nss-util-3.67.0-6.el8_4 >  A `WU]EzCE硪˜85v9_ט{|UߝG0m qG 6E(@v(ҵLئ[- ̅ҮM j i I:`im fR@݈ܕ~ٿkjisAHJ v^ֲ'eS,fpYtzwMoN}p_]ײ؂SM%f!fbiG耢ٹcjLvGP%ō:옽 {s8f?XTfz;2-2;yl;us'9_[C!ύ^jH3`?jF)@+Lv!R?X,Ƚg(t{$ -5ʽǠ<4@Fߨ9d&nP`66 x qXU\ލzD(2u1ǞT$-ƮTrj sP*r"Ofq~"2%b[ŌԖu+&XhO%5)#,5poHGs`qK6?X <;])KZq 4 F-$[Iķ \Wf5A7#s5}M ౜sa(>p<H?8d   F "(0H T ` x  (@^|,d(89 l:[GlHIXY\ ]8^bd?eDfGlItdu|vwPxhy4Cnss-util3.67.06.el8_4Network Security Services Utilities LibraryUtilities for Network Security Services and the Softoken module`ppc64le-01.mbox.centos.org]$CentOSCentOSMPLv2.0CentOS Buildsys Unspecifiedhttp://www.mozilla.org/projects/security/pki/nss/linuxppc64le$pFAAA큤````J``b9136ddedffa31b5c00c4fb7eeb2a0bff877579dbfa7a91255cea0a3d00eaeb1a20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4../../../../usr/lib64/libnssutil3.sorootrootrootrootrootrootrootrootrootrootrootrootnss-3.67.0-6.el8_4.src.rpmlibnssutil3.so()(64bit)libnssutil3.so(NSSUTIL_3.12)(64bit)libnssutil3.so(NSSUTIL_3.12.3)(64bit)libnssutil3.so(NSSUTIL_3.12.5)(64bit)libnssutil3.so(NSSUTIL_3.12.7)(64bit)libnssutil3.so(NSSUTIL_3.13)(64bit)libnssutil3.so(NSSUTIL_3.14)(64bit)libnssutil3.so(NSSUTIL_3.15)(64bit)libnssutil3.so(NSSUTIL_3.17.1)(64bit)libnssutil3.so(NSSUTIL_3.21)(64bit)libnssutil3.so(NSSUTIL_3.24)(64bit)libnssutil3.so(NSSUTIL_3.25)(64bit)libnssutil3.so(NSSUTIL_3.31)(64bit)libnssutil3.so(NSSUTIL_3.33)(64bit)libnssutil3.so(NSSUTIL_3.38)(64bit)libnssutil3.so(NSSUTIL_3.39)(64bit)libnssutil3.so(NSSUTIL_3.59)(64bit)nss-utilnss-util(ppc-64)@@@@@@@@     @libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libdl.so.2()(64bit)libnspr4.so()(64bit)libplc4.so()(64bit)libplds4.so()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.17)(64bit)nsprrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)4.25.03.0.4-14.6.0-14.0-15.2-14.14.3`E`ݮ@` @`ٹ`̊`9@`Ȗ@`D`r_@_^@___@__"@_"@_"@_!d_@_ L_ _@^^@@^@^ۅ@^4]N@]]߶]e@]M@]µ]L]]^@\F@\Q\\\\\\@\I\I\U@\ `\l@[[[u[#@[[W[O+[M@[ZZw@Z|;Zo Zo Zg#Z ZZZ@Y+@Y{YY@Yn@YV@Y@YyYm@Yg`YJ_Y1S@XX@XX @XXYX@X@XX~@Xx@XoX>@X*X@WW@Wt@W~Wv[@WrfWoWm WbWQq@WPWJWDB@W4p@W@Wo@W@VV޾V޾V@VяVIVɦV@V@V=@V@V@VO @VHsVEV3[V UYU@UU@U@U>Ua@Ug@U[%UUU @T@Ts@TTء@T@TÉ@TT@T@T?@T:m@T"@S@S<@S@S@S @SSSSpShS(5@S@SRy@RJ@R@RR@RSRR@Rm@Rg@RD!R@RRR|Q@Q*@QQ@QKQ@QQW@Qw@Q]k@QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.67.0-6Bob Relyea - 3.67.0-5Bob Relyea - 3.67.0-4Bob Relyea - 3.67.0-3Bob Relyea - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1.1Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-17Bob Relyea - 3.53.1-16Bob Relyea - 3.53.1-15Bob Relyea - 3.53.1-14Bob Relyea - 3.53.1-13Bob Relyea - 3.53.1-12Bob Relyea - 3.53.1-11Bob Relyea - 3.53.1-10Daiki Ueno - 3.53.1-9Daiki Ueno - 3.53.1-8Bob Relyea - 3.53.1-7Daiki Ueno - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Daiki Ueno - 3.53.0-1Bob Relyea - 3.44.0-15Bob Relyea - 3.44.0-14Bob Relyea - 3.44.0-13Daiki Ueno - 3.44.0-12Bob Relyea - 3.44.0-11Daiki Ueno - 3.44.0-10Bob Relyea - 3.44.0-9Bob Relyea - 3.44.0-8Daiki Ueno - 3.44.0-7Daiki Ueno - 3.44.0-6Daiki Ueno - 3.44.0-5Bob Relyea - 3.44.0-4.1Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Bob Relyea - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.41.0-5Bob Relyea - 3.41.0-4Daiki Ueno - 3.41.0-3Daiki Ueno - 3.41.0-2Daiki Ueno - 3.41.0-1Daiki Ueno - 3.39.0-1.5Bob Relyea - 3.39.0-1.4Daiki Ueno - 3.39.0-1.3Daiki Ueno - 3.39.0-1.2Daiki Ueno - 3.39.0-1.1Daiki Ueno - 3.39.0-1.0Daiki Ueno - 3.38.0-1.2Daiki Ueno - 3.38.0-1.1Daiki Ueno - 3.38.0-1.0Kai Engert - 3.36.1-1.2Daiki Ueno - 3.36.1-1.1Daiki Ueno - 3.36.1-1.0Daiki Ueno - 3.36.0-1.0Fedora Release Engineering - 3.35.0-5Kai Engert - 3.35.0-4Kai Engert - 3.35.0-3Daiki Ueno - 3.35.0-2Daiki Ueno - 3.34.0-2Daiki Ueno - 3.33.0-6Kai Engert - 3.33.0-5Kai Engert - 3.33.0-4Kai Engert - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.32.1-2Daiki Ueno - 3.32.0-4Kai Engert - 3.32.0-3Daiki Ueno - 3.32.0-2Fedora Release Engineering - 3.31.0-6Fedora Release Engineering - 3.31.0-5Daiki Ueno - 3.31.0-4Daiki Ueno - 3.31.0-3Daiki Ueno - 3.31.0-2Daiki Ueno - 3.30.2-3Daiki Ueno - 3.30.2-2Kai Engert - 3.30.0-3Daiki Ueno - 3.30.0-2Kai Engert - 3.29.1-3Daiki Ueno - 3.29.1-2Daiki Ueno - 3.29.0-3Daiki Ueno - 3.29.0-2Daiki Ueno - 3.28.1-6Daiki Ueno - 3.28.1-5Daiki Ueno - 3.28.1-4Daiki Ueno - 3.28.1-3Daiki Ueno - 3.28.1-2Daiki Ueno - 3.27.2-2Daiki Ueno - 3.27.0-5Kai Engert - 3.27.0-4Daiki Ueno - 3.27.0-3Daiki Ueno - 3.27.0-2Daiki Ueno - 3.26.0-2Elio Maldonado - 3.25.0-6Elio Maldonado - 3.25.0-5Elio Maldonado - 3.25.0-4Elio Maldonado - 3.25.0-3Elio Maldonado - 3.25.0-2Kamil Dudka - 3.24.0-3Elio Maldonado - 3.24.0-2.3Elio Maldonado - 3.24.0-2.2Elio Maldonado - 3.24.0-2.1Elio Maldonado - 3.24.0-2.0Elio Maldonado - 3.23.0-9Elio Maldonado - 3.23.0-8Elio Maldonado - 3.23.0-7Elio Maldonado - 3.23.0-6Elio Maldonado - 3.23.0-5Elio Maldonado - 3.23.0-4Elio Maldonado - 3.23.0-3Elio Maldonado - 3.23.0-2Elio Maldonado - 3.22.2-2Elio Maldonado - 3.22.1-3Elio Maldonado - 3.22.1-1Elio Maldonado - 3.22.0-3Elio Maldonado - 3.22.0-2Fedora Release Engineering - 3.21.0-7Elio Maldonado - 3.21.0-6Michal Toman - 3.21.0-5Elio Maldonado - 3.21.0-4Elio Maldonado - 3.21.0-3Elio Maldonado Batiz - 3.21.1-2Elio Maldonado - 3.20.1-2Elio Maldonado - 3.20.0-6Elio Maldonado - 3.20.0-5Elio Maldonado - 3.20.0-4Elio Maldonado - 3.20.0-3Elio Maldonado - 3.20.0-2Elio Maldonado - 3.19.3-2Elio Maldonado - 3.19.2-3Kai Engert - 3.19.2-2Kai Engert - 3.19.1-2Kai Engert - 3.19.0-2Kai Engert - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.17.4-5Till Maas - 3.17.4-4Elio Maldonado - 3.17.4-3Elio Maldonado - 3.17.4-2Elio Maldonado - 3.17.4-1Ville Skyttä - 3.17.3-4Elio Maldonado - 3.17.3-3Elio Maldonado - 3.17.3-2Elio Maldonado - 3.17.3-1Elio Maldonado - 3.17.2-2Elio Maldonado - 3.17.2-1Kai Engert - 3.17.1-1Kevin Fenzi - 3.17.0-2Elio Maldonado - 3.17.0-1Fedora Release Engineering - 3.16.2-4Elio Maldonado - 3.16.2-3Tom Callaway - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.16.1-4Fedora Release Engineering - 3.16.1-3Jaromir Capik - 3.16.1-2Elio Maldonado - 3.16.1-1Elio Maldonado - 3.16.0-1Elio Maldonado - 3.15.5-2Elio Maldonado - 3.15.5-1Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Peter Robinson 3.15.4-2Elio Maldonado - 3.15.4-1Elio Maldonado - 3.15.3.1-1Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-7Elio Maldonado - 3.15.1-6Elio Maldonado - 3.15.1-5Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-1Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.15-0.1.beta1.2Elio Maldonado - 3.15-0.1.beta1.1Kai Engert - 3.14.3-12Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- Fix ssl alert issue- Fix issue with reading databases that were updated using unpatched versions of nss- Better fix for the sdb timeout. The issue wasn't a race, it was the sqlite timeout waiting to begin a transaction under heavy thread usage.- Fix sdb race condition- Fix coverity issues- Rebase to NSS 3.67- Restore old pkcs12 defaults.- build nss for older nspr so we can pass gating with the new nspr in the build root- Rebase to NSS 3.66- Fix various corner cases with ike v1 app b support.- Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC.- Revert some policy changes the generate ABI runtime issues.- Add support for enable/disable in policy. Now if your policy file has disallow=x enable=y it will act just like our other libraries.- Add OAEP interface so applications can wrap keys with RSA-OAEP rather than RSA-PKCS-1.- fips need to reject small primes even if they are approved - code to autodetect whether or not to use the cache needs to do so in a way that doesn't mess with filesystem negative file caching. - add kdf selftests- Fix issue with upgradedb where upgradedb expects standard to generate dbm databases, not sql databases (default in RHEL8)- Disable dh timing test because it's unreliable on s390- Explicitly enable upgradedb/sharedb test cycles- Disable Delegated Credentials for TLS- Fix attribute decryption issue where the private key components integrity check on private attributes where not being checked.- Update nss-rsa-pkcs1-sigalgs.patch to the upstream version- Include required checks for dh and ecdh key generation in FIPS mode.- Add better checks for dh derive operations in FIPS mode.- Disable NSS_HASH_ALG_SUPPORT as well for MD5 (#1849938) - Adjust for update-crypto-policies packaging change (#1848649) - Fix compilation with -Werror=strict-prototypes (#1843417)- Fix regression in MD5 disablement (#1849938) - Include rsa_pkcs1_* in signature_algorithms extension (#1847945)- Update to NSS 3.53.1- Update to NSS 3.53- Fix swapped CMAC PKCS #11 values. - Fix data alignment crash in CMAC.- Fix coverify scan issue- Fix endian problem in SP-800 108 code.- Install cmac.h required by blapi.h (#1764513) - Fix out-of-bounds write in NSC_EncryptUpdate (#1775913)- Add SP-800 108 Generalized kdf- Check policy against hash algorithms used for ServerKeyExchange (#1730039)- Add CMAC- CKM_NSS_IKE1_APP_B_PRF_DERIVE was missing from the mechanism list, preventing PK11_Derive*() from using it. Add gtests for the PK11_Derive interface for all the CKM_NSS_IKE*_DERIVE mechanism.- Backport fixes from 3.44.1- Add continuous RNG test required by FIPS - fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor specific mechanism- Rebuild with the correct build target- rebuild to try to retrigger CI tests- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set - Revert the change to use XDG basedirs (mozilla#818686)- Add ike mechanisms in softokn - Add FIPS checks in softoken- Update to NSS 3.44 - Define NSS_SEED_ONLY_DEV_URANDOM=1 to exclusively use getentropy - Use %autosetup - Clean up manual pages generation - Clean up %check - Remove prelink dependency, which is not available in RHEL-8 - Remove upstreamed patches- Update manual pages to reflect recent changes in commands- Make sure corresponding public keys are created when importing private keys.- Fix the last change - Add --no-reload option to update-crypto-policies to avoid unnecessary restart of daemons- Restore LDFLAGS injection when linking DSO- Update to NSS 3.41 - Consolidate nss-util, nss-softokn, and nss into a single source package- Fix the last commit- Support for IKE/IPsec typical PKIX usage so libreswan can use nss without rejecting certs based on EKU- Backport upstream fixes for rhbz#1649026, rhbz#1608895, rhbz#1644854 - Document PKCS #11 URI - Add warning when adding module with modutil while p11-kit is enabled- Update nss-dsa.patch to not advertise DSA signature algorithm - Update PayPal test certs for testing- Backport "DSA" keyword in crypto-policies- Update to NSS 3.39- Fix LDFLAGS injection when linking DSO- Install crypto-policies configuration file for https://fedoraproject.org/wiki/Changes/NSSLoadP11KitModules - Port enable-fips-when-system-is-in-fips-mode.patch from RHEL-7 - Use %ldconfig_scriptlets - Remove needless use of %defattr, by Jason Tibbitts- Update to NSS 3.38- Backport upstream addition of nss-policy-check utility, rhbz#1428746, includes required fixes for mozbz#1296263 and mozbz#1474875- Switch the default DB type to SQL - Enable SSLKEYLOGFILE- Update to NSS 3.36.1 - Remove nss-3.14.0.0-disble-ocsp-test.patch - Fix partial injection of LDFLAGS - Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream- Update to NSS 3.36.0 - Add gcc-c++ to BuildRequires (C++ is needed for gtests) - Make test failure detection robuster- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Fix a compiler error with gcc 8, mozbz#1434070 - Set NSS_FORCE_FIPS=1 at %build time, and remove from %check.- Stop pulling in nss-pem automatically, packages that need it should depend on it, rhbz#1539401- Update to NSS 3.35.0- Update to NSS 3.34.0- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka- Fix test script- Update tests to be compatible with default NSS DB changed to sql (the default was changed in the nss-util package).- rhbz#1505487, backport upstream fixes required for rhbz#1496560- Update to NSS 3.33.0- Update to NSS 3.32.1- Update iquote.patch to really prefer in-tree headers over system headers- NSS libnssckbi.so has already been obsoleted by p11-kit-trust, rhbz#1484449- Update to NSS 3.32.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- Backport mozbz#1381784 to avoid deadlock in dnf- Move signtool to %_libdir/nss/unsupported-tools, for: https://fedoraproject.org/wiki/Changes/NSSSigntoolDeprecation- Rebase to NSS 3.31.0- Enable gtests- Rebase to NSS 3.30.2 - Enable TLS 1.3- Backport upstream mozbz#1328318 to support crypto policy FUTURE.- Rebase to NSS 3.30.0 - Remove upstreamed patches- Backport mozbz#1334976 and mozbz#1336487.- Rebase to NSS 3.29.1- Disable TLS 1.3, following the upstream change- Rebase to NSS 3.29.0 - Suppress -Werror=int-in-bool-context warnings with GCC7- Work around pkgconfig -> pkgconf transition issue (releng#6597)- Disable TLS 1.3 - Add "Conflicts" with packages using older Mozilla codebase, which is not compatible with NSS 3.28.1 - Remove NSS_ECC_MORE_THAN_SUITE_B setting, as it was removed in upstream- Add "Conflicts" with older firefox packages which don't have support for smaller curves added in NSS 3.28.1- Fix incorrect version specification in %nss_{util,softokn}_version, pointed by Elio Maldonado- Rebase to NSS 3.28.1 - Remove upstreamed patch for disabling RSA-PSS - Re-enable TLS 1.3- Rebase to NSS 3.27.2- Revert the previous fix for RSA-PSS and use the upstream fix instead- Disable the use of RSA-PSS with SSL/TLS. #1383809- Disable TLS 1.3 for now, to avoid reported regression with TLS to version intolerant servers- Rebase to NSS 3.27.0 - Remove upstreamed ectest patch- Rebase to NSS 3.26.0 - Update check policy file patch to better match what was upstreamed - Remove conditionally ignore system policy patch as it has been upstreamed - Skip ectest as well as ecperf, which are built as part of nss-softokn - Fix rpmlint error regarding %define usage- Incorporate some changes requested in upstream review and commited upstream (#1157720)- Add support for conditionally ignoring the system policy (#1157720) - Remove unneeded test scripts patches in order to run more tests - Remove unneeded test data modifications from the spec file- Remove obsolete patch and spurious lines from the spec file (#1347336)- Cleanup spec file and patches and add references to bugs filed upstream- Rebase to nss 3.25- decouple nss-pem from the nss package (#1347336)- Apply the patch that was last introduced - Renumber and reorder some of the patches - Resolves: Bug 1342158- Allow application requests to disable SSL v2 to succeed - Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails- Rebase to NSS 3.24.0 - Restore setting the policy file location - Make ssl tests scripts aware of policy - Ajust tests data expected result for policy- Bootstrap build to rebase to NSS 3.24.0 - Temporarily not setting the policy file location- Change POLICY_FILE to "nss.config"- Change POLICY_FILE to "nss.cfg"- Change the POLICY_PATH to "/etc/crypto-policies/back-ends" - Regenerate the check policy patch with hg to provide more context- Fix typo in the last %changelog entry- Load policy file if /etc/pki/nssdb/policy.cfg exists - Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy- Remove unused patch rendered obsolete by pem update- Update pem sources to latest from nss-pem upstream - Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key- Rebase to NSS 3.23- Rebase to NSS 3.22.2- Fix ssl2/exp test disabling to run all the required tests- Rebase to NSS 3.22.1- Update .gitignore as part of updating to nss 3.22- Update to NSS 3.22- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Resolves: Bug 1299040 - Enable ssl_gtests upstream test suite - Remove 'export NSS_DISABLE_GTESTS=1' go ssl_gtests are built - Use %define when specifying the nss_tests to run- Add 64-bit MIPS to multilib arches- Update %{nss_util_version} and %{nss_softokn_version} to 3.21.0 - Resolves: Bug 1284095 - all https fails with sec_error_no_token- Add references to bugs filed upstream- Update to NSS 3.21 - Package listsuites as part of the unsupported tools set - Resolves: Bug 1279912 - nss-3.21 is available - Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit - Resolves: Bug 1280032 - Package listsuites as part of the nss unsupported tools set- Update to NSS 3.20.1- Enable ECC cipher-suites by default [hrbz#1185708] - Split the enabling patch in two for easier maintenance - Remove unused patches rendered obsolete by prior rebase- Enable ECC cipher-suites by default [hrbz#1185708] - Implement corrections requested in code review- Enable ECC cipher-suites by default [hrbz#1185708]- Fix patches that disable ssl2 and export cipher suites support - Fix libssl patch that disable ssl2 & export cipher suites to not disable RSA_WITH_NULL ciphers - Fix syntax errors in patch to skip ssl2 and export cipher suite tests - Turn ssl2 off by default in the tstclnt tool - Disable ssl stress tests containing TLS RC4 128 with MD5- Update to NSS 3.20- Update to NSS 3.19.3- Create on the fly versions of sslcov.txt and sslstress.txt that disable tests for SSL2 and EXPORT ciphers- Update to NSS 3.19.2- Update to NSS 3.19.1- Update to NSS 3.19- Replace expired test certificates, upstream bug 1151037- Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available- Disable export suites and SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code- Commented out the export NSS_NO_SSL2=1 line to not disable ssl2 - Backing out from disabling ssl2 until the patches are fixed- Disable SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Update to nss-3.17.4- Own the %{_datadir}/doc/nss-tools dir- Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic- Install pp man page in alternative location - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer- Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available- Resolves: Bug 994599 - Enable TLS 1.2 by default- Update to nss-3.17.2- Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work- Rebuild for rpm bug 1131960- Update to nss-3.17.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Replace expired PayPal test cert with current one to prevent build failure- fix license handling- Update to nss-3.16.2- Remove unwanted source directories at end of %prep so it truly does it - Skip the cipher suite already run as part of the nss-softokn build- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Replacing ppc64 and ppc64le with the power64 macro - Related: Bug 1052545 - Trivial change for ppc64le in nss spec- Update to nss-3.16.1 - Update the iquote patch on account of the rebase - Improve error detection in the %section - Resolves: Bug 1094702 - nss-3.16.1 is available- Update to nss-3.16.0 - Cleanup the copying of the tools man pages - Update the iquote.patch on account of the rebase- Restore requiring nss_softokn_version >= 3.15.5- Update to nss-3.15.5 - Temporarily requiring only nss_softokn_version >= 3.15.4 - Fix location of sharedb files and their manpages - Move cert9.db, key4.db, and pkcs11.txt to the main package - Move nss-sysinit manpages tar archives to the main package - Resolves: Bug 1066877 - nss-3.15.5 is available - Resolves: Bug 1067091 - Move sharedb files to the %files section- Revert previous change that moved some sysinit manpages - Restore nss-sysinit manpages tar archives to %files sysinit - Removing spurious wildcard entry was the only change needed- Add explanatory comments for iquote.patch as was done on f20- Update pem sources to latest from nss-pem upstream - Pick up pem fixes verified on RHEL and applied upstream - Fix a problem where same files in two rpms created rpm conflict - Move some nss-sysinit manpages tar archives to the %files the - All man pages are listed by name so there shouldn't be wildcard inclusion - Add support for ppc64le, Resolves: Bug 1052545- ARM tests pass so remove ARM conditional- Update to nss-3.15.4 (hg tag NSS_3_15_4_RTM) - Resolves: Bug 1049229 - nss-3.15.4 is available - Update pem sources to latest from the interim upstream for pem - Remove no longer needed patches - Update pem/rsawrapr.c patch on account of upstream changes to freebl/softoken - Update iquote.patch on account of upstream changes- Update to nss-3.15.3.1 (hg tag NSS_3_15_3_1_RTM) - Resolves: Bug 1040282 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) - Resolves: Bug 1040192 - nss-3.15.3.1 is available- Bump the release tag- Update to NSS_3_15_3_RTM - Resolves: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws - Fix option descriptions for setup-nsssysinit manpage - Fix man page of nss-sysinit wrong path and other flaws - Document email option for certutil manpage - Remove unused patches- Revert one change from last commit to preserve full nss pluggable ecc supprt [1019245]- Use the full sources from upstream - Bug 1019245 - ECDHE in openssl available -> NSS needs too for Firefox/Thunderbird- Update to NSS_3_15_2_RTM - Update iquote.patch on account of modified prototype on cert.h installed by nss-devel- Update pem sources to pick up a patch applied upstream which a faulty merge had missed - The pem module should not require unique file basenames- Update pem sources to the latest from interim upstream- Resolves: rhbz#996639 - Minor bugs in nss man pages - Fix some typos and improve description and see also sections- Cleanup spec file to address most rpmlint errors and warnings - Using double percent symbols to fix macro-in-comment warnings - Ignore unversioned-explicit-provides nss-system-init per spec comments - Ignore invalid-url Source0 as it comes from the git lookaside cache - Ignore invalid-url Source12 as it comes from the git lookaside cache- Add man page for pkcs11.txt configuration file and cert and key databases - Resolves: rhbz#985114 - Provide man pages for the nss configuration files- Fix errors in the man pages - Resolves: rhbz#984106 - Add missing option descriptions to man pages for {cert|cms|crl}util - Resolves: rhbz#982856 - Fix path to script in man page for nss-sysinit- Update to NSS_3_15_1_RTM - Enable the iquote.patch to access newly introduced types- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Fix incorrect path that hid failed test from view - Add ocsp to the test suites to run but ... - Temporarily disable the ocsp stapling tests - Do not treat failed attempts at ssl pkcs11 bypass as fatal errors- Update to NSS_3_15_BETA1 - Update spec file, patches, and helper scripts on account of a shallower source tree- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build3.67.0-6.el8_43.67.0-6.el8_4.build-idbf0fea2436f5e374ae918d4e1d4520e59f450534libnssutil3.sonss-utilCOPYING/usr/lib//usr/lib/.build-id//usr/lib/.build-id/bf//usr/lib64//usr/share/licenses//usr/share/licenses/nss-util/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mcpu=power8 -mtune=power8 -funwind-tables -fstack-clash-protectioncpioxz2ppc64le-redhat-linux-gnudirectoryELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, BuildID[sha1]=bf0fea2436f5e374ae918d4e1d4520e59f450534, strippedASCII textPPPPPPPPP P P P P PPPPRRRRRRRRR utf-8d926aff61a1bffe104ccf1aaa69483e88988f794a24a2b99ed272de916f712dc?@7zXZ !#,] b2u jӫ`(y,yO8Ʊ_Ti̋Ù^؋T}z`jk'tw)b0 ,NyAUi hSEug"-mVAR 3ȬMc[aeͣ)[_M`k^^ZZܶzL} ]P mk+W-gI,,l0R =`+Ep~a|u &VK ̓oQ^_y5eWehkȈ-+H1Xz84J я >0~dq:UhX;@8kH>roxF& #"V@f7κ1 2g@g'iu |]L)䰐Ũ0\s&q3X#j+PN;:}} pT풼u81]̟eQoH5{=e} n2)IP$8e _-!y*'ȿAzj "F T32h *ÌڈZˆϒ.-;И@tvOflQͼ\i-. IOHpB 2LLIS9]KRБ1d1 ̭w6EGܓsm%z["`/ >xe͵AC@~,E2ΩGMM <î7ai2)!t*`\6܈/ͫ H#-y4룳lqPFiq+RwG' 2ʙuK sD1yB%:qU0;b"2)t*7a WP ,+( Uӗ>WST v7H\ xmV3L.cƌMaZX(pA>` fAEf|OM<1gz`,/ЍiݦYŭK9loXwi(*yA䇁g45l*NՌf$6|h0y ۹v_v])y;"4TͩHvz\(\uq@.)eN.90MTH&VL/]"x2>~ѫŒEHC+zw3RV58 cm; 3 )rM(/8EK*ESX>ՉE3l?iwJF>ဴW1Zi[}F'.`β2cP!|K^SpGIw*&n^-b<*=K֌"C9[~Dwy CJ#D}u#PcRPft,pzԮy5X* \ʈSt"{D]i{$4Ť$D3O[R 21~/XKH3x#PCGmWl(9M_qs@̆@>wDTZ9-=# 4{ 5Kr%lj>5ϊq\6[6 7Xd?*Hs3: DiwO%?[4mm>bW\Q+':SlYDCS |W"=>(z(]b5i!Eלymd8urWXo $xO* 0Zk֗^#X)xH6Dϋ5jwMg<`~ W[،B4vP0 lG'1F4LK-8qImӗ54#q, UN%W2R&^9_[ !ws/0Pi1 0sՉBǟ28v7z^5-W1 Vec8~j&v1 PKzZx7ʹKdBQ"vaT{jIYzOhߟnQ2а+'Q4gTWz 8}<_zA ݟ\pc~FZjQ-qڄ\HϤLr_G{yg`Ň =?>mczӃNߟR*mI~ь!FrPHle+ < ^5ƋϯF$7&ʭPNu|+Mvo% 0¯w&_C[%Z gb!P2#.W0ѕ^;4 W I)~"2ʎOZōƪҐ?3MVavs}@';'/=e}1WC-N<~FP;, i: @ #C}7RAn_fSnp5Zv-{)D/JMК(ne} &w=جIswmI$xprCYu8w3ip=/w D %Kаr>GGNlȇjXeVbvqPP "-nô ׆kzȴx_JӸk6Kr|SRXCg* a$tzRbT6}O5DGEUse"u;Wubia/J1 Ut+-1iqF,H*&Z"J& j'8P8te|TxlS$͠>NBq5twSZQmp-Hz0 R"^ӈ SSx 'M&:Lz>Gcl1 f nK5b,^\7 dt lmr0`wGVɟ眠X_T42|CfnD\;osj0ӥAV2OM8QYzISi^kS}JC ^dA J;-HGP*AQ]}iO 9r@< 6휝?DЮ&.j0gS.!`.l;gD+v_l !/mFS}I^ h;fQԋmi\ tݏ%OWN# +մ< 3ܥLf39Uڵw\b(3h6 Ņdƫ6.퉷w-8|#ac$ (^ #S$M{C2Q%x6B 290% )z2Pɿrp(7ZMŀ2gģܓVzT$unyU89H<NIFo0Oj7x} gr^7Q(ʆ A8){MHmxɨ}YK{AANymXXaźezzF.tHQ0WZv2ǵX%Y2V$#xM R>PWƸҊ蕍c52W^CU)'8]x< dk2écXDĎ%Қpw{Fy1Ə6+X]_8\?4 ɛ)'skN0  zm ǏuPCti-F>;d#? ~!(l~ݳiZ#9ONk5YJٶ]L58 2VބcĠ0kA cj -GZ{KLmw:~(V?gs9qXe$ BE6Mw*H A\p!\][kp$APl^IlDa!#Nbg;y6.5K *ȅ-NcΜ67& ؠWL]?+4%xF)ז )Oфy9oɂua6dW"V|!swp/Yn=]%ח/[6aL'49|IzsTǥitQaEE-،A#Ӥ?YQ$cq&bӟui}098ݙPTGBrVaO"ld-!AWmC6^a FJ紖` 6_{8Y&k-( 4&o̺=k;6@t1y];HZ,(bƙ%ug E(_-MvY^a[-,*6z2 U{ℐS&aNq$g`崖$#&w(Xk ! mi7LR d'xzxb]jPݭ=; v5a6$"灠N²?zF-̅u4֋#h@=6Tv7ɀ!] N;l o׈)DŽQZmmOa:_m ;(,@=$_skrو*BF-äX :5$#5}Tb6D@;;C#e?t=kё?B]4|((7)V6HTV, ֔av$z结eIkgsd6c2eGɄ J'Yfgw<;k4:mö}a32ݵ7~q)&|IJf$9[G;|,`p@/XNf 3izVM/pbn\0}bM`*͂$h#xg'!r_U?LҚ f!Nxٿ",Ȁ1GeEb,5ͱ5E"ɀrBCH%Y9}qGDn1L9@OWXId>5^2z3-!'v%}=^6J?ͻ&nO#ø{ya{Xi{"oWaz083IT&,^xEb){yJZn,3"+vѷ/=P;4RbUPNN|Q9M&M0SA% Xc'JK5hnPVSL/WnZp/A'l^7OQD>=e*OK\{Hwg k_ZIXn{#anR ,q!-jC#^EUzߒ)Wk Ⱥ+hk 0 ^PmJjY:Uvɚy-t'V Cf惡҃V9}=O3[=W|-[n*N'xP\v"%CG39cXVS3҈Mc݋Dƥ$6s~\%ZBJie[SD]7TvZBU$ś;pCM8K1f((ԓm ,R V^RcQD&qi,jkINAQ" KD Ng!ur"̼y; 'I6'v)7GoPc3{a!r:΀.o ~nUX[qVC~ĀDFeQMYM)_OxC 36a[y԰:(gAK1Mܑ]Sߕpa!Ӂobj-Y8~[Y,eAl0K8.0Ĥ6ͨ&+66Τ ʺ]xdii[(_r7oZloA"{@pNw*f&T/Zn't-| 2UERt~C:uŬ2I>zBnZ/WԤ_CRoߣc!. N-g2D[\Zo؛Xሉ47#(T)UM 7}J(Ru=n<7dh,8ώǂ&u(D+ku)k-x##Iɦ%ݳMZ1.vԼʉP@i3%=Ϥ|`˶ht5WqgoЅ-=.$?6_\$A9 k0Xv+Iv 럒MDm; ;xCvilYv>{N]Wt;.Ed4l'iϘ O o >4G)FZ0~U6A@% *wz >.Io^ͧm]Ҝ G-q`\c3o %ߐ:0 ,āg }t jcⱦF)aC!GF@״BF0bdQk)F ΞTTͥb7+/ J1'L퍅*/,b)GB&R 0$w78a_fgM0A2uՓbH&ghكGQU\St*||s4G''.(ON`_(L{GD. er3D(N]0F " ]3 r+1zoKVT%zjq֨CJtq/7>YP,' sXa9A]t3%a%Lndh_ЯR/Irj #⺐KrwijS+(RJY?HS 5~tAp6fZ$qt8t?s|ޞ tt7/B&] ${V7[a, G<Vwsi$IQ-IBAh>bp}Sv.fF4fy(5,І[^- sg>6oQ`)X_i_<t*?\QU=BXGiX&#$|~CPWR;8+*p1ٴFFxz#ZoY :w{TaZp P4Q]PIyEFi^% !8*מfP 2X~CEV$__J'n,N&<;=3Cw1;&sy>SÛӽ%|RYחW9J?H\?":,F_}@D[u9x]O(|C'[H!Y^M\"iB ( \:l0agX zַ\7On6]fSCtP,=(hkf#淶WgsEAp}E[J<)V0qsT0W0sqz.Q` Q3RoeV3WȾ!xZ͚>'ر$꺡X~)03DQfs:k{H{ }]&_YrY'WVnE "t@Xn, ߏhGSymdB4aˬ+ &g!| @vky!.Ϳ ^uNAٿC.w) 'Z (&^9rdg2%$;97!|ioGjhmtbiy$z Iz(-a]\-\B3R|ǧ%d[KN+mk0}_pֵp. "v om^uވDJ`8NyWwf.7B(=6q~\9rA4 hS?]\e5gWnGZOu=Ӳ)wZ_~j4 su hn]X swsu CҠ_-lZat{u06JL^M~.FnaX wʷ&uwC"`HKI1v-PI_}e wV7&'|h5=9>lIcU~ R83 bC2]J(q}sBq[DL_i; Ơ8UM V2:Vf0'U|l>'";SGho6kƧ=&9&Z2 uL }f!O IKDov!'yPkM)GBQmOE, T}9 6r ia668ZE6p#F_Uȯxͬ-K_km}u1ԬX{BOta9{ x.i؁ ; uOa[8õ?ULiO@/Ҹfw7s.& c(  (gs IHQYV5h̓4?Mm}9^3uo=ސ[U|{b4@,X<ܧx“ fOY)_/ml#짮(B5m"Iy~+ٲZ&H0V:@xJp&a@˔k2Tj<1GQMojk-ހ6Ad8,VU~`34U:٠Fĩ{z~_'r%+d5sDzxRP+pPϮRG0Y6iC]^(ObI SUcX|}zvC16EԂX-5z+;{ܶi@@ e Q6Io$`pi$/m@HCne]5%Ш?qöɐ[\5H *e?)Ll\OWR:yٟ T%,nK`G"@XdH3e+1\ 0J- (SGtڞǝQKc]C/H.ޕ*R4>絎a=mr$IX_ȳ( bj.A0vNNN{G"\eO7^u;d痭bIr:m]Ua \ j&!UZBLt创aAd򦁱W?ıf`7d_Ofrr^ܗ|N\r5_6.n /?q;~WV7i;[+H: %,/w$}GO̦*kmyvE,:4K|0^DɄ9]Ab*7IBJwT; /1 ,Ds8ExR};~VĝyΠ3m2M"m99C+:lro]܎%CU|2Ul51(Ef܅7W3z+9Sѽ3#yO*s}'~ N 룇zl4uH ooS\OY6k`}|:{O0B*#8㉘C,<)#>ܧ]4-/B&y=7]h&[g1]IU/iB\jaBŚʙ s!7Iǥ.NFM} 8m ym/FOo0=[/52#3v\;@&YcơYLֵ "[Hܒ苑 6r;5"焘\wէa*ڜZ9f9JcoD LQ*u?HG'hW: 7$OD$ʉS.kKZfqf!d{THWC"z r?+#"S/*W>82NV.<۶8-Sx2pap|ѭj;rb 3P79.ʼ 3 21sl7۱g"|q>R֎uGQEʾe8UD*Z3-$"B[-sK] ]uӈEYQt=AObhb4Uũèn.Q1;gLǝgsa oWq { 2 Tw*CTV*sl>k8H/+Կrra߫3Orr`)^TՏBtG$Pt=7$ee؂(~0af5V;0Ze:=Hq]}TMyʗJK:-H;z<6#')j>o-mUOۈ?ĮmKW?7}@$'O@hS`Z:yn)l7cӁ|vPV IHMQ_*؟" EG`zHcB(OY fC? ;>Bu\-W0^SI k>^K\>`0@m^{^CR=Mi:Z z`j׈*ͣ> dFeźPKgݰ7L5f&qgR,[78uj^GN%ev_,KZmTܖzŊtnkƺr/lG d":.Gz,/8O Eepjʓ^mS Ux"qzF!>d]%MޭSau ط(Q 0k`j/d逢?}T*M$e X+v| QUɬZE [X蛌-AZCLrUr G:2.\K]SÜ322MV.a9w^@l}ύvk#E\щz!~op:ȷtʏ;o < =F]:JJz v]r<]tL$ 92gYU@_b9X*ԭ1 {osӠݡٟͦC{O A΢WjaeCc͈N.&\pGN*wB{STK4M:09ܨ:^R:"Mr Yg0Ѣ?^&w=rWA/'۪y[k?MXu7CJo Gb ֽmĚդg9z<<8кmFVft+{;@7$wݼv+dq;RU;|VKJ(XQ6B v#uORΙq3^ی`a nU]1wa&q@Y @h]#es[54-A2 ӆE17"H،+ZF}1` g@sz{SWDeLAZl\{)2c?3Rֈ&@O{1w"4B*, rt\PE )&w>Fxй46U@D8G"N?ƉIS֧\HONO~7JB\ט.FfwD?{Z:d 9/}^{y<ӫf#6+B2az ?+/@6(7m!iCneXCe7G$ Ҩ7۸pXjE (Gɘ B_3 ͌(YKD0iEʞ,ҮCJQ`&䮿xǓ΍a_X==]%}ҚTT*KG f&hjrTp5d?wwɓ% SAI9Ε (O=# ͚ l8k,c26ƍ?t\f4`"sEw$ Gz4P6m?`XUu(>:nSdcx,25R[:+"Ե[tRj[<.RuތZ P3{Vrl~RL> 2^8"+Wo+#.X8(%xQqԈ{Slp,o>z?G,ޓ9y~ jXE̸Ÿ֤荦kŜ8s49tMΗ> Iax ߩv^Lݟ**pnRh҈};=QFeuB$i҄)fb* Ta&5 1B|ȏe ?´Ѓr^-HL/)eflu`|"'͉=}z_6y¤+\r.P35M:V8.UO[ŝ&-DO]:Y[~Yxsm0aQ+yp|z@6[6͕ahkk?kkDyƗl]?}j>.7l|BEˍ손. lUP A_]q?I>e/lG>" CfV"TLWU0-j@qDǛqHviZ*U`ʂQb#10F 뇿w0y4oF`XpXwSdͶ .]/Xrպzf d`lhepFV2cӶq ] ?<.Kݠhz(CAnv۪gDչ7R)=xiclNRբeOo{ʃ3r2gB0xV<"?:U'dpC?f'ږ]³v2g?.l^)lxAnl`vhV^{gE)"%fSe`D[fHiݓ\OAr(t¼$LBP!+j؅}pv;=wY$֪x:{hǞ VkPy#Qhs ؕ!D?+b66:s0123zߔjէS`1dah,;]!QX8';MzWb`X֑f‰H$:m@41Π :\Ww2.xj"a3-g'Q \9֦osSdaKKK屉19NyPSN|P{0&Luی4 7G-Rf MPWh="Lz3~!Q>ft*T:;.tsoO^^i^g,Eu˥iy_.fIwt._shдuvQP #T!!g?1g_89(dUYzw}8vgN+, Ӌ%sPB"ʷV ݦ2fᄂM?N8;;ҡʩSx8e4Ö +h H!{7ȓk-y beN ֨<_:TVnB:=[x*@?m HB`]<SoZ)ܧfVd+rZ՚(4k>R@\īRJ(H>TA؟[U_岹;V\@!B|T;>=oFyň)k̹eqM&* _ɱV~}ZN&74鍡CE9\D,"CRea`Q^X>TʽM3קEO|;CMnRfIscQ-ϯrZd%?}i Qy+ /mD!>t:fˉ7p OGi@Y?"ңI$BfjMTH%HA'zjC{diM`$m(dwp)5Bٯ7X8[]G)uM $|m|w<_WŇ}|Q΍#4z{#(#%Ajt6>%N4 L/j9Qbp@bU'YL"TG= UPt@\vGߢ´D؇uWΏӓ>>DzF7ةVAe;!eve{.V+Ijl;4SGT=5F6+a5Ь~K͂5Ђ23:gBm65e?/|kTc 鿑惬*m!DƙeR?pP|kf>rcwf<šG%w *#zJX:2tvMRRKO Q'_>C%EꕦN/nv(uؒ4qs9'H 9ѤI;:0R8\9{V8pWi+ L#u-4a;bZ n%Cw.; NmA0vcZW;m~'3_a&RUבlց8] :8E0~{c~4, 4p\Hy73@,2(:*:%iI gr&H^9w_ί^|16ճ5qd Z^kBIĹRKAhCPx-RqDXOKuL[ER9ٴM1sS6?\;$)5'Q<@-Eu;|cz>CT)tYcP~Y@ 5]k늾L""%s>W!0[<7)9ΌH ]`i50Nʖ+_6P߱\mmdJ7thO$`7^ $*{1S[35W vn>/8[0#ӑkM2#${Akbbx=RU?+%(!?(2MLǙ& l;`G?T;*NN&Ɍ)R8ɚB 9_k)a.AVK:W= 7: xW?cȳA$jm^I+ n$.֘U̡^XٳFe0&y2'+:\Unyˋy.f>@$9@mH7tDbuHz #faz09>/!sl=BBbfɔ=^Ux0W2;-O.qY3 Y}PA D]}6{isTF'qeS<'E>bm~DG(#YMM蜶 lֆD󆰣'GH#*A s-(XMv ǡx3?gy/\"YI' h4 ߬ؗcn;iTjhlx^] 8>ݙV0G꼝"c# rC=򄜌9ā.u[F>,bL; 6|E׻$C8_ѨFFö$Ҧ'/\$UTiG#k2+EAՇ ͻuƣQى,K>s3ZvJBD|31C@! onFEW\t%V%ceGgIsiC{HG(V92 !ŒUT^A8 ?UfB+Zoh *M2 i6H0L1~R̵Mq8 -9c*'v"ZBn려/~ +A Vp-?,e<2y(DW1tH1!&8J\)JuQL̈Z#2%Y(7YЍNZ0i!h^p>J J"}@2%@a^n +-//ܫ>4l's-<3y0ZIc;+{.7m?wNSVamvZsc͕@*A!Vs=<0FExeE',;P"%?-\|h;e gbvB.ۦ;`\^iRD \nKnj^8_E9紥gm58 @o:@1np͇z$LXn2„I-Ǟt;:.܅>]#-yx*tni ,1;!yԴL6׷U6n?Hhɢ`w2D;C-e1x5WRqT [ר,%>^N#8`8K}g yz mzԕך@'.po0W&i+Ԝ8X0_aP/Z26fv'?&1nꋤRz5Df d.L^ c.Y3?es(H56XR @=~¯[¼gb@C0|0A-FtAKTUɣk>Yv eJ+ QK.J.mAB1!qIb}%ܦTPԩWxZJE mV^Ӟ V. X_1c8'9.3D@L,\KECžXV~ց8w4Gnc׉l [PV4[O}JE;Vq05+[,]lMg: y y!RAf5sOmS?ka } olS>wQVܦƗz|+PPS@ˆ E,Ȟc~݇Ҁ9C4*T mܷ,b:26$lb׸V5pÏ2庌bB~^leҕJ:L y#x6L(k}|hՅ .أԫd܃P~* ^orp+YkT. hyr#Z37~+6ܠ-}7$M鈒Wn.% ۊtXQtvBd6kFr%X_mE2dwR_DTj}Q /iMl|=}lд9SP;3!S,p 0;<=TPtrZ>7jj:L^y&n.ӿe )OLsyI068'M@A{-(^dAakw]Ep[;)l)@ojgF [F8PhGʉY5R?B9:Oi? Hwy2RYDj*10ה؅?_4D?**ԑГD{ÅKS6ɞ@yR"_k !]Swхeu#H 7"v"siŎI= ($&EU!kkv>C9* R~rԸ;Ƌ9)aOpY (+tԓwWn ÇY=!؂^jm)uڦaO#/^jQ>EvdVK~mpʠ!TW*n[id4r1Y@#p'BqЂ0ԝ]LHm`~'gW﨨МT3H&^ҼPbɷ ;Pl_@Ry8ژ= q"?V)v 3T( IYxl"H~(:A3fۂ-{RibL}+؜RJ|{սeHUd<]i$2x\ͥbޮtQ-v \#ZRCh6@Au(0X10 խ벃- L#P=i:b 1n}|OizW^"|Y=+_E\PDYM0 cڜwRiLGIecd-&kI$ȴX\FפӔ;E1ӽE;%zwBrbbjT A$PY>Ȃʐ}Ъ3HZM*k]v?tV+Dh!|7Z?AHY.~|+3dGfʱlQс`X:WWW QyNh-lMa  ڛo{je 7*]߂ jW 5; [ x֓#avGZ[rN+!ٹ3wA 50ۿ ;%I./Q*85()gY` ^^j(`Y"ҩ?BYծN\/s;eUef<֪Xᱵ@o/"U2 \%ڞy܈x,#~7&QآG-HP=oïfɠD*Î Oq/g7إ&XO$9=5O f 1zF)ۂ'0io$#fsMGᔝ2gL[ax4!.?vX޻ABߠNoג@.@uwʌ:Zdek(w8l@1w8v卨͆h VkS?nMÓu@+QDfBcsdR&#&)uSRM(|l ` k5I2lax,X\)d+$Z~cĀ%4<&3߆V*G wQL<8j-Qz;oW"nC S緯Tou_\ YQ;Qw"*{`ߚO֩eF6lڦ%_"=m V% !Wd1I1 7gh㢤8|!6:PNΙeD9YFH [Y.l~AjNr\`qa`5McjwxGnbN<J=@89b%<26"=N>wwc IJ؄.pNTu&bgU- &Tai(Vc\ }6%AXa[8emLcjlo [" гۤ7/bHR&e9%LN]>ôFs)Nіǎ#ԀCO? V& ڸLm3]3U0MFP4w-@m" $W֢ȳCDvwk npC쌳77t?G p=H5"A=d: ||1r)~8`s:SGIi =LER~ia~tvu-bpBwQiM[^b*=uO>pn@dїhd_ƾ";M] o'4P q]?> soC_>G3Q@e S%͐:!A]9o%?^ʹP{J&aQEXޠ||&H `2dW'[}#ϱŲZ/l'2o10**Ϧf -aD.Ggxfu nH۴ }loN;6 Qr n 𰐽Vxtre Ŕ$bn,v";߸7O[gܠKX4&ݤ gS9>Zإ2GN>$3OxP#?~&Ko&P|`+e+>>m*8F(o(I`P̠^{-LSBrZf>G_y4^@*"`{9,BSF(  jIA C[zB]hӟS_-x5)#qio$bºZ|7cpXDRc>c̶-[v^}]`Y{"r {r9#rlQ'>{H(3<6tܤPnH&̪( !{ԁu1-OJĮt\y֪<ؘW:b|xvK?_1 ޖC,vT~& P1yz5lhen/,f)*Tu:‹YUNg‹KYÚc-E'^471n׺}u(/\(_ɡ :6PŇ$85S⬁c2{9@#1zZK"mXl7iW2}VPd\>i5e(n2c æidNni=YG{o([wg[uay+d}z0!=-xJ+t y9vW/d1=[`~/n/׳ؚiXsѕb@B+!*ڙ QůҢH!0 9r U{x}2M"Ha@=z':Ǿ!Z͘WvgTޖ,`9 Zf&Ȏ.ʅUI3cӮ+:-s_3jJS$yqc)B.wꎋ:Q#IwZ^<}[=U7*m+< X;D؁>k?d춖=i3 oOI 6'Ϳх3@JB|acnpZ.ۣ }S×6;'u稈G&#_D=?f4\x+QMEVN_ijAGu7@WiMwAfC"!^r3yo6ƑqFCj)Wq#eۂӌ K1QR;쀁1? R>Et^Aj +(2w]+3Q68&;&~x#ZM?fXzN_ iݼ wdt'5 '/f0:9:xL-^m,R);30O8{ۻ%󙋿eCnئv#:l|[S|ye.I{r#c[ ;G1ܶnN@wVM:]IxY0Mѝ+ы]S˕5nӍ2SR50UBCIsmDmTPh 3k}٩(1#G"*QXEXBi`^Ņˡ_hpaFg4琷_HE dJcVISp>bӲEO.G]8w ɇ{''R% SdP5J)E+Vpo WXd!MhyZ06l߅!%ENd6mf!JR %V|,2FEqx4ą]j_l櫏ua="_|hc+ .`&Ф%#8ء֐iacKvꢝ{.M&gJDaso)cJyeйzwkĸ23t5R}ב͕5"5$Qm4I!R/3Z0L f<8ShG]&q/czjVo9!C.H`M Ni!7Q-{b 8_ у3JnKy"ki&&C.eڗ,- zWmVkE;ZE+Sǝ1>Cȇ'xč}42ULb[j@nN&u~_[uwPUkfūn!.rz$bDiڳ͝]F"'7g;Ny)cugEHo]|{K3n +Yuy-SymȅRM`,9(U37qݿA{&ݢP`Al 7gD`l7O~sAg–*]c_ 1;jѧ =u\'Ar?eU TtV P`2"aB(}NU(›v.{FH%  FFHk?&?-+HJT 3 `su 7<ApCfa~8E}@Oqce?@,ĵ <66_uDBvp@0ŸU7OKz%4'ԞʿXr'd~yzyůA/x~Zi͖xl!7%oͭ0: 0A(G3ޤ$xm_&G1|v$jV]5ǿrGOb @JB<-N[DH,Qك5DcpF.riS7;c̤)bu@\s#KD)2eq !0^ERqa-7N@kdHƷg$- AҲifl3%ON2({rC`t%5˖qɟa +:Tnl~8LeEFX׷ۃIΞxJrd^-jiI}|2}GhF ! /SvNleps[պ9NhρkSZC%#=11O Ńr鳨,I%ۓ/p :'4yW[O'1f ?˝xD jN.tXmU#{iJMQIM}zFh,װ9e!6D2\5B뭄a;9#GѨE ihYoqS|m>/|KmC)K;Q)ME`mhZ ֕R<؎2c4|uG @@j\UGw<r^48e{[jڌhxJќmW6ip9֭e}[% tsDiގBM.uۘY"l>YӠWKȽQC7ѬcBA_p)퐢y{[_+؟&Y):R\3Z|s]W7>cvAhcۅtT[F&T~p0`lQr7Rs)Il~kȱEפ[9ٹÔ<""mRIf`X J;E.\ӻd]7%>&3/y /O]!-%9Zw'2- ~y vgE}Zb,1[(lY>cS8㳤\{@ǚhߺ|lw$?h?&_#t3*)M1VƑZz(,vuImEf54GNKm#HV4*^pH$ÂO1Z"WKs98/0sE 7[!Ӥ> #rޡGḐz-2aKX5̀xK'Cis>lE}7q0?~dn':̙5DՀ D E`H~Vp# l3[;(Vk%#ysddo4S,e?][{$HHǰ->`â'Xz=zTVW(N3 ^t)dT:cvWl\yVR<|/Qhu Ռ91Kp>3RIdQz䰍:#YIr`\ rХL 룦l)bWb*)?Jv˚1"ĨDXbtvǴBsr ngMnDeYy \c32aF$눴jnaB^֕Pi9;yY21zm" ́6M'1k?ڣAГe=]phm4^)-l0<~@!PY׺Tk<-& Y1Jہ rʇ ;lBjdWLkm,`)wT́g6a:NdѧdbET?eo@XT5>0nѓ Kg@d}9^ˁ؏>--=)}G@cR1V0b^#Kl6lK'Y0H;f੊F:^EIIeh>B NJW )kRXk`Կ8Ǟ4̟+XXzS8 3cnǍgS"vJ9(BZ-L,  T]ϭ MJ>XJ;xg4 WJ?;ԭl x;um`NctTʮbnt,IuzĐ~l,y۽Dv H;+ q왭uPQSVihx k[G-6ӓctNiezJ`oHDbPBFEyyeT,;sJ,iA%GN/U€^ á[f*bM0 'h)Pp"=ksc1\B7fsКPff;M{.o6QI!4 Š:k||`a$q aCh!Rڭ&ns:՚+Qj8goL\10 SNTד›0 "I40 AdJlw/P. &(i9[p(U>;i+F#}4X Dp͏Sc?g+e/iee*aaȰ8u ~HfquԸI?%KY{` q9O~ɾ[epguWu {'@#|K}gtt7^@ lS[ĞN(zʛ-X.;RHka(3 U  K,)o?69u*oeB\Hܻ?#6C?|8 E+ЪM/̿ϫJ(Q)8C- ,6e9j|ߺn@.RZ'5vX|,$ g^ڧ\&,벸jmv^lBT{LWX\U6g#5C!iq"4x+4鍟 [lp`WWy|Iq^2v`۰.Z7Z@D>BR+SC|)|;L|#c27IF=x{DLaÍOzz|1ArwB"-ܟ,YcoV$R[\ncN^k-ʣb,;Ojx|,0i x06g@օ]\mmnKvoÃ"whG+X"kWKh-uoK<!;{h'BE }ϕQK_v9뮜7MXp 尧n#f~K2y6LjϖIOlɟd>,mUɗt}esYu0:2q_VՓ_[t_}s&e[␓[=Ig?eP(0N}Sg> `wN#!UkY=ѳ DYL+ +&GӖA\DbR w4E vޫ,PEJJXJiB0mc݃>_h ?ѩ%x%z8{OI3ewi晴u*RO{+07nsX&0`>fnud/*W 133:ڀD(3Dhܝ{ /^X ucp6/}ʮ턽*( KR|YTռt8<ڷvn~v z~};%ɵ 1{͢XHhpdQ] rp~ӃuMmq჆4̿QXkue/bqp;d!pQqY ]ǡ´ rmdor!:PQ2vgާ_B&Rҝz̶q-)況Yn#56:7]!L0D,0J. UJ0guf`z SmZ@>)4[g҂ʁKW֘Hk4F⪸΋s1#V!dֶ @xhT`i\|qu2f-ndEb_7)te_*xK yITwDZ0w9۳|_:y JR׈h9 f"M;k\)ޗ`ې諾>r [sIJk\͏PvIgŤ}Un1>nOG"[\l@P7ߤOkPCv] 32`mN&BU43 RIFi g{O+ץgb)0{ ʵDFM]7'@Ɨ+QRHI%W|ObԷ-'HjZlbp3nPr$*QJ>E\K2.a?肋je*|'tZ$t8ج:'He jQnSU^&jeT#7=p>xa[I J.]i Z᤺a]FQ|Y+J8奎, 5rϱa4u2Zȸ i9YJC!}:68ᕕX!%'j7BbhwK+][2eS ƞ.n $b^RŒsB;A8 v홨?ߏKq^3x{ܔϿeԸ8c w٥UZ:ה3#fQ%@u &mj[ǫ+Od9nEpU&u5Er7~69B2S3wj"p#jjs"t ,qv>C.S\l*b;jj>Y\mw18[XS`ib/P=ڍ7HqEcS );[|Y&L?Z;j/4йJzYozqwQ1ⴼ,*kM ;S тI:y&0$$-JE__溜EiS !A rkDdˣp^FEN|+f_C9}Q/XmV(ւ'v=GTעKw1tW:UbB/!}ɺxh<)y,iL1z%2bZmS 0Ⲭ&Ox(DUO n&O;}gBOGɯh@n#EW_#6!;YÃ^1憺dJ^.3Swi;Ő^Ց.T%Oa1 fK.]؁ tn'~/G2ɘۇ}ÑG Yd0y];9f<$70tC!H ɲmTJJM> <'nXD7?O4/!m{퇯~;LW̉`{jԇnlvX?vDŽNbr`=!Ҧ cKLmtPtC*X̝KvʉKxtKќ(^94%2F>RI? =fHD~Tl+H9ʼnxM$%<ޒЍ1q׿DQ{sr#cz'Tԋh|; X5>#!\*ٞ^ rAZ1oobʙ"/e&d_^WBˁ5``s Gq=6iISMa_P 5I ? ie 6s@QfhZ ȏþ+*prXHNY% SVz#/ Upz Dk<ƶ3olК`6+_08`iyA TϦ&yAfz{A%! e:-sgAV(% chj5Mb5fAP#!nFg7a:vp4㮘#_xS!_9+0 ?\W׽eB/ ̋`v`A+n4C=rJGSVRi8ɸ;ae{A^\HLsMYHtWjժa4>)FTBC@yYz*;2#tJt37,ǷTC|uzhi1gG ׺b+4֢ _XysBnR kKDl n%BWci_5`8=lZVFY)I;/3x%{ ;&H\z"=oQf +0G]p=0Ⱓۄc9tZ ,$J(oi=Z~dKi4&Aݍ:u6q\#"ZJ=,8 mV/@=,4w QnxX \HTQ-vX~U^V 1N0\Uq#אanö]bwS;RgU DFJ9;HJjGHˈHJс__x;TN3,_ʗMѫZU >¶&^Cu;ϒ)ijBZoT=/#.pZHp@YYO1Pv:sjG( mM+>/fE5ڻJ{f2n2w ~B̶4,UA9uOyCUL]R< ]wBlFf/u e0h8g k{b #61pl.[ؑej0cۿmpξ<-)h'B):ǾV.dZtJawD.>'|@QMDFԔ(3}cXd[Z-ɁC.`# :\%'Xtgݐ7f}lBB,o2!R:}}{ߐ}tbJ慎stx#.^=kq NRv(6OL筩O[5JO~y=r~_(ąuXVL%%t-Xdd~ PA97[T)w$`{ '<NXSn9sݑ\9KzOw];kZ\낻9[Fu _KW2Ӧy+q"5L`YAuHM=[OH Y h(^M%Z]٣RgLbA--N*,9|溏( բXkX&2zWo%Sw(~HF!:X{0dHH?1h kN,%/U$q}&be\j KʁD{sGܫۥ<&ޮepN! @Ϥ{K3>uCnO0{,f)obߡBwHD}k;ث@>)2)+pZ5ʮ]['Fo:ہ!FCqT/d  oC]/ n@]J{+G=#LQ@9yom&?Z2ʹ2yC;JzFHR `nXH-,Y U0"f=~F=h ݜu$ DXT؁F(|P ix\U9 o X츠;/so˭*~HED/9?\4ZnPpz[2КF3xEbLӂlc'[AsaI =lR~k+4J{ +!5$^W#3#$jpP<}pQG`*fjOН4(Na)ӳ+ RSe FT[#i],%$%Ky13f])qȘcEp\Qx#gN&G02X+ˇiVJ_Ǎn ޢ$)3m苄L';rЁY&GXY=4v$0ND{4͋DkV场}(X'm}1 as +(&\CaMXq[г*Tد?tF# i/{o[s+=7Ux"뿪CȘdɺzUbDϯ ! ObR|? IjtG0 \NlȺDn0F8ANhY' [yUQ%88"c'D]]W! fcYMWŻj\DO7m+|lbk~[lwL- "T&kĆu˩@nA"Qr_̢TWdWV/N/`4;]o_(&YLB}-]+Qݴp|eC"%J*_OH/"d{8Uym:‚h 35ѸMqփ3y&"pZ"}# >:JMoO#D%w5ϲpPV0,2Atnf 1vF=%ə>| K4eXCEwbn.:oo}<  ^ۣecm{Lhrvu}_w4-m]M%A>6a΀Ds~eJc7F!AGւUCAGPF( 0]It (#vuC?BBC4r!d;nk ~pMWJMƙeH'6kI0( %xt"\'Klͱ~/F7tJ/g`9< ^#Be!7 8-qYr@a٤\d- OŽ}fdYƢzl˞o$}`rr fvHd bkn1xA`WWDu^B J|q_V[aR~k3^{1,>-%1S£Yf@7~屳iژgTRO Dd,o eW27l/%1fp hڑ 5 yT+[#5 H֓UJo^j45$HG1xODOPfBpR}˩Q#C΁9ݔRYLuN޶ XQL(U#|X(j _~ =]O0 [xkĹmDə<^HWl{y~[ XCe _-hkbM*(+ 6ŲBi p|1R[cҌӭtKl~͕K/_0p%QJVX9W#4Wnv= (,x1{n/bG mG8ù%C죎=|VDTWA'ҬIF1*@YL}2zO­8ĎRceF AАK똏1JָJ<9eVM??48jI?uB~-I˪N G0ː6Ӎ6\b4KpJUgS#S/ d'bk5 D3 @2~o6-(Mr͢hcJ>Gp8+VVWytB29f, '%8- M ɋpBf1 K]#/Ax͝q!)h{11x5K0\HzQԄ_AP߹E6ᖶ؞Px&6#`X8Uv lS; ظ6oN'[%ɶ pMpI6k"N'![űv!LGdznw=zOʋH@ct6 [Q,fi}}Zm~G#t"Y/M[@U6QEs+>ǔB8|tgy!m^6S)sNUM./U0m7O~zX%㦼P`IeIoOr?M:4iW lx1JȂD馥$^Ezo77[g~w_ȿyt]]Ygv&R/;{3(Ey5Zp>6lí01VQ|8o _$C9FGXb.,pgOMP`eIuoY͸ l{9ߡ@XV:6QaOI]I nY D<p:ZNS>؆&Ӳ=Ӡ<./PiANaBČdV殶R.W(,1OB/N&8#p%2 .AS=aԛKlWo*R*| }"f)PꍆT=nsj cQVzƄ7^cym-fXo7cvfƢ !oJ~/OfJ(NU?(#b/uB =M§d"*F;gΔ* VƜeckJfGFTH>{>1 ۅPeKHdBLrG\pVL` grͧ@G,r6kpr>}qji.h>`tϞ0}hҥIĖi)0Nl%T"]%:b$[ -5{Es_DeV`*W%F9QRL8mCh˧.[qߨ u؁ĵ#IJ1:dΉk1i0_mCxxW$ܷ%45B?>B."a%\6c?9b{],ё4pnpcBĕUwISDCƃ̍ F^<Mz Izkt |6d#gxDO[D$ p0B smK;H0s.|<OPn߳ /V0?D 58N2q&G'"pm*#Jj0 :2;C9*lu-.H©\T#$૲;gQ`C_ !4~>ۅ[!ղfttS*oeOxz}b wT2m$6j*? $3M<Gi&}TuR)V]+"+,-uw VW~MbnXF^iA+"@cCE c&t<@͝' >OhGƫxvNq/^u|.M" $!+A'b%IGG!]wJ5A ~U.v;H $Dۼ.%Miwꛌ?W4HaM{"$d0ة-Ȅ:E8},=̤QJ6wDD5l]/9Q^u|&Br4li\5xQګaM[զ|2fXb3 zKٔo& gŊ,u/)$Y(b@ψ4M.F˱ @sˆ bQ+”X8h*Ѡ1A݊`tB,1giMf$\,t^8Pn4V-Z`D^Քp%0,mݝ p6 _py1?߭ш#fʘXRI9A}gn̻O6 ^a6{"+΀mVV,Tf͹hLubl4\ YO44֕B“᜺;[Qsچjg{&0!#r$ sh!vOT51 S@aW#u[%{qPBi8tĴ]7ذ 公ٕN#9 թ^uz.k3M>7H#z 5֋7MgD+(3 ۥSݽИ@.EG_tޘA;R,"ݹ|߭:̆%'9\6fI„=23"o VlU.LFGsk%v i.Ѷ\@Sjdg*tl0C?leTgGF/[0/+KVb'H~\N [oK:Avnd(8(J&3F!C~FdrL]dag[$w  <2["Ȯgc9$jͮ2wx-U&IO`vǢ\pf)dO(nXIz g ˨ &ۥBtLcN/`gk6 ^ <?<vۣcL~hѥ3VŠz]'V2a>Ah뀋;{Ѫ'zTaPqg,QEUK/H~8]J*@nwScP7{ƧFː} 3ɱJ\V񛡥sv[ SvsᙟV YBo7wL(޿ȜZoªyׯm̀փ׫bf$Q%?2ҒSs8^ઉ?ڒ+N; L=S@~I;B*9v0R@﹎Du)j篽)kÛ5HipN0+.3%o )Nrvȭu۬F\+ҍ.6ʗ3dB|P[(SQѶߺ,4^Q2-oK4W fiO˩^\W1= {(JRl-Xxފ̛Dg! ]A6;.A%=DnS<^~̦% V~bU,sGzFZp7&Ɯ7zWDB״> j"K~m4"/ɭ1e(VzG!7GXn/Vc{* ]Ɠ8'u,%K9FP.u5Ty6ZaD õeT>%b>[79]K$:P,Ѽly!^W  T% n9ǒ=W~83RNYg<Mh{dŰ$G-o5G)TrrQ`mQx\d3GDpnmzZ})9CΥdsRj-lx 庢Ƹf^!q E^ \q~:]Z?8lʼXR둡2ӞU5Y-'}l ,mVė9sZfaS.\OP׺Aȟ܂cx4y?BT1q[{ϬC-۞] M͇,{u.&v1sU*bi;{(KȖN:Haڕ0ja r#=Į =T}Gj),%ɠpR9S)v)'v-KD ӹjf="Ql,z4;$vgvZHx2@ucv` 2&c[UΉ *98Uz R=Lqjr<]zgb:+7Ӗr;v]wy^(3lG>XC W P.G`"2 ʫC'FTXm8bUH;S w[,Q]t+57hQqbfd"&WpcV߅7Wf_b*b[CȘ&1Y2ެe /~X]rukT7X:@iUQTUYK1x/2 T#UD‰;OD1*=lNpEH tݕTlSO o$[$^a5%d#@fUƋ5d_Hk?O`VGg }ΗY& uzHlLϾȳe ihƻ( biC?[A_9ltB]'z5P )D$vмG2ʡ6< pX|eLT< 3 _ֵgb؄E¹ gV ,FR+&?OI.IYKuv5'o$G N;NLImHS 23HSpx!s Kɚ "`p="ʴ|" ,+u '̀쥄{"v?t X әѡY᳃~ k,6SWq \.3.A Wq)=j~6[ 饫,T 9: g23rrd?;!sIǃ&bt_hwI:ؓ%&6(ˌ^'Aa t"uyBV20*^΄H$l M/a9mN{sqVUnR{]"" ~^hgY.

9 ]*ZWIѧRji}R8~eç<՞X;f8RIE/^=uZ~'WOt6*я s,-us&DY "^'m4y@gt=ԃ6WeR!FUԛ{[XPm B$>Qhz|JCmpS2uCr~)>ϓяG (-{K:UÐ/z-<߱(ixL=I)"9ۤ3\MdF9=T|QC{+ݮv'r^׶Lt+騋3:l+.KZ &ӈ YvOR 9Ui\-nh0t I$(^w٦G˿4dZ ts1/o;O5RsR}N~WCc}-'L`:A t$}M.dʽ;#DTg4k eMR̤D##6]p}I7GF6{fZˆ1)KSp< ֔wM.S;~52be4DRRO>r<>Ul,YQ#yOLY2:qߑ0g |GR qU&N7ԟ;j.*lI ;B ˃8z8 Fx1λ!],Ŏnh@^sa#"b Ww LHWku)\=TD̓[]U S}:7[Ӳ} I[ 7H<(ңi_5ʯ?mlӯȎ &qR"%CdŁ[g[ vAиvȢ>ثwŪ댋aw>{WP٠/ B)6v$uNi a\YxCɏ_"4AK KNւ or텂<n?L2Lj;בvjJmY0˚ 0]9;/ (Jn^,_\XВ Vڭĸn4KdјX>YBk8c 4X;.it!dH÷cx^eC^®Jgk@Df>͑Y1T87A~j5sbvňjDuL 8Cp Z\#tAW1RiJmᬮNu8хU 1* {OEv@)~)_*@%E$WqδpWRE6i?jp>hN,,D52O֑Hy۹h\<NUN矽畩{jkgsNg IshIu+oֈIt[efEAjqbChwTF DMX 6xf9FSlB)]L[MhFLX]doihwp]u_#Q!h!BОh]h3P"7OTt&)c\_1..LV N 0lӌc c'BF!QxT֟8rt|QA˵B>v!.z2L^8'Svg;jT"E:?ߍг ݀x3~D}*8~DOE홡> g'%9Nqш6$y 'F#2O5/ "K[.UOՀ%qḟ! V932/LT `TMK$/ِw5c)s3IE0%ڷtou Zg;,0wGg&smgZ*SQ&ڦA!W{("V8qtN"4x(r8Iap' yT6G\6N3UiWWD6TabB#p9 N_*$;w#!UgHP?uwOrbog_#蝂O1qq瘪o9K)FFovG7&"e^:'e;}l^P2NY>2j;ސ =`؟\Tm&9[(eUvFCC יR$jūO_LG0c0fuϰ+"옄/=yg!9UO 4È(rݸjfs.1_W:ۀ-آO Xs]^qI;xm-G^S&2Azv&Q  (iBօ`Cmy(Q]~A6=Aa~xLH$bEgzՌq7hzz>gzHɆDsPl8d9-nwfRJ ڜo@ĿI gg7ڳ䆬Ä ڵpO [{58T&P.g8߸^TM?ɒԂ{jXU9rz0U 72[}+ŠG,t,zN ٷPi În_=[3WxjUPh P6!F,S%.׳NЧkH-(IHƒπ`ce(na&*CA`&>h4J펾=^_3 Py{ 7G"Rr{)N̷VOPOfufqPw q]njTP#\6迫ȀڒBkE @D uQ{p~ղ[ İva$NJB%1Ձ'6Emr6~bv Z29 Рɷ?hб(QY @ZGiMDCBEfn6F'M͐6-3?QGDCV6 A_k~N)fw0~ T“j, &nR`ăTͳԓ_bLA&oi!3?0Q7ns ŖS_Sv rpeO4Qߧմ ,I5^YD5͙j͔&G<1SLq nK&6oI/$su➜u('!"ZC2'3nSve5rz*+l5]x1X$Z~Ya갹{4Ei`f}&̷0CAe4jĚj)x֗ݺf5vRɼμ3` {xLQkF8 lϿ zb5 .m6%.RJ(nS77MoY rn;u33VqsdLAmh>q9NIOyUMȎN|ibf5K~:LfFVC[ hQ^ezhOCbxk^`2̔l#[EAD5jh٣BiZmC?ufׄkgG 匑XSOImRZ˜Qf D8vc(fNI]|!ƊMT(r4E![P+歏sS5hq Nꃑ&,o#ֽhgaz:zY0>JQk[}t=5;>E Ski_lF>,D.ߖV)̖ {Wl jx$J\#ey%xUFYl*[[FuY^3Nbwl* kA Zozp2?u:}෇=ө 1^Ojjr=`"aAP8>n;ʸL̳kaŅ$6 T%6EA&CP_GBF 8\^@{@M6j;:qWa<$8oOc@NWeʳ;ȓW^T,3JipZo09|K=wt! {{\N\<p#Й!=^y{^A@ipeeeM8W[\$+8M@x0BKspʹI~mj8vl<K/,qQ-5YmT:2:=˗pk7)d5U݇M{W%6hGGm^_2 `Tt: s [Bmg`ʓŸwz|jHU3W{z$ml ~ D)V^zȾǖnڥMq渫%Dъ %ptdL*1EC8)OQkOxRL8p{NJa79΁zPy 4xt'ֲz㈗|zPgEJ [V!>0=ę!$&0'xllCuU#TElc>As`\`5?(96GJb\0Ru+ݯubۨf^PדK+AFMs]C/;#d_yW(4[ W ( J\*oLonP=M|"3ؒ4Ŀņ_" @{vn"TD^S*F(?1߫6?[cx1? ,SҊC=~)ʑ Fn8U19:b$pӬ Vćr{Q0yq2.uI_%G*2fc|A.;[B C}*Zm%Sޒ*YV0W6QR*\ }8;n?WWR 9='W-n4k?Zuy8$2@R Mt{Fw$!u+uj֩"aZH,3Z^ (6N,) ӥ'KU%P 9I /Hݣ-_2x9prT0>tZf4DNqh"$[2PVyuzN7{0A&ЬƯ D>p"k8 Vè! 9͝QY;Tf[Ȃp`E/؏`fi|6>)#ƍK2LVfRW x1UB~F<#,.Hnk""N{\l}{=qcރ,3;y2nT':K 餋ts^Y j \evdlel륐3}zQt(xcc$KCly3NF%^c`r"TYeUMZ`7 J?SZ b2tw(hQ1?ѭ;z4 pS= %K@tuyhJŔJnCBb)ur.0{HC{y@]`*~'l9|S _. K٦.&_ܴ-}[*3b%+?ҤxnZl37e㿂%SÌh8[NHs*P] )i:[$oQ;P0E;~n$O.@tIanSܝ:qيgu=aMz|~ڈob ,3kOPb"`UY&r TC#y[3,%DRsrP )mm;ڰ4T{MR-bp̀`lۈyʮ BO_r<űڂEɤgMipjm"kK>Gf]uFW qO7!w!8[1KXL5B7ɢvAXIlQdk˂h45T {?t MeEDΜWw|"Kf ]M^6<g-1&eƿv34:T a/c>gہat!Cۻ&N\ d+Wԧ9< 7-Y"8,y 7ItM͊s˓ڞ: J#  ΢Liaa4mS&8ۊ'ɤ ƥU(nƹ@%DP*@Vw.ƻ!$7_)''M:Bnm N ̕ȨtO'tG}ui buE0S0ljYlݍ>iʳ}בʲkb$ܾ^p;vu˔\sVLzG vp}:@_!~[25ٻ=.41T(PL TW hwm~{#,+?:p\HyExrb\;9rN`R cɐOm2:GH\BVB죣21ɹhIbDa_o0ҕ"+=lLd c[&gAch^Sp.}s/@"Y߅m J<DO}cnEV(:sB±L96 K%T.UYe_09!thK׎EγBٛ>:[-w&!G(,vsչYo?-,Op Sw 9/6U%y4DG>$8h{g_Lxkl/I=)͛7qcۑxwk+$HGҕB7 Fo]sU5= 4F GKv(ϔ_"9a N;;&sv}=CtrYYB C c}kmDupÛ&pkB="B `$! nőwa +L`px8jT0݅һaM6F~q0P25*lO_O()5>$YVnÜ8ӓMΏde"_y[~ X֞o#"Soi*?{;)"l,SD8a嵉CMCT.#ί9] XIDFȹZi}}dVeK15څG(^'"_yb,??v6[˙1H4r~X(Kr6IUtx8fDC0g°0Z-+ xs5J Epax O:4KS3z$gcqnjS5=rw ݂WdP&}{r [JonH oT]ůqJR-#)j@S1ޢ] Y&LRG"[pk>;Max6ts6悷%  _hykTZ?  ]V&9[^t˱#i7PHXFw:-Ȳ%FS5z 8V]8gd|P@݈k]U '(.N }j KîbRa {N3->LWρLik땍jS'Lw؟s6vCn׽yR㨀iXܝZIN_5D=>`8m?!/1.~JTU}#@1 JJaK ".wTha%{ޘ*݂ p L6HMmCM3/_]cZu?N&u̾G5t5m4Μ:[7Z>ł MojΊy3v:{&_屸yw!**dZTXpeLe_˘l1&)5QΟѴy UTa(AΎܦʠj 4AL/4 &s. ƭ`$: bb. 2:>r7 f^YjITA0чc߫O"ȗM'bJy@s2yi5W:R:Yx.d7q9\㿞=͚ͥ)~{Q,%d+B+Che NQuqۢ=qDр$G3|R/c(]2/ .xByW :@FA>7C_FTV luoDlKc ^)7cpk?w26nszUܯ hA#Up8z}K7˙گ]3NꍗS{(WF~|oަ ėz;8I#[H^nmzf;ijr::H8+Aϑך{p?0Z-G4o@}KN޿,j\ C8b]2Z ^5ЛoMVgp9Mxu!27SD\9I+6*[C]}Mm?5m ޯX.5EM\F_Dٝ@r h4)u;^bB j/$!.F 2!8=;GK4ëTFeCqhJpD){~϶2> IT=V3L,yWxUNV2E`pGg ~PCIHwSLfW&P)밚C]53ɂcx`坒1qwb:k'VO&в).{ɓ󹄛UwI ]t&B^OXI:3h""<^?"' K]WAz`r3$`"^pª?bZ۔3!\2]O/p|0iSx(%5[8ӗv^?xpu }^wt7t,:oB6ct:_#7S8%Fqxof/ ѯ΋)v H%O3iשUhcM{76i>A,i CB!Vjx(YXqpnC!un^ZLVg.Yo$L8\ФK]a B!=5\[ qCeڪ`#rk3wG=;Olah;v 3@QQ- &/LzT(1 !9>_ [[ M"^T?}P.T;i0껽y_g@'=g0@uJx(m-GVWN1AhijƮOGGm!T[I/ cӂRj^*Fj͊-,9FS0y$xit(GE@ yC̉H1,뎪bfh/>I^w2B,ں/:{>ha7"'OFހUcȬCI*:*υpJg;㙟Vz>O!/&di]vkacƜXl W[R"㺍=O%m1uLiVf*G?]bo~;>Q|e\;E9ӭML 1[w ooG]ݦm..ʰg-Rz['"\asHKN:L8] :0O){$w+Qh%>h&gln9>IGa짹?R,%'^<ɹȯrhz{JOڔ< ?"a>*Eډ}ȹ WOp|wL|_Q5w\<ؤ(&b0 [AH܂41es)p_],*aq3"Ƀ֛׬>e|; $^ Y~~Zn~u'[-5ʩ݄ û/qQmcoaD(Okf7{D6V@^5kQJڿ[V5vߎY%[R;?dqJO/1EF(d)ގ摕hsz!gAά >`PD/6|I0nNoi&{.a$YpD:Y-͒R5 ߒ(G< 1BjWN[:$Gwښ-b6 tOI܁`+xUO{8hzƿT/8Wc \\g:~,fzY.oi7ӷ'A D+ 羈bmWLnZ!UqY4~}As;:k T L\*!X|9ˈk0h,诰T}ŎZHIcd AVg:h;$]z=3: =,cy1B] P%0?d/c D05),yR g&gr5(z04Q?RZcl @O3h9pڧhGt4Qӭ"[ebW/A /0reizo”ͮK1bW3Cj/ .ϡ Ü|RSKXXAEpoVDtxm ST $4)!, c@.Z#!έGfwf1soeVdȉRo,^F,xGCO#HO Ul#,h&!ڃA*ӹdQ?nbpK `#SV1n|)*p%IG`k1ya랻\;nkdzR5ɥKEDŽۡIcEcCJDY#K0Yڗ2ڝ z qV!kI5™/ di|r hG{{6,dmiZRub3p,^ju mH/a ̙'*-,</ ajqq-[2NbCy4}``z ʧ01Q7[tK2J_ig˒t $Fhn,jP3;6(SFF$].ߢ t⃈jVsX]ҫpo6 ^ru!aq\)I&uZCTbvŽP$>Sױ҂݃B sY&c"/b40+ISVrBRrH]f?w 3#`oe4 Ar' ly w7AtXug7,*|VY;Z[klLiue5#x!wb ٿKFc9V sƑczzIm[:B AGpHW~W6-ut#) 8zKZZP9v 9gmxHR6a&YLZ&ԧ@JەbbTe0u8CE]{vv9.$E`\ S!jV=HrZ= |;e0Yom鴆ճb'r/.խY\[+R6UD[8֒ZgJkq:kyFsaNѐ >RX=3tZf@m FF! &g\,/RVb8]*g/\5H@q̶RIy@4Rb7C ֿmq GBMpm %ؐzpr:=N$y5(:ee}SK!oO˞u, #|˷~R0_a`r+-?\RKAxP竄 !;fUSp|K}ҽ ErtzBk$ʩF3"P1zZj^ %͋LD%̔$m.&+8f%.ho6\H]:Hiז6w>77!7 $ R6ePտ?BL\0ي8==Tb߅TuM:=1JUƈ\I/4JҀkXKeL NwoC?'Z9ްNޚ۫tmOVn@?-Wd\b-OÅ gdwBl:!91F %PٴDsuKzx78X\{%S+Ayfw:9N̲oGͅ0JL'옃݂itW1'$W3^8%ҕ`̸ٟӬz/V3T4¶xohVLB[ M㛈5αklޕ)3U77[dO $? JZs)|?+NEQU'F+C* ? )ڽTӃU0;tq8 |D} S:E#@%ͲF N`Ǐ"E͉{.:y 46r5T*y~]'T!]ޅ8LeGaWD'9*bGe B(eÍ\ao}yc%TthF캛 l-.eI%,tFygO ݝ 34s`P&@p=oɻ#$ͣ翰G#=Wc "D֥ed!\.Jy18r+*% Ntx 0"d_- ïT6zٸP)% Elj|/z (mWe njnI@/}$V.VL|8xSwgE-<ƈ#ũ[J}/ۇE͘V8A;'+)5 3?èx1; 2D4vt`&zwU.p  H~7Lw8yKXSeo{]6)|#E5)_=:"uD|Ep$hX&|lE1; S= wUx@IbW ! .h$=ơ5*ȶPϻt*<^}A(pά@[pժc|hXG4=Q/J f1U6L/F[ LJbl#s똳f۬<"I{ PXhn058Be 2'ăq(~OdI?*HZxң{"c8N0g#YгݯC+<U R:euJ/,W,$%leKOfnw=4!k·jKrǀڜ֚SF`b|NE@~x>g~&b?I]AI}ssy oiٚu-O"Q)f~~‚sa3-3 $-p $\MVɻ"oo9v+.ַsn{JЃ%0f&jX; Z,rH9djx|ԲAŚZ |#e@g*fq{[0``AóY$@M9- O2%JZ-Y(0$b!sfҫl$ݗK7kfrlF߂qK. 19-K i0u؊Z/0TZ`cq:pbdF/^03Wm< *uũ?V+*΁JY5 4l eѡZ9 V KVeA{56٘MHD(@DkѥCx[|Qԣ ,KLElM 0nD Y=3o; R@b#"ݾI!9OGw>d(By1}l=2.cαQ'MXk[^nBPTVD|B pSh=Gۥ~D6_y]2_۹2Ltmso;.-oy+%1}K*!ZXg}X`gd"3tFD!T|Q٬ZE?zMZfYʗS6rEY0_ ZiVHFc?NCӔP8]Dzb wz j fŎpWnQ7ltj0[ ^2WDV:r!}ҹ\%Hh.#ns B_8 *#hg^l_ >OYZO^??oO%:51yIuCfYy|hlZ9);T4}L_ %‘ bZf/mS< m%y 9b8#~R@ꅘ͝p},Z(1ZyoSAaS$)B;ʒڜXr ҽ ɄڤI`,OT #`BJ)0(5 _UpQ t8B {Y'@2Ӹp]DUc#]H(ߋstه})%oZ'hXi5Q%~ 4%\`ksziO0PMAҧ9zL/8v~F#;ᵮΝ G#X7rBy[j o-E9=VFnp4ݹ{3%FݩxO>^TyNxNLM;^9(@0K^:c`V5hb o,Stoc)*QBuk=X KE:lˎ }PY*;CKfZ0߮Lu Kx!r>I,Qp3J_9'OL6g6}kLTg{jq$ZYtljMVbnjKMG< ]>HĖ]ʣG~UctM|k?9Fan>6$mBbyl-T@;Nr\ua{ J*C){i넰r'!DϘgR=%p+/Z}M2#[14~$h1xOwe9j]iX i9=(e a6*.O+v {av|:#dlg`3dԉ5^鏓WzDcЭZH]$8\*޳Å ^70 m!Oxgqg囋r=yaBl|l$4p"_@ Bu/{&w9+~ׁi uXpoe_'q.M0walɐMNDXUBI%ujc1ZTEE ΑPv3EJBشVBuXJ8Ah ,E7t9m_R{G&nu64vE0q~Sj1bz `<&#'H %X B!~ɶ9N݁p)DdGmY^%uV@i? +!eǔJWNW&6yL{=,j0ʹl'>C: 4MɲVW(𿄛6t*ـ02;ӗA   YZ