nss-util-3.53.1-17.el8_3 >  A _9U]Sustߎ态΍-5/=޾}Z&:㔚Ynm.v$;jvn:^~ ftS#֞x 5!1^pqe4{;`<} i^8y)m=ؔL;iߜXtvK2ŒW˔5,ѾZ_B>uM섕h˙`d%hk.jT\eKcMEȗ/,7HbbMwbstpyV ay18CRZl-iG£ib&m9EgnB:Tc?ٶBFpNs p4x5n; F;?o>-Wj|mpÚWN:K ( @3KC\4՟u.:K*1}vd0ClR]Mǫ;86ߒ''eb4bb31585ce4cbdb5c9cbcc0a7a059ad1178b465de52497293de43beb1cc932031b68723f4b2e817bf3dcb19a24db8b457c1769 _9U]XOt[*mg7J7,47UI7[Uq3*/^u)~0GL+am9WlC 6dcnR)bilBE=+u;Dl~WĊ~U~͸36^Kfty7?eN'.+uUJ<+"R- šUZ[6 e0hrp[8˖Lq۱ e&aWm\_۫C8ߠJt#ytf(K%4tg *c.6,B}zBK F, *wOš K^ ;2Bnp$ Z^i<[q z6Q}3_ 4 @+Ѐg 7ĵRѩOנRdg N3"~͔6r~sSޣ 32\m J _1.t:ČI0VaD4\O55fDP嗌z SrLrP>p<d?Td   G $,D P \ t  $<Zx(p(J8T9 :YG|HIXY\4]L^bddeifllntuvw\xtyPCnss-util3.53.117.el8_3Network Security Services Utilities LibraryUtilities for Network Security Services and the Softoken module_*ix86-01.mbox.centos.orgnLCentOSCentOSMPLv2.0CentOS Buildsys Unspecifiedhttp://www.mozilla.org/projects/security/pki/nss/linuxx86_64$'FAAA큤_*f_*f_*f_~_*f^Le004a65fdcc4586077c66d709aa24b9755cf4c047ff58c1b856f85dd59a422bda20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4../../../../usr/lib64/libnssutil3.sorootrootrootrootrootrootrootrootrootrootrootrootnss-3.53.1-17.el8_3.src.rpmlibnssutil3.so()(64bit)libnssutil3.so(NSSUTIL_3.12)(64bit)libnssutil3.so(NSSUTIL_3.12.3)(64bit)libnssutil3.so(NSSUTIL_3.12.5)(64bit)libnssutil3.so(NSSUTIL_3.12.7)(64bit)libnssutil3.so(NSSUTIL_3.13)(64bit)libnssutil3.so(NSSUTIL_3.14)(64bit)libnssutil3.so(NSSUTIL_3.15)(64bit)libnssutil3.so(NSSUTIL_3.17.1)(64bit)libnssutil3.so(NSSUTIL_3.21)(64bit)libnssutil3.so(NSSUTIL_3.24)(64bit)libnssutil3.so(NSSUTIL_3.25)(64bit)libnssutil3.so(NSSUTIL_3.31)(64bit)libnssutil3.so(NSSUTIL_3.33)(64bit)libnssutil3.so(NSSUTIL_3.38)(64bit)libnssutil3.so(NSSUTIL_3.39)(64bit)libnssutil3.so(NSSUTIL_3.59)(64bit)nss-utilnss-util(x86-64)@@@@@@@@@@@@     @libc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libdl.so.2()(64bit)libnspr4.so()(64bit)libplc4.so()(64bit)libplds4.so()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2.5)(64bit)nsprrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)4.25.03.0.4-14.6.0-14.0-15.2-14.14.3_@_^@___@__"@_"@_"@_!d_@_ L_ _@^^@@^@^ۅ@^4]N@]]߶]e@]M@]µ]L]]^@\F@\Q\\\\\\@\I\I\U@\ `\l@[[[u[#@[[W[O+[M@[ZZw@Z|;Zo Zo Zg#Z ZZZ@Y+@Y{YY@Yn@YV@Y@YyYm@Yg`YJ_Y1S@XX@XX @XXYX@X@XX~@Xx@XoX>@X*X@WW@Wt@W~Wv[@WrfWoWm WbWQq@WPWJWDB@W4p@W@Wo@W@VV޾V޾V@VяVIVɦV@V@V=@V@V@VO @VHsVEV3[V UYU@UU@U@U>Ua@Ug@U[%UUU @T@Ts@TTء@T@TÉ@TT@T@T?@T:m@T"@S@S<@S@S@S @SSSSpShS(5@S@SRy@RJ@R@RR@RSRR@Rm@Rg@RD!R@RRR|Q@Q*@QQ@QKQ@QQW@Qw@Q]k@QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.53.1-17Bob Relyea - 3.53.1-16Bob Relyea - 3.53.1-15Bob Relyea - 3.53.1-14Bob Relyea - 3.53.1-13Bob Relyea - 3.53.1-12Bob Relyea - 3.53.1-11Bob Relyea - 3.53.1-10Daiki Ueno - 3.53.1-9Daiki Ueno - 3.53.1-8Bob Relyea - 3.53.1-7Daiki Ueno - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Daiki Ueno - 3.53.0-1Bob Relyea - 3.44.0-15Bob Relyea - 3.44.0-14Bob Relyea - 3.44.0-13Daiki Ueno - 3.44.0-12Bob Relyea - 3.44.0-11Daiki Ueno - 3.44.0-10Bob Relyea - 3.44.0-9Bob Relyea - 3.44.0-8Daiki Ueno - 3.44.0-7Daiki Ueno - 3.44.0-6Daiki Ueno - 3.44.0-5Bob Relyea - 3.44.0-4.1Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Bob Relyea - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.41.0-5Bob Relyea - 3.41.0-4Daiki Ueno - 3.41.0-3Daiki Ueno - 3.41.0-2Daiki Ueno - 3.41.0-1Daiki Ueno - 3.39.0-1.5Bob Relyea - 3.39.0-1.4Daiki Ueno - 3.39.0-1.3Daiki Ueno - 3.39.0-1.2Daiki Ueno - 3.39.0-1.1Daiki Ueno - 3.39.0-1.0Daiki Ueno - 3.38.0-1.2Daiki Ueno - 3.38.0-1.1Daiki Ueno - 3.38.0-1.0Kai Engert - 3.36.1-1.2Daiki Ueno - 3.36.1-1.1Daiki Ueno - 3.36.1-1.0Daiki Ueno - 3.36.0-1.0Fedora Release Engineering - 3.35.0-5Kai Engert - 3.35.0-4Kai Engert - 3.35.0-3Daiki Ueno - 3.35.0-2Daiki Ueno - 3.34.0-2Daiki Ueno - 3.33.0-6Kai Engert - 3.33.0-5Kai Engert - 3.33.0-4Kai Engert - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.32.1-2Daiki Ueno - 3.32.0-4Kai Engert - 3.32.0-3Daiki Ueno - 3.32.0-2Fedora Release Engineering - 3.31.0-6Fedora Release Engineering - 3.31.0-5Daiki Ueno - 3.31.0-4Daiki Ueno - 3.31.0-3Daiki Ueno - 3.31.0-2Daiki Ueno - 3.30.2-3Daiki Ueno - 3.30.2-2Kai Engert - 3.30.0-3Daiki Ueno - 3.30.0-2Kai Engert - 3.29.1-3Daiki Ueno - 3.29.1-2Daiki Ueno - 3.29.0-3Daiki Ueno - 3.29.0-2Daiki Ueno - 3.28.1-6Daiki Ueno - 3.28.1-5Daiki Ueno - 3.28.1-4Daiki Ueno - 3.28.1-3Daiki Ueno - 3.28.1-2Daiki Ueno - 3.27.2-2Daiki Ueno - 3.27.0-5Kai Engert - 3.27.0-4Daiki Ueno - 3.27.0-3Daiki Ueno - 3.27.0-2Daiki Ueno - 3.26.0-2Elio Maldonado - 3.25.0-6Elio Maldonado - 3.25.0-5Elio Maldonado - 3.25.0-4Elio Maldonado - 3.25.0-3Elio Maldonado - 3.25.0-2Kamil Dudka - 3.24.0-3Elio Maldonado - 3.24.0-2.3Elio Maldonado - 3.24.0-2.2Elio Maldonado - 3.24.0-2.1Elio Maldonado - 3.24.0-2.0Elio Maldonado - 3.23.0-9Elio Maldonado - 3.23.0-8Elio Maldonado - 3.23.0-7Elio Maldonado - 3.23.0-6Elio Maldonado - 3.23.0-5Elio Maldonado - 3.23.0-4Elio Maldonado - 3.23.0-3Elio Maldonado - 3.23.0-2Elio Maldonado - 3.22.2-2Elio Maldonado - 3.22.1-3Elio Maldonado - 3.22.1-1Elio Maldonado - 3.22.0-3Elio Maldonado - 3.22.0-2Fedora Release Engineering - 3.21.0-7Elio Maldonado - 3.21.0-6Michal Toman - 3.21.0-5Elio Maldonado - 3.21.0-4Elio Maldonado - 3.21.0-3Elio Maldonado Batiz - 3.21.1-2Elio Maldonado - 3.20.1-2Elio Maldonado - 3.20.0-6Elio Maldonado - 3.20.0-5Elio Maldonado - 3.20.0-4Elio Maldonado - 3.20.0-3Elio Maldonado - 3.20.0-2Elio Maldonado - 3.19.3-2Elio Maldonado - 3.19.2-3Kai Engert - 3.19.2-2Kai Engert - 3.19.1-2Kai Engert - 3.19.0-2Kai Engert - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.17.4-5Till Maas - 3.17.4-4Elio Maldonado - 3.17.4-3Elio Maldonado - 3.17.4-2Elio Maldonado - 3.17.4-1Ville Skyttä - 3.17.3-4Elio Maldonado - 3.17.3-3Elio Maldonado - 3.17.3-2Elio Maldonado - 3.17.3-1Elio Maldonado - 3.17.2-2Elio Maldonado - 3.17.2-1Kai Engert - 3.17.1-1Kevin Fenzi - 3.17.0-2Elio Maldonado - 3.17.0-1Fedora Release Engineering - 3.16.2-4Elio Maldonado - 3.16.2-3Tom Callaway - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.16.1-4Fedora Release Engineering - 3.16.1-3Jaromir Capik - 3.16.1-2Elio Maldonado - 3.16.1-1Elio Maldonado - 3.16.0-1Elio Maldonado - 3.15.5-2Elio Maldonado - 3.15.5-1Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Peter Robinson 3.15.4-2Elio Maldonado - 3.15.4-1Elio Maldonado - 3.15.3.1-1Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-7Elio Maldonado - 3.15.1-6Elio Maldonado - 3.15.1-5Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-1Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.15-0.1.beta1.2Elio Maldonado - 3.15-0.1.beta1.1Kai Engert - 3.14.3-12Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- Fix various corner cases with ike v1 app b support.- Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC.- Revert some policy changes the generate ABI runtime issues.- Add support for enable/disable in policy. Now if your policy file has disallow=x enable=y it will act just like our other libraries.- Add OAEP interface so applications can wrap keys with RSA-OAEP rather than RSA-PKCS-1.- fips need to reject small primes even if they are approved - code to autodetect whether or not to use the cache needs to do so in a way that doesn't mess with filesystem negative file caching. - add kdf selftests- Fix issue with upgradedb where upgradedb expects standard to generate dbm databases, not sql databases (default in RHEL8)- Disable dh timing test because it's unreliable on s390- Explicitly enable upgradedb/sharedb test cycles- Disable Delegated Credentials for TLS- Fix attribute decryption issue where the private key components integrity check on private attributes where not being checked.- Update nss-rsa-pkcs1-sigalgs.patch to the upstream version- Include required checks for dh and ecdh key generation in FIPS mode.- Add better checks for dh derive operations in FIPS mode.- Disable NSS_HASH_ALG_SUPPORT as well for MD5 (#1849938) - Adjust for update-crypto-policies packaging change (#1848649) - Fix compilation with -Werror=strict-prototypes (#1843417)- Fix regression in MD5 disablement (#1849938) - Include rsa_pkcs1_* in signature_algorithms extension (#1847945)- Update to NSS 3.53.1- Update to NSS 3.53- Fix swapped CMAC PKCS #11 values. - Fix data alignment crash in CMAC.- Fix coverify scan issue- Fix endian problem in SP-800 108 code.- Install cmac.h required by blapi.h (#1764513) - Fix out-of-bounds write in NSC_EncryptUpdate (#1775913)- Add SP-800 108 Generalized kdf- Check policy against hash algorithms used for ServerKeyExchange (#1730039)- Add CMAC- CKM_NSS_IKE1_APP_B_PRF_DERIVE was missing from the mechanism list, preventing PK11_Derive*() from using it. Add gtests for the PK11_Derive interface for all the CKM_NSS_IKE*_DERIVE mechanism.- Backport fixes from 3.44.1- Add continuous RNG test required by FIPS - fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor specific mechanism- Rebuild with the correct build target- rebuild to try to retrigger CI tests- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set - Revert the change to use XDG basedirs (mozilla#818686)- Add ike mechanisms in softokn - Add FIPS checks in softoken- Update to NSS 3.44 - Define NSS_SEED_ONLY_DEV_URANDOM=1 to exclusively use getentropy - Use %autosetup - Clean up manual pages generation - Clean up %check - Remove prelink dependency, which is not available in RHEL-8 - Remove upstreamed patches- Update manual pages to reflect recent changes in commands- Make sure corresponding public keys are created when importing private keys.- Fix the last change - Add --no-reload option to update-crypto-policies to avoid unnecessary restart of daemons- Restore LDFLAGS injection when linking DSO- Update to NSS 3.41 - Consolidate nss-util, nss-softokn, and nss into a single source package- Fix the last commit- Support for IKE/IPsec typical PKIX usage so libreswan can use nss without rejecting certs based on EKU- Backport upstream fixes for rhbz#1649026, rhbz#1608895, rhbz#1644854 - Document PKCS #11 URI - Add warning when adding module with modutil while p11-kit is enabled- Update nss-dsa.patch to not advertise DSA signature algorithm - Update PayPal test certs for testing- Backport "DSA" keyword in crypto-policies- Update to NSS 3.39- Fix LDFLAGS injection when linking DSO- Install crypto-policies configuration file for https://fedoraproject.org/wiki/Changes/NSSLoadP11KitModules - Port enable-fips-when-system-is-in-fips-mode.patch from RHEL-7 - Use %ldconfig_scriptlets - Remove needless use of %defattr, by Jason Tibbitts- Update to NSS 3.38- Backport upstream addition of nss-policy-check utility, rhbz#1428746, includes required fixes for mozbz#1296263 and mozbz#1474875- Switch the default DB type to SQL - Enable SSLKEYLOGFILE- Update to NSS 3.36.1 - Remove nss-3.14.0.0-disble-ocsp-test.patch - Fix partial injection of LDFLAGS - Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream- Update to NSS 3.36.0 - Add gcc-c++ to BuildRequires (C++ is needed for gtests) - Make test failure detection robuster- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Fix a compiler error with gcc 8, mozbz#1434070 - Set NSS_FORCE_FIPS=1 at %build time, and remove from %check.- Stop pulling in nss-pem automatically, packages that need it should depend on it, rhbz#1539401- Update to NSS 3.35.0- Update to NSS 3.34.0- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka- Fix test script- Update tests to be compatible with default NSS DB changed to sql (the default was changed in the nss-util package).- rhbz#1505487, backport upstream fixes required for rhbz#1496560- Update to NSS 3.33.0- Update to NSS 3.32.1- Update iquote.patch to really prefer in-tree headers over system headers- NSS libnssckbi.so has already been obsoleted by p11-kit-trust, rhbz#1484449- Update to NSS 3.32.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- Backport mozbz#1381784 to avoid deadlock in dnf- Move signtool to %_libdir/nss/unsupported-tools, for: https://fedoraproject.org/wiki/Changes/NSSSigntoolDeprecation- Rebase to NSS 3.31.0- Enable gtests- Rebase to NSS 3.30.2 - Enable TLS 1.3- Backport upstream mozbz#1328318 to support crypto policy FUTURE.- Rebase to NSS 3.30.0 - Remove upstreamed patches- Backport mozbz#1334976 and mozbz#1336487.- Rebase to NSS 3.29.1- Disable TLS 1.3, following the upstream change- Rebase to NSS 3.29.0 - Suppress -Werror=int-in-bool-context warnings with GCC7- Work around pkgconfig -> pkgconf transition issue (releng#6597)- Disable TLS 1.3 - Add "Conflicts" with packages using older Mozilla codebase, which is not compatible with NSS 3.28.1 - Remove NSS_ECC_MORE_THAN_SUITE_B setting, as it was removed in upstream- Add "Conflicts" with older firefox packages which don't have support for smaller curves added in NSS 3.28.1- Fix incorrect version specification in %nss_{util,softokn}_version, pointed by Elio Maldonado- Rebase to NSS 3.28.1 - Remove upstreamed patch for disabling RSA-PSS - Re-enable TLS 1.3- Rebase to NSS 3.27.2- Revert the previous fix for RSA-PSS and use the upstream fix instead- Disable the use of RSA-PSS with SSL/TLS. #1383809- Disable TLS 1.3 for now, to avoid reported regression with TLS to version intolerant servers- Rebase to NSS 3.27.0 - Remove upstreamed ectest patch- Rebase to NSS 3.26.0 - Update check policy file patch to better match what was upstreamed - Remove conditionally ignore system policy patch as it has been upstreamed - Skip ectest as well as ecperf, which are built as part of nss-softokn - Fix rpmlint error regarding %define usage- Incorporate some changes requested in upstream review and commited upstream (#1157720)- Add support for conditionally ignoring the system policy (#1157720) - Remove unneeded test scripts patches in order to run more tests - Remove unneeded test data modifications from the spec file- Remove obsolete patch and spurious lines from the spec file (#1347336)- Cleanup spec file and patches and add references to bugs filed upstream- Rebase to nss 3.25- decouple nss-pem from the nss package (#1347336)- Apply the patch that was last introduced - Renumber and reorder some of the patches - Resolves: Bug 1342158- Allow application requests to disable SSL v2 to succeed - Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails- Rebase to NSS 3.24.0 - Restore setting the policy file location - Make ssl tests scripts aware of policy - Ajust tests data expected result for policy- Bootstrap build to rebase to NSS 3.24.0 - Temporarily not setting the policy file location- Change POLICY_FILE to "nss.config"- Change POLICY_FILE to "nss.cfg"- Change the POLICY_PATH to "/etc/crypto-policies/back-ends" - Regenerate the check policy patch with hg to provide more context- Fix typo in the last %changelog entry- Load policy file if /etc/pki/nssdb/policy.cfg exists - Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy- Remove unused patch rendered obsolete by pem update- Update pem sources to latest from nss-pem upstream - Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key- Rebase to NSS 3.23- Rebase to NSS 3.22.2- Fix ssl2/exp test disabling to run all the required tests- Rebase to NSS 3.22.1- Update .gitignore as part of updating to nss 3.22- Update to NSS 3.22- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Resolves: Bug 1299040 - Enable ssl_gtests upstream test suite - Remove 'export NSS_DISABLE_GTESTS=1' go ssl_gtests are built - Use %define when specifying the nss_tests to run- Add 64-bit MIPS to multilib arches- Update %{nss_util_version} and %{nss_softokn_version} to 3.21.0 - Resolves: Bug 1284095 - all https fails with sec_error_no_token- Add references to bugs filed upstream- Update to NSS 3.21 - Package listsuites as part of the unsupported tools set - Resolves: Bug 1279912 - nss-3.21 is available - Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit - Resolves: Bug 1280032 - Package listsuites as part of the nss unsupported tools set- Update to NSS 3.20.1- Enable ECC cipher-suites by default [hrbz#1185708] - Split the enabling patch in two for easier maintenance - Remove unused patches rendered obsolete by prior rebase- Enable ECC cipher-suites by default [hrbz#1185708] - Implement corrections requested in code review- Enable ECC cipher-suites by default [hrbz#1185708]- Fix patches that disable ssl2 and export cipher suites support - Fix libssl patch that disable ssl2 & export cipher suites to not disable RSA_WITH_NULL ciphers - Fix syntax errors in patch to skip ssl2 and export cipher suite tests - Turn ssl2 off by default in the tstclnt tool - Disable ssl stress tests containing TLS RC4 128 with MD5- Update to NSS 3.20- Update to NSS 3.19.3- Create on the fly versions of sslcov.txt and sslstress.txt that disable tests for SSL2 and EXPORT ciphers- Update to NSS 3.19.2- Update to NSS 3.19.1- Update to NSS 3.19- Replace expired test certificates, upstream bug 1151037- Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available- Disable export suites and SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code- Commented out the export NSS_NO_SSL2=1 line to not disable ssl2 - Backing out from disabling ssl2 until the patches are fixed- Disable SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Update to nss-3.17.4- Own the %{_datadir}/doc/nss-tools dir- Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic- Install pp man page in alternative location - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer- Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available- Resolves: Bug 994599 - Enable TLS 1.2 by default- Update to nss-3.17.2- Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work- Rebuild for rpm bug 1131960- Update to nss-3.17.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Replace expired PayPal test cert with current one to prevent build failure- fix license handling- Update to nss-3.16.2- Remove unwanted source directories at end of %prep so it truly does it - Skip the cipher suite already run as part of the nss-softokn build- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Replacing ppc64 and ppc64le with the power64 macro - Related: Bug 1052545 - Trivial change for ppc64le in nss spec- Update to nss-3.16.1 - Update the iquote patch on account of the rebase - Improve error detection in the %section - Resolves: Bug 1094702 - nss-3.16.1 is available- Update to nss-3.16.0 - Cleanup the copying of the tools man pages - Update the iquote.patch on account of the rebase- Restore requiring nss_softokn_version >= 3.15.5- Update to nss-3.15.5 - Temporarily requiring only nss_softokn_version >= 3.15.4 - Fix location of sharedb files and their manpages - Move cert9.db, key4.db, and pkcs11.txt to the main package - Move nss-sysinit manpages tar archives to the main package - Resolves: Bug 1066877 - nss-3.15.5 is available - Resolves: Bug 1067091 - Move sharedb files to the %files section- Revert previous change that moved some sysinit manpages - Restore nss-sysinit manpages tar archives to %files sysinit - Removing spurious wildcard entry was the only change needed- Add explanatory comments for iquote.patch as was done on f20- Update pem sources to latest from nss-pem upstream - Pick up pem fixes verified on RHEL and applied upstream - Fix a problem where same files in two rpms created rpm conflict - Move some nss-sysinit manpages tar archives to the %files the - All man pages are listed by name so there shouldn't be wildcard inclusion - Add support for ppc64le, Resolves: Bug 1052545- ARM tests pass so remove ARM conditional- Update to nss-3.15.4 (hg tag NSS_3_15_4_RTM) - Resolves: Bug 1049229 - nss-3.15.4 is available - Update pem sources to latest from the interim upstream for pem - Remove no longer needed patches - Update pem/rsawrapr.c patch on account of upstream changes to freebl/softoken - Update iquote.patch on account of upstream changes- Update to nss-3.15.3.1 (hg tag NSS_3_15_3_1_RTM) - Resolves: Bug 1040282 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) - Resolves: Bug 1040192 - nss-3.15.3.1 is available- Bump the release tag- Update to NSS_3_15_3_RTM - Resolves: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws - Fix option descriptions for setup-nsssysinit manpage - Fix man page of nss-sysinit wrong path and other flaws - Document email option for certutil manpage - Remove unused patches- Revert one change from last commit to preserve full nss pluggable ecc supprt [1019245]- Use the full sources from upstream - Bug 1019245 - ECDHE in openssl available -> NSS needs too for Firefox/Thunderbird- Update to NSS_3_15_2_RTM - Update iquote.patch on account of modified prototype on cert.h installed by nss-devel- Update pem sources to pick up a patch applied upstream which a faulty merge had missed - The pem module should not require unique file basenames- Update pem sources to the latest from interim upstream- Resolves: rhbz#996639 - Minor bugs in nss man pages - Fix some typos and improve description and see also sections- Cleanup spec file to address most rpmlint errors and warnings - Using double percent symbols to fix macro-in-comment warnings - Ignore unversioned-explicit-provides nss-system-init per spec comments - Ignore invalid-url Source0 as it comes from the git lookaside cache - Ignore invalid-url Source12 as it comes from the git lookaside cache- Add man page for pkcs11.txt configuration file and cert and key databases - Resolves: rhbz#985114 - Provide man pages for the nss configuration files- Fix errors in the man pages - Resolves: rhbz#984106 - Add missing option descriptions to man pages for {cert|cms|crl}util - Resolves: rhbz#982856 - Fix path to script in man page for nss-sysinit- Update to NSS_3_15_1_RTM - Enable the iquote.patch to access newly introduced types- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Fix incorrect path that hid failed test from view - Add ocsp to the test suites to run but ... - Temporarily disable the ocsp stapling tests - Do not treat failed attempts at ssl pkcs11 bypass as fatal errors- Update to NSS_3_15_BETA1 - Update spec file, patches, and helper scripts on account of a shallower source tree- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build3.53.1-17.el8_33.53.1-17.el8_3.build-id3b65aeaa49abe7ab96fe5ccb0bb3b8952843a738libnssutil3.sonss-utilCOPYING/usr/lib//usr/lib/.build-id//usr/lib/.build-id/3b//usr/lib64//usr/share/licenses//usr/share/licenses/nss-util/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpioxz2x86_64-redhat-linux-gnudirectoryELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=3b65aeaa49abe7ab96fe5ccb0bb3b8952843a738, strippedASCII textPPPPPPPPP P P P P PPPPR RRRRRRR RR RRRutf-8b8dfaf3f8fb6dfec6bae0804d1e5b473a144347dbef833ec993e7f46211b7fb6?@7zXZ !#,] b2u jӫ`(xy Oh#ӳ :5Z-j+ʴ> @ RF@(v(iy€hn.s6 @wURuu2GartUR+ ]Bqɹ(Fe\ wrB{B4|Qrӛ.ke7Eaya^o4#4:'hD]rBT޼ȅVLu]Mؠ3$!2 G0uUk8v~OM^ڍ%}"=b8NJfrzإ阔TyD#A=A`:$5xDypq12=* Dd:h&a,t̿QT;:ee0"Pn/ʯ N ZZ<[~ W;)ݍ2Y Q-ⳡQUPډtڇ2ء4aw$eEӇgQ63W# 2ML;LS=Yw:iVl6L,PE6劫=Ҏ()OcZ+H6(MKQг~}L9Jw~ņO^gqgGug5SJ=Z`Bltv̽_Cnx\giD9/3 BN:!!h7I8HIW$DkM85!ӬAW kPMp!b4CJ}0ʭLZ:TTb-@/60ޞ%+@av7wYў~J1@1>2{ l,PSW}ԱOeaܔgRi!$dßcqMz=s=9_d2hSp) %j LJ_+LN4Ys:ي0ԓàmlM)?>Zk24}^7MD;DcD]s"#IDJqVߧy e WR׉d7?7sVo#T31u ؈TSY-./NZ7Zyy\,AĪ+|Syɿs Q n1%)\c'BΗ9 n'iԁ2V UG sgmhzVc -7*slWg!RZy~#,"͝?~ΡCpϑNvQ! UP/h1_jf.!gԣt5kc9/\+z=(R"`=8M;MCe-wqp!p0v.S/ W,]En+-fw6)SOn+HH񴏻֭jmDԷI隸^z f#yCZ: Rt*^煜x?ro汭Tߴ#PQ&ٵ?ϘQB' bv=AL&7ZvG4ۓLz9dNtDc*og"d͜yq}Ϲ> 'K[Dvw,_oZ[;mJ¸ϋdK2nv/ Q;Aƺ#^00wY_IVw=ȪIV/4ͷ++zfMg'Q.Ü)2f~%HU.V$coY10tdGl"5٤)~YIإY'ӿmM"<36$j" LƇq_鳀-6DGѾ,ծ_r޸jJsVM@SR 2_41]q!jtnM͕.Ҵq~rɳiL<ܜěiv9-_Y<2ݽ :?es75#%{j a+1 P' x!gZR #Ostm3hn#}*b̲lg2@^/Rs㿥ϣh1sd[ 8 Ii')~ ;8/^Pֱ"4z0iu*7bK~wA%&&R!Y?5>9a,(2g IbV}nvgs k?l<!i >_7"9n%|L(V@`-oOwP9/Z(<9OlII'Wtf'cN5۞VUߙslj̄|-L9Z8ۓja).aHqңؙ֕wyKgH9#r5Z[`]셡!G@}~1-ZhqQ$n> .Hjbf<jUė: |yzU7*hq*`W=F^ǠzY'Pٵ $#`cEUE>2l:(\tx!* c 1B:!˗zDf/'~9p:}`پqW0d~9?f'Tl{7ɯ;}Ll" rl"%i<HYl~sK.;Hd vUQjG2bZUtCd>;P[MjW(uehؼf`щuXM6UڄFGm@|vhf>$V .wNbS"o9U,L6hm#]f3 6IaO9 ?wv,Vr\.\2㢆Kufӑ[ދ.誼|d` q_8FSȵbRr;3Jr:;J$1ס:䈲SB`!Y%_^s:0jߋ'4>4-¾/RS(2xq<~ >2h* *..-P٭'`ܽ5CPFBRz-|OxmV2[ m`wTFi=gRSIF\ȷTXSe ^j+0fW:МLq/1]!O^ޗ\rTޮ˱ޤ|Ž |ulzRXCjL+)uUD -3;{1G ҭғ`سc'Ne`[VgvxJ$&qhnyJ03 So?sHIָ/br: N V'Qng(Q~o/JFK3tǡPjUΠǔC,_VJTƊYl79>!!Zs?Y: l^!2FV@Wmmt5Im2ƌΟ o?[՟xcs\Bi^| י vø9FN~iK{ S"~.Xׅ E~"bk'xKL:ovZoK kI;y3ΏI:C^x%}S-[rIcxwg$sJw Qa%kG xܾ7,J 1u:ؚS1eKiXDAX8S6~XRjeGz̬f-ޘ33j[@nManZHcyM黹^=,AX!\ߨ"U?2V.KP܅;ɨ:^YTf02g9p\Bk-ޙ7$YV(y,Pe*)}?oNͳfK9eB||!trk p0*M*@i k9^x4gVGB\,-'ȁO7jRiZ]ܟ/>fsuh`*Ď~K 9XYMaPGJOGK!ś|˞0v)iN̵XJՁPܬى$X[a+r4t#+lt=|hķBV"UVHK.NteFQR;!H8-P(|G(~;$rSIWJV-vXu"6g?[г DM%˶@Dc&.[\C[ec*zj Q&ňr8^b A]Õ:UAYA~S, 'TH"5O ;$_VI۽:/cx|Bҗ4qԵ4s%UrPu6Y.md:lnDhilx$`@, ŜA;+Z_oIMӶ{ "-',c-r0À`}~v+fi8]xzRe\ٿay}R#I|V)U ]\"g?zۇ.-7!i?/Sev`1nT}Oʼn5}ڿ oBcCԼF<. 'Z%ZVNg3vmy:9aIk$̷IyB"Wm@bU^@tD r"Ujk+4@HׯHOMxj_O ^,W炩 k~c i`RW%ݮIaAO)uCD5Vd SURjaҋI_AiwveJݸR1Iy !S`TZU|A6=Tb*5b٬@,L-y&Bt%胩ұZTʎ u%%_TjYP7*3З%x0 i?,RνhB!E S ~i,߬z*B(s?~)=y.V vvuBO ~h|#RlP)Fv ^m-{е&•Oi1O#G-FL QjV@X#,"ƦM!;B("pȁzS)0MQY"h׼.~h,$CaϘ&΢"yVʝW˿RrA*̱oFBb$^ Ho~[AB~Љ@[, PHުIm03~M,n_r O5MF(  rp չJ3Ew0ay|Uϝ\L,tI6/>OLA¹3ζυm4в l]nܨ>NG@ slό'"Ň7Zn }.} ܰ=^*fC%5='ۛԻt'͍G04F#ZF)R֚GMYax 3%4YcE1'gCS 1_?p(fD&gZP\x8%#Mato2޳/֓IlW&Hᓭr&ˉ 3COkaךPب3@*iS,GBx SBA)`m!AMuQVs "{OHq ch<)'1xݯ 2.(Yf7zd5}^wG-n@CDɐ2IZ!f;fe^^jXa @Z QiJráF>Xg4A=b,h@ݴ 320Ƥ<)ޒw P~z!H:7 &xxp0@I[$Ùư$Kj~ r/fB _yF<OUC\(W`}5o4gB? ;2eL!K-e͵bvvc- o@7FKY;XYL)r^jA<_޷#{Yb i}\4L=$ .I ЂޣBqpp̗$lP&Oud{[lhw9S%yszdS~l-0<$9Y,ܞ16PFII2NaxRЌ&(ӝħ.}:#b&({x\M|:d8^/'eܟթ4m/{O?i;ӐDpee.J{r3?+;| s& b1ϸШ'np7B8 m wDԮ?&'_ ^"翖>tҤznc/<<@HjZ-7 =m/qN#uzwBbO>x*b#zYGVL+ //x}?4\ ?t|ǣԐi}6Fӊ#i@FޥDa[Æ3uBTYKyp/tϮ$#3G;\as^>>7B&@!7ֳZl>0Pz#J_}G{PFwk`☑Ff/`OOCoUPcI$hGu5gsL/1D 9[+$QU # ,PiCN JxM#UI@9 W1n},پx:*W<'pFjơ5~USӰt lZD?쪋D =`'ЛG$wbw{zpP&G Iv}0ĬʓtV^;ʌ թ>D\qT0xYwwG+m tPMg 2˃q~A'٭PY6Y 㷠{=]?(Uk">,>y 4.L{iӮڕcjఏ7g $|N.)~DX/ZB7Uޖa0$KGTC߼KS. J^LO1x0=^5S{oĹ!)QVbEC"+)d n@L{ /cy]RrԔzI141xݰxW*,1AX?I0rbE_jZ!9-b=Fͮ"O"XgS73iwt)W& 4q…,6k91X Ekz;Hc G $^gYkq$gCyɔb|cd+m6r7*K,sV3|Bi|G ЍťdTM.#-'W\E4W:(z@?bOzz[`z HYRmB:޳{`(zŠvc`^V@: N6jE|5niPI+ۈk9* 0NzJƐMpFQU?.(^Z{ؑt`|]5D1ߟB ȹ1 < hR4G}_֏=4`'O|4b-r'Y5Jؖ\ xPdzüNw+þ9XI^S$ (X6Uɤ/ΈV;p*iS\[=3勺-Ͷ)A6UCh&w3HZ] Z>1 )؋ @NVO@?0;w^rb͍*aX]-} o.e P\-u„Y x:g**8>081 j*55۴U7jls-JLy/|֫.`6͆?T!6a%>ftLrf/Ь pgTLu' 23b{oӌɁA:b@Ϧjpຠ(wvϏEc{;+]-[׼ =%zW+gFW`>,z_- i[|,iY+ӽUg1 M| %C.x#0&eۓNKAIDV( b1qctø(?nW3>ʟ#nuE'~~&俽,ڎ7"n؅E#IQ5P㘸 jv{1̗UR#PІEYuAxBC>slX'pgϴq+DBH@?GoDKH +a*M9PI9,}"-F!}\ ( JxeC [a/arycX) B|.=(y確0fgӄłA6)wn6cI;!tZ`j RzYP$CtvϖƬB* ،Jg*n1zd>Rl4\fR:\NOiǕ)rym~z01 ?/-'[Oz'TCtJ_$aOw;ΫjC#EHi<}JIĮH+*>=au.e⼈Y\⡷K"m)m{Dv!q3bKJ1ğ(ʳM_SAyH?PU..#>1tS_STfi:cE[ٗzhlE& qE7nߚ3Sɀ>rqrǔVP\L_`I+!?@v\mc%pg(ǃe?}]Ap-ܚ7 뛶~I* YQy(D ud4'Vf6 ;r`E7HbV=$ld2ᑦltg fC0S "g < >ˋ'7Gidec l RHoMmbAGdA]y 9`X >bTSѣOJ.i0?ÝT$.-39{~1qp4Wׂx{$I;X |55Pe424;7Gf{5ټjUBPFу@ X7VHrim6Z+toj̤%+E NK$NM U 3@UwI*08vVH% ^0Jtktcp~ h H]߬2A}|@ɦ3vl}LI@ _()btf*f}׻碕*>JǑ N0, p`NTCx*;RBDahuRp e/|a|.t*5'UR~Q0KjLˊ$yˡ3 RAukmڽ$E>3`3o.䲩e) f#| ʛfbJ'&j}jA`U1kt@IG̒+-\l7Dļu|w]h-[{\̰xcƢяRB;bd7?=>ÇG;wʢbT!Woi5$wJťRtC4t+ͧ QGݮc&VL KbYV <}z.yX??wff JNӎ;{L~$7oh8IYPdM5EZjW6!Cj:18'TlI&z>f&c?DdbߟcIbjghnn9)06b&R䰉߱ ǐ:_eN HE#siEрV2򉨸P@Wn*?mHꚓ+fB?jjR:682t)e10&Df'H#."|Yi.)4is?,=xs O;lJd;. d0Oυ^CGS'`7ͮLk| )}6-4C/P`ѵaeλ;wbWEk${!e@S(cpDeU[}a_ Z}(6(-/ʍMY޵jss`e!:/u,Ӄun !> r8|v}SU֕8m YF*p0DwߝC/30)kNWO*&k6F˽?x&%>1.H%1[t/RPDϗx<3Q:Gu/z5Q8ǤqQ+%!tt 1/MH%Ylx>K? [ ɉg(sYAmQt 8 uW!uW*;: ] T<3Emlv#2.@t8e=^v#9`Z/W~E.#xa*{9O4b}m. )׮GW|0.b!)s4Roqx_<R7hyZ.?HɆYN-YӺ:O u1Jz|dR%a_Hʽ(Feg!%C`Uoq3s¯$DfKH ?AL\K@E7Xfͻz8Ikʵ3Ƃ%pHJ?>xPDV^*li+z{L*4Get4j9r^8<6&r}oi(X p{W>Dx;s$L٘ߩ}hsK!>x8礶+)|MUD|}hhxA4aѡ~6wjGOOz`. AsDŽFmcuҵ>*Z.Іp٢a8 W%83fō' Q/8!wUȱކFFQ@="cZE 6퟉Ӧ56-U'-dDnyBPua/M?l{Oq(!mv#9E,6'0%"gF5PEF~-UKB$%Ȭ[CX16AtL0.̎qu/rcƻj\ A_ -g0uߤj|`^L6%\W <3,Y6ŽN4#'kjtoJIm&1&XؐA.HUa|?q|Q9Do表J2KYL]f%% lz<{[e]k PM;3+, XA}H](qO:Kx312Է٣ʯZ5 n;{T# tΌEd򮼄ó~&( v8YOnIHϣP~stsєF ^ꐞ{@Utr/QU-Fcf/u[DqxR+"zQ~s|9F`Ȃ0%Tdo>'j%pÄپWc1{LDZib5-[Jzy0/Њ̚y}FG5a V _sZ4݀8"&cx몭uTPER&$$y cEQ%f 5 \i,X VU^^5r[vD8dvBr8ճ5d(Xa sܱv7DW$frBc ƉM8VĚ; ỏr\fWn+.KYݍ)83h%`S &IKǏ0vԐ[ĨNqf#[TMLxv&,mNz=l kN7JֳO! {PwxkA[tfLkq/8aW)_;^܍D ?ӠgWen5ڶxsk$V\t9V,4d m t򅤢-|v~F}JNl^DZ!#Y˨%1@#6?ӻW8Rm=J|鰡Xz\)!1P GLd']oqa:z-ɗ5|hɶzG i7zBfed&M" d;ו]b[a<6ftU]j-=$8/ E"l tcNWKXS n'X1 GlE]\Ne+e-$ i)M -1NO&" #v#&Q3Yyo1`Ez{ yPL&}5p.v&wـ%;eN"QNeePlQ u:5 Ճ@*jqTWU _8W >qSTj1vӡ=`$vP]piBqR g֢;τbJIն٧w"zTo3 p<"CcBƆ>dzB6*[lsd6PcB6㧘MusH gK[1%[ =^&(ȹzs~g5nI8%v~LJtNI-bX̔(;gnVZ⿙*47d;d$.?z6[Ы?rm_1`M_TX4s11Gرy"[}Aֲw88vҼ9(pPXvYe22e!Öb e s/bYu\}_nZVUijKH]f8IɚT(epBZ2?lkGiW -(AHՉhpugv)eZm >g"tmC.u"fSXnNGY<,GA>!m;✪2cXi CnpI@*Hް1f$kLXZ`ZgtTuy˜qH+*,%}}:K[@W[ؗ7-Zߛ~G␻.G!JPP~rZF`19gDJ@Zϩ- _* ݡgSȠN'P;q:B|KD 49d!H=\ dx,qBeU=l)D3[%w\U0X0q͒ Y>˘3&ղ0ebȌh`oAgZ޴>lKjS c/ه64U`[#a[a-G <ˁL~f 0C\ӥ53ZAR C)2\:}U5g`LJ! y/13Qټؑ%PI Y[-i C{6{K.fFmQeJ=;;٠ :q@zz~_fVO*Rnxr c .{ u,f:Sl,LƊ;w[C{ib*3"L2I㐨o#L˭3< [SSYX\湲?i jD*'nљɂrj%fH6u9ӎDzm@7$;>(r<#ÛZnl8YZ^u]|XuL\5ZDa{]R4Xի)\Thj <8kt>!ċ!~snsTGڠ HKHkyo, g^{py0"edI /7m6Se|qO,}WyplӓY\hi6:pVG+P| ц O"l]5 HKv̙N\,ޱ\_^{qjyM&_bVՙ<9#?@@v K46ɚ*[#PxCa3€[j|wƳFnhpw3[7h!"̵ZCߦCj~T҈> b\~цyW^bfN|ٰIZ Ʈ|VZɨ@)=șO5MZ՚( S^c]}/# XDX!E Sdz T#4><- A ,HySExrH$p=^?8Æn{ss 3byS3fh8w@:c9SjrN ΍<)kaHg#4r'`̡ƷAq~yYI~xu _]^_M>ϭwkӅ`6mb#nF"KRtmUDbfu1Y7N(0tv/}dWurY[649DKKSPĈx%$3a*+zqA4jA4Z=rq,5?uK4D=Cl偉~k&qAդm4|І)J;KkÚ._GtU쮟P68?//ƒƉ ͜=2flۊ(4F)QEk\CKn| e(?OJP1ps!bj?4ݽ4JW~?O݃@w[֣qhH$TNj\~</b,ǞDKeya։"&s|['=M{]$Տ\եSZhg2сHW}>`7`e2 ly"2'76•\e ιsg?-z3t7i @-I)x9,049ՖL ~hA>G1 w2y&9zjچh\Eť&!D&D T]nurQP"-Bn%qg2wQX/ @1!jKצN bƊѠZ@޶VXޕy\BqG37v$[>E@#?LWK5Q+B׏hĮOʒҔl[OQYw ۜA^ێs.=P(HEfUB h#Jr:THS@I k[.]~*K7BE\o+fs! }Ni^D,}!;d*7Qu2[/NE&Wdݒͥȭ `bNJ_㠙=+5^Y' ǼK8a aQig؟!@5Q{11⡼S|e1%dt-{tnu-Uo&(T? p7.gi:+SXj=dؑ&GAx664W{$צecO ,"plzq;l?X;+Ӹp|-}C&o%fSbffǽrz-Ng5#*Qz>Vt'ɗWed oFKs8> Xӄf60_y41r$u[ВN|PMOtܓ$)oYܲ]q.|W>*,oÃ(WoN5V~Q.^s 30)܇Kr ٠oUᤖk朸x[ו x{Kh5ӥ! }H$yύ_Qn=JNl^N5E`w<[zχQ%"CVЧMEǐC[7mvPVZ0~Gq@(G癟JB {ueM؞H.@Nr7ċX fr *KׯWq-Jɼp4cPZe-mY&R仁- `O̲h|_Ųd/Fp\SW+ٝ& 7|`$vFu* O,m-Q.b],Fft?MCE.՚:A,Xyf H|'#Z)yG0̪ԃ‰K9sBL^bNA|@[v\oCMrσ_sVÊ9gǟh MjTbВ<.F# Yr-i9(6?J].~CƐ}+\<0d^]¦|A7)"H*3V]D;n #N8d(n &J{jޭVN؈eLD4 .ki%*- #ɭXg8X,2u~LaˇJ&BV1QBQ'Sm?JrE= ~KD1t̸}d0zak4D= `hOheFGM9DB6 uj9BQ$O ,o[K@l B(TF"Dw8zՌi5-WXTV=q MiJcYY?0tVzvlO+ͷBtsH\)?::: XVZRsn i=0 OD6$gA+%GeE/B|` f xO{£$O[fRw 2Q>wW1f|4AsYPi9K_8$iRRt #jyB䔥V_c4KPieBH·VqWPwa;(JP1x侲k Kνdፙxb!@v%j_{Ut2!>JG=<(LJs5r N6+\tnNAؠ;b`fHn̐=?f,5^/q^ffT? r)PR WjeFFSUJ #7BuA{:N.0k%+Y2F"9 Y*G\P7KlKS/^04 C÷j^Q,;ZAP7N'@%o3٦Kpx 吡foK +r6>F2N{T젱cuW[Ql,rѕ4& ES$S'q{"/ЏooWG.{8峍q"2,`'&=Y1Z|^y<*no;5=+:N[ ov k.ziJLٰJ:Nb['T6/÷j:T2c~]/9#r%soy5Ҿ+1Ȝ0I"tkp!kxfe^hY3*}1?%;Ul{e˵_Ď*sqp 5Shi+.r'yGQ഻ UѮ-r%[@'}~59zTk0xWzK#7}] [eB4nw^1+lZ 偿2Q@o~eW'66~[$._oVF[.v;X7pB\d"˯+_K.}\ـ| ړډiU%"TB%@ҕ^(R:$vяaV*++{-v5JaYI Ǝ'E9BR]^\WƱZMS8`M!ڟBy d_|:* Mć(EZAuP[+Wk+BG\#^x5ȮgtM^f̃ Xe.i]QiéQR{m[0KƬ ;P> kt|c yy1V+fZJ_;زZ+{#г֔`zDwx# N}x5+3l;/*j!b1V)OS:˵1_mT?:@#WW_:*(ZaBb,fR&&,-UlZAp%0ųD^Y!%[.\1x nz-jF0Kr( Ap|oLa9d`ҏF5t'~]A)!g 6B$ 3Ԏzv/%Y1L#N Xz9iK-I. dۂ o|ޓ0> "2fȄ!B}> =gsZn^s>Ǫxk"1?r"u0l!٘S%?9zʗjGGB$K帇BtFGY0~hzo/ǔZYY Ʌ &}0ta HKC0;qb$ `݄ՅK8~j!3x1J#?m"GP#S)xEJזωK%Bٔ$A S 7v.PaWzvaf #%)|Stȋ~u*`z#t1|bѶj8|G~LFOڪ牘gin0D:L\ NUX&ܑS f.(}r0V({L [_fpg}^!QܐWZ"|`oX9a(lrWlKղԓe#=PIIdKA!Bߟ;BVM?Xcu!ä](cS/fT+he]̞o!tZ vfΪac0G Xbc8.l3}#8yKPE^*u'Ω@gC/|{Wڔu_ˑgAQh0HcuK-}?.kzscJ& ,xc˾nz/`sԻl|˖$ȕbSV*.YWW H?ݹRqY/u_*68i'jBQaMGx$VB{WR&_Bu XH`UN3IU `"#QH 坙rykj#ap֩wcv\zt FB8O/tn#wF|0nk@/x_g/y‘;Ks tj` wqw. kt]+d n-^~ʷ RClA}6ruoen$m#k(Ɍb| is˺3=ž=E*Ƨ7]Ō.ZJVvR<~`YcP_)Ԛch`V<j̝݈c``̓cÏS呈7vy&=<9ڏ͵ h9,+٦>̆lρwfq>N2myHk#Dg3@EM K/I[N©+kG}߀Bj B%ٰ* +d>-"Q-&Q]|-/9n_ǝUN2yqؾ"4͛ 4C0ϛYE sE7>`(헋VIhs1$sOD M yeHoOPf0K^?&jp@ ' ~H(gJ3\Է]3306epc_gWEUOFRߨ8izf'h'߁aKP T _K:E0}B([R҆DZ\GRSO2.ɾt$bH)$!bfڧ)oA@7JË X'WЀ:𪛱FԐ>1乕|9,5)-0D+6Ԯ75=lzϞ*G!N '[)d3ՉG*{͟s c{7tVzYp\ P7zFIƅγ,"yhGPnGYI}ɪJssJۨH [ {E#?"rf!o~\,Fݾ'+#OZAP?i rgͥ qֻ^ Tm6 לXxbS+rݻt?wlSN p\g"fۤB nVv ~ی,I|RW2[Y)n"|js~zw.L(YqOoX$˄u`A.:x\& G&9Ewy1 bT>YtOʊw~ӴPLU)ϔe]MɴIUC}U:ֆ,lݔ"|j8&d=U>@}8&Z'-ޢj͵W5P~+ Y<Q$&}c7ѯuWx7D g@qL!jFrdD/N1B'S69mEM\t`zvc )Q+e#hMb|DTk4%$X`Ym=RTЌu|EJ`uz3_\>l2t:ʗmR< r$X=Q -lcDPжy'F}v6#'zKrZ7$B .uvwiW׏Tઙ(`ux\$rG/9N jhGE8(vNc^c.6 BIqA򶭪1Ty=Àl;@>K%=Mf,T835$THMg&p82 aZd־3vYtuaS-.}5aHi.vJ]@ugN׉@"s 6[w{IY` |"=4~xjw1ځПq5"g!rR(͋R'Sր Sϧ-O>o,amVhquf:{ُKk/}93v uYү-v8{bҬg 7=!TNc,<0cR2e2X nj<.mV'ZC &wmƠ@bS*&%k`ϻ&I+Q {2ywKs t5FD[ W,8 Y灻f8y:X?^?▛_!z c1@H.1?Ʒaf%Ӎ-p4ܖFAj v" O(X.%F# {o'3! )M]"j{'Ct`᯴H bScƠksbNE|Gfwx bNB(S%=܀˽U,M!FD!Ҿ9@Fa]{P1_CP||͚_{֓zBw==ljg4pLbqt/.&Vy H;(Ly*~Y X9ҡ8IBYRw>wG5cW^}n?xX@2]׬:oƫkcXB7#$gVՠ*UR"up]$ ˞i$Ͱ~O%Ia&tyiAu F=}li[;OS4JYْI(pk/)|ՙPX%"Nv ׃E؛I|b*&C@BXw+3br-$,HKPE1?J!PM5\@Swv5iH?B t]UwPTt)h^ əqڙsX?@0U-64H!lc}I՟#ZlBO6b4X v] ԝ0L[O1(+J|=L=@ t`ȴi{=_b4)}0Z5&x #@j2LctbF{qQ'鳄٥6|([n F\-V[{bT7x`G n^+ܚ/BP/WFZ1c*,|)57 92.{HMQYKQg'DPa#{]A2qX>=*Vw[^Fp\KKNShA &OX~F4g)I&51;nNCi>B*t+abd{э[83Or}>r Y>W{IXVOÄlkeT3S;vFS >+dtd*yWVN'2=Rv8o$_5pz &I;%{w֗:-?梔2nRynt5AjN!o~/}bj/?nh_7+&H(2(._<SϥZca=DxL8J_3 ~=9ȵGqwncD'QaW]6(|m YHYGBIάL8MƗ\'*S3 q ~>ZDOxiC0/nBjBxg>< Mź1ڗpXg5?p|ߋCb=Y)J;><]{P~9k@J=CC3M֋sR`,SU.5 p!RwUxҲ7RZ~VK_AW:}H4Md7"w N٤j&g {zBX5s /gw~5-yp웁>BF3/HAq{6OfKaSLJX }=zkvqVaˊ8o:Px@t~V2 PGe삊aϾ/ÊHEќ3vkpAAث&φvlfI[_/ hDxT:CTIz۳07 oVƱ^O^m5lBw!96PFG&j9d'gU.;QT.EOP%?TT=c TH5oG2Fy=9! By]6H9jͬEt`gE+# "m Qs:# BCh2wG WE̩~(UœvL,Q!̴mB5Q2&hL 9nBR8ҡ̊9]nxeb4\bjjϪa!xG6dv&r򙈯+8mF6H~U(Im)չA"%o U4u ~|$'`Ƽ$E.]:6u2Fǫ{b fmy@+Gqy@X3gzଜF Si;*Ѷ28ҵ}|^2=<]jF3a_LuBUHB& ކzr,P)%Tcp]i/vֲcQp.\QC:HPi|6%kڴ{z2 'gf/6THqܛBC0O5B%KYYin{N& lOxWʅoZ߇ Jf;NшTDi<-SE)|&!кbPю/@^Ѷkt~'|K[S0Χ1|0ѕ7L۬\:ϸ7Ed$HN3P6W|U/js JF]Cğ h >ӔV^xDd%m,>BWsMUdzuP0a9҆ΪoeDDV{PfZS p|em>M #CF2iJ87@/0(m.o_D>nٍ̜p(Gr\N!-ۯ>aE`\Pgpeɗ)µ 0sL V'-TSXgDWfXx~V>Ivr}Ҏ?ًJ_3[*0&?Z+Yfx$p`NBvMuq(%=cz =1R|K> [bDW֬H_PMxeGg#}G=aWYkE\&e/#:~NZ3k&FjSDhr`W"},Tk6Qub\R~9P| C(iذ>j^ ;-Wx(^ߔϗ8"!ei!O!x3*W/e8)=B^TV*3{ ,}5}% <ٝ^~&^wWXhg*!A uMO=TT1H^\{bbSUkl/E;0䌚cޮ/b] 4f8XXʩǖ5a-Coֹ:<0ȬEl"{,Y4pPS'm,ahɁkB;e$LCVũ+ r h0V[޸xcYf6w4r2XwJٟOBU(|'d(C7,P\2zQ5k=oyoJHT' ]φ8n֍Xm걡%>]0kԠ[,9,Y}@}%]}Ϲ0⣄$BlEVIןhJGک7 68U7*Q\RxۦC\ ,i Y#:bb2l_%w) B8?]3 i$,j2lFJ,ƽwrfDܵPM#yUr$4[Iz@43S`?7W!zsڶ#.()o^{N[c/c3*i@! A 54h~M\o^-ܘaP3Ѝ[9l++ ('i# y" ZK5I'kr؉';4t#|'zkZpqEA<[ @GHG#W 'y;agLQY;7ﭥ,~]0 <$>瑒xe9EWZۣU? 1=cGp xA6 Z'Y37\`T,Kfl@W(RY0d8awJ5<%I\m>Es_m7X$?& )\nhMDV tTOq{QUΫQ~!ݧdj q" DkRط pz0~9@lQ H )PF}[z!pzk ;<[[ io: :}d@PhʋQ@y }s%琩gyC@C.tZFÂUIUS7Iq.X j~'}6ÎpKC>M_ѸIUgVI_zuÛ6#&^O&/PO_P/( [mP:j֒h)()E1|Uc}{`(T`{5b(9\{ѣYwP)C!g-V/3?H3R6(;ʡC1s id \˱5qAp)DC7v&d)e3)m\APꜜ703:0,B'.fwVsQuSWB` MK֫ZE&o ;7BH }5i$xG7Rꥋl~uUaSA1F#~$WJh׏P]\2Y0ƄR4fjxذ4QzemT)5{yx@ 3}vbE ʡpMK~iP6{^]Ơ}"L,D}V.ƚ`Cc *.-,̳yv/}ycmyj|f!hCK^l8]Tg2 +O%;YȽ1ε:Φ R!#?WgY &q=x1\~HlWK+@>| C[??9[\ 4xT'I%Hף|/v|d›snf &G^%/~7{^VIatph[EdzIp}+aQqS`9~)۩Lm e[7Òo;sIe\ڋDZ :SvT(T>5Ay zx'}F?l0d O_4B\?$r e kBE o#?ڔ)b}hzqaGvOgE<$W=sg)N;7QIykdǖM^|5uBp]O'mٞ n'[722{0&4YNS;z~(P (Of=,ž[&7e^^2F^|NDpR ]t9ǥy Xk24ۣF0( 7/k ӇNSyKoF"x*bv⪗#Vo!𺔱AJJ哲mUPwct@O8}vcj;!Km@3c=Vk0I(eXW|3` ӇH?z}bufS,(vy6 V)*5xO: f!։ttK~e^:뽅XE~e%zBEÇHK8?,&r/8_Ss=b\Ks"Tᘾ`4IXDfGAX`{W5&K؛kTYV5_T rpYikؖY0LRUzr䅔H5pKP=Y1(-+Kk:^P>5bZ rV|Q F\h R/ǻC&wA`c 5E=5 *JJMSjD#;^5p&S=brN}Zl_?} ʃqA(d4iZ6Byu[1LGG&Ӂ{])N(K 1I;d-o eUyQoY%3,WG Q'@54Eħ'UJ5 Z|C ހ4ж\3< m^:3 :|mjU-uYZagڇ51*! ݖ> Uh2ƋcVK- -V[#ƁDdsT <5Gy4=F"XjY*cT|x2PsW+1ڤVx% fCc4 18(,f$ftzz̀-.b9?hQ.&CUsc T21%fnYPx<> MUej@bS *F{Ņ;]ۢ £Aʺmطx[wTBVj/K;J:{g'9ӹR]Sr(EXH#F| ORH퀷ZZ͆,w)s? @9 nxj),tZ̒e9'nl`]6D&_}6 SCu'gʬ*~{cNc[⽂Ƈb Z?9:~=n|&ihڷ.IsTk" // ‰͐}x]ϊڣj4DfugnZ?( 2 s晎z& (yJkbd:k8pg|=ZhXcz*= t e2EC#x5}˿dzswZ M+ !Bd *pѬp`S 28ڀ C1^;7]^KFRL&JJroV{P}T4PSXjAe ~esDQm:@,cjԜEZ崸딹|ݧm#1/!"j=f6͚GNH'_'s6!]GxV)FXG?ڕuQ9~ uPwAju&Yӷ;b9seU+)o%Cs2=+Vwr,[O9??e&0acu择ΤE{g[>7\}R\as{qL7QŐ{5 /Vr$>AN {̉’QTP0Uڢ x%DeiAWl} ?5v\5vۦp$ M۽ḡ4Xϴۙ^dFe';aUj9u^>;ۊ@M/LZTp_p ֯O0=#oVcݻ]';aq=7eoQ?={Z:.,Rs/kB*6}X1fzlYOOE9OP o)3,EcoM6ESwjh2aӵV1h:# ײQ:<$ΔɑO+6x'mnG r| -0c;^̩׻<;rGCy+! M/hf! +DS0Iv*sq,K=?(sFgj`, Fxr hK8ES1wY{/^RnslJÓ 7T*㳎\X}!S jZszӠ=μ抸ϚP3c,guT3~CYvzS Cm-H 80UJL;$lqL확MVN5 ĜIl:aYF(o%77-d~sTE8ͰYEXZʝUtq7 z/_߈\Uu,-Z*CCp`Xkr9Zw[lߏ&b}s U؎~af'mȮ;<*Qk{FN#]a9?: Ipw3c"B-}sV E%J_YV.߱ 5J^gJȯP`'A9N)W8*cLpS\zSEŗeF-ZJ +Is>/ V2a;/k ]w(ڋ1|$?07zhm_Ϲυ &}Ҫ&\kav`W g z{pu?uwo?#9 zNCchG/;/^Zm"JKӭ:# fa҆nJy+<'.M֙9sHE0|ؼak璍>PuCuR~QH]uc۩KItG v,\d6HqEO2Af.|Krm"a+aԔ27]9@<*l+./ҋ:PDL7vZrd.xrڹvv$鮓0Lh&q4%Gd8~ԪY\ a=1,a}_[:oȻMLbG΃ [lh1BT{S#AFXtnhK״%)sU".xH`?S]|.rWAw\.^rvKT%q6`=B]?Am/H.7a4ɖjv nd1豳ѫGB6 8}S]+*Qb$@#eH~zH0&Ղ;.HZS ycƇ`̀fUI{.^M^ǑbG\c l=W5P97FMzPn GO_ LW IZXuB)ƮX&(UF/}T^xiskf#it[3k+VQiZwT*Qҳa{AJvz 2ޏWS*ä NT"]CaOF &;>337Jc * E8E>XYIopOi$oL3)a*qks:ֆbn}p9/X+q-)pcPAF1m-I].׏Oƕb5,Z5t*'P*'["䰬BBi(p6sQcm3w]TGF&>n-1tw2JS&=V tp5<9=Ss7d`w3҅l&;Agu")`zt_8Dc Iீ)Yz}D;? sjS팆cz-_C=(f꟮YKMR2۰6enֱg< s)g=0T]svkS~JawNʹ{nwt`&K 2jxھ7N*kl *%`8=M~Y S;m4 C%MB-Bi\'KovLiԔ=̈7 m@;7_~iHbp1f"5"BtR)|04Ga-Tk6Q5"?7nUʇ'4 z^Gygkui6:d1Kd]AFCUgH9Jݸ= &Y|VCn>֭xh` _H1'ϣ-ˑJۚ3$kWX]7𰟟R2'(T "Nc?A ˳1hn=P'MXE0 U|BQX~hhY1'u?s0fRArOm]bURd g)"g2VGe%~5CA+Ѻqfzf.V"ly(;Z*k Ƕ+=tF>i`QiYn @ٗ,͐]|Z3Ue\6>]8`nD @!}T9a081y4BJs.CYfϑ) kgwnށF-=2(Wתfή@>=)sc /3x%Y"e@ `!A.x{n}`/%#q4IVm'~JWx]]O^M!E= @D3Q~< Tnf鱜~t J*2U6I3ݳS{,hp5.?y`x:!~-3AY.5 9Jb67_Axv~}V.3|HܕYP*Jv c@%hHOK1`|0؏\W Di:7#|o%6G~4j ;?PMдn0 M܋ < ^+VM{2z}d;:do>ga'dOCzSX,q(=:Q#4r]m e ? KU`,yTM"e^bfOurD"7Gn-$VDF">:ye$P;*-U_RJczW-^}&*ԓX@`w\8:},cU?iBPW ڝN C$*SR\t3L?#U'.Z5p5*qdq6!HM\~ҵu|GUatI{i)I}X咯odJ\+#JKBs:ׂ42V6X:"6uӫWb9kN²aAIr7M6 l ¤-A }Z?CI!I!4*c%VY\%X,pP9[|6}L&z./ oU3'sIrj=8Gʸk9,V@nXAj6ʏG4 `*sItA4JV!:'XP9eZӘdԹa/Yea_cМrud:z-~{=A5s/֐Ñ{5 5BҪz^~Аq,ܑWcլԐ p ڜVKQ5 0M]?¿| Q3*%vXFJGZ6=\Ka/*lm}a)DNSIY2-0LGpNo[E}̦G*$24v`Jmz?~Y)YMCc_ʦ,0:EdL:E< )oEEP%\ qIeTlSk0iriJt[0Ч>ql:%25Ȫ ,[aE9k^PΣR jH A,0qr *x3m80ÆД1 eG+2(}IL[dԶ@Nh96rPS-Fv.Pz_714IiY$MO0 @R89cD}ѓ3!cpvxTLqN1܂0AZ 4;r 99Q1YDvBs \ $_)n1A*OGW=z9LaItrDwTǖܝG G `W>2jW )sqf{^Y9Kpt,&AzYbM)I:бaX#x2t׾0Da5k$.(JLwzp:1ӐܝPuX6=ԗ^3w `u+6zm\C[ԫRFg&]9óANwhqWAh8(O.Q@p۱׸PJ&ЦMXӕ""ij %6N.ωuqEn$qcBh sIDԔmd5HE7AYR^=hWLރiQa^`Rx*+H/c Y.j [{Gnώ؊U]HqNR5l?Twf' tgDWèO@Hb:C!Et_VGy>`H%> YY\IOG&[Rr%+#JvtmwF4/j<ǐ\3%Dр6q~63Y"'x/i󣴏B#j@:쏓nH9Ԗ˟u(: rٌzb}a_X7Blu?~E*y?}]3W!b 9*Cqr4.R֡, - (i=Iڊ#S#ϣY \Ǩc^f _|ﺩzpϣ+6bKԔ fij`cLDݍVܨŸ?놘y 2!/'z-Yv׋_u]VN(@J!rxYJXB~<%w@4޷ q@MPT+Pѭ;$ܾ>~lɆ<_I4Pt 3g|Lq>c2؞Id#);N)-^<ԓ6֕_x&LX0fk s}| 韶]Y'5f`KL$m,UxݓI3ڕ mC"lUGt`@ˈ l(DJ,&+mV7yOh.M ?~4\w hTt_JB&^{bO\ {qS!5&fp@ϳ/}{ݔ@=R6ԽDp,J ,[L}G{U*;fjs2iWuv jѴv@tvhr.Iu ;CuM}F͇yH,P@h`#fTD RH)=VdJ~B4(M0^MOw_>E- vȌF-;!wH1J&AlRi2A!ˏ߈c`㺠>O:XjR˫[̀FN$ G9wic`$S73}8SJ˹fμ$]?7~806CH%f]~C,H ׏!(ۑF…+vYDUDHPʈePy<(0~ylEMԢߒ-~$?|r$RعViZ<фKSq{KX5k֞a %vBVBԐdrCERT{D-hĕ)|'ZKOi ^Jvܐܫa{8>"YAu)P=Xr[C [u]f.d/2`] ¨lGZJEqqw%SOG4Czt`r5QjKX819j=tw>A^ozr_=QZOl9n TI':@S&ez7kW Y:p乩NB{=+fLԿsŊ2:MwVo}%GeSIl,I1+#U q 5g)-JS?"\#up]RVxҞY Q V:Ieڐis6rw7_->}k<;`iq)EZY]Hb٭zNʆV4Orue16UQ}2'Ο-M J XJ0;*Ep =C ^'JjNb@N9o.U&V7uC3X3@jj5_|[7)y1]3B„qɠGb[ Hť %Gu$! {^] B,ֹ4w ]ZOSb ̦|  "6YѼ!\it$?}={ di"|)J^@=}H,_,pSjH5U| Ꜹm}Ƃ II'=R#&_[H-Ćvrg-zKUYzZ-. 1Slly:OUo_aY92(6Z#%ơF`PoBq#UUMckTN7WuP*e :gg*P1{5V"nL-x?=t6)?hx_M%9Sݖ3+=Y'L|6n D~ͨ 4mt5$ 0c̐U{MIwb׮D]/NQC|.3ٵ1믚EYQsiƌsPX m)\@;h[/PQ| xXH}k$DUm{BoKKTwǜIq*ʌrV%ղtOl]tFG;:61IkQ,:rv!>e_JɃW^YxSYڕfiKkـ|XsA:Gm<~$N) U$ F(?D@+z6zBj "a# ]gQdKR|PA6T;=_i\"7z#9*o@ER(G!,~VWc3׋vɗ+ +4b-U'SD_^Ltrt Pp+ %+2TGQ"@ u+P [B$k?p-B: c iPdaG@ήKQ#5p4jSSޕ@/9XCg֕9jSbq/kնv@K8Y݀oLgK׍n7O>&4MT4j5.&Z{Db7}B3 .Ɏ}Nw W΍!s+2*qHHWN%8Йs=ƃ.]A7=(( 4p Ln3 A,LxQ"'}P | (5ϥ焘9jDW@SjlN[vIpGyCG1Xl◖zZP&)BC\Q 3D[?BLWxY8R3sn=$4=tHJ 6M 9KbTE~htkԳxeZޔpŽlr;p p XڄugZ3_b#u alĢ>DMKe3P-K1k%Sh<&9 ;EMl"Z捱Sy`:{W|mpm]WB;ꗃ@/nK.cU% ٣ªJ1KRϼ|rbi7YB-| n@M/<as;h&|Ɇ\ ` wz3e1m+N }e!I(^p`.<MLg$qbjYk{XZxɁs;>im>"UEqjo-(q%衏!m(sk77[_aR[7>6S0HۘP(~Kt7'﨟vVl8hiY0C :uYM2@b#ˋy#Et_W^m& 5I3lLk^]f?XƬͱ\\Atw ^g߿?W[MxQճ_B?4t뷓L_3VM8$MI;ݓihG59 ]*,|Z_$LEcQ2oFpd=eHaFjW!0>>]}3&+JjzG1.Gܔ21.`'q >SILP=TR;;$w׾讎6$8/%Ķʖ*Pz6dh9'0-nHe(WV+ֲ ÷G08L:kQgԠx6E2[ItI)Ҹ8'/~]]ǚdg-8MVA2L&er] 7gX(b2ca@؊^!HZ𑙶ޠ?j%nYN渔_pMae|N 8U`P"!Grw*z1i璘6­#'.dVFkH;"ho}ّCcÝPӁ 518r_M> q&Ur;J)Ԑ܍p [iSe=%zS,ʓྺ}qy]ZӢ&.2v $Mf&wA6B0 h JQٍ ;t. gevqWmu )F >E"66ܹ;LRwoZ{'DaXKuq70խi 1_L*Of0 ҋhEЄ#Ԁ F}AYFȌ(ȏ)aXr}e2 Q}OƐu' ^?Chyw~:^,z#n^cxA|P1,XKs%a,#>Xfz}Ws@ϒ':| af- {-UO)`2(S)"60IUn-aty(;w4tȴGНYEg݊n݄O`˟;U_KO<ȭ8UӐUɦnii/GNu3G%m8~uޱ=GBݼ 7B#n'bpkG?( Itg^5w, a7V qpM%3TqA]7iI}Ln9ƞXzCNSʷ +p}첕\cwo~KFa?t㯃$x_vM{r,$L|:<Bݭ QNMS^_cI p?>m0wAc群IղD8y1TAK1Wv%׉>6čW{`aQ1g4ҼJ:|~Ԁo\sf0U ̗t_"@ߐ0?iLU9NN2HwzATLCUuMƍi&!`{1Nj"2yUПa"9@%$^nVMF1=64afjv 4uR UR>ܛ?8irSR]>g1}/}jۺH|^WZ#Vby(9A*Ir ^O4\wETS f7ESRhmgAJQZɣ:ɑx)a"aI<348]qu vJt2J[˔5~ ?36ey]V=U(0&̟G\>J%v `Xc~qoK bEڵWt_ڧ]00ci$Wg1UbL~}䎨I8A%mL67ű ޛ=LtjѸ¸=^$ܑ!u@F灔ʰgmG'J&K[|SDOppUAȗ};-SNI܃cv dϏ!B 6nu2qaCӡ;.84Gedpg,/!J5piEu"8:GԣIōUӄ .Z|ݒ5Qg)A[PDb2~Kg;!̉meMM#ž@&GM. 6o=3);$MSbp'F8SuiiCUH(az Lt#RBEiz,xbe6YjN+*KNxbb +ZodXQ5y%_O 7M ^7GviRYtrQ/`"G$ XTBUG"j&/!;>}]AlIZS@Ɵߐi~`j I%F1a!GVً~Xٴe)qI>uآqIi[--V|R$}>CU"uEK 3XkQDeű};Vk %{>]U|V@\ĦNZU8ӋE|xlo (TGFzJߔi  DU/ѭTb&%~ET&4Im.~ uEVH/V䇶{wFC'*-z@icZƣ> m3u> nV+/%n{P;vk*A+n&r[Iaƣ6#ʎ!I5piW[i!Qx;|{<1ذS|[lk ">b<$6}GX^ E7~N`F\E% z9 IQ2"qJϡiz) œ.6 ] (_ ,ڼ3a5.)Ѱ2}O=XYb\ b~Ip3b*Qu $ݾm>g]e \E0|Ȃo} /mf"ļkг&K =O-Y`IJBeӄ rGirSN}\ }|d|,!]&I*eDFlJ-UԜ ܽJAf'=]7WbCȮNLuAT2pe+iJEo&z3~ xƆ*lһR>2ٜ~dFQi0(譱qnɴ_? [ct\A>]}wE>*ycՔӇ[!橒sqeC{G9z%oCx nJDh|ό֪b{&*#-\87 Dt5brkjED7Vz2QCŷ!Idm$LjYۃ|\?`R[p!2l* %r`i1(_oaTwm1<|H=Of}- A&~Yclk\ueI'lqˋ>i?Wˇ~|F%lOzq-  vW>>Ubu8_gtK=0YqX"?Wa<7%EK.Nx3J師`"ϿrK> 2̻3~i;0gq`V&kw1ZlAvT[-'CL1,I?9TUxoO+*H<@u!JFdp"+`wo(~mS5dkֲWܬU &xh*{_͆hE[`3zP^XȊ3k&  lKţyh䌐lb' Œw4awrC7b)+ae4vp $m|1\#^kŵ*', oo8"\j33B>O|y\@^#3go H?aj*F $Z4m= PTHPX; }B^trv?v L14FlBQ۾P$dz'a:LhSuokn?Hd#0 ^ @Es pڀ7b8fs]pu賋_p3?}m4>ьвX:#u^Nem xιZd6 30?CHcP,/(p}ݩSi6If4UG O%uh}{:j;szX?kUdUZLu.[7^dQ^0U-d%z +MЯ4_21^iؠ󋋆3vxŰn ,%ɺ7L/Q7>,xx0e;B;м"-#n5 jl<ue}Ha}+Ahl_%_㟪mk:B EG"cU=El}8Y10Q4KA6 ]݅S w4ȴ춄MR>?4KvڮȆ=^ueAf.=SB\1l;3DNNA͍rF(WIG%9omKW듟/((Tz|n-s iɸ}5;+ T6x7VB"*QMg\m/|BW~0GxUơm喼\q6(n0/=.Dqdm&d)bYӤu^zphϓ]^`7wɴ}P{&` l{z``?GNJBRp>vWb׸=C#3^4(kWN-Ij1fwŜ1 [Wƿδ8w8el:;fm;v[k_=m{PUE'tf>8fLM7)__4&O> ށ'azW:fY]bOqх.g^Yv7A?Nj.$ Ekĩ%5$|SzB~w̐WϹC" ۘn"Xe k"Ș - yp;zU:@tG9;|qD0jMVhxc~a3(:9B8}!U-JWĔ/i g>%M_F8QG$i ߍ5śIH͞Vqmy+YLb+YA@KmZ'1,뮙my- YCǷ AX?ũV>lg 1 S|0)]xG`r2QT=$rUrd.5&,De4leJ_n*>obf ;9^ƽK/2w,] l%Z;soe1(wTa!8`ۦ PMY.29RzzS$pQcUkv6^50ĘL=*hg ̋j2?u :`Ƅ"!7cbGuUsi!B,x )7t^YJ7fb8Ib0A Ρ@3p⹖; cHLz`YoLخk^f\8 fОz̆ԙ}^gX }=1(Ṯ LARkϗD}|?䌰KvNdI?N6|ƑmtF/V@^Bav/CLO 1~kMYJΏo*o0o`ަPG|+ȓgTA$q<]4y$py 8S׋XSOzP|$PBKḄ͡1% 78N|c̰R [au)k@h%1Gs5iq٧#h۶z-pkr G(f tix"_fJ+s _hK`tD}eנSŇ+`dgjH w*Tr`6|N7Y؜c0Kz̴91 (J췉wχW98Fss*Vl:0qa;^GH=w޷'YSuLF&Z2rU=d{yj, ^*'r*ukF_Yab ֤B(ʒ+O 1 RKcǟKщƞ9Qc(rr A!-ؠ$OE'5s%X/O.4 q }oY?^<'޺iludn476]9TF ӆ-Y<%TfCWJ>QNH}g.kB'JlJPӶUV mC C:*˄[wipK}e!Ki[ܓ@7Z"Gtτi`P0kɃNEoV61oN9ag-_k\&bAF ExVڕyKro,UD+blq{̷|F|DsJ7 e֔HBٖPF^2¦;-~BYu=Dz 8  YZ