nss-util-3.67.0-2.el8_4 >  A `U]1curjF%=&~3v6?b` l}`(D5 |N^VVdB&#F8nE19[wӨ>FD>~lb<оpqG'9]c}kV+;5 :Vxg$hgS P%fI FͥC&}Φ?A=Uc\(KԸTT&:B46s ex{/3q0Q2s# B_g J Ԛw}:!e82ab5f50d07d1f75a498c834518a0f88f6dd554f824c67f09fba37ef8e589e0be09b2400e42a3748a35f3ace88a52a7f7890145̉`U]*[J:w !|5PV ^r6(ѧt%YKZs5TX;c Alѕc[GDPzREm"[,54±7i٢_;-b:ܿOGiy34YX@/3_:9!z6\^E,,'NHMnҷc?›沅8ndO9Tet_7 0,N(dy6й ˆM1ȗT %imM ږdivka) Uoz BڋJ]A/^ qL>p<d?Td   F $,D P \ t  $<ZxX(89 :Z"G\HtIXY\](^|bd^ecfflhtuvwXxpyPCnss-util3.67.02.el8_4Network Security Services Utilities LibraryUtilities for Network Security Services and the Softoken module`sx86-01.mbox.centos.org LCentOSCentOSMPLv2.0CentOS Buildsys Unspecifiedhttp://www.mozilla.org/projects/security/pki/nss/linuxi686"ĘFAAA큤`p`p`p`ԕd`p`46d6d5ad86d23c077012ee3351b72a2f71ab2800df4d2f5b9845721bfa44820ca20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4../../../../usr/lib/libnssutil3.sorootrootrootrootrootrootrootrootrootrootrootrootnss-3.67.0-2.el8_4.src.rpmlibnssutil3.solibnssutil3.so(NSSUTIL_3.12)libnssutil3.so(NSSUTIL_3.12.3)libnssutil3.so(NSSUTIL_3.12.5)libnssutil3.so(NSSUTIL_3.12.7)libnssutil3.so(NSSUTIL_3.13)libnssutil3.so(NSSUTIL_3.14)libnssutil3.so(NSSUTIL_3.15)libnssutil3.so(NSSUTIL_3.17.1)libnssutil3.so(NSSUTIL_3.21)libnssutil3.so(NSSUTIL_3.24)libnssutil3.so(NSSUTIL_3.25)libnssutil3.so(NSSUTIL_3.31)libnssutil3.so(NSSUTIL_3.33)libnssutil3.so(NSSUTIL_3.38)libnssutil3.so(NSSUTIL_3.39)libnssutil3.so(NSSUTIL_3.59)nss-utilnss-util(x86-32)@@@@@@@@@@@@@     @libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.3)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)libdl.so.2libnspr4.solibplc4.solibplds4.solibpthread.so.0libpthread.so.0(GLIBC_2.0)nsprrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)4.25.03.0.4-14.6.0-14.0-15.2-14.14.3`̊`9@`Ȗ@`D`r_@_^@___@__"@_"@_"@_!d_@_ L_ _@^^@@^@^ۅ@^4]N@]]߶]e@]M@]µ]L]]^@\F@\Q\\\\\\@\I\I\U@\ `\l@[[[u[#@[[W[O+[M@[ZZw@Z|;Zo Zo Zg#Z ZZZ@Y+@Y{YY@Yn@YV@Y@YyYm@Yg`YJ_Y1S@XX@XX @XXYX@X@XX~@Xx@XoX>@X*X@WW@Wt@W~Wv[@WrfWoWm WbWQq@WPWJWDB@W4p@W@Wo@W@VV޾V޾V@VяVIVɦV@V@V=@V@V@VO @VHsVEV3[V UYU@UU@U@U>Ua@Ug@U[%UUU @T@Ts@TTء@T@TÉ@TT@T@T?@T:m@T"@S@S<@S@S@S @SSSSpShS(5@S@SRy@RJ@R@RR@RSRR@Rm@Rg@RD!R@RRR|Q@Q*@QQ@QKQ@QQW@Qw@Q]k@QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1.1Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-17Bob Relyea - 3.53.1-16Bob Relyea - 3.53.1-15Bob Relyea - 3.53.1-14Bob Relyea - 3.53.1-13Bob Relyea - 3.53.1-12Bob Relyea - 3.53.1-11Bob Relyea - 3.53.1-10Daiki Ueno - 3.53.1-9Daiki Ueno - 3.53.1-8Bob Relyea - 3.53.1-7Daiki Ueno - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Daiki Ueno - 3.53.0-1Bob Relyea - 3.44.0-15Bob Relyea - 3.44.0-14Bob Relyea - 3.44.0-13Daiki Ueno - 3.44.0-12Bob Relyea - 3.44.0-11Daiki Ueno - 3.44.0-10Bob Relyea - 3.44.0-9Bob Relyea - 3.44.0-8Daiki Ueno - 3.44.0-7Daiki Ueno - 3.44.0-6Daiki Ueno - 3.44.0-5Bob Relyea - 3.44.0-4.1Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Bob Relyea - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.41.0-5Bob Relyea - 3.41.0-4Daiki Ueno - 3.41.0-3Daiki Ueno - 3.41.0-2Daiki Ueno - 3.41.0-1Daiki Ueno - 3.39.0-1.5Bob Relyea - 3.39.0-1.4Daiki Ueno - 3.39.0-1.3Daiki Ueno - 3.39.0-1.2Daiki Ueno - 3.39.0-1.1Daiki Ueno - 3.39.0-1.0Daiki Ueno - 3.38.0-1.2Daiki Ueno - 3.38.0-1.1Daiki Ueno - 3.38.0-1.0Kai Engert - 3.36.1-1.2Daiki Ueno - 3.36.1-1.1Daiki Ueno - 3.36.1-1.0Daiki Ueno - 3.36.0-1.0Fedora Release Engineering - 3.35.0-5Kai Engert - 3.35.0-4Kai Engert - 3.35.0-3Daiki Ueno - 3.35.0-2Daiki Ueno - 3.34.0-2Daiki Ueno - 3.33.0-6Kai Engert - 3.33.0-5Kai Engert - 3.33.0-4Kai Engert - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.32.1-2Daiki Ueno - 3.32.0-4Kai Engert - 3.32.0-3Daiki Ueno - 3.32.0-2Fedora Release Engineering - 3.31.0-6Fedora Release Engineering - 3.31.0-5Daiki Ueno - 3.31.0-4Daiki Ueno - 3.31.0-3Daiki Ueno - 3.31.0-2Daiki Ueno - 3.30.2-3Daiki Ueno - 3.30.2-2Kai Engert - 3.30.0-3Daiki Ueno - 3.30.0-2Kai Engert - 3.29.1-3Daiki Ueno - 3.29.1-2Daiki Ueno - 3.29.0-3Daiki Ueno - 3.29.0-2Daiki Ueno - 3.28.1-6Daiki Ueno - 3.28.1-5Daiki Ueno - 3.28.1-4Daiki Ueno - 3.28.1-3Daiki Ueno - 3.28.1-2Daiki Ueno - 3.27.2-2Daiki Ueno - 3.27.0-5Kai Engert - 3.27.0-4Daiki Ueno - 3.27.0-3Daiki Ueno - 3.27.0-2Daiki Ueno - 3.26.0-2Elio Maldonado - 3.25.0-6Elio Maldonado - 3.25.0-5Elio Maldonado - 3.25.0-4Elio Maldonado - 3.25.0-3Elio Maldonado - 3.25.0-2Kamil Dudka - 3.24.0-3Elio Maldonado - 3.24.0-2.3Elio Maldonado - 3.24.0-2.2Elio Maldonado - 3.24.0-2.1Elio Maldonado - 3.24.0-2.0Elio Maldonado - 3.23.0-9Elio Maldonado - 3.23.0-8Elio Maldonado - 3.23.0-7Elio Maldonado - 3.23.0-6Elio Maldonado - 3.23.0-5Elio Maldonado - 3.23.0-4Elio Maldonado - 3.23.0-3Elio Maldonado - 3.23.0-2Elio Maldonado - 3.22.2-2Elio Maldonado - 3.22.1-3Elio Maldonado - 3.22.1-1Elio Maldonado - 3.22.0-3Elio Maldonado - 3.22.0-2Fedora Release Engineering - 3.21.0-7Elio Maldonado - 3.21.0-6Michal Toman - 3.21.0-5Elio Maldonado - 3.21.0-4Elio Maldonado - 3.21.0-3Elio Maldonado Batiz - 3.21.1-2Elio Maldonado - 3.20.1-2Elio Maldonado - 3.20.0-6Elio Maldonado - 3.20.0-5Elio Maldonado - 3.20.0-4Elio Maldonado - 3.20.0-3Elio Maldonado - 3.20.0-2Elio Maldonado - 3.19.3-2Elio Maldonado - 3.19.2-3Kai Engert - 3.19.2-2Kai Engert - 3.19.1-2Kai Engert - 3.19.0-2Kai Engert - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.17.4-5Till Maas - 3.17.4-4Elio Maldonado - 3.17.4-3Elio Maldonado - 3.17.4-2Elio Maldonado - 3.17.4-1Ville Skyttä - 3.17.3-4Elio Maldonado - 3.17.3-3Elio Maldonado - 3.17.3-2Elio Maldonado - 3.17.3-1Elio Maldonado - 3.17.2-2Elio Maldonado - 3.17.2-1Kai Engert - 3.17.1-1Kevin Fenzi - 3.17.0-2Elio Maldonado - 3.17.0-1Fedora Release Engineering - 3.16.2-4Elio Maldonado - 3.16.2-3Tom Callaway - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.16.1-4Fedora Release Engineering - 3.16.1-3Jaromir Capik - 3.16.1-2Elio Maldonado - 3.16.1-1Elio Maldonado - 3.16.0-1Elio Maldonado - 3.15.5-2Elio Maldonado - 3.15.5-1Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Peter Robinson 3.15.4-2Elio Maldonado - 3.15.4-1Elio Maldonado - 3.15.3.1-1Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-7Elio Maldonado - 3.15.1-6Elio Maldonado - 3.15.1-5Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-1Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.15-0.1.beta1.2Elio Maldonado - 3.15-0.1.beta1.1Kai Engert - 3.14.3-12Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- Fix coverity issues- Rebase to NSS 3.67- Restore old pkcs12 defaults.- build nss for older nspr so we can pass gating with the new nspr in the build root- Rebase to NSS 3.66- Fix various corner cases with ike v1 app b support.- Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC.- Revert some policy changes the generate ABI runtime issues.- Add support for enable/disable in policy. Now if your policy file has disallow=x enable=y it will act just like our other libraries.- Add OAEP interface so applications can wrap keys with RSA-OAEP rather than RSA-PKCS-1.- fips need to reject small primes even if they are approved - code to autodetect whether or not to use the cache needs to do so in a way that doesn't mess with filesystem negative file caching. - add kdf selftests- Fix issue with upgradedb where upgradedb expects standard to generate dbm databases, not sql databases (default in RHEL8)- Disable dh timing test because it's unreliable on s390- Explicitly enable upgradedb/sharedb test cycles- Disable Delegated Credentials for TLS- Fix attribute decryption issue where the private key components integrity check on private attributes where not being checked.- Update nss-rsa-pkcs1-sigalgs.patch to the upstream version- Include required checks for dh and ecdh key generation in FIPS mode.- Add better checks for dh derive operations in FIPS mode.- Disable NSS_HASH_ALG_SUPPORT as well for MD5 (#1849938) - Adjust for update-crypto-policies packaging change (#1848649) - Fix compilation with -Werror=strict-prototypes (#1843417)- Fix regression in MD5 disablement (#1849938) - Include rsa_pkcs1_* in signature_algorithms extension (#1847945)- Update to NSS 3.53.1- Update to NSS 3.53- Fix swapped CMAC PKCS #11 values. - Fix data alignment crash in CMAC.- Fix coverify scan issue- Fix endian problem in SP-800 108 code.- Install cmac.h required by blapi.h (#1764513) - Fix out-of-bounds write in NSC_EncryptUpdate (#1775913)- Add SP-800 108 Generalized kdf- Check policy against hash algorithms used for ServerKeyExchange (#1730039)- Add CMAC- CKM_NSS_IKE1_APP_B_PRF_DERIVE was missing from the mechanism list, preventing PK11_Derive*() from using it. Add gtests for the PK11_Derive interface for all the CKM_NSS_IKE*_DERIVE mechanism.- Backport fixes from 3.44.1- Add continuous RNG test required by FIPS - fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor specific mechanism- Rebuild with the correct build target- rebuild to try to retrigger CI tests- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set - Revert the change to use XDG basedirs (mozilla#818686)- Add ike mechanisms in softokn - Add FIPS checks in softoken- Update to NSS 3.44 - Define NSS_SEED_ONLY_DEV_URANDOM=1 to exclusively use getentropy - Use %autosetup - Clean up manual pages generation - Clean up %check - Remove prelink dependency, which is not available in RHEL-8 - Remove upstreamed patches- Update manual pages to reflect recent changes in commands- Make sure corresponding public keys are created when importing private keys.- Fix the last change - Add --no-reload option to update-crypto-policies to avoid unnecessary restart of daemons- Restore LDFLAGS injection when linking DSO- Update to NSS 3.41 - Consolidate nss-util, nss-softokn, and nss into a single source package- Fix the last commit- Support for IKE/IPsec typical PKIX usage so libreswan can use nss without rejecting certs based on EKU- Backport upstream fixes for rhbz#1649026, rhbz#1608895, rhbz#1644854 - Document PKCS #11 URI - Add warning when adding module with modutil while p11-kit is enabled- Update nss-dsa.patch to not advertise DSA signature algorithm - Update PayPal test certs for testing- Backport "DSA" keyword in crypto-policies- Update to NSS 3.39- Fix LDFLAGS injection when linking DSO- Install crypto-policies configuration file for https://fedoraproject.org/wiki/Changes/NSSLoadP11KitModules - Port enable-fips-when-system-is-in-fips-mode.patch from RHEL-7 - Use %ldconfig_scriptlets - Remove needless use of %defattr, by Jason Tibbitts- Update to NSS 3.38- Backport upstream addition of nss-policy-check utility, rhbz#1428746, includes required fixes for mozbz#1296263 and mozbz#1474875- Switch the default DB type to SQL - Enable SSLKEYLOGFILE- Update to NSS 3.36.1 - Remove nss-3.14.0.0-disble-ocsp-test.patch - Fix partial injection of LDFLAGS - Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream- Update to NSS 3.36.0 - Add gcc-c++ to BuildRequires (C++ is needed for gtests) - Make test failure detection robuster- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Fix a compiler error with gcc 8, mozbz#1434070 - Set NSS_FORCE_FIPS=1 at %build time, and remove from %check.- Stop pulling in nss-pem automatically, packages that need it should depend on it, rhbz#1539401- Update to NSS 3.35.0- Update to NSS 3.34.0- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka- Fix test script- Update tests to be compatible with default NSS DB changed to sql (the default was changed in the nss-util package).- rhbz#1505487, backport upstream fixes required for rhbz#1496560- Update to NSS 3.33.0- Update to NSS 3.32.1- Update iquote.patch to really prefer in-tree headers over system headers- NSS libnssckbi.so has already been obsoleted by p11-kit-trust, rhbz#1484449- Update to NSS 3.32.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- Backport mozbz#1381784 to avoid deadlock in dnf- Move signtool to %_libdir/nss/unsupported-tools, for: https://fedoraproject.org/wiki/Changes/NSSSigntoolDeprecation- Rebase to NSS 3.31.0- Enable gtests- Rebase to NSS 3.30.2 - Enable TLS 1.3- Backport upstream mozbz#1328318 to support crypto policy FUTURE.- Rebase to NSS 3.30.0 - Remove upstreamed patches- Backport mozbz#1334976 and mozbz#1336487.- Rebase to NSS 3.29.1- Disable TLS 1.3, following the upstream change- Rebase to NSS 3.29.0 - Suppress -Werror=int-in-bool-context warnings with GCC7- Work around pkgconfig -> pkgconf transition issue (releng#6597)- Disable TLS 1.3 - Add "Conflicts" with packages using older Mozilla codebase, which is not compatible with NSS 3.28.1 - Remove NSS_ECC_MORE_THAN_SUITE_B setting, as it was removed in upstream- Add "Conflicts" with older firefox packages which don't have support for smaller curves added in NSS 3.28.1- Fix incorrect version specification in %nss_{util,softokn}_version, pointed by Elio Maldonado- Rebase to NSS 3.28.1 - Remove upstreamed patch for disabling RSA-PSS - Re-enable TLS 1.3- Rebase to NSS 3.27.2- Revert the previous fix for RSA-PSS and use the upstream fix instead- Disable the use of RSA-PSS with SSL/TLS. #1383809- Disable TLS 1.3 for now, to avoid reported regression with TLS to version intolerant servers- Rebase to NSS 3.27.0 - Remove upstreamed ectest patch- Rebase to NSS 3.26.0 - Update check policy file patch to better match what was upstreamed - Remove conditionally ignore system policy patch as it has been upstreamed - Skip ectest as well as ecperf, which are built as part of nss-softokn - Fix rpmlint error regarding %define usage- Incorporate some changes requested in upstream review and commited upstream (#1157720)- Add support for conditionally ignoring the system policy (#1157720) - Remove unneeded test scripts patches in order to run more tests - Remove unneeded test data modifications from the spec file- Remove obsolete patch and spurious lines from the spec file (#1347336)- Cleanup spec file and patches and add references to bugs filed upstream- Rebase to nss 3.25- decouple nss-pem from the nss package (#1347336)- Apply the patch that was last introduced - Renumber and reorder some of the patches - Resolves: Bug 1342158- Allow application requests to disable SSL v2 to succeed - Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails- Rebase to NSS 3.24.0 - Restore setting the policy file location - Make ssl tests scripts aware of policy - Ajust tests data expected result for policy- Bootstrap build to rebase to NSS 3.24.0 - Temporarily not setting the policy file location- Change POLICY_FILE to "nss.config"- Change POLICY_FILE to "nss.cfg"- Change the POLICY_PATH to "/etc/crypto-policies/back-ends" - Regenerate the check policy patch with hg to provide more context- Fix typo in the last %changelog entry- Load policy file if /etc/pki/nssdb/policy.cfg exists - Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy- Remove unused patch rendered obsolete by pem update- Update pem sources to latest from nss-pem upstream - Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key- Rebase to NSS 3.23- Rebase to NSS 3.22.2- Fix ssl2/exp test disabling to run all the required tests- Rebase to NSS 3.22.1- Update .gitignore as part of updating to nss 3.22- Update to NSS 3.22- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Resolves: Bug 1299040 - Enable ssl_gtests upstream test suite - Remove 'export NSS_DISABLE_GTESTS=1' go ssl_gtests are built - Use %define when specifying the nss_tests to run- Add 64-bit MIPS to multilib arches- Update %{nss_util_version} and %{nss_softokn_version} to 3.21.0 - Resolves: Bug 1284095 - all https fails with sec_error_no_token- Add references to bugs filed upstream- Update to NSS 3.21 - Package listsuites as part of the unsupported tools set - Resolves: Bug 1279912 - nss-3.21 is available - Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit - Resolves: Bug 1280032 - Package listsuites as part of the nss unsupported tools set- Update to NSS 3.20.1- Enable ECC cipher-suites by default [hrbz#1185708] - Split the enabling patch in two for easier maintenance - Remove unused patches rendered obsolete by prior rebase- Enable ECC cipher-suites by default [hrbz#1185708] - Implement corrections requested in code review- Enable ECC cipher-suites by default [hrbz#1185708]- Fix patches that disable ssl2 and export cipher suites support - Fix libssl patch that disable ssl2 & export cipher suites to not disable RSA_WITH_NULL ciphers - Fix syntax errors in patch to skip ssl2 and export cipher suite tests - Turn ssl2 off by default in the tstclnt tool - Disable ssl stress tests containing TLS RC4 128 with MD5- Update to NSS 3.20- Update to NSS 3.19.3- Create on the fly versions of sslcov.txt and sslstress.txt that disable tests for SSL2 and EXPORT ciphers- Update to NSS 3.19.2- Update to NSS 3.19.1- Update to NSS 3.19- Replace expired test certificates, upstream bug 1151037- Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available- Disable export suites and SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code- Commented out the export NSS_NO_SSL2=1 line to not disable ssl2 - Backing out from disabling ssl2 until the patches are fixed- Disable SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Update to nss-3.17.4- Own the %{_datadir}/doc/nss-tools dir- Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic- Install pp man page in alternative location - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer- Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available- Resolves: Bug 994599 - Enable TLS 1.2 by default- Update to nss-3.17.2- Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work- Rebuild for rpm bug 1131960- Update to nss-3.17.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Replace expired PayPal test cert with current one to prevent build failure- fix license handling- Update to nss-3.16.2- Remove unwanted source directories at end of %prep so it truly does it - Skip the cipher suite already run as part of the nss-softokn build- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Replacing ppc64 and ppc64le with the power64 macro - Related: Bug 1052545 - Trivial change for ppc64le in nss spec- Update to nss-3.16.1 - Update the iquote patch on account of the rebase - Improve error detection in the %section - Resolves: Bug 1094702 - nss-3.16.1 is available- Update to nss-3.16.0 - Cleanup the copying of the tools man pages - Update the iquote.patch on account of the rebase- Restore requiring nss_softokn_version >= 3.15.5- Update to nss-3.15.5 - Temporarily requiring only nss_softokn_version >= 3.15.4 - Fix location of sharedb files and their manpages - Move cert9.db, key4.db, and pkcs11.txt to the main package - Move nss-sysinit manpages tar archives to the main package - Resolves: Bug 1066877 - nss-3.15.5 is available - Resolves: Bug 1067091 - Move sharedb files to the %files section- Revert previous change that moved some sysinit manpages - Restore nss-sysinit manpages tar archives to %files sysinit - Removing spurious wildcard entry was the only change needed- Add explanatory comments for iquote.patch as was done on f20- Update pem sources to latest from nss-pem upstream - Pick up pem fixes verified on RHEL and applied upstream - Fix a problem where same files in two rpms created rpm conflict - Move some nss-sysinit manpages tar archives to the %files the - All man pages are listed by name so there shouldn't be wildcard inclusion - Add support for ppc64le, Resolves: Bug 1052545- ARM tests pass so remove ARM conditional- Update to nss-3.15.4 (hg tag NSS_3_15_4_RTM) - Resolves: Bug 1049229 - nss-3.15.4 is available - Update pem sources to latest from the interim upstream for pem - Remove no longer needed patches - Update pem/rsawrapr.c patch on account of upstream changes to freebl/softoken - Update iquote.patch on account of upstream changes- Update to nss-3.15.3.1 (hg tag NSS_3_15_3_1_RTM) - Resolves: Bug 1040282 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) - Resolves: Bug 1040192 - nss-3.15.3.1 is available- Bump the release tag- Update to NSS_3_15_3_RTM - Resolves: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws - Fix option descriptions for setup-nsssysinit manpage - Fix man page of nss-sysinit wrong path and other flaws - Document email option for certutil manpage - Remove unused patches- Revert one change from last commit to preserve full nss pluggable ecc supprt [1019245]- Use the full sources from upstream - Bug 1019245 - ECDHE in openssl available -> NSS needs too for Firefox/Thunderbird- Update to NSS_3_15_2_RTM - Update iquote.patch on account of modified prototype on cert.h installed by nss-devel- Update pem sources to pick up a patch applied upstream which a faulty merge had missed - The pem module should not require unique file basenames- Update pem sources to the latest from interim upstream- Resolves: rhbz#996639 - Minor bugs in nss man pages - Fix some typos and improve description and see also sections- Cleanup spec file to address most rpmlint errors and warnings - Using double percent symbols to fix macro-in-comment warnings - Ignore unversioned-explicit-provides nss-system-init per spec comments - Ignore invalid-url Source0 as it comes from the git lookaside cache - Ignore invalid-url Source12 as it comes from the git lookaside cache- Add man page for pkcs11.txt configuration file and cert and key databases - Resolves: rhbz#985114 - Provide man pages for the nss configuration files- Fix errors in the man pages - Resolves: rhbz#984106 - Add missing option descriptions to man pages for {cert|cms|crl}util - Resolves: rhbz#982856 - Fix path to script in man page for nss-sysinit- Update to NSS_3_15_1_RTM - Enable the iquote.patch to access newly introduced types- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Fix incorrect path that hid failed test from view - Add ocsp to the test suites to run but ... - Temporarily disable the ocsp stapling tests - Do not treat failed attempts at ssl pkcs11 bypass as fatal errors- Update to NSS_3_15_BETA1 - Update spec file, patches, and helper scripts on account of a shallower source tree- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build3.67.0-2.el8_43.67.0-2.el8_4.build-id006417663566d6e5869d63f158c3de49cd694f49libnssutil3.sonss-utilCOPYING/usr/lib//usr/lib/.build-id//usr/lib/.build-id/00//usr/share/licenses//usr/share/licenses/nss-util/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m32 -march=x86-64 -mtune=generic -mfpmath=sse -mstackrealign -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpioxz2i686-redhat-linux-gnudirectoryELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=006417663566d6e5869d63f158c3de49cd694f49, strippedASCII textPPPPPPPPP P P P P PPPPR RRRRRRR R RR RRRutf-84a25e3ea3f7bc58c15cda2a6c2332e610a743d8525524b5551324c3be29635b0?@7zXZ !#,n] b2u jӫ`(y,xۋEWy2MV I>@c@<`ӔE9i`KsYQ. 2(9E'|ބ^it;).iV~aN7r}t%l[璉e+4`FN硊Nq[(\z6UK];CUZ݌MX5;[KDJQm%.c?G/wj]? ZdD3Fjx=as/")ܷV,="1˺), |&'i( He:N@E{bո$QO㴔@z(=ASVw\[)k $\~j7cˤ2/Qa_x5d$8_*iSBEl[ \l 3'I6I3h]X-zq*nhjǘD.3)LS]M)w1c_"+u/ezLj͟3Ӎο'%QRTeQ(L` GkPE&%:V z;&D?NыP8|mgJb]Iz!{n|g`!/{"b""aվ38&"&bWh%`{#v)mR _X@g9jjmD_0FMd:Ư˺h znrbĖkԩ /U + ?}֎䟈Z`onQèRI@P&h'ETVu^ !wpCc\ QW\k^HaĉNIm~2o"<7Ϳ2H" fONr[s}Ȑ_ܖoܱO |rCX9?qόˑzL,41`."O_V-*8 ՟P1A?y1i~"@I^'L a.j0 hͯ񸶱{R@rowd?P-euR< 2"o8 ,k’AW7{oK ~"}S%5\SVz5O,lm99OS#⡯ 4ү#̓RaB!:@͎o#z~e ~ܓ}Fw3e<-1EthKM<{n ; *?~κ4\0AaGd!{rL'läDod,`,R<fhOi.n 'έ'2 ]ҳZNj~/,KLn`j9b6UTxm ²O1rl sڪ_+v),KB Vv+'W|TrjVy`κHigd e>DKZO5{%iZKjc3a/xh}&AS`؄?^*O/@ /gYnß11xADhy8khn,bپihgO]|RpdETH~wx`.x{k䔔br} 64j/ї2%Gyd/-ywɮ)V:o%uh.{OR&L5Ę "܈(Eؾ)_^SnWw;,z⊔tuCVQ d'Zz"|8Erp`OG` E}iTfvWyX})L7 [k1)4k~Vy bJR`-C.s`k>Hy5S|A_WS9 N}+=w5[1'K#NqUC29p}f(Y;&3K(w4_@}ř!;]hQ:ˌ jO4滋1 d]n_LJEnY@k}|1kcLoLMhpS @"kReY}=@1D]"!-^IPpJ}"y weʇo5td{fwKgoeC!, ՗?c ;;Եj7-:T-G ģykGLJi+Qs3K!筯z~A"h|'#-}B^'n8zPNf̾y'법/ @8nǟf,}ohT}-(h)H[΁:uݘf~X'\|tLKdTu Ri4Se {lTt&بo6[`qΪ RFDFE]@2P\eq<9%XՁ>zƤl1Kv2"6Ǖ8 B,|Œ/z,k3{o|V@b^=$hwc_樆MybWn E$͎r$7vzx Z.dmvHbu5EKFwGDH+,2 `DcT7jV6 p3[6x@ɬYl+$''W\Pofw|U6NZ И+)g푭:h-ر>藦4ڕyilm:]f.Mf&Ө½_SR⥰܊{Ut2I{ʖ9fwUmGy͒4@)Й㦠!e# ̗!6K_^<012"rZjڜr3.%]`#rs$Bе, DM/#/hnHuiWFjg!X})U}^hR$QJh>ghϫ4Gu-Ȭ0E9 }%Tj>2=R$ܶ}=[VH1c e?2dX;d0SPX]&0է bBnXKxI!lv Q{S~k)zJKv4z34jMkJWЪ:oVmeT5 fwUU\Khe*AD9>r0-Df}WIXS~F,'351 ٱ/?I{4bO~ ;EnHz.j-7zT]lX_.8RnWځj=+Ω g,}O`R6l/UB? i`Gh-ku%ij-apy~#n`^V܊\#Mg6e׫Р|z T #|Håfm»#Q‰b}K+c~DbK*~r$+̱"J0TTZp֨4^0pwѱ H TH仒$ h_;PM˪&h{$okGwFA c@(NXtCFQcthj? .ruxOc!Y0M&׭ ~25_&,r0="ޞ)-k4ې 9a"g&kt՘S.n@D-sP{r1*V7o6AA6N.~%3E* kҀ;MRa nFm!RwG-BX˨YK*6jy˟{DW_רL7`[2 (yIt J*'d.G5ŚTWc(.}q.| kȥ[pT@. V7 % )۠Yf QNvQkDmDMZM^kũ)~V8K8[fg *y# V?Kf[2IکPvZ&gV#2@;44M~i1XRj&fST)2uv鄘z0$$+kh]WF@Qp%L=\ I|ʊ̡D;eg6.&="oW~UI3XbgzU)ufh0WtOO6=$F$*[xS@h@c3Ko3|RB5u\e?ŠferQYYԢ° ?tЈ_,XU*)X}46m7RXP? ߬WkCSv NPj98ܐw/.,Sy/NB&}9)-#;Kg5}\F\O^#wAT-W{KQZ7[@S;Q*j-ve pDT@ j[;/f| 4=p%@ ?kS5R"ZGIvwtHm2NX8;Z$ {T$GE?C.ju+O#󾀄6[b*%PB+=| IfQi߻/-+BKij?U4)QrR; oúD&c,k34[|#q(Mn8ؤTA$)2J U\#kP3G%TxY2r?ɝ3*Z:wp)<`P*fO@jt}wXxxMNz8|-[Q37XϝBBh&ͦH_ kI^QI7 2|=fo]x>K@1+jy6SB1vXBT1Pao̘^]6e𞈺u;b|q ^ޡ|_4+)5AW) *yU<p@($^D3L"+d1KnT8(^-"K i&}| f0#Lh$7OT# %HhӅ7軎:zN#嚩*@+4WnTЮBMue. Pz#UBru9t."+Pj 8a!P\?H3Ǜ|ާlCVe_d'fcK c8[b'ߴ&u\J>l;h4i Rx+h A}adh&Y%  Y7n8EϽ̙#!>2X7O3s` sn[ R1U,-+״=>4, |jmğۨ! % .UX3vrA^#-G;A; WSB'(P$|msRz= rr0|ؔhQuU*c@Q(jtմnL ' U!R[OhJ7m%)_Z,~w嘯VS"1rw.zU-75Be]sܐ~@Ȧi"/f*߭" JtxL39^SI;g-0XNw/dJ'C?0^a=DOQd&޽}{yc0H]c,۟q_㤜l|eSy"\AKF]`Zn,5-Hhs>ey%"`tiaڶ=RS< VI|.MySD`G^x13}$J!?*o!eeS(W~Iϼ >":4pTc7:'q- n/ՐTh~o2}U]fVEN)x)7 TEg%$9XҺRCCʟȿ/Ki?"0fuY-0,dI",_ەQ A;hm]_yNr"|MZyl҆ᗊY.+nU`g,8dekDYӛBdV-X3fCxEşmOv跥#>o;2+!?RRؒt u:;V$%Y\9a<)蟩׬ =A58ȕ,g @Y7&JmdP1gC( 1z{7*H׀rSB&KF"Lz|cRʟʁ{(@O:ͿwX›Ӕljw͕_Ыtpjd֞ٹ<i)0AK~bwRFQ 5sPNn`HKe Ưv;_h쓗{gi=H&?%Pv^,%Vp.{'0J_SF+eL߂M>MI}-Z$TaO׃+QoKLᗕ۸Re#PkZ6O;hL/' e{Q_.N?Tu+zUt^ \ز,KQhi#+} QkU5ތ݄XV(4ș;Zw&{1sB?%Eb2es/.L?m -w;(U %fT#Ru;tWUL#m9yǎ.!`;Pn |BuJUOK*FH"}8lL=ru X+ѯ!O_7嬑[6ӑ}mDxs48Iļ{͹(Y9F7% U )ZK>X؍Cڶ{FX,EY!(2= !6GqտeZ5ͨ&7Jo"ٖġh~;|$A?PŐWHݒ#.y.g 0^On GT(|SbNe0t ыq,dAam:4nMg.O#q[{-<kHh Ⱦ-dD1X? g_jLBјfA:iiN-Md4χ5>l1?' 4ZF ",R&k FJ͕MJ^5 GW"qx~mEyڏْ7;t< u/ΞcJu@+|$|n"1gqp``œD+/Jʢ ӌ@dcA67-8 BA\NSnHP|y dn*^-B8n! #l o. CN,ޒ1Z͹ñr"اp P4I 5J?V ٯי آRgf2\@`}]Z9uZ9qJ|s|1^{IļmB߈3X2}zx"5%wc+֌sb!WMos7xSS.] F "_En,:c(`e ٲIڰQ%v|Gd;jQmTW̧hy$0oQdl1(+r4̱&=p Fܱ'b.%VkNL٠<\WI!A='`U֦a,޶#g݃&1[/%TZq$Av!b)nPw#W$`Gtu _y.,Wc=|PDW/y?ǃDsG.K{rv;Cɗ@t)>hwSV8ԖHz-yo0 x3 sEI_0w!ӜЙY@X-_jux{Zڃ8@r٥Q.60KP]J; ;/Rt-@88bS G,$9 *^澗9εs6w%"=~m&9ѥϤ;U@>4ё!4gcfP@?舖9% t ߎ XؽךH,6شsxf3;pm?ə13domK_Q WoSĔ/ <ִ*k|$n2՟⑾֕G==^>J&6k^1/@w)5fë|k%t2.l56gf!ԁ;'^g5O?q.'ċCz~bVRZ8x]1ԧ30в>U!Ur gVȤU&u=i쮂mҌԭun[nQr*"|Gvs +'A"QhqcTJgRA7@1b)jwc fAسgn⑆,G@ (QSe/To%㼪Y!djD([ T,mE 5))INlb&[{('}*S(t ɈW`6,iU6(\K39-Nv}w;Gg))qjV'q}_fs0=7"D=F:#!?_>嘙 Il q=E`:‰Ֆ0 `}\@1e11["vD-SK7s=xNna:x(Y믔3Dn$טk~zf/DXߡ,;V(++~Tnѡ 9Loxd}s )Gh:qZP!?7ū@ΙK\)͛`s0'[ ieRP+ry!2 X BZjSjы=୍{{Ah6sԏаgXo 4K4MPQByH-kЌ!,xDO͕u1D^pRrUv5(`E]r̰} 8XWH*y-X1Yi^ʠex)F>jgM}N禖STS%^"m~,)Ԯqp E-d`#7@+28$I6QŝR9'rso].o2ܧ+F6R"뷐h$V_B >n(K^]s& b"E@kVT.Pa4;W %m_q%GCVA)I*kǺңlw/]B9 F,qnmM\~Cib+. '*,q+ǃr87uF͎n֩}f'Me0y@qaAmmǛ'hVD=Ȣ"V:Jvtө9L+S,!Նc5zK!9%.aɄtd5e :·z}/Ћ!FJ&G[?=t<0٭պgV)Kf#v('9 ٴϪO aS|=nYO‘C_r ;KO4&7ϫnjp!<99 O>:M, TqX´oL7Il'Ҋydlm>gLD#/bP/F hԫ&b݃W/`rV@AMx|pK/=jHamphx‚rMw{W~9W: z< &>Z،8!Gk;o VfɎ`<mjUM_\I>%Q(\01#67f#\un2E{M3? Wܶ$P]Pտ,X":\EvjWZ.fo1 (ɒFن)6w,(A:~K&@-PBU6di%v6ߡ3ӭr]lAi}Ur}%dp T֓ÄttKG솚6$ 9@TF37;^ n<0 ;;W^)J"A`k5ȫ{C_P̲٪܎~08|%d1(×^xݟ[rO8^*Ӎ;&圓/\KzOP= u[;Z9z?y UHu\sﻉC2<fJԾ49?B s $fm B fIFKYΕ]ro41\kGrbpo/ZA%{xni#2)p%T;d#{jmXο"4<'ĞaknX LPtnfB2`kB`r XVtm6Ž݋V>{࿸rQX;n3L,\ h\n4peIZl˰h>m㖡G]=X(۹ l-{{mᑍKfrULrC|㲅w:VLɜ#.n[  uj tH j'y9r$x~Ǎ,b(\OC- )2@K :Bz`6A%jf]TV͆(.:=$]f(i175Mu&-rS6p"~ zGΎ͏i@x'L3QŸoz6sq?SMJޛ|~E;uu'6u6| Os=8#\GLDzMUDoSTT[ N|ȏ A{pK:S|oWK<[v@:v}Gx}m[/Zj&9 , 3& эRJ?L5ll>RhgZ=Lbg=(`B6RѫYW҉tҁi c)\\| QG{Ev&Mؑ@9u + G4D;O7`NДY(ȯV]9r% jαݙUR> CQj]^ыi,#W8F3A1Ng08׿֒+*2)[@Not:wk7w+tD291`bG]?H}dW'HYuvQM ̽{8ǟ-6JD Vf)_co;;rݠݷ%]0j(An.}Iȍ;Nܭ"\/@s!͙,&/,is~Z׏dh ^-}.RzoUځEI8^5FW5j>c#=`q)5<@5r0=3DS4RaxԑP4=oPeuXE#hr4 ]ʰi.>jE 1C+"M-coDVmqD1M!y2\䚿j\niɘ쬲@fNy,3%iTWjR=(T5 =JM]➲p79sw sʱ\rAvA4夃bF;ο@ͬ06k!@bTzt_ѥ(bv5@x8҇ 4$[-R%xy|-HkʻKwc]Иۘ)-vX($"X涧 KxF]"iO <{t·;o6gQH>c7(FIAخE "U5;{ Hj$PHpsBx)8n=Yߌ'`eIo͕kvYct&0b,WN!5%~WHP>PJWO$aK-M'= mE@/wnC,j˞,=(I7IOZsH'{fSڂeJ~I~vҺDS԰]b`CnxyE^o__wZ,%,}ҠS6G&sz.tYu$1MDӄdfa_V>VDOLнխ/WHJ7m~'G!^^:Yy;fɒ M^+>ghF+ycxY£?ĨNVGZj`LNBuqjKV"yK%^oʡ4u4med!YG!GRY Ovͅ|:iAnf4_Ӿ(74"T?#DSͷ ZZ4ML7Lcro3HvL\$ؐ8m/iK㰼gZǺ/}v r"~d׹`f:"7C2vӐ翔mx:o[H#T ¾E;n!jbUw݊Xw^I̮5q>-L|ne-łZ1@X!͒N0lsbrk>N-ATѣul쳐2q=Hg|i ߷l`5_Hԉp[ٙR~nQs^*@.JZr1LA>8}=OW0<]AG HڶtL,?Y\󦵍)C8:X NHn󢟖Ŋ$Fv@rh4^}.ޱO~ԽSa{>9ek[PWN]k9.?gMyS^l Qc_5s{x ]p2-boDG+q%l* 2읣cHۊNV$Q~E}kZ2iyKxk8A"6T8\Q=Cq]??ʊ7q6==֗ ( Q؟ʍLu!`{TZ+ZTnq݂N;$r`͌KZ9vZ3\`si3Ϫd˼"V\~F%ld y)<* !֣x:>,Nžp=]yfv#%ྠ.贽K\JѮFR]o!?}T_ .lk|c~56Gg ~$pAbk:rYX/NG.~? Nb4@E'3Gdʯ׵օHCaAd{?<7?2^љӲ?O%ۑLDŽp.y|ɨŵ>ړPoJwYliM=PD8`meBGؠFT1B|u=| B(x`MvDAW8$-h+ *m^j.[S9b 'ʣ=k6+Z@إj/NjQ7O活cT 's%")Rp͌?G1e֨*P|//op:  ,ߓ//AѬKݫTx|6n'>! c+Ҹ"Ȥ"/a?Pt@-= xkGaܺQLoi u^7}""5. <)Ȑr;&GNOB&~N7(ieRyDi>](=MNBWhۨ [o&&־1Ce6389׆SRcKa5Lɦ_f6~Bx=zyd'[mMLքƹ<V HL/}Jʛۜ$#\!)^~ 7Iyj(Cԕd]4FW~35;8'u`%O%1 $.9=vgvnX-QYV"+"[$PV?Dv9O;ސx!m4fm!Wp[rp-(0Stn_ habmy _ƻщ{oAhϣt}CKXe{kq1!(4)7aJL `yGB}K>Zf[>JpD(G9o7pڬV ;)}ѵ^HNj^姖(~iCK0вC DڦP- dbUe([h$Il?L 1Gh"E~*2j9BT3ZۋANU$juE4jeHZ+\fW yc:qπOLbUQt@EU(r>^jc5 )UP _]h503I74,Bo$f1~lUⲋ?Z擿뀩qtQFDg$al#"VI;y.f mDCX%N[WCUGCN X,S*8rHCoH+GxϧBp7l:K\eg \ɝnnG@ ܢlYYwpҼ%5> " k1d ! > Տ"ʱ ^3pc .6+9d,mϯ*ۘ| lUyp+BsPQ}n5߿~"EqZIo;J|'2'}u΂ ^iQ D#aeWs F<`J &s4wAp.1Zb26 j@?bM2l,?rŘӇ)g@!@<* R'2nLXcFʳ/Va3rAWLJt-dkB<ʮ_4(4IvɞLyqXon.Cȸ酾tQ>3*DJ7<I1;?[cs°=p62xs-DCNSd:>$t]*3s݉^+B2n 65+k&|p,`΋1soW0 r.|wV=Mr'YAs3 ?0 ~)(F3ɅCpGK7iUI_E1Iu /m`_"8n/dzXwgqFm(y8u=5E<缒#Э<|:Z,yK+WuҌI3ѤqTߟoX trዒQ8d D~mhy@=<!rnv"t`IaLO HdUta92` j|])Ftp*,~RF4ȓ½EweGeWs5`$W6 Q故(&pZl:)_-$TV?퉅Ge}+ˠx;Li9[aٖj$}0n{'K$g_um3qdIaľΉgh_&!B'DJ#`%'IR#F] d2vOÃby#H~I 7&;X}DD(IMq.D,Z G=?VŨ\Îȝy*[_P!zW=X׀$h \+Z}|^ L5 /4;sSKx3HUF|hk^Ak2A *ǡfCu+DO2&ClIolxXhV(#vR Zckj28חN/aOD{&0XHnd=x=_jPJiWy_ ay,OOg# :Rpu39mdrs=,k}AÑ(>~ڇq<G蔬Ѣd:tI˝@YՅ])ښ=hpBɾeK_;U FP|rZ̩'%Mit%%`Ylj/PΆ P<Ƥ'0bՉՏ .0an 2>lK)B>y#ބSZޔ>:GdchWmR9i~sgl/lw4Lk Ү=k[@W"^]5Jn_ HUXh5e+&J; F`l+"QUuwh6]XS2pF~ q(1-= 2ړ(bXk^K f;Yc%iJsrN0ܐ++hDPcuYEpaf>%MFj&MeH -? $Cؒ6WKcF/3D(ԄQtWRvwJPLimD\G Z݂o 5k+sIG#KHˣuCR e5z:%4J9\Zdfm4 )\Uy f M?Qِ^l~+>I|Ta%JhߝH,| ׸ٍ |]~ T8~!:`Haupz*r4%ElѺqu~ i\"YIm'a|yeiu]Ό)%IJfahek1 ӉPP%n{L1ĖU8k) *Rץ.ł,,/x=0C`⧧7_ ؗ6|+mo ՜0 WAL_92m+{⬞oVP}F(V!0(Ѓym: J30 7SkLq.`w/j9[<5ڛwp[`;irb6c98]tzJ^@s_KeN69#q”72WgϠ ޺8Ao^<6E@WSMX81"tԏKzCtn4Z eMCaZƪ 5 &xRrwjҤ$;ƴJr+2}~uv }A{y5­i_IA‰5"Nr$ 9h8aŬLCN\/>nc5i:xO#6l֎|AIʊR;Q^y"Lxk:F/2ky_!GK~LCt7]m>PS8fUpΦ-f }GZM%GNyi*Wv*3N/O|q^8Cu; h C92MKG8w{&dOCa1h&~bVštP` ֭( 5iD3ID-PQŠ;zbثs2͎/2j)OՁi3RK~Z* W'$r7+fkގ8NfpQvX5`d؟F.&?%cWNpfqG12VK6$$m r8=#86=  R%S֣8;Bqv:ӣYP^Ew-^|B s`[f{bnbaj&VGūEPUmX᤾tZ?oV7xWݶFʩ|BޱӝZ)oeANH^AJ y(Or:ÀS8,cFWOӻ%=ѴU6A7g'$agUX(r]:9j,0XL2!Jt ,l&uk]l@h ekZdZ Guo9;IB2d9bu][.pafŝyn Z=lqCx)4aεQ=! SۂyJUB GAofQM2VkQP6'tsS_%:Q=b7uÀ<P-FX%1SEq'0ڳ,#;SB$ێDGi5(m+Q4.ɿZD]ҹ)`>z~CDkVQC聼4،PIr9lqP lE#uo =]LLʂVp'jϜRG+LL/ 60YrNˋ2IE~d߂Lofb4ęQH4{HfHIB_RO'ײY:|]x\C_%^R$[#Pdȥ~wYׄt5?*iP!8K5N)&jPGDˉA(ȥN'J|\hja[%g(I/Cm1.ػ@R_: GEgqk-, an/Z*VqozYx@U0t=8KgHʴs'u;5#b>[[)z[*P4]QyΦaka綩 x9~% #߼t e: GL]E}pC O63ow6mH[gٙ'SJpbve**ǽP_`צXM0T!&Ni|fCh>t96ZerT- dBުӌH_mT'QT]ٍx4oKO~9ZM0xyZ7&̆| wo;ͪvнtctT  "uyɻ f$0hSURjŗj>,0K6|T/KCEO 6 ktB`UMxBwSA @{3#Hf%~(5H` a/%Hs~V.̪%×vcwRw6C@诏 ǥu 1] 7ޔ)U)2; by pSI$/0By (]$YhIwG7D-(uR:pԷ i&""-"Nͷe\V2mUdfٖf5/}pASh(CyOpIG 24i1o`CgxÆ`fgkwA^ͼmuj==}[ _Q<sdXsbݦoO?C}BI^|z"ə#y\{䶍^bX3;ZtV`xӺS%lSï1۵ a yxp|C=̽cop#=w}h #A^N{$nS0c!4%"CdIvN *ݓ1~$bhp UQc$HWڭֻQ=1wJ`qyeՙĄjlEFb'; m|_ H+[WEA(ʥko6nGqjNWVFGf q@uK4Bg3WdWԁl`*Ef݊w`ܬd X$Gp9CE" .}e@vt k_NNv#,):{}$ 6p*p'@>7( )0AS/;E3(7w͹|[ ŕK}QR,Ic`(xDGh\UɥՅ~`Ά0{~L-8ԮZestT vZ4.wgmP$OE޷>/؍y 9]D7$Ic/$עP*g4,ߧ]^^zmG~c3m;]cAٷR£BsU^USCFJGJE׳%/>m( RJY&?ڗwOǒP6C15Ce.HROaZmdD!>\-8Q3FzѳK{d.yKS2sU!K{"$fb0=J0~k*Ԉ'5xzl$˺G6V@=o`] Q ϜuWZms\~ߣ`o RAy}rp%A"VMٸ*c~/|}]9GNn*A$$&`G9wA"[O(ݱ\C9iXH+)'u-lŽn5r* >J|B1\H.Wo# An{uGW7GަY{Z!WC݈_H5p*pz7}xK#YO%5*rt Boqϳ ? XK>k69[&W:=M:je/bkELbԩh9JKA:K\w=Hml 6+YLeo0RlF6/Нk1jLOy'adh 9f3lWX [ D YCdM12_P&Pa tȧJbN~)f)2ۋW>gC;hUkAd< ,{*ܷPT`fr jgȧW 揫\ipXOg0;9\u%}t@^1t-IHb[>F&o}.rrPahZ =!j4IfȚnC$:-$b&Auj7cM3ѕ;h; WP]8ު@߶MO!(*{x'k40KNvjjs̕z_$ KEGցQ@[o."@>QddvnwZÍ "yƋHXjnF2R=PD)*S2!"@&盜(Tf3 iidlk(H">]B!ff=ejY~*-ի-iy E^_Sf#}вJ4vJr"j"BEA.?Qcg)*{RkO+6~V>zqu?&b#k/IhBb;7mJ B3;$/TC%VKq^RZeկKWNQzdEb28%RWpv`ZWވ*kCMb2z[0jO*wD2c~Џ3I7"{0ŗCbNت}*Lw a#VQݤ4*B KrT*6)m[`k)B2 ]9$rN&{#wzLbhX@Fn18`<֢OhK+=WBq=ϲڼ6{THHQ_#>J*8l``n4;Zl.ЩŽf|44#r`|@4t g( fhGIuޗ@T{B /Jzo)=U]Uq>TKEg>ZN5%gk:|T]Zj"s&l٠ ?@p*aGYTg\U:qQ|Q+Ct{KkavpqM+3JQUk39ùҶrYH}jkD|Z[nnڥ:'Yz~ [kEY *JPa]d߮ ui4NҦn(gfD E~y6Y:IWdۤ ^puJPiY>OPH;za<-DR xxl"uc@'pKu>56KI ^q 6޾n-%H{q(){R%'߰qjg %qS I-Z8 oLB^\ƃ2y}-@Vi b[2uF R)::>аi~ Ύ,Թi+F&/Fr-)\6AmC?@5Mխq c&8j`BҪd{\6SV,RR45(r.4gh;_~sQ5x>]4 rҊ $Ãy&9d?3w m`wG*=粌HxHoQ:%FJgU,Ӯ\*~ZrCSUEJٮp:&*boZM)0O[D1@}Qp7QJ$,rc7l V7dYVS O X=ccVN#ȂD? lVt[(ޏOP.jQ,Cᚷ[Wd7ys]q5Z\5pgHrt jFؒf̫l j BGPY1tMUV h,nJ/\7ICt__ +5'hJZ(:6"\#˓(icĉHs:q~y1n5ن%A]yZ3yȹR))|bnV"U @Yޥv?msaPq-@35vRETޙ\_A(1*[Vt{-sU>x:^UdQrPR[wq9M&kO֛Ml?F&}-72 Tq=lXtwkqtB}BND~h^ZֵGؑ(N 9;Ĺ؅&U__͞.pQp_4 >9o)4$čNv-%F$_bHԿ{𪭵6ZO:I8v|U%ѲU8\vǖTXPA'p Q&ԛʵJpZRQ*?}%[8;vc.QPb/NZa#+~4r=#OVxa:&Ti-i6ª0b F{}Lx32JMYR3kLxHsoWBP@QPץLԻf}1wZ:OJ&BAHocbrFMlodv#!b]ỤԊ$A{$e<#ޥ:]r}C 2V]5Os!RFd_)/vJY`[CA@%Hv#b#q154߶E'ԇe@w\0KL jmQ40!簞@,6sQĻ@mYdh`+lSW3`mq골4W; (9K3D:tv4#kg(A?*P(A(o,bps 3-v5.܀[9. pfVp̓uh'Fr%#YCb-#{:߯~ N~3z CAT#la98sMfQzbI書>Y hW'XgW 09\띃P^J.5µX(5f7ٛp-v1D4rn;F5: `N sOiuَ 6LLo >0wTu,F<'zѼH@`AՕ+XA.sZ[1=kⳆ ^t3fcʁjFCFmDWsҘw]xnB2^[Au Q R"R#ަ 0)dYYvwVGDl+*3Mʐ4rMBnw%J!Gdmu8E`>Y[`ϭ)tCR 9eKYl%Tm ,}pc,&m҂iMg1K0dMecr<:C|JrMC4vaӐ" wbY$/g[i_HDpɇ k^]?11eOՀy:6nO\is^ O?AG۬/A3 ;rV53a3:D5,)6nKRRU/$1ꒃ n+l H, @bctp.~ "Z[8,K rR9tHF`,gߛ<֎f3Cu;P\LDw-lئ~v.`vCJ2¡IZC[,0xĭWɃTN=8%ec~d)=Hx$$+sb{X`F?!6S KLׅGctҫa顩 x W) ?|AH.KhQg#C dWP/f85ϻ0GlpexISx MSQWi+u&&qy|?y.xtIgs|`i&.D&֟aH{9Ԝ.%RBgmQo7ydrO:a餀MXScPTe3[Y GNwy\(\xPzoh]KJ:r_VO^ ,ơ%Z)!ew- aw䭐l^n6{ %ʊֲ($n,b]b_]\o;nQl]M͛"T%QǿÑjN+1 | j1.7ncCŸCBE&ئg`)FP6!X'o_*O^( W)}+X& Ur@'Tv }t>ևƃJRmN) ƹGi/xӔg)FIXpmAД^ ;2%r'C'uEJi`B{)GGw0ӳ<մO "+P.KSGZfaE9K,_;O<19IK?`Wg֡劒 m3޶5ds~B9rQ= Z?*sFGPo[]`_C3^ʨې2"$sE/ju:a&NC/#ӘTYB=nm0n2 _6É1^G@Fl"A:+ :*rB$qk8D?N{7LoC'Tn sS=D`sPѶj:kꕖU6] Ӭ'&irP$Uqq"mw~09n9Q/{:9c [TG?PԡTߥ9g3]$!ऺZoWX9pl4rX]33SOǐeS!O rv7$tl+,9}٦@ F9J`(tI\EKdTҚ&X($[tk|~Ld2 3o$:tqwԨ?[E5D %)-L,wziaY] M*tT&Nnj<5%vi7-R8@7h E3T #s&6H|l;0 4ʴ#ѵ&B;x QLa'@^i#\%(Y!b[4ncʀ(hSn$<=ETR!!m@Jζ˵8#W,lg[rSGVLEK)ܣUضqQ~=LEl3tޏjLLІ6TK&QKS:7 %[ .3A㚸%O,yG"8d[4Ss3mX6oN &R; hjYrKӃ[g^ebnn(tJ2LHMJ .#2 r/r$cz[9j䕑[q֚VyXdfl;:]qt[0WyO/n3g9}S cŰ 4Q]w]dXue9mO:+w8Oj%כ LC{LTct¨pjN<5?+Yz}ϼu9sҥdrTxa01"̱^ De+mL3B7TًL0cRK'ɤ86x8tQEٹ;0D!4x݃ Q\+O9mTI1mb0g죺i7mY^aU`[=rjfyd>YOxݪTIn0bG?3TbB2Ct/(/)Xѭ"uݏwH{ZzȐ"߰7Jtaf"աԡ>D֎Dn%CaڳU1cxjhO܈1`h;]V`j{/ ' Bj6<}(D'ЖQg'@AgW ՄLy XjtGqK^u$V7(d1F5Y&S8ߌ?+jrӱ L? Hltʙ5Еx 5ͅ=#(Rι O`_Rc.#j #ܤ=֘ i-O#j;h,fQQڦ ƯM 谗 ȍGWXDO=%M(Y>Aӎ::=WL )XYux@mejHψz&Km=(,E˦^8Xq !:}#4x/aoj'yeF D7z޺*AjWcdԬ9.^=lKErӢpDkR&G_n o0wX !`Z.kxwܵAfG?= 2-XbOd(:5г>E4U4O̓t` `Ze#l]8A":RFfu&ƦI0!(\3$fKy36ZҺԅnKaU9NZ5;_-U !*Ѯ|Y{W\.65|.ioIdd:9lfDu:h慵 ͫU_;eVנijjӆ)PeKYihfJC5 ^4GS :5W>êY*9;]bFls[c$a ɁM4`˵FtSBJXM:bmi F=n~T"vccAlY݌@z;٤G2&>-oq7zRϦpU; P=)mM zC_E&LlZt9Tn+#%m/+7.,&jh>.Q[ 6yR\kxq>7#KZڙ%.I*܀/%u^MXxmk4i1lVn,MT ˱Oľ#B?I7 rx7{?ңwGX>f*_x͐(ۉ#U* t\+hQEF_\C^ M\\=*gŭ^u 'w?]oG_FX]vc_ƌ@ N4lsg9d5|4E1:J=-RQdYв( :03! FMz#߄@B2`v‡d:FUnro iz䝻wL8u;SߊQOj =9{eT=ү`]c6Sp[ 9/%.KB֜kuq `=iY@DJWFa+f p}Rd^\KY%Οz<{ϴpnb^&:σ}Scz6ksWhnm"i+(['k?Ia~  Hx 2&p? f4҆D0,^)9z ˼h3y i^,1kE,ݭI2)boC?oݿMdnؤgt)iZP:r&=+ׂ쓣Lj]Z u𤾸P_y^X huDM;dpn.bDǞʔduZ-dJ]ީI'' QIW bى7ЄjY@׵w 9 H'\.ds(?-M , |vIzABNeu?dob5%Cы駶蘤Lyiubh1/C] S?F`l8 +dC!95i˴2FR4t7B/cxvF{|W$>ݧAcR1U/wUE8uazg Y?gX*FR *+lm] !:y.ؽ$zlP͖PF@sYeb(2p0\I/EmJ{ 9 CVB_/1S5}"O^JUd9{~l칏/z7 4/qն|%VcE9`p#75U䮾f'δkP]Mz6Sf C߄H6 wX}:TWǍom}zG2=3xOp!;N]*' BWvzAB[C:xubʼ{_?dssK̨W~R8~a+Y Zb,%NuRB4Ww\'C F,ZL!p>Z9y~)qb҉ٮ *%;)V1C}'.֨6_YJ a0ͪ8F[C F<랗 j7ʦ%% 6EE!=\-jY/#E`}TŇa()>Z=~ۋ@+`Umw/Nd-4vȂʟ4?ۥeZrQ^g+ Vi/ v Hwl<68k4R-ww_iw/Bo}&+۵*f}-.]BpV"nB(_,HdUaVY/>xU6B{nGX4tq\#p9e RZ♍ -Yr];=3<_$\~/D[)_s9^jĿ;򆺓C nL$qZtn>܇)xC9l)im˄Sl7RNSf^e^o!y~y3ÜE>&j_Wth)d%5 ݢSyMs6FzkfhLZjq",g}PRE|T#Wol•P$J eG;r+$BI+\`+Ì$J2Ykj as3:S}5_f^r*N>2 qkzeV%A**L/P{@0*k ڌ "C)F[,lnZ}۱4|[{ P#ϝ\QB LyEoQ]ݔcYZ*LJpxmWMs:urZKI/TI+VW'~葻aPvI5䐼pDO]ٮ1!W3I鷶-|x)?*T2 vS6 xnw06Wdd~<}J 98!Bl%ң&͉ס)XfД]YD/mO`j]h 8F]gFNL.h%?bFV?v2<İ҉r%y`G1FV% 4?E7BLf4?V {;Hr>S$ܸ*nQ (v=ϻp%eh^'s}2?.[ʻZ!ãJ=^mVcj؛0#C4h=Ņn' k5E)6X viqx~s4,#Elղ!Cgh_Ьv2nR&s3k$u]t1 UBsDLD9$n7`ȒE-0 Q;N[; ̀6:BT͇:r%(kȨ_-Ȑ/Aˤo fB(*n %w1&^_@V/r2V,G.? nbXF>MRA,ϧ] XrT, o?:=)zi3#/S`?_{1j{>EmO'!_ر>($ nShƶAؓ%jBϹMPc ^uoO/='Z1x\i@jC̥oX4!beBM/7@殿%q po[q]!$[mC9$AUJLvz(ޝAqk` Dg A0&1eFzl:ZD3wu`=@/wc* F+å*,dۂ5' /`5v6-Ut('fU:7B{@OON$.T00T{M=l A։FX,I8 E6l YPY,!5qv&mFZ rY>%|VJ¿ISeKBIrk^O 4e'(rҲ|xu+x`Ik{%2Zͩlo؈HHPWKYI4@dufIY5u#&>w[Rb˃&(KRR7h;T$6NӒq'؃3|T=CuٮʐpP,n8`-k3o#2|ғ?G8ԝ:XbB^'UAKƧ_um-D^Az1t/έ=xy _Ez oķˬ: 6 7w uw%K68B:nsSZTpb{'}{c1/۽<W3$:,^lU<ePh:t n,fyo_K5)veIY D@k´AٓZk:]*۰hV^}A[7Zd6<Z?jSm$c%)ӴXެ[#t01q(`|8tGns)Fx> Id<Sfe@d@8b۟J],> iy?ʴ๓ 0 HdDV& W=3ThI)aDI#:|#=#Wu-Vi@&K k\IJ:B#WE9 %PDE$mdu_L 5Fs/4MdE7/9m+j3P?к&K4ڏWcZs6ܭo U>C{9¡{c+J@<ҚΘ/L@A+gQ^gw[pъ <#Uܯ\+ȆOSXy>8G%k*+nWBhG}oŊ/)l@#Fst[wn=>xEL)~?n[fNZH ^ 9mj bke0s B&)w9#:^)3wACø'&*6D:V?أZ?X܃=?1^cl~ϴz,:TբZ9(/}s$שSJ20poG xX%wrCwNEͧұ-ۏ+":,2F,d;K^cfmd@ )kB29_S/wRV|o!eYpFOE0VCZ.l@`0&0|Lgc5GJH|7|햬f?vԑ# ӓQd+ŚU<҈^{p' ~Ty3f?~tH G ,LZ~ "YDn8*[~+XYȂi1(!^M+K=3P4&сt5{_PZ~Йf$ԉ*QU89CDq=g5UYo.~hPpJk֥upXK%ͬe>PsMe|Wԓ\D^Psil<a]'gIƼ[QQk(C^+Wj _ϲf:GA0 ]2h\QLy+˸%liJ[0P\j .\J0Dn>Urh ,_Q҃悇<@ _O_ sTFKF_ut4ՔO cthO6p\"t`|?&a1/p& ZF +MxK3 V~duƎn 9Mz"('aev$DQb(#*fd%%s YDIW X 8 ` GH`CTf:+0H6a^8Y(U,jѳY ש;-G 7~l'[RH牾ىN3=oXl{m~FПL}e#Q'$ ['Rۈ;)WrKVEg5fQ, OkK#Xm&{ʏGss=)msx/-3) p/pN]l"PC(W =A(nNHD㌝G*]ȊP$[71^QZð3 =[O F5 Y5Sp!,OSZӖ gy{eTX_+dUiFR/m4sLqlX2x=`<z7n3_ol6* ŦM62I诮@wW8;4~k.e!r,CRfCQEUj,R=W0CaZ\N b|v3ځrWHts#͠+؆}ÝCⴉq)k5̎أa*g2>6Z:p1u%w@8{BQ;r0hNE7x x3=Pq1+T./BLkܽwXH1 %pXz, Tdg2#́o-JFarNhIB6&: (V6,N0[A«+]~ #qgsŠc–cǠl.ٻ݅ /|4 _ 3ɡPv~BK XՠszJ HS915i*=)Z(2v[Ȝ7B?yp_+RbH1݃O%=}8|]-_f 'oS0^,¥@?mZc 2L`âr32LqNC [FwqF"\wjHB1z\_DIJĶ+a5ǨZ6*$'~u[w"DO_D?[<%-ED?W(4"Q;T4/o"jۄičHV<[{n%R1  Rx?h7/|#MjsʛPb] S~ ÉCԺ>ѝB5bmwɢ2TvPZg;LJOLv~m:0s**ZIn`<&m s"H嗂v kF%=4Z:UEi>"[79m̠/Jmȗ 5rEG5BG «{W*NjTW5+(&r;lp3>k@$xa)T;:h NYDN1m XL1)<l7}&͌X1]Z\YĖߟ.럿wXHT&vFYu93 i*TTW\SV&_sDc*u1(80IȢ[ "kԈZ43e/XYN8L,Fmz=3H8ikԃA?.5EZB6$gN(+Uq˲#+fh'XYv dPA sLQ<^0sve;ɊU2x:e#3泩?QHqX٨ڕVn_ = {r< 8aO- _LN`kfU^^5oX!H´=3x3e/_Jb 3g e/|3`j].B T(SD5S (D'(&zs?^ y8q&+]av^hMJ{1*l?\~Y,|jJk K!SǓFP^$< -i&FA`Jq7u2~PByL%.&Jw_#0CZ QǾNꔳ.T\ ~ #3r]XP|Oj=jrҗM`ڿs?يJq _5OO)i$S'9sb!oaSps`h`6vPg+[.Imց̈́s:900D~sE:r!2kB&ZBzs<-f ʩ+^q5B\,xr|n4+6ܮ*M WcL݃ϲ{< . wes d阃௓T,Ze}aǾ3a;B+5MK27@9faq?wyx5.cc\miy.%_j ' b/Rq.I~!ϖJhqd .@F'X~ E^j/ySB#yR3o*9C'M @R{?ӍS\REkP݄k4.=1vH) u;@H*y!GG o뎍ISk5Y 4_5!Mp"R?3%2ؽk{e75lKBLsf4{S dž= YˆcI[ ? |!^Y-M?:]W UV6XCڤO6ZwRaim 7Yu,qb_CÝu bx>O}DMJHG DD+\n5=JI3S8NpU*g^fg.a$`&!YR鍡WdJ)$Xz|^v|O$7)/4S(>8zX_ND t]fx)fsb47Ts*I -m˪Dw,_ﮄV!%yaQhHP#6M.}86+ط-eߐP؛b(Fh(\j* LH/ ]nkƌVOy)Zs; LBJ# [w%UEc}H,}9B ht,ekvlNVv@{^ J坽 mRH7%IԧVDu|32mRr*_Zo C`gt`EH^Ƀ˼^%;ϫ23cy>``,5CoT5t 뱦)<25.# [aP|rXh\A_:kcnjrLGav6xۘ> ge%V }RB~lߙ/OR[Ƃ̧piX%o9_-H,!×?AIJULG5{63 yʅ< =ݩ_zmWbev]J>Sߋ6c^33xvFXܜ{ñZ4v\[9us?2֬,OaP*bd#!rKSJe9.Nhap(!Z4F˭(uZ7;9j@VU)؄_CWvٕ&Hb]m5yW?o51~c松vs&(qb-H6EfI5BN3ANzC7ēyXo Rz~uoLj;rqJ~Ivw+ |FҎr'XaK1y%_RAd n=lTlW+ד>w"c'ʽo [mw7KiJ:ڎV-6]gpvY"t~ғ4ZVn&y%#]W#7Cם=XkhU}SVH>t@Acs$KkQ(5Oq);} Bx6X&8hsVN׽Yb,<ja@1IZn&˃~[.b@izV:_2P}{uZ~Lˋ[]:8ÍM҂R2Ě3}3c%ꌞ!yY]huBv2X<#o<3= d>{RmXhZ=βAsd9I~ڱNuPX |6ˍGcInD֩_`̿ .:YIS1˯3. w(R3c&e5+bc#\KIhԻ,z?%,G|;mQaT)0Z{0ppv>%]TߒOKrdyAl'qܱV cG{I˚4$ϡZ^)C܉BIQv%Ȗ'uVOR )mctg:&u$i g?dOZ:w"(e[ʈ:.#< 92xE\jD%=H@EekGNP" 7!2:==VFxv琊 韀0n2ܐ՚bt" ¾$=L7Oě_#x%4&(Aܽ;}TNAl1 c,Mq<{L.%"bq^B{8%3ĔՖ:czBS[w];*e{ldӓj I\}'} ڬr4iJaȸ G R47&kz sXzz)olGϸNɤ _B[=DV g;v٧>o܃i W}Ģ:⮾+i \`" zVyf+Khnfhaʹ!)呐4eDA/BhSR[3g}ASꅆB5_:SUt2mų`oÑ^ҚъZ ȹE',]lPNFo >( @آtSXR %028?R"+ao[}V$GdpQ@t2&7ٲ MyȖ'v:BT3ޕ({;5ړM$_3K͑'4ptF"VHYte2q,*|ܧTD^7 S,%J$A :ÄƹA p~ħ̣jvQcӚ0?ڢIkL)>HwWUSN Rޮ[a: zLJ0Jz}^~M@( vOm\PsF(ܧe6d2dHBTfr*r?& #AG^ɉIAQm)0_4Ő;Vݪj Ƭ/dI7",LZ'O:@Z*AH xzNz[z묍!f_ר`T5tRuƐ|f$֥<[l9-#c+ö}@G_M*\wծ$)0g9\}5Eaݒ9D&PQ-+_lL˹$ B؍f` m9Q dXafm䭞/,QڪFdXua5/mƸɦBRCx`]@c{,˷O' Wyu;y1iAQa!#7-/$NxV̧m9Laی>8SUkr%7hb~k'rS~j ec 7@x$k n fg.X1K1>pξCQnv4)Mqxugp >*,ddFмoA3}sH`ь=s-,]Bω$Ru_5h~ ޅA Zz{1|ErC,{gq/<׿Ϊx[ >Gƒ?B@| . &`u~90%DviWFvD0 MZgbT`KO;qm˭8b.߱W[(E%cә`\_v]+gg^EZ̧/Y`;Tk[hJ4jLClEkB#ˍ}|Fbeh4|W{aY <_iDXf"ʻ ٦ xm>1>X)]MLϋV:mX …Ik葽bþ Y~pN,ʏLZƀ M$CIFܻ(TM@CYh? .zfWC132 vCQ_I҈~ݸLW,e+t!f>a==+Qf| m C >>`cxYeNhWQ7i#dt\ќ1{a2M;yYydkj'@%qGwAqK'9Ie=Kkj Gb+=bCʨOv(TzzJ"Hw7n%Gp2#Na hNjϋ]bR HtG 8;9TS4xs/x ph5Jbfe{H!≮J VKfLaևtEeҍ+SK+H052.X%?aJSNwv9DWt&tަν̃!x ]?AX%NϨ"PSBt!rч~6-#J˘/x#u(LRt[u`wOs)+#%o 8G}"V9 j"6azU/&^\iBXPEoo:B괶=`aC@A`āW+UB[讣 2fG9ع2g2ԇ8vC m?hhq= O^=q5VhnO#ը碄.(݉p1,v9a4bO`fIgOv*g>MTUM ,%wmT# Y)/LU}4\?qkD ~NPDt/ܞ'ķct*B{+C;[3d!l|M9:Oz~ݦXHQqV󧻕SZ4X@ -0wo~HQśMCj9B+C#E53)b_4՞N>kR?*{)(\!C+tqSC!v_0 ">p$'NM|vdž`x!"'+I6/8C'??WQba~2ogr5AQ_om1u,YMpֺεZhGPxOD _t>qw{|iOQlh,X}|z |;\lyJK߽*xf$Wzi:qxQ'b )˧^J%|cݧ n %U\@,h @%$?^(mNb΀(wRNr3rT݁%4.a1فxV*Lu.jXѪ[N1x1%d썼2t} YEDc; 0rU<O؏ߗF!} uO͘c0 j'epz z|5C43: )Ud 2F`}AwzT@/jm2{v g/p_hI +-1]Q] |S\VRm?oĦ|nC1&'^/1稀M5;&C f@ChPGN賍,R""ӡfUݎdUuG_,xuq~Q -R4#{0.⠢iԮΒ$[CR|?MhqCΒz+ld6P+?&3Od< n6ѝПO|`v6ڊב%r<Ö)KиI?tV*ٖĶ$'"sy6XWQwkc^5 WOnȅsx$Ұ(ޟ;nB?,ގ; b0XrZKc8\:'EǼȔtT}P` Ǝw[wctd~x,1;k[ gV_jwh@ii_7qtdke\!qoMc2wA! AuIiW S ")9Al"{>!]iuJ ƪ4x&/fvphtK%FSYq}T[ pC@k]MV  _J]fjTR <=A)8(w1^D3ucfvzפ@-5SbY=ұS0 a2X> WF1}ግy?Ca{wz͟-]nMvZ--[Bw#k(3K$Zyk\Q,Ѿ)dypA0zUV)*s2FZh.&ב ;\w?;|ԲoyCS@vD0I%MI|Ve`n`%l3Y%YC92<D9qYsyMl*S6Goo1 4G({^lƪCu(lfT䵷*B@?0dLKQBw^ud 6`5Z@H_ փ[oů?FZ /GPBZ0)$KNx*AA= ְ,t~ 9-e%(oE֥CS {C5WlOXP'ysIGڞ 6P"#dh*?@E)rn\w<>fN"|.qZr; [E+ .e||% Ǎ@ߋK-_qǷCK#NB)TگXAKW|M9Fbq=OH4` )ӏ})?9kl?Y^oƗ%E 䔙gg˚c'cTwv24l.݂5v #~ }8yCNק.s2J4l38L2!9tQs~rCg{+VE 3\IF6wzo cˏKY5WLevp]ۗٝݸ`N6ӦµBX^xlY?ǽWIy-Q +h .PMr .%KIv}#̄ u,sWh!aPx|㰊cI`nqG.Hmٞu)9G/L‹ {c .mfo&( L␴{ R?6z"X$ZJfq!G"Ulx\sIX!rb Z:0u?1Osd_OѮkW&c j B[~vm= NuSD3n,/̟cLt㥍QCͅ}ް֚5S N<ť{e%+П_9@WVM>/9ކx5 V^˪RN(ؐ; +);QNH]?=jxS#4;Đ<: L'-G#?2dMJ%5ybt 7py1eS&9",S޻*)LMj_ "YU,ݨSIVAłG'վ\vݟpkk8==I.VM,ŌSB=  ٕ]`2(+m%'R9`2ynx-{me;^9Cb32m\)V#x55E A6+qdHqE_%XUh`EޓG`d$$wG NWCP֝)b) S˙ym֘SH=V^rokdW+|u(Sd,9izOJZ3O!Z=ׂ_Acb'rrv`;9[m Xc6E6m2ULv`K%vK>,Kq>~vFN8H#FN1\$:H\vjJcq`||6>{T`gҙ HܿlD~%iqp>1ؗ)hkZ;_H EyY9,֏'ПMcJk9h"y|P#7M"UւfTN}?[)~r SUB|h筀 ԄDAO`œ=6GL:nQIwdۣM;aV9m f0^Sh$.X@uk(vOEr}| ndłU%|[,B?KV9&~t5jxEOCgIOdLPȘ8i7!$"7z" J,77a|pT$ЫDzo־tM }hkh2ͩ>c R10 4 ߂+zTЕ_Ƥ!#'2ˁ[Yfiozns@tmRN5mt ,+_ťJ%^W屻32 &F2 i>h|D}/t(ErG zr:ӯH|"4ޙ:㪼M fbuDg`qfn6hmE5%U0;Q2XSZX$j/Wi}6ˠPqnkdE놔 |!-R#{.v9H]j.qR?2J]j䁓7.f>lAD Ş&^.F=x93"` bO&Cqa ov|WEdݎcK^'6xph6Vzagpܙ-@xp[F]3Qy) Z5Jć.&Te )+ÏXֶMcZ&^tbR E!$uå][@d`ܑ+ЃC}VfYڏ\o\L9vSʎ|"Ry$*Y sne!rjl;XjD5N>eL5KP9iR76F_9d#pqЉN^=rVQ{lrbaZݰ[^ߝ99%,|/>5] *'7_rS  sX||G&Aqإ0 T_2 sM뎞MB&\U8'GI͔dx6ǽmXù:͋ Mz#FI$؆gg'r3FP*Z-{:]\^Lc(6Լ^5 b 3@R/RbIN;zNO@$B\l:2EM)) =n{ ИwfOBJUdYtѝr*a"$at\jv.fKŸkBIk(1MD|l,枂U#Jb]'430c}{xn4Jmp+IzoPdXH<[ YMDѱ8 YɐT腚FusƪLbpSoGR0Pz:gb|? jF *.erV0I^ <9JߞJ  [[ir HmfJjJ&G³@.U9ў%+ՙ1_YwV=øăwACP5N`uhGIP&ɘmKw`x2Qh(3>Pߺ5PZO(eq4A0ع$?L_ ?.g%zko鱲DaCJk1W厗=;X"Gfy@D76jpxy02XO)6+F }uIp:سe/bI~۟b!;qHd@PԌIOW(05. 7`-=G2qlt܈P^6w&SYcK,9jjgfi*P瀽n1ݞs%}@n%$ƅ1I 9(8¢s|E3f6ާ+f&V.v>A pX"Djz8ʀD0FW[%Ѯ;`ɷTcmf{gdt_<&g|q5S*aGg ;%6❽yP!Mn=Oc5˱Aӄ~r\D4UxX?F;4ўK jrmv6Ҵ v(kΧ aa6ne<ؒ$ `6Pzҙ񦯴i̱WAppR'*5 ¯4P3);OB 3 hLGK gW?OG62|^_5l_g ;BL\Q` F]aeH3!ť,Ťa;^P@ȳ6x$D} T1 .798\y ৃq;\Yu` e^By!FMɨX!UdQ1| 9Sd警$vp lcj:9#2x&jm];ek:GW̻;9S^5rE(bĂzC8Jt@zXPz= ~Bdy8r:+~^sAC*;\C\h]M j.CmP+$ިi[S%h@ҏO(ʬZq%Hy:lX}?:< Ǐ2:2K PzF?\IU:{|.ԯQ0Ja}mN^ƾ0sHe1s.u(-t;Ozsu[k=ZfRa5 &-I0MqKQdt])dqX~n3 qeTn1l+^ok|HPj)N6Ӛ!Q }'Lg!tSwY*QT*s4^4?6)$ ) ¼}-[[ نW;Z@J .(Q$2KOčӕeE%""u EOyK-e-RGAkgK{#-ݭ>[x1 !}X.f!"-+&ۢbN01 VhDz  R㲶ޱk3BJN/7ex=fh̆&D^VYuaDxpٶnɍe\ dX6h%#jEJO`5~, Vx?m_V8s*" ,ކKmu物^\M_tёZ*Fʣ{7J\"4wkyF'%$P?qx'qO~PgGQAB@1)-A΄P 5HTl%=jkO"ao>pvz5.x7,Qw!*i)ރ4ɂ[Bi. [CUꭒ\C|ie@fvV K#1sc/JUnB.KZCa4S53~ۉYgL^⼅p5rNV\dßV(jv7VUL6:<*.z%7U[}SA8Ln `[/%ZrgWLzYqfRV^q9!5{B@b︪@ʡzhcfMi@Oz#x~ PԽ/rשϤ4т>R<4K!<{ Hv,Qbv0&߹݁aV{,CJgR1^눨w˨!eF-%B.Onk?J;9Pa5#Y k>&kt=Z2u]nڏt,̼Ze*U:1ĶThzƢG>"$V»ߍ_t{7| AnuL0k[x6sކas{<8 ARd)֡h܁%Vx4]lWVJQԩ&I̋,6 A-e4}2 ;+Pk]`H$.4 VU]1ie)3=%6iC0>-rT}.2R׺y„V=Y,ZܜX׼UU%xBŋ,75NnaKh;, J:#d=uoqiy?6u;'L0" !51U{i&̘ףvX E,.3rndX;y o-E`sfᐚH,[eSK2F2roX9]^ǘf?i͵JzIL迡ѻOA(5aGxE^_R Ʀ+jlu bZ}DL?[ڑZ%`kh؇9ok(|R`xȎ^K0<ΤOH5gsIriyYN0~_˿7w )E1e{t=x7ZcNTT{B (Q#Ja@N N AG@(>Š 6K!՛sƤ}@tʂM#S-n]Р=ZPsnZޫ@Pf\ncS3[[߈+ AL| 6ِ9һ5K4Iu}N3# 98]KHP ]9snmBZ:Y2 +GÑwVȔb%M |dlz|wl-538DN>a9^Y1֬&0(-6;qI+F_#T-F 1 ZrG ٬qmT~(uF*IHԲفZnwqc ondzo&o|%j8,`^5*Vgdw< 41@抌WA#PW{}r9gloi#ȷeA[7U:=Q g#n,n]ʈl&tuyz5`P$Ǝ<>;H4P-O^ l@)(Y_<:"u%~Or~9{>L!ˣn Bǘ&(}#CY\lC 枼PQ9,0)FS:CM,B+%kadi$"r- Ֆd.xhL SG؜(N %GUT pp9#4hړ/yXNNLUٯ.-K3'L?,2yᐊ-E-_ lI #xU-g:І@iZX n>Z6LC?XTt\=vza)ɼT6e~RJL0S~dcJh7! lP}"<A 9tk9y1^*Mu # z=JUG+J ittFUp{VD( 녾*i=׳!MJG7=C<*9 Tphmr3fC3ԐXAHSqCI/݈2r,3)Q9(r̰ڇew/I Voڰi"St@Ջ|t;Drɣl+4Έze1ŏL٣W䜍jPz*ې/U' Ώ,ff0Fߒ"pѝS:f"HCN ȵ5jءEIi >i8\'wfReөv4|a8CGɔ[3z4';'3`R {& Mt$:#ƥ3]RZD.0ك}rZ7ux_-^ˆDͥF.yrC\Fz'ЍEȞuqhiZwnI*G>7Ytܑ*:d\ ܑiͫPHw <`i|'PECIY00o3l˫P %uUKo--ٖX(C6VF.Ov%up-cM,s/uN{֯ڐbaG||]QQPS{V1˅&F-3!dd8<}iHߧ<5V탄U$NFZ8k_dY`!@6En˗c-:-y"hq׸g+2HWǣҴ19A+|nlpL&4C1<[O&f_*ƅ0qma9tǻwYuS̞ dlP YZ