nss-util-3.67.0-4.el8_4 >  A `AU]UaQMFs'{9}OkκܙKjA*W-Soe, r7XweHёd{v Yc4xI;7 +͗Ő{xj]'/{T!T8jgf*Nb~;RL&T[C+Wn_%A6V!K"n?oi"|#tAfVoeѿdfݯ'1uxu-x PGu<^.[_!7±JPp9S%wZ!Gm[+|-6ٷP 6<7pOnz̲A} 5+~aaCΈW_7<ުT# 1Jv !}傹Jd t O=  G˫=`&}N 񠠽mE!o=_We[8dr0r+5+k]|'cWf4dd1e8f0860af92493acf1886a513f47b7a6368928b453b8c8ce3be7d62ec5be9fbade4323333f6a5cc197cd978bb18bb22dd30f `AU]"_ ?yBlGg|ÞķZ#,{ ɠRِ}TtC5?vC\@(U4{A(" JUv3!q\a*7B0&㶯~>^g~y! lᆤbP>p<?d   F "(0H T ` x  (@^|,l(8 9 :[GH I$X,Yx\]^bdefltuvwxyPTZCnss-util3.67.04.el8_4Network Security Services Utilities LibraryUtilities for Network Security Services and the Softoken module`/Caarch64-02.mbox.centos.org^LCentOSCentOSMPLv2.0CentOS Buildsys Unspecifiedhttp://www.mozilla.org/projects/security/pki/nss/linuxaarch64$FAAA큤`/?`/?`/?``/?`bdffde9c3b97437bec53656a7b313dfb0b4c634fa08c75597c1d7843d909e064a20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4../../../../usr/lib64/libnssutil3.sorootrootrootrootrootrootrootrootrootrootrootrootnss-3.67.0-4.el8_4.src.rpmlibnssutil3.so()(64bit)libnssutil3.so(NSSUTIL_3.12)(64bit)libnssutil3.so(NSSUTIL_3.12.3)(64bit)libnssutil3.so(NSSUTIL_3.12.5)(64bit)libnssutil3.so(NSSUTIL_3.12.7)(64bit)libnssutil3.so(NSSUTIL_3.13)(64bit)libnssutil3.so(NSSUTIL_3.14)(64bit)libnssutil3.so(NSSUTIL_3.15)(64bit)libnssutil3.so(NSSUTIL_3.17.1)(64bit)libnssutil3.so(NSSUTIL_3.21)(64bit)libnssutil3.so(NSSUTIL_3.24)(64bit)libnssutil3.so(NSSUTIL_3.25)(64bit)libnssutil3.so(NSSUTIL_3.31)(64bit)libnssutil3.so(NSSUTIL_3.33)(64bit)libnssutil3.so(NSSUTIL_3.38)(64bit)libnssutil3.so(NSSUTIL_3.39)(64bit)libnssutil3.so(NSSUTIL_3.59)(64bit)nss-utilnss-util(aarch-64)@@@@@@@@@@     @ld-linux-aarch64.so.1()(64bit)ld-linux-aarch64.so.1(GLIBC_2.17)(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libdl.so.2()(64bit)libnspr4.so()(64bit)libplc4.so()(64bit)libplds4.so()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.17)(64bit)nsprrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)4.25.03.0.4-14.6.0-14.0-15.2-14.14.3` @`ٹ`̊`9@`Ȗ@`D`r_@_^@___@__"@_"@_"@_!d_@_ L_ _@^^@@^@^ۅ@^4]N@]]߶]e@]M@]µ]L]]^@\F@\Q\\\\\\@\I\I\U@\ `\l@[[[u[#@[[W[O+[M@[ZZw@Z|;Zo Zo Zg#Z ZZZ@Y+@Y{YY@Yn@YV@Y@YyYm@Yg`YJ_Y1S@XX@XX @XXYX@X@XX~@Xx@XoX>@X*X@WW@Wt@W~Wv[@WrfWoWm WbWQq@WPWJWDB@W4p@W@Wo@W@VV޾V޾V@VяVIVɦV@V@V=@V@V@VO @VHsVEV3[V UYU@UU@U@U>Ua@Ug@U[%UUU @T@Ts@TTء@T@TÉ@TT@T@T?@T:m@T"@S@S<@S@S@S @SSSSpShS(5@S@SRy@RJ@R@RR@RSRR@Rm@Rg@RD!R@RRR|Q@Q*@QQ@QKQ@QQW@Qw@Q]k@QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.67.0-4Bob Relyea - 3.67.0-3Bob Relyea - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1.1Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-17Bob Relyea - 3.53.1-16Bob Relyea - 3.53.1-15Bob Relyea - 3.53.1-14Bob Relyea - 3.53.1-13Bob Relyea - 3.53.1-12Bob Relyea - 3.53.1-11Bob Relyea - 3.53.1-10Daiki Ueno - 3.53.1-9Daiki Ueno - 3.53.1-8Bob Relyea - 3.53.1-7Daiki Ueno - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Daiki Ueno - 3.53.0-1Bob Relyea - 3.44.0-15Bob Relyea - 3.44.0-14Bob Relyea - 3.44.0-13Daiki Ueno - 3.44.0-12Bob Relyea - 3.44.0-11Daiki Ueno - 3.44.0-10Bob Relyea - 3.44.0-9Bob Relyea - 3.44.0-8Daiki Ueno - 3.44.0-7Daiki Ueno - 3.44.0-6Daiki Ueno - 3.44.0-5Bob Relyea - 3.44.0-4.1Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Bob Relyea - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.41.0-5Bob Relyea - 3.41.0-4Daiki Ueno - 3.41.0-3Daiki Ueno - 3.41.0-2Daiki Ueno - 3.41.0-1Daiki Ueno - 3.39.0-1.5Bob Relyea - 3.39.0-1.4Daiki Ueno - 3.39.0-1.3Daiki Ueno - 3.39.0-1.2Daiki Ueno - 3.39.0-1.1Daiki Ueno - 3.39.0-1.0Daiki Ueno - 3.38.0-1.2Daiki Ueno - 3.38.0-1.1Daiki Ueno - 3.38.0-1.0Kai Engert - 3.36.1-1.2Daiki Ueno - 3.36.1-1.1Daiki Ueno - 3.36.1-1.0Daiki Ueno - 3.36.0-1.0Fedora Release Engineering - 3.35.0-5Kai Engert - 3.35.0-4Kai Engert - 3.35.0-3Daiki Ueno - 3.35.0-2Daiki Ueno - 3.34.0-2Daiki Ueno - 3.33.0-6Kai Engert - 3.33.0-5Kai Engert - 3.33.0-4Kai Engert - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.32.1-2Daiki Ueno - 3.32.0-4Kai Engert - 3.32.0-3Daiki Ueno - 3.32.0-2Fedora Release Engineering - 3.31.0-6Fedora Release Engineering - 3.31.0-5Daiki Ueno - 3.31.0-4Daiki Ueno - 3.31.0-3Daiki Ueno - 3.31.0-2Daiki Ueno - 3.30.2-3Daiki Ueno - 3.30.2-2Kai Engert - 3.30.0-3Daiki Ueno - 3.30.0-2Kai Engert - 3.29.1-3Daiki Ueno - 3.29.1-2Daiki Ueno - 3.29.0-3Daiki Ueno - 3.29.0-2Daiki Ueno - 3.28.1-6Daiki Ueno - 3.28.1-5Daiki Ueno - 3.28.1-4Daiki Ueno - 3.28.1-3Daiki Ueno - 3.28.1-2Daiki Ueno - 3.27.2-2Daiki Ueno - 3.27.0-5Kai Engert - 3.27.0-4Daiki Ueno - 3.27.0-3Daiki Ueno - 3.27.0-2Daiki Ueno - 3.26.0-2Elio Maldonado - 3.25.0-6Elio Maldonado - 3.25.0-5Elio Maldonado - 3.25.0-4Elio Maldonado - 3.25.0-3Elio Maldonado - 3.25.0-2Kamil Dudka - 3.24.0-3Elio Maldonado - 3.24.0-2.3Elio Maldonado - 3.24.0-2.2Elio Maldonado - 3.24.0-2.1Elio Maldonado - 3.24.0-2.0Elio Maldonado - 3.23.0-9Elio Maldonado - 3.23.0-8Elio Maldonado - 3.23.0-7Elio Maldonado - 3.23.0-6Elio Maldonado - 3.23.0-5Elio Maldonado - 3.23.0-4Elio Maldonado - 3.23.0-3Elio Maldonado - 3.23.0-2Elio Maldonado - 3.22.2-2Elio Maldonado - 3.22.1-3Elio Maldonado - 3.22.1-1Elio Maldonado - 3.22.0-3Elio Maldonado - 3.22.0-2Fedora Release Engineering - 3.21.0-7Elio Maldonado - 3.21.0-6Michal Toman - 3.21.0-5Elio Maldonado - 3.21.0-4Elio Maldonado - 3.21.0-3Elio Maldonado Batiz - 3.21.1-2Elio Maldonado - 3.20.1-2Elio Maldonado - 3.20.0-6Elio Maldonado - 3.20.0-5Elio Maldonado - 3.20.0-4Elio Maldonado - 3.20.0-3Elio Maldonado - 3.20.0-2Elio Maldonado - 3.19.3-2Elio Maldonado - 3.19.2-3Kai Engert - 3.19.2-2Kai Engert - 3.19.1-2Kai Engert - 3.19.0-2Kai Engert - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.17.4-5Till Maas - 3.17.4-4Elio Maldonado - 3.17.4-3Elio Maldonado - 3.17.4-2Elio Maldonado - 3.17.4-1Ville Skyttä - 3.17.3-4Elio Maldonado - 3.17.3-3Elio Maldonado - 3.17.3-2Elio Maldonado - 3.17.3-1Elio Maldonado - 3.17.2-2Elio Maldonado - 3.17.2-1Kai Engert - 3.17.1-1Kevin Fenzi - 3.17.0-2Elio Maldonado - 3.17.0-1Fedora Release Engineering - 3.16.2-4Elio Maldonado - 3.16.2-3Tom Callaway - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.16.1-4Fedora Release Engineering - 3.16.1-3Jaromir Capik - 3.16.1-2Elio Maldonado - 3.16.1-1Elio Maldonado - 3.16.0-1Elio Maldonado - 3.15.5-2Elio Maldonado - 3.15.5-1Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Peter Robinson 3.15.4-2Elio Maldonado - 3.15.4-1Elio Maldonado - 3.15.3.1-1Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-7Elio Maldonado - 3.15.1-6Elio Maldonado - 3.15.1-5Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-1Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.15-0.1.beta1.2Elio Maldonado - 3.15-0.1.beta1.1Kai Engert - 3.14.3-12Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- Better fix for the sdb timeout. The issue wasn't a race, it was the sqlite timeout waiting to begin a transaction under heavy thread usage.- Fix sdb race condition- Fix coverity issues- Rebase to NSS 3.67- Restore old pkcs12 defaults.- build nss for older nspr so we can pass gating with the new nspr in the build root- Rebase to NSS 3.66- Fix various corner cases with ike v1 app b support.- Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC.- Revert some policy changes the generate ABI runtime issues.- Add support for enable/disable in policy. Now if your policy file has disallow=x enable=y it will act just like our other libraries.- Add OAEP interface so applications can wrap keys with RSA-OAEP rather than RSA-PKCS-1.- fips need to reject small primes even if they are approved - code to autodetect whether or not to use the cache needs to do so in a way that doesn't mess with filesystem negative file caching. - add kdf selftests- Fix issue with upgradedb where upgradedb expects standard to generate dbm databases, not sql databases (default in RHEL8)- Disable dh timing test because it's unreliable on s390- Explicitly enable upgradedb/sharedb test cycles- Disable Delegated Credentials for TLS- Fix attribute decryption issue where the private key components integrity check on private attributes where not being checked.- Update nss-rsa-pkcs1-sigalgs.patch to the upstream version- Include required checks for dh and ecdh key generation in FIPS mode.- Add better checks for dh derive operations in FIPS mode.- Disable NSS_HASH_ALG_SUPPORT as well for MD5 (#1849938) - Adjust for update-crypto-policies packaging change (#1848649) - Fix compilation with -Werror=strict-prototypes (#1843417)- Fix regression in MD5 disablement (#1849938) - Include rsa_pkcs1_* in signature_algorithms extension (#1847945)- Update to NSS 3.53.1- Update to NSS 3.53- Fix swapped CMAC PKCS #11 values. - Fix data alignment crash in CMAC.- Fix coverify scan issue- Fix endian problem in SP-800 108 code.- Install cmac.h required by blapi.h (#1764513) - Fix out-of-bounds write in NSC_EncryptUpdate (#1775913)- Add SP-800 108 Generalized kdf- Check policy against hash algorithms used for ServerKeyExchange (#1730039)- Add CMAC- CKM_NSS_IKE1_APP_B_PRF_DERIVE was missing from the mechanism list, preventing PK11_Derive*() from using it. Add gtests for the PK11_Derive interface for all the CKM_NSS_IKE*_DERIVE mechanism.- Backport fixes from 3.44.1- Add continuous RNG test required by FIPS - fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor specific mechanism- Rebuild with the correct build target- rebuild to try to retrigger CI tests- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set - Revert the change to use XDG basedirs (mozilla#818686)- Add ike mechanisms in softokn - Add FIPS checks in softoken- Update to NSS 3.44 - Define NSS_SEED_ONLY_DEV_URANDOM=1 to exclusively use getentropy - Use %autosetup - Clean up manual pages generation - Clean up %check - Remove prelink dependency, which is not available in RHEL-8 - Remove upstreamed patches- Update manual pages to reflect recent changes in commands- Make sure corresponding public keys are created when importing private keys.- Fix the last change - Add --no-reload option to update-crypto-policies to avoid unnecessary restart of daemons- Restore LDFLAGS injection when linking DSO- Update to NSS 3.41 - Consolidate nss-util, nss-softokn, and nss into a single source package- Fix the last commit- Support for IKE/IPsec typical PKIX usage so libreswan can use nss without rejecting certs based on EKU- Backport upstream fixes for rhbz#1649026, rhbz#1608895, rhbz#1644854 - Document PKCS #11 URI - Add warning when adding module with modutil while p11-kit is enabled- Update nss-dsa.patch to not advertise DSA signature algorithm - Update PayPal test certs for testing- Backport "DSA" keyword in crypto-policies- Update to NSS 3.39- Fix LDFLAGS injection when linking DSO- Install crypto-policies configuration file for https://fedoraproject.org/wiki/Changes/NSSLoadP11KitModules - Port enable-fips-when-system-is-in-fips-mode.patch from RHEL-7 - Use %ldconfig_scriptlets - Remove needless use of %defattr, by Jason Tibbitts- Update to NSS 3.38- Backport upstream addition of nss-policy-check utility, rhbz#1428746, includes required fixes for mozbz#1296263 and mozbz#1474875- Switch the default DB type to SQL - Enable SSLKEYLOGFILE- Update to NSS 3.36.1 - Remove nss-3.14.0.0-disble-ocsp-test.patch - Fix partial injection of LDFLAGS - Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream- Update to NSS 3.36.0 - Add gcc-c++ to BuildRequires (C++ is needed for gtests) - Make test failure detection robuster- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Fix a compiler error with gcc 8, mozbz#1434070 - Set NSS_FORCE_FIPS=1 at %build time, and remove from %check.- Stop pulling in nss-pem automatically, packages that need it should depend on it, rhbz#1539401- Update to NSS 3.35.0- Update to NSS 3.34.0- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka- Fix test script- Update tests to be compatible with default NSS DB changed to sql (the default was changed in the nss-util package).- rhbz#1505487, backport upstream fixes required for rhbz#1496560- Update to NSS 3.33.0- Update to NSS 3.32.1- Update iquote.patch to really prefer in-tree headers over system headers- NSS libnssckbi.so has already been obsoleted by p11-kit-trust, rhbz#1484449- Update to NSS 3.32.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- Backport mozbz#1381784 to avoid deadlock in dnf- Move signtool to %_libdir/nss/unsupported-tools, for: https://fedoraproject.org/wiki/Changes/NSSSigntoolDeprecation- Rebase to NSS 3.31.0- Enable gtests- Rebase to NSS 3.30.2 - Enable TLS 1.3- Backport upstream mozbz#1328318 to support crypto policy FUTURE.- Rebase to NSS 3.30.0 - Remove upstreamed patches- Backport mozbz#1334976 and mozbz#1336487.- Rebase to NSS 3.29.1- Disable TLS 1.3, following the upstream change- Rebase to NSS 3.29.0 - Suppress -Werror=int-in-bool-context warnings with GCC7- Work around pkgconfig -> pkgconf transition issue (releng#6597)- Disable TLS 1.3 - Add "Conflicts" with packages using older Mozilla codebase, which is not compatible with NSS 3.28.1 - Remove NSS_ECC_MORE_THAN_SUITE_B setting, as it was removed in upstream- Add "Conflicts" with older firefox packages which don't have support for smaller curves added in NSS 3.28.1- Fix incorrect version specification in %nss_{util,softokn}_version, pointed by Elio Maldonado- Rebase to NSS 3.28.1 - Remove upstreamed patch for disabling RSA-PSS - Re-enable TLS 1.3- Rebase to NSS 3.27.2- Revert the previous fix for RSA-PSS and use the upstream fix instead- Disable the use of RSA-PSS with SSL/TLS. #1383809- Disable TLS 1.3 for now, to avoid reported regression with TLS to version intolerant servers- Rebase to NSS 3.27.0 - Remove upstreamed ectest patch- Rebase to NSS 3.26.0 - Update check policy file patch to better match what was upstreamed - Remove conditionally ignore system policy patch as it has been upstreamed - Skip ectest as well as ecperf, which are built as part of nss-softokn - Fix rpmlint error regarding %define usage- Incorporate some changes requested in upstream review and commited upstream (#1157720)- Add support for conditionally ignoring the system policy (#1157720) - Remove unneeded test scripts patches in order to run more tests - Remove unneeded test data modifications from the spec file- Remove obsolete patch and spurious lines from the spec file (#1347336)- Cleanup spec file and patches and add references to bugs filed upstream- Rebase to nss 3.25- decouple nss-pem from the nss package (#1347336)- Apply the patch that was last introduced - Renumber and reorder some of the patches - Resolves: Bug 1342158- Allow application requests to disable SSL v2 to succeed - Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails- Rebase to NSS 3.24.0 - Restore setting the policy file location - Make ssl tests scripts aware of policy - Ajust tests data expected result for policy- Bootstrap build to rebase to NSS 3.24.0 - Temporarily not setting the policy file location- Change POLICY_FILE to "nss.config"- Change POLICY_FILE to "nss.cfg"- Change the POLICY_PATH to "/etc/crypto-policies/back-ends" - Regenerate the check policy patch with hg to provide more context- Fix typo in the last %changelog entry- Load policy file if /etc/pki/nssdb/policy.cfg exists - Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy- Remove unused patch rendered obsolete by pem update- Update pem sources to latest from nss-pem upstream - Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key- Rebase to NSS 3.23- Rebase to NSS 3.22.2- Fix ssl2/exp test disabling to run all the required tests- Rebase to NSS 3.22.1- Update .gitignore as part of updating to nss 3.22- Update to NSS 3.22- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Resolves: Bug 1299040 - Enable ssl_gtests upstream test suite - Remove 'export NSS_DISABLE_GTESTS=1' go ssl_gtests are built - Use %define when specifying the nss_tests to run- Add 64-bit MIPS to multilib arches- Update %{nss_util_version} and %{nss_softokn_version} to 3.21.0 - Resolves: Bug 1284095 - all https fails with sec_error_no_token- Add references to bugs filed upstream- Update to NSS 3.21 - Package listsuites as part of the unsupported tools set - Resolves: Bug 1279912 - nss-3.21 is available - Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit - Resolves: Bug 1280032 - Package listsuites as part of the nss unsupported tools set- Update to NSS 3.20.1- Enable ECC cipher-suites by default [hrbz#1185708] - Split the enabling patch in two for easier maintenance - Remove unused patches rendered obsolete by prior rebase- Enable ECC cipher-suites by default [hrbz#1185708] - Implement corrections requested in code review- Enable ECC cipher-suites by default [hrbz#1185708]- Fix patches that disable ssl2 and export cipher suites support - Fix libssl patch that disable ssl2 & export cipher suites to not disable RSA_WITH_NULL ciphers - Fix syntax errors in patch to skip ssl2 and export cipher suite tests - Turn ssl2 off by default in the tstclnt tool - Disable ssl stress tests containing TLS RC4 128 with MD5- Update to NSS 3.20- Update to NSS 3.19.3- Create on the fly versions of sslcov.txt and sslstress.txt that disable tests for SSL2 and EXPORT ciphers- Update to NSS 3.19.2- Update to NSS 3.19.1- Update to NSS 3.19- Replace expired test certificates, upstream bug 1151037- Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available- Disable export suites and SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code- Commented out the export NSS_NO_SSL2=1 line to not disable ssl2 - Backing out from disabling ssl2 until the patches are fixed- Disable SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Update to nss-3.17.4- Own the %{_datadir}/doc/nss-tools dir- Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic- Install pp man page in alternative location - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer- Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available- Resolves: Bug 994599 - Enable TLS 1.2 by default- Update to nss-3.17.2- Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work- Rebuild for rpm bug 1131960- Update to nss-3.17.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Replace expired PayPal test cert with current one to prevent build failure- fix license handling- Update to nss-3.16.2- Remove unwanted source directories at end of %prep so it truly does it - Skip the cipher suite already run as part of the nss-softokn build- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Replacing ppc64 and ppc64le with the power64 macro - Related: Bug 1052545 - Trivial change for ppc64le in nss spec- Update to nss-3.16.1 - Update the iquote patch on account of the rebase - Improve error detection in the %section - Resolves: Bug 1094702 - nss-3.16.1 is available- Update to nss-3.16.0 - Cleanup the copying of the tools man pages - Update the iquote.patch on account of the rebase- Restore requiring nss_softokn_version >= 3.15.5- Update to nss-3.15.5 - Temporarily requiring only nss_softokn_version >= 3.15.4 - Fix location of sharedb files and their manpages - Move cert9.db, key4.db, and pkcs11.txt to the main package - Move nss-sysinit manpages tar archives to the main package - Resolves: Bug 1066877 - nss-3.15.5 is available - Resolves: Bug 1067091 - Move sharedb files to the %files section- Revert previous change that moved some sysinit manpages - Restore nss-sysinit manpages tar archives to %files sysinit - Removing spurious wildcard entry was the only change needed- Add explanatory comments for iquote.patch as was done on f20- Update pem sources to latest from nss-pem upstream - Pick up pem fixes verified on RHEL and applied upstream - Fix a problem where same files in two rpms created rpm conflict - Move some nss-sysinit manpages tar archives to the %files the - All man pages are listed by name so there shouldn't be wildcard inclusion - Add support for ppc64le, Resolves: Bug 1052545- ARM tests pass so remove ARM conditional- Update to nss-3.15.4 (hg tag NSS_3_15_4_RTM) - Resolves: Bug 1049229 - nss-3.15.4 is available - Update pem sources to latest from the interim upstream for pem - Remove no longer needed patches - Update pem/rsawrapr.c patch on account of upstream changes to freebl/softoken - Update iquote.patch on account of upstream changes- Update to nss-3.15.3.1 (hg tag NSS_3_15_3_1_RTM) - Resolves: Bug 1040282 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) - Resolves: Bug 1040192 - nss-3.15.3.1 is available- Bump the release tag- Update to NSS_3_15_3_RTM - Resolves: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws - Fix option descriptions for setup-nsssysinit manpage - Fix man page of nss-sysinit wrong path and other flaws - Document email option for certutil manpage - Remove unused patches- Revert one change from last commit to preserve full nss pluggable ecc supprt [1019245]- Use the full sources from upstream - Bug 1019245 - ECDHE in openssl available -> NSS needs too for Firefox/Thunderbird- Update to NSS_3_15_2_RTM - Update iquote.patch on account of modified prototype on cert.h installed by nss-devel- Update pem sources to pick up a patch applied upstream which a faulty merge had missed - The pem module should not require unique file basenames- Update pem sources to the latest from interim upstream- Resolves: rhbz#996639 - Minor bugs in nss man pages - Fix some typos and improve description and see also sections- Cleanup spec file to address most rpmlint errors and warnings - Using double percent symbols to fix macro-in-comment warnings - Ignore unversioned-explicit-provides nss-system-init per spec comments - Ignore invalid-url Source0 as it comes from the git lookaside cache - Ignore invalid-url Source12 as it comes from the git lookaside cache- Add man page for pkcs11.txt configuration file and cert and key databases - Resolves: rhbz#985114 - Provide man pages for the nss configuration files- Fix errors in the man pages - Resolves: rhbz#984106 - Add missing option descriptions to man pages for {cert|cms|crl}util - Resolves: rhbz#982856 - Fix path to script in man page for nss-sysinit- Update to NSS_3_15_1_RTM - Enable the iquote.patch to access newly introduced types- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Fix incorrect path that hid failed test from view - Add ocsp to the test suites to run but ... - Temporarily disable the ocsp stapling tests - Do not treat failed attempts at ssl pkcs11 bypass as fatal errors- Update to NSS_3_15_BETA1 - Update spec file, patches, and helper scripts on account of a shallower source tree- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build3.67.0-4.el8_43.67.0-4.el8_4.build-id405a9b66f64aa67aff6ae246c780278fee48ec84libnssutil3.sonss-utilCOPYING/usr/lib//usr/lib/.build-id//usr/lib/.build-id/40//usr/lib64//usr/share/licenses//usr/share/licenses/nss-util/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protectioncpioxz2aarch64-redhat-linux-gnudirectoryELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=405a9b66f64aa67aff6ae246c780278fee48ec84, strippedASCII textPPPPPPPPP P P P P PPPPRR RRRRRRRRRutf-8f9da923a6b3f4c4ce6c02c281797cf3ef0f46f9741818bbfe04a5d16f5a2e2e6?@7zXZ !#,&] b2u jӫ`(y,x7Rdֺx|r=-ϊ2$O κ]I6i:DztWcЈ{I]]?%akѭuik(w^XAHpּ"=#qGU@dp*K9yoSn!PU3?ʥyaϾ-rzM"@*U,kqMɊc䡊th(-qMI7":P/f|[Ab@='cO')(j 7(Lu}4W`;wb]2\Z[lY: J Şx#p+Ӥ6Rvu6W-0lg>jI:ˉ`c TdڈOsiS >r_K1wOpu^6Aˮ8cg_>v{ɷS9\fZ~7!-JH}ۆYM3Εh3,F$m*σ몆7DoQO7[t(Jkͳh6uo܂.zc[o7GiQO+bm̳9rBAFϬS3ǀbbk@ @h5:ǶaD3>,H Q @.VUeSE[~fJ/# X 'WoICB'٦4E髅2{S$,_1͎4_^?mm3=hqڑ 6} Ap 2x]* uƩTZSBj)`=;UR4]PW{5@MƔ.Q敲 nn Z|Is.Oޜ_|'s\\#ByS}`e?N%d}DNIi].^ߞ4 ףEFmPܾ.ER%_ah;OtCbׁ s`v<[b<M ӕeZO:h?TiGBؖqI&F񙭔DV+Է0ni95)M8Z߿ӎG?pJC-: (4_78k10sR1JF DYݒOuYu"?Tc}W>DD00aI+6sCĶՆ ά8nPʙ8nGSY="";AJI=M>;o83~,*?0=:|c0J-3&[b+>CncSh\Wi4vE9!!"* 3{&yRҍhٮbL'2 ]R̆ HKfrΈpG1u"ƳmRn]Z\Xw2g/?*g羁ͼͽOAE(/9'fAr|BJ66JV;kmֽ;UP%u˵g]{;ks닧㳿hlckʢ΄6b:C퐺_[N+bK%#c FFN?fen# M0gZoY$ڜ\;U۷Cն@[pZN4ꛨT"^-e>CP=W G'!Pϧk) F.݄L_d#>\yUp%?7՚x졇+e|М6Tu|?繖uСe|hq<;K+ t,#ǫ-XTK@*8>n%KEqԥD+Juɵmh2vƨڋ!l2|ղ Ź׀z/~d8#|g̏>غ=% (y[:z M~`ͱh'~x~aY.G" W֧4Gzl@uz,,sr]R=& ~X̎#sId {y觾i!)s"*X4 S6Sf-مU ky,94''㌩(6~6RAT/ fۥ*l^8hսlFiC(2*_y!tV R$9xk+4tfcF~G:kizqRF*]q)X0e_3SRx!Z.9JbCy9C~F[NQtf{P\RAsfmDJXůJk4RE-ta/a¨EFy8z$MUN)GN\Ѩ!e5`ȹOIY i~ڪ)QV8T(C6Sb+T0В;i/1iwORQ$mg$[e,LחĀ!~[Q.,+Ͻ)"iTG 3nPM *`TX R,e%E*?R#j-x G"I+lP(Fk%c g\cJ܅c^DؓP/G0 $3rq-z4MC_rE#&]r6QTwh+iJ=% )KohK{bfs 5[}Нu|iwįښLN/͌#UM>S~$ JWQٽScM=ҚOe3.Vx)wsCJ>M rRaCO!ei_ !Ѳ N+"f%(f%2T*I絁[',Kv.%s;uRPu+Y7)aMQ8w$Q,f!Ɯ/^O[[O#GJ+0b~w>Oy G$G*hzN3(hdxz42^YI߇"bc 6,r"(>VjO?Bu`:Kї 6~=}, 7LJ06},ڽvLM y{.ƹ2qEƍ&uAY E?׋jL#^ `ǨbHqʍ/nZo#c/.WpY܆B 3cDZ4Jަtq{KEk{Og}-(Y$f^救/(-'[AJƄI|/,+3w;IrJ6[QŎ v7eֿTT;zL A>+-i_]td(<]hwMZL~bNۼg,ŏLaC6jS*U⊅<AjDM,̑2q|GSJC8XTO.͆ ۜ }JޝJtVG^/MTiw+DUݥ_%hd7(F bh8#&*tH*-o<[+\Qbb:V&£#Iqm=hLxgD=75"cj&D!!#.Oְ()1 ,6[߯DTUK~+ӠvN5u`P]6R/1|T\C W;a.N1 %gVRd{1QDۭ4NA3$N2(܍7V4#%6hPlC{HTѪu*ހ~xڋRIwK"3^%qbU ً uRy*f@jU !(Њ"uL;iߊ 1}mf8lJX*#-A`+NB $ѱ&jlf ?4zS$6ڶ5ϯ̋ƒL@ ^=w5+:>"1aj9*L@(ŧkg(AoX{dZ׸yAJpFBy &Jï" UV,ob{OR \|EVN)7̪2j`H`ӄ/m첐,W)n?Ef,˜,tg`_xP6ں "Fb<*{ޔ]F3hvLA}[ž¼l."@L)G0 T0u22zS^@\OUgC]ۇ`ߣ^4)P:7f/d5¦T$A^R]Njg\-ԏR)hcJ 86#DZLZ Hz?\\:T!+!scVaPQsUB:,:(Hb0@=Y oV`k($ZmYUg!P2\Xa~Ǩ75"z=N&Ksm~vXp_5 /U +Lt s㦪*Ί a,bH$uWYކGDpgs͛*&:{X=yܕ(]1E4 fjUշԙmҏB Ki67Ud3|19,X5~ H#Eta}H9eZW5+ru3Hq1QH|2)hsS_ysdH*t3!;yC61e]4WWS]Kp;+7gAkc 8_S$.':׮-3 U?a ,=*DN5 >_GFU΂"y $fo@tI0v5E34ʳ>$JcY ƕCպ<c` %tkhQݶPy(0KB8Cލ ze1;u. n(C,˷Jsn NSHGa<^Jx>1(Gj1(Ԏeۨt NPQG$<ߟv3~'-wY&0H w)}cYnpx04%(&M@3 -heg2ӱzvB|?If.m9h;DuDVCnOkٹ(\jYH&7U99ω4hP8/9y̎Ph\2=R@Nr  Y/=uIiuԳ@l}mTz׷-+azr '>!uT֋nchi8UͭY F.(gʁv!{(^t:"6Cw82.U.C9&s94I,8Zczu_'ҩABLَ4J }[:[]%FƲK?G m%,錨 uL~{;WQK ~.S!q{F[qVA~ Wh  xgh=I :Z.5GȟrA Mzwou;((i+}v.k"+ھ``/d'RGXFK[]cnKKaӍ;p t]_=b̒=enj5gxkL<s*L/{xI~%.>?o}r0FN雘{Q )X]uGF[8nt2Y!%P5,|j[Oһp.Lg/8XTH[to>K&Yiu-B1jZH"T;CG!ISu*FiKPLjXg3]-5r5GѫtY^Cex7Ԣi^B;;sD0Z87  2! Tt (g1,kyL_?uy5qv* уi&2 <-1[?_oķNns܈A$Fodkz,Hϐy!D*^Ɂ@%zC:l ]xUAYܧEk]W8joG 0d'2 `(@Ep3x$jdhʜsO[1Fzx0eЛ9)bȂ(yRh)BZ(nIae){X/$'$0!qeR#`RueXLf{Τ^cnj[oMx~]`+?SB{#a=Y"_|T.Iz'<{%r6)GNt!7F^)K?!Ad3LJb+D_dU2'~Qy: Y-LF5@"9/L7Yoկx $^ZKAWJ usc$Rv$@G/L5 aeqY T)קfPk3R4|cUzEBncW8ff q/qzO3;NVC xsoOmDG8<[+耲fO(ET3.ݸm -96hynk.k[zSh ω]8i@-l흩,nEm6/>d#OD.#pbk^ٔfT[:nVF}#@@i$gԜvd),X- >֥Zb|ܹX83@'c!ra8 rOJI[ޖ#];k@roY)?^ɮ@i} NO]lLбI]*j\*u#EV.ϕahqZ*J+Z#{ b)[ y۴p5kh-1>`]xNŗĆt ~-WFyӗLf)"͟A$ mL!AtJZE9T(}I֓Lݖ8f_5.J؞@NSيuՎ}F(QD́IM9 fG$>,:'g.Fj[9֜n$\t84N[v,} X ;RӠR% 7MtTNp_ܶ?S[~?j"sFv2ȽA?In=z;RBheF s@=Z!1Ȅ)KaJ72}s1,#~G&r$Q'noWO,c[)}϶(H6E2 )oDp0kVY1Ooc$|^3*$ omMWAMwJ%Vl;n|dK0~Ab ~ZH*֋*:~ֳphal/f÷65A#w2j:n^MH?$,fsl0Ԁ@`- gz(ٔ'ExHT}J?@j75%> `-xR N(R\?Vc"x:@DO'0Hoz E{`/"CUǬgG+9>zKl{oUխ..),Qrlku2H:b4p5[*fFl YWN\9ĽUGSȱpf@I:g ZwpsBgj ; >5 \I7M4ƍ?⫪FGĦWV;U-t ĕb]VЖ)&2κ1mE,HU*I:!i/l-Uu:mmp\CG_qkSSLduD ̊Ql9mLǹWa<w?26D`'wShҡԢ}}1,L@T_.\g6e|c"% CDž(;=P"0-~>Ԯz(c~\A2LĀKuk6[hY*~  O hgTdaBZ༵&:lǤ#aO Nv>X]VnʨwܟGaM( +I5tr!t3*#&rUnǩFB駹]4x^jsqBҀP` 2yoiÓ\,o+ڱؽ`샍[\R,)WaMo4Ͷowƒ.R|FMiǶ88/'B8JGv=Ipi4f*||#k >q+ZpT[ak^""hXT9,= S@R軞q6TA DН8DMYeeUcd_͒<4[0U- u|lk`sLR nF L"&/b^4.v߉$/=i\>03~)Z}\?kh}7$فYL 2yđc9Hfz+_+U`uiʹLA=<6v_*J,=ٻ=}D-XM0 SjAXN˄ԉ FX#)B_fE[=)p#Іytǎ;Ij2_5^*7zuYڋ>l㵔4_hz;~?`߫™?n_zS滍A,ȵQ. }+zE難!$be*wt!o=Ve8#9O0S?,(n~/O1ȧQq_Rx:9v2PrS >©?͈yj͹mV$4'GD=n~Q$D} ~ O`(ִ>(2;zuO(`ɂ&QKȶcfM@|z%: fDiboxƖܼehE8<%B{Dvz2J%šǍd;dȎpL@!&8~q%*]j!!{DN`+h(rj}n՝÷E ohA{ˍ/X];'ā/$Fvk*ϗ'豩L24n T܈/#YT͑opk! WBAXl+|up+ݙ1ڲx$mYE:FK)VmɍQzmڒT53"vGm\)xSLOU.rn  ׾PI8 HMN /w|ٙR߲yI7sЌ#T'37WqhػĤ#2;y,oJ (A܎=X8 u-Fg06Y}J ͉$c%χޣST٪(*^24ʆ"}긴^)S/=$O=A?J|Yr(>ӧMӇ=,Zj~GF]2@AGJ N4*&0^13a{7} # ؃ 3T)7RJhXch=8gCK§; }VfEE@ռ{0yr {&am_.t۶ܽZWt*jNG"4S#(7, Pя- /Tt\!b@)ءc& o5ͫlm(\fxLI,"cSyo#hP6ee&1K ;C@] yԫHо8-}Xq@=to ih_.κTlAvuʸR /H,ΕI[.ujM"r)6Pf#CbVEy ;rKְV7쌬ƃVMg:Bynb©%AkRZR,T]ԦwiHJ $:\ )8%&߯ 篇}.ξЕdwǒ hh s!7eа$tz U$F{8ޙ ,a"(}7߇T̚{p˿>LvBǓλN9n>er>;%ӫ2?d׷鶚߃%DI a9ֵ֯Q>va|&<%B9bc)k,+=vNeU$a6h/L?P\CkcOLT#E0+CtHPLmQmXQC/覈S Ӛb-xpS}tĚ/~̑t< _C`) 47˜y ]_\md-3&I.(J8-,b_Cv6{06uRd;y2[N[M8-s,Mם Ãu*~ e?N5ũ(w} Ly ٙ!d@ea箰yd3)Jv/}I氘wOvL >x64?Ua_zW[[8}"eƿ@oc< ݐ♥WO i^V3/Lߐc"Wlk@<< _d0-oJcf]V,`SiOK ;NxY4SO=e=z3ĬbXupmQ!6հN<$ɾ4֨J4#QG1}qKw7l ņK. }Z\/4LvYMrݑ ໓:.)~@vB ȳn)>gԢqPDdݕ MbYnc•.#8YW=a]7-7<9a%HR/)l Θ]= >Cȍۋj`>>z D[3+S PߙE]$k< XcA fd+]"x_$ oU-yph 솸K zܩW4(/ʆ3+j,\??Ȱ^]/ꋄ Y >MLy1hMm 0`SGF~Y4Mtn` #ڸ HNs6R&TW:.+Pi1>6cDqI[ݶ{P&֭3.U:ZD/{s,u/b\ǹnb.D wxCUg_B?fU3K/1kژ2HBʼ2 xTH.5pb~0]{pgP^N&*baELseZ#(_nD>?e럥Uű<('$:lWC9s~p-NyAMD FA#˴)⮓i'5C 00zs,Dxb@E-t-i;&/~BP"wVxۮ&($1#Zy~k,63HKٜ]Bt?)"ucA15Xڴ/k.3JJJ* ƴ^Xl#/=2Hs{LSbK wh.@s㟐i:pܝn%7mFSa WĊ_p[dg &z#1A1(<s&QHzmU/X[$iĘt9n+e#y9BG-6aªx;2S8;}5BiLtt,ҼE7eukL+L:oA08Ed9G$OGPE$LcipB$e3a bm@$v;Q5:x8ub—T GZ+~~G5K|Y+(=Q$z ::qǢӸl,NKtQD@CH]ydCUC\ye> ]EsH/s9`fD"%0uLxy BҊ;L?l?AZ+>olC&=U0y"YTH%;GlVj74d|-ϴh" -J2 `Qd;a1oϺAK $,B'n[$EC$m1c`⍪^_-eS L_0/'#Lᓎ<õi9(*QrxPwv )CP|_1FJ_CwhE`nzIY䲂B?t?烺.w4o@s 2rh%lmѴ@*p([&_P\pT"ҘleaU [6K-;*!K(mfu&LzU3P.tʀz.[cu@HZkJ1 Th<˟9e6+s)D+qcZd,DPܯDihҌڳJA n*\^'d>Ȃ mޜ~Ji<y:I)B`D)Mz㲺АXRg Qu䇄.1`.e@ ]†VtZMU0vM$l4G% Da"J5!L6N -@)q"6_)޹+J^qxR̗ fW9xJJ&jiaZ@kAE pB;GŃ)Of+MF(QC,}#UJ殨&ܽaD4+;ےz@_doX/Nkb\c bd-%>[>xe6.ZW -Bxv՝dk4Qy? V!(ʶ0*:hP~R,6ACf; ԺEoL{5PK!Y@Ab}baX'ul٤ #Ĉfgc7g7gYP쀨}0[=6 7QƷT*iP]\wx=YJtpOH,)؜ҥTl=KeR >aFa18tk4q}vqȰ1܋ 4YJdRc&h^ښ" #2SoՅ/cܷ)֝]لR- LuRHݷ^z0#Z(IP|BM`ރoE+&fc!jSsiTPNw[ajϟA(ĭAG/ AwX~; S;M4WU>{tMc X-Y.MD(6sdέ|꾂͠JAZEJךJңQ$g΋dS6PH^( ]g4|[䣣#˟`2n^9P1H4DÅbvG-}iSA!A6hWD^O0BDI9',Pep LVxf9kA6Vp/nxyB6cp@O_-mp{@l{6~eFJ](ec%cUގJ9.:2f dGe@ NK}`DQ5'O{EQ= ']VRN kr }& qU͍g,~OS:?=U oHV0BA q#:iG~j4?=#U-$;rWr/OqPVet8 ۖTæMӊʉ^DdhE_]w0 u{"'h Am9͠/$<~&$YZYh&_Y'v=%d}~ ҩ՗ KM x =) Ӌz@ 8D뾵vyK;H$(<r ŇbTiĕ6Vq(؈Fg}N" 4:k޼r撌V66XtG0kv7-1,Zs -(VMm] 9ʩ ;N?7th۸ԑu YVx8YB*X![Sfhf0mD>L' ySJz)hgPށjK]y+=s#gI~H+UXL%]6<|0I`iUд3v=Ih˵κgbݘoLuWX9Ƃd⳹Y3|`Ewr\wΧA9op`یɕׄUq( F#Z<<#NM%_!vޗQ2рnTJ~tGsng:=B \^1/ii<޻! s뗊խj(7t/ *~`A|Eu0^O =Af8QI8 `A+ QΏ /;EN 0XcnVh|9$tSscNN'k8 z'$-WgDR9\N|yl|FsIzzDWhS@<2Wț;Q#H9MXޱޢf盎$O j.W e %k4aц;@L۩ ,/Κ,s}py)/~':IH$uDM^;Uݸ"LE*7=mKyrv9W~6rގPx7bZѺYV'Z]dWHcgkDŹ#{O'ՔB)C H=P61[mYSwvQGwZ$}zT;Q8y563PVz`j(ÏHboZr~izİsoT>f+*F޶ٙB!a-"̐ٻ]RӯW6qbdo [?\<>d h[L)t:cu%={GLqE #* +]s߅,.ZF丟6FC/Sй\VHﳏx,x&kkt}L|ކR!E+Wз>OI*WnFʀD8VEVW•O\겛gsއ*ޑ(3{d;y@d2zվ|1Z(2Ҩ;hj Irv^nNN3˭Ճ9kJj,kS[@?Bu+}sV꞉I ,wRfVI97+Sv|)/LZP١P<+\H~(2 DHcP(OrFIT!҆VuIfu-n8PdC6G 'Zj V!{4cIrh c~!좰n|W,6,&Ci\ gm dqN!rU½9o9WTQT4 ?Ӥr:%tkde;}}el&.Sij5_IMҎ  i[OAYL uݞ"/Sh{\FSdIIhήLy +cnH6u^rխ ݁ h8/2f 6I"4nm(B]ԁF?p$0sLX}ŴCCz?;'qYl(ٴ=>]My;0 (ѩ5Kʢu"?F }\uw Rh[%24.A=5>0 Ul$q̔a@KuK!P5^7Er54^AJaS(ޣ<Qg$u5<}Ŧ9`, U8DZ]0/hhX)$G?9*}%v@%fA|aK~z}`;5aI]̺vCV1O)phaYBpoNoߧ4v`=;; ?p-}HǥI)h)F%4Bg'SEkrH?f*>{Hqq' X\3.c A?߿@/6 &7*KA<$ Yy=U<T;P~b@5k`RC&۪XF%M!$E(b4 ej!͙3$MZ9< -ʄu5̀D%)s(J@UJzLl;AdcS,5!-vb^C6l#1yLC'MTb5FYMJlزR+irqs%Vd_Lbxה7cSvs22N~W4,GIw.Pt7{P}iB"튴<:._LTMQVڠf l-0+}dcd/Żk #9 xA-~ x]rn!vK۠y6ď w */9 -ߖbйmӘmpwc瘳MxfM?locNQ -:¯P"jc->VM2G9PxR?tJ…ߐ =88O}G~%otbZKJӂNLI8S[X3 ZK?hLkg+F#Do(9od툇:.3@%-:z6C-E׃T4^5@:Q! Sb/^9.F~A )It 5f̌b $55wdh(y4 E|Ν| chlВ*@NWVNsӴl(R5SnFd2[B$‘@1оzAÖU|[Iq7]R]m cX7?%CtMI$~ʵR=8hjv8!MUnF>zMdr'F I L{.Ho̹3Lqjq]u2bO y5I\>l>fp8)t$p`:%D^GR?~A`"1y\ x7nv KF;V/?m>GT!L ߻]tQv.'gu\!`,5MKgkI4/ gXQ\=J,Q0-j+,8kLhhd:T&)EELc@[l`؛K`S3 5qwoc>og{\[Re*B'LH[ mF1~Nq5DA)lJϤ=kK(J_'E w㢘N#gqݗ Ӻ%ot徶Cv@Wp)lcL)CCS7=m!֝(Q`1RI42(.[/aLS!@<mco;&yYlR"9(C~#QON.>7>rY^vbxD(09sNe~‚Epy>eG]mhQPF0bno<@]\,>{r3o3VT:?` 2ՕB9nn;: 7v _Ǟ#<K=bQڼ.Fz橾oe=xMM6j^c( Wmv5~&50O9*&LJFrѰƑS'f] req[r\Lku̡w2^< o 8 )Ⱦl>pC'̨?ν㎮(,-{Ph~x~\{]Az kitpn/h,e 2J7Q1|E~~}M8*.ͥ:1,<3q8t O/NLS o_]tQ?KmbZluUyy#a%?yv(d4SWJ?S;ݙ<e7rs2J~0oV2%F}o;l4'j[Ecz\*hշY[{5Zm/up"ly N"(0(1,i\@#nhܚe:a+Op 5z1UKp:^eKcALm;A._~Sj1;LOKc@ H/l ϑDV 6Y{#C\'G٬ym8}e[=\bʼ* }]S2 w8=:(ū1A3oo@d?VԎ]#JjcsYnGE([&"hsu \5>ѸDvjÎZuFm砂7‡ _:zXZ*捖vaOPȊ=`jȿd-1fgE>?ɺO~*B"y-g5:%ˬE>;SAgpMT>¹(@SRiϢ2rD#!$ȼ M3"4d\Rz Oؠj0u-n?8+6[PVzmp'!3n, @S>Ys!D8]XAkc =L#}Ż'54F Xʋ^A)]gKT(i ñ w_P!9n9w`bJSW)R/QoF{d3>pɤwHU^#mmLkd+ŨoK:C44W׎-=9nנzPHS)c/7L!Kofٓz hd%mjl4[p!we[l yiyXo q%cQ(h:ؑ)NMi(fCQl&t FATJ?7R?Hsw)X"Bv !ͺO  Y}aߋ}?`_a_Գ=,=@M(00BazIõ7c{}/IoFOh[*-"U,koAcO>g@lheX,=z* 0dGxXsX9^lΕNf@NB5(6"!Neӫ"gB?{DH?&NI6.Q%6z꫓hWu&1=?7Zd"+t ?gn*iVغKm7P3]^3Tu@3NTwfeZųm"$\;|jU"1Hcg1##3r_M7\ ^_ MJrv0z BGn=4C @MX~Q՟.KVDĐiN>\[y0ʿPCT/x>U; B4ݍ,,[Qҙl$mj)s֢ *obaCY8]OpF=\/6Z8I,̎QjpMRs}m dt4 EظJ wHFdYHժ(MS&߮)\`]~JHȉgp&5xk!uS㈊6aQ?6}ӴZlFR=)ogְL3:PYرZyaih3;A2Ks@ n997 Cpdu[:BPݬfLՈG[Gاnފx/ c61zr{ 5M#K+B@?# 1m]Ѡ(~Rf\HyIkA1LCn}#wbcU(2+UWtFǿ4W:AIEGAa9m@OjwԐNeqCfTjQԜ|a,X gGДRi}@5wg198p o/B*b`ڐ LPyIB+xOV/+$5Mh@<}xQG2:kZF[wW`\Ң cx>9 _l&<"J$am ƕj+ՈKf[uBT1Uܲp=4%"K.;I3@R=xc:URUr[ zfNͮڶ]P:Olk~鬺%k%璺Y V;K -zDͺ ,kh!qkE|C;̼c%k>M:O2 b-$ך|#&{۽5EL4 W wn.q:4Fϔ_RRx.`S|F)5F8K{a Wh+=_GzViN_d(:+mžq J!ь B:X(gIa@io/i7Ss֟ܕ-"x`tm</0sO3yDc#HjX2 M(q'=,̌(z8A5OG*oGhy\}٬>[wJMP'`W6̗V)yq?`+48GݞS h 63X?5{Dہuηԡg]$ GۻC0KW^H]rWyU|MIP`S'^S]Fϝ]t4fyTK ҸwJi5 ~˽i;z_ PfLx/o!3_2AՌA$_PĂT7k5R߱ग7G\r+ DƳ3BNHf!X4 9gEțu†Ol}_\dj2M Y`WH:DٌAiHme6|/͙D )H|Ucm[:!g |)#Jw(S' x{0%AbOa`caqL7p^ dXq6Op;ZCc<2.ruܓFq؉2"7$lpgX'DeΤ(ĝs/t{5e0 zMn$&.'N3mZg t~!Mroͯ\v[s%ՁJnv^OEM[.N<ªpO&2U|?sm#VH 0>I˥ώc3'%~[&9 z}0tWI)ɫUh`BZ;d AڱݤsJ$HD^aHzQ gIm]m pՉ2ڽ͟qI{Oo![Q3ƿ5ZZ![,W3 sQa;]|TT M("+z^A1L)_ R_+P2枛QZaI^m8hQl3!s#^I[ ۭ3ZjM  J*9f("ٌpu?F0|KemȊC8q%P2M@e_6h,6&F<*{6 ! %^fP m2[n8}gD{!U1Fl ^/reqѪrQѾX]ڊvj}p30]V6Rh&?aWE@)TsP i/밅yvɱ̍Tf"℺,bM2.2aʗeI4 y=[`Ԭ=7ONT*L !'eHm-C4ռyaSMC+jwň/-(NsN?B|)"+ŋ($VnRw|t+"i.vC3]iͦ\9 Cx-̒J̱n~w gCr@Pn@Ksv()qa >{X;Xw.rFˤ2Y(bka:]˴'HGm끄cJLe&Q-7lNÝ+|ErU!,ycK,yqbPC[Fc]0OKTʐ[%m!XmF텙|_e}qZbZb"J%6jE+  چF2cۥ$$:|(?ipZCo$s#Z&R/\f|^=H=֯40ͨY%zy Ck cY0,7rHnkF~ߚ $^qea`paShrlHPBGYWU(t_:`O}^`۶xlP)BWBti yP@t^BUa>zRSՙo.m#gRYLamFc7Y'+ScwWFC?1w߷%`;iMONϬלņ/{gq}f*]) 97Wj+G3)z{ WOAp$X[Zv@;f܈8jD-X՗5mu|,AciVY6 /I' Ǭ]%e"DB3:؊K|+~7qlV<{1bwNH~[?9'WVv O"K;we܃/8£w6@yltCfèd[Xyi|5Uc 7;!>䫝)ӎ/6D'9cWk,(pޅPIm)MR]*~$,8ڡ*oDP[}􄙱x 5ʕJ,EWpNXj~c&y'ʧکv'"`Ӈwu8*<2ݔ?bmRvDsAh"{)DkHhWGԙ-bm}1n .h"={&.%Rr>8*kPU"$HR#%rdSd;*^A]q5#J\օ_ɽB֚[029H}W3aqbnM OkKo{ mW[W$>A6h.l],,}3~h>5l?{2s{"F\L8X)+$|7Ȝj<n8?w|PQۖ6a䤲Z* \PBW$I@ԉ%?]waL2UΦH%AןGi-Y"C436xTW +lJ-lҫ]>?Z5Z3wB_5$K O@*I1aWi|J Ti$ & E7)(JP*OmXmѳ*ݴBS]찙GX^*?6}_=Y9/%?YPi-U7(>h'Nt"˧!BO~2' 9csѮ H1h` 03!|c?hTk0+<[q|yHNP,8 ;#B[9@Garb|U9m:!ۯP*}9?>頡D'ÖgqM,8OB40iP=\CFу?bX!/аѱ8NN+;26?O):\=gYET?_+C|v ;sZ_>K#'_(tYX'"xo*΀c lõ 5$f]ް#4vxI*Z7-m=ðpuI jLT#7$>=Cl\O_t;AS}T?;0=XKdG2#+ok#oY$jP9bp4Eg%\cȮOSt^4h!r̸3\R|0DƎMsy~.  Hs}T96T]IiPzZU`\rϹfsU؊[>!kh͆9X#8e)è nQ$HKPK'(䶦shE oooJ0 &8ft]6X ߦkތ>ٜIô{ 3 _KTZspz3MFQ`Ɉ٣ ~FGv Y$׋)CII7[SU$F56ߓ%/̼XMApMA5c{9,2U#%+[m<(Á[?iFx܍}V}K9VW6)a87}fm!NξR r8ͤ&+?,csDM:8<|1!-&#̹ǐ,}aJBgoWdHs÷1*5J: OdB+Zɨ"LgoM#H',`xЂҼ nC֨BHнeJ]FwϘ b){חnOłHh}!2(o`Թ8Y]g*O?@s`]a%yj형DQUQm#*qYoH@? }ٚ#atug{͔E^|z=cD}Rp*1B3êаITôI$ъ4X۠fITlU|'B#k^TV1!Ap"n^ +5yS!V5ޅYߐ#J^CikԒ.DY(LN9̓R]d}14}f_Zbs}lj.4npz"78zsC-]@QUJXLFnYKZ#\l&W[wq7>Wy[~ [jcmV_'Yi(~9rN6S9 V[ 7tk7&C8FQO&1ͻ"-Xҳ T9] :r; ӲZnPޅ*Unhgr2#qfoȭu#jc5XwŻ h7vV'nVSl ܉.5FE΁嫀P@b(mRfr9=b2pj5ؑtbd 72e,a `Xoڻ`[6T&5,SS#SHTnt @$LA5Im ɪ KHx !ljF~INҽ"]h(qÖmFmGn󄐇uZáirB畉WaVP[ajh=٭-e˝߅=s ($%r٫{N&OZ:{dmæ/ҧHgpn2^YcC?dTӹ^WuK`cr/M|[VH>nF9 R헒5 @\iH C}{_NT=xIgyVb:C.6(u%}#t" _#]M,PXÉKם#Pg V6W8@|*MuLn~K9$Kk2H%Y~O H Q2¸$cTcR<*fdID X*&E +. LL=Z,2f̮tτU_Kҏi)DUD)W8 q@5WR~=Ujͱu@Vr/s!huILpfV4Z^`f@xh=I3M2]E6%ga;0Af {)|"D򅌹gob'2ߟ];g"qs2ߗﲆSdb"FN9ϲ"!l~H`OFN.dQHkO~~fM?rz6νȿXz; Z_M5ih,C|5OFx6G.z &3(N[ut J|f_:JwypeE<SGN"HwwD8WsVucG6u+aٚ eo9#Ȕ 'AaRx2q2PBn[y4Aam~]/[7mfyf3ցmzϙ-vIE?A^ 3։y8wWԄekI@aQXZz N:5#0B`3-@cӑEL>fCe"!mxg.blü"{5DmWthiIocX;OIb崛0KR9Zg1>p $bU W,ür|oKt^ s DPeb6P|ؗW~ ~dǹ(}bWF)aܷTAJ!ӑ2 _#oˆztrxQKc*iǩ\Bn=.HUbt4.*Cᦌ`' n#wbI!܇m0fL&Hw0HI VE_ 9"UxW{p2PioeXKM<%)&&"ER t y&7B:8.:WV#l T&\ lj_mHp|mмX5aXXJgw&, x3 ?)z~}$fSt8 ]GYF7 Y; EISׁ #xkc SƜ,Y]. g;/X 'rni34"Xhib\RW@JyѩScdW=q6z\̖G OVeG|jrLvI7fdS-jjn6-Q8S =\C`usOYUV11YOvvW\%GIW @4'#a`TX$ks^+-_IR& MP9-ዛ А1EbS6QrfE$tStE!%gna ÜGyi?`a9O+j&ЧJRvU"_Tu^^1HT(ȉa`!,yQy4%!gAIk)\ucÅ6^q4ŝP(XudIp ,jɚ >cE&`&`Eɬ4ͿX޽'J#g=(P#GK%PzG9PܬqE!#q$8#(~;`R'"g)9]Vf+$s/^Akt3c?ObI釋?.W1`RwZTWWƜ5Fpjۘibz AWo衻OԘKF^ζN|X___ ʦʬ'^J&OTa{Lߘ%-ɮ@ K#}sw2%ٿuQ5ETlG`ݑ)1ixlxr7)xE"Y?4ٌ^5~8JȵlwY1{ "{RÐή)#Н7k<[ը!2CW-=z=}2 %CD cu2:R5ݫ5?O&{I wo$"Wipfm g=[y_w5%K!5 Fx$}Ö u{ChED-;);]:ЂË$"Ы?CD KÎ ۿ<}Q 4PpfsjF h_!@D)YHiE \1fl\FD)h]ѭ|Cj /qeIrlSo}Y$eT0&CM5k*0 ؀k]pu} \H'sAvyts |{%Zn;o0ȁI,o/ԵA cudP=.u13ܠN$‡AOm`{1CȴЖq}a]jj%Vi g cK/+N)QʧgKt֏%{'1m' p1TPc޳PRoBMH >Tz%DO^uuE&|.'%*LOc{]u |]l?Γ_AmIK)5\(.rf̵WqIFdb[(XQW4'+L2JcYⴂ@ujj)m+kqJ v>Pě-wcj (Wva[ɞp 6-rzc| Dٻ^5(|j?9p7I~cYTWct)t@>"z-f5?ݍ]}O׆crΨXwy`KBIu䧑uu?/TtqCUJ1v ]QcM~,+F)S^ .de*!mn2 lȊZߨTZcpB ,2orU DR &<@ 5Wv4-P>wHplKd3D9XjRkw&^q)(-NM' m%,ΛcDG a3LpҤ)zXPM %;, ЈLm(w[.(f)M֌V`Ir6c/?XUq9w]M{^9!aAwFjC@l{9eS!  ͩK>d@ RZ+{2'Z' _%4@;X5U.K,˻~yGI9K,j<j^y\e*rWuߩ'9xY `N̜پqAwm[z0ugB[c{+\j/LdžS3%ydZ(~}_{5.w>>s̰K|*1l-L\!iwl*7b)5%k#n-PL$aj*j'z!]4u:[Tbff!lUZRGD7t+5u qҞUVz0o=W穣σFǻX3 UkbC4wf=GV=1*tMJA͊p,~яcoAN '96R]>4?a wJ(,QɴS?7Q2 %OI$AR3w-jAuO]JuTwcמc@ #)S@PUl⥩1D¢"ԁ$ވٹ(S7Iv`s*E˙5-->7hP\ ﹉]wlԳCaÌƧ 9йF>kN\m+u&~Hn{ǑNFxZ @ge)h?q< &a]܌h•QOڒh ` [r+aGZB MDn̍X@TB;U").\Ǎ1Sҙcתk2{;WRNd pettRxDj'\}r…i.WĔȴr5?p_sWn\۞[uMIN0iB|H_b LüG}}14brtCef7 赏}|d\ǴGwv*VQuH~v1cttW\͑4zDGx#;8i 6 (J X|&C,ݰ=!.( I-;$ nvQ8(2Fk&OGcZV#/3%A+U-A5۴0j-|SѶ>=bK\Gnq I]l,u7kBm5"AlѣbmYrT?$^pa}7L=1x,δ/ު/( D*?*Oׁ 9 65`%=.JduV}okY,A^h`5A@o eŜ$r+ǻFOV83@߄.r])1832!m-gmBl"rkma<LY$PfLS ,Jߩ}aZm 禜 ]P\ڧWIv54њUTV.Oi뙊q?ĦXKʃXQЍ$pwU?!0jSD 9^'tVʷ/W7kd/X+k{&:$GOw-惺ђ Ye1Rm {U XNe@@tr~GjQNz?8w+k<.˦'_!"3N=k`9"\sS3eAl Ƭg3"Tu񮩔EԋqrN:Y7$0Eym' .v; 7>b()(+A0cUsLjFX VYn|.jH ^挋'zZiI&_J2Jі_CWt6Ѻ@(F3 z.` ]*GZMeIelŰ px'R d/MR)qu9<(o*"["Ms$,YpF'pg 6&IbA84Rb3S 4[ L[t4$y4O46ǵU6mPGְ[jݿ<ފB}spx?RhFkRt4LRa.0 i?U/J^@mEu'(u7+|ZfAhuB\l<\[&eO@77Xx,YƜg1AXB)_>e!\u/)پաe`TF#|GtUAKBۛ2T+_BӑfAq c^0džבЯO* @0}8Qi) }dSݫ^hP7ep {'ΟA6 kޯW&#w֤]mۤXЩ ⋂X>L+ƔU`TX !/І^H1hڕT~5}Ɍq6̍9h apք$)R/F%oppltË) Т;q9y$ktq,4H8;NW%KX_uG oz4<83nvȇ#J;N X1 kTgB)(;IH} /sZ}EHn^a1.zh9H!X4yɎ yM8p9YxHx:[Ko`'+4A#v&1l3xDFCFYGF`l*ф}(_|-'{'0>i`zYaGtr b(AmDl5%U#,;p(0cTlyJ<8 f +=:xHJh8GT@*K^'z0?C9׋kx`n1hޟd (1,bd9B’Czo]UeoEk[ye;@XՕK XͿ ӬwyN1mGF  68D/k>5:9k/\M{Ia/|Y |?+;srF4n6I֜}W_理Ħ-\AB,͙ ^$ٍb $ T/&ۘ`X% Re|.Ц/3pPAvC}**9f:, A W|Jp]SX {iDƑ庎3˚"TzX w8;޷-iv|Z;-:|U qԋtGm/vdGፈ6"P"шJOUwj֐NHW|BE-.\Ϸa#xBhf?)-emQ ЩDFـ/ѤkݐY܀&I,RR1(g43cɆxa֜AHh}; FvIQ?2h~"ҝdqRfMh.a>i"! Nv=ƉNUPZdk$S ώT]Z Cܨ LYE Ve2[b sBݭjKnAmGR.E { M|_Rgb>6W(]}gv M{ۢ]EɎ`q6>S|p6y>{0)$jW\n'CPt#cM!b: sRL 8q^D棐dɞ+̹KE\~$ uKVtVz2Z䍾pS?ѥ@G;]⥏rDIƌG}8b)T3˜3ҡEK!N=4ʨWo[ j$v-HBP!˾`sq~ֆAn.5P^I+K먴=vﮩaj#t{3%h{gz9NbijGXtE2ˍsiO:Q\هU_C;buF+`!>y>s^ԙwf{_.M5}% ͽ/m`Ф؛TI2T5kሐ`04[F:]PENf(R<-+6lgYn:xt楳rzgx@>甒ewavwף}<;:n #_Lj| 3sbvqm'^f&EO(y|E&Ju(cKUw/rZn |sd3"5B\A^_-4niJ.oX)6gf BBx# i{>FX+Ԑ8iC+4rgI vs{-fh^1:00DM-SC7W悅k+I}1ʤ3p$ f2{ DF){*hO UZxc,g4Y09B6>*̘# siLM[^Tw b^y3&".p!b~dT4wyuh1`kubDIQ/P\A+[r΂qWy PZxy&ĩ 3i\<4K=W- +׈VD7 {c4B*f8V|酳m$zѝ\tleYg QaQT3F:F+)H9a Yu.Sh*?eP;NJ3NΚaұ =5O 8(`,Yǚ7"ApuR'PEs])n>l2"Ƨ%w1p!#́p.@R/]:iHm/\ыk*%Sl-y&i뗛>->8dDǽ@/RQy|2_\o5j{挤|,rK  J=;Ί|ğ̾K/W)+H$*q$YzE(&@91u>빀΅?aq*T䅆"j٧~R2-|.sѵ4ES "s#a UWdPٖW ;? aUQFؓf6 )EtlF|ƇcΟEhX8(M >[]Ȧ'8&cΠR|4uf(Q;K(*QGmo߃#2qhۃ> }{;g!v&Mqw(6*ggª'ϊv]ĢB6A(S' 8; &7aE *xv'|z o=cխliek4Sns%ʻ߀/&_3IznUfn |xeZ87t1[(0\z0@owH3bB;44i6&Tq\u+s/\ZE`.DU \>iuOϣ_e.&p!6yHNM}uWDm`;/4QK[5=Iodq_…mu (Wûp0gs X\Dق[ DR }{$r{<{.6k#'RQ#C;[ .B8*j%ͻŨ~6tW2̴ja{aY  0¿RH^:vD֞]Ƶm=Uc bEuCFe$-XcÅA!Xb3b`?ZSS * `,ʗ r+N|`d6"Ÿg0х3

)YfW_y %Ch'n-|bϞjr¦|QWF,g\d[ X&cPL?7UJ>TG^*B.p(K5h+ԣq܆^0; 4^V+4Xlv̡oJFe_3DZGjŏ(s@u'{}*U uJWp81r!5XagblTm Ba4?*JkZEX4ZxdqD3 ^gך]ı%ΕF\!:n*$nnZnѥkzݭjڻ!ϙ{ZKG_BD6?Z+ NHAҨovyn\MI+\4F^Ks J琍itޟY]lgBn_4иbk ArLTsJdZQ#3,NHm L!ӏBZE<( >=b? LJmwob&U]͖C 4c*t`_9P]i6* &QDPlL>r}.]m|pM!Wxi"C fk!(U ^,-ե%,d4}YDŶ."TxMH z)_V:iSn9M=tZ|[ux_I\mC$w*) Lu{$3 ωēc|i}nvWغb?VW Q-sdl̝-d1FB:&lF4'`;T =3#&S7|JxΖ%v^e޾LxtL'D*".HjtN8Nۚ2%l9zS:?٠4A-7p+|`&ꭾ-[$e0#qgHkOs΂C m<>cj%{HֽL̶ڰcs~!DEwTK^fGP"Us$[MnGFn>bCy'vsQ?&!:5/k|S:W&j:A#j'{+k@Lz`^?Śf[}ХRI!`Bb}F}.z [NSSC>*7zMG6J7tak7χ 靖!Mq`yK6uЂb g~'kaab(YC(ky$,@LOn/ItE0w=v I^89he)e}bJAte9 5tTA)is6E౺Qt)UI20#?"- y7K>N|9)P9ePEĊJƩsօ?JEGc%֙-]}0B˚}:S|?7Vvjnu5Z{`gZ +1[ݯj՜x['ΑGC؛6epJYm\չq#.˝~ڽ5*>RҲGF^y'TFӳ5Mh[)}Vq֥pL#f+ŚXr*6xi*Rw$_kvW|/xq}hhh*O$%BO @3)E/Xg3ITey4ȭCx}?݀T/?m%eZIpQF}=,ǟ@I4þZg j[T +xSɖ҈ 0D"`Z\=hP[g9iK,꠺!h/\B<-^ݣ~IʻK OLKFWd/R zN8k%HhEDKUEe6drp>JGmulä|\NV]M M޸ۊ4,4Nu]y((zJZ~XN u:bǪލHL%#c (O.4%ݮS rSl٫#Yb(*UaT.*isE5v:yCԫk_rƌ,[sN85ݳ0%Kx-Gqo isԢ2gZ/z7EHn0u:p`ű(4 h2n ڍщ bNт0 5Dذ.Y [nA.p+ 2.-7k H-+&ڞMVp0LQ&xN%cN+%n1p|JWqMnY_ pI5DŸoWfWN@q5 *FUQkY5@JNA#a`!f}HF{."1U3*NEa0׮,@^%NB:EVV+{5 P5Soŗݫ7/TkLަﯨ%b!X< $WX沸!ƥb;w*Jw(DclzuMJ]cYO Y[g\;,<5ȯlN=zbMvI|]YK[ [A; E/_p:)Wox5#TY_ی,$;>tnT,>my]PiG@ :D8͖fwzop25$|mo)G>DDkε([/\++sQ]WP7b AQ՗&:lGΒy)NS*~ W+,F3FOhdb;O3b4+AE?lL*9/PEIfcZ z'6GΖ]:ݾgl6.EH_kڊãtz/X+乜pQdκ|^\; dIţE_W&ۧ2!!gȐ f\yLb$v G;52-Tg&@t+Nj`j@W T:Tt6LBJ;#.6@aXR j\[dK_3ㅎ{ ΂DFb+Elgrs.0vi{ ˝1Qq+fZ"^ °@Y,h A7Ȃj\O_Rnyލ^7Ft`.9TyƲY]JR L3OZֱ%^_J;+gՕ:]| :@]E."\2[`qekCR&8HyHc{?6_VݨЋ oM^mό٦9(Ԏ\S 7W]h% ҲsXJBZ|f2vx,sz?A51uQb`jc '\*@&֒t&f`Ȑk (hCdF@bVzDXeHE+>~=CUH kX:/ 30pȦlJ1 ,yͯ^Нz@Ө tCf6 pHD\4L?Jl$ V+Rv'4 U<|ṕkd$ '`iD(1_=9"f|.Ԥn;+4d֜N/.ye*BuDA/^fA\gOu|JZF}4>^jzL+<|,,˩cJ/xOپ?0ږ5̽ \hIt)V«֤Px)!Y%TD$ QdMHj= qR,3X^tMzbt!𒬠D&: Vg(LH|7LfFdq`oi7I(Ņi @~Gj12юo(Nv)eMT]'V\(tkjm C&Fn@5:uEÃ):,*ڴZR}Zmf>h5(rWĪ0x%V;-:B_VܕCNQfHVءtehސCx`4SNʄ:ʩݧc6( ,aqY ~"b{uiP,sMoQE'2‹9+\W=0>Y ,0傩uCR{ A몧Pjc W=.a3IkRˎύ . Ю<bjuLvp)9ZSGBoүS""l"B$_dB:M7px 5 /SJ}%f 8Gu]+)kjciZ/ Oul8: %fgdE7/bW h8'3*jl$z`'Tp޼$j7b@?92!NsxA22 c4+@|l߷jci7oUrЧͧn<&hUC]9Pɤ #,z(x3V;FчM7z^qp1އ^1]wUcۨ#^]l.Le59=.A^(m*WE=%b5 Վ"׵F~g1:oFHGf=h[}'O=꘳ҏeo,k@y06f;PT P.#yɹ K-jւ#Q` cܾГ&oא:FkN߈o^yP~njHOBE$v 9~2#=ZcCXU1O;I@klT§֑45h%RQ;z*~ȯujkB1-yמ.Jy׶Qcٞ-p?7DO}EV~eId+q5}]\GvlH*7BXTLOjzX \[L/#adS|n{;fC$?s!d,L{,xA3ʹWN MuPou4{oܝ1fe7ILذCSE& 剭ީ-~4Zs'<0 d. >BONǞi9Td#Dne[$/[淴ͧm!V'P^r0[j~`սr`JrCӇ$G9< ɰ9zR;e ~Y90n |G&}:`r,+J׃} XXNfW4'antU*{"[- ;s</AASHcޓ-!`Ar()N` %Eˢ~ qe8= }%pxƇWQ]`r"Yi$.O'<өUX1 A嵧_Z5xvS7Ww<'7xѩhԝLÉpqQk.fxP8JJm $C7;wM:f!i~WG^@okr: ?9ףdX0F 9Ji"&*+TR۰ 6#9_8EȻy7wFy~ݭ+䰚7w8-Uj;EVZ: 可YߙL{a֓m9ܐJW(YUiIB9 =}u_Rhs,7Y_A mQ؊,>@6ՙGrz7EeߚM/Pk9O- \js_9ks\բWycu? =@V|-Ri~1M}E2k]ɪ҂2h׳q}{e7ys nƂT2?xQ*)6S:J _r 7 E`M8zIC619Tk c IMT\R{hKDdL^~Rj'^# n*lw.UcH>LJ:RŝQ{1I 6eʶ,;kXG7cPo}%'lͳy{ʖ.DA.yYss@vO)hN_h7oz->j=8+7ڲ##\K9qC}?},/ەO`AC<ѷtUU &1ym2a%bJ>7'L{AcW*,֔)8Wa3xOf9xΛ 8 I1l7R%Ds.n)!Da3dA޵Z0_";!M ;zoWms^( j5tt0[-n|燈y3N{& -h=~_v$@7.#7ˬ+K~#ȉf0 ɨ- wBO[(L͖|@0 Ssx(1``wr?Hnn=[9@.p"Llm#+Z$;nčykLT3y9p0>4U?>\70@SIfF.[GXqyj޳ .ݐ0GV1 ?o,kbG[ k+gy*݅\ҴţW^` sIY&_0rk#[bk ޼t7"GUvKK6R[ wԧYRpI蚵z-Q_+$P)1boy hȣ { c-l}i|Q) e4<\ a qkKv0rĵ1̒GKjajي$gF(^ >W }-|-=CCE#|NCQL7DCm 7޶AH`%LT=SHw) .99NeWeeLg fq1}@|j|T]TV>%51_f 9nu7xk`)tQld xJy]cS[Y]f(o y*]w,χDU 2))Q_~\Oˆz]#bO&zɯU R:N[L~ ]w,܄n̊+ɤPڭr!) tJ]?ntHڧ$Oc&ܣD"h~7ܧdwIv~DxY2ZJgzNjINƸ!L^@2+qؗveӺ!_|ddpl Fj,]W 7}9)B ]&Z񧒒 6c-9uCm} 8jyr]mSDMtkD6'kEf5Ǒzv-@:'3ˈ]t lF,&k^F  [ڴ\胖\ id+uN3a}Iesf9mO<(N.zBtP$,L'9笖3zi&ŧK+R4ʔ߾݅md |CpB2s1< ~mi'܉|9]πLzV)Z|/{-}8S N{y2f}̢Z⻎TmofMEmɂ̀L3}0q"dž*՝xu:Jܟȸ+ώ/lߧ#(JbꩇWp"m֢_o閒B(FQ-W;I}/ԟvR3@sAw|&]Nߑ>w'\~FogaWS{4,Wmdθ%RW)sV PX9-PKo5c/iioaVXf8jBmҸ~T,S}F&qf|fhaQ!b1Xʿmi8%rEhj0]3OmAlίK"0Tmq>%iϝ22 D4Un{4 g}$Aw QX V_!bg;!$Ggٵ>)# S/tQ% qzZ+;̃hKW6UM HBnЯ|_×;Q{}>¾NJ L7K֢s  gBQ jf7VSkҡ;)h~>172Aǥݑ HϵwZ߉9B F1OҪ1^LH7LhnM8 2m.&^[.]k4i+3,7wɉh0F5Iă#(L1!sb@%rATMgZAD{O!-BofcLaDNAAYK-G4 8L&1$f HtEuX w: 5^J!)8Q_j @[RRyQOSr+Hƹw:}Ii]1K<4-'9R]-DP0tӎ5[샼qǪtK33+h<(\_ӛGRC+|7A1 |L/j;%.zR,X/Jnؑp;~jVQSڻ]dAnn6 иnˡ$4v`bS4Y$zj́mp2qɽr8B[S[9R,|@2CR״;Gұ Gxhu Iq 9 8 ͼː~AOr hsB5F|_&< عZ5ia^+(t}x@3ag1D_T]_-mvd>Ү,h z  :#NBWӰtu덫^9@P*3|m[g))'*fR?XӕZA}Ti'SmL.4oц`1*5ݽ"+|DY΢Es 6kѦI*%9TJ Kt "FW{ w}S=!#m5S=-(]Ba'6eVoDBOq1,E (eC&,͆gцyPq{r^P{LmݏO^c>>ɷeooŃ8{Q 2{ h_ Eb`N c{>)N%gœ=#{Y vrO8Lg8xBgǟV5Ni5שq߂BO}#yx> c.,W|L&d mhHXr+#JE,"BQz`mWSu:u(|9/~MOr~] u6iR66Wш"Gxfj~%l7_i] ]oC |LDƍe0ĨK Âɸ7i| Ч)@zL[E 5 BJT5mrBm5|l^{hzZzJQNϬJ| p˷Sl5*=7*~b&DK E D+ș¨%1хcN>ć9ݕ_QQCGu4Z ;Ͽݑ}O }[SS_ )omMa3k( eH]hZν ڥ=9w N/"\3w\b>SV7"g,bz3j`Zl>3Q׍1 jO1nж=I[T @trqZn/*cvJc-)d x n'x1W'QtSO#zmtgNKJ8B?]}H:W^ m.!;yE m8uIB=q(}\BW w@`N8ፎ8R` lҗʡΤLChF|v[U.sa_{YkXSurh>;؄8.m" *wţ4n(?$a (E(#цX7fʛs!I?bQ%yuKbcvY@̃vo_/s:4f yZG,HؙN|^D8xX_``( mY Rp~Su\!ݱ9Axʷu 507-bkotޛ8ۿ"eN=ݼDbzhM.V훋d Bzo #crM 0:ERƆyUਜ਼Uuh%j1; Yz55HOQcwj垳`Fi,g.yeFt{cP"}F9U6$5^aO"34F%ӝRmʕR _a!OL J]c.`<-8 Б m9.:**N@ (]J#Pym HSծ\T;j~'l8r,IT=C=/XG=ѦT I"=j 5~Y1Cub@8Uzm5P1!]"Z(XhSK0ղ3ccl))bjR{ Zd.]O'(vjS^'"t2VDёH3hNV$H\kpAOj\ %J* ,.aPh(vr7_PMk3^̞M,vO ( x%] 6*G۽'SW457-4Nzhp1'2W,wU3up䥽nk7=raWɈy__"os(;! dҺt]ϝ^)dB)A E =T,:q* $ \(˕Yɑ`e<(eqZaՆjuHǤG@i96!wMNõFv|zIEoإ(~@Q4uko%|#켁MYՒ]u/AxkQI?ӊF-YHj1M0 cUBz+AݳpG*/cII+=6>CbB|[ !U3F=:7X*+`E%e>\;:VNX+KP9i{g=WC2Tk| V P{%9n k]x0fetЇ u$BKlAi%;6g!~b ,9La2M hObX,sGu4f=Zm}\|kim:-' :%PǃC{7M`C#:*$c42G@PF*5'W&hHf41w[Q8޼= &bwp#\?geq7x*)mыc@4ZW8IohGւ u!3?M&I–Yl/& lW7Ux\PB(зs9k_n@N`5 eR^aq9֝8hwbAMtdΗ쉼0ԣRw {9AeT6սt|4-'t'iv!LYx\>0ʆH߯Lo}ǚ{ j tAuih!]"í9/+ [4A-jhd1H#GTL7ׄ_Osyڐ2bnA%/eAT0 oVtx6`Fh9]HJvD-3=4סBz76Ɇ\X\)tz~Nn0wF:B`C,<L`,`2A-6, ?b("+7(~2Hx(eYg L~[^<n)/eaXa2@mVq@ f! 4eQs`@`yURY+K3N2pi*/Ok" Jck<4#