nss-util-3.67.0-7.el8_5 >  A aM<U]9I桅vr漒B#†x9y*A*1-)ߘ1Yd1g>=FpWq E@1 (ʀ0IPĬgC& Pu(;e4^i6³W(7 =Țl,*X<=ոs7ƣ4pP-:]- fӽhj.|*~$u}1;M)"R&=[ֺѼX:cq6se^3$ "8!> g` )+2&kZRd07B_Ӛ* )kR-5HL#[~{.|su܈Vu98&@"m#.0{KҭX,wJ^eŊ+Mrt5R4ff.{ :,sC 8zXYӔ񩗅绶K뀚9CV%sC=R,B~tjвd90082329a2d80201e8c3cb4d785c1fa1bf8a6f87104ae6bec88b16980cf5e2053a87e3841fc682bcf4073381d35441ed417903c\aM<U]shdsJ죾4.ΡԃXL!whI3ӲxD8֩;_q$O-TWNafpR( ,9h]i'u~釳 Ґc7oߊ[f\eڠx`Ʃ bQ+fE)ɽ-E6btMGNXGpQ5$itAxw(-,Ϥ_pP)ǡ=@HH:=w'ux8]h:"zf=@^KnȖ;<) ClLuuΟT]4<v|!eg{i ~uFGQ Æ61t0攦AiQue$B;/]mmM F|<^ArE~=)0e<ƪVF3^HRwKmV]*9 f"r@>p<? d   F $,D P \ t  $<Zx(p(J8T9 :[G8HPIhXpY\]^Xbde!f$l&t@uXvpwx,yDCnss-util3.67.07.el8_5Network Security Services Utilities LibraryUtilities for Network Security Services and the Softoken modulea5 x86-01.mbox.centos.orgnUnspecifiedhttp://www.mozilla.org/projects/security/pki/nss/linuxx86_64$'FAAA큤a5a5a5aa5`97ff2d28b1b7843a5fb8793cf8ed1af04ed0bcd45aa6c5418190d230d30e042fa20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4../../../../usr/lib64/libnssutil3.sorootrootrootrootrootrootrootrootrootrootrootrootnss-3.67.0-7.el8_5.src.rpmlibnssutil3.so()(64bit)libnssutil3.so(NSSUTIL_3.12)(64bit)libnssutil3.so(NSSUTIL_3.12.3)(64bit)libnssutil3.so(NSSUTIL_3.12.5)(64bit)libnssutil3.so(NSSUTIL_3.12.7)(64bit)libnssutil3.so(NSSUTIL_3.13)(64bit)libnssutil3.so(NSSUTIL_3.14)(64bit)libnssutil3.so(NSSUTIL_3.15)(64bit)libnssutil3.so(NSSUTIL_3.17.1)(64bit)libnssutil3.so(NSSUTIL_3.21)(64bit)libnssutil3.so(NSSUTIL_3.24)(64bit)libnssutil3.so(NSSUTIL_3.25)(64bit)libnssutil3.so(NSSUTIL_3.31)(64bit)libnssutil3.so(NSSUTIL_3.33)(64bit)libnssutil3.so(NSSUTIL_3.38)(64bit)libnssutil3.so(NSSUTIL_3.39)(64bit)libnssutil3.so(NSSUTIL_3.59)(64bit)nss-utilnss-util(x86-64)@@@@@@@@@@@@     @libc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libdl.so.2()(64bit)libnspr4.so()(64bit)libplc4.so()(64bit)libplds4.so()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2.5)(64bit)nsprrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)4.25.03.0.4-14.6.0-14.0-15.2-14.14.3a@@`E`ݮ@` @`ٹ`̊`9@`Ȗ@`D`r_@_^@___@__"@_"@_"@_!d_@_ L_ _@^^@@^@^ۅ@^4]N@]]߶]e@]M@]µ]L]]^@\F@\Q\\\\\\@\I\I\U@\ `\l@[[[u[#@[[W[O+[M@[ZZw@Z|;Zo Zo Zg#Z ZZZ@Y+@Y{YY@Yn@YV@Y@YyYm@Yg`YJ_Y1S@XX@XX @XXYX@X@XX~@Xx@XoX>@X*X@WW@Wt@W~Wv[@WrfWoWm WbWQq@WPWJWDB@W4p@W@Wo@W@VV޾V޾V@VяVIVɦV@V@V=@V@V@VO @VHsVEV3[V UYU@UU@U@U>Ua@Ug@U[%UUU @T@Ts@TTء@T@TÉ@TT@T@T?@T:m@T"@S@S<@S@S@S @SSSSpShS(5@S@SRy@RJ@R@RR@RSRR@Rm@Rg@RD!R@RRR|Q@Q*@QQ@QKQ@QQW@Qw@Q]k@QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.67.0-7Bob Relyea - 3.67.0-6Bob Relyea - 3.67.0-5Bob Relyea - 3.67.0-4Bob Relyea - 3.67.0-3Bob Relyea - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1.1Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-17Bob Relyea - 3.53.1-16Bob Relyea - 3.53.1-15Bob Relyea - 3.53.1-14Bob Relyea - 3.53.1-13Bob Relyea - 3.53.1-12Bob Relyea - 3.53.1-11Bob Relyea - 3.53.1-10Daiki Ueno - 3.53.1-9Daiki Ueno - 3.53.1-8Bob Relyea - 3.53.1-7Daiki Ueno - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Daiki Ueno - 3.53.0-1Bob Relyea - 3.44.0-15Bob Relyea - 3.44.0-14Bob Relyea - 3.44.0-13Daiki Ueno - 3.44.0-12Bob Relyea - 3.44.0-11Daiki Ueno - 3.44.0-10Bob Relyea - 3.44.0-9Bob Relyea - 3.44.0-8Daiki Ueno - 3.44.0-7Daiki Ueno - 3.44.0-6Daiki Ueno - 3.44.0-5Bob Relyea - 3.44.0-4.1Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Bob Relyea - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.41.0-5Bob Relyea - 3.41.0-4Daiki Ueno - 3.41.0-3Daiki Ueno - 3.41.0-2Daiki Ueno - 3.41.0-1Daiki Ueno - 3.39.0-1.5Bob Relyea - 3.39.0-1.4Daiki Ueno - 3.39.0-1.3Daiki Ueno - 3.39.0-1.2Daiki Ueno - 3.39.0-1.1Daiki Ueno - 3.39.0-1.0Daiki Ueno - 3.38.0-1.2Daiki Ueno - 3.38.0-1.1Daiki Ueno - 3.38.0-1.0Kai Engert - 3.36.1-1.2Daiki Ueno - 3.36.1-1.1Daiki Ueno - 3.36.1-1.0Daiki Ueno - 3.36.0-1.0Fedora Release Engineering - 3.35.0-5Kai Engert - 3.35.0-4Kai Engert - 3.35.0-3Daiki Ueno - 3.35.0-2Daiki Ueno - 3.34.0-2Daiki Ueno - 3.33.0-6Kai Engert - 3.33.0-5Kai Engert - 3.33.0-4Kai Engert - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.32.1-2Daiki Ueno - 3.32.0-4Kai Engert - 3.32.0-3Daiki Ueno - 3.32.0-2Fedora Release Engineering - 3.31.0-6Fedora Release Engineering - 3.31.0-5Daiki Ueno - 3.31.0-4Daiki Ueno - 3.31.0-3Daiki Ueno - 3.31.0-2Daiki Ueno - 3.30.2-3Daiki Ueno - 3.30.2-2Kai Engert - 3.30.0-3Daiki Ueno - 3.30.0-2Kai Engert - 3.29.1-3Daiki Ueno - 3.29.1-2Daiki Ueno - 3.29.0-3Daiki Ueno - 3.29.0-2Daiki Ueno - 3.28.1-6Daiki Ueno - 3.28.1-5Daiki Ueno - 3.28.1-4Daiki Ueno - 3.28.1-3Daiki Ueno - 3.28.1-2Daiki Ueno - 3.27.2-2Daiki Ueno - 3.27.0-5Kai Engert - 3.27.0-4Daiki Ueno - 3.27.0-3Daiki Ueno - 3.27.0-2Daiki Ueno - 3.26.0-2Elio Maldonado - 3.25.0-6Elio Maldonado - 3.25.0-5Elio Maldonado - 3.25.0-4Elio Maldonado - 3.25.0-3Elio Maldonado - 3.25.0-2Kamil Dudka - 3.24.0-3Elio Maldonado - 3.24.0-2.3Elio Maldonado - 3.24.0-2.2Elio Maldonado - 3.24.0-2.1Elio Maldonado - 3.24.0-2.0Elio Maldonado - 3.23.0-9Elio Maldonado - 3.23.0-8Elio Maldonado - 3.23.0-7Elio Maldonado - 3.23.0-6Elio Maldonado - 3.23.0-5Elio Maldonado - 3.23.0-4Elio Maldonado - 3.23.0-3Elio Maldonado - 3.23.0-2Elio Maldonado - 3.22.2-2Elio Maldonado - 3.22.1-3Elio Maldonado - 3.22.1-1Elio Maldonado - 3.22.0-3Elio Maldonado - 3.22.0-2Fedora Release Engineering - 3.21.0-7Elio Maldonado - 3.21.0-6Michal Toman - 3.21.0-5Elio Maldonado - 3.21.0-4Elio Maldonado - 3.21.0-3Elio Maldonado Batiz - 3.21.1-2Elio Maldonado - 3.20.1-2Elio Maldonado - 3.20.0-6Elio Maldonado - 3.20.0-5Elio Maldonado - 3.20.0-4Elio Maldonado - 3.20.0-3Elio Maldonado - 3.20.0-2Elio Maldonado - 3.19.3-2Elio Maldonado - 3.19.2-3Kai Engert - 3.19.2-2Kai Engert - 3.19.1-2Kai Engert - 3.19.0-2Kai Engert - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.17.4-5Till Maas - 3.17.4-4Elio Maldonado - 3.17.4-3Elio Maldonado - 3.17.4-2Elio Maldonado - 3.17.4-1Ville Skyttä - 3.17.3-4Elio Maldonado - 3.17.3-3Elio Maldonado - 3.17.3-2Elio Maldonado - 3.17.3-1Elio Maldonado - 3.17.2-2Elio Maldonado - 3.17.2-1Kai Engert - 3.17.1-1Kevin Fenzi - 3.17.0-2Elio Maldonado - 3.17.0-1Fedora Release Engineering - 3.16.2-4Elio Maldonado - 3.16.2-3Tom Callaway - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.16.1-4Fedora Release Engineering - 3.16.1-3Jaromir Capik - 3.16.1-2Elio Maldonado - 3.16.1-1Elio Maldonado - 3.16.0-1Elio Maldonado - 3.15.5-2Elio Maldonado - 3.15.5-1Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Peter Robinson 3.15.4-2Elio Maldonado - 3.15.4-1Elio Maldonado - 3.15.3.1-1Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-7Elio Maldonado - 3.15.1-6Elio Maldonado - 3.15.1-5Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-1Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.15-0.1.beta1.2Elio Maldonado - 3.15-0.1.beta1.1Kai Engert - 3.14.3-12Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- Fix CVE 2021 43527- Fix ssl alert issue- Fix issue with reading databases that were updated using unpatched versions of nss- Better fix for the sdb timeout. The issue wasn't a race, it was the sqlite timeout waiting to begin a transaction under heavy thread usage.- Fix sdb race condition- Fix coverity issues- Rebase to NSS 3.67- Restore old pkcs12 defaults.- build nss for older nspr so we can pass gating with the new nspr in the build root- Rebase to NSS 3.66- Fix various corner cases with ike v1 app b support.- Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC.- Revert some policy changes the generate ABI runtime issues.- Add support for enable/disable in policy. Now if your policy file has disallow=x enable=y it will act just like our other libraries.- Add OAEP interface so applications can wrap keys with RSA-OAEP rather than RSA-PKCS-1.- fips need to reject small primes even if they are approved - code to autodetect whether or not to use the cache needs to do so in a way that doesn't mess with filesystem negative file caching. - add kdf selftests- Fix issue with upgradedb where upgradedb expects standard to generate dbm databases, not sql databases (default in RHEL8)- Disable dh timing test because it's unreliable on s390- Explicitly enable upgradedb/sharedb test cycles- Disable Delegated Credentials for TLS- Fix attribute decryption issue where the private key components integrity check on private attributes where not being checked.- Update nss-rsa-pkcs1-sigalgs.patch to the upstream version- Include required checks for dh and ecdh key generation in FIPS mode.- Add better checks for dh derive operations in FIPS mode.- Disable NSS_HASH_ALG_SUPPORT as well for MD5 (#1849938) - Adjust for update-crypto-policies packaging change (#1848649) - Fix compilation with -Werror=strict-prototypes (#1843417)- Fix regression in MD5 disablement (#1849938) - Include rsa_pkcs1_* in signature_algorithms extension (#1847945)- Update to NSS 3.53.1- Update to NSS 3.53- Fix swapped CMAC PKCS #11 values. - Fix data alignment crash in CMAC.- Fix coverify scan issue- Fix endian problem in SP-800 108 code.- Install cmac.h required by blapi.h (#1764513) - Fix out-of-bounds write in NSC_EncryptUpdate (#1775913)- Add SP-800 108 Generalized kdf- Check policy against hash algorithms used for ServerKeyExchange (#1730039)- Add CMAC- CKM_NSS_IKE1_APP_B_PRF_DERIVE was missing from the mechanism list, preventing PK11_Derive*() from using it. Add gtests for the PK11_Derive interface for all the CKM_NSS_IKE*_DERIVE mechanism.- Backport fixes from 3.44.1- Add continuous RNG test required by FIPS - fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor specific mechanism- Rebuild with the correct build target- rebuild to try to retrigger CI tests- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set - Revert the change to use XDG basedirs (mozilla#818686)- Add ike mechanisms in softokn - Add FIPS checks in softoken- Update to NSS 3.44 - Define NSS_SEED_ONLY_DEV_URANDOM=1 to exclusively use getentropy - Use %autosetup - Clean up manual pages generation - Clean up %check - Remove prelink dependency, which is not available in RHEL-8 - Remove upstreamed patches- Update manual pages to reflect recent changes in commands- Make sure corresponding public keys are created when importing private keys.- Fix the last change - Add --no-reload option to update-crypto-policies to avoid unnecessary restart of daemons- Restore LDFLAGS injection when linking DSO- Update to NSS 3.41 - Consolidate nss-util, nss-softokn, and nss into a single source package- Fix the last commit- Support for IKE/IPsec typical PKIX usage so libreswan can use nss without rejecting certs based on EKU- Backport upstream fixes for rhbz#1649026, rhbz#1608895, rhbz#1644854 - Document PKCS #11 URI - Add warning when adding module with modutil while p11-kit is enabled- Update nss-dsa.patch to not advertise DSA signature algorithm - Update PayPal test certs for testing- Backport "DSA" keyword in crypto-policies- Update to NSS 3.39- Fix LDFLAGS injection when linking DSO- Install crypto-policies configuration file for https://fedoraproject.org/wiki/Changes/NSSLoadP11KitModules - Port enable-fips-when-system-is-in-fips-mode.patch from RHEL-7 - Use %ldconfig_scriptlets - Remove needless use of %defattr, by Jason Tibbitts- Update to NSS 3.38- Backport upstream addition of nss-policy-check utility, rhbz#1428746, includes required fixes for mozbz#1296263 and mozbz#1474875- Switch the default DB type to SQL - Enable SSLKEYLOGFILE- Update to NSS 3.36.1 - Remove nss-3.14.0.0-disble-ocsp-test.patch - Fix partial injection of LDFLAGS - Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream- Update to NSS 3.36.0 - Add gcc-c++ to BuildRequires (C++ is needed for gtests) - Make test failure detection robuster- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Fix a compiler error with gcc 8, mozbz#1434070 - Set NSS_FORCE_FIPS=1 at %build time, and remove from %check.- Stop pulling in nss-pem automatically, packages that need it should depend on it, rhbz#1539401- Update to NSS 3.35.0- Update to NSS 3.34.0- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka- Fix test script- Update tests to be compatible with default NSS DB changed to sql (the default was changed in the nss-util package).- rhbz#1505487, backport upstream fixes required for rhbz#1496560- Update to NSS 3.33.0- Update to NSS 3.32.1- Update iquote.patch to really prefer in-tree headers over system headers- NSS libnssckbi.so has already been obsoleted by p11-kit-trust, rhbz#1484449- Update to NSS 3.32.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- Backport mozbz#1381784 to avoid deadlock in dnf- Move signtool to %_libdir/nss/unsupported-tools, for: https://fedoraproject.org/wiki/Changes/NSSSigntoolDeprecation- Rebase to NSS 3.31.0- Enable gtests- Rebase to NSS 3.30.2 - Enable TLS 1.3- Backport upstream mozbz#1328318 to support crypto policy FUTURE.- Rebase to NSS 3.30.0 - Remove upstreamed patches- Backport mozbz#1334976 and mozbz#1336487.- Rebase to NSS 3.29.1- Disable TLS 1.3, following the upstream change- Rebase to NSS 3.29.0 - Suppress -Werror=int-in-bool-context warnings with GCC7- Work around pkgconfig -> pkgconf transition issue (releng#6597)- Disable TLS 1.3 - Add "Conflicts" with packages using older Mozilla codebase, which is not compatible with NSS 3.28.1 - Remove NSS_ECC_MORE_THAN_SUITE_B setting, as it was removed in upstream- Add "Conflicts" with older firefox packages which don't have support for smaller curves added in NSS 3.28.1- Fix incorrect version specification in %nss_{util,softokn}_version, pointed by Elio Maldonado- Rebase to NSS 3.28.1 - Remove upstreamed patch for disabling RSA-PSS - Re-enable TLS 1.3- Rebase to NSS 3.27.2- Revert the previous fix for RSA-PSS and use the upstream fix instead- Disable the use of RSA-PSS with SSL/TLS. #1383809- Disable TLS 1.3 for now, to avoid reported regression with TLS to version intolerant servers- Rebase to NSS 3.27.0 - Remove upstreamed ectest patch- Rebase to NSS 3.26.0 - Update check policy file patch to better match what was upstreamed - Remove conditionally ignore system policy patch as it has been upstreamed - Skip ectest as well as ecperf, which are built as part of nss-softokn - Fix rpmlint error regarding %define usage- Incorporate some changes requested in upstream review and commited upstream (#1157720)- Add support for conditionally ignoring the system policy (#1157720) - Remove unneeded test scripts patches in order to run more tests - Remove unneeded test data modifications from the spec file- Remove obsolete patch and spurious lines from the spec file (#1347336)- Cleanup spec file and patches and add references to bugs filed upstream- Rebase to nss 3.25- decouple nss-pem from the nss package (#1347336)- Apply the patch that was last introduced - Renumber and reorder some of the patches - Resolves: Bug 1342158- Allow application requests to disable SSL v2 to succeed - Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails- Rebase to NSS 3.24.0 - Restore setting the policy file location - Make ssl tests scripts aware of policy - Ajust tests data expected result for policy- Bootstrap build to rebase to NSS 3.24.0 - Temporarily not setting the policy file location- Change POLICY_FILE to "nss.config"- Change POLICY_FILE to "nss.cfg"- Change the POLICY_PATH to "/etc/crypto-policies/back-ends" - Regenerate the check policy patch with hg to provide more context- Fix typo in the last %changelog entry- Load policy file if /etc/pki/nssdb/policy.cfg exists - Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy- Remove unused patch rendered obsolete by pem update- Update pem sources to latest from nss-pem upstream - Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key- Rebase to NSS 3.23- Rebase to NSS 3.22.2- Fix ssl2/exp test disabling to run all the required tests- Rebase to NSS 3.22.1- Update .gitignore as part of updating to nss 3.22- Update to NSS 3.22- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Resolves: Bug 1299040 - Enable ssl_gtests upstream test suite - Remove 'export NSS_DISABLE_GTESTS=1' go ssl_gtests are built - Use %define when specifying the nss_tests to run- Add 64-bit MIPS to multilib arches- Update %{nss_util_version} and %{nss_softokn_version} to 3.21.0 - Resolves: Bug 1284095 - all https fails with sec_error_no_token- Add references to bugs filed upstream- Update to NSS 3.21 - Package listsuites as part of the unsupported tools set - Resolves: Bug 1279912 - nss-3.21 is available - Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit - Resolves: Bug 1280032 - Package listsuites as part of the nss unsupported tools set- Update to NSS 3.20.1- Enable ECC cipher-suites by default [hrbz#1185708] - Split the enabling patch in two for easier maintenance - Remove unused patches rendered obsolete by prior rebase- Enable ECC cipher-suites by default [hrbz#1185708] - Implement corrections requested in code review- Enable ECC cipher-suites by default [hrbz#1185708]- Fix patches that disable ssl2 and export cipher suites support - Fix libssl patch that disable ssl2 & export cipher suites to not disable RSA_WITH_NULL ciphers - Fix syntax errors in patch to skip ssl2 and export cipher suite tests - Turn ssl2 off by default in the tstclnt tool - Disable ssl stress tests containing TLS RC4 128 with MD5- Update to NSS 3.20- Update to NSS 3.19.3- Create on the fly versions of sslcov.txt and sslstress.txt that disable tests for SSL2 and EXPORT ciphers- Update to NSS 3.19.2- Update to NSS 3.19.1- Update to NSS 3.19- Replace expired test certificates, upstream bug 1151037- Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available- Disable export suites and SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code- Commented out the export NSS_NO_SSL2=1 line to not disable ssl2 - Backing out from disabling ssl2 until the patches are fixed- Disable SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Update to nss-3.17.4- Own the %{_datadir}/doc/nss-tools dir- Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic- Install pp man page in alternative location - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer- Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available- Resolves: Bug 994599 - Enable TLS 1.2 by default- Update to nss-3.17.2- Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work- Rebuild for rpm bug 1131960- Update to nss-3.17.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Replace expired PayPal test cert with current one to prevent build failure- fix license handling- Update to nss-3.16.2- Remove unwanted source directories at end of %prep so it truly does it - Skip the cipher suite already run as part of the nss-softokn build- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Replacing ppc64 and ppc64le with the power64 macro - Related: Bug 1052545 - Trivial change for ppc64le in nss spec- Update to nss-3.16.1 - Update the iquote patch on account of the rebase - Improve error detection in the %section - Resolves: Bug 1094702 - nss-3.16.1 is available- Update to nss-3.16.0 - Cleanup the copying of the tools man pages - Update the iquote.patch on account of the rebase- Restore requiring nss_softokn_version >= 3.15.5- Update to nss-3.15.5 - Temporarily requiring only nss_softokn_version >= 3.15.4 - Fix location of sharedb files and their manpages - Move cert9.db, key4.db, and pkcs11.txt to the main package - Move nss-sysinit manpages tar archives to the main package - Resolves: Bug 1066877 - nss-3.15.5 is available - Resolves: Bug 1067091 - Move sharedb files to the %files section- Revert previous change that moved some sysinit manpages - Restore nss-sysinit manpages tar archives to %files sysinit - Removing spurious wildcard entry was the only change needed- Add explanatory comments for iquote.patch as was done on f20- Update pem sources to latest from nss-pem upstream - Pick up pem fixes verified on RHEL and applied upstream - Fix a problem where same files in two rpms created rpm conflict - Move some nss-sysinit manpages tar archives to the %files the - All man pages are listed by name so there shouldn't be wildcard inclusion - Add support for ppc64le, Resolves: Bug 1052545- ARM tests pass so remove ARM conditional- Update to nss-3.15.4 (hg tag NSS_3_15_4_RTM) - Resolves: Bug 1049229 - nss-3.15.4 is available - Update pem sources to latest from the interim upstream for pem - Remove no longer needed patches - Update pem/rsawrapr.c patch on account of upstream changes to freebl/softoken - Update iquote.patch on account of upstream changes- Update to nss-3.15.3.1 (hg tag NSS_3_15_3_1_RTM) - Resolves: Bug 1040282 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) - Resolves: Bug 1040192 - nss-3.15.3.1 is available- Bump the release tag- Update to NSS_3_15_3_RTM - Resolves: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws - Fix option descriptions for setup-nsssysinit manpage - Fix man page of nss-sysinit wrong path and other flaws - Document email option for certutil manpage - Remove unused patches- Revert one change from last commit to preserve full nss pluggable ecc supprt [1019245]- Use the full sources from upstream - Bug 1019245 - ECDHE in openssl available -> NSS needs too for Firefox/Thunderbird- Update to NSS_3_15_2_RTM - Update iquote.patch on account of modified prototype on cert.h installed by nss-devel- Update pem sources to pick up a patch applied upstream which a faulty merge had missed - The pem module should not require unique file basenames- Update pem sources to the latest from interim upstream- Resolves: rhbz#996639 - Minor bugs in nss man pages - Fix some typos and improve description and see also sections- Cleanup spec file to address most rpmlint errors and warnings - Using double percent symbols to fix macro-in-comment warnings - Ignore unversioned-explicit-provides nss-system-init per spec comments - Ignore invalid-url Source0 as it comes from the git lookaside cache - Ignore invalid-url Source12 as it comes from the git lookaside cache- Add man page for pkcs11.txt configuration file and cert and key databases - Resolves: rhbz#985114 - Provide man pages for the nss configuration files- Fix errors in the man pages - Resolves: rhbz#984106 - Add missing option descriptions to man pages for {cert|cms|crl}util - Resolves: rhbz#982856 - Fix path to script in man page for nss-sysinit- Update to NSS_3_15_1_RTM - Enable the iquote.patch to access newly introduced types- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Fix incorrect path that hid failed test from view - Add ocsp to the test suites to run but ... - Temporarily disable the ocsp stapling tests - Do not treat failed attempts at ssl pkcs11 bypass as fatal errors- Update to NSS_3_15_BETA1 - Update spec file, patches, and helper scripts on account of a shallower source tree- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build3.67.0-7.el8_53.67.0-7.el8_5.build-id3603f443fbdfaad8885ace8c947318f652fe82felibnssutil3.sonss-utilCOPYING/usr/lib//usr/lib/.build-id//usr/lib/.build-id/36//usr/lib64//usr/share/licenses//usr/share/licenses/nss-util/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpioxz2x86_64-redhat-linux-gnudirectoryELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=3603f443fbdfaad8885ace8c947318f652fe82fe, strippedASCII textPPPPPPPPP P P P P PPPPR RRRRRRR RR RRRutf-80183af05bb7e6be0a63b48c6170b9a82337490a0c589c0366e5f1cef3b893af5?@7zXZ !#,] b2u jӫ`(y-6yRc_9+ ɕ7Ҩp?m0<$Ta6Jp=d6 )Sl}`FsIBza Jvm.8(g$xYΡ!0^P?0#by\:v |[x#[mg>鲸P>2pEl`p <ɜIXf3M7y!U@mHolCg ZwpK^g34G;mgm؋6}Al^<k"&8w@bkE+pP`,AH= ||y!N{9\MO 4?&'K?2iwPԏF ιHw0@v,YY޴Ea V85}GE<AW Y.ӗ29`O{c-~63Њ^M`!܆:n?_IguX'NHݸ)dZ|$ #89n۫'s̿oٲgTEbNuJTH@v%{J>6=b lx4҆^YO:Ox¤,^E0@Ff|QD_pi&a6~E+ne7_+Nןrk)bQh$OɈqU1|-.i_wV{!;cek("mVlŢXn P!c;chL"TGVb8,0 ;˩jp3o /ZpO~=3>jvD=(M d\.̝*}N][ - t|TwΤ8&IuOC&&з]6}0EϡD2&+jGg}:7I}ӗlٕ6 uC*e+Ś" C`3 v'>}VDDCcjUtK|F1}ࡣ:4e-n)m̟זN3; #/Eg8'xğ,*R%2RJpSx$>Dvo/4`]#9egc#[_eϧyP3)0E/f <>Ϡ%*bnݰT!L8VxɈ;#A_8v~ v'(>P.0#.t㙝OIR]~%#@]ԡ2 8v|/zpSwZ͂^^uWyڪOVkj39` nسasyH^ߎŔaz8S!&N86d,/x}X=tET4T`4Xj|$ ҆i~!蝆+K5VGHM٠+ZXqz=nk>n!A @R( <ʙ"^ tYao9ŕ_$$qeg{R8J12*S@t<PY 1/u%s'<8A:sC\JKUiy>xXOϚ? C魌1t n׀JJ4,JA%UBG5߅`؜|z 쒏Cb#?u.]dsUR/ZhLrXT9Ul`~- & `[r?L2ܧTAT'p*_OdB BYesL,9I``u0qnEc^;Tcϋ dOO5kV1֕Zj-,օ6aXEZrOY6FVJ=5I]K1 _۲gYEu~mby.cB>|Z{؟RIBpX '9MTD: &_Q薖?q ],ɎEVkaʞmގx C%`&T(??zvZի}%ŞythZNmB5{ǩe30 .W Y>D2+.Pؘa jhXW$ne{nf|d1OḛG"yMD &8Ujv ̞31` n\`&z$\zG!f2#BNwyV#ۼ|O'.: Jmߤ3H4ARtH5_>EU#.8ysҮXK UmaB ۍGlˉ"kw4i2 ƊvBw9dJ@~2qcߤ2NJزRl2^\4 P8[]PBOWuԎBiEgu^Rp쮏:M0N%f¢>6\-$I`y?g9] r)(FoL+ZjZS聀6R⯯yWnk2{jp{N|C>҄1 7ko^\0oo*"A G {-{&*c@u5J@>W ] /rKg1ڃe]BhHn>ŜI V.Q3X3eAGyQtڀ?߼OCkj ~V Lqr"\f., 12z)Ysxj5%~Y{ nR.&qp9YDk7>C_|` !.}K3!O6siqd^TxTqek4k3#n\GG ( "R$s/3PG흻%8m,Y@_ u̯;gRqTU10$af +uc^3ca v!޽YQAL%(!/ 8xU'7VJ,6ƜOx[:CJ9A#Anȫ(]́bBNw kSE #Èq ͥDqiȰ0p2QdG;u}վ}]^x[^^l\Ӫ'*a=cb}|.*Ųp֤x/w ^1FBk}{\f&iź#X~jCZ ,IjLb 1\r3a|5Fg+Dצ )V>Rwiq M59z$;mR[1aQVwUiZ|9Hʃ"Al={9,2(5#,ª_[yN9eƮ\X1C+5dJy7Ȫ>Nbq=KM-qX*4oqJmAOɻ!,gMb<}_mJ%vp xm"Tt(a=,zkK_B<1fV̖&urw5o j$3)s(Va㦥K%;xAigϼm9 ?kRcb2G~Q۴7Mb qJ#$Dg2O $4ՠoۄN/D 3h Κ!6*$e4I>ȼFxč J|X˹ tt~-@\B$8!B!Tȡy^ T}PտG/}o>T!|>n=E$,TDf$\O<1bJy8c ^~]A7p"{W<RL@~;?ghg١#gʩLm T+*rfhZu7B#ܱ.AbU=KWa*m AKT50-9[ +y2YE`J^0)˙ eͤOV ΟZ$%?* ;_HپpaB]?U\'1 Qa?/X*9l%詙܎j|(Ŋ*'S5ۥݔI'EF1=rxb'¢Ldö0?+lAC5Y"A5pPZhj T<uN>5v_eBFB\1+ /O33I?dI݆Az[f`32g/4^ {R1X7'u鷒A($-A>/z +[a{E҇gjfQ}+>+[Q2?N4.C&]X@, _ f7<,2d(n:94J.m&ƀ gg\,|:h*Rk [*Y /w&^d1šY, >u?AE fp*ѭ:{ Q_QQuLI*a/ZB2FJBK&ʡ7x2+ca꒱Zzt47&މEG֧hAiǎ&'sh]t90^4e&͢xodRŷNavge:^7g#Ej 8͕l3rFгpy ''tWi<Š崞M@%jIX:|7jJY] w 1(C:"2sfka+IrYKz R'#7Wc*L"6osŷlvtgß%5ze-ceۄy KotS2v9l>w]ۿFnyY}v+rv($-%qj/~ ME=Uݜ4 @h;˸)] vLG_#[=OZ^ <_q?~]=꼅޸nLZx!WPef +a]zAOj+ݾ"pL!Qo3šޅQox.t!!`XTeRSBWh)hۣHXƒHN";D0H> =,3n,^(H괪_[X^`}<4G%G2JʖH/!fTA0R9<+}6ic~`;'pꠑ6ndf~H+  {^K ~UꅯfzŶYQ⒖J=  dr{ILз@C`Ƶ/V53 -E0k\j楞]nYF&ئ'R|:G1fֹ-}u FFE9D0bTJJv>E{Ղw`:Ehx3x1\'yRZސwSD4bkff(ds+@0׎ =*7! ĊE9 k!o @+)Snf-GI{p#á7+l<*j͕%f4$Ղ`LtXЪt[ƲϼS]gzZu |:Um2]ި .%3Ns-a^DpX s_;vRjຝoUpb@p%v.ʭ#N|"L_u]%֒9ߐx(Hqb{A5ʵƚ@"&{ëĆ2fM)iprK{Lց0{eeAܿ, ͞eP2¼>sWXiw;Bk3>ÑFe:=r=j ut)]KFlS}/0{nJay \fnod!#I𵔁yt "/r{%[em}E0QF9`f5% ' d#Ppki>.8 =#l)ڪBYԋ NrL <]}. ʖ3+ؠ*Z=a#8ʶڑ[_֑Riy`*UP J6%^U [/A,zN_.OR9:L~R4m,o͋D_i0ZxsCZCb.ߝ|ĕ[)OyT.¤KAtsZU-a#IVt?I:0+wM^[BÏ1οH2zbT6>ɣqxWeQ+6c22Օ^WkLM,Ʌ3s"!Aد)Fhxx;(ԻX>sLܹ;lW2!454?V@GdY~,o3$h/Pen==:=<\6$RM\BZP6Lh￁ yJ,Ơ잖hYِ>g:g&!x/g_bsW^<%=^2lŌJiy&H\\IXg5,C"~yT}!ڷ䊾(JR Xa {Nix͌UTbE ]*A7Nfc:[z%?)ψʆcÿЮĿjS'3^.&(F}6`yK@}t~ƹ+c +X#Bkl}1ޡ5,uUQ;qI PQ ǀb|ߢKBHŦ+ #rXX8OpKLMm3p;ƽzqLB$ (λbGm|8tc aE?] B :miŸ|v댯Skn8]H5wc7 |hy. ƀ_G*6U8!; 3 H( A'^3%QuZ@z? <` C_tN~LI諱xc R/:y^ONU撞 n+* k3{0 .q;:(6qūYaFہgjs !=_r{ڶ'GAuhGB4nE @$6 9uGV5UψߎT.&}|Cg.qr"10Apu tBҼs $uji$`jμWS͑Oc E &5P/1L{mY`s~$\V R:Y<-MU)Q2q4rdJ(zvwg(ʆ-`GZv>K/Ӷ<~"#~oj@V ̞e-3uq(E@<쩒Sx3v%mƏNM¾6a!7S2og#EƲ8 y"9xxa:<ӏ0nm\!̱ 拦Ӹ(nEĸ1)Bs#7FM1D{P#qtf7F<94b쬻3CSg z -ˠ; \|:$aShysw] -a-KY@x[ꌒEI0{$O nuL;+ b T̊C4^p3R –C,H0eUD!DML,w ǔ(xP}Kڅ ^xH<]ۜ9c݌俠ýr w:(8ZKۥ,tjeUD۱iW.pb Hd蹼c=Lw<<j2akj7 ݨdx~)mMٛ5{ț73{V;NҘ<;M}y؋PGb`9  8>QѲN>.lm"wFMϜ9 }G\K]')=P_$7\yz;}n\ JH`Kbk8fAUHL.t1 W-$q \hjWCg9g5fEQfĹ#OO$tD*r>x=EW9~t(ū_~axGK$j Ыm)nYSP68J ^omD̬CIm 8۹pYB5|(BiF&{pWDtv+}P$ >kBS3"©%I/.y+xۙmÆ[SgqY攬1\CAA*A O+^RV}-J Et|[}ꏖ!|7Wϕ[Xs.'FL%C@<%&ȍb$@KS"цAaZ-qM:^B冑`ʆy mW>5Q _!Jd8ܝ= Jh :\2~gaW2)W~f7FBeM=B;}c &+!}\-wvOxtV*>x8>k^Sʭ \Q?!|\5h )I3xᮃj="C&tSnI X.2]OS؞ LjY% U\H F'|Mgk 0μ[z < '^Fl'N k{kF`J)j|Է\'I 17Ua'Fb?WpE 3I\t({#iy!-bkl`6snJgw'i -#g-H+ëNj$74,ԩ_\Éb`lD2T" c쬡5OB/*MI}7@ᆘC[}{n9LVe ׼@gnw}`Pb`lZ+WLjŃ7/y!(.qOGY{tXi At_JP [^?a|ɇP`W<[Ѩ^REf@#Q[7Fs B*V{T`qPYN#$,_51p: X*7=hzb|_þu?LK)Ȓ$#rK c*8;LǦ VM? Xt$ 56C$ xJ0^,Dm=oB4LC)WJ܄O1Rsؕ{W$Q=RLgasٸ-#Eu*u[1n &KU{z$)8Be< 2aB@ MӀM+7>ўSZjrFg(֐ o]|;,fNضmHv0Q5&σls4z ;Q𒱪) @mj2EE УN$=cjĆn 2ZXO%Oe^=L&Num}4{X}rJ <|JV22Bvҫ|mjf b6s (1Z#n"#Z,i/B+AR}[Tx-*v)lCCC-a,abkj뚮l'V+D Hk܇-Q<=. P"Ux>h--'S!'A 5$a|ۅAQP2Hb 0_e{ĝWz?a;,,;cvNIۺ"M.mpZl6HЭSL*CNaȕ)+ TzƆk;ĥI2 `"[8!ב<#*Gz("\SmkфA0 JH/}@A(F]cp(X;4$UUWJ82s&_[H ȭrG2]EaPW(+{X"ݴC12 Ea|LPm*&JoV[@)5$&Eed v1E^?Ju,OfL}21`H#y|7X-%iG3eDAjrzd.wY5 ׋, JRq =WQB+sn`f_,gCW%,( *iq{WXGۃ]Cn}P9uR ] ʎ dȥ|5 R69~kZna$}gdJUڍPR-t @o/䲂jbDFI斲>Û:>kKpCxz09m/3n$S!# pSD:xT(~y;|A'Q]Է &.wj;ukV䈭zZ9i0C>y{}ͼ]d0eҋ84t h"rljJ_[ bP"@7tĔ 7_0 i66G]\5^Th|p9ԗ41Q7Gƥbg#*1.~Ca>25];İ I:?" rS6Q$uCvmH M =r_7 >"ղ@6"t*v^E]<\kbXc,Vb Ekq?79J:S Fnzr9'& }Le">n͜'a*&8kE?jUYfp"קtIMf!:)VD.[$ ;^!wRٵ I` Y/KW<~ENB#tp% ނW^+RÌ}}i`ʱSzYXEĹXEQr0 A.pQ2< B=kvlo~m:Qw ɡhvlv5Mq}jw%5d d.1k(nQAB" @(mХ+58.&mmw. o(7[bĀNh~TjŞ-~N)xM,@0Wᩕ=W'ƩP^:yzBQIlО ) szl;r I+k I:'Е/|&i9g N:>l^r KVvj7 -;5޺2 5Y%;^3{/8n-+ {Ҫ3dqPR5xR/Gr-$X~KL38G385Ռ׺LӻDQEu߮1c+Î&, 02vylbv ȳl]FD 6p+H尅FU {Q[}rVY"X^|-=n;4X]j,ۖ1tu&;Zhp ~DbCjMic )*̄ەX1 g7BȾLf]x=a)*=vf^J6GBԢ $aK1ƪA7Fzj|6gDQ@I+ /š< *?ph;Y5O_/`]1&[KUC_&\b%5K).N9p@ ʆZyl v!PyЁޅr #oGs1!U"J XBy]69L(׽n(o] H9FxD^h(}5Ō&/4sIX2"Ny"BSc5[Qa#L |=hMWm=~RC\..G^]JMboTU|Tttri2EQa mOMj㩀ob}>ili`U0vd(cd{-T_#zNt,514Da[ t>22$y3IN+"~gH/fd3|y9Mf\?1~sD/C-9SF69/iPVR[+Y|X.?IHI#U S&C<vw]2г?nl%T'q⦽5k6_|ZᆲcS {8k<$E} |Q #>(ۯOQ͟[#|eܮU>֒Gy.u^:xܯӛ5YXjf+ﳞ/(Pù<2qh4`c&wuY[Yـ)[UA_(OB>#lC[f8a<.&Si ~ew|kyQif32@6fmH}]t$Ƕ@vxrN6[i'nVK1i.DaDzUc_5{BoN`LB0@G0AV3qaR2井^n&S&HѓWsޅ;B6r,d=ͯ7k7Lj"o>Xk^}N4x\ݼ;OȵSLXcb6Ňjc+9ebnڍ>i @(=VS SFWƴ'?Djߑo8$rBy( ~7}3AK G|"dvߦ Px"DݲKv:lYwXvt;ͩ!Tmit@:<M.pq~Y.^!0?(rz4S xоg q͡\ n"X +Co hڮy&D_>:XZT)!gƁ/*6q/NGH \mM>ȍeWAφZ%/.ۄF^ g @Pyb:ᡡy3/; :} _6{+iʷWеXqDaՈn k--'IC*㚖J*E/ tB #QU;C~I? 碭%6Q1޷ ^Iʎ`du> طg^1Ƴ#XiRtS-#h3NbP" '8{>D)B1c9 7[K-Y1H91^=~; P;J \L!j4;GV,ŗ-=+^U|nQ/g1ヤoT6|[}D9.sg34ЭY[EPLA3y<=!#!џ ٱI,H3**TJćN)ɳ4;d]Xx#E=jNU2Tq)Lg|Wݛ. Wz|7UֵlQ h~zrR2m%l4`0 ]KsG~׵iHIŶT^?ف0ST} >hOz5ZepA^!!_M!s'=`wɐ~' ީL~5ATS. ! `: f(8P4Z.H`}fOi`9Tk}Sʬm<,֪C_{v(}q&^;mBΘ<Օ柦|zU|#oAVA5p-#Shi*v}vuj}8J t @o]d),5N5S[ "V=U{ExsBZ vI!Dko4D е]-1FdBNM3WAu"β(6ѴL@z/ЀげDg,z]21lf .Ũrͼz Z9u07#>L l) wݜ鳏 Au Io*(p{ZУO'rs[4OeO<-)-u(^E^JZ8!ϛ<:02UWrsD}=ڜ3| ek5('ǡW̉7)0g{BIXBΰ9!p5Py9Roe"&XˎsSVۮs;A6Ltc6Rv)N†H@S5 Go9̗(v LX=Q)U1%-?"s"XKgCQ:bED>Xi)dFl $[2,N{Q:T;須AX- ! '4ƦNLּv_i][iJAkVmI="zēzfO~Z`xJxtnkoY GI-ў|7+vݩubzrA ;|(^@a d҆f H,ZߧVhH>-_WAR(IhN8X`J94Lwr$vņQnRyڢ)]"Q/V`^ϖɀdGWManxQ4`_XSiїP RJqidv\7FW61d l ͹ mR(*EILd[?Q@% fId8M3!H 3LeO6XYaO"DϖC[Dn`"j}2t 0w-!Id ;TTHho{rze0-lJţ~V0-$ߕR6yV?;MՆ};B\YN1XVK,%Nn-a{mnCbȝa#'J'O|V^՞L|~t_Ct=*8u-3Xl~ 叶x2eʣӼp9਍y>1=;EpAvpdL{`/AReX6ɭ`o:+TEFByp f rNަJZKeaŐV"_l:Trv7hi˯aPW3⃑{Ҧ. jBܽpe\Hn߸l:դY:(EEܷ?vC/)ՌHkL٬gdBf%%: `Cx0)|j$a[On&BE'[RWlHi/ƟОhI? [`~¬O'.2k^O}w-Dx@c0"' TrȨDTU3U'dF+`]}hZP7yO5Z=:e. &n݊+~AJ,mcH\joB\`Zeiܴ0v[0.x_OɘZHӗSRL=4"e`}-kkKK$P^6~Xq.˹biM|0%XP\G=:G-jD;&.d8PHWLX!('u{t$_p96NRwB $BWk/dl8xTZL7x16|` b'٩Y#t ,"ڱ_65˭8= DcrȽJ-.yx#D&w?+~ֈI o[ cQ7atc˳8|ˬ{_*u}\!F9cz\;txV ~^5^ P*ԗ+G RB{',B{s~v$V$ˏ$b)DaX՜(}Rn?Fxtƅ;l#v8.-BM)1y7^9 ^M[A/l ' t;=$`-+zЎXu(e[Xԉ\׊i%,X[ =BYns9nyGX偝ИRo 9Zi }@DI;0 ('a4/+kl֓g"B*0Ĭ4,GDnZWXO2m %KvsEί5hNA>~߯k}Ud;5VWBi#!ѱ_pXtIҰQVx)[c>6f?]Du_ .UKz&)'El.oώywT]CXa3m!9j_фڣA ZW%5t=Z? NsrC]A  Y9;Ą̀T3bvυ?V]#2xc(pׅ%tZ~"$nNq%Ӊ B2c]Bm/xP3{Ns0zѕpU趆ORUATqo{ O^T:|;QH꘵` 9v^ӂc7'0|GG}#؊ZIy:4'D2s5>[RN&eK6[d`鈺$H9~jčH DƓJ!FӇZQm"[cfd"~U؃W }Gx RM>DpC)>3gջ"PאJ1v)JqHW61d85,>zҺC_7&^lO$5BM |$?{qz\[;v\Ip86+R|i>q\ĕ Ys(ӽϵp<aPO8"s֫l(BOljyis>Ι*DS#]kVq'WCC^y" ZhR%u#:7t]٢oiPmun]FUS/~-̴ ivQ{ݍPg*`ViGg*qnv3[3"r,93ݾ|EK=&w׵3Bԫ fTR[ ,˴uDZg,^ak𽯶 F+فتIXG. a80C ;3L.pwuK-/`M۬M fG[$K@-9o-} d0 }5tUg"'hym! | EG (?R筘`M"Y݉[q'>/Tu Q q}E OŪt"9M|F=o*#$#6%hum0F(֞3ئLa?ʹm=)rdwy_,Q0kB ߬g5EI\RVL'Y0ե"wFDa@$Ŀ$!p Pcz#eP@bUIĜ}24>xO?RC_(4V-WrcQg͆?@ u)5e|t'佦.E Xg _ߐa>Xņg%/5hK5)E$K1c9_뢿Ӄ U)7ޥ_23>M bPVqGBޡb^v0l dΛаװ"WXydģ]mj>ECh2nsE(=U23JiHM*`\]FjT9չ==H6 YF]d@2ߠ \non VxUKnbȴsLK+kƩr4U:뒭:'Ys(nDJ!'&f@T20O^yDY~g},,[43|2O=0l:yr5+zM%\6Npfݹ{/'m/(7c^k = M,B5 U(_FXHcaoVo 5گlc˸oG/HDs$VO ukrkۣ~|?497藃`B2y5@ZѦ$^tyF<_8cOTG~8[,"YYIʷԙy}Q[%\鐕tS̋s8X+<e }Q7/ֲb*ʓ3'@I!S'ۇf)ȜF[?)?in9;wrxVx+>5̱^v3>1]GU..43o?!fFպNFcaJ)[<"@S(ⵇ߆ : 4w&c|!lz'F׏`/dN!'h}DribOw;*S+$E0} LoB;U,YF0Mt-ُL4\<zƱqL5VwD`X&ޞa+Wlg?k297 'ŦڝkCsA80i5l"3w"#HTр;W%a0ZnjlA̔,!_Gxǖ!|΀\xˁ*Sیrp? &:[gjMѩ0$,'|@D$:`jʄ2r^FZ31.|y0\QeF٥PeH!h%muR52pF'cɾscT\<'A+1ڜ!Һ\> x`A9}U/g>1#ٻ2f}f#ڣȐ?'re? 4Htѵ%jSWyGn4Eo΂ ͤqQ}_;N%4@S;D&m0`e`߈ywR4 S'fmaTG)=$Ht%tyH5 yR|9e9i(0_pǴ/}o*)0O''rv=4Xjq{B0MnX4clS[sK{*sA! dMqʫ419FwQ`{g[`i*'{bs\9tl;0pr!eҷ4kKCkxMH ΢@˕r3i *s$VT˿;m|( O*F:Ad>MͥGCO`{ZmfD4N)^v>6K3Tb1rxdGnM/SBXȷewq0͹* I cl/{P5f+/[\d;#O&C-bIO:yD5˸s|IW.Y p:\5'xeB*xfذ>Rޝ3:AA4kۧq;ZTynS<:] ~qbM߭!ͼ7OpM^@K}jHOӋ@Y2^&32-ju/{L)C KfHl /o@G0_dB54hg2㪟TqO>6uaxCt+4U;a`g[5cЪ[e|:]1l2&A4V(m}冹<ݸ Fo4ABcN ֩,9[ >{Ҭ5?_w.lf&fNeyd:e ޡ;5vR᪇]9~&f. k =ǖVPb xok@,ln %I;.JBx{8qY1j>j옽 VUogxy Ge1~"/'Ҭ39]H"|Um"U-4 8ʖm:fGSy8IV=PC=m`X;l<)⁦ے|~z/;Im V^+RFT}yʪ?7_Kǟ5Inх/_`]\mG5T|t$iE|οJ{Y+ 'W%[pɂ KY^Y߸xhFo{)>6GHI:= 9Il@Tػy8fjrk0H-?n~۳Eubnj#ryq=gn)􆡊U ѣ(zJAڞg fa[w#\ Y;#HêjF z+uUh歑.oԀIy":Jk!#0'6dY1YlF)^mP :m2r7pZ48,Z#[CѼR+93 Y3Ež:IH^SԫB,ʦ; '}BqKx_>UjhxCEvDLOq{`pME/q׈W>0ߗLZ^F +]{wџWoD'\3ט.fNٝ' 炕`]v$¡J=h­* i5;ǴY^˩W fG1ժ՟ҏ8J5_ߎJ!Ft+M V{Œ/nzlC4iȋ0&^ ro=ӑF< Fj%2b:i[b/Oֿ B(aUxd0&&smD?8@~=$2Ԩ>[u\hOXC-/tf}^W#0;EŬ$O7ssBäA{5#\9;?쿼/}Z=|ʞjN+4@+ AXVÂGù2RVsgUʛHP4'X>J =ßD賦v$bwMR._'5ljיhXoS꜄H4Sq& ꎜTH`h5tpސ,s$"3W=Y -W?4~X Wܿh6FZ<owVQ;Fɦ 16 ˦JQ0hZ5lmM/Cַq ߒv>6>t(UrYUn{XJ3ym :C;dxohu䡉@ |L3lUJ ۰ }DaO.kjSpD 宵КrCn&eөPttޜDNOV/F҆qс_H ŞVqꆅU:1lHǕ 䄛axN[S?%NዽbamIYc~))3J 48J{`+ /b}^?BH,R:S쵶ӬL>F6G:*a9jV6R]AW s*Kk Q' # H.7)E{-rRE'Z}ښBa6G }BLyi}\H0P}*25];QȼB-{" RmǠfo|ktyM !m?آViSt ݢt^DBn@@n9n| -🽼H8?@v!=&G#OKq ߌNY W Aɫ9IJ';񐵩goז,} TQEd ԨV32` **)B31*1T&ִ&_Me4r*ߒ8>޻Et=+AE9W_m\~Y@VTae[KcVId(Ah qЗh>j[H1Y}7`jS}BvZs r9?o\Fh ^"4O$r$τc B1E&@3S׏ۄhl1Uu->Ȗ3Aђb(SҚ =J7Svd혇djlKIoI[+SΚ%˂"M] R $GzF0CAl3{?]l{#(#gt&Wji;򃲝Tc8`z̘>T |pJp=ḀlD $+w%>;P.]8>ˁz=>6NXA과 tolZ})"[!̷r1 g`|o&L{Fx(댉޶C\xp2^ U=],d>n_PEBcJ?xB +Y*G9W?N);ĵ*p'(Jʣ(_+XMT 3+(Qv@g}SDvGsZAqhgWC w)Lv㩟H}q>&GE r҉nKJ0Z!Jĺʡ*@QEچNleb=+{㚉~;O )^b-ba/sY}dF"ut=6-J (̑DXݣ{`JԿ<" 'GLJ/x(F=KgcEG!MrhܮW7b}OZnGĢg5|T^|lHX=I@ͼ͹ɐuR, `\Ϧâ+Ǹ׼Ip)qŸr>|M &s0B~'m*"V eLMhAk'1O\rVℽ.ۦn 9X.,NA4Fn<# |]q/7i-pYWdbVM_i(f!F,Pk1lF5bsJ Jkd.*Ew[bA)j=o<8#?v"X;jzo\[=)L}?[Zd>DFIRU\yq嗾 pSa l0\2jSǥf mޏ^B o6FO3#\}ksu-50݂J`jPo=a^_|*;xp'*Ѥ7gHJOWY tOxJyAVRL)&;Vq<0ȿcEi$)2maظG3PJ\s=(C`oY;SaP̃Ͻ^/.1 _\6Z2GĒ@7{f> K) 4B|(/4oegC:4; H7y0^vwWq^ZbYC oBMֺ =hFy#vC\硾6ʺct F)KfƮUP7ܮ́S#CĮq7DV>P+tPߛjȶE70) r]Z}DBQ^d NLR7`yث)?}hb85h|f藡˗>s$Lq`VXkT [OBh& !?VRփc`Lnpy=ke@;~K 1Jݣ341X f)>VoiY_ vc!Ѣ,k>rq/ف'OIQe\uxx$7% 9'O9.Koȥ8s o`-/SC*F,1G(kHuI |AYv(7އBsnRwcåO,Er״,a] "9>OuۯfnK$*:f S0U")JN^2HVȁ_,sk[߄OxXT_D)V2w {mC΀7/A؂w# ׉F4k . oԿN#EnRxS@J/w (R"'ixsRd)L*%JhIwqBs9^%*`WJ.{UVƖ4bnr؛NǧfKt1i`*opMYRh3.Ts GI]š]MBHsb^|qO)Xd:3ERA 'oGrv*u<uJ`KlA:j_{r}0>ZY!E5emߛ8S]ޝ4%b~j?OddP]YPUzfHN|T0\tbV,=a.,X=, C)D nɁe% >?ϗ~b2#~s)1|ܮ$, 8duS(vDƫrd^2.m!!@8p >32⩃QQj+2(eyғoI xP[6o3ј,w蟄+٣úd6g|vtbe羋ZM s?REչ꨿\l/ LEuw6{ ha,8r!W#@RpV恽 ʍUdjJlC9j=~2tGqQzL_3 +u.;`'Xl=!9}m{CAg[/܊ښh`B %YX[cͲeL8"+BR-ߢҚf"R&Mp-CU^Զ$.ߙwf*Jr,λ\eح"9xߥIKœ A`!: }ixlbّGG?y& Qd- YMtY YHM>Fpc2Hw0So($stxRZ<`Iu&K4~ C06)(zSF@͇>,"/dm28K~S00leg޲VmY eB!u R/Fq2X.|1*˒fмl-/ }LڄbxVrWqK?Y pTO?b+{xntB e|yQs{͊G #SW@nVx{(R.Nưg&w5iմȖ?,<˃Nl!JnϬf~" pOup $csKVa.Ή{=&|C[SB dG9$z%"Q'^TyLlkG"sI"v8U-qCo0 o(h 6úkrLȉf&Bۅ;2n':B}lr{CUօ|iRƯ= ]'a睠F'ct6 ?e ,ʲ4-C7X'*ZQiXM˝|s PÞ"eݫ0@Tvٰ 2H]+/3]f\`{~HLԪzS|+$I j6qZz-#J2 OӰq>ysU0$J7Q`U bn%`aT K ozrb/o*=! v6~f",qxWtQN]!+oJ:#a,Mn( ]*Ab%˥쮵޴{#|$xPΚݻ^">t\Qj$[K"$MRܩ.e:^yڃrg7}>^dJقי9! {go@%+}\oZVbv]u`br]̿\*^i/ +v|( K7!XvK s ȴ=h7_IDXs:Sh[7mǍ"aM/"2Wqczyd56Ggю(_2 `F">mdaHok:Ki:Yg=Z? rUiZb,ϯbgHZq/&B<\ )zm0PPG3'TTzdUVHCS|K9۱-Z4v)J6QoF)bXU W9էNSɧ䶂m%AOvj;GXrZJv9BXEfbu0u OxuIubk]6fg #~JLj3Zq.&o!fߦɬHyPSFn>>wVPD.[TbblUM{BE>![=| _eo %0]bv b#$B?5ȥwYlT4V/HDbsv|ryhGNjNXSrym Zh1xBl)FEsDS]H=yUc:^5ϠI nLv/uMEopYWa=CFT"i&PLnLE_Ƙk:DG>k_qzb3;]Z4Whax洷L[gH/w'uQ5$ZIFAk)ژȁ" 8Ӊ,Q^񈂏j1J,d섮k@!hqbHx#f߄: B+YrvNwH>Z[B즽k1uW)nIyL~IicB=*><ևl.eBғMBDExd:\éd;|X9(o@Hv&#i5'Hz!!HH #&X5 b: @:V=~U[7dNyMUwɽ i| OLU1z8ĉ-CH"6a& ܐ`/rWT?NoI1+j0e|:gWV5c- u1+nKY|$` 舯9C0&ZÿfؐҬ#OΨHA[N}_cHYSFѴ*[!?>2۽e14*׶gLowmjs*}td6JӇix>9.7l?=Tx۶pJXDT T଱3wYANlZ-urƪ)qd$i}}\@|Oq=oSj(%qL mNg<2Ȯ~-񝞆L[{#4=NI;H%0 ~^RG>].j(SjŁH%fDѭ혧FVԿ1`hSG4f Y  43e݄*k¸io#NtgR WK2l6~0/ P'C~H7-^HTp.+,{0Sa1ә/4Sl  a78V eU9M#ѝ(TRr(h*bKTy/xB_K@AS6":ZVui(>Kr tkc^ kHDDVIf?<@󜼯y߹ 8ƢD̗ p4xkƘ|`iR3+|@JI3M6aF41(Sɷk:v6sÉIPAߐ idWO8-wfX7)yF^ZvhP~3u4Vv5Pv!%ڍ#GΛ>A?( r )|DhrD]w!oR=q2{ttjlYhfxޛ4MLZ!P00N/1ٿVd !e\aƲXVv"Bpj< H]I}*b&D@$4 NBAi4GMHNAboҗ8$E=?jw>kbw*×M %{CT\h%_"ewՕWbwx7ͧUC韇}5xZi pXOfL/]'>T]S!zt: dU*ϐ:%\ 'P(W`׃q1IF$'^r[S~@q+3 SAi*!DEVnWA*YRC~?(KNvgʙeVèMg[W3||QCy &^Zl_@S%zsB#upVVt*|YPn0;_33YppudRveM^-Ձ6#0՝^꣜u Z\5;j!sWLD6ı|V'>'Mr1$\KJ qD(Wő>U@onC>>ps0aLGo+RZUhDh;CcKHQȟ=Mixԛwc=_ԶhP eVlJ}h-@hFeɃsG~O$ .c&J~Fלhyҋ?t L69hcp vR^O7t?d #lBF?% `@mD4KZ1ҍR{*78CsMPRA[88iۑtzWz X~:BDRE_ͳV~;W4`ys"v!N&uqO "ce`aa55\ir*R=Z,%;Ik1 Q#J}RqҎXjf"& C~/&j'6X!WѲ #9Feo$5&&~ZPvrc^ @C𽏋j' }g ehi~ I78=-[@x Y%To F`ۆ8FٟT]ҩGt˂_J+#34C\j*[rYK6`+i-] V}+fyҪ'uEX'm EYbvЃ${(&>mEdR[GL(ѥt V(jnIx4w\g9G<Ki$Ћ 9a"JX%T$%,sE-hU ;pܔ<=bVrM^w|VN}pOjn]ZgO^_)J1-4oYoE=@XRr'P?Om# CbNd/.c54@&"֧{ّ[.W쪷/fsoUXj-+Us(|[BAZ|b9.W >E'f?qj#k%u鹇5m#Hw%Y~O.ݱig˄n'O:֏վ8eQU#a)`{^ޒ&-Iy iyM wzJ? L7 Q2툆ꔄ4@0J̃[͚E!K> ͣyhjߋq+m-T, |-!Hu.o'tljO }m gϸ:n0?LL g^Q^Q+uJb^#c)m˼(_~eґ-$PEiDd90m^nU܇=XL+# I pcii.A~+f8z}?rWgNgg-ʤc}h@xwLo M Un ²YZV,,-6y[7OLw[ϡTT[\+'P݂HRH^7opS6$vQ]\ e;?T*v"Y<9Q&W9àd(Ѽjv.@3@~bƍk Uݹ7=:"vfSc1Dj^h0VQvie2H곝C "\Yrl]ږ(Ji7(]yދBGM"xDa56Ufǝ>ǍK:rD7"8`X)"g͊Z:dpcC 06Q);Ʊf/Ѻ{9/<&:0&^&=TDa]#݉UL=`g.Q3r+M@BEZS@I9r,0oQO";ePVx$ē͂{zPL#-/_lxD{ 0g>ƔIno[]\oeiܭHK`zscwys$*oi3Jsv4\4Gb!D&Ĩ}:pU8tXKzrj# rV"ɇ(샲 ח7_-КF8`GuaqzLB-`OgLXb(v 3@s>#ݯA {xOETW^`{{Q] ط; +LJ2_3J.gPn qnԭ d*x'A9Yi,%zvZcI;1hC_TϫrXV>tDVeщl>wR>, aհ'K ale#+uC_+Ɔo'&>2`ٗlC+m@\ أK(_Hz4k ̳ԁ4uIJ%`$`b+4Wx7J0ѐН7dG+QOG]n`"2quk~KT$ AG [-Zx!OO>?Y eO=Nvaz}=U3 KiTGVϼW CaJ/'@!*fbkT(`UuV71 z*UEM $"qϲ` Dԫ\vGH _'R4s[;y*UZ )?ST_k[6yz0"C 1,z9Ezl~&F0>%dn51`+"I8(r{/V)-;[}Z~1N>v%R]c\fIF(&GJ-J`=Y1Xh: 8d`+֖`,Y{ Eg{eX* ?4ɜ-Yt6`;J Z>9G[fgx`ӳ9j21Y;YGdz;6jSݐ% pVJ, /spx|O 95Wu-B%(GI3H=9a\5EUPstpOKbB`w'kգt܋C~nl6.T5Jihԡ0[+lbWrG6(iRHKAJݟr^'$h-8Bn2ݯ  ?j pI犓q׾L,-!`QltxBaTQ4TɅ4)Mg)܃:yWcjFZu"CmE{uwa,& zr5(ˍ}nl_HϐUB.t7Fbn+O9 @ s>VV}JxTLY_D+]qֈZJ78 GP1jkQy)zmJ.8PXtR@xy8"稚#;}8O9'oK8Zvmz!S\wu&=G~{(^~-(w79}h6[}bD vevķ/}?UmBt {hZ[aS;Qz4 ;Aw7Fddx=~afP?j uV_IF@ǽkaZuad |ۡ_{?`9cκ>J\1ǡ4 =RppW;1Dx\N s7Kx8 7iK"FAܠs.ې{S7%7@bR ?p9?᪘\882tcr &;E(Km8ZKȊ7z .Dz1T2KWuAʁo;%Mپ :Aˮqp c/LPH𬁆NG@ "Qbai%fZ=4sA76Fb,Pd"4RD s8 h/y|'I?OS֌A;OJ^.z/(Nyd:)AlW\bO*t->Z@[ 5?POWMaxwƻTF10 )MRJS-J*98=l5r*V.}s˃;>&keZh8xTİj&ӅxjKGibLB|W29/?pNun:1sXHaD UsKT@>A/0 3o%3ސG;lp:[Eѩ8齽|&~di`&oe]joy&mp.4^dq:6Ly% :Ru^G{=֮HéeڥԢӀӏ?Ma7|?}87ORM l882)w/u鸔8;⩟k5:lɎ7z}{1SX`8`vz >2A܈ET#Uo]W}Ij!/veWVمnfIv\*/YHH$1ZP9bc y &U}E~Gu-mhtR/4h幫p;P/"<[MN3~qzKL_Q8s0u_1+{b&w,d< E.Ϛt`A[N+i73lJEAAa4'[`aZsvYGSzݮLlJR^̮7}|C&W_W'd cUl#aX>BzLqB XǾ2!VuF?8Es<#8%fcOwh|[ T{L]xI?;$םjg A6N>M,!'+T+ZYm;qєlaJ/I$¯J[q"ivKɺ- #% :P|C_lwY AsP۶"fPd8+SY ^v7L! ض6)Mb9Ik.0ShAMM=/A_t6q|}rRQ L==TMMNwIwG\'if L/B_D~(yX<塈՞t6;Ȼ#IA bQ+[>ڼdWZ'h !G(h6yΥ|XO3%Gܒhrjp:d%UIeΚ]N$\ 8MS<92'Ff` ,*>ū5!I %D:m+;4rnRk`CK!0;;)`+Eg->9!HX1[˞VQwbT+2{@Bhf+uf$2LJ2_`F$h(3<A=cXez$^R( JfzҾo_lx>nG i܀&cDxw+~K-v0 K%+em@PdE0W<.<~v2OsEBwbx33uwpzfd =/΃s1#RFM8\PGSa%/ S>VZBM=Tq='фW363D:%3i! ]w 4/Bkg%y(ՅRc@ǰ8Plb4ԏ85J0'`@{k7|uR(_ 57iqjK#^]q*V Dh)1no轛6;:p8klXu% >ؔ .'~fעҋԄ܃2RR&as b/iZEO. #72!,RQdZ`h={]ti ;:ۅX[1Lh"%T}ZKMBb=a{m\m $JF-mI]$oaMZyhx1ȖVa>4q4^.c`aH &4vPyfL_=dУSYFNO HR)U6X]Õ?2;#X+DQO'dB < -rL?6k߼Ҁ^qKIzNg7a qecڼ_ ^UX[ cGY' X)#S(>W*IYwJB֨N/fo%zŇl0-WEd,Shʐ"c%V+J aLy (tݳ_#}ЉLtGY~o^~MK&) H7z zm\֠-y9kÞتY$ ,o>UF c^N1tޤ:hkC]V¾'T4ePsr-sͥh> 0tucоyy(Tє0?|0ENv?#pY"6y :D'lp9)(4vD+ n=H]Frɤhs|-ҴmKzL2Uی!s/hhl`j9IL H*p wWV xK9Y_K'co[ᐡqd9W/>mP4\`BhU_O(FO=Ï٬ ܗBVtL-4>$/ + b!.V٘b4 9Xw ׫,NELAooϒFAdCm2pZިrzNf@̅c"$ASFjTDd@Eנ(PLb0D$Xi kiKG鬴rdopvမgL?VP̓*ʓ5 @DD3OI<VTџ+3c&?oUh_,`flmđ+s<Paڝ, .~Ck#,|354~ao F\WĚ~Bve8߻L@~35!%虞/[N~?z[]TFgC#Dz(|Z&J|'Uqpa%gR%V]OS'4i{H 0|`R_Aa]3/lD_& .h']4oL`gLIL[$2lBh$A _*:[s=ɺst滤''#!EĺVŔ?Gfg::hC V.2wev^<茩Av.@"2]ej}SMZ BN!+J$15cN/B! ݟUA.V2yb\EjʸIp>pVLŁ,`p].:lEU5\g@F3aܩENWm|<=i{ۡKZ.YsѢgPP U$%ahm]œRj{:CTO(n7 ne~'ɒͩ|K:=`qe< x˜j/H9d#1-Am<<TeP`^DA;579d.~J{meZ⎯fW#ČT%J\{/XYvY+{_8ۅ/er=SGאF1/#H.h 4k&f{͛W O#s: ɠ@/}&->=:4Btúg)GbDZQ^$9.xc5Sљ7[e.mB7N,f2 bVL5" IJ0Il+')\y{De;C"Y .WDC4>[k.HrTXbcZnVHf#ʎH ;|0{j3K4ߔf<sYRA$.~kOW\xSyԩS1!jZ7sDDec 6`i )V*zӭT!@l[gc)CjbGP epFd> +AAHz&1&Qq!\c;&E(G B&oghFH97m3A~GNEg!@|0$sw$sW0LY~UINE[/4ԩ*"> 8MAf|@@aM,&<J'nzWmshP0##UX6 ń^|"ƒ;X{ɧXlaB{k2n+G{نn9K/i*ۍ]m/XCCG )_knju\ 7Oێ3p)Ld)0\윳4a*Z[ 8Y!lBЧ.SlLʃs?Bo&Kbb0;kK8bz_ ϶k,FWLq&|2KzdIFHh=<'Pu *ICvBRַN̊֋gm61 >knjv5w23fKdKήPSOY=)pV:S6U+_e2=HNĞ#BqG-B7Zm؄߭ˊiZ8rt#EXK>"}>.-FmުghCChTcntsH^2W2ɉް#qfJN*k(/d&Hģ4,|ގPΡfS`>,Oǀ !ca}Ø".M/>4y/.* U!,$"Nb8@92"Y.}{$41T䏱~ג[F' j&Ӹ=dIJ^87`p2C*KрWSAvg A{sNX2ٍ5)3ҺfUI3fRc>8ݾP[[yrXCdUkqMx~@\\? )&)r6c"^L@E-ŜeZgP +лVqòԷ{ IO۩ ̬5AX e1l|hgzgz[L#K!llS*qCƈQ89K|aI5n̚Gi=+!WŽTh~1B(_fůeVIQz`IFitB@am1.0pF2ẐN&{m<`Jo0lDs@0:Zjv 4S8Vķ~v'S`v|f &ɱe;Uga p=Ez;~A|01J,k>U^yq1.?LWi-wiE姺L.iOrP,BRw 5sCʹ2;&?m~$q^Y?GMIT _LEL{u? JmSt+;8A0&_ A^ h>L#Ov rzW[Ķjk(x~k~[r""aPB]0j=c/v_\GQ;dIq0'~_X H'\. o14 T/G\eɉP 4 ՙIpAwt#/Lq}/@ȡEi{C^"xa[~H*=P0QRWI~v95PN)UPz ?GxlQtRxOKLM/NrQĊn_$ E٨՘}͋xi+ېBn#V"ŊB _i<'76fQqf7v_4̎)2l>"w'8'M dH r벱y=Y1vT;VAoH BfA˭ q!NဒPTbj&hĪ]eWuK $N~qz!j 5T&:U9 (e^:fGx^;.6JԳUKJ8mT;4)*K):4?$<l[%!$$B-ԍis+Et hJCӝNQ,^H9) d@5| 20U$4Ζcwmhcwٵ{õ瓂A۱Zs+ȍ _?ZyH$9۳ߍ%@OD:g&]FdmIW\[/mCgf70sEA8}Fcm\-=Ɠ!S)Ž{'=;J BQk](X- RlZ| E" kXQPrm^Gś.+xaTIyKwOn*Vɔ`c?1e8Yk ]!0 d+Wlw K/]4nT?6x' @=O5emY-Ϻuj¼$RkbA/T9F&dѾ :oG'W;쉫B>HrN!aP;~6)1ymk-9rQ6֒?@K _nXRp&4]8mdVϝ 4V2#5|7* Jq>D,"iՔitUSeo[CNk`ѫ!D:d9ARzݤ 8g}=jRKzd{;%3gSa[.Yʎi-SI14R  ņI"InnY[ g$C]=:.7A=laWUfXw,C&{(UQԃE4J.+nIMg;vƑ!d׺4Td.(G4j } K ]T!zvp*kdvZE@":!Խɇ#nHN3/B>2;nx6t'tj\a t'9߹B9ˬQSS*]p73?0Xis[#V jCh5%\kVr9/JO|bU35#76W}(XHg9OW'qATxjܰ{թ[1/.،t&XmUEs'L.+bk+vxclg_HqҾ#KѾ&Ny, m2d*piFr_[ )V$㖠GcBb'z5%ҧarh|li@gzp<_A&v<*Yw)guɞPyFWA]6/5)z劍6D}}q-Ɛ)iSSӊtoPgj  Q?C8?5V/_O_\.pV \}2#8)%$i1Þ:k,,. Gg YG𳐪oO?K+ =}UdEBrD8t4k';|u)("R0'o}?e:'&żJ!rVvzzV7j!뉮[:.Jke7"la]'32P_NKyPvDSrfO,V !q <9zᩑBB>Ex~l%Rbt'4N#|ybm/:/|5zokBv<+v;B̳ɚI"1YPOAQOd e[ 'b:Ph׬[d&ϥPOs߉lS'.T9mž]vDJEn +wQT+ܳӠ+Rˣ7CFlE۩?Sxc@J\QHaf|ֽ=/跅X"m΀XNm9WX AbM[` P9"QuRW>#-1U Fs:A_YnِϫcO9`2KBĒa~H9%} ٩N# C0T ez2wȞP Tщ,)wiNn;:9M4#z)McODg)n*HoWgY<[AB0 |Q%Hboh=KF6`@|殐͌ġ{ph & Qzºҙ=3s3Zl5o6;Uxۊ֬.&nh>Wɏ{=GL[L\RvhRm"KAlu2N%Uq̬Rc+-و+;s?lݻN?I]*,qWwr~<`e(tl@?oیc?u!˺_W@5:.FC.{KzVRC7=!PA 1nP4'f6 &D@av39O ށKfM5ȨR碱)9zCB6_ s ŗIqMݐzUfdz7"S9̥woRX金vN?>nBt*E}Xh ?;쎪M!!r鲹(h޲Z5sP.U!m`p8k1sZY::HaxS!|<BEb5wN/Fe4z{2b6~hNq皜yGKO/-u$"+!j&lpBU"ͦl/ZLZa Mv@o륕w,N3RxVyXXsR,^<3L.IJqJ<[->>I#ASbv>upz5ѺoyL˺l]nen-H aH9=V0V&^Re拷=ʏɻV vM+}7NHy_D=h0MZyJ#yf Ǩ/m]Ր!mK j犗؝xjJ S\xti зw* տ|4-"Di DkTī=%rg9hwFB0FcDCp3W~F뷪ݝ ԬW4q@֕`zxgh߄&OrPk}7;F7i+9.c naDW||k)Y\p1M#?KfDoE]{ǟs7Ng󨤂87e]{.ۦ[2\#JAUv#ޟQ+`ţ<\WGNtx *\zۇ.H9u*py .Oy0ܺQ5j~sT aWe:l$S9VQޜ  [k NѾ*lb'5e!Ӟ mW<7i_iI-N_Kyq(zc/Ds(,q 1K{~bJ#\HSVdnŧڛF,5h)+3RjzN*9E!f8gZl-NDŽGv1s4eyO0%w9k"\9E&)b^7sDr_;HVn%Ii[ʥ\".^R|6N] Gޞ~0HK~͋*?1F)uUeV5@ .*P诠vy{MFAɮ@nٳnG ;S 8L#"?Udz;^Ws0O0v $rɳh{9fYUNdS% Eq;r XzBqY,ܶ Dn&3jHZ EYlkRR JQU14W)-sʵ{p7g-=dY33D퉧,lp,j$@WNmch_aw쿬5?˰)^aTfy;)UV5$^k,"( ;諂3|72%IƎ=O1RH2r#CKU%#q'۞hhӽ'zdxY fyaE( n7d:GLCv @|r:1 q)ckp =!gA%n.~J gAqAi4| 4ME^?- z#gĤY6* ݯϋFLr>.[ Kiy;Fg0~&?m}`ߩ7yjDҨ`u쉣 i'@|0q >_?{k[i ac #S"aB<frR2S6 a>c-kWcl_{`/vsxMP-m(K_8r_& kUqDp†02Z.F9#  0PQL ȑ'A%03Iɮf&x7G*㑦%sYsNd&x;^@~}+[B~Q%+Un.FT Ԡ J~vbeЍFEfp HBʧ_1ϰ}CMb &(ҸY=!Wv;2rE` ڡ 5ekNC@m MҫHa"E XNЈRp8؟(,aDn9g\)iuAu# k,Y^ͲJ7[ SYy.@(5_ oK BKxO_Ο 7Y{s׎IJ|wH 29E$-sj߰XZ5= Wx9x7cX,mbSҺM6lf)t5.56p@m9 0uʒP۞XVeޝ=.TXWvMaY %۷'I|cȭNk*xy( M#UրV1[q\c`KAuCd_P?:/sj'qrD( qڋ_ְxDi3]oORTL3GT޹1qj{X9J nSs&8"xnaThjKj2Am[.]@,M7IUZET豥ٚQ "i8H`ętʈ+lU'jLPwDF# _p٣tQW5} (~nk."9;ɂsgoׁKU1?AR@K,KQrjb:cswT骸#!WjS(FiM7wd1A2cN0_! BΤf3=hPV[("xN#si\&!n<8?^)yۋtW"ZK6ƅAKL^`ڏŚURTQѻk &#y\76XgŸXl/>HR!9#~tip6ᜠ"+̉VQ6M${;[z^VAa6BgRRPQӢZw| JAhO#%.,~5&@;gd[D$1蘖˒i(\vg^z L+pwK|xв-2!ѦߐVg4Zt hly1h8 !:}ƨ!i\:c\=WIX]] -ok„gzo3ԘYmR'y=rT03c zDrwP(0;2joXF|g waXji-p=~)4|_Y+32NV7̄!sk~0j9fq*AHܝb˰4 6~Ϯ A5C2疤` 5nSk k)pq* o/]DZ9u $}6D6 #Ȍvʬ]&ȗ* @]b= 0Ni-RqcX;u/ ?) ĺl}XdوTgnܔJ1"ްN[F kGdச ]%*zeқQ|ϔ'fԾOc v3v{~*pQOeX]Lռ%Z LG`菝i O{Sj~Z#D3?j3wNI\:rݬFjplXЁ%PPͷN\j} Nѧ`,on3xՉT>|aFwRWTkW4n6e-c]LxI}@5 u<}vhb6)96?|*5B<+X11^LyCBMVFpH38kKc$L}ڗ+Cla/'-Ba`ZC-vSxl<6%i4fe=XȂmEQ}tF =c4d)8,X7G6zqygg Tp{bYEf{6IƨYy`^bpc9ËLǬ1¬R N"P͇jKcDl&9(%3|lR0x⹸di(S ug @Hnx8XM [ʝzb}aJfPQbRPV%*%eG[n:ՎFWw.kjޮ ׁć[U-'oOu 1ai8]lj>5* 7} q?s9Q]xT aNmU &,t,'J y`Ta_*O7 % Q@0CqPJ؈8EY"coW%l `SK,ǭʬu¯5y&u*ʥdGu#pzhO6)X>/fj{bI22ȐZiPZtGo\kd'PM`(&􅾢QO5HRE@4T&yk*+l U'@'X= [&36 RI,Ɲac\Tג"担43Ak"[ཎ@?96P G''xԨ(R&ɁF.κO6GT/6#/=YMzb`1xkH .lQSU۔W>gS!A Q_W=aY\y xPЋ9q6HPf@Eaa*U1bza}bSĿHMWV09Z}# v- 798;ބ i۰&X~ޏJnu4'uM?5~',~W7 p0uql1NZy @ .Eȟ7Oxѧ3afdV4@xk/ `(\K} [Tpc1]eSzn99#iRYʘNJj?#,mxi4;HӰܰd=r7PIT蛡EjO'!t؆5яr"wk3G)سͅ|k,|IiP2y,/^IPyR\>%?kk1 ՘Fk䅗~RR^,AջqE3chr:(&lY4YyJZU}\Vx2c!P4#[}guSgz^NOm24mmoH4_j|I$. H҂Z{|S<ۦXh/+ժ4'H ܄偮0hhc: G #)j_=ɫ@X7cAU,es;x_)+C:syCN h8 U˄Kkv1#{2`ZN^\'5#D34Қ8N+@tLD;.^G9i.@0a}0{fa5oQd{o0Sb 5+T^z.(vnS>JzJ˜ 'dD.yvFOS| .5~El|H0_e뵥\9lWos~suf:O\V o#aK`9a쉜tTp,a16(d%B?gZ%Ӓ:"ʵ*7&ˍFwTysYĿ `\s[t#aBc_&Ê`zڧ[AukA!8P+ dp '4B|]5 L;Ko3>  \;g ,Nno/O.cDyTnλʽÅ]5K8ő⼤dre A/w${^1K[}GZiaL La&4kU~-eRMf.OJAuMK4nИg: }O2Ƿ^er8u e2Ai+V@ɩFv%nXCЛ!:xP}2Qz6$KޅOC(uu-Rsa \Xx: ]TBx^g\/ r[ivݴ0H*CiGJ=U!=\]BǪ5>,~X(Ⱥ ",ҳN Q؆:W3W% RM]9mzr\NNWI*&JhJ(1Rٵ .]}[?;.:"5T\']I Yo`@EQ ̉l,qc؆x sKY&*![}LZYooި/eHEG[|ňr)x>\QD`kK_\珂x:}-Ln3$mɕ)b8|*Q1| ^R`؛j Ar\3endҫvWue g.*4ˆ_kL4ɴ 7~J YZ