nss-pkcs11-devel-3.90.0-2.el7_9>  HLk|e17 $ƨ4N&.(G*^ ;Jt `hR|Uؚ Ez^(ݭ< ¥KGɳlcr , ܎EdY=(\ ( %(r>YEa0gSD臵&_2/x|t Yf%Y?.*&M `Ԧ[M#bu74aZ~úzS'kN%t=M8T,ARȻx4;(vd\1F6|#L9,gHߢQW0f0&"< ߓDhg`4R pFW ;2juo*}\D2wkK7(3~+ eMsK^3('yn65>H'i[ɃbIEQnzMi<4~WR ޝTo[A <w`ac%@.s6E]rkyw JtQ氃4d1a64fa72364e70e5044a116519efaf2ec59658dhe17 $ƨHLYc3szcD]pr$̓]yֲKdRvom:@Q:\ G;/~k{W 2&loq\~d;+% 9/kwrLSjސ%&8"'}=ƫ~ 8EҮ<ϧ޳j!mYLhP"dZ#IA;bZNdd? N0T )UӸϖj[:(@5ҾυļbQP, 4SlPKɳ`VÛ,:GOIF9q 3*i)א카}u͂H&Z48"vQ})̈́p.|Wٟ2]V)HCA&8^>DyB~74?$d " Z OU\         E  T    ( \>(p8x9 :UG H I( X8YD\t ] ^0bldef l t( u\ vw x  Cnss-pkcs11-devel3.90.02.el7_9Development libraries for PKCS #11 (Cryptoki) using NSSLibrary files for developing PKCS #11 modules using basic NSS low level services.e1,}x86-01.bsys.centos.orgLCentOSMPLv2.0CentOS BuildSystem Development/Librarieshttp://www.mozilla.org/projects/security/pki/nss/linuxx86_64 n@GCB:nZ,d|Nd|Nd|Nd|Nd|Nd|Nd|Nd|Nd|Nd|Ne1,te1,|e1,|a35ece673d12028eb93987be84491b4a5978b26acbed9391ea7c623d892114892314809e560ccd8db3aa7c73a76761c6dfdc9970766418eda2ccf5d82d7c8c87d17c98658d22e1d43bebb72e5c2fa70d38b4813cc365664cb7e012c1c205945a44468d9015bc778365581b64aa8389d29b1253027c339f0db50c4fa4041b182610323e003c49ea719ba9d58bcc8cd25e0cb04b9ef477e86532dd49ce5aab7de426ea03608b467e5d895ef62414d18e48c7eef62075092710067aa35ab7da79c77a0eecf6f3406b0ac94bde7ea8963f1ed4bdc05c48bade64adbbe3f942607a58424de03c781dc5f6985867d3c8905ef675f7f2bef4bc52abc6e523484afb4882dc8e6a0a79dc11903d89226d4fd9a1a2e6d15433c2f77b7176b727c3d2980b1b616dd39c3520cedf4a0b72c67baa0de3103d894baa8631e24020c157d21a2473f5ee187ae698bfebcb2b4df6e21edbc3d95b5ec709756e1cd6a1c3d83fca1c44034337eff0cfb704e6b641158eca9457c15489d88c8ae5a814e8152dacbd8ec8816df2e300a3b1ee19e6db41f3ca65caae71bf7d2cb8bcb2083f8469af583002rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootnss-3.90.0-2.el7_9.src.rpmnss-pkcs11-develnss-pkcs11-devel(x86-64)nss-pkcs11-devel-static     nss-develnss-softokn-freebl-develrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.90.0-2.el7_93.90.03.0.4-14.6.0-14.0-15.2-14.11.3dd@dxb?by@bb@a@@a@`@``Ȗ@`@`?z@`3`.V`@_%Y@_"@_*@]B]@]]S\\\P\@\g\-@\\7\C@\@\@\\|\s[k@[Z؄Z3@ZЛZ2@ZkZw@Z\ZOhZN@Z Y@Y|YB@Y@Y@Y@Y@YJYg`Y1S@Y i@Y i@Y @Y.Y@YXX~@X•@XO@XO@XBX@XX@XWu WrfWc@Wc@WBWo@Wo@Wo@WW WW@Vn@V@V>@V`VpV'~@U6@U6@UAU@UUUݪ@UUȒ@UU@U'U3@UUx&Ux&Uq@U?v@U8U0U-@U'@U:TTq@TTto@Td@T)IS@S@Sہ@S@SnS@RJ@RRUR۾@R۾@R@R@Rx@RΏ@RkR@R;RiR@Rz/@Rv:Rt@RrF@Ro@Ro@RnQRe@RW@RSR@QQQ@QKQ@QQW@Q'@Qq1QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.90.0-2Bob Relyea - 3.90.0-1Bob Relyea - 3.79.0-5Bob Relyea - 3.79.0-4Bob Relyea - 3.79.0-3Bob Relyea - 3.79.0-2Bob Relyea - 3.79.0-1Bob Relyea - 3.67.0-4Bob Relyea - 3.67.0-3Bob Relyea - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-7Bob Relyea - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Bob Relyea - 3.44.0-8Bob Relyea - 3.44.0-7Bob Relyea - 3.44.0-6Bob Relyea - 3.44.0-5Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Daiki Ueno - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.43.0-9Daiki Ueno - 3.43.0-8Daiki Ueno - 3.43.0-7Daiki Ueno - 3.43.0-6Daiki Ueno - 3.43.0-5Bob Relyea - 3.43.0-4Daiki Ueno - 3.43.0-3Bob Relyea - 3.43.0-2Daiki Ueno - 3.43.0-1Bob Relyea - 3.36.0-8.1Bob Relyea - 3.36.0-8Daiki Ueno - 3.36.0-7Daiki Ueno - 3.36.0-6Daiki Ueno - 3.36.0-5Daiki Ueno - 3.36.0-4Daiki Ueno - 3.36.0-3Daiki Ueno - 3.36.0-2Daiki Ueno - 3.36.0-1Daiki Ueno - 3.34.0-4Daiki Ueno - 3.34.0-3Daiki Ueno - 3.34.0-2Daiki Ueno - 3.34.0-1Daiki Ueno - 3.34.0-0.1.beta1Daiki Ueno - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.33.0-1Daiki Ueno - 3.28.4-14Daiki Ueno - 3.28.4-13Daiki Ueno - 3.28.4-12Daiki Ueno - 3.28.4-11Daiki Ueno - 3.28.4-10Daiki Ueno - 3.28.4-9Kai Engert - 3.28.4-8Daiki Ueno - 3.28.4-7Daiki Ueno - 3.28.4-6Daiki Ueno - 3.28.4-5Daiki Ueno - 3.28.4-4Daiki Ueno - 3.28.4-3Daiki Ueno - 3.28.4-2Daiki Ueno - 3.28.3-5Daiki Ueno - 3.28.3-4Daiki Ueno - 3.28.3-3Daiki Ueno - 3.28.3-2Daiki Ueno - 3.28.2-3Daiki Ueno - 3.28.2-2Daiki Ueno - 3.28.2-1.1Daiki Ueno - 3.28.2-1.0Daiki Ueno - 3.21.3-1Kai Engert - 3.21.0-17Kai Engert - 3.21.0-16Kai Engert - 3.21.0-15Kai Engert - 3.21.0-14Elio Maldonado - 3.21.0-13Elio Maldonado - 3.21.0-12Elio Maldonado - 3.21.0-11Elio Maldonado - 3.21.0-10Kai Engert - 3.21.0-9Kai Engert - 3.21.0-8Elio Maldonado - 3.21.0-7Kai Engert - 3.21.0-6Kai Engert - 3.21.0-5Elio Maldonado - 3.21.0-2Elio Maldonado - 3.21.0-1Elio Maldonado - 3.19.1-19Kai Engert - 3.19.1-18Elio Maldonado - 3.19.1-17Elio Maldonado - 3.19.1-16Elio Maldonado - 3.19.1-15Elio Maldonado - 3.19.1-14Elio Maldonado - 3.19.1-13Elio Maldonado - 3.19.1-12Elio Maldonado - 3.19.1-11Elio Maldonado - 3.19.1-10Elio Maldonado - 3.19.1-9Elio Maldonado - 3.19.1-8Elio Maldonado - 3.19.1-7Elio Maldonado - 3.19.1-6Kai Engert - 3.19.1-5Elio Maldonado - 3.19.1-4Elio Maldonado - 3.19.1-3Elio Maldonado - 3.19.1-2Elio Maldonado - 3.19.1-1Kai Engert - 3.18.0-6Kai Engert - 3.18.0-5Elio Maldonado - 3.18.0-4Elio Maldonado - 3.18.0-3Elio Maldonado - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.16.2.3-5Elio Maldonado - 3.16.2.3-4Elio Maldonado - 3.16.2.3-3Elio Maldonado - 3.16.2.3-2Elio Maldonado - 3.16.2-10Elio Maldonado - 3.16.2-9Elio Maldonado - 3.16.2-4Elio Maldonado 3.16.2-3Elio Maldonado - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.15.4-6Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Daniel Mach - 3.15.4-2Elio Maldonado - 3.15.3-9Elio Maldonado - 3.15.3-8Elio Maldonado - 3.15.3-7Elio Maldonado - 3.15.3-6Elio Maldonado - 3.15.3-5Elio Maldonado - 3.15.3-4Daniel Mach - 3.15.3-3Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-10Elio Maldonado - 3.15.2-9Elio Maldonado - 3.15.2-8Elio Maldonado - 3.15.2-7Elio Maldonado - 3.15.2-6Elio Maldonado - 3.15.2-5Elio Maldonado - 3.15.2-4Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15-6Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.14.3-13.0Kai Engert - 3.14.3-12.0Kai Engert - 3.14.3-11Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- fix EMS bug - disbale ECH - fix gtests in spec file - restore missing test case- Rebase to NSS 3.90- fix CVE-2023-0767- fix regression for pkcs12.- fix crash in curl. better fix for the regression below- fix regressions found in test suite- Rebase to NSS 3.79 - Set FIPS Module ID- fix CVE-2021-43527- revert sql default language in man pages - fix SEC_PKCS12EnableCipher so python-nss tests will still work.- fix sdb timeout issue - fix incorrect ssl alerts in Signature scheme processing- Rebase to NSS 3.67- restore pkcs12 defaults- Rebase to NSS 3.66- Fix HSM load failure because of CKO_Profile - Allow builds with strict-proto- Update to CVE 2020-256423 TLS flood DOS attack patch.- Fix CVE 2020-256423 TLS flood DOS Attack.- Fix deadlock issue - Fix 3 FTBS issues, 2 expired certs, one semantic change in nss-softokn.- Disable dh timing test because it's unreliable on s390 (from Bob Relyea) - Explicitly enable upgradedb/sharedb test cycles- Disable TLS 1.3 by default- Rebase to NSS 3.53.1- Increase timeout on ssl_gtest so that slow platforms can complete when running on a busy system.- back out out-of-bounds patch (patch for nss-softokn). - Fix segfault on empty or malformed ecdh keys (#1777712)- Fix out-of-bounds write in NSC_EncryptUpdate (#1775911,#1775910)- Fix pkix name constraints processing to only process the common name if the certusage you are checking is IPSEC or SSL Server.- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set- Skip sysinit gtests properly - Fix shell syntax error in tests/ssl/ssl.sh - Regenerate manual pages- Rebase to NSS 3.44 - Restore fix-min-library-version-in-SSLVersionRange.patch to keep SSL3 supported in the code level while it is disabled by policy - Skip TLS 1.3 tests under FIPS mode- Ignore system policy when running %check- Fix policy string- Don't override date in man-pages - Revert the change to use XDG basedirs (mozilla#818686) - Enable SSL2 compatible ClientHello by default - Disable SSL3 and RC4 by default- Make "-V ssl3:" option work with tools- Fix regression in MD5 disablement- add certutil documentation- Restore complete removal of SSLv2 - Disable SSLv3 - Move signtool to unsupported directory- Expand IPSEC usage to include ssl and email certs. Remove special processing of the usage based on the critical flag- Rebase to NSS 3.43- move key on unwrap failure and retry.- Update the cert verify code to allow a new ipsec usage and follow RFC 4945- Backport upstream fix for CVE-2018-12384 - Remove nss-lockcert-api-change.patch, which turned out to be a mistake (the symbol was not exported from libnss)- Exercise SSL tests which only run under non-FIPS setting- Restore CERT_LockCertTrust and CERT_UnlockCertTrust back in cert.h- Work around modutil -changepw error if the old and new passwords are both empty in FIPS mode- Decrease the iteration count of PKCS#12 for compatibility with Windows - Fix deadlock when a token is re-inserted while a client process is running- Set NSS_FORCE_FIPS=1 in %build - Revert the changes to tests assuming the default DB type- Rebase to NSS 3.36- Re-enable nss-is-token-present-race.patch- Temporarily disable nss-is-token-present-race.patch- Backport necessary changes from 3.35- Rebase to NSS 3.34- Rebase to NSS 3.34.BETA1- Disable TLS 1.3- Enable TLS 1.3- Rebase to NSS 3.33 - Disable TLS 1.3, temporarily disable failing gtests (Skip13Variants) - Temporarily disable race.patch and nss-3.16-token-init-race.patch, which causes a deadlock in newly added test cases - Remove upstreamed patches: moz-1320932.patch, nss-tstclnt-optspec.patch, nss-1334976-1336487-1345083-ca-2.14.patch, nss-alert-handler.patch, nss-tools-sha256-default.patch, nss-is-token-present-race.patch, nss-pk12util.patch, nss-ssl3gthr.patch, and nss-transcript.patch- Add backward compatibility to pk12util regarding faulty PBES2 AES encryption- Update iquote.patch to prefer nss.h from the source- Add backward compatibility to pk12util regarding password encoding- Backport patch to simplify transcript calculation for CertificateVerify - Enable TLS 1.3 and RSA-PSS - Disable some upstream tests failing due to downstream ciphersuites changes- Work around yum crash due to new NSPR symbol being used in nss-sysinit, patch by Kai Engert- Fix typo in nss-sni-c-v-fix.patch- Include CKBI 2.14 and updated CA constraints from NSS 3.28.5- Update nss-pk12util.patch to include fix from mozbz#1353724.- Update nss-alert-handler.patch with the upstream fix from mozbz#1360207.- Fix zero-length record treatment for stream ciphers and SSLv2- Correctly set policy file location when building- Reorder ChaCha20-Poly1305 cipher suites, as suggested in: https://bugzilla.redhat.com/show_bug.cgi?id=1373158#c9- Rebase to NSS 3.28.4 - Update nss-pk12util.patch with backport of mozbz#1353325- Switch default hash algorithm used by tools from SHA-1 to SHA-256 - Avoid race condition in nssSlot_IsTokenPresent() - Enable SHA-2 and AES in pk12util - Disable RSA-PSS for now- Utilize CKA_NSS_MOZILLA_CA_POLICY attribute, patch by Kai Engert - Backport changes adding SSL alert callbacks from upstream - Add nss-check-policy-file.patch from Fedora - Install policy config in /etc/pki/nss-legacy/nss-rhel7.config- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka - Enable new algorithms supported by the new nss-softokn- Rebase to NSS 3.28.3 - Bump required version of nss-softokn- Remove %nss_cycles setting, which was also mistakenly added - Re-enable BUILD_OPT, mistakenly disabled in the previous build - Prevent ABI incompatibilty of SECKEYECPublicKey - Disable TLS_ECDHE_{RSA,ECDSA}_WITH_AES_128_CBC_SHA256 by default - Enable 4 AES_256_GCM_SHA384 ciphersuites, enabled by the downstream patch in the previous release - Fix crash with tstclnt -W - Always enable gtests for supported features - Add patch to fix bash syntax error in tests/ssl.sh - Build with support for SSLKEYLOGFILE - Disable the use of RSA-PSS with SSL/TLS- Decouple nss-pem from the nss package - Resolves: #1316546- Remove mistakenly added R: nss-pem- Rebase to NSS 3.28.2 - Remove NSS_ENABLE_ECC and NSS_ECC_MORE_THAN_SUITE_B setting, which is no-op now - Enable gtests when requested - Remove nss-646045.patch and fix-nss-test-filtering.patch, which are not necessary - Remove sslauth-no-v2.patch and nss-sslstress-txt-ssl3-lower-value-in-range.patch, as SSLv2 is already disabled in upstream - Remove ssl-server-min-key-sizes.patch, as we decided to support DH key size greater than 1023 bits - Remove local patches for SHA384 cipher suites (now supported in upstream): dhe-sha384-dss-support.patch, client_auth_for_sha384_prf_support.patch, nss-fix-client-auth-init-hashes.patch, nss-map-oid-to-hashalg.patch, nss-enable-384-cipher-tests.patch, nss-fix-signature-and-hash.patch, fix-allowed-sig-alg.patch, tests-extra.patch - Remove upstreamed patches: rh1238290.patch, fix-reuse-of-session-cache-entry.patch, flexible-certverify.patch, call-restartmodules-in-nssinit.patch- Rebase to NSS 3.21.3 - Resolves: #1383887- remove additional false duplicates from sha384 downstream patches- enable ssl_gtests (without extended master secret tests), Bug 1298692 - call SECMOD_RestartModules in nss_Init, Bug 1317691- escape all percent characters in all changelog comments- Support TLS 1.2 certificate_verify hashes other than PRF, backported fix from NSS 3.25 (upstream bug 1179338).- Fix reuse of session cache entry - Resolves: Bug 1241172 - Certificate verification fails with multiple https urls- Fix a flaw in %check for nss not building on arm - Resolves: Bug 1200856- Cleanup: Remove unnecessary %posttrans script from nss.spec - Resolves: Bug 1174201- Merge fixes from the rhel-7.2 branch - Fix a bogus %changelog entry - Resolves: Bug 1297941- Rebuild to require the latest nss-util build and nss-softokn build.- Update the minimum nss-softokn build required at runtime.- Delete duplicates from one table- Fix missing support for sha384/dsa in certificate_request- Merge fixes from the rhel-7.2 branch - Fix the SigAlgs sent in certificate_request - Ensure all ssl.sh tests are executed - Update sslauth test patch to run additional tests- Fix sha384 support and testing patches- Rebase to NSS-3.21- Prevent TLS 1.2 Transcript Collision attacks against MD5 in key exchange protocol - Fix a mockbuild reported bad %if condition when using the __isa_bits macro instead of list of 64-bit architectures - Change the test to %if 0%{__isa_bits} == 64 as required for building the srpm which is noarch - Resolves: Bug 1289884- Rebuild against updated NSPR- Change the required_softokn_build_version back to -13 - Ensure we use nss-softokn-3.16.2.3-13.el7_1- Fix check for public key size of DSA certificates - Use size of prime P not the size of dsa.publicValue- Reorder the cipher suites and enable two more by default- Update the required_softokn_build_version to -14 - Add references to bugs filed upstream for new patches - Merge ocsp stapling and sslauth sni tests patches into one- Reorder the cipher suites and enable two more by default - Fix some of the ssauth sni and ocsp stapling tests- Support TLS > 1.0 by support while still allowing to connect to SSL3 only servers - Enable ECDSA cipher suites by default, a subset of the ones requested- Support TLS > 1.0 by support while still allowing to connect to SSL3 only servers- Fix to correctly report integrity mechanism for TLS_RSA_WITH_AES_256_GCM_SHA384- Fix checks to skip ssl2/export cipher suites tests to not skip needed tests - Fix libssl ssl2/export disabling patch to handle NULL cipher cases - Enable additional cipher suites by default- Add links to filed upstream bugs to better track patches in spec file- Package listsuites as part of the unsupported tools- Bump the release tag- Incremental patches to fix SSL/TLS test suite execution, fix the earlier SHA384 patch, and inform clients to use SHA384 with certificate_verify if required by NSS.- Add support for sha384 tls cipher suites - Add support for server-side hde key exchange - Add support for DSS+SHA256 ciphersuites- Reenable a patch that had been mistakenly disabled- Build against nss-softokn-3.16.2.3-9- Rebase to nss-3.19.1 - Resolves: Bug 1228913 - Rebase to nss-3.19.1 for CVE-2015-4000 [RHEL-7.1]- Backport mozbz#1155922 to support SHA512 signatures with TLS 1.2- Update to CKBI 2.4 from NSS 3.18.1 (the only change in NSS 3.18.1)- Update and reeneable nss-646045.patch on account of the rebase - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Fix shell syntax error on nss/tests/all.sh - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Replace expired PayPal test certificate that breaks the build - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Reverse the sense of a test in patch to fix pk12util segfault - Resolves: Bug 1174527 - Segfault in pk12util when using -l option with certain .p12 files- Fix race condition - Resolves: Bug 1094468 - 389-ds-base server reported crash in stan_GetCERTCertificate - under the replication replay failure condition- Resolves: Bug 1174527 - Segfault in pk12util when using -l option with certain .p12 files- Restore patch for certutil man page - supply missing options descriptions - Resolves: Bug 1158161 - Upgrade to NSS 3.16.2.3 for Firefox 31.3- Resolves: Bug 1158161 - Upgrade to NSS 3.16.2.3 for Firefox 31.3 - Support TLS_FALLBACK_SCSV in tstclnt and ssltap- Resolves: Bug 1145434 - CVE-2014-1568 - Using a release number higher than on rhel-7.0 branch- Fix crash in stan_GetCERTCertificate - Resolves: Bug 1094468- Generic 32/64 bit platform detection (fix ppc64le build) - Resolves: Bug 1125619 - nss fails to build on arch: ppc64le (missing dependencies) - Fix contributed by Peter Robinson - Fix libssl and test patches that disable ssl2 support - Resolves: Bug 1123435 - Replace expired PayPal test certificate with current one- Rebase to nss-3.16.2 - Resolves: Bug 1103252 - Rebase RHEL 7.1 to at least NSS 3.16.1 (FF 31) - Fix test failure detection in the %check section - Move removal of unwanted source directories to the end of the %prep section - Update various patches on account of the rebase - Remove unused patches rendered obsolete by the rebase- Disallow disabling the internal module - Resolves: Bug 1056036 - nss segfaults with opencryptoki module- Pick up a fix from rhel-6 and fix an rpm conflict - Don't hold issuer cert handles in crl cache - Resolves: Bug 1034409 - deadlock in trust domain and object lock - Move nss shared db files to the main package - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Update pem sources to latest from nss-pem upstream - Pick up pem module fixes verified on RHEL and applied upstream - Remove no loger needed pem patches on acccount on this update - Add comments documenting the iquote.patch - Resolves: Bug 1054457 - CVE-2013-1740- Remove spurious man5 wildcard entry as all manpages are listed by name - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Mass rebuild 2014-01-24- Rebase to nss-3.15.4 - Resolves: Bug 1054457 - CVE-2013-1740 nss: false start PR_Recv information disclosure security issue - Remove no longer needed patches for manpages that were applied upstream - Remove no longer needed patch to disable ocsp stapling tests - Update iquote.patch on account of upstream changes - Update and rename patch to pem/rsawrapr.c on account of upstream changes - Use the pristine upstream sources for nss without repackaging - Avoid unneeded manual step which may introduce errors- Fix the spec file to apply the nss ecc list patch for bug 752980 - Resolves: Bug 752980 - Support ECDSA algorithm in the nss package via puggable ecc- Move several nss-sysinit manpages tar archives to the %files - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Fix a coverity scan compile time warning for the pem module - Resolves: Bug 1002271 - NSS pem module should not require unique base file names- Resolves: Bug 1002271 - NSS pem module should not require unique base file names- Improve pluggable ECC support for ECDSA - Resolves: Bug 752980 - [7.0 FEAT] Support ECDSA algorithm in the nss package- Mass rebuild 2013-12-27- Revoke trust in one mis-issued anssi certificate - Resolves: Bug 1040284 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) [rhel-7.0]- Update to NSS_3_15_3_RTM - Resolves: Bug 1031463 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741- Fix path to script and remove -- from some options in nss-sysinit man page - Resolves: rhbz#982723 - man page of nss-sysinit worong path and other flaws- Fix certutil man page options names to be consistent with help - Resolves: rhbz#948495 - man page scan results for nss - Remove incorrect count argument in status description in nss-sysinit man page - Resolves: rhbz#982723 - man page of nss-sysinit incorrect option descriptions- Fix patch for disabling ssl2 in ssl to correctly set error code - Fix syntax error reported in the build.log even tough it succeeds - Add patch top ignore setpolicy result - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites - Resolves: rhbz#1026677 - Attempt to run ipa-client-install fails- Fix bash syntax error in patch for disabling ssl2 tests - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Fix errors in ssl disabling patches for both library and tests - Add s390x to the multilib_arches definition used for alt_ckbi - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Fix errors in nss-sysinit manpage options descriptions - Resolves: rhbz#982723- Enable fips when system is in fips mode - Resolves: rhbz#852023 - FIPS mode detection does not work- Remove unused and obsoleted patches - Related: rhbz#1012656- Add description of the certutil's --email option to it's manpage - Resolves: rhbz#Bug 948495 - Man page scan results for nss- Rebase to nss-3.15.2 - Resolves: rhbz#1012656 - pick up NSS 3.15.2 to fix CVE-2013-1739 and disable MD5 in OCSP/CRL- Install symlink to nss-sysinit.sh without the .sh suffix - Resolves: rhbz#982723 - nss-sysinit man page has wrong path for the script- Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Add upstream bug URL for a patch subitted upstream and remove obsolete script- Update to NSS_3_15_1_RTM - Apply various fixes to the man pages and add new ones - Enable the iquote.patch to access newly introduced types - Add man page for pkcs11.txt configuration file and cert and key databases - Add missing option descriptions for {cert|cms|crl}util - Resolves: rhbz#948495 - Man page scan results for nss - Resolves: rhbz#982723 - Fix path to script in man page for nss-sysinit- Use the unstripped source tar ball- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Reactivate nss-ssl-cbc-random-iv-off-by-default.patch- Add upstream patch to fix rhbz#872761- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build 3.90.0-2.el7_93.90.0-2.el7_93.90.0-2.el7_9nssbase.hnssbaset.hnssckepv.hnssckft.hnssckfw.hnssckfwc.hnssckfwt.hnssckg.hnssckmdt.hnssckt.hnssck.apilibnssb.alibnssckfw.a/usr/include/nss3//usr/include/nss3/templates//usr/lib64/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=genericcpioxz2x86_64-redhat-linux-gnuC source, ASCII textcurrent ar archive?7zXZ !#,=] b2u Q{LV+?[c]%LtŝrIT}K̍ݵ`Jf;ǾzSqw YMQ^_#YKj%S5+uKL& 7\kFJFv|\)d@9;rZvU0U0bBo],}a(4`DjVuëBKާ^4}OIH|L9CASWMŻ?"j{Z 1B흘E蛤kjlSJEQ1wCz%Z[wΈ`K2%6u;O_jr27Vdvрt,=R[wĨ\9(xY.k)3ʟDUB%؍ڙU辷}M yֻtX-)9+}xi[HѤ^iLUOsn<y^KGwV}nQnVmn!Wg#!9Y%B;h֪2Crss {ʑ@x &H%["oh92D*OOƦvN<Ώװ+e$6T$Y[^5aYB@@_@>*yz̛Net(Ny4yAEɚsҊWi"7 g} SW!,m>iH 4D3"4ZVq :R5aCRϥt8}\g3f 嗘kߜ rT!Z'PD/a2Eߣ[Z"jBoe(t?3p6@Kfy^{= ٵ)N*u:J>Vo[;}z~?.c-, MMNwvttC, u>J8rrzծ:w<^ rhrN!-;E;;y#)V*7 }\iŭ7O.V**4ټ^z%rͅ˝?1NI0\u$eXt||.++:#nrTszZޏu9YySrm/‘:q`D(tիJj :L!zt>XCz~χRa"xJ*VFJĥ|0oF6hD&g'i;<0.ck¦j*LZ.tJA-DvV:rf=PeOkhT49܃.r '[t/+Ozut(#sۛ/r2. \A\'!|R^?5՝嗤h:Nnr ~a5Hqʆ{?dˎ!H4)V3hY_'(m@27.?gW ˃@^e'[ EؑD*SZ[+UЇ8N4knlTR}iV}2rLA,\ʾΎF6d#i^~V봝r[4:1%p 6 ~ii j}!ųݐsE-=GmۭVgF-T7TUk) 'nƦfŴ]Ui`LV ]psB%ȯLlX!zXA,ܠK6:+&%!VN sR*qz5Q-~ lc#t!^ķ(I߼ӗ6k\/ FPѬYV,LAQ\=3AW}˓n@闶YA9 QJdekHI-~@9C7+$dkE?xie&ܤ7XLzm 'WI@*f~? Xt dÄcKnjJc ׆Knf`?t7AP١߿LqPmiȦlBIl_b(8)'NEiknNC&}gQ" 6tA,NBFY"pшWݰ #EI: aLQ-m ȩ{J`ԉ0:U'\*wp:[:|ju;CuWmbߖ}G9LH4Ɇ׭v,B%3SXGQi.ZIj[-k*53%w3+rN%+] I0R+>wyZ߷kF,7~˘2~kpOVor"4ʜ ;7OqgYe*Y}l]^IėĖ&F\i`\"F=dw: KWg=d@L/XmtuAjUuu7׽a}j[CȬQf2hã6zU1 |!xQj^l~"WcQ8b4Y<p )oRƎ}_\j~w*?4^-|wjZނ޻9CQHL Udb4.cS-8tjJ0X />]Bvض܀}sXBQee/3eW\Dܺl3C5"L!B̒/1U/S(kojiF= k1'#~kPJ :\%I+M^_fc~:Țlm)nq >y6'l@@퀽νLlo/Sxr9\N|>"5bEg-yXS.\p8!0Z-մj;|Ug,B <>iYr܎ܚ\e_B@UkB*EB)yݻvWDT\,$v3zbs ²?[侞ōW|@1l'~=̽d 7 ~'6##JeCϵ,a#8 F&[tŔ M_oc5cQܐfj zIaoɃ2~WVZSd9+Y3'<)2ʇ)z=\صLzksWAgY{PղeJS7̎'oF+fS#ΏI(Y*:![3S h@liݯHSoTb_nwydKm%Z40K/\݄D'9%am2m;dD0Ֆ =kll)\c$` U?9G㄂U.>{DD│X7S|Z^kS4>ͣ"vީxTV™X~)m͈-AVn[d߅D| mm9g ˓Om:gqtU70S1ǖ, ʵ0#x^Ɗs:onjXMH;0͕5tcc=|[Pt?/T+.*Mez L%fH*.@]7NC]no.R^ |D!"Wv>h3!*NLGsN@` | /o8\X8PADz {dU+vl5^OT׵-<뙝Dlir|MNeony_ 1(v1TlH1Xu?7Ūd)8T f}\$Z*{;ly\̤(qtTf֘ljEUN?zd$bJZC:f"s5 )&ҫWuEfhmX u mof@6æT)ጜ*!V3&C5N QO؀S,+?pZ363a<&u0*CluCT°2Vd݀MS5;1ձ9RBuݧDxΛOC j:,?t1˪C/c(E>r-1AmBhAϷQ[Pp\Ca +GY B¼פ7iXysbsE"(!#&㻜@O ܯz ݾ Y ڌP={VyaJߋM'% ΞOHl&4)AB%beeMmZfn#[ZijVՉL$];F̿YҪ9ٿU7ѐu]Ls0HGT5+˺[+g@~X8dI܎ s{~B=nioBEQXOcaq~Sw`Fv&@5Sr!0g>= l+\፤&*ΌG:q0}H9G?qdkF~xƊHmjZ]';0"?:Wjy"\s/<έ|N骀D(6VDúcQO\/T0%^xKBE54 gp)J(A5ee6 /:;Q58z U`cjZ?6$w`G`E|Clu#"KA{8W{IUJfn٘1zE# M 㛯$p✼^(z}6+0SC $Mvb$|Y'JF@v$gů-5_[ ;D0^/֭~ Gw7)-"|, KB~PbjR5UpOŹ`wd67 X6uĖAA ʙiiRj,,nο)X&K+]J#saHC:$@N+7sR@iGcMq.*l(}(oĨA{`Ԃ&ى{L79 if|T\!10vSKWPNPafdg~)iA\uYC3l2$Lq#:b&9nш=U-ԑl ĂF)~Ĭ0D0W 䮦 OK slO,HjpcNpVshvr2-D'Ie}#uY&5#}%V[bѦ)އGUc]'HVy֡fbq0$yAn1؍zǼW&o#c_JÂ<؅+ aQ}gT# $6DD'hKF \rögcOAT+:H-c{ז0_*ROKB8W壺+_vK3aȅ`ژn3;*ب[TUSepäLxOXPDüBb/'؈\3nVd]=q57v .!A0-{3/s{$}̪%h:-WB|8&D<|$'{c93QNoպθB|_(=n {tc|]YľfoU0b}QU~b~.Uu@tզ×t[XؖHNW+rHWfͰǟ7(:K;|aRA ~jU#=63ILrޟmޚ&BѵmJb#+[yeFH-me G eAp*~>قp8YZ8rdAp6b)QJ!hb{)U\f|H|U1t'U; ,4*K FW{ճou(52Ef'2Na#옩mhe9b6tX9@Hlo(p8M` G#4}N Hu2hlO onn`0ZI}GL]rU#qOҺxP۳ D(P͏l䘧cO/W瑀1bvA0Gl/ ڑ@~ .<|RA=~HSi |ىDNg<6X5N tZ5?\X0$!(Se="K;M+AP.U:-.g 1W.wwa V: c=Qqۿ*zTwYeK)ږ0TpbxÁT,.<cn##bxҴyitT1wG4a,å!%% 4BYNt)hw#_F5;܏\a,虤OnSܜDK C Vw.7W!E4}2i](nL{PhneH_Enhg2ߢ4px-+g:X<@ḺiBp~yl/dw'9Y q @ōi95c $;+q9Q$rKAhj90S2ɰ?aFis g^M7}slײCYј,(+9}C氟0_bZ 9BP #WŃ"3;ڈ׉qiіunfXRl+k4]b ڠ0pG K;R%T/};QXv. CeWnUK/FlԗDŽ:gfBb1ϫ8"|A%"Uᗅ qDrG8)<VîAʓ$[/eM1OBMYM9ԭa(H.&dׄhsm m2]i8 t%Ia||}Pڸ81 3DK! Z0 Bܷzt;[)s=3Gղh BpG&xr y̆E+D\5F(,"T<$m)}rȱX!<1Ñ`:S2gT1!0ŨK1OI̅O@֣ Lc[g~C(~j'>$K6(^-(!*r!͇HTKCah_KF="p%]I{E"UeRRgedFY',Vj<34u/뢯KRl(7eG-42#?Bώ*QOpn4<fmUQr@ {tM$:rp7Bʆƨ |l" 8`րswkVa9md+8rke,޳ .6v,G8%z}7?y`Ad& f@{dӳr/*Xv0B6^B)k'ҥ<6']aY)'Mz_ wI&;;,߆uDnɭ֗wK{Ys #$M~o߄"*ۢQy5@xVI1IC">x_\5s9MIg #P&uG ?ȵ'_|ZruAQNqZdWG9f zu-u<)yCOvS f~n5 J;W~i՚p@NyQ[Aļ;vc$I=XujR{ǫC(|⅚ZäT3l +ҫ..&>'E09Xv6~I[ WV`OkՄz,77p-E PTq6Ҁ1zgѶ1I- 92 92Hp!_:ǀAWg'Ш`HPr8"o_{T3r$AI2uu zOz#a|[F:;GqW<=$!,!o[jFz[-P]3}A ^ٓTR=MFʀ|Mh}BAņNMV%˿G A`@v!'rS!i&' a94&gBPyACe"fdp&柢uiń}u޴@˱)FFmTaDb>`UXRt[ȲV3`$IW _Ux” RI=`b.TK HYIc3Y'M+@"7xӏk3ϙ˨;7vvkŝ=P6Gw+}+H,]/m6%<`.In/J=z,:!Og{2oiQN׮#ʎw<%~u_Z(k*%mT APwuj5pbyu"FBN4nTr5X=M\uN ,#"xq ւ}7S6vu5[czI<}n98Ds[3y'#cNo;+gᢄ0m(bLF)bQMѯ Ra80g^3N9+ j:)YmoIr))OUWa}E>,Cr鱿NhѓYNED6"0+ Z3~En{gyZbOF%׉dtfe%@~E+Pr~)B_] * V%ʟQ=Guj! r@q_Z'H͠LX Q"߿E ¾mXhj .*hO ׫&lPgȜkdGE KH`Cy z%GT7YO4TS_hvI14~_S=*ܱxeu=uK!DQ}wȳu^&3A4Rkg0X6i͸/8QiW*b٢ 靿UY :iz2gEzh" A61+̂˞gB7KsCA0yAsSs}?v,_NI73?N}g:~xEc=Znwb]„(#c' cv7 2*j ㄄$SZ T4y2ژ|_K{`Yz {?-ZE,m?I}n7q_w3i) ="\ )l* ^S0s^HOOIjy)pϲ- iY`Hّ-bz9 =H&֞g9dq4Ԍ>kU%؎YgX#VH)_7pzZxr]ppø+ˎs+>m!iYBI0pIN5Boo,8`p(Q.FOSm#Yq32G9Oޢm4EGXy$u[ ?͇^6n 6r**->O@oR/,Kk\Y0`#j8W0_O1+/9D*@P:ISQ(s$ޯC')Pܲ0Bl"Z4j7R.,K߻y 9!D>U&luRn:|\ ~fZߙP E9'Os&VKD03k I\<&TI`>%$ErTI$1Ҏ N] agDlcx\RW5M)i "]v#*KֻK&7P[g>VK=SÇ3[mjhj;dhPjR9<ۦl .b=;fo%G|0K_T?9x Vb@rn Ę Ģ털\YBt8 9@Emrdt8!:{uوc8.Hә嬂7U!]eC]ȷ1]OTfb2K,pzDgx=/yo uFپGǷm 4Ώpn(+?흭["t] -fwP[ 4SZ5׽QK@11+=^|_:-➦>Z=*kTྉTJiz֧ qc}0k/}/ĩAbhJ&phPΉy{tX]g#tڂ<_lT!#q:z$+qsĒ[ 7fQN)ڟ%^΋wÛ7# `=$$ihC 3H͂g1[yV:L)"gίVБH{a K?a]H#Fl/~6qbC ˳ y΃e$*>fe,=l13>MdBB)$y <qKv`%2y{Fyp9CW8ӫ ē5,tZԐBϷBK3G1J91ۇ18իY 3Zphpÿ҇)~*T͜6[w[ƀϛ ގۇ7CwԪ''K^8N~jG6T"nǘ?syсz"wD`iTt.7% aV7Xu(* liЇ&]ʒ M4< C؉T9 cMeu Xۘ/KrC)$|^L!Br9rdn 7Gl,<N"g9_+SZnRx> RIjHC"Ӊn1;<|Uѕjv4H>퉘Åd@l)뗖U3-lv+4֯˚&b}{m@z²s6!DW~0O1Cq@T#}AH}Zea~s*ZJޟE6`?!dwWc5~a7]-v1CKz2"^`+a'joUQ]|z_'Eb'#ƕ97{!z8Ԥ?4ط=W!vVd~~$B#pxPLl<@[Xa*1`1N"$$>LRW,36ͻ"O$nJ5kXR7'փ@ %2A5T;;k^V͉tB||B'x zjv7FLܚ q!.靽؍D gڛ$\G5%\ ik1}+E w\h5ߎo݇} +PgٌEk,Fr-Ѷ}֠X֝ yxyni\_^bS 8յ# >RS<(0QEx޼. M*pC,b[Z\..&IӪd+hy=J N[G\dPuʉkw)E$(:3'N9*ʹ~] _S J϶kCDPˎe˄aj5^'y\>w<Xm)~/TIwCtM[Dhh;F'n8z./ >I]IƇw?-G_k2S2Z7^r'#]ZrH΋Xr -?T)">V3uF,0Wv4eDZN<ķ]J:EP " ߶XŻФﲊMo Rցs)3RW&n[hu/&'YeU3ae,?}M4x[- .;=#wM ;(I[jr0X ͸E":o(s^P`f&9m F$ſDh3-Yzr ԠILoX{|)@,Ew$82rfԿ8윳zSQ&&3DvCB"YIh>.i_WȢ0W+~^fо1:n>ƖD,ʳAy;Z{޷yRT%ɯ`Wp,R1NVK?pc>mZG[zVro]co9\˝$o=u j=97{UT\G &ϘQEe'L*@?6Xv$]иZb?QJ`r\CWW;+UX y>j0V[FFL'ҍԇ)]8AOEe_uGζ_U>#H$f'D¯N#Ͱ۾|VyԤOxC0T z(,O۸gDbH6 Z3epH0GӺ*KT-G7FjP,<}X[eWm=HA Gpؔ퐅9|TCܤ`r%+฻F>D, /h4RN%wN:wτvcn岢7EXMOA5"pj%}DҤj~%]S\T%\K #too(ɳM[Uŕnq_(篨lsVCtD:O]ae RVV-PC:# N7j9j'$W1>3O%pY#h) ]C)(C35̵ R~fИ_7.2D oi$ul2u]ϩj( {)zI|C_IϓUnO|C=c?1 >ѡd$0>I: "o&_߯X.&k\Dzx@ vYx!%/$ ? u\"^uɵem i\a7JKO2\+sMHx1|v՗=lD +_hLlPce+ZzG Z#뻔#Q*c. ;R%W dGX`P^'Ji_ۭ!1s?7+3Agʨ)uJX突P ¦els-롼sgPH=vRòag78 Ĩ5"˚[}Tʠ W^cjYNqRa]lf~%_z.14J 5t/uz[3{L!NݩU(#.oWVPh~ ,G' JyA]I2|AT6+QƱy`tڋ_Bp:ܵTvR&p~vIC1\n@YA3d;+*G@OY7mn5D4TC339Z/~ &>>[d2pK6|o2Wn>A7.bArI륦*#mx<+耳,ܖZ tn$ѳ7٦EgP|LBv:R6c D{׿n68% 1tapѮM1n!7 Z_s|j"?^Nk31Ϩ1$^(UkJM5;^Fpdń[9tXŪCIt-ˬ,|؍sK%,uYփ('bULLTYw(=~t{v\,PbwU\i(⑂\%eOZhݡ"]1ݤjo.bb ݉C=~0SC߈h˅4$36|WQ{/04:Q hhC͍nR^=6\@WXs_N 3 x8>z){˞m*a;?#9Y@f8T)KaSo(*.j. 5s<&hy4W[`W+ Jqfد󸄞ahx 9-~./}^[K%L6w~coJ%`(\5. w -܇EMDݏ`V lNp?4v rܑ*0Fsq>7ISP,Tw:DR'-3{0?^HZhx?̚,ZthsZQֳdž?ذ Mi D;>5k/X`;L~+{Nx(틴۸9髽*WeEK>y0ʨKY'Mߋ01!o\q8zK\;ugB _RC^ ,Wj`v\%̲8T.[B&9s^?`STG^`bcW ;3@oO%=4_R`Tng@4K꣯m2mw]4kZ !z_}t%䶠߸ (D賣 6kE_esrU=ւuD f!)QdtѫݴEg*IxɌ%4ў2luixdj3KFcT% : `y`#UUll?h}O':]V$ ,Jj]SMѓXvGlM:F[ˮm\6 9vU bnUԁF q]Y?ȥAŒSBu2t^|E!! 5.[:[e-VɄA[)5yP[ rfToϕ@ҷHS'4~ n5Gy?}p0<x[:>e`ʇ'=ne3Hz)Wm9h/dgc20O^I'|U: OXN]6NmٍNp@W ow /qƅ.(ZB* I`{qO{E{9G4_3&֟_ǺǬ,嵩a(ZZh0($)Y/&3T%Ԏb>lrta;oUXߑ5ܴe/ʋB`ogkm0"θ+TyPռSH7C#YU~]v=y`+l\+q _j(ل`;C^lhNΏ`D-2}$VBuġP}SWD%̹7:|\T/Qڈ-^JݢW#H k]n Amۇ1;twݍ4\_FF.e N%^tڧ&e3+.U@O]@k9O צY%7Ǡ|hm!:E=]Eiȍd b>Vuo~YQEXhpX*?U!4K;&m.vpR0/}UP\Uٔlu#0/# cwsCBmq- La1Cl%8C)HjKxɌ`̴xepeq7]ݜ{^Fs̠7)G?W1+ Y.鮲S#ѯ=s^FU(DۭZF>WF̏s/": }1 hQvFnm,ʳ3r_y( ()k5P_I}CED^1NBk#I}{1YTME7m18$14(:dd/g#?.;cıMijjvPLvY#yƄ9l#”i92+W$My/K ȩw꧗F[VmyTY:< R17M7[ξƀ蹡 T3PJdh ^^#㉔&聼$ S U"ȑ_e"&% W`N)w[Ts$6L2j\a`憜 ϹDtרoP h*P $&^g}:ߥؽ $DTio|F)unQkF Mn=giޓߎy*OO{K`f 2ֽt@hyҍj*>ttK%`ss`~FEϽ։}'8FlZSد=W.^Pol0K$PF*b[.K<8U3E7C-^'Y+X*E/ 462M@[y 5cxb|XlZN$B% g!#Ú2OBE@0E˜5ayiDK3*vrh{dN2<쭃V8diw$DByY2Yf$/t;<pdȐt4 .4#Sv^qB,o wچY4n5_g' ,VVIasRdx'vq5qdUME1x v;}GW)['y`fuyꟌ M8C*qKoLRfCpnXTYJ\Q۸F} uD+2*z5*7n*a[QʳhfKj#'tv^ + ϳ< S[4 3))" >f/?ҩMu7CqBHJ I^Gt>T;ue;㜢槁Rn~ fDHaDIm mBe,פʯGTG~|I^t)*p )Hp &6^Q  XV) ˬv‘quY0u/ޙ|y vK{+"t1F/dd_9N~|^Ġ!5oYc3YS'z.!_Q ߦ7٥Ʊ83rȍ*9pݢÇr:#\ JF(W揞 $,mϷ[mƧr9pWz! biD0V/捺z3uG&Z=sZ'Yg͟ yXTaSbTjٵoK?ntZᖪ>}Z zmWvWbV?˜`o󅣺TiђuY/͈ҶGJS0%x TSk3\ TPJ]YmL9K"MrSw) M#g.ƷЊԡ[h40U?tt]8/p(y6#| &:l=P9=ٷro!8N)h T n/d2ʻhҖ7Y: Pr4Ve*bm~o;޺=3uU==& -4n8ިX@sR\z\NL~mOU?W1) |MX1;Ƒ ’DM6ΜQ.a9Pf PߘT 3 yA̴w:LA“sYw5nPYz0v&PX OK*2ZK3n޾El5&8wqH"[\e O,|K5P .Vr ;VB ïX 1JGχ4w3`W w: fFrx|h$pN9mN2fBPO[ .Ĺ)'Os{2%Э>g]P?HŚ#iJ/jӴJgL|hE-ͪleC:*Aal6Cܞ,+[6! `zI@6*z9 4ųcvc=%#)8 `B6u'\涎kҸ,)g+1V4/}Ki% R~nH?hF"ƚqEQ{ ]u57J?tP6 د =o|:kMө PYUq9?NМ>jMˁ4{]92}#^'UdgHiTd'fϹzC'إ4>k"ݵ+-c$'ۻX5ƭ)]ƿa;5v򿿲TY03UUP"(MWVJqXο}R궉8IXحE>;gzfzFN䇮ya{Bݕ &R>_XrYNGdQ~U5M)ǹKP^mX)MD#bu3n${4[>MĭcL$Qe&ix <(LKIn lM$i3vY1b{Y-< yUwJ{$!9ۤn D*OH0!z*%hw"u^%l‚aV3yrToTﳯ( :Т1r%}+"gı.bq9Oβt ->23 JC]0eV)HBb"_ǗE}$77 a&v2BHN@H@ŸMJ</Ɲ$9ڼY7 qzpF$r6`eH׾Iyʦ–aM01s}d[JAx98*{eœ+0‹6 \S+rxNyaZ} %&R*ΔiWgVFX32'؄o_Lx%4'Pf/S lFԎ &*G WZjoHdCt;+Bpg[G,9_ak&Rζ5BҒvDhkw0`Նr'zYUQ2Tem H!>l"6 #wKHÙƈW~iYO[>&zy) =VFdȯдwxtc[~:;V>u59dӚ5)jWjgBRY°'2Gݭ! d(1x>fVQz+Y+!g\lphM vR3NM6[P3Y4#;-.ɨ$BӯgZdRo^WV(aTV׬t8In"Qvy`qvIbo~~"}=~Y8βODe߯3u\V0(b{5oGe/qbAw}M %"܍[|<qV0l6N}= X XSZP/Hne63+y]|fV,lOo,Ձ*:kC-rqҶ1y@"QcZe@!aE;#draeqg!x:;%#vr`SLx]&J;Ӯ|fHҔ^:-I3ŠLs]-!M/#N3'j S%H,Y ԮfG Sd[K&TJ:ˑg'Qa=!j͒`}Z:*l TD&1MsH4IM vA差W5 F9tJv ЦX-\Z, ꮞy^č?`JoWJ_&sHem{l>H4' 9\S8T;V&z"O{E 5*@L30`-yUiT = o#jSv2ѤP$ڽs/:f+~-;z8_H) 1b> iVw9y8ώ7zua@=45S:܊h E2 `>KMo4ݱ{DDȬij?eB_wwg$H[)*!#k-/ٸtYj-ҸPC Y#:kߔ\V6寕=eb3X4vX6a,9Vr~1˜ UF88rBz2j8M. o⳪:YcSYa_iVԖB5]s7őfZ)%ZBY8YMfS+X%sÓT9JG~~6xs`O&=B2=!_\/6̾_A۷f \oImJ=y~thU=ƆvյWqm6Z_PK!)[|`pb?zh ްY!-ߗELazk}k\?jzV9׫[K}`woږԦk (QSoZKu DWA_sdg2 Hb᪮ v z{ 'K#ni fn0F5p? w%\LV5ٽ&t_4$ i{K^rt^T@v DuJb MEq𨣄NZ2%s'G) 1n1V)(@4Nze|HzWy 1qGL,kIQm"%DM7t/|-Ƣ#][Ȼ|}[qbʀ0+}/STaxZBCX(%rƘplfEFN#wңӦ (:M}̱?E tP X T!ؓw]/.; @dv X;GQAggCg[9-zeQ$ VZ>!yؤH!5M$XM+y^~"Ҷ&|g~60K%M1C^ _DSY$( X*C',,) >[E:^" & !|ٞ7qUG/:C nJ9D4SEXQl_r-4nDgZ#a1<08A8άn:.nܮ9Xz֓P5(NU4S+'{nJ_;G[VRYWM_' R0M7H!c/Pݙ!MP=~q "Ѳ3[b告&<{21*ܮ<2Oк*GϣT:n M؍yht}AaȻ2RZuwm\X@ _)Q,bJ.AR9 )w7L&1-%=fOz%}lDҹIpY KLǞ %8Gw~3\<$( c.'NLHR{2μS(.թr@BVo}S"ID! kma;.(d<tFXo)JfX mS~ ;Ll]uuy ʐ.!eo=ϧ'{|ՉsytY0~_tl|m֬ [;"nIiu%|]Tp3&~@;)f U``&v@7u;/'mxLàٴK#M <1"M2:ۆtb {u ռ R۬đua@)̭ ?+RAo^zO?}]q(2:Sjlnֹ\w糧v%@T|3_TK^xIb_=7J eQI=!_{=@j)S>Dq߀BixǪkKa %CSd&,IM.\_Egb`KM*/oqIЗ͕Z.*w]&7|^V 뺬Ku$އ2.6*G}dR^_~|D9қ} tW2NmitYPb,L`%_/DwYP0&^+Mi v-F7R_3w\X935^4)d-WMߍAڃCdოf"vw0xyIQ@#-녹`WtwO9h(iT'{I-4KegV ZWEXAא+7Tɗ/-5ghEJ䱙>n{Zg7/dtD[SuVΖ,La:ԛBv0߸z~ ci@^Zȍ>u > V$K3)Ju]Ƨ?.ܶe, yA0Q 4m{#MGWxf]:FY=Ҋ\*bWj+E>_hҐu~'K/C[+b Y0ͯ@k!KNj9G:7hE8l yb+ZlUК"g"S'Nʼnh܃nz^On>yɡT[ 6Kd7cvk^Lr o4((AL2:}L"˲<_߬(+t!yGKTK`b ]Z{(SL,^-p Lҩwcpaqʯpg9:m^wDP枀Y5@ӿJG$˴ ­!&Mc pxͷ> <тwƇ3))7hWQ$<8P\"WYEѤK'Z4cXc./p(;lB-sqjĀSQ ١$[W>'n7~ 'N 6_\Ô} "xsm1P~"TVmu^CiNpGj;%U`ҠybUL3lkȶNP:2Nr} "]rOT^JkBK¼5jb@' =qnp\LTnf> wzdEY#Ӓw^Mlӓ!_71PutF{ww$g}|_bӞ#E[u%T1@E_YX#`c!_#5ᒈO<48RobV<+ևϖlodCIxH^>v#gр_7K 7Gk#=>ؐKJDJGI dD^_vI^BUe7""{ 'rbfݨ"nn~l#7:Ђ?yrѫ8ØOᅡ|fj٥P g=1nJ@3v?ZFdž!I+qflnAv( ТEy8~&&JrWpV Ԅgi%EMhRfY۸WC zTTr.9{_o`5msd;.41@($c󛬋q{ nXUx)fBTDXk:櫎R) 4IquiAHjczzx_mՄ_}#gzĽE6]F##ݎ{e-u;BqTWAvf{/8B_򋄉 Xh0sRn<6d+ąAws[1BĐI_T8"B rMmsPTF9edQ38Q/o2.XSNPb"ϡv`/nQ 0@`dQ!Gd_H~<ˣ͈%fb$~KE)Efb'ga?,н }@tLa'tLg518e,cفt#Vj qfEJ 12aIj jj)t+Je0Pj #*[U%K[JUB,|~T]FXIgLA)jP}1Ԅ ֌>$mr,,p6nvU#&7@r F j9BI 6o@*y! z kHo&j%&Z}m!fUw.xmΰn P!=X[JJ0:ϡ!S(nc{QcbDqL'x5d+BY& ./҄ߥS?K}W&ݺ6nUKOqJ͇k' /Wt5:Ł\"ֻϦ8877ҥ W[2e߇O2P$Cgq-(vme1 J 1; !? :;%3ڄ*KC;ŗ)oK2My ˰`8Hʩz$hM5_e#ip]V2uFmbl5D6ӝbqwr7CqDy:747*UYw] xZ{iq޶|s܆5,n~XE0bv!prÖoD;7* eoE[um6I9 C meݪC ` j<}jiѓJ `N٨ ] U8m>eIXW}LC ptUkZxYs|js{PC>BŲAC|n;gB\.eLwQhAF{Ċ̠,jHΎ]Sc[h+,Bhp~13CGˀXxiɾd:, >ݪMG>B؝ !zBуzhj">%iK"8"c9p(7,-̈!  R3*N<4Rəz4٣*`@ؕd$)E^8?qe4=!qirPD?Ds_UvECPΞ VǢ:+%{oxj39C*px)&Tד^6ʹ)tK FjY?8VuAJ7v z/yioU "!)n5yVfmC.ZGĚb?~@S bI| Q_ _W b0_Hz5)"6ֹ#oWX!5S$6O B=!3K M!߰H%ٙraZGZ/!5r2;x~/Xo  vv)IJ9^y&c-Iji  Ɠc O :ݥt5FQN*#xK,8]+@2Cmh Vo7,y=p`=iL\j "Ip k:YODY+S|ƖO!fR& vHpsAPˑ\"klp6ҷ2 I]߁kv`7.78]pms/>.ށ-#pl$M'S{ZB f\ES#`IJi=U]+=Y˩;nw760r6ukMu텖W"ptWdak|ﴪ/WIna,ߙ/s#NM4"J::ZsIfIl㺗.dSzò/g6r6Q$&@㪣И_w\ֳ ,3yw;* 'H~'yg~Vʧ DW~Ƅn Ub/ݹ88v x[+1bX > b}C[.XՈz B4c!)玽rR7 ףW Id^.V7M>&Qܔ>;>z^oS㏾D}#i90 F>r r7 s|Õs T<|p+mݤ6N_I>džDg2]fsk!3@2#s41#N ;~38;Pݻw7Ft˹Jp@]͉ڧn eo:UEVU~o0Nyahg;dlț\%Qn:l:f }-0aQ~.1ʹ6ZCRGO0w՛a? 7?eD<3;4y&$&+QQ93 J\Pr܏|Ӏs ^dB-E@@To.LЎŽpY%Ԥ 4Wlo56vf=4U-y>s27`r<(;wζG:{3£| P养Eyɱg:Y_IRo%[] lϢa ւևC wC=#}GeI2e@x ixW723_Kff%,av Fdq*V[ ЕWzP r.Ϳ9ڀj5F%7md7|f$$ڷ\F,S`8[٣C3" aA=ywNZ\ t3NN]" +?Jk *]jA+,5p$E%.)Ky^$\sc LIdNx]`?vlw^y3` Ce u>]:jidӸOR^.fOWLX@g lsپl*aſ>!ԹGȇb$bkm;I'䚘e7˗K'S90嫒Ed]'N7Kz'uL1e!<IJhe6T] Z+۝c]lW /!-=3ڵ 8&Yϛ~ 3*6jrd; k^in`5Bɉ"gRWEM>rqM3 ?6vX cDrǩuJ#E G#W:$0DGH9^د 3M'sn5cF\|?NNE .69 5|یq<W(<ǥ[N?gj?aPzmRx.pĢOb@>C@I:%$ ]a/{a2z9o#8kv;Q+Jr3(^/1I 4|ļNCaF&+jjYPGo$0?U᱾*Y1͗ȕԋz>-`17~RO[: Ӻ? W6zS\P7ZUz a?+pź.q" LXX # S4C0DRs fv)<㕼S*S. ćg_*Wo:./zL7@2d\Үe<]P|(}ApǂY.X0( "] rv\4>^Xy\5}=F3CCPTw&Ht'PcOM;ӽcbySn#Ei~l@4+ 7 3XzI0/鐿l= Յj{& >1f"f0 l^ R@K۲-o֗_$,bm7+nF馤H}W@zS.4g٣J. =^dޏ3,hch(F9) .)+LjA\5IHSɹ7٘o~]-r%TZ)t&:3@K7㱣DH ]JnyD(Ln :27v2XLH9Z ~A"g>h̜Uٻک4u,W%O0YLDL~iى4FkP%¼+#S!0xxJ\5O7;sIw[̯u?DUS-W*O5iFJQ;4UJ.uo>J(=j@Tl^rY:;#q@+"Kd׷MOc{ CKS/*_468BS1nJZYYaep1I0EL4yK 2d.ީ=ȱ <^&nV7pb!npnu-\fab2̳I0i x[_LPחj|t{(`]aSKU*  +m[eXa#j|Lkq4<)a!UϒԺ?M-t;zN{[fo(rA2}߰k*TCr dʘ>/ .lS-N7A#sdkOK3_%7Hzd'ThAH8(4Ɇ[K0>[k]+ܱ,.y}tU9Z}h17ֱy!Y [5] $ Vdk<58:-&*|s"MqH w5?(f ;Y j$[C2;F ɧy;Ж`*6V9i5l}Oߐt%'eBCՎ+`_gq,k$Q7(?(}WP>j-qy[UFU#S`YQzSXf\7g|@R}D$ﴃ\\%;{:WPr 6!)vq[δg']SrONM>N@>k<ÔFoy)|dpgԸSP3^L-o#%{Sz*[)su#cx]OK{x.ff\’qmw\ P-K9.j̝,Cw9//a=^QTuv?g##6A\u^6kw!heXZCaG1LFy##**,cSoÛ<^9e$])sJB3dw4+<~ d. xjRJ|řZOي(=v_ƌU,yB1쿉 2fy^ʵǼ-doGfa:x\>0ZF=_5Κ:HࡩX`?A"n*074؆AY|\hO 1GqQW!̧h[n1PY]. *oP ǫ5}n.Qw9iM gw? ÌOϔ7pͅTx i3hc;$/B#O4\Nzln݉N==궹!|k}Rhʵ1GU )k(` G18K"E_W H+<안 (qI)6uxt *4k6Cӥ*THguvL:aCf:>GG POb,FɛU ؃fY.M?.ذĻ?ښEOT`&!ed;S^]I  5OT-m``')[ſMg8@bі]=BלoO]?`nIgh<߁lX/k+M@GoT,c$)f-!ջfo-f\/~fu&zpj])2;JvL \U& eXaCl mT~XcNw;%) #o i})YC=MI18հjC_ od>LNV#gl WYԬby0W `-Zn'z"&"yi[HѲC(b˫:EF+dSB$< ʛ։b!E1N Z_}᫫W[ε7i`O,k|_AcVDk^۝(~2m"c9zNjKh\,=Kʆ*g"VxSf xd3z$\ߠ5JpNw ϳ3g5#Ҁ`nZԤ`<ڍIzٳ_3>7H^(L!8[tGаOSL@۠q_G ?i±-[ )hIoγ%/:L5]Zkdu4Kd~ՙ2\LI)(ߏi|,^a׿AG30@;WY 4ZNix7 p[!w7~*T@^&:جl\נ)&QUF\hѕO닏l7ֺfl^6C]K)e1b/7BƁtp50>[YoOzUI޵"" 7Ɏ2 L?A_,K] y<+:*="; V0 R Sk ! y >޲Oix%$؎ {b=j1 "2nqr`l I }^"Wt֎:Dؑ(@pЕMv|:mQqd8>0[.u).M> jТ{ '#!eMKܖ|㌦?G#D[EyɶϊqtD|XgTQ'Rbv9"jXkQy4ȌjpkG`؄=,ݨ-S9DR26Ϊx\/XdO8ޏc[,2k2<}rrh&9W,ġ`k~yOѹ6oYmFC\6\@7`3#1TRp#y7%ߑͷ^sMnѭ(U& ewQVH̝vN5'"<ɢycOes#CRkr̹(2LS)>0wh>{*պGN$>3o/Jp?OX{| X-cxduu\ϵ*q6:+σ HCe$Sl+9FQuov )iǺMQWPuN ;"G~9BZn:N ހ(;;3)28 0z2 9];Ҏ89m p# `imVz?:#FIzV+>xщ \rb7ҏcqSߗzD& Vx>̹hP7ݢFT75RFjeƊ,v'ߔ.w\N2DЅω='ٸr"J՞L6QC0*h^ x1ofT2G'j[?kT* ![Mwϩ-`]B8 `ݮ$@Gt2Kwf6{DUkCwb6Uk Z`Ѐjn|w"Nh8Ō r!6-[H}KUyqd]^61ai7(^<">sBueX `idqUaThzUF2pZlYBW^rM/K& CH $,"̖?OP(V.aRJВh,Ϙ4 QCK9`[=lзEݦ!Hlιlpmš2+f/O7e!bA3%[&jHcuъ;h?̽ZMޭkANU" BP5[&טJfn7} )tqp2Yc l ِW#x<^ ʞDelrg+ObR˾F&]7+J{G…OPi,ag_3װ 0A}BMS4HuOR>Y)m4Fϸt9͉ ]]UbPҥi-M<$HZ∫^cg·d=W=~QH/3+vuBtCm&ccځtX"zXJe޵bPpZ-vf5n䔐J(|ƭC"rDXXi_['B}(9'ȿ-T|aIx(İ +|$YdBc8w/Qδ wh6wfxۜ͐̍Oe?} zm+fhZZ)W'0e\/!яU%í=?;ptPuPnj'5 c u. }\;|8{⁚!$ECyn_ ?ԔnOsii?z|ի|6:;I_)r }[Q(߆Fh-z3|ep#O3Q/V76ޓk~>BLDimU-,퀰[+sVfMv鉅' #ă,`l6H#D=PN:u NvB| qS*B<Tug~c7 ,;r_w0bmgb?^hʡ:Gײ%ģ{b,rCE {vz Vs9L),^ .`xY=vQ&yAy>|;FnkF0$qbƤ `@ysđ9("oR]˩0ޫz tb+p?"qDi_UNNT\6k>N˰p>ZOZn`_ (^>hS' Zb3t1w/:R [ax?+잇5R\U V:xP84Dg-j*3+0Jf264;AKʨ 8,67tK]. c!"F,_Ee܊xL6#gc>D0s0}[0/|?ijko~tр5>"CdЊQfCLE@p'1E1X[8::1K]ztudEj\&g +$֌YEZH_s-uH#\'tv֛}\.Da7cAB؏+?IS:8#0I%m'vb)mvJU]<(h Yʋ%FC&0^NztGDD=F(/*E>- f  h7=RG3 MJ)+>{lyEtC m㫉K@T$ޕUwgi{a\*3hKCtr9Bl?;A=١Bi3uNs)sS9,^,,]@WRN8 ks 'wOP.X$U\x̷U3鋣A}W$o~ l%3!zhgmQrB@+g](6Ň| \nD$`z(nhGFLR2Iv3_,d0ńN įDJgH5oe3.3eeKƒQJ^szgG :*ElG@)xEh8gPbMO ;NBq'ܗ5Nѱ|0C+f<8lVw@+deY|j\~vGV$6?&_?,^iض }w; 6fLnQ=IjW}9+,8T[erbv.p8^i"(Mq OVw'p'*?&`! Wdfᒉi~{^hSKʨ"I,h;x D/(pdzBjFH妠I6n`{kqωeLJ7g¢4oxpǛ=\HO }"C8nީ3[SNE5PuU UܼR^&(L'/2 mo\sLT[19%]1A5>~[8AN_%ݽ7BTLy[84\R>m@ޔ(59 F:mY\)K]OԟW -?7upD]D+ KC0vU۫2=jJjDck$<~By_M<YN  +h$f{)GiA*Ƶ}iQ^%Z*!URo]I(쵣~c~< <՜A <oˣ!mN {jBgJUi:/t/r̀⪜Gai>0\mFμ<X&rSiSuNf rmBI ^Ӳ^O4U-Wkϝ-4O}9c1i p>KNd-D<}W6AͪƢ$OXfzC/_Ѐ/n7Ed)otXxdžˀIgⶻ!jD59-n\I]?'~3^3 *W(koJ E|i|iIS'(FvԟtI1@p]芛Ic{2`npIUm%YDzZTm$Xn*h8M$a`WqϷpm?JT0.ҌЬ>DjMu*7चZL2BuU)1<8bSrm~1#Sw]2lv1V,+tNGmyhYX+̴D!p1y+ ;"z+hֱuUJ{'l'h;_0!UrP*̩KFϊI NƔbz֔~d P}қf u T`ww, Ҙ: O0>55^>BQ]KЛKlB/mʊ~D' b x.=] n+@Ŏ{F6g;{vSұNo郉r!y4) 5`)/DFW ;=p&f1v=jow'ss-R7di`ob*_O <,GVLRҠ*uLśLYyrU➂v,an>yn$j&{:"jn*;H<;_esHnx)N{n2Ͷ"W p\lH {FE7e .oN.L@Rl袑v|_ބ$ZxEw~8Ijq?~vqt;mۃAQK ~ :hG)\[wL&c=b)\3iv :2p-vr'*AJ0|c(s.ك;5"ٱL"6_o}Hr~oRfiV[DP+N"&׭~cgP[}jȑ1e[@aHV;AvY q5SyDA*f}= TQ%*݀V?Xww>+举XgAEqdOaE7v )hHDujw"-ky1LfWW_3dB3NOHkG޵gv3(oQol9Jhma8r{)Ͼs#" -?ݟg 05\2زFFniV #~M~@>IuJg^ +Jn[s)H<|v(j4B>lre} U4ă)1WZ7$vF[G<KœÑZֽ9R-rkܬ,BY+uL!ORqtS W5f"26"G,7f,_9R";km8Ś sK+envN&$Xcl%tSNf3>:$@S.Ј'1=I! WϡXpZ^ƚ8}<?Q'.0g&iNv1DΗ1,o38n~ 4'X3p\ g ^F[!9WU J;mC"\KX'X&T/}RV fÆ\ChV\]5_Dzn לap㭪i㾸K"tu:^G왎ĸbY`By&{ڣ I#-@]*t-_P CmWm[ Js2bAsոҽh)H!BX9rN!=SJ]5 }T&V8 ;d}L3ؓЕbۋZ֘9%Ƀ1XED`'7eOznd49$ԇ,RME7OL4~AƊ]Hd4HBb 5d=#W"L#Y[vaԅt.zztȂN*)5q@ߨQgϮy /Li+>[Ai EHun“MT#"6"Yq3rr?C냊FEl8A疅`]BK׋?;7ηe2掕;YR(O(0B>ĩtXvZsWΘZ\b[j?ޥ.j$>n]f@27Pw8l[mP;龵tt9Rs% $pȋw?K OLKotcz~ #03 <'GAp H2h> EW|}g^ƾQeXtxajk/|G[,fD~wXBƻ$ױEL=:[֓8XB+":urV sn]5TMإ2-\d jp+a5O[|GEyUʙd`2x9t̺5i)"uHuo8xũB܇d>FZⰎ&q! *Sz-+tS oPhgcI:2zudF4սPlBl,]F*Y. n\$!W>0SBFBArKzyVtG*3s˔7k5ӤH\!Sp%jRP0zD)^$jujz^8vovCx9mn7ND$F6ڜGg\G-FJ5pm_k٘nRkڰ߲Ne9v.jP|EOcqD'~Wn/D\- (<uI h^=nr*~.WL4$-1-L QBq},'2(:>9_zXRKos<"E}Rg?;b4:]h^:6VΞŗ!$ٚ꤈n+p @YD+YjT jAM*4ppptIT<0Q!4@;K@Z,{Ht!ڮn_.I:V%!%%7R$0gwc-cc|!!u$~E-h=:Dʑ[ԛeѝ D@2⪧?+[@'|IH#H:&wƺ؁=`dۗtZl٬<#xuҬ 1\ .t Uz [m28L{p uf€Bji2$|NR3ogAy]zʡ=0WSdp$t_.<װ٫\|{$SPoe@('). ? #vxLJm4gB_b4fӡ?D_Յ;Dje|2`ưǁ+|@^_pxȒHI2/uS:꽁.Hx-h?oe<X>Qm5KNžF|s)bvE:al!rg> ޜ *6F8t%K~n-DAl"! \1(Pz v_ })vF:$R7KQE9)d{."˷b(OnE#w,#zpD0y$XP?RLکƵsVQ\17ޮ!fI+psƘuT$.~;_׳f"zjg'Kkgm+۴:3K˖-<?|'}D?'={(KO?tHh B 4÷! qݐ qO*/gbpc=YعWğcm z8[OE\U 7Cq.b{*[Qb/C!Eo(}6~/T4ش;&|󐩏ӭZVϥTteth } _,7g| kj(v&iktڠBj*: ;%v٫bwAh^>y7g]c^Ǥk S=M6j(sMP^* #e0hs_RcLKќQ羓RaS+/w`o6/zYg𱥀xŧzĺքvDW^KwxFe: ϱQ*21eyZWM` NAr7CKcmEHz<޵v/t)#5D.rDw\ĜV˳n0]ݚzSP Zw+5#[󱚧1K& 1J?5&\ `)A#!ի]w!b1gqA KEm)c-LZf1UA޶`C0W+hI'u}vp$c?P\{~yby!l(,'7 R)^[vdžfE3k]j^u/w`EӼjטTD86-vK6)D Bvb VfO /$ e~47xa&yA[1 F+b]*HRVeFuY+M OpQv8!(;"U.hG|?w9uk0/Z8Sǁib-l =6U#^ϨzFBt؊a /3~7bt(KiXŨ)m͊&2^Z?NL?9-f)#ޟ\YV:>n~{G(}U\u->%q{2}i)%tA'j2QEF;H%\( S vr4k*cv}wx<:/~xjNR}3NyB2ϊZ㞳X[cMW\ { W=x-<$HVT#jRfpnFRQ~dZw$G_ 2V~ ˇe~`SxLw>qV7cwsįԠ+:WTوi^VwŲԿ9hIZ]`x lqvd#F& )Ni\Ҵ[@NNZ^&U#sO-nY"8EF'mxYh+;Բ@z<͐^@%OyPPྙG9f$9-/7wRH&i(agfzwГrG t!H%^9Q$-5,LvD3v?QO}ܚ٬ &q!]?iUѶdw @jW+\tE޹g/GN=R&7Dպ<)R(C8 7m.Q.wɼxW"Gm<^/7 oΗk/v,Ec9>'GS^ϰ#]y~ZRJXx~XqW=Y?}(iA|;iHL1( ^hoN.wu`0 x|xNpwE"j ta.!p$@АüQ﹘n{q ըv3Kv>|҉ 5eK{1_ 44I|9q#v;gc1 ʙ}, R@&48iI$;FB+Q4 X6:X U6 se]IYa&h┴(ȍEZ>C<aё{eR"\Gc`aITRf:2K U/WcUGhY6KMn)G @'=JRˊ|:XT UзRp7Z;yhdwOjt065\H-7%Q~N_ȴɠ美inć P^o]@ުA{+G>:_EA)0S2 %HѰ89mQv;2w (?p}|mjM]o5K w5nX(59QQ#:TqS4-Y8|'2Ѓdy{E ^FX I|6~40W}e3KT dmp?H¦~Q7o9ȤvWig9|j%**ՙC6I-fr1GQ.Hkw"8z^XX]'+˽kVi YU&@֜]GUJTa߃ Ēcpm(nڶJ0iJ"]| U-5rQFO6TPr?qy8= oKEQ'7׌f}^;|әXU)pψC@jP6ہ4Kɼ+m1J;ώC"w{zևvը(jX.O{3Fǫjūs( ].49z;!*rMDJrBVyӫs<W=/&9*65C,\fV<LwaZŕd;!jQG&F3ͫ JC=˹tߒʼn9UǸY;CDNsw7mEQ. R(h}mLL\׾I *%:gG%+"Q}+Ag4W/^%oR7QR@T^4}2PyO.vÔnۮ/η-H"Ԯ`;VF&DmDr*GG{;j,=}=4#\{FT;Mlzd)Pav*jL9b?^(L- b4AoCi7T$EI/0egwT6|T?Vz(qfzTE)h';s(mn7]<(>yxWGw}P-Do`epUNeMQÉy]8TH% BoDY&~֍VlD$M9}'Z*D`_ dG9ދܨlW 1pOA0,iR8<-=QyF v.<HuBY@>>$Q@#N>'c$e7+m`B1W+q%`i<>Q4!Bw>N`A u/2[/X?Y)ȕi%lM YZ