nss-util-3.67.0-6.el8_4 >  A `VU]D}~;NlJ;rqT*/o&C&$VYIU3-ޖ?Gv+d]aSA$c$|Y[v@ ixYy};cK ! C/B%g~g7 V?`SGŌI?;@y)_K}7:IV[*e:6D'~:uby=z7LAo$xhOyB'묕盛@D3Fzj:_ܫUýC2dXX~ۄ4 HKt V=E?j87Rz?HlC-hW, GX LBq܊H\60*G>֤#J8%M7MnYRN_^\lLV" Ė̅%M8:5yŷ bS Բ%glwj1J"e.W:! S^S[WS;a576b97abe2e387765923bf79d040247685dd3e0ca209f062b1988f82ccb1b871d156ba35592b5e286e941d6a59af8dafc3db7a1`VU]+7*_*Qh*` X\lqoP`xH j/[&/Ğm"ݏЇg2=?3{@ע_O-*\`)}yqǒ8 -"Dp"'3if#*qRClv)O8Vh`}RnZO w&-  COB3oÁ%Ώ6;0Lp[W Lo"h0گ;>,fS6Y2epYD:wԷ-| S`t&˽ Y65pܱWrV9h.X8rcǛ|ȯ/L 0vZ1H(w|։ek}<0?R{(󌇏%~MT / p<|?ld   F "(0H T ` x  (@^|,l(8 9 :[nGHIXYD\t]^bTdefltuvw|xy &hCnss-util3.67.06.el8_4Network Security Services Utilities LibraryUtilities for Network Security Services and the Softoken module`aarch64-02.mbox.centos.org^LCentOSCentOSMPLv2.0CentOS Buildsys Unspecifiedhttp://www.mozilla.org/projects/security/pki/nss/linuxaarch64$FAAA큤``````7165737e3226dfa3fe749fa2ca2387b8686babd59a80fb1606f2e5dfa15d2958a20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4../../../../usr/lib64/libnssutil3.sorootrootrootrootrootrootrootrootrootrootrootrootnss-3.67.0-6.el8_4.src.rpmlibnssutil3.so()(64bit)libnssutil3.so(NSSUTIL_3.12)(64bit)libnssutil3.so(NSSUTIL_3.12.3)(64bit)libnssutil3.so(NSSUTIL_3.12.5)(64bit)libnssutil3.so(NSSUTIL_3.12.7)(64bit)libnssutil3.so(NSSUTIL_3.13)(64bit)libnssutil3.so(NSSUTIL_3.14)(64bit)libnssutil3.so(NSSUTIL_3.15)(64bit)libnssutil3.so(NSSUTIL_3.17.1)(64bit)libnssutil3.so(NSSUTIL_3.21)(64bit)libnssutil3.so(NSSUTIL_3.24)(64bit)libnssutil3.so(NSSUTIL_3.25)(64bit)libnssutil3.so(NSSUTIL_3.31)(64bit)libnssutil3.so(NSSUTIL_3.33)(64bit)libnssutil3.so(NSSUTIL_3.38)(64bit)libnssutil3.so(NSSUTIL_3.39)(64bit)libnssutil3.so(NSSUTIL_3.59)(64bit)nss-utilnss-util(aarch-64)@@@@@@@@@@     @ld-linux-aarch64.so.1()(64bit)ld-linux-aarch64.so.1(GLIBC_2.17)(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libdl.so.2()(64bit)libnspr4.so()(64bit)libplc4.so()(64bit)libplds4.so()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.17)(64bit)nsprrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)4.25.03.0.4-14.6.0-14.0-15.2-14.14.3`E`ݮ@` @`ٹ`̊`9@`Ȗ@`D`r_@_^@___@__"@_"@_"@_!d_@_ L_ _@^^@@^@^ۅ@^4]N@]]߶]e@]M@]µ]L]]^@\F@\Q\\\\\\@\I\I\U@\ `\l@[[[u[#@[[W[O+[M@[ZZw@Z|;Zo Zo Zg#Z ZZZ@Y+@Y{YY@Yn@YV@Y@YyYm@Yg`YJ_Y1S@XX@XX @XXYX@X@XX~@Xx@XoX>@X*X@WW@Wt@W~Wv[@WrfWoWm WbWQq@WPWJWDB@W4p@W@Wo@W@VV޾V޾V@VяVIVɦV@V@V=@V@V@VO @VHsVEV3[V UYU@UU@U@U>Ua@Ug@U[%UUU @T@Ts@TTء@T@TÉ@TT@T@T?@T:m@T"@S@S<@S@S@S @SSSSpShS(5@S@SRy@RJ@R@RR@RSRR@Rm@Rg@RD!R@RRR|Q@Q*@QQ@QKQ@QQW@Qw@Q]k@QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.67.0-6Bob Relyea - 3.67.0-5Bob Relyea - 3.67.0-4Bob Relyea - 3.67.0-3Bob Relyea - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1.1Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-17Bob Relyea - 3.53.1-16Bob Relyea - 3.53.1-15Bob Relyea - 3.53.1-14Bob Relyea - 3.53.1-13Bob Relyea - 3.53.1-12Bob Relyea - 3.53.1-11Bob Relyea - 3.53.1-10Daiki Ueno - 3.53.1-9Daiki Ueno - 3.53.1-8Bob Relyea - 3.53.1-7Daiki Ueno - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Daiki Ueno - 3.53.0-1Bob Relyea - 3.44.0-15Bob Relyea - 3.44.0-14Bob Relyea - 3.44.0-13Daiki Ueno - 3.44.0-12Bob Relyea - 3.44.0-11Daiki Ueno - 3.44.0-10Bob Relyea - 3.44.0-9Bob Relyea - 3.44.0-8Daiki Ueno - 3.44.0-7Daiki Ueno - 3.44.0-6Daiki Ueno - 3.44.0-5Bob Relyea - 3.44.0-4.1Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Bob Relyea - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.41.0-5Bob Relyea - 3.41.0-4Daiki Ueno - 3.41.0-3Daiki Ueno - 3.41.0-2Daiki Ueno - 3.41.0-1Daiki Ueno - 3.39.0-1.5Bob Relyea - 3.39.0-1.4Daiki Ueno - 3.39.0-1.3Daiki Ueno - 3.39.0-1.2Daiki Ueno - 3.39.0-1.1Daiki Ueno - 3.39.0-1.0Daiki Ueno - 3.38.0-1.2Daiki Ueno - 3.38.0-1.1Daiki Ueno - 3.38.0-1.0Kai Engert - 3.36.1-1.2Daiki Ueno - 3.36.1-1.1Daiki Ueno - 3.36.1-1.0Daiki Ueno - 3.36.0-1.0Fedora Release Engineering - 3.35.0-5Kai Engert - 3.35.0-4Kai Engert - 3.35.0-3Daiki Ueno - 3.35.0-2Daiki Ueno - 3.34.0-2Daiki Ueno - 3.33.0-6Kai Engert - 3.33.0-5Kai Engert - 3.33.0-4Kai Engert - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.32.1-2Daiki Ueno - 3.32.0-4Kai Engert - 3.32.0-3Daiki Ueno - 3.32.0-2Fedora Release Engineering - 3.31.0-6Fedora Release Engineering - 3.31.0-5Daiki Ueno - 3.31.0-4Daiki Ueno - 3.31.0-3Daiki Ueno - 3.31.0-2Daiki Ueno - 3.30.2-3Daiki Ueno - 3.30.2-2Kai Engert - 3.30.0-3Daiki Ueno - 3.30.0-2Kai Engert - 3.29.1-3Daiki Ueno - 3.29.1-2Daiki Ueno - 3.29.0-3Daiki Ueno - 3.29.0-2Daiki Ueno - 3.28.1-6Daiki Ueno - 3.28.1-5Daiki Ueno - 3.28.1-4Daiki Ueno - 3.28.1-3Daiki Ueno - 3.28.1-2Daiki Ueno - 3.27.2-2Daiki Ueno - 3.27.0-5Kai Engert - 3.27.0-4Daiki Ueno - 3.27.0-3Daiki Ueno - 3.27.0-2Daiki Ueno - 3.26.0-2Elio Maldonado - 3.25.0-6Elio Maldonado - 3.25.0-5Elio Maldonado - 3.25.0-4Elio Maldonado - 3.25.0-3Elio Maldonado - 3.25.0-2Kamil Dudka - 3.24.0-3Elio Maldonado - 3.24.0-2.3Elio Maldonado - 3.24.0-2.2Elio Maldonado - 3.24.0-2.1Elio Maldonado - 3.24.0-2.0Elio Maldonado - 3.23.0-9Elio Maldonado - 3.23.0-8Elio Maldonado - 3.23.0-7Elio Maldonado - 3.23.0-6Elio Maldonado - 3.23.0-5Elio Maldonado - 3.23.0-4Elio Maldonado - 3.23.0-3Elio Maldonado - 3.23.0-2Elio Maldonado - 3.22.2-2Elio Maldonado - 3.22.1-3Elio Maldonado - 3.22.1-1Elio Maldonado - 3.22.0-3Elio Maldonado - 3.22.0-2Fedora Release Engineering - 3.21.0-7Elio Maldonado - 3.21.0-6Michal Toman - 3.21.0-5Elio Maldonado - 3.21.0-4Elio Maldonado - 3.21.0-3Elio Maldonado Batiz - 3.21.1-2Elio Maldonado - 3.20.1-2Elio Maldonado - 3.20.0-6Elio Maldonado - 3.20.0-5Elio Maldonado - 3.20.0-4Elio Maldonado - 3.20.0-3Elio Maldonado - 3.20.0-2Elio Maldonado - 3.19.3-2Elio Maldonado - 3.19.2-3Kai Engert - 3.19.2-2Kai Engert - 3.19.1-2Kai Engert - 3.19.0-2Kai Engert - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.17.4-5Till Maas - 3.17.4-4Elio Maldonado - 3.17.4-3Elio Maldonado - 3.17.4-2Elio Maldonado - 3.17.4-1Ville Skyttä - 3.17.3-4Elio Maldonado - 3.17.3-3Elio Maldonado - 3.17.3-2Elio Maldonado - 3.17.3-1Elio Maldonado - 3.17.2-2Elio Maldonado - 3.17.2-1Kai Engert - 3.17.1-1Kevin Fenzi - 3.17.0-2Elio Maldonado - 3.17.0-1Fedora Release Engineering - 3.16.2-4Elio Maldonado - 3.16.2-3Tom Callaway - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.16.1-4Fedora Release Engineering - 3.16.1-3Jaromir Capik - 3.16.1-2Elio Maldonado - 3.16.1-1Elio Maldonado - 3.16.0-1Elio Maldonado - 3.15.5-2Elio Maldonado - 3.15.5-1Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Peter Robinson 3.15.4-2Elio Maldonado - 3.15.4-1Elio Maldonado - 3.15.3.1-1Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-7Elio Maldonado - 3.15.1-6Elio Maldonado - 3.15.1-5Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-1Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.15-0.1.beta1.2Elio Maldonado - 3.15-0.1.beta1.1Kai Engert - 3.14.3-12Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- Fix ssl alert issue- Fix issue with reading databases that were updated using unpatched versions of nss- Better fix for the sdb timeout. The issue wasn't a race, it was the sqlite timeout waiting to begin a transaction under heavy thread usage.- Fix sdb race condition- Fix coverity issues- Rebase to NSS 3.67- Restore old pkcs12 defaults.- build nss for older nspr so we can pass gating with the new nspr in the build root- Rebase to NSS 3.66- Fix various corner cases with ike v1 app b support.- Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC.- Revert some policy changes the generate ABI runtime issues.- Add support for enable/disable in policy. Now if your policy file has disallow=x enable=y it will act just like our other libraries.- Add OAEP interface so applications can wrap keys with RSA-OAEP rather than RSA-PKCS-1.- fips need to reject small primes even if they are approved - code to autodetect whether or not to use the cache needs to do so in a way that doesn't mess with filesystem negative file caching. - add kdf selftests- Fix issue with upgradedb where upgradedb expects standard to generate dbm databases, not sql databases (default in RHEL8)- Disable dh timing test because it's unreliable on s390- Explicitly enable upgradedb/sharedb test cycles- Disable Delegated Credentials for TLS- Fix attribute decryption issue where the private key components integrity check on private attributes where not being checked.- Update nss-rsa-pkcs1-sigalgs.patch to the upstream version- Include required checks for dh and ecdh key generation in FIPS mode.- Add better checks for dh derive operations in FIPS mode.- Disable NSS_HASH_ALG_SUPPORT as well for MD5 (#1849938) - Adjust for update-crypto-policies packaging change (#1848649) - Fix compilation with -Werror=strict-prototypes (#1843417)- Fix regression in MD5 disablement (#1849938) - Include rsa_pkcs1_* in signature_algorithms extension (#1847945)- Update to NSS 3.53.1- Update to NSS 3.53- Fix swapped CMAC PKCS #11 values. - Fix data alignment crash in CMAC.- Fix coverify scan issue- Fix endian problem in SP-800 108 code.- Install cmac.h required by blapi.h (#1764513) - Fix out-of-bounds write in NSC_EncryptUpdate (#1775913)- Add SP-800 108 Generalized kdf- Check policy against hash algorithms used for ServerKeyExchange (#1730039)- Add CMAC- CKM_NSS_IKE1_APP_B_PRF_DERIVE was missing from the mechanism list, preventing PK11_Derive*() from using it. Add gtests for the PK11_Derive interface for all the CKM_NSS_IKE*_DERIVE mechanism.- Backport fixes from 3.44.1- Add continuous RNG test required by FIPS - fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor specific mechanism- Rebuild with the correct build target- rebuild to try to retrigger CI tests- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set - Revert the change to use XDG basedirs (mozilla#818686)- Add ike mechanisms in softokn - Add FIPS checks in softoken- Update to NSS 3.44 - Define NSS_SEED_ONLY_DEV_URANDOM=1 to exclusively use getentropy - Use %autosetup - Clean up manual pages generation - Clean up %check - Remove prelink dependency, which is not available in RHEL-8 - Remove upstreamed patches- Update manual pages to reflect recent changes in commands- Make sure corresponding public keys are created when importing private keys.- Fix the last change - Add --no-reload option to update-crypto-policies to avoid unnecessary restart of daemons- Restore LDFLAGS injection when linking DSO- Update to NSS 3.41 - Consolidate nss-util, nss-softokn, and nss into a single source package- Fix the last commit- Support for IKE/IPsec typical PKIX usage so libreswan can use nss without rejecting certs based on EKU- Backport upstream fixes for rhbz#1649026, rhbz#1608895, rhbz#1644854 - Document PKCS #11 URI - Add warning when adding module with modutil while p11-kit is enabled- Update nss-dsa.patch to not advertise DSA signature algorithm - Update PayPal test certs for testing- Backport "DSA" keyword in crypto-policies- Update to NSS 3.39- Fix LDFLAGS injection when linking DSO- Install crypto-policies configuration file for https://fedoraproject.org/wiki/Changes/NSSLoadP11KitModules - Port enable-fips-when-system-is-in-fips-mode.patch from RHEL-7 - Use %ldconfig_scriptlets - Remove needless use of %defattr, by Jason Tibbitts- Update to NSS 3.38- Backport upstream addition of nss-policy-check utility, rhbz#1428746, includes required fixes for mozbz#1296263 and mozbz#1474875- Switch the default DB type to SQL - Enable SSLKEYLOGFILE- Update to NSS 3.36.1 - Remove nss-3.14.0.0-disble-ocsp-test.patch - Fix partial injection of LDFLAGS - Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream- Update to NSS 3.36.0 - Add gcc-c++ to BuildRequires (C++ is needed for gtests) - Make test failure detection robuster- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Fix a compiler error with gcc 8, mozbz#1434070 - Set NSS_FORCE_FIPS=1 at %build time, and remove from %check.- Stop pulling in nss-pem automatically, packages that need it should depend on it, rhbz#1539401- Update to NSS 3.35.0- Update to NSS 3.34.0- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka- Fix test script- Update tests to be compatible with default NSS DB changed to sql (the default was changed in the nss-util package).- rhbz#1505487, backport upstream fixes required for rhbz#1496560- Update to NSS 3.33.0- Update to NSS 3.32.1- Update iquote.patch to really prefer in-tree headers over system headers- NSS libnssckbi.so has already been obsoleted by p11-kit-trust, rhbz#1484449- Update to NSS 3.32.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- Backport mozbz#1381784 to avoid deadlock in dnf- Move signtool to %_libdir/nss/unsupported-tools, for: https://fedoraproject.org/wiki/Changes/NSSSigntoolDeprecation- Rebase to NSS 3.31.0- Enable gtests- Rebase to NSS 3.30.2 - Enable TLS 1.3- Backport upstream mozbz#1328318 to support crypto policy FUTURE.- Rebase to NSS 3.30.0 - Remove upstreamed patches- Backport mozbz#1334976 and mozbz#1336487.- Rebase to NSS 3.29.1- Disable TLS 1.3, following the upstream change- Rebase to NSS 3.29.0 - Suppress -Werror=int-in-bool-context warnings with GCC7- Work around pkgconfig -> pkgconf transition issue (releng#6597)- Disable TLS 1.3 - Add "Conflicts" with packages using older Mozilla codebase, which is not compatible with NSS 3.28.1 - Remove NSS_ECC_MORE_THAN_SUITE_B setting, as it was removed in upstream- Add "Conflicts" with older firefox packages which don't have support for smaller curves added in NSS 3.28.1- Fix incorrect version specification in %nss_{util,softokn}_version, pointed by Elio Maldonado- Rebase to NSS 3.28.1 - Remove upstreamed patch for disabling RSA-PSS - Re-enable TLS 1.3- Rebase to NSS 3.27.2- Revert the previous fix for RSA-PSS and use the upstream fix instead- Disable the use of RSA-PSS with SSL/TLS. #1383809- Disable TLS 1.3 for now, to avoid reported regression with TLS to version intolerant servers- Rebase to NSS 3.27.0 - Remove upstreamed ectest patch- Rebase to NSS 3.26.0 - Update check policy file patch to better match what was upstreamed - Remove conditionally ignore system policy patch as it has been upstreamed - Skip ectest as well as ecperf, which are built as part of nss-softokn - Fix rpmlint error regarding %define usage- Incorporate some changes requested in upstream review and commited upstream (#1157720)- Add support for conditionally ignoring the system policy (#1157720) - Remove unneeded test scripts patches in order to run more tests - Remove unneeded test data modifications from the spec file- Remove obsolete patch and spurious lines from the spec file (#1347336)- Cleanup spec file and patches and add references to bugs filed upstream- Rebase to nss 3.25- decouple nss-pem from the nss package (#1347336)- Apply the patch that was last introduced - Renumber and reorder some of the patches - Resolves: Bug 1342158- Allow application requests to disable SSL v2 to succeed - Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails- Rebase to NSS 3.24.0 - Restore setting the policy file location - Make ssl tests scripts aware of policy - Ajust tests data expected result for policy- Bootstrap build to rebase to NSS 3.24.0 - Temporarily not setting the policy file location- Change POLICY_FILE to "nss.config"- Change POLICY_FILE to "nss.cfg"- Change the POLICY_PATH to "/etc/crypto-policies/back-ends" - Regenerate the check policy patch with hg to provide more context- Fix typo in the last %changelog entry- Load policy file if /etc/pki/nssdb/policy.cfg exists - Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy- Remove unused patch rendered obsolete by pem update- Update pem sources to latest from nss-pem upstream - Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key- Rebase to NSS 3.23- Rebase to NSS 3.22.2- Fix ssl2/exp test disabling to run all the required tests- Rebase to NSS 3.22.1- Update .gitignore as part of updating to nss 3.22- Update to NSS 3.22- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Resolves: Bug 1299040 - Enable ssl_gtests upstream test suite - Remove 'export NSS_DISABLE_GTESTS=1' go ssl_gtests are built - Use %define when specifying the nss_tests to run- Add 64-bit MIPS to multilib arches- Update %{nss_util_version} and %{nss_softokn_version} to 3.21.0 - Resolves: Bug 1284095 - all https fails with sec_error_no_token- Add references to bugs filed upstream- Update to NSS 3.21 - Package listsuites as part of the unsupported tools set - Resolves: Bug 1279912 - nss-3.21 is available - Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit - Resolves: Bug 1280032 - Package listsuites as part of the nss unsupported tools set- Update to NSS 3.20.1- Enable ECC cipher-suites by default [hrbz#1185708] - Split the enabling patch in two for easier maintenance - Remove unused patches rendered obsolete by prior rebase- Enable ECC cipher-suites by default [hrbz#1185708] - Implement corrections requested in code review- Enable ECC cipher-suites by default [hrbz#1185708]- Fix patches that disable ssl2 and export cipher suites support - Fix libssl patch that disable ssl2 & export cipher suites to not disable RSA_WITH_NULL ciphers - Fix syntax errors in patch to skip ssl2 and export cipher suite tests - Turn ssl2 off by default in the tstclnt tool - Disable ssl stress tests containing TLS RC4 128 with MD5- Update to NSS 3.20- Update to NSS 3.19.3- Create on the fly versions of sslcov.txt and sslstress.txt that disable tests for SSL2 and EXPORT ciphers- Update to NSS 3.19.2- Update to NSS 3.19.1- Update to NSS 3.19- Replace expired test certificates, upstream bug 1151037- Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available- Disable export suites and SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code- Commented out the export NSS_NO_SSL2=1 line to not disable ssl2 - Backing out from disabling ssl2 until the patches are fixed- Disable SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Update to nss-3.17.4- Own the %{_datadir}/doc/nss-tools dir- Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic- Install pp man page in alternative location - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer- Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available- Resolves: Bug 994599 - Enable TLS 1.2 by default- Update to nss-3.17.2- Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work- Rebuild for rpm bug 1131960- Update to nss-3.17.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Replace expired PayPal test cert with current one to prevent build failure- fix license handling- Update to nss-3.16.2- Remove unwanted source directories at end of %prep so it truly does it - Skip the cipher suite already run as part of the nss-softokn build- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Replacing ppc64 and ppc64le with the power64 macro - Related: Bug 1052545 - Trivial change for ppc64le in nss spec- Update to nss-3.16.1 - Update the iquote patch on account of the rebase - Improve error detection in the %section - Resolves: Bug 1094702 - nss-3.16.1 is available- Update to nss-3.16.0 - Cleanup the copying of the tools man pages - Update the iquote.patch on account of the rebase- Restore requiring nss_softokn_version >= 3.15.5- Update to nss-3.15.5 - Temporarily requiring only nss_softokn_version >= 3.15.4 - Fix location of sharedb files and their manpages - Move cert9.db, key4.db, and pkcs11.txt to the main package - Move nss-sysinit manpages tar archives to the main package - Resolves: Bug 1066877 - nss-3.15.5 is available - Resolves: Bug 1067091 - Move sharedb files to the %files section- Revert previous change that moved some sysinit manpages - Restore nss-sysinit manpages tar archives to %files sysinit - Removing spurious wildcard entry was the only change needed- Add explanatory comments for iquote.patch as was done on f20- Update pem sources to latest from nss-pem upstream - Pick up pem fixes verified on RHEL and applied upstream - Fix a problem where same files in two rpms created rpm conflict - Move some nss-sysinit manpages tar archives to the %files the - All man pages are listed by name so there shouldn't be wildcard inclusion - Add support for ppc64le, Resolves: Bug 1052545- ARM tests pass so remove ARM conditional- Update to nss-3.15.4 (hg tag NSS_3_15_4_RTM) - Resolves: Bug 1049229 - nss-3.15.4 is available - Update pem sources to latest from the interim upstream for pem - Remove no longer needed patches - Update pem/rsawrapr.c patch on account of upstream changes to freebl/softoken - Update iquote.patch on account of upstream changes- Update to nss-3.15.3.1 (hg tag NSS_3_15_3_1_RTM) - Resolves: Bug 1040282 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) - Resolves: Bug 1040192 - nss-3.15.3.1 is available- Bump the release tag- Update to NSS_3_15_3_RTM - Resolves: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws - Fix option descriptions for setup-nsssysinit manpage - Fix man page of nss-sysinit wrong path and other flaws - Document email option for certutil manpage - Remove unused patches- Revert one change from last commit to preserve full nss pluggable ecc supprt [1019245]- Use the full sources from upstream - Bug 1019245 - ECDHE in openssl available -> NSS needs too for Firefox/Thunderbird- Update to NSS_3_15_2_RTM - Update iquote.patch on account of modified prototype on cert.h installed by nss-devel- Update pem sources to pick up a patch applied upstream which a faulty merge had missed - The pem module should not require unique file basenames- Update pem sources to the latest from interim upstream- Resolves: rhbz#996639 - Minor bugs in nss man pages - Fix some typos and improve description and see also sections- Cleanup spec file to address most rpmlint errors and warnings - Using double percent symbols to fix macro-in-comment warnings - Ignore unversioned-explicit-provides nss-system-init per spec comments - Ignore invalid-url Source0 as it comes from the git lookaside cache - Ignore invalid-url Source12 as it comes from the git lookaside cache- Add man page for pkcs11.txt configuration file and cert and key databases - Resolves: rhbz#985114 - Provide man pages for the nss configuration files- Fix errors in the man pages - Resolves: rhbz#984106 - Add missing option descriptions to man pages for {cert|cms|crl}util - Resolves: rhbz#982856 - Fix path to script in man page for nss-sysinit- Update to NSS_3_15_1_RTM - Enable the iquote.patch to access newly introduced types- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Fix incorrect path that hid failed test from view - Add ocsp to the test suites to run but ... - Temporarily disable the ocsp stapling tests - Do not treat failed attempts at ssl pkcs11 bypass as fatal errors- Update to NSS_3_15_BETA1 - Update spec file, patches, and helper scripts on account of a shallower source tree- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build3.67.0-6.el8_43.67.0-6.el8_4.build-ide710573fe5c941d69ea120c680fe3d42a5fa1declibnssutil3.sonss-utilCOPYING/usr/lib//usr/lib/.build-id//usr/lib/.build-id/e7//usr/lib64//usr/share/licenses//usr/share/licenses/nss-util/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protectioncpioxz2aarch64-redhat-linux-gnudirectoryELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=e710573fe5c941d69ea120c680fe3d42a5fa1dec, strippedASCII textPPPPPPPPP P P P P PPPPRR RRRRRRRRRutf-8ec78ca8751fe97bac995b9efc2f59778003bc55089451ee417640ae0bd4a480f?@7zXZ !#,#] b2u jӫ`(y,yO8BڰWF456oѯc}R뇡Љt̤mSi9h;. /$~Bȃ˲(!R֤*m~c7 iLN\Wr3׹{<**V=:9FvVή`I?-ӧ%ŠZC]?a@z`B Hl*'~JkMQ1 &0LCZXR@lOvV0ii|ZdK=yCŮ4]!NpʳeH~Ȓ*;08s-<L|%49L="9c!;W.SF'3P}C}U3nɑviXkT2  9 m]~V9U!d|U)h}`Ea~2!F".{luaEm¦MG t/~JKҫjEX1\4>BnD*8FI1*hTy{+pxBb<]v]T7Y;䜖v{gRrBUҿ7FfNwxի_R}pa">u#=-|WCM/dL3#5`7FU+ZL!d[^ ּ~|bۮy}"#B]nǣEJ9e#UP`Dk8SdYYiL3lELL 8A8+ZR?wӧ4 42Q_jn'tr.A%B\GnX;'D.T/;XQ~,JSiUsvE=<8|eyfAI%4e ]%#/?8s4"ڲ+̪(p7FZKDY#J#Nu}jAক4qbO-{t:lOW*64^9 KR!窧IxyW>`f "ypdbG"̌Aˣ8P(3,W_eٙ{N,I{ :#%Y%JDpNGʹ[RYUV#!7OH+-EY`vcG$Z*y L4wab֪ S=(DEٿ=`|adGK TMe~b/J힛p,<.=m,86gW^Xz qmPC& 8KH9z~f@v65cNkiXҡ47gv*e7M|Zcs.M-7XRNK`JېXΟղmiQPȎ?׊e Q0!EjkHzݜS'$H} VMbE]H~u84QD_F߻S9n^V\_q]a?DP86>F7ؔqwC6%0S~FVzt W[Z^ lT*%.{;ޤxs``rPQ7hDž2E<|JL#qf-9^}n*UY#1[F\ Χ]ީlzz;ᥣUя>e51tH :lj`[u[!:V,E]$.Sg EdzvEk$&uT&6)r"X`~&0 1N'j&0c">%t2teGIX=6K.[ڟsSrjQKhJ">7GWKZR"&ߗ^bЋZCV KlZz?7Ib`*-xsԯ 7\GOx";@s =5 :CTeqU3Kf^}=KmikBY-]W9.}(6]VѪ1ǁ*O` 2_P:j3I~V{( >C}$&7DrAs.=KHכ=}eg~@8gc6m/qR}yoBW:-Q\I>VJ XY3h^Qcz c+7$[%ɠӘu`.?gSz$w,:lI1w6apBoy P¼'~NX,.F{klsa(LLUCǴw6w&eKrʶ`rj$U^aN{jD3?\c1cA es%0(%DnA-6<Ԭ2b4Uh{AQ嶦.a쳳KMAq`rޙf 1OeȬi)+V0_`!ЌXYI<ٵ.ȞΜ)_+/$pNH`~rE;N'$3[>" }岈f|ʒ5*W:T\6zKO4 M20uy9)Ў"^芞pBk, JXXBorlk"҇5 к>zRT?)XL$1_&ݸFyk/̾_ȹKa܅3|7`oja,ުn4Ȯ~CSU$~5ttG(5Dis>NĩY0B$zVc1}e6fD|ꤤ{ٟE\N;tbN`AgSfR}wlb>vX7<`#$8(9!843i"V6nZC#YL3 :Vaf6ILPpW?OUG~bhq%G EMtwF=J(cKDFKd=z\gtPu̘p9#o-Ue :,o PǏ\ר UY5 @A-xp-㥖/p!jNƐiwR]R JY0'~}7Wlnk) Zx!d7~9OC '!!@ԙ|TC̝^tLpīXkD-Vn DVLb(O k'츇I|ssC:%C x<ܥN,EW {UB ioHڒm l0̝׌EGeJsNT>@bLeMypr"6E?~!Slqt2L W\JCO'Z!8]T¼\C/pۋm.VfQ'fdU) Q\dp) e'4]`U ?Ȣ_?"1/iX O !atqOURP#1Ђyע%)3y7#8.; ;z/4s|~*?-lXG|1ZƌۭtT H43_\5jt +C0U2x)NB/cQ.wj =Dv?{ E+khEV;:NHNJcc6agDie%'fUH씵'>ޏXaIz};87e#6@REn]~Cx:TV`Sx4"Xp~qst!EDy`읥(\I-̠MiSB5nhxbxg,f|fQDwE|K Wȵ񰠳v],hN[MkCE5)c< ʜwTElalZ"6s_-h@P7_Jk6WFzZ5 ١u[m OzeRaJ2&jmve :[G{<FZkZ'@+W jLFn(ɥ(z^5F&xƝzՃ{\7)`C<2QGDW $R%,/P zdfGug݁.V L+g`RdCys430Eu._?V h_>B9VL߆7/|z96 e͑qWmBkŝUAeJfҮrj}xHT!c~R{{xh4>HKX<)P TvuKnbM&;ؗ{{oZ&S^5H7(SOi,7%ݎpQl"Arr=d5)܉m jq*;q<zJNe,Ha;Su R80)ZZc}I7L$LR 4n,<~4A-Ի贍X3/HfUVۨi^0tBP^ tQ=4Mh䬾ŪmMWÏl=Zz:pmfv$kN,>p,^'z $&Bl:zpI'^V=|vϡU_]/xWA ubLcPA[ǁlĂMډ8S0qT(Uz#贫!_]vOK +fyE-A*>6;:Isr} ]a;4:D?񇍩LsA sP#5wPI+ٓƟ[󌎮Zwd +Ds2ZQKp02_$+!Oa#$2~3'(GVi\C'z2{g(#v\(b͖"㦟M\𭘔dh3;֜L!Z%lQ%=K)V4ēDKѣ]!y$! 6Lv#ݴ&ž Tzw9ӗ XIq>!k/7@mPb:/S+#+&/fRIrHA-![aNYC*[6l{SYMn Eʰ4*N F@t,sk|&%:}EԂ.~$Z#'cqs~7Jذ!]+? H: @g $6r0nXؠp@ɰ'z`;~rkc&>~Skrq>}hc$9Urm9ǥ1zݝ 2O77+ӱPLȆ fFа^l$2C3F:BKb]WzA|IM1]-/AJwDi㣇_JJ{ W$x?<Ơ~N{+צ>_Ey<7؁ȚD\0C,j䢕zzx8BXð(otpbvO%JC,d1~LyZI'jLDϭ-t@%jM@I /}kj|h7dYswo,Ics<P&\tso7J#E]YB.Ƶ$~= t"QҘG4'!ݝK4`xc9z`hZoHҔguRNA;їBa.u揯nf]L%a*>M#HOYTN9Dv]]y&#FVg[Kz.7Z$vr$bNj3h)y$(P*cOm"Й/*۽dd& 8=KbOa37}eȢHY"Ú~]vd+nJt{;%W_K^aƈbUYt4o-k}m͇'&ug*QS8SpV kSYMXM&nؿOoX= !ymbp$o1Rfy3Pu9 Ba-o/`JmXfֱ+<<ܳ5B@8=6gyb2vaT{ E &zV8` jtLXs EQGC%ō܋ @צ3)bXp}DP2j (4P(~it[Җ,"SIj:K1`g Ep6s<ٜ02r ;瓩(eѵtPZiHvѯuyW 8j@q3JPu 2TֶSȨ~Ja e([XzYWZ K[%<\UL=|Qn6#* LpEl~Ʃ9hE-NgCF9I믩kf¨3VJ%f¾Fiۤ= 1#QS{<Y1Y"B{3FC<ȝ;b!Td!Ơ޺#U&k n#7\{ >ʩQU vSgϏȞgr|~lkWQ /By_6Ae|xL+Oc/X.8RcBG+r M=zh$M8O)u+)D{X/R/I`Eհ5O'[M8w4.tg|E)>N1Ҥhl@jZ9 {te<QŰ˖ X^m^BNbWbkD/-L;dmp4a\ġQyݹrFJ6lBXa]HdTš<SH3[B ӘBys:wWyY )~sר0כG+9R-am41g= P,ڇém&sYCxhcM9Tt1ݧx.j577 =+"5 R%B=C\_u^Y+}]Udס%Hw"&7BBxQ6g]Q8_X3 kc+=+DU `Ct g!NlYYqףV|ΩK/8U:sȪJ4#Йa|_kv7uƜ[rʞ W@VGEцD,z뇽rޖ%Y2 G=2`zIS/8,[S)߮_sBeX~qhS&/"n3\O`su!zMqhatSYK/'պB|28ik#!Ec KȺL{fZdP lf+*IrTJotRwf*c_n])JF6` oӶڲP/FS!œxLpKg0^Hmtlۃ ;m`&^t3|p1TXu7ɿX2VXf$ ^>8]6#{+VUBT4.""" )N Vpq-ʏ("ϫ-,?UZ]*!e Sd\wP%T/Sq1Ply3 -,.~i :j%$-^!QZy|DМ23UTᱛ}H[:FHT`Owg!xPxNQֹIrլ)`7qTqEBmLwC~sL_W $&WGQDR.+f>!u[lZ,Afś%Ag8R+m`|^a<a/\4D:i3 i{>ѯ;jӺw2ż@`Μ i8)9r&W,|rCj~NqLq\Z fT{"ɗO]Ʊ"_ǞD-F㈬B%ucKyy,YR9DNH^g8 xLSdRTC,JB-h%UZlkúI_%-Es*ǭ_RgJ|D3Wуt[oTlך{Yxf)Gp>[Μ#ؤ2kAcxy4jAg :!_D3XlPX}}ѼW k?H-V-p`~R#ۦdd8ۗ4K<N@3J`l0EhZEkΚ3BRvj]\%řgs3f|#n05USS@ܽҮV,޶taAG8' GmC =}_߱VeI 驅cS'L~3 "l"}| ]\6/ZgR ډ,U5̳E7^խ#*\'5 T $I4jïA8i߮]bwS}cli9nTaA7׬C_ r}Y\ Js!S+ʹ^ qP+QSBf|Ԃ ޠxv.?ɵ61 ɤ.qXEu`"~:{cdܐWjBP}SP 3mpefFC/`?I'o 89.F;Jg pcАł \.thHQwnn*y 1:[ҷ鿃MȈd M4׽bvNR-g;C<(@Z2ȭlu<دwdcĔ]xuB'qK$P.wu,QEGS;* de/--5ȫ]H -z+iLsvxH0-ٷ;z㥐B$ǦK]P#x?F d&0Qfan3f5EVĭ>V fnqܒk}BqIw:jT,+D{Pdǐgpv^}O~X0pJl}v|ŹmOG!]'.XzQSޅep"E@kb9 ɱ RE5&NHuscK8h3'a*#{ >&;ATpVHb;-M@PVL1}VH '@sy*]o!`Yǝo *%\ЄLZ0 ,L(OԸ FmGVXq%c{,y{Xyc^cvm%HߘTC=1YIu3#F׬CdxB/LCAl-[sSuU8d\mĵhrO2D`tl]߆hT#PԂqszp66UQQ3 ъ~!jeSrѯؖ'NyyA- ;yȅ}nȪH-z|LAc8MLxCMuGLjPն5Q08< rZϸFp8~Thn`5{ Ѹ>P?)֍(Jҵ_MCtU/nǙ`pF$RyK3Jc' bWk }|GlK.c ~˹Hlm^ХS|rY4,c7G5]y*(boEYu4l]STN#3>go6RmK6#<í7ƅ;ݢK7zXɯήP% yζgfKY~~S3 ࠼E)dKSD3d0^M %I|'0x D`mfGSlCc~kRꀁXpL߃rk{3Sh/ΡNW)x!gŽRDЌd#TjzZ"[ic.8wH6" PeIRYTk>*<1Ȱe<5X&z;Vf"Z:6l}mK]ɸWC ~@Vq}bЈk Ck$dL01vR42;|6:$@Nő)-76Z~K?+f6U`#z/{3v, cj,l)4Ui exݺ1Ů(CDҢ$ rVNߣx( T]Grg#\pyXh)/DYjn6ORqꊍF?jCMmk60Sq{!HOYUw?8D 7<6vxs-bKbhM66Xk\H:fl⮄x$ hP E`5!aJ$l}IĠ%wMbEؖ_TBfbp ]~ hwlĿH` q~Q YSe2gд( )?݊ ?x%A}]5L,P+:nLi՘sC]EVaEռj?lu 72 A<{vԇŒ!7%3gbD;ex"= "@ܲdyx~~<ވ?b{r!ָP vK/Kl<H#K&jQm IT}E45Sq T+F'V3y\ntg፲v0]`=N(bMK:~=gi&4.ټzKꪩ-tZ Qی=ߕ΢>sXFjԜ$3V\{r yoܺt|{e[Et/KNJ: J:}0|@u8Ftgn0Hc\m)ihھD WƝÎ),덤%,v "@5ʘpk AL%6<`(C]pWΫo-%zE>Xi'֚gFC~ W]z򹄁9YSof>XB &x@Kj%+SR[C1J륢~pDR߿~ * ăggEI$#a<&+KD 6_)o&K5Hk|7sE\wS&f [?K)je m5[\Fd0ʹ-ίʻn@Uuf:iQhpPPe3)Dh y?tAbgEpD>BՔ\L1/+<\߭.uW ;{JF)LehIekƘłw{r,>p)~i S$l:IGVFVťGbXoGM?hr{m4pE`@1mID!d&ajA$ nFjܮv J C-/& '鴸:.'.$?>ՠIA[,&w{-NȘRfCކdZ1;[Y.}H+~tT|bItyq ݎ;br╖ .´mJpc KWNz^:P3_{l%ƛwlQĩI_xU >4V:`^54Z cSիTr Gs̈́h;(BqN퀥tT( O5Jw5@CK>/ةQ Cs0H |yn2 `{)a1Q;a Hcx9uFi+Ի:FB3@/*\ޯwc m XRA ]('n~Ƣ qy-]󉯝qO?etrȠ}' h>=RON=u) #8Fv/=)u/՗6> a#5/r쐺ig&, ϯU:Ӵ*zF~:0m+WI|g_[}֖|zuG1GjupiJӣ60Ph "2/$dء7烘V\е or\ퟨH0ۍ"%⣨p2Ypm"!n)|F!Km:P !?;- Z,*{Ѧr'Wi(aBnD0Y zMG4hs U-$] g^D &)=s%/VY6ŮPH4y?B2MbY["Mxo,yϼ *ő|H\T:I_LBH&5?$DDM3 2[B?$ӭ !%5Ϫja٧%Z v OCu><_ l)x)BGߍ|l’<9D8bŻrybe\ a$ Ap7> LL}`l3?]\8ӭzM K!}\n|&SJF@ ̠K'Wn#x>9-m^' izUn"bC.M,GնpSnqH"Z?lfm [aqҖ*PNm*U`N%v6WxStknṴkVRca$]\) ޭyiPm+M MX9ζgHE<ʼǘ%qACw V:Qs`]@n? > 35/=:zZ5RZ_؏yE!k}yJ\NSa4O}ʄrD(ׂ^-<5^] mdiO&<_5E߅ss^A`Ar.`K3V*0{@cm]D.%),oEKrzAs=Q2~\ȱ(Șs $ɐ+?{f^MP.s'v TS&xnиgn <QwBnVX{3PB;TԝN{e:D#ꥷŷ9ߺy'aBw+ˡ(.gZ ,'rrlN#DwU-^=F=^)4stCiVヤ,ܮY캃 Э)?WalP-۫y4;\ zʊ C@X]=̃Hfn\X=8vMYeTxت P"$ d;Q uرAPh!C@HzB->  /ٛ7u˧B4?'!*vJn;,9f&oMBotISRiN{wRkR=ryjq%۠ ~XD "k3)wɩҷ@]l dE]G3:̤mkEebr?s.GFF_xho<:O jO MƨS~Ҩt(.},v+zZA%9-9yaWh78F Hѣqxԅ{Mf3XEoUҵp>!j|#J.0 fMa%ZmJ>+,}Aq5֩?i~ӊ9_a 8gZ .~g05vA\Ȃ@[]N~NKZOMKwL8' L!pjȜ1e}AA,O?##8Xy0h0u1|Y4zxHF^+w!~ė /uP $ꟜDiW5'8x/MX IOMK%v>ztfm?0 u(c:lzȷZ="TQ@U3K}dvV0R+$tv`ID))6~mEeJPdtn/uv*Co, Pɿ3 : n햆{[s".(wMpXa.6K_~_|UIjsgKG#C.uhl5:%ɻ)v:u Qo8DIoنJJpYuN4Llx1#|3{@$ }jEbEqʡۘSBoRY&aa-77L+bR.aPOĴs{ΞCʼn=mdZ&5эs_ i~a/WRƂz)PBR ^N;Q$"0&ɝ>/) l(u>ȳU=,imjʰB{.إb^reE32vI#eDΚxR.P" }m(/_n73Pu-ԀU O?Q#W3L`%Ïf1R{pe7vm]Qd7Z׊L*6ݪ## Ob Y \2~TG+Jt9@~ fQǝGt[q{"Gr)[z)T9e03{i%9l2V6lJ)]3f ͛a vP?q=2n+Ho^.c-¯_\x>5xUW? LfpVE#vCi,q+%zwW]{AE/obd3\!rCh+" Đ& [eDUz!nSG]J|p┆?<8"(2`,4Tl~A$c nA 7_cːnd"iU3 A Vv$&G\]!It3?-[Xހz/T k~# }6C,Eӣp1H62kKzFP3p 7YOb*EGbR|_"рHJ#̴ˋ?K%;!&NlEq`u:`3A3Nʾ JeKgX– 3s^:fepT_/5,NYlG%({c+N%bOd\ ,pPbc Ѿ|`! uBq5o!J`\مtTW[| h_Wic~Pnq{=j$3D<wNT NR%SG5|{*MyƊΓP"\Ǔ4;- /%A!FwG/뢯s\;OQ}ErBMZL$<=^ aҰ+u3]T2`S{zNЪ\^iF8QAz&hMr n1O+EL-)ITA˞ P]|ST8X9aG(bE1X W"еc _jI4jϼhXM(w#a,ָ/coiI79|.U)$VbN y[d"(|)σlbWcaAhlqNx1N!'@ ۈ:'+\b櫳Mv]W"sGcy+v*K[<"w%Y[eNeǨ?Qr}AǖvX#\ɅBWH5bdcɉaa1C913emᤊ}x#5xC膊hNV/u++'3瘖)޸mķf}MjI4eN1dg8F0mgO:c/Nԁ2)_ڟ(`IV~GA%Ӑ@ $cVܑ.^Wgs1~C⩑zѳ*_:ъj9!)uX6@2A8K 91ZR0:Dn4͍r;osJJZ*hCO wtR7g]7<֫GkN;w NUz&ضd-Xr8z }K >+1Xms9ZfTOn:+%ѵ:DaU"`H/1 . (ӻFpUCٸI hE*W7.B#WegNB.1:(.$bP(PkqIhK aʰ:!dz6غS!2?t&ƯW+فnJ&VF}y/֣裳Ԋ7 U61g?lNK6k8pRtBzdNoKWKH$\*+1c@mJTG ,Gz$b!S~ҧw,Y 'b Q/}*uopxy)~UMŽCV .>ܳ䮸q^Dk*|~-E9ኽy57NOf/Q$_ZڱyAQVaI`}HkK& z8D(^3CAPPvs]8)ta|"bH0"&Gq~bvDDyo3U52f1/{0yP NM9p-&V5=Ucfv=ɐZOy+/)C" >>Ofn QF!W FuiU꩏_`Zy&e_FP^ͦ'Kg5I-Nl/EbxmxQ6̤#ڨV >'36]pyKHTQ6C~DumJC7 o ;DO ӃA"TtGCd6]g >x<͠)\94(;.n󸪗`@XXm +C rqzA .7UpqCh!n^u.]݈̂XUZ߸Zʶ:*c d~֙ \g(fi dԌ t)`XSE'5K"ĚpL#N;D}LEʛ[QoI YO)W>=TJ瑠S:Z^DTks, 3-H N[*MiG ,q`be-4'qBF\;w@};["ao\`YJ!4w=h@Q%-ρތj^bD2(/jXf1):^,S{f==xbh+V nEmvlzr_Z"{A΀@þFOK;sչWMK `?ye_/@m63c^2ΩNTzdBn@``LÑe8q%3 r:~b[yx;CEV5Ρs}{|:Mc\wS"_ rүq NQ]ƶZޢQi0\ĕxܢBZ79@a&;{+u a^jGOMe ~Pq7TBFE4U„6]>B ur_fO5zsyO8oHWAA㠍P'6#] } xק$'+tmlR k\t?J<{; 6r[yicx'НzA()شiqQ8P9 9 $0JPU1 &gM3FO;Gtm 7 a%d_!-%_[%.xp -I`Pe{ّgR}Z:.)"L:[qPŜ 񤕪wOg(`.-5Jy[M}~ 60<]_y%Xm_5CY73v"@bv3 l> _]p㳧T lvF e3/7-6kUneg;Do< 3& Ǘ0hM] |MNA 1XT\enJ9<{zj8 KnĨă[܄U>TRVBсͲ}-T駋W\%eyf)u2Ր;nnXۙiGtA/rbkusO6zGSe-]ri9Mt08o] fkcVi"xT׏sX5Ԑcߟe pvY|@,S+3p42o_#CHvX|=0䤱~qmd:&;X$?#pTʧH WΩ .'iZA6}De >nFNreq`,H!lg:C(A9%~+=\Ey|'(7+l$'dG,iʧwl΀iܜϡxDbV P`M)/6%wxDz]9l&d$Dr/ %6yZ9PWS@?EрQzmf&Ng3ٙf$b(>v'B56OWIg; JC*_Aۙ.v$a}=1n& b`Eȿv|rkvWz\A6b \" uoى["i92 3VM+n畢JC Zy2 t齇ۘGM!{ gLeO}bFkcv-i:O^WJϞIȸB)7'`B΢W7/7s!>g8.ӥgl\5]4qAX-:YH`1m@!Z GP$U*e[*XGM7Y{?3cьb_?5t\ɵea*j'=ཿxCqahS2SsY(yPTa^Y"8-.}M]ҳHx{K&A=1%Ia~qSXcdML# …a'5Kk> Zܪ&>V51ڸݤ}+/m;.zBv.{Ņ7G?qM 7cт,w9"I55{J 1[hô,Y Z<ႴfO*#Ϗ.~َ`RCM1J~_Z9x"ԞQI(HՎ=$sm-XGe՞PRCow ,:\;bLLg7+-R!%R.mY*"G*@1FAPjvg#6Bs$qTP,C?ǔнpc<7kX1[+3䝏[+{v9>_FkN8V:(X\؛b$aR5(Ǟ/uP閫~7+iHe$ڕ9 =SIYz}~Tƣܰf^P$F2w˽a2%H48$5TVW{YV`Dݭ(qא)Y-g\UGG5\Qm/755a [c,OO8\/6%Oȳ\=[3ݣwCK<_o‰)0Zo9s>fuKmx$4pL~MS˩rAHG9r$^<+w'z[ /◧- 1![ O {hsBJSῠo¾&^o9Kc7 э7,+-Ѹ#28[_"]ɕF*n5o/"R}LJN M]GX0^ݖi~Xk;XDbp%jgũTkLC,KBԴPX]YNGleQ<"m; W-KAKp~ˡlž'+߱NkHr~}S '3wW?nS9oZZEp+bQ8|mN.mRp8|@'tV~' M|H) ϛB5`ݽ9=S| oeP,w,NT"J/#1UZ̧G Zgi` Rj^ ֨wXy& …%"IOuKdimt]N /&ofM2#LΎ:E:}n-8f(_Ю{I y]nA~|Y^RᚘPLAHq$QKsS~^Ӫz4SN z̒)kLHjzԓ+5 Z^ׂI!\5['+Jj/ L0ѐWn,r~mb'ӫK"3ҔˇaJܟw~)يAE-ܳptBfD&jt)J6 {;7& _6s-m ?Xsw{9 Bs减R&ș{ZݟIVB(/} u(HqF34hQi#q ;) UE\rW |bJP0Jm.3r$5(L}] ~Vys_zgc^xX[E<ږt64! D7$f_ 52<غڞ)J] nqԭ# DvHv> M!. H# >gI 5Ij {M|w.8z iu"h ~ ǙݕkGPiC|-F\wRW3_5ŻOl&& 3oct)">V\EDD_2F ɏ tlӽ#gAE@'WT|;g"u՞3<Np1c6aV]\)vM_+DX!DٵڠHr+S@ /'DuWd + HT}7!D] H^yk@z`5˜㬃okJD8,5C jeݯp4~ ,#>*ՅVQGxK\]h_``W=pUӼ/yJR <# 63ض?!¬٭&-8W|FMcC9;칻;qXrc]oF٢l4DojV>s(FDhڍVTX:գ~ @Gp'c,RbU{u#Z3C䠔 F[R-=n+M-)Q|(vέk$u[P_gU~ƛBsK4VD qS0*+"p"72fcS?>ƘYvv =B l7 Ẅ́ۻ -m)qOI(&`Jj@@ JWЊ-֢T!L1~ Q9d ^#ynw^\i.1ĺ8b-5/>r{uX?d!CiVb&FAѰ٭qлV+3BIAi!3vȦaU},:vImWM ͉]X!VӻKiS͟hR3T2;c  NxqpPqW']v\0uH95S&I5=e$orU6d P\^ClDdk2kV@.9 S[ qLjm}FH3LĺV|쒣?i:PKB-LZ(KէY)M"ߘ\M DL>|M=Xz.:{V+!ezeT4<'[<*/{Vuיz<D:^kkO$VQ_"V]AO>K-!W7@8F3v(Uy/)3@cm>2/Y@@v %DY5MnCd[]yAHZA, sbNK&wqv9Cx!`m2lAZ@lNSU22mwp*Y"~xNz?"L;GQ bL,CY@!y-™T9&DEΛs|r P1 ./A jCQ-lҕI) A@#0wň0&_Q\}݃vo kl?-OPϺ=zYP]p,NM$t`l:il^3ߕb &ߟE@%ӳݺT naa?"旱C؋&\B3:U" J} HU)l¥@5=6e%Nn]Dc"6o+X ő ${#0^9kDLJQ1Ѿvtnnk'gQ=(<+C)/B?Up -5. ;}ak93Px ۧ}k&9򻚾$uskw@RP=&2'SXŶH+]Y䪏XBVb(MOQZut?p`tt>-ILЕ,5{ZS:)1EF RPphew'5uR;E51,6evc*D5)C ^ %kcBԁrANp-d5L6֟IY6bf5) u*u4w1Rƥ 1/J j&CǗ.-Tp:㠒c $]$Q>!X?%FucMhxTqnۋ' (#.xXU 2rb a<> U.n7,?n!1+i^^2' _ +( b`sA3LSYD3zUզɋ l51j3߽=J8pƗ,DLxN7p4N! 7M ;7]M/={V -̕}_I'"|KSZ]|&0cOg Ӳ/~C:1r-{`s_]cE)/XNGPm[83@e%mְ[mi@F~{;rr蕌Q@-pDUc5Jɡc:cȡRv@6EOC(b|8{&JJRBO}QQ*`&͑]P=Mtבht( fvEa֏Ww( 8H+5(>626_39{N(.MY˻^9^J׮Ws͘JFP=ȥxB (+dt tֆ9]1Ue̜`3`럘[ |J梑0?j>'TV{$%uV8B)`IN͚A_3 [ȏi6l\9O4Z{ L|ܼDŽZ!f@O_\Phoe*m$$??<O;;.mbqAC:lvB{ o/Uh<[ @f%QTϯD:Y\l\bW|ƣ{ķ*H<"Ky慙|/ͬ0rz]S+9+G$MR5}!r LpHc/{=:wxr\w}{lum^E`Y)\WZ[扢l}h;߹bэEhhcւUMy#Rnu/c|Sr1%I#ԄKn#U;O)F5-Q?-%wܢm`4E*<G44e脘!ıbf&ֳbU4NdF *E^Ku֫*hP` pVQk( e>/ۧ$2έ FEjFz̕Bf!ÓQk >B"Lq:geoIp +u5vՃe(eC{ϞG?B da]@SeO8($^Mvʶy?;)Pb O{VK}QЂz\V$j,m3%i'Uڗ_$Iۣv}q`mUYx0(aj?x?7W=(Ew~AYB)ß=q=LMEg+ļ֦8"QBV/:u6eٞֈL L0Cn[j~4=VFv gr4&ǽOs4O#n~Ց4EXt*;j/DT\:3{!녽] NKCvc+VOW32fP`45iZ^ Cʉ*QwABV ֛I3I%OP2(gW %g?f<^L(ݝ9k(cVh]\.-lG+8dLUixh\P X]6 5~[j8Q휧!(sS`g +}КH勬=҄! 10X G:˟$s*9䩸M*[Ա ,QuO)-h HVZz,nQ4Y]:EE`TdqCjw@LA y\~Q-k|N8haLSe̙"эAX[ ӛbMniTتNUE~b$k'}xyRc4ݵ.em%G@>&4C[|g",$1k(DɯvtN!P#R FC!x$[qyfq4H6v7h4n7;.k&AZ &TQ9Œzk>gZ+Znj(j%Z/ԟ6tolh嬇wQZ]/YYc[Bz(pʨeGB@_UyK@^xOa^D + $ IT f(Ƕh&1Y 5JYtn!}8]"~ez+ԵvpEp_s ٩ n^F;z9ȥ؞Xz%OPaM84_hfߧ:)e](-Mk\!o&v۴8ppʃP+MϸK{"-eugW>J'^%"]7<M&k+M,6n-o+fUOLOԥsM;Oܸ{#/9͈hϻ9ħC*X8q yj2ZݠnJpPrm;bCzxD4$CtݯޢbSPi}#|Y&KLwD #3*V}:mhoOv1b_i-yY{+RpfQ0q (<{X̓f f!"R5Ԫ}j kׅ$ŏ1-BWpdmb G{.:`tge*! BRÝ< <\QıWp I ِ~ۆq^O=HvlznYG䋘`Wx uܶ{(dk| Eh Y-9 a7TAVyn.6^MeS8|CI {w3d?d~bʝ?k}_4H KkLƜdX#=gcLJA(Q峛{נ"a l_IbFcVH'anl#8p$ĴGqc\o/prMUeQu`6vf9U{gWKG̚z< ?5Fap|٠Q&>BA;_ʯk<qȊYpZqn3>؞tLƖmr䫯㗻:SC{QV^"{P]œrVA-ol7yFN̢`ԊLލ 7w2KeQ OTwCDljCb/z_x)P,D2[H4ïrV# =UưZ:h!Mv쪊di^ٙPsU~ϛcD8v3l 0[./Ϊ.́V]g;ln,~_*@?RƂEtJ7Enɸ>l`+mg^PBʥ Th6fEϫ~<9|@zu?^ V*ǑV1[Y@Wr̻X㾹jޤ2Qcr8'SmB8Fok祿KrO2V0U6pwU8:ȣMG k !&GG9kk;a}Tۀ+\&aЈ8`TxcHxF4bÇzJCtɂkl~W0Ra_Pt#1N@cXFϠIRu_N40;j|X>&9xyg#,5A9JS9 ɑKM䮐{H.uq#%@ze*|əL!+Sc4[GN pf!PA%7vՋ֥j]铫]b6H*6tz(~F]\c%4Atp!CH&ݶ<8CZ* ;;dNTj.tXS!E` oY}g*~t[Wɡh"ƀzyhGD긌3]ܯfֆ2RRIf08|ITFЮEaZ\4ol,L}f~o2;(LR>c`܊{KGJfĬҹKP*Cz? Z U6QWhW|KR; -(zo{щS%r:ָ"Tob E[G†_fn ɂ$)Nw_qɴEZ;Ãk?lD7s.;fv1h4쌝H40ɷ;y@&wɐ&/u9ǩ5ő & .c #AZ 78шG`%X*51cGC̃Խ8PGrK%JG'@mTSWbW4#a4{$]ۣlC3rqղ~ta>94fQ/9z*z__JqFU}S'hpgkA.n~AǞ5LyWɤ:d/+oGNSYf?$0>`0}zyk"vm"fތr-G^6M~b@!u<i|D2-8}B^/~W>pr!ua=D/Cu2*wVB,NKc=Cl\}[w՜&O1] Wc嘳WxZ Dz\h#U]OJoJ uNmps!ZqȐ@p,n?Q] ~G+Tݎ`O 'X,\O#mPKb$'GJh'dюzФ )_B9>n%< 'S`->YWY麜}ﭵʷyx`L02<77 $Uon *l=A@ gW^NZx&Yt.1f~M(^Z$EmH9yal Uq_O/,<ɓ 1,pd DA=to5] B7e*EbwЄ|ⳮ VAeBZ'/Z?V qWLg?$ˤoq' nU rOv?r6-q;++Jqqn\xH7>S%?Cpz4 ;fVrEw"v8I .MW26Lx8s3dzoHRie?8./,@m|ymh<\oV4י[(XIyy #DS " `<}J0N'ي m9]4K(їg:fj9'q#\ ^<O^fzyVF Hw<Zd}-OFhJ DZB9G>mm?ޙԫh)tV-Q2O80ϻ`$:{sJCO㲩CC_?+];R-ApRL-5i8<ڸf}ɋp{NYޣV=GIs1Κ /,TZ'Z2珇bNaZw,6#˃}PuY^ H[FO㉅HJAW1䔑)o.&MVu,Z3l[ʋ4W惥vwY '(׆]Jm47fFu UX2_}v]E _9ߤ;PI1"hDoO -7j0p!Ps8Nul|ksJuLd1ܶ' Ziֽ7,uקQYôѯy- @VBʔ J1S0cQY]!.<W>_ @q7B?1WnQjqّYjfϴӌ߀x䔴\}3"?1V j0i 1*b.Xĝ{bkeК,ƠC~D̴QKxqI9倦)TTB#m$# C B9n?[s I0|>rJ:Lvetgm&=kq&7Pr : %8&NS ?Fn48er0U󝬵=]gr޾6eB5 .ї] ;aıt;*cyrs+qJYDZ5W9a$V *GA*r vquDoXu,E&p:G׼joьՃ qY.޲eu~~qtЕ.{%}i,LwMqP_|bK'k{kvr@ !gsc@M WMD^Rp[_Jrgw`̶)P]ȸ/_'mghҾ5?/dz~4+!UA6JDe?W֫G jf.Ӻ]NJƻfURXkЛF3Le;`c(aS.r{'QL\˨{%i[B59&fCj`aY6Y'?D9~a9Й&:)k)掜y7IX{5Ϫ|Q>sH#5êT+N +\`6W?[*֓iߟJ?ʝss&-B@&N ?y$Tj1Ƿy!vq[ަQP2۟/78]MrD'QֱS}T4)IbqKS80F$k` LJ~v0-'#[wʅBQ؇F]D0D7E2$;/,䄵Phu Rk[Idgld0uέD! e+ h0'VWDz"= $]x^_A+ȚM"*V#[(7ӷR|j\GS؟A7U趼FKO"QV =mNO-S!HSKP3^)~YB=j A8r36}k A[kUw'w@ VMG2瀧MȄ2Sz>[g (<+Xպ,ޟr+Zj]<ǓS#~#OU&fn\r?n%n*Nb(]|b#~FffߌA~?]Z^ _?oe kf`ʛpS0|W/pyU7z`ƢGO-mZ! <ap\&ꙢXOZZ.Wǻ8EџPqO+ahbgB+FH3jHxU;0L;cπ Oe\C8Cݟ.[RP|YCk0DZǀkM~gln:TjD)^7~XsZمE3upZ6d]XlyH؉'[N~Bɣ(YQzS0<}(`w1}&)szqߒA4/׾?HKؖ"ՒF sy 8FN خ.pU,VU v43Ltlo)IwGX4ƚz]|X)˺7UBd-֯gfbuiڙk}޶[2Rk'_SzP i_%S39E <2Zb"c`F쬊 dv};^@,ǹZ& P:t]֘w,a10o8J$& 1we]"6AAs)V8v f@du#-mɘ=ACv1#LJ޿)7{esm<#VTu)itK}`28$ ZݦSz4$mfR; <׉,K(UȇhIAƌE+*ùgf,3)ZV%Vln[YUܗRYyVUIWPǬiaƾY4AJEL3pN % T|h"]wZFERs g )~W5,}Ⓞ(mcm`O|2Ҭ8m}7%Z]E!8B)di\'}ܷk~#ai"Ļ|Rd3b,R }2Y=\܂{1 s<阮&8y l˜#e]=LET&HQ4g1>t @4Q**e[QDEZy^< te Xfq$̥oۂ5H@iE]/Sw5qfĪl sg+$/㵇@c|Cu3Y7JԽT03"m#B[9-IkL$BlX92[/ڔ,:L( s_W53E*"o$_9X a?X;R~I/"x`crT1$4Fjk2=S(c+M=d$2G'Y7_ 2XUniO)ӡ|6O^S1EU"EQtzfܬr=1 Bۊ DiȼC5y E91f2P(|t|EYFAHفl ¼tKܻuGb|n8JQ q'=$2_+s90%s\ЪY_Nr8%4cv;Ae~ìeV)EۢPJmU1ˑ~f.拆exn3Oj<"'PzMKq9)@Mq;!:]ט 4i̺J.S>tQ}vb6S߸ݜ#%ľ|@ ƊDUR@#TZ8x9v&5U9(ϳip`jd, 6!_w?),'#|tBpK|%^~46sO\MOK^YWd,4نQ4+7<[+aL2a _8&vaZ+%֢rq~>`]B  )li>샣7~W\bUړ#JqN2e`ϐŀ=o8qy75N+ђ,Y!p3)i5J^Hu_V{̶93F;q:m<﹅[ H7W61YL\5jXBCX/J0DLcWg)LɈgת `edpTnAC(Bm zH`GQlp`PlMfگ4 *x]е-LV ynԝmTy9#WrwDl71Myֶ P{YQ׀aCV)^`-,ԑL8 ϜpA2 pLr/ptxpZߔgif9?Fj\L`a`=鑍w;l0ҡT5˅ۖr98hu$ɥᲪؕH8Y4[IJ/wg#O.kS +N=duMZ cVi͒pR8iS^xdeߞWj>$Tnb] =/\e.()6|/k菖ȃ:/-ZNTߖt7ȠХnh6oeX`޽u:tkN`;yu vViҤXw_^rP C٠Kiޟ>c?M -^w/ljYJ !ս+zUcءneI,=ٸ+=sjMo0)w&d/<K会 U 03A0rΪ i_W[GSb`lkcy"dzʝgӅ;x75vp"͋hhXR`k!E WJ>m]^mk)} f@kE͘Ѭ!YR"$P B &·kuݢsIΓ֪Hvawx>6N ȘJk aZ1ٔ{*f4}0eHS& sd}mpxwԌqx磄=n#+S!7 |y8.3Oh1TG (O?iӆ4EϷ/G`%X5J_gW-Oq!쳾+1|t3nEMrj qӟcfW˜;F]-Iˢa]ƮP'd4OQy? W(89=8_W Z=ͷ.k)'g2T}چ)~P̋Dq4͋C:L[#zݎ|Ҫ7I1XtU>K1N6*dK;}4O9ZV|I dyٮV/<ߍc;RޤtsIo{]/XCY)w{"_{I<u`98LtM#fdSp : Jn__c\zƍE.:OhSP<1z{|9bd 'Se6um jV{we0b lg[ht̂~>v(CKlj؄d\y;6ڸu[=RsomZ SE 9L*ou܌zY#y*jmcbw'01&>9-1+pc/ Vonv|Q PE[yFs(ݹǝ8~mȾr3[L{9߸CJ-6)~7&0ҭ/$Rx-a =9eͤ!}D|XfJ8j_mBgCqh=u+%FG8zb\5w), ӎVO ]qù8kUHC`[$AŠZco|$Ug< ~SN`ӻCPKM@wǒUu4o 2ĭ>x (_?+nxAC[B ?yG(!Pk'|N yR[%ZL;Qc~ f8Vy&i5U"X!&#(xAVJSϚy~rχk/H"$F?F4yBȨԄҮzL]'G!/[$BhOOa m%;=V@J 8K] a& 2)6 Κ(V肗Iw;GaNH5LcWBb >]L*7_ FsPQ%) Blc9XݤwMPʰ(z^ϭ_5FDa8.LkMEh ǠF}* (Ѷ`z:X$dpLe-*tR/WLQ}p-#w̐jm77Tk=Ҫb5SC<&%kj{.0;_27 jBx=kiS̺SyMŘzF7V ?nQ 3ϭrI0a!qHX ¸:&d0C'[NYQM].P蠥 d<& `P Ttah~" l*Lʊ7봒a%2)>#c$&8 1Nhu5{VQqMUVQHRHXT7Jw7ۣ`MIh,.Rx0j8O!m}bٶ^KkͨRFA7榒U zE +pW%\2=?CIy{o_D|[77^AjaSnFp09-j_n `-}%&IŻ,[3p$`3ۭ zift h;HMvw܇Tp N %FaYN)'vm7㷯 `"BRܷ{Ya;~0mуT::ǔVR'V7!ba.=HIATpg%Fͯ4x7Vpԥ,O/2f%9p zxxA)h6z8#}(6pGC?3`VO1G$p{Vjz"_xr\I1$\l ȓ*Z7zSvFOҀ;a q2 e( _\ރBm uQ:SUy3a'&|ԔH}?Ysɑ|u)|vpS@푱*RBvtR~KM^.b${ 'q6 ԡTJf<*qq+,$=Rs'[s\ŽrLQ:Dd: v! 81mHELKu 6ۜ8/Wd-ZRb]g~TB|MJcv߮ag@7XߍfOdz itYAa Yt̿f3N Խ1&6$ym YTX3X'T@c1CN|A jn~L]NZ|5OHqHw<EMӷ»H-5ª_/SW'j=atcy&.Gs $7d=e k]7|]G2#elJڨ #]M*at5_F!ߕ~k%=_XHSuncs0BvUXAN=8H'{yS^lu:?FfMjP#2Q'Zt b0ֆK{Js#q@\n?]xʮWEeJd/tW<0Ne(zS9Yx*F&0ؙS+V>1N)xRa/L;FΏr>~吡>|ZU<()e<qqC-㮗1~RbE7z(~UC O%c֊ʦej}9垹-XŮ?/ P &NW:w3-B{+ߒn!r26N0"k4)BiBa& $ 7 iئ1Ts/vgR^Ĕ`CNtg[&̒ڱpnP<6Ej ND摄NkJ #.gȂp+D?h7E%eKO'?Y7xFfd|9QgeX ηWV л[_忎TJ&RMR6n!#; DPu IT{P|R$:$Kc` ͛.{蠆PX"e*N]rjH`vumTG4S1r]bR<xEJaf*y0#&#Xٳɱxu%\SHrǺ)Ly^^gi=n 9>p*HX,@FKwQ"M$mԣݐ$չg()jpz;8GEVhBJzfQhCYD` OBg0r,tp98hQo]@jk7Ҭ>1; &+lUuzORj2=E-t}TycE3ѭgY+9^zcg*&7 ŦAtgT qhFS? aKVr~߰jt_P<}ti@KC4-Mͽ݌nCI1,>y$8o Qȵݛ #ߖSR F+b3~¤3{9}yu)zoNh4<ۘdǬ;FM7>0MF LwWjlo{ТB\VՏKKpwzv̌vP chsU֖BeS{_0UqBপpAsZj#hK eÄe>O ։6: #| _M{]n;eǂpic s  A@>j-ƃVUW8^-W8gZ&g=?:s)c Q_Uecu$͢;-E̜&ȚwiO.1vRk\D[Qa41&HjTY0:DxF߬XVry[󖓾J 3mϸq|>x5byۨhZ#! a$#$M#~cPggGu|>D"yMQ*µi?䕴YA]I@:ЗҼeJFx,4X.P<9 ~ŵWLDXt{Tֱ@+f3X KQY۲66dՂI|SdȨeXҷ؍)ɒ:JL>%n W :g>{Rķ!8͖/[O\˳'fyfeGnȓ]?qDGP7K`rR¶qBtDYm9 9ź$ 8%̄@ [(n)a.⋏Jۆ8iNFS5h*ig"<-vqs">#P9MiDH.u{'BܓĐU1A<}: 8?jhmd b)*XbA"Um@[y7Hc('K<ǽLZg1I&aIpg>l}Ev$.&^{"oجt6͜_DڔK$dADA?cӛ`[Zʺg;Zu;lHI?uxKZO+PxQs=6+,S( AB.5NPEVO]V/͜׌HFX"{ 6FٷÔɺi#IjǙNݟ~@Bk?UJq'vjPohTiD}Ee ĠxJkVKdrPH۶ y y""sQrd߭8sha lާ+Hdt1Ыg敞Kv`/g殩W a.]l/TS=~adba 37WٸH'\A anE;ϰ;xl`aFvKzJI1Q u0l kG"-gDz2BWm3U'#6|о =Ze~jz/>oY ;R8ǹgqsQP51*jWb ,d0ӄ13/Ma P-0w A]x\ODG y\YT^(u1cއgɽhjV?&'t•A8Cv0CLArhxg2L[d!Yl擜<8|}`i qI{Q* 6Z{vlEuh4d 0\Sy=Vδ=.a_ NJq$WՅ IJ$Wc3u}`I[v`q5NʬY>8@7T:O ¹孖2'(GJ5X N&fZ}DkHȲ MwE# W"ZLmgag*Y.Noɿh.F -Zṃ<2?Wq!NJ7+p,|kj6.Qc‡Ъۉșw'۪!b0{4=izޏ0$Σ2 Ymn-,H2r~vQ_PyrTq)ô\:rT9̏l= :1h\|".OCeaKdr,I"`jC"뤣X-2fs =St_HwW1߿UEޒ:+^mƟe. ξ5;,\ÿQCx.%4~:c.Neho! LoƧ5R+14@fd怼ۊ" ç0"F~jE??Ƚ c_fW|nc,$&(Q+wPQ,: #()Dژ;D(q>S3>m]8-Ƒ?hBUl3vdloZ?l٬mX%PQsM*ՙ,^'  U}+b9c~.^O%GzB(Zn^ҁ64r#nyrޝQɍ2LŪ=ASpufv(jm\Vc'XJR,w*u9<uV-;)wiuB'L5D`tn9<5wzU+N6q,*æ!dMܹuJ 󢁁\0>iJJ ѾZaoQ:nI: EYR XV[[-X|'PqU@éB!h>4iir |Ese~G bAg)2x9KJ;HUX:ґ&tڵ(H-L.ML`?sq oR=)X\^h݇EƒFIc*J*zPx"t!$]H)5sJ-``r-o/iW ;gz€gGm 0En{Fd܀'d hWG;fz/V:Q@.]Y =J!b/G]sAP C=| +O B { XCL,K}~,نs:ifn1pYn; K"Rm6ST;-Ksک3T[SA$l+s;ܓ}aU.:zVd. ϫF[ӊj\֢ 8JR/5vvʕ{3cNbZ gnGrO \S"P<@1TnlrYh3Ux* 3¾rB*Us(rQ+ j}r߬ht)vW5{Ja _3!ltpinLKȾ̜5~wrL:ZFBS8Faɺrg¥rSup53[hрZ"Bc58I@m.+QŸŤA?Y`v:|nMH2;chCR2d|H\p1ߎm~5";9Hd֨⭴gu8ۆPIsW\( 54)0*a!_I `2qɐ|}̷ -N#JfPI3j_]RKZQC.@OPڊ;dĕ7}gYl"tMڵC(R޿Z@2J?op*W' YXtBt')d (; ,g=VޙKCyDYl xe<ʡZZ8_5Qѓ%{[FN!eW"Ӗ~P&(Q ?3ų֯[8^ 2h53tnN}zlq9fM ,ΥMW.k龡tZ+\o+Rlpr w-7ȿJJfR} ^BIen]t f@#kiʅ`ܕ %ܵ-R~\_bhm;GJ=q\xPdٯow'3޴goP)JiⱛRs  Jy P 2y,R&ဇX_a'8nUIw q~ vXkAWŬ&U%ubnv-ű;CQ`³mS!MyVl e+'fG 3%Ra2@ w|) 4F%̹'d٬娐/yKW<䃎` DQ$["O6$i84S>)~a1 }ѡ;0bܗ,#qlKzs;2(q'Jr%I˛Un nSͷoAR[ ֖KQA!vzC21f8inPC3zf\kw`pp x8/Ld6[՜ג1bhzmCk#w=W:78d;c*/Ȯ~2X_M[d{߳(KWjC~NשZ&@|xTmj;,dp#v]G`Pqc2w[N<MÉyv ?C 9ż h>goE8I: ( c!l,a_oS!Be,M4-^Is T)+z̡Z?P2C<56.=afbJetʌYKBdu/zU|. m_J8 4W7vLrd]KsCcP^L 3M; mj(RG\]o &ZEe3w\bz^A+r;;O$n44wB_)S{{2J'fjʥ_NġCɊe]HԱ(mh%}9eM\͝/.xW(N93Jt?fvK*T "E O.qɄ&6bm)˰MتLݸ>FKa(NkE\Ë)֋)I/vG/sm;dD~!\_-'$]EWZڇ nii96Q7x_am{dLtp;64߲,!L_6-`LVe͍p'mc(`NKW[o;^QP}#);3Yu+gg~گWYUKsyB {Ue>_-;,#̃J?cobIX@x&lXN d$b)SmeS +ZMԒ"E:ZLU"v$ 3"WgxkQ I =)5'= d}B|յѐ`a2a E~HQ.RqUkbGWwW>J铧#hZ6R>u7q iE8T CBbh%`LxdFx >;ګNи9~~x"YǺ*UAzykE* m{v뽐]AaN,T4 L;/Af[жG!{`{/*'jDxѲ`B :n tO1;mOI<C:(f vb%Z@E) fp긧ڼQZw$Cr*5zS}~j^n~ˏu2F Hx *e1=ϵϨRId3Ve›vN{LcD׿ԗ:oh:˝ ݍrvwK(+R$l<(9©%wcpuIw*]%;%Io]z+߅v^WJv cمvoN)^fTFte.$E__;2ZBKfQ<2RшW rl@ӑ~ 6Q9wK) 60TIѬ 7dYYdR]߂~Г*Xk9"T^ S-Яk|yJVo=i_ \);%j0Dǘ|CQ5 孖\Ls۱73ϗyYcjmW?byaexV~g3s_-|j$~!'tPɝA&,r~eHEMa6Ow+Ra!ᅬVFǙ]CU%:W4[@3M4b"Dp6\Gl{~d.CRT.Z 5'$x6,KEv\fܵxR=öWGg+K1uCk>y\=p9 1ag?FNLȑCު鲢_PZl1X0>[U|&`_KMQXMe=$+^|c <-A4QX3t>m,joG܏CE~+Q%{2S4ReOF 5: 0h_f2z?;^8-6:\\UbyAvjz&K`a(Gޑ5 ۊ5(!1<ϿiiݴmlLHxE>k88"\3S D6}O2i+fHm|wK-" T"`o[ 2r5\dz8!c\h;9= ߤZPχ(~;3& +I/aDw˴3r0#d;i\d"زYCh\#mq.+Viq0r.8Hޱ\jͤŸԘ #=hBP''NU|f;1p(c8p\iG7s3 [~\@[~x/0s GIi>-I/@np+)q%2a"j2&EA PZ^RĬb"2I$2ac~&"WG}Xi\W%eћWu*NQ$SSbW W*k܊w>DWSsI.%#}}eﰆ9NQڝ$A9]ݰ3g⮜k!dZPj͂ R|_Ϛ3 ppa ~PI j;p.|WuܠO8d+Gua; +@s#ߝE3=to[ⱚ3Q.Bخb"IE?Ac! 9آ1"-rԗ5TGrhR6čsqPu kt5܏l2BT5pL(6*VLdd;G(2b!hN y'KX]u W:_O!D> xT=\'8WуI #צ/B l Z~B:ѳݪK9zr}U]){'ۮF|ٔ/lr)Ki[s&^-VRf=W#lDyp'Hn/U;ɺָy^!k-KKSor IYk,+֯fFt~>ϴ?@r 1 ]P_n2ګy=;Zg7ߐh+WShPB5'S3jHJ۠f'jNe M#4a3YwSǣտ՘̾ E@7 d{SAI $fZkhaZn%zO-u2RyiUn"rV]z w]l;[vas*(B5mW9@ ̩ι:ll܏Cuf=cB/TVKD \QJ-)KvF=141Rvu QԐ- *Ф }A;\ ܬ$l- 0p2s^~ŏ*` -^,ftƽ{cP&Q 2{B~9M['E6Zb^G-9 Cݘ?7Y[?TKMC9.u? 1$Í%AǍRnR / c|-D=Ygu%]23{ R^VY諻׸]~.\.f7.1&kALРv'@n} - ]d@ylm72| @hZ\՟W-5 Gni}uywu1=7T}A>]{^=LԷddabL|ZqTwq'β9ϡ[и`N%nk$HtGtp~m*wQL:r ^}8k _%p-7ْu0,x,AuzTK!6ldq ]&C_m<[ M<ЏCW;ntO$޷j<0krc@.\2>ȋX<@]rQጨVy`_SB oja尩_