nss-util-3.67.0-2.el8_4 >  A `U]!m#|r]3[˸kDX\3'poN}~[^/=F1"PkW} B;rp~.LJZ/=OLDɼTjbl r.[d3D5i=)2MddteGj|$|Rz$N1e%%eS諭Vӻ@]$. x?Eѕ6bNݞSen`Uu=:s8*G->d[1M\i(7+P(936]r4ok _j'EL՛\xu; DW*JB$檿hk(wYw!NQlDT֑V_~ Ý|q,3n] +܇ {I3+#jO߫4Z0jA-?j|wcP%Cڟa"GOvtކx?`B5XęM]Gj5a4b455bfbfbad60710e62646408ad9f19c4f62bd74c32c6cd3239ff690774745466f49c9189b3928f5f3fe286a1f269bd46175d9`U]"`.kBkF~zi[C*!ZAD{׃:~{A<-FIJS cle NrUΰ1*btLLGnv{WG)ƙ+qHCxy_Y Q#oh1Hix:؁`rXD^9Z'UX!U[4pazS=(wzJ_ 8i#paH{Bz7ރގTLXLr>IIH`ky N`שi% Nو&滗N$Z1;- O bP>p<?d   F "(0H T ` x  (@^|,l(8 9 :ZGHIX$Yp\]^ bdefltuvwxyHLRCnss-util3.67.02.el8_4Network Security Services Utilities LibraryUtilities for Network Security Services and the Softoken module`"aarch64-05.mbox.centos.org^LCentOSCentOSMPLv2.0CentOS Buildsys Unspecifiedhttp://www.mozilla.org/projects/security/pki/nss/linuxaarch64$FAAA큤````Ԙ``ba1dc95d17efb2ae71e091c8e90862643df3bee809d3a735644b789d1237216da20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4../../../../usr/lib64/libnssutil3.sorootrootrootrootrootrootrootrootrootrootrootrootnss-3.67.0-2.el8_4.src.rpmlibnssutil3.so()(64bit)libnssutil3.so(NSSUTIL_3.12)(64bit)libnssutil3.so(NSSUTIL_3.12.3)(64bit)libnssutil3.so(NSSUTIL_3.12.5)(64bit)libnssutil3.so(NSSUTIL_3.12.7)(64bit)libnssutil3.so(NSSUTIL_3.13)(64bit)libnssutil3.so(NSSUTIL_3.14)(64bit)libnssutil3.so(NSSUTIL_3.15)(64bit)libnssutil3.so(NSSUTIL_3.17.1)(64bit)libnssutil3.so(NSSUTIL_3.21)(64bit)libnssutil3.so(NSSUTIL_3.24)(64bit)libnssutil3.so(NSSUTIL_3.25)(64bit)libnssutil3.so(NSSUTIL_3.31)(64bit)libnssutil3.so(NSSUTIL_3.33)(64bit)libnssutil3.so(NSSUTIL_3.38)(64bit)libnssutil3.so(NSSUTIL_3.39)(64bit)libnssutil3.so(NSSUTIL_3.59)(64bit)nss-utilnss-util(aarch-64)@@@@@@@@@@     @ld-linux-aarch64.so.1()(64bit)ld-linux-aarch64.so.1(GLIBC_2.17)(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libdl.so.2()(64bit)libnspr4.so()(64bit)libplc4.so()(64bit)libplds4.so()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.17)(64bit)nsprrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)4.25.03.0.4-14.6.0-14.0-15.2-14.14.3`̊`9@`Ȗ@`D`r_@_^@___@__"@_"@_"@_!d_@_ L_ _@^^@@^@^ۅ@^4]N@]]߶]e@]M@]µ]L]]^@\F@\Q\\\\\\@\I\I\U@\ `\l@[[[u[#@[[W[O+[M@[ZZw@Z|;Zo Zo Zg#Z ZZZ@Y+@Y{YY@Yn@YV@Y@YyYm@Yg`YJ_Y1S@XX@XX @XXYX@X@XX~@Xx@XoX>@X*X@WW@Wt@W~Wv[@WrfWoWm WbWQq@WPWJWDB@W4p@W@Wo@W@VV޾V޾V@VяVIVɦV@V@V=@V@V@VO @VHsVEV3[V UYU@UU@U@U>Ua@Ug@U[%UUU @T@Ts@TTء@T@TÉ@TT@T@T?@T:m@T"@S@S<@S@S@S @SSSSpShS(5@S@SRy@RJ@R@RR@RSRR@Rm@Rg@RD!R@RRR|Q@Q*@QQ@QKQ@QQW@Qw@Q]k@QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1.1Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-17Bob Relyea - 3.53.1-16Bob Relyea - 3.53.1-15Bob Relyea - 3.53.1-14Bob Relyea - 3.53.1-13Bob Relyea - 3.53.1-12Bob Relyea - 3.53.1-11Bob Relyea - 3.53.1-10Daiki Ueno - 3.53.1-9Daiki Ueno - 3.53.1-8Bob Relyea - 3.53.1-7Daiki Ueno - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Daiki Ueno - 3.53.0-1Bob Relyea - 3.44.0-15Bob Relyea - 3.44.0-14Bob Relyea - 3.44.0-13Daiki Ueno - 3.44.0-12Bob Relyea - 3.44.0-11Daiki Ueno - 3.44.0-10Bob Relyea - 3.44.0-9Bob Relyea - 3.44.0-8Daiki Ueno - 3.44.0-7Daiki Ueno - 3.44.0-6Daiki Ueno - 3.44.0-5Bob Relyea - 3.44.0-4.1Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Bob Relyea - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.41.0-5Bob Relyea - 3.41.0-4Daiki Ueno - 3.41.0-3Daiki Ueno - 3.41.0-2Daiki Ueno - 3.41.0-1Daiki Ueno - 3.39.0-1.5Bob Relyea - 3.39.0-1.4Daiki Ueno - 3.39.0-1.3Daiki Ueno - 3.39.0-1.2Daiki Ueno - 3.39.0-1.1Daiki Ueno - 3.39.0-1.0Daiki Ueno - 3.38.0-1.2Daiki Ueno - 3.38.0-1.1Daiki Ueno - 3.38.0-1.0Kai Engert - 3.36.1-1.2Daiki Ueno - 3.36.1-1.1Daiki Ueno - 3.36.1-1.0Daiki Ueno - 3.36.0-1.0Fedora Release Engineering - 3.35.0-5Kai Engert - 3.35.0-4Kai Engert - 3.35.0-3Daiki Ueno - 3.35.0-2Daiki Ueno - 3.34.0-2Daiki Ueno - 3.33.0-6Kai Engert - 3.33.0-5Kai Engert - 3.33.0-4Kai Engert - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.32.1-2Daiki Ueno - 3.32.0-4Kai Engert - 3.32.0-3Daiki Ueno - 3.32.0-2Fedora Release Engineering - 3.31.0-6Fedora Release Engineering - 3.31.0-5Daiki Ueno - 3.31.0-4Daiki Ueno - 3.31.0-3Daiki Ueno - 3.31.0-2Daiki Ueno - 3.30.2-3Daiki Ueno - 3.30.2-2Kai Engert - 3.30.0-3Daiki Ueno - 3.30.0-2Kai Engert - 3.29.1-3Daiki Ueno - 3.29.1-2Daiki Ueno - 3.29.0-3Daiki Ueno - 3.29.0-2Daiki Ueno - 3.28.1-6Daiki Ueno - 3.28.1-5Daiki Ueno - 3.28.1-4Daiki Ueno - 3.28.1-3Daiki Ueno - 3.28.1-2Daiki Ueno - 3.27.2-2Daiki Ueno - 3.27.0-5Kai Engert - 3.27.0-4Daiki Ueno - 3.27.0-3Daiki Ueno - 3.27.0-2Daiki Ueno - 3.26.0-2Elio Maldonado - 3.25.0-6Elio Maldonado - 3.25.0-5Elio Maldonado - 3.25.0-4Elio Maldonado - 3.25.0-3Elio Maldonado - 3.25.0-2Kamil Dudka - 3.24.0-3Elio Maldonado - 3.24.0-2.3Elio Maldonado - 3.24.0-2.2Elio Maldonado - 3.24.0-2.1Elio Maldonado - 3.24.0-2.0Elio Maldonado - 3.23.0-9Elio Maldonado - 3.23.0-8Elio Maldonado - 3.23.0-7Elio Maldonado - 3.23.0-6Elio Maldonado - 3.23.0-5Elio Maldonado - 3.23.0-4Elio Maldonado - 3.23.0-3Elio Maldonado - 3.23.0-2Elio Maldonado - 3.22.2-2Elio Maldonado - 3.22.1-3Elio Maldonado - 3.22.1-1Elio Maldonado - 3.22.0-3Elio Maldonado - 3.22.0-2Fedora Release Engineering - 3.21.0-7Elio Maldonado - 3.21.0-6Michal Toman - 3.21.0-5Elio Maldonado - 3.21.0-4Elio Maldonado - 3.21.0-3Elio Maldonado Batiz - 3.21.1-2Elio Maldonado - 3.20.1-2Elio Maldonado - 3.20.0-6Elio Maldonado - 3.20.0-5Elio Maldonado - 3.20.0-4Elio Maldonado - 3.20.0-3Elio Maldonado - 3.20.0-2Elio Maldonado - 3.19.3-2Elio Maldonado - 3.19.2-3Kai Engert - 3.19.2-2Kai Engert - 3.19.1-2Kai Engert - 3.19.0-2Kai Engert - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.17.4-5Till Maas - 3.17.4-4Elio Maldonado - 3.17.4-3Elio Maldonado - 3.17.4-2Elio Maldonado - 3.17.4-1Ville Skyttä - 3.17.3-4Elio Maldonado - 3.17.3-3Elio Maldonado - 3.17.3-2Elio Maldonado - 3.17.3-1Elio Maldonado - 3.17.2-2Elio Maldonado - 3.17.2-1Kai Engert - 3.17.1-1Kevin Fenzi - 3.17.0-2Elio Maldonado - 3.17.0-1Fedora Release Engineering - 3.16.2-4Elio Maldonado - 3.16.2-3Tom Callaway - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.16.1-4Fedora Release Engineering - 3.16.1-3Jaromir Capik - 3.16.1-2Elio Maldonado - 3.16.1-1Elio Maldonado - 3.16.0-1Elio Maldonado - 3.15.5-2Elio Maldonado - 3.15.5-1Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Peter Robinson 3.15.4-2Elio Maldonado - 3.15.4-1Elio Maldonado - 3.15.3.1-1Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-7Elio Maldonado - 3.15.1-6Elio Maldonado - 3.15.1-5Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-1Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.15-0.1.beta1.2Elio Maldonado - 3.15-0.1.beta1.1Kai Engert - 3.14.3-12Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- Fix coverity issues- Rebase to NSS 3.67- Restore old pkcs12 defaults.- build nss for older nspr so we can pass gating with the new nspr in the build root- Rebase to NSS 3.66- Fix various corner cases with ike v1 app b support.- Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC.- Revert some policy changes the generate ABI runtime issues.- Add support for enable/disable in policy. Now if your policy file has disallow=x enable=y it will act just like our other libraries.- Add OAEP interface so applications can wrap keys with RSA-OAEP rather than RSA-PKCS-1.- fips need to reject small primes even if they are approved - code to autodetect whether or not to use the cache needs to do so in a way that doesn't mess with filesystem negative file caching. - add kdf selftests- Fix issue with upgradedb where upgradedb expects standard to generate dbm databases, not sql databases (default in RHEL8)- Disable dh timing test because it's unreliable on s390- Explicitly enable upgradedb/sharedb test cycles- Disable Delegated Credentials for TLS- Fix attribute decryption issue where the private key components integrity check on private attributes where not being checked.- Update nss-rsa-pkcs1-sigalgs.patch to the upstream version- Include required checks for dh and ecdh key generation in FIPS mode.- Add better checks for dh derive operations in FIPS mode.- Disable NSS_HASH_ALG_SUPPORT as well for MD5 (#1849938) - Adjust for update-crypto-policies packaging change (#1848649) - Fix compilation with -Werror=strict-prototypes (#1843417)- Fix regression in MD5 disablement (#1849938) - Include rsa_pkcs1_* in signature_algorithms extension (#1847945)- Update to NSS 3.53.1- Update to NSS 3.53- Fix swapped CMAC PKCS #11 values. - Fix data alignment crash in CMAC.- Fix coverify scan issue- Fix endian problem in SP-800 108 code.- Install cmac.h required by blapi.h (#1764513) - Fix out-of-bounds write in NSC_EncryptUpdate (#1775913)- Add SP-800 108 Generalized kdf- Check policy against hash algorithms used for ServerKeyExchange (#1730039)- Add CMAC- CKM_NSS_IKE1_APP_B_PRF_DERIVE was missing from the mechanism list, preventing PK11_Derive*() from using it. Add gtests for the PK11_Derive interface for all the CKM_NSS_IKE*_DERIVE mechanism.- Backport fixes from 3.44.1- Add continuous RNG test required by FIPS - fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor specific mechanism- Rebuild with the correct build target- rebuild to try to retrigger CI tests- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set - Revert the change to use XDG basedirs (mozilla#818686)- Add ike mechanisms in softokn - Add FIPS checks in softoken- Update to NSS 3.44 - Define NSS_SEED_ONLY_DEV_URANDOM=1 to exclusively use getentropy - Use %autosetup - Clean up manual pages generation - Clean up %check - Remove prelink dependency, which is not available in RHEL-8 - Remove upstreamed patches- Update manual pages to reflect recent changes in commands- Make sure corresponding public keys are created when importing private keys.- Fix the last change - Add --no-reload option to update-crypto-policies to avoid unnecessary restart of daemons- Restore LDFLAGS injection when linking DSO- Update to NSS 3.41 - Consolidate nss-util, nss-softokn, and nss into a single source package- Fix the last commit- Support for IKE/IPsec typical PKIX usage so libreswan can use nss without rejecting certs based on EKU- Backport upstream fixes for rhbz#1649026, rhbz#1608895, rhbz#1644854 - Document PKCS #11 URI - Add warning when adding module with modutil while p11-kit is enabled- Update nss-dsa.patch to not advertise DSA signature algorithm - Update PayPal test certs for testing- Backport "DSA" keyword in crypto-policies- Update to NSS 3.39- Fix LDFLAGS injection when linking DSO- Install crypto-policies configuration file for https://fedoraproject.org/wiki/Changes/NSSLoadP11KitModules - Port enable-fips-when-system-is-in-fips-mode.patch from RHEL-7 - Use %ldconfig_scriptlets - Remove needless use of %defattr, by Jason Tibbitts- Update to NSS 3.38- Backport upstream addition of nss-policy-check utility, rhbz#1428746, includes required fixes for mozbz#1296263 and mozbz#1474875- Switch the default DB type to SQL - Enable SSLKEYLOGFILE- Update to NSS 3.36.1 - Remove nss-3.14.0.0-disble-ocsp-test.patch - Fix partial injection of LDFLAGS - Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream- Update to NSS 3.36.0 - Add gcc-c++ to BuildRequires (C++ is needed for gtests) - Make test failure detection robuster- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Fix a compiler error with gcc 8, mozbz#1434070 - Set NSS_FORCE_FIPS=1 at %build time, and remove from %check.- Stop pulling in nss-pem automatically, packages that need it should depend on it, rhbz#1539401- Update to NSS 3.35.0- Update to NSS 3.34.0- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka- Fix test script- Update tests to be compatible with default NSS DB changed to sql (the default was changed in the nss-util package).- rhbz#1505487, backport upstream fixes required for rhbz#1496560- Update to NSS 3.33.0- Update to NSS 3.32.1- Update iquote.patch to really prefer in-tree headers over system headers- NSS libnssckbi.so has already been obsoleted by p11-kit-trust, rhbz#1484449- Update to NSS 3.32.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- Backport mozbz#1381784 to avoid deadlock in dnf- Move signtool to %_libdir/nss/unsupported-tools, for: https://fedoraproject.org/wiki/Changes/NSSSigntoolDeprecation- Rebase to NSS 3.31.0- Enable gtests- Rebase to NSS 3.30.2 - Enable TLS 1.3- Backport upstream mozbz#1328318 to support crypto policy FUTURE.- Rebase to NSS 3.30.0 - Remove upstreamed patches- Backport mozbz#1334976 and mozbz#1336487.- Rebase to NSS 3.29.1- Disable TLS 1.3, following the upstream change- Rebase to NSS 3.29.0 - Suppress -Werror=int-in-bool-context warnings with GCC7- Work around pkgconfig -> pkgconf transition issue (releng#6597)- Disable TLS 1.3 - Add "Conflicts" with packages using older Mozilla codebase, which is not compatible with NSS 3.28.1 - Remove NSS_ECC_MORE_THAN_SUITE_B setting, as it was removed in upstream- Add "Conflicts" with older firefox packages which don't have support for smaller curves added in NSS 3.28.1- Fix incorrect version specification in %nss_{util,softokn}_version, pointed by Elio Maldonado- Rebase to NSS 3.28.1 - Remove upstreamed patch for disabling RSA-PSS - Re-enable TLS 1.3- Rebase to NSS 3.27.2- Revert the previous fix for RSA-PSS and use the upstream fix instead- Disable the use of RSA-PSS with SSL/TLS. #1383809- Disable TLS 1.3 for now, to avoid reported regression with TLS to version intolerant servers- Rebase to NSS 3.27.0 - Remove upstreamed ectest patch- Rebase to NSS 3.26.0 - Update check policy file patch to better match what was upstreamed - Remove conditionally ignore system policy patch as it has been upstreamed - Skip ectest as well as ecperf, which are built as part of nss-softokn - Fix rpmlint error regarding %define usage- Incorporate some changes requested in upstream review and commited upstream (#1157720)- Add support for conditionally ignoring the system policy (#1157720) - Remove unneeded test scripts patches in order to run more tests - Remove unneeded test data modifications from the spec file- Remove obsolete patch and spurious lines from the spec file (#1347336)- Cleanup spec file and patches and add references to bugs filed upstream- Rebase to nss 3.25- decouple nss-pem from the nss package (#1347336)- Apply the patch that was last introduced - Renumber and reorder some of the patches - Resolves: Bug 1342158- Allow application requests to disable SSL v2 to succeed - Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails- Rebase to NSS 3.24.0 - Restore setting the policy file location - Make ssl tests scripts aware of policy - Ajust tests data expected result for policy- Bootstrap build to rebase to NSS 3.24.0 - Temporarily not setting the policy file location- Change POLICY_FILE to "nss.config"- Change POLICY_FILE to "nss.cfg"- Change the POLICY_PATH to "/etc/crypto-policies/back-ends" - Regenerate the check policy patch with hg to provide more context- Fix typo in the last %changelog entry- Load policy file if /etc/pki/nssdb/policy.cfg exists - Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy- Remove unused patch rendered obsolete by pem update- Update pem sources to latest from nss-pem upstream - Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key- Rebase to NSS 3.23- Rebase to NSS 3.22.2- Fix ssl2/exp test disabling to run all the required tests- Rebase to NSS 3.22.1- Update .gitignore as part of updating to nss 3.22- Update to NSS 3.22- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Resolves: Bug 1299040 - Enable ssl_gtests upstream test suite - Remove 'export NSS_DISABLE_GTESTS=1' go ssl_gtests are built - Use %define when specifying the nss_tests to run- Add 64-bit MIPS to multilib arches- Update %{nss_util_version} and %{nss_softokn_version} to 3.21.0 - Resolves: Bug 1284095 - all https fails with sec_error_no_token- Add references to bugs filed upstream- Update to NSS 3.21 - Package listsuites as part of the unsupported tools set - Resolves: Bug 1279912 - nss-3.21 is available - Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit - Resolves: Bug 1280032 - Package listsuites as part of the nss unsupported tools set- Update to NSS 3.20.1- Enable ECC cipher-suites by default [hrbz#1185708] - Split the enabling patch in two for easier maintenance - Remove unused patches rendered obsolete by prior rebase- Enable ECC cipher-suites by default [hrbz#1185708] - Implement corrections requested in code review- Enable ECC cipher-suites by default [hrbz#1185708]- Fix patches that disable ssl2 and export cipher suites support - Fix libssl patch that disable ssl2 & export cipher suites to not disable RSA_WITH_NULL ciphers - Fix syntax errors in patch to skip ssl2 and export cipher suite tests - Turn ssl2 off by default in the tstclnt tool - Disable ssl stress tests containing TLS RC4 128 with MD5- Update to NSS 3.20- Update to NSS 3.19.3- Create on the fly versions of sslcov.txt and sslstress.txt that disable tests for SSL2 and EXPORT ciphers- Update to NSS 3.19.2- Update to NSS 3.19.1- Update to NSS 3.19- Replace expired test certificates, upstream bug 1151037- Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available- Disable export suites and SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code- Commented out the export NSS_NO_SSL2=1 line to not disable ssl2 - Backing out from disabling ssl2 until the patches are fixed- Disable SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Update to nss-3.17.4- Own the %{_datadir}/doc/nss-tools dir- Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic- Install pp man page in alternative location - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer- Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available- Resolves: Bug 994599 - Enable TLS 1.2 by default- Update to nss-3.17.2- Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work- Rebuild for rpm bug 1131960- Update to nss-3.17.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Replace expired PayPal test cert with current one to prevent build failure- fix license handling- Update to nss-3.16.2- Remove unwanted source directories at end of %prep so it truly does it - Skip the cipher suite already run as part of the nss-softokn build- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Replacing ppc64 and ppc64le with the power64 macro - Related: Bug 1052545 - Trivial change for ppc64le in nss spec- Update to nss-3.16.1 - Update the iquote patch on account of the rebase - Improve error detection in the %section - Resolves: Bug 1094702 - nss-3.16.1 is available- Update to nss-3.16.0 - Cleanup the copying of the tools man pages - Update the iquote.patch on account of the rebase- Restore requiring nss_softokn_version >= 3.15.5- Update to nss-3.15.5 - Temporarily requiring only nss_softokn_version >= 3.15.4 - Fix location of sharedb files and their manpages - Move cert9.db, key4.db, and pkcs11.txt to the main package - Move nss-sysinit manpages tar archives to the main package - Resolves: Bug 1066877 - nss-3.15.5 is available - Resolves: Bug 1067091 - Move sharedb files to the %files section- Revert previous change that moved some sysinit manpages - Restore nss-sysinit manpages tar archives to %files sysinit - Removing spurious wildcard entry was the only change needed- Add explanatory comments for iquote.patch as was done on f20- Update pem sources to latest from nss-pem upstream - Pick up pem fixes verified on RHEL and applied upstream - Fix a problem where same files in two rpms created rpm conflict - Move some nss-sysinit manpages tar archives to the %files the - All man pages are listed by name so there shouldn't be wildcard inclusion - Add support for ppc64le, Resolves: Bug 1052545- ARM tests pass so remove ARM conditional- Update to nss-3.15.4 (hg tag NSS_3_15_4_RTM) - Resolves: Bug 1049229 - nss-3.15.4 is available - Update pem sources to latest from the interim upstream for pem - Remove no longer needed patches - Update pem/rsawrapr.c patch on account of upstream changes to freebl/softoken - Update iquote.patch on account of upstream changes- Update to nss-3.15.3.1 (hg tag NSS_3_15_3_1_RTM) - Resolves: Bug 1040282 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) - Resolves: Bug 1040192 - nss-3.15.3.1 is available- Bump the release tag- Update to NSS_3_15_3_RTM - Resolves: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws - Fix option descriptions for setup-nsssysinit manpage - Fix man page of nss-sysinit wrong path and other flaws - Document email option for certutil manpage - Remove unused patches- Revert one change from last commit to preserve full nss pluggable ecc supprt [1019245]- Use the full sources from upstream - Bug 1019245 - ECDHE in openssl available -> NSS needs too for Firefox/Thunderbird- Update to NSS_3_15_2_RTM - Update iquote.patch on account of modified prototype on cert.h installed by nss-devel- Update pem sources to pick up a patch applied upstream which a faulty merge had missed - The pem module should not require unique file basenames- Update pem sources to the latest from interim upstream- Resolves: rhbz#996639 - Minor bugs in nss man pages - Fix some typos and improve description and see also sections- Cleanup spec file to address most rpmlint errors and warnings - Using double percent symbols to fix macro-in-comment warnings - Ignore unversioned-explicit-provides nss-system-init per spec comments - Ignore invalid-url Source0 as it comes from the git lookaside cache - Ignore invalid-url Source12 as it comes from the git lookaside cache- Add man page for pkcs11.txt configuration file and cert and key databases - Resolves: rhbz#985114 - Provide man pages for the nss configuration files- Fix errors in the man pages - Resolves: rhbz#984106 - Add missing option descriptions to man pages for {cert|cms|crl}util - Resolves: rhbz#982856 - Fix path to script in man page for nss-sysinit- Update to NSS_3_15_1_RTM - Enable the iquote.patch to access newly introduced types- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Fix incorrect path that hid failed test from view - Add ocsp to the test suites to run but ... - Temporarily disable the ocsp stapling tests - Do not treat failed attempts at ssl pkcs11 bypass as fatal errors- Update to NSS_3_15_BETA1 - Update spec file, patches, and helper scripts on account of a shallower source tree- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build3.67.0-2.el8_43.67.0-2.el8_4.build-idcab3f46060486fbcb96ecdac3013129c1f78cf2elibnssutil3.sonss-utilCOPYING/usr/lib//usr/lib/.build-id//usr/lib/.build-id/ca//usr/lib64//usr/share/licenses//usr/share/licenses/nss-util/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protectioncpioxz2aarch64-redhat-linux-gnudirectoryELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=cab3f46060486fbcb96ecdac3013129c1f78cf2e, strippedASCII textPPPPPPPPP P P P P PPPPRR RRRRRRRRRutf-88781de6d54fd4ddebf1b43c6b9bcf526be16e2a5923e9ced81ca567c3b7b7b7d?@7zXZ !#,"] b2u jӫ`(y,xۋZE>E\vSEa u# ݥV g\* erbPhTI1%³Λw4۶F!݇%݇$l O14M̽k!9] !wy 6|!ؽ;sH=Xj@&x xK͉S¸/M<,n ,IA3gTQxy[$rbM2"oר-f@P&g1qjz 8 =7QSPNtƺ[9ƾ:?wB16PD۟~åyIg, ^#-Zc]Wv!Q q>wIB@ ]KR7U^ů7B6&;T%VΫ 5١B *Z( l bʁ_J60bκi;@^ڲo..3]a2$ ^qp] y1a(w?eg(1 `&csZLi=oV? 5~1}U7w,׆E,y'1\˹CWZ{\G|iٗ9/s!ch7r)>;Ƽ'?Jrc %3`Cq$9֫1U 1Q on"DR署$- 5>) 'MqPWXTz0:"K 6 k:Lpw#@Ǡtgt[v`xu+ƬNRԞ:n>CNA@&Vn td1Ɖg7;'-(iBmgh//71Q}J=/;NǞx5ȂxBҫ~o@W3A|t[^61+Tmwy8N&9~N+aMĵHW8թ|Z$9& UB˶o(w*%[zrr^L CID)L!>R-Î9;[˧>$v /_CRre[ն*Xx}^),13]i-b |is5d"C뽦bɆaɩGRv~N}jY |Fk$Ijmr!*5{RAv`cCL[ݸWC{Uj]u7Y;B1WMvǟ«c賶l)E =qUuJ5ߕ,9uo'Ҙu\ֿ e?WN+_XeⱛWJf6{5xpJȴ Owr^kqa MSU1gqmp=S:X;fp!%~8k7ZBg1nLBדO`&>:;Da֪pW ۔}iA{M@:@@zy1~:Zvm/)rؑo(d mC8&!M$׽(lI*mdȆѺ9a?2 z$!r.'2vOZ`=Wo㔧 C}2pRDpEfQd>. 6gSf>1–D\U{<-͌0<=Y%W/6zJe Rmh#_jpy$%9r6 qDn8Zb:04fb#m ,ހjL5䕮 @DV8ic;h{$S>.ZW?\xae 2Ï))x}v4^7lq(e3K#s#&XPeC}Ѭ }9M*F b͈ } 3x&&lN9vhExHW#n/숒 '+aR9"ǮZˍ}?S{]& s[ԆILqX#p6Zңױ{*EKbYzj}cԔ]BƠL)3{ Ze E")pq U׭gɳ@ᙦ/܇5G\eZ)wVEC0<¯b,q^HFsɖޑv\gԾNYVC>fL5oT_\X^QO2cW$΂;C(+ևX-^ %L4͋6\j-\ ~Pn\N0кrߜ=M-5 DU"X\ЇRGsP1Ηl pHn/zrF !3-=F@>0:sVƖ8Z }6,^.~ ro{  m1e2(鄎 !$()]wš7&T!,79߰J?nYc KvUrS/ %U_80@G3ȳ&|h]}|S/ۤl @} gT{7MObY6UZD\fg=>A=oV4X 4b $74~_aAy߼iU"]RNAx/ݖeEp0561e R`.fRnȞMkM+rH(ȢɫvdG坌Ԏ7fI$^.t!?`BhC(QD@ևEA"mLeɈ~w@ƙ:FI|ϙr*jy_tXR* VYKA0Ow֬DN͓gy')HDQJ{eyr`D <*eY(5thSBO~H\0E7 }$\KG%#?{ZMjZ0 RVe۷8 R yǮnzMVыT4x8a ~VVCPkCn~~IYƻV[x?wrx_M kAOxDR"J=Tzus]-ު*zfX8#Ɉ' dl =].V1ĸ'ɷd9$h^.xރSZ~.: Tk+\/UXBw5"}U"׷;CF0Qrc7I '*oΘ)C2 DHZ*5F :}O/<׆0 07Ƞ=qjқph2澋@ R^cf@%Fƥ't!9LwR9.OJl{洂O9 c'x0ȔҀ;- FTy{^o_y&zo'lNSqog>ZU"gTl{^q.ij62!gQgY! m}S0$j [af™`xG`1f͌`@7!fhy =˱GPQud;kV 2Z %βz@a^lҮL.l/07Q'_h?\d>Eܺ/⺛5@b88=|}OBĠ`6Hж6]اa(ntq{Yfm!=\o:bAuyRF~8QvJ7[ ߲L]<;v3CkfnHv %0Tq4G]_*Ljg21= 9q+:`5ZJNUeUJmW=>i CY |@ت&V8#7%vM$>:'9|fy,w.H@J++"ǜRf$ `b /BѴ|4a/i~||wG$֚^J[nX$]Wvem@DK  o$t5nQJ%]kԡS(?3FX&&w}1=VT~#r/ۈ1Lsb/v#ҥ9x{b>YuLNVH12{/-|١Uxc%騻׉lòIK>R˕s9=J=}ABwɌret%8 t;%Qv?IͷۃMm$, ^:͂/ΧV f6xysצg5uhDUKWg{=W3ɥk}I$=A4A@9olr\ȏ}>yp5Et-i@PǶ4M|*x?a?Vz#D? X+aMiYqm}6|[j`&Hn$8j(> CZRM=7ȑ cvªKnNo>>ۼղ3CN55Y=V@-)1}z鲆Z`9c4` R{2tkK2!Q휂ED!u&ۇ͵ F}U%$oyhݴ̿XNj[')S;rְSCg7j`fڞ!R{Gh.E}diPf?Y&HǕUm>X}xx"ᄊHe%|0j1Dv-7d'5by&ZAܪ`nѮ#|0.Laݝ-0?^ OSp}*Wb8aHČ *w xs:0Үu}d>Dr@ȵs.K@s*)W|4sOP!hb'3OʡBwϪN%n\&H44y>]YuRj-r&($vc&{;kP!BU5Ie?ύ);?A 2ȉl qf SY߈x*'\~(Ģń̎\fs)qK_.ݬm_(gTXZ7OzY 4Xou-Gp[:-˨UdGZe=)plTl38QLR9``Vp"S2.ssav r^ mg{f*5D'~VgYV:;/bKHD|"ќ-/^ju9Q} *W A(3.%u|rVDxs_ Qp;:0gk 4[ e[Λ!+z! dd&^R?P0d`/TEY_&)kf)jiwHyNԳḫѶpqaVpgOW~M* $OE(u E;a> wRmeCK\c r;:ي缑3@Dd@;eX^MYQSbao ka`ZvP0NϐIZPU"s3健֛qJ u?WE`a a5̦Fw&|u)Vd\ѳ6^ip\ >%5[{j9|-#lUpJVT@KjUJ_3W6LYΘ)X&#H`=H|6x4paڽw)ދ zռ~o )s:ib6Økג*U~j1*sR~wY扼e cgH騝Uֱu602I /@rH(2Y57u3pA]^s,2> RO9B=۱$]0eNV>l.W{0kup"z`r1GwE䝀aD]&F@(.IDh` %;Wh 3#P+Zl"~-E;w .`oS¿ce 8ŠnhG~>hT5z=?+xt| ]S2/Fq0-wXdA<\QƩ"I1aۢ͟ t |`XL\S!xE݉T QĐÕ`{ETp`<;sX.s;8MjNXSFj3փ|\CBөKEs\9 4GK24o1'N7%#t}m2Nv tVCNw2v(bͱ FP,/L#D!4 OxT}\PP q /? %Y^&}5HWar^7ҔJokNHE٩E֝I%JZnȹO!4$Bo^pLRq0:"L ƭ0 >HIzj } *E,.<zx?ax/ϳ|^K,"`vj0J4d,6q Tn>$2_毇QZ]/̤c=XT㞮s`ǃՋ +N ; ::',>Z,*[8-!3;gρT=zws@09NJСt0VGމ]2\c-)bv`ca| s}; ݈p5驛b4D͓eLsUEy&B\O] ek1 I8oGL]YMa5$U4V: #*܅x/=ͧq9N#BL#Lg?Vnu=MO W%[vEmԔzI4p}zp(F k4 fAɕ1͑`C3~ҏeVYhuL0^/uBg,(Fc{T qoW[r׌pzA j!훬J5m%ɕ ,]4\|&hB*ԅSBuB<RD6|KPr<06Z?S쇰tr1_q ť-4$~J&0D.)Ƃv^6U7%-)^H?Lz."%ٴa+e2 j,~\mս3%rrHѧ7D Ypz9avS$$_.O1s5L \#s0P+vwl a`LAScǶ{O2T_]T,S+0,2J_#rZ| _w rPc{S _A"btu L|qABFՔo H*'QV}\L%3d$$ҟFꔓD@5n/ SE,ea5_{GlH8$0JJNT,E(ƻK(x ozi-px;2\ubil?7J )PPq- ZbB= kQ;CmKx߆ Ɉ~'#W{a`1a@ 4Vqۃ)a#^+K7ы9 (Qt7{)Mp&ڶ0/ /$waz -ۄDZy'́OO@h aOZC2HMsE譒L`9{gOȰ>quiJ 7Bd}4)Xf`SKn)zO-x'v`e$g41C"xh/Iouc0h LG0S Yw8D.aA7-b@6%pĨq ˁQKGJoSs,HY/cʲxƕ=v6G iۇE2 o6H.HIY$F(u)q^%!PcB YzbY:[KUUtҺbU\3$>AY,&#Q0/Ǥ * ^Iqjo~DpׯU¡tk6wyD`ɛafI47Մ՛+k$wFYEn,\%LYʹH70M3CSHjĖTluG']mnEu.&{Egm h@ǿ:G1:zY'x˂^wxZ?|Mw)NoFAEQ+ ϕgb尩XdymBklx&aHHiv0]=_F^sO܁~ALR[KO^@Twc!2P}\ٌJ#("鉧p C{@#FV@o,6`d@+b(SzقWT̗Hp-:AʣǞ2CaZ+2`uzۼoO#4QWr.:ccn[Cm2{^o͓3p׬CJe#qG('u.g}e6Co//5.MhD_̃]:_q$Pec!!=Ed'/2TeWoVڨ:s{A:uΟ_y-B呄!-V@7 '6d,RF36fFfh-l[VI'Y:izVԥ4w(Qz<[c:+^cN'JpL+ BR8r yڽpz.٬+XXQCچ}7TAX ;/4s݌kqMs܆L{ Nȋ͸52.]t-D]]Aq׼hnPeelh* Yc_=HؔXlzf2좞w  LNL b3ʫ?Ɔ٘KH^  -:6BD\Xk^CUdو}T~]0od4ʻZDȎF|W40F =-#UޢP\u_~7> bh99w1!~Of)i?9 7MC ^8 5&"F\1VtLڨ<ATT_p_Fl/ ##:=ecBby| Q y 1"'|'*81ҞʜAkLfFHkd~O(A/'r^H!FV>זޑ\~⟞ЛJ"듼ݶ CF)PcS"?86xs>[NVBԃW!pw~ AOD3>^Xoȳ;lo2 dٰe:@iO\BA g5O"Ŋ:(a|I n2л"]QĿJ-Dv.\q:ۜ *4^XZݼԴ]})[W A}%a-ć!Uҡx>(,~aplIA C3cT\6ä%p)CLU~%7NFzԋs&U\0t~*0HF2e tƪ-Y/MbG[-n Gg,|~DaR6 f)A8RpN,h3:yֈFbd]b!ӢG ߚC 2X]9HZ>m'jgUM)Y" ,!C1׊|u՞z1jF^4ct^"Z& UhH E䯰LRy|2VjBbJ-bWn؇mHĔQqk크 d3N܄ ]_K)o'EJ[#IVYo뚄ǎ η7<va׬f߻7Q>/;sbUmP $|qpd^#zdj 8`K2Qr;L42֓a@}h1WYu%rto3\][d;@Y<]JԼkb␍`peb䌂<YIqFSœ58k28[^V};Q"*"b@q:~㿒l04wjFO~"Ѻ)Rh DkeTmSNEOf*R?mGTc뚰Nd9uaߓ/@ .f3:!,T*dd [ guBƥW)vig454-rKjO?`[n7V:({E? J{5+g~H`~&N$t:%ǞyT~:z$~%Zپߤ~#76Qg)Yg1L e]fZx/qu&/> q»UB3g аB$03:auy-思2@6 3,ՂoN%q#"&هchm?=NIon RP 8Or*U0KxuC<ͦXbpW"=b{Ҵ |0w 1ŗRH.v~r𪲜V;C _߷Ho3-PqSHKg% Zim/wp=s^sŚՏmJI[. /.3̒?HD$&"*,P>+e8u-=L'uV<+oJ09=6>/Q=V tGn'|{\r+E*öbxywOT8YcWD|XItqKw0̖橎i|<ۇy$)4k ;1?DZkxbw z?؏/>61sC2¦#jR%8XiZmGrCk6Ӭ`ԲJ5B9i֜ m;I* bjIƜP,n1~J\W {_VI!w'6\"EIa[jǡ!s9(CSu3;O=`ި3Z+06=Vpv0LmEj"-MfN> "jד:rh@yX0#RA=t;v0][TSe&^3#6we}|b?e!LG[~;FӋ{j_MQ -&? ɷm?ʞK:ϛ NAKqZOyl5DyrՋm+L.kA0Π-erEkRz:o.$ui LL(n˖\B ^="ZdyRgR(hvjTg!B>a(w_kL#?X OIAnHXQkD&8b_4him 䆕lu;KIY膼C S6{ϳTtiPAN]KQH͢:ފ'q3ǝN7G6Ɏv+adzPݠKv-?-YLfiD&Od)@!Y8:j vT3ZdV4I{GIDɪcTbs_eunuWy X&m:8Iԁv 7-eqlqr.#),{Ew6d WxXʠRp>B\ dX7"0#\@D$}ђ!ܙjȃ4xo_]QGmVA{J;rWsq8+Lp_­5{I|"VTasD.HDL=_%stL y0U7ҬApG^xdOB}\,GC:C+9QN B7|V)&I$ ѷt%d2Aryme?pF {v]IxwVܮtMQ@vjO{Ա({<<} ΀xc/7hehpcC= +-UӤhPCR1PNH;8g)Tv~ǣڳ: ~F㢰izۧMr'lPVy#$v!iM_Q]GDX9U mIve RXݙ4?iS :>?ABqL\tK2m,n]uM`k͑rQF^Y\%`Ipw1ko -*xf: w`6>1-%wD=k* mo[ r,c-;لᗁΑYq҉K<@׊|K\xAR\PWO Meևe!Cfϗ@s7w9ȻfbMci 9})﯉՘5S9b=#a'rD!.^'vK>K)V V WhS: c^08ypץNLx8E>Wb;r|8]t%X2t~VVС+YL0`;. m()Y<+["yI4Zv(c٫2Lp_2a+Uˀd\L{,:J+iݞc>u&'9)j[E7=1?۽}7/k*vF-yzm<[zA[!_ +ivUCRM/c &c4O9ȿQl=Cr-LrۿPIٹU"ȉ!i p'CE%&3N@]h }Ra1zYjA9)TkPbaOfڦ}h5 `=%ctΧϏiSԌSyN" l- ;dlucu;[!>N +rfhFAmg {|I=.$,;=n\?#?C2>;c 3G2&CvW>gYÉWZQ@XN*GMNk˘#S 6Ч2KY[W>Bw=*70{ڲolA";p4:ZM)tϏ l=r3ٟwq&ж*<|ȴQN|l=dn}S#o0iW3݂/09} _2Z-@ 9[bp/}ݞOfT Cq'ŀ*yđ@Y2`:kC2{ӭl'@z>"mcO?*4ym;ȲpWS0d1*gu o[=hBjO>fݗ>sW6&ɜ!I4]>-w9aԦ^(_,NC-ڞgJ][rA+f3Tq.m $ʘʼn}zimb^9 -Ṛ~Fr+.BKuMh;6lin^V4dJB`H};&mvV\]NSUH[p{4/a6]rS +(\TgC&*.+lM3Kޢ˖}b$u1V %aZjCS90vdJlS= _(J\K"5((D9fʣ~1h4o". !;ѓ:cx=V-eq̘ B{zG,ZK=x( > KXqd?޶B jb)UcN/+(0 mEHUN\ٻ szXfnGa0"ɹ6YCyxV'YZ-5G4/Wl䉕}M{ x:]l-W{8ޡ {jQطQSKUa3X X+;CL8fSڡQ) s.A!FL*|{:1D(uf_ "Tsh=| Kb7#/:Yp<+H>_߻]ư: ݩ#yB^% b7$ q9C-".iyclQ2BE~@7gM~K8[9Ì%&eV޼6rL@8x]"l>/y3̠uZr߹fN,b}nKH m$N'ښv3a}`YoW:HC4\4Ltq3oDPrl]5OI#TT.6D<}H#/F)fSUs_sTd~c2viF@+A$GSe^Z5p$*6v&T"2pC L %I/"p[2M.< `:Mn"$jةy_HtH[ ЪZm:XD`ӡbb6:#&[ԉ[*)|jG.eީ3\JAZ!rj²4K puSݔFT{Ւ ;vivd'T>Р;|EY Bz}m W1螨!{B hXޤNq+i'tw؟ WEB{Rl2y8>buOE鬺I9ߋ3%S_r@<}=.A^?-ٙE?<mkZJcBMe;SD풆{f}۔ I$ADE#P_YrrOZ& MXE9A?86M( Q4O4%K[Qƴ#">6lnk0@[nOD(>S~3U50*T+P7u3e+Z<<IOd ma .BTiJy9Pq y]8h>vBy(GPi !xTY=X4J*OH=cTA*@bcx/9w IRY;4gwjY IXm)?zn !eU0IxuGg٩+vG1xELD| U\L=Q [&ŕ%6Ke(4zs6 })aP%j ƠHrgvf4t%5#]v,>6~fx>zޱ㦆ep+3q*.ΟIWOyG_7g 7%娦Xĉ[8n`+$m+ګ+]z 7Z]w\Q |45&k}č+Z ϷmNj%31bb oQ L˽Y5j>=:!*Ϯ) >u;8)?^ &WB$^yP~cE .-ZK T/10$>)R=N>*qa)?/X@{;-WG"ONjCs#TnHL`6ԩ1㰜ﯼ‹U&oSBz} ٩a cGߨ,aaCնFyoos ܲ:1Ӝ32jvRQFKư4| ]˚B #X~b7>I Wr6.ghY|T:l9M&(zvTr$Um ?־ubZՄ)O|uF*lyCKrضY."Gz#k^C!8rz~ILiChۗ,֦ٔ )]%blҺXJo`!! q4 QR$q gyơ3m@8D)Y| xŠ\њ,=+#1i]װrF3Ҋa+JJ8'RO〮0WWzlGwaI-*z@S(QBg~a$՛i_ H(b_Tʤyp),x(Dyi7g,@wcI\D +1kCi 6#<wNl31r4b 8tȔ\dž|!lW|<.fAL|?e?F* yB%[%H'9Nm5|D`;{Sc(DK&$ι%&3[DEe#f>X j@᮪KU Cشe?c$cܡ0,+nΏsKTc>hȐ$CD=;䯚 }Sdt:bANwعj- zi?ee~v@ 7jCx=}Gގaj{ AuM:up8qEXc=n|>[ޟՕ)WUBJt[F>Z;=ÚTa}C {kIY3xɝ0C sH$z:op6S!=gSWmGυ:\hbpWY(׭ozyJ Z+qO ͉hYC$ئHg Wu4e>X[bê(sF?3FRk, 2&}UC΍/e'271I")D:mmJ*^ʲ%oxF̑%Qu]zEKWź@4)RzfSdw''m#;wy@Ī(pxsv߈/lيݟHۣܳ20F:c"_g4*>o 44꾄v3WL oD}Mu|wÁ. ;xפ5ﭲ{`ZCkp7$6zI7o8G+ea_<,fQyAyH93? P(.b *qH)F?sg꒙5 1<ؑ]7^y'58VPx Ң:GJ@u,?)L^P~@S]X{⛑/DأSBi/2xh:>/+uA!@Kсz)r' ~>fP4YO$ƊAAH)e@y[x D$6Y;_;綴T@b o"sUxn@ux ĔyE0$ݙQd 㴃 lMi/0S"2/,Aj-+6oB&?3(*ZPW׳hy[rNWr]}$ت-1=M97x8$>Tӧe(q:47= H >̖LyP ?sV P0t\en'[M,*&H"3tcѩ+=6_fi+r}_(THJV:%/-ru%-f(VNM_WfPͬJr YY YJ}ݳ9C=S2xm ]ׁL{붦EF1e}P[UotHm<=hepIH`@= q͊EQ(ڪ7VQSS {ExŒ)0P$x@xOһ6љYH]y(wVڼaYO=^JV>)@M$M"RQh] QVbbԓ!BE7m4;*8\ŏdjm飶X ?AslNڞW7m/PoI*`BYM39vē&d3N26F]# ,j[wG (䳰}^=BRtkevuj` |~ tY#9KQLY^~qir nX8Rt';Y-) **Z~~ 7Aǖէf)8݈ZYI)qzG,&N]BRcҺ zy3jbV:_fx&|1}N}< J_ k?wϬh `A Ԭ=NV'oϠ9эUd)K2YFhx.XIMn4 ޥ~m9Oqds]1 ''WK@+~jBݿ"ƫֈaW^~JU plJOsgY:%صOq>Yu 숀%-}4Ĝ`y a S"ՊgsI*!K4x ۯÿAs#,kcuF3|ΓCI-GI hN_*g7:jlU4nЕZӴߢ+ϯ 8v`6# Ppq%#Y罾Yb$.@ k_h($] Tk>%REhQ'I]R N~RDr5: O$]\/o[&w.g)N@ޔ婢1HNd`nf6d^qO/1z/ )Y @Jg5dzPa 0wZ )`f4;s1Uy89X:>⇿" , y_(u^Hlq\ї]``;rœwwrX\imk:Sn2l}{ SEk wKhOJ ʉx%F(߅?Bse,MhBJTH mښUΧtUC j j?W-ɵD?=xMMg<#@^ǘ},?Z.JDJź6Li[^JK5%C`B/|ȡ&iII/G4Y33cdDN kK]5xaHj`* sڴN:4@bykU_ކV&}wVM;zH?-T3B"f7i@A1V9r;e>Jٻx>I=uXJAJmugW!j2 4nIJ(qw"Rr9OX%횄e-oCFW=%ox.D)# _J11<o58wLVXl3tSO~vT?cD&1uW77PT-aD |"0Õ ʾϷ'Nz\x vkMzR A-ޛHHk#?[˾9tV^zItl5cQ~tFyGH6QF|z|L%Gj_Ae~2/CE#-A1"G+mn{eZYAaeK&ΣNn:@c bO7{"Zbs_Jaʂ"caJS6J[bCA8عJu%& űl:2׈tm.Sr^QmXN ;1kDOQ!z-D{kjh҉̻Ĩ΄QwCG1ƌ!TެN ]](Dbxo+IXb`5<`J!VD)'R#;,dO8dn 7MҩS@O7os>BM姚\_ԏw7ZN,ZSh«zWs_FKUԦ zbf^lY0·a+DzS)yCbwX:aqMFWVBoMCg0hH Qr'5:tFjl)Ѷ#~𵭕8!~n 1 Mxy g8꩏piSٸ7VƧʊ$ԅ@UKMosS'Xsq-ko IĒh5hS˗ hV aaQV'9Փ)m´}7ص]QA֋rB `*,;迋(Ϳ/(v533n (9y2i u#ҟDXJ,ozQ*W˲9%#!?Wp!ݱ~g&thߔ[gohbQs'(gcNF~ˈOv^Awq\e Im*loTXb^+pY^Ư9s;vغ-:qhMMv/۞ NP?JXCu~-vV.  \?i%d+ bɝ u$Ts'diCW(G"|ut]5_{Ho㢀e |XqАcOvXb,)72Lvgrc@rz2ZF{K}@aOŽՋZ-Z rQ~pp@=t9& BEϟt D o_|&yP&]&Pbh=~3|\+|EeJtо\*:ը╥r&Rq k:784 x l\bL:+sGQsU-*CQF y/,kȯ܃ st-NTKщO-!ԣE,-ΠY+{@,XYbH]q`=2X.F3B75{Z nRJLF+)vp>qd30xLsg',вfVlr/זn0?GN "[f;:~ QXIuk~a3|h`Ƞt-3m㹯Sӆ_lbwc 3zNyJ:\d@DaMO' ep]gM)[yys]ZƋC*Nrv(AˇFS2V}`eW#)^%҉籑U>XZ̓u;qD]?ZO$^g=:1rI* MQn-q\od3fiܹ [bl44=O`f+/j%_ #نn?"pS95|n;,G G*bI\:\{m ڜ؈Tђװ4d#wi;n&% VLK.[ a]f}wkDDJjMO$q-Dk#Puaδ [PN1PH#uyppgE0 `vR֪?.#ՅtK$S{]E/AwzJC^Vѯiu}g | a17^2"`+G|WI=/"u #o!γJ ?~{e^-1xR}>_5>{._ Һ2_wg{ԗW twr )IU H^iB>GZZ˯HvS/N.ފ0 \O[4_d#FXRan<;1Q)ipHT` I TUİJ)˳ $+. SSE6$~f4/( pE0瘧z{>sҭ+{ݶ.<%b99q"84z72". Xu]#3[vȆ ЫQl4Xl!:HP"u7ׅbREzs?ohщ[!KF@!t,06n3P_}`pz}%_rCp(t(#I/Θ=lNALFet'w*neҖa1WRo.>赛!eN˞K9]M'KG@ˋ ~KF'8rsL5=]Q5^m#5=v膷iqUt;;;dTh Rkqhu[`B#D^=J߂nh,av1Xr% ftH;};χF>T^oGaEUinٴw+M*i^GxkA2ZZ/`?"N L"5㬄Cc!<U("V_{K]c&hjA1.V]@fDh@S G=- 9SnW#T\ЙHTIlk0v;='jM$H_X@k󛤭9rHCOTmf>[{ ܮ) .2>TNk;ǰ0) L7ܾwm|#\Gw{Ȉ4h_sCZZ7FmoŸds\*IiZ=DlR.I] Iu/LN0xS傲BTsnwa=VI@4&(WVgBK NĥZsٽRg "$}5koިJf˶6!fy?:j<+,XUM=v&Sm \'; нh_܀+&LuEż4K Ck=NZ/+rk?؇/=Qx5Db~)/')~JbSr< nx ӫ K!@o[Oqu1@Ev1 Q/xWeD&14#[fMZZiV7'jB/ӈZ#.oVZЭB9n@7HD[yFTE!~CN@hۏt#|~ŪOҞ|^7 \hǙ } H{<\OuFrJۂպMCGE/gQi*rZ6-SbKnj/G cpͧI9>.fps&b p;,fF&(mD-F«(g23nbr`9_ld T&"=tb/k4hL@bH9}f&N5=k82C^ ['=bwPEwX~2[/nvnw2vXk o{׷rk MG^$Ū%bHËr8dhvpR# &{Z HN)`x+1e_J qvpi8DF|XSK]x~tj,ܞ4#n.rpm"*L&H# \>@7@o pFsfƄat@I'ȠzNrQoUVlސCyf =8zp+sG G|.vHbύS| n78HDujI@~`.r%3d Ӕ_j3)kGVs$S8rcǓ! 3,K/) i%X^0sb|Y;/T@ޛ|Q$35J\(S ŕormIx)<0F6qMa%[) 3^(U('Q6Qu9Ra_FWܪoHqy>Qw8`ĦVeQ^LKhYŹ>?dgtisd C,d[,߰ H9r[STLz=5a-+R൶WfMjD^!J4_&?[VC{\C,Ksֵ>/}g 0_mK2Z̸_~:z=@7gCD.ӜӯV7D۴'xOP9BP~34.#-!쁹D[y xpNMkVqGnb_Ueu9d+-tUf˞)2L~T-=S.=ىO俪Z#J}0("870[ 7câ*r4\x7QQ.JClˊ;w :ޤ:͕ZjDA(sy֓WX" adK/u(t 3 XGg,,ҷ3aA}޽ jBHemXMȪ B,`b)^B$,XؼVn~пD itS;Xќ5u~|hnqI4'^=$$g5[O\ۨj͒Y9C طܞL anNkDDY:>2b=y¾XS I=y jVN[B\> |P"R37w@?{ꛥC %e(eF ;B;Hx*WȆE./|ZC;irx޽5,lIkK+.}x:$僿Ň_2,+c=k>^kr qu /'Uq>)]zg5D{uyDYt׻dI vG!pea;bBrJZ 7fV  scB\ W.5g@!BQ[6%Np-XDLAMAj?-=8UMٍ{A -uDrZMNܿ)9vGWy<˦ӭz#JoFLm0͍[]:Mh8ŦuIYOI#Z_OߘG:]BȲ0Z!]mVxԗE3ebHjDy;&T@צ5_੩iQ֗l)" WѼg< Q6&]A#CףT[R~!J~KB?1;:dr+?zV:UaeOv.R *&Pr3mްB62z4εcw/z ea$ґsk  &#`+l@^.-_pa# ͌:wq8o^mo޳SΜPŢtGW9*XZ[$T v>,ɹT(ɇ_y4U!ץ7oib1 ktz$ md>LŊ0Pi}g4AYQ+1b_-IWE~=ʯ<7n(]Mu뚸XSR7JQ.|mbmaČ-F$JdNI5SMш"4X2z]q UPh8)A˃PHaE(c'Ƶ2:_DK nuWO6Y~n:*ohq؉JTݒSx(GjM݁- i~ciD'4Uɟ]væ:6\Cg̒xZ{ W4'@ hu+;+H'HcPϩ>[N,s4Pm@fDh 'Us/q@TyZJ/(4 O>Y_῕5"}yIO.]wR%&ÏȰT (`xZ! ^0sEҺ5[&SLO(IŢUж-dٓY;CC_]0&欜hL[GL3P+>fRDCu6緳:(bek TTK_۷vB&fIa9J{4IQCR/y6=B@(ZΦz!gB (+ ?b㼉.l4R9a$hi,2H Bεoʰ㬠"VD`jAXڣ&=nWA#ք !V-&T`w~LH1sKwuTlJ)tk0t 6% ۷xyi&4ו1Df6üLkݺ'!)i#;A9aӇN%}NJR~ Xƪ{6Q=/I`ΝG89c]6)i*=lgJjz~­C?:/2yUPs,^l=-WpHOUdDtfeTA c!㳣xM O0';#!O\+ GLna; O\,NU #BG/ ĬNA@BC{܍H,Ѥ\wN^teEHښ2s-=ƜsN_kD,G"@?s./w;88{.]m}pTfyAGc\hsZN1@? 찎*4ӬR>\-G7)MUV-k k6ҝjnZx#xnu$ôEKa7Ykjv|C:e?4g4qP{Tpx.Usl4:ū[a"cSكS *2{^KkaAIג doƛ̄"*n{R mJO |h|8I9oJSєNE -4HaIF*cX "*B׳nמ8 mٯxWK^Yq~ex8:ruy_,HjjIzw|wg6Wr @8Bc;uA%?ӊw^u2R]hIwkt(ƹ ;;`ʅaS˝L`XJ.>3,g${ 조Ns^p{9iɢ0JsU<柙Հ #wdG] \{XN2բėY;jҫ̌Texqzz7Z'ț¥Uɯg^[2%YBC- ̥q#& "Ot E?\=qM]!zlSN4#zot gCc!NPfL4:tIy~HxM Ԃu'Ie1a_$maDZVޟPl+ %}Q=҆u/^v8FDW uQͻoQmC.ɿ9pe i.ĔKðɒ[ۄE+iܖzЭ5gKc =A D8#|lKPo9rCd \M>bTLժE[2>YΘ2P婲xn?~&/]u6+G3tSxtc[MMHSі3:l=(Qliu&>6*e&WHQpq"EV1hӔHo$s8͓E/* .W^<Q|j K*V+0A}F=٪ҫZNoS?T9*퓘HFẓ@ z<'Df!Zz0cX'4'*adbm˴fkU/ܴ<)"`I?}Ufqg;啰bYK}*eM2akeį+L,Zj>kvbP d_M`| x1g *՜Bv^b(Yr2M/Z6'okp!$Jxoɂa3rDNjs?5)~k hNFJ+tQΛގ=h) _Zٲ/C \pt([D{rϡkphT&lb;ڗܰ"wyim-QȪ_-hee͜O ;9t>6W GfJ.p25$k] HtZn19Z_lWYkH=l=`W[o̘=v6-WW5 .wD(Ro;3ϣSx|,T5MR,歘{Y IRzZIAܤ1|X$,LL$e3_@/>dZz ~q'7l"ENZ2 =BpJPXjς?j:{6⽬0+λFeGWVfD燠ǀC._(r iڙck`G[?C10p+Lɩ<`obtbU2=].2Wԕ"bh̪ ?TMqPJpe( JnpL_N_=);PHGhNx0jf6t%xڞ!Cg˝5*eF@'/f0|8=*Hf}C*U|ol ?+Q-ݟ:' "s+ ;x W M7t q|T_4 q Llr wJӕܗ-=5`u3 AEw7Nߩ\F0g#i#83BF=FDШ5IXM^ &@v%MZ*' ͸_KOQP^E zWnFπnсy{cz㙇1G !zI7Dc*:ӀoeA nIYod<~<vA*x?ﳺr/A6 @qtt\{JƗX a.MkcK';Clƃד_iY`%bڮ LL]IR,[;PufC͢ATމoKp} b![1 NsZF CYw :GRp:F77n6ᚓR 'i/H)c $xb89#:h74bA:83UF^p!rwMNg@( (~͑H4%d# A!ny5 `i% t`kJNI? 5 W,]{3cd$a$jE Jx=( hd>^^4ͯp>'-m+drH/VVĊ'#*&ĉ혋G+;t3^V/yC{lςO.D|钎:6[*eTxtEê (̤Ͼ t*}H'6~=g%k8uB zmInh.8 y /B3d4MX̻/<;fVV1҄qh]9V*yt4.BOٞ,1!-qvgڛNEl&}@4K2lY4rUTvBwj_XZ-l`W>% >8p&"/\%?yʟxf 8\'su?͈_sYkxfOO'dssCչRBݟ^Z/{dXj|cqM1G*4ֳw7#0>F LD-/kAx;녔WWzNԱwZ|Fw\;ʜwS >LA{JVOtHʩxB/iyl W)K1 p|ET 1!(n-lY(uH~!цJҸwmS,8U!,GM5 蠽m4ͩmɆMyn52(Q'0q>XPVWӷM)_KV|F?̵_㬊AQd }oIc0CB5 /$tj@m9 +K-UPv]n_ZYEEs&GZ Qi۬6jkac5%Vf Xo{!䙙 WGc"~,oA86 Q*7k1#bՙ +li. Uȧ;pѳ;{z:j0j=v ]Y~4#zw^<''NyFq]@e=Aېoj<_1, ?Q %5y}*N.e{(~ѤPUit<FT;1aс6`OL֙4 Zew&Fz@#` ޏҫߩ_ٻYL}FsY)? q? 3`^mВx&䏐q|%W&aKt u:N 2@x&7ɄaBOʷ BKD~(%&6v)>Ґa[译[kƜ1 f%>=]цq,G5 nDʵpƝZ:;gZc(}(j$0y j0,?\&_Vvs9½s+yJŔ}󮃊W;6\'AC9>We 0G;+1>c)0a u%f&'iWp-}&o1bb]"2#uЬ\lp{,lL?*ˎڦYb_ӝ@%6[<5Hy;Glќu(]dVԞ-T7a2_P+\+ؑl6Z \?HEs8TJ]I?Q`]83>b|K^;U0A*mg^w+F]`rj6CGI` l}̫G4@xUdUK0uQza+"-O4CV8Oy8r@xIBLMTc1Eϙ*9D$sL- }~A 8ܶX[p%;qJHڑqj@?GuxWBY{T4IX5dC@h5x>/S4ro#M. IiV76%ʗ Vv ~;)fZ-PfUkc[' %UF.e?д{PPl~SP>1ʡb @OISb3{y7=VW_JO͵n+d`i̇v?]Tۜa\FQ+_It ũ]"娎=p1::Έɾ mP20m,h8-}5.3|fg|s1[;<V$2Mœ*U (+!j]#<3et $uW8 ^ͭ2ok^:L`Hq6?݂)܇zӃ)y{L,ܒ0l1΅@XMGoJGjwK\aZv$ߋD;يE{ et"lVS.X;R.*͵e;6v쒖-?g]I*ܦGS.8$nH-x?#H gi-t-O,۩w`5b1B;֋&*_badGtLB([D~Xف3 cDίO|W6My]/Q\;^̖Y?bWfVBdԿ}d"*k0`{G#\1uԆ"VI&)62r6aDRけXϏQP`2#AٍDv *hjdfȡ\Eha|B#Ⳮڰ_uEF?Æ㋲4 b?v5@^H'e$F)Ś&;ra`bGʫWKEG$mv鉨;->P"ss4)oNT_~Kʖ9Xj;l|婂ƑbK:DԼrw}8~-)`]ڛAd\ xNu$jqν:;.' =Db/Rp si 3u(Ԙ9P^&# fUbl-Vw"8&˴ ϿxxT\Jd It{rGt L⺜M2$#>W)zR+O(Go~jevc q'VgmbiOr|}aqҼ@oG3KeGz3۫]*|=V0hmGbm!t8!=-J/$12 s"u b~eB= 1`Jr%?v>.$D/X,յ f^?DXnp!?c\YΪ]y-k| ZH7Y H@8 [3Z~3TM!.(l {Fm".1Z7:C51K? aern貅zܻ|4 ~a1Jځ? GY2{:svhĜrtr +J'V~°F-^6vHӂbVP&rA>ϯ \猺hq;]^ciLIz^BM ":ǿaLf,ҶKPsb-NyeZnS%U @pf83+</s$E݁K<# փ*wt%|{pPtNwR5C nN}BV8??|ayN AIҹOznD6*P;U>Z9}G"c-WPL'kr[˓p*F9zph#Kr[X\^N] Q sK'mJ1) 佮 "6RO2' 1֤^o]z{9XkasUfg{b><ʀ:/^'[;\ڧ&2I6ͨ45n`,F8 Gp/~]:SAMh$]=yݦˎL((?J\7%?T=gZZ_ܸ/?Wbd#㕢3-:Y|0hA*xqfk6 Jj s͚4QSB87/ Sa7[Kt QBjjb@ !<+b3uL;ĄLYYItc6Ϋm& TJ {=E]:khSxU|͓>ͅ5`v+#ÎIB'm@O7;#GhTO#mOz"Q+mřx]R< h\Bˈ׳n_qLҼwzUd;5k/c _ߛ<ڄTC\M30P5:( ٻZE+Wp}/m>77֧ dm ~663#FzU1w99=o$6[y֪t]&g 8dՂydR6CL_ȍ(#ѓm%D`QkC;:⑁ )v ?DѡM+sUz=~Ss";9fdJq^BQЬQ(O1R;);ֶDBCQtk$呞c&vS.hhԏA =i,nP2S׎PˮGvPxHaknk5I,]Ȍ ;{Z9k)-fArԷ?kЁl+Sޓ|ļ":_a:])\`сߟ_%gy*1_=T91䧮^D!Y?S)[_P Vä+ЪUW.oHV{I^IȝxUs@ -[vmg!FL%*gnq-(gAua(sraڬqӸd):CFv2hQ+A?cfnPU$HAiфBB~@1YgÏ޾Ltb#KU dir{zĠ)32^~kb9tۨ̂P@3 #2Yz}bt7^&E +h|:D?ּahڡ~9Do*ȚdahOOI9|xiTqpc bf ey[[WY-C<<.I/׽q .ʯ{,z(bo>8OUǯ,rʔ0VsoLsN(" rɃ{5o_ +6:B%nċC}\װV_O3ЗL1!KLs2ЃW JFۺ(sB@ n\{z0!um5G 4 Àpو5J={NTlaIW-܁VIAG&;s]\\}Lbsm̶QŰj?.\ļ#AUXBQSd6}Q-z@T [ZBR@+g1Ԑkj>#.O%0ӟMJ>hpg=3zmAYd] !@ef37>X~_ &珁L:jJvO?Cβ&OQ pMKl: ,ދbKge,EE`9t`>V޺8xT #*Q gCl0XUFÛ[#SUucvD5["}r*KT],$36>.[c ,(h=(1CZcÜx|qԅ(WCz,hm- 딉3W;Uj$ iұ>fLJqH1 -bHʌ}uM@G=GujG6ٙzKƖmzA.VhieԨv‘oڔ, WR7eo`biUH yQvADM֟1w: #ҙ/3P,ϟ_j ]J~~0ȃ-W(fq޻L?m8eb7ڹ U?hEO4>]qFlB,;qحO\#[ vf9&6dp9ډ5`f_U[>F%Gp ݀1*F"qK {o ^pd~~yˍ(K5&EF&bs D ٮN(U٘ʓw,K 㑇J\"7 ]Ƽc%'BȇJ֦ԿcM SJ7=|粑ʅC}Xxk^/GxZw~D'Z+QBq~Va!B996\"b㱲ԫkt6S 3&7~fKk0 UX\w_euT$_Y+B+|ee2CPXd3vR;r?\D^v]p$9c.]G޾ֈprxL̗ ٛ8kc>׏1ސJ{I"V]h%\'Yܫ+L6ZL0&/"{u.*,z=ȯ!ķǝO*w#潠q譑~lSlTOWACm҉S]>uT~n̅`6-)LhT`75Em8FvbDc([R@z-ezT'cu!L*Qh//~ih,\z$hM.l032%sMçQR83'(ﺫ|Xͥhb~v1r{Sͬs H 9̆^qEemt{dwh1 1o1,wH Sdu&C͸Cb0(ҲMPpI 9#zy'D3lcy@ɉPiU L- dGBDþo50 E7ͦj(ОY$9h ?1BKީ9͍휾o;K,{:hdA4{H"PŇqr(^[<+ ]"ĎP'3QnvUT@j,T$ʎT@cz2/VTjg5b0"zEmg)Vqƚ(L&#ֿў1J˅ /JwMCI`FtѼKm3]#Wޝ2 \Ä]|Xp\ ov U #2;為s''OP%Wī}΋BFH@F &&A+qݙn@ct %ʷ^s$GUۃQ0Rb޿DPrގ.wDhC_;Ƶl] CkI;SRlIhXaz*uh}?xnNDgAr`)V}Dn!!F ^WU@|h% aچi;2Tm~ -̻gu{6:p`_fsj;W$sEQZ7?QHFAW@'FHƽuTߘNkʞ_v1i!Mx&꺐ForY_]U0 'D04TǙBm!f~j([@iZvS*zXlvf LƊrބ&x q O|,D#$ mz* A,,U zyQ9\YZ0ydUݟ?Z3~>fr#զ{Aˈ-mTs"%Q 9s{VD H[dYL vcLJ'\䤦l06"0BAcz9QK"hD!_N͸تlzVW3;=jmA~E5+xĽB.PmKn'}3bˎYȝ{첑EyJa Mlf@O7"^NX*Mq};)n d[<C 3Tk:rJ໌زA 9PX_pM0 MK,L!D#؛dvA On@\T/of`+1|w< "W4fY6m7(+9tr]XE{ p?0K NEeҡ6p ˲Nsû 6Cɀ×[P8,Xaԥ&u oivX|W᡽Tv"xQ;v>LPtvT :sWۘRtKw:jv<ʲ"߉d{bJ2ҸYRB'8C:U4u?*t¡J! ׏̿nYe`bvgftܳrKW#(`mk7&"g0F.;("̞K`ݧyM"i[Yg._}66bЁr׈axR5Ti?`ѳ5*AE!h&ݘuD.lA?mTR?7.g78M_F-NFdP`Gqp3C pϽY0Ks)ળ4t`_@bdɢ3#0,hD]*;s'>l7)ʈ-!w\>6%+K'<1 #aI(fjnDn'(E:.dl@.A,/_rS#9p,N;7L 5&3WC3`FߠL"+%8gg(V[%0eb!xc/Ξ8:q?w\v/% rpxZ"|Пql/_똇MY=5D9G$ex iD uQK`^r4}ZY7pb.0N{De+X}x(دL?wt _גK/@8 bL3b#r0! jwR rౠQJ JC;Rud/ҋ$ vГ.MVm5ЊOU16u5Mt!{9xMFJ[ e!~tWboEQ(Jekg>]}yV_Cd7u֟”+UK h&1}`hU5{-XE83k MZ%?yyuúQFQ( "ׂNo kH?8Lk?}O(tDmVP R:?1aAUZ1u<Ϋd^Zp$ 1.&FIEj\}Wڟl+Uv7S38 r;yV(1F(F ev6Z}uB\;/V1!601ɚ0N 9daz:ᇹn*_QzHQ@AK<~v-`śRW&%$yQhRqDK`KwǥS[sز|HAa=":;\a={"RfYT&>gW4tڅßFYͯOgwhhIʢ]l**u 3YDϡRaR⋆UE1^O00G7n+G S@jMuUq狶2d ]d1i?MEa 1ɒ-5+`HyU/y,*سȯX4s݊ڰUҧ\E۟M ,FY9)A'PDCV]֬@pk`^ EYiQ68шHmztk84V=~qnwz [=܎\p*Q#lU_/=NU4qMa++Fg[wYm%QM"֫>Q)r,Q -jY(XN{$)/=_-"RfhbuǩWek7 Pvз)7M'0-5n&FE;抵h#+6 z—5 $/#3A U g/1h)κ,󻊑D+ѻ3VV0`̯w 0֜.k(>/+O:>I1 ]_0ZlOm=}PLpD̍C Z`*eS }n}֫Zjҏ"Q,;ycwQCWj"m'|cwfőᣉ ͺ^[or4&}1WٶC]Y=a3WAmHAPZ(6L?P^FDGA[o&Yn7&kO'㡑XJXKW pjX] Z\{H_c`nl]*ŰA]^+ڌx3o/~"LP 5X Pr]d3|e] 0X:MgW:{g IB,2ޢ%*ðUeb <<_Q+.A4-{uJ}9X<"j%h VT:= 6*9P9XS]2mAso oҙ) jm/q,rYt"2s*iXG;5f֟=tC͕Ɲ#d'ӣrp ,Tp+SGy&+N1Cˇb,]Bl~{MR ΫggbJ.Z 280& x| .o͎S%%HzP`I1c|L|Q uJcW69-2vvydQ"Tz7&ܭ&^ V@S)ގEagMXSB=@`wް J8 $&W,&IAwiqn 6]jMt=@BJ5=3a9([_ py4WD]o| m](5Uvt^1:Sk4~(C?[_!-1tc_/r܆Y&@$q1G?tfA= 1'$)f[NAIa$W2L/% (΀ʼnzo@5mv^{q*y^e!x\ F-yKG ~jxi.ːZc9[nzF8L7.=L;#7KZM&;*7#4fV82y\H&MR7$2ϯ)>WMEDM1Fj:HS+ 8s82ڔױ!.BUߧMdqr`ʿ I-)G9^z0Uv%W΢^Cv"@,[ fL`9IKm /iGk͘Lj4'Ip5alppLLړ\q=ԣ=HH{pa*G}A>/3νCb.9gH|unײE0dN0$`vu^uK LA+id:[69WiCPM줐0%o m|n tOГ zK.7Y#X/Hkk+j(@HauBn{/> \Ve>:,y~['^?L #8 uiq֙Y$=}#!cIsM[X`p팋'fae" wEAY>cutMT+G)~ 96T^wё>Npq#܊So*#KymWTjV.6 z6Γ*=lcw'8X[+/%I7h<9G[#h2wԒ/"yQ|R@N }Օ &Δydg2uf wtyϿلNq#q:V#67yLWkn5/PmX*3M؀amh`n vb^#|ܪkN܃KǛw[U A0w2'J[>X땚cJFF9J&=~~>s,k_C-Q&PЯFE8̈́@/WwHvv3r k{5zD/'^FYZb*.Z#whuuz"2f30؞rLs٢ø)8. h@6ת}kz=PEC>7H}_ܛ8ǷZwDP8^ _}Sc{$*?ZBK[jWVi >!E=%mnfCm<JqzOoFhlla0s᭭rOG?Ϭ;#ڊLހa0^e F+^m|[] ;Ǡo D" Q۾f 6\u?iR\#&_4{n]Q{)x1&\1 fWXO; %jJIূlT 6ms56죗m}t}2gcu S@bMt_GYrs[HA6^|X`{#/j@`Z_tW^݅\}zR3Cw@64s4=KByۨwP6U^D,9 |cVgVM6rM{IK<`\Uҡ詯ȍk~W(sTt0R^ t5SyZ:c2'SKikTxՏロfkdZ!nCF:DOn5 Awg iK]"aXQUSy3nl 2hBwčb\c(F,1e0lFȦ?,xW)4K{| #%{0>-.18]I3EdߜBL.rLIf}:߱@v)]rFSSVI-zIvRh![vbVeѤ\s:2b'fA!A1#EB^(EkτM>#Q! >Z2*L̿ŝdVkf; ƪA^ Ga HKnͳvKح',?aVzs}c|X8|ޟY'66f`P (1+>YU7`$"@q#vkj2[Q:ׅtpKhd%V0R7fQ&ý8W4I&X2C\Wgd=f1֏7\OK3+HRθ%d?3W1vʔTcikx Et|towvJj dSh>|і[LJݱsU/nrxE9d4q+՛# Ͻ;G+1'. L@$'tΥ⳵Ce^2S~"yٌz*n䦍9nO> cJ&EYrzJ C0\(!:7#%!kJ_KE'6=伦dʛuN))QhyۇWVB^1*5}%u47 X{WP&Ihx#=Ë\f=>+y8 u.G&]ڎAJӕ~=[FZ;F?> >aI)"ɈN[=u=*2^A ]yS|N=bkW + y?+j9^}Op!_\Q_=?4 ڕ&?2%JmV8寚RQ D:_j5C\a0oƯ%r{SDMפb@dc9# g=;M̶r(bz]dOhPxF yh0kw4a@}2-_ر\07/+B./JÃ׉SiXr]`˙dZ