,6Yµ¶é¥?ÂÓ&:&ÿÕlÔ¿ÙK¼»¢3Ö–sê«
ÿÊäKß¨2:åã¶ç][NžÃ¯^òJ>¨"ïué<ž¯&6Öj¼¦ËåºBó½]|e˜eëàÞ§¢²Ê{45LTe¸aNúXu4HQvýx”ÉBµ(Èá“K ‹Ñk`‚uÈ˜¨+KP‡¹½¢6báBÆ–ÿÂ§µŠ²¼’¹ï<ú+;œŸÝæ¦›äæjw·¶$}+$h¯ßEíÃ[Øm«ãŽüDÔ	±Þ
MJÝ«ÉèƒÂ^œŸN::ÐªÉ0ÿ‘^ü „á9þÌ	ÃB/OzX^¡(ö,6ÿË7Äð¾¡,¤Hã]°å•l¸·%Ñ¦±Ã”#þ™YY«°÷Zñ’©ªy£ðqX’7¹„‹Æ*tÈä’ÿ˜vÆ€0÷ïÜT‹_ÐÞ’ªw6aä“ûï;ŒyK—Õ)åë‡
OÃ“òvPïzÁ¾ê<=z·þÈk¡ì‚ñ€spµ|©~ptï‚gŠtÝKn)Ú‘ÞÍª8Í[ ðN¦Á0þ+œtH?Ë¶;¢÷Í?°DÇ?%„éÂ)%I'of‹÷U#…¶ËÒ–#ói:DÝáfPF+T¥mš8¯o ü¨§Å@ap NÓ ÎÐ;“÷-Ø ]<zw^wâ4•ÏÁžÓ:7)ÙT’KŒ8™ÿÃùV.xØ·¥ÅäV(ò=“nô­oÞp¥+o—DÈs9€å(ÒLT¿TuÒ6¸zðêNX:Ã~­£×¾ôîÕP0=‘?CÝêØFÛ{¡èî(‰ÚÉõ@qw™$jw¨åL‹=Ÿi±ÛsíÑÔ‡ Ó;qs½÷DŸVµ‚É“]hdÔIÐyTÉe­E•J²fÜÊ|
òše¤ç]¸µ:Z3±»+NìcOßæ}ûOš³ÊÝ:…ì¥.¬ÎýÎ_%U°i¿3·ýå¥Já áOÍÂ¨ukh›§}Yƒô`x)ÑRðYtÔU4Y ["mê8w^ºOUQ/ìZ‰?‚LÖE¶\ •¦àjså"ï˜ª5ð„ÎGÊ‰D´Bõ‡ îp.X¥ëIVÔÛ›ºÉD…‹èè•–&vNì,²* šY¸øNÒõ¦5¼&Öß[*y-¦úí¤Iq>½ùÔ1%ø¤~YÊˆ¬9D±ÆÃ™Á‘ªÔb;aÚ=†-v¼òÐŽ°Ñkˆôq_ôÈ†ƒ_" ÕÁ±E®O.s	lÿš%Ä,ž¿‚€dL_·B<îƒHÄîµ0úä!ºø>wƒ.“Ìõ8<1Y<3ÈgŒý…ã§S•Ð¿¯E4Ñ3RÆãü®ò&¥x2c»Ô6él„Î:BÈ&10Í§Fx&b’^×8Ë~—ÀxÛv
ñ¥¼oè5{ãÂêãsÁ2r+áß_Ç	õ„?ïâQ&‹bø¥©ö,Á^¥èûß÷JKáTÇuoš/¸>Éý’z‘2]J;þ{*@~`ôíËÏ‹Ár	í‡’ô^T@ÄÌ(cVmÚ5}VEKH»‚¨ægx+˜7’Û½Ô,ó‘Gf¢ÍäŽù–áñüo,y»p1àZ€w ggƒüYeAð!ü¯4uR½_fßÂ¸‰ÖP)fŸvÍ¯L|M…·ää´nÈ4’ê«%´¨AÇ¨Ñ“çiÞæøj8|ÿ÷mªK85Mí"qòòu ~ØJ„‹˜f+Úr2 ñ¡Žôêmõü¿­¾4 5nàFdÿ‹—«/–cUß˜ìá³g+À~N~þ›­S¸”.7DUà
\¸hoÐ*!M?.Â±µ;MÊYöó(±þy÷PTå-`lbc¿Ï0êv*¿ÖEm	Þ÷¬¾èó+B)` I-SÍº:„K$FQÆY„Û—X8ÊÁ@øJ¼Æß8`,9C’‘î›ÑfOIƒ}YˆàÀ@ÎLd¡‘	Ù_p²ÔÆÓJ³zÚöú]e¾uèuÖXRÖàü`N.(wö9?e^Er.×So”ÿqG‰q9-Õíóý	yyß ¯dZ=¿þ™¸Ÿ‰ß±`o!ëPC«ŠoÎ˜’^I¤ÒVmžß‹³žG§{éÐñ.à…—=ZàžJ`§’CÈru:o<V8©¾˜ò¤^èCù%:ß 6¢RAµ²6ÂŠØÊ±£shRˆöLK%†ç=À­×ßõ³[Çûrëêž¢Æ;”ZWDæ]]¿WßÑ>xµUOX-lÏû± æ¢ˆ0×_-¬"9¥+É¡Ÿ—UiÆ«K®åÊ Ÿ ïñŠþa#§žP$¬˜ŸÌ¹ºxÏK{ež£€ÉÃ€Y?ÓúYÜÃe¿´ž”¹òê^SÉŸn¸-˜(ÿ
Ôšö ÝöàÆyàõ„t°wp¹'¼s:÷+(T'ÒNž”+fñàAB–ºì,?s>«ûÁ§lñTqþ5*‰þSh…sÏ†ð.–RH4…&*ö*+þbþ¸N6`y+Dþ&Ô7ˆdÄU3®#Ô×Ð-Ola’äº7E
jrùÈ¹˜i‚Ô	w×?P*NÄé96Á7[<âò†‰lúƒºÜÅ,`Ùéö6•¼¶}Lr¼„9ôô­.õÄ:¬¿—`ö:C·óEU',Rø)“²–c,D»zd<¦W¥-Ã°áÚw?ÖA_ø¦oËI¾óÔÔK}g2¬'Õ“¿¯Î…nª0ÜÓ‰Ê´©cÂ1£SªÚd†—üZŠá.žuÓ„˜IëÔ*–×œï7ãßï|´H7¼Jô!P$ÍãSR„š«Õ
$iB&sÈ½F!Ÿ³ÇÓ¦Ñ‚zV^]è3Û*-Y¬“×J¸ÇY¡®IíüÝ>»ÉVûVX	<­^ö!·¬ŸÜ‡‘37+
Ä“®Ý×»bHÒ¬üÿ‰œÊ©ÕÇöjÙ¼Æ³u÷3œå¥bišÇÅrÏº:Ã±Ô[Ú±#ÀT ‡ßsµnpâ¬[êÉAéb_«aACÜõOc]Õìr„6º·öÄéOL
ŒpÿPª¤%§Còß3-§V9Ž8YˆAžÈ'ÏÐÊ2Ò&ï%V^eð%¾H:¥…DŠ¦Óˆ/®ÇîË,éÀ GAKX×¦o†P»a¿ŒìÁë_ŸÄÇÑñh:ÍŸIÅ„Í“;Z¯ñ²þÂ4jÜõ0‡A¿‚þ;ˆÎ‰?Ï†jÿ³aÄÒ¢•y†=À8ÜŒ)0¸5œ¤¯©ŸXGÄp~¦¥T¥ZŽÍäÚa[ç_$YÿÍ TRnè‹§z"ù´Íž,,oÝÜó=y}¡„qªÜ Û$˜¦pGþ:uÃµá`‡q2 C¦5…¥Õò–\6®Ä`fü+†æâû1h3«‹‚íá&5…ÅÄ10Æ‘Š ½„³\‘ °‹«^‡¿¿ß¹’ÂT3³Àp-ÐS
ÓK³‘%ð”ÎÈZ0À|—Gk÷Z&"MÓR)ŠNœGJH•l‚-Q<·Ÿ©Àmªùù¦Ä/À: é”XBHûðå&wNu?G6"D”™Z÷_)¹ø {/êeÁçoÑ¶œP¿+ÙzŸZj~áµÍç7˜ÎÒéª
åm£ÎnNnÓÀáÿ6âšêæ[¼;-º€é´’?˜ÉJ §‘‘qÇÇ Ä©2—Á×•+þ;e¦‘ïjÀÒ1/LÇ£­ABùzQCéo¶"»¼„öpcžl™ýÖ’Ì.Öf¼–É ×Ï a'îqÊËqØeV%ÚÄ*Q¶K¡ùË¿ŠMùBÛAY4š`õ¾±k‘­ð.H•Ãâå‹®”mø†Ú-‘ÂÁ£‰&TM^']DíeÍïœ¸ütÞ~¨I‹Ý§h Í©ao¯Œ²ðè²ÏC/€¿^G1\{û§s‚>–œû}UwJ°+Ç?oŸVôªZ‰5VµïFpÕR2«Ÿs¶J¡ BÈ}tÚõÉ€øÈEÿÅTuÕÌñ´¼vÑÌ2t÷jæï>¯ì'uu|<rã¯%vá™Ù>·j:ÒgŽ¬¢Êí¾¶?©áå¦õBª¤ÄT&cÛ-oW6õ5P›vc>o—·öCü•` UP=[z—||«6¨D«þ¯'9Ô‚®…-úÔ4YmÇ‚ ÅÂÃô…X4>x €H`f#àŠªçƒ‚=¦­èÅPýó‘÷ù[‘¸Gàñ
e«Òlpó%ëe4ÚDYmï·:µgæ7v2©M¹‚áSÐ’Åá|¯hS©^;‰ÈÒ$2ªÚõyûyRñFÉbÞ”7ÿ¯k*×Ë›ˆ½™ÖGäeŽÃÓ0„’p/‚/cùºz²\ß©LPe¢êÅ–J&:ýÚ?Îiþ]÷¶"„ë6Ü‘9ý)+\ßqUŽy’Ž~>%KšJ&ÃPkIÎŒ«è[öIÆ×iK’.Â‹¶õ¶ÙMXÓR”irËF:î&ýÛ¥ñ–”1‡°TVŽüÛðtñ-F¿¡iIÏQEæª"ÓÏâÈ÷0Ò{}dÖ‘üËäŠ—½½Žúg€$@Îà¹P
"h”PööÍF`ö¼½`q@ Çâo$éIÄëñæW:*nÑ‘¹n/Gí?VÁ‘`ÉŠ‹‘K!ŸËá	&$.{éxÎ¹<»Ll ¹.‰Ý³º³Ñ(¦šXâxê²‹Úïª?3Ÿ8ÒkÓæá®êÈZXÔ‚>xURmAZ®#ØPÌ³IUîäúÑÙ2iÔFA« G‚ÍIj£!Ãq‚³R¦e-i²‡XVåš¶ÑÑVOp_ñ‘rÓ.yïfBxÔGÜnš¯uCk®U‰÷ufÏˆÑ·û¦”b£ob®¢ºLÆsEÂ%15S•1øìò›Ñ–z·PÚ@²±—à‰‹«…lÅ°x;ù ³ïœêü­2~²˜—n’XEÉÁ¢’¦ê™U…ÕË¿²	¡¬8	ø¢Lð\è	¨ÛQFûÿ•Î,qîänX$1îrããKÌi³Õ,©üÉÕÉ¦ñ³þø¨BÜAVµåëò“–QÚ©çg27@vµ¼)„‡;¡XŠ;<êÃUHQKãI9S¦½sFj0uaÝ¾®ÁŽ”ö÷{1i‘¥†ü€†E˜ôî>:öÀrF…5ðêÆ£ñbf
]AÑ‘ÙÚuŒB‡Â”CSÕi\ñM”ùRA=ë³ÃÚ_fXU#É–ï¹;Ï€$‚YÇ+ÁGä0¾¾cÛÕÀWô{G€Ä$‚‡ÑÍ@P­ØÕÕ;¿uÇ8½K÷8&¶"Çg'¢–$$0¿„‚Åß%R¬J^÷JiSŽµÌ|XÞ÷29ËvûÔ3úAÿºiIóàžü/TŽ1˜DçTá`9O±u‹(QÕ÷8æA*{•C[xÛ’<û-!í›ëö'Š&sÛºx¬ºd©Ž·Mî‹
=l1%&1~f4Ñóêg[²'•(!_…õ]lscA¿ï=ï¥áµÃ'kkƒ™¾~ðÎ^lŸIãðx9‰æÞ¹HX¹HÖ¼:3˜*¹2ìß1^p0jêá¥¡:hºú·É$œª1\dû"æ²–²A‘° ¢l¸Kl,“˜ZGÐš^‡Bç§5mq£)£bZ®ÖÂ¤óìÍyni}vb¢ŸÞ—*˜­Kß)ÿ§^ób_—cŽ^—ƒ˜pkÎ˜—Ùhª²·ãÉ—*àäò1”W¥ê$.Tç¡ñGßçn.h¨²ábZÞ¨@[rÄ±É›¾Â=–£™ÑÞ{9£±Üèå‰Ÿ=>Zqîc~†3ÞÅ©¬í™Ì3
Í­4”U ZI³¥À_õ®°äûê^›)ß3yù²ºå+fƒ1œ`àY-cJ³õ
Ÿèt%(<ûª sÒê]ÏsD@œ ù^ê¶œ:1Ÿ’Ü³¿Šr£ƒÇ"U7Ü¨O(¦YúÝÍé*Ïû„)úº!^¢e[Šüá3* ÑðK:GÍüm«ÂèiÙY‹¬3ëTd‡$q &˜¹³Þ9Ÿ§46ôýz|Æa÷ú†7Îa–0¦“ÂhO­å¸Ý—âÐ“ûã(þp•‰<ªˆSGåTÎmñ‚h$qG•Ž[>t;uLùv	‰,Ìº{~mªm-äH&Z%ò~lÏÈÁ†µûÖ¹˜ßËúWdTù¨ªWŸ9Ð:©;’¶óá)ÃÆƒC %ŸE/­lí”u‚V››‰Íé€öñ¡Çuž/ÅƒYaFéôl|ðl"‚jòoqäë†äBÁ$½®6ˆ­„Žš²íÉx÷9¾:u’ªa>GwêpIàÐV€Žªd'wI— Ñ^	¬DÔ¦^¡ÐGd`útµK'Ff,:¸–é‡¼<~/Šæš€q=X¡í<ïd1íy|ŽiPk?,¾Mdß/ÌL1!ÒXg¢°åKI/@Rž¡ÁS‘Bv}1DHZ­|›ç‡¤®wst×»/r4þfá-;ìWœúwà¿“wè?Z…%ç›hŒ1ÀÄç¿£~R±l²F¦ý÷ÊýˆïÌ¹òë”!ä;C£Ð ÿîµ^ÙÃ|3;É–ŠL>.‰¸Ì’hDEkRé¦¨?c¯·G›llïo_"9”œìF0I¸Oœ²	)fÒ³Ç“žæÏ·FPÄ‘þ}C,¯Z]hÈT_l€ÜS±ÙôË©2¬Ÿ=6&Ä]UvèþWsÐLîàg½Ž¦1¬´[ÒH¹ÿpªœdr=à?©öoû².ÉQ“îÓˆîê1¨ ó\îí”ìc~Ÿé(þ °C[kD:ç”b¤>Àjwëç4Îò9ÓD‰ÔºKÊT’ŸPó«é0O
ZÄ!)æm£Öä —ã0y~"ØþÎkç°&%Ç	}~—ûOi´WýÓ<ürºª¶ˆÞØ[ê˜ÙhÚoÖŽ:ÈæI¸wE"É…(Ó oÒAŸDø”Â&ìI,æõ­ŠŒW+Îh–)ñ%”{}µŠÛ®¦zn¥þú•d¯Ñ6Vû¡@&–£ÌŽÆ„y7µ[é_åYõÄ‘osá¾4xN•ò‘/—W7‘x0!y8Â¸ÿ
2”Ñ‘žì ŒÓ¼³—5ofjÜMò[•ù§1xï_p LÉ¤BîGòÛãä6jq= x¢Ø¼fÉ?œf{	Íã@ø]aWhP?ÚB¥¹¼‰‹„–ÑxXAöpš	[HW˜È=wÂgb„]‘¿ö@à\ïÂmxì }="+ÐÈ_³=ÍMFíY`Á<Ÿ#óJ4l~ÁÓ’0žðCù#j‚ïõ‚&ëO¥ÆÇal*Æÿ¿ËÊ^_ãûŽè…ç„ÄìW^ùç HÄCùƒŽpn)@dKa¨{ÏÍHïnKýÊÂÈãÖ@(ª˜? ­P8¥¥WãÞ
!Pë‹Ç¥WÀ`Ï‰kg@—(ý!ú‚æ›ÃúhJ€XúÕí±´}u¨=¾Ð÷ó!9ë<Ö©ÿv¬¤TO+Àª§RîÈ6—•í»Æÿn–Ñ|CýU&Z€9ÓÕ%-ÉeÍßy™“>›œ/QZuëx±{î.âï½<P»þ•&ŒäÞt|Ã’h!5U<t.QÞÕ÷•[kVúäþ+BË±ˆ5zÆóaw&µ·da_)àîªÑô!9S¼„º<œ¨¼Í0zº¨'°oò)<^msTÓ{Ûœü¦Ô$èK5ÁDý¼uW»!írÁÿj,7©rz¾Tä_j{è/5Ï–Ãµ­°/µ±º‚.´Ò±ÖT„¦†“JUÖûpµ®"	°Ñôºj>Í£Œ`‘ŽMY”I#§dÖÍz¬ìÊ/$Õ@—ˆw{Jî²*4¼|zGÁè¢Ý´zeÔGÒA°Æ‚01LòöŠØ×†µ]ñ<4Ð¦À*¾‡^j>šASž÷eIyh+MMXL(?oa,ïèÐ¸pvÜëGk Ø¨Ø
*8*ÕøßÚ/aOv‚Ø>Ý¨¡eÔ¡~ýÌµ4@ÞmYîŠe*FD½£“je¾±VGÆ¯'‡Þ)ñ`¹€¾'K±SejGJÏ¶£‰Ý©o–³ëø¥=0í}‰¡k¿š»vH½LLD8Vª[7öß¹ñÙÜoXp&ú]((ÎéåÞHpüGïÌ|r]U+„n`áJMòt¥1ƒu¨` uæFÊöëÉ€HÁwïWÞ¸E·-K™o†ïRÀ¼öÞUR¢EÅcH<ý¬E¢ÊùÊØoÙ?$‰°âÆãã…áÍ-;ÙÊ÷Jo3„Ãªušwz°Æ ˆšœí,|³Ø²ÃH8yîßpr„0¿MŸÀ; žLìÀ®Z'¶ ÛJûÉJ²µÄ‘À8=‡ôéý“Av—Ïr“¾iÃHñDB~!¥—¨†î¶:ÑÌÉ÷‹%“¼«(ÎßºvÖ
 3–:4+´s¦jIº¿ à¶¨?vNQ›žYªÜÖ[íÕ¡Ç(¤,…œ|.Z®&PV¸ütU­ªBTã ^½|? Vð46êe¨ÇFUù¨.V×ƒ×%ª woðè¹Dç²7³Wñjç›aíYðÖ—,álÇ•…üÖ—÷•=˜Í5%,øÓm"æÔá‘®a×¸¯ºRòQtï´Wœ¥“,°¸gæ€sÝLª]oÈö—1×h&GAm<È7†·ÛÂS˜cä@ƒ#t3³òÒÇG‡„hpZku!`P¤Äk'Ó@hqþÜ
®1Îu-5ÉXŽFÊ9‡©Y!\ÞºÉ¼×Ü,·»		5Ö»n! 4$Í·Þ²9ªÎi%Lm•fÇ\ÿH7æI­+›×O—TRÝß¢ƒ–—E|‡¦ËÌ‚æ¾ø9¸ó*Ì[“´âœðB`u8ä™½{-/^ŽaÄ´èO©CéŒ:7W€[±á©ì–ªów	>¾œÎ5ôÂ_j²æŠnÂÆVðÊ›]|†4þ“¼5.c¥–©ê:3±ÿD%½œi»M)·‚dNM/ø%HP³FÁXw‘Høcáo¶Äéÿ½PÐ5U-ºrŠu¢Ø)˜Vþ‚ëö#&ÿ˜æÖ³BSÅ,Ÿáþ‘ƒ `Èè?º nÏ/Cyó{¥ùòD– =ðºy|Ã­Kš»´‚¬l¸‚OÌW”%Rÿk]gSµRáêüÊ~µ¶)äÏ³~m™nfÒeÌÆöauÄ·œc½èÐÃÄ¬ù‹ª”ÿ~K9ûœ?UË0ŠàUköŽÊ#/ul8wS3dµi{àQÇo]UÙì¾Ù ’¿°*ÿ)¹*Û}²ƒ¤¼t_’¹7s½¦¬È/]¿°ï«é¾bÛÆïÞ8×‚t­ü¡ÉsšÌš€ÙéM'Â6º ÐŒÈÐ|eüUBã±mð‚Ü‚îª¸| Z8s¹2s4¥‚´R„/™¥í¦‹òý'}ŸÔuDl+`…‹¶²«Y²e†¥ŸóIœ6ZV¢r‘¸Òä•YiUœæ™“š,˜ÕšôdE¦ÿ¸"5â#3¿xp¯õFéI¡8£óñê4F˜LWv}Ý9M·?µ/hÓçŠr¦´ ?“FLÀ§Áf™_PÉ5·Su]ïõÎeøHº5²–kß›†’ã^wD|ŸéÀ[¢Ä£Þ"êáíÿ™v¢ÑIœ+°ï’@Ç£¨–0è·ÅÞ¼ðH´c,tÂà|,B]>óAôò·lé ø¹3_Nm|ëÉ¦ô‡MÄ®S–$ŸT”lÁÞ¾þÅÖ³Š§YËÞKZ¾;©ç6úåî”¨×Úš*éÏI–$ó~QÐ5¼QÍ
<„õ\ñŒgºjðõÖÜ4VAöº–<T Z©ï?³aùœêE´þI¶7[Ë+Mõ…i•9ü¯
{25è«Óí‰¹Çö= ½p_Di¨
jU^ ?Û˜Ø\E-Á!‹…]âÞºSÔgØæyˆP˜lWþ›ƒ Ì‚' ÀùèŠ¼ÒõYz•oà"Jø}ÝøZ“±@ùLyŸëú]H…Â!ÜºÏþ3é“gÿÏh·s¦ÐÝætÞÁõ41ÊÖLù,$”åW4Óé•Å7Ó¹ ´IÕÓ7{I™‚“j@ÈÎþÃJÓª©3Êòðí­@^9ÏQ/€àÙNHŸ´jŒ¿Ý‡¹úk\²Óy«çÔ)"äÒJxqðK*{œw?]FˆÛRÇÖ-—º4·“òó,BYâÇæMÄ§­ÁUüÝâß!m’XÜ-~)_NþŠØÚÓ„e°GãY85Ñþ ùObÐ¾ç=FÛ3[ìyLxŠJÒûã°®¤Á"î´¦êÜõÕ"RÙÂš§‘zõèÖHoû3rû³Í49ìååæ®Á~ÉmZK×ÿ!Æ2sé)NÅê×czü;=ghÝzˆ¦¸î¬Ø¦q8ÿpkx0=QT¼EÏÒvºÆ$TÿŸƒZÃÉ¥Òexì(	„°œÈb¹âjMÀPÖáûá©;·Äiù;lã&­gHim‹ú¥zŽp ÅnšSX3Ï€«[ 9º.®CK½§·‡ ;ÀßþúÑMàx“¦U#ªÃÍZÿúËðÜ6­2½ŽŽ þQßà‘A­;°J#Õ`R¢²,(uÿáðx=^<:¡a¼û¹¦; ÷½›Mx´•H,@SŠR62i‡jUT‘ý¦ÓŸpi%Æ”¦dÖs¡‰Hé5:Rˆ¨Î'ûkÄœsL±,è„Sq$é­Þ95’ë, ô˜8½®¬ÙfT4fZuÊ+Z›¯˜žyò|$òï'Hû¯Ëia!öo%wmKVÕzð {W&š
s!  		[r¼#7è¬Jb}Ä¹”'€{úœy¶<%ÛKôj0eZXìs“»,+ÒdfƒûƒC–‰lÁn©”i*QÓËÆ¼¿Fú¬ÑŸ&c]Y°ô&9Üì9<pQ¼º†1m`äœm>àû˜ðµûtæ/a¿wZ'%ØÈÝ*Ù5Wftyù’™mc©P#“L'II	g¬­ b<õ×DzF~ìvvYg–LÜùrg‘ëá´0­ÉÍ23ñE£ N<‘øZ:eQó5K4»è¡S\8¿T¼py|à*qÒb]r˜ç©ÖÂ5l_Zw/k'€ž+{4Y,å˜~´Ã…ø+ýJ„
1*+¨Æn=H<ŽÊÖ²ß™9ŽõLÑˆÍ:ÁÅ…¼sÖþ×*vfu˜Ã 3_òÃØ­e
ãÙÄZ°Sâr§^NjbDù3ùÀ°*‚³…déæ.m.ìØ¹–·ÆàÕ~k7¯Š™û¯ÜÃmq}Ð*mÆ±Î  K‚”ðÌË+MžöÇƒK´°þªe¯†E‹O¯–±Ø?dŠLr®I×¸sÞè-®•Ñ®¨Ö+/Án=Ó®ùkð6¬ÄÆÞD‹H„ò×g)‚‘§`Ëˆ Jb/ª—ßDXr€…—ww¦ßá»£z9JzüÎß&( TZ~Á#yFùi¥¹Ú>´"¯£Tñ9Ôâß´IÆ˜;¨Êå'Zë¨À-¸¢ÇsÐÞãb®yJ^ÿb“ÌT³d16F¬;o——j.Q!<p
°'‘Iå_9Þ*­ë„+82$Ü‰ŽÀéA5.ª—v¤'¢ô´Ï8÷§î@yãOtD{7Â	~½dÖ§:
„ K×ŠãG³»ÚÌèŽr]ô	^XÛÌôŽ6’ws&Ð¿SÏäŽÛŠß(‚KŸÐŽÔÌd:çVæŽZÌ>!Ö‹òmüä½0nKïw>?(Ç¯Ú†Ã–^êCõå	þ>rH­çèBX±Nì
KdXIîÝuÈpTN*`_?-H/Y§§±Í„C¯â<Ý-äôäw‰%DñóASuw^‰ˆyØºµß˜óÆ+—,†dþúXîÔzôƒ—	TBmÁ+ª9Q]ÂøG™œpã[°2 t•×À^ˆe[Ä$¹qr×ëQ}Z¿ izá‚
Ó,u©çÇò•‘ jþÜÇ*;,ñ×»Š¶;×È%Š/*8Øt ©]Ù¨uEÃd»0lb¯²m&?uîŽÀ7*‡]§¸;­“wz‘kxƒ9·þw˜ƒr¥¯ó¦³«fS,Ï<‰êÚæ?úYvYä4þÆ~¯mÀ#Fi‹R#YÝ"Ëµñìµ¹î~vcÓœá²©6 õÉ,ü„TÉÎ^_æ³EÑ°ÏÐÆ8-È uSúB-h`P?wàRÌ«¸Å8=XÏë†RS8;ÒÞwtüMéÏj¶¬8œ‰Íüö+n†«[[›Ü¸Z­ò€Š åø	áÁ”®¸Õøy™c;ä¦ë2æã{,ï h¶ÞDwÏs·~”ìúÌ.DÝÿ25ÂP%óÄjøt`tpÚ"œÐEñYüqÎ¡D ­˜xO[Ý=Ë‘$ö´$d% ,²«Ï×J¨ãÂJ)±GvrØ¥J9	] c~{2•'«ÝÅu£‹9©Úí‰ÉQ:ä7KCE;<^Œb2(ŽÚåwØ³¿*Žn×îe®"~.ÅÖå ÃÅXKŠÙûi»ëDAœû,ÊõGàÚP*çzép±ß‡ßÆ"Q×U-žSjÓÄî¢PqŽÄü]ùè…xû‘•Š‘5ŽÿŒ§X ¹Ô+´b˜¾'½P?IË¯Œ¬¯³ýÔ[({u¬§õÀ^	TÊ½õPOïŽ~ÚœœgM­^ê‰»„õö$|ÐN2oxÁY#5³1ka/7* ¢úGºðžwØz7ÁªorŽ3<.ê«ë»»¿és)âbå~Æ¸Çã9ÙàìŽIëÂ[;–@›µšJé|ÈŒpæÊj{|“eP¼¨ÂP¶¶àKKâÁZÛª^hÕ¿b8)¥ÇYÌv”ît	 úž·zLp­°†@­rQ`æÔ\pª= Œ=f®ëæ3
7R`ŸQMªñGY£Æ¬/·JÒe¸Ë‚àÈað¿:ìBþ›ËSú®ŒùéH0ûÙ
‚ÌøX€Tµœ³£v#wz)U'±ö¼ º`Ê²!+R'òR¹ x&yNÈ7vEŠ”æHS5ÌÎ¤àÐ+sïõš.Å‘Ê¾^'ûüÒ›Èð…€R¡(³(×éÌZa	öXôÊYº*_
S^°ýHºÅFeÌÂëW	úí>D3Øa	.´ëåJùÚØN:iBµOÉ#k¤Ñž±E÷‡Œ×ˆ
'ìÐèÒÌÁÿn“šc2„Ó´{”cžw*(®poß˜·±‘ó[kp­Ó©{nû^Ü1õœÄÕÛuÔ”¾}•Ÿ?«ä„3~$µRq¯BÞ­ TÛúòñ®zã-«ºäòÜõAtº7¹§»ÿr×Ã¿Ÿ©dG­ë#¦‘÷ŠÝ<}3ëêÒþ9¨CÒxìüK…Õ%„_W¿5V=:¨˜`hi>Ë±çÈ£œ>8PVïôŽÜáG)@`R˜­ðLœ‹ˆ;’*Ê¬·¨èÕ!ÝÅÍdx¿aÅÃî&Œ™öóõ†‚ô56¬éª¡qÉÆJ¼{öKí¾uqmshÅ1€•yÿŽQh×ÍÈ½›â±¡ô›º«És²zñÐ5n
êOmë(äÖT#¹«;/-ÌrÕEÆ	¨€ÛÙßPÛG³«ôXÑ–7 ¾`Ââä’­êGde€AÇu×?ÝîgÐ"yP÷‹È b[K?n;´1gôRÿkXb¾EXèRêÖ?ñïxÎ^Hïkèb€@Îü‡´i@ümÈ0ë«oÔÄ9© ª96šWŠ¦‰À ý€:oöÔ‡PYÂDuÔ—A@š„Ô•Y®ÉÉÂ¶øÎ~3n?ðy“h”>èSCÄaåòrØ½¯¬XÌ0"ÈË/n±Ÿ“^Cm(pØµÈ¬ñ¹˜ÓD
4I@2‘ÜjÈÄW¿ÊÞ^¡©»]GOw¢¹ºPˆÖÇî)×8L`Y8ù¶›öô®‰·ÜqxaŸ•T‘ˆ¨ù1Ä8†¹µÕñÞ<Ã<F=F*¡Úô=Å ç–FaÙ\ûL	ôðÒa$¡°èó¶%oÜ2’Ø›(1²Ï F×W£‰¯~WÇŠÜîMUÏ9ÐÃ¬Dé3æ;ó¾þyÜ“ÃÚÀ<boÒ)=ñÈ_éÌ¨Â2ÄXôš®——oÝdê»ÿNTnÓÝ¨!‚€„+iRÑfv÷k³ù‰úŸnóž¥Øv#ûlÙÕùIAÐî¯¶lWÂx7ŠuiÍ»=Ôq‘cW	’’>j†¯JBÙ5[L·sê,‰éõÀüœÌ MÜ.IN kN@—ü0Æn‚¿H†nlkÓSÔ_hãµ0ç„Nš*é0›ýÀ±µ¬"ÏÄ÷ó"MdÇJSâ­û"ÊuÒ²-–Qžx«Žq…'V2ÿ¾Éò—±‘×ÀÒˆ£—Ë]kWÍÙà€h[^&—åVN£1auÀ"øÀZ‘q6m'™º;2”Å_BöÖÐ^9Íáÿ8åòËs…§AÚ±(Y-ÆžBèqWØw“ì#·ÆÖÏ¹¥rüRœà‘ïâé'.Ã1Ü;"i!’çíÓ<ŽÀY“¹´æyGI›ïô*|õðyCJr¥‰uå×,tThOÏ~p½k¡¥B,h-ðû<jwýz¡¢ènâ·™äAâý¨að+,P/#žãª*\) K‡dÍÎ3["sb¬'ÛtþÑß;eˆÆvUg«ã+URDBÑb‚ :¤®?¤¥‹r°Íq;%"Ëˆo‚:E.b§–*ÔD …áX•Á“´c>‡lŒÑ9RÞðïSÒ›¯GÍ¥ÔW#0ÒOª'(jº|ÑÏ°Ð…¢Êh?qeÎœnøD.Í»]ºzö·ÙC83ÉýML{R§ˆv°·Hqê•^DºCçA³¡/CU8Í|áFá•êµp$°,<ÅßÓÕG‘fŒ~"ËÂŽ³°.}_‰¦Ëðl'®ë¬&TTþV$ÚqË¥ÂdÞ ñÃ;O¬{€ Þv@µ¢65ùd(}@9fºV™ß¤Éæöè×`Åýþ†m'ëš•$wÈß½psT¬:LÂ*ŽK¼EÛž&K¶ÂTß)¹À·eQRm}æxIKý¾xîK®c™o_rnaq0ñ.fE´Í;K	BÀ}Ì<È†:‚ý/_3ÖYj@m™k)Y YóT„Ó€ºcf'rÁ2›Ì É·¬yë£Ším£\ˆÃYO5†‹hîš!†#·9(Pä~e¤ˆ¢Ÿ°;MPHÐ•¡8ø þ¡áÃb±·Sgq(œWÐ—*IJFÉØ™1½báoPgcXô¦$òb	[Ÿ°¢½¦Ñ©@ä À5·µ"úyEµ–!„Ú³Twˆì·ÑGfmTãÒMþÜr’íIýÃ€KK@6‚-œ­V!Å»ÃÇ½W¶Zù~ÄÔý{yŽ)WŽ¦Ô–ˆÈ"WÛ"Ýÿ¯£l$æ%Em©g-m4Õ¢Ÿé×e‹Â{Ÿþ7&œá’< bnÿÄf¢´”†ºõj/²‘øÛk3†»ìC™0O˜SÞ~îk­Q7î;‡ƒ|µCI0€¯Œ$ÔËs—þÀê”Œ×5I¬'BaVÔ(xná#~—¯ªZsRðÖ*oÐ! zžŽo½Ýw¬±8ƒb0@ïšÈ ­â*ŒÅÇÔâ²þÖ‹’.GD®îâM©Çáq]£Læ£Î÷
­Ïâú…%|W?W{ÄìœVçìLtrXjê{¦O¸q±0tÇ@4ˆ|æ/³Ÿ!ékJ2yS`²)nvtÁ€þQhXÁâ:ÑVNÄ³V­ÉC¼ºq&l 6
&ÙøQûL+¶ƒ­†Ü:$/Ý‚Ëýy÷Í–XOfA{¶ð¬reõ‡½_ö¿*~Yya úZ—Ÿªre«ƒFRP_:î@Þðe>¾ü…|éââ¥ÄÀÎìÝ>¥±aLlDV‘”fþy°^¢õíÖ›Ñ`’KT¡ÇÁMb’ üÇUen3´£ BbMÈ\V„#¹d}®qŒ-P3^’,·¹¢sÐ·QL¯ƒ)ÈXÔ¾!ÁG¿Ìåyš.M°™%øã‡[Ë³AÉGBEÐ
fÚÑñäû\°ÁƒDEn¼ôã•Š«•<.­š‡º¡>XÅ|9`o°8SMàöÝ…œ{	9Û¹NŸ^Øˆt|ýÎ”ã­ËL.Ã=ßúîdØ@÷F(é_„[ÈM³©BÁI|í[–Š'Ï‰M¤hqü;‚/föÐ&—úX]ªy†¿ØoT´9žKšÀ‡öòq“`3ú¼â§×íóaX|"&CžŒª*Â¿ºÉ÷Eq-%.ò¨f¿Žp"ÀG˜Ñ=ÜE
‰œ8/„	û¦6›u°kh‹ÿ6D´‹JüÄ8ˆ8û/NŒs¹~HydíšNì½ZñP¼+±Ÿ\ÌÓƒGOp/´’p\U“ P]W Ñ¤<>5Þ:òámprþj))6WG5hˆyò˜ÔW¨J†}Ýð¶«™Òã-]±[aó
!sŸÔÏUïG˜oqƒ0<rm©†,cppü˜wƒ‡ÆŸ]‹bÆb‹Ðjib’%¥IÎ7<Fû7ð×H‚ÍÊó?LÛ
¢?Q- n¤×Ú¼0Ä‡{)IÔ”F7™shéÝˆà¡l?þv7ªßÓ#3\QOÊÕµÒ¯p³ê[ƒÁ†ŸíÔCL:Û£t{ÝO»T¡C›í¥†›Ï :îbÐ>Ê‡p‡ŒCÔûLÞ—p9†ÀÈ¾ˆÙFdƒ_„‡æfÕæÄ-{µ [3i"lUÁX¦º÷\¤—“Ásï<cZ®nôòD^nèõ­„UD$ã^\´ f˜Æ$ÒÁÛa R›åŒ²ìö¥Œ% ¦Fk+Ê±™½íár2Í;Z.DÊù Eh;(ê <œ±×çðc¾sÖ”gÙ+ÚËe`ÛÝó°xfâÝ„í³·,Ïlúí•š®(~Þ”oï'Ûvm#jØKcJ¿7cù¶–½
~²ï–Ý¢ó˜Röµ²Òô€‹vÜ‹¯1rS‡A2KLÇ…=3¦†d>µ,j+œ]#«–î	ÇÀßçÂEŽôý6˜Î6­³zÖâ2†R˜N¯@©œé:w!‡ÿqÁõhà#DC~IœàÂu÷Þå7`ï8%c1Pÿ †òÿ×P!þÔB_ÍÑý¬ê‡ãCNU8Ö/¹RÎ§íT%à…Ñô¤·{ÏøáøTÃnª@zàüÉ ox¤$Ò¾Ó˜%Èy°|®QãDÐŸê9k»£Mû‹.¦2.³qK|“Ôá$3¸¹n@À¯¿¿a_‰a¶¬OÌL[ÝÁ0^Ã¾Ã’hwÂ¯È?@}XçÓädO’Ø…9€n/«Ö§&É8Wåqubp«Wò(
²32XÒ¤Œt©Y¼¶‚•ÒR¯×’gòt‚8ïÀ­$‰F«ŸrE¶œ„´œCàÝ½—“ÓÒX`yˆóH¹:ˆ¶2’ð!‰åZÀe'?û†ÎU MR¤JÉ’•i'ÃG|cÄwEà{mÜ„ï½ÃŒ‚Úò;¤yÍM¤ì^&r–…zÒEÊa%þŒèZÂê•f!ÎÔ'éS©$Æñ–Ról––¡åçÜmüB|Îœè2èÐÙ‹[yô<W*jtwâÕàÈ ã"U™([×í ³à­±†¿UåáØ»Ò¯ÿÀ£…?Ztçò0Y—Á9Åž×ÊŽ¡¦jt¾ ÅaŽâ½|¦åè|ïž@ÇD¡–á€™"Ø*r‹§„ö,ÙâÉ,--ÄN×dd_SwÙËsk“t‹ýQZ«`gf¸J#^oÔÌß	ÄÉæË{ˆ»ïb/œÎ²ÆAÚ¸t9
{Oábº#ßúÑ¨0’*[ÓŒX:÷cö5Ž|CÆ}f‚£‡XIk'Ð|Ý“îèš×9 ˜0MÞ{‡‡?œKý\@Þj^ý8_h‹c]-¤ÅÈ§Ûälýƒõ½)ÈëV×WµNn};»aV1ÒÙ^ø°V¿.Eïg@[„V¥—âÜÃ‹ÑÅ“úÊˆ2\³žýÐƒvÄH?“á…ì(f:vu:+É¬Ë(	;ÄÅrÈó¹
©òTò„S€ïL ëTëO7^ÈWìë;êÏŸ¦1èî7À¶1ÉLeK#iëh5ûX%¯ëÉÄ_ªèÄiJjÄØ(m{lÒ‰âØ^Hþ<çûÐ¤µÛÑÆ® ^¬;Ú&£¬4ZhTà
o¡áüJ¡k‘ù†wb_Ý7NTnÙCvQs÷ó½|.me1ãø7úƒ-jüÔGýÇzŽ²ª5#-SOù’‚õ¨ˆíäïê_q¡Þ­„©DY£~çþpyÿZ·XÕ¥š’½Ö,ß¬è5‡ÁSÓ‹l]ÿk»…õˆ»%4 óíò(¦ÊOëH¥˜BéÒ×â-ž–Aé³ˆÈ}K#.*¹È&©¬ŒF$jŽïÍrXÍmO[h@¯?Á&À’vÑ]µ½fb?hí ¶4/Á}¹›!ñ‚¡¿U3ÍC´„ë:m=É³Â@„Ê3<6ED¼Iãÿ\ãcîÞ „2 ÿ0>Y¹á®~úf2ÒD§ŠoÎ7R¡;–¹Éº%K|2ST@›öï7eIliT2–ª'NEÖ8rÑB4>fó±¾ó¡ØA½\ØJ[#MTYmQ¢N¨êÅÙ5<&²XÝïÚŸ¬Úcol‚ª¯{×Ù#)ƒ`’Áµ_²BBcÙ4µyidMéï@˜(íØ“_êÉŠNEL›ýnsk³ÄêKAY¬$]rw<¢`ÕÛX¾²(v¹ºÇ:>Íß•kšEˆ§4{Owî¥¹UØººÈïâ»é÷ñG×Ñã›ÜÓâ:PµDÏèïPÆáÄœÉu†i ˜}¥ÀÂÄGæQHÆÔL”ÀH7î;y:…œ¶	ªµ-Rp?V„&’Ç[;n¸Ãö“ ñ“Qÿ‚¸)	2Æ:¾&»lS~NJ©R	#qUOS¤“&	2= )Üµsõp¾¤Y‚Ç3srE‘<°+dž€‡Ì²ðW±njé4â‰täÁÇ¡JÉ«ßHHPÀÎÆkŽ¼¬ÂPxâÀ¸	¬V¦	 0 IÄ‚¤`cgÊh‚–õ†¡
+…@Ô0Å\H´p·Ø[8À·~ç™6#É‹LGêmÜôÏñè(<O„•©TëäÆæReGÉñ[þ¥jêðæù~'eÿúeûNm àÍ‚õ÷¦»œkÉAñë€®d}˜ÇÙ\”uì¦lvÏv±¿'¼eÐ"¯ ~ª©£–Ò @-ªœ	Ýƒò'(›-”¾ÑòËÜcÃÍåef5FŠ(Ðt}{E}ê³š xKC4b«ÊÒ‚¥° oo´rÎ»2oÄx­b´A2ª=onõº¸”EIåx~&µˆhŽ¯cÃ½ˆÖ1+…¾ÃiÙPàÑ¯Tðêëz«ÞË%ÍšOu	NTCû)2‰ ù7rQ­ÈÆ ö(c¤‘2ø@Ë_tu~Ÿ= õ&OÌöè‘~4`<*ÚÆ,Õ;YŸn†ZÜ‘NSÕœð›[%l{”¯ÓDO]výz
«ëm¢êW«Žz
Â§`Ï(¥vå“C°Ê˜ˆ~Å.a÷]­Š_Ë\¹'”ÆÛµåñÞ´ä4mNºá+žî ðá 
c²16‰5ÃóHüÜ¼Ù$¬–Ò+ÎYÀ’ßqQD¨Ú8{yÄ-d:Wã™Œbcøb¹>$Æz©R.þQ;†Ç*u÷·Gb‡Ãx[À‡V¢Véê\{´olQÇî…wõ¯rŸHÞ…Gÿ¥çAFWØü*)m ¦	Jáý²Û‹ÉèÃþüÆzÉ˜R(¡½P±±=Û:rd—ÿÏÍ)Ïý”™Õ&ÌY•BŽóò);»/ÁèÀ“$¡zýå“2Ý¤¢E0µ…Åub¥ÿ(ûj%¡†‚;w²E}CÒÛá]´³¹ÞÛÓ÷ò¤-^íA+)õ¸}Q—Ñ`)´VLHªMaêf>{0˜4R;ŒîÃo˜‡eRò¶ºb\ïð«@#Éþš *"áx¯p!Œx†•7Ó…€ÞMâE›Ê–!‚«	‚AS@nÞ©ËN¨¤W¥PÓÖ¥Úè™£ÀCÀF³Üùñõ}×“"Q÷ŸÎj×9P%ŒôLŸ`>’5˜¾Cˆ?ÇzŸ“‡ÏL{…ðµÒ~nSuÄÕÓ²éeÝû»bŸ=ÿhÉ˜N±:!ß¹Ò3RñË.ðÆ;*¸¿±ê¶å‡Úýq6¿”:ª$Í¢_È'bX$¯;ŸöäãÝ<(˜&HåÓð"j©sæ`BÈÅ‚Ú­°jyÙùó`Ö'Yì+S1ß´Š×ØCHªoÜr@¤áð)$äÙü:dC ¢tóU>¬ýÄ½ÓÂŠ…iÖƒ„R£‹•s¦hHÔÍñ¢³Û(§õ-vÆÛÛõOMá‡)æÇÿÁMOÛbVà XJ#-c‡¥N‚’èô–þšàêª}{¶÷YùcZt6œGWb(uT7)ŸXálÁG©}@|!~·7ü¡ªŒŸn S›‡IML¾Ï2Ù»8¨x	IxZñNcˆ];-Y#Zb¼Ÿævµpv2Ï»éÂ=_wËÁœ¬Ï|¹Ó*Z)÷¦·¨æ(‹3u—ð³ñÛB{PœO¼H–	3n>î‘C
_æwÌùiifG	ßw°¶'©Ø@úáe5©Ëvç<J7Ø‰•Î€cêF¨˜}-OZ¿¹¶5n˜†³8dy2ú¡ðgU› Tp‡Ž=ŸÉ·CDÖKàÕ"	WÍHB®D’®ÝÈgT#Ÿ1¨eÉ¹‰ô ?´Î¿ÁY{–ûÅößfã‹-)=B¤_ ³ÖøQã8²¢<ÀÆ/¥ÝçµÜ¢è!íê„¾Ú-!Êînå¼ÞBZ6à.IKˆ·ø“¼†!Šüzë3‡feÁÛî5@õÿb[:È2ÑPé'Æ5ÛÞrài‹å¼ù'…S´° 5oŠ¯uþœŠ€ùÙ·` ©èxíf¼Fê{^ÏÅÌ’“óð¨V®Ÿå3Ú!Ð-¡?æNöñ[ÒÖ{v#µŒŽÁ,ŸÛcÃw£8q“PÀŽ¶ÆÊƒªß3ö†ûÉ%!²ä´qˆVŒL«!æêjá Î>ŽZÌ¡!WÇûÄføœ»³É&ù“µ_=Ç”m'ð¡J6v¯_†išpé]Æ‹Ù¯/tâ®~’Eý3‰R{Z4qeß«&üÜ9ÈÑ.;ü!S½­O”Ò:ŒìJ×G pÍÓsêw|®®¼©p¯¨Å­:Í…;À=×•ßð±¬;+2Šmf5¯!(Šž¹  Úßš™‡à˜¢8^j'@½õá·Úi ?,’“k&·Ý¦"£×xŒýü¼èéŠÇsXÊ t ÖXQQ³$ß~“¯ék.Ô6%$Ýhãl 3XÔpCµ©´÷–¶±øìCT|îÆê@ü¿ÚkïÇñïUQucáÜlÏ,Qû¹äy@‰;fì9òWB|K¨¼'½œÀÍ2*M« ¹BË2¤E*“
mSíù±Qy_EÇnŸ_d&#ˆÌ¤nqx± |µ €÷—ÇÞ'°U†W`ø|Ïÿ*JÐ§¯gŒëÓ#’-ýÉ—c¢%ƒÑzU›yœÙ5jµfáöR|îuæ¨õã|}–Ø™V¿ûÏ;¬
ÙtÔ'‹Ýš³Œª^Y“;¤¬î8>€£Îï!Øš(‹	z€¢;‘&m¿ýí!pÖ¼M)Éÿ!ò›½±VÃÔ ^ö§”¼Q;Á9'§e-˜¶$?ÑÊç“ãŠ~*N|áú¡Ë™XL~!æc´³ßZ_™A°‘ãóµ¡æ»8™Šþ?x 2¿•púhÜÛªBÕfl…`²•Æ«´çHj|V¿Ê^Î {,ÐMéÁ0UMmáæƒ3áŒ¥%¤ŽËÿnu"8Ok‹=¾ô8Ž{‡[ù©*Ý²º}6Bj"mû}€Â>ðóðÔKüçíE)\-â6Â¶¤ÈzleîQÍ3ÉñöâS*À†Tn¹?›r~76	>›!°ùº'*†”
É¿  ÓfL¨~mMqmÉ5˜…Úúÿ‰±ŸD_ƒwkÝQ% ÎÔMðä…c–qßbª·x°\š¹oCµ[;b1ÀÂÈG\OÀJoYÚqïê#[‹÷@g[*÷uú
ŒòÙ²PT
EàqSW}MŠô‰y‡gã‡àéÃæÆg¿7ß6£x,{ïR!ÿÜòyg»ÃïÍ’™Š
KOÀhÿÐë ÷ L#bÛU›¤¬:ÿßFlì1œùwq/3¯y®AY†e†É={¥Yú›FòØS”IáÂ`@k^9ÛxN”=ˆ	ÚTPD9òòÅgâÇžóN%	ƒ®ÑÃÞ<±ù%Órè@;š¯z—‡]‚¥»	«Q3Ã”õ©ü£†¢ÍP*=G—¯U„”û`0û2#aß?Luò’nÔVtâŒKâÒ¥3m‚t¯ÜúìÔvµ“«?Äë°û”L›©ŒÂ4^òÏá·Ó‘Ç_nŸË)re¸ì4°›Ü=rÔ§±Q×f ©Îf÷"Cg*Þ›–nŽK‡[á5›ïhŒ§ŠÒÿé€DoèH8ðèÆî µ.¯ÿ0ÀépûbHÕ^)CÑp8µ¤qÜO@/©“ËgçD»lsKiÆ¤Ö?¹%Q&ÌÅúgZeç,p…Õ+¢ÇKh»«óa/;WGÊtËR&ÆŠXËÜ‘ý„´íE-@øè¥†ô£¾@Š ‚”Ú¦¼ÀÓ2&¹ÍBìú¬òK†š¬»õˆ1ÓdT;MÖœÜ6xø>i˜2ò×³tÞ:Ðj@]-Þ(¹æ«…aqÝ` ÃÎ•HQQ2äÇ—5x×®%T9Ç•7«Ìíî©Ñë4îWA]$ &ZR*jôÒ§Ê$@£ÆÖß‹ÇVÜì´¢W¼``ÎèõNmô•kØ cšOŠí“	®ù ysÄŠŠÔøÎn;ˆÐß<ÓEè…†œræ²…[¬Ÿ­Á{[³æÓ¿Vt“ˆs¨‚Hª5Âøo˜&B¬¿JèNó½$µ¦b¬+~Ö;)Gc{ãu£S§¥9ô..{˜xx¦tâNP«ãÿûU5åFË
AŒ]{9ê^¯@	?n-¤Œ$ÿZÀÊ°¤…#[#¸gƒïÿªf©½¶HúeÅ—(Õí_°gï–=¶×ÛiUíõ4¹ºîZ¸óÞ{s×GÈÕª/ ;lvŸÄ£(‰–‘æÃpšÚYOMÓNü#V	çn°bŠ$¯|°ñã!dbK Û¡Ààø¯NíJwÅ™F6IC§v§ùß¡¯>-W.ú
¹¾€×aB÷¬@o†žBùd*cLI¡$MsX²ÃéolÃ~{—©?/ï”»¯úéšHûh£üš± fa)‹«Q’ÕSš™@ÆT»S­¼çœ]p[ÙXòAKã¾›ëÎªÕl:Ò=ÆqBx×¨Ô=ÌNøü‰¶:Ú‡+£´*o1›<þ']_gÝxX}ÜzBçn¹†‡ÔiR‹Á×O¨Ü¸C–$ÏTó÷áeh®Ý¬Fjt$¼*H—âÏ_+­è¹ÎHn÷Ä3VlÙèG¢tL41G¨dGÍq¤ªºû[Øˆ•Ñ"]´¿žw9s?Ÿ|ê½&I]\Ék”ZWßÊ{}¸ŽgÜ·ïôƒw·ôag
¤"?ƒæ´íF)ŠÍ¯Íj
þ5bð¨+„ÏÚ Dˆº%V…#T|‚6Rž+ã+þäœ:uS“ó:ºÀôâ/®ŒA¿m~Ÿ¡ÏØªÔTJ3¤’4Óñ®PzIÐ´á³Ö¿qÍâÏ³á¡Ø›[DOå)	¶#s2ëÉ$]Ù–Ç1Qä¶ÚSÍãÞ—Õ	bÜ†	@[c¦÷üÄgw¾Š)gÐÏ¶‚™wSóÀ†ØÌŽëÖl¤ÏÂÊù©(Z±#ÛŠW“eg¹ÖR<Ô?9 a’@‹PW>VT{®õ0éá‘%§õ9ß’RLJ‰)•âÊß9ü¶?qL©®Ä¾Ž©`È¯¥ ÌL€ØIOÉ`ÇÅ¿äŠ¶ÈÍ4–áÐX#vLÚœ\ÔnþÌi(èw·%.­K,Skô6u¶>okì¿½úÔ¡Û"ˆ#¬RæÅ~}BÔC<
9Vî˜Œ™SpM÷ûR½økœ²Lb
@F<G”:=|Ì\‡ë«RGHX§$THÊ´©V3ˆ½íMVŒ“1/1‹×®¨Ñêˆ+<ŒïÇb ›L$è
X(pçÃ{W"‰›1ÇTÙ%[Pr±S¼• Mn/EùŒ¡Iù#õš‡ru^¿{š„JI+m{¤|dðû[›ãF]W£Ù¸°Rª’}YÅ*”¥—õ\|]Q¡°F!åÿ	J
l†ÜpÁuˆ«Ua•÷šY°sš×¸µS‚/ZªótÙ–rÑ"[—ÊOT±œú`*Æ¡þÈ·Ÿ–¸€îºoƒ·`;"º4'ºd€5±ðNFh0û0R$Ês†qTÀû¼MŽ¨sÝ²$àë®’ƒW‡«¿Dï£Õ_îƒÌé§÷šh¢Ê8æ&£‡&·'Ñ‡Ê–õøŸÿˆÌÈ3	 3™‡"x·Ä|(_xé%»ŒK{s¡bÍ	%EŒ(PD\fxŠ3óŒÙu&Í¼9qOÇàÈT‡u¥¹$ZÎàü¯Ívû"€ÌeeîNpmh»
‘Û*Ð‡H¸ƒÇîº	$(ýßÇž´úºHTçbe˜Ò—C¤d‚ŠB²ö¡>yÌ–(J¾UOuó"ªQ/q¤æghè&Æb¢/óErÑVlÜ»ÄÊœöÉæ&1¡Î‹nµ·!há‹`ZDøêt-H}nËw”ävð¼)´íj 4ÚVÔµóå³ÛCÚ‘‰+}SkFdá¡ã·I(ã×Z‘9MßÔ¸TðjúTÏ¬»c†º®Næ&ùOÃOMJT”BTœîa)÷‘áT·æ™g_§¼áá\·¸nØ¤»³-Ì~mžÇÉí›ÑZÑw¸:­Qi¯_$H<Ë&ŠOiÊrØÿfòõ@§…Ö´Å#“#¢7ûJÒõŽ”òhœ"“wŸcRÏ54ûÿ«æhayâ\(ÃÔõÿ7#‘½$Õ9\¸Át>ã>Ø/À™ÿ=˜e<}(ÏNjXaÜ‚+#ñ®”¸¬ì•} Š\Ž0š»~0¡u©ïòB=“†YÐ8»»Q=6Çøb©©ûåg¹4PJu=%ë£·)vf÷‰Á‹Î54ôœ½á[eg¾Udå;ª¯¿´%%{ê)îG[Ú¤ÍÔYµM–ÜJk™€vªŽÖ>›l3Ÿ›îé«õÂˆÔCº‡pØ/k¨ÇM–’é]í…bæÑ®Jx†ýºÞ^fzSdyDÜm	n.C˜–2Áé IzÇå†”J=»éô+HNé
Æ.Ò¯-ólÉ&·Õ#YûS‘³äŽÇçI{ŸØü—»múMŠ`äGèmÔÄ×‘¾g*vá~ÚG¨/FkE­5$3²$½Ä//t0‰ÓA"¦HgEhìÇ¯LeÐPOLäjG}ls:mIWò_^Æà‰äa,ŠÇPdÒïý'ë©A×/3õdœFu+3Oà€ž¿[—<ór²"ÈÊLiQÁRp½Yâ
wîJZl‚C”âª•ÚãlT‡¼Ô —í6!|"/Ï ˜^z­Þ”Àú‹f…ƒ¦ÿzxþzQÂe9$…ò{ÝòŒ,jgêBP™˜©ëÚu>«';¤ëjaz÷ey±¦Ž1B‰wSÌt_"ég]
u2}E¾¿^ôqÎ%‘a{ªœÁ!x£0ËÙ‰Î»”NÉŒiñïç¬Ìú°¹kûœúk´FSãFÅŒœûçME\¤J¥=Ü1`È_ua~jðð‚Í yÓ/aSN0>š×îœÈ*£îáCrâãO|Šà5c}n“ô—<4ÅfŸàc¡Ã	šF›‡¸F¡¨¶ñž™gÇÙ!Ï•š¬ýç¬/9†}dXàÄ¬'¢Óˆ”¶¿`J7x²
~D;0MŸ|¼RcŒ¶Ð®‰Õvñ:( yÅÓèsßy©é²Ù¦¼¨ô+]ñ‚SŠê¡»u0”áÎD¼NÁ¿TZMae5³Ö¹]Ëh÷ƒœ›ã³õDïÃ˜-NSMy†å†”5Jªº¦óN‰õešÑ<•˜Ï¨»¥¨ØèJ%à×zìPx/ÁÃ´Î¾ËXîîYwã¸ˆ~ÒSÊª@}¦Rä§ð^=Ãú¸@½KNÂŠ8-8ànü“ÖíEˆn™WÊhø«P—Ù§Ý@ÞŒç}v$ú1‚Ì¶­‰Wä¼ïê÷ÂU#ùÊrùïº|¹ Ë¾Yv¨šŒïšéÝµUN€ nh”{l6ªî{Ô9Q®jû6’ùèüŒæ]IY¹Rg©e•5c;·€„`³Ñ•5}ô'Ëãƒfs#…œ=I„sw¼Æùñ”ùiPo:Þ¥—æž˜•²4©ÑƒnZûÂ1¶KžK¤Raê5¦ýå#)÷ŽÖíþ`£©Ý%±áÓ§¦½íˆ´ý‘‹á’ béS ,¸qsÇùzWÚ¿Ó¡ñX‰Ü+<}éê÷S«j³ð‹æQ×+Eúi$Îü¤Oó^¥"ä&G0\d:r.Y»ø‚/3°Žrðcÿ¼$ü!õcÜÏ”èqÓ0Êv þi™±5iy§ |˜¥Ð\k¡jfÏrt
aŽ	vÈ†¸fÊoMÊÜÿ#a#Y±7oÊ'Z™¬ðp{Ús%é„ÐãPFŽ(Ú"Ê˜}Û[DÎÓsª…ÎëÏùXoììî¼dýº1NØ³`¯ëÈá›w1ÕrBcSó^X—Ö™³#Dx€‚Nt4mAëõ§¦w–ú¸­%øèQ,‹¬>ÌÁýÑ°6xtù9¤F¬~Ð;6ï¾û€'j1«Œ_§6«žuò³4SøÑ÷Uýr,›%ÑÍ„)2Qp£’-‹ê"33oû”¶Ò»Lt:Øi¯C‹®Ð=³¬(ŒØnÍ]^4$`µ}°w†Æ1Z›9ƒé¸” ½Ó
üÁ(›·p#
ªK¨=‰Á·{Â½ŠkR<+ãë½ÏŸý vX{Á®½¬W¦ŒÉ)ø9G-Þz‰`Wš_@£ÿÛ"×Bwî~$“º¥O¡,HM¬ìf_ŽQ¿‹ê”—Ï‘Á¬täÅ‚þ±íÜôu\'i•ê=½´Si½Û4Lì/ò=#ÎOM|<	¬gcà…J@ZÚýXŽHÇQx%SÚ‘Ž¬	²ó¹Ã8
î­k<*ö;íÔÁÓL½†½HÁô³W­G'×rMÖÐçÉù9%YÛ~\ÿP²ïûŒX¯ Gi¿ßø4s/4»]Š_þ¯²(I¢£Plq>¿~2+ôÔþÉgut¨µÚÏÆ×5ÑTÑ¦¨ôP/„|S-úõŽ°q\Š
›á`PY|”x=@É´ÙõØüÍ5/fù=Õq;Vž…/ªìò.=‘üWÊ$¼âÌ®Î±ãf‹Èrzp‡Ø¸YEæ²<>Í]øÓü
v½OñN…x: OöÎŒ°!#¤÷ê2cƒ1'Òškj=´9ØœØ"ÀNj»rÃ‰¤@aLñZœ²iLu$84*n´v­G`Ä>z·Ò!°‚©Y„iÅèþ¤®  áË	(XMÇ0ãvÝ]³?“íÅô»™—³œj§'i¿?¨æŽ%7°[Ë‡bFèG`çÔ{ˆ®¤°iZžÃ&#ÚÅ1wðü‰TÓ7Ø·H ê<5žåäp;ÍLVèÿÅÆ¹ÇNF'r1Ó<×Sg;+¦ìÊeTpG6“záV²x ±…[TcvÕZ í
.Cé«¼u*@I> u_…û€Nx#Ÿîöv§f%Ö4º ïC,að<kín;}Ið½ÍÒ H¦\BÒ,CŽÝ¿ï¡’<ÇÃ‚ùl#ƒ4çÖ•8†Àê„f·Mê&”¶‹ù#P2<È$³Çƒ¾ÔóÞ€Ì]®/Y¾ËNnö«ØÛ`€Aá*½Ä¦c ålDocÔ’öw”còP»!~­¹ÙèÑ¼á'Û§y‘ëô/ã™Cù -l@]á¯=Û-:ÄW£Ú>c•TNÝ)’Ù(•ïeärÊ]…Õ^yÊ2)NÑKc +Ït)'ÌùÀ69¯$«Ñ¸­É¹EY(·I™Jý3²B7‡8°e´ÙœPC;¹v-c)@Ò 6Qƒ#A¯mNší‹¹˜‡ê($c7t–§?Å¹Ÿ³xqZÿZÇz"¼õ"ðö8öÞ;»C„‡gœšeŽ¾ÕjÂR­ôí¬ñ`£øØNÉËÒÁE9’ÛˆV¬D·á$îz›b©ý?Ä§ÒbäTb¦†‹ïm0:tÌ°(_¥hž%©W»×í³›iIÿ½žøI
!>Æ<Ÿð+lQÿJty &¿"zÎÎËZpJÄj†3¶Ê¿@ü†Þ–ƒ8oÃ=¹éÒæÖ>Xÿ,ÊÇç}Ø†ìú'5ÛÇAD;!o$,îÅL‚Jñ1ñ Ÿ		yQ%…ehW+K½­hŸ¦tô]8»”~)Ð ‰úèj•[<h$:YßÕj÷’¬|÷WÆ˜iŽí5ÇÜµÚPèÀR'Œ+žP·‚$u3™KÐ…Ìçhí·Á´
æWoê	d{\Ä‹¬°ÿ”‹àº7Ž[ŒKé¨æÊ25Òþ¢5óØ…=æ(0¿ÿ9‘½¦Wà”`0éˆ$iýžÀ¨ßÙ5[ðv­7LH¸¶ýŸ‹±ëÙXä×9é‚[P¿ŠëÔŽmX_Õr¿…8u´pïÚímÏ·âcpmlû„c«ã‘a€T9I•´…Þ« !&=ŠJ \ÉP×èŠ_óå^5nãe<Ê÷Ø¥Í­
#~µú£?ô(Ô·"]œ–fÈnw¤çk«òšÒÜäéÊƒü¤øÍp?PPf<R[³Ò?¡Ñ¹F¾Ÿ€ü¶)–ìùÜÖúy§Zé±®q¯Ó‡ß½:náƒ8êm
uü¢„@@õÐÀáìd*ªYPy%dòM´³&¡Ü¿%,ŠÿúÀþPKÈ•¥EÝçuìC7ŽCZ§rÂ*ÖrB¸ï¤%]aå&·£©/|€†!¹Òü¢÷‡ iqÁERO§Ã§ÄÐ´&Ÿ›¸o0=iÛé¡úU-ú‘ù "At{ÀœôÊX˜Iõ,Q´›%ñÒ½•J˜(pžœ¾¯ÌeFœ0tà³˜ZË*Té—©ÒÓ!n„?=°;.ÎÒöºÃã°sX$üL÷±½Ç))j†Cq\pÛPÿ][OØðbÃñ2¿ˆ‚W©U‹¬A½Dœ²ªáƒg¦~´…(÷ÈÉzÛØVÞçë}æcÂ°E:×éˆ…bÈ˜îÏ.)ªyA?¢äP¡T4 /Ã¸¯OÎ‚	wbH(}#òÉD^ÊÇ¯¤#Œ4 DøleG˜æãg-ÎÉt4&ã‚í@ä½ïÈˆ‹ßU× Õ±ÀZ-ÏÃ«Ñ`ÑÐÄo«E²å¡ÍBe	\£bÀ8ñ.ù'lýùÍV½€Êù?~õ"8B¿—æC}êÈM+Ó^å\	MF5½Ö>aþ*‰)¦:¹JÐÀÝa[|L—»1¾+È¹ºš…	Þ§ Â¡Æ”xBÞÊÒY˜H/µ“ù<E{ª›V^RLa4k¸|xK÷OÔ¬9”“?–Ó_°Qw²{AQyöÖ9ëÈSé'õFµ®Á>u$Œ"‚W^aÌF3\äJ,ŒyV[~1ùçÜï[…MßáY3ùÙÿed?v<ß³¿¯Mäjæ»ÏÀ¼Ç±{È_öÚDÃyE×ýC&œT.ðâÄÅBéíüÎQ>%Xß¡Æø k+Á3_cx4$Ž°ÖBRC471s‘”°én’·}uj	°ŒŒ­â.yr®´¡tH°Ç4"}·™ù–Ü»#H"f=Ôï¦ðŒ+ ŸàÜáÆS/$°1»›Ml;€Ï–ãta_ºúzG30.V;	Š2g­+•·»dç(U¶*'ÀÈù·ÓÃxòñ_œše™…·{ÔÕzkoãŽM£Œ¢|DÉ€z…ð`9ŸÚ©€=Q¾¦þÌÛ–!l¨žc7é8U—Y«ÀV|ð\™„Õ¼ÍX•1ƒEí°‚b&ZjÆ©H½¢l¦š$È;Jžk~‰5E‚ÝTÑò¼ÊO'æ+ÓDOë{–ŽµqŸu ŽÑoÅ-nÑY>ŒZ[Î/‘ô2k=Ë‚Ë]g+Âà÷¶Š_@ôc•yÓÂ/Ð²8ƒ‰âôMš9?ýÊ­ŒéñiaÀ}ŸÄY0(UDCa)ÊH)®•º6 (:çKQQùc†«¨ÌÄÞÏ¤}ž‰#XŽ[Â‚/+;H2Ù”.?%H7ß|{‚êî@ú¦	~ë
Ãh/ßÁ Fíó>•aÊÕ0¹2E|–_ñ~¬ç
òaÌÑsŒó‹—?hè‹3ñ]nÐg“&ûTðö_ªfÕî{Œ4Ì&'•Œn{ÏÉŽ"þÏM±0ÏA¼£Èã¾ž~É Ê-VˆˆÞŠï²%o` ˆ]»·^ÁÙõoïv÷‹*ƒ ±w.ˆCÅÎ³g!pv³˜„)é“eòƒœx&XXxžvÞïÞØw¤á‡g~}€[v	>ûôIÚÒù'·ç7u&¼¸iÊ3rmW€ø­÷wnô`kDt0±t¬}Œ)Q)Ø¡híMðÕÃï­í¬ng7(?‘f“\7d.j˜S#/øx‰ól_Æ®vÔ½|j>ÑC¶[¢ëjK9ì¬ »¯…u9)ËMÛ¢¯wbƒo„yDà/=}O[œî´‘¨ÖâÀµÜVÊ-™	’»=·ó²U ë	À×+éÃìvFÃUþ0Óš‚®¦È{8V[×îÝ€'o¦ln+î¯LÔ›?Ñ˜¨QÅºãºÅ77|Þþ$sBÃÚŒå¹6Wt#ON6õ›¸[i³ŽÇà®·VùÕôY;ôÙÏjßAJ'[ÚgûgniÄþ*K|_µËwvÃë¥
7çŸw‡ßÑŽYÛ;Ü0ÿG“ïÖa‡jA2"œQ|[ÌÎü
øHtb¸cy1Ýº¨Ý‹yè«Ù×ºî v>’È¦Š‰Û¡¹w\5¡„ž–Mz:Ú>¦Khj]Ï¹£yÜSˆ,IDÏáˆË¿¤ã»‘÷kŒÚ†t©¢_ë²Q5v¦{h HÁ´V=èžÝs¡“c›;qDFJ¾VˆœYlKu¢pË€Ì‘ŒßpãˆÊ§àÊ„wI’1Ôuo2ÔvÊ8 ”åÇÌ×(¬ÜºdÊýH}m<Ÿ¸­4/_÷øv11Ç•™BÉ8”£ZZ…{Ô	b˜÷ô[œŸñ#×#¦º1ÁB]ãÅ<À1ÁÛÀò'pHt]¬à³Î
³.þ*1rÐWìVO¹î¸ˆ‡RcŒÖ*Ã¨0™Æo•wŠž_Þ€þÐŽ¤	e *0:"‡ØÍN7íØÃÃB´[Ô×£Õ^µC‚`‘‡ÿ‘|ÿhXLËZ›ÎˆÍÜ€VÆÉTUyçŠz/:„\Ò)¦ñÑjV4Eø\Emõ]Æ›aÏ¡¢½ÐA^F²	ƒ`Ç¨Û»nupV¼XØ ÉèDüx­Z±ôrcw»#œáN_Ú]¡zA+`ž>¸N`wNÚÇÜëñh¦3-wïvm9ëðý4t*6ƒßG;6?ûØ F¢W7€Õäãøð "Ã õÜ^‰(i¶Jš=7P+­ª„íì%³í¦ùJbnÜ	eíëþÜéÿo§ÆïfÉÀí@•»¾†Á
áAÞ™¸”Ò‚Änuy×ª×ïŽ)²îË,©÷áUÚ
LW™oNæVª€#Tú¸òvYUÌµ]lÿ2!«jûe¤{·5x2tPŒˆÁ ­¿gœž]]è3ìr¢Ó¼>¦s a@QR‹F{!ï6·ÃMò†‘æ2âúúA–"7B~mYVµŽâ"†­þÍµ©G)‚ˆ¼fÄ4;]<oeáÑ·Œˆ0N¬è-={ƒ¦þŽf‰åò½¸v— 8wÎÛÑÔÍÃÞŸ%.Æ´C½ÀòÆ™\b·g%ƒY¡BÄW°·ô0œ\eQ4µ®5‰`.tínà
÷^0º‹ ÿô±AŒ†UèÝ˜§ë\Ý(¼†FGl¬Á¢†äˆ@ÛÜ™¨U*"WÖêí=[¢¶#²AAårå]ÿ¢Lƒ9ª)½	¯Ä*Žk™8oÎe¹ºv`z3u !8­F€©F”Ïþ‡:ÿøÔVóTT ï+X–â”¹¬tøuÝL}Éç¶û’ƒÌ­ˆ[©$ˆW·å.‰îG*Î‘q&w'v›»Ní"¯ñkAÉÎ“Uwe¥v=ìçñÂÉ¥•lšÂë’ø^ÈÆ\ÆíÏ*/	ÕÆK,úgfvõå(ÃÀÔtÉÏÐÀ…»ô{uøÙ7˜y…IÙH|‚ˆÕÒ;uZYãêúA™ÄL;@œ$¼ÒTªb©J$¿È‘u1)³–m{­E0RöâEw€«õÜ¦¸0­Õ›—Û2…M ©.?@†UQàQ’²ö€¼ùñÀMnÐº k„lŸÅ‹Þ¥'—,²Z ¤à"ŠÆ)¢Ô½¸œê5²ß«¤º;vpp+ò(å*é]–n55gÍ·uql™°“O°©¤'-ã[Û¿ÓÞqP•0Ü»ýìÍ—ú(–W¿$›‹ÒßOW2¬*Õâ—/ËÚ»5dn‹„‰›RœP!QO-–Nyï„¯´Ý§ÄÖÃ|9zfÇ§S²Óýïc@çNcEMµ· "ö“Kìªâ$îOW+y3‚CBvôAz~ã‰˜©Êþ‹½Õÿ¯`qAo•f â.eßéÃ:v¬2†:ÔˆòÀõ¥\ØrYž 7ÁVÇ±YÏXÑpÆ\Ö°'ŒLÚsÌZ†Ë¥¸.¹.4ã+1ÐŒh’[Ëj‘éÕ:Rú[)ù“VÈ›(ú´¿Ò÷´ƒ“êlÙ8¢aâÂ˜šó5„i!ê±çú…sÐM8GÐâm ¦,‡þoR÷m
Ž:ß¹¯^±•½f~¯$õãÅL:Y€_íD´[¤¿©†¬¸Ä®pK»XË¤Î_6N1UÌL…OnÕób5ÇBq4%¹“€}C3pA¥5±„Y<Àbm«ãÚþ'´ÃÛr”» ŽëÀêÝÛ–¾£½ûÅ×žfgqÝù`Ê£Áhø/6EÉm¤¶š¯†[7·Yvv+™ÕüpGñê˜s¨›èŒ^DåN§}Uî˜Ñ3È6Ra µ£ò<11[“1Ã±}'J_ÅÝÐ,€âQî¼Ç!oôBÕí­ÐNFtÐ„Ï?UÂf¿•:TÔ=y4½è¶“öî%P–<‘–›o¾#_ë„ ›Àˆàv2÷tjBÂ‰VHgŽâ/¢aÖ¡#ƒd=&HN‡ÿ5†–Yù:õwÞEYdƒ¼&ßä±nÜÔSÜüZo 1¾ÞÍ·`@k­ú@q§§)îb¡]™ƒ4F’w÷Š\ÜÈ\üçyT‡ðÆ~ÐWŸ›¦_˜I
ôL¤{$~×ï›|cõTZ>¼Ÿ'—¼t¡.ßÉMýœ+Ü>qø8”\*¡ÿ”®(\A	ÜŒ’F|¹‘QÒR${–n‰aÌWÑ:~Þ.^m?o¾FŒ¤7˜–]•XýJÈQ¦[®KôçT=27»ðªªn¬•³Eð{g×8ÿÌ/wä´û%ß?€&„¤g-½®<™ã´H3Ö9xVLAð¸å¥ÐF@à0ïw¹¢S°V;³}ÂEÔçab=%X,ïàT¤î†3óÐÄå.°œ1µ¹q"ðû|˜CÙ0^ÄÓiÉèõ—æ»êÖî|DnËÈÚm—í¸îCén’ŒÑyZuÍGBH}åØbœdP`ÚZ—q þâƒ:P@~!å$÷Î	}llÊkÜž³^À,W†;•“‹~i|à~Øì2°Þ»Ì
ÏÌ2Íkk™Î«°„÷à]wÊ}”‚ÃØ?¶ÈÄgÄRÅŠ>ZƒáÜËèEcÁVrOÛ9r	Oµiîn—Ô…[ˆš¶Óh}|¦m*™8I§ý¢Ø³
%—lñXÁY|)ËÁñyK»Ío;Æ¹9ÄAQWVüëØÍ?†'w¢’ÙÉ× ü_õÝÀ¨ž*e4Ý]`ÿäÑ+¾Ü<ã4€“·¼À=![eˆç–1çX‹M¥õÀ‡iÎ5ï$µÑr¦iu7Ëy·(aÊƒþž½>ù›²!7Ç%úìßHœbf²jº2~?+$5º«;‡àïŸkòÇ´ªàåÅÈ 5lo¶ý¢O<†ûœ¢jLkçE	›Bñ]T»©¹ÒÛš\H(O>ú½MaÈÇ9ñÒÃÎw­úõ
KôõäB§y†!q³’dYõ#Q^Â4XŸáƒíhPµ©Hò'=ñöUÝ¼p 5JÁ¯¾7ù8
­¤~tG>QO·å»™¤T p!s„ÚŠh¤y*y­ázbÊ3­€¾ü›¸’#ŒA||XÐÆÍO-"{êp¾¨#wps‹HV}7˜ÍØmn7,“OQsÓY{:—I òÐ·(2“a• œ$üð((XNDööú/{Œb_a *»‚¤Lœ|`ZE¼&œ‘¹ìfYkãÌˆã—»Âü09t
‰š£F«¸3ìHZ©¸¦cDjxJ8æ—m:yÀÿ$!Î¸¾ÚŽFE#J›4yA«ašÀ²ú‘11Ï1ŸƒÕkˆµÀaÏ†×hKÁ>þ-8év
"¿U%Hþ'FëR8!…EðNÊ“eœ÷%¶C6û,‰4ËÝ«+Ã}ŠÙ|ÖAdP/©õ9ý¿DÑ*‚RÿýdyåñÃz(Ä#K¦ä2Ýãþ+=†”ê½´æF<«Á¯úÓ`a3
L¿6NM|®3tî–Ñ³»7eƒ¢7gùëŽ½ª©¯yà„‹?
GFÈÎ Sóñ¬-Öy>´êkPéƒpçU+¿/„2æ4ßs×ßùçš\è–!N1Ô+y*rä¸¥ÌŸ)Æ¬³Œ]êŽí“Öñ§í!¤¢ýfäZdFŸŸÓiþ;.w|c‰Øz¡‡)×‘6}{1+üôvE­Š „ÍÔQÒóÙe³Nü»)œ·™—|Gc
zYàM¢«Pºdãß¨+Í@wQ$ªdå<ÌlÊÞ«Þä;mâQßù‚bÅë,„~ ’Ä“«äÑz™Q"#8@ÔUq.·_U€¾qkÂßqX<Ed X«¤†x»4˜Û?Åhi+@7ë-,JØté‘qD£ƒØ^Mî¼
°Ù’yåN¹_Q»^:"à€¼ñž¤ÞøAÚ¢óõ.yaø#IÿÍÑ#L™nÁ¹%®Ãw{·ÿ 0øá¬)R®.N›ö•5¼§¯¡n_¸<¥•éN¼°~š²—“¿³¯#ºíúò;g,ùýja¼8‘‘uxÕ ˆn9Ñ6µ’ß2=@mwøë1`*ú+•[²åyÔöÒsvoµ¡"=w1>O\[M[ÐnÞpQRKIh\åªêHôXÕÍÓq¿©“Ex¡.?d3wìZÏ9 ¢\­½Åð¥¹†[›aÔÄP4wÇ‘R¹‡)î!Ï³ô²)PÀW¤°™Ù*Ø'Nò&¾ªÖi¸ FfFþºúôaÄ(¾1·l'd¶k°$ºïIcÄ.Om	{þ˜èó¸*?ºÃñ¦’’“»ùœª.{â2šK;7X2{Ó|©¶ýÐ?ýÝ+yþ½:A~G“´ÝWrYIÐiö«qÅRº 	à=œ©Ã­ŸÝžI!‹¬è®ÀW1ü(¿FÏªóû–Ä{™ÿì'B39AÖÙÿäsž{z²õ%‚µ+,¼½Þ‰Waû,ž³ÙÛæÛ££9]ÝÏü>¨ìÇ ¢¿üÀü‘Ðr‰;›Ú\EÒtˆ¶„•o	º¨ýñyçv§ÀZÎ¹}”®x¥÷ÔÉLr¥AUÜ•EÎžÝLy¶ëœÃšû¯zéoT½tæ¢í¢Û>U6ïÜ¨ðÆ*CÔ^€†Ý¢
èš^$¯U9MC‘µõˆºå±8¤ŒkE"”ÿ	¿]¢QáÁÔYŽq*ÂÑ‘uo]â‘)¸Õl^2“Ž´gâgØÅ>ðëê‘è_‡s	+®	ê¡(
ýÙý‹í]ËE´‹Ð(ö.YÊx*©0 ×ÍÓYŠ’¼ðÄ·d¿ÓR¯)cÃ@ó¼wËa ‰þØ”}®ÔBÁd.KS¹Ã<NÚÏ”4<
åÖVÄù‹ÁÁL&c®çJÊM{.=b•â€¹¾C&øM~óöÙƒßÛ^X’D¶Ô^öþ÷¨4öŒÈPÞÜO.3CEÔ÷Ô¦K÷ã£ÉU¢œÛ1Á<j¹ño×Vš™.lÉ -‰GÛa¬q
À¥ºvp÷9Åúáæ°ÐÀý³öÛ’ëñsÕ]søšõCÀ²˜\nÌCR­6¶wÊæÐý3'ÂeÙ(EÃ±£ýeŸkþº’74­¼N<°-é¾Yg¾^¶C‘%•x#bL§œªK®uÂ¯IWG¬Â7“‰—.”O¡gÀôô3üTŽïcx‡3Áì]ƒXyT1Ãúý{€á”¾‚#ßšžÚ÷:`}­²Û×æ$æÚ‚äÎvHh£eAäòMƒAHÿ°CÓ§®»Ì' ˜ì÷¸¼
l±|/ÎåBÀSrTÂ42+2Ž[ ý fÇçX‚|UlxÉ‹’ÑŠ;â¹œÚüÌýîú&kJ•’N‘?©o«²©q‚-%|’ pžãc˜`0N~1<éI`¼Eƒ;ÓŸtÖ'œPwQ¯e'7bèc¬Äˆ˜%“F¨Rô—«õÙoé?N ÝÏ5q†Æ›Ú±Õ#„%*h–\)¹nKFS’É<zù&ˆwùtèIpM³:¾V¯ &‘ñ}Ãvq
ûÉ×æÁ1«ãÅSá¥ÏíVú>|Jôs©°’]‹®ÈMšÁŒÚo™“•À!>íiñHÛîG\×z¯ÿmS¢’òß»êžR&.°5k&âešV¹g$GbF»àÍyØÚÆ
ŽÛI¢õëês4UdšŸœ,Ò)£lªÎü1‘D!aßö¸×®uU ¾KïÙZ{VÁxZüýÝŽ‘htŠƒY¤ÉÇîèÍ÷ÛÏA,%µ‚g	ÆÊ)6Òèòaêá"ëgÄà»/
â2Þt×P4ñ‘ºÑBÖü À‡‰3‡¹ÑôM%I‡À³BƒŒÎÕŽÑu~È½˜ì uÿ—ú1ê¨J@3ä(±½Õâ1©`>õÕÃ§ÿÎ¼Q?Ö«Pµµ«?ØÂfeãˆ°V8l£!¤×ÑDTÈ T*è
º€@œ"Côøåñ:›:[¡-E÷¼Ìw wÏj®æ‡§u%Z•¿ßCW ‚ A¯ëÍ¾Ú”a˜Ð/¸þ0uTŸ)UÖÔúGÌô{„XðñHi¡÷T¤~mßuDÉã–æ53íðËzêòSP—¡¾WÉéÔ§`Þ£Yz"´(—ºa0¬l0‹rØŽ®2H.²ä*Ýº.œRLÅa2·+%?Øv›í:<;KòXÖ¼.ex,`kŽt!émÇDßÃ[âQY¢×pó ¨Ý¯HÔËõŸ§¬2ƒœ('ôŠzÔ"×(‹ßQ–ÑÙnƒKPùp¤	•Êô[&ºå8¼ã&dÇý@	‰ Þ}DUíßöti¾4,½¦¦à‘×óùdx*ø,”fKÆî>ãVo¢è¤;s,ewÁ?ö'©ô5Ê¹r'éa|Ç¶Ý:è+Oƒ>Û¹‰²HÎ­bØÍÀ9Ù›ï‘¤>y+=›¢…Ÿ¦ïëtEƒ°v½²‡×gÐ´«Á<á80˜:°±$½t„·V÷ÄË	¿õÑ*Pëù'ósÚBÅý¡%‰q8N¦Â¶±°°Î£6^ån›Nµ»± ÖïŒÄ×–ùo
}äqåTpþHµÕªÀ…²¾ˆxòåf„pÀ”5‡×—¸wÚ:Õý/Ð:šAºé
<L“6Ê~š ¾f¹ð|~G2AÆ`Œ‹uŠHì0'Ø{Pe"‹çx,?KŸ½K©ææ‡Ãö,`ñÀ¬¦ NÁÙrq­Ù¥×;Žá€/ñ1‰ýÙ[vt¡V[Ä­‘Ú†T½n‰qÓ–%¾vüi¬®‡vÇv”d¾ê|­¤ú@9Ýìso^	Òªe‡Ç£RJŽëðì,ÀÎeøÛ1|G5œLiŠÊzö<ÆÞÈâ”)¦t
ðì,¯ëá¶ š»û³†giÇ”Ó5”¥{\Ú“ùT[q”Eª|#‰€ð¾æÑé(Wº£0zñ‡/E½¢Ub.ÇÅºìÖ( Šuî1Bsê Ž#o–ÐÌÏ‹Uz4$V –btžé/ÿ÷ŠòCðóeDíWJ‘ZbÞÐêÉŸI¦újPœ%ò°<T9už0jKhLJÆ‹ŽàÖÒŸ‹ÛäM¾H{á;Rõ ¢¶%ßº]Ç‰s}Â¨Ó|X÷bÄ7E|íÿÍå°µ™2%²wß@ãÝßzíL8ð EvG)åá8Ë÷ónC»<IxmEF;´$?ÎÖr”OŽc&¹
z¾&Í¯È““;hûÊk´Üã FvMõ×Ó›ÞíªÚËžsÇ©™ê°4ŸÓ†ÿ¶ŸÑ"ü'È0äˆûPÓÝš	‘öß{ß»¸“©äKº¨	“OZÚDÜ›ƒ€Ì­Ëªî¢Õy`®?Cæ‰%oª˜"ÏÿË/ïéÊº,¾{;Ü|å¥ÊXX0¦ êf²÷Ö|¨‡ò2Ð§0¤«(eÑBúp˜íÃ‘`ð(àëI|Î#Ùï¨ÄóèskuèTkÐôRøñ±†±¸3›ü¥‹—}‰'ÁïQ–;’§JÑÉ½Km=Zå5ËÄ&>nKnxñÌ¸ŸÌ›×ÜÙè~Q^ñ
¶¢apJ†¢¾'ÙŒ¢4{ -Š¯&ç^6¯é«ô›šÒgÓHDU<šÒtz¯Fk˜Œì%\¹•b%òJ  ¼Z’P™LvÉš'5Øeÿ†3Ÿ²9.?“]*¥ö.œkGÑý”B±äŒ 00=“£Ì¯†¶Ð¹y~^YTØ¾³TÓ`	ÔL¬ËRBePÄ¬0Á³-Y‹«
B{Ú©ó²P0l›á;!¾AX9kZ&«Äš [\Uó­v…²¨+†:qlz‹ª8
¼Wõ$—s“ZÙºÌbW.³óŒ†Ö…l(þ
¨$¹U™q§[¿Þoÿ‘àÐkÁ¨ùIøÏ°lš9ç¡Ôëõ{tUlç@ž 0íŽ¼	ŸþŽ–µÿ—ñ©)Z@EððIATîŒ«7C¦¢Y½¹¢ýKo˜bÔ¥–¡üX®]&»7‡E,…H~w²|¼ezl[5ÉŒí»Ÿý>
éåŒyT]À}PïñæôÎlëxñàò‚WcN–Vr`r¡ê>µr‘ÑS¥ÕT•ÑÞîÛ;¨ÏšsÍ‹À&U1Ëd2ˆñzul<ˆWäÇÃ³¦­%X¦VK–×až‚qžqi ýä`Ü0kñiÇQæ?âò]¶àb³_Ï˜q§ŽH YH„ÏÓD×ÅLÇž'×!ô7YÏiñ$ÔªBÊé:‚MàqölôR—Ô*1ù
Ug;-MÚ7£œÕòš‚®<¥œ—W‘¨Už5`/°wgmÂ•÷ÇŸKôLy PÔ‡_Ñoå2ÿºŠD2ëZM?°Æ	IKì`ç^7^ŠÔZ¤}ú¾.ò»¹<ØsììB+ÚUðnzÈAL	Â(·Ë=¼nËãÖf~oônL¤›¿E%fŒáãò›HN©¿SÔ“dR˜…³meq,˜»¨^³Iš}+ÌÏœuÓG“´Šp‘¤4¾d'ÞçêÆ…ÿ„3ÕêOæ9S#~êû;®5Èeñ«ÏƒS‘8CŽ“™jMžhRÚ]¶Åšœî÷`_i·ªV+áv¤]&¬“ÆŠ¬X®LˆîŒ®5Ç´f–A¤–C˜Òù´³µXñ"xýéd`À70„Q¥ùyIäÀ¨AèÒþ)Oï-Ïoý.&›ÝX8TÍÛ>E¾P½ø‹\Èÿ»'ØYÅÑð)z¿mW8­ÒÁ¿eŸ+¢¥&šž}„²êy¨2:€7-Å7±X×•[Ê‚2 EÆü6Á7p¯‘["ªL)í‹Ã¿›k:ÚCŒ0`•õø-Ø¢Ëâ} «·÷žÊÈÝRqùŸxð5Xºa+ÌóŸpÈ—§®F•|x>òÑ·÷š®£sRËY‰8[Ù=Ê¹°‚Ñj]“^Á«në·ùºïœrs*Gråð“Óô¹FçBkPþ¦’'€E¢ñqŽ¿iÌøM\ø=’u'i pðt.¯µITý—¸­£ÛÆ·méÙÂ ÌÈ›BhI\£ïv(Íq§*ÜQj©"Žtâ‚ýFm¢úÌã#é^U6©¢­4”_åµ­úÇ¢[BA QoEh±«æTQLOùo=2TÉ@4r¦j©Ó’è…kßð‹M•Û‡éJÑ{Cƒ‚Î'ŸJcLUzá=ì/`äÚŠ·\Þ6òê³”Un+§€±þ<„f’æ©êVFqu:R„Ä´Ø÷5úßøÖ~™ÞH›F¢åZJþä¾mù¤]¦©†ZÑ	[åÁ¿Ž{stÐ‰)5TÌŒAk“T7nCå,J´L»IìõF„½UfxZÀI!EVÔÐZõ5XÌñi¼‡‚£pi>0fÝÊ»{˜3¿Ž³HÐýgü	D„M‚YéÂóün„–7`›fE>RÕdŒÇµóŽ•Â.æiËüe“3À¤ÒÛ¾šk*RØŒ"wa…—Ž3CÏ'^í•K£“l¨ìÛ4€º’oÏKÔÞÞBá!Õù)‚]îqïƒ(zDàhˆzl0cÜ‡‚³ónB)™â—'Ã‚ÆúêÔù_gkp÷.ƒ€eÐ…ÒÜ!XçÓ"Ù>S´›öñ.¦^ÖëÒQ,\5ÿ}0D%e…Nô!6Uîºð€…RAvn•ä½PçŽ…XÌ¿Ã_,~Ti&;´\Î¹^&9•õ6©#1Lï÷Ë{û6ÿ²g‰/_´–¨ØÚbS¯~¬‹1½õ“wE‘ÕÞCM$'üp_2XÒ‘†6(ñJ+óÙqbgý§{qµ±ºy=‹ÑÊ<³¯FaôUÖÄ©
¯»âž´¨l—‰£Ö:Òf¦óâ÷ƒ`pkˆ•s„tVKF è}&*¾j:b5“'Ï¹@gØhC˜¢<äØ/Ú¨âB˜¨qbýöÞ˜R¯'Yüªd,0è	òâ­Ût\ ÔäÀÂæâ‰sùš3HF7¼¡ƒ–/˜~ì«²û5rÎr¢MlÞgu«úB˜(ï
Úù/C®xê>ÓÏe[‘™,lÄ42ýëê»K¬sTP.'Ã•ôþüÊ	üˆ
üÝŒéžæ`Ä6qV‹O"{ašªß›c1ªmv×Í$›FÝ½†e;T#	Ï@.ÉŒ
žåk’bh}	µ¡ /ÉãS\>±Ù—¥)™ÁÓ¥è´NF±×ÃÚ4ÛãÃ~­ÒIïj%ê	y*ímhùu¨¸Ø0Î#ÚLäê*A%Ä—Øfi;W7ì½iÈûØÇŽh!)óCP·—À)q½Ð„PâååîFÍ½Éç¯ÄÆ†\3…JÙzê!ˆüâÓŸ)œ9yWÎÝr²ú!×±å·tyÑÐN;]8ÒWvžƒ3“$Tâ‹üú¾XWNæ/Ø–ëëlNpï±&½¡çYÐú»ègD-û°»³Ãß€V»úQaQÙ8êA­ŒÌÚ´ø%(¹çhr Ùº]5£H§­v:¼Í@N¥ÿx#jÏZÏïÜ  à÷±YâkÌÕ#;#±ËÒ3\›i—Æ¢ÝF|*È[ñÆdá€¾ç5ùwÆòÉ¼d™Dù>L ?ÁËqGÔNÞõ
ã€²XšÄàØ,mê“Ü()’ãÂm=„…ž e—seü›6PZdd‹¥#k?®ï¿ù Hbó ÍÏpû±ïH.	’/ÝœûÎiá?˜Ð”Æê¶œ†ÈÖ{mÝcå1Ü)·
›:*‰2nˆ· ˜cÖëzö€	8¥Ìbµ¨tÙž´b‡ãíã;÷Dã¼x¢&¬â†ÚåÐš”•TjÙ·Fœ$Óðc¨Óõî8X¢Þ
ñ„à~ÕŠP%êF@Æ?ð)¦Ût×dpzmÈÀ¸€
£j_¾OÐÊ(#OR‡k¤v &ÝÓ‚L/r#-u–ækË9°f"ü²‰µD¦\ZE®'RxÕ(nuj±¬)!ç¨³óm2„ ÂðQ\ yœ*Lÿ"ç˜ªžØç;`¼êØý…ªH¯é‡´9>Ô|âŒŸ~,J9n! *7^0‡À ”	Ûi Î¼W¡YèSiE£L½GÊ\Ðp"75Éck¸ÕUõw|ÂçnpÃ7»[8¤ñ¦²ÙtkÛöúXñÿ†øÕøl;Ë‚Þ3 ’ä„šô÷Jd×&ˆ€¶•idÑ×\Àí“¢
5•RfÔH’1@!ís©ÔÐ@œ¦	ßlÙ™|&D©RÖ·a<ã¿I%Fä×*Ë«¡d~YýHeàÂ™ÎU¥OnzÇÐÿãQÛ~>]
wt.‘2›
Âfet¼H*è§]«ÍâûGn…nöL iøX¯ºE¼½†ü2î¨+7ÏÏŒdi\«lÍ:*%³™×ŽBâe¥Âæ’«ZxÒC§DSåZ¸e÷¢.¶­Ý…P€'É¯‹T¬P®áã«”õÀªQ‚§ÇSP„éæiÙ]Ô)2øuhF]ßÑÌøÐÚlnÈÂ÷%øvŸ½ù]šÄWû%øñÃ2|ÃŽ²ç?[	Åû.Ï9R¯³Q77»ñøtÒ…DT)6eéß#ä
Œ«©7{ŒjÅÝû q±€ºþ2ÀÐça¨D¨†aÁ«±Çá5 +»ŠÁ¾Í‚#Êq±ØD:ºœ¥|Ì.¹Ääó€ÙúNôeK-©ûaÍ[š<é¶¦Òä·[‡Z|Â¢…¡ó±ê÷æWv“ŸŸúÚ“ŽmÔž–¹Háƒù×“òk[+ÿ®ÓkK¤-GHÃu-ƒëY·ÕgÔõûj¤ö›sîÉG¾üjítHÎ@Š½^¼ŸˆqxBô[°ç(%Õ$±þˆWYÐÔÊË0ð®¸V8ªR@4%¥úA3Ûÿ6oJpŒÁ!Äw{gÙ}îH&ãkq’$´)cû¼ÄóôŽ4$üX‚È„¦šKá×w7Çâ¾=ÄÊ•¿AJépÙí`ílBö"L¬úìæg˜Ž:×"TÍš1úY0H[ŽéLv²ÿ=¯QÄ5eþw5,\C÷ö·ýdtÞàô„ŠqÚbØþîpïm'–ôžc  €f™«WIÝwG"Ûß¬~ÿ§rõÅ3‰Í^ËJËJ ‘ñ1Ï·œù‡Jy]­Xaîàcß&(¶(G[hê——íÌ(F¾ÀB1+7W‰Åj¶ÒV—ÒäINÕ\5~ÿ|þ÷à{õJ'¸îf@m‰ÀP4Bq¡x>ÿJ¦ÙŽ„â'¢ƒM€bé—|ö©Kmñ!‡¸ãbÄ$™gàB›‘ ýÃ„3aM:¼] å<ŸVÀFy«¯_AfˆW@§_{àHT‡ªõ›‡')I•ÄX1°f·Ùµ}o„yDÞ‘F-»õBPh~†K"˜áÑO‹ŸvÆ)©ÿrYpÞeÃ©;¥é_nçÅ"jå<2>Á¹•^«´´L)øÔúáDL0ÎüÄ'ûhIësúµsU9Ÿ¥€yò}ì`»ée	!¢n²?cG þë0ý+'é0¯g‰œûPe/îCê"ÑWáª–v•¬Ú[Ì:2Ef:…6U¢¥4ô‰Ä¦áêÁ¡Ž™“zßï}ZO>2q´ùhøi®ð%š	E¼¯Ií×Ãù„•±U@‹Ìxì”-Q£š•íõeõî¹,6ád¬¦¦e¼_‘“]Å3­éb—4‡(Ì8/‚9$5u)DV8¼ÐçNåÁ1÷«)€0¤Â|ºåLî±Ý€ç±ó!Íh¹ÄÙ:ŠÛ²JòþúÆîÊËfTíƒóåM8qŒ.ÁÚOqÓIºvâ!"iÍ#+·+ÄÆÇ£†q^\ÿyz€™ù}šG'µÙ¶$MH@u%¨mn©Y¡ÎÓ{ï¹¾‘Ë÷Çœß|FŠ‰–sKî¾ÈV!bš¹ÄB?‘Â_@tÏ˜›«ìmÞ=`—€]æðæ$“•_(k¡¥äéÂ0tKS´ûÒ”tfâHºò²·¸dAÚWÈ&­ÿÁš„U!Gßb¤¿‘clë5^ùßØÝÀªf²|÷ºíEîE‘fæLÈ‘4*Mº®iÅòút”/.ÌŒ“ÀÎaèÂo¿Šò‰ˆ?Éó×@]AÈÃÓ¶¿qÒ§k¨æ´¹ï–öóMš,‡a­õ3Ê¢‡Íýé­ÉËW5“@oQ©|'ªý+ÇË;8€£šB"Ò¼trE’ñMJ,kE*€Ú,g¤Úˆ†DÝØÏ03ü8ñ»v ô`Í—ý¦‰t†S;T&´„>J=Ï¬/PGåvmƒw)ÃÄ v"Ÿì4×b¹,èê(}+o½ˆ2þ¥eÚH‰ï­ ÞBþáG~Sy”‘‘Ø7XTgŸ‡[ë®ABÿØ”/ëôæŸØMG¦rÅ:ÏtDñ«øƒ#g‡(šíœE?}Á…{ào’C0	‚"Rù)Y
T
ØÉ‹ß©‰åçºÕ	Šd¨ÉW0v°[]Û¥ÃÖøµÏOé1–¸Š¸ÐflAÌÿkfô7/ìþ‹«¦ÈPXSß‚öj×b×j$ÔváÞËË?±•>’Õi£©UË*ÐœÐ³æ7öÝ‘EÆ»ÌR`pìC„V›#KÐÄšâ¢ÿkc>ëåpöÕ@!>ëâß}uôë gÃ<%£—¯ØZïI”v
Áî‘ßè«Èo„½à¨†%zKçÂÞy v~ Dž/ó”´)YîR>Ø'3\Ã-ðž¬iÑËÁŽ>7|§‘uZCSƒ#7×†7È{·Hp@,î6÷#ümº	§“Åê¥¢Éêýõ 6á…”ìûNá˜7é«‹——P‘xêZÉ¡Ü£c~Xõ¤‡A,Ð^€i³>‹îô2B›¸ðQWI¶BÓÄr
†nð÷îm¡ÁÑ°ô,iT“Vë$¾\>¢=!Íòò¤ÆÁˆÀ!©ß¤Ì€Ù”-,ç#æÝÒ@BÉên Þ)j†Ôáú\
sÝ&…aB(N–ÛlÖƒ„]©„él Jo.°÷3!á°ñ°*æ9¨ŒÛ•-ÙÙRŸ‰#R´„ÚÐ@¦'q5æØ‡€(smB¨åâ¹±â,c,‘Û_"ÞNbÕþ{M`G¶"â?²Ïë¡|‹JÇ‹ädBq0êuÆîU• ¹ØâûÄýÅžq”?šò	Ul]“HŒ3íã—Ÿ`tOV¨Ì½4@¼<‹~M“ìHc¿AIS4y"¶×ü'Ò>># œ¼{ývçv“íT/‘"MKxÇ`xÜ·*ê…1RE*Óï›-®âF„M±x7;è©I(7WPV:ûŠ»†ª®¸ËÀtÌŒ<RP!á_iøçÊÒÜ?`Úšƒ±§ª¹upøßØ2,ò~w+ýO.Ü~P p6–œn­Oˆ˜¼'l+"ULâƒ¿T·AnMM¾ô­8@˜^XTPËõ#­â‚!å KLb%etá¥È½¦³ûµc0‹©—dKÿñÔIq§hcë²f,œ@”N„Ôƒ=Ž‘ûÕþøqªkýîè9Š°‹x€æñ²H¼cÄÖ¼~ç…ÑM*'ÃmÄ½¨ ëöÓµ¥Ý<f!3%÷BëEé’Ñsã“éý½¸+¥»L:Q_¨
Šô`‘ëî ÀÖ/‚hKÕÖ´	¼DLsò»@Ü÷€³—¨fxô¸kÄßƒý2´ë`Åÿ¾=‡Ö‡Ù©AþÖj®ã·ä\òrÈu(”ú	A0d†,f‹çËÃê©ùîãt“Õ)¹ë~¶³íWn ÃM"#¼ýH!ÓÃRåEÇ‚Ð3\êF-a5ž+Áë^…7ë¾Ê"TYñ©àó»jç§Sƒ"8ÓçÑ±8Dšy-Zoù%IÒÿ’B¹Td ¾öÇó¢Á÷,ý;® ‹*Ž¶hèÖ?í!ŽuWø&Hã3º#Ù:}Ê‘©”ÇìW‹2Ý¿çy“@„ñ°²±_'ˆC“ãäKëÍdY•%Ë‚Þ¢P-³èO?)y-l‰tT ç—Ž›{oH½ºmFå†7õ>/¼áñb   Õ•è«CSö%Ç²Ê¦û`/Ù%)u¾“Ü7:*Ó¸ »à„×M¤‡¶éß    
YZ