nss-util-3.90.0-6.el8 >  H    ĉe{p U]UxûY06o~,eKbjA#PY~h !r!76ef9642d5d677d0a9dcdc412c38a586714b70964f3627021d9139bc45b7b74d1bbcc97b519bf11e41433385b4f1ed1cc8155e4860302047c435bb500683066023100cbe9c205217699ba9fb0a78e4ff5f5df60d919144e5827362426bfd4a9294084b5bc3c5235bf055f7701bc8c11086f07023100cb2787672368621a27df1338d39891c82eaf643cf5bd5a5bf1e73099b501e65ee438bf3a3592404105bd24558495b0fe0302047c435bb500683066023100cbe9c205217699ba9fb0a78e4ff5f5df60d919144e5827362426bfd4a9294084b5bc3c5235bf055f7701bc8c11086f07023100cb2787672368621a27df1338d39891c82eaf643cf5bd5a5bf1e73099b501e65ee438bf3a3592404105bd24558495b0fe0302047c435bb500683066023100cbe9c205217699ba9fb0a78e4ff5f5df60d919144e5827362426bfd4a9294084b5bc3c5235bf055f7701bc8c11086f07023100cb2787672368621a27df1338d39891c82eaf643cf5bd5a5bf1e73099b501e65ee438bf3a3592404105bd24558495b0fe0302047c435bb50066306402300361d25d7e6838df458fa66b65db0ba3ce4c21d4e9cec893f6292e7141cec5e4a2172dd4877f4c6a035805795b69f15502300c591483bbaeca9226b96cc19ec151f41d62d09a9462c008969d1c7c809c2ec91edc46c85aeac9a640d0a5027e69511a0302047c435bb500683066023100cbe9c205217699ba9fb0a78e4ff5f5df60d919144e5827362426bfd4a9294084b5bc3c5235bf055f7701bc8c11086f07023100cb2787672368621a27df1338d39891c82eaf643cf5bd5a5bf1e73099b501e65ee438bf3a3592404105bd24558495b0fe0302047c435bb50067306502306199e2f2a5c5ec8207638fe3a0b68107ff51bbf3b73feb43118e22e1348d28463653569693639bce4ef906df8554e8ef023100aec474ae386160bb498d8d7850483d26068fc9c2f77612c8181208faba420972bfd2a93b8795c5572b1915213390ed2f5e{p U]_hP%Y~[+r2)ճ̒Fzk袎/ăUd>w8x;,BP*01 -s,q;c9ar읞ڭ?VA "G @L߈Rmu K- GqN';g;OݲYNgba< ΢Hhd(8(hTso2R?3wՆyӨ Fůo _*0TəyC^ DͯR 9"jX*B#1 7P^\\IFZ'ru4,XE;c;dӶ/n!ӣl]Sm%* uZn_'.KyM W$.!okF,Ě_Y&UN-)FKC '!M, JVM"҅ԡ<ܣl$!7jL*7C2uZ,*Qlq\B+u~ka@>`<?d   D (@ L X p   8Vtl(89 :^GHI(X0Y\]^ bdefltuv(wxyCnss-util3.90.06.el8Network Security Services Utilities LibraryUtilities for Network Security Services and the Softoken moduleeippc64le-02.stream.rdu2.redhat.com]@X*X@WW@Wt@W~Wv[@WrfWoWm WbWQq@WPWJWDB@W4p@W@Wo@W@VV޾V޾V@VяVIVɦV@V@V=@V@V@VO @VHsVEV3[V UYU@UU@U@U>Ua@Ug@U[%UUU @T@Ts@TTء@T@TÉ@TT@T@T?@T:m@T"@S@S<@S@S@S @SSSSpShS(5@S@SRy@RJ@R@RR@RSRR@Rm@Rg@RD!R@RRR|Q@Q*@QQ@QKQ@QQW@Qw@Q]k@QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.90.0-6Bob Relyea - 3.90.0-5Bob Relyea - 3.90.0-4Bob Relyea - 3.90.0-3.1Bob Relyea - 3.90.0-3Bob Relyea - 3.90.0-2Bob Relyea - 3.90.0-1Bob Relyea - 3.79.0-11Bob Relyea - 3.79.0-10Bob Relyea - 3.79.0-9Bob Relyea - 3.79.0-8Bob Relyea - 3.79.0-7Bob Relyea - 3.79.0-6Bob Relyea - 3.79.0-5Bob Relyea - 3.79.0-4Bob Relyea - 3.79.0-3Bob Relyea - 3.79.0-2Bob Relyea - 3.79.0-1Bob Relyea - 3.67.0-7Bob Relyea - 3.67.0-6Bob Relyea - 3.67.0-5Bob Relyea - 3.67.0-4Bob Relyea - 3.67.0-3Bob Relyea - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1.1Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-17Bob Relyea - 3.53.1-16Bob Relyea - 3.53.1-15Bob Relyea - 3.53.1-14Bob Relyea - 3.53.1-13Bob Relyea - 3.53.1-12Bob Relyea - 3.53.1-11Bob Relyea - 3.53.1-10Daiki Ueno - 3.53.1-9Daiki Ueno - 3.53.1-8Bob Relyea - 3.53.1-7Daiki Ueno - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Daiki Ueno - 3.53.0-1Bob Relyea - 3.44.0-15Bob Relyea - 3.44.0-14Bob Relyea - 3.44.0-13Daiki Ueno - 3.44.0-12Bob Relyea - 3.44.0-11Daiki Ueno - 3.44.0-10Bob Relyea - 3.44.0-9Bob Relyea - 3.44.0-8Daiki Ueno - 3.44.0-7Daiki Ueno - 3.44.0-6Daiki Ueno - 3.44.0-5Bob Relyea - 3.44.0-4.1Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Bob Relyea - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.41.0-5Bob Relyea - 3.41.0-4Daiki Ueno - 3.41.0-3Daiki Ueno - 3.41.0-2Daiki Ueno - 3.41.0-1Daiki Ueno - 3.39.0-1.5Bob Relyea - 3.39.0-1.4Daiki Ueno - 3.39.0-1.3Daiki Ueno - 3.39.0-1.2Daiki Ueno - 3.39.0-1.1Daiki Ueno - 3.39.0-1.0Daiki Ueno - 3.38.0-1.2Daiki Ueno - 3.38.0-1.1Daiki Ueno - 3.38.0-1.0Kai Engert - 3.36.1-1.2Daiki Ueno - 3.36.1-1.1Daiki Ueno - 3.36.1-1.0Daiki Ueno - 3.36.0-1.0Fedora Release Engineering - 3.35.0-5Kai Engert - 3.35.0-4Kai Engert - 3.35.0-3Daiki Ueno - 3.35.0-2Daiki Ueno - 3.34.0-2Daiki Ueno - 3.33.0-6Kai Engert - 3.33.0-5Kai Engert - 3.33.0-4Kai Engert - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.32.1-2Daiki Ueno - 3.32.0-4Kai Engert - 3.32.0-3Daiki Ueno - 3.32.0-2Fedora Release Engineering - 3.31.0-6Fedora Release Engineering - 3.31.0-5Daiki Ueno - 3.31.0-4Daiki Ueno - 3.31.0-3Daiki Ueno - 3.31.0-2Daiki Ueno - 3.30.2-3Daiki Ueno - 3.30.2-2Kai Engert - 3.30.0-3Daiki Ueno - 3.30.0-2Kai Engert - 3.29.1-3Daiki Ueno - 3.29.1-2Daiki Ueno - 3.29.0-3Daiki Ueno - 3.29.0-2Daiki Ueno - 3.28.1-6Daiki Ueno - 3.28.1-5Daiki Ueno - 3.28.1-4Daiki Ueno - 3.28.1-3Daiki Ueno - 3.28.1-2Daiki Ueno - 3.27.2-2Daiki Ueno - 3.27.0-5Kai Engert - 3.27.0-4Daiki Ueno - 3.27.0-3Daiki Ueno - 3.27.0-2Daiki Ueno - 3.26.0-2Elio Maldonado - 3.25.0-6Elio Maldonado - 3.25.0-5Elio Maldonado - 3.25.0-4Elio Maldonado - 3.25.0-3Elio Maldonado - 3.25.0-2Kamil Dudka - 3.24.0-3Elio Maldonado - 3.24.0-2.3Elio Maldonado - 3.24.0-2.2Elio Maldonado - 3.24.0-2.1Elio Maldonado - 3.24.0-2.0Elio Maldonado - 3.23.0-9Elio Maldonado - 3.23.0-8Elio Maldonado - 3.23.0-7Elio Maldonado - 3.23.0-6Elio Maldonado - 3.23.0-5Elio Maldonado - 3.23.0-4Elio Maldonado - 3.23.0-3Elio Maldonado - 3.23.0-2Elio Maldonado - 3.22.2-2Elio Maldonado - 3.22.1-3Elio Maldonado - 3.22.1-1Elio Maldonado - 3.22.0-3Elio Maldonado - 3.22.0-2Fedora Release Engineering - 3.21.0-7Elio Maldonado - 3.21.0-6Michal Toman - 3.21.0-5Elio Maldonado - 3.21.0-4Elio Maldonado - 3.21.0-3Elio Maldonado Batiz - 3.21.1-2Elio Maldonado - 3.20.1-2Elio Maldonado - 3.20.0-6Elio Maldonado - 3.20.0-5Elio Maldonado - 3.20.0-4Elio Maldonado - 3.20.0-3Elio Maldonado - 3.20.0-2Elio Maldonado - 3.19.3-2Elio Maldonado - 3.19.2-3Kai Engert - 3.19.2-2Kai Engert - 3.19.1-2Kai Engert - 3.19.0-2Kai Engert - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.17.4-5Till Maas - 3.17.4-4Elio Maldonado - 3.17.4-3Elio Maldonado - 3.17.4-2Elio Maldonado - 3.17.4-1Ville Skyttä - 3.17.3-4Elio Maldonado - 3.17.3-3Elio Maldonado - 3.17.3-2Elio Maldonado - 3.17.3-1Elio Maldonado - 3.17.2-2Elio Maldonado - 3.17.2-1Kai Engert - 3.17.1-1Kevin Fenzi - 3.17.0-2Elio Maldonado - 3.17.0-1Fedora Release Engineering - 3.16.2-4Elio Maldonado - 3.16.2-3Tom Callaway - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.16.1-4Fedora Release Engineering - 3.16.1-3Jaromir Capik - 3.16.1-2Elio Maldonado - 3.16.1-1Elio Maldonado - 3.16.0-1Elio Maldonado - 3.15.5-2Elio Maldonado - 3.15.5-1Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Peter Robinson 3.15.4-2Elio Maldonado - 3.15.4-1Elio Maldonado - 3.15.3.1-1Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-7Elio Maldonado - 3.15.1-6Elio Maldonado - 3.15.1-5Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-1Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.15-0.1.beta1.2Elio Maldonado - 3.15-0.1.beta1.1Kai Engert - 3.14.3-12Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- Fix ecc DER wrapping.- Pick up validated constant time implementations of p256, p384, and p521 from upsream - More Fips indicator changes- FIPS review changes - add PORT_SafeZero to avoid compiler optimizing a way zeroing memory. - update the indicators for this release - allow hashing of longer than int32 values in a single PKCS #11 call.- Fix expired certs in tests - Fix CVE-2023-5388- add indicators for pbkdf2 - add camellia to pkcs12 doc files - fix ems policy bug - disable ech- fix the change log- rebase to NSS 3.90- Fix CVE-2023-0767- Fix QA found failures: - remove extra '+' from sslpolicy.txt file causing test error values - only use GRND_RANDOM if the kernel is in FIPS mode.- FIPS 140-3 changes- Update fips default for pk12util to AES rather than TDES - Fix bug in pkcs12 files with null passwords- Better fix for test regressions- fix nss.spec so it works in a rhel-8.1.0 buildroot- FIPS 140-3 changes - Reject Small RSA keys, 1024 bit keys are marked as FIP OK when verifying, reject signature keys by policy - Allow applications to retrigger selftests on demand.- Fix pkgconfig output- NSR Coverity fix changed selfserv from passive to active, change it back- Fix regressions found in test suites.- Rebase to NSS 3.79 - Set FIPS Module ID - skip attribute verification on attributes with default values - don't export trust objects if they are default trust objects from dbm - add dbtool to nss-tools- Fix CVE 2021 43527- Fix ssl alert issue- Fix issue with reading databases that were updated using unpatched versions of nss- Better fix for the sdb timeout. The issue wasn't a race, it was the sqlite timeout waiting to begin a transaction under heavy thread usage.- Fix sdb race condition- Fix coverity issues- Rebase to NSS 3.67- Restore old pkcs12 defaults.- build nss for older nspr so we can pass gating with the new nspr in the build root- Rebase to NSS 3.66- Fix various corner cases with ike v1 app b support.- Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC.- Revert some policy changes the generate ABI runtime issues.- Add support for enable/disable in policy. Now if your policy file has disallow=x enable=y it will act just like our other libraries.- Add OAEP interface so applications can wrap keys with RSA-OAEP rather than RSA-PKCS-1.- fips need to reject small primes even if they are approved - code to autodetect whether or not to use the cache needs to do so in a way that doesn't mess with filesystem negative file caching. - add kdf selftests- Fix issue with upgradedb where upgradedb expects standard to generate dbm databases, not sql databases (default in RHEL8)- Disable dh timing test because it's unreliable on s390- Explicitly enable upgradedb/sharedb test cycles- Disable Delegated Credentials for TLS- Fix attribute decryption issue where the private key components integrity check on private attributes where not being checked.- Update nss-rsa-pkcs1-sigalgs.patch to the upstream version- Include required checks for dh and ecdh key generation in FIPS mode.- Add better checks for dh derive operations in FIPS mode.- Disable NSS_HASH_ALG_SUPPORT as well for MD5 (#1849938) - Adjust for update-crypto-policies packaging change (#1848649) - Fix compilation with -Werror=strict-prototypes (#1843417)- Fix regression in MD5 disablement (#1849938) - Include rsa_pkcs1_* in signature_algorithms extension (#1847945)- Update to NSS 3.53.1- Update to NSS 3.53- Fix swapped CMAC PKCS #11 values. - Fix data alignment crash in CMAC.- Fix coverify scan issue- Fix endian problem in SP-800 108 code.- Install cmac.h required by blapi.h (#1764513) - Fix out-of-bounds write in NSC_EncryptUpdate (#1775913)- Add SP-800 108 Generalized kdf- Check policy against hash algorithms used for ServerKeyExchange (#1730039)- Add CMAC- CKM_NSS_IKE1_APP_B_PRF_DERIVE was missing from the mechanism list, preventing PK11_Derive*() from using it. Add gtests for the PK11_Derive interface for all the CKM_NSS_IKE*_DERIVE mechanism.- Backport fixes from 3.44.1- Add continuous RNG test required by FIPS - fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor specific mechanism- Rebuild with the correct build target- rebuild to try to retrigger CI tests- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set - Revert the change to use XDG basedirs (mozilla#818686)- Add ike mechanisms in softokn - Add FIPS checks in softoken- Update to NSS 3.44 - Define NSS_SEED_ONLY_DEV_URANDOM=1 to exclusively use getentropy - Use %autosetup - Clean up manual pages generation - Clean up %check - Remove prelink dependency, which is not available in RHEL-8 - Remove upstreamed patches- Update manual pages to reflect recent changes in commands- Make sure corresponding public keys are created when importing private keys.- Fix the last change - Add --no-reload option to update-crypto-policies to avoid unnecessary restart of daemons- Restore LDFLAGS injection when linking DSO- Update to NSS 3.41 - Consolidate nss-util, nss-softokn, and nss into a single source package- Fix the last commit- Support for IKE/IPsec typical PKIX usage so libreswan can use nss without rejecting certs based on EKU- Backport upstream fixes for rhbz#1649026, rhbz#1608895, rhbz#1644854 - Document PKCS #11 URI - Add warning when adding module with modutil while p11-kit is enabled- Update nss-dsa.patch to not advertise DSA signature algorithm - Update PayPal test certs for testing- Backport "DSA" keyword in crypto-policies- Update to NSS 3.39- Fix LDFLAGS injection when linking DSO- Install crypto-policies configuration file for https://fedoraproject.org/wiki/Changes/NSSLoadP11KitModules - Port enable-fips-when-system-is-in-fips-mode.patch from RHEL-7 - Use %ldconfig_scriptlets - Remove needless use of %defattr, by Jason Tibbitts- Update to NSS 3.38- Backport upstream addition of nss-policy-check utility, rhbz#1428746, includes required fixes for mozbz#1296263 and mozbz#1474875- Switch the default DB type to SQL - Enable SSLKEYLOGFILE- Update to NSS 3.36.1 - Remove nss-3.14.0.0-disble-ocsp-test.patch - Fix partial injection of LDFLAGS - Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream- Update to NSS 3.36.0 - Add gcc-c++ to BuildRequires (C++ is needed for gtests) - Make test failure detection robuster- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Fix a compiler error with gcc 8, mozbz#1434070 - Set NSS_FORCE_FIPS=1 at %build time, and remove from %check.- Stop pulling in nss-pem automatically, packages that need it should depend on it, rhbz#1539401- Update to NSS 3.35.0- Update to NSS 3.34.0- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka- Fix test script- Update tests to be compatible with default NSS DB changed to sql (the default was changed in the nss-util package).- rhbz#1505487, backport upstream fixes required for rhbz#1496560- Update to NSS 3.33.0- Update to NSS 3.32.1- Update iquote.patch to really prefer in-tree headers over system headers- NSS libnssckbi.so has already been obsoleted by p11-kit-trust, rhbz#1484449- Update to NSS 3.32.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- Backport mozbz#1381784 to avoid deadlock in dnf- Move signtool to %_libdir/nss/unsupported-tools, for: https://fedoraproject.org/wiki/Changes/NSSSigntoolDeprecation- Rebase to NSS 3.31.0- Enable gtests- Rebase to NSS 3.30.2 - Enable TLS 1.3- Backport upstream mozbz#1328318 to support crypto policy FUTURE.- Rebase to NSS 3.30.0 - Remove upstreamed patches- Backport mozbz#1334976 and mozbz#1336487.- Rebase to NSS 3.29.1- Disable TLS 1.3, following the upstream change- Rebase to NSS 3.29.0 - Suppress -Werror=int-in-bool-context warnings with GCC7- Work around pkgconfig -> pkgconf transition issue (releng#6597)- Disable TLS 1.3 - Add "Conflicts" with packages using older Mozilla codebase, which is not compatible with NSS 3.28.1 - Remove NSS_ECC_MORE_THAN_SUITE_B setting, as it was removed in upstream- Add "Conflicts" with older firefox packages which don't have support for smaller curves added in NSS 3.28.1- Fix incorrect version specification in %nss_{util,softokn}_version, pointed by Elio Maldonado- Rebase to NSS 3.28.1 - Remove upstreamed patch for disabling RSA-PSS - Re-enable TLS 1.3- Rebase to NSS 3.27.2- Revert the previous fix for RSA-PSS and use the upstream fix instead- Disable the use of RSA-PSS with SSL/TLS. #1383809- Disable TLS 1.3 for now, to avoid reported regression with TLS to version intolerant servers- Rebase to NSS 3.27.0 - Remove upstreamed ectest patch- Rebase to NSS 3.26.0 - Update check policy file patch to better match what was upstreamed - Remove conditionally ignore system policy patch as it has been upstreamed - Skip ectest as well as ecperf, which are built as part of nss-softokn - Fix rpmlint error regarding %define usage- Incorporate some changes requested in upstream review and commited upstream (#1157720)- Add support for conditionally ignoring the system policy (#1157720) - Remove unneeded test scripts patches in order to run more tests - Remove unneeded test data modifications from the spec file- Remove obsolete patch and spurious lines from the spec file (#1347336)- Cleanup spec file and patches and add references to bugs filed upstream- Rebase to nss 3.25- decouple nss-pem from the nss package (#1347336)- Apply the patch that was last introduced - Renumber and reorder some of the patches - Resolves: Bug 1342158- Allow application requests to disable SSL v2 to succeed - Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails- Rebase to NSS 3.24.0 - Restore setting the policy file location - Make ssl tests scripts aware of policy - Ajust tests data expected result for policy- Bootstrap build to rebase to NSS 3.24.0 - Temporarily not setting the policy file location- Change POLICY_FILE to "nss.config"- Change POLICY_FILE to "nss.cfg"- Change the POLICY_PATH to "/etc/crypto-policies/back-ends" - Regenerate the check policy patch with hg to provide more context- Fix typo in the last %changelog entry- Load policy file if /etc/pki/nssdb/policy.cfg exists - Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy- Remove unused patch rendered obsolete by pem update- Update pem sources to latest from nss-pem upstream - Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key- Rebase to NSS 3.23- Rebase to NSS 3.22.2- Fix ssl2/exp test disabling to run all the required tests- Rebase to NSS 3.22.1- Update .gitignore as part of updating to nss 3.22- Update to NSS 3.22- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Resolves: Bug 1299040 - Enable ssl_gtests upstream test suite - Remove 'export NSS_DISABLE_GTESTS=1' go ssl_gtests are built - Use %define when specifying the nss_tests to run- Add 64-bit MIPS to multilib arches- Update %{nss_util_version} and %{nss_softokn_version} to 3.21.0 - Resolves: Bug 1284095 - all https fails with sec_error_no_token- Add references to bugs filed upstream- Update to NSS 3.21 - Package listsuites as part of the unsupported tools set - Resolves: Bug 1279912 - nss-3.21 is available - Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit - Resolves: Bug 1280032 - Package listsuites as part of the nss unsupported tools set- Update to NSS 3.20.1- Enable ECC cipher-suites by default [hrbz#1185708] - Split the enabling patch in two for easier maintenance - Remove unused patches rendered obsolete by prior rebase- Enable ECC cipher-suites by default [hrbz#1185708] - Implement corrections requested in code review- Enable ECC cipher-suites by default [hrbz#1185708]- Fix patches that disable ssl2 and export cipher suites support - Fix libssl patch that disable ssl2 & export cipher suites to not disable RSA_WITH_NULL ciphers - Fix syntax errors in patch to skip ssl2 and export cipher suite tests - Turn ssl2 off by default in the tstclnt tool - Disable ssl stress tests containing TLS RC4 128 with MD5- Update to NSS 3.20- Update to NSS 3.19.3- Create on the fly versions of sslcov.txt and sslstress.txt that disable tests for SSL2 and EXPORT ciphers- Update to NSS 3.19.2- Update to NSS 3.19.1- Update to NSS 3.19- Replace expired test certificates, upstream bug 1151037- Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available- Disable export suites and SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code- Commented out the export NSS_NO_SSL2=1 line to not disable ssl2 - Backing out from disabling ssl2 until the patches are fixed- Disable SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Update to nss-3.17.4- Own the %{_datadir}/doc/nss-tools dir- Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic- Install pp man page in alternative location - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer- Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available- Resolves: Bug 994599 - Enable TLS 1.2 by default- Update to nss-3.17.2- Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work- Rebuild for rpm bug 1131960- Update to nss-3.17.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Replace expired PayPal test cert with current one to prevent build failure- fix license handling- Update to nss-3.16.2- Remove unwanted source directories at end of %prep so it truly does it - Skip the cipher suite already run as part of the nss-softokn build- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Replacing ppc64 and ppc64le with the power64 macro - Related: Bug 1052545 - Trivial change for ppc64le in nss spec- Update to nss-3.16.1 - Update the iquote patch on account of the rebase - Improve error detection in the %section - Resolves: Bug 1094702 - nss-3.16.1 is available- Update to nss-3.16.0 - Cleanup the copying of the tools man pages - Update the iquote.patch on account of the rebase- Restore requiring nss_softokn_version >= 3.15.5- Update to nss-3.15.5 - Temporarily requiring only nss_softokn_version >= 3.15.4 - Fix location of sharedb files and their manpages - Move cert9.db, key4.db, and pkcs11.txt to the main package - Move nss-sysinit manpages tar archives to the main package - Resolves: Bug 1066877 - nss-3.15.5 is available - Resolves: Bug 1067091 - Move sharedb files to the %files section- Revert previous change that moved some sysinit manpages - Restore nss-sysinit manpages tar archives to %files sysinit - Removing spurious wildcard entry was the only change needed- Add explanatory comments for iquote.patch as was done on f20- Update pem sources to latest from nss-pem upstream - Pick up pem fixes verified on RHEL and applied upstream - Fix a problem where same files in two rpms created rpm conflict - Move some nss-sysinit manpages tar archives to the %files the - All man pages are listed by name so there shouldn't be wildcard inclusion - Add support for ppc64le, Resolves: Bug 1052545- ARM tests pass so remove ARM conditional- Update to nss-3.15.4 (hg tag NSS_3_15_4_RTM) - Resolves: Bug 1049229 - nss-3.15.4 is available - Update pem sources to latest from the interim upstream for pem - Remove no longer needed patches - Update pem/rsawrapr.c patch on account of upstream changes to freebl/softoken - Update iquote.patch on account of upstream changes- Update to nss-3.15.3.1 (hg tag NSS_3_15_3_1_RTM) - Resolves: Bug 1040282 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) - Resolves: Bug 1040192 - nss-3.15.3.1 is available- Bump the release tag- Update to NSS_3_15_3_RTM - Resolves: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws - Fix option descriptions for setup-nsssysinit manpage - Fix man page of nss-sysinit wrong path and other flaws - Document email option for certutil manpage - Remove unused patches- Revert one change from last commit to preserve full nss pluggable ecc supprt [1019245]- Use the full sources from upstream - Bug 1019245 - ECDHE in openssl available -> NSS needs too for Firefox/Thunderbird- Update to NSS_3_15_2_RTM - Update iquote.patch on account of modified prototype on cert.h installed by nss-devel- Update pem sources to pick up a patch applied upstream which a faulty merge had missed - The pem module should not require unique file basenames- Update pem sources to the latest from interim upstream- Resolves: rhbz#996639 - Minor bugs in nss man pages - Fix some typos and improve description and see also sections- Cleanup spec file to address most rpmlint errors and warnings - Using double percent symbols to fix macro-in-comment warnings - Ignore unversioned-explicit-provides nss-system-init per spec comments - Ignore invalid-url Source0 as it comes from the git lookaside cache - Ignore invalid-url Source12 as it comes from the git lookaside cache- Add man page for pkcs11.txt configuration file and cert and key databases - Resolves: rhbz#985114 - Provide man pages for the nss configuration files- Fix errors in the man pages - Resolves: rhbz#984106 - Add missing option descriptions to man pages for {cert|cms|crl}util - Resolves: rhbz#982856 - Fix path to script in man page for nss-sysinit- Update to NSS_3_15_1_RTM - Enable the iquote.patch to access newly introduced types- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Fix incorrect path that hid failed test from view - Add ocsp to the test suites to run but ... - Temporarily disable the ocsp stapling tests - Do not treat failed attempts at ssl pkcs11 bypass as fatal errors- Update to NSS_3_15_BETA1 - Update spec file, patches, and helper scripts on account of a shallower source tree- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build3.90.0-6.el83.90.0-6.el8.build-id6bb4f20cccaa348571bf32882d34ff9da9e1e553libnssutil3.sonss-utilCOPYING/usr/lib//usr/lib/.build-id//usr/lib/.build-id/6b//usr/lib64//usr/share/licenses//usr/share/licenses/nss-util/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mcpu=power8 -mtune=power8 -funwind-tables -fstack-clash-protectioncpioxz2ppc64le-redhat-linux-gnudirectoryELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, BuildID[sha1]=6bb4f20cccaa348571bf32882d34ff9da9e1e553, strippedASCII textPPPPPPPPP P P P P PPPPPPRRRRRRRRR utf-84076bbe95f160eea27cf2c79263750a2fba1eaaea7eb818602903abc86bd3d97?@7zXZ !#,] b2u jӫ`(y/춻i :9}D\2Nʪ}JUɕٱ*Vj?ٓM0-7n yN~qaP30yNH6Re8ڮ%{¦bCPLU5U{`\쥛6/oωa3oc,`!\a jOJD!Nh$I*hCpRtGUkY<ǿɪq]?A6̮#5}èc汾zVʿB ϣ'*>HXyhʺMLf yMҕ7OmG̣)3m.c(-%>_qU\AYilrhAndC&/S;ڽIsj.r~!*AUf ̍ZCֹEJ[7O k3u)IK7@$N1BbI O퇞C2 {mD3ܭ_:AO2 SZvg[NJ^~z|Z$6  %?*Hװh{@ɛT*i^ =N! 3:x`dѝyBRj}R c_ҥ+K|~F go?j>|uVf#$ݽr;hPLGȳK, `X\]S-~8-8/j?__]"^/(Jơ;V - 7z]|(rZ_w6PhQ1M*wr+u:/Q񪸡]},팅e'J\5z  E>1fѿ{ih8/1`ኴ@-YXr({ޮ`BH8>3 o.=*>U+#޶QYQң鎧>&c#v{B2E~e4 S : *hëw\1ETa8&Gc֖}IQgGzwgsirZڱ@s;<6|XN/ @?N tF;s@+_ vk]NŠ^Qٔ*d &bJ9fI-ә5BB2!!ðu1aF_(巡u.>x{sG~ltJ{~hauL`EP2OqIG(cƁLnEWѪ_\fSz}䵆&K螶4= 42xѕDʨ |RnHX:\D:@fB @݆]hv}9nWT%kִz?U;QA ]og% 苖cZQCx@'| i(n$RC[ \pV=7z ݥGR֦Z/BY#z=|1PaVp *3Lv+2_(BrS\Y4uˏ?v-`dbipb,ѣ@rU|wqskR IY B]Q  }-~2։'۷DNLSNC8~7>JT%54Uד$5A1/w/q"~D]1HS^OeCmFWzKiy> Aڷ́WYykG1MbHr=J igԓbucW>QĄ`IPi7rɱGu"Ҝ0F$ܵKZ yXw<8,b`nUG$;R?v#Gx(N\vb҈7V%ɳ_8ɂMyhrt@F` $L{m3)ݱ}טȞ|JBtѲW#ʐ r_2Mtf/8jYMjWAƣ)?B"i13ߔi >^XiW2kD#[fka] |'t(7qvsV<דZoݶ3yt@̺ (#V Apoۉ}ة/fo+ajN68NL|60ؓn@R`ͶR"D}m(A1pj qz<̈›)e)@|jzkUσ ʉ9ZєM'M9h<&HX+| Rh=ʖQt_HRydJ+RK -J G0'0X͋l47k]ZCl}1u6쓼jNXꒇ*92r$9]3ozPQV5OU vf8W.i>a Hd i#Aq=޷B0Ŝ.QlRPťZ iqyHV9xВ48X4u_t%8t]=ntq^XR!jVG`QzVuNVhzP .ػyjPbm.f°4a^4z$gGtVsR|*jU+Lpk76mV9aXĒ~A޼XXWÄH`pR&i _­t6oI+Q¯m5z] 3H2nk (F(I[hZ黻ٹl̰MOKdU'Y bx."uF Us RrU H 󻞳q&){ZJH҄ p[|į*;jy6YV <':B '|%2<5 ҳJYW~s ,~.W9Y{s(S\&F<ᲃL[J\*~dW?<+5646҄t4aAz}*7ɦt¯slՉuAR)( iGVrbES9UORd\H}#ݴ=OG!sБ&f)tyG(qĐ;|y~{ܷ # > ٽc#v^r>hZWVh )\̮)}b42>Iۓا\G6RX.9V8m;Y 3)d1C<ݤX;[c 3c(Y7oy)}|϶l8 4ғ =*$ѭ #NI|jYA?E}j_9Dggn^Ƣ^[BzȨ &GƲ σwvl]DAz~4ÄTOpxZrߖ_wǰe0I%rfrz9G_hO9~.@Bb $HX1CdzՊN:4S*%j@< H94LrDtה0A2jY[xWeeirTjAw U@$ 2w3qёL#TV> ¶L"50P-"?Ԡ3z*H>)WP59;C=-]0f5ZKg}8mHJ:9_ A!:ϵӍ -? W뿏Lg~ N"42 އ娦,-Ʃt>ч^t2@Q* 8c'I٥ pľ4&gjEeF7Ap8MkC>ߺ,wj0igN϶9O-G(pT[(CN@&2eYmPQss@OӁ2kSo4g=M4c /JdSq]}@Vv~j*/IGbrג%.K:%wF϶ *RμJy%H/e{הCvGR1*N9(ETSbg(o,(;,Ln&NH|b;tG@pi:* ( h)$b`jqߡA )s}+">IBL)Qj?K3bi ]s0':TђvU2W}dh-wRm}C:sԭpHf1ji Ϥ@٥ 6)RsAv]70gr2(>q%)GN++b]nAQub`cţv_}*Zb2j:Zu6`hΛlbKػF>P4'>g/i2ʛoo6U?4Nvz~m"ub :6jvKQrNİ6r^}Za"k7KT]lՂ0@3^kUn` gٶba֣jiH( _Mg)]W&Qmǧua$a0+GS+k UkAzY wcmSLz,l:S"(Xter+wAxj //;EȻNΟ0e9sc jO(KϪ}p;=,yXyK\3y>{DDً6Ab% EeYoiF}96ꭦ7ט:,of̸͎h" 9z?:qHFXMpQТ'n\>XXP然*CtW$s5.NLnԜ9bƾ1?K)$tR}216"i^:E-~0˶<wgؚ v:or%d(&Fj /Ng@= &!R^PsKtn'R`0E\QcI"J 4G3`!­rx2`9FlM#?eð<-&G>#@j^󦛡o$Y4.nЃv(h4؏kDqM FĴ_b4]aBx` 6چ=E iau/X ˟fk%s[Ht&߶7*291e@k?ʽy[v>2٥d]ԒV=]yUh Mݙ^XAO,9>_NWd',c-k@x,CQox 3rgָ يċj^uq>V#dE=[+nIifi$dtؚ9R#! .7IG+7|{Ȼ\bi-T%;776 74ƉaN(븻$:qq,7^j{;p9F뜰\ (f5:#ŖKoN!WGJ􎐯QvXt_OY({c8 @M_ވSn5އƔHDU{|91_C*$vf$J #d`Z~9vj-Xs1i $_,Yׁ/L BNbvrLmy$ĄGPAxmëڐz]4FSZBYV:ߙ9'Rc2+9)EفL`ee[A:gwK:rgGwxPv>K5?¹g8o8iTsvgaHQ[:}>ڤ0y,bq?;`"&[=&ukP$sT"9 YNA,kTm/ ͇'3u!ۿL@\ 'f(9waȷ&.]L}b"cYPx?4g >`7`T~5!>Tӳm=& lQ> AzAD 0KF#at,fu?=\ض/&T ׂb -iu*$GY++PS`k.>'vȗ/W$lw!iǧAeR׷3{i] &;4wހ JӍu>OCp@ǯwu_.35G_>|)佂=rvƖ~^J ).{w/9z1oa|npB,v OldaDuP/wޏEAR6 D}U/mk, :}G)Fz"4_.U#kuf _AJձ[UDUAPxh }sIӏzF [.Y:{f/T~z-8Q\rL B "X":}2ՓM8ym’~q=l^5z,1RXZW۔׹r`, 9HKmHMI<MjF) ى .zE 'vRhͷ)A -*9{jo"ުp^pa͔}(B(}r ; W  _G= ܥVcT_SYH_C +jNDz[idƌymZ̭7'wFsj rT-fS7w%cƓ[nJaeҜބX{^fY)В0ֆ5țFwC@Le:R,2OQ}dS<%MzɧWo|Qdt0Q:=mkā lCEChŻDc OrruR s}r%-|[$ze+OZ o>ܣTY7XF5&6 H#3m 9HsTeV6o͉ ? ۶e<]KLO ]|SKg GCYWSqpx(+n>t2^5 Nq75~t"M`aR]ں>S^pL1754s)Ta#xw|:рBj8#&zn}S<))$5Kͨ&! vd5OZ#nH02ZHF-VŕT/&nTW:1Mg6Z㭀ߒZw% ,\˷.k!aZcf*'y[d={Jך*8(ORp>imFfm#^[^Eϣ08P3"酂sU51h) 3k?Cݜxb9R\fCMTGY&6 ,[8Vš}BYF{~bCA5|ΚQ?l\^Q!E[m+! Z|:ZȑbAW|.SG|ǩA4Jgtڷah.sv~ ίo ~Y솉._b v[4u@g^}lzxnE<:m%EI?;(𸖅F֫Mf3P8:k=f %Dq{<5%*uٶ5kd5+sDE~*1<9S:`A憄9jX%׉TrUʤ1 *v_ԳW&0!?,Ug[^mrE~@jݜH$ŕ2"6"pB\gAz pT²Kӓpnj;I/"ޓZ>oqrz~ȧp gUK[LHchWiy]hUdV0z+[!5~}_ U AD1NLC?Xc7b8~g7VrAF _Q Ss1l2]V%Nēm*%h=,zٖ/Ʊ@ob!3RgY\;k a!Axv͘MF@x87OpR{$>"W }N@~>c#8Dqkw,G5-󝎒F`fPd [\Uh{~@vu#33$?5A[ NzQpUt+az<5l|?'#T4&wiJ5X0/i7BT&oEE,/Π.Nm#*cPurj3 Мp6/;}yDXΤEo {O1uΓrdƺl]H}I ڴ%UZwƱ>(gQmP!#KKHƴ)-YeE' ST@]i@] J_-Kmen&kJAcgb)B%3ASat@=`b&ы P(hR̘a٤)ɨ~'úzsN<+$俁6.6=fX灋}Z߃- 9Сm>5 55AKL|gX>GD.lzQah6Hp]UG@ c!ڡ6q Z;d(R dͦ<(kS;g<ēgRz81E#9O-{IP15!rXmLa,OA,-6CX|%a/xiqr>naAwy-+ y_M'a*m} 53[ hmGiք4 9$W!aMYx&K_3;yN 3K?7Z#Z%d̉OZ9_׻o_%Uʝִy  I U6c\?@tzI-eA+h98\i4R(}Щ\:\gUz@v% g&!js姽-  t5zmSUĖ@IϽ?!sf dw2G9]{lGdaa9gg0o+>k"M rC&fU< 4@ AfGCX@ 1CoBUkiFw5a WM:A;&Eo_"~4l.:Oc%=ZSiPε~@4JS_KE2d(Kfb=@Y% ySD(pU29W'h>@PWlN=9"1мY&9,qlN䅋N Ι& U^nJq5 `v}? ѫ~Dۃ5|B6SAP:}3p$o]'dF:K?A,ϓeòr2yˤ/#"P񞅁'ݚUnWZ=T# f]0w)Ѣ]p~lur c^1skMx~ *嗢 |4!*;ɇ6uSP=U1k^wtoAZ RbXhG'ۥH_7^ɧ PUD:N@d%9E62ٺ *657 (0 F#lLČNC?uq ;z[A(T%N\dttzjBdlMB82/!Q!0V x^֛og>~Jgp v l.$$G582EZa1wX,OS'-V,]/GЋIS|{ w(Z&_̝:XvmTQϪBG`CnL(Aυ?> {V!˗J}W{֔3ٲ]SLۣ ӏq1Vq SGVWP639ıIcxiGgufbj+dĕEj8S-'UFk~cҞhw'ik uE>Li9lu=N@uj4{CDH3 UE.z ,Pˋ2?/FioP ^,hmkYtOCE:_Ou| a\8b35e2Yb*s kk= >u| rW_R6T*jbak{O}"Sj2Zm1kr$kRyq$Z ^$\mMd,Jtq핒2r5uѴH@MV<ųnzЬ|TӞȱ2NP9M8z* VS"H=jRq22* j" /;*dyOwP|mhTet}>@`\Ϋ/ 풲<@~Ed> 0u{{Wdz{y8Vkϭ(t'ISwETiZ:)Bf`%~BD(I9lM˻R?:ҏljB9Xp}AD za6y!y^X@Iu`Ez}{}%Ÿ@2r`b@BuWx] ]N&`{JSEg)un'l$9rEF9YąSuz:]㩲ˢσ?A}r ud{;SEB+<MdL|Oc89쯕\T(ժp|` U>~7t,Mp,?8h[G(,7Ͳ mkxcv|OT@Cd'Gߍ<*"T! j4!25H.>ߍy Yv7׉_{/fK{bs)ɮt_@g9gr7ꭖÕK0%@}hvև7GqbyK;CJ`u844ϊdݝ[hDwբb~'@yX"IvhW !ky{*G>:dЛ߫ș&1&kc^f:XC" =v#KGd춹~Nbq8zFIkrg-G2H[:wVd@@}A}= Y]읡W; 2 W|@Q04 ,qwか{%ۀO$+>֏ .kjt{FCpd ѽfuH^I-(ٮF◄g * ݎt᪔?ho'C_?R}KJXΘmB옅R3LmJPz9 8¸Gxp! ͲJ;eb.)@X,d "yEZvO(a}3Qt6:W1i9|u! PJU7!q*YMnzh <JArPe'./'4. sPAhRKκ QM9d|8'@,~&0Ə[ .)eQ} sΘ~=}vSx?AZJ~N1(E똡Ā/5YJb%$Ej>sJ.<>ziކ1`RilwXb!u֩[8hUފqPb{~h}76p89CւeALcZܔ0c]GLy(Q04DD֡E8'G6ߚTuB ьچGX҉wU _VLcMF%jSچsO| Q  ١bލVaN粶]%$lY^k~Vz/1-7ߖ-茡o KEIV 2H,lOonb80FyֱbXxwr?8).f'( )6)ONx(dՔrSi_7}{|NUMl]^*\iiDF,9Ll7ck@_ v1"vN܏O6*M0R: #[(Qݍɟ /͝Ly )%B]r~( &Ş80l W7 ("AwhE[/lCsLD/=Ov&jsGb/P(S$4QބTDK?ěUd7.ϦJm9=$oF}&#no2WŋhlIŃ j44d&VsT*%jU5wg6P{3|bX|u6hqkLv~ qjUwrvbW  ɣ'/"7%Ȝ:ZPnBzm5cOK\fu蠋1Qv"G W|=D6cuu3JR2f=*[ifT3JVθt7E N95 ѵl} &TELjr/;τ8FϠ%T,b:2?DS{i5\H5N^Rs)8cz3vRRZir*j443JZQdQ|8c6y 5E7α?L!fAmޱʵ# (,ux_DWwξX\ *Q;+{B1_n\WquռDDa%5t> Qpdz :sF)j]P]u)湄V8n̑v?Pi77l:Q˿2CØ+zj􉘇 ¤jS٤"g+p 򰅜-YC+ i>ۅ>*M#*홭:jQ7J爜3 zGe=i7" /jzt{RU t%d=4UGe:,4\0{:cbIO0S9 dDQ,iuYu+!` &PC̦ 7f'Ѭ~@Nm( CveAWQQk"6Ub٢!4]-ؓFMZ(.pl@%Y#)23uw`1$1^@@tK&7=juaH|g  I"n# =wb~SdVtwp.}Qg~ Lne^"?&3+K 1/Fxg#&7; 7w>w묓_Z"S\j&+MMLo>HZ2ZSM@.էCBҴ+5N`~9785XHе/\5tb=vX%E\XRRޭxEzV6q `.>04k%$7{ǚ+ ^]z2CX$TF( 6ik&4誋`BV3D !ѿcƣLΞ ~_J.So-U#-Ik "u6F.V'WAz@8[si6"mw}(k4}sV5g :0,I/y>g RD3~AĤMقO!v^ޠ+Wyt~CUW-0ڮϻs\3yw^KO$vhg10fZ&r\۩*ZzDa1 ËŮ[DD4pbKK]+ۑ"dSb[2Q7H(faȌL2W$+((9XVeXnR'D ɚa=="iEK#~cbV&rUC0F1&xwx>L<sA}qCbdryrY1و$2u;o 8;QB,g/FO bgSSi`" $Xf1:~vGtlo8B#N,}ͼ`<ԱH7q>G2*Kg4p)p"& cvf1EpLjFIlXG[N?B„&1p9κо會܁H#2vŝd N ֍kzה$37Fk^E*T7hs1`2nFcGo-e+'qs6+ѾtMě` 6J訊(uoм8#m;_ȇrtbb.(_L$D}%w2V]vzI_r[Wv§5ɶt[z(ۤiid*k& SuH2 jqudX;bZǰ֙R(<1 4I İG{`otMN{O{2qy91%00 ±ErB~*2KD7$T*,Qʾ|ŠB@X4v*/+ب]A?}y=# - LBy\f|?}'.P~v,xlqDKr g=QM| -Ka$U'&W~;k-qY`_{K˝bJ7[#5|}ĥ@Cҵ)TK᜻!~`g4pzw:o~JT#1C\qh#P8[@1ZɃ{jw> ct]:Zռ)7!gX_1jҽ0TXO+Aǡ`ƠaI/ !_h/C$]s -hq%J8/q ؀ڗwa?ؾ!<_Vɱe!&)q$Q6& JrY,? | mظәJ,P=1XCOXxj$bNXz3XI@!J]DW(+K]#!ʃ(骭}qrk@}fQ#oѫJD7&Y}z;³OmBt꘎?Zc!l~ & ShJ!_( YtD='[szLOwz 3ANBHKO ; j_L0I4~fۉ|I1?Vكա `VGtceUKsw(~ӷj04lUIī^_[OFG3!V\ lwݞJn/&SD%M#`y9Prkw*JDGp)cH͗ErذmO rFF"r;ƪ f3\}OsQh!Kū4 (urp=[l8fȚh9Ji gِߕJ}O\Vz_,T -T"h@T xx.8)t24l>xjP042Сʔ?ٯI(Y /*IN~/Ny)QHwp,/DEtq-HЧ\6qR0c7pHA1\,v\3e**CA1Mu{և }àoaYpxBAG⡋^L7,wǓU`xo 6j+ `xnjX5ՀBl_-U _-@<3E}*/B_[Aa#?*(lyP2:q$;-q't"г4FauFkzug:-dG )Pxc%x3",51Gq J<2+.O"xg?yllTN>ܮ$á`0Q@ `X)krpF"(89-<25Wh-6 ַRfH~ӎ:UjQ呇~A2v7~%Uq.H'bge(x)Šͨ!>耹2T5sFFv{Net[2Y˹q:ىiVں緘{ A~B6=;=O=~vMDc@|5OXBl$<<16R>?4aWU %p3 $VjEroN;Mw@S$$@51@^B"McZe^(_Zuҽ%\9HTKXN=3D@6K~qX{:!o]d*koXC%Q>"Y%#wPL0ްVDKrGheI~$,ڊM"LaZI@)8JdM߆vιkw%e"4HO/UzQĥўop E9GJP TsU /Jc+ 5V4]b@›{ ؁]*Dz)p;svYal\$}|`{Y[Ֆ+#U"7V'Wq?rCM5]&0Wē Oʩp; 6j*͠ˤqsJ: 1ǍW?un$ sinyM; "C UJuWXj4yQ-|%]v88#>fZ4UB 1ô*-F)9d|#C-aB# C(lzBwj2(ff^Utu*jǀz09,r7U@痸[he]Zf3SG΍gZ{jϰL[]Y%1BMCJ .‚ĥl,:WgAja2??9 CI:m´0@]6o2V)|th&s5- #@ֽ֚a(_2˭X_ݔWtEY1X؆Cʐ̍bu@]t}8B3l^" NNZ_ŧM.n.jz}4-=E!)Eg|Ȟ^Tfu`gD٥/+f(H4wU7(ےr62[1ڍݠyRzx"_9?N;пIG`| tPU'.rIYCFߊWV/c% tHӎ2 Fqڻemz?'9پkyjt͘)wn׽ l[$hD`R#z$6KȨ.M?kkB5 ÔYt0zZ|R SrQz&ds\.Cd} q.Az\&ZSAWxtka7APn愞 9b .<Ȓ(r%ï#J`|&#l?HdRE`sݨz,Md}CǠvv$$k: =ŜDTr=?iKX 3#Z|=a,Gu)0Ge_gizl vXNxA%'mҼ;ʃv ]%g$L|>K]3Wpv:6:^Z< 5C1[M_t'W !D%Mn9'jQ#1(\tc$j:")T̐8ZxԤEjn2%p{b}}13"L??Z;t\VU*:n#(x{"9(Ɲ28c0/)jQF,XIH]DCAgmvlɆ+"JsmRj1+|.+go2sHWjEWEOxe(l#=>?N&]_}Wam=1>N%HH%Œl@Uq/SfE7獰E|bG-^VW˗9X׼*CE'%\7,^p  .oTAٓto՟r}^AS;>vIjgDeiFwHWIrPpr&B$!;^XZ'j2 JL˕"QB@G`vn3V;7zϼ$ix2刹+H0AwviVEy_U"|a3/=^X^nWS['ueƢMZqg^\6ʱN07%q +hjR?0OO Ƃ/at8-{Evi^0 P7 (1+jikp5ꉔ4ϒ%ѾuSJ=ٸ"1lDȑl2 }Ө~ 8L= r챺WmlA32Uq`t?wz΋XzY,zϏ˩\Izo~7nיLDBd-|~KЕ+NA<]~xld~>fe?cI6 z)]0arlp (ʔJ8F3yj%N8qPZ(y.$aX~ PU4BO6O, 2o߁?>֭ v&h ]Uzm@ľut>6u>W,EJ%q`ddzK&vXU:MY|MuӰb=&`R3b $P,=/LY1ݹWNcAFEi?Fהl/e+ -qD7:{Ӂ8b*PdYH%5m={\ASv ;bswሽ&(&e)L *A<#޿TdAA9`{Ax+5~+&B#.AUm׆ϫ]F.-\cM:6L $Qbԟ@Xc@V0A~g4pba͝;N .7w5m+g[beh}j?5Q,T[n4x>iNT5:恅4hL}G5U~rPxY1] kcã)@a24;X3ժ;ylQ'Sf D"fR;yʓ2߇CD ;k]\2m.\bO\w~9|s9pT>']g$| ]mM%,[Ђ9ڵ%}(ǮT)Lk$^aM8tqA+fU D3]}[ ]4ݴk0PHW.yL# Wh ?\/1^s6.L=I\7h?Ĉ^7Dfd 8^ۊ,.gG_6UCWƳRI@BRjLQ-~O{5MGНSD0V Wjg4\t}KxZ%Ky|$A'yz%Y@m#b`os>0tot 2X˪uw吧:;'qF1 N%lcg{$&޽DڹPP42=G7vGO{hHj seI،H&dC-c0j<׮͏ Qh."vz ށX2w[M!y)B[dՓ#MS~Mz ?wuiL0c:rdĚ<xfNNNo) ?A`Ĝ S)O{39*(3!Sqb.y~ KQ)H5Ru5h(JQ#Ec5d4dv,9jŖE|\j8Nv> `O ;J@g'w=KU3]I Wb*WmYns]K![~[B lӢս91"O*t,v1nąhp,\? *ο٦y_#b3!}aЅ,|٫@4Q "1&9فs"* oK6T,K< *0%$!(``C?uJp>oLqYPt.A>KWlG(K096Ti>^v2g'Ʀ'l31fNdLsK劭a\2onR4rՕ[NRHhpuq/G&U A@ҭQ;?rZf'\''h,U 'N\nFOVHBK (SRzǁЌ9j֟>8RF&PLճ$ Zgj= 3rCN彰g Xw/q5kPЊ Y0 d#+8 (܀O" &6Ԭw,n kTܬ"DЭ6!bTq`1q B'/^T**cO'Pn緺pgRvCbމX")bMfg·`c*am9YegLѠpz` ox Xū1X@]Z5*ȡcKjd蚯 @~>Nn-9x/NTqV9Z;:iT +w2l^: 9P''ҍ+ڱ Hr\|]`@,م,mK\\ Cfvw `}@pja=pS5#"R6Dk+⺯啶d3Xs>`.zPS+X*]B 4SXݍFuqYĬrF\_7-ukQ?l/H-l@[N9H$, L3_gpoߧLr۔0XXC@C\6(TvSmIzx}cّ]dC. D_q{Tre (r,as 14.NP`J{]tk_4i} XWvⱕ{eS_zO @دr[VnDye(+1a*r'%E&=<vxv'#~e ,!W&j> ]l3*ﯩؽϴRrZ9b=q +sPbJhҩr?Ɠ?ׂMUZ˺}(I]/yƶ]p3GRW 5`NL\Q\t P݀<ؽ@,-1vkEjqȸj J3 6{Uzؐٗ1+F(-<đOfAz PouvbiKWBbYR_@Ԫb S0ي>;_)65DR+ _]F9uwՕrvܠ>MRqՕHpX<{GE9)ᗪ<3|.vP )5cLRR~mN!,F%A'p^/U/$x ?WϟCuT #x<Ey)V-̧ںTà$?t"Ïfg 6_?@.*Qc[oh١O} 0:~ei@iʱ|=s!p oyG%Ajbj$&@ Li2)Or'&"D^2O8z9cyJKi$,en vv0]W$ '`7rrfg+sMy}D 0i7w[_)4JA dY<>`taoU7d4|4-9+!(]R+h.R `fNT.B7#6.n {ATy :5t=BáL4GQ r_8^8_iU6ߎIY[tZ+i{65{*.BƳ{A.d>/膔!7ܲ> -*t,3ɒ$F1)M;)-N\avT<^l88+j9o,h-fq=J2>5gg z蕿 06W}N!vCh'xw.ڡrs⸪Kƫamlʀ*9&aYa4Gʱ3qXOq%h|oi ~5N@!o馽ϥ@#3Gmm:C >ύ@"rl2df \*~x!*zlZIhLE91C*^I} 3폻R!FncHQ^ +,XѰ;a}\,n#ެ&@.6a!xP6CLj ҄FZ-r[B ^gUNozj62Ru\ahS RIUSe) wY9 -Ih%lNq2to`qBrtRK);H Qo"oஃt I+?:}3Zl=-Mg3~"lHgzB$D2@ZW<6wƻ~׭h 6.JJ/3KM+xmWK&I4^}R{IOˊ@q:{㡊$rO<`KnzNXa.Q_e1X<Ac{Xe8⋀ilH*eU7"₵9k1LgWz@ ,[@ւg#nzV% ,S9Δ!4%%ľb!(>{w%F:hOW _@<'CzT̵E3uW^54c,͖_3MUV˙m~ǫ$c[6k){6\v;/IحKcv5[l8%4G Lkm^BK.|qcJy颹cKXUr6K?שJ9{ X Nvj PnG9jfU0t} sjF{zYB25~5W|ODI}l/=2m}5s9;ݡs@.cp>vF:[b"1ֳsַ7IBIުY,rkė9!lx SVi.t.Grmퟩh=szkv%[O[^Ĝ'3i.a qK4bB_Iy9E|+#h⣯Ĉ/:s(ȑW=yage6'j@;F`l3_S嫖7k[i`r΋M~d*ԉE*cr_p" 4 ~ ςLcٌ% 1~h^:,>iͦǟp{uGt4 K ?7|T.\q QVR[ɽ'jI1vO#2mNH35ftI*MJ'M3'@}x[]+1ʾźBM[2Sfy?!s*H|MHUrvŒ:}z6A ]x?B燿q}eUyhǘEKڳgd.abq2.Tj']fb]0hҚAu9nvL?ڛh ҪvR!E(D:W6mR39RQ|mܤeXl>z`j%{Ya {b:1 ɘ֎ۀQBnegWV"lYXjFʜ8:Ec/7h)jl#-ߧb1_f2󽼼v r uK4w('V'L1:TjR=+:SBB%%W'1H/qJ;X)D÷c^1]R,x|e",@[+ L|w\gߪ{ԻOPѹs<( Vגf/\:yH@ Ysi@`x1UfMyjp^Ţgr:I[7][< \vqSpyZ~Xed#Q J9qtK xL$>a[S`h8G<%~N" Qr!p<;Gbζ:M񇗉2'Pu]I~,RyfcOVRkI[4~+īr3hnl25άPXCa]+Ҹcf[X]5> E3|FMjEu1!'=MuAO:+Po63<*@fꅯˬ]24Ui!1<Y s~ ,-9ڑ}M/6&O}gF2 kG.mL-1]{yxrme]YuC/e":ʵhVdvgȰfIҿ/yRr`'xWSCsO'=[;B~5iFkdo7mqplğ-EBBWP` 6d(t 6J XfdDDʽ_"9پY^`p 1~nk=IâWH^'P.Wiwi(XQ OyO3h@慆!4I*;]Bh4UOۙ?+Sr6;^׍A({)R%*g!>8VU eNJ W$`EGIQ34os.(_`H'nPX9dh}14l"j٩UYfXx.P4u,3h, mBtǬw;z=aS*g9]8@p; Hp(V}Lw S`umk/rVDo{0 Rͩ /QΎ%ÁS0݆_q8Vw"KO }{aPAIU^S}NL6OaFq቎bA[]m(=0K~%ZuL|7gC"z#Iϝ V {Ei PM ﴦ3t &8֮O*1GQnqtf\kpTs%0^9;7Hj\ `s_E}QR[-o_sq/Wo|(iy%[+8)!LkG(ץ4&d;r4ʮꚋP(h5qh}ȘPI5ͤjRQX!\LbFꤝ|$JjVD$!n2ۊY:-egCVeɮPHK§E^y_ +5^23օ=YkZE)+?$EB$mԡkާBs)OS ~i'۽kiPwѧ?HjFxurIWݍ̌Φ{X\3"#uWSUY6 ~"0gt%>]: ,v#NThݔC#bV_h_~^N?4=x& )֥SKJӇ1T0 bbOiX Վ  1^J\+V" 1㪜_T-%gIiݓEx4L}I3]ĹQaΡqlj7O=(/$'s56)e"*kݽ=` E|Re D!p TR7X_#ka ׋؇Mېt<ELJ3,ˌi׃ڐmP "EGԃ~үS$TgkÜR*-M[D$RU eUjY?uD;橽;$[ ?Sm]*'ѧG9 tTΫ)wZ%Ig3xFp~PRMk2J6ZvlO1)\e~96*lΔ#vEZ:7lp"n΀I_8z 'R[(:VXDuʔW ԽѝoA. tszec|lGYf2<̙:F)QZN&t: !m{](;[Gea Hl#^)(1X^ mzЀ K*= F$Tw7-n/\F*#GjEa#3t @ÂI:Kt=auw@ I*l9(r(GH}-ro׮Z#MR窬(.eV؀Pa8{U:|ʱWg6n +9P\BVUOe} ^u46h,Ǥl:9Ϧ~T?\!lTVm3uUfڨH[RJ7{XVhl HCO'E-%iPc K`L+tUX +~X39$^Iv, ;7L{n. }wݨzO0oTŞ,Vp&>|7BV dQ'Ǡ|o&[ }<鮶Jf.a(z˳v&;. 6{p+|UN#T\6m'PILϖB8J ׄ~NЩC_dJq_ }'\ B֯"h5PSYvJ1eߺ+=>< ;_ƯnYbLb%4UE }ι\("t*dpEYQ K!W+~Uʈe?ҋ՗3_h#J&lRz(v؋l&hp=bJm8l)wZ^0,S_.!M lĊvxd[7CPۘ#`5CSkVǻMk$!p HW`֘}j:vʀߢmQH G^Fx?r=Z˺qc\\wCaف 5x>ohmJ]Ftu 6rOeuIכ[U:"Űwiu6>Qgg:MtENf.ku}0:AHF=y:bz"P\Am!sH &ɕP=F#]n>ĹabEk X=*0zCN|Y[En3O{6L2y3IT.&yv"ul،gVMC8,݊[>V8 fR G3#qM-I>AA|H&N>Õq28XH1!¯KR|y?.7L JK= dZ@Wv@l Bl.+tJ:fiyܱVxa/v"KXQfao6DbR,ZkM{UdI4WܝY9VAV{UFw3o>=2Wf'<ByV16hL/0 *oh}pgU `Sf B/ƃ֜^sz[~]/XaCCF`@"gB¤S%'-ll[^kt>zŷt[0(o#oi֪!L*ț"+&㌰AJ!_j)C~wt$=`|$c Šrٍ[dQ,zM%wgq/o'K;@J ]Kb<u @IY֏ЯB`ǟ/4ioՔfAɉᑣ=* brh̓v {I d+*Ή\/ Z9+eQC0jQpiu q.:Hx@Cԭqqi'3f@!~\@gr86ͯq7Lh@JfKvUxH (xBHlaHxWIŅ7w.ƉnFf%6GVrn V +VHjLTW0n2=Cؾ͘UC''iV%"@Dcƚ2HZR~(V{.ިoE:4&r£Ǫ>&$>xIλft&&Ǽhĩλ³1=7aKv8ǔ9ovC[j ^C*S,+j-ۡbjtkcߝj^i_7Z\L̉)+Iј5]KR>7tS4 7C=夒;!(DG|n8l!7G%_kHwSrɕ#! @U9kӳPo(14Db E/ +Ô2/5iӿ]KǪ~z䧡zCmeѽ"8L6s,tsWy@~3GOGxf`7k†{t{^M(Y"IgKeɘ &fvCRmevq2I[2LA{JIxF^PY}fO4 +,%ɧMlMy}%!=}U*ɛN&L> %6: PKw'/Z_V8ZUq\lv /m l|HxLwwY:KDVk6؍< 6ЖWGs#$G 7 Ȗui+s+l<WzPf/AsXIuh=‘9Cdq$Et1텘]J߅*6k-9mN?f I9tI&O8JaUpw> j/\7jے/{o4Ij$cȹWŒY' } ;ߋq" ;&F[yL`D#\_¿Kf1@ @S8NDyUA'׏C)Yׅ/[Mx =gK0D_d=}|Q\ (nNyM1һQļN3ud 0 AۏGBc?U{j1O 4P+3ahZXMfY{r4XA?)l,Tt ']ddq{ ڋ:R;&2OI{Iuhu 9vNLa^؊5jG#/E WovTbÆNMuՁ "뭝,/6#o!?j`p|ѯ]1)萝S/_n(~lƲIt lXg.D oqP`vJ?CqFLr\U t-N:{|TgNx:*^ӎ )2J{یϗ>GsOF嵜Bs|8FvI-19b`:8h "9vWZECHI"$-Ut FktyMJY?40xfBעDǷ$ߥ=_j;. prnO6R˥[8)ggGz6QPfo5vF6:5j/48uI\mU)C2{AS$R-XV p-#2E[EŅgB#rD'a)Wr::PVz&侩a2^Na[2FC oŅ}"eFƎ~Ep0o~QL>"!6wa1*ZU˥`0)sC(Ruw_аK_iG% QmO5,U}]夊TrI[NiϠ  &9T29<6i;MzK/^aADlއRL8T2֘f@1Q(ÕV6_W/ɮ,Ҹӽ_V?XKc9 *LӒxdc3. ,26cK7uX1&xUt2\ՅL̵&PUi :~UnL+D bK$j1kLf+yT P$М2r慅S R-Ȏ+oNHd[qjEAkrҽv>a8-b:w^% pLUI$HAзm%pNZIg{l fxIH=.$΄g _w^;Ly%_pN%@ՏR.r0ǔB6\ʈ\2bQu+_uj{Ndé{ӔO p6fD5L> 9_ʧgj} #2{ҵ/ d Wf)#qq#KTk K\PQ5KXsz@|nAchZ6h1ĥ勄WӖJ>/lmIƅu;࿰G#ɑ0o>/81?fؘ꛶߾'86TjMM&V+s%:Qy]vױ 3VE2D˫VD/S,?hg ~SB2.X:c܆4pJ&x-Uރ"A0.2YCf0LiBQќՆ*cqgqc\@k5"~M%R1bbB:%T[?H@)VGA 9H NHg2#$w[G/K:<mg~^]F%CCZ)O Gf\w" EJټ1`@66o 7TNBhdGK ]Pg.x%P8$uKNn FFGi!W`i,;r>Bd/{pl`kD|5pXwbN_[omr~FӥqǴ4ܱKektjZ%/oـ~i;v/B(XZjv<1k|;;]{JV )?(BK ܽK(#(o_-LM W@~~U'[.pQI?E-1ƫ׻Dջ%ݍ$3yMJC2u lzS!vӓ:Ft8HT0} N ݸUW=?:j乇4d?j?R\+J< 4ҙ7wq 6ڟ%PBiRmټBk3qG߃fD'icuQy|ʃY=VӴc/"tBf!Rfw*!DA5=Z`~"HDCQ ӿRUXI{+:Unt?!8T§'-3F}VUg>ۋB 'aC:yɂ"8&9.<.&a(0]Q5+R5=޻)t#e|v%}8$#M!T׃pE' LwWa$J*X̶v_aceTƆD:eXbcm>V7kl͵MJY%0 z d6;Y)^YwoT 1w |:[UaF݇wa~F.E@^7|WbTM81j } :솶JP<ЂNr1*^;xN9 ^n%mV%r7p&͛t$UsPJ~k!)P]`ƛ*Pd^AZ&KMÁ0|Ns49W?h9f׉Ku@Z,&H=nX__Ye+!y%[-ѱlN7 'b̿?*!ݯ.^s6>/rHHjpo:62i<~B?k[]:wmIn=ө5U4;1LJ8ߓT+Ҵ~AO nyM@'}5dv}Mss닶U!|*<2t\TyX HGƾ~|\.XRXgvS*G٨6%/߸˨,DfQ+·dNX p_h 4=jpye${jהȱ.go# #Pվ-JE[+R5BaRZWnOMc{ dl \ ܛ{H#Qak*6e1Wf8 !n&r@˫l 'c!l`gtNk5pl20ɢdiTQ eB17/i/PGx(vJ5gPVQ9% CG`~v7H+V.d\EBۜ)~ M ҇62?:O;j:(].0%WC!qBcu-td{-Nz!eA%fmQk}zM&oתDzB^`ސ46(S,]kb94\_Эt>Bl#7k^.+ּOO~޸Awh;0|]dMʟ8p\cAW@:C%&Q3kYm <z:UNo)uƙlm|&kj' ?FXW`Yc a3*"HB-<:xSU4G Ӫ?XT&; `ok [*Nho*k'=UL8J=OnR6BwFH2s[&b0|mU=fw)d[3G[[nQayM2{Or)-ooj\9@3bKI3E㬁n+5OZsW XKau/23Zq&K-LSj2= $13cj߯ykT_RN?I:Ky"Bm?*-PR!Hkڸ\ZA *~ڋד/AAd%3?u .{~.ZVI33_JgWMO E0RLs6_=}%e4Wr=/~]S4d#}5wF3i &8$k{;ܛv jb$q2yY&NOV;~pY6XatǕ4OoF dXFgmá~'$,X;WiɸL+0ݗng \[(QsWjIpx4 y q:n|''N퐉5E-4zJ!;u 斩$/Qňh;E "`{hKT'<8RfH\Vыt2;ywR>Ћ1,G ӒmLŸ9G/WUI#|'0(Z_3TIB'-W,T<A!^G&5޿@Iձ9@*n+p[W5SDQUpP]NEYh=PpkATF1%ro±bfm 3Fclc`݈lBg(Y-^Z1r &3R>Nqz̈́ LX B.WiЏ Ü|iwy<{zH#fjzdƾsv|wKߨ+lTNT\2u /_t4{4v.˶BvB&dNOA>8LTL%;0޻ߟ˺ΐLoFN:2)yHu#"_)M!i)5t%3-j%|X6MB䧉ќ ~@"onYel3a(V˥=T'U?8]_k"A mRPe:1cVkHǥkI6y_G)d@L?]]?e!At~zugS([N cM]jiy{Ph{\W,AI!f`;pSŬO{(*[ #BX\쀘ǧr5M3GaGO?#Z8Ob}[3\&,L=-!_CM9FE!*>ʍp3"j8 z43(Mz{&oZzIGQ9cRPy},Mk &6eepF]2'f`Mr};/6n,L8!ώ4C]W:[L0Hz\PmV<%'i0:O gs( ^3"z:VfViUn{~v2j˪wD!/6n*AEYH凨ܡ'ᧉY4ԅ>f, y 9%E@>msv/'|^q !##g^`PA!g|<5@5ʉjJy 66V >Hf@<sS`Nlo\}LH}~Kɿ]d)63(Fa::95# /eMFZ/n؎-n(&"< cNJh՝ :w~c0WDwl]a{q(nEwaq;%k\;w'IrArsttSDa!IXјGQ:Ic i;.;SĘ :O;a`np-QVGɸ̸; HS$Q}qu_zu?L9$TKWSv{B&~U!  D;w[yUT ͌h]ՐVae{oXFk˺vbztd.1~0"b(sEIv7]fŻ_9 ӀzdM{]VJ0Tf)TZhwSačqwzz}Vڿb&Oi0DЗ>ۏjb\j)񜅧LV.H38 q%3%ٛt8~'iuvj:Rϯ_1)O:.a5D(#랴gB1t[ mhG)}ZuoP^v6AԗwJU%>:䭕Ov%:*0QX6l+חn۟R3L1:eɁ!D)XK+26CMBqv e31VfɪTt&`ig@<1WSEQ42{|MHq~1(0+'nO;d!e P;P١h}~R"M+\7q.Y+V%a'!@E98c RGaol<0:IdY4sV|C,%=9=,jI[|9&$o%FNq𯼳,[fۏw?cd<94ΐX%Dz*JeBaͤ{ 3SV5,"qG s,֟R|^ ]vFC߁;^ȟ qo!Ux h˕yQ'} )"js]% ~L '/:2XFͲc$~۬GFx3Z%cX,>/-v ]yp2&Ǩ*i}ZA-`-ۛoq hiQUUQ齿ɋ! -3&xG\xd -a)_MzKb2Y\;v-b.r"OQsa\]IfI%K Rї8}.κ>EjJw!=/?l5ӿvl/7tX5"[X8[~ēMT*km} )|3+އNzs2B-];r?@c'}XqJ|4Zbռ& GF]H4%qRu;桧/z͛Ku{")a7'SEV0 ?# XvyT\9- G FX ]l$IAahR\R<lL̤s] :(YkCA0DIFٯu}>\9G06GkdG~|ao2QY.U`+F#x2>M;Zw 2Q2kh'pzԤD>i2)2>p7 Ѡ&'cwլ}#2-W1 OoMpBj M pA&K\Z09!Ig`Mr1BOem3![v6miYdp$F dN벗 ;37 M UWU\6LMZSBN;{(̅E^>3h~5"XtOe؊1S;!u@䲂^䐍yT:b~ӹfp@tyGH7n5>d `F۽C„.Tcg#Oaf9#ח蕳ƣgޤeas:BqRWH -Yد.!H[=!,tbO}܇{,=N=\&ݕ,8PgukAe@ly++5 qIQ6Jb|C5_^=Ax>@,鳇պd3{97}MObr+5BX@>`q  պ+[mQr=(K*Zş\C0G|Q3ɔл'@^S'Lk;sY|_Q?A=?s1^K5`T%37S0ݔ*gb~2}dxpґ`ic=ZJ[Jq:∞@5>MϞ#U鍧`miFV pp-_LcY6lpqI lю 9Ժ ёgu=ˇɖdXsdTTͺsRipIt 4!#}GRSExyWzuh˿fj*A? g.7 = җ5^6scuKZd_}[N.Ek}ZFi.AYDz׎1GdG$ JPcLF{1vxLie(STWAvsTjG]<[ dvнGKq]AX3]ι`ad\A 9gUOLSFܡ$"NJuoV}:ބaa`l,.ML1qx%asng;|R~y q'>g}5[ֆN% igX);=Zeɰ&,8~$$J06 ~2zǀޏQLpD<99e8G}9{Tz"gtG2E0kΌ\pL=cN{7ôoQ~[YM39v@-TZ܅*a(15Z67Pd`ߥ_ne[;Ô'򧧦z: 1 3=si'*·:Ȗ51R=ʢ-jT;v&X|,(h$<ΟX᫖%\6Je[>Ji/w|?<&,ʾ$dN*_.uTS*>aE6ǥʧ<9Ce\~M6+\DYљ#Jm Lʶ>g1a=Xs7?pld Ya@_>Q=`QO¼|ƺ8[(}C RzR\< ,du D5SVDG(xF]lV:grx$y`9D?"rk_gM"`Dxj;~$c;-ns?O^ fCftXXp&Xϻy48*Kߤ=% UjgLX 0(ٴ!h }T hqa'ZElbu,> ܗ{㖽F:/yc%^z^Z|LX4U^V>DVIObtZL5%bb`8s Ή8`_DpgVA-:aTML4E@p?)d 5bmFvy_EKBL^G5IpXEU‡㧯ox-7,xt/P!YQ9PKIpb&  ^fg:S`ka`1I%.mqEyuȾ̠ ꋲ_v$Cc Lx舸rVBtQb^Ar|7rה`V '|[Vk@Lٽ~aUi ŔP}1jp۹\ |S~J,q}LSŻmڞ11 @CrКgH2TG*eDDEPH'P"-ݥ"5$8AwkX yzf/jatcTh*bwc cnoԽ4% ;P pBZQ0|7!*zFŨMlEH iߑ0NKσK>ooU Ž>#%-|6f|hD(]* -<3CDFV 'fEL&."χdPXNZч_uŔt2k}AV5DE*zJQTV@&h$ ]Nȇԇ(I)jLh195b#6׌m ҟ[|1Z_qsvEu6Xao_RF 3J͓ZK@pUW>@F[FNuNwQҷ̡ÃrvjC1N"J d6%.ݯİ]R b̋tWYB#Z> R)aU|각n粇Y5=3e~tx.|Z6C5y[rɈP/uIf4Pf$dm{Y=_ "Zg3[ LMw天 VuT&1^@VeMӥ̛< Wa~Y<_هԴ]@Tw5C\6xkH\'K;Ac,`Glľł߿c 1 >rO0c9s6k5Ӷ@.ﱘ-Û/`5^ :7%(y"OD1hX{[Qс0pOc]e1) ,?i8[zNQ]ɄG[ȦPfZ2T:hKjz9hQg'x܈-ĢFj缃D'po bYg -͗udUaLR1.u9_SFd>1*Q^"Fly@rGYIp zEjI'{cϊ}y~Sgpr%p:q___[rũB>eAqק{mvyAIKKZlҠ*h+ q*ÿNU#lhIӖsry*ۧGuS%z ;z$sA3OI/SZ_PX=nXoyy`#\]bS",l- j._a+ϡw{/{J㭽fΊ,FG'.=`x@}5xb~c!$OE2דY"Yɮ]MBv9[lI#& b^wJ)=\-(j#TĵYr*bUÙk@]w2jΎsbj\˟VuJ+FUo5E@ ?sEw/c$, =ڿdgLhѵ7luS\|2ܩS@pJySfn]QqsBɀٵjTb[k-Pk@i:rzY e龕pxj,iX'zhQ=TrC}b); !vZOgNhS ޺iY6HUq,^8*6v atpu8U'xTA7=@Y%f9=:ZAKlkϣ}y+3u5(~}6daV媁4#,)kam०5:{YQd/Y:č[ 2Hm156o<< :{3 i,  +9c ܜҁ-kHdRҌux(֋bT0pVhz]N:io8g">y7lZC-Yx̹)He3Ұë[ߖ5*F՘XP@$y!@?STV= Od a8сDG@&߶Rr(^ȐG/ټdu.d@'bj78226  --w8dmƪۿ?%l4X\o]sQ߉rlpN5VVqU^lf\އ>3$xq23Ibr[PF"âz- d,MlUx"I]~`0!d[ n i?]iXccޅm ܢ;$HNBfGQa8YA.x&h)5˼El>G)ȊF X] $JpA,[!yi^&>ϪUصyWϪs8 O"Lԃ3h_OVGdE1մePi zq]HQ/%LE[r,>yr޲ 5u17!<2~Wb]GY=Ià Φd¢_Z:L@?P`)IH=~=xKJ LӦ vjҁ&QSoT+Lhb=k|5Zp(/)bk6ck `3xh=΂mgXV oާ>Y?j2^S:[7C3ήHu`k22UwX?wp5>H.h*ݒV#G| ; VM԰qج: >5,ڡKN87YejVp3oukݹ<< L&|8's*ƪma>G-"!]nHWO%\]x:/f640\ B|vSWf8oudC`ۻXNOQN,Pݴ쏮b=TJAJt‹l롗|Wlkh_:$m]XZٞ3Qv:&$B1n$RNJ ^j0< ˿ <:3Xf`}q#4 `e 7B|z^X#{MrK BNhİ}PE#=Е)Ԗ7 2gNm Kds&,ujJr =3'INmM/[ ծ{4cg/  ]Y2i#}ԫk6$t] jZ4hl;*zN! *?O\83[MYͅ1mo*" ^F",g\z'Ay?FuGٔ m*ySsM)Zdʂfo5m-*kOYe"==z sXvq[Kz12"9ސN( S齕`WhkfxBwh؎$@?J7KU$د:8p}g6 ЩjaOŹ8dڟkK]aX֦$'FG 4"lhB7=SÿI5b%1Pdtu\}6~jnm 6՗w-hy8S=> C)Ry0%Z P6^lJ:<)^HJyI؏0ceǦ;r~6z^V?fL`N,#iٌD)5 hI'1W? }5A'6s D҃emiekU~)U-#*"67巔>y *P逮]V0MH!i>w{qQ=ԉZ1_;_$k4t_b4ӕI\v7%XbTKI S(. L=>-<;(2s?[C; +.=h6 ܿm ) C1fk0UyW2F3/>+ K2ڮtY%Ʀt0M=T65#MDԬ#b5*xM߱(dU3I슪HM, AKq>(,3drχQW6*ͥkҟ-pJL~s cjDQ*g Puǘ<) } v%6gkT)_#MYulI%[&Bʻ܎Dƽc&_A} ~$NVm==u+G $w E!rbY.N_vnÀ\Sʛi#WB^-p& Rð 8i :/DK9P2=l)r$bpEeOv@YSwNYsl@SzHԽTDӣpVXbY ]Bg/˹N W>P|uA]0+*tfW}~sX$uFضHD}U㇒6$=Äe6s A PGB:٨f}[cʸ״:|nThjiDWy`@-H2εso *\,z@9tZz "`CO^0!i$왎8I ڙ:Fi?!$[87INMnnp&OZAx%p9W|Ͱ?A"Uue$A7HgX"zti95Ɨ)SMHrnqD#l UF1c+|pX %"q D2(Jz-Ln,챃KP_y V5]6xh ;ٙRj\ReR>.@N #-z%YHcrs*MMۜ4Oߕ6 ˓$+:Y*.EPQԦ/L\Wȓ&,3]]z[,e >@YS=+H|R$IpJX g5K`vsa/> a 8 B>TÁeNX=7 խK>yۯC)9 JޮJ)>sy']Jka48J6fh'?φք'*H12ܲIy(q.|ry-&SRGMCoA;蘘5zf%hH|Ϙ<-22i߾?>B3ްL ȾOt+G` ጸt*`ˏXg]z.᯵H{!@rOaS;DTMUz&GtA=m yvm12Y@Y٪GĞEOGm!'E6\c |zaYe?]SoD P?H"0aJڃ bENm 2١k@#S4|w|'ISNKMV[=H(Jcc, Js!JFI.F;m a 6,O"꿡>2FH'@Juxیr{#o-ߡ%Y@@SA} Qޙw˸tIM KX%"9G/"jfOa;M1qЗqF5 S4I/N׫0ZJ$FBoY!j/n?00HݧY% 1u5ʇKojbQ+*0A>ԢS?3σ>xq-snRECLlM|/.3v@u]AIj搦F$0C;9VG&aD~^ȕO*x_.tmhd7\ ߕ{Zۃ8қ7!b](3.wW]po-v^AR7%n͢N4[4NI9IP( g=wsȎ&(lnZ΀}CB^Ŗ:aKY-e)xjxZsT5 h%I≠LG8z?/XCզU\M:ԣBVE"Uo"J+M'gVZ+ΎHޚoDN}8 YE%䣡xÈZ\xi +a'; jKyM51w׬ nԚe%1A%I(<ګdCVr8LFFzvv#?R~כE {|1*0E #Hs J걯xIba/BwV XKܨEa] }z%uَίrJbQGMeLgkPܢg(~qb<)y>וfYrZ Rl/רL:u!FG0ɍ^@PQ/,0 J( mĜ9Ys0B4>,dd 򠨬*RMe i\,ˍ4Ub,.[py;1PE9)Xajb6%z\ j)TgxyR&j1:r pW o$XW;YD/ .ێ1&"ڝTZ_Q!_ueT{%S| ?Dzag5ޟU2Hlc0#-G;h3,]VoQ(b:J8ixv Z-dW";0^֥|?f([e C%@,ttaJm㵺hy ƭmu@;>7_y&YFةok٪ɿJ\\ BP9BCtfM$(^pmFI{adѻ-|[0Jr}N;.[D&Rye|PPfʪɐ[,[V"W%aK]\C>8IPoDNv(X6"4ҏ(~PzswZ￳L<nLsD#+B%$ċvmNywXbpDzpPyq#W>z,93jׇ#OHwy <"Q'NkJ,"a`J'.R> v8|T8֋A3{-sM]%lInrSSя`*i.=B,lMv޵s=^)Q I$xƏ55Ö~-tj+P=߽5 ~Sk\ݧ ۻHp L:kgl#GkeGÑ&zS8gKU{ 6u =R78|eB!hٻRB34IFP,`[C/M- UqCdVstdhbφv/!u4,(U fa{Lנ?-w7@7,GAɽ"AڴAYG۶F`+]qx2qۋjI7S#GTP^>jbVY0CJm%poM:S&d_{Dz\sǃѵ; <&h A 2{8sv^ouY|i-y[fn,oHq HQ )sEP<k yBDnm(.{[f)U5K!lhA3v$@j<!Y _rSpHZWM<Fgi͞kK&V]цe\gf B[q@ jB:zf9 c31|11FZ ~fj~s4q\: nIbx1!G ^a`@`DJ')6oa2>o )C5vjkHh<.<5/#mro Fm% "EÄn" j6q<_,vθY =mQǻ"$Ǩ噃-B5Ed~j;a?q 844Q Tn\{ځl]KڹI« "AYuCxzǙ]@KUpe2Cu)Di 1yX܃{(€#gf 1gk_C+D$vb~uY`!EGE gz9wb_¾lN(~&_Ʈ YGFK9Zkb<cIG2+V2"ogL RY .BkZ*#lg6Ic7rS"W 1sdw9AkmnP|رĂ˖v$˩HڮiCr"%?;'1Zme'1}B닗#'C]LQń \֯n 6W,>Mlxs0J7Fʒ)}zIӜVEV ʅ'6( Q%y>ɼjɬA-zCs/JҚ48(j5D֞[,|"G~֫W*+Zle|6" I*lB; Djs;4%:cuŞ>w^1ؖ?ee% e*WC  @s7--Y÷GG>uϻFno!rX7N`=dϾ[Fm $.ZͿ ozm1a[1TipO79(r Oy\&!Kr$,?Q*qG^Q4OpN0;& u=Cr1{5CO?9갺 $pg2Rb7ȷA[@ ox=f"s>aE5϶U/b5d[VҴ9)!)cyf:M?"] L2iZ_if?G:k>Bh93ƂnG6!R/Ms6+H?c[74c(s޸rj^%6> \c!mɅ4u.>OC.O~S\PL v}M2K4}e|\&MԒ.ֻҋ=O'5o0QVzZ@T}{vKl(:Q <;oF6fP 2rBWAeqƲ~tDJX4okňu0&|F.]e9|/Vk`dxٯZL^%q\ᘛ`gG`BlFz-ohԒe*Q}*G )'SfoUP kU33x/3㇚9u_~9qEN~q Rnvvc[/|HdJ]9Z{ZVGNЮFaC/)G3PubD6 }D<_$1.s Dp¿m<2x5ꛓ;r5r#`n{?`?mN]XhT+P 1͔#WU}ݝ]=gڽ'p^Xp}eêh}nScyKc vރy V (Xч-xȨ֠E{G+YqP2 GUK"*+pCHFQz[gH?\nQ 7btWgz` کc̹_,KEI]Cق{{Α5~7hM~R,θ{ԭ$VT r)UV媻T*Y}PG!_}[;,B !Sg>S@gMYh! mPLW?O)HkRJ ʗUT^hwMWS twiQvRxH\0T1ly4_,-<Ev(>%x,ByWfyi $ڭO'sS"pDgoyqUZSl~;$`<g(= 䰸 lE'KcNS9aE!%2.xa: KUs`[8 c]* qxDgB:FuQ;n_JGѡ 燖թj+h07t}GP0z 0܉X%E *̆p{0\,iOYS/._bo_5 'Hĭ\A"b:w-p@:AX1hאBviOT|pɹJmr$MD`pLV9du"uߛ"* O L'8DsK^"*@!AӐǝFbM}mWŅvtn6r<~[>G6|)SKaYU,V-JQb_HS2 Z<˄Z}}|+3ŝ]zJ)?]nHZN<|{LҺZtl -áBϬ5Au6JB께= N  `ue(t%_[fs=cyzܺnvnH R"HSW:1u>YNG3:s/ y[7:Z r^-9` ujuYH փwAi _{灵-Wr_s̑r7֢z~w. ~:Ul[38T|$bq5V"z&! S4 @pbӗ TLW;P*ULi |]5d`@Ʉ w֮WsZ|\\z מG Vך!#+SbCv"^tgg}BPnZGXbm/W]T0:)Ҹ:llI _8 }mHk~em/' ʭ) 4ysgya+2 "ƻh16@xf++y:ֲRd#^jy\TI'SV0ӡ)}Ia_8L^$g\Uj{-G K1F?SR(h(8<ՆO^@YjFNVpuWP82Xw[QDSl':EqilyH|O:̾Il]\(/nK(nv}HНNOd,^akr4x4,Qh)źʉ TQy%E ܧJi qYa`RN}gH^q(δ̰"BODQ})/Buy ^ZfRKe*$Qo< [jveCɰ,q.X8{xF+|W&±)=f8Áo+:ILЀ 'YJGN-}D#d3wjH`}' . (,SShG-(J//NƉ(-Xݯ]ZŸ~kCjjyVAIg3L}C ?~-R$ɐ+=Y\lQn{l X]*X*ND>HMxu{d0a(o:J]@WMCW)Aΐ]KC7=̱gTf)u1)7& F%#vGCi$eV ;cJTrvp<-!UmmtAߨ'zď s aEU w yƬo%y`>qNYlwl qBQ3f' kyhD.AǙ0y33{s`EdS 1^-+H 6H\^?ZrvU^XѡQZIB`[C0pSs\~⩔zxWf^ c/̰Ͽ70a b[(`3%3D=wJe E o 1SeO>s~Î.FW:!?prn؜0ZYRoum4]qnCnw.ȶYJtp=+UX:`'()R sgOu Vn@gB#:sB# {>cW~ H^,wdFو<@"^Á)%"ܼWavg0Gl1'L@wTF/xn\tq)¬*F؞sOH%ᐬ+ Xpܹތň%e>".,A1/j#1EuZFRZJ7}|Go=fz8Y81[+UY\R!]9/,K1e9q5MG,Tfd?$P|?A?yݲ5ˏ0%dکͤ4Cm<Ʉꉴ3i[C"}b~PvH t`tqig1CI@,.ǚ|ȲgNw{[Q8Di~=.<ž43фg+AKp]JBRmM? FFCBp3}1ྡhU}_qj0)s,#d RߝbXj`4R2uw:BO&EN-?vSsܳJ#Wr0pNML.cnucb^SuP+PnoswXk.5"c.GTkA F&9f"&Zt8JM.3+\J]|;HQrA;!5LqJ=5k/hdt|sAR@xY 5`K:h9gd 3ʖy&wDvwEܑFS "?_)AeeeKɺ# K9.v"u:ҥ?Ě2bxºhh'wF i/3 '!T͐x_~փ3[. C m[a+ p"Bd94(a kevU"lcci!-&z+ $T9cOxH5z\R !EMSP2„;i(7րB;qyRK9*kW$Y`CgG wp1Q$غoLҝQ>B3$o%L8s]kcef#)Pɐ% iE<) 7OW",hosQ\."BiF1@x{ +UvY{ Ey}cm.{Ncd\63CIN:Փ4Vt V j9ɰ_]VŊ]OՅ:ERfzSÛ2Rj7/]LD*:̆fLXH;衖 2хk.ie>vuv .:,iBM\OUmB|ns&>'r Ø.9(F\:DIFb0t) 7 YZ