nss-util-3.90.0-4.el8 >  H  $ ( e} U]kJc c "+,!@6Sjx^ϧ VpF\XZX=\yu%{n6<{T%~dcݏ OLUN65gȄ$8 =-mJBwWt:N˄Q`lа0G%䆡{߾wbl5+􏛺I6ʹꌹ |5\ T\ob5vݷeuJfP{۰ڋV}Rt;nI4ń`CÂ[V:Cݣ|N9ɰT2*EYxuAϢM~@rt<DouS.,֬Men(cfsOl)rk!m\![Mqh[O: MU.U= /_c#p#r;+Tef޾'C躺!ȫ?1iu~|'4b>`<?d   D (< F P d  (AZtL (98@9$:^G<HPIdXlY\]^Ubdefltuv,wxytx~Cnss-util3.90.04.el8Network Security Services Utilities LibraryUtilities for Network Security Services and the Softoken moduleep aarch64-01.stream.rdu2.redhat.com^CentOSCentOSMPLv2.0builder@centos.orgUnspecifiedhttp://www.mozilla.org/projects/security/pki/nss/linuxaarch64$FAA큤epepepepd|Nfb6af6c2cd01387bbd7f1d01f5b207c0ab1356115c443f28e7c67be61616f96ea20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4../../../../usr/lib64/libnssutil3.sorootrootrootrootrootrootrootrootrootrootnss-3.90.0-4.el8.src.rpmlibnssutil3.so()(64bit)libnssutil3.so(NSSUTIL_3.12)(64bit)libnssutil3.so(NSSUTIL_3.12.3)(64bit)libnssutil3.so(NSSUTIL_3.12.5)(64bit)libnssutil3.so(NSSUTIL_3.12.7)(64bit)libnssutil3.so(NSSUTIL_3.13)(64bit)libnssutil3.so(NSSUTIL_3.14)(64bit)libnssutil3.so(NSSUTIL_3.15)(64bit)libnssutil3.so(NSSUTIL_3.17.1)(64bit)libnssutil3.so(NSSUTIL_3.21)(64bit)libnssutil3.so(NSSUTIL_3.24)(64bit)libnssutil3.so(NSSUTIL_3.25)(64bit)libnssutil3.so(NSSUTIL_3.31)(64bit)libnssutil3.so(NSSUTIL_3.33)(64bit)libnssutil3.so(NSSUTIL_3.38)(64bit)libnssutil3.so(NSSUTIL_3.39)(64bit)libnssutil3.so(NSSUTIL_3.59)(64bit)libnssutil3.so(NSSUTIL_3.82)(64bit)libnssutil3.so(NSSUTIL_3.90)(64bit)nss-utilnss-util(aarch-64)@@@@@@@@@@     @ld-linux-aarch64.so.1()(64bit)ld-linux-aarch64.so.1(GLIBC_2.17)(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libdl.so.2()(64bit)libnspr4.so()(64bit)libplc4.so()(64bit)libplds4.so()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.17)(64bit)nsprrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)4.35.0-13.0.4-14.6.0-14.0-15.2-14.14.3epb@e\d˖d\@d\@dxb@b@bγby@bba@blbbb@a@@`E`ݮ@` @`ٹ`̊`9@`Ȗ@`D`r_@_^@___@__"@_"@_"@_!d_@_ L_ _@^^@@^@^ۅ@^4]N@]]߶]e@]M@]µ]L]]^@\F@\Q\\\\\\@\I\I\U@\ `\l@[[[u[#@[[W[O+[M@[ZZw@Z|;Zo Zo Zg#Z ZZZ@Y+@Y{YY@Yn@YV@Y@YyYm@Yg`YJ_Y1S@XX@XX @XXYX@X@XX~@Xx@XoX>@X*X@WW@Wt@W~Wv[@WrfWoWm WbWQq@WPWJWDB@W4p@W@Wo@W@VV޾V޾V@VяVIVɦV@V@V=@V@V@VO @VHsVEV3[V UYU@UU@U@U>Ua@Ug@U[%UUU @T@Ts@TTء@T@TÉ@TT@T@T?@T:m@T"@S@S<@S@S@S @SSSSpShS(5@S@SRy@RJ@R@RR@RSRR@Rm@Rg@RD!R@RRR|Q@Q*@QQ@QKQ@QQW@Qw@Q]k@QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.90.0-4Bob Relyea - 3.90.0-3.1Bob Relyea - 3.90.0-3Bob Relyea - 3.90.0-2Bob Relyea - 3.90.0-1Bob Relyea - 3.79.0-11Bob Relyea - 3.79.0-10Bob Relyea - 3.79.0-9Bob Relyea - 3.79.0-8Bob Relyea - 3.79.0-7Bob Relyea - 3.79.0-6Bob Relyea - 3.79.0-5Bob Relyea - 3.79.0-4Bob Relyea - 3.79.0-3Bob Relyea - 3.79.0-2Bob Relyea - 3.79.0-1Bob Relyea - 3.67.0-7Bob Relyea - 3.67.0-6Bob Relyea - 3.67.0-5Bob Relyea - 3.67.0-4Bob Relyea - 3.67.0-3Bob Relyea - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1.1Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-17Bob Relyea - 3.53.1-16Bob Relyea - 3.53.1-15Bob Relyea - 3.53.1-14Bob Relyea - 3.53.1-13Bob Relyea - 3.53.1-12Bob Relyea - 3.53.1-11Bob Relyea - 3.53.1-10Daiki Ueno - 3.53.1-9Daiki Ueno - 3.53.1-8Bob Relyea - 3.53.1-7Daiki Ueno - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Daiki Ueno - 3.53.0-1Bob Relyea - 3.44.0-15Bob Relyea - 3.44.0-14Bob Relyea - 3.44.0-13Daiki Ueno - 3.44.0-12Bob Relyea - 3.44.0-11Daiki Ueno - 3.44.0-10Bob Relyea - 3.44.0-9Bob Relyea - 3.44.0-8Daiki Ueno - 3.44.0-7Daiki Ueno - 3.44.0-6Daiki Ueno - 3.44.0-5Bob Relyea - 3.44.0-4.1Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Bob Relyea - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.41.0-5Bob Relyea - 3.41.0-4Daiki Ueno - 3.41.0-3Daiki Ueno - 3.41.0-2Daiki Ueno - 3.41.0-1Daiki Ueno - 3.39.0-1.5Bob Relyea - 3.39.0-1.4Daiki Ueno - 3.39.0-1.3Daiki Ueno - 3.39.0-1.2Daiki Ueno - 3.39.0-1.1Daiki Ueno - 3.39.0-1.0Daiki Ueno - 3.38.0-1.2Daiki Ueno - 3.38.0-1.1Daiki Ueno - 3.38.0-1.0Kai Engert - 3.36.1-1.2Daiki Ueno - 3.36.1-1.1Daiki Ueno - 3.36.1-1.0Daiki Ueno - 3.36.0-1.0Fedora Release Engineering - 3.35.0-5Kai Engert - 3.35.0-4Kai Engert - 3.35.0-3Daiki Ueno - 3.35.0-2Daiki Ueno - 3.34.0-2Daiki Ueno - 3.33.0-6Kai Engert - 3.33.0-5Kai Engert - 3.33.0-4Kai Engert - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.32.1-2Daiki Ueno - 3.32.0-4Kai Engert - 3.32.0-3Daiki Ueno - 3.32.0-2Fedora Release Engineering - 3.31.0-6Fedora Release Engineering - 3.31.0-5Daiki Ueno - 3.31.0-4Daiki Ueno - 3.31.0-3Daiki Ueno - 3.31.0-2Daiki Ueno - 3.30.2-3Daiki Ueno - 3.30.2-2Kai Engert - 3.30.0-3Daiki Ueno - 3.30.0-2Kai Engert - 3.29.1-3Daiki Ueno - 3.29.1-2Daiki Ueno - 3.29.0-3Daiki Ueno - 3.29.0-2Daiki Ueno - 3.28.1-6Daiki Ueno - 3.28.1-5Daiki Ueno - 3.28.1-4Daiki Ueno - 3.28.1-3Daiki Ueno - 3.28.1-2Daiki Ueno - 3.27.2-2Daiki Ueno - 3.27.0-5Kai Engert - 3.27.0-4Daiki Ueno - 3.27.0-3Daiki Ueno - 3.27.0-2Daiki Ueno - 3.26.0-2Elio Maldonado - 3.25.0-6Elio Maldonado - 3.25.0-5Elio Maldonado - 3.25.0-4Elio Maldonado - 3.25.0-3Elio Maldonado - 3.25.0-2Kamil Dudka - 3.24.0-3Elio Maldonado - 3.24.0-2.3Elio Maldonado - 3.24.0-2.2Elio Maldonado - 3.24.0-2.1Elio Maldonado - 3.24.0-2.0Elio Maldonado - 3.23.0-9Elio Maldonado - 3.23.0-8Elio Maldonado - 3.23.0-7Elio Maldonado - 3.23.0-6Elio Maldonado - 3.23.0-5Elio Maldonado - 3.23.0-4Elio Maldonado - 3.23.0-3Elio Maldonado - 3.23.0-2Elio Maldonado - 3.22.2-2Elio Maldonado - 3.22.1-3Elio Maldonado - 3.22.1-1Elio Maldonado - 3.22.0-3Elio Maldonado - 3.22.0-2Fedora Release Engineering - 3.21.0-7Elio Maldonado - 3.21.0-6Michal Toman - 3.21.0-5Elio Maldonado - 3.21.0-4Elio Maldonado - 3.21.0-3Elio Maldonado Batiz - 3.21.1-2Elio Maldonado - 3.20.1-2Elio Maldonado - 3.20.0-6Elio Maldonado - 3.20.0-5Elio Maldonado - 3.20.0-4Elio Maldonado - 3.20.0-3Elio Maldonado - 3.20.0-2Elio Maldonado - 3.19.3-2Elio Maldonado - 3.19.2-3Kai Engert - 3.19.2-2Kai Engert - 3.19.1-2Kai Engert - 3.19.0-2Kai Engert - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.17.4-5Till Maas - 3.17.4-4Elio Maldonado - 3.17.4-3Elio Maldonado - 3.17.4-2Elio Maldonado - 3.17.4-1Ville Skyttä - 3.17.3-4Elio Maldonado - 3.17.3-3Elio Maldonado - 3.17.3-2Elio Maldonado - 3.17.3-1Elio Maldonado - 3.17.2-2Elio Maldonado - 3.17.2-1Kai Engert - 3.17.1-1Kevin Fenzi - 3.17.0-2Elio Maldonado - 3.17.0-1Fedora Release Engineering - 3.16.2-4Elio Maldonado - 3.16.2-3Tom Callaway - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.16.1-4Fedora Release Engineering - 3.16.1-3Jaromir Capik - 3.16.1-2Elio Maldonado - 3.16.1-1Elio Maldonado - 3.16.0-1Elio Maldonado - 3.15.5-2Elio Maldonado - 3.15.5-1Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Peter Robinson 3.15.4-2Elio Maldonado - 3.15.4-1Elio Maldonado - 3.15.3.1-1Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-7Elio Maldonado - 3.15.1-6Elio Maldonado - 3.15.1-5Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-1Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.15-0.1.beta1.2Elio Maldonado - 3.15-0.1.beta1.1Kai Engert - 3.14.3-12Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- FIPS review changes - add PORT_SafeZero to avoid compiler optimizing a way zeroing memory. - update the indicators for this release - allow hashing of longer than int32 values in a single PKCS #11 call.- Fix expired certs in tests - Fix CVE-2023-5388- add indicators for pbkdf2 - add camellia to pkcs12 doc files - fix ems policy bug - disable ech- fix the change log- rebase to NSS 3.90- Fix CVE-2023-0767- Fix QA found failures: - remove extra '+' from sslpolicy.txt file causing test error values - only use GRND_RANDOM if the kernel is in FIPS mode.- FIPS 140-3 changes- Update fips default for pk12util to AES rather than TDES - Fix bug in pkcs12 files with null passwords- Better fix for test regressions- fix nss.spec so it works in a rhel-8.1.0 buildroot- FIPS 140-3 changes - Reject Small RSA keys, 1024 bit keys are marked as FIP OK when verifying, reject signature keys by policy - Allow applications to retrigger selftests on demand.- Fix pkgconfig output- NSR Coverity fix changed selfserv from passive to active, change it back- Fix regressions found in test suites.- Rebase to NSS 3.79 - Set FIPS Module ID - skip attribute verification on attributes with default values - don't export trust objects if they are default trust objects from dbm - add dbtool to nss-tools- Fix CVE 2021 43527- Fix ssl alert issue- Fix issue with reading databases that were updated using unpatched versions of nss- Better fix for the sdb timeout. The issue wasn't a race, it was the sqlite timeout waiting to begin a transaction under heavy thread usage.- Fix sdb race condition- Fix coverity issues- Rebase to NSS 3.67- Restore old pkcs12 defaults.- build nss for older nspr so we can pass gating with the new nspr in the build root- Rebase to NSS 3.66- Fix various corner cases with ike v1 app b support.- Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC.- Revert some policy changes the generate ABI runtime issues.- Add support for enable/disable in policy. Now if your policy file has disallow=x enable=y it will act just like our other libraries.- Add OAEP interface so applications can wrap keys with RSA-OAEP rather than RSA-PKCS-1.- fips need to reject small primes even if they are approved - code to autodetect whether or not to use the cache needs to do so in a way that doesn't mess with filesystem negative file caching. - add kdf selftests- Fix issue with upgradedb where upgradedb expects standard to generate dbm databases, not sql databases (default in RHEL8)- Disable dh timing test because it's unreliable on s390- Explicitly enable upgradedb/sharedb test cycles- Disable Delegated Credentials for TLS- Fix attribute decryption issue where the private key components integrity check on private attributes where not being checked.- Update nss-rsa-pkcs1-sigalgs.patch to the upstream version- Include required checks for dh and ecdh key generation in FIPS mode.- Add better checks for dh derive operations in FIPS mode.- Disable NSS_HASH_ALG_SUPPORT as well for MD5 (#1849938) - Adjust for update-crypto-policies packaging change (#1848649) - Fix compilation with -Werror=strict-prototypes (#1843417)- Fix regression in MD5 disablement (#1849938) - Include rsa_pkcs1_* in signature_algorithms extension (#1847945)- Update to NSS 3.53.1- Update to NSS 3.53- Fix swapped CMAC PKCS #11 values. - Fix data alignment crash in CMAC.- Fix coverify scan issue- Fix endian problem in SP-800 108 code.- Install cmac.h required by blapi.h (#1764513) - Fix out-of-bounds write in NSC_EncryptUpdate (#1775913)- Add SP-800 108 Generalized kdf- Check policy against hash algorithms used for ServerKeyExchange (#1730039)- Add CMAC- CKM_NSS_IKE1_APP_B_PRF_DERIVE was missing from the mechanism list, preventing PK11_Derive*() from using it. Add gtests for the PK11_Derive interface for all the CKM_NSS_IKE*_DERIVE mechanism.- Backport fixes from 3.44.1- Add continuous RNG test required by FIPS - fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor specific mechanism- Rebuild with the correct build target- rebuild to try to retrigger CI tests- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set - Revert the change to use XDG basedirs (mozilla#818686)- Add ike mechanisms in softokn - Add FIPS checks in softoken- Update to NSS 3.44 - Define NSS_SEED_ONLY_DEV_URANDOM=1 to exclusively use getentropy - Use %autosetup - Clean up manual pages generation - Clean up %check - Remove prelink dependency, which is not available in RHEL-8 - Remove upstreamed patches- Update manual pages to reflect recent changes in commands- Make sure corresponding public keys are created when importing private keys.- Fix the last change - Add --no-reload option to update-crypto-policies to avoid unnecessary restart of daemons- Restore LDFLAGS injection when linking DSO- Update to NSS 3.41 - Consolidate nss-util, nss-softokn, and nss into a single source package- Fix the last commit- Support for IKE/IPsec typical PKIX usage so libreswan can use nss without rejecting certs based on EKU- Backport upstream fixes for rhbz#1649026, rhbz#1608895, rhbz#1644854 - Document PKCS #11 URI - Add warning when adding module with modutil while p11-kit is enabled- Update nss-dsa.patch to not advertise DSA signature algorithm - Update PayPal test certs for testing- Backport "DSA" keyword in crypto-policies- Update to NSS 3.39- Fix LDFLAGS injection when linking DSO- Install crypto-policies configuration file for https://fedoraproject.org/wiki/Changes/NSSLoadP11KitModules - Port enable-fips-when-system-is-in-fips-mode.patch from RHEL-7 - Use %ldconfig_scriptlets - Remove needless use of %defattr, by Jason Tibbitts- Update to NSS 3.38- Backport upstream addition of nss-policy-check utility, rhbz#1428746, includes required fixes for mozbz#1296263 and mozbz#1474875- Switch the default DB type to SQL - Enable SSLKEYLOGFILE- Update to NSS 3.36.1 - Remove nss-3.14.0.0-disble-ocsp-test.patch - Fix partial injection of LDFLAGS - Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream- Update to NSS 3.36.0 - Add gcc-c++ to BuildRequires (C++ is needed for gtests) - Make test failure detection robuster- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Fix a compiler error with gcc 8, mozbz#1434070 - Set NSS_FORCE_FIPS=1 at %build time, and remove from %check.- Stop pulling in nss-pem automatically, packages that need it should depend on it, rhbz#1539401- Update to NSS 3.35.0- Update to NSS 3.34.0- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka- Fix test script- Update tests to be compatible with default NSS DB changed to sql (the default was changed in the nss-util package).- rhbz#1505487, backport upstream fixes required for rhbz#1496560- Update to NSS 3.33.0- Update to NSS 3.32.1- Update iquote.patch to really prefer in-tree headers over system headers- NSS libnssckbi.so has already been obsoleted by p11-kit-trust, rhbz#1484449- Update to NSS 3.32.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- Backport mozbz#1381784 to avoid deadlock in dnf- Move signtool to %_libdir/nss/unsupported-tools, for: https://fedoraproject.org/wiki/Changes/NSSSigntoolDeprecation- Rebase to NSS 3.31.0- Enable gtests- Rebase to NSS 3.30.2 - Enable TLS 1.3- Backport upstream mozbz#1328318 to support crypto policy FUTURE.- Rebase to NSS 3.30.0 - Remove upstreamed patches- Backport mozbz#1334976 and mozbz#1336487.- Rebase to NSS 3.29.1- Disable TLS 1.3, following the upstream change- Rebase to NSS 3.29.0 - Suppress -Werror=int-in-bool-context warnings with GCC7- Work around pkgconfig -> pkgconf transition issue (releng#6597)- Disable TLS 1.3 - Add "Conflicts" with packages using older Mozilla codebase, which is not compatible with NSS 3.28.1 - Remove NSS_ECC_MORE_THAN_SUITE_B setting, as it was removed in upstream- Add "Conflicts" with older firefox packages which don't have support for smaller curves added in NSS 3.28.1- Fix incorrect version specification in %nss_{util,softokn}_version, pointed by Elio Maldonado- Rebase to NSS 3.28.1 - Remove upstreamed patch for disabling RSA-PSS - Re-enable TLS 1.3- Rebase to NSS 3.27.2- Revert the previous fix for RSA-PSS and use the upstream fix instead- Disable the use of RSA-PSS with SSL/TLS. #1383809- Disable TLS 1.3 for now, to avoid reported regression with TLS to version intolerant servers- Rebase to NSS 3.27.0 - Remove upstreamed ectest patch- Rebase to NSS 3.26.0 - Update check policy file patch to better match what was upstreamed - Remove conditionally ignore system policy patch as it has been upstreamed - Skip ectest as well as ecperf, which are built as part of nss-softokn - Fix rpmlint error regarding %define usage- Incorporate some changes requested in upstream review and commited upstream (#1157720)- Add support for conditionally ignoring the system policy (#1157720) - Remove unneeded test scripts patches in order to run more tests - Remove unneeded test data modifications from the spec file- Remove obsolete patch and spurious lines from the spec file (#1347336)- Cleanup spec file and patches and add references to bugs filed upstream- Rebase to nss 3.25- decouple nss-pem from the nss package (#1347336)- Apply the patch that was last introduced - Renumber and reorder some of the patches - Resolves: Bug 1342158- Allow application requests to disable SSL v2 to succeed - Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails- Rebase to NSS 3.24.0 - Restore setting the policy file location - Make ssl tests scripts aware of policy - Ajust tests data expected result for policy- Bootstrap build to rebase to NSS 3.24.0 - Temporarily not setting the policy file location- Change POLICY_FILE to "nss.config"- Change POLICY_FILE to "nss.cfg"- Change the POLICY_PATH to "/etc/crypto-policies/back-ends" - Regenerate the check policy patch with hg to provide more context- Fix typo in the last %changelog entry- Load policy file if /etc/pki/nssdb/policy.cfg exists - Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy- Remove unused patch rendered obsolete by pem update- Update pem sources to latest from nss-pem upstream - Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key- Rebase to NSS 3.23- Rebase to NSS 3.22.2- Fix ssl2/exp test disabling to run all the required tests- Rebase to NSS 3.22.1- Update .gitignore as part of updating to nss 3.22- Update to NSS 3.22- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Resolves: Bug 1299040 - Enable ssl_gtests upstream test suite - Remove 'export NSS_DISABLE_GTESTS=1' go ssl_gtests are built - Use %define when specifying the nss_tests to run- Add 64-bit MIPS to multilib arches- Update %{nss_util_version} and %{nss_softokn_version} to 3.21.0 - Resolves: Bug 1284095 - all https fails with sec_error_no_token- Add references to bugs filed upstream- Update to NSS 3.21 - Package listsuites as part of the unsupported tools set - Resolves: Bug 1279912 - nss-3.21 is available - Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit - Resolves: Bug 1280032 - Package listsuites as part of the nss unsupported tools set- Update to NSS 3.20.1- Enable ECC cipher-suites by default [hrbz#1185708] - Split the enabling patch in two for easier maintenance - Remove unused patches rendered obsolete by prior rebase- Enable ECC cipher-suites by default [hrbz#1185708] - Implement corrections requested in code review- Enable ECC cipher-suites by default [hrbz#1185708]- Fix patches that disable ssl2 and export cipher suites support - Fix libssl patch that disable ssl2 & export cipher suites to not disable RSA_WITH_NULL ciphers - Fix syntax errors in patch to skip ssl2 and export cipher suite tests - Turn ssl2 off by default in the tstclnt tool - Disable ssl stress tests containing TLS RC4 128 with MD5- Update to NSS 3.20- Update to NSS 3.19.3- Create on the fly versions of sslcov.txt and sslstress.txt that disable tests for SSL2 and EXPORT ciphers- Update to NSS 3.19.2- Update to NSS 3.19.1- Update to NSS 3.19- Replace expired test certificates, upstream bug 1151037- Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available- Disable export suites and SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code- Commented out the export NSS_NO_SSL2=1 line to not disable ssl2 - Backing out from disabling ssl2 until the patches are fixed- Disable SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Update to nss-3.17.4- Own the %{_datadir}/doc/nss-tools dir- Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic- Install pp man page in alternative location - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer- Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available- Resolves: Bug 994599 - Enable TLS 1.2 by default- Update to nss-3.17.2- Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work- Rebuild for rpm bug 1131960- Update to nss-3.17.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Replace expired PayPal test cert with current one to prevent build failure- fix license handling- Update to nss-3.16.2- Remove unwanted source directories at end of %prep so it truly does it - Skip the cipher suite already run as part of the nss-softokn build- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Replacing ppc64 and ppc64le with the power64 macro - Related: Bug 1052545 - Trivial change for ppc64le in nss spec- Update to nss-3.16.1 - Update the iquote patch on account of the rebase - Improve error detection in the %section - Resolves: Bug 1094702 - nss-3.16.1 is available- Update to nss-3.16.0 - Cleanup the copying of the tools man pages - Update the iquote.patch on account of the rebase- Restore requiring nss_softokn_version >= 3.15.5- Update to nss-3.15.5 - Temporarily requiring only nss_softokn_version >= 3.15.4 - Fix location of sharedb files and their manpages - Move cert9.db, key4.db, and pkcs11.txt to the main package - Move nss-sysinit manpages tar archives to the main package - Resolves: Bug 1066877 - nss-3.15.5 is available - Resolves: Bug 1067091 - Move sharedb files to the %files section- Revert previous change that moved some sysinit manpages - Restore nss-sysinit manpages tar archives to %files sysinit - Removing spurious wildcard entry was the only change needed- Add explanatory comments for iquote.patch as was done on f20- Update pem sources to latest from nss-pem upstream - Pick up pem fixes verified on RHEL and applied upstream - Fix a problem where same files in two rpms created rpm conflict - Move some nss-sysinit manpages tar archives to the %files the - All man pages are listed by name so there shouldn't be wildcard inclusion - Add support for ppc64le, Resolves: Bug 1052545- ARM tests pass so remove ARM conditional- Update to nss-3.15.4 (hg tag NSS_3_15_4_RTM) - Resolves: Bug 1049229 - nss-3.15.4 is available - Update pem sources to latest from the interim upstream for pem - Remove no longer needed patches - Update pem/rsawrapr.c patch on account of upstream changes to freebl/softoken - Update iquote.patch on account of upstream changes- Update to nss-3.15.3.1 (hg tag NSS_3_15_3_1_RTM) - Resolves: Bug 1040282 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) - Resolves: Bug 1040192 - nss-3.15.3.1 is available- Bump the release tag- Update to NSS_3_15_3_RTM - Resolves: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws - Fix option descriptions for setup-nsssysinit manpage - Fix man page of nss-sysinit wrong path and other flaws - Document email option for certutil manpage - Remove unused patches- Revert one change from last commit to preserve full nss pluggable ecc supprt [1019245]- Use the full sources from upstream - Bug 1019245 - ECDHE in openssl available -> NSS needs too for Firefox/Thunderbird- Update to NSS_3_15_2_RTM - Update iquote.patch on account of modified prototype on cert.h installed by nss-devel- Update pem sources to pick up a patch applied upstream which a faulty merge had missed - The pem module should not require unique file basenames- Update pem sources to the latest from interim upstream- Resolves: rhbz#996639 - Minor bugs in nss man pages - Fix some typos and improve description and see also sections- Cleanup spec file to address most rpmlint errors and warnings - Using double percent symbols to fix macro-in-comment warnings - Ignore unversioned-explicit-provides nss-system-init per spec comments - Ignore invalid-url Source0 as it comes from the git lookaside cache - Ignore invalid-url Source12 as it comes from the git lookaside cache- Add man page for pkcs11.txt configuration file and cert and key databases - Resolves: rhbz#985114 - Provide man pages for the nss configuration files- Fix errors in the man pages - Resolves: rhbz#984106 - Add missing option descriptions to man pages for {cert|cms|crl}util - Resolves: rhbz#982856 - Fix path to script in man page for nss-sysinit- Update to NSS_3_15_1_RTM - Enable the iquote.patch to access newly introduced types- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Fix incorrect path that hid failed test from view - Add ocsp to the test suites to run but ... - Temporarily disable the ocsp stapling tests - Do not treat failed attempts at ssl pkcs11 bypass as fatal errors- Update to NSS_3_15_BETA1 - Update spec file, patches, and helper scripts on account of a shallower source tree- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build3.90.0-4.el83.90.0-4.el8.build-id654fd6445826c5938764c85b3091a7dce360b5libnssutil3.sonss-utilCOPYING/usr/lib//usr/lib/.build-id/9b//usr/lib64//usr/share/licenses//usr/share/licenses/nss-util/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protectioncpioxz2aarch64-redhat-linux-gnudirectoryELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=9b654fd6445826c5938764c85b3091a7dce360b5, strippedASCII textPPPPPPPPP P P P P PPPPPPRR RRRRRRRRRutf-8e2fc54071025272ce95f7e40bb00d1c1b11192eada9e22e3ccadfc08a2e4dca4?@7zXZ !#, N] b2u jӫ`(y0q/r+KoZ:}k,o h؈2OR,MOţēHs~mH` |x!=ِ1(]1Pq 透&w€ApJMlGAh3BQ=^f95ΧÄuqC}[!pNd-Rq,oݙ%Ӭ-2N>d0sТQh~XIvƻ3՝-,ߺ|=%#0Q|I`GBD:i`Q<$/9QNw S%8eP7bdh H-cӓgeiAۗ!0Q%:9EFrR>: :Wb,!Rb oo`[_1IVrchˆK)~A߳^(Sۤ#P uAs'Y>na`HrS֗8)yj̰Q?bX{hָ\5wŻxv,؂/͖hnf{`-LӉEOFA(gb 'H!03?ڬ,q.8AP p j'{ކd7-⮴ó8oeLn+n pf;b*}f_(-oWXF$, b nF/Sr~qwk bGL؞Ȣ59HƇ\~ڛ!Ikg]vrZ pZ|J"BiǛւg߷7AVY^EdZ:׳wn/⃔1!Zw&5b&˽O|]皅o#V-z;Nl \#<Ɛ&DPôvܒsnd OU ùEMN_Ư-i%a b6crhZT{c/NŠJYX>Vڈ8Z@Hn f{/Dc_AeTLYG+a ONu2#rT}鲮.peׯ5O}߉&MQgYtqQI[݆4Q.SlǍ]:S mtt2s&AXug}zjU`3L׵/ Ӆ}R/0"/l?bƻm1LF#BȊ^ ŋNEH[-)E%`ٿj`.(sH`29Uc` Q8ѲյԹtU4xkS =NOU؈8c_}4166vH_AE_+_\Mj C9Ǖ?7s$xm"'18wՑ.y#",GGc7ee9Sloʐ#IJ_^oy=߹%wӖ/WGX~1m D)xX5?{gVz#[n舊۬"Z$)J^$ӏ)kHK\`A|Uu9bICO9*9܋OdfjxO԰h0C*Kj/m ̉ZSbdD\d*kՠlXg@٠ _ nSTKvD욌 E)|Z[ڢwOy!!ڭ;|B'9blCP8?GȌ ?R^R!+_܉(TH^ZN V͢hgonT Yo3%!]o p]%> s&G+I@ 7%ChJ {q7t&[҇FA\G"4U4SO_(M%KҘڔpŲRmwb{쉖} 98O(u`` DQFP<n@׿Q1M)]%-U0䢤Z"dЁБN1х O/R|5= ]pd*b~X|lAuݚD7O`U,XHўj]i?π򔎆ޱsŷ!?/3} " ~ݘ:'G/rUѾ[%T1-z8&fP07yF a6?24<ƒ7a$<0E*Nj'*æcW=wrf@p06RS^$u]IΝ)Urǐ H tjw1.忢avufQÕe֐QʖޗՁ6P$n`T\_0 ޟRK ֐IB`Jy8b%~>-1HSV̩aOd}\CMjI!"~Kud"%+_pAhQfYƖp+{ A#2& 48LbALl'K>BRbv91;UL]Mr9CLGb7p8#.f%J [h\M\|A76Y9Q'QF4G[\uAkc.Ft~B@Sj Eﶹ8FYf0M fuمftŧQh#%#M@aȶ =~箶``(Tr-0d7!ߔ>69p6̬w^ 0?ábsc,)k}CFHWbپ~SQm$0?F%Яp/[-&/TIZ(<32n̊d 148U2pVe*7R‡? @W<;KjdC0^ exT9@eܖO7}9 W+s^LPٔn oj(-$ʹ6] 5Ib!%T~gH`^耑 Xpo^͘w|FE`6x2^yq+J:B@|ƈXqCUOM[HcƛkA﭂;>ңix8Ollc_>/QxPX塡 eMѣnrM%͈?(juYG#qbDʅdsӴ{;^ނ ~f&OLHi.'(Q0jz$%))2~B"M t,/'dj2/'8ygdyGqV$S9a:0;#S{Ƞi31QZI)g0$Ql9_ͭ]KTS{ei=vg$Tb0-7G%i o|Uq K&4mwAL%;STDQE0k7_)%Biz^KSTSz^ c,z2ͬۗ7S>d0nCP>Ώ[~#>AwaZVnn^(Ʀv\ o7˻p !O\Q;Z ZUr~*ͽ [a9}16s~ ;]K \Rffu\SAq?XkJdRі\x §I˥ilB'qb-xwsw[Ԡ§(3^gȮS[\kk[/NMFgr'ijA}7J^*kK{,kEsJg@~8 &>X5fPA3gY e!11Ud1xfF,ޔW0ISI~!i@j+nf 05dtͣ'Qj=%ϕ9lN& Jʷ{О}W$Ԁ[xw>L beLȤExTe?yx'`k{s#뀐BC4hy{s:,<MTy.In'o UXNidimQpEbBz[0}OGMtlG0T&nˌi!3hudp̋ӟcQ"ܫSRg|bJ/͕vJ]ҍ;?fc`YoCD>EH|rWN5\5z{o++L"7>0d`V. oTbJשxqKmWixPCL|n [SahS6ʼ6,va* +K^S \O%iMxĽH}m΢ĥ0aQWI~4/LDY*1B]"q$IlyZ\/ZV/[6hüf"UnUR7i)=6zZz'Khx03(~0{0:q&q*Iʏ7Ty21$S4#\V4?>26Syeu%HFx̉!#"/Y]؏~I%?0~{ *l&2Bfk؍}S|HGZaDFtcxtWƠ.aL|1Kk֙D9y t*XT#AQp҇A &[Wc%o6Y@C4ҽf+r-`cJFZ„I̤EN6o~PIfDDcv^.[죠dVyd8)v2ELS=yEwTB[ ;]R5SXEap{L!b O_ؒ,81-Ȣ.U˱~ViI.A^Rs &P[X͂Qb`xwb`(Vc_UN w7=(5f= ?/<꿨!1E}ef@IziHl?[2\΃Oک !P=*ę⑾p^MtTYz@q%| )&^@7=ؠ| vbRz˛9_{:݃nVc|vG0Z}egn—:Tj띄>ٷ;rt0o5 ? V'\\(~Llbdy,ւEj\O<4dlH&,ɩe[uS?D|:+<|Xd pDzxUe'WvWmkW.FT=1^d^*|#DZ]NZλL"]Zf Υ+k&\ܺ;T򲢹̯!Ia,`ňwe|  F ݘr+ahXzi.6d̦9lGCЯ4e/=v_p9"U\L_XP"jZ;@@ smWVt ܡyPR?BE@1Cv f/}+{p}'/]cHGўy&Keo$9A`w=Zn\B=n?M tSBPmtI1:B {Aw=~##vtPo?ׄ@{b3TXS'!ٴ19O6#[fMX2mGJu;WW/QW6tdVbt DN'vȫdL1i0{+pTw'hK5ߪ(ugoE}VIeQ1Nn<.z>֛w}P7\=pLt<AN,7wg!_i yxnkyN=i * ͭ`-`R X7ƿw7ˡ3zϛ0{/j}L:`=LaȖPd.3XDd0G^s$J(i;)} _>z9# h/|զ.}pOt,݁3$avA>ʐL馱h/WN273*,ފRm9niEt/t@Ӭo|1\Wj͸;ibM ?ۖyXHLC6I;{p?w)7K/ҕС.;@3*"]mb_zG9Axr!qeU+w$F7"KN{T?cx~XXs禁mۿʺ f?DR;aC3iTZq}:_]a*P˝WSe臻B#/Td/Uf\! VsE@7x+\[3|-"U*85 RqNR (31(m":,ɫa >}kܗBL]QFBDz ik6Y^7wʇI8 (dE } &y86N u[G7APӏ)PB`w)EuL"6Qj~G$ǿk$5gvpj쯷zWzYL+mgPʋ9ickg߰`^zt}nݏc9RJVru#Ѿtcش˧nZ0@m?T=/"=zw2tu=c#I7_Mˈg{Rb: t|rAA 2DtxhgZf? 9f^3[!~A7#lGˌڭnibd=eӹ,=2xJh=}~`^ju6 [ ,u׽ټDey'yv8 ķD/x;E};J}a|er: o=1`-df{(9AD3!}Yiy#'$/0Kmvpn7" AmwoD`elVÂ0/^Tb&8#]OR RO iaN?[j@Ex>kZۚ5:GNe#-񈯯pCN'TГՌdIu&e++1+p|͘c̙c) %c;G:GGVˀ^3+bzú\ ۪֭s88Ux74kX4`3go%h㽊n ; 8y A?KYXab j4"+޳,HY{tJ7FE4mj5YTETJKrB6,%_zӎ&l`98/ymթmBr{e z&ghd=z 4Ul1slG"fA)H֙(Uc) 5 xʱoe.Z"S7Jg}߸:ƏsL3ǣa7`O ; ijR4k4K߈ Nn/f/3u~b[#ÈQKFc?Ov"5((/. Hx~2m3g1B%hfzD9{$YUuXY34yR. RJ/d#VgN[iSeK乶DK(8c |cq<׊3+Kﺳ2hl[ݿSN|{P ՙWoD.͎_斫WHv>E+ú]JcVDȞ_M=\D/;q gq?A] m9 ۥ5~jUrY@9ju`JCRr{Qn8jٲIUje ',?6Q]B+%,e64ɫ'E6s!"SMU.)Oh'ritሷs!Ы]㓫1v"1˂ٌ=#1ܲD0~nWf9^Q\r-Z/8ՋpQV`v3Q@ZzSyg䰕S"85N!(zRj1mS -W-y8?` Vʋ /ϸa1 Y¶"UK{YWa`ijsW ~ُ{n+׈ƚ[\tu!>~,ոNN1tg<7֩ӆ[>䤤5e*0qulB_s>Nk3 K=;4ѓQg+F>2y^+h[;kpCPB>Wyۄ+OXAޙAkck̞TJ/2Z&pF‚ljF21}1=<ˆXV("tćznlvRHWj@h=JpEq铃RZyArwpw^8\zRex#o9ރy96i+&,CͶV?TL By-AYpp;}W;N84P._Do'k9O.bApݞq%n^1芅ɅpKwA w)Z*to Y]t N%!;7r؜ r] [ܟ2{Åq6{lh!s v0ȍoZ!d*jbAl_ Nfj " 4\ j)#ËD{;,j#'3t2RuaA"eUV/e5mL'ē c"D}n*O=c^-;44 y}O`ӛ; Vފ|>M7u^K 葃su"{fmf T# f@g߯bF,V$o?2#)t 2ˀPpj0Prg$$ r]7dnQBhs;z0Ϸg (9sTQ6}k [;zUM^l1Rxta{Rv[J3,*s}dϛ"]" Eq-*kؾPoN F "&(ߌH?l-4DsDa{hPS9o>t]LY) ;Vw7!?6`Wun-h3.z]Bα;{>N'hfs)xb \_ r+ זh؃UswAwl+@苠sSa{-!099.u&͉^wZx+G?!n}a(M [΃^{G"GO5uxoLI@>D꯵5H3 n)CɘB]a\S9D^a\@`AG̨0!U:u %:!T-e~b41QAMHYɯ\:Ȭ13|xxj_ 1kerr*dS C 7[Yb\EsK[Xd쒜1~'3jIWdc)̱ӿ"z]$[drfp7 ])-5Fo7km ~T2n'E& C.mSc5!Sv{OI!lPV_N8Q[գGczE/5Ja OF!=&vл(h`tK:k)/&\|w 3 sHGL9ABbG@kښdL+՛rB6sh[s 626=cdOMd(#u ~ E^,. DdOz30ZGL=.D)sg= ku3?Yr_H#ϛ] l3=}x.)Qj&Es3,cK 7.¢ +vspR. "ft#UAE=䕙̟"ё |8|2񎇜o-ќ F5:6#lk@s">6o}_DE&s./8%+9Dis)cL01 dg-$] Jw];8o] Ҡ`1.ʶlĭ6R˗ ˗ۤz%h~0" TN!4ED}(BT1+~}T~&&MLk;!U_F`}ܙ1zB/P']%QUt:Y]O{SӪau}&dƯ$GhW? R{+0ُ9WK j>(jP EX5$ǼiѾ.5:QW /r~2ώFiˋ:E͝HW)u6w 0{L?]DQΐُYKRjID}ݬc4dJ 3a]UVUP1\&&Ic506>0#׷W&4,j)*_Yʨhr>kGORE\FZp7#0I+1ThW\EqIQ-հZ|;q_sBp7w9:P>;ǍrF?j-^m 뇘965p<鬶ŅirWft@P&#l[5QS}o3}) `29n>5F\!wCs +˘DJB9V#Pږu_̖kEw x_Y+)r//m3g'!^a݃A"kr4kŽ\@Z@>Ѥ )j0 Di|.͘JgDvlVQҬtz،5L:6&_]}aq%V}P }uO"NKzNlnt+'5)Xjk(av"!O~#A^]Z'JԐkr|yYv8vma5pPmP+-fb_2` `F#DJr\݋ ĻD=Zo!Ť# X9ׇUjޭȍE<'Fۓ:#7ؤ²,Q+3duy`>{0978D‡ 0浇o+4LQۇ >Z^G{e-NBY_. 囸,-QI cQs:?%y79VT.#ax@z -ꉒ8G) 艑RQ"Sr8&0A@-*#0(aLpWQ= צB,/|8mK|TVw 9W@H/i^/z ‚&{(:D1d5%p×K]Z[[yFLT58pC$H41 HMk&Q!@(M% l#1ہ[jPz>\Y# "F`HY?y!goiݡSgn` ]mnrᚯ$wf :A}JP{>0$c(P6FO֚NOރΏ/x0( +cG휋rs X3awoj qB CB|eCAŻyEa+n3Jc8~#p)婟ڐ wxJ,W!ZOȖ'J;GA5p\]V^F@`MY%O ,FIѳǥ?ԝ&ۘOq% bR;84'q퇒%_iMt[ :*wq,E|w%X+'Z$Ǡ¬ Gz2lcv oȓmI^jAR3؟D:2E/,V d #ür{JpX{چ|SC^BU3#iVvp:i`2W<$SdߦpDm0o_A)2ڢFmUVCiM@"V.oY)jq 8umXndfn] :s9`Qclpc/gɶbV76]}LOgM?88IuCp H+nS2u7_oxd 7Vp CVCe̳h$mUذyݢCZD욵Y>+lr{iJC-#ҖKjo`7/xA!8̲UI:++(r mDq"ĝ3=*J#̌UQ ]QLu [x17>3S01Dh;ZX=,$ T3o1/1?:˂ 񯘜cSC ÄĢ O;82 MJ$ߞmc8Sil0X Uq3}3 Z8S' YZ"EѣB@njMb8|D$;Zo݄1Ar - l4;o -{Ŋ\Jh;[|+E~3uVQE*h^;GNq&^B|d +c77gKv@o*˓{|cIz?Sc.&TJ+~T^[hRa] ~ӍnKlj᫂@ضvw#|Ira ڏ,VÕkmMj|۶ރ2ȃ۬ktXТ|:[܈(/wֿ̿8g@9LǜJas6nSa?iFpa*{ h7 ip=W/h]*QC[ `}KFՆ;=8 V$ #?jScFL5 IUq'T?: /xyj{4%MjE39y`/fU5%o4Љ؏m S'HޕrΛg @g#f93;q? U6:C`%>9[fVeΞ4d .AհGm8R#1ऀ-IMtiN-pHE$@ \4:Z&Hry}`7! ~ȕ؝J(`D4 ~n;v&N"/J->~Js_4M5|eQ5BSxBDF| O&Wlf٦ض)U %>-P7qIDaY*W׈ۂ*<)Yy$N v*.q nh?h <.s~yd<ҦcŎ Zɽ GB5AeU^Su`'$/Tl3ֻn7!ku4|s,Z!{C5D~.J?7⊶y 4)<ڜ1oAj;152v4e0 ׏!l UPΦxllv)x !y~`/x(Z^`®TJM'TuÓj@߻ƜUd]xD]vS  'Mzl3@+{rp&2itÚ@O`oSu)ձ Lz3~B mCհ8SLnS4ӚŽ;Q<)iźf—E2"X&k'܋o1;Α@H )/wGn=1 X:6-L9FMbW=W{ow+Ì!RyO[͍b؀MS;3B`܇·cTt76J ;EZ|ْ{M ;A9OF fS%VKJ|n).)NІGoi:E::mAr):vnYOImH3lB:XHPTϏ /fdw53Aܵz\(SFKB/"~Y9 #xgL0ikǝ)4nq]N 4;Q*]Grˋ}\<̱z1Ү+T$?6!-w ˰)oRT-h֣L߯?[|aaPbebzXye+Rl E#Ȥ> ۚbf-"':BثͫkB%@!:Yl.Dj{TCuIz4-g [K;γSdrAFµ wG4ь@F^l=6/`V0\oo{mZr D¹-A &b ݆-D)_Y=Us&Pl ,}ߢh¡ҺnvO[7?KpYZ25KEcxa$a:^l |PA}jȭ&=em]auw^OńaQ؀ npt~:U"J;Oa|2`"^)# el^׳ek~JygY  F]1԰ Vx~!I)8t'hqLGK 0U}V£a>CN#UcGc_ %/\h)dot7%պ^al` ΁xKV E݂5J$3d+1!<0Z nփK[*X )J5.ԉ(L!ZRދ`﯉Gk*S8k4NyGWW(jq~zc'7Nk&w㠴6t5DaR;FSG{cqdffJfzQQ^ 1XfF]To]k|;k{\) u0Į=_ga}5V& î&_Τ>yDJ*wpa RxRYхwY}*vrn1 \3v[ cy|dUwah -SW|OIuA#T`Dž\/B3#7ɴBh`8>Yۢ 5b _X%#uߺ֜ˌs<0( gHԌAWs c'Xx*PGl ܋qP@,ckѷ$C&럻Sy9ܹ%?a;d!{ 5'2VH 􏰔!1x 'IP\CY5R;uwсyɅ\Xx kwjE< 8 ̐wp=]z-M|i\NiߧXO<-dĆwaa% o+!(Wkv}MDw_%N.Bx9z=FDje5W["߼ R/VI\{/~h1L qyau mf.B;N\^!,p_z XJpvusTtL"CCl8X"IY^zla|*w7>Ͳ-l_B("wHi6BM"L`Xމ"igHaah;[iHAYölهΈ L-Ō7HJgN1N,呢{T%NȒM*)zEhUf,<؜tsۜPc0*@SiCdWζ "7.g w:@[`IK  S3"𧈊IAfk z'0Ǘ#xηNF歁B$bool0g7 uQOQf92ԋl,Jd!֌?y5DnLɵKT*?&ӞZLC.`R=U(uU][7`])tS]RW_$I #؊chިXA /=)UXb>{"^֩nݙE,8J?9뚘=W7l7 TTd CTYKZؚw`faM:&%&Un"͆Lc Ǫ{6Gn }PA:"!}0f gy8Qevޛ N6MU~ՙs#$E}H$;Cb[%[ a_ u7k n%c]Ax4Tas%; ݉"l(M.4ޱ7zG0U{Z{=' ӄ[BӬk`S|ߝ~?WS)'zFYV5eD^:䡰Ilo&vq:uNceur2XN[m@&IX[[ OY(oLO7RF? ˘"F.B⟛עÕQL4/xh]\U,"*)YWn^)B;"i-ovF9臦4X1@cTj}D";0[hQTDn|1U,=U6 :% DP#}<7{ }ӫѯmtNT_2n}HW>f!̾" ^0V</Ɨ>;ݚLvQW6AEL!ZqRZNg|hLs+}X۲5.M|'iRXGi`ZLunB)My ԋ,t^kfI) .zOEcO%ؕ,lܑ*/Gz_:"z0l:rwHo2t3`$Wz a sjLl>^8>[$=t3U>aƶSbe1R~-OyhP/i@t e<O9j2v| zr'^yj- j6d}*{dKQBxw?3 *gDJQKV36dAg=J*Rq{ TH.„rcζYR6fJoXi،uH*y{ k O 51?x$v4Q VOz#JR/鳡+dh15t"*lOچoOWKD;%J '*N=*>}zQ2ϙWZ6=wo,KG#y[_'gNSyx;\ EVG P|Β!W(Aj/!R~>.FO=1 eځcBJB\ԂsR'y,O* ZFwJ;³߽\1s^CAu3p}56VBjS5li^Ԋ. g9lI#| .:GEvb45fk_XSedZ<-YVQ=9|L~-e]b{km(%ַR\(xW vK}5BSi(R6$mޕ$ޛlNǵ>ӫ3iTϚN@t3Cʍ H<(˴mu$mam+k<_ V(C#F jP27R/l8.|H5eL:KF2H=.N04p4V(I'? 5hI q -MnZ]30%[5z4R~O_G%pʵ2 z]e mpǃ Z%ҊQe6믈b L-\Ww(PP|FUJFWRnmVI,vST,?ܝ?\GO$U1|;M(/$K88EizUMxv+\+,K2q=]¶Q&ɛQ+φz| r!HA,L~L^hisp%ķb/{If &A1/Guf0ve0(Cz6*b ;qm,hz7Ϙ0,u S I}Ph8!{@%6ӗacI9Z^oWf@ȓ8M!>zw@#fBL[Εd8rN j? {&#VP+F$rHK }:O8SMke ^ P[k$(cz ho+HabHT.[h4hU-P3%\h z9ʕoY7R! P/O|; <E $Qc&l{tXtbvF'&hK)'FDZC0x{.tڸъY8ʅAz 5 6 U}BDע(*gYew^!>O*G_M>ԿT( q@fakNZVź_޵.7s2nXtNd׾ -:_ )ηZtn)2YaR[k~Fٙyx%FHQnZiϩU՜Z!x",K.ƫKTp f5/wIˌfe(/)JŴiY T^ji*q_}.,"zfa_ V( Fi~5` ZW)TzY8,WE CqmU[ ~EnhY~u2Py%.5` 8lmFuǴU hUBo?f B-H |JUTRHh4quhX^#v/uO4oq$@qYXFLgn!~ǻ/ހW9V/( ѮR8U H8w+ J\lT?`᪉r:,êfB,&:u|Q ۑlA6 ṷo"Xb=ӁL] {I8GS!(1jXVRCTqnDLJA.$/ |PcH}VmA hd2ϻFƤKfyp w\\i/WD ࠷Y5{UrD7m19\C&U5׽aSjd {m='F"T+W *Mk%`.ʋR^Ŝ?%Fy3?gaw=JtE;e<ܱubҽ m'34gjޤ<]>w`6IѭPՕiLza1!uPV 0׻&B!]3,^`Z՗sU=^ERբ-5fP0ɶw'>yKYOb E!XpwI4_ 9TQnU4rv7@+0"aH-CAJQ^ɋ7L>ˤid~Eg(e,? 51R>7S,F2rlSk悥W?wr#ͥ/nuʖ.8ʀ_tq89=,f̫e=q4fA+4?zPC#)J1PB]<2tM"خt&3k(R4pÍ Ds. Tjc5+"(PVE G`}[dco >XBowb'LSl 'iI=W|_4@S_e}R%w"@¾϶Tr>4qb#mEK$ m}DQ`TQKeʙ^芫vMF^Ghu[϶PyuG ne1 L>W0)rvv^mR# 6ȞL\gmqg,NVM9YE(|rPCTEN}|G_sBg}gx߹[Pk0^ qQ\6x T8E2lE(X^2CLE蹗tXů =nBq~  - գ*$QO/*] F4rIp'L%Opgqeۛϟ"@Jv!Xa^aHؠ+-I~PF=G&bq/VK-fQf/_@`;VϙN&xJz+qhq.} p`*#mnq_x*Ds;}䡾ſ&=_.:Q> 9kÊ#ߖOn5e˲;$FxF ӹTJN[_FSTݏ_I;H!lE("aC4̉zDW?or=îvHhzw&  ߺZ; I.4vR'BAl1 X:bOhvcچSU̖Co۽͓u' Cu]ɢ0'}]B>8(ǿT S`=}n9!K@jʟp p~^CҤ|TQ5/oP{eSb˗'*53 1nM UB[GiBy:{f@f E2GHU-hN9u*b]CQP-&s]3͗421Qs'WpelCPrӎyAx/ܣllpL+߭د^AWdxXck7囐ǟ#,ߪ{5C."d.1tW'/BʗckJ$6k$tgq~Uj;WpD*TZ9q0Fb3^Lj]e) '?rИ.aV 5i֯y70>,fuO!b.F?Z# 1?m^ijDj_~]i ellW.G!JavD;$O6pC~ [Jwcmi4t탴|MZ½7Uf>sҬݩ|+K4ĭ M!Jn? ݰXPSx ÎZ$oJTO6n6۞Mv@w}jK_b+߮| 6RVa$ ] t1S7!^/^%X1}oHU4#~eK~ӫ|-1,#wU6&ćgɗfԔ/a58m7Ek5sl/g$m\c6{,frAp~y9Xjmt~jKBGTu$[;6:CXcbR`an|gE `s3p?ӕr/|ݟܿI֥:eV!qX [:%Xpx >>'{L+b'e .zY0P,(;M w<[WRIv҃J!k6&zuN&FI'!ԿIiu0mbč@۳_yOv"GqgXd-t=aIQl.'o- #3gv>|T/˾M*i2iJOxD(f|l'L3ҝCE z L dy~yCP"^XݶrSB[ )e/e2A$a9E|]a#9KVIv;aBӄ?e"gh:ܖTֈߍ]U :]-` lq >ITd.b{5|])4,YMzaoMIRtfkCŃܳ[۔O*>3}PnZ9@Ŷ{h*u"b OKݷQ蓣g h3ri" 6W,"J6@gZRy]d@ $jY3A~@3ܰpY{p@'ǁ(3 H_Q>Q%(q/":rsm2lœ>610 bAt94T[@Ч~gQMd6Y2ҿls")/w#3+29E7*>Oo &mPPd#DZV'5_k!]2BxԪs"s|ϓm܅rRϸ췏)`b3K^BSBM2cd[5=|PԺ8's v|$ؑ,T?T@:gڡjPoj'g1W ;:o?"V%R#ͯt\{}<>+. ȭ% +T6 MM[cl I}Q[ SU&*I5[P7rWi`HGn2}?Y[ďL_0p%B"~6[dF#"$H_RoD-> BKʬ>pЀZWʲ%6:?M}=}uTeUq &m2>8F!Sץ |t@-͕l]uJ?r nw`4SW ؓQG5NEjwɉmy9HH!Pnj=wJc"zr`[q0̂,|n98nvP_65~)M=GZ[ B7w'`]\{⩝{٩N߸)@R9ÅZtd3hϠEa"Z,o6ONn Ơ#:j?* V$! pfQ"{iL} %O0' 've%kNRI*|tPD!Ī5WRJپPQ8{BZ/.݅eI\h{1M2h&>31;QIA{,5QFcDb2C ^=)盆;2$ 9V1kRk7؝w<.͘dQO%EiHT1&b Bp2\\W#5*Z 4hj ՌLJ(i%-X Хrh.y-U!;HB~ry_gRḄIߛ)彧f1\` y 濡e@IF3J]ULu8 YI ˆ:C\~T6.iu~mPL\F8 JH3=`*}_&oK9V *j VKAùxrH+ }iRe3ApKTovp88;wm,u+}˻ڙ,CГ*0aH|# c]+NiVCI W>)h.NeorUA'8\1tS5cB1,(a tV FW j O)' 9LCłš- ݿn5X{-VvS5-E7yH)J0{ߟ*8Ww,ɟSUU7V6w;t:P4p^ɨnmK*U;5L{Qu #|uҧ09v3⿖e C~$Imᑓkj;-)vւ) .2uqW[g%WaF] E C1}̂H]\&a[X-ܯQ_Zs#kPaL14([h9^7GBvO )cW=t &nX|#M[iDÞ`~%^I-5M-5x @gѶ5ZEwKMJ,\~He 2_ީ~Q*ء@w[r_n 9BoZaQCdwGBBv W* F.A\>0x)iչRJ*b ) Y(Ƶ8ڇf/ҷA_>M ׼Zeƾ;U-uоJ"V|a`QV}l^h k; L#B'GKrKgP%kcxxċGc:cr|%;vBlN_3f@TȒ3U u兿yL @XMm#F_q\np[V. 'ŏ>3OAxnLE9ŀլ&aVYVtMHkx̷&2k~t,mzM¸P'Ʃ}.UrR/*ZT"ӾP؀ldCIɸ&. ^qd=υoQl}EBpWWSҿ ] q%=ܳgԁG=~JmPԳ8-xk#QU^eZF4wx zឪ> doN3&EAq DīJf]=%ǖuζ! %RE<;~>8c@?դaBvsk1i‘F!oړp2a@6jY ?Kѷ9 ypJ{5C*e~s fk@w>| Z]P*G{v4p.A xNpXRal|̖Kwe߸q[ux9eZĈoe{KaXS))8Hܪ "DF|ӢN󊳋 z -%ȸ21v=6#8H[z:cM}F kEzD!:7$fuekќ0RlZU\*8H0f6n7+WwJ?Dh|#gjh'da^O-WQ2a_$ȝta1 '}{$D}ϏUQW2ˤQZ@L7ά3L@۶9/qѱ -8tL=dI>=JvgDu|v4GAV)C./c[jL*\CpiEfq)=61)`feHa(v2 2 iU X.&|➿O.wm3ZZ;}U"n݋g,T|EU# y'-,a)n Mς4yW oʸVч^=ۘ~^! tLB[hzCz53RIFֲzxlO_, h1u1ۏw1"FlHGZMLmq%1Pkޮmv"N'b3FAޚԵM~>yn Gvvu >6RP5ɍ5'q\*3o(J*e!ɸ;$iYġ[f>bK L(ҁ\AXѱ*!~Eи2VbRAj2EZD.w6,e(%g0۳@CfH4M[aƧIӆҬDAULʐV)P,RquB,fOHLt"W 6o+U@d3kpY-Ep;]kL/&wى%ǩ`_`8QMz;g2l9T:qG:"\z:{Vn$Q᠝ujD=!F Ѣ]irb,s֎X%(Ƨ۲Z:bmK OrR~Q%1AĜc^]'Q_:5ȋ MWlC~Iks)7_{O,[cHSjO(MǔLL E@o%J)bnLl٣f&J=ɾ `_5jKcZ"E~Mǁ%h+٠Arfݘ˓ w.bD*bkVΙ=ڍ>C@b/Xz8ǹ2,ƻv Xxތ @T+ ٭N !1c-fb]M.*y Ac #Ő&>;䦶uY}|Ep;AP/Sܚժ5Tvnf& J'ioHt `ǭ|p˔2{L QbP<Χ .RU < Z]s_S{_@ 4HQ ;?fSr}"Q$L@|z+#ஜVjY%Cgۍ|lAEL[BV;t`mkJC]aј_`LSyp9U6ˠ[I }- 㱔$31EumSQMRIAh7VT}?P5}'Gcő;.` zWOY/AMͮ3Dt" Κ8lZ)xJ.t:󑵻wJ/ܚ[*IBW'w}ܴ!)ߊhÿ„蟇br-&Tb=#x"xU| ]Sm8Oh^nF_l+\t3W<=wbxC%k#+]p%[E bW̓) xwܬ}F՝[XPkA+p/q_4Xt-Y@J@o Z@iZ0bOD0^HַTc0{\DPGsS POrckpTl]ʯ?emXYWt$݉8rrحKtkHez# 6(޲V^(-plBUy+듃yY>ъV0>Au%!lc%y&8D_nF[YƧ|&a0+ͮ:;Hfk"m(,i\ELkEˌ1Z & JՏ\Y"@ 5HtG1{Zn~g8{1@^pGnUe袞|C"toD⋓zCȼ"?KAzQ#Jf4u{>ݍtu*@.@G@t0Ko2t{8"#:a>vQHUO=sNJ\GfhU1vmy]b*he;HQCK|JibZYn{Y+42JW=@Xvh^ RH; [=|­vYT}n pt"s).I)FꇚG#9 Ev`Oʇƾ Ts/ }{b+aOeq^V&y'ʸ.;ͩEmA>ip,*JJ|)2\zשuE|:1jb4O\e䕛a3uq̗87J0S!^P@ @~L!HU!Z3 9EW03ϧ/ǩHm[X`S>ji^,O, *2jV;{X 7F8xu y@CPV2q$ag@` =.g'k, @乲kۆIBk+\T CW~yXJ6 F?vˉr$0לH 5*L?KArxv `0@Ca$ps^sup HGeI[o0(AU-vn-PG iP5Ks88ȞˤB bX8]znD4&=WqY4b>+J޹K4oJr?~6lOfFIakVD5-)`|b;=䧅ֆvPI xJdU;N r: y!OiKQ{xc{j7:Fώ"DP@le"2p /1ز?pM-RG,yp;"79 }5*ܩ% ޽չѦ` sˋ0s"|$0iP}+n~WWg]$l+nχlXuA낢!RzS+^^zX1UB#ßpgjf܀WG$*E+{M'rpWl/a" g؋N=YqH;u/?!E# sQ1GN)gĹg?Y>m wRX?kLO>HlO u쥄`6+ny1a|ON F_|BR  Qwل霬ilYrk?{?7c!uA?z8D^ M"R,;( 0 t8)3O?кjLE43~̶7ҜƛOl$ UE!.f%H[p ."G8D]*哙Wru4oEE۳=fVґO|}ym䧎ZV2 P)qDp(< H?y3i1z@ ˬ iJǿҞ 9ċjM[ŽwGP -aRQ*ԙi38s{nE\t}\C5CРEWc$1)ʼy#:یE6Z`jW/սC6#~KntC2) ^Ǥ95Aw@NpUԦHFzŷsֵB00m j&~:u[:Kt?b᳂7!"W1DWM(͢GJ -F9 |Qۣuo_L)4ATMl9DcMMG}$R ܮe6%?͸]3b*q^GAh$NjkLN'PNap0!=@_uW,UqK?]ZN3!O[&3!w9MIUD]$ " "7W$gXAnTEW5>t.[%ӎ m .|~aL#wCėX'mϦ sHR9[.ˑ*Su(N\ARwA<#t:aϣA8fs\qRu?OtEmݴ|m3 %4@kmD{:J^/{"d1*gF95.+ɃY `X[P\Rp LBȰ+[G}<@r>(ĸI?tF#A8v$K,$1epQIKNhD5 N%Fwһ=V =d.K)XoMM )z>89pCt}$R {.H.N`w б4xF/(bWؔĶd9NcgB8M{;xφM"C¹x53G|?U?Dg1"l";pG|%Ǻ2~;Fc S<0cû9n*HRDbǀ(} 5FY:MSgف.oW뿦\UuU.RfPz>3PPι]M k\-Bdja'yꠤd6ӽ$ 3΍ (ALح!3}EFΊaό SZK.ô%ۊ١HXyrB+er6P}~>4ߗOo%PgG(C,>cpBq :l؏`/ xvuv1ܶ'P"dS]tsqÿdҟ19mK}'JsFdM:B\{p^LWeuWv0 @ƩPc!yg6!nt1xW'.yg.ҡG3?,U#z<@iT(bPp} PVTD$R,7 ))Z>*Z ;9W"2Qn r>niUFL5(. >~ү8"=r@<&-s7e;',rXr92>=؅ !hWK$L ?U$Z"(;ϣ|7T53OkYY`LR&0EDR%Ks /N81|>DdQ2]@5Lz)<+ЃZY5~2XPc՗ц b+76VVe~ǿ 3!& ^cV9fS%v|+T!-(M<\/9\c አ2M*''[zdo;みP3&}l.MqLzK+\'u6Uaao9td m6dE3AC^a&% `'\#d5&p+l8[Tp"j6mqYC`\fCh;I'k2F,AcY~8T0V4E?k*j}I9RgN& ovQdhge lNXdڎR\g_P;%+{+I2 @ڢW)h|Kଙ1@oih~bW!!@g6޿ +LĹ>itwS{,CݛKK C$x@RhS5⋺p:ágQPJ\Rۣ, [^]QƩB߹ӒCg O'.эc-{[nSa(ZO|& ݩì8dN\j9NBcir wA}`?&3f֨D ']Dh%_<4g? (2Ni Ԥ&'* ]%隉HPnDqv+'C9x 1! M׆wdtůy;Y%XŬD6=6ټ/ZLj+Uo]DͳM0q{d#;&=EaYFD7I@Ty:|+,J3Qlƞ4%zy.C; Q)5 4ϴM{p~K apAծ<7ǻ`m*kE9mCH;a9=yS4> e2٤J)R4 /ǵcX-;(2CNZΤ&c/ݒ !!>4&,ڬC| ":8MgLixIݴb\~~٤WPД_,62̫v߅gꝧ$?Е4X݉mV{M6$+zEeH a .fcLewܼ2w@<-)'xu,R5lcԍm5L!t^T~@}ns Wx#KM%@+aufVx,c濏T}V1?NUѱ6 eSt_ R7ZNs[3O ֿV=)K{.w )JEox?FBa$ <%S%yJ+^C~*}nQ wuR GRcV=L< Asij[X3Q+əy:R@\_L_C*k!5G_[`\1|8r&SᔘH+#'Ej\v_-!pSkX†Ϭp8;Q_g}RL&(8b0 6\ǔ% `-Ȃs . pR'Id!3%4{N&1GNwcI,1Ap|Hw:IQf\(ߪ C}T~\=T|֘#54!;nC^Q32ꚾ@qTVڲkĪeAC8~CTB .)XCbN .,fs\^ڻ~wE#'ߘnUkk.Ō#=2.}K~Mި 7(>:|(fMz;iO.U)%`sS/= ͺNZ5*>w. _]1nOz[a0ti.I' <g~] IKdrՈxQa[e{bP2K| f+a'>w8OQS(z2`EFKNOtkb$90[}g'O 7T1t6C'ʷgC7pjzI#O8њ2](q(L^ov{ JN"sx>5!V"יȱA ruU6Ck "BVEͧMgϾٕܢ|xl6rޏ(3)Q4:沉\ıuj폅<9@IK!W\1%Ş2c@} wKs\eu+ǵsu랟Qg#!|g:*MT1"<{̞+OPvASh_};g,|858썕4"Kcr:-sxu`Nx}1 s->N51"Eż| Pҳpf-A4:s9̲wvԹUF!6o>(eSI#?@C1⇸HvɎP?Gmל[H/,#)M~^"jʄ SWg$Za]C[lQ$.j2O$Aq^h5@T/$zqeGu2{xMraƧpzt.}0>W v\Zp1eFVRS&HEт! H +cݏ:gq@~ᗭeS ᵭ+sԀhhhX{)T쭣pg=(%1j[Mc+A{IQY$yIHwy bB) W:XhYX"V> :@?sC6ioJs7d)? ΀Ɗӆ/FMl(a7&@XQܧZwZ ( q[hצ lXTbhV^Nǩ6H|l)tal\fVTO;?bW)֖V^Q8Vp,A?*ZN9'֑oHf2ceHFXcHD%fFt/64%8<c%X-.S|8^??lFApAo{| J.ie+6O'_CK?8tcE^ȴ)=*/(2@sOfdp6Bjz # łjAL w =^Ar7VRACo닁 vT [L={]K`|/Y%ͯn1u6ha]a##3PC;4׿*\}it B1 &$- 1lҘ NM*X<*>7o`B){Iۂ?'agO,A1V'M>;f~2v$w%[mu=Ɇ=[1b3pmc1X",WUqAr?X)I(1/iDIN^ւUՙĩ?8%SBNrfCT] }B N:c 1\)fk}e7*qMHj#Tjz]vg6s8 ’f{s!+Vv.^ß*S@am#ff{T%ݣ $RwСѤ5;B|NgfBqG@2z.@xa2]< JÝ 0+1k(Tu!Dz@0sQaш j0ơ$׬THfטu  9K< <|vy4ԔcFk2L|{l)q\Ja9wSp*DgkW"s|''A3IgTZłm95x; 1:oY10 /j6)F-h`Fpj,>cyo f T 9^'xG5&Sy5Rd*p=ΌQufEB%@ALv36 jjm 4|ֳ7`*H$7ܭLL?'u],"6~9FR,!:<5hޯ'F%eay*1@AE; RB`;FԵI2%ALwH^ Nm$) S}`ȩOE߽8zR^cߋՔk{ʾ)*lggՓ_k^ iTڦ$nhkS/qGmlV!\ c?yp@ #y0m{+c-AõYnQ꒨5{ȵ*gV͈l~iKRܤ&vSH| YdL|qp18HR } XJ}-WcTF{ɼ%)F&Ry۹\gO$6/uC |mHPEtߕ|S 4דNǣRVlm$5U](AHԫ+)ŕ::`d뎧v-xN!r?Xz36>a7ݧ2LO\lk@E!$ bV3=ݩE#hl_Er G܃ Yp!z?vӆS*?Ơ(EI9:Qǝ-FKNKB̢,.έRv9+#ؓ5o#7['m'.*NIZ>uX>FShŽ۰$vÈ/jT0H\p>K:&̿=GJ Hs='A`B&atI>їdql(v t{`KRj `T\9Hx,qŷeoOت_g)GײǨ؏ ̰;Q*屮R-miMb%'9f|T`2мpd,͡~ab"g2lV͊@|qa(,5P*kk?I1[oڷ~鮆jmJJ:b .tb ̡̤~HzZfg(=n\r",I*Vd7C G;PMyH嬸)"Ne j,%HeJɯrA.eCdH(\p1_]?k,{~[%+%:^ pq*iQ3W,wp!8FoNa\eg|LhT M?I`p%06`t j#(ٰnػd~L;ʼꉞE!6<&>ty_&Eeb]>hDLnC; }L[%›]i@?寂6mv̳'+S`4o' t,"}`%zw{ -^f:2/6HJl[>Cױ\Mrn]7Lvj,L VǩaYtTu5v=USa\t06/N7xBgt?/F}Hx)۞RĊ M"[VɁΦ"r0MYcI!1e,7021zV J .CO}U(gJėoMDèF`٨&ڋ?hqr{ϼMRq_a/:#dvU$R}=}i<Jg?;{{!3=@NuJm0gkvl(JߴҜl KktG.0ؾ Y[Zr͛5|r$YcIZ&Ugז6QGፇ8DmZ@&$jMc[sr  Oғp $ٵ=$E kcзzG6+tbޔ.'#ƳIl>PK òo^ IjffK% N'5bxVƀwM\R;-j~J9eDԫYh:-%v% nl9zjZ~R䧾:hC,ͪwlXq^jR6fjA8kDZ-bJײ1銌oYaC2ʭ Aʀ*@Js jiN*ۦ['CJOorH -nm]C+Yđbًh:DSVp짓O5ے@P2p6pGM-oSpx.d< H|-襜KϪRthveu"f+i69-’5GOmBk%ܢ: vBrn]%WB*O$kT]j o72ӆZ `=<;.RYun.o3[>';%%ޅFCWO~2nI0aa oȐ!ƤFAzUG@>2Lm0r}.>gdV,TɑOkE-|OCg`/pASYKqzٝtC+fv̬>T(+6.d»BUy6gY3k3ȾkmclAM)aro7|qۑ[KʯHP# #ՕGD~ =Y_"WV'"˫z$o IJ@\m̪C;MXW4cRlȉ5y-IspDq{Gm^sgkp3N#RoLA @pcCLb*GٛS||m=٤%Pak;sSAvԧqWb\#v@U9kL.vJ0o=ҺӬ0+ÙZPO#iaRKqevX0 wh~c_.1:]HۖCo\s0cr( 0ZS_LM4}-I<ھa֟4fޖW^3gJdrpaZVzJn_}(U$Zp@@&mR=밲/~vbpݯT! t_TS,eCO6c_ED~-y{.0kTk4n2^ >/1'ߛ,jZx}{C<aԪRPS $⳴K4J%ߧx$mo!{وAJz9^"I!־YoRlk8&ގx 2>!P6?XD}Rw7wAW^+,orMCGf#-e]) ^ 4j0xuI0nAzO 'N $|D`Jfj?_OPp0]fügbe;|nć oxJӢ--<J0{_IQci|1s."}eEp'0?7ÖTfk|v̨0I; ?c-h Vi$&-*hzRyeAOu뭐"Ӗ@ǝ0Հrc%0O8#8t z# i@<Ҷc6P?͟'u#Ah>_o0;MjX/ G[ B /ʑ+ qO-Yil!|ג.ȡ3^ #Vt>L1M[1A+Fv1B)qt{g6F:0>b UE]qSMd2+BVw$vX=4)_l F)RD&o ]WGQJI0Hh` W#q:(WZ7F )KJmȠ x}f^,ABR_-o#J۪|) ߡ:*Lpߢb|1g`K*.>,BGB` h$?%YlMW!6x{җX cFwRIm[=OAՇv%F9_Je vyIR'][R?uJnLm 9qRcVX8oU%`*&@ȏTկn[$yhn mOf6GQuaDԃJHȭS9e:,q0hzX "Iyh{ʹ30|s@}t''f Ը%Wb[v Pzp+rVm&rP~&r Xw}ҶV܈pV?S.IXKh;^.MTec<LNZn8LE_N9F>ɜҗ3wsT˔Lh] ?dC0a1$;rc EW(B},4v '#pYXLXm`N Qi\Qכj} v 5=;JlUeu-߆ RlFn' ͹MHVu|ɐ:3bX&jDE`0q43r^/s] [#5$ҀaJx^*ZK ANIefGf`0 w@,iBf椣XͲr:plaәTE;, ds0LUz|hmGLq,kf6Ia((mm %}k+lJͷB)kqh!$Vf_bc,XL{vÍqXcnE,'g)-LʊSijx'7prz흷^:[U^1qώMh<V᥯cUKU|]R"K[W["L^h]q 'Q.u ,:WƠd igD1 e{~ `-L_Njt5KTtNnu-6nLְioLq&84_KJo7Mթ7GU<͌ǮX+?!X#~< x xJE!#6!W`#VOs I#FQ>[%T Z!", Hc_ xgh:bOBxb`;YXDʚ Z.^ N\+3%J J# ^GXL6q"u.欂|zttO|A%Z:xZfX x{vNp:!$?Lڶ 4[mᎦ{WA:/lKkrhDR L%,ۅUL/3S%Aty mc;.ݖ?.oz_I3D_PMxaL&axMrP&ھZvٙ!g8 *\FFyElЧ$'ѕzͅčs0cԘuYR0;}C?}Q2l6}( '=َH/I20_XLM\,;A2Z^+/+9:4HhM*ii[YNmFix5DeW~v KBwWRJFf):cF13+z+'u qˆBnS;3`n * Qk9ni@Ccp5 (($r9[^a/cX# mC>еP.@izop%lO̲ +`6bKJ$*Mpe:jMjgKt >7kvtd~ΆBR}\%&fcMQbҒt &9dT{"cJ*_ ԄpAs_R W3agZ %UGRӓ1IKUKҒ^`ezr]Hv,A{%`=5 {^^mbRwDA/<:I$ .Balt1a!| +._#0ɚ vucZI|KU7j[.2VZLN3tfzxfcvFnotwׇwæ@3Q-$軃~{ P1`BNJ&w^ 'p~ "Q$&1-O׈k;C)lPT:G#9seXQs,J;¤(YB _w4- 8lI= r[)&0z偗{`c}.6rM7^E%ƴNv _IVìq9_dMX.!Z&5'ih휼u%Ta65̛ LkULGH8p!]/Ni4oaA7'vT)Dg]bDZ~o3"X$3y/3;8ĔM2a&R", fQ< b=Tqe9aӮw Ls诞6#ˑ2Qاbd\nܞY.ˮ2Eq6R }j@ڒ/(#:T/rNԡ+⠙B_"xMM~2 yRg]U+yJDwV{ƌ+v)پXa7UnF`9OQHz2&,>vudCC: 87'(%RZ쫼\qt[4qSM@ԼVw&3"[쬺94sLz֧Y#f,@U|-$]իhfݱe #z<>ϿF_HՒtOZlߺ& LqN*)[zXh{?~J8T,?Z+QFd@2vJBXK{khbFNir9 j&f0Z/.Q#eD@pF•ת(iHwlz/;ѿ+ƖdC,aٵb(%csK5I$S[򂽔ON⍗^Hiөtly'DU`7u}2 %ⱗ\g ݰU.ûo݂@Rƍ>d]hwX=9i3<2GUܭy"7P_[jr\<<炯U~D0S?l=χ-Z@4SsFQ + M WB2F74[Րп;4D˭^[*jq^(x2aDOeQ}fUu;`Ըz =2B5ΕPĬCrn~Bd^{ ?PͬہCӎO>39&mРqq٦^ (_vs/GkFϒqsNZ=b=~D,81˾7$9y$~xRJ'SQn]Xo{G]=O[>u@f.la3Q:LӸEwCgS4Y/hicYTRVzd="jUFY4RRt7D[S€r4 l"SHvq X@AqaNc|֟|m,KAc(mװ}E:ݼ_ONee!(=scc9,\.+(WVkVxAy AcK>gaߕ%hNEhZ^ k^HL jMCTDIL̕!(G~/ެ@0 :(]Pa<2UX Tyy~iU\]94v1OBjƶj+"؊^klEpb.x6H"x-Z_?L3t&'G_,:pжP L9SECHC{Vq48`p\Krxh Nd2B2ح (u>HAPUA7t\Ϻ>R-ꏛ}ј4)cp2SK[GN5$~,?,nx`ܐ:$eVHτVM[s*Lp{Jh5[ Ɔ(χP%P/'@/l 2]Me()ՊcN$TA5°8wSO}T* 6LU"=b=R S2QˇG)A\"tȎ ~8ITk]%**&]QPAxysZc \қ)פk`pX[rͬmW;`!I TuֻaHpb*[aOj[o[C$jpK^ݶb0 PEձ;v.8Z!kCA`\ hnq9Q {j'/Yͅ쬈>]2V* _rv#j*~2f}M)GV cJ"eX쓱ʺw$*?uOߡ*2Ԣ#BucmсFbSB յ`_ X~ x(mYIlL=Eqᕆ' l4^̳yd4ss^WwmV\Ko;Q582lз ^ ̡HltݷuJER̳13Sح$ͭ[_< :)xګTXM  RIcgdQo C5U78~YspsPjaV'-D9/?xv=;iBd:t5~o{.ߐ_(KF 荲Ndk!aW{GzZ_S3n_1^ ƭ5=$E.nToD[iNJ'b?f?AcԋUEǎې9LE(SV;-W?ڙYϮ@ ҙ#FX)h1sZ>q'!֫0xrع1Q۷r£#ϡekƐA-}+@UrS.ۮ:%(aShkFRK[)ܓbj `<Kaȁ7ܹT>gj[5>GaFf@ -5p憢=0_١M zn6&.b8c-ʂ{,O:7X|/wJHR"eDEJ=OзK8︬wy̯"0Zw7#P6ꕝMƢ?iR (!ukfe!D*e(&C4ҚVB) eܧm`}IHނicErQ;3N DE C&k^w 5 LcPbPկJ923h~jBq2eQA|9nA|Jro{rdL f@Ĭ c3+P{z9&HӬzT8L!)ڑ|LOx4~Qw.w&`O  x{@$9JIrz`){"}e•L7شݻo+uT%zpAѲ.}EqK[+ E~.qu~uIHF1~S8]i7w??:p$J5N4Ӵ6kvM3JE`TGOqe@*dM`(w>3aB2yTX'Ϻi +iXy;f>p -0=`r< !J bRY4 M[L=}#7ZJn-΀WCY[UF$$Gpi?Ψ(x'9ŷ$Fm[⵰qn yYIO0٥X !#ȧ @16@н}`Ý\M(z 0SEb;Ne'*$/>?s5]dAm/2<+-վE)x@pa\6d?l`2i9(-ygm@1?VۃW߫YŰ!k`(i4d|_x-qQ !GiN^3SQ$ 'Dw`{EsuL9rM\L`-'+Tw |?y-֮O|A5ك]0JARWP֚aQWJiP ϗX(Ъ֛Z}Q_$(s p? PF"Z v5q{E;y!.ph/kX*!_I -,:S-(EbJs"MaIHaտvu;6 ;{{=STQ򐬡e Gdm3>Zd;UɍLe|~MqVu@h@dnlU@.Ɇs(=Xo5^T9Q'ryMb_F~Tԁx v,L& {&Wtsr#!T[Wx+u1UR PjV=vƞQf+զʀ'sz\z&Y̦r@ŵR8c/yuc[ttUgZϧEPq{ZaG&2a6K=M7Vk7D h)q(sbWqv @Ǣ3?7 #YH0{9͘0|fd?Ţ?$v>]bb5hN=?$;+V;w} Vy_:rnWj30FcTȚaCEv6eۥypy6*^M6~#ym`}k8WJ=a5:U ?%hڥPQ6QYa a.zŊuXIH\!`oZEڼ `^veX; M\~N%qے*4k[&PFܯ2]wTTi>3Ce5Zwz [s!_$e쉢gNa$ J,7<啞&m*[b"*~Һ4f/c׌FA#,8z<5裋#Q\B$RJi%NuqEF(ŕ?d% NXeu "I}Qz-֊*JcE;@kH m2mX-֦M5=\p@=QYs.x|7mwC)^ q,4qz=.W()X (U>& кY[}`^1g'@S3(7)pB`tw 8<x5Az|iXH۲ c(SȝD{I!1+Ƚ_ PS{͸WΓ]/]]]vv^qZ.K?JˮecsDs60F Ɩ?5ӏv55f$t:pkb,A;S|=!UV'mU־=??FXR.X;ƵS*Uz]2OPT6ɕv ;eA\(@ercbB' ݄ 9m/"j *r-LƩV Ih*)'St⁜E=w ?ב_PD[ey_LىNήiȌdhP:E|Oq9@C}ۋhMZgAiw7J ) C5\:cE=uE,O\_y>= =L^%3^ I#oR ˨J 2]TN+u#TbY3nY&qwPjcD)ez; !T4Þjsmʇx>$h&MV 2Xk^!FS(ttً.<Jl9aSo/X2;n>j~~ Yc`=DUw[Q&w܃Z-__!P{1fұW駝{ee'XGͲwn_:vu_C>۠/e5Byl8Tbz.ݳGvfq=/@^^τK,FEi0N:I/HgXO X#;%ڨ#s `!S7xf2D,F.$B-rG~s"} QF~s~}up84};Y_n.:k2I)\i~dR )!^ |X=}mg&fsU4|tꊘj ѐ홹 fk YZ