nss-util-3.67.0-6.el8_4 >  A `WU]`v)),Fd,IkRfm`] A2wmȋ\︪YJ'ۢTPc]*NPd r>V2[j7oBDd OTAC %5UE 5$RVO t LkGZ[%pwt^g\e3'ie>i ֪ȱ78d$I 2r>M-ז3~?2 og-S9ڮ녅]Y!tX3 ` r>=d |RZ?^*ő_ZY~My\JU+CcKC~\3c64fdca60241b7ca7c100d2aa10c2ca8b5206af1161faaf95b6a9efc0cada10a60d1c013a655046b4ca04372cc934a30c75ca13`WU]Yѐ%L$Jv~ FH*Cu>!K'i Bzmƚp| Lz|zZ{iMڋȘܭg;5m_s[U@n>;umj0}ivTgYY r)1Ș6=Ҹ _ GGMLa3aGö渔V1-gr1Z]Ia}r"؃Qbd53='jMݩ˧pESd/E'HԦ _qg~<_f{-}?34:dS.v w_a@4l|YX/o  `!+2SmH7&9נZg{;u)Qd9m !<|) Yxw}9iyF/>EY%GxYt$S; m~~Fu/YW)h<=ASu 9)Քv]r@>p<?d   F $,D P \ t  $<Zx(p(J8T9 :[GH I$X,Yx\]^bdefltuv,wxyx|Cnss-util3.67.06.el8_4Network Security Services Utilities LibraryUtilities for Network Security Services and the Softoken module`x86-01.mbox.centos.orgnUnspecifiedhttp://www.mozilla.org/projects/security/pki/nss/linuxx86_64$'FAAA큤````@``3e03b5cc6d5d80a12cfc2b144127bb0db12f98e98e38def55f4f9917c847c510a20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4../../../../usr/lib64/libnssutil3.sorootrootrootrootrootrootrootrootrootrootrootrootnss-3.67.0-6.el8_4.src.rpmlibnssutil3.so()(64bit)libnssutil3.so(NSSUTIL_3.12)(64bit)libnssutil3.so(NSSUTIL_3.12.3)(64bit)libnssutil3.so(NSSUTIL_3.12.5)(64bit)libnssutil3.so(NSSUTIL_3.12.7)(64bit)libnssutil3.so(NSSUTIL_3.13)(64bit)libnssutil3.so(NSSUTIL_3.14)(64bit)libnssutil3.so(NSSUTIL_3.15)(64bit)libnssutil3.so(NSSUTIL_3.17.1)(64bit)libnssutil3.so(NSSUTIL_3.21)(64bit)libnssutil3.so(NSSUTIL_3.24)(64bit)libnssutil3.so(NSSUTIL_3.25)(64bit)libnssutil3.so(NSSUTIL_3.31)(64bit)libnssutil3.so(NSSUTIL_3.33)(64bit)libnssutil3.so(NSSUTIL_3.38)(64bit)libnssutil3.so(NSSUTIL_3.39)(64bit)libnssutil3.so(NSSUTIL_3.59)(64bit)nss-utilnss-util(x86-64)@@@@@@@@@@@@     @libc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libdl.so.2()(64bit)libnspr4.so()(64bit)libplc4.so()(64bit)libplds4.so()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2.5)(64bit)nsprrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)4.25.03.0.4-14.6.0-14.0-15.2-14.14.3`E`ݮ@` @`ٹ`̊`9@`Ȗ@`D`r_@_^@___@__"@_"@_"@_!d_@_ L_ _@^^@@^@^ۅ@^4]N@]]߶]e@]M@]µ]L]]^@\F@\Q\\\\\\@\I\I\U@\ `\l@[[[u[#@[[W[O+[M@[ZZw@Z|;Zo Zo Zg#Z ZZZ@Y+@Y{YY@Yn@YV@Y@YyYm@Yg`YJ_Y1S@XX@XX @XXYX@X@XX~@Xx@XoX>@X*X@WW@Wt@W~Wv[@WrfWoWm WbWQq@WPWJWDB@W4p@W@Wo@W@VV޾V޾V@VяVIVɦV@V@V=@V@V@VO @VHsVEV3[V UYU@UU@U@U>Ua@Ug@U[%UUU @T@Ts@TTء@T@TÉ@TT@T@T?@T:m@T"@S@S<@S@S@S @SSSSpShS(5@S@SRy@RJ@R@RR@RSRR@Rm@Rg@RD!R@RRR|Q@Q*@QQ@QKQ@QQW@Qw@Q]k@QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.67.0-6Bob Relyea - 3.67.0-5Bob Relyea - 3.67.0-4Bob Relyea - 3.67.0-3Bob Relyea - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1.1Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-17Bob Relyea - 3.53.1-16Bob Relyea - 3.53.1-15Bob Relyea - 3.53.1-14Bob Relyea - 3.53.1-13Bob Relyea - 3.53.1-12Bob Relyea - 3.53.1-11Bob Relyea - 3.53.1-10Daiki Ueno - 3.53.1-9Daiki Ueno - 3.53.1-8Bob Relyea - 3.53.1-7Daiki Ueno - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Daiki Ueno - 3.53.0-1Bob Relyea - 3.44.0-15Bob Relyea - 3.44.0-14Bob Relyea - 3.44.0-13Daiki Ueno - 3.44.0-12Bob Relyea - 3.44.0-11Daiki Ueno - 3.44.0-10Bob Relyea - 3.44.0-9Bob Relyea - 3.44.0-8Daiki Ueno - 3.44.0-7Daiki Ueno - 3.44.0-6Daiki Ueno - 3.44.0-5Bob Relyea - 3.44.0-4.1Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Bob Relyea - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.41.0-5Bob Relyea - 3.41.0-4Daiki Ueno - 3.41.0-3Daiki Ueno - 3.41.0-2Daiki Ueno - 3.41.0-1Daiki Ueno - 3.39.0-1.5Bob Relyea - 3.39.0-1.4Daiki Ueno - 3.39.0-1.3Daiki Ueno - 3.39.0-1.2Daiki Ueno - 3.39.0-1.1Daiki Ueno - 3.39.0-1.0Daiki Ueno - 3.38.0-1.2Daiki Ueno - 3.38.0-1.1Daiki Ueno - 3.38.0-1.0Kai Engert - 3.36.1-1.2Daiki Ueno - 3.36.1-1.1Daiki Ueno - 3.36.1-1.0Daiki Ueno - 3.36.0-1.0Fedora Release Engineering - 3.35.0-5Kai Engert - 3.35.0-4Kai Engert - 3.35.0-3Daiki Ueno - 3.35.0-2Daiki Ueno - 3.34.0-2Daiki Ueno - 3.33.0-6Kai Engert - 3.33.0-5Kai Engert - 3.33.0-4Kai Engert - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.32.1-2Daiki Ueno - 3.32.0-4Kai Engert - 3.32.0-3Daiki Ueno - 3.32.0-2Fedora Release Engineering - 3.31.0-6Fedora Release Engineering - 3.31.0-5Daiki Ueno - 3.31.0-4Daiki Ueno - 3.31.0-3Daiki Ueno - 3.31.0-2Daiki Ueno - 3.30.2-3Daiki Ueno - 3.30.2-2Kai Engert - 3.30.0-3Daiki Ueno - 3.30.0-2Kai Engert - 3.29.1-3Daiki Ueno - 3.29.1-2Daiki Ueno - 3.29.0-3Daiki Ueno - 3.29.0-2Daiki Ueno - 3.28.1-6Daiki Ueno - 3.28.1-5Daiki Ueno - 3.28.1-4Daiki Ueno - 3.28.1-3Daiki Ueno - 3.28.1-2Daiki Ueno - 3.27.2-2Daiki Ueno - 3.27.0-5Kai Engert - 3.27.0-4Daiki Ueno - 3.27.0-3Daiki Ueno - 3.27.0-2Daiki Ueno - 3.26.0-2Elio Maldonado - 3.25.0-6Elio Maldonado - 3.25.0-5Elio Maldonado - 3.25.0-4Elio Maldonado - 3.25.0-3Elio Maldonado - 3.25.0-2Kamil Dudka - 3.24.0-3Elio Maldonado - 3.24.0-2.3Elio Maldonado - 3.24.0-2.2Elio Maldonado - 3.24.0-2.1Elio Maldonado - 3.24.0-2.0Elio Maldonado - 3.23.0-9Elio Maldonado - 3.23.0-8Elio Maldonado - 3.23.0-7Elio Maldonado - 3.23.0-6Elio Maldonado - 3.23.0-5Elio Maldonado - 3.23.0-4Elio Maldonado - 3.23.0-3Elio Maldonado - 3.23.0-2Elio Maldonado - 3.22.2-2Elio Maldonado - 3.22.1-3Elio Maldonado - 3.22.1-1Elio Maldonado - 3.22.0-3Elio Maldonado - 3.22.0-2Fedora Release Engineering - 3.21.0-7Elio Maldonado - 3.21.0-6Michal Toman - 3.21.0-5Elio Maldonado - 3.21.0-4Elio Maldonado - 3.21.0-3Elio Maldonado Batiz - 3.21.1-2Elio Maldonado - 3.20.1-2Elio Maldonado - 3.20.0-6Elio Maldonado - 3.20.0-5Elio Maldonado - 3.20.0-4Elio Maldonado - 3.20.0-3Elio Maldonado - 3.20.0-2Elio Maldonado - 3.19.3-2Elio Maldonado - 3.19.2-3Kai Engert - 3.19.2-2Kai Engert - 3.19.1-2Kai Engert - 3.19.0-2Kai Engert - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.17.4-5Till Maas - 3.17.4-4Elio Maldonado - 3.17.4-3Elio Maldonado - 3.17.4-2Elio Maldonado - 3.17.4-1Ville Skyttä - 3.17.3-4Elio Maldonado - 3.17.3-3Elio Maldonado - 3.17.3-2Elio Maldonado - 3.17.3-1Elio Maldonado - 3.17.2-2Elio Maldonado - 3.17.2-1Kai Engert - 3.17.1-1Kevin Fenzi - 3.17.0-2Elio Maldonado - 3.17.0-1Fedora Release Engineering - 3.16.2-4Elio Maldonado - 3.16.2-3Tom Callaway - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.16.1-4Fedora Release Engineering - 3.16.1-3Jaromir Capik - 3.16.1-2Elio Maldonado - 3.16.1-1Elio Maldonado - 3.16.0-1Elio Maldonado - 3.15.5-2Elio Maldonado - 3.15.5-1Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Peter Robinson 3.15.4-2Elio Maldonado - 3.15.4-1Elio Maldonado - 3.15.3.1-1Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-7Elio Maldonado - 3.15.1-6Elio Maldonado - 3.15.1-5Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-1Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.15-0.1.beta1.2Elio Maldonado - 3.15-0.1.beta1.1Kai Engert - 3.14.3-12Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- Fix ssl alert issue- Fix issue with reading databases that were updated using unpatched versions of nss- Better fix for the sdb timeout. The issue wasn't a race, it was the sqlite timeout waiting to begin a transaction under heavy thread usage.- Fix sdb race condition- Fix coverity issues- Rebase to NSS 3.67- Restore old pkcs12 defaults.- build nss for older nspr so we can pass gating with the new nspr in the build root- Rebase to NSS 3.66- Fix various corner cases with ike v1 app b support.- Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC.- Revert some policy changes the generate ABI runtime issues.- Add support for enable/disable in policy. Now if your policy file has disallow=x enable=y it will act just like our other libraries.- Add OAEP interface so applications can wrap keys with RSA-OAEP rather than RSA-PKCS-1.- fips need to reject small primes even if they are approved - code to autodetect whether or not to use the cache needs to do so in a way that doesn't mess with filesystem negative file caching. - add kdf selftests- Fix issue with upgradedb where upgradedb expects standard to generate dbm databases, not sql databases (default in RHEL8)- Disable dh timing test because it's unreliable on s390- Explicitly enable upgradedb/sharedb test cycles- Disable Delegated Credentials for TLS- Fix attribute decryption issue where the private key components integrity check on private attributes where not being checked.- Update nss-rsa-pkcs1-sigalgs.patch to the upstream version- Include required checks for dh and ecdh key generation in FIPS mode.- Add better checks for dh derive operations in FIPS mode.- Disable NSS_HASH_ALG_SUPPORT as well for MD5 (#1849938) - Adjust for update-crypto-policies packaging change (#1848649) - Fix compilation with -Werror=strict-prototypes (#1843417)- Fix regression in MD5 disablement (#1849938) - Include rsa_pkcs1_* in signature_algorithms extension (#1847945)- Update to NSS 3.53.1- Update to NSS 3.53- Fix swapped CMAC PKCS #11 values. - Fix data alignment crash in CMAC.- Fix coverify scan issue- Fix endian problem in SP-800 108 code.- Install cmac.h required by blapi.h (#1764513) - Fix out-of-bounds write in NSC_EncryptUpdate (#1775913)- Add SP-800 108 Generalized kdf- Check policy against hash algorithms used for ServerKeyExchange (#1730039)- Add CMAC- CKM_NSS_IKE1_APP_B_PRF_DERIVE was missing from the mechanism list, preventing PK11_Derive*() from using it. Add gtests for the PK11_Derive interface for all the CKM_NSS_IKE*_DERIVE mechanism.- Backport fixes from 3.44.1- Add continuous RNG test required by FIPS - fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor specific mechanism- Rebuild with the correct build target- rebuild to try to retrigger CI tests- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set - Revert the change to use XDG basedirs (mozilla#818686)- Add ike mechanisms in softokn - Add FIPS checks in softoken- Update to NSS 3.44 - Define NSS_SEED_ONLY_DEV_URANDOM=1 to exclusively use getentropy - Use %autosetup - Clean up manual pages generation - Clean up %check - Remove prelink dependency, which is not available in RHEL-8 - Remove upstreamed patches- Update manual pages to reflect recent changes in commands- Make sure corresponding public keys are created when importing private keys.- Fix the last change - Add --no-reload option to update-crypto-policies to avoid unnecessary restart of daemons- Restore LDFLAGS injection when linking DSO- Update to NSS 3.41 - Consolidate nss-util, nss-softokn, and nss into a single source package- Fix the last commit- Support for IKE/IPsec typical PKIX usage so libreswan can use nss without rejecting certs based on EKU- Backport upstream fixes for rhbz#1649026, rhbz#1608895, rhbz#1644854 - Document PKCS #11 URI - Add warning when adding module with modutil while p11-kit is enabled- Update nss-dsa.patch to not advertise DSA signature algorithm - Update PayPal test certs for testing- Backport "DSA" keyword in crypto-policies- Update to NSS 3.39- Fix LDFLAGS injection when linking DSO- Install crypto-policies configuration file for https://fedoraproject.org/wiki/Changes/NSSLoadP11KitModules - Port enable-fips-when-system-is-in-fips-mode.patch from RHEL-7 - Use %ldconfig_scriptlets - Remove needless use of %defattr, by Jason Tibbitts- Update to NSS 3.38- Backport upstream addition of nss-policy-check utility, rhbz#1428746, includes required fixes for mozbz#1296263 and mozbz#1474875- Switch the default DB type to SQL - Enable SSLKEYLOGFILE- Update to NSS 3.36.1 - Remove nss-3.14.0.0-disble-ocsp-test.patch - Fix partial injection of LDFLAGS - Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream- Update to NSS 3.36.0 - Add gcc-c++ to BuildRequires (C++ is needed for gtests) - Make test failure detection robuster- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Fix a compiler error with gcc 8, mozbz#1434070 - Set NSS_FORCE_FIPS=1 at %build time, and remove from %check.- Stop pulling in nss-pem automatically, packages that need it should depend on it, rhbz#1539401- Update to NSS 3.35.0- Update to NSS 3.34.0- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka- Fix test script- Update tests to be compatible with default NSS DB changed to sql (the default was changed in the nss-util package).- rhbz#1505487, backport upstream fixes required for rhbz#1496560- Update to NSS 3.33.0- Update to NSS 3.32.1- Update iquote.patch to really prefer in-tree headers over system headers- NSS libnssckbi.so has already been obsoleted by p11-kit-trust, rhbz#1484449- Update to NSS 3.32.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- Backport mozbz#1381784 to avoid deadlock in dnf- Move signtool to %_libdir/nss/unsupported-tools, for: https://fedoraproject.org/wiki/Changes/NSSSigntoolDeprecation- Rebase to NSS 3.31.0- Enable gtests- Rebase to NSS 3.30.2 - Enable TLS 1.3- Backport upstream mozbz#1328318 to support crypto policy FUTURE.- Rebase to NSS 3.30.0 - Remove upstreamed patches- Backport mozbz#1334976 and mozbz#1336487.- Rebase to NSS 3.29.1- Disable TLS 1.3, following the upstream change- Rebase to NSS 3.29.0 - Suppress -Werror=int-in-bool-context warnings with GCC7- Work around pkgconfig -> pkgconf transition issue (releng#6597)- Disable TLS 1.3 - Add "Conflicts" with packages using older Mozilla codebase, which is not compatible with NSS 3.28.1 - Remove NSS_ECC_MORE_THAN_SUITE_B setting, as it was removed in upstream- Add "Conflicts" with older firefox packages which don't have support for smaller curves added in NSS 3.28.1- Fix incorrect version specification in %nss_{util,softokn}_version, pointed by Elio Maldonado- Rebase to NSS 3.28.1 - Remove upstreamed patch for disabling RSA-PSS - Re-enable TLS 1.3- Rebase to NSS 3.27.2- Revert the previous fix for RSA-PSS and use the upstream fix instead- Disable the use of RSA-PSS with SSL/TLS. #1383809- Disable TLS 1.3 for now, to avoid reported regression with TLS to version intolerant servers- Rebase to NSS 3.27.0 - Remove upstreamed ectest patch- Rebase to NSS 3.26.0 - Update check policy file patch to better match what was upstreamed - Remove conditionally ignore system policy patch as it has been upstreamed - Skip ectest as well as ecperf, which are built as part of nss-softokn - Fix rpmlint error regarding %define usage- Incorporate some changes requested in upstream review and commited upstream (#1157720)- Add support for conditionally ignoring the system policy (#1157720) - Remove unneeded test scripts patches in order to run more tests - Remove unneeded test data modifications from the spec file- Remove obsolete patch and spurious lines from the spec file (#1347336)- Cleanup spec file and patches and add references to bugs filed upstream- Rebase to nss 3.25- decouple nss-pem from the nss package (#1347336)- Apply the patch that was last introduced - Renumber and reorder some of the patches - Resolves: Bug 1342158- Allow application requests to disable SSL v2 to succeed - Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails- Rebase to NSS 3.24.0 - Restore setting the policy file location - Make ssl tests scripts aware of policy - Ajust tests data expected result for policy- Bootstrap build to rebase to NSS 3.24.0 - Temporarily not setting the policy file location- Change POLICY_FILE to "nss.config"- Change POLICY_FILE to "nss.cfg"- Change the POLICY_PATH to "/etc/crypto-policies/back-ends" - Regenerate the check policy patch with hg to provide more context- Fix typo in the last %changelog entry- Load policy file if /etc/pki/nssdb/policy.cfg exists - Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy- Remove unused patch rendered obsolete by pem update- Update pem sources to latest from nss-pem upstream - Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key- Rebase to NSS 3.23- Rebase to NSS 3.22.2- Fix ssl2/exp test disabling to run all the required tests- Rebase to NSS 3.22.1- Update .gitignore as part of updating to nss 3.22- Update to NSS 3.22- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Resolves: Bug 1299040 - Enable ssl_gtests upstream test suite - Remove 'export NSS_DISABLE_GTESTS=1' go ssl_gtests are built - Use %define when specifying the nss_tests to run- Add 64-bit MIPS to multilib arches- Update %{nss_util_version} and %{nss_softokn_version} to 3.21.0 - Resolves: Bug 1284095 - all https fails with sec_error_no_token- Add references to bugs filed upstream- Update to NSS 3.21 - Package listsuites as part of the unsupported tools set - Resolves: Bug 1279912 - nss-3.21 is available - Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit - Resolves: Bug 1280032 - Package listsuites as part of the nss unsupported tools set- Update to NSS 3.20.1- Enable ECC cipher-suites by default [hrbz#1185708] - Split the enabling patch in two for easier maintenance - Remove unused patches rendered obsolete by prior rebase- Enable ECC cipher-suites by default [hrbz#1185708] - Implement corrections requested in code review- Enable ECC cipher-suites by default [hrbz#1185708]- Fix patches that disable ssl2 and export cipher suites support - Fix libssl patch that disable ssl2 & export cipher suites to not disable RSA_WITH_NULL ciphers - Fix syntax errors in patch to skip ssl2 and export cipher suite tests - Turn ssl2 off by default in the tstclnt tool - Disable ssl stress tests containing TLS RC4 128 with MD5- Update to NSS 3.20- Update to NSS 3.19.3- Create on the fly versions of sslcov.txt and sslstress.txt that disable tests for SSL2 and EXPORT ciphers- Update to NSS 3.19.2- Update to NSS 3.19.1- Update to NSS 3.19- Replace expired test certificates, upstream bug 1151037- Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available- Disable export suites and SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code- Commented out the export NSS_NO_SSL2=1 line to not disable ssl2 - Backing out from disabling ssl2 until the patches are fixed- Disable SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Update to nss-3.17.4- Own the %{_datadir}/doc/nss-tools dir- Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic- Install pp man page in alternative location - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer- Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available- Resolves: Bug 994599 - Enable TLS 1.2 by default- Update to nss-3.17.2- Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work- Rebuild for rpm bug 1131960- Update to nss-3.17.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Replace expired PayPal test cert with current one to prevent build failure- fix license handling- Update to nss-3.16.2- Remove unwanted source directories at end of %prep so it truly does it - Skip the cipher suite already run as part of the nss-softokn build- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Replacing ppc64 and ppc64le with the power64 macro - Related: Bug 1052545 - Trivial change for ppc64le in nss spec- Update to nss-3.16.1 - Update the iquote patch on account of the rebase - Improve error detection in the %section - Resolves: Bug 1094702 - nss-3.16.1 is available- Update to nss-3.16.0 - Cleanup the copying of the tools man pages - Update the iquote.patch on account of the rebase- Restore requiring nss_softokn_version >= 3.15.5- Update to nss-3.15.5 - Temporarily requiring only nss_softokn_version >= 3.15.4 - Fix location of sharedb files and their manpages - Move cert9.db, key4.db, and pkcs11.txt to the main package - Move nss-sysinit manpages tar archives to the main package - Resolves: Bug 1066877 - nss-3.15.5 is available - Resolves: Bug 1067091 - Move sharedb files to the %files section- Revert previous change that moved some sysinit manpages - Restore nss-sysinit manpages tar archives to %files sysinit - Removing spurious wildcard entry was the only change needed- Add explanatory comments for iquote.patch as was done on f20- Update pem sources to latest from nss-pem upstream - Pick up pem fixes verified on RHEL and applied upstream - Fix a problem where same files in two rpms created rpm conflict - Move some nss-sysinit manpages tar archives to the %files the - All man pages are listed by name so there shouldn't be wildcard inclusion - Add support for ppc64le, Resolves: Bug 1052545- ARM tests pass so remove ARM conditional- Update to nss-3.15.4 (hg tag NSS_3_15_4_RTM) - Resolves: Bug 1049229 - nss-3.15.4 is available - Update pem sources to latest from the interim upstream for pem - Remove no longer needed patches - Update pem/rsawrapr.c patch on account of upstream changes to freebl/softoken - Update iquote.patch on account of upstream changes- Update to nss-3.15.3.1 (hg tag NSS_3_15_3_1_RTM) - Resolves: Bug 1040282 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) - Resolves: Bug 1040192 - nss-3.15.3.1 is available- Bump the release tag- Update to NSS_3_15_3_RTM - Resolves: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws - Fix option descriptions for setup-nsssysinit manpage - Fix man page of nss-sysinit wrong path and other flaws - Document email option for certutil manpage - Remove unused patches- Revert one change from last commit to preserve full nss pluggable ecc supprt [1019245]- Use the full sources from upstream - Bug 1019245 - ECDHE in openssl available -> NSS needs too for Firefox/Thunderbird- Update to NSS_3_15_2_RTM - Update iquote.patch on account of modified prototype on cert.h installed by nss-devel- Update pem sources to pick up a patch applied upstream which a faulty merge had missed - The pem module should not require unique file basenames- Update pem sources to the latest from interim upstream- Resolves: rhbz#996639 - Minor bugs in nss man pages - Fix some typos and improve description and see also sections- Cleanup spec file to address most rpmlint errors and warnings - Using double percent symbols to fix macro-in-comment warnings - Ignore unversioned-explicit-provides nss-system-init per spec comments - Ignore invalid-url Source0 as it comes from the git lookaside cache - Ignore invalid-url Source12 as it comes from the git lookaside cache- Add man page for pkcs11.txt configuration file and cert and key databases - Resolves: rhbz#985114 - Provide man pages for the nss configuration files- Fix errors in the man pages - Resolves: rhbz#984106 - Add missing option descriptions to man pages for {cert|cms|crl}util - Resolves: rhbz#982856 - Fix path to script in man page for nss-sysinit- Update to NSS_3_15_1_RTM - Enable the iquote.patch to access newly introduced types- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Fix incorrect path that hid failed test from view - Add ocsp to the test suites to run but ... - Temporarily disable the ocsp stapling tests - Do not treat failed attempts at ssl pkcs11 bypass as fatal errors- Update to NSS_3_15_BETA1 - Update spec file, patches, and helper scripts on account of a shallower source tree- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build3.67.0-6.el8_43.67.0-6.el8_4.build-ida7e7e41a185c54f453f2cf7824561f5ec12056c1libnssutil3.sonss-utilCOPYING/usr/lib//usr/lib/.build-id//usr/lib/.build-id/a7//usr/lib64//usr/share/licenses//usr/share/licenses/nss-util/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpioxz2x86_64-redhat-linux-gnudirectoryELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=a7e7e41a185c54f453f2cf7824561f5ec12056c1, strippedASCII textPPPPPPPPP P P P P PPPPR RRRRRRR RR RRRutf-8ea1f087dbe4fe3a46fd064a4705fa4acbed9046bd8102efa9d8e3bd27b4429b9?@7zXZ !#,] b2u jӫ`(y,yO82#wyb<5bՂ#TUo &]sЄ;g>#|,T9uǽV"kaQjxtoB|we.H[h&zb_+$b[·I`Y ;JKܪTY>b{5m ɝ 0lȄ٫_ {+$u F,of؈NSSZqT~gd[ imUYȁr8D2%1g~ŝ$+|vWGD tmb}Ôuj/)?l۱Ć̒`#=EN 4Kz|hPl*~Eۊҍ]JCYfEh-oً{ < !/悇p;b$W S<8uaMΥf Eb0ѩ+AZ=uHJ:UOP[꒨FtS゚e0\åtg3ª.5:B'\]OHKOftGu!.¸ mgpTUv,jƦuTs8bP0rWg\&h$A@A/Eb/3kx[~tPw!qa>q~4hYw!FMM)J-.۴bGpRXypSYjyŘ}y}$׮r;aSԗLt d~פDо( B]?Pj Y&c5;JB vj"^sui͡]Bqjex).@Sn`r *)*݈mw3"uQK>e~s$~=(7a~A.oKDZ[4zx ˿9Om_hԦC589̉vDi]i|$ RcG%r؟r28s9 (v* 0yc*oKl7\zbATk}H 2?q>RA^;'h ϕ_|6=\uj1*qw >3d@&H<|ʊ1f" Jc) ->:֑9@~_䯊U'RoXa`}dtyb-I&ۦ=$6:7YJN/Bѭ. _pi3L+ge1vѡƎ"5Xs-J"3vRI5|4+󧉜OB`/^_ňJO`ψAvAZBW.*;%MB'</@EZN[+nIt$1guWq ЬӾسPNZF=0dhKcd){WkcZצcX-{Cy(ůԱ6H9pkr-G|e=GN-/ ♄:sRZq@ƽF6 _eVA#.l,ݘ3c]̌ q]P^_],z"%ic#Dr^@@.JbBiu"7d$E<U=͟ʹضܾ(JCHeʷo40vE9Xmv0 ?F *pTWځPRQqHp9JD+,zK9hyy*fELSfu+L-4POh/NA+H9TW١&˔h.4)Ssa4IuMH\4WCkw !S8~U•i7H@]{Trb`0-4ˌ}v~=Ђ8 :(ۜ?M@EF3sV ֔Q(:;,uͮ Sso+1 ᑂ˴ {6,0Jh($O⺇QvʎB>6>FbBDNף0pU[h5~7=Hx r87=̂V eH" 5ź`QV$c3񦸞 ,O0ϯc ;%-"WC6ӵH;u`L̈́Y|P~Ԫt7.%VTBګ!=]yB]8@Cr}K3'3ҖϪFqفPa%πצ&ٓ:̝f7 f_yqs3aJ͠ ~MȪ.GWMm!렶i!z " JY 9]u< *p۾]FF IƨOI72f քh8baLpݱYBn\h%li@&6ݹ/Rxk0,t9*څx`L(+]` ۇ)*M $, KpdeEP5z} +S2h#CpM@ am(%W9-.qkcq.#]$:\N(,5QA?՟Ǵ=lk47&cwϚOb`y$E>9y3\Ѐw;yzZڸF2mb~ ~p^4b%?x1ݷ;v,*Rv˺.cgT&x䛘xU/8{KZ2Άj y,y2M\Ng?"fx,}?\Ep ,=( M{{6 w_>H/H%Y|1ڽtGR^:tc8J|~xH-43DģJ95^+dɭhMƽ$:bl4>3[ה$M6R@YcD. 2FT:.9(,!d: :i#+0/Jh>u\09fcI 䑗*+Z=ĥHNoxQ;vպ$8XE$ N5~$LuGi9f1W3j(˒ u5V(eP8PVu 4 0;ˠ@bw7Cy/֫EY>:;jټAnt  VDc7D4W~kU6I@30JNB7/lAr'rga3ecoJ"-5P`5WɺD{z7>)tÈ')zLƝIJ!j$:qIw؜o?P8؞P+@@f#S>jM%ytijx۶Xow:M:Sz+f[N aS]W@4F>XMS%7۰Ұ~v7|Pb.u#dÙ4]b!ج/nKWK8dMqaHWB̾d<[~!4{y҇6Ea$VسTV5=m7Z9cbm3l]{M{X635Sҏ㯺uFi ha&rx/O_Gu:s2 Ngq K}d`v<ȴ2cΝB"$mob6t@e/tr˶eRePe8dԏi ssyiZeC˶d*7.ifMC^CeY bO}Kd :-pA F2'UD "6'Nmr,= w-U^{WzポSTfT7h˕P]YJYbјD$K7׻@#eC"i#2l8Z/5&#hi ¡ ?<Mq@ #Er}Z:%5`sn؞K3,rAܴhN}eE'Sy8W@y5>}/=PX]FA3vַX5N7_KoGgzwT- /.ߙj/AZ艌iFځTm[Fig>:/<#,)ε0L;+{Lf$i~cIDqy|ɑHꚪGXaCgާkd4|rZxM$#Mxq{vL4w-@a47V>DI<#잇/&瑍4c@3ΩJpmYTùT3Xv"(ˬPAF@/^5`} 6i6 )/gveb .M[O0A1|jшЈO%=@X&"&/T:!|ḋ}m`]qJR %[^"uܽW&e)GY_yj.94WN;`Lеqȷ(։}4Z&akAI዗ [haB(Nߊ4;wjy 'cte)e!=.ѧ1Я]Ce/Ϋ Q,[kV|j'lQ*ѓ"Nz릞/TB$-$/zfv][-NK65 Y- y;pNi$Fdwp<J<3TSdehu Wv[uD"[L: c~3% aro—tdHK|쐄*G'3:(X9Ie!g}"wS/brA]". ҉ng6=+Ӆo6m,YG $me|Sv~mQ`g\CFNa 1jr"+#ąQQkP[~Aũ5Eq?>0~D^R q,,1Ս(4#2^Fa@DP?c6q2Q'k^{#S<1dY/?Y/D!*i^Ô/'S V@λ[Fwbiw_a]CX%M><}a,+^Q,,C%+{:=An)ݴPXmvMYNj|jS2rZ]y#2ϣv{OqKlO~\s#!| **NRB̎=RC#-g 2?K9B>k8|aMDp$9p:eCm/\÷~L0 16^Mł 30c!֯KG/- pJH|it?ʨ3fzghР!QsKI!@jr{TtFat{uwCB -]4c}b8eC0fS*S%Ɂ54NiȑRL0Qmx3*ѩHBVNDxEF]2:tpy|&;sN VC#sF#n(|NW0;p"FӸ+d&Cհ~A'{Day vHBm'і'$fY%"yMud]%Z[ElhkՌrP(1qw#/&GHO/vKY~ mUR6 Dbz¦e%DB n"lA h~<^ $!([% ' W )~ә]{Gb^~Ggl^  (`(lֽ>L{A1>u"c&yVv?I6P7_ r6Y,LQ/i]n948jzӦ֐}18$k> RFJWg]j!Al&AIؼ0/6 1Rlت 0RWxIqV#R2wBt!6Uwot`Q rv0' >;v^Lp$My>-'w6<\,wO3a.728 9/];Ha.,]nAFNj8mضHZfl xR*[ꍇ+=eroR" Z=0!Wat,<ˀyr*/ O|WlU\#,\~00+-6Qr<8٣"Idֺm.a]Ybjmpa3nzU܋ kk&mcJ-6r& HJuͬ{:ww~~տ7;="SC3m4S6ټ|<[׬Cױn3,[#󹌘xyL" Ξ_U(3~ó]!Ks)t)X?Zsk`qh;:~)θ5iʧhjrz^6J'r=3l{wWֱsG}`juQ2z = [i6Mm&Ao+05QO^ȧe[p^ h_t+^h6e::, |7#a%0/V#{|G{1妚Zua"8b=BqDn"Hsts{Q4Yx3s+xtcv3ѥ6*(y S%(^ROz\CMQ&C":D5[*[Q6Py<Rv>GR*pM#~'6mIy'fCrteМP/Ӫ~FNJuTQ2;(7ɋ.fԎFd)0 !vWqb»C~ ߄r-.mTJlm9jh8^L)3`"W<-o^eU "e$Umcb+rvPE2*Y\'6N{XyJw 2AIC.H"L'܌se`; ?`Lb> Հ[ҏ(cX/֛3+ʈ 8Y]ٱ5`\OL'/g!MT7C -S0Tϥ&>Ȳ0Iu`h2lX\ S`?T)\2Li \ St^y$DS2H3ъ}0/KVxs`֫кIi^!Y&vͫ8۱¶X䄼5Rx8C Dx@s.}XZtfM%,Ex!qg s_JCc G2Ԯ`2 M)|}7:>aϽ-lQP'%ܥ @uipEYOݼiqw F,ucd]+SI"%L㵬"mm`rW}d0PГ ߯ d+s}~jyA5)|=1zG{P=Y3fJaӻ B1w5JC6&TmB{Qic lJ j-pPN.?喖_)_u+eϵ$ ow& dԌ͎l2'͋G|9G`\>JFi9G<6&~W;%v!ޠNG26[~>Wll9Jdѕ%rv#a2}"3D ^\z'Qcd5e@l|c,͔\0 :e "%(Q͈o5ou>`TX1ϨItAriP>mN>, -Jc>11t |B?%\5Pw@' C#4:IW_~H_>ls(#ϑ L9g1Ds6Tl#s0C43`U*k.,)ƴ&}.wP=@2FK۠As4UkMALk}tb." Zzy1uK|0BK*dS0\ +B]{t1C3^;&nDH*~̙B#}WN?I-=h0(]i[JɖGvNY[c\qDծNcP bG~SY$w!Bf@WD`ì_B8@KwEO.{HrqM<88mx& αn$Uj{ o(d j w pZE]g7f]xQ/̑O$)5Z<4Nx"|OZr.~ pP bO" kKz#xޕ"(F!#/I6pf`.$#[?#\+{UjFA|kxi1Wq=u{\3\LdA(` 60"Mc.bIK-/o=46 Df`wNj?(q̭e-:y"ƌ,G|nCwy۲ p@=ZRkhѷNK!)i*p @ȅZ7|"'HAdNxkpt0ܼmĿ$_F1X"~uW ,̞PEVk5n1$ ۙ"<蝎7Eh2+ЮMٌ<Ҙp!2f`}P7w7`^-3@[zw^Ԍ el^r$N*Ӣ Y pX0_OV?nTe*K6P |O7 *o^nry}_$,5E<;wղJkwR2P0V|Xj [p+ai Fc>8PtoV[[N]Em|y')ܱ&"V"~!_TtWG9~BW' 5i;I^`ϔj',T\GVp`nY <#M(lI̽RYlPdF2V񔹨Rbp)`u\-~=C9P.LCWBZ!"=tڱHi}|󜢐NQY E/-wo@_fO.vU_GY߭q@۠qN}Gn4}ǡ5H@t?TLva<Kf7X i(;}~<5%m5/R 3'UH,}wX![gvzގ3eM}A#ru=4x$JVu[Yz*5iX0k,yWS GD_8PgAdX)>`HDQ ;7JSrHQ%]?H6۱[T1"a& !AG0&cn iKW0GL!S5!1#P+&8v)oiXءrnS:˨jizi@rRٓ2lQAb7wKwmeo9׽fx!~C/-q`. ;`Np8oY0㉦d<2융s{15.2x$&F^@b $L"$-;YŊۅa|ʅB^V6vC=*g{oN䇚~ 9@hDt5&ENC ;Q1(<堟en=H `3Lu񸘠7Z xban^vCṃ>\9{N I)`I1?`6ٰT~<V+GeQi6w=h$`zI-AuVEf^f鵾-=)^ Q!^$ne۴vOio7HSLʔ)yboG`Xku" e{ys| BKn5+b-xϬ` x8$'Htޛa'o&FbogӽWU0zMgJ aSvj;=#42`˕xYo:#*&(ݟl4A Ӛԙ\ڞ.aA}\0P\bV{^.)+!9A/Bڅ(t((▧YNuRy군wlv*&" 'f.̭}FO& _{ ?qñ*!,1C(;oWl)h{PQ.&^͙z&k&X76P' N=o%(H3DXxT["6CȨ? njJ#)%/- =KXtl'ƼX^\h$j"pvy<Dqm.66852A vQiD,'\uZKp m|;c+B+g(͘' O?>1bY$I0?Srp~=*DRJL$S5jmg#8+;"L jXv&眧S)r%QWD؇5=M'kE+L&iq*''Jݑ-t:+< fsNMig8_%4czтI0 "' eCp9Rs@Ub(f"ٍ9GRYĿ蹄Lq~JB !+*y+ |M!ؘ.xԕڛ(,S ,!#.B7KӘUWt"DrCU@wqoRS-AΎd|,\laχԅ< R MzDٴ;q yx=[DL?^}YȠk}m>.vYup +[t&OQsK| έȵcO# M~d[${=b Zm9IU:_)d}7~uL9e>2l;k_S&kki&a! L>M+3*_FΔK:XvܔѠS! `3u/ȂSJ1## Jzff T?:FffRJT0& |kb" MRL)W}G:gc&zNJ~ٿ"n讪MzJ֜mEQBo ^x2xQsW?,f6#lye-gʼYD,m9qXOҳIsj$/nKLjBfT}ƀm8 d~`/j7oFg_ά`M]qz.e?集y Y#~4ىN[źb9V"jx9uIgY[v[:;bZ-:b޼4d1DqNL.0O0\Bd_T9YBkcChuRTrϏvl 8Q1ԘӕJC3tr{g❆F<3"ɠR7);AWB7$YV˙C(~8XMQƼ.s R3ber>BZS;`gz5 djGE <،m)4[;DR<)纀yHwGF-} e C4 抚/='~:EfG2 Ûbwein>ЭY}R>'#en%DRLȭqoJķbc[GͯMN #9鶎K"Uۥ WT*e1cC'u!ghiB>=r 犎02жԑN~%NhZu.:}wsWisTJQQG*=#+8UIj>P=8<zL.6-%<LQKJ\蚙ΣNH>R | 钽|DPA xFW @L-kH[Zs8 W'c54qLʠKDzem1jUȊ2#@~t(4aP'2_k!,h+TrwghXw-kFQ=GWΗ.=AZN(Z^I w#Qԋ[32 wY''CN",r_īEhŮhL)Cw$^'NO<o01lŅ[ia_JUhL:NGSdI@"b CƢ̦;ȘwrròטNZV n3c](Q&Ә.ŊAA4A~YXB+WNQyA #/]\`L3ho`:ړ95W|ƐX,{/ 5qw"xzBĻD24 =تcҁr4jeyimu.UQo5b:'%4kptPĂULz,G=*fWvwHUt<%υW+6~Q_]=͊g/nk #B!nY*ߟ^hŒK-yܶgX&i2h| *OBvcqt3Zgy#_ (yTQﺂuڑxp6>Xc̤j7 d3 .SIn;~M ^L?ݿic^,mJ!{( {E#ӭgUϛc 5oYRYkvUw""ސ @ܰJDhk+δ7%~r4vip,(XL߾(Q6ܶ)ksJZȰQ(&2 gZlϭ0z#<5#Ii*῾ n[;aMz(3rBP9)E4)~q?Bp~!ZX'D۝c]+w~_Ix⟘E&MfR >}JbC}D'$HqV?,EP&1go"} ){ z5yQlCy4yA%^[bNz[#`ΰ~^yd3ݽ'EB= )$վ*a&^m e,j]l-({AgE9$uV z!k3ϗ'0cܮ1Ҫ:/nO:ݟX aM.:w}TH@wkL=M$aOdc[ϔ$]BeDoxdUw.J|OpjeWm%IZkDĦ; l>0Ql+@G&&^1UTn>H>Q?HKU$DR BvHv~5Vs|J<蠌vr|{ncA-A) [(#7^΍8YxSIrW,:,[.7G)J SdVXczgyN -d 0#gߒVkb ~Q7u;cI)yϷ#5ZyɸA~9)t(" LcXSUsy.V@wh[.6Dsߡ^}Q/fzkS ]0j`t 1Z*G8,j"EťܛJ:4K-3r|z=y.qc:/yTޔA^!/d?%u@VɱQ0vp+qO\`[7Pʲ%T8|EXZ$bdЃOX?X!OLF5ȟPF#gf>ett+s]T՘M$Hswy8Dv~+ 3=s ?$SD@Tf7^V  ˬ[)OAS%W''gPxc>:<(zXab3UK#ʤv}N=TBA uk eI$$1E>83ӁH_:[˲Fs#5I%]0 ,MkzX[&8RStªٜzE S^0q54kc%yƎŅA*-.#\Ge }1(x2lf ҳC;yF0bUj~!4ٕXnnSJ>Y.7JnmkMſINy :ֿ[2aޮ+LCB l,}|(*[- &Q y79[3-/-w#瑶ڒv[ig8u| {hib 9a)ZPӷEwt >5 @,"ԎzLf=.ǟϋȝu/ZyX pMqzgvQqJ(NY<`Ӊ#sme$Jus[c<[?kFmjf.R,6 ] OQ+ )x7y;qeX߀|AnhJ!!,rcE[HC\Ǧ]g W6+?n1;$KlݒPTs,t@nb*UFUyuQVɋmn"]e{X}^BU_EqѪrK %~mZ w߭\ҙ xKx╄ 3EF|84ApITcTS,] ,B|1x E&jK_HH\hlM ەFyѼTR7ڦ)l,B\pVE/tb y j"l82ÀNڻWẠ|aUrkAvW\=a_^b e e=&tVŒW}jZՔ ვf;n⢞UmNy:*k!/mr"K>?JMP%1q] YAsT?v"]D`ʼR3uģaǒL_d$ī40 t"` m؇B˰Zx;NߧFqqp:;& ]eVT 6| (PS`} ¯V3TNrB߉h-A.de 7+{iN@4&3]K }2KB//_@3e}2ز"הafƒ]rT_akR|˙&Eͨ\QG 8 *^pgq uC(9Qu_lYv6G]AhkAl-sd$8M`f\jthv5zs\?rJ#bޗ&&Yr@/"Ns~e*1kL{*_MJ9[G?CuuӬƃ ~TLg4 m#ש("-o`H&ɿWӾuu 3^W0^QMVMrqZtd1~Y5G=F^Q1a؈jeX.0c~D-~N(nQ%T z@BTl^0ԝ"AM2P2u%w^k4׆lWtCH׾uCbwzgur>ѱnC9zr" oU,Y3/4v+DFM9|ܦ]w?6@lwێ%v ˝tvx[Q@@:;sv[Zv{/7SiY(y TX#Ee7vƜ;{A4! F1> ncɪ4QW* <t-ߝ/gVuMBHEe  q.Voؓ:f߱-;H& H'"̼AU-#ef1TJCK왂М"\$&⇟ut˷Ҏ #sƛ$ S54b/Vb?|d zl1]0qkX&Ⱦ"jBʀR]K\piӿ5yJ@]3Ja_xx)4sҥ5J{SNAڕ.ό RX/0^,hK2TTtKB kn.Ӡv ,c&Ypd1nA<΁垎jc{`]V7vɲmN eS Jdrװۚ[Hns)|75=OTp1{4$BMx={aR!1Dj,?2sDp\PgH7 ~e poNצkPbJKSS%fu0ĺhFm/LAMh>'ŪKzV6o&T|Ƕ> t,ژy2⾠ Bto x";{E01N r2jg3I:î#x<"x)I8^b4J$IْWFPj3׌GS Иzx mz=͙֯ |XkL֙-[ƸFJM:\dׂ[{{eΜwwn"10TA#ְk4Һ S~Vއk'm3 GW,d=~Apw ґsYWo2!y* (A:D%nUؾ˼8; iŃ<⩊k 0yvy͠)^#npJ}8@#>a19`h8*gy1QƪU% 2[V!gU/qC(CN1ڜ#fͫR]do b?H T"<)vX &cI))f |(v!$7pJ‰@E% P- b0ȐBVhk"| @Dyms̻fi*;Cmipԁ%+]ɓ[oASu'0xPm;J V W'@>⛨|$5oSҾK%j)}wM+CMPjPXGJ-VȺ}e!*cGQfX#+](= U'ۣp._"='r jWe\䝕ұU+OFqU/<ĞX8=g-g/@W MI?*,,I- *'U ͫ}YDҌ჈44EHO.=7N`'ڈDׂX¼x?v-b MzT.Aq|D ƺ{Z d.{y:HGYKGS8~CGpdwLp j"E;djfSRvc/ȱ p8Y78k}(O?j,f"7O $u+ 0BDс`hjEžlr&o#=kaPcN:N$u]s?Pҡ^chbRs ,ibOg$W_8_bЊe:%ԤM@)V1`;5P=iO(/h@kiσb yaXdXo;OOj)AJ q9"g-Ӕ\+yH.пt0z.U0! aF)$KS/Ͽ'_*E&yTc'Pɑ1]tS\UxI&w-߁ʋ ԮspQm-ϺK.<5(ie [󅠩3 =hs]T*P0\3OξuaWLҞ6r)|OttNF6$5!`y C;,EIp5?v$AMpTW,էoа9Gq`( =pZ`Cׅ  Wӗ`Wd(<ǫܽOxHpOf`w$BE)?`^ZFrfނwZ1W4!\4ڑ,+>3 ګ2 j A'b=v\rQMfQB 'LOL6!b*Cx\Zb@5lG{HDL"77{Be8@X\m3z?fouvKg7F?8ػQeCK$餸ɳ҂NTY`p)dzBMCa߇3 -p~F F{H\֢V8 nJC6)YRWNmQ -HS5da:-ךj+ d*4jurXׁ'*Qoj.Q3]<0"R\Vjk5 v2YA4GwSNLG| [`~Qmw~YKv1[p r7l7|o DS) /n@;yQ$anq%D;YqUecΘja$9BAcC1 Gjh!FD1ʒɯ766St@g -A0)XWeOJΤ Xڂ4ֽ':3w:-R6seƟPHߠ,v|ꊊP|hAh29EC̛XzQS[뀝gbjNt+s_i2Č|ĩ;"!EzAnզ㬪r@pqOtۇ뗈۵+ܥ:0GBW`н 2ygWY=tbNG{=؀̅e={ vJPb=ǞӲPMi&Lr4$ƘJ۾0ibV.>8ca\N8hlk׸I* ] fZ'C zs{CBL,T0*("=*J1a{Vm >k%6yU4!e0-9 ~#`= :{-r((Pc1RW%:F{%6j%^mwW/p*bNҩ9ԣ 8_₷gZDC{?rεUs gmo]\Q;)N?_bS`DA}-SUj3+.|{iͺ#j1#*J ALz!<~BL]zHnٗ^غ0keN'V>/s]e 22m:酊Vꔄ>vA<٣&…Äљ|B^1hV񪟽>,<+ؐJ= 0?Ry@*xdktFD//W۪}%}Oγaɨ(.ӚrBc'$5}>Ru;\\u2W*_9OSf!/⾄\6bqUMÿR=#TyR#pc`%'m0 c=BODhek*$5H{C ާVoy:dwmdcэK]9VVp~b4QwxH:}d{`XIs3c-M_`0FXϡW1v<ɑ *Ϸ/ȊcR멠xM_JWL_0H8͔e Q5% ~tԄ2,M Ћt@.~q9"oO~Yk:xb f` ǧNvRK Q[ .ρQyQ#mHwb!Y8wWQ:AcWK`t+gǵvw_=WC'|)7{Q-S],kh5._(<xMmL!g Lrz/S-a!,0mnol?I*%c`,׌f>O1EpWM^-`پ:be+ Y'G8bų-Q5^69lzcj1LU%R?T g bt&ݚuc@Zsw^f+T=>zR uv2Y/%7!Ϩ-o%%$D"8?7e_;(4 gb]]cK8U`;{f/rUU_ICL;mhQJnrYV'E60-hWQUF^G>ic}քG>3lq/mCD3vT-Z8pwr?ԫsV>Y@yr{ƕtc!Y'AѵvI{Pp+w wjhR2!׿8%[ċ8[z•Ѷ=RpC:,Xk]/`q~jŶ:w* y )7G Y>ӂ[IB" cQn6ڄ_ՈU(Y+qD^hOĹR?=^&ȍཡ=0xOy\ r` (Da@ G%\Xٰ1ؾ'zqİUU[=v2i-.p<5wQ\ᳶKXik=-rPyC '(|kEh4}Xj=N&svBw+ S|~TBfwe=!knC*[Yڇ'⁧m2$m}W.P(VRXsLR$N:5=ۨ&sxp~!,Q}rWĀӗS6wbhy4 e`dzQ"LmVRBG Ěw 5aʅjAYF^CW W "KVK0MSWˏЪl55%\RoZJCTQs>.D!*qY/y'y7(r."Iܐ@~VkjZ 0~(LS!0\$,dTayPD #wϑmp(LD蝁U/1RN Yގ %D\w=񮞻TNXe߫h =3C4PX}Ulj}o&r >e8?+Mk(~2{vprX=l9Qʪ וlNbw-;?ïMPO %ƻE7m aRJ5ệrXZYp:sWcfe|rK\s Kr$mP2r]}dJf#9oL b&y>% YE@2ЍG&\R  լy|,StAU+vqb)1W\Y J¦nDs C;<憆eBo"W!:%-H8U8qv2|1^Zj9w3km"G밒*@= eR6\7X3)#m`̈OӃ E<\-hAS: ;|H^~ ~@[z盝BN8.3erDۜ9j@B6иP,l$AD+L=9 JB[Qd[U}ÿˡs^%NeH/I2b޵@L TY,Nb*nhvU^at[\~HH펧ROt"-'lºKStnubf7e MVuĠW !y|5o¿ x@(RVeDW0?=|eSv.^SDj G$qȒf?C>劫kC.TsVFMB٬R_ttX)!] 1}&wp$XℐӴNW&Cm),!i"IB1M(+̒X-)#97cZ<=!>$ܺ8N@MU:H™bc -x mQйi s?RA4οA_DiMJdAWEܿs]*N+9 #,|r.Ghł Zqßy*25DzK@@e{pg'.5RGVLz lĞ)"CѪ%"C 92F[\c)…lU}hX ~rP7bO_6FϠ`7@*5Ƶ.}NR`]k7.`A=V S~)4 9Ncpk/,z5@('C<(iwF%q6bŷi$0A[qs\ۭWÂL*Nɭz]Ij3m"d {f # #\K36SxEe- I|'FhINm%-t-#˾=258flj`_਴Tͨ dsFG3H#9YW>yg`\2{CԍB(ZORhQR Oǭ!!o2 qUAkny A ^xYu YBGB\2Bs8MĮtc c9Nc+Oaۂztt]wΏa}Mx^odȪM2̩̦> Q.T/z?—GHxDv:\V3_lqv(Ep;$JVXtIx/A oUIIde~{~Ϳ< -qJ~[2K[Vg(>L?ed}옎PIsN|@[9^ʀ˨D -z6GWC, A^{i27atiyڞjJwgB0ez$@C'ZaϲqZ0Pjǃ{-1;BpZ*Bܰq A'G:b Ij3Uuܾ#5}. 3ު]UGӔ*٧ڊJ[?Q˒X=jRo֞vp}@,$nTMڡ(5hr3|6 Ɍ:G}{+iXu,Z92n8GE<>VΠb1HG6'* E8@)SigߛO. }ɒUq$ۿ- Zlb&u<ԼcL}r(x Ua%?Z3ƑUgat^gX^F m질{E q-@U/yF00.‚QaM/`h#9d6qbV[1?N]&|+Wq@gIYJuۄЇb#-˄<\3L5Ah=v>0ycfٵ2j9qD6"/3UPsV^ҕ*+䙹g2yA~)G75^i?fX UA O'bޏa$nWp31q\*֣`69LaU+fwKw:)0L{Q6;:P98^h6'n'U0Li/Pk딖MĀ??Q  YV% KO7aqoxMmH1By kYHi pGgF[6>Sm0J{dMWl D;Wc Md( WCYc\~?k| (iEr"MUeYT`'D(5{mh*@d{koXZȿƥk HUGrDa0ʓ!VəѾdޠn(ְWՆ_["skٕјojJٝM1gThʃ:O0nP#sat {ϲ-52ߏȞ3 jb?H%_u*!{wC[ S|L?r%)x9!JAjw%XG%ْA'G12Ҁ>Tz\zaiCnɢ;+]} kgu,fKG%`|OC#u~lnB;3\ {4E#>v%>G_i߰eB,A2c&OW\V(}Q%I]&?י[- jp[vYqFԱʐkLY4h⪇;NbPӼzlTUTf\gی[R!VMA}\] oʻZx0 s]#Y|,: C 2,H(*%G[8$j1t?٣SJ 1igלUa\ .8*!E/0hǼsE, `q5P&0HP"lbRU_{:05/P؄:d ;Nϧ.5a@D- >=8^5>APnGP7IUwF\`(TN 4r85CDmGP4-zt{|f?~PK+pGl~ے΅~PEeji=QH*  o3ASW]-V_>{7e8TG?p:C_> pu(EK="Py# BVƏg6RA|f`t>Y}̀(xt}1Ӏ}z|ӯ3dfcd&nn; g(n6Py*keiXvgٺmn"S094pŤbQpHNҊtmp8ۯzq '9 >ڒ!K郝6ӓ9E86f7 {Ek:|.b?vQ . gդǜyψZ.b:Re n1Cq0v {.LL:ш8T3}_Qt<"c*-f-%?kge#x6"J-\Δ*'u&{! 0u_}֛{i uznTba$_kx2} }xmv-`Sw?I8T \#M2%~(dF1ϳܒ[";#&mYK]Ѿ,c/eI~"[UfaÜoγ>h=q˦X/JLl酙g|raV 'ZS(P:DsĒub&x&_k=\WzD 2z: NJ#>I=f }iلR!d.qTI{=ؤw<Yw@3ѥ?™=g6h~}7jX¹0=m\~ه|rBrv![F;MMxOas!eڲtC-'&)PVG9x}2KKQl}M.ה)a6z%X56umVcD_զP`)jX:Hh C]tm 1*i{|Ӳ.'y܋z3CϡWB`yK։I"!U(!@fW勪%w(! f z:@tdLOiϿ:3Ę?<{B2D"V]qX<R3Lqњ`9q4b{=E:U2yFf? Z &5?i9͇5~<8k'őpǿP{=zRϹl+~dCC00{K8ViuAn;p!:Q"[l)Lhy韁u2Iތi})^^JV1.ҍ=}WfaRY"' hQhv&/#$uAJ'"^v+ȓu"x/'!~H7^鬸_'왷4 3kic[!V[ ɋ0`-贼_?0{jSw7; I£Ѧoo'R`PPM/zpPl| V"j#q)KS<,RLl[Yqq@f!%,rSoG۷C3 I `8BWK̦w4_o2`  :}ke&Kϔ)R0>@Z>-ݍwa0yl)-DMxQy9\ʅ Bhym4hr}1\jQ~Ifo¸2{9ބ܏ ^@1"  #L7C^H;PDQ\yb<V;*WDkQ,V$i̊? wNsCA;=c,3zx2ڳXoN_=9H+͂ m(_6f,.Iʋ-yM:Jx8&݃[M,Vâ-KL(/(kB|>@)RfA4H5CՑ.VN|Qnq=g mlZf'¨FqqCCTЬFI<]iZJZ3{l4G7d,RBYN0cm'63 QBI@Pl7/0xdGD,"q88-RgcWHȁD|QD[/e\>!zwkx%£"oo'يJku&-ki@*csm*g?ۦ!pb%aRaթ ! Sgv\'RC eʪ1O~ڀ+U^pWSghq-wWx-?zZoa}NpNX`5\9Op7y yAm_TQ+@IbGLR36`eϗ|!vpqy߻>uX@Xc.#z=Ӥb`|;va''q+w۵=cףk;;GHoIiR?kjit]8+kgM56[0_>%TOV;!uP$,%W?=9t:_{Ye[z0ZX,A^oguTye]T9+423-HiSn 9$?$ѫƘ>9ҢP hWK7=$D3D,1MkW!6?DV=NܸEY1lE'<9d-))Z4!_ b'vqc!jE Z@Y{m+ +}8G&zu`C*+\q S+@x.T|dJ-VlLR )QD(c!֩@,|6eAs#Gi K猾. N{=[]׳,bQ0Дfֽ O4I%.1#ӕ}W"`dRp7 mQQnXy$ Xf*foMYO3 xznyL좶ǸK5463qHGb= !?aOFiMRhw]lsJ$4*n*ov$'GXǨh{E cAwrDr\m:w TY}(|x @Y!s |[\Џ@EL*(H%ٷ;?L%bsЉVO\I1Y?fr)c}섫OviC{Bg~oyI(ʳr ṅT6^k+jNe~bzIJv/ӘLmlLbB݀EHM#+x f_vz [qt 2Ny(/Qyw^܎P8|._U\9U'bwf?Ie['Z2hcU8$`k\h@v1_TzJ C% M ]+&s xh:m¸7J`搜\jإR|@p%]Ԕ$ HM6C#W^tnI su% h&WFnY gXZLQoX[hgBT-R݃ϯ"/IT@K̂Խ&6VǘPC_pQVNړԙy?¾cIhq1*3=`1K#VN\Ng'pn ١m4%l)m p\RaK>0+}ET,Kr*{F68~5\*hlf,#*H!+ '-$TGxC堾>F܄s|dj+C?0s%кz:. \Pe1D9n8kxf|hY>4x2C9=Dv^ u'o IhonO]C"s.$C(5w~ u|43#2mSK+i6  HPr|i1OON-X.,%bso GN9vH23qsHc2G$6(?NKs&*2/Nf&;u|oYٛ2 T]jj"EװHڴ@SDo,!G<0$&d>ҕ"nN7ܮ臃ȸösxgM*AQՄ"H?T.@)Y0?h<4Lw-Pب`e66쐑?M$D<Ω?_Ɏl AU6&r:skB)Xؿ-p,X61T]eUNRݍSߠ/J M:nF0#z!C Tk8!:g'{Uc#tS~6/. Aq==0$;wAGm%w~2Ao 0T a5FdHge69Nr_]>f0YN$Ս@'k!/GmuStn{}L |*^ g+eƈu ҙ^q+ѣԑ2ASz+ ɟ܆կ4eh1D^m¹1Y*Z'USal }|oT* u btWlX?fʽ)IɵLJwH򯢶$QMPۡΗp:ܨ\4ԇػyr693fUU}oa38hw!K,0ݹ:#aNn:apWIo7gڿ,mp|+ڗ$K9KC %c(!(`S@:0G{kجxT8-쵨{p]CΉ2QLoc =o QXښIYl矧, hnY}sӄ dM/ 9L$acĭ'Im+,<#[< ZMbVtnʦJR:(X 5^g%"ʬrg;8wV$Ivίpd {ڣI1s5f||bbOY?u5(sv6^'F5/  "rN?H2HF?̨̊fK|˹Kϐ6ش_d #qYb|S9f[j16>btd4%{=a7&}Q=?507!dN>'j(u<Θ:bﰺZ@$ѐOJpd*a)]}=%O@1 G \ rpa|qȽ^mY-gi|GG ȬqFX5˼s/R^379:k^UN `ᴟFPѿ|:7قr;jQ1~P*^8.eb{ȿo;u&Ŏ ^0"SW!Mi#yُ-o@aE-0OPԇ (̕j16x̰"m^ǣI0]jYz#-$Xf]Js"I"g"WMa*y?a"=̄,giv挨g 2ڲfz￀'Tv5/\>NQ? Eϡb}k*kN8У|O倝% 늗Ol}@RT'Y|v=|C.j@Tr3 52Xbq*l*!0;˪NN0 #}w2 \l'8u72&yZɶ*{NN ,n:3=KV&$JQBƝ"'ݗiZÔo e T.!9eou%}Γ5b^t@phku %l<ҏCW&oS*PV2@'8U$lgH:կ|̹`e5rPhCoIy`Uc S _2D K8U9;4q2y(Lm26IJ;:34/KwY[^`J4IrWƤ<;%aoZ[,ꆂE޹i?? !B3`0{9ipB12MizK8Qpg#`mL$så/"j}cXjGߏZ^ AB}X` bK?#c3xw H}PxUqrϘ4ֳBBɟۘ! ?>'PxYA:fM\GvGZOd_d¹Еi&| #چEiRdHf}iiˣDZǓ3&=9-C% ֝K%=9 \QYx ^|Sc1_!,)08c컣tZOy?*Osy႖[ğ6B#Y-%XYim~*?9{e7gku,X["g,-Ͻb} _+Xٹwp0d)K]LB0BVny)|\+MOH.Xc?TEҎڏx|2h⃑ul 4&#w8+j8gcFȑkl(m1&^(\5¨LoNT% uaFwG9W9ЍJ"2$N^_ ,i̠uc(#팥uG#,o6Qj/fB 6si(q'~S}5!$,Ȳ=Bz {@IB' WgE%yǁ֥f_n nƪ%29@PBoɜ*fSӷVV;6o\AnVp'JH͌nmH;WD7D&WUVy.PKߋɍa+Dum$[˗eQl6a>Q6{H]q}^Aj %t\ 4 6$f >]kutLOW{,:zI ]Az7ۋrkj+RxW,[ɏ/Z 'jG`J1 ~xodsk Y""ylR916>nWG`CF@Ϥʫm JOvUӁh#!IvXu>1m7{NJ/">_Hux|_~ff~A~Hb+>`h>IaAX#"I֏)O,WZLS5qcf8tPZ׃RIm'_r)}\mԾj{+gxb^');H/@MmV-!tjcj0f.;թy= 蹄 ԧ$Q ׼@*_ܢW~CHQۯ**2: f~+(Ukn?fZj$B~fhēd\0eP%P-.ak)3rh2K[%?Qs5UhiKDa -g3@uIᐐ!u GEJ@VcwG'|z,{3AlLRәS- t3Q+c?#r,UR л$r<<ԧ{^?Rj=y둇3#Iwqz~/*4$M9z<4{e·絣w $5؜eu\hMTEF$}>\ B&CԺ-L*$ q8><87+k;6o80ٌ[Ԭ`mαtԊ~`Z$y.0a* |SrU9?>3vݪt&w`Vn:uJՑj:nD4MWxcWk(%k^й<$єés> |~#;KrؐpD,V?<% c٠%oTrG\ $ZeB,~R m_fr0&mjkMuC. %/0%$k]IhEhyADjK紪ګ71)+3LB j=3vzaWniΝ̚ Z[Y=؎pl(L'R>3m_>BbtU6ږ鲞9} ދse;iwXwf1 &]gB;9&r.X CApt=86bkbt2 TbɰR.Egc⭀&j覴vo?#DQ  4Ĺ(A >} rٻ(s j!ܕkz NӠ1N5nM3 ٙgl>YۖIM`,,.ֲAݼDKƆ(bi|MP|]g헞GrSZg߅IƞGegp~ =6~rQ<Ê{"wpH\=Oڻ(;> wvB9\9k,Jy'x&._J7![ժ[{'^$W TԤ~sA3t" ;-g˕BZ?Q~*,z z.(+77Nœ_pm@D_ebd3YY3 P%f$5w5W@j# #{AEՙխ*sݚ@]Tn(}\W=UrHc# V:P9$sdͤnd@!&8zu&9B}< ,rމu6n.MDF9vcIOܯr_uY4n.y# !]!ژլ )TLS=$`˻bIZrv" "ytULu`:|t0!#C"noy~]W8ЃUeSGˋfĥ)*ϫHtb<~#8+۰bה~k[ l8Ϧm+yC?XG6ӈظTsC>Q ]&y+NvF[odיZIt7cLLHMH+j&`E .5oyFPb bKC13E diw?CN G+w*ձυdM f_zA3x|f'z3w/d3vnY2YYÝq0FLbo'iv v`\4#_Uh+RF^M80ڝQbo1a{-j:u\`N3Z}avJ,"G5,6wr1#j)6wiffjSו_WHBڻ% t$wJ &+Q _{'9Trk}N|D d8|$4%~qF[7Jc,Tu<i># a ©.?Ҫmȹ^{"uqjTH`&yxa?p3"s3c&Q?f"@8ސ ]>e0E+1i>pBEi)f=6"z2M-TAb}<8=.C/_-Un?PϜGBl~Wu}LϛCG.&ŌB@؏E%+Y ֻjb&;s H Ҋ f)P)|Y+Dulls`ʿA .:DdiMmׅ-4ܯwJIzT \ t-[y|b0zI`bg8Ps_egM^TC*ӿ IWQם/fZC?` LA F߂.ɍՇq=ʧz=~ȃS&;6-ҧA#_fB]k5bw Ș,K Juҡ0GJ;Hܐ$Kn.bl6ˢ+9r/= (Wꚓxħgj(j.Ta8GDj g53VHIgbM|]TՑi nGbx=T+|1KŨk#޴1\l%03ɼҝr-&/l2c|IGnNFWߦ`WXVcmwtLvCb2+qe}YciWM dr/ށJ}x^NbsvZx @y2zwnhzԓ~ly ^\ڛP{f0{ȐɎ\HhĩĐ]tL=fE]T1 PqPrD_#Ӳ훔!hNI=Lrs^} pg?j9{7fW01[|VhP|QӒZuusYbiB3$esp: / s${B@fK3"M;F &[M.'SU:Fd2:h0$A2`ldn?0YW](HXYM캣=EMד3 Lsp$Y6nyZ^y9 YREcVnI~T FB*cpv̛N08(~JJL<6j0l}#;;Կ.=~)S|o^!f'"ސsV6@L&4~tӤBtI`E <6gƐ*T|/z$CL$& 3Py .lACTc{^pWwRcBtOO Sz#(4\M]y,Fjے,f i>/ N:!#{2<+<ݐs߭hQ7+bw{M .b|) z414!gL6$`EbPoƐ'kg ATU^\S&Clq:MI=@" v3M`,ғ}`(Ծ3UuE ^!򢜙L.JC3Mja^ cL60i?>#^!J8'n Tdɧ<9[gY'ZūSG۰*)S(ė涨:(_ۇ]llih:IṾ1G,ǎ.,Wr:U\a^@M*=gk k^Ę+ 3hlbELޙӫ'5gSC8~8 EݩοmdV,7R ɒ ! iz@zxZz]]J-ML sQQ0Ԯ"w,S:f2N;f9&WU4Cjl%ܴ(8FIr1w#{{-L]W+5%Lb/gIX3$15<E}HNlbCۀ\̩STP闫zZK#Ip <Ԋ1&m){1r` t,3M*RB~svNv_3+`v7B"K.k, ~ohT`:jjjf'4r*[?#>(1z2S&_dLL1106,PB0 -+=ٝƕ+c^A;RrFNĒ"y|#h_nV;|T #]pXtUIqڃCHäwBGdU!b^1Q#ɸ^k:vfmj2 $gvcn!TI;} TG^vhkg7ȕ *]S.ܠ%1^1seRhH2Kճ"("GzQѩQcPvF,+ݧ,љ[vowi tRwpEQgp|vC< ١Wv.m Th݇v'Iae}kpȞRKa:$#x%(j[s»y$Nm˿tOM}T62` Y(N[Pl׉'*tQ>|MVG>4K3 #+` o~dŌ4%`EUI&r֜Ÿnws;%NbpEODV3ϕ3Ds6D:_693 _R:A ]̼O}Y$3%Bs> bKHGPb7+,VHjȠua #z-HTG5rzMPAqZ`#zN`vc8756 x4( *U)DV} <폹@QTOUN7 \/~IDodᅡGR?q7A ]4pK+@ &PʮJ?Ry۠WN4Xc~W^[)srxY3z+Ԡn-2?F/w8RuL^uxD*~LL!9LU7l+`_t~ IVp3~}zgmժ[QvSW WOZb%N|C"}0CM iρpb-~I<S͜{˝|GY6~R⌢oE~Z֡2=Qpp< :C(?m_Xlz]N=)R^.K 1*rt(Z]X4W)\S-eiplzz9#| ]Q*.:UAbU̶)`0v+zDW*iA( =TpAѽ:P1=d_ZڿkB6io8'p F1aO{r5Bs\3R]}O'b/Ih+4AwES%K-$Ãew;2@u뤕9U=V}W3e˧#<#w/s^eGdl`Y;j4v⑍!6#EtC1Qey4g#nU~b4`.J~M5,Z kxup'v6rqF4%h8O.t\1R6h}COF@[c`f{mQ)}y1tlFB!;ҰA5'1[.At;a&BJD%X6$rt&̀APэXO(E*)ιO`_L'nx O#wgs'tr>hY|TJN:~%&N:s ˮ m;" ebŒx~w(3UCnMT@8 gםx|t5IrA^QCUEޠIvV"GuGThH 3G,9/N)mJ_<>lFĪ|BUh$l^Wfa]:` ͛oXyѡn"H0e:JzpG2r|yn#K@oD߷OZ6N:;fܧ=l`v^ +ٞ"?Dڡ#J{ 2ޟԉ^_1"i(kS*i+9{)Ej%rmCgm $>CƗ:t,{Pxbp+T?ePq.xh*S,B ۪hv X2N \D|cf3+#tNQgI͠QYt")kf1 *J˵OVlPٮ~9X_JGuΦA`d_Bp!({<$C$U4~TZ!$(B8 s b=| Ѱd2C =JL-:%gLTtvZ9]B"zj6a8:/Ԛ|pp{YXN`!"y)5f :dT MB|DD:ծC1Dv8'|+GSYLw(NZ^YBgDguLb)i>;ǭͽ>Ag+B327m8 "{IP2/\[sLȢf+K6geF䏰h{]2gRP֥n63dv}UU "e/KeNig y]f?F%/Dy`ry-ejSm 3PֽD>%j~+H<i?)p9PDw] C0t\à5Qĵ5뒹zSQa iʰ%{*y(p)Õ_SWf[ېQgq h>Hm0̩H`xo|QԙG 7GUr{0!^ܕ'qK gL 8|$G;i["}3~ZZá߰)3m`-Y;*R&c$|Q3cJ&X |t0ENg˘$ ɥ:l|$\R=Ɖ"\, o3*k=P0"࢏uv$,)F^^lhӰSAn$n)[g7 |l;ľPLa>WTo %zaK4N(ŰhA-(=^E(ԩx.,E獑N&ǛlG'`f]m6I2crf?HX-L,;bU1qʕ,vG$P٩)xO2@}p%PL=Yvt-x3d!9 H`x0|ڨ`B`U°A& ~Ɯ[%EVNoRs1BMr9 CV2@}o&-қCY|gJa/~cŶsJgA6cc> *[K?n' k g섫f]T4Hٟ5l1}(Ρ FNVڐz/L\uYl;ٳs5`I*tRl ؍r$"+NyK~Je]-7.shyGۤӤD#$ل\N<$f>bRtAA'zk% 0Ϥ AW<K4kajs-&LxX9nCV^c7Z1_ HuW~Ǹ׸XppGkmrr&ʇ-2#Ѯ*tZ=ÎG(Ɍ%2Bi,}LX8-&l +AQ3@,ߓLq@`?# KʾE1B7",Z:J%hNB|Hm󨡯"6 R=>{c;JڛGמyVϟ2rΨ 8x#T?ϊ6ڞ—p}KGh֋zu5tc}N,1;'3:QYL+o%c!-ƒ=Nx)F< T~Pp B1@:u0Ƴ\ 6ܥ!{xZ0 DJ5a(zC'">j$99UUR^͈6 q=w:JB =j-w@,|l-!0;E˃5J+,? .ykkCS5>-/쐕𜱴ګ {fD;ޫ9 fy_."aJAW%7raOBŅEwѭLwg>g^K;r? 6]ET0_> ģeh=Qze#F|t~rOviiȿx kR/#L@/aMױg`]pc*qmqD8ʊiW*bQ^s<&Z#nw *+65#NNT 7mTxS,큘8vǞ(u4;J]N R]-tt ZgAH$Z+K@ D{K*wi]T=r{d* 5?G,*-kѭeV.KqvcG9u۔C쎑|ʁN#@C$BYHPgfwgtF0T@"?Zj_:o *JGWXjܳ)^)}[y{lz)etNzƝϽ3b5'ӏiuXer̉FoUv͐t^߲14oGOxendo~q^fi[r쨣͢ I?-ޏXgcHpScXMeX qGEX$yhoS'#m "J>cnܿ%^֗jζ1l?Љ֩HCcEn&gs?d;{< TƳ@e;֢%ۜ_yE?p9TKWfvC5Ӱ.-Uoَ`AQI|؁iA yq.7co&4%/?EBZ6O}[4:dntgB T}#~>?qA*|drƁ@%MCNj/iaN?DB)$X+h0AMMq =)ZB.vL?J/52g",.+Π3Ev-t2 /vLc no|Bï ŘȤPC*eڥ'IJȑ Fs m\a&yI%>xJvX>q/?6;Rch BH.Æ팰*]csw{͝h~KP\$tn`drK4\ɭq(mGNۍ-융.=KhTccg5=RpZqGޅs)cʙb~ M¢cBdBՙ<4j? vy(X}7()ap~@B["' %$ZP<5rHr}sR48m҄>}Wa.:be0ILX]| MP>F *p["M+GM2M?[p4^lb2 0J}y<@(M_8rH x]o+ X^Nt8rIGkw*0'N90(KѨr$6t+.*P-CMGwOL5i&`~ rδT@*"+$kE I`me;5pT?׎'H+">geؼx07 X+Ґw|./.!JlXs*13S=1 ,U6obxAB2ZqhfEkmeVhiOǀ|cAA).$TU~9Dv_Alj ?>gpwTb-v':7_"ܛla.64Y笇xxC8^|GKS!G02"} U$ },֣ڎ#S콒&|6Q80eWfChKFtNK?(a oԭl;TLSu 8 Z|/!`aJ~\7\ S!#q.ev-: Ad'I/GXk/z ,ūD^|y"m$~kE D?RTW E _kf1˗$Ef;G89[B#pc P0یAE/.\eB[ow:JuK=ؕ(DыsH"NULTW|苽e֑]1Hp4J)ZfSjS ! a,lti)D)U~)..x}6؏`>7>,WܶV;]X>ۧh15(|"V;Uo+>jAAʉ Ze+XMd"0?*@{}q5A-OT#!8X:k4awaCKG$)N8F{g۾AY$h^0@M}S\[o`oFv":8O'Q te1gPu >.p MYп2uvfG4\i#TeexK{_0Twe M^C BL}2\gV.E*+b" Q";SD|JbIL~VGΡQBGڶfW0:AgSseٳ;cKYV۸Lml[,^Xb>GmMۺWQ7.\ЏA*2;8X¤^p*khKOo%yua?qN :\=Tw`D|du1|яP=|[ٙb ^roLxb_.i"ЅO< tm &ݠB)SgM X o7^bO壶}-#,KcվE#FNgA߆2Ճp Fxb(7xaЩ ln#A7-Whbrr6=sD wxWK3Nc =z.c-K„M|Tzb-:+=>`COUe +<;9~.ˠ]NQ@/SPV/\Z#pG+kYn#79Dmƒ4:!qiO5l=9včDu&1);ì%h֌lxijS=<Y̛ $$B; o yѤmMFgDĞt+EWΐ?6W wI1-+{s@MAq˼F)cߟ=u{*:PBhV2xl{ʦ jQJDe}A[Ko n(镒ZGJv3 @pX:Zkx}}U(iz\El|Eu>.uYw:;“K.څ^f7?7Ͷ^zQwc$ۣap@IiF)9FROmk[U 65~RdktA2* VEfJeboJmt*},EGtWq.dWcS.Z*^Xvۚl!:UAZyF~lUk'%_b'r*<=ҟSbK,,kl枚'7)\Z 9oP{QwMT{C?1]o_~Wp0%ĉD@S,xyu'=XN:pj <3/z .)+KuߔSLa(e|َx"YHl|D8"n\>{76F|&T1Q,>.Ѱ$xCiy1!UmKB2W =|ՈR+U?UyuMQ5gV9τ+GrH)M}J'QWWՎ)䡔ڸ&Z!zf(|w0kjx."UhodjG 5ʼn`Dsez`hg>8 YC/dJ5<ujB~R4Zr-$4?=AA0R~I0N1 {!8uFT[U=)-{xZMvs~ R}36'1˚ Ew?5ߚٴT!mNiplHxޥsMe>}޿`nrȣ* ] Q S+XQYp˔il _i欞HrBs2Y}wG9n&Mkbx !%*x'bMhܿYH+V2^47uKb*/Sy[cPEv4=ooVc/[Qd[>k`až{*6.Z0q6Qut_H7~SE"?b֫†Rg8fGMZQ"DEt$7Ũ1HFy6y64#?A}e&Ӊʣ,`n:x=Sa!:o˥9drlpKދD=AH90⺖|iso0 l" QB:,@H o1akq DO-䧹+\gôa 3w*w5lp6J?G,XqQF=~Vɾɒv₤)o1ޓV UxϮ[{PMjL"=cŽ'>Bc,fn.2Pjy nc* ט[,ȔrhU E+k䦙q + -cFLZj@& Je5=ARg-%2n;l:@|2Ncע@l&vzeMbUuY%8+8Oρ9C,P f}b[]fEv ߾Hqq鍾AC!O \aט3RaduE5.sYF/HBYpQ29Z>AצqP1k_ƭ`F~mV_I8.7"NSi/y^5z`KBFH#Z b-9uB8; w] ڹ(tH=rpD5ܺY]oA;0k7J&|1TMe.h F5K,x$̵)U _?ݜ2v-90zr? t?dBh֍^Gb5Xv"GʚI3gʷ _n[Rlasowo'ӯ2";¯"X8}duZoYc(=ֳ*+xLС Ju6+vC_9:D#hᑄ GپZd̒ɶ4ZgRpQ‰קjd }$Ey>6 =Nڈi͂vRN 4I`tz/8$:Skyƀ0PXa|] e>fG_v~MߦMDc`;H(`5 B/FSv:ŒBrݬ.~9ްm5  \)( I n q"6}(g4zm(d';TۚO!%}MƟ?Qz+Caf\,VwZsHν]暳=47Bʂ](m3f Mvu waz%X!'Dzb3W'#R4l wP d^ۏE0eZ;ܺ=R۹_y>ԏyB})uA.Ɂ~M7+*;ǦI ؋+5J&<~YƕƷrVEb\%C |{`al7_Cq60'ǎw-#飭ԦOE2P|sJJ)by]HvMb>aY8apR:/&\ʮ̲vˍj.i];t)h^")53&ƀ)R; i<maBBm@SU#?mx's8P#&6ui+Ė3<ͿoV2;b=ZpQkQ+o,r uJ廾?U<ӟN( Y ꣁ2L}8a!BH 6rLffa.3kشv!)X6"c` l>MeSozvfv۾75hgf^ Im%x͹Β=v-EmC䎕G |p'QߊpPi4\'6vMc0YR eN.pu7{uVζ>dPJ`ߓ:7teV-g5A5LtV+4re!ְ_3Qj=|QX^zؠ󔜔,-:1U*s{6}*|n88O{,@ ժ[ zчбPb: }e6R9̚4odcw?i}Ҫ>j_')VPE3,"WŐ-6*kZ<#&V8KJm(XZjb%Z Lpd7'Bb{v@ˈ[]jϚ8꾌zjgau~Em"#hq"ۛ@`x TʍÊz B< I+ひC)ÊRzP̾AK%|C/Yʅ5)[|";@B3>CTAݱsNџoۘ~$]Wt8 3/Iz>5Y]F]P 79e.O)i#ʈl=ͻ>Rd\]5 KDzIk͒|J'.f!@XHl~cJW 7:/[P9LINF=yg%w*@^q<_H0Qܐ+[Q3dɻNV@n"$ 5t{r-ߘ z_@r.ϳ}ꑬ>VC/9bQZ| 7E1B&PP^3ՑߪֶhbqN;2q8n2T>qofBg( ASȃ¡-ѭ(Gq<[,囮'~-o*{}Kiø_Z8-pj7`"ֲK) s)2OPdd|_eVi7B,|ˇ(siҐā2&VͿxʮ\`M[EWvaU"#èYy˶.)F$0 3EZ9f(SoI9ZgYz)mNmt: foPcD~H~CbiX[$B^I!: IFxCUr;/'jd7"Uv][I"G.yoYcPY,0NyȚ_ktUz|l.1^a[x[F=kOl-!lIHcA }pI5i?ldKjm_4߆̖ ƺ2\]L[/ًj/\ + _A>ı77-j[nK1:NF^2j!8ۜojsW@].yLh_QӾw;&f 1[Nf8ݫxT ipͯ8˜@\C«؃g2t0ONnKD1/X"r< ,3 R>]w>v@])(t?uB'ɪU+:-luyvs>7421]>UnE?,kRdFl {}eg/FީgzAbh9N΂%-v, wVk]t!~F$#T ڣv0Ak9MrA# 5G=^I$Ξih./e6we#3kGѬ ࠥ.?ג5/E9NSZW٪mwlh_lfbKY*Bqn*}VR:,; e]EÜ[읯/WF!;8*+`2gtԌ'Zӭs u4 6yeh¥mbI?6x_D}lQ.C R^x+Bvs$~ϲ:@"}=C_ͅԏDk8Jɚ7W+V, Nx KSf;f܉[ ^.fS(axT[ {$QR!ךF( 86Jr]O5 &K.Gx:֬T]uhΌhR4l..쨊s[R_YU߂7J})2V[zIDWJ+"Tx2zIjJ2xk;pc0`onZEO QU Zg.I"3ä9' L #Fy/xZlXSZh!QO[=bd! i VwxΞ!ICz1{${ '(UcZ2$.SKTݛs߰}2@ۗш^?Ztm0HX h9xHSZ8Ck!sɽp4;9ɥ34PgNjjOda7\yB _b}wlr&]et*y/k [p} .upx$6ɴ 7~J YZ