nss-util-3.67.0-7.el8_5 >  A aM<U]_23X7l%Ezd/ N(㫷Z[UiD޲LPu͒n0 -7aF}Ę$9]1Vwͺh೔VSiA䟧=wф Ł'&|U8iӾ}L{o1?#t9Tp^$fc~ƒdᵈj ׁXōG;GJ;1)ЇJT) h {.^̖ɒW˯EoT?xj79w''TԫVLXΘ oq&4zy#0`8 g3)e>.cN\0I/ fGQ۞CE y;\Vm V@K&1!qƢ,5&V%\lRYj+:b!{9]\ BAUqhi*q<[m|o`{6_qte,f{^vXj\`[D$L- < %326e45d51a520b8a00a88d80fa0e26bb9f76a58256efbb1cad8439ad223d9aa4f4f76bb6d522d54ad26fdec13e7b7382c39202bb؉aM<U]NcQ+Lwgd"߄G kwܩE6=$PxIcaZ C2ʫ b&BhXvnk꿠{`SN1ؑG\\Jyc4_Y;{)v|M]JJM :Z  M mavmse7 GKOѤ ||+FMϐk-=XLI,M0&J+9T˅ޙ(S뮣Vw!'w߈+{m9/uا<&lے ,_u%>LA3 Yc*4Ȟ%A2v@Q}xZ*$_uÆӞmX+WRE8;=7gCeATaA6ћX/o"uZM}ʙ.) !vU!B(6/Uhs$Xߛ\jbHh2*f0vnfBr\^[ C l{]&T>p<|?ld   F $,D P \ t  $<ZxX(89 4:[ GtHIXY\(]@^bdve{f~ltuvwpxy &hCnss-util3.67.07.el8_5Network Security Services Utilities LibraryUtilities for Network Security Services and the Softoken moduleaD|x86-01.mbox.centos.org TCentOSCentOSMPLv2.0CentOS Buildsys Unspecifiedhttp://www.mozilla.org/projects/security/pki/nss/linuxi686"ĠFAAA큤aDyaDyaDyaaDy`5a6d98bf4d83b1d1cf5085a8652894ceeb0550b4ed6c92f88130bf319f2117bea20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4../../../../usr/lib/libnssutil3.sorootrootrootrootrootrootrootrootrootrootrootrootnss-3.67.0-7.el8_5.src.rpmlibnssutil3.solibnssutil3.so(NSSUTIL_3.12)libnssutil3.so(NSSUTIL_3.12.3)libnssutil3.so(NSSUTIL_3.12.5)libnssutil3.so(NSSUTIL_3.12.7)libnssutil3.so(NSSUTIL_3.13)libnssutil3.so(NSSUTIL_3.14)libnssutil3.so(NSSUTIL_3.15)libnssutil3.so(NSSUTIL_3.17.1)libnssutil3.so(NSSUTIL_3.21)libnssutil3.so(NSSUTIL_3.24)libnssutil3.so(NSSUTIL_3.25)libnssutil3.so(NSSUTIL_3.31)libnssutil3.so(NSSUTIL_3.33)libnssutil3.so(NSSUTIL_3.38)libnssutil3.so(NSSUTIL_3.39)libnssutil3.so(NSSUTIL_3.59)nss-utilnss-util(x86-32)@@@@@@@@@@@@@     @libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.3)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)libdl.so.2libnspr4.solibplc4.solibplds4.solibpthread.so.0libpthread.so.0(GLIBC_2.0)nsprrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)4.25.03.0.4-14.6.0-14.0-15.2-14.14.3a@@`E`ݮ@` @`ٹ`̊`9@`Ȗ@`D`r_@_^@___@__"@_"@_"@_!d_@_ L_ _@^^@@^@^ۅ@^4]N@]]߶]e@]M@]µ]L]]^@\F@\Q\\\\\\@\I\I\U@\ `\l@[[[u[#@[[W[O+[M@[ZZw@Z|;Zo Zo Zg#Z ZZZ@Y+@Y{YY@Yn@YV@Y@YyYm@Yg`YJ_Y1S@XX@XX @XXYX@X@XX~@Xx@XoX>@X*X@WW@Wt@W~Wv[@WrfWoWm WbWQq@WPWJWDB@W4p@W@Wo@W@VV޾V޾V@VяVIVɦV@V@V=@V@V@VO @VHsVEV3[V UYU@UU@U@U>Ua@Ug@U[%UUU @T@Ts@TTء@T@TÉ@TT@T@T?@T:m@T"@S@S<@S@S@S @SSSSpShS(5@S@SRy@RJ@R@RR@RSRR@Rm@Rg@RD!R@RRR|Q@Q*@QQ@QKQ@QQW@Qw@Q]k@QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.67.0-7Bob Relyea - 3.67.0-6Bob Relyea - 3.67.0-5Bob Relyea - 3.67.0-4Bob Relyea - 3.67.0-3Bob Relyea - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1.1Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-17Bob Relyea - 3.53.1-16Bob Relyea - 3.53.1-15Bob Relyea - 3.53.1-14Bob Relyea - 3.53.1-13Bob Relyea - 3.53.1-12Bob Relyea - 3.53.1-11Bob Relyea - 3.53.1-10Daiki Ueno - 3.53.1-9Daiki Ueno - 3.53.1-8Bob Relyea - 3.53.1-7Daiki Ueno - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Daiki Ueno - 3.53.0-1Bob Relyea - 3.44.0-15Bob Relyea - 3.44.0-14Bob Relyea - 3.44.0-13Daiki Ueno - 3.44.0-12Bob Relyea - 3.44.0-11Daiki Ueno - 3.44.0-10Bob Relyea - 3.44.0-9Bob Relyea - 3.44.0-8Daiki Ueno - 3.44.0-7Daiki Ueno - 3.44.0-6Daiki Ueno - 3.44.0-5Bob Relyea - 3.44.0-4.1Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Bob Relyea - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.41.0-5Bob Relyea - 3.41.0-4Daiki Ueno - 3.41.0-3Daiki Ueno - 3.41.0-2Daiki Ueno - 3.41.0-1Daiki Ueno - 3.39.0-1.5Bob Relyea - 3.39.0-1.4Daiki Ueno - 3.39.0-1.3Daiki Ueno - 3.39.0-1.2Daiki Ueno - 3.39.0-1.1Daiki Ueno - 3.39.0-1.0Daiki Ueno - 3.38.0-1.2Daiki Ueno - 3.38.0-1.1Daiki Ueno - 3.38.0-1.0Kai Engert - 3.36.1-1.2Daiki Ueno - 3.36.1-1.1Daiki Ueno - 3.36.1-1.0Daiki Ueno - 3.36.0-1.0Fedora Release Engineering - 3.35.0-5Kai Engert - 3.35.0-4Kai Engert - 3.35.0-3Daiki Ueno - 3.35.0-2Daiki Ueno - 3.34.0-2Daiki Ueno - 3.33.0-6Kai Engert - 3.33.0-5Kai Engert - 3.33.0-4Kai Engert - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.32.1-2Daiki Ueno - 3.32.0-4Kai Engert - 3.32.0-3Daiki Ueno - 3.32.0-2Fedora Release Engineering - 3.31.0-6Fedora Release Engineering - 3.31.0-5Daiki Ueno - 3.31.0-4Daiki Ueno - 3.31.0-3Daiki Ueno - 3.31.0-2Daiki Ueno - 3.30.2-3Daiki Ueno - 3.30.2-2Kai Engert - 3.30.0-3Daiki Ueno - 3.30.0-2Kai Engert - 3.29.1-3Daiki Ueno - 3.29.1-2Daiki Ueno - 3.29.0-3Daiki Ueno - 3.29.0-2Daiki Ueno - 3.28.1-6Daiki Ueno - 3.28.1-5Daiki Ueno - 3.28.1-4Daiki Ueno - 3.28.1-3Daiki Ueno - 3.28.1-2Daiki Ueno - 3.27.2-2Daiki Ueno - 3.27.0-5Kai Engert - 3.27.0-4Daiki Ueno - 3.27.0-3Daiki Ueno - 3.27.0-2Daiki Ueno - 3.26.0-2Elio Maldonado - 3.25.0-6Elio Maldonado - 3.25.0-5Elio Maldonado - 3.25.0-4Elio Maldonado - 3.25.0-3Elio Maldonado - 3.25.0-2Kamil Dudka - 3.24.0-3Elio Maldonado - 3.24.0-2.3Elio Maldonado - 3.24.0-2.2Elio Maldonado - 3.24.0-2.1Elio Maldonado - 3.24.0-2.0Elio Maldonado - 3.23.0-9Elio Maldonado - 3.23.0-8Elio Maldonado - 3.23.0-7Elio Maldonado - 3.23.0-6Elio Maldonado - 3.23.0-5Elio Maldonado - 3.23.0-4Elio Maldonado - 3.23.0-3Elio Maldonado - 3.23.0-2Elio Maldonado - 3.22.2-2Elio Maldonado - 3.22.1-3Elio Maldonado - 3.22.1-1Elio Maldonado - 3.22.0-3Elio Maldonado - 3.22.0-2Fedora Release Engineering - 3.21.0-7Elio Maldonado - 3.21.0-6Michal Toman - 3.21.0-5Elio Maldonado - 3.21.0-4Elio Maldonado - 3.21.0-3Elio Maldonado Batiz - 3.21.1-2Elio Maldonado - 3.20.1-2Elio Maldonado - 3.20.0-6Elio Maldonado - 3.20.0-5Elio Maldonado - 3.20.0-4Elio Maldonado - 3.20.0-3Elio Maldonado - 3.20.0-2Elio Maldonado - 3.19.3-2Elio Maldonado - 3.19.2-3Kai Engert - 3.19.2-2Kai Engert - 3.19.1-2Kai Engert - 3.19.0-2Kai Engert - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.17.4-5Till Maas - 3.17.4-4Elio Maldonado - 3.17.4-3Elio Maldonado - 3.17.4-2Elio Maldonado - 3.17.4-1Ville Skyttä - 3.17.3-4Elio Maldonado - 3.17.3-3Elio Maldonado - 3.17.3-2Elio Maldonado - 3.17.3-1Elio Maldonado - 3.17.2-2Elio Maldonado - 3.17.2-1Kai Engert - 3.17.1-1Kevin Fenzi - 3.17.0-2Elio Maldonado - 3.17.0-1Fedora Release Engineering - 3.16.2-4Elio Maldonado - 3.16.2-3Tom Callaway - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.16.1-4Fedora Release Engineering - 3.16.1-3Jaromir Capik - 3.16.1-2Elio Maldonado - 3.16.1-1Elio Maldonado - 3.16.0-1Elio Maldonado - 3.15.5-2Elio Maldonado - 3.15.5-1Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Peter Robinson 3.15.4-2Elio Maldonado - 3.15.4-1Elio Maldonado - 3.15.3.1-1Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-7Elio Maldonado - 3.15.1-6Elio Maldonado - 3.15.1-5Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-1Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.15-0.1.beta1.2Elio Maldonado - 3.15-0.1.beta1.1Kai Engert - 3.14.3-12Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- Fix CVE 2021 43527- Fix ssl alert issue- Fix issue with reading databases that were updated using unpatched versions of nss- Better fix for the sdb timeout. The issue wasn't a race, it was the sqlite timeout waiting to begin a transaction under heavy thread usage.- Fix sdb race condition- Fix coverity issues- Rebase to NSS 3.67- Restore old pkcs12 defaults.- build nss for older nspr so we can pass gating with the new nspr in the build root- Rebase to NSS 3.66- Fix various corner cases with ike v1 app b support.- Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC.- Revert some policy changes the generate ABI runtime issues.- Add support for enable/disable in policy. Now if your policy file has disallow=x enable=y it will act just like our other libraries.- Add OAEP interface so applications can wrap keys with RSA-OAEP rather than RSA-PKCS-1.- fips need to reject small primes even if they are approved - code to autodetect whether or not to use the cache needs to do so in a way that doesn't mess with filesystem negative file caching. - add kdf selftests- Fix issue with upgradedb where upgradedb expects standard to generate dbm databases, not sql databases (default in RHEL8)- Disable dh timing test because it's unreliable on s390- Explicitly enable upgradedb/sharedb test cycles- Disable Delegated Credentials for TLS- Fix attribute decryption issue where the private key components integrity check on private attributes where not being checked.- Update nss-rsa-pkcs1-sigalgs.patch to the upstream version- Include required checks for dh and ecdh key generation in FIPS mode.- Add better checks for dh derive operations in FIPS mode.- Disable NSS_HASH_ALG_SUPPORT as well for MD5 (#1849938) - Adjust for update-crypto-policies packaging change (#1848649) - Fix compilation with -Werror=strict-prototypes (#1843417)- Fix regression in MD5 disablement (#1849938) - Include rsa_pkcs1_* in signature_algorithms extension (#1847945)- Update to NSS 3.53.1- Update to NSS 3.53- Fix swapped CMAC PKCS #11 values. - Fix data alignment crash in CMAC.- Fix coverify scan issue- Fix endian problem in SP-800 108 code.- Install cmac.h required by blapi.h (#1764513) - Fix out-of-bounds write in NSC_EncryptUpdate (#1775913)- Add SP-800 108 Generalized kdf- Check policy against hash algorithms used for ServerKeyExchange (#1730039)- Add CMAC- CKM_NSS_IKE1_APP_B_PRF_DERIVE was missing from the mechanism list, preventing PK11_Derive*() from using it. Add gtests for the PK11_Derive interface for all the CKM_NSS_IKE*_DERIVE mechanism.- Backport fixes from 3.44.1- Add continuous RNG test required by FIPS - fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor specific mechanism- Rebuild with the correct build target- rebuild to try to retrigger CI tests- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set - Revert the change to use XDG basedirs (mozilla#818686)- Add ike mechanisms in softokn - Add FIPS checks in softoken- Update to NSS 3.44 - Define NSS_SEED_ONLY_DEV_URANDOM=1 to exclusively use getentropy - Use %autosetup - Clean up manual pages generation - Clean up %check - Remove prelink dependency, which is not available in RHEL-8 - Remove upstreamed patches- Update manual pages to reflect recent changes in commands- Make sure corresponding public keys are created when importing private keys.- Fix the last change - Add --no-reload option to update-crypto-policies to avoid unnecessary restart of daemons- Restore LDFLAGS injection when linking DSO- Update to NSS 3.41 - Consolidate nss-util, nss-softokn, and nss into a single source package- Fix the last commit- Support for IKE/IPsec typical PKIX usage so libreswan can use nss without rejecting certs based on EKU- Backport upstream fixes for rhbz#1649026, rhbz#1608895, rhbz#1644854 - Document PKCS #11 URI - Add warning when adding module with modutil while p11-kit is enabled- Update nss-dsa.patch to not advertise DSA signature algorithm - Update PayPal test certs for testing- Backport "DSA" keyword in crypto-policies- Update to NSS 3.39- Fix LDFLAGS injection when linking DSO- Install crypto-policies configuration file for https://fedoraproject.org/wiki/Changes/NSSLoadP11KitModules - Port enable-fips-when-system-is-in-fips-mode.patch from RHEL-7 - Use %ldconfig_scriptlets - Remove needless use of %defattr, by Jason Tibbitts- Update to NSS 3.38- Backport upstream addition of nss-policy-check utility, rhbz#1428746, includes required fixes for mozbz#1296263 and mozbz#1474875- Switch the default DB type to SQL - Enable SSLKEYLOGFILE- Update to NSS 3.36.1 - Remove nss-3.14.0.0-disble-ocsp-test.patch - Fix partial injection of LDFLAGS - Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream- Update to NSS 3.36.0 - Add gcc-c++ to BuildRequires (C++ is needed for gtests) - Make test failure detection robuster- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Fix a compiler error with gcc 8, mozbz#1434070 - Set NSS_FORCE_FIPS=1 at %build time, and remove from %check.- Stop pulling in nss-pem automatically, packages that need it should depend on it, rhbz#1539401- Update to NSS 3.35.0- Update to NSS 3.34.0- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka- Fix test script- Update tests to be compatible with default NSS DB changed to sql (the default was changed in the nss-util package).- rhbz#1505487, backport upstream fixes required for rhbz#1496560- Update to NSS 3.33.0- Update to NSS 3.32.1- Update iquote.patch to really prefer in-tree headers over system headers- NSS libnssckbi.so has already been obsoleted by p11-kit-trust, rhbz#1484449- Update to NSS 3.32.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- Backport mozbz#1381784 to avoid deadlock in dnf- Move signtool to %_libdir/nss/unsupported-tools, for: https://fedoraproject.org/wiki/Changes/NSSSigntoolDeprecation- Rebase to NSS 3.31.0- Enable gtests- Rebase to NSS 3.30.2 - Enable TLS 1.3- Backport upstream mozbz#1328318 to support crypto policy FUTURE.- Rebase to NSS 3.30.0 - Remove upstreamed patches- Backport mozbz#1334976 and mozbz#1336487.- Rebase to NSS 3.29.1- Disable TLS 1.3, following the upstream change- Rebase to NSS 3.29.0 - Suppress -Werror=int-in-bool-context warnings with GCC7- Work around pkgconfig -> pkgconf transition issue (releng#6597)- Disable TLS 1.3 - Add "Conflicts" with packages using older Mozilla codebase, which is not compatible with NSS 3.28.1 - Remove NSS_ECC_MORE_THAN_SUITE_B setting, as it was removed in upstream- Add "Conflicts" with older firefox packages which don't have support for smaller curves added in NSS 3.28.1- Fix incorrect version specification in %nss_{util,softokn}_version, pointed by Elio Maldonado- Rebase to NSS 3.28.1 - Remove upstreamed patch for disabling RSA-PSS - Re-enable TLS 1.3- Rebase to NSS 3.27.2- Revert the previous fix for RSA-PSS and use the upstream fix instead- Disable the use of RSA-PSS with SSL/TLS. #1383809- Disable TLS 1.3 for now, to avoid reported regression with TLS to version intolerant servers- Rebase to NSS 3.27.0 - Remove upstreamed ectest patch- Rebase to NSS 3.26.0 - Update check policy file patch to better match what was upstreamed - Remove conditionally ignore system policy patch as it has been upstreamed - Skip ectest as well as ecperf, which are built as part of nss-softokn - Fix rpmlint error regarding %define usage- Incorporate some changes requested in upstream review and commited upstream (#1157720)- Add support for conditionally ignoring the system policy (#1157720) - Remove unneeded test scripts patches in order to run more tests - Remove unneeded test data modifications from the spec file- Remove obsolete patch and spurious lines from the spec file (#1347336)- Cleanup spec file and patches and add references to bugs filed upstream- Rebase to nss 3.25- decouple nss-pem from the nss package (#1347336)- Apply the patch that was last introduced - Renumber and reorder some of the patches - Resolves: Bug 1342158- Allow application requests to disable SSL v2 to succeed - Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails- Rebase to NSS 3.24.0 - Restore setting the policy file location - Make ssl tests scripts aware of policy - Ajust tests data expected result for policy- Bootstrap build to rebase to NSS 3.24.0 - Temporarily not setting the policy file location- Change POLICY_FILE to "nss.config"- Change POLICY_FILE to "nss.cfg"- Change the POLICY_PATH to "/etc/crypto-policies/back-ends" - Regenerate the check policy patch with hg to provide more context- Fix typo in the last %changelog entry- Load policy file if /etc/pki/nssdb/policy.cfg exists - Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy- Remove unused patch rendered obsolete by pem update- Update pem sources to latest from nss-pem upstream - Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key- Rebase to NSS 3.23- Rebase to NSS 3.22.2- Fix ssl2/exp test disabling to run all the required tests- Rebase to NSS 3.22.1- Update .gitignore as part of updating to nss 3.22- Update to NSS 3.22- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Resolves: Bug 1299040 - Enable ssl_gtests upstream test suite - Remove 'export NSS_DISABLE_GTESTS=1' go ssl_gtests are built - Use %define when specifying the nss_tests to run- Add 64-bit MIPS to multilib arches- Update %{nss_util_version} and %{nss_softokn_version} to 3.21.0 - Resolves: Bug 1284095 - all https fails with sec_error_no_token- Add references to bugs filed upstream- Update to NSS 3.21 - Package listsuites as part of the unsupported tools set - Resolves: Bug 1279912 - nss-3.21 is available - Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit - Resolves: Bug 1280032 - Package listsuites as part of the nss unsupported tools set- Update to NSS 3.20.1- Enable ECC cipher-suites by default [hrbz#1185708] - Split the enabling patch in two for easier maintenance - Remove unused patches rendered obsolete by prior rebase- Enable ECC cipher-suites by default [hrbz#1185708] - Implement corrections requested in code review- Enable ECC cipher-suites by default [hrbz#1185708]- Fix patches that disable ssl2 and export cipher suites support - Fix libssl patch that disable ssl2 & export cipher suites to not disable RSA_WITH_NULL ciphers - Fix syntax errors in patch to skip ssl2 and export cipher suite tests - Turn ssl2 off by default in the tstclnt tool - Disable ssl stress tests containing TLS RC4 128 with MD5- Update to NSS 3.20- Update to NSS 3.19.3- Create on the fly versions of sslcov.txt and sslstress.txt that disable tests for SSL2 and EXPORT ciphers- Update to NSS 3.19.2- Update to NSS 3.19.1- Update to NSS 3.19- Replace expired test certificates, upstream bug 1151037- Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available- Disable export suites and SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code- Commented out the export NSS_NO_SSL2=1 line to not disable ssl2 - Backing out from disabling ssl2 until the patches are fixed- Disable SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Update to nss-3.17.4- Own the %{_datadir}/doc/nss-tools dir- Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic- Install pp man page in alternative location - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer- Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available- Resolves: Bug 994599 - Enable TLS 1.2 by default- Update to nss-3.17.2- Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work- Rebuild for rpm bug 1131960- Update to nss-3.17.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Replace expired PayPal test cert with current one to prevent build failure- fix license handling- Update to nss-3.16.2- Remove unwanted source directories at end of %prep so it truly does it - Skip the cipher suite already run as part of the nss-softokn build- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Replacing ppc64 and ppc64le with the power64 macro - Related: Bug 1052545 - Trivial change for ppc64le in nss spec- Update to nss-3.16.1 - Update the iquote patch on account of the rebase - Improve error detection in the %section - Resolves: Bug 1094702 - nss-3.16.1 is available- Update to nss-3.16.0 - Cleanup the copying of the tools man pages - Update the iquote.patch on account of the rebase- Restore requiring nss_softokn_version >= 3.15.5- Update to nss-3.15.5 - Temporarily requiring only nss_softokn_version >= 3.15.4 - Fix location of sharedb files and their manpages - Move cert9.db, key4.db, and pkcs11.txt to the main package - Move nss-sysinit manpages tar archives to the main package - Resolves: Bug 1066877 - nss-3.15.5 is available - Resolves: Bug 1067091 - Move sharedb files to the %files section- Revert previous change that moved some sysinit manpages - Restore nss-sysinit manpages tar archives to %files sysinit - Removing spurious wildcard entry was the only change needed- Add explanatory comments for iquote.patch as was done on f20- Update pem sources to latest from nss-pem upstream - Pick up pem fixes verified on RHEL and applied upstream - Fix a problem where same files in two rpms created rpm conflict - Move some nss-sysinit manpages tar archives to the %files the - All man pages are listed by name so there shouldn't be wildcard inclusion - Add support for ppc64le, Resolves: Bug 1052545- ARM tests pass so remove ARM conditional- Update to nss-3.15.4 (hg tag NSS_3_15_4_RTM) - Resolves: Bug 1049229 - nss-3.15.4 is available - Update pem sources to latest from the interim upstream for pem - Remove no longer needed patches - Update pem/rsawrapr.c patch on account of upstream changes to freebl/softoken - Update iquote.patch on account of upstream changes- Update to nss-3.15.3.1 (hg tag NSS_3_15_3_1_RTM) - Resolves: Bug 1040282 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) - Resolves: Bug 1040192 - nss-3.15.3.1 is available- Bump the release tag- Update to NSS_3_15_3_RTM - Resolves: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws - Fix option descriptions for setup-nsssysinit manpage - Fix man page of nss-sysinit wrong path and other flaws - Document email option for certutil manpage - Remove unused patches- Revert one change from last commit to preserve full nss pluggable ecc supprt [1019245]- Use the full sources from upstream - Bug 1019245 - ECDHE in openssl available -> NSS needs too for Firefox/Thunderbird- Update to NSS_3_15_2_RTM - Update iquote.patch on account of modified prototype on cert.h installed by nss-devel- Update pem sources to pick up a patch applied upstream which a faulty merge had missed - The pem module should not require unique file basenames- Update pem sources to the latest from interim upstream- Resolves: rhbz#996639 - Minor bugs in nss man pages - Fix some typos and improve description and see also sections- Cleanup spec file to address most rpmlint errors and warnings - Using double percent symbols to fix macro-in-comment warnings - Ignore unversioned-explicit-provides nss-system-init per spec comments - Ignore invalid-url Source0 as it comes from the git lookaside cache - Ignore invalid-url Source12 as it comes from the git lookaside cache- Add man page for pkcs11.txt configuration file and cert and key databases - Resolves: rhbz#985114 - Provide man pages for the nss configuration files- Fix errors in the man pages - Resolves: rhbz#984106 - Add missing option descriptions to man pages for {cert|cms|crl}util - Resolves: rhbz#982856 - Fix path to script in man page for nss-sysinit- Update to NSS_3_15_1_RTM - Enable the iquote.patch to access newly introduced types- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Fix incorrect path that hid failed test from view - Add ocsp to the test suites to run but ... - Temporarily disable the ocsp stapling tests - Do not treat failed attempts at ssl pkcs11 bypass as fatal errors- Update to NSS_3_15_BETA1 - Update spec file, patches, and helper scripts on account of a shallower source tree- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build3.67.0-7.el8_53.67.0-7.el8_5.build-idde593fa5bd45e62470e914e9e3ff275451ee32f0libnssutil3.sonss-utilCOPYING/usr/lib//usr/lib/.build-id//usr/lib/.build-id/de//usr/share/licenses//usr/share/licenses/nss-util/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m32 -march=x86-64 -mtune=generic -mfpmath=sse -mstackrealign -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpioxz2i686-redhat-linux-gnudirectoryELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=de593fa5bd45e62470e914e9e3ff275451ee32f0, strippedASCII textPPPPPPPPP P P P P PPPPR RRRRRRR R RR RRRutf-898d8a94dd17a5d5273756c269be186ccd5a557854257ab9f9977146eb234b506?@7zXZ !#,oE] b2u jӫ`(y-6yS*#[I.i5E Yi7*0&M3|I< CӜעCM =qxRybڰ~"fby>^j 9v3Cv*dWd/mA[c3mOH]=*.Ԩf! R`ӚPmc`=:%d"Jieg01#@n- nZBoY ?U#*}P =̄4G}@{~%?9jkf{donHZqT=:"S(3wR.J[v!ZEN_H"g\_e]kPEC2fseCE({JK*Iqm@R:CժM :ݞBbP4b>~rw ?ɬGzM}š((ST=06|1MBuLw);i3գy}J0n4y!Zĕ_haG*|^a)cjGa4$ {uw\V0~XO} Hq`M6SHp.M*ߟhշY?e8OR9_k_®\L/tGAw f0%@.\ dG~!H`Hb8]^15(Sʻs$pP"$#zEy:mhB仗^ViAA.|'Psz_*[fG>6/%w:1GQU-.Q-K$S'8sot H, P9?CLP FvJAյN}Ǜf;GHW)z&]4U5RcmZw5J)otUF *ƿ`dK(?FO}Zfbpv/sޔdVHy7&}Tc]S;[{D2xܟ n9P -f] -yZ鿛KYʍXtFQL'v"b|_d\Pɣ qAbYFZ09m1 90I|Җe/N4ju1<4[|M[9rg:*R:/:IMGn-[ZЌ7\pZ}beDp^g)28jwBZ9$61ڢfi=qЄ]&%R`P<=*JR*0}{z~@V1F!h8Qr&WȑR(_'̅ lGM73~ON\/5 pE⵾ M~L&f  'H<*4 geV]ZMjT<ӿbhm$ 㥝Q0︁|hPeD*$OLdֿؖ\/H:cJq'(&lX"#9˨2[xN óXy`(>)g1fȭ`6٥C[4|kZ Rpq%*:?S^ʑ40%|C"1yqx=H+bpSnVٯQ}eʄ*5YA#UzԆ]Kc}fT97B((v]icmJm ݃$̆! $%!lDR{pGc?\b3h/G_R3RR^,V(]>E6`D)%J !95[eM֑=l7 41j@Ԅ[ j,,4/)k41J}>XIm*0rN\H$a@ǫ6<{66'fQOErq:xFMUͰ$hAP\*L#mdU$"UO{rWƽM{ t2?zn~BUTVy5x¸P2ulٴ`RW^B{aY> 5axskN@!_`H}43ʊ/3Og 樭^8& 0rm$^錹痠'<ĀdwE;f>\#]<\z)4K;%; #b^DCwv&4?~lRcY8v.wՙ !ؚpN}n/(A { FMb~>_坠ِݎEGC1v:Hu&PN\I D|{q\qdudn ]"qVG6 (B *B0ߋ{Y31}X(\Ly4=t 0s%̶_x$b2& <ƒ#a-FIlPVdfV@u @-ņ/m45eC0_-Z>n؈r݃.Y1Fjњkҁ&ZڭU pp]CJF<=V>+]W]GEŲ$!š/~*QKiH،-'U ΧF_D_4$HyМNr؃cꇝE|}ԩf]Y珩jͼ~ VOC`a iS9xՄ.R+2ş?AkQt+DeW|*ڂAҚoh_x o6 .rn3Tx mWY%8GfڵdI`g<#I!U)Ua\ ך Q3関d;~qTҕJf#\SG݂lUjٻ=r 슌b(3<[4e+sJB1 DkzB+nQF|DkCmp gM -K7XѐHݥ Nݸh^K׹)m *|j̫h.g9496j/:mװHJ<4/7<ĕ , m~>]2:RYZ:!_^y0zbW3YؽL\r `4:V q$(eI#An˕ HJ؞ DF@̹Z%IV^ڀQ/}AR{qAsb?G^LK/g3$_vuSVo(ش \xB'^]ĎR=T~q9J OnN >+3>d˃ H#!ybӫ;i§,ecPt E74'Pue vfNU[3\4``فEQb3_p۰% KUv>]Z4\-`r[ck/^43YŨ)>O픘.8D'v/٤ w@TuxFkC@SGHx(/l;L#TP_o.ǿ>O95\BG mſ>&HlY^N48HH˛.G a+c ͆1z Y)$Wx<Ę\?O P^R.HXaU(rtKW(Tmn=̒Ꞅh(Rұ?uon~uC?q|{UiKr~P]׌xl8@F$oNJR ふ{/o~h;Ȟ's)q':IH>nὤ3Xː059\%V4[1 -peo4QtKL408>>>t妐yw A+21;̾|`esD[#DkjmAJ)3ӎT]IaXD= #pVjU];N_K싹SL4SHfԏL, ~)}wC=M8PS0`ŦC)uNtdpMʦLj֦xzx>srֶ=:DWU OбlSܽ˔(Y׫TC/lAOLRZ~6z:JI%Jg8Ϊ>c@+&5y+oX:ߥf3WR7m, GV=TnYI,nRqs 1/:-})D O,sT$sӇyCw12g:tPny:t\' !7r!@Y1԰#1d{3[L5pꄗ4 ]ݢ ⮉.>P}3#=&EddIޑB ~N,;?!8bmT`L$C;|QzUL26~m (ujPLO\dsR}2ڬ'}:n Vz6o&ɕϜ4e1]L] y ػWN5` ,ll֥P߱iv7PÒY#,O`s7xJeK$qTFج[cΊJy7dk^zr'^KIQr'i[c: s"~j>?FpEʦ<T"-LP銕Rpc^+'=g&KI%aaQIB^.Ưɒ9Y?.|)Qupi ?Gn9tce؅L5$߮x=EgH10 1 KPzJ>2'?{wN.Lm- Du%^ ޼1=)ضbTF:m?~#9K /T4[b ?.pz!,+YlS)BP+ yG3| el=%Vz|-7L/|& N( GSjTlʒ>?d8 D=Q0 d|RS7zqÕlXԄZuy.j5{U;>ޟ4(JȘTa7 aދ;@%EG-*x(ahnIL5]. 2&9Qj<x9՚L( BQjԡ`sш0_5t7[YnZ8:g,w7\4=zAX(fk=}m8Įz>*{64tcP7:dXG UnisZuiTa8-D' -a#]lsf US!(qmvWĉ'[2̽hO;u #Ja\ew=aCtvkQ.ߒ&X>"qPXDbv;I6dB]?Y LLHbӤg|NP~$nM3@p!*}bHD'{VuąasA3M-GuS9zCd-cDe匇9XG\VaЋMo3OާsqKPy~lʓSj}@Z&!fHfv̒RwPYM{sm~$^HjČ!Ͱ da46=zIVz$l`aYɆM(Xqa}X^6f Qjsðh'nσ ;-ƬA\<!w/S"T5AR;E"t#ȣSв=œI 4&ER"95e}fޚu1??ij)vC]zK/ϸf_m#t|*_ >DE$=#\v,x!^xD3g]<;'7gbq0ߐXws[Jm. 9\N^6@T9)je5xW@Ab_W*}$:2-Ex)\F."E=)4rPcR˙N4R۰cXFUYjYBo}[dM+:AR8)wTazL;:.s;oeoFLV@|۷F-56Ծwz$$ˀe͚:O3|zg Ku _ܒJK^ChEl=@!5ׁ2l\1Aa!Z`gi]QLO`!5C/LV۷MƵF7Xu'1 YX$*,}ܙX gppt14r:Swj:}>r`LIa:S& uN׏ 5(BDvɪ _k )RG-4zHDh ,2Mb.ZD$-$!2b gA,uݷ)z|߂yݞ#6vpGZjS: 1ޓM61XD gbWWЀVu|"ڭ&<4Z[9 W:yH>VFKp}JC1lP _|)S[gJE5`Aa~ѮHj1\Clt\ZA8WfZb*75"C7)L_XA> `iʽb*GgtzŔV(}zi7dӛrM5qʄ'7N4KgKBB4% 87/+l>|XwvkQ-uD^b4M8#U<.]O>q$cZN24d8ʔ_T-YV&1 y G?8hߒ!gy8xshɑEg=C&-4h(F013GfmTv h;jo<ȿ`Aԭ˷zEJD$4ƌP5b[ҡ9=ֆy5|ߍ%Z]JBy3ԅm-v.iWY]Tj*(2OF>H: b&ѷe^(@ðQ0~LnT !t" E])7 L[&W6&FZՑocW ?P'5M4go1ƜkTWD(z '.3xYfAGPWb%Zm#I'f7[mK?bƤg%݂ U56/Z/]S$҂&m849 0ZI)w)cgy %ڞD@ݲ +KTbwY<$gޤ`z d \,Zw.egz cu. TrZQT@/h.(bNV{ e.8xJR|ʱ:O#gM4Fi&zsd1*ÛE^:i8vp1-JY<" =MQ$9=D. &ߘ)J/-zxc.1dzݾ6?/x\U!Aق>Pw.{Vv{m(?L0M))_^|"ke"h9b8W3MI:&6'2"q#H+^*ӟ'*]]C0!,)Q}o"p"a䃎2eV/eW-TKbYieW=_;'\y8G2axvug2v .e˶osWN<17NAKB1a`r2SJRceU6  Fo[\I(kZ:-l># a A4RȞu5-cT?ZWn׳0}?eA pior/6]~G*C"@+K"Y+ӎs?&qN̦szFzPLYQ"v< G[S8\MuNr&B{lK9M@wޤDa14πDRH* A{4Ku\oLтt{!Gل/7TBoޘQr#3n&X)?%-gV`#K^IWhDt >=nfH6yߥ6 "{EQ%5NJfĔY1Q[RN4Â۔&@'m< Yn r\"ג]hvs"M6Xؚax=!ښӷ!7dpI(Sn}4.%Sfru1L_ (Xw^}P~X ?pu,.S4^9J;'oEOh氓VzZ\vA 4_=@FEC/KK~uMbMg}MpEI?8:jǨr,K7h論^XQeJB,W짞EIȌq5S1Zk #4U%qN`r1bnO 6O/H]`j99݆GDa6#-nP= `8+xk~`M϶f?QX"e5c 9~F*%eӉkyQo; :BTWI jr D4~/ZБ/U S\:1G]sRS@DyAa%'aާI웬k$!z\g7*X2YHIvd%L{m9kRTq$M=1O6qMbΤkH30#@sEK:M,bѥn3 >iE!9َ?w3$.'}xwҕeMy"H|hMEJ0f1JĝJ`;~g޶޺&_dӦ̥c[JomH'kATB#"ߺ ouhO PT9KE^''da#:# v1^4+\u +TA w2LcBg͗pKiڸl0+8Q\Tu A:X *g(PxGh1Bgw]Q8"W@\/Ƿv"7׿D<~HߥA+-'T$К>E|2åД_ 0 AKl %B^MaCǽ36mkAc'ޒyQ^^fƈ;GV/ r9ڔ(c865-K@%A(8{#a5 3ܚ66!X×u)n*aRaRQ>Kd|ɠU\nч
x"658L*I&E42W_-NhJt/#9kM0^+|ێS[VUGODd}1;6!pxЍgbNޒVvR;N&\~&10cX'ɝעL#r辶<'q5FڮЕRZ~HNd-Po%l|Vh ?K 4) ]5M)E3&:A# %2ߤ-9[N7{(?L"d*|kMsBB!`YcZ~Y3IYCՒPl엓O`ZN> ?XGNc@+"Qz򜮺jtuHo1"Pp !}.x:ŮR*#[4B:;!],$Bs'"NJ/ #Yl+J%SJkW{y9u UP!~j9J ]wg%N(JEC=h~ӻˆTɎai-883)≀ u^ KV??=Ǹ%&:]VEfV̙WrbP *Ӟbg=R3gjx\%C!0tcTRR/[nnTkGGJZeV|P+[+ Xڲۀ;V7)2E:s&zxiۣ [h"g? !CH{(u!7{<6P*H3_dhvgoi(wR"Vz@ˈɃ-L0; G% Z.:.RN3m[Y =CmNvtu mФy4tmF7˃G?K% SPCJ=WQ65kfH* ًMY)FEJXhrrjޏ`-)Ba}w##nO)t2dPU74 Nu2*eZ6+&Ṏd_Ӌvr dTcImXx&]OȚm)N 0 0a~;1yZp2Ծ%CJ=xy\vq9^hF'ƗYTg,Hʴ~X5*]! 1˞'FŢŒ79ԕ{*p(B/}Kϙk!VكI.Ӡ88ybUivw'CfֶjtÈGF1k7%@x 酂Mn/pg{~$oRHn xJݷXxU$"1g=πv\hϼ6xJAr,.َL*mPejwvf_+~\TAAİVP0[K*~@?kDt?˲DBgIc' p\H%(&'<@;]|`;޻2cC":t͑RA:r ln)Mf YPw\"X`(J@s r; ƑMFJ`Yŋb%K\LA&9p,yaN%uZKܬ '\od0ɻS^ѵ|ЕxEAۅN)^X'kǧIFϬ?uVK\K@6+_GrKشM4ÁL =6# U?L8C ȧn/Omy梂ׁf ICGas]޽_rF9(2=S+R&؇O}ByoHS%IXO%te%}9kHs07DQ L#ɧk T,X+Ns%a`L 5: fz+Cu]>؊#j*7tߖG[Oz[5 iC jEʚidv*'?+h4Z`~. a74 *XԈH1uj6XsjҋTq'Ew Jmh{ q,c?ТpWrIUQ~f`51#g8\=GDpEgȂߐLhn (Rnע]virDÁрèX 8 uG^$病+=`~@ w73,jJ wKQdˈM=,򚵳ñMC} F2 Tq&7K_5ge]y1ADZA]u'boۈxv VG\(ltM1a&+i!ϊZO^5>a|<9YJWQ+L-OƞڑhEMl%vp& uצͬ@|my5 !̊ `n>|fHysG|6ֺq'-T~>.9`{ǻ@$\a.gN'L ʙRqk/&V@Ik>.mYvJ+O\`\: f}|]u~>qIYh#TLGgX42)-7̜p:P[6jQLҰHF&_# zhRffM6lbZpB-<?˼65 m.ӝh^؞h:}up»nyg4|/o.k/DPTlևԨhS{'R5i2 |@onYRaL-QYמ+UK+T% ă#=:{: 6e*[ڼ5v [@mt(hQDM&MR5]'P+hw҆8|Zi 'C)k6sA\, U1<,hЗpl2nBc}Dy#0bjx_b8LТFߙ5<l^5MB%iOŨ+!jbPFڏ̯Z5O'iUn7"B\Lu_1L~%t\v*&^9rCe|^~'sK+o4<'HCyo /I[kn_]L\Bߑ#i_P('{CAi,1^1i57&[Y?`Vf*iV);*Cfh?K]! 9&_s÷IJ{<-=Dc)5>J#cC8Y Ӕ܈+۔mػn>^;Ji.6GX n|:uF^B?ً݄̑T AU덊Ԩ´NwuFɄ=OPP[3go#mLJ& dCW^ Ab"ԃ/7iʋi&֮ 4 ǂY#4/Qw "eB~ҳ%#y f6!:O~+RgF8n&{xO568WY}Q.*yx K檳NKbufk r#$IFT2=z1pq$l[lL%}-sV,Kf'ip.Ua[#9-j$yZk~3z:OaJ~ @ʎ/ꅮWG*oJ dƯoAeZJ:TII&dm,_:pμU-el G΅޶~7q갟eZԑ5Ik_q ^b<.]|i'hGjjwSi]dR ; Ɯ5%Q/x&mKF6֎'BQЪtX~gGK7=I7Q]eb/9+W 7t-Tw0ܰQ#q5mR97:?fu@J  lUF'z(bTXO9ˌ;5\Ŵ*(~x`+}~YF:jkl[ ?|>#b@L$g'u,f v69D$O'4 3Og|itBq %N(Wx) i*lu[c7s7]a!4BݓIfD?OeWGNoPXѱI(2,P^8oqFp@]JWJZ|ZN>yTEgasND^5dzFfĂӬmN?ϝ1Bs5_&HORU #qmu&6P~x1,Mvg3Yhp a4q!5l)O߯Yq.eJiRn[PfmaY_Z͑ Rc.aq6{[=z%׏Y-M^ A(Ct"3uzm(>{H6]I5ق/no@"ڡཥG}q(@hǎ;olnZZ~b@HZ`"prde-μzd ɧGt.^:&N9qTYF-]3^Q~Y޺T<@t@(H$-P5<1͆\ Eh=sDE҄{h_m;nfr+*%gyJomf[oŠI@HƦ9Q`> `ȼea_gd[YUΚ8j­<`oL;m: +Pf_!w-h6}8Wgv^O{FK i|ZD`&1}d=bt1m=~?c((l'k)7FH\\݈ACfU-3gCGaSemxrnurp"!|, J*~13̫Rz諔eCN<{P896헃밴^4b۝1Tg\ 0,vAymʆa=~D;hw-4n9:?iשYGxK/,݃<(qnX`9'V)h蓤!Kʅ *&vY#\Lr[[3_1Zף/%y}~pʹ4z4<ȩpO_ CvL.| G(s8nv;ʿ`^N*+<2}oi7Ck}zf;z`QKrI~^k1 FNaV*eljNjU˖]NC?^)WZvNh[k=2% =~8ͲbsĹ@kd ty,aڙ8mi0pͼ%:8)<>Lt%0_Gx\[/v%'lq^77ŝ |]osR;j~ZP_1dԺi%Js[%UV+V  Vj^^k;mL[uHꚰY/9^4|L ilf&{l" l >=$6ttb>3;D(}3:S&Ư .9Pjb0aδhۥ5$M9JkNj{gɨ燉'`0fhKݬgչt [s^s摸Uf46=\MG l6Oz*.*H(RqRmSZe<x,8fWkt)rIPQͳD嘎9CE=LPK7?,B$`-V+l[qfp#>ģ8ԛA_mJPNk-"x+Kki5k 쟣:sp Gi@PW4Lr$ER=S/!#2N8xrQ\gV3 :HAom= )EP&:oc`"+z(q+@XN(@u@$ժX)8\B-¿)SidV!=1sS(Ms1{ ,*S|H 3[$@4W}ﲄYSKpJtVq&h>iȥ l\vRSː];h@8D*]nA'Ԇ% 7Yt4^1Xc;7h?<7T[y}3fi(iynL bWFPרVvtZ7Rs^( (o=@H)v5H;VۍCmD[; YXVLx><6|!z"@r-/qm`"'|]g0JTd u"g{dBk AwtiRi02R*ϗ|ZL~0j9Q$|'26&&5eƖM,?Ƴw.diWBz"B( k]vWd L6܍$'p0T)[2^loNL n"r3+OByQхmtZYry'r9uLk\&Zj3QY>A>"Vg:Hd  ઐ!g,v6d&VPQ'[0JmQ9Weor[Jѡ@`nv40m`23)ދ!Uaoi5CH*h: "ͷ'ӸI^~[sTtܪ]M,|s^ k&bg | ·?-/|8>&\;GVF栏Α", <:{2Q)U˸?{Q7ɮBZB$#{w9/$$cfvI}&fpgP |d5y#\s[{#b/ kAvOаSxDQeFA(Oד obd(#N: yYSŀuw(km8?x5c$JDV'X@S`8/'%B6\B+MD4,V&1ugBv|i/!L;DnrLT։pS ,jdTR*H\?,^Y>"1ҋ%T` p= gɶ/q>S{JhʸHI%]𡋛.Z-0mf Aﭾ3`cFTe p>^'ԝ3!GRwSv"Ӥ'"y?[[xi0A5jcGS Nݧ{e|92發ӫxhbZah~ fFꄑKٸ/ƌ\g$u+\ Oć|?)Ƌ `9Hӆ3>hT۳y=Ⱥ "@I)~m5pQNB攌HmSBL, /ʨp*d /*m #sM.LpY=să"ն6Fs ?XKp N8=]je;q4kS/1?Wis/5n]n*XI{*f M,.Ng!SuO jN+*K8!=;aSU _5< ͚|]h TWP*iB@Jx~"mW{tBD-zHxlnQ0UG-{ nӛ6/})zKvQ3jB |E3 ,) ֋Un=\UhVFI `͝G*YȖ>Ƀ].)h/[=lhYH SMH({4 BWwjVTՕ}WLt-,j bC]%_WM Tj<el͚Y,blTJ]2Fkd< yOIij [wˎ RW4#T5Ԅ{ƭB({8?K~#|BHmuO|Zg=>cNr%Įc7&vNr叻IK]B':~zɴ3[ۡ9ܰ/T`]5_oZu-HٍS.,)6oZJ_XbHi#-z5k"n'y%VOu0w Eǩ&C:&N"o.0tƽ\Hs}15s1YymB%e"o;:0ZeܽTz+T*l,] V! &X;*EUavTeD_fW2p$)kՔГƊ,u4W{Yt/.8Q d~l }=PLIZ-1.M dNv6A%<ljwuca^)r[+*]ߖ6]/Tokk_%n ."+EkަlE3wВ:2xp}aLTrʹͻm{٦qUܮۈPp2w&z$l6vXn{uUagͼzy7Mdo,l)m&_Zp(%z_0c}5z)((uqz h3wjnf~?h_NpݤMQ+Bd/L}=dqiF@[r,'(;(nNoc lCEՅ0L @,mŬ|m~?Sw-w9kю|I gBw۫7tjpDqOS)pWػr=$-t5=;:@PLoǝi[*F L{@en_%{Oค~B, OLvpTF/$er;_am~]fOz<0򿣪cֶ7pH-.Wᅞ:ZHi%&36B. zܦJA;ۙ zMOGQKsO.|:Ik Ǧ僝uxL #h2)a'.klcn%cɴ]o&u}E~]W"<_tnG, iJ.>%9J@NTXkq5HmaX=, k\a#D ,u 'Xŷ=p |. fG?r1R=A⠽3s΢e혪x6.}zj%9 ?T"+ Q㋇fSN6ʬ1KN@sKqr(ڶ2臼fTFF9Pi~ *QAD;5gӸH~|hY~@,F^@=Х-4ۮKͫ,׃ڼ_d  / ՠC~:3 L;'~Lv@ۺ e.1!31 ֈ\uu-gvQD;Eywcz4L}1!UD8p5:1_::!PC3v_DM؞LNÍ ]1G/ FXks̠T=OK W*-T&;`0yon=U`llu mc2,6yTq~gMo>X8l Uo'7Is:肝l۳b>0wGz i?;Ӿ`gGx;hc׷1-N6%?ÛkUqv$Kf粙31 ,?tv8Nų=L=njj05\pL<ʄ TXS}˙*+ñ:[Tp<߻I5|Ag|xOl>.wH lHL _nDA:;RUN]/x\b)e]OW+_$/t<_3!=G_8i~. YeR]„yzK 5cfFk<:϶9urlAzTHu oOT-ɷ^=B]y1:S&W3l&aM8]h޹I(TFZ+ bkOs`OONS{)a9 ̱>w1K>;gu BJvnGw-h>PZހ7B~ٚ6jI3Rc7x*dQ&&q 0ǧ7|)%G!hR(BҢ4EIT?S# !4$~mn*9V&8 A#g*miRtv ܃,GYF&b[ }/o0 %kȩq(Vgk&q;[x!CNcx4$U\Fh ?{&'\72b~}qZ#P9xLFMB|n .Tm8V> $]?1ut4̸L[80k4 XNn^GUK+1Q/Q~!QkpV5¾pT:[w 6Ek_J3e |1%9NDcF &lY#dtffYw8и|Cr8Uw.uzsVjϰyhgvDr{hf&'< g. )??)ֿO -If=L_W5d\Zptn ?uԩֿ~9h= e%H(+O%ͣ囄HD~g)fg%!H^V"o̫.Bh#e1C#bT9Nzo/ZFeҝ.y_a=b3#KwfR(bbǪi9WiAoĻ( <']4?)1hʋOH=mfKːܙ;3̔[]}Oo"| "S5b@mPT+uEa7|}nO^uM8Qf@xM'8hqeƸjts a@hQ/%T;*_O+^X/8c沉GPvzgZbבB⬾00WoD{K ݭ HY{NR9b7k^UQ x"g#,8ЅF$wؙācDL_9ҔIP!>Z37b;V8F.Ǩ?}R*gS?o4:([CɍB6b/h]FֈO{SΑCR*+v;21ѷYgFwFtq䘽#Tku9QAac֊{%|8 [q瓯>Ñs!2EI[c[ӧ h"R5VAlDGcoyEqoJ:aUFHq/&o79*$ehUOlqml#OZRq.hī;0ꮮdQӈ By9l %z>*w(7 BBN$e\nt`,#b mg]"#h`;9! %I?kF5w>u:L] Cz0>NXkr`׿?k\,GŸZɅF\^6&7ԡ8JrQ $IpO`@.sn): ?^;f0%e\՝n6)f _-Ϗ~p\hVC0|lj02Y8lt?OIgi<,cT$HEe D FY6w$XeQt$#~*as1km.APA̿dT2 FG%%Si^O>tg<-L-R2IiP* 4ȫOAbīL]r)nxk Ox6kEaVW3D(?^Jһ]'O὏SC$k,3sCF$"Z:8Q#;AQ#hͥLn| }:<**ʋ%Сs7CU=_63EՒie+_MY&X=o@XQo阺1sL_\5m6sflxLytkg鼯h`Kjs# ؘ-DqBOX  /śOWW Y7tS {#Y u'T [%4Ujؕ? lM nv#Y%k5,~6z*sVrEVFC'?*=ٲή¨28a q 8Q~%d+;g[xf{? Z!Q)f&_9 0m( ;zj WX`h+#ixr:g9`z`3#RXw ;@J>w a m,e IBʵULRy^(-ٌ SF7s# L7quSD@}93e`>3^?>59d=`&fJ46 NE{z4t[D@αs08Ⱦ;K\޶?4,vt9vTTj&g1)YMq}΃q1rg\!j)­\:`ɾccEv~Me;}0J+oBW{ejfs>dlvo?_'TFOrO[zcT½|CB|]p" rf:m {v)zD)ǖ0sEq&Xr"[|)9Ib9oG~ "EII8|xn< 6| >*}*3Au3Vsՙ_ģ@1fis}Jp!yDÐ*`_3'!tUh]9`o!_hmbNpD`YXsm?Z"E#'s̀m{@ {yd\5"U*6knti͒ g,w: fAu_|w.S" a菡"VbVw_!v~4wY"dyt;a]9YN7*@$rs0A%v%"CPc ~!VƷ0pOֳ3IE )]QbT 杳쁩/!YKW*ani ?\1^KCi;9 :h3TDS$^k袩o}7>U1e:Z,hX3Ҳ]dޓnx>4.#֢!6'Bi/D/Vg|:æ2#`CJgT|T"\yM!S;8K9!]z`, i[Aշ&N-t$ъu+ZoVзy4*<6.#꘥-c [ vB^ɡr56]\Yxs5rv:)nBn ^雿{myļeY|3 n?Ղpe 5lMT6Cl#&,}0Jx[@xȅ [MQE>*!@p|-sM-(YPńÂ{PiBߤao(g9EOdՏ9ܯǎ#W=47R?hei?8EOv{%V  jA)q<]%K|貅;㢸mj`GiiАG. ¨&A~CA.A[9iYd}aR~#t_ 2=Z/y|1M +JEK%\*ӥE鎟OZ*-kOmJ韢Cta-{V[!po }< =%:!mepur~-ԲQvX+nyPBZDh'Wkٲ [쑓XJ޿jL${Kؚ$eBX_P4w+QDޏgォڃ)1hɃm( ,`IkcJ?P:m*l+8_Ow!O/^¶$4M[6O2|D|GȮ͎PK*Hq9^=7^Q?R ZJge:) C9e>rճ?~ ~-.zl=a`՝ e1ܦO3&= E%m3ڍeGv7tx[_IQBο IѼoJcvJ'{>RA48hvNӕƠ֮j$Kd!;ͼGrTiQv~4A qZVAoX H6G 9׵%Xia:-e 7Ska9K؉OC Q@H³C4  /E$gD`\+GEgu+@ Jĺiv9ך枸CѩzPW)tJYtXrʗ,d麟 MPrCjZ+Rh4(; lrJGĒ-ȿOւLJf\&U!%4&v8bULYbqz]-q;Oqوn3RCtn=,˙STNtk@]p+ktmY>>BC^Z$T@ tԈ&7]/:tQ^z*?nϋ#379]b /lA#E٧o QTLgW2hc%4qhbY ܷEJ&eh?+3h rgwKTψV.jLz;BTM̉>'z)8'aG֏E eW9OLvH¤!pkٍs+d,hc\ia5<.61իdYy gDN{O9Ɇ2l+(AV0.̐CG+0HM' 'T[+Sq'g`e%Tg[GYbq[xbc9> ȧQq]EC';m MLHK:0w<˟B!Ǻ> 0w"sK +ZέĶ \b^ۑLt^F-Y<@DXT()pjBzrF x=r6͋n# ԮG Q>gё%qA:n#5V[dr/*eV TJS94p)A|ߦ`!ss_9X%hQ$*SV|;2hLC+W* W he$Q/#@?/zvQw7 iA}?2#GQMYGQS8pqVikLz샤,.Yuwle &&+`} սzM*ʦ~C4FcTF*nnMJFIJ)<~tX:ψA04,p1kf2G=bq:f!{R Loɧ1[%%#V!ܚSлֺJ7p#o[)<NZlX= fo:F~T(pİh!zt :^jNOۄx1NZ lej[Mdqm$;mML$O tƹ;Ck5/P.8;tm"aoĸx̥meM݁Q2̭F.H&M4`̽m*L5hgOj&Nŭ 2Sx]uC9B,:'K^9|F>QAڜZ_g^k$g͉O)~ /R]KxMّxr"`;bal_R,[eTLSƔY3]1չob!<ϥC~$zi^đGg?N9!Yci-xka\ub;4B<&2dm|l$eRMz|tk61F\$)8$?½]oFr\dNbc3F@qL\sm'>@,7o)o2pQB=#*. ]K9e}6ՐGBbԵyi`1MtH?z4CǬ9n<xbu3`H^ 72h[jL0s.&b4k<<'{\Wt(*דff5SL7R`>gN7n?eL=҉5v]"UyE\]CE߲I4Us\=X# GԢ:UIgmd&U CB=ߦ,,MFíF4qo]4R; -=pʲܹ] 50QIqsМr>-L4Ãꑎz_=l@(8A'soQݶG@2̙`F0 `o1mA>od1Kγ(!EǶ @HE1=VE\>5 _I2*+TZ' 8lc5է"kCj_$! N(H M Dt;nOOԺ- Zd&<)҂QǀJꯂݡp Q:`EP0-B&(G=?"*W M)^>e_ |^PI#'5hzbSDp@$V=JeHY gy )ERFͅU4@BN#0e&૔ fňiXHPn jӓ/04;wCQVLEk R)aI..yUOXAD/N҃1PL31]f}`H_g^u Q 6s+J[>UCQصHrC軀v/DIznvC:mSnCd=' #F;i"d0rPVW`yWfc/2 `}WpldoF!QBqvϚNW& &E[ӞQyܐ^{bmF6 lI|c>BCV-aH됲.ZU.t e1,{[0:{Q fd=4ye7*zЧRȏS@*ފAEl#zߔܚ*I³d# %A&HLx]AӏbFCqDww6OnJb/Aӎt#RtvZc\3{rN[I_ ?|ָ`3:~;J5F!%ڡn_b"zBމ)@Nt{B4t{oR)r% 'VXAH GcH',*SɨO0pjËHde-ffA-:&zJ*BD֚=n2"G څҟa'1:B@GaqI~D`|2vn P KTuA3 !eWURCtc *hrg`Q`gC+-ѵŪchqT@šmp ygvD1 ^?0/ "8ꡛib:zMV0'CNJ%-1beP=aD1.\Z&5vE uwO{c2}k߽erNo_E%f?*/aXT $Y%;T̐ͬepm7ZթgsB=')WYJhB`,)xWwS?c3Z,Y2 A n9eʲk?D_>@Ո7xE#XD ,5([vo63{F8?Ά qrih,T" UWtQycJ$t.?]Pae7ü;*J,_! B^p7߹X.^} ,:[ [0_jLv{DS])tO )$aNi6O_at5H24iV|ѤvEYW4 F8 k *]o a!pš[s|t1|-D5x}%Z[+99B~`6EZã_gtd+;T= :&XYLN׈'G% o~KbȀnl.;vą:?n) 4?-dn{6gb`GAs\grFf˒+u6\vG7lJTЀ~,6< D;v sPxTEqӀ}$ˊic9&Kl^|l2 ?%axESXѻq "ncUx J3St1PFP:T8!lJ $:oqG-9@]=OQx7xFmݩvOf8F<֜= 8:1CXyf[<8aRU͆?oh7#qa֒"x^BzwQV?#)ՉvaYc$P'H[Bv\ϸ %;öx4-}Ӹ$>$# v 5g?R>t0ag]+&!,mJ$ʳXK`m?Gܘco`ԵK/Ťv EsSs ^@<_xLsDMk(TARN{g5 C:BV{4Ų8'z4 y,?|x@ϡ4s0%3uTbP25*\aူȳ`%"$\Vs?:+3 m&~dRX˧ȸpexLX @20b0t!h;O 'neһ wբ3{{CNQZy,cadM#3" 4ػHIvHqD+TZXzPOq#eY1R'ܬWo釭: ʊF>6PzAՌA^zC/c]4-Bei`^VYWg$y{x72!'࣍ɘjw(N^ylByJ3o$+e#&sQĴMradkL'=޾vZ+Msps:97O5Aj]C.a)WZӱ;0.ҕ!ޙg4v_т"[LTɛŦv)rc_jyv(7=jPD#^ 7TǦ廙_E⻃տmvEny:ئah̢; ̶Uȣ .!S~ujQ*I% Deċ $ZY$[Jιf18E<>҈*1a83 qq1% /uyWE,IW.f?w6ʗLhj{78YGЎϚhəaa;e_ǩ}VMUsJ9@Vaz89w}n2T9{f|nQgBĺ 7X;Lb8 a6>K)k5\mgbş*igVqW~VїY^!ˊbhh1y*mi ɤu[+{{{77Aiִ?NTuZƽj `e:Gg/ŪeY!XpBHKttݣ?3C yrY7z|{AgvUFнGɍCy@J*;z_0Βam" ^ݠߔXG߹.+VZNт.q)+yg\Rx:SȴF_{@*tRh<=M'[I &tȻ?1;W\7-p׊@eӈ<"\V%OX~]PfDl&8rWǧNZ\q篝9Y ƴ[E}b B D[ax<6 pW՗6u|c-4wozfp⪣*yo,fKi@&{ =pefg+G Mˉ)NJ*8~-gyyW=iC?" 'MHJR-:n+ot&MqVCU{.%D2AYr:{8Ч/T];0Zx"ڟ3D",e5s +`0weG4@qa7ƯknsCscb^5ܩ2Eg9pzPN?>^`K i"t7f+  C;䢹*0`TjHj UJt օ5ŠIR9|j:u3I?>ybaU8\Ʈ5Ơ[kC4Ƶ-c=mA5~W͎Xyj< d5&ir%I2Hϐ"y4tAvW/pxZ2]bWӔCߕ6iB z[*Li6z8xV("q[Q%ό5da|Dp |!$ gS0adV;_"eRiMߑ+r'n LrWۡ;MX72ʹ1@0F2(?5$t$i굴Ҁ?9/TLx507%\cv*8dD9g Cdt2J`n?nQrR3Eo6p}~Irf(&Lu6Kk5%~ ́ FG.Xdm ԕӋB`s@./ݜ}E4gn1 6 UF2H bt_-4ۼڥ.i%xTPLTf']ً@ Cۥ4K3MD\88/9"E$&d7&P5 }]ɢiE|KɎ5د?L"Ƭ&Z\*}g_ov%}?qW>pjh5ru"Dw)UL^hmh͸ /, 94H Gj% 0g&=a 닽'a7բ炴!!r)|3 {Ƥ0 'Gυ@5a*C XKwڵU.lJ'g&$(>Oa?jb>uq,FepK8۰L9 /~yLI/bϱn@ب_&c $$CVsHQ;_f qmv䧑t 6cy(_)GUwFsU#S] zKWiKK%Z4ԪvM4B{dTYW٥Bn9{#= /!ByVvͽű(_YMOh=CH?iޏO_ c (&`'g`z"p]G1 7U3;E$$6DU>=wŅ`.' "oLN I3L-ߘr7yDFx $9) UzC_< k}8?X|VxcN"j@?QD U?vySf$ToXt.V-}ge7rQIa~l5ưsm i92+<.ED5P֕@ޡ*"=kPr7lqT mc 0c Q8`2يyMUdރ߀]_'ޭv{Dui]`%Fif0Y5.4 Z-L:$"%ҭOlgb/>y)UCR_;Ԓ_0ږ[;j];@g,>UXQ~f)^׎ m: )^W4{|"~aKtvN!J0uxJe S[IڱN%>˦ A|w-QUgLgݱLGz-agO`V5v"BHf3 rCayc柒E?f@|8Փ-8:kCZnD =E 71 ? ecScCt]Ml tQ:tAe3-p!E禦/HI\, & U{tFe=  ~iVHr_&]rS?}F_362KgՕJ60ewǚEFe{aI",̉mV PU5+9$8<{ت 1qz7wP-uOsS9_*sC%6KD'`0Qf7tGiY'[im$r8 l泵mT Q$هFR\ADW,OOh5!UEp&oͻ֫:.T S1/H)s.cod5P"L?fN1`Gk$ CbCW@ W7i=٣cJܸ*E\BT.D=aJ9'VGU[];oV e:S;~enw¦n\G>jHy5Gʜ1?0MO?Jg/lt?Nkhfze4A7E1LJJX^ K]}2ٿarc u]͟(nlŠS'T+z(rX6'rR%$a@h /v#G~#0:TO^i }Nrl]Iq` UgCyR'y>+Kʡ然DžC;~ IkR)3Pb @/ZB# [8D`ǘ$}.u(߷bmJY":كOs+lz6MV"j-뀖ؗk4B$n4m0Е?bɣY3+(~Vts(<ECCz 0XG#o$ B=2Ơ]+ k&ߴg>+Xb~69QsiJe@ Hkx@,(cQQކf:3(uVj [ 1`ԩaLjWՊ\ If%r_a}b˸3!P?46],rVdPU /8E 4oR4* Ŗů=2!Sq"qa) x}>tmW1S2ÉM4N]қZ7]+5; Et=uԑI|Q"H \`00QB UARuCJL!<.G?`݃t;z'%;#9qqĄKB(EsCWU`8c=KR1%-$jp$s~˘)Tnfj1wx TM<@a,b[2Us.=!.]5kϮi1+1"dB6]3+X _6;yCi&oА, Ou=a菥VwOþL-7io푫* <}{W$c(߰kLA,vecdΦh hm_۪ iIH2Oڄ>|@ (k"&jʊ8F XӶKvb=,ϲ%} gXikjR '; Y'1 GK#h\ He{P98[@ƌ\T%Я|Um 'EA#qDd>-S@F%Gv٭}xdqj}]!M@S(Ưh!9_iLVOҸ.cח6;|Hy5)fhUKsQ"x}?f2}+2y7{,J~L) _1Lb[`"%h.rSm0ڃqn1&-b*ɅƦ01%WZs phTqrD|iUc9 db*ZǹZHG;W=G]\ Dw CzDx7WO9~Ή]_~` }\T] n`'p5%z-ҟPX1+e.|@IuP,H1 ګIU;m@b(ds|vF:$)~N۞Eؖ{}~ m&9JX܀ lxH#Gw .qv?({+e82gDW&1!/0 E+ڦoAGlt n: 2/\ }G׶ v z:ZFFr93\< `EHD.@IՕ~7#$5VX$Gjl~8'¡c"jvB\-:EIMtǒYNgEhm]:wYvl #0yńm~Byu&x9.uB'E'$.{ޫYwK#?1%9m˘[ +*3@O֮ްfy%(f\BkJ*nugBhZR6*+S"q@t Zq$t::5RGYghGґ-eE*>l4h->HҳjNc:X,p7Sl0f6DYMşAɆ# \H~4읐װK;t뾵IOqD1&pb瑱.< TeFAޘI,6Яh$D+53NJJs Ys\܄Nzc:q{VEk(1[׻c3眬ޭ~$c%/f,PVV;4LԤ#ڹ$o0OdٞÁ&Xu6m&5ۀy7|3p=ɗh>lKMXXs]E:+?П}[(v'P)٧ ?q'[G42^q|C~)%;4T ͫeXܦ.a./,\&(mƕ) a Je s { v(A/"n% luk}DŽ'Y&xnmthK,!m$ = 1i% "NHXwwlJF@A;OWs{iɔy 7QcE /$0&71qLYw@OZ~t 1,*c>fp#r2{ebvΛUpH=bcݰnN ''nfq-V$yn:|-Iζ!vMaߤK;Gll0Ɇjwp(Mtk6ֳ|p1xD5N@:rSe{t{ /%wM\á(Rk|iÞeQ IKVG;Ȓ [ 53Ai ;9 >S/8$uRKk R<9,pRnRsMO/:>-v/Orڋ€nv\85 ф#l/5)|:($ YobRqJ]J@OK<-J9ԭ [)A-j +š|tǛDWTsh ˆ]Le~i iЛZ(FW8P𼙼8[2P?qTD揖\}˼i+h? N˸lAZe3fr0gx{}esCirM 5NzG9f>F}0rěQ^vj7{G E/\I.i$l$ƶwc쵰/M>A R{Btqt㘫,r.k+]o@zOnaծ4[e%%<pǷqKt|g}5>ڴ 0Rf }Nr\:YlKci:-2Zؤh^L8w0<[S9&{3Pr9b,2!e8N9܆Ppy6Y!Que9+CNաSiS_v";Nmrw'ٔ:!m1!(3N%}]!&H,3j 1/Q>w0${ 1ҞEJZ|t@Auʡ 5hIEvc'"l,{}9vk`[gUE&f{=.~ ւoP9yfhE*GNhIMyz>[M'UiLdSLx4(SBa_/է l{ )֢y2O_.%vaHد#璆:)i8~ArY7Q|(x1HG ثb FU$iNMb{S]߿0Wdx- ے@Ad:Yeք66vצK'\]DG=hњPUƁ/К+Rtg'7A5h39r̜^Wf~mkAIPG߉' 7yGBc@Ns?Y:gښ|q5uc1Kf&t ~-1[5UOlq9%Q͡ qoQ'+g eTkMn,A+u-Wt U4Y ):Fe^` ES'F/30BA0@'q(ytXդ7̓4b ӊ + Yh*Q_o qEeZa2T!܅&U KQ4"ʒj|Y{<P#9 ʻ<Ǐ |}rz2P"U d ;ªA[2vR"sT8'K'/d|PKC\ =LuҖj+I^1HT“ fU5B_QJ2daGiL+[76UݿD{)qcH,<ѢJAͷk֪7Ś yP F}&mo[!Kjφ*3|ѠdrJ*ꣃFUqF|rMg*2m{׍R)?_ˬ_6X>5ZŃ uV4~lƀt ~(*Yhы+ҹ,RNOWRq"(hXR:: a݃J˨J[Y\RROE4Wmk[Zp7 ;e(/ŕ:=o̺ m4\6jB3Aw$,C-_@&A||xDbH7-w 6 LhEP5LFO@Ԛ" ـ^܊FSf ߠ>mm-d,)GkճX2oS ;0*5x,3;{>" `D ާs:kX3^=O1ӮۤqfHd$3 6{swcmIiyoⶲvh } MỲ #ɭD٬uD1Z UESjքu ܸnΪb^IcB"ٗ龮5 ucXNW(9aZvjős4KR#s@h-DWy7Q=뽯" 8žqV1[[)T_" ͳq5 IF}O8G ߔsGR ɨ3)ux0rzRG=:Tv>CR;<`hOC >Uy+dOsjCNWeN7o=Oa@[i.c`ڕb+|y,nw"c}fmzV.*[G(k F.y jB؅T+4k- }9;TZg͘1N[:.++7^RƭYfEk$z/x}LL:Hl ELЋL5zxdܗ(m"Gd~G&B'݉ N"x\ꅛ⁃"Nm:`<t2Dίƅ9]GQ^m_>ײ=IyD:A[$TcG]%Y@`T'އ -\+i]TƯMlɜ>9+7=XeG=;qpĵP(D`.jqUTzhL brw'U "᮸Z>}cy{W nmeLy>WK=N.| 22P׫-N.T8v1_x\ݛW8t=y <&+n" b¨*NLMNBYds%g5+r֕x3{3l}vFx.;)h h7>I ](7[YJϤ|?tzJ8˼(8: 2= t$q|W'|Va/ŒK8 " h.Z4E |pJ\kuV q$?PYE9sEf^Q D2牲ֳ#u9Ǧ-am5~n+9*--0\g=LC8[6V Ľ{5t~ay}RgtR}5l6>n4C*; eLz?8Hu L?-ewt\^#ZZCA^q{N`cuz`YZSȰ u~G0ogEIp=_)d&Zl+3iI:[.0bXduolT00I2/K=}> FXsܢ 5\@O\ QJ~4M5(>tmA;x#X闸3k3h>CB~9X*qE VYM[\ c0~{Ы63ji[ĉu"mVJh ub`|Zegyc P(& /მccƀ(FDS!!^0"3/z7ru1'XYz|a 5OR^]mrϼAx3/)k~Zy}\Z(rWq8o\!9^)_u16=3\HTB,=gcf_b٥4=W(MD@o_to[P6m'vǒIj/P_רuǹ<$~;.w%k/s}=9o:fTR'`QqM`aP'Pwt>2X\Zy4혹r挋Pǔ/xD}#R8>yƷq~K}!L| +B3!QfqhMTb!ye&"j yzLiCkz?ƆO0G*{]1m g~m /`^;HvXPrv,-Ŷu -+.YO.DU&H9>=91LUPJb0Y*iP7)HieZ:Za9K%4zN̋Mi]Ak:ѱo1IGhH b @HnRIc%Y7^/#SYz0$Ww] ?F)4qY+dvobԳhwW{EtjTY$e^M S:ߨRW+7|2>@kA01Wv<"fe/tݡ,؟p\*xo6zGݑty~ٲm^`rTgAK6)CܖѶh;h|f$oUHTD_^)bT2>{Oi$?rb,fg_*qj=}$S?i.w[KBs+XQ^܉u1ٵb j,RU6A%Ƀzc,UEu;SJJ qKm@:6߾wvu>h&A3v 8kkY{cu%PޢE SȺ F≘ƮLNDŽZi韇䢴9W&??'*` Hᣄ҂^7P nd h"ykLdQk쿒UMǣec_ze 4b JYlMvJq:RByH'kY?7C\Um8(>H~p#@L 5q9y| =η*+] Q@G zv<[vK,֬{>t-E-Ŋ[H@IK5363&j:.G#›mѿ_Ll^X5>Q18B{8<_¨cL^&&|fS/#@!?.kDoAv Yȕt7zKphpN{um<}-B4xw$ovYs&A-.dB>hGڻm>LT@6.yA)ů'>DX85d<*2N9s3h/ DIFS#ń.;|k[Mra?m4wQ0K L"f<.a!d9/`abz$(m!J%>݊ۜ=h,Ōq,Yi/,\ m`n<2#PG%~*v;Fe&-zphԶ Vȥ/ ^3OY 1h։ƪ;ԛ~>C 4)+aA46m ~\mzx~Sl KqхduF@c- rpػ`Fhc1̷xT%- iRDC|m6O5 [+zHJP|+b WuJRM!SGN{(fѥ*$?=28=~E2߮Vg@ldb;EsؽۆQit0fA)MI^E{Mܴ忆t`閹U", ǻDa8n }OjA+E.[S?*-A6D;քU.Hh ֹ= 6K"ղލxPJ)c#~&J{ßxoiԂc4Odae30ǭ+!=G7ihs+>Jײb2ԲKu-1\'IQmfQ]/\j m!a'PQ;~3qO1}oZC;E҉d(-T9X||xu;#0=`/NTeX6*ԴV~իF!3'y+(79٣B̟`ڔ3Sę!V;}9JS4UO](ܥ5%JI$ B'ɹIR { ɖ^8d^y8ΑQ%Z7‚?1pV $ʷ^z6/X!o`61,~j>RVN`ݡ@:4)+y9)!ߗu*lx@ϥz%vѹgLxJ RM8UZڕjipsV-W-dWLd$ Y%i;f,!kqo_N.ZHEAuzP<P=Xv(p3sd?:L;y{Ĕ<5z2䯫[rDž&`JN:hQ]Os_kw=%}儠 zϗR剐n 䘈4EX޳}h }.A 37c xvx\7GdM̱ W!j=C>GڝrڵEpUsǝA3#&ᓫ3-b{$SX+K5&'w>O!K, )p$n[K#?!f Q ?(,=-"`S˫ҟFWg>? B( ե6~؋E|ϳ[J5$(HcfUoȷ]\AǙhrٕE.`os'o 6iGdnv`,hLCV_ (CQ63 4@c,!7*)2A.!!49XT(I!{SbwU_8[2YT_ ZV)ש%"OkF3x˓8&E>wMZ'NRgPjˁ1Ê/sMb |`~J <+Lf_.^ad%KI@7tϕz0/,𢡄fuʙjal6<-rx/CQAR"|wԙVJQ_7LD_R=TJq}Hp6؊A<FʟL'[?ْbdm_3mKjZQWJRZ37sGe}K9t;b= (SS)I}ar~&kGm!^ K#EF0o<#ʓ&rK sLVpO[Mʻ =Y])-^NNatDzot5 2}MI OE\ػJWkJU AwݗdP('RɯEda X 8 FTWj2_kLbok\e0HY 4[le:g^BJB`(^1w,f6^c:g[lJCIQlO[ϼHėwP6}z#rU^t=\&з1'<XˣRM2o3\1̭" Qo9r=mZa|WՁdX`F%i3Ý_-Wzrjtg:TƜV0X"䨥:"7bK2Ti vBxM;hX0c,1+\rK 88Y4yo-O jRڼyOh>W}T= W>S[mKl$!܌W-ҁΠtUdoAj<:c ~j՘ʎK]JwO*\!04k2uGRwyD_9~>ĸ^.;iؔOl<yB%U!} .ʰ5NAJ\^fhڙޠTR)}6๠҉, Az eN J;KRpl=Oٍ+3j+*}on;צ_JA.޴7ͼ}yvѽičl ڰx8y3NX *6Q }YF..A} =# [ŖD'Q3 w`IiN(nSErT [pqQw$4hMP<2z6̎ic_zQ(z@3{erKd@b`RPZȣ8u6N!tMqTߤKnX A1O|e_~־H~>k1 Lf?}G:okhzT]~5"iq-P#RLJ4%w?/Cϓd̈Ԧ)$:QG3܇J( >spo|tTB7nָRY{-#HHz5qZYu P|?"aYQJ,AKRxy(^UKTL I 1m$]źXhhn{6BpBvQkB(>!\5WbZg9I#y َzӬ2b1>D c zCc{ҽl7U4STjE*Vx `u! <2uhYe.4ELȖ'\kLw qQEę\+@ cQz~s d GAPэwQ!s^gk7;{OT>NLivuEx#?-a}|Ύ6b{HWE(Rd *|̂%R a3 (h=N<^_n:sZM1p;O܍P|,K@@g}.sAFAo`!`Zٚo5FVEG"5P"xw+@ѓg&ȠF6׉ ПSt[ߗ"㞚aWtu?¿oe8|{z+Uc9P)jiT)6HCR6J?|چ۱&oފر'R~QYޑҁxȡQlNĕ 2Xâ]a/g?,Qcu"(΀Kc<ҤxRց+<O2|`3*ufC@g۔Y&E~^Aq40Sp`ۄhF7]Vo /X%kmPi4z HRw<9,{Zrwy((FqaWfwn#OJ8.,̸v>M]HtغLd kҕ)e#9".b]EUڈ:a#8M'dDm蔠x!g[Ӷ28[J19iR-?)4\79BkRp7ڦyK4B?9*E6Tb]Νh=4Puňí-8q@C^XfEh$j͚Bb\wHs*O/L1RjA!qq6^bz̘iP^/?I&w. yt-)fV*BޯaQ ?@noud?$nnm|m2y+=8  sI}#7 l]b? QQJl4UQWa)@`begY>a;1G=M 7-PJT%P~[r>+w4 DE,=|["`X|ȣh}׺b"?59oo 1"M8KD=OAH_&L9 $:oww #5pbۄ :/?W9qT8N(]đ" dzPRk#!`w$9#ctqUʚЙGtx)C3iׯU$l7tȲO4nсP\M,fb&2^Dq'wv" ր{*5"|h)Rq;­k4,3|}Z{,&c<&faH ZB+٩b+CPhM2p8]EN,>sezfD~rT* $?VJw6ȼdܖh `', G zO٪J v͋#S_uj"Tx*3F*mj4>AzܮIxMnU)\,#h2"^56۳f ܩ$pUprO )G,Ԏ+:]!W<>4W 6(UIZ";wg"z%l" KF㞛0{6sS?_pQ&'+Y[idh'CX7~n- u}5-K =e.ߨKzRRY}2OJE0"HӽmAr*=I`E4yyR5cj;C8'^0qu4(To&]y?Y ;T`\tN!iҦ22?npf?熉FV w}_ ăp&]tDdbdz |R3"/=SiFZW%(P dYcOg[G!.mjcZzĮBq.& 9 -Zx頍ˤWpI [Y¯$lp=O=kގ2mNfN{.\7vk[`z-zs(Z tp=dFly/TYdP&wKiG$EMYx51NԲL#7(4J`<٫bzFF7ɘSgH ۚ׈܃5Zv Q ЂF:IϽMb5SXcb tE drU(p4P6Ld*\\O6^*+ȟXP[eϝ-/z)u H2*F#|ʨ+N=o+12VҌ.%zve{`ۢlr_\!^4~H>*M~JLQ:pOC+oO2Y;Dj9`i:>;Y bxuI# EfOb}_>|aGQHJF޲7(gas *f4Ir9{Zt3[KDG\c&>}ءV8))vy xRԛnV>vYMYli/dG3aYiMPY9ewj#m{\|?yaq% CcToQ&)lQdq{e !@wpGtmHu$5$_twDȨ[iņQ'!ͅVE3'@G5kkEgnE.og_':hT lM8o̼CD۷4dy D~u8pysgMS~w+W-=M?QQ Rxka[yuM5ӷ Q'=}pJM`t#zh$ѤGK|40$\SLpS4U63\?Z4O5dRhԙ򖀐jVHKdpT 7szNsIkS/z7@;X2i@C]{ `[zY#6uܗW OP[wPrw 2,3;sseHE'VW=L꬘C dΐl^&"͏@ؒ VHנuU qLC`Kԟ#N2o]6<" |uDZM@0Ƞ8~COĘP;¶CAG L;Xb4:jDg ipM?Y}FevFsvUS_6y:ɢBW F2?qQv|~Ys.%y0H5v->maRA4} E[ZDLa[8f쬘ajGKKda )vs1 @&X[.l0 gshۦ:GJ ɂĤ঎{e1.W%3^zI[и0ЧV E!2HCo?#N]GbE T; ~0j.B@5zYr_i1hOIuțWo'YUXa ϋk^萅 |W[bȴv8]hŧztg/!ڇר4$e\5(][-nE Hh@K}mgLN$eS=ig#JI,N<=q=Z@>d滾#xlm=_[GN-/t,z'28&,LS~.) ;/AiTwcpļD 3EwZ V6Nn]Q1X=Y ٚS-lJSvPǠ6It엑5^'e J7#SVJA9-tk%SGLN|A E{[ut8INQW# H4ZC d);11nXF9cu멀%( 92]!SYN"(x\{>ɭ5>(f]/z<\$Š$)'IӢ!岦@=9R@UR~źWV1[2KʡN-PE-崷`KЕ y+3Is1Yh^f~ ^|[jIΣ}vsZ( !w~ǂR>$TRn~ῳ7[m`%咼"ͻeLJu?:=͐x7F <JV#r뤦B­9߅,u yM.gh Χ~ ȣ@/ f Z5,=310ncF8l;z~b{[4Ý 7^J))Xx QEi!*w֫o/YA!|RotCx!ۉm+cfҮ/'x!17A^[ G_{`&L3ăR6}nJΠl}ځH w6r]wG؊!a k(H$廤|e>DM 'xqm!~ ̉&1*|zTKPFS p]sPkc \m@AK0Y^\@]P*P!$W2TֽØ^g˪ìnVaPFX_Tc50E?_Dӈ[5{ClKFVVB@sJ;wF ]-~cŽM c{Tb ,+tE?g [=zx\W(-B#J|y{Núϝ!_6](aATp?d»ʄ\@xdM/hVh=I@Nl=%]V<{OIҝz"`Շ,dCш/qeک $ ާ@r,qD["?cz0\U[}^(O譧AԞ OŶ YZ