nss-util-3.53.1-17.el8_3 >  A _9U]4JZ$](Ew#Or˂Z<+ݑ.I(O_1RyZ9M''D/Qyl\qKpf#Z\MaV;HݏcC6@r[ZfkysPX w /u0L() J]E1և3Q=#xDP-Pl"U.xF 0PK@b{}y]Y`^zt2ꨑz EƀyqK(雵PtI)՟WHT"0`ͼme%U.k|6>mA3gf*;c}L-8R40ΈKs*[Z5DSYumϼv(I<^A Q'4plߚ[qܵH476>ʾ )E뺭qshb7s6w3sl_,PZ\̓{͉6:F11de746de6f6a91b888fd020c8ae8327846cc1fbc6e34ccf8b1cf6cbe1648411544e0b1162357e5a7a378539febca200d0c528bf_9U]HD{rnj$Οg4{#IuM;?렂H);%dO1o-ǦCjA% ^l4/3ѽ0o9$/58 g2SEkG bK=)4Po. :i[#2wh۝ D]䷲ߜJY"qm1\C^OTl:HOꡈ`iSP3ep;.F/kc*wpf }?HXX}Ea8/`% >CѪ2TLFn=\tsF\BfZ @Lr&RRy~+8Ow TJﮎ7Ղ[U"akn9F~W= eAz+N%"uKc.O1^X8)/U!u{( ALjÒӂ* =9GJHS]ǝ 'mI9hhgq5Ν/ٸah6ҕrp`>p<?d   G $,D P \ t  $<ZxX(89 :Y5GHIXY<\p]^bDdefltuvwxydhnCnss-util3.53.117.el8_3Network Security Services Utilities LibraryUtilities for Network Security Services and the Softoken module_9Rx86-01.mbox.centos.org CentOSCentOSMPLv2.0CentOS Buildsys Unspecifiedhttp://www.mozilla.org/projects/security/pki/nss/linuxi686"<FAAA큤_9O_9O_9O__9O^L8a7e35a9230d36622d2429df8d9106ed7819b78cc285add1b52457ae260d99ffa20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4../../../../usr/lib/libnssutil3.sorootrootrootrootrootrootrootrootrootrootrootrootnss-3.53.1-17.el8_3.src.rpmlibnssutil3.solibnssutil3.so(NSSUTIL_3.12)libnssutil3.so(NSSUTIL_3.12.3)libnssutil3.so(NSSUTIL_3.12.5)libnssutil3.so(NSSUTIL_3.12.7)libnssutil3.so(NSSUTIL_3.13)libnssutil3.so(NSSUTIL_3.14)libnssutil3.so(NSSUTIL_3.15)libnssutil3.so(NSSUTIL_3.17.1)libnssutil3.so(NSSUTIL_3.21)libnssutil3.so(NSSUTIL_3.24)libnssutil3.so(NSSUTIL_3.25)libnssutil3.so(NSSUTIL_3.31)libnssutil3.so(NSSUTIL_3.33)libnssutil3.so(NSSUTIL_3.38)libnssutil3.so(NSSUTIL_3.39)libnssutil3.so(NSSUTIL_3.59)nss-utilnss-util(x86-32)@@@@@@@@@@@@@     @libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.3)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)libdl.so.2libnspr4.solibplc4.solibplds4.solibpthread.so.0libpthread.so.0(GLIBC_2.0)nsprrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)4.25.03.0.4-14.6.0-14.0-15.2-14.14.3_@_^@___@__"@_"@_"@_!d_@_ L_ _@^^@@^@^ۅ@^4]N@]]߶]e@]M@]µ]L]]^@\F@\Q\\\\\\@\I\I\U@\ `\l@[[[u[#@[[W[O+[M@[ZZw@Z|;Zo Zo Zg#Z ZZZ@Y+@Y{YY@Yn@YV@Y@YyYm@Yg`YJ_Y1S@XX@XX @XXYX@X@XX~@Xx@XoX>@X*X@WW@Wt@W~Wv[@WrfWoWm WbWQq@WPWJWDB@W4p@W@Wo@W@VV޾V޾V@VяVIVɦV@V@V=@V@V@VO @VHsVEV3[V UYU@UU@U@U>Ua@Ug@U[%UUU @T@Ts@TTء@T@TÉ@TT@T@T?@T:m@T"@S@S<@S@S@S @SSSSpShS(5@S@SRy@RJ@R@RR@RSRR@Rm@Rg@RD!R@RRR|Q@Q*@QQ@QKQ@QQW@Qw@Q]k@QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.53.1-17Bob Relyea - 3.53.1-16Bob Relyea - 3.53.1-15Bob Relyea - 3.53.1-14Bob Relyea - 3.53.1-13Bob Relyea - 3.53.1-12Bob Relyea - 3.53.1-11Bob Relyea - 3.53.1-10Daiki Ueno - 3.53.1-9Daiki Ueno - 3.53.1-8Bob Relyea - 3.53.1-7Daiki Ueno - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Daiki Ueno - 3.53.0-1Bob Relyea - 3.44.0-15Bob Relyea - 3.44.0-14Bob Relyea - 3.44.0-13Daiki Ueno - 3.44.0-12Bob Relyea - 3.44.0-11Daiki Ueno - 3.44.0-10Bob Relyea - 3.44.0-9Bob Relyea - 3.44.0-8Daiki Ueno - 3.44.0-7Daiki Ueno - 3.44.0-6Daiki Ueno - 3.44.0-5Bob Relyea - 3.44.0-4.1Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Bob Relyea - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.41.0-5Bob Relyea - 3.41.0-4Daiki Ueno - 3.41.0-3Daiki Ueno - 3.41.0-2Daiki Ueno - 3.41.0-1Daiki Ueno - 3.39.0-1.5Bob Relyea - 3.39.0-1.4Daiki Ueno - 3.39.0-1.3Daiki Ueno - 3.39.0-1.2Daiki Ueno - 3.39.0-1.1Daiki Ueno - 3.39.0-1.0Daiki Ueno - 3.38.0-1.2Daiki Ueno - 3.38.0-1.1Daiki Ueno - 3.38.0-1.0Kai Engert - 3.36.1-1.2Daiki Ueno - 3.36.1-1.1Daiki Ueno - 3.36.1-1.0Daiki Ueno - 3.36.0-1.0Fedora Release Engineering - 3.35.0-5Kai Engert - 3.35.0-4Kai Engert - 3.35.0-3Daiki Ueno - 3.35.0-2Daiki Ueno - 3.34.0-2Daiki Ueno - 3.33.0-6Kai Engert - 3.33.0-5Kai Engert - 3.33.0-4Kai Engert - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.32.1-2Daiki Ueno - 3.32.0-4Kai Engert - 3.32.0-3Daiki Ueno - 3.32.0-2Fedora Release Engineering - 3.31.0-6Fedora Release Engineering - 3.31.0-5Daiki Ueno - 3.31.0-4Daiki Ueno - 3.31.0-3Daiki Ueno - 3.31.0-2Daiki Ueno - 3.30.2-3Daiki Ueno - 3.30.2-2Kai Engert - 3.30.0-3Daiki Ueno - 3.30.0-2Kai Engert - 3.29.1-3Daiki Ueno - 3.29.1-2Daiki Ueno - 3.29.0-3Daiki Ueno - 3.29.0-2Daiki Ueno - 3.28.1-6Daiki Ueno - 3.28.1-5Daiki Ueno - 3.28.1-4Daiki Ueno - 3.28.1-3Daiki Ueno - 3.28.1-2Daiki Ueno - 3.27.2-2Daiki Ueno - 3.27.0-5Kai Engert - 3.27.0-4Daiki Ueno - 3.27.0-3Daiki Ueno - 3.27.0-2Daiki Ueno - 3.26.0-2Elio Maldonado - 3.25.0-6Elio Maldonado - 3.25.0-5Elio Maldonado - 3.25.0-4Elio Maldonado - 3.25.0-3Elio Maldonado - 3.25.0-2Kamil Dudka - 3.24.0-3Elio Maldonado - 3.24.0-2.3Elio Maldonado - 3.24.0-2.2Elio Maldonado - 3.24.0-2.1Elio Maldonado - 3.24.0-2.0Elio Maldonado - 3.23.0-9Elio Maldonado - 3.23.0-8Elio Maldonado - 3.23.0-7Elio Maldonado - 3.23.0-6Elio Maldonado - 3.23.0-5Elio Maldonado - 3.23.0-4Elio Maldonado - 3.23.0-3Elio Maldonado - 3.23.0-2Elio Maldonado - 3.22.2-2Elio Maldonado - 3.22.1-3Elio Maldonado - 3.22.1-1Elio Maldonado - 3.22.0-3Elio Maldonado - 3.22.0-2Fedora Release Engineering - 3.21.0-7Elio Maldonado - 3.21.0-6Michal Toman - 3.21.0-5Elio Maldonado - 3.21.0-4Elio Maldonado - 3.21.0-3Elio Maldonado Batiz - 3.21.1-2Elio Maldonado - 3.20.1-2Elio Maldonado - 3.20.0-6Elio Maldonado - 3.20.0-5Elio Maldonado - 3.20.0-4Elio Maldonado - 3.20.0-3Elio Maldonado - 3.20.0-2Elio Maldonado - 3.19.3-2Elio Maldonado - 3.19.2-3Kai Engert - 3.19.2-2Kai Engert - 3.19.1-2Kai Engert - 3.19.0-2Kai Engert - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.17.4-5Till Maas - 3.17.4-4Elio Maldonado - 3.17.4-3Elio Maldonado - 3.17.4-2Elio Maldonado - 3.17.4-1Ville Skyttä - 3.17.3-4Elio Maldonado - 3.17.3-3Elio Maldonado - 3.17.3-2Elio Maldonado - 3.17.3-1Elio Maldonado - 3.17.2-2Elio Maldonado - 3.17.2-1Kai Engert - 3.17.1-1Kevin Fenzi - 3.17.0-2Elio Maldonado - 3.17.0-1Fedora Release Engineering - 3.16.2-4Elio Maldonado - 3.16.2-3Tom Callaway - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.16.1-4Fedora Release Engineering - 3.16.1-3Jaromir Capik - 3.16.1-2Elio Maldonado - 3.16.1-1Elio Maldonado - 3.16.0-1Elio Maldonado - 3.15.5-2Elio Maldonado - 3.15.5-1Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Peter Robinson 3.15.4-2Elio Maldonado - 3.15.4-1Elio Maldonado - 3.15.3.1-1Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-7Elio Maldonado - 3.15.1-6Elio Maldonado - 3.15.1-5Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-1Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.15-0.1.beta1.2Elio Maldonado - 3.15-0.1.beta1.1Kai Engert - 3.14.3-12Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- Fix various corner cases with ike v1 app b support.- Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC.- Revert some policy changes the generate ABI runtime issues.- Add support for enable/disable in policy. Now if your policy file has disallow=x enable=y it will act just like our other libraries.- Add OAEP interface so applications can wrap keys with RSA-OAEP rather than RSA-PKCS-1.- fips need to reject small primes even if they are approved - code to autodetect whether or not to use the cache needs to do so in a way that doesn't mess with filesystem negative file caching. - add kdf selftests- Fix issue with upgradedb where upgradedb expects standard to generate dbm databases, not sql databases (default in RHEL8)- Disable dh timing test because it's unreliable on s390- Explicitly enable upgradedb/sharedb test cycles- Disable Delegated Credentials for TLS- Fix attribute decryption issue where the private key components integrity check on private attributes where not being checked.- Update nss-rsa-pkcs1-sigalgs.patch to the upstream version- Include required checks for dh and ecdh key generation in FIPS mode.- Add better checks for dh derive operations in FIPS mode.- Disable NSS_HASH_ALG_SUPPORT as well for MD5 (#1849938) - Adjust for update-crypto-policies packaging change (#1848649) - Fix compilation with -Werror=strict-prototypes (#1843417)- Fix regression in MD5 disablement (#1849938) - Include rsa_pkcs1_* in signature_algorithms extension (#1847945)- Update to NSS 3.53.1- Update to NSS 3.53- Fix swapped CMAC PKCS #11 values. - Fix data alignment crash in CMAC.- Fix coverify scan issue- Fix endian problem in SP-800 108 code.- Install cmac.h required by blapi.h (#1764513) - Fix out-of-bounds write in NSC_EncryptUpdate (#1775913)- Add SP-800 108 Generalized kdf- Check policy against hash algorithms used for ServerKeyExchange (#1730039)- Add CMAC- CKM_NSS_IKE1_APP_B_PRF_DERIVE was missing from the mechanism list, preventing PK11_Derive*() from using it. Add gtests for the PK11_Derive interface for all the CKM_NSS_IKE*_DERIVE mechanism.- Backport fixes from 3.44.1- Add continuous RNG test required by FIPS - fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor specific mechanism- Rebuild with the correct build target- rebuild to try to retrigger CI tests- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set - Revert the change to use XDG basedirs (mozilla#818686)- Add ike mechanisms in softokn - Add FIPS checks in softoken- Update to NSS 3.44 - Define NSS_SEED_ONLY_DEV_URANDOM=1 to exclusively use getentropy - Use %autosetup - Clean up manual pages generation - Clean up %check - Remove prelink dependency, which is not available in RHEL-8 - Remove upstreamed patches- Update manual pages to reflect recent changes in commands- Make sure corresponding public keys are created when importing private keys.- Fix the last change - Add --no-reload option to update-crypto-policies to avoid unnecessary restart of daemons- Restore LDFLAGS injection when linking DSO- Update to NSS 3.41 - Consolidate nss-util, nss-softokn, and nss into a single source package- Fix the last commit- Support for IKE/IPsec typical PKIX usage so libreswan can use nss without rejecting certs based on EKU- Backport upstream fixes for rhbz#1649026, rhbz#1608895, rhbz#1644854 - Document PKCS #11 URI - Add warning when adding module with modutil while p11-kit is enabled- Update nss-dsa.patch to not advertise DSA signature algorithm - Update PayPal test certs for testing- Backport "DSA" keyword in crypto-policies- Update to NSS 3.39- Fix LDFLAGS injection when linking DSO- Install crypto-policies configuration file for https://fedoraproject.org/wiki/Changes/NSSLoadP11KitModules - Port enable-fips-when-system-is-in-fips-mode.patch from RHEL-7 - Use %ldconfig_scriptlets - Remove needless use of %defattr, by Jason Tibbitts- Update to NSS 3.38- Backport upstream addition of nss-policy-check utility, rhbz#1428746, includes required fixes for mozbz#1296263 and mozbz#1474875- Switch the default DB type to SQL - Enable SSLKEYLOGFILE- Update to NSS 3.36.1 - Remove nss-3.14.0.0-disble-ocsp-test.patch - Fix partial injection of LDFLAGS - Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream- Update to NSS 3.36.0 - Add gcc-c++ to BuildRequires (C++ is needed for gtests) - Make test failure detection robuster- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Fix a compiler error with gcc 8, mozbz#1434070 - Set NSS_FORCE_FIPS=1 at %build time, and remove from %check.- Stop pulling in nss-pem automatically, packages that need it should depend on it, rhbz#1539401- Update to NSS 3.35.0- Update to NSS 3.34.0- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka- Fix test script- Update tests to be compatible with default NSS DB changed to sql (the default was changed in the nss-util package).- rhbz#1505487, backport upstream fixes required for rhbz#1496560- Update to NSS 3.33.0- Update to NSS 3.32.1- Update iquote.patch to really prefer in-tree headers over system headers- NSS libnssckbi.so has already been obsoleted by p11-kit-trust, rhbz#1484449- Update to NSS 3.32.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- Backport mozbz#1381784 to avoid deadlock in dnf- Move signtool to %_libdir/nss/unsupported-tools, for: https://fedoraproject.org/wiki/Changes/NSSSigntoolDeprecation- Rebase to NSS 3.31.0- Enable gtests- Rebase to NSS 3.30.2 - Enable TLS 1.3- Backport upstream mozbz#1328318 to support crypto policy FUTURE.- Rebase to NSS 3.30.0 - Remove upstreamed patches- Backport mozbz#1334976 and mozbz#1336487.- Rebase to NSS 3.29.1- Disable TLS 1.3, following the upstream change- Rebase to NSS 3.29.0 - Suppress -Werror=int-in-bool-context warnings with GCC7- Work around pkgconfig -> pkgconf transition issue (releng#6597)- Disable TLS 1.3 - Add "Conflicts" with packages using older Mozilla codebase, which is not compatible with NSS 3.28.1 - Remove NSS_ECC_MORE_THAN_SUITE_B setting, as it was removed in upstream- Add "Conflicts" with older firefox packages which don't have support for smaller curves added in NSS 3.28.1- Fix incorrect version specification in %nss_{util,softokn}_version, pointed by Elio Maldonado- Rebase to NSS 3.28.1 - Remove upstreamed patch for disabling RSA-PSS - Re-enable TLS 1.3- Rebase to NSS 3.27.2- Revert the previous fix for RSA-PSS and use the upstream fix instead- Disable the use of RSA-PSS with SSL/TLS. #1383809- Disable TLS 1.3 for now, to avoid reported regression with TLS to version intolerant servers- Rebase to NSS 3.27.0 - Remove upstreamed ectest patch- Rebase to NSS 3.26.0 - Update check policy file patch to better match what was upstreamed - Remove conditionally ignore system policy patch as it has been upstreamed - Skip ectest as well as ecperf, which are built as part of nss-softokn - Fix rpmlint error regarding %define usage- Incorporate some changes requested in upstream review and commited upstream (#1157720)- Add support for conditionally ignoring the system policy (#1157720) - Remove unneeded test scripts patches in order to run more tests - Remove unneeded test data modifications from the spec file- Remove obsolete patch and spurious lines from the spec file (#1347336)- Cleanup spec file and patches and add references to bugs filed upstream- Rebase to nss 3.25- decouple nss-pem from the nss package (#1347336)- Apply the patch that was last introduced - Renumber and reorder some of the patches - Resolves: Bug 1342158- Allow application requests to disable SSL v2 to succeed - Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails- Rebase to NSS 3.24.0 - Restore setting the policy file location - Make ssl tests scripts aware of policy - Ajust tests data expected result for policy- Bootstrap build to rebase to NSS 3.24.0 - Temporarily not setting the policy file location- Change POLICY_FILE to "nss.config"- Change POLICY_FILE to "nss.cfg"- Change the POLICY_PATH to "/etc/crypto-policies/back-ends" - Regenerate the check policy patch with hg to provide more context- Fix typo in the last %changelog entry- Load policy file if /etc/pki/nssdb/policy.cfg exists - Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy- Remove unused patch rendered obsolete by pem update- Update pem sources to latest from nss-pem upstream - Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key- Rebase to NSS 3.23- Rebase to NSS 3.22.2- Fix ssl2/exp test disabling to run all the required tests- Rebase to NSS 3.22.1- Update .gitignore as part of updating to nss 3.22- Update to NSS 3.22- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Resolves: Bug 1299040 - Enable ssl_gtests upstream test suite - Remove 'export NSS_DISABLE_GTESTS=1' go ssl_gtests are built - Use %define when specifying the nss_tests to run- Add 64-bit MIPS to multilib arches- Update %{nss_util_version} and %{nss_softokn_version} to 3.21.0 - Resolves: Bug 1284095 - all https fails with sec_error_no_token- Add references to bugs filed upstream- Update to NSS 3.21 - Package listsuites as part of the unsupported tools set - Resolves: Bug 1279912 - nss-3.21 is available - Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit - Resolves: Bug 1280032 - Package listsuites as part of the nss unsupported tools set- Update to NSS 3.20.1- Enable ECC cipher-suites by default [hrbz#1185708] - Split the enabling patch in two for easier maintenance - Remove unused patches rendered obsolete by prior rebase- Enable ECC cipher-suites by default [hrbz#1185708] - Implement corrections requested in code review- Enable ECC cipher-suites by default [hrbz#1185708]- Fix patches that disable ssl2 and export cipher suites support - Fix libssl patch that disable ssl2 & export cipher suites to not disable RSA_WITH_NULL ciphers - Fix syntax errors in patch to skip ssl2 and export cipher suite tests - Turn ssl2 off by default in the tstclnt tool - Disable ssl stress tests containing TLS RC4 128 with MD5- Update to NSS 3.20- Update to NSS 3.19.3- Create on the fly versions of sslcov.txt and sslstress.txt that disable tests for SSL2 and EXPORT ciphers- Update to NSS 3.19.2- Update to NSS 3.19.1- Update to NSS 3.19- Replace expired test certificates, upstream bug 1151037- Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available- Disable export suites and SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code- Commented out the export NSS_NO_SSL2=1 line to not disable ssl2 - Backing out from disabling ssl2 until the patches are fixed- Disable SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Update to nss-3.17.4- Own the %{_datadir}/doc/nss-tools dir- Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic- Install pp man page in alternative location - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer- Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available- Resolves: Bug 994599 - Enable TLS 1.2 by default- Update to nss-3.17.2- Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work- Rebuild for rpm bug 1131960- Update to nss-3.17.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Replace expired PayPal test cert with current one to prevent build failure- fix license handling- Update to nss-3.16.2- Remove unwanted source directories at end of %prep so it truly does it - Skip the cipher suite already run as part of the nss-softokn build- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Replacing ppc64 and ppc64le with the power64 macro - Related: Bug 1052545 - Trivial change for ppc64le in nss spec- Update to nss-3.16.1 - Update the iquote patch on account of the rebase - Improve error detection in the %section - Resolves: Bug 1094702 - nss-3.16.1 is available- Update to nss-3.16.0 - Cleanup the copying of the tools man pages - Update the iquote.patch on account of the rebase- Restore requiring nss_softokn_version >= 3.15.5- Update to nss-3.15.5 - Temporarily requiring only nss_softokn_version >= 3.15.4 - Fix location of sharedb files and their manpages - Move cert9.db, key4.db, and pkcs11.txt to the main package - Move nss-sysinit manpages tar archives to the main package - Resolves: Bug 1066877 - nss-3.15.5 is available - Resolves: Bug 1067091 - Move sharedb files to the %files section- Revert previous change that moved some sysinit manpages - Restore nss-sysinit manpages tar archives to %files sysinit - Removing spurious wildcard entry was the only change needed- Add explanatory comments for iquote.patch as was done on f20- Update pem sources to latest from nss-pem upstream - Pick up pem fixes verified on RHEL and applied upstream - Fix a problem where same files in two rpms created rpm conflict - Move some nss-sysinit manpages tar archives to the %files the - All man pages are listed by name so there shouldn't be wildcard inclusion - Add support for ppc64le, Resolves: Bug 1052545- ARM tests pass so remove ARM conditional- Update to nss-3.15.4 (hg tag NSS_3_15_4_RTM) - Resolves: Bug 1049229 - nss-3.15.4 is available - Update pem sources to latest from the interim upstream for pem - Remove no longer needed patches - Update pem/rsawrapr.c patch on account of upstream changes to freebl/softoken - Update iquote.patch on account of upstream changes- Update to nss-3.15.3.1 (hg tag NSS_3_15_3_1_RTM) - Resolves: Bug 1040282 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) - Resolves: Bug 1040192 - nss-3.15.3.1 is available- Bump the release tag- Update to NSS_3_15_3_RTM - Resolves: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws - Fix option descriptions for setup-nsssysinit manpage - Fix man page of nss-sysinit wrong path and other flaws - Document email option for certutil manpage - Remove unused patches- Revert one change from last commit to preserve full nss pluggable ecc supprt [1019245]- Use the full sources from upstream - Bug 1019245 - ECDHE in openssl available -> NSS needs too for Firefox/Thunderbird- Update to NSS_3_15_2_RTM - Update iquote.patch on account of modified prototype on cert.h installed by nss-devel- Update pem sources to pick up a patch applied upstream which a faulty merge had missed - The pem module should not require unique file basenames- Update pem sources to the latest from interim upstream- Resolves: rhbz#996639 - Minor bugs in nss man pages - Fix some typos and improve description and see also sections- Cleanup spec file to address most rpmlint errors and warnings - Using double percent symbols to fix macro-in-comment warnings - Ignore unversioned-explicit-provides nss-system-init per spec comments - Ignore invalid-url Source0 as it comes from the git lookaside cache - Ignore invalid-url Source12 as it comes from the git lookaside cache- Add man page for pkcs11.txt configuration file and cert and key databases - Resolves: rhbz#985114 - Provide man pages for the nss configuration files- Fix errors in the man pages - Resolves: rhbz#984106 - Add missing option descriptions to man pages for {cert|cms|crl}util - Resolves: rhbz#982856 - Fix path to script in man page for nss-sysinit- Update to NSS_3_15_1_RTM - Enable the iquote.patch to access newly introduced types- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Fix incorrect path that hid failed test from view - Add ocsp to the test suites to run but ... - Temporarily disable the ocsp stapling tests - Do not treat failed attempts at ssl pkcs11 bypass as fatal errors- Update to NSS_3_15_BETA1 - Update spec file, patches, and helper scripts on account of a shallower source tree- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build3.53.1-17.el8_33.53.1-17.el8_3.build-id9badb29c54828fef60d534c022ac9ad28507cd59libnssutil3.sonss-utilCOPYING/usr/lib//usr/lib/.build-id//usr/lib/.build-id/9b//usr/share/licenses//usr/share/licenses/nss-util/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m32 -march=x86-64 -mtune=generic -mfpmath=sse -mstackrealign -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpioxz2i686-redhat-linux-gnudirectoryELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=9badb29c54828fef60d534c022ac9ad28507cd59, strippedASCII textPPPPPPPPP P P P P PPPPR RRRRRRR R RR RRRutf-8d0e3aa6905e7d5f3a0666ab80c06e558b9d4574fb1e453bea45194032d2df042?@7zXZ !#,n-] b2u jӫ`(xy kMjcg7 ֳɰR|.՞e `"GF熉=ُ!K*,'6D`Pz c(=g3E7!n}TK=29dGG+!pze%8Ԑd a:Zb%6 2:[giMmqe;яQ/3a>> < [r*gYiTB4Xc!67#]#yKJ)Zj'etnFpSN9$)3Vѳ ~-Xz4ukxɥ?݁n(2t1w'~ȉܿ6>t6%gQb#iKi?Hq;.*#?4($S#`"Vn;䭗 ʞQ^y7\A (艟~`:5^R9e`#v B!cSSP~gkS-o>Rtu0#WgVGH$WDN{C 2'UClߨ 8վ}^ܽNQp_;`p=WWhDɌ_K+ȾDC~꟢ Hp-0F'؍a}zC!6ZEWp#Y,E%6aTwlZ1[p9i$ާ2Yhd#ТB۫udҭp-(߱i,JypɥCpY7K@M4 !ћrr'5 g>%w/:-WUNBjpR>H>cf{3G[~^=XY,Jl8`ܤ3v%m7TY2.Ѷ. z ph;ß<9kVϘChQI'-'=n *PA0Y0h5|m-AMPi-B{iJ- {1@7אW/rpcJU#9bwR_l,Iϰ%mgap#kTF@[ttPH/׾DNխoG y}28)):R4AD%=+QW0e,,ILW6L p00:9Zܱv6ʧG! mvΓOtv&cاhmeVJ h٪ JF=&%=jӣl-dCKyh mz?hZ$v B#vn{1'Hq|?='w,f3nSz*dޖ7wf#B!g;lO(d$ O?H&YTf2'UB+B]mUo{M5ä9|v0d!F9vJQ8q#H/zTk[8rXIqLiyJ)>K g=)y&>+?%Z"\A ~@$}FqwɇSSM fGW]RDh<ɃɩcUt077/66}>AU&'Jm,^ݔⅤ:?dPeP/Wj^_}$~kU0IF늚Z'|`$}tL.X"1qQPfN; DsDm$S/Ց]D?&(1'*J >]v`ntllR vį9t`.K2KJN6dVĞPsrq@K3'Ǒ6"Rǂ^S"Bxڱ30GV/e7c8@.i(%"S=RWhOo!2nld'1(4iRprjpR8!95V@#1v< 'j}ꥻ|PL:*OXqeQAe g%C[9K'8fsYVj(Dh<"e$=;=e~ lR3Oμ}Qb}sND$J3Oѻ?%cKzM}>ے~O2]Hl+Gpl*JћYf_Z7?.v\Iͽu`U]d#nC`Iu>Y^Ƶ$kS8e{loKTa|D[Vx^eCZ*o!mtLN_Q.9-Izx"!@&UZNb͚S>Et1or5 K$f;ȨuG{&> F4Fh|,:rhP` ΠE ~C֠:轄|˖0 E GSeŌM1 ?dXvn\}lnDK]=TK묪u(l*#f@[YE&Sѧ^nAŵl" !S%mABڒ12 ̀~n #F-1r^B.D\ځ7y!wqSϖ¶ ƚ(j] mJ6 pI|eݗy.ъ.9&f:~8bUPo}o!v AT!g`AHm(UN'&7BLGݔULCYd;~$CNbZ SIh_<5B\ wFq fISҾ| !BIVns^o)WJ~#/ k* "SM9Ti~uRҩ;d VA/) q!(B+t{Wa-KּNm\K3`E:Op}Yk vf1)ɛg }U?hLR`6lM.;|׳!-K3 H5%ݒH ;P&ս`M$,|֍>h6_*{D OlVNuj,o͒ظ$ 71 5I&8 XumSp )+Zwn~STOKnlu$ 7ˬa]0zc/dܪJK}eJ9Z$8D4/#XGCkKvr'4` xnv)ERNۺehxSL0TТg<>瞧RJ}﷑ɮ  qi -2I#Պ[ oTc#XYK%~cjq͐v]:,gV"Ͱ!6|!`!Ha+zC`vnYИꔼEl~t&?iz~(?K 5@,!аSM^Ny%!3qYߙ90g{Y0@Qm+zTixb9v4\ufYՙ'GL;2y{\n+؄ICX =60F+>3ـٱ ޱa?cڜ}T}mQ^wDZX{݀HmsU?S^.k*l,>/eJ6DQ 4,#()|”mgxb "(+D ;-)pؘ PP#_?\9d_ڔǔqdXYX+`W-LOH,^S6;kͯG!=R?@?աW)FmszQ% R?ZH xVJqZ#>qY53D"Ѭ"'}:OׂGGcʰhaC%>BGe)ORT\)a\KDn;o99B ^Ŷ6o4=Hձ"U“,c][$K8E) WZW$ܭ @RM.VuС,.5s* ۛ@~"g$#/~yefY[RXulՀU)j/QimJ1έ:b=ލ2(@W;Nd݂`l'm:qD+%1YfJbUMv`u]+ nTW{MDv5a#FqmZ cF;F ]hr+PSS6De\w0O0 n[7\)?7bt$"ܵd .Ɂ0nt0K8q#qJB2/>28,Hwr5F)W#DnTmĕ1~7o40c:!fYq39w 2Ò"d~)q9bH;aeD>e5-\')8K!t|i/-%<:&;>C4%^džM԰W/dߠd/ZmUۦkS„RFчJ.Jp<|j6 E TͻͼoRB5o*2bƪ{jЏT˺>NisVX۰:)RMoKj>v޹]@ * v'3fAܑ%6/Qxl's3Tm2"{렭5NU7 Mҡ#5تDqS#-r/LB>˛@OȀm_Dzwqh_ 1۝4I-3,ix_cERJĩK?O?6&aRQ|:u>h.Ys).\rЊ2o&Q"(nsg&@e cUYr>Ђ_"䒈ņc+² 3ZnDNߐ: `k2O|mK*Łx]*K]| P<6{HY566)*}7~ѷ`awq P"!B3⿯RٙB#-}2t f xIfBj? 3" !/+x}BQmPh2jpiA}t_|? P˿;(YNϖp_+/ޣбwJvC4d[ݢ*ҳ{FsRe 3CRo!gE4[zԟ;A< R(MҨ2k1BP^9K tWO)q_઀cPN@4ک"D0MRs:Zli Q+[݈:3N53Vxϑ֡7~+땩UK$­QFZRĝ.6VإѤh_8 `ā/vQ}[F~ū(/P/SxYy+L}&?5' U+L¶3V5f9XrFXgNYDFF '? &?b֦%SљK:$qȲW喽NNpFrǤ 5$^U %R$\p9\GҘX9Vi͔P W9[q)-J%dңOnXۯ:KnUxMGsCSe .pM6A]Zv=$kTK|!(,UY5dP:.I2!j%I@oE%h&`VE'nJ_`-0 k":yXzƤ.Lf ȇCeE,MbpOarD6iN7pvPg3&KA*BX+bpl]DArDz!PW%R δ}5yYE=O5".kȏoJ'nufms\0S\(N&,ӌNoZi)踛y@z߄4 K@J -4 Xf " THƱ"Ы&}k"z p'Q) ԭLN[Ia:5v2-4%a'~<$K/: EpKo.b=/ۍszRM[ɖ=1[`,p!Rs輯eIԾJu(fT6W]\%p BIzQ|)^+N]P8r57Q:1y4IAj\ Xk4K;w+ );t]|o,ŋYQ(} a"a`lyT/U 0ydy6Cы?gɫ5eRH&(Iv:ƶz9ݫO;TQPzNҡv| ߟH׺TBPN5P;uX(J$ 2FN f2aXM=\~[nt`%l bھ4>.aڥmLpGE='ds-ZnL'ҲI ֆY~svoǧ?6V<>D/۲3:^qoF%. ausjRH! Wo)R,?蛥H(w}UqG]! B2HςQ : ]0Y(ntnx:};\S~Lw]_=CZl~+UUoggR1pXn 3 w2kֈZ tQ4'6~vq^'˘02AE5m '68}bQ\ֻ[@BlxnÓg}3nCTD,㞲ÉT_kIjwi_`'y'h▦-++[ֈ*!*5r4os @[I2"݃2[RUW_rG|q(̲3_(V!O#H;t*a#y'U`:[9Ž:n'mL[I`WDϯ<5SgŤֻZGfuq/\۞|qGdA̗˸1fx699Im Q1>Iۚ0 pu%;뾓 ǗV)/l {O)%-Q|/¥w,"\c[;L={<+m6mP;u``98̦ߖ @x}UMZVn;OrGb!2} K%UAh;ɈxWx)'-ikcۼ0 l@16N&Խɼ8=AgrH#_ -cY_,NƇm3U /1OO$u?fPZCΛ5IE%E( m( jh!1.?ȕd )όOhvK0 b5$;d~@ =7JvMPbc+;l0snI\{0uU0"|80KB%;3AQ̱dх$H >EL5@ڹϖ:qsw2QOX0y"c[RkPEyv>J"PN=s0_SkHI[1 |%Z7IM`srd?]yOj5d]xc/*3'QklkCr:/zNX9x":zuGocC>VPר%8CW+ω uخa /g{±Vъe`g a y3`H <++N#~w"h 9 FhޣlIfF<&\zʚ=n Es)4 <6ET 䬔6*<lJ)"t esUK&w ]j [lAn9ڟ+"T],^n9a ݝu n79$> I4)2+9EG '8 n1 o{8snz>;D!sH/` Jx~= n0:d܂h&[A 7I0 z%:#:Fr7KY|;l) !$E|+]$Rwc Oڍ(vUy%24Bj9w1.A^aL|k1ZAy ᘩ! %vȠĔ'ڂz~N|C_Rbgt{ܑ\#j,(a@.IO>fz)Ϫ8 15LS#)؊P\ pYךMj"0M0>ƗR>jc!$ 4y r®ZgIAC1j)>)D3dP-2I5PDe07US&ZxS=ME sa0QE`Mͧ@9Q.4v=ƵQPeW7(yί.8lcиi1y楟6zz%־oKK6複9=XdtBp=#u$TgJ4*B9>[:[RxD=PD~ '$@0Y7p뺥KƉىƁWԢJq)9o~W-{ .qPpWL\Iںx'6yd7_fyerO#3^`:5 %gp k611 :,t%JW; Yjq+{aI‚o?&/|"oՌ[ 4 Ӏy;Lr.a3cl,^%',W͂)8#+d ~rL9>广;nGs="]\>lY}~@o"Ӊ;tN 'Z_) 8VϴV s!ۥ_ć+ll|r1[Pi|Nlgwi ֍޾jƲ9;EKAJirj+o}`Uqt MdTRc~# ;}CӳBÀŨ`Ƣ)+ G/dW\,wO_:yG0ܠzyz: :&ĜŅn [R0 n)N2bYB .&eu6׿XM*"L Wl IR}?CTms>1Z2&9gF=E%vk- Il>%|iCdG!v~eܨ/w/P=efBnM|лs{cD& pXoMQ/# ҆h'ٺ/tO#'BA"[!`&4T(`wj,\73#>UЪ~On?+66|ܫsذ̍ ,,wʽ ([HmNqG0WC|H v5#$w?UqvL[ Mۃ}Nx7$w`m 4lN&(AC~0g }ky42gb>vm*VFsWsd\bԣ0k=P#3G$&n־l"lI@mC~? .{Di,{- aA@QjY2$昛*>7XLR2I>ȑL+8X,EtXV%ݨ,&FX r7ܶ|5`ltlf؛>uNIː ^ BۀMoqs$里;l9UZ"6OɎl[m]>/q ΠlB& bzrjɁtyo/'~'I o,3=CJIQA^43W#J1.8p"4O_c#Uʭ)_>M:o3xz$aq U2EgANlȔZF0ɅU@@xgN{Fgp#x#M,t](\ypwf˓n}T'cAU»Iӥd^i/w];½ӪLqk ǠT褡;Fү)LC:S \t˶ՑJ{.ZH[ڢ}Ah`Vbv5qDh)X_+[[<>yЋݛ'(L `% G~1Ѐhq@ ĶgǰUjݗ-vѱ۱1 96%G7",܏WU3szB̥4w!p:|Xs)UrXB4lԯb&Xwƴ(iDOlk 2Gت(nPH=C|V wLIjеt@jtysuiPFa:$NUٙ<â8Vί}՜Aӊh.n?ӹXDc}4|4}3r+?W%&kHo3Sc'7S*㣚JBmR%@VW,]`srQۖX >S-{F.p(6ʲi 5)XqpTE'_A(2_Q LL\9MpsַO kX/ V(߫Ge4e+L&$+/>Y9~#P#ѧo}% B4㒈sEJO$u/pB X3Dr,]pH/uG 5[%^f;nUqįAG@ lsmx`B|U2n\l򌧎Ж?6l];DVCq®2I++@Ķ ydAWCn|PQ6!q*Ua;s{s|99 μ{P-Y|g+"˙"DM漣G6cݎ[=rw}N ^X nP;X|;ߎg|Ѳn&eǺKY,!{(h˦)^cY5q3`Ys}ÿʟ͎'x8CJ/FƢ!XGgFya r^@vlH-ZzFBx&q\BcRh:j.`2B̽z?Nqnl("Rzʿ]2 Ȧ^NF&p4xE_nHYhwXưN"uL&y @˼Ғ6$. .n!W7.;CW#zv.ϩ;ĝ t٧c7US]7+6rrum)0l΀V(%⎶y|x|vw4"OKiODS?2ň=;{-L? k<Æ0Zx5ƽrM>@炏"9DP44ʼwjLsJs>5Nw DVe5UY%!¼6I{QjTh =i:%JQ޹y[PUpHˌWPB""qeӪٺ6zI-/ڠ/mi7?CLAg2t,Kapaq4cS OxDpv; _Thl"'vYriz%|icq8eWW!]-Z*ܗgZm` K1Ǡ+*=(Bg1!2&Q-Jk` =tu{%ú)#$RRE]Ʉ n'JEaf "x7Bsp/ 32[7ȼL^$ThsװY;#AϘEebOoP-L|u QEm6'nxFdYM>R"K(gqp8ޚձC/ R\ V%AR:AXzCT@?Ѳe>aBy$L٭| M3zz2fl; tC3E|Kl{\'.(LI2eM0c Ah3mf(XmjsX&%t{ PO>M_ʓ/-y`Z*|~ 腺~!ܳ?=pfb0CߙmJl <װu !nM~Jznxܳ蛎.j`j|&CrR_;`h6lWh௼H (g'h8qO;FH=ɁQ K6>$r?,oeOSMT]]2b.B~}U1([p/5e) qM,}g[&wfDXTfEHZP/OyK/-4>s|J'&ҤVmCBju}(eG_8Vч1oY9>k}!<HWa}kVrO*Hr  z_2nDڳ lÝ0h";rH>IW)g *'ΰW4q9f3^pzq7Tp0`uX?UoƳ$u.\G'ǣKuݶ yBѺKsw8&Gv%Ʊ){Na rv7骗YR˘!_PjJL'W.r&`g܂@iJVvad ߻=g<$8UҊ/i9?~[wp7d,~݊BšB$ׂuD0U :1S9Ba FIt9Vܐ`dgP/͎!)?73sSY׻i;D%7ۃ*bI=Ctu9}Si4es3?MYlDLgcxSr J[}m($MynIoIPGj%hGeWDcLa|M~8_jb~ ȪM՜ipZVXE,QX><ͤB[V̉"-܊I641C.J#AKY_1e eF 9'z^n*rk&*CH7V׌gKykĐa[e"N65ʧ?:sQ00ҏ@O?):CMiZJ'G5-zjެ1z FdiVկ_Peqײ>Al `RPhXCMwLۈt: hoE9Q$ Heݐd(NPXaA~k$Ʉ2 gJ>[mt5W}`HbE\p=^W=O|V K2+܆'d-TQeqm@Z{[XȲ~T]čJ8v*?%.+,(Fŵ]GVWJ{7Nt֢3rҲCyĨTt9a yIY<&#}/%-QLt"\߸tۄb7\$"Gx xJr=mxdF%`7cBv\kFhHMtHWֽIt&Q4Vl`+LZOKD檡RLt0,cLb#ӫO'sm ɢ;Q 텀XB> F5z7Q1Jq}; YQ::}o>{1:^1NTf.EO@Mٱzd_^g=hYɏhS¶/)u&_5{XӚhA.Քa2~C)cJMڈOYH0nh̄iʤoGȷrKj"LkI(  hdZtXWK9'dhUzϤ~X2OhϪƄM6Վ/-9W氐fDƣ+ ߿At2w}Bq#}ߖXE7@"ޘƍ:w1X_U7*ݛDb$;`鄏mx̓IOcNT}x' bKXE.ٔe2,}vktڎp[Ϭԍ6'OșPSdC*J(T"E~]ЫAY x!/כ܀6Uz-[﬑+?.Lc,)ILGB ͨorpvͿBL5m4j'UQjA.SbЋ#;7i:;M@L"0YY>Sf=P6i7h:~h kن5p4׏P/OH^m`[]%M%12b@E0e+2tW0F~WlK^>DO<6e G ]qUyĨWHON["[OC6G 0O$J1wGQU9!&LC@D%fY4H?B xo첕{dВV":PWB`R;.)ًJ)g Ɩ ls'8ldV5N,2V`b tB+f J>R͈ e^ƛB`^{^&EYB99@kPhj4v3g3H v[!K:;A*U(=Dt$drG4LؑT۝ rZ Nu;&=("s]r舉~~H@{_VaX},1^PM?MD7M'=HZpk{~ɓF=Bg}4 9IH:Ɨ6`4n' GZ#}3Pٱs՗Qs_8*/ rmHբ]LU!^t-R mr-5Hؘy8ʹҢL@˜QrA洤tg hJbr2' !E_W;1Ҝ9dIuRp \oLA]SF7;;iGڏiL R\6,ĖS(o]ޞ۲ ({T|(UtрZF/{ 傜Mf-oÒg+}Xޙa%;#ך ^_Z4Մ{JzyF@emц~Nd#HbD8im-Q@;+lg<'&cEn|k;4< ԨbFOw8ŜCmQQ5QDdE*̩fCFe6f` eoVm mn@UnU>KLYvI fcVRk@q43d󄌧i GtYŲ1r~DKjNGj7핓SԼ<*TU:W(8nQ^Q#5_0dP;%)~@YrtJo0_9:1' )xV@\ψ3ՖHYV`'bcN[]|p@D(Rt{oC(ɉoνZGM.yi1v:QtBhJ` \yZ8*e5?@3l/G̥tQ@6giXHnGȟ,|05hW 3mIY~?~&1*2Sd{(pk{5iZBFn2ʡΔo6$i\UTޟ)'qɤqr"}ZI]咹n2Ig8gagi&Ʀϯ>XʄBkk߿; e` rgs:| ObqxE0P #ySXOmPj0sKsɽǯgvc9RYF'`6:?.6W:"b"( DQ0'c)bsVChqćU|{c[8,z(Ͷ/mI<S]tgT؉èNa%7Ӛ*JQ_Ѝ'"^|+)-kX;f6;Lxh bA@'5I3R*`^mb+ULPf%" 2)N`؀oƮ 9똖Jy@ ɥ4A^<g'y) {/`SYETm_oZ_PU1D&8Pb%NVDӥAyuCBK+~A+iUx WL8N4)_ip x@ Y#`W>h}To'TXX4erI B7 Y̝nF1b07_l8n=`AQ0ɐTRɪ`T'\ycRe+'P{ZOX o>\;%yCWݍf8tzJe:VU*}՟{x3P~<l0> |щnwc| ~kZE'XE4֎"I̤zn!ZMIo~sA~ߢoCJiۡ&ƭ:X]cr+Ac4\NS_Ϧ{םicKm.7hpIetdN9hX SYJX׷l>u3><83ɱ8&i4P] 4f|SgfBƵ5;=Ns=N db> d}W4|l13E(4D()-gj,}[TzAz.9 -$[N-GU r) PR4_qكex@旯onǍ—ͨ,2?kw @&m2-Y-M'Jkt˷/ԩ-"ۄ^$"W&O@?zF !|!+}c, r̵߮!zle; J/F 0[bGu)A- hl?Ma˘R=`3ՀiCGJirk  E^`ׂ_49-DzŊL*֏O`dl gib1'بWB"q0$:( M]- k-N# :@Gnv/]JK\<~'cGo|g23eI'(U/0fq$e3-41L魺J#q_7SeBfq~&trz:hL/QSĩj5jFJ4RlZ>a 7\cjXv4-#"])Q/&Aɨ"hs  N90o1wO%#)\^TIɓN%;[#`\4yǧlٜfj+ Ao>{{sMz]nf|ïPFU'<9;? -f"AoA^O<`88JlVoQ)^+5nX$rk X7j5pu{-9g"w'+"r j 4&Նb~ЪexFgW5ʚQ qUFA7~ x^gYສ KԊRf*Mݲ817sy ݰŒ"]l݂Ǧ\WD|:oeY,gpUHS8J "X =q6M*|;y-CªXJk>H&vD60ZVvȰS`%_u-?3uF=yfFUhަЉ ϙз =IJG!҃rr#p( EE擕ȡie|ϾցGjdlD)m-|\=uL0y?T#,LGv*\'E 7و O70$dVED2'ո1;`q.s}}wc Iʜ^I[*N{~;bStZKPUTm1Z_S~wj)1v*'<6 \jûlDoK+v}ciA6p],Bp%Z.6lO:miYT3/ bfRnL艻ZCmC ܱ꜂_`l ƞ /Bn,*3fL(n*岄7 ͢S{BL>Ryuѵ濷Ov02cʏ=x l2s2*K@N|S=QX[\iEk ]F;ēLV0cX pik`+PlUO?|TkDDAf5<( P qU)њQRiwӳ.~߮k"SCd٨nTBZ4VK.[c.@!>S,~Yt=#!:3f1cWٝEq~ѵE\=;Iz Ň+F 9~T0/*>2)z}E_s =~kgzdu!򖺉rƵĈ4Z$j7ht]/PVЀYN)|$ xO.n-ssFӘ ÿJ4uIKTg"A`mcii7ߌEq0-&Lx0;)l/+eCjm?P YN/<;[eސi)#FH䥪{b='y6 ZCky!уfwǨ{x7J<)j|LY 6)|.5/Gk>ZCG}- !be9v:ͯ~VxC獀J[5=/= 1u´y)qTl?SeN- Tլɪ\Cp)m(4Gdܭ.|:@P !Yu%q,r"dd\f3u$8XOw=#Nwڀ(m/՞Q}HxJrb$i}\pMG@qOcdn1?&uF8GC#mVAv'5\Fޑp?{jSڱ&-Rږ{&/4GXh鉣AniҨ,:$/;bW:9?݌|GvZƧRZK9k\v. rxUɍd@KgoäĺxFhZ!&.0gi#Lg_[5m̠ x>i0'Y bL"OMh$ ADPyhĹ _[Lnz3bN]hO=D:VB>x8U S]|= v1SbV6,gBPoh<Y‡f"l0O[KL.b5޲8g׳ '{Bf0JN"O4Ee}|>)g©¿=3y͊Vvrfm[678oH@U!h%\vKJ/F. 9$ jadOҊOPML>d%[sװ4de=K!mteglzM1%5^ sbNG#M* 豢ֺ.%yΕ*}/B}aL>%5=N3.1#*yп1-4JD5 .5E^c:=$ ]m $ނ*Dc1Y" fh\߁ Lk*j?`̱_ь]/ϏxLo`F~fc6Y&MMC?ISCP.h;;{8>EBOxb`)Ϛ7}@_/kXgK/6._XGZx!55 "Oք<Y [ ZFe`HPq#h㐆^KaB'+!8y7"F'RbލeGGޫ)^;o#J Z('W﹟klRQc0nMsq~猃xU-HUqمBV:˦XoG1lj@QaO0Fw |H$~(\\9gZ@"2b.2KDq]']СRݳ==hMHr- !M K<2c2zU2I8Ǘ:*G(?Dd<9M RTxDG?2didzù=c:>/" 9u_A~Ọ́Z]*>T†7>`wFI۔fJ.R`[ZȘcTb(ca&ؒiKy1ۢJ1ykj,E&nGF; YtLU37FByO(q{PKf߅@繂SJh|&7X9+IO"VγmǤ lqbniWlPx*C ZWwe -U[(7vاa!-sW܎I=h˛"'4(r@!,ǧMиmijPt0x&q{e~h{^ʃ^}aMԵ/ݑRi8L ΕV?ڑ)EhXt6*yMV+ً/i@CJ\4Q}rBl+WX=rg5Uߘ-Wξ%]'q?t'oR?|F5rJx\{$Mup00W Pjn]0vnα#xd6i#bkB;{fb9#mZ!_x$B`s/Ҧ$&69 i&Ehc32LGd%f mְ(㐋&j/ʜm3C9c0Yvs9Ʃ x,,G @ZADI@ =I%Z[k_x7zuDJ>X-7^qC=VqK^ F2*i [NxqL/9&'3;NjM & >uha.8C ǹv4xbYýѪC&p Ȣ_qCE&:Y2 A77S$MEjfG<̞P ֙l"әT["U6Gƹ4?UE2qj/N -rUIJ]8=2rM=s^YdX;Y̖F|C=OÝ%-̂jT@:43!G|(sL[Uלm+.\ۻi᠘xjYyibcl;?"c#;kԶgdSeˢ?ܺK7yTFy ]:9O҈$k1hQTVɅ"7lc_!0ɳ`4k2P+\3_ 8ǹ{4 e15*%wҒ$]`4,2)afQAd>|Xqjm(Dl:e)Si̷pJ}[tW*ߴpR 7̣%?/`0{贀F`LfP57 ' k=@Ne:V]/G6IgH%N6;DHZ#:%oE_]~yHyU{̗4oi/ ~`st?=h\^SA^p֧ȣQr3Ar7(sܜ/>D-&!F;B[@wC@u Y{oNr$T]+8O{aQlmEaDH-~(}΄ɯV )f5a\>YEGd:Jvh.9]N&F3MG~JZ)RilJ}5,(& .4$nWX%r#-j@_„nWF,-VB09Z`nJw}:gB`!I Aֽsx՘ (XSձ:D5IqwydeW|[PChgVo ,{"l6e5|2 Lj4`0m\ʏ\&"!dw Y VKof@MZD5q;Oȴn՛͜(:$=N]耉足~ع^#mBUƁ5ŀKD6 `5/ E0@qH,SYt+xG*z2z( ZDf|œX(mW@+M¶ (dYn⩏*4h*S` ᎟&xg!{!gnĊrj~;Y[¤97fũ $LfjA](Njq$A4෱/}&^äX>a͢uZK݂"ē\ӠRE,\pf:A%G6ƈATo3X20.4g€ %^;4ժ ];ʌ- l; N+g~vG̤L1)Ro֎&rbh ]8 )o,d1J`I &'5ͻlC)MƶNV,ZS黫$ $-y7m?fN%8ww !p ;yWdW]J)4@ f@:sU'>?4|%Kq7m[%X4N'*CcH ݶbfWxIJliF]a[4ƯA}Z:Q|t 9I;tMԳ;JFʾ~Q7 &iHg3)^i31!q5n ܆<=+0$1)s~趭{8WEsGF"h%u:WUh .Y⹧j0lsͦ6hmȫ쨕m~Fplȇ)/Hj1*?n.c ^tP`L9Fʲbc\=l0֨{Z_:ᣆ\5]/яOp~GQ34yg*p{i7]ȼnYGlAt*a`Im~GAj0Tsw1tC#=Yjnr4eaz7ELY m+v H w^Bn'D:'X4ez=QB_݀L%p?VUVcP d;ZcOoKP4r'oFoiHBOߨŁ]盂'dΕQpj46y&UŠƿ#+Ik~ 5[lGډC(h~3l-K4X&XY#{躯cN,v)0/ 6*Kkke#Ȕ<.ժYP !MPjM⇾K_ِEn:Ngyܲ_G}! \ȼrkČ>.4""OLa Vi ☚HHK'̈́Rr0tAd KȎSe ,_2؂>vLOD Y*׃c^ (#C ~ٔ6V/n΢.햳`+s ;XH'QԢ7;éU,-QteCۊNpW̰(zM!hGs%$|Nk}pw,,ꉔK]4;AQ\7kW7:)`hȵrr7*EXp~BMbkk)=viU6V\` R\1s P~.9E'O0$ ˦H=_ K6]:&q6IE[j8Qeɂz '~_+ኈ5Q|-0f7P,#Mwӊ}֝}3" 9[Lچ!7}u{饔ci/1iNDglndoIM^ٜ1oI ^¢N߁x9drךPp/ YSQF@O%]Wj2eȃ;▥ L^ [q&K'mWRo;.nkO?SX fdppL̲W]c/6?*Ij\|+=TN+~#J]$$}|VJ I\@9ᐳ]@!:͵PrMEe }$Ø$g5xM=el(O)?\/<i56S08V%@9yғ Mt0uO'uQah VnEi7|XBi['ͫ98l s =mya@$ =CdϺY ,نS[QWX@ytpv' #L{#ܴ WnKFCczq#y ND^9jP$`*hADszA#$|wJru(n7oR >ن}ޣ{MY}44bi/ֺN Zi 2xyy[ad-g@+>d_-<]܍eqCqaL5Dv%>:p@@۰Z8ph.}Է0teF(|gn<`KB6$ǂO[֥8 K2~CMYE`QaU| " ')=08fX%L r^I>z-Jkya5ORdVRq?5$f=^ =/VDх供=pt5B=ü?9:VB5qZbVU8$#)5sssάzpWLuWJB o@PZ7yuUQ:W(9 '+DOoʯJXL b5N6q<@o$g^q}s?|d{1 j:j_C ij8Tz&,e{oo&P)Lp~Pv]8`զ MRVEXP H>"=j%a2IyF{Ն]9MD!Gvq&k^Hvk}s}0 'Hޮ?IR*S0&k㘗Fics,ìȱՁ>{pH] gv;۵XeTkT}0Ӗka2(8.6t≷a?uD(B'LȸJ`-PtqM=bDPwtiP'.1K>,xzj-j~lkg3 : B$< wH_wYt_,S1[FSh,&(mslّ\&EA4! KpC4/`c96F:İß&A H^W(MKQD'(F!. ǒ$ƓuKnu|mz&?j݉Mkۛ"zg/:ZR{n$M0:لA"kz)2 ~%9G̍oAȟ\{c  3Z/:EmϙZ$E b@CNɚ 2GrHi,|d'^0ӌ~cP%HW6}D~У]¸sڂѩT aaۃ=AUZͯ(!;?IlBݢ8UqUzd :i" ǣ&)Zץ85N9ek.inhAm݈ugmzAyOUwY,TcP2t\vD9:pUeDz%\Mz۹ſPEgUMms j͘UZ߿Snv6~E|Q\7kH%bY }|{2DWt 32Daz,qŮYs5R_n4SI&rNlh vV%#uǂȥWHko>\( pͮd}Xf!})zAU:ܚ,'g)A># ? T:/rra $,=Slg Vdi4}~u'*B\Xq̂cĪ[/yY+Z8;ArP-vlGU~ۻxcӶUuDsڭJЋV w 9xwOLO?r/<=&~ulHjeHq~Riܴ 6񝪅 AjKP D-ao|%h@l"iE,P'ZŚBlF]ZU z";ysI]EkAd|?K\V{_5 Ay E̖lWo-3.D6: krnNa82VZjapRqCtwHv9Z AExgHKٮ]`op?Kk_joy;U&N\*e*: _kSҵICIB[NTV(HM+,% L8DzCV{}x}@mr@-(?J$XtJۢ-Rb'?SO)`#ٺfqAۜKikJ&=/ 4Sh)#)^zqMK^y9ӊ/1'{ 0'> l/ `TBeYEK׷+.vV(~SU"yK4OPm7>>= D#Eْ+zU{\ZFPs:צ_r@8;=[\eI-#6%Bμqrm&S;ۋ,Ieù3 ~'Zҽ{tqw PC9YB3oR9~G2 .dVXRe\!)pIzXS`]b2E \]NVrT%5"02 a ص\R|%>$%闎)FF2(e<ڏ{ڦ!Oy3 P:R<`>3-:M7䣫/@dDs|#T#zJkϿlN**\30 q Rle!0WNM߭] VzV\${Yt7V^FZ D W|R҄V؊QS^&ʰ'Ӊ~ 93L lT`r9 "feU5վp4^T9Z;:ߣʂe1gV Y `DU>T._^9W-|52M(d `ڮt-<}Kd1gQ\/+E_ZR!_ ĝ#ng38=da|)hhMn5nS}}g쏡~G'V~I}aTf~)B>lΈXFl:*h(KcKntФ7_.y F|!Erlh Ʉ?H-CEmKC QyFgi&NVK>ȭ/%c<8W%5Cr>6kyeW7#pnyc;cY8{eď1Vv/e"XE"cK9 _1@,$elvғt90|U̢Cəs[Ln''vh\&=(8Wh#!ـՙoҭOHZEeiL$" %oW!Pxϸ(|qc]>!NahKe9 | ۸[;H fv ^8X |6""vVݍzJLSU`LMJ V SMO9mXƲt#i?"(rW6Ǔo i <+h ad1C ^OyEVD|T@ ,>;W\:8 $ *_ +R5raUC 0D\hst|W ,mťOZtN}~ρ"KJϩu87B[d~^<čtC",amZ5%_/cB砟a7`.5bo~{侹tȑcQK{j9D;;ȷ#`sx-.-r&N)п{!{L׃H"\|?Do?bjXPӑȑZRvxPY NzO{Gpht{V)&z: vmk?)0w_$|n4ޥ/O 8/'s{Iq/GN}d[\~> |1t1Kr7c%;< t=BxT?>SE8B>zrttbҊL{c^-ph~ZtMh]hjhd@ xyk48ncɡAU3O^%r34oztITP7M̀pu bSTUVI/3>zUi T!hBGb^oa&n~RF鍣Zp 'arb Yphҩ*nO-69Lzȃ'stMہ4Q9s *wN-7 dr{=_qM $,gf<$ܠLuZ ┚.EeEOs=f{~u3!:Ɨ3&:Ȭ1Ȁ (is oA@4bq2{5vGƶW@ H}qFe,g?uq 2F`Lb`xѾvӪX{o{QdC]}| `]x}D*{Oieg6r`#=uZ<03%ZG5S=kkkŵdBi 62wL ?AeT] 60|R`鏦g{lAb,#Nlk&^V'~_aG&  J ;] Jز}ucd .E&`53=`,rl)9Kt42, f߈?o AH&^F RR=`QWωsoT6ηkxgpI}pmgkޤ8;9~:JLp*}x_Qsmk vBȲ-ޢ/ TR={JkAMs>>\ٚ``*ZuoanIvg/ؕQ^V}TxjwF4%pPF\µе>dͶaeo<$4zg9д|%뾿'Ws#{oݟViҰS7ɵ`eo';ÒGat%jXK6 8 1ʓRKVk6Tp?};<|K655x6?uNg"Wc@3/m7f}Ѧ`B\TA:vI$Bap=Ys6 5EL?-Y{o.nbɪ&]3U{eèζPiu CvgNpNwL;G G^e W3y:*rARv> {8h5_Pcl8cG;gD\(9Ft2} g_p#YZ4UQ>C3ќx> ^yʇQKM |Pг_:\а}HJ DjʭWd~' բ:GǼ$OɴQ/,GD ktiSrwI}լǞ3pC$Kܑ`=GLe4* ?\Tx#uc]69YR1UۗE/%L^ @X{ǚ])2&WzW *Xq$RBq,`{uiM0MhMv7(o0! vy{̝J?6~Anb@Gt>X14璽1M5> W~SF>NV{' \Tڗ\H9xxiVtpt¢Hǩ2}Vj";"ƪ/;㏮Y9yyJ-n@S0phoW!by|rt?sKmO46]W:hSt9Xq#b?ڪSb_DY Sg2&\dp*$8±^]bU}.e3v7`;P˕P NpN2^FUEaȅ34˥[Zvq|t[hK8 eXu6КdГCHX-<'^C,X]܌.b S@&?Qb}O6C|~I+6{&au)SδsmH"(f2ϐ#_ĝɸu{4?re AvCĮ ݪ5hB=b1n(x :ewތSVzR+\;IdH4p F㰚6ʄss hS{c=5n$M`eZ:ҕ=O шE[-8џE,ElO}gh€ R߃,H_Qne}XEd_Kq"7[;?BNz0rR܁\NB*#,?S]۵mF=5[pV>xLɊu~*0 `+,0 { }1EOҙr $.PR6Dk0QRѯ|PҒŰv8K/:8NoZ/xIY ݹ3IUNܶrYq)Y2l jcGKr%/)Q':)2C^0dhE;Ad|SELk!lb%kPNEz6F#FS.߷5ȲЭYԆ;̵-@Ӣ/5|QEf3CT3X&Ɲoإ~N|;vB uEQDk=[!`^{yȇ >P7Dl H ks j_#)/It6Ѡ\7ByGF}BACu-PA i+ QTlTaԘjD@킰 cK qbKK#G(P>,<ZN:׸7^JJ0~{ ͅn/*G|-4ۇ VKa0\.gDo|Cy`-6A*pg~l(c4δl;*; 9 ]إ9U<^fwScߟyID!(k{let+kB37- [މ2(?;,JT]]JF&/TFh|}P]Aew'@ oa}\&.A.Zˮ"7V:svҟBH\.Nkͦmڕr'Z:'i[,_: +k/ש]F@\O|1^֐Ǹ܅kMR0xmtLoq >.3K8zWZr!>?cm-H$yaHR`|Qޙ\@́{?_i pocqH Vj:Kx^ټazƌ8,òP"gk]scA `Wb:%CX%IRԎI C'mU˥,##PQ&cU*w=&-~"iGo/꬏6 4]U*Rv#åHIC |٠9m Rm%, J- 3v,VfqEtPMBw%߹vW/K$]e dAe(3;1|xƹtb= ˼U?{ q_"bt;57bN&R3 7s6|m*Ea`7Hl9OEY Bz Ԕfvd1#ZkU+ɡ@١?A VN(?QE,I~SBY:% *c[ x,8މyH~d|v/HHfܦ}aA apjhU&#qb=OQc~Z^۠_ER|[[g8F~f0ȞgUuǕ3Bxh-NXqvRe6&=S8ݕ$iY}`*]BJ 9 ,Yfa$MMT* Sx%ϰɁn⃝*6 |UP}IʼnE)b‘tj[Y7:>)4k>j?_*NX(WcОˠTl4x1Q `7<`: TTF4y_3ڏҀR{P޳>2e\PtJ=gs ~gCXā1 (RٞROJƚf_bu{qna+8W 2xF<>q-1N)~x:rc[ޮ>|im 8Hs @sʰ 8|w>IT{yNC{BP %kԞV}RKr[/%Vv 예U-`[U77)?pkǙ"I?,&jfi=8I~ڠ{,& q3 >נ F}*7r4τXUSfEM71E|vw\ƀ%88T7{s8!? e-[t?\))d ҩ`y$ "ɷJ1v2jÀ*F#l?%|clSC1-Y3ZLOFpХVTtc" V6INdgǵ!h!o bREq=Oi֧)[78*]I"n\;׳UEp_ۼ4/(.Z0U+vkCl)scѰzfbڰ$mM,g`8j)ThirkBᅍ+E y=B_ھ6&2Q*/F<f@>@[ڸ6yDzؐN/'[|t1 ay9pL"^VLC°ŇH9b% %3XOUs(\ j*cxx)5a@ ҅!Xn9um&AQLq=ܪ@OU B=XDO)~Zv`= FGfzFj0^4Y xT_qvn6lpOB{^WT4bRf| \57݇|;?e$ 1LW:}|hO%ߧ*{ eeDAOw[̘W2sM``Q`KzU0vv)|Uߪg<:j_^Jw&-Di|uP b|^&|t{ ~J4쀪 yi VsJb)U'FNR_Ms^kdIo;@p4 1T'G{^Lz~zc7_DQwuuB$WG 'R>lޕx?٘V~O .9?ٙ#Aw{ށ2"PĝU~w^ p!rWSɰ)VyB. k;]vdQf-UN)?lX /_$e//m{ Х\R 63 |?@ uc :o lcb LJ9?qn^Q6;<;? .R$RLwu u/ntAŢ#3~q:\šT߭0'UxX>~ӥ WEJ-T J"hlLΙM\z3<_vbfU9MB{IF݉5pRH#-f$>bwϗtwt) (ӅpV""kEPM #tlKXGOu=UJr%;O20مK qVƣZCv06!e .:NS6pMݛs4+R $L|2Qnyҵ&(oFOd;}-mT{/g!ld"y!a𕰉Dv<@=?#>#8B u| 9&5fT {M9uۘr/yg. MSBJi|LH[.iɃ`8G*`/s/zp˗ S~IhG"Vdžٗl"n/e/#&/}59yLu`(l/pdt=R'A^$ĽIzg$|_ qfB'Y??HjG6K9j.o% (fAsWe,ޓjFoXiP}ju1<0ek,HD^]Jrm 6r׫~I{n)?iwHk(:փkV|"5 `7-E6#K+E?κW-H3'u Q"~yܵ"Vϛ׍oB?( c[CtXkFc빢$43cc؎y/ry WwG'_EMEF9eypD56rn1]QqoQrV[Uwtʡ"XF GIHWL)||ˌa)cg8dgL '"h ^[R{W1]H)Ko5<ս1OedE r?aAL٬̩>=r3^+݊ }ֈ}v!ܘ'jL+ }(&Vv58t42yU5bq7aVO#VN'.V<Px%e eVBPQ^6 $ ovqț< ŧI^UTX$9hefDNOh|Ԥi㡨E\ Lm1|x./d>?\qvcJ6$ݠt (&xYŀ } 띔WS}h93Rif+s8ыJ}3q~ZSL(u.;#L1 m=#yQ(dg=6Xxr} 9\a"3ԢƓ*JU[-D1)wC9(?W)"ﻈO5>-Ӷz݆9ZFE_䦱V6{ 2:J;jJQV N$! d;rPMDOoNg峹}.3*c9A؜s?9wjH{:Yk1y<:9JdĞnZe h < eC0qb}jQ.,f﮴qD߁ߔjfq u,q;b5!1|h#(腵{ϊ aF0RHY"5|c 3@7EGRsa6GF-bA(IKɗ =G: lrZ7eW h-0 >ͱ}>- =^PΪ̿`ij{yƙ'ؐ O#gId3_a ےQvsTֽ|撀/}'cPHpcA<]'V(PUD P@)f0[r58:3uj\V6u KnL6ifߤ,܅R@}h_ba ~?VY(Eh@ejrtZH 19 A/yuKǶbVoM= Cᥝei$s!zSXEJӤ!V_AT^;HP|yd4rGnUkFTd/(aGolvֈuՁxbc};ޒBـSg3rΧH/KRASSO:cDݛߤz]7NqPlivD҅6_ 0E(Ekr'7uZ–:5{PRZ(.҇їQ1>v!i3& GU۩p'/Ģ\OyX+|AqP#xc$bBCs4W^C[^J!KC5:V5}̄UQ%;Ԙ"8in| Goq&`n,U6oQ\FO4/q)`6ʣ{<{ơ\&IW3tb*הUxL~AZ$w(b59zhDtojWPEjU>ؓR:]O N ]=M,6hЛWN㜇:tr|Xy"OS U<Hf4陼J6UnOOk,٩=nYeZv\)[-}" ΂!CxkM$,T UKs8̚t0xYQj6 :q yHt@ߌDѨj"x^@Oa,V^e"r>(Ot2 K%8 He=17WCE~EEdNVt:=D%`"bfW!ɳ{?r;@lr"N;PU\ޓ0E˭K5npnPϖA{D-Wh3. w2[H5Xtn_ﴞl)A(7ZWStra'ۻn]N ҧ?,Tb-D@)l?<Ƽۊ^5ED[)8i!l{.^ |qЗXv"únnU啕KxH&=|+hUIS *nO=~D$wv/ho!nv:wȴNKR$&afbksètUp|/ ײk1ϩ<^40*)3ͺm7^Jay_4ClD BDTMV~Aipl.0XygV 6Ϸ,Kx8#ʗ=OzHrsxgͫuYO[!JR2TNxjlw"f`sh-(ԳuNQ7SJ0bxWѯv5dߧWö quJ7vۯ6HrFtJ=oZ "8TԙYg./D1N!t%# x=0r\2p%}dOeR5Tm㱃rqKpu}A5\;, T!1$AJ: 6^[ J'*\2 9n ȠBlmA$Ȥ/"L ap pwؠ2̙&䥽io"n3.{! iievfPe Q{XpS5F5b؍:Թ rn9m9!$6Y4+4y (B2mmS&,;r=v}8 2 *y_&:ٙAxRFv&xMWޟ?"KΘ'}ʷDU';ҏ$69^w{f5jo6zSLRÜEIK0@D!H' $ɡ{xk|!DN~wk-YIAzD"b$!5NL>?kuH h6D1&A4OQ3JJaJ7z34)_Gݡ&6Y)n'xG9`1~6rY,<mLsr, Rqlwnw]řW(omiAiG6_k7,/iZpH2I697$,>T{zzAѸ6kJQ'&oh| .7J6㗋Zc3%|=)ǤY;oR nqE"hVv׻Q3K+Vcl 9/~>02zT|)% ۝·Ds{Y2cb\C.:rvj~N!ԝ 9>/b@}P82V^rTNػؠDK]y3.o BlΜgZjTtgi?%Lj5 )i#kb&t>4Je|:kl`4XrgX A_F} O(MS"t ٍ@sCv5m%i½xZ?"DQsX'+$de$W 5iJ2؃kW\O&cs' mՒ3`:{B/T 4_lp}7 Kqu?{=CH;fuS/'tGG ]}z SH|46ERER#sP*c,Cji{18)*Q1t'"J#c #tmb k*/e0vFSy_v\ר$ˤ5ňgWZ(kJ(2!P$zz U-¦_s{Bދ-da~F)2~(X i2ͭY&jFmIu"J]͊V}+lں@ELMjĊ$ Qb(3 f)IJӇK7{fM:5Oz/9+.$1fPkA_ں5[ x@bO~_жk-N>ֵa;ʈ-!nh:*Vkȧ_5H(zx b\R Ӕ.4-P 7iH͡2P"mmKZXhj" =xYn,1ڠ(MɛTxu4C93P5i$|!k!QN]:zƪ:5?\YA\ ln];կ; J&+ƥvPTS6 g{:<?o +ft | 7isHck@ftI'ҁZvaT'++7A ?@B"q *)Y>}0+o?d-I/J祫 _굒 `)p˞>gP1rBFd mxyXb{;Q)~4![xnX:T3W|Hw7.کT\_ydSuw~}|> φ9.%Wvy"wwHG]0~qHCd&5 )ONX MϞ;N TU&Q&*Вnw6-AяQ tAkt402hFή.rF%&IlL}v!>'{ʚjwBẢjvv3|w8K~,6[K x3=Cn,^pYzst-DF]X"i_V-ܰG98Q^YeKή( HBHF` nKR D8*MTM)MqOTnXnHba6ĦsP?{z% 9ڣ5rB%kލ&qe"ZhVQ !GhLiw.l4 (;'%do K:A{pVe'4ɲF/6"IL ߈ ~0-\;B[q#GjBۡ)dp #;X?Hű@#{K]҈.:6(9kuYn\" C?ɻH [Wn·$ 7 2z<,Is{*#Lߋ3VE7D[:c[p- j)@ѭAŸ}ځneJ3*!EQ c@Z3 7gONRLxչ> t 35lufC>Ք!N x0*U:06,%8O~ďTSz_@yKhv)_y`BJ)nYoOt(м68㶠{8Gky_a#]j2nɬzL[}VAo*5R0v'%z3,v7€gF45UlcN7՟}ZTKN%0a\p9SֹhUG4N:Sk_ 􄰓I2O频F, *+|36ѝZn3~Nd.bCIKJmTC@X>F,ICߜ$Lc]~ժZVs؝`/gQ a\!t6ZuwHZRf!޸#SA*'Lִ7`H] \0H9mkTđy-=.p_Ϊ"a`}7[o{T)vX T3$'QH).a%{Lr qi*F%.]5KaBFH(WzVuW/cl2"%JK*PVj+Z0>;$-`_RF@|\+dOs)%y|gV^B_-v<?(9Ǫ_wvU'sf](*nY|I{W&;g2GCbk_&+JMf35*6ӅSw8d"CR׭y!)"$w+1r[ãtutnwӓwu}L诞5-,nTu ەZKj幘 tr[3;b!&b"bzxkʻaiHjͨ(-mڬ,-~ZEڰzH̒n(r kcMబz++5b'q9$5Sr77n$5bщ^!!yV$c5`]j6f\ ) j ]?=g32҆tȁvUxX x`{AmDAXߌGTi}pLP [&CrT:lJ\ 2L_T|R{V'@κ"ސa8D)%.B:󵩪ȮҤq ěEmGmcS<} zw[WCŭ0| m4l UqЍ<N$:?: 锗C2 LAWqT~Z:sL13X |s]C+v!c2׼ϩ#dui+ْz)Բ25xU jD;`2;# G[L$( %h/X@?0d(&F(r,Տ 3 -T.g4,MHϡ L8 >J=E;{苘D?n<ۭuѣ[]np ^zKbϤՠ4kH-9(W$y.NϚ!b?#F}QJz`lN&b9%8;MZ70d&hLkj=m B0McI\]A oaJU0o Y {:ĸ-bSO D񵑘 |0/5l|;:p/uvE=ԑR+ޖ'LIwo6([Wd9@OРxXa 0APcdQWoX,=G66 (E lbyбϱnILi<9"ہPevh֚*p^Ҩ{#L`S а?rS5 x<^ߍJ|4HA~zYI#@އWL ׎+beHl?ڞ 8Alsz0 ֬2Q@ZObt0V\@t0}J78{SiS.1.b;ƁLjk^+]ixϮ*4_(  ql]÷אi'Jssw1Ȇv7"Lr{@*~,MgUX)+c=.w+#%Nc0[0-djPS+T^EKfUxEo29֜DžwPRl/F3/~JH$Y :vQ3陰6t5룗"Gky7 t%xguB 4p]6+L}Fa)Fk nHNPmיpzBt |*upH5 ^zs-8{vy[隃X_z&gwC8j+Ysh؎4Z&#mB6 &+`xQ_K-^qث (z K;^Q+S1ЌkEzSqF4'=!x=R<-4 G!. m,pbӣg%=((P斠$G7$v3ePqZ΃_uuDDjaA)CCaӥT޴~<<жvY{E8bZsJl F|Q)2u 5Ƨċe%Y,/mNBWPl 0텏ɳ"P!GF2cXG9߽RLcKc5 @ t.C8?:je_hӲXo7a%@I˼)Vc"x%zRl7* 'Q/;? /_sE#LU*4@q%[ċ9Rպ,*3d*m}*$5-eF@lMhdwQ, G9Yw-W"js:Pr]_GAY sP@Kf _Bj*S6qa% Cg>)qŢh#\A!]\<_,jSy-Ao~ Z0?Zĉ9m:z)KQ7%|UM`Р؏A@mA(;{,a*-۹9?pPӀ֒LsHsv@%rw^ ,cז-yM1chKⲊU66pDɽM#3ȸ+EIzbS|vVoX~!n ^K ANu>Z!r-h^Js:97FDgR9ϠkKR{WAliuyԺfvyb&bʎմq%Pae?;qmbLv!Qfvĥ0Ep.a~/׮P > C0O-R IM2[HDG]Q0~UGAI֪\>'U/˔U%y$bNFHxF=Y(Z~"A8!g-Ym _1%J-)OeȇTtQb$h~*Ⱥ|p30t4:9{~ ˓Nzx=ijڪ^٫F`4(yLA~iot; *vǿC捁JXk KЋ̏L+ 6bA}J7P%S &flu/7'v3X¤] IM\VY(Abyn$ǺNg?1C `XӲ\Ab#؂i~[E.f-A"Sqp %Nv}mAD|=Go{Ĭ^uVʦq\2I~(e^&Qsn[ނ#kB}ț)aJ_;_(DA7K:"q;jx!U:e8ՌB f$Mrd8.c JQ.忱ԲH٠,YH.`nfBufU@-+kXyEvzo,Y [2asy{eݳzA-|$GZSNJk|l',7AےeG=V25 mQgW%D)(Z!ǤE6|. +S"fZ,p5dzlpäajo΍ pRaݱ5ye^ĨC<׽MP9]4 K3$[EK@jоzΦk_I$Bƻi SYE((5QGxʱe ژvy{W::jb>D`;UE= 24ֶsnQ `c4ȔA-/7knoؿ wckEXx[GOia>t(BwIN`՗sຳ~}ZoBFp^-geg <}3N&[Ց鍅;;2v5n_`j>{[Y[4Jb&Z[||`s|J+Ҷ"9le22jf stL:sbN28_1`V+<$ _1L]#p]cRSm y_و{51>3R֨d'W&V"ڶfkzj5'_6?zHo^11X) Lu5bNLAz&a'Sw ԩmoS1Ō>@y.]-pB<Nߟo% uA| p  ˭Ekdg2JUD ']`"w&"/A*+']ZѐR*(RH8̄?Iv \ݸ%@RHeK195gĬ'fT]-,f.D҃;lVSXwF Mx*PYȹNeD(7AzPdYkr_p#Ux?nۼO'zNsոt:Y->hyz{=j{ӳf^'z6EjT*k+HPUa37)FX"{e=[x ,d.3SqD|a?(=Lxa,.(& X,_=D5$}iDK|]9l^hDz~2@m=moKBZgokmXۆJ\̼}]lfvô8%+5L趙;\GV֑Gc8ҟ **]z هK lڙkGag!xKm XJ> 1͕\H&/]a]>V[oQ{!d屨dGA^j^Aa($.K##]DsGۙ<-uPvgb3<( NH|(:=I'oԆ_"C֚s֎DaVfDmprF+ Zo/]&\d!DBH}5[U4]Jhω^bJa ] e dU mn0ilx;DWq`6]->zq!a9sW-3Y:{-XMtaZ4s!8՛/j]/AIeհx{o sMҤ"Q\]:^[x@M d<& ZE8D)S!@[JBbJ'RY!0r{M3%f&Ts$D8O=3Eڭ3 \an^ GT<_M"tQʚ6M|)i sAZ `QkMv#t&=W=r~5,NaxrOSQ]@z'_ ^h**vN'֧u#aĭ"kzs kjt_>*K&BV&P(á< e \{^ FkľʤGh5xjl߬/ݯY=zјopF:mutaEcL^Z1~{k=H0Qfț/݅l_u<Ӎr~ K1\jd:d6X쁐)BΕVY]%[/#L?ԅWYw~uFg-b/moQj$J=J{&A@}OTsTJC9+ f=U.s6}\7&r8x![hRpj/7a^NVr쪸uD}J]H fv\ ϫ)?c-T;òӡc7tyԝLz!gYB@ْ|Y&/׵be>B}rwP AX.&((Q(6vE_Byx?֏ RcON^I.Sɬ|8_~Q. @T[ zeYlUlx*}Đ?K6\w7 y_Sjb y (UMT93 WHmnNϟMKzFvK4QeV_\91H .QB О<:^]߉5'Ĵ)]cY`Ձ4W NJ@Hɻ1at\6ԡz|FTXT9mbԇcSl:cۀl7LF[a4Z$nވ>D蹱_w/Xo}164bNc_h;҅\!R!CeH*z-˪hIEN{vQgc̜~kGۙEG` w@0Έ?##Ǫ/~(@-QMdceTm9cOn<2MthTyV*+~>&q^B,e{skǒ7P楕 ~ߗePiU; 1ް&&X&Wyb;GT O|g8y}ﲈsXo Ec|#)9 .̈́sBñĹr}BJ#jew BcZ[;l/N^&WUP{=Bh` ݔlzFN^H٬'W\Gc>䰎?*kf uW#to][' >iJ3:g$$F{Ap"q3~'$<3"ܦ9vOHg<5bջԤl3ԑ{5sm_B$m:~a>X "EEyhKFe|)/W ĉA$ clr2 2Q=溣K b0XL֚BDGD.$Q>|r~mR֡Ӏn.Jyj,/$u|B`vټon7%Fp87͹PlٷRE~hyzaG )Xxhssm68i &#*m9[lw6az$нDlz N2ۘ_:u?\`HtSU8rf-'rN,M1 e 9!Ghg84T49%@|v^upIl+} s+宲… lEc. QCo1^>wl?&mF7N>z0L$J~><'8,:&-nG(hcCFb"=Bt<%nn00Ly&ە 1'u\UZaY#-gI&5t] PᔮP!c MdxK/ClzoXD:A99lE_ڲ[L:rK߳-j`;}+;p#Sz/fTjSt"71M[ˆ*.h!Ȱ/oe2(h= 7%zW'[!{p0o&x}@9.2ѵRht-Y4!T?=6jG5`E1d*{Hs )|h7Ӛh>εɶauAX$?}plzcJ|)z@Hj$:SGS3uO35a1_Q񷂻4 u0dXyt'MOUSGt9H@ՁBcPmS)|>{r1oh!S`doJ}bQ1z9G^#*%=3ȑ=2\e,Q/-)/j.!2>Rn@Xv3aPcA^l|a@ %,1Ei'gV :“2۠#0ι>qiJ뱱D@?#D=eAĘ/0р{uO:++» zTq\HK 顅Ym3RBRLe@? @uE;avX9HDe9^eIt/?\7a ( {ŷ[go.;7ǰv2G~f屧e42HbT\J'ю2 ,N}P*'G]/B[M2m:Hi֟Rr,msq|rE˒Ck192'FrjF pFu"LY~ 2{ ] Qߴ,jJ_Cǰa%J-aj;]6$7X]jp5_VRZwjj\ɒeH7 #m< <*J+rS].~V?I~ȗ3sWE7.iqP;d