nss-util-3.67.0-6.el8_4 >  A `WU]ӡ/[c[啳j+jo qp)K*r/Ks0SM/71tn8F[ݨcn%CNM21"/#Қ}5쾞oz?ī(yD >=cyZBם:0nK~]``u*.)A?Xly/X!zۣ<1C(R>(ОώaicY+5Gx쨠G^ȹKmξ1G. Re=^X;9x w~h|6wji^MDdmH'CJIb}7Ő֪*Ie$^IU*i?۫s@oy|t1 @EȑQU;.'s"8:HDn"OYb4N#c.m:X7rM[a8m1 G͗TKxu1Wre54bc86c4f55ebb8aa444ce6734e71752ffbf3784517e78ed61054cebf9ffbd2bc14774954a657e073ac48ab3dbed039806f3d3b`VU]o b\J2iTl)0V˜Ƅ2^jnzE!.ƻK5>2#Rf+O5,txPoQTN{p\۫Ҷ5 ۠"yEʣqgM9ʑ5:,G91 ^aM6΍+GGm?%$^+QQz Dz "U#)m-$ aSEH^֯۔X%SRr} & 0brQXz|)(Z.?D~ʞ 5~]h96b/e|)(+,aL!~1!ĺŸ U7f>B) .o.g,%!X\ګPJF-ӈ)u% Q8$upvJ7:JʚߒsSIc-㻞"J 6*;l$&iN٣XP>p<8?(d   F $,D P \ t  $<ZxX(89 0:ZG0HHI`XhY\]^Pbd2e7f:l<tTulvw,xDy\$Cnss-util3.67.06.el8_4Network Security Services Utilities LibraryUtilities for Network Security Services and the Softoken module`x86-01.mbox.centos.org PCentOSCentOSMPLv2.0CentOS Buildsys Unspecifiedhttp://www.mozilla.org/projects/security/pki/nss/linuxi686"ĜFAAA큤``````6f3ab123f9f0bab91c5e8bff7e554b19657a26dfa11d41f9efa48526373887d1a20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4../../../../usr/lib/libnssutil3.sorootrootrootrootrootrootrootrootrootrootrootrootnss-3.67.0-6.el8_4.src.rpmlibnssutil3.solibnssutil3.so(NSSUTIL_3.12)libnssutil3.so(NSSUTIL_3.12.3)libnssutil3.so(NSSUTIL_3.12.5)libnssutil3.so(NSSUTIL_3.12.7)libnssutil3.so(NSSUTIL_3.13)libnssutil3.so(NSSUTIL_3.14)libnssutil3.so(NSSUTIL_3.15)libnssutil3.so(NSSUTIL_3.17.1)libnssutil3.so(NSSUTIL_3.21)libnssutil3.so(NSSUTIL_3.24)libnssutil3.so(NSSUTIL_3.25)libnssutil3.so(NSSUTIL_3.31)libnssutil3.so(NSSUTIL_3.33)libnssutil3.so(NSSUTIL_3.38)libnssutil3.so(NSSUTIL_3.39)libnssutil3.so(NSSUTIL_3.59)nss-utilnss-util(x86-32)@@@@@@@@@@@@@     @libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.3)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)libdl.so.2libnspr4.solibplc4.solibplds4.solibpthread.so.0libpthread.so.0(GLIBC_2.0)nsprrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)4.25.03.0.4-14.6.0-14.0-15.2-14.14.3`E`ݮ@` @`ٹ`̊`9@`Ȗ@`D`r_@_^@___@__"@_"@_"@_!d_@_ L_ _@^^@@^@^ۅ@^4]N@]]߶]e@]M@]µ]L]]^@\F@\Q\\\\\\@\I\I\U@\ `\l@[[[u[#@[[W[O+[M@[ZZw@Z|;Zo Zo Zg#Z ZZZ@Y+@Y{YY@Yn@YV@Y@YyYm@Yg`YJ_Y1S@XX@XX @XXYX@X@XX~@Xx@XoX>@X*X@WW@Wt@W~Wv[@WrfWoWm WbWQq@WPWJWDB@W4p@W@Wo@W@VV޾V޾V@VяVIVɦV@V@V=@V@V@VO @VHsVEV3[V UYU@UU@U@U>Ua@Ug@U[%UUU @T@Ts@TTء@T@TÉ@TT@T@T?@T:m@T"@S@S<@S@S@S @SSSSpShS(5@S@SRy@RJ@R@RR@RSRR@Rm@Rg@RD!R@RRR|Q@Q*@QQ@QKQ@QQW@Qw@Q]k@QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.67.0-6Bob Relyea - 3.67.0-5Bob Relyea - 3.67.0-4Bob Relyea - 3.67.0-3Bob Relyea - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1.1Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-17Bob Relyea - 3.53.1-16Bob Relyea - 3.53.1-15Bob Relyea - 3.53.1-14Bob Relyea - 3.53.1-13Bob Relyea - 3.53.1-12Bob Relyea - 3.53.1-11Bob Relyea - 3.53.1-10Daiki Ueno - 3.53.1-9Daiki Ueno - 3.53.1-8Bob Relyea - 3.53.1-7Daiki Ueno - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Daiki Ueno - 3.53.0-1Bob Relyea - 3.44.0-15Bob Relyea - 3.44.0-14Bob Relyea - 3.44.0-13Daiki Ueno - 3.44.0-12Bob Relyea - 3.44.0-11Daiki Ueno - 3.44.0-10Bob Relyea - 3.44.0-9Bob Relyea - 3.44.0-8Daiki Ueno - 3.44.0-7Daiki Ueno - 3.44.0-6Daiki Ueno - 3.44.0-5Bob Relyea - 3.44.0-4.1Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Bob Relyea - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.41.0-5Bob Relyea - 3.41.0-4Daiki Ueno - 3.41.0-3Daiki Ueno - 3.41.0-2Daiki Ueno - 3.41.0-1Daiki Ueno - 3.39.0-1.5Bob Relyea - 3.39.0-1.4Daiki Ueno - 3.39.0-1.3Daiki Ueno - 3.39.0-1.2Daiki Ueno - 3.39.0-1.1Daiki Ueno - 3.39.0-1.0Daiki Ueno - 3.38.0-1.2Daiki Ueno - 3.38.0-1.1Daiki Ueno - 3.38.0-1.0Kai Engert - 3.36.1-1.2Daiki Ueno - 3.36.1-1.1Daiki Ueno - 3.36.1-1.0Daiki Ueno - 3.36.0-1.0Fedora Release Engineering - 3.35.0-5Kai Engert - 3.35.0-4Kai Engert - 3.35.0-3Daiki Ueno - 3.35.0-2Daiki Ueno - 3.34.0-2Daiki Ueno - 3.33.0-6Kai Engert - 3.33.0-5Kai Engert - 3.33.0-4Kai Engert - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.32.1-2Daiki Ueno - 3.32.0-4Kai Engert - 3.32.0-3Daiki Ueno - 3.32.0-2Fedora Release Engineering - 3.31.0-6Fedora Release Engineering - 3.31.0-5Daiki Ueno - 3.31.0-4Daiki Ueno - 3.31.0-3Daiki Ueno - 3.31.0-2Daiki Ueno - 3.30.2-3Daiki Ueno - 3.30.2-2Kai Engert - 3.30.0-3Daiki Ueno - 3.30.0-2Kai Engert - 3.29.1-3Daiki Ueno - 3.29.1-2Daiki Ueno - 3.29.0-3Daiki Ueno - 3.29.0-2Daiki Ueno - 3.28.1-6Daiki Ueno - 3.28.1-5Daiki Ueno - 3.28.1-4Daiki Ueno - 3.28.1-3Daiki Ueno - 3.28.1-2Daiki Ueno - 3.27.2-2Daiki Ueno - 3.27.0-5Kai Engert - 3.27.0-4Daiki Ueno - 3.27.0-3Daiki Ueno - 3.27.0-2Daiki Ueno - 3.26.0-2Elio Maldonado - 3.25.0-6Elio Maldonado - 3.25.0-5Elio Maldonado - 3.25.0-4Elio Maldonado - 3.25.0-3Elio Maldonado - 3.25.0-2Kamil Dudka - 3.24.0-3Elio Maldonado - 3.24.0-2.3Elio Maldonado - 3.24.0-2.2Elio Maldonado - 3.24.0-2.1Elio Maldonado - 3.24.0-2.0Elio Maldonado - 3.23.0-9Elio Maldonado - 3.23.0-8Elio Maldonado - 3.23.0-7Elio Maldonado - 3.23.0-6Elio Maldonado - 3.23.0-5Elio Maldonado - 3.23.0-4Elio Maldonado - 3.23.0-3Elio Maldonado - 3.23.0-2Elio Maldonado - 3.22.2-2Elio Maldonado - 3.22.1-3Elio Maldonado - 3.22.1-1Elio Maldonado - 3.22.0-3Elio Maldonado - 3.22.0-2Fedora Release Engineering - 3.21.0-7Elio Maldonado - 3.21.0-6Michal Toman - 3.21.0-5Elio Maldonado - 3.21.0-4Elio Maldonado - 3.21.0-3Elio Maldonado Batiz - 3.21.1-2Elio Maldonado - 3.20.1-2Elio Maldonado - 3.20.0-6Elio Maldonado - 3.20.0-5Elio Maldonado - 3.20.0-4Elio Maldonado - 3.20.0-3Elio Maldonado - 3.20.0-2Elio Maldonado - 3.19.3-2Elio Maldonado - 3.19.2-3Kai Engert - 3.19.2-2Kai Engert - 3.19.1-2Kai Engert - 3.19.0-2Kai Engert - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.17.4-5Till Maas - 3.17.4-4Elio Maldonado - 3.17.4-3Elio Maldonado - 3.17.4-2Elio Maldonado - 3.17.4-1Ville Skyttä - 3.17.3-4Elio Maldonado - 3.17.3-3Elio Maldonado - 3.17.3-2Elio Maldonado - 3.17.3-1Elio Maldonado - 3.17.2-2Elio Maldonado - 3.17.2-1Kai Engert - 3.17.1-1Kevin Fenzi - 3.17.0-2Elio Maldonado - 3.17.0-1Fedora Release Engineering - 3.16.2-4Elio Maldonado - 3.16.2-3Tom Callaway - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.16.1-4Fedora Release Engineering - 3.16.1-3Jaromir Capik - 3.16.1-2Elio Maldonado - 3.16.1-1Elio Maldonado - 3.16.0-1Elio Maldonado - 3.15.5-2Elio Maldonado - 3.15.5-1Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Peter Robinson 3.15.4-2Elio Maldonado - 3.15.4-1Elio Maldonado - 3.15.3.1-1Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-7Elio Maldonado - 3.15.1-6Elio Maldonado - 3.15.1-5Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-1Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.15-0.1.beta1.2Elio Maldonado - 3.15-0.1.beta1.1Kai Engert - 3.14.3-12Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- Fix ssl alert issue- Fix issue with reading databases that were updated using unpatched versions of nss- Better fix for the sdb timeout. The issue wasn't a race, it was the sqlite timeout waiting to begin a transaction under heavy thread usage.- Fix sdb race condition- Fix coverity issues- Rebase to NSS 3.67- Restore old pkcs12 defaults.- build nss for older nspr so we can pass gating with the new nspr in the build root- Rebase to NSS 3.66- Fix various corner cases with ike v1 app b support.- Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC.- Revert some policy changes the generate ABI runtime issues.- Add support for enable/disable in policy. Now if your policy file has disallow=x enable=y it will act just like our other libraries.- Add OAEP interface so applications can wrap keys with RSA-OAEP rather than RSA-PKCS-1.- fips need to reject small primes even if they are approved - code to autodetect whether or not to use the cache needs to do so in a way that doesn't mess with filesystem negative file caching. - add kdf selftests- Fix issue with upgradedb where upgradedb expects standard to generate dbm databases, not sql databases (default in RHEL8)- Disable dh timing test because it's unreliable on s390- Explicitly enable upgradedb/sharedb test cycles- Disable Delegated Credentials for TLS- Fix attribute decryption issue where the private key components integrity check on private attributes where not being checked.- Update nss-rsa-pkcs1-sigalgs.patch to the upstream version- Include required checks for dh and ecdh key generation in FIPS mode.- Add better checks for dh derive operations in FIPS mode.- Disable NSS_HASH_ALG_SUPPORT as well for MD5 (#1849938) - Adjust for update-crypto-policies packaging change (#1848649) - Fix compilation with -Werror=strict-prototypes (#1843417)- Fix regression in MD5 disablement (#1849938) - Include rsa_pkcs1_* in signature_algorithms extension (#1847945)- Update to NSS 3.53.1- Update to NSS 3.53- Fix swapped CMAC PKCS #11 values. - Fix data alignment crash in CMAC.- Fix coverify scan issue- Fix endian problem in SP-800 108 code.- Install cmac.h required by blapi.h (#1764513) - Fix out-of-bounds write in NSC_EncryptUpdate (#1775913)- Add SP-800 108 Generalized kdf- Check policy against hash algorithms used for ServerKeyExchange (#1730039)- Add CMAC- CKM_NSS_IKE1_APP_B_PRF_DERIVE was missing from the mechanism list, preventing PK11_Derive*() from using it. Add gtests for the PK11_Derive interface for all the CKM_NSS_IKE*_DERIVE mechanism.- Backport fixes from 3.44.1- Add continuous RNG test required by FIPS - fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor specific mechanism- Rebuild with the correct build target- rebuild to try to retrigger CI tests- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set - Revert the change to use XDG basedirs (mozilla#818686)- Add ike mechanisms in softokn - Add FIPS checks in softoken- Update to NSS 3.44 - Define NSS_SEED_ONLY_DEV_URANDOM=1 to exclusively use getentropy - Use %autosetup - Clean up manual pages generation - Clean up %check - Remove prelink dependency, which is not available in RHEL-8 - Remove upstreamed patches- Update manual pages to reflect recent changes in commands- Make sure corresponding public keys are created when importing private keys.- Fix the last change - Add --no-reload option to update-crypto-policies to avoid unnecessary restart of daemons- Restore LDFLAGS injection when linking DSO- Update to NSS 3.41 - Consolidate nss-util, nss-softokn, and nss into a single source package- Fix the last commit- Support for IKE/IPsec typical PKIX usage so libreswan can use nss without rejecting certs based on EKU- Backport upstream fixes for rhbz#1649026, rhbz#1608895, rhbz#1644854 - Document PKCS #11 URI - Add warning when adding module with modutil while p11-kit is enabled- Update nss-dsa.patch to not advertise DSA signature algorithm - Update PayPal test certs for testing- Backport "DSA" keyword in crypto-policies- Update to NSS 3.39- Fix LDFLAGS injection when linking DSO- Install crypto-policies configuration file for https://fedoraproject.org/wiki/Changes/NSSLoadP11KitModules - Port enable-fips-when-system-is-in-fips-mode.patch from RHEL-7 - Use %ldconfig_scriptlets - Remove needless use of %defattr, by Jason Tibbitts- Update to NSS 3.38- Backport upstream addition of nss-policy-check utility, rhbz#1428746, includes required fixes for mozbz#1296263 and mozbz#1474875- Switch the default DB type to SQL - Enable SSLKEYLOGFILE- Update to NSS 3.36.1 - Remove nss-3.14.0.0-disble-ocsp-test.patch - Fix partial injection of LDFLAGS - Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream- Update to NSS 3.36.0 - Add gcc-c++ to BuildRequires (C++ is needed for gtests) - Make test failure detection robuster- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Fix a compiler error with gcc 8, mozbz#1434070 - Set NSS_FORCE_FIPS=1 at %build time, and remove from %check.- Stop pulling in nss-pem automatically, packages that need it should depend on it, rhbz#1539401- Update to NSS 3.35.0- Update to NSS 3.34.0- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka- Fix test script- Update tests to be compatible with default NSS DB changed to sql (the default was changed in the nss-util package).- rhbz#1505487, backport upstream fixes required for rhbz#1496560- Update to NSS 3.33.0- Update to NSS 3.32.1- Update iquote.patch to really prefer in-tree headers over system headers- NSS libnssckbi.so has already been obsoleted by p11-kit-trust, rhbz#1484449- Update to NSS 3.32.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- Backport mozbz#1381784 to avoid deadlock in dnf- Move signtool to %_libdir/nss/unsupported-tools, for: https://fedoraproject.org/wiki/Changes/NSSSigntoolDeprecation- Rebase to NSS 3.31.0- Enable gtests- Rebase to NSS 3.30.2 - Enable TLS 1.3- Backport upstream mozbz#1328318 to support crypto policy FUTURE.- Rebase to NSS 3.30.0 - Remove upstreamed patches- Backport mozbz#1334976 and mozbz#1336487.- Rebase to NSS 3.29.1- Disable TLS 1.3, following the upstream change- Rebase to NSS 3.29.0 - Suppress -Werror=int-in-bool-context warnings with GCC7- Work around pkgconfig -> pkgconf transition issue (releng#6597)- Disable TLS 1.3 - Add "Conflicts" with packages using older Mozilla codebase, which is not compatible with NSS 3.28.1 - Remove NSS_ECC_MORE_THAN_SUITE_B setting, as it was removed in upstream- Add "Conflicts" with older firefox packages which don't have support for smaller curves added in NSS 3.28.1- Fix incorrect version specification in %nss_{util,softokn}_version, pointed by Elio Maldonado- Rebase to NSS 3.28.1 - Remove upstreamed patch for disabling RSA-PSS - Re-enable TLS 1.3- Rebase to NSS 3.27.2- Revert the previous fix for RSA-PSS and use the upstream fix instead- Disable the use of RSA-PSS with SSL/TLS. #1383809- Disable TLS 1.3 for now, to avoid reported regression with TLS to version intolerant servers- Rebase to NSS 3.27.0 - Remove upstreamed ectest patch- Rebase to NSS 3.26.0 - Update check policy file patch to better match what was upstreamed - Remove conditionally ignore system policy patch as it has been upstreamed - Skip ectest as well as ecperf, which are built as part of nss-softokn - Fix rpmlint error regarding %define usage- Incorporate some changes requested in upstream review and commited upstream (#1157720)- Add support for conditionally ignoring the system policy (#1157720) - Remove unneeded test scripts patches in order to run more tests - Remove unneeded test data modifications from the spec file- Remove obsolete patch and spurious lines from the spec file (#1347336)- Cleanup spec file and patches and add references to bugs filed upstream- Rebase to nss 3.25- decouple nss-pem from the nss package (#1347336)- Apply the patch that was last introduced - Renumber and reorder some of the patches - Resolves: Bug 1342158- Allow application requests to disable SSL v2 to succeed - Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails- Rebase to NSS 3.24.0 - Restore setting the policy file location - Make ssl tests scripts aware of policy - Ajust tests data expected result for policy- Bootstrap build to rebase to NSS 3.24.0 - Temporarily not setting the policy file location- Change POLICY_FILE to "nss.config"- Change POLICY_FILE to "nss.cfg"- Change the POLICY_PATH to "/etc/crypto-policies/back-ends" - Regenerate the check policy patch with hg to provide more context- Fix typo in the last %changelog entry- Load policy file if /etc/pki/nssdb/policy.cfg exists - Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy- Remove unused patch rendered obsolete by pem update- Update pem sources to latest from nss-pem upstream - Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key- Rebase to NSS 3.23- Rebase to NSS 3.22.2- Fix ssl2/exp test disabling to run all the required tests- Rebase to NSS 3.22.1- Update .gitignore as part of updating to nss 3.22- Update to NSS 3.22- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Resolves: Bug 1299040 - Enable ssl_gtests upstream test suite - Remove 'export NSS_DISABLE_GTESTS=1' go ssl_gtests are built - Use %define when specifying the nss_tests to run- Add 64-bit MIPS to multilib arches- Update %{nss_util_version} and %{nss_softokn_version} to 3.21.0 - Resolves: Bug 1284095 - all https fails with sec_error_no_token- Add references to bugs filed upstream- Update to NSS 3.21 - Package listsuites as part of the unsupported tools set - Resolves: Bug 1279912 - nss-3.21 is available - Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit - Resolves: Bug 1280032 - Package listsuites as part of the nss unsupported tools set- Update to NSS 3.20.1- Enable ECC cipher-suites by default [hrbz#1185708] - Split the enabling patch in two for easier maintenance - Remove unused patches rendered obsolete by prior rebase- Enable ECC cipher-suites by default [hrbz#1185708] - Implement corrections requested in code review- Enable ECC cipher-suites by default [hrbz#1185708]- Fix patches that disable ssl2 and export cipher suites support - Fix libssl patch that disable ssl2 & export cipher suites to not disable RSA_WITH_NULL ciphers - Fix syntax errors in patch to skip ssl2 and export cipher suite tests - Turn ssl2 off by default in the tstclnt tool - Disable ssl stress tests containing TLS RC4 128 with MD5- Update to NSS 3.20- Update to NSS 3.19.3- Create on the fly versions of sslcov.txt and sslstress.txt that disable tests for SSL2 and EXPORT ciphers- Update to NSS 3.19.2- Update to NSS 3.19.1- Update to NSS 3.19- Replace expired test certificates, upstream bug 1151037- Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available- Disable export suites and SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code- Commented out the export NSS_NO_SSL2=1 line to not disable ssl2 - Backing out from disabling ssl2 until the patches are fixed- Disable SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Update to nss-3.17.4- Own the %{_datadir}/doc/nss-tools dir- Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic- Install pp man page in alternative location - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer- Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available- Resolves: Bug 994599 - Enable TLS 1.2 by default- Update to nss-3.17.2- Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work- Rebuild for rpm bug 1131960- Update to nss-3.17.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Replace expired PayPal test cert with current one to prevent build failure- fix license handling- Update to nss-3.16.2- Remove unwanted source directories at end of %prep so it truly does it - Skip the cipher suite already run as part of the nss-softokn build- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Replacing ppc64 and ppc64le with the power64 macro - Related: Bug 1052545 - Trivial change for ppc64le in nss spec- Update to nss-3.16.1 - Update the iquote patch on account of the rebase - Improve error detection in the %section - Resolves: Bug 1094702 - nss-3.16.1 is available- Update to nss-3.16.0 - Cleanup the copying of the tools man pages - Update the iquote.patch on account of the rebase- Restore requiring nss_softokn_version >= 3.15.5- Update to nss-3.15.5 - Temporarily requiring only nss_softokn_version >= 3.15.4 - Fix location of sharedb files and their manpages - Move cert9.db, key4.db, and pkcs11.txt to the main package - Move nss-sysinit manpages tar archives to the main package - Resolves: Bug 1066877 - nss-3.15.5 is available - Resolves: Bug 1067091 - Move sharedb files to the %files section- Revert previous change that moved some sysinit manpages - Restore nss-sysinit manpages tar archives to %files sysinit - Removing spurious wildcard entry was the only change needed- Add explanatory comments for iquote.patch as was done on f20- Update pem sources to latest from nss-pem upstream - Pick up pem fixes verified on RHEL and applied upstream - Fix a problem where same files in two rpms created rpm conflict - Move some nss-sysinit manpages tar archives to the %files the - All man pages are listed by name so there shouldn't be wildcard inclusion - Add support for ppc64le, Resolves: Bug 1052545- ARM tests pass so remove ARM conditional- Update to nss-3.15.4 (hg tag NSS_3_15_4_RTM) - Resolves: Bug 1049229 - nss-3.15.4 is available - Update pem sources to latest from the interim upstream for pem - Remove no longer needed patches - Update pem/rsawrapr.c patch on account of upstream changes to freebl/softoken - Update iquote.patch on account of upstream changes- Update to nss-3.15.3.1 (hg tag NSS_3_15_3_1_RTM) - Resolves: Bug 1040282 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) - Resolves: Bug 1040192 - nss-3.15.3.1 is available- Bump the release tag- Update to NSS_3_15_3_RTM - Resolves: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws - Fix option descriptions for setup-nsssysinit manpage - Fix man page of nss-sysinit wrong path and other flaws - Document email option for certutil manpage - Remove unused patches- Revert one change from last commit to preserve full nss pluggable ecc supprt [1019245]- Use the full sources from upstream - Bug 1019245 - ECDHE in openssl available -> NSS needs too for Firefox/Thunderbird- Update to NSS_3_15_2_RTM - Update iquote.patch on account of modified prototype on cert.h installed by nss-devel- Update pem sources to pick up a patch applied upstream which a faulty merge had missed - The pem module should not require unique file basenames- Update pem sources to the latest from interim upstream- Resolves: rhbz#996639 - Minor bugs in nss man pages - Fix some typos and improve description and see also sections- Cleanup spec file to address most rpmlint errors and warnings - Using double percent symbols to fix macro-in-comment warnings - Ignore unversioned-explicit-provides nss-system-init per spec comments - Ignore invalid-url Source0 as it comes from the git lookaside cache - Ignore invalid-url Source12 as it comes from the git lookaside cache- Add man page for pkcs11.txt configuration file and cert and key databases - Resolves: rhbz#985114 - Provide man pages for the nss configuration files- Fix errors in the man pages - Resolves: rhbz#984106 - Add missing option descriptions to man pages for {cert|cms|crl}util - Resolves: rhbz#982856 - Fix path to script in man page for nss-sysinit- Update to NSS_3_15_1_RTM - Enable the iquote.patch to access newly introduced types- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Fix incorrect path that hid failed test from view - Add ocsp to the test suites to run but ... - Temporarily disable the ocsp stapling tests - Do not treat failed attempts at ssl pkcs11 bypass as fatal errors- Update to NSS_3_15_BETA1 - Update spec file, patches, and helper scripts on account of a shallower source tree- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build3.67.0-6.el8_43.67.0-6.el8_4.build-id9af5e82ac96026a329f9c11f54df26fbd5de5a6blibnssutil3.sonss-utilCOPYING/usr/lib//usr/lib/.build-id//usr/lib/.build-id/9a//usr/share/licenses//usr/share/licenses/nss-util/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m32 -march=x86-64 -mtune=generic -mfpmath=sse -mstackrealign -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpioxz2i686-redhat-linux-gnudirectoryELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=9af5e82ac96026a329f9c11f54df26fbd5de5a6b, strippedASCII textPPPPPPPPP P P P P PPPPR RRRRRRR R RR RRRutf-821f310b86f9fdc4ac18e9ffde4fe0da11d9e6c608b36ffce37628020af8d2ffa?@7zXZ !#,n] b2u jӫ`(y,yO9ٵd( ?8aGd&gkYT2jq)]62 (tDd5}vsZͮlI\B8ɡ6UG97npdJy[aryU`G*)m8` 7V:u( Ajw{i2;  V1^Ԑe!fPmZ΃ے| YIjX% i9g_;ֽРAbkf %!qb ØU {r(.ČT|ڽ)yȻ]CbQrq] %0u+ƕsbDjGo6k~(oHm)o 5̉s̫)ɞ@ ^CaB ĖgrO$- Ɯ͜H _.j;A!_*[l- Ɠ]={kgu#=#6o;Yu'`gxj.GFNgJT&3፶"Ts8|qښ߈$+܎_N XKkDS UFK<+auy72豕['É(qCk2˽ [PtdD:z,yę?]j¦-@3 l& rM[Q`265nmfOf`}:aqKTcGz>9 pU|/K`5Y\J]B#PaiMր wfy|YnJ֍S7ILp:Źاh<(S\h_kܜ Q Oߣ z);afI-!#QX; t%V?{erC0zzXWK1֍n`4m-Y\HQfoTsn1|I-'}'FNy*Y؎D R J[M9EM2U0d]άt4Uj/꤮zTHWKg?͆לМ|/ؒ`?&;V6Luy6A܉3 ˠ~Sg c ٬@'_y@ZH ԛK'sXW}=#.u/OB"A@E|:8Lexw{pA}vE$fGw&'M.pYPDrGa{mvmlh'j~7OPp@5eه`!F𘘪z"qV4gi{ϛMKKqHP> tNdb()n^A&i,T_əR31ݱ6SNr6kFmS\RQ2;Bf+q۵ef8M3bX2P UrmK6"ٶ#q+jxK]Um )& ;"*_6/ ^=<ʵQ'︩vvCuE N䅑סD_57~J\=Uږ$13;#l.u$gH_vR˲;{{z%j,1OzTBǪr0@E:[}C0Ԃ@tw3(Qg%a%u8CΧa7}rW̢="2H)'RZteKa]3F"&.QA`$5o7B'ňBoPPOONiUhBšR76߳G]?n{._Xm1]E5#xdԍe6K@Y>O"[ܔMumտdG IGo˙&GdLHF#JցhfɁQd%kck.5z rP M7VE[C/0o"X$`暆 a]Ess\@0t53 #$1*l 3q57:ٖuo#w6qLG]})wVOeM_[ |ϻqdx)ػ88nPl޼]"^TkbYSk mN1Ýݬf| +?Ĩo(dwFM63lneZ !GH+$Q1FќXwtjjIyV!^ӎ4 ؑs-8MR\lJZwyixΑD-{3ѫQU+Hc;5LgCDpۻ1hM"]GF3OH?:rY!u] 90pHe7Tv*I^ig;N>8t.R|h_ϮHIVR B ߁wȱr{dK+Ke\$fvڮ. '"#=m&z>7n8V^uù e7LDx!?;, 7HfO%:G~`!!rzW[1.J@'mq:βp.~#h w{za &)aQtV͐ Ф|Nb>"-}5bi?.i1֜?x+U̩1a;1XF'b &̙׈aa}q;GHAZ(ӊ1.mhg].I^n+F䋍@ ""LoHCljD/ %W0ED|j]tYhP ]en e`jب n1r+xdc2IYKA)=iW71%J]{c*H\:k\*M[PTӯB;ʨaޥ4ЯN",ZCv(N0<@@ExS7]Wf('8Ce\C hXHz)O,gU]jzhcaAoפ#R-yt#"`ey 0%Jdf.3%_J֩ugI'@k6dX}'Utlbo#5S=g̃O|ߟPQ S*C&r{P DBcE TIHEd{ی%1ų,(%l,$Ix/LN/ՕڝLBkXz]}m=5`աFY~LȨC:B:BG=Π4 >lˀb1WW=ch{5~gyw_q8h\0/rpZ8ݷ{x54uMww^vFS=4%)}d05РM J^_?:HN7 ~brb]~نe}VYFɲPx#aD͍.@v5l,2+Pe<1E}g3ku!s'w8q d\e^N@` O;<ϽztQ ; ?uƫJdZˌnIro+ͺ.2׻+}Ag<’uF9S:4N3M!ΐ`s.nk@l+БLtWR2zt8!{1<ʟfmfgD0ț4GGxzQ2e%e\$?7U_5? 3bӬK2g+mQͬ%m~0ql@חTG$ z;=7{Vh)/ekJZ89H&_[T'qת0g]пh_nc4K"%մ h24V؛Gڮ9B($$fw)jz.BayJ$3dx/:Lɑ |ݢƀxv la؏Z 'k`Ѩ?A&4/籭2 gZFy\A^G?ElTCw2Q1ZZZ`~mTђ%ur0id=-CR^{^.dox ՝oO[^͗aPmoa;:>6 _:X^甗~ lv2=bLtd,m`JxCԼ5Xj1PԆ& DYd=7i`Ciڐdu7s5OҋrrNaģ6j7I[DxSl\r3Il Εo~Xbh= >﷏0rpܴ.+QSH_&y-3H 3YL0+8*67( 669?莇dąT"w~ 'UG$K'߶GmF6rWѪ K cjPŀL=5U 4@ jD>6н[]̚If5yM 4@m:ZjCRzDHalw4 WBqզxҷ ҇S.q @l]z"7!>ή*Ͼkb+=\j 2ȕ;5frVL|z+ci$^Du˂OX-a2X<4l2[~?Bt#U2uq^ztLHfz*cEm%pṿ1fXPTtIbkQruǬaG{L1+?2-]Lr Uq*( ]Xc@/fUx% i!;:mS,w`]<5&QLuv(VwFA8 %(w;(dU 5*u*4;c%;=~΀:4~"`Vvd3}11 [j'{K6KyU؈w$@e|o |'IW<<g_%OҖ6Ft :pw [nwZG3޲0C5+J3l Le5Pz>Lg=%E/0(&Va=쩩k׸d4%}Yl0n0x7Kk v"x=F+zϙ>'fRP_ J| 5htӞ cVMwfn3n=*# 2DSV#נ{x1(eTN,ƩXeAGn0UB ʅS%3ZxDC2D\ /O֠L{T2`c/b@L.I#SqP0f"36.$03eۄHE}"wl|oZ{_T1s{pOAHͬe8%ΒU ";LQ%*C%/A͔}ڨٿnPkLHe;o~qq|=fY9Q#㢢E,GT(E0a.CZ3C?&n.a 7際^C 0 /E`>[z8Yq ig_?Smia&ZYmg743'i"r:h* +T,vm`r/MteOҳb0nmx0񈹡u 0o+6ȟzlc{}c`' xe!I|H9l&<%A;.xF97^03hڈ9 %Ç꜀9`U*]䃫[9Vnb,al5?K$3 (*Jw m>q(|I˼WS3|P pe. Naj19p q xBDvHy]q+ Wv\0*tJWk4M1r "^l$[ J?X5S'[Y_;#,e8=#ӧ5]O(bIzmb< jtX$ 5W ~KF&W=jSCgsǧ~P&d%8Dž,vMsL?_$%M5zT![|R')ZO*eh;]|#ڍd™zQ.8ow&%RP|dV{4DRǚp0M=WyI Z 'nGKT8Sf߂5cHXGg'^b<`eQG3']+_>,&AJǙpr,P[x5&?izqWJn F-bh瑌U0c8`iFl._n_5J_d&CrM IaU#^\E[ӥ%nߚos'RDÄ$II)VH=uD'⫹_ΏP`KT]|Smn6: bFXF<$՛(i)=OT85_8"$'WU$F]!Y-pȞDXpsǭ!b+N@2LoKU0ͩkbdc=ɒ9!l70;M!a%r{9gw-PIyAW o \iK/mRCYO`*K߿f`SqR/HA Ln{cp8 #ghy+l)Y{yL"֮f,HхS 6ba982lK# dKVu,sN?"#7tHIg7̪`&s3g="(W,EyICfevn2L׸#ƬR[M1o3;H\#FŁeYlY@}=Pb1ZkGpL*B_˾ R32UlLjbE=&pPnupWgeXtvK1R<R1 HV2;eFʦDc0Nb)=$k0\tOw "ҔpbA{ޓpH DXros>|w4Nk+y//1X`roKm MRh+7zKm8Y%9Vwܵ%qćZJz'Ҳ[M#:F ^qLq/d5t,Lm|4Z@@OC`o+ƓGyhhĜ$uؘCUdAT/0Z 9 )}#6M_n{=s MMB4T/114z )NnRƲ$60/sK"}t_NB㝚 zcm଑705kHf-#bm߆G~<0%e7eO(|NUNFuEۀ͹Yc%œ‚< (ᜉcwS59b>uHNfI+y'"2*^%Ӹy|i.33&%`DŽ_a'e#r ]+7ǚl:7j($:f`>폂 6Bl*6ThР(V'B$mdd#d<.g{`v&TqNɌ 50`莺gO.2fC&t1C#q$jT`Xt2 +yF Ɂ7tEMso۳ٺnP`PZ!p  kBKBJT#$}Ѩl "X\G_ҖJL>Bt(#XwX$1hZ碅hfgHW.ƈ9?P6Md*T$]iE $.hvD3|Q ɕIC+[4#G!sT6fl =T7_ra8-J^;YK2|g7YQQX"E{|O 'K%(>q;Jn<&g8PL0Q=Cr?1>8SB(+&LOrj:Oˍ}-,#t?B7ɝZΦnT"U`482Mc]f5zh.y4ϙS 0Z|]l*Mi!\aSllMьܝ#jdKwm$8 2>Ģ ;,Ed\5H웅._ { #\;.~mQr`/kdv,6}oC]@vT~ *zMݏHtaE5Qc*B,ɓfeٖ&fMmGMf*Nح19Yͤ>^l{{۝;-|!T1op6W sa(觎LI=GBS`._1zV I/Q b@c0.@ upVN{P$+Cx滏zا>VaPXN![PPB6Xʊ͙]mݖ-Ću^[T xe:Kvѡ}4LEⷔnxB9_.Sj=7Ĭ1m/AfkT<P[rM? "\FI9k*D;NinKjYmM0NUۥ$VRx!I > ND2ܔM GD2YW(AKXu.:1c:;x^}\L'1τJIbҨ *!@Fђ9>Zby%ڙVɵl{U|ϴ^ 9ȦtVxVS*пu=&唉%U\^w%깣]6S{olr(U}S RH x~ğ7v~B2ђX q?!@ myWrFDj7`:OMBDwF/_+#ޤ[Pp<,zؒ@D#w,\^-gS+miW\ѭ͢٤XƕFnlR9öҕS,MyH?> %ßZZ\2v-e @v6fMй|4g4oʫ`U;hGXȸ3j[$O,tgY^LT_z|֓zIߊm_JyKbXhKX2 />Y<\F{2nJ (2$ S AP /ycbd\.eND f6Ꮌ*/L'H0)DVϗ2!]NĿ#)6O'++uO~2Sk6& 7v7#UTxbxΩ}Q9H/!B8$FJM9CT"n,v-C9"D"r, ^`2(h: U 8f&(zzFY6Yb}Q}jU"zQfTDz\\CYD-myI'@ε,(dJ] PWpfHM+Q4Hֶ{Q_7'YII* T=&'pEw6},,O1c[1O[cNGQC `#k'(]{* , 4&݉${*8s.Կ4PzN56M@*C|JH#U]4I{ν&)D?qJ\FC# gF6ׁ`*i+$cݎY 9WZa?SJxxpRb@.A 0lzpmdܐgm!K?qQeYjf XYզ&QC2j/<$yn`YׁOxx#tnؾzst0Zg[t`W~XsS eM]UMx1p,:a&~r_]1@{*#",Z^rsmh'8OS@H^ 5,%1BVru:3xb kkשٙ…z,ADhX)qR?l%s[S5#`{Pm5xgd㓷 Ic'ͿE7˽J\$ 1D ՅٜuRB ffKv͇+F@a-)W{`xo"&M+ Jq8A A8d^Cqh`Ƴ*\?8y\+rDYY?`w__资\tY/|&k:YZ`0u! [N?ZO(LC_ԥASt ri}9=Ε煫bbN{_f{eLy0Hpq>VFiU-5KPXPʨIO _L8-"ʜ^L=\*/EDN&lxs& if71W19!*gEcăG-͗GmFRءۗ|0*P8g58gy8YO>L|RM}f%6-# x[Ҷ)ҽC}.MynAG=SAZ/zvƒ+O?1STmH5`fY>T|V+ IAXUtXCL۾CCS%=(?^dӳ5c nC(j;fq9R傻{d4GeB=Md2w,0 :<. ~$G*7K&d-ރH]]1<v[!($7~XnW 3UݽJ;@RO֯M+m֟a={RU/Dv=JlK0Xv\D:6_R?0pϫ5:no+˯e8Q(6N3e9Ɋs/P)s]guii Z7G]J]RE&=xޕYY4yɸH9\dL$1:ZdI鮦 2Rl񹏤Tvwao$wdc$/8e2wBu{L7 5D#cCKpl1LQh']vZyE) ~pD{u6(zҎI;N"hR ){'"?W`q 1_M|` j3-ƒ"L gh2㧨$OKCk(xۍ zO![G8߿Ǡci`YEyHӝ_Wd?m˷#wQD"@4 p+||t\y`8asa'(.kB65պy{o):!#@fjκg{!V<đҙ>Ehjr6}DcIDErM(X<_0u[kԀ&B xA76VxsC)"E6ɳ?5PF =_YPF,37@خO z"dвoc:L{הEZFRz˝9H6 XyNǽ'N81KE[\dȷOŒn $\ʼn`%U~jVvg<׬K^wUm=/%c` w<Rǹh5z̢bm[ *gN)Xn~k =%(0gS[ZLV}7?ѩK.ҧU[{(^JT:5r~9prێ#PZr JT;V> ć3w<ػVf 9{ >!&9n#tҾk36+]Z2gTm@P^obb`n2#}o<^)mYywq_!' pe&.YKY3=DfZEX9x]DHxϏ%*y3p bZ_13k9|p$D-< ëг T`ӹ W`]{]0sÓi ;:\S)!ĚJfE:7,}7#˝q%  t+w ldh\LuT`Ǜw^,i .UǷ_u?/2Ⱦ<)D?$19..G=? _ ;scT2-t֎^F]9'qUsg3kXVz34Zc*<.6u&nW 1!< &sb]Ԁu8 VX.1_60RF~f ٹ;&eFQ=i"cւC=1`\ QF7Knީo9:)"s{K+'._Vd K9lr,?fW\F @dOF ,C#Jc{|~n ^==THA*uJ`8U4UfA%rJUטcAe.vu5heA|-N`uĊ,Y8(~;HٻXY&*'_Gt_!{MMWt7:#ޢe8{ #c _taH h|0)q9,Ȥg?1w mdߩ+w*i+?s# y|Fs l5okΝ6o&O:!w`+ (?}܏*Њs+ eVD׷cA 6%un@_  `qi"oB& mpwfCDb ]"n<Y;5= +Y FM ]$nfTq |8!8{25|ݶx8Q ^ؕQ2KwUtwCmm`pS+g$EO+_g7 K-EŸ8 J #E~OŷlPBn]lm7q 򂪟+E;8ORjJJ-2/m=gH+R 8Ηg +!4zuLᕴ^E%ۑu9[ jUĞ@3 {p/b"LJFpL /):^vĪ+il9[%uw-:+A%vLSkD]v^utv)ֳ#QMcbNfz.d{ڴ@vbG9v^K[",A"̰gbn=ٰL6VZB]"/fV\~njEy􋊪^Aڥ ͰJ"3 7J>>Q׾:/;JQE؂E쪰z4{\4mqhճm5Tpy tQ#ƛ`}˳15ݟ' Gt%ֆ'*@`) #~l>Mt ."Z] ap.4iϙ4&uMrvK(ޣ{DeKUh7m*naM aT]Ky)O7BAF|Ҭ풊+lK^öngA4D"-NNҋc~B練R ZNUʣ4'G+UJE/.Ԡ=|9j C;!Tkw/ aPu%vUu;zD0(`m#8E;(daץ@6ds|ϙӋ!l5\=~GQ;D..pDsh^\}pĦ e ahfGSkIH0Ÿs^;/QD–38_l_ilrW=(Y)瞋E? `_g@k"KMFZdj?I3WSE2hVT"9nysSX74U^eޫ.*u06L(pHJ=־ xQl?./)TDk?b=.1#w)SȽ֣WAV5 :eq~=s?kjߡp٩5QzC0E=i( :QB"m&L_pշVgLĆĖ e/DJ툻jU~AɪþrM03]kq.rчӛvZ/wh3M$76o2%BEW%LqOfܡWpݯDъg˖Q01NgJBvL)aC)=L}Rxlmaԍ}faAݙ]{zemF[#>>>&lwD < +R~NVvue.6B٠; Rբ^Vlx1h5?}#TBb\Zn9撄O_J6 .Vҋ44!CbAEYj^dK.̎1>^4;Kg tW6xL%:"~اkd//ءHN:;!ukJcRϝ]?̤nБ;f*$uՍc3&TJDhJ}}@!yo`zI`J:Xz[}@O.nH1v"PI9 &;]a3F/V( r<]N m XQ4ܠ+}_d"HSƥbjek \Ҧ闷בyrqcT:nMZ.z86&x#N5ìo5T@M+aƁ/VVoG %o"_#2x9 2F'gR#Wcg&>F.w`ޣAR—N J# ?uy@:|#qٔ̕-d5 n/^DWMT"Zav}liH3de'3!璩?#IjPAfЈٖUϞ8n4Kv@6D*P9.`1"֌V‡wϞZ1Ƀ՜M"$t)r7O2@_(ˏf8k g舛X hKjamiTp3ؽl[F'nCO6eTD<̴AgzK¨ɞ>1E_2xPG4x-_S][ 8ZlM6P]4@PgT[Y&|^HpmkRmwKdQ`=g%Aћ I p/lOu;c?H[URsRwpo ᄱ|##$ (BlD9ϲ'G'UyaxVUɰV7ϛ dp3׶G[xUEe9ރ^}rv>wxUl|>OǙSG_X\օm 0?Ss窹 zIj08A̳ƿOBwxV%SZAFmJne,Ϧ I\kSly/tf^Zжҷo}[fqǺX9l!ՔHp{|2"tst =WY<-#4ډV-~xSKiݎKH ^b(y3 E; z^z!HtcRqv6KXLoNu?k p>G.r}S%*`׬~?bO$Uqt⾊[CUo6غOIw).'mUۦAchuaUǝ*kؖ \ Z{)b.uMY%0 kvV/,FZlO2xh/3[ wrWqcCzJBx#n:T= B}" ZFl^u[P *0YH襻ל :{qlfYYSyfkt@VT={Ч %V5{SYv}l2JADF7šyZsq%i7cO9D e]BP/;EVE"4By[ɭ덦71˙,XEiAg 'XTlM+fQ:BU[D_[!:r;.sgvUEa.KDrą/wpqrBN/2s&,=V 5`xׯD}9 <9$!V'lA>(8yDJY0!k'Qcgz`jcЌP'^~﫤\,8OP<KMd|`pƜa6F>JSP.wMٰ Pn6`C@3z&F;TPE(١_}y8,<ePV< cQ^BVM5zjVEzI2ԧ0oLMH޵rZ'il)0iIsT\=6U_8bߍWL"u{0"Q0WצUY1$Jpsyn@%1k( wD| ceu\+PF*u1rϱ *Y)24F­|\^\SjcX{{ s lԣ;J˖^wMekdXM%R׼7^Q0'#KVgf\:* CJ@y@-μ<? qzX2lI1JV3jQ m'-Jy=$M3m|ZfwWta壷G82}z\.ijcѨfN/bޖKÖR2NȍX'qn0SOLl5kϋy 3ˡ19n54Q)zʢ#Ѕ9 ADV!_>(bK.(Yh@cJ\$Dkd]3g"@y~RjyÊvI΂~I Q5n,/a)(J))IBpqZYёA lsJz(pB> 1%G*ȴ-VhNg_Udǖ9dHmΓp\]GɫN8'ru"׼02ӄ\9e|fm9_-C-'Dž=4 3{t& Eh51 =blH+cNh>{1 %BkHJ]L X#> UB,?Jg&O@8D `[ nM)IgL$hCxy[oV/pԓY|]f9?ezf[mJt{ݺάi׮LJM- $"S?T;ڤqy+OhHK)gf<}VȹWZY5ԬJS*RH&h/՗u)9H\Gټ#Y`&8%!nL1=#Uj^k#8Qr6dOU7Qq9B?i>_'f Ɵ5 h XeF*T h@wh ?TQKh>>T\ͯa?>@B0 3̜j/Ӈ7m }=iMsL|m4͂ sz&U9#m+(<}'jK5e`0ưy VsbVŪ.GB l^F),e$0ٝ 縩aTR^е̼@UnQ %]6`-OoCTU%d;Rј nB#HPՌ8DЕx[VTYlk8'tF&itZ֬:"/ʏeD;"[":A%A#dF''h?k1y]B"E{Z_Vla`t"_m=;UPtDfP'5:$U%j6ˢryL-tpWqpzR"K:kS<Wjq]=_[ Gqi8[*s] EXH[9Mm<hI ˰gH ww#tm*@Bۼ^Cdj" fxJS#@}\DWSda_M倐_{ gQ1T|Mצ DD> NxJA'ݽ.xʆoL i2nQ&ˆgHd^A~Е|7]gqb7w=tV JMΤHRįC#Q4e0${uS@Rmo .qKUTۅr7wT~滯J3a0B p**茇abK:xᛦIƕ' h·<ݣCQ]Cyc;L)GUO1kc\z{_=+?C!qml||*k@M>W(iS`nMM *JЛhgebIydޜd>7EV *d*BQ peTWxy(Pb/HPQ"oRfdX5T4%~O"a_$'n{Η MFo{KHR NAGj?]Գd}c^SdM7oYG:Z"`3狀ͬܬQPי>s3. EAiBt׷^(C'F&;3yh;`E/ZI[c;I~&FzG5"N)|utitv8*Ăd ,"bݼ,{9K;0.J5s[oTLL3KUVWF(4Z_ehwv9lϑ:s#H$>)@Wk'|>Y:Ӑ7P? S,6ڍ Y\9vjL)iCOC-6nޙAT+ 8bj~-v. CMkT!/} OݘE_d( 1l6H_aw):I'[ G?)`VY-rM^@JUr:mڄ'tK-3>5d4{_vVT}-6!!~fm6u;;:FڝAoմ+Y ^Mxs x\*W!Yt"B k}2ٳl٣쁆KPq%㊲}!SBU)Nm~c[dk;@kɦ@\j“4m}8\x 13_ཛྷryC7hiӲ*MqEߙ7H)ޟc)5=aGȓ2)fҶ~9+)ڥI_ 0j|k9xl$t&ti$I;̽A0G{/#;b0WTH6>2ՒS_HJGКs!z6\+$uF4K!QOʒ^V)Tu!sSͪ.AX fT9ԓΔNرE| mgsB٭yƪ 8{sȏ40k + u.5LBpy)\Vh`͗! #3:8b$76 $]oٵ W;S_W)m[z t0/^ltggiãq1챖jՋ8I>?^OGx+kJ? 7*t1[u8}zf7wZ@.LF۾ܽ螡l2OzѐITi_E"8߻- AFK?k,!ac ҿ`tai6[z(u(+V$vMe~дe56Yzi><2uvbNзcI)_*UJ,y& l@Tw zM[ة*r䄢֢.nã}/HUO;&e͚oy:h  v:7r#[5#ԀisH7ZDKWP+g< rlR8( :(#eR ^QllH4w s+ޠ'Pc㨾6Txb]yPC&2 :n@w#'Nmիr5DKY}g%^;E[勺zLa=[OTFS1۸8n)$+C6Az27Wd_,Hiew,*8ٲ tnMUG 9f}밗#\!HbEQYe҇[_b܈1; < ,;5b:efuNqy3m,ޱk‘2$kZvW2V(:0}aݛȺ$$>zl6I@{E۸Қ 6Ǝ ZIBЌ4e]oVu<߀o[8؍4`&dіҼ*lqr`bɨRb.(D"ڲn?j.^tҗXA33y~a:eki~RmG7_4{mz$ɲd*Š&ڒ~s}]AmpE$=l}7O>Ti4\4' *5 LaFZ+zS/j^5uhz1`1s—yim"/T>0_ &EH B%R&(%*DE9rFF72_n@jB}BxwGYɩ .Tӟ;jU0]AMM;y`ZyZ2rm3ff`_t ol<[o_ -VM6h_6ĀIwEt2HkɪK1 nK3(b?E|5$?O4Qg $ό 1@z;_ãxxb?袍^ڀs&8C2W]0$s9lII٪êxlLYEIyOjf=nj/tG͈D($gF!~ZhfzgVVYR;:MIw"Vz\DFp0߲7?UJX&Bp *w 1?Lr99\ Q ^V+$6ҋA Ola@jJP,HXFVoi:!KzqqĽoz:v@; 7enåYfUZ$1,`\׫ayWB߰)l6RqTītَ!sLʷm[ymӧq čL`K؂m1QZf Kl{& J: T B= y .kuq Ny\pUOj+1{9dq$b!5mDx{ ɏǨ՗Ê |i)ԑU&Y>.[.#) 7zq˻ݲj@3+`'gJʴ͋d)2JΉ< Z)8c~RxʃgA"|zlf 1W P"tr+yP>l.BT_Ix%6=R"u]tp J]A J]t5›Mf:wXBYܧ!ȏp> 1_ə$-o/O ; / \@9uL6lwl-y)a9խp5p65֧s˫I{ИYLj9%V<:\qu-ye᭖GHa}7NFN7ǐn3il3Ya*XEpDeAӲB;^BdLShsS'aVCpfjieUa "6B-`@s~eMk$yb}jH7k`C4 [׸-#M Rtv;WL4 8h`rIiBԻxLZ5A p@aoϑ;z> v:X#j,y˙IWoZn}WStc)`S.M*p=4ͣ0)Ym(M͈jQ~>ʽܮ KMߖɊt6O .ӢrۋL1e&{0@% hJQn!dIfu _q@S3@%I`oؕch#5LX쩡!hZ&gs^ h۟%B5kgB"3=E?%u<2D-R,+1 >UӒ(#b5\&reJhztBh_Ot^N 27%ז0(]%ll' Y\~{b~ng!4:1T'mQk*< g ј8!+ofOcZ}HVZa`GT 3x]XqxG{V =m( uD}+i*"d)2 л4#fL (Laa X;ى>LS/6?85]%n!]SQA@[d)>AfIH1c%9 @Tg=0Noy*yŵ}@TNaS@#o*a'Φ+XwwKP?ԢXzؿn~T2͆Zڋun΀0K6os0[{|(`-wDvy w{Tr&'DM.kcӓ S{܁`;L<3DH2O?DFJLAŎWJ&??g`6d*O 2v+Q뿛7s%#b@–3fr@WճAG]!0.}Cm\(',H7$Zmq];, A)=J8c k!9sdM,1PfzqbfԂUQU+og0_gw%#JmAD7&7ށ]`aLj2i\:q98pю_l}7Gu} ]Y.ӑ{->ӀrƱNJѪaFZR|{r18egx4g6Sl\d7̬9Z?Hsr 8)j_)Sޓº֍6;(9(-&tڮd^UPt!1}q&rvˮgC 'EZ؆4 Syyv5 lbҭVĝWt(HH][ &g؍?JSXx\E)}l>L< '~7XuķɮKP[P{;JTUW`fM3ngNEm[xNN*?v"^BC[tZ ;;Sx:v_vLFgykF$FC:8/RN ѶN!ez1bLۺGwcB$sH:B?"RGJ.KԻT)0.Ti/8lߩB0MdU/DM ƀmn.yg+W\w_L 殡o(`U]QX5cG =$1" QLny'9 *\'D%r(Pq(W*پ\u: UJ&. ֿapj ,x't%ó$P($"Df'_wd6DoK4\W!u)"q _hR*W)>.ߢsxps|27ڸ24Ic@q;Zw]"w'ۧ@7_p!BaA K a/6_C_,.qq3zXdnHO74]f@W0r! 8a^W,"o9OygąmKzy3-&AkÁLn%0UNp mXxweHQ](2q@u8ZZB/L F1 > rT,'5.p]BPFookN-s/%_ž |'CVp;ʶLD 傕>SoVQ?:bVOKFh%c4 *pMw_{Jgy/V;B9|Di(4b-\鿮@6wi9k)JS(QKDz砟WFJ#Ȉ;h8N=Ъ{n.b?J3ύzjc旰ݝ&Es8)A(X`Pcő].W@/LmX̔b4'=tu$ij+Ht`I]A\?EatsU-m)ƖQ0>_R)h$_33{.ꐬ* Ί~>e"Hl9=/tp}vQ7PVWk}@st#G6Tqm$̳Y ՙ*v2F9 7Wj>9O CW%T$wқ&}/͟erƋ jvu=]%"ش๟N&Y-9EhWhJp RXrP!>ԈN݇d-A4{M6w~''//DpK7g9pi^ѕwJZWiQRv53́3f-rlB/M]E^̈>/<fp6(*Tԓ1g05Y !?# 9>1hO=`7no I6d;w9:PYR+QScYƒah$\̀ S((uv3#^ROCa#aqy*8%{Pҏ]}p)|` GIS'VPopZu0Fzlr*oО AU;Hl@oQ`+hX,7TЂ͉khߑ(^-f!ўsVp6w*}yN%bu=o `Ĭr4B&PuqQΘOxrXl_Pݽ5 Ζ.8x9tMr$"0+EA 1B,ugΣegt eE.&ճr7ʞ*VyvB$w1_ɮ߸뭌y,wo)M@'9bw(MՈqمx/psg4cљtJ.1Z:X"6=eEt\&etb!Ҩ̝ 9 "l8/OZRGeqJTe'9%(>|qrT&Ϡ[= t#_.Yv^3x67t T`R}j`T0-4H^bпVE[qix JZ b7%XH3Yo`d +5L\{z4]3]u n/y syZrƿ<MWmRdsM^\8P~h@3ez֗DDz{p63|?a6}H=̾ HIzJHQ-nc.N!Ay(pk7] k `ԩ)eX !f<ܸ5vDs8}fĤg{Qxȑ",tH.>;IQ g:?3)ߝ” b\WE+d綜Ok 5;u7+%5 "©)֒Od)yUwt<gO8n<`{S EݢPˠ1zoD$mt964VGn*5HmŰS+DK򛶷t uY3qφ.{ua)A^vͧn jV3 mz۔ ?%Br;Ae{(of y61Hu_R`֍08ZF4 (my*Ĵё2t3VɎRNWތ'"EsF7Y*xǠ3 &D.e~b<\1H}͞_J™mуL;U P4s (kV"SaYs~C*8WS֩P䨼ר^7b3DOiɘܟlSC,|}"FllXtrrIbThzzCr3Z P/uE73"I"Ȑ.~~m5C ;$$w,` t/E廢2}$pA5B}1O<# 3`GEmMmfG$elTμS2^aPy->߳[=("{Jѥ`x/MA-큎:q Vτ+_nd6rC58yh Dm.GO9z۽+y,bU]rOEcac/ő^kZmx,)存z>*\FPCYE1bm&v^?GLwdu0g&ݹD7KeqOHt?gnӎzR:e4bn6qZ3=j2& GJ/+JL䨖uAp2n[3=[S L' GTR(N.=>+X3)b;n[{w@)0lm6caV;xB6녎R\t/PX=Le}dq琬<4m$MPVaRi߿4v"y79EQfQZќDN;n&/%?kMgKo;2({# q{R$[:T]mQnWdGwyQjaDa+k1p8@> dzp1|f}TҞC,Hsw, L)rk|w$[ Wbx7a:)>/'̟3૤^ޔC鐗 0*y;j/[],-9| Fv Xg8Ugզ}jx#8N NmYhD@~2G єؒݾ/>Ym'h‰Η/}J!Ѐ6 t[%a [RԾU{9Jg՜CBk7gX#fxy#]!S9^n B Z,Ľy7SBp#31DZYI4 4w>kW²6Ѡ֚_|#Fb#s,+ @T< 'qB P1cQfOLX+q7iAu|D'iʴ_i"f2s{h򏰃wɜԌ7ԩܼvۅMxC,ӥs@8o GDq5EY' 0^V|a19n_af˧rLh3x`+-rd o1:!hc2䬐\aɟGwZ1`M8V8wd]+^~H7"hY?:)rѡW>WL:> u]=Es+廑ʃ8tgR΃b2i{DFvS5eآc6>6Bpؘ!_K&:d|߆GuD-R*АCCn7|zv|JsVVI!%2zH&cLITr/|(]8TY z=UiiN a^8r5!@fTK,~l%aI(`Mą\n痖~v:29= .~}y r^1p͊&"@˯mTX3GݛPn3fKR =I]*s޷aamҤ` "t>ɗCUEۜD6gbD褢@Ź5%wF^sqL_3T 1Gv~f*Z*p\Za$L_קw9 Wouj0jC@cw@مi+;}{ma!4"\+K-,+#O,-v87D![p-sgSC4gqf a@++@D.lFlj24_hG2RdJWB4Ed ީo7g~`$F104gXՂZ?_14gtmd%~ԥFDcgH:5ϡ|{lÔ pP]aiJ`Ԧ.+JO*&l5GgYsDżα4]KԘKYPk$ d2H7q$s۵B 6,l ~pt.x4,em3s! q!wiǎtfrz }gK;cLƂvaG~Cfl2V@POb Mxu-Kz5MVEG#`9Fzyu :]}h}*0K&R?xN#Yx7ށSfC/n SO\:((}L6EN~p?sNgZݵo!{/cw%:/aVیe5=t-w(í^r~9W+hA&acgh+e:2>wJ\r{C(rnIV[h#u뷐0jT [3%{'41ʪh@~Zgw~ykZh*GiCqy8y)4^),s D:T lX]§_ӝ5pR腻]\pwAP@>u/4b> Zv֩4DǦ-2'׋jQ_;at\e(dLepHG[C5X uio:?0YcOjW#tu$ꅲP5#dw9Q7Z@o,ded;7DSLr7P1 #u(.W l-+>,\=)V#{T!=]>cb ?@D<H8(\i ezE˧z 6Xd$s!b DӊCJyNV*{%{\#3#~0P':{Jy-o.U#B}g`44Lmk#~|PhذgSl\&%7l]qxjT=.yQ{+WPWPA0dp%/ `rF!%vutK0L!ɐi]&-9jWyODp|;r[Ę a>dӾՅn/v3w!{5~Œ\xC\lN=t{;;Ij|f[DDVSC29e`&*0-MO ୦|4Q% QVA8C`g\,+Iۼ,jUjf=z[{ª{VuZ\aiĝ)eeuh2c 0pUQp>GDF\.*M/nOhlFn>\@?#wKzLw6XHf[`N]+` <%&I]!7\ ֜XQ!zk9z?VT_rֲX{~AW !Eq!k_GYsnH5Qiew[h2YN|p 3QՌ[B[G2<9Pö7m}G${`%P=F+|f+\4 4vΦL=~D]qrEyS Ov J&upYqYZHM)I!L\R(8#9<9fw2D$&\O(Cd&mSHڵ ̑+6[yMU3/~. l4tlu2" /K(nw-frjMQݪ,C\7-&T)ZQ[ӗr+Zkf\f*@:x+H'sNYӕUl P{9a|*>~:6ܨ QIzD-uX7H`2a%X$+`?i3Ci 7ˑ@U^@7QL>>e.SKVO!gm}cz^Af諈 R6hLImt^̠ߤM.'-4=3d=h*v2y r'c{?U+5XًtSmj%"|_D{WK|d܂? U'v+\b"P{A\uDҺ QWQ2a18]Od"Eg%4W oz}U&ED;|%=̾1_;KXj= '3tW/uU-FJ fĮYȺfk#N'`8* S֩ё ѝ'(@/2Q}¥(lˍgCwom 3?x@HJSGR* pbׯZ)h_d%gnǬKr:=@).+4bR93n! L)n8.Y3}-Ӻ㡷?^UуM EZ,aHrB;Y GEB΋|"eWBF+`exc,e4fr"y4M:5bAsi6*om佱oнIqnB,U=b6޶W/kvp (mv OTDz|ۉhF rY[k.OҨ!wKDhˉEÖ ٤"lC}x rg8 ٗz瘱`G.Eq4|4@gKq *׍q܄L%!UI4s^BcwhIfrb(v Q< z(RmvBs0+^>x\S<N#NC0~:-f;C]M6@1[r^JM-.j}@6ƵE28VyMNР:5:Rӧ/}L^ N2b]|]2w1wcLUCbT~ O3j{XvyLL9]%Quw;"Oa|6D9O/b'R"4_ݙqD-n]_v&)Dp2ژO 9n s1d/WRa0XR+yBj'];R*2  bx;Q'l4 &o)2GyL2}vV%:7?E%zm 4nw8z8R5%:^SZs8-RT-[JThѤ-Nbɤ8 Y$'R3N%{s GÂmYY^:3b4n-HDER̈QA'jV21GE'߶ЖKyWLMcUmL{EKn(@7o8tWJ|)XJm*.6&N߽C)LڙU[g/JvIDUWUvʟapA w>f: ϴ u8ޤ{.UxͣKNųGE,'mՑÄ9&ctxm/+$R΋&-R:+ 6|jT%G&NE1I[=*:b 7lEߎ;Oh 5  O=gяa6̸{[) +c+"zwb9?,Tn1Vrg!>sk][ Oד׳4U~ۍP]D3ALO \Ao\4G%<1}Lz#d,u3D~A,Ȩ|X+(W9e9~ҵLTHO̜"m} CbK b&35BAXt<+H q@\IG|)uA[nBTO6Dg,%gZF"ZT}?ڒ\P-ŀB(:/`Kdet' /u%E-h=]  sZw0m?ts=,<ǐU* 0Dǃ& KwLhFsɃo a ڙEQ?<5nvRPJPlwz"wS_)v-: ):b?UGtx( Fz|#_mDP^܈lNáw7TF:y07ҥ`UAy y7eGkDMDDDF: Aq% '"\*$k1g[E_{.ƒ,'!K}I<VQsmlԁ Rqס'"#EJ6G>a=_偬hDz)ic8jC4xLe;|:q\Z.B$&qv7 iu: _]nd ,yϳs4̑\ [Hد,o}=nna@&Q!FFes `42Y,®[H-'vɶ'Wtlv)o-߼6WeT"B {h8zRYӛjQ!8@Szx9*;m Dق;r*;4BUL7! ׹+؀PMŬ8CmYE xi'j<'"0v@n2F(Go?̯IZԬj 7/4X&oÀ~.5 2\A@P-d24qlj:只/҃Īw16߽ O]&+nϥJ~ektknK NɨMч2(mX^@"C3"`Y$dNL4NV^¯A)z:Ր,)#x뾌\bUa0neP0dDgx~S X5 ݐ VΣ0RoX}M[ JC=/<\L}@-T {ϗB 7PaS>0z~eegnϽy5@3mH:x,'[kK7;0 5H9; }4 T} B{Ӎ&> t{dF$n-$%hB!u>fwoPzY;,CA))$zaM tPKuiP DxY.A[/D7J(?@Ej$w!4v&MNrA7Dr ҏ}h~c% D)XJ<( #Ywd:$Aͧ9DZjr2 i]]NwWT R8,%e4e&m.Hsٴއd'ӌANxi۶eo:+Ё,g>42:=Ţp * ˚9@܄3 7a6S[raiEtb6^Y\VoΨ7CIx|֏j "%l;KNS 8BtA>DZHKQtLĪze4pYT]D| dNDg1_!EzTvN V60 5^d4x|cn1G7i )1"w?+nbiȍfmE3 Iھl>tcN"r5J C8^~*\rBnaCL.ĥi\Me$O$̹3 o&(X 2~f\t;3g@+`\+Z^%R(Cr| XeZx_=C-3|wTDF)p³@ dy$rz_2 :䓎'$jQT = 8zv1Љf9$YXo]g`AfR|cT m$KduϨ"Bȕo#UeǻElﲯU'Q0)jÆDbDnfS^c@荰1T9&̈iDndcSГQhGRR9n[L 3I;ؿ`5( 5:/^7oh°_!K)K Tln5 Dn^?2+D#Ѱ%o}bEɻ[T1h?@iL:Oo)%KUYX"\vb=7#cSd>{c,i͛ Bҭ k+0,MȾTZue}Uq/Uq4U| e(;_\ugHگ*,VR|xZKvbC:pOULw"Qk(rkni`cޫo>,hlp9鷍$N?^*KL`N:ROw^ِ;ѝ80fKT=|N(RzT#Vb!np?Dh`L|)&TY tvjVg d$ KO7|mZ'Cr`³eb^luTQm\o"4 * +N1^Ũ*}9`@4zbFr)8Cu,=mgv9f<35/P&!J#sk{,֠Vap/찞JX NDozն;Y ~=`reU=SNI3Dzer, lQN ÀG̙z5p)rx< .)C s7JW/K`֝GE ũee#`A!.M)v8eb'6~?ND~ۈ2g?#hUzJeuF/RR&/EŋŖ#lG3YH-=b9,DːcJm;Bir8IMR%laRց8,FVl*d[3$L r:uQ[*Y2O>}y֬GYpKntDe%"i/xT3hz%=*f>v ҶGBA1s阢YEzD5gx@СL=ݗJD U7eŽG XƂ]҂wcҹPa2$6zh)H* 1Q V97= h]"=1: X` t PxNpo ١2 Hd3vW>R8dqɼ}NFyj WC&~CIOJ?K0F%'6hTgu%WlPpe6!I 6K  2s sɚ衛7Av?s3Bl\|iVoWch9?ؔ+%A @emE# ;BBړTv<;;EYYt6\hiQѣ:c_"MCͱ2<;OF8ܱ-2vcU}atAOj#ޙ\esݻqc/t\J5SgZ}r^ ܙwh€pxY0:>Xb!z7j>c O]hS3 \+jҺ@| M^M  5+eOS<#f.K<]%(4ArCy}`(cP oI*_MX,P,uO>N*x?]X9$wa+DH A"뷬Ł^ūQ"IFQHrQ0R)k9ςSf97)L : G!RBT؎|ӧ[l-oMR?By \ ޜ,%^2)q#':l`_9gsb1Do |!ιJ[ہ])-OMܒ'aˑ:W8բ ?#66e'FQ*<*J$gh!ȥHj;s^b1MKNaáX'hde\\1GrRIu\YJ-9UetNn5 Wz+mtZ/ De$GjtqsM uS۱Şd ywb 9&xE n?H! [撬E&6xwDS=KS {m#C44*%oV)sUE /k9}: ">^1ؤٌ0ҳgKQG~y9-,[:g@IRc4c4FGea&컢rN\e'k|VDPf`QctcJJϦ s],P9uHDDY;>b?~^tlhgmjF|= y~4'߹k?N=}4C/[_ Vf/l_QߗT5;4[]S=g4zW︍с[V[2l M#[OU30A;noHNWz_syfxl0(76ZDG;X{a ߃'*Q4`M=†S\Ll%CcOPWoͦÐ8-hΘZ2vݰ?&jk7Ӹ#G =0:2csS.^PZ &A&:_+.(햩lJE6!PTe8&91~r;!&B_^{<$*nPAG5?^49!cOb96d!f?M4\5x*hY||4şK=TW\l?;? [Bw=7霬l;7a* K 6)pnA)}Zpf^w\@5Z!,QBLѰ6(sWv>>{-{o^-ΥJ1r{0 ,!I3,M)+m^3y/H `̴ʴVryO@5*Qsе% ^m,bX)Z?gDAO. wD9Yy4q 0]*ѪsVbD|ztJܭ%ͼ\n[% @&Z,>!ǩXh/eg $%lTkO%9 ܵ[$H^{bIK)D閉T pgA',~Yl @O +ŭ#'Yjc~[X=\ rKK (-|-ݠP{+LV⹤]9y`Rdt2)0Ackx_GiLs!NhX`ܙq+d7TJelJvٓI 2hՊ#{Jq]Z}Bx{W9u5UtnuOA=A~ ̂ !  2N>s^/իnȧ.nY[gEW+2Vd݁Cbd] FPD,LYI4€6=k 1G#R ĚyvZuV!T^#iCGg } i[ɘ>j?Q[=VMòyJkVr~(78Kze0RfMl"ZpN` m/$Y{ٗpV<;.w_2yr0GgYRԇQ駢'a_B)a].q[$yu{BZ r5 J}1b{AjR]544ʽTQ?c'xjMrXJSYiP b%Ԏ "(9v#T5?'JAuz5Ȟ`+ͰMpQ"醻waQs"49^;UEJGӏGBv,~Q'xtn<_Ӌ_J0,3Fy'c٫#:ipny a"?]so_Óq jD.%m@VШdZ刨l.־iJR`C(ÃKP띞.o`LxifT_tb|; 7xokLRW㋾Ba5Q>vH ';M:ptgsU,BPYS^J[B(D.  Dt5̐Z,)W^WpHҢ K;$srd*zQ1` k@6I fy7NFǯ>DrjfYϟ o-g/asVY]`\gZ HQBs%u&ڜ].W=v! OCjG[g5>谛Oe~ㆅ>O .uf2{A۷:r6 G ,`Q|BW"P*& sk DIo>&JުD! Hn@ ṢԄ>]MqqE![29#a=o*:v|@pbFX" 22J6lB"|ǡ {N6ITZG0,׊2+lms}ߢA^@v +%H_%oVGhAiwC# fIp;H12H+ 6ϘV$e UjK/R;\xr3smIUX@|]ZǤrHSE܅|m~[c nf9ǢD Z<\zjmQ0wHg+iX‡["s([?qBcǐ QeAeÜ%FTP6EerW,>kɓP߹9A~|;F aBBi6j!iq#cA-ǣ5w/ irjlG8ѹ b$xKBs3X1 .E8t"veN 咱jAޞQ:2&/i)VY l ^0ϩui#ʶGO^D?9ي ࣾ~Xnhz˳|$e"X{\ CQQY8^CO '7c1@W%x<:@,E4?=PpHƦFpF8?@FK. ƌ2FW9u;*)ZYTjN6HaOdv+l,eSNu9mu-b~`Zʸ ALE[bz,~PH1/l3/w{f:gB 8MR~"rAuvvvzrjsCi*7-dl'p)S_O֍@m? A1ڨcYəQc.0X>;vdԋgcØ6A5]JFMoAX6||1kd}y h׌+USMizҁqDL7>"!ZZ qM3y@;'|g('+fTq =䦷w8A<*o1MΠ# "=7csPfc` 炽"R4uі^B͚n%W2 /T{5G O  lt Cq⼇uϭ⸄ ai1Y^@^ÈIl?@?[*sQJR0K!=x2x-Aٝ؆9Īj$S\be2S/W7Քh y(+wa-̲Q zCm6VlJS3|Uj# BVC4:H!> QUMw#{#Mq: l(^+ wSdжR&H,KS$&QR9vc" gXVg7ȡw mqN@q(zQxz^줹v# bt?#s%lO`za^ ^b=4Һ;mSa:8,L}8A8svJOc=v@J#.t6 l4oLS7&H;"KMWIM_]pWwPۮ8sĄsL&{ ; C_@y6\qk6Mז˿ 7͈&d 8S2^= 6]`uhݚNoGspwi-‰Hu="]؆@) U8'NNcVֻxC?(o 蘥Nv7uկ[.`!kXxCZeLx((魽rlç= =.վ'w}9gA5\¸-xWCzMVfTSW>m}fo2 ),xlVBǭπ p _z 3!Ò/y$&y M.\ġoyKlҼ00JĮUV 1SJi1TWb U?[Ŧ{B"JӬA ߌʌ)AgP ôy ft%@9SuﺃZ"{N|n϶KNug!%s&*//8ɂFp 3`r #'XOyTw ?pܣ)6b:+7d ␹=ʔ{ՙl$ݞ/"Wˀ:U \?HgWde6LX )۳Zgg1JR NEk@PlIY&:1M_RfH"Ck[Z~PL Q;cgѶB,>(\e(LL&Bq #Du79X*H(k-oRBӋ4iqzEC%YXa5<"KJ'f?ѓwcX=6l8l/Ryއ b}/g,^+yq!"pw=L7 sc {֣̓: 4nYF̫p~PDϫssf=Jn<J*h"Q*^KKsAӦ(]阪UxDDTKF-}Aߝ>^F DG"s.㦌u9k@Y#zvb9`AvwLiwn~E>kW+M[sCr<&Ul@Ɉ|Oؼlρ[>ViL217C`_CoBLn[݌Suף x] mhm5y{9=|^91B("ҹMpT 6'~SΘ#t{?=/JgQM|*7y7Z .)?bUG{aT`Eui"t)g!Wu>FBRՍoj{6;P>-w=0y&M`؜:sEBhn'n^PC `h&߫—%-ߚ5|Хq ;9f}Rh'H@ֲGTPt1?Ƚ:b]uCּTqpx8Yc?݊cBL4;0ʂ"( ":l6VZxY4 tztv9 qI(j煕Fg#ex4}}gaRܚ1KsOY)Awc=Q}Dx%jR1+ʨd%v߭tڋa^?SxEzq>_Y l "Q í )\HfilkȚ kg*%q Y[qm,5z>w)W3bL½aB*gפk E5E2,/rʥX E%)3P%cPԵQ^-77p$q?G#˃>fiSŷ*- S/O5<8m ܉~#b<& y֩-{fω9.V Nb-${P z>~l~ͦuv6DV,V#eZlR‘T${`J MQ8rJ~ Jg)6ۏgD}Mp,<"kՙjH JAGSTBP"u;f^1?^SH9}Q4.vXrQ:XGCK ^t⹺{hћ(\+OZNvֶ蛂W}rQ(8QΘ-[I!{0㛃j.U@ԮTA4Cˡ @0`oGAe<W( _{!Q3T9 }6tnmn5 &\[cJcIczL3'! %|LșXsOMiu#ݵ9}OA ؗJx?Kh"tbVǣ@@{|k^?szjK8/IUfgqCߡomo0gÊWo*!5b)̮z%2EXo衂IAd~B_Gj')*27*-YwVX/,QC.-G:ߣ^9 *v [TeLqHEҬMρ H( /޶x$f6lϦ=5cYѧ.)8iP@eՁ )q1;X(bw\=>c*ޗgl)M ^އ= л9n$c\4bt9]jN J KLSe<IMͣ6)X'fqI-gj&r0OQG:F`*i>t+7 ATk*\o)2hx8ׁv٥5um.t;6P.c@9߈k\յE_C-n%Ra;Wa+h Al.vY߁öIX԰ 'xR`lΉn|h ;߫B~;P0Jg~h\PI.-"Jbo( Ӻ31. 5R*=U#eJP*#"R QTndQfkeM0Sh&[z}LG$H-,ntגBZM(6k˦u!fT.ş*+rE ARi obN%#}!57Dr_- q]ؚG:cݐlM,/!rJy<$Udv'P@HèNn6^}2C3wfZWNDEL:32&MmGb{/Lt#NKĽ[v \,֋5El$*qR ,Ty<=w'0M2'1wU0pjh&Id8ŝeh [W~Fxw[$C8ƌhu@+ȉA i@78s^nw;SN]II] s[Ekކj-T`B4A;;>-d9v5\Ed)XOj6" r~dw.1lf~oa$x$Okof+ǡІS賷$bF߭cHNYP#PxBXp׶q"gu{Kmբ68ݹVǹ>PPQdEwUA;Nb ǂ=m' y?PJhX~6'W5vrUҺpi[q 0cZZ&iRۙ 2nn7+C9@!%!1fjh|(܁t?& , %E>l Wc?8PJ}>U㨵Y{u 4]l& V+!Sm1[PY o_h5|1SE2b GLEQ"\w`z lgװنwe_^ :“uD1T^C _\.@q.3Wy-~$m@RJ5s3‹M yܒĞU}#ɜe3J"<ჴ=Xpa;кY:GŦ oތv|ssM|!EfI"SX9fUv!@~"VL^CdkojFG,m1,Ċ [U񙐶a9~ìD>h)bW&Fȶatդ_%n?ƭ:pW' 1%f r /at e'27D:J잭Je_h|o),}RnuxBͱM.@pN?8M$'4bFggo7vW"DJi hLzp6,WOSYj4QʴCtə^u5,ErXoV{(3KA'L{J?.ro%[{fsD 4>"6 ߇ O"patWRʩ7&j/ljYD0$֔C8s|* VNJdޭ߿&ȴjX<$02##ǃ`XjF\9j= gIpj=/j}P/,*oPj*=f_eE &zvو4aXAU^i͹_׳e˞ rKe5VJBdX,;屺Ph ~!Œv5[$agS RI<4\g0CPVMyΈ8!dC dSO.';YHas:G,UJO i%^.ck2 :=ѐWNrK_& xล;,^b>Xwy%ب+[UۊVNs0 n׀Ia<"YYŠȡFx0TJ8+J} Rrtj| SțX2eP!Q2+MgJ_ҋ.#.oa\!=O4P1 ̠YX1ɥIgt%593u$R1/$Z&_Ĉ":Nha Aoc ̼} IQMKʧH'Z<)̌,YZWsj5c@S[Y) 7Xƣxy*6O .ޖn^oׯC}Y˝YtNiXlkت8kl{ bװ׏KQN !p46~k3#1a">n~'.ڧG_L7Tq_SVγ2X^نRbɂ8U !)C㜂2`VErD9&F+l!uS*`[AH/;Ù*5f! R )/x?> E~;#-lLJ"ræ|S6ONm_SVزOS { HJ{*qBzOXSXRw$nKxj%z:5aעK׫@Bpa1tpsZH Mt?k$ a5t㆙7Pp-N+M4Y6RA)9 z{/'dO|Jc<|Gv,-߂d{<[n碿Jq$4ND>zr<$aOD6Ò +YgBn?ޮ"d9@bB&%,4iieY>\F^gDWc qkϘ#e{p"{ol h}nQ}o\ ^q]!+7e=2!7x L6y7: E BĽs!V=d?́-f} wMS/< 74t#4ZҰb#8jۂQ(ދ֢$-bhdTJE<œPpѧ\30It HBb,9˯5Eާ;8#Rvm}TtSnzpGGԜyݨcDt@[ U}_ՎUYO~k,n8OQ_zj7𝮷T1#}3Ţ>Lf!_@pc 8 ~NvwBZ@?)HTpveTE|p$S:ҝ7( \Sfў [i 0ޘ $KAx[+Ț+u1F&8# ~%Q=J@_vEq<9׎$.[i/Z-6 OΟrfM4 X#Mg{9!8@CH$2i_պ{ Էbh>W&Ǽ<[q:/e睆F_zZbl_w/'Z} tMtƘ&Wu !sj:&Bɖsuch!lgo WlO}0ܕ #蜓&aΕVbXc-v!Tߒ-J͎Aș[_iyR>_JZTKxp@]X)Տ15F)׳&ߞq[MS<>Zᧈ?\Ușd & ~F"dj[)eB?KP"dT#qc!;z 8Sߗ'K2mj D~x\ǥbg/ )md*-0Ws-UF&n㨸ȶz-9_<*cM,w̽Lu!r%(/DK6<^FHx|uL)m<{]4W!Fybȇ#$,⛴|edW }ʲ%"RT~+G⳥:jöX@vיburJA ZIXP(A̠XS{Ĥ?1^SsWxwx| @,:jp4NbŷEM5U3ΖW G?EY,Y<ةaOl. .v+z7SѦ$:8r0ZKh(yo&z3ޏϖH-~}1}/ՖZ\lg~ʹjb s PBK^\QLN]`M mWwn f!>đsfk2K%MS1p ܑ" sN=VUB˄ǜ#f1иtEd TQ7MՉzF/ét,:6{.#4g^az_Z#)fė cYr|lؔIvTXȩC?)'"5K'KYWlpͦ1ͪèV];'!g:lꛑШV٪Kl@`S"A;:R֠~w(yRHlj; T-DmjUf ٭rasC`YFg$lhtUIec< 8B7L`knq=N#Cm IjJvfMU{jawGHۓεc C)QJ^>E7Qs$2D.&qBAxtu-W?@jv 8TWGݖ) NJ `}A>}{Ir"]D./Ad] D"]b%S?4p`ks:!OaRu=T0"lB*t=P"9*;0dT7Of*9r |o2}px*S<5>s'$2\cqt%M{ jkϿQ+̢ 3t|ؘN8Qcnd[oz5l>@d~<U :Gn{%$^g}v:D<(*ޔѓ̶!ɶ .-4lj?Iߊ?jq8l-Z\{—TDwŞn#֪fk<4$ڨwgd6H{H.]SC, ?( aN$1GR堿3z!׿7|kq.rf(XC8UJiX!bG!* EBP9/ IqQx *qwL&BuJeCl"U_N!ݷӡlRWRkPS#Ū~Yx\[ZJí1{&9d ߼5ؾk9PdGеGL˸ZI?{{+rYKw6D*(" 8ZPBC8dMvwt/ WY!sR@Q' x'Jvî[;;ѳ6̆R )_b&׼M%y-Z9BWǡ]+J/}$ఞݶV&ԽV6x7Ψs3V΅w.-U$zVIg_zޒl:A SDP;zDNfL kW3xSߗ zX;n.\4Y+S ݓ |K )KR~Rè|mAXzգV_h$']ModD*7CҎJڦ0T}_+%.%^jSa5ƄPYOϒ[:DibϜu錄ݠ"x?o7^!ΐ8ӡtRp\%SE2_mZ5,1vQxʲ< rG9d0 QԑEJ#Y>[bBlI"F_.puBah0[IT| ^-4(kcۥ-E򦶺{p^rIEPY|}=epN& {fdw2_1.&О ƫ` YZ