nss-util-3.79.0-10.el8 >  A cLU]+\sSָ"%Eybb &"1FS`SoPnkJo3M K MzQ-YC49y4-RB9vMf~*EckHYzz3W|F~ թ|} <3S/+x~ N g#ġh%qSi#|$$ß {Vq{Be&\f4@fBXqBG>H nɃ; R)1#h {%ԞT`wL֗Nmq`S890831ef1a93dbeb5fd1e31ef720de296afadc4703f0bc41346a617dea8cae5e5a1f8577c9c95a241080dfebfa99d2f8aed235bc܉cLU]8jRqѵ?J,-9AvdQ)fAVj Ԕ j\y.&U}v('b3% Bx_aA!Zqѷuj.sߋ( w$GF di00p:@hZ8WtWEﯾ21?r7wŴ 5547(PG(\%F㺟K fB? +\uJ?p<?d   E $,D P \ t  $<ZxX(89 `:\GHIXYP\]^bTdefltuv wxytx~Cnss-util3.79.010.el8Network Security Services Utilities LibraryUtilities for Network Security Services and the Softoken modulecx86-01.mbox.centos.org HCentOSCentOSMPLv2.0CentOS Buildsys Unspecifiedhttp://www.mozilla.org/projects/security/pki/nss/linuxi686"ƔFAAA큤cccc{IcbNY1562400b248b26b4588c9625ae14b3a184aaf68014cdc1f617fff0a9909313d2a20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4../../../../usr/lib/libnssutil3.sorootrootrootrootrootrootrootrootrootrootrootrootnss-3.79.0-10.el8.src.rpmlibnssutil3.solibnssutil3.so(NSSUTIL_3.12)libnssutil3.so(NSSUTIL_3.12.3)libnssutil3.so(NSSUTIL_3.12.5)libnssutil3.so(NSSUTIL_3.12.7)libnssutil3.so(NSSUTIL_3.13)libnssutil3.so(NSSUTIL_3.14)libnssutil3.so(NSSUTIL_3.15)libnssutil3.so(NSSUTIL_3.17.1)libnssutil3.so(NSSUTIL_3.21)libnssutil3.so(NSSUTIL_3.24)libnssutil3.so(NSSUTIL_3.25)libnssutil3.so(NSSUTIL_3.31)libnssutil3.so(NSSUTIL_3.33)libnssutil3.so(NSSUTIL_3.38)libnssutil3.so(NSSUTIL_3.39)libnssutil3.so(NSSUTIL_3.59)nss-utilnss-util(x86-32)@@@@@@@@@@@@@     @libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.3)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)libdl.so.2libnspr4.solibplc4.solibplds4.solibpthread.so.0libpthread.so.0(GLIBC_2.0)nsprrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)4.34.0-33.0.4-14.6.0-14.0-15.2-14.14.3b@b@bγby@bba@blbbb@a@@`E`ݮ@` @`ٹ`̊`9@`Ȗ@`D`r_@_^@___@__"@_"@_"@_!d_@_ L_ _@^^@@^@^ۅ@^4]N@]]߶]e@]M@]µ]L]]^@\F@\Q\\\\\\@\I\I\U@\ `\l@[[[u[#@[[W[O+[M@[ZZw@Z|;Zo Zo Zg#Z ZZZ@Y+@Y{YY@Yn@YV@Y@YyYm@Yg`YJ_Y1S@XX@XX @XXYX@X@XX~@Xx@XoX>@X*X@WW@Wt@W~Wv[@WrfWoWm WbWQq@WPWJWDB@W4p@W@Wo@W@VV޾V޾V@VяVIVɦV@V@V=@V@V@VO @VHsVEV3[V UYU@UU@U@U>Ua@Ug@U[%UUU @T@Ts@TTء@T@TÉ@TT@T@T?@T:m@T"@S@S<@S@S@S @SSSSpShS(5@S@SRy@RJ@R@RR@RSRR@Rm@Rg@RD!R@RRR|Q@Q*@QQ@QKQ@QQW@Qw@Q]k@QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.79.0-11Bob Relyea - 3.79.0-9Bob Relyea - 3.79.0-8Bob Relyea - 3.79.0-7Bob Relyea - 3.79.0-6Bob Relyea - 3.79.0-5Bob Relyea - 3.79.0-4Bob Relyea - 3.79.0-3Bob Relyea - 3.79.0-2Bob Relyea - 3.79.0-1Bob Relyea - 3.67.0-7Bob Relyea - 3.67.0-6Bob Relyea - 3.67.0-5Bob Relyea - 3.67.0-4Bob Relyea - 3.67.0-3Bob Relyea - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1.1Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-17Bob Relyea - 3.53.1-16Bob Relyea - 3.53.1-15Bob Relyea - 3.53.1-14Bob Relyea - 3.53.1-13Bob Relyea - 3.53.1-12Bob Relyea - 3.53.1-11Bob Relyea - 3.53.1-10Daiki Ueno - 3.53.1-9Daiki Ueno - 3.53.1-8Bob Relyea - 3.53.1-7Daiki Ueno - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Daiki Ueno - 3.53.0-1Bob Relyea - 3.44.0-15Bob Relyea - 3.44.0-14Bob Relyea - 3.44.0-13Daiki Ueno - 3.44.0-12Bob Relyea - 3.44.0-11Daiki Ueno - 3.44.0-10Bob Relyea - 3.44.0-9Bob Relyea - 3.44.0-8Daiki Ueno - 3.44.0-7Daiki Ueno - 3.44.0-6Daiki Ueno - 3.44.0-5Bob Relyea - 3.44.0-4.1Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Bob Relyea - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.41.0-5Bob Relyea - 3.41.0-4Daiki Ueno - 3.41.0-3Daiki Ueno - 3.41.0-2Daiki Ueno - 3.41.0-1Daiki Ueno - 3.39.0-1.5Bob Relyea - 3.39.0-1.4Daiki Ueno - 3.39.0-1.3Daiki Ueno - 3.39.0-1.2Daiki Ueno - 3.39.0-1.1Daiki Ueno - 3.39.0-1.0Daiki Ueno - 3.38.0-1.2Daiki Ueno - 3.38.0-1.1Daiki Ueno - 3.38.0-1.0Kai Engert - 3.36.1-1.2Daiki Ueno - 3.36.1-1.1Daiki Ueno - 3.36.1-1.0Daiki Ueno - 3.36.0-1.0Fedora Release Engineering - 3.35.0-5Kai Engert - 3.35.0-4Kai Engert - 3.35.0-3Daiki Ueno - 3.35.0-2Daiki Ueno - 3.34.0-2Daiki Ueno - 3.33.0-6Kai Engert - 3.33.0-5Kai Engert - 3.33.0-4Kai Engert - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.32.1-2Daiki Ueno - 3.32.0-4Kai Engert - 3.32.0-3Daiki Ueno - 3.32.0-2Fedora Release Engineering - 3.31.0-6Fedora Release Engineering - 3.31.0-5Daiki Ueno - 3.31.0-4Daiki Ueno - 3.31.0-3Daiki Ueno - 3.31.0-2Daiki Ueno - 3.30.2-3Daiki Ueno - 3.30.2-2Kai Engert - 3.30.0-3Daiki Ueno - 3.30.0-2Kai Engert - 3.29.1-3Daiki Ueno - 3.29.1-2Daiki Ueno - 3.29.0-3Daiki Ueno - 3.29.0-2Daiki Ueno - 3.28.1-6Daiki Ueno - 3.28.1-5Daiki Ueno - 3.28.1-4Daiki Ueno - 3.28.1-3Daiki Ueno - 3.28.1-2Daiki Ueno - 3.27.2-2Daiki Ueno - 3.27.0-5Kai Engert - 3.27.0-4Daiki Ueno - 3.27.0-3Daiki Ueno - 3.27.0-2Daiki Ueno - 3.26.0-2Elio Maldonado - 3.25.0-6Elio Maldonado - 3.25.0-5Elio Maldonado - 3.25.0-4Elio Maldonado - 3.25.0-3Elio Maldonado - 3.25.0-2Kamil Dudka - 3.24.0-3Elio Maldonado - 3.24.0-2.3Elio Maldonado - 3.24.0-2.2Elio Maldonado - 3.24.0-2.1Elio Maldonado - 3.24.0-2.0Elio Maldonado - 3.23.0-9Elio Maldonado - 3.23.0-8Elio Maldonado - 3.23.0-7Elio Maldonado - 3.23.0-6Elio Maldonado - 3.23.0-5Elio Maldonado - 3.23.0-4Elio Maldonado - 3.23.0-3Elio Maldonado - 3.23.0-2Elio Maldonado - 3.22.2-2Elio Maldonado - 3.22.1-3Elio Maldonado - 3.22.1-1Elio Maldonado - 3.22.0-3Elio Maldonado - 3.22.0-2Fedora Release Engineering - 3.21.0-7Elio Maldonado - 3.21.0-6Michal Toman - 3.21.0-5Elio Maldonado - 3.21.0-4Elio Maldonado - 3.21.0-3Elio Maldonado Batiz - 3.21.1-2Elio Maldonado - 3.20.1-2Elio Maldonado - 3.20.0-6Elio Maldonado - 3.20.0-5Elio Maldonado - 3.20.0-4Elio Maldonado - 3.20.0-3Elio Maldonado - 3.20.0-2Elio Maldonado - 3.19.3-2Elio Maldonado - 3.19.2-3Kai Engert - 3.19.2-2Kai Engert - 3.19.1-2Kai Engert - 3.19.0-2Kai Engert - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.17.4-5Till Maas - 3.17.4-4Elio Maldonado - 3.17.4-3Elio Maldonado - 3.17.4-2Elio Maldonado - 3.17.4-1Ville Skyttä - 3.17.3-4Elio Maldonado - 3.17.3-3Elio Maldonado - 3.17.3-2Elio Maldonado - 3.17.3-1Elio Maldonado - 3.17.2-2Elio Maldonado - 3.17.2-1Kai Engert - 3.17.1-1Kevin Fenzi - 3.17.0-2Elio Maldonado - 3.17.0-1Fedora Release Engineering - 3.16.2-4Elio Maldonado - 3.16.2-3Tom Callaway - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.16.1-4Fedora Release Engineering - 3.16.1-3Jaromir Capik - 3.16.1-2Elio Maldonado - 3.16.1-1Elio Maldonado - 3.16.0-1Elio Maldonado - 3.15.5-2Elio Maldonado - 3.15.5-1Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Peter Robinson 3.15.4-2Elio Maldonado - 3.15.4-1Elio Maldonado - 3.15.3.1-1Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-7Elio Maldonado - 3.15.1-6Elio Maldonado - 3.15.1-5Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-1Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.15-0.1.beta1.2Elio Maldonado - 3.15-0.1.beta1.1Kai Engert - 3.14.3-12Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- Fix QA found failures: - remove extra '+' from sslpolicy.txt file causing test error values - only use GRND_RANDOM if the kernel is in FIPS mode.- FIPS 140-3 changes- Update fips default for pk12util to AES rather than TDES - Fix bug in pkcs12 files with null passwords- Better fix for test regressions- fix nss.spec so it works in a rhel-8.1.0 buildroot- FIPS 140-3 changes - Reject Small RSA keys, 1024 bit keys are marked as FIP OK when verifying, reject signature keys by policy - Allow applications to retrigger selftests on demand.- Fix pkgconfig output- NSR Coverity fix changed selfserv from passive to active, change it back- Fix regressions found in test suites.- Rebase to NSS 3.79 - Set FIPS Module ID - skip attribute verification on attributes with default values - don't export trust objects if they are default trust objects from dbm - add dbtool to nss-tools- Fix CVE 2021 43527- Fix ssl alert issue- Fix issue with reading databases that were updated using unpatched versions of nss- Better fix for the sdb timeout. The issue wasn't a race, it was the sqlite timeout waiting to begin a transaction under heavy thread usage.- Fix sdb race condition- Fix coverity issues- Rebase to NSS 3.67- Restore old pkcs12 defaults.- build nss for older nspr so we can pass gating with the new nspr in the build root- Rebase to NSS 3.66- Fix various corner cases with ike v1 app b support.- Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC.- Revert some policy changes the generate ABI runtime issues.- Add support for enable/disable in policy. Now if your policy file has disallow=x enable=y it will act just like our other libraries.- Add OAEP interface so applications can wrap keys with RSA-OAEP rather than RSA-PKCS-1.- fips need to reject small primes even if they are approved - code to autodetect whether or not to use the cache needs to do so in a way that doesn't mess with filesystem negative file caching. - add kdf selftests- Fix issue with upgradedb where upgradedb expects standard to generate dbm databases, not sql databases (default in RHEL8)- Disable dh timing test because it's unreliable on s390- Explicitly enable upgradedb/sharedb test cycles- Disable Delegated Credentials for TLS- Fix attribute decryption issue where the private key components integrity check on private attributes where not being checked.- Update nss-rsa-pkcs1-sigalgs.patch to the upstream version- Include required checks for dh and ecdh key generation in FIPS mode.- Add better checks for dh derive operations in FIPS mode.- Disable NSS_HASH_ALG_SUPPORT as well for MD5 (#1849938) - Adjust for update-crypto-policies packaging change (#1848649) - Fix compilation with -Werror=strict-prototypes (#1843417)- Fix regression in MD5 disablement (#1849938) - Include rsa_pkcs1_* in signature_algorithms extension (#1847945)- Update to NSS 3.53.1- Update to NSS 3.53- Fix swapped CMAC PKCS #11 values. - Fix data alignment crash in CMAC.- Fix coverify scan issue- Fix endian problem in SP-800 108 code.- Install cmac.h required by blapi.h (#1764513) - Fix out-of-bounds write in NSC_EncryptUpdate (#1775913)- Add SP-800 108 Generalized kdf- Check policy against hash algorithms used for ServerKeyExchange (#1730039)- Add CMAC- CKM_NSS_IKE1_APP_B_PRF_DERIVE was missing from the mechanism list, preventing PK11_Derive*() from using it. Add gtests for the PK11_Derive interface for all the CKM_NSS_IKE*_DERIVE mechanism.- Backport fixes from 3.44.1- Add continuous RNG test required by FIPS - fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor specific mechanism- Rebuild with the correct build target- rebuild to try to retrigger CI tests- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set - Revert the change to use XDG basedirs (mozilla#818686)- Add ike mechanisms in softokn - Add FIPS checks in softoken- Update to NSS 3.44 - Define NSS_SEED_ONLY_DEV_URANDOM=1 to exclusively use getentropy - Use %autosetup - Clean up manual pages generation - Clean up %check - Remove prelink dependency, which is not available in RHEL-8 - Remove upstreamed patches- Update manual pages to reflect recent changes in commands- Make sure corresponding public keys are created when importing private keys.- Fix the last change - Add --no-reload option to update-crypto-policies to avoid unnecessary restart of daemons- Restore LDFLAGS injection when linking DSO- Update to NSS 3.41 - Consolidate nss-util, nss-softokn, and nss into a single source package- Fix the last commit- Support for IKE/IPsec typical PKIX usage so libreswan can use nss without rejecting certs based on EKU- Backport upstream fixes for rhbz#1649026, rhbz#1608895, rhbz#1644854 - Document PKCS #11 URI - Add warning when adding module with modutil while p11-kit is enabled- Update nss-dsa.patch to not advertise DSA signature algorithm - Update PayPal test certs for testing- Backport "DSA" keyword in crypto-policies- Update to NSS 3.39- Fix LDFLAGS injection when linking DSO- Install crypto-policies configuration file for https://fedoraproject.org/wiki/Changes/NSSLoadP11KitModules - Port enable-fips-when-system-is-in-fips-mode.patch from RHEL-7 - Use %ldconfig_scriptlets - Remove needless use of %defattr, by Jason Tibbitts- Update to NSS 3.38- Backport upstream addition of nss-policy-check utility, rhbz#1428746, includes required fixes for mozbz#1296263 and mozbz#1474875- Switch the default DB type to SQL - Enable SSLKEYLOGFILE- Update to NSS 3.36.1 - Remove nss-3.14.0.0-disble-ocsp-test.patch - Fix partial injection of LDFLAGS - Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream- Update to NSS 3.36.0 - Add gcc-c++ to BuildRequires (C++ is needed for gtests) - Make test failure detection robuster- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Fix a compiler error with gcc 8, mozbz#1434070 - Set NSS_FORCE_FIPS=1 at %build time, and remove from %check.- Stop pulling in nss-pem automatically, packages that need it should depend on it, rhbz#1539401- Update to NSS 3.35.0- Update to NSS 3.34.0- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka- Fix test script- Update tests to be compatible with default NSS DB changed to sql (the default was changed in the nss-util package).- rhbz#1505487, backport upstream fixes required for rhbz#1496560- Update to NSS 3.33.0- Update to NSS 3.32.1- Update iquote.patch to really prefer in-tree headers over system headers- NSS libnssckbi.so has already been obsoleted by p11-kit-trust, rhbz#1484449- Update to NSS 3.32.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- Backport mozbz#1381784 to avoid deadlock in dnf- Move signtool to %_libdir/nss/unsupported-tools, for: https://fedoraproject.org/wiki/Changes/NSSSigntoolDeprecation- Rebase to NSS 3.31.0- Enable gtests- Rebase to NSS 3.30.2 - Enable TLS 1.3- Backport upstream mozbz#1328318 to support crypto policy FUTURE.- Rebase to NSS 3.30.0 - Remove upstreamed patches- Backport mozbz#1334976 and mozbz#1336487.- Rebase to NSS 3.29.1- Disable TLS 1.3, following the upstream change- Rebase to NSS 3.29.0 - Suppress -Werror=int-in-bool-context warnings with GCC7- Work around pkgconfig -> pkgconf transition issue (releng#6597)- Disable TLS 1.3 - Add "Conflicts" with packages using older Mozilla codebase, which is not compatible with NSS 3.28.1 - Remove NSS_ECC_MORE_THAN_SUITE_B setting, as it was removed in upstream- Add "Conflicts" with older firefox packages which don't have support for smaller curves added in NSS 3.28.1- Fix incorrect version specification in %nss_{util,softokn}_version, pointed by Elio Maldonado- Rebase to NSS 3.28.1 - Remove upstreamed patch for disabling RSA-PSS - Re-enable TLS 1.3- Rebase to NSS 3.27.2- Revert the previous fix for RSA-PSS and use the upstream fix instead- Disable the use of RSA-PSS with SSL/TLS. #1383809- Disable TLS 1.3 for now, to avoid reported regression with TLS to version intolerant servers- Rebase to NSS 3.27.0 - Remove upstreamed ectest patch- Rebase to NSS 3.26.0 - Update check policy file patch to better match what was upstreamed - Remove conditionally ignore system policy patch as it has been upstreamed - Skip ectest as well as ecperf, which are built as part of nss-softokn - Fix rpmlint error regarding %define usage- Incorporate some changes requested in upstream review and commited upstream (#1157720)- Add support for conditionally ignoring the system policy (#1157720) - Remove unneeded test scripts patches in order to run more tests - Remove unneeded test data modifications from the spec file- Remove obsolete patch and spurious lines from the spec file (#1347336)- Cleanup spec file and patches and add references to bugs filed upstream- Rebase to nss 3.25- decouple nss-pem from the nss package (#1347336)- Apply the patch that was last introduced - Renumber and reorder some of the patches - Resolves: Bug 1342158- Allow application requests to disable SSL v2 to succeed - Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails- Rebase to NSS 3.24.0 - Restore setting the policy file location - Make ssl tests scripts aware of policy - Ajust tests data expected result for policy- Bootstrap build to rebase to NSS 3.24.0 - Temporarily not setting the policy file location- Change POLICY_FILE to "nss.config"- Change POLICY_FILE to "nss.cfg"- Change the POLICY_PATH to "/etc/crypto-policies/back-ends" - Regenerate the check policy patch with hg to provide more context- Fix typo in the last %changelog entry- Load policy file if /etc/pki/nssdb/policy.cfg exists - Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy- Remove unused patch rendered obsolete by pem update- Update pem sources to latest from nss-pem upstream - Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key- Rebase to NSS 3.23- Rebase to NSS 3.22.2- Fix ssl2/exp test disabling to run all the required tests- Rebase to NSS 3.22.1- Update .gitignore as part of updating to nss 3.22- Update to NSS 3.22- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Resolves: Bug 1299040 - Enable ssl_gtests upstream test suite - Remove 'export NSS_DISABLE_GTESTS=1' go ssl_gtests are built - Use %define when specifying the nss_tests to run- Add 64-bit MIPS to multilib arches- Update %{nss_util_version} and %{nss_softokn_version} to 3.21.0 - Resolves: Bug 1284095 - all https fails with sec_error_no_token- Add references to bugs filed upstream- Update to NSS 3.21 - Package listsuites as part of the unsupported tools set - Resolves: Bug 1279912 - nss-3.21 is available - Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit - Resolves: Bug 1280032 - Package listsuites as part of the nss unsupported tools set- Update to NSS 3.20.1- Enable ECC cipher-suites by default [hrbz#1185708] - Split the enabling patch in two for easier maintenance - Remove unused patches rendered obsolete by prior rebase- Enable ECC cipher-suites by default [hrbz#1185708] - Implement corrections requested in code review- Enable ECC cipher-suites by default [hrbz#1185708]- Fix patches that disable ssl2 and export cipher suites support - Fix libssl patch that disable ssl2 & export cipher suites to not disable RSA_WITH_NULL ciphers - Fix syntax errors in patch to skip ssl2 and export cipher suite tests - Turn ssl2 off by default in the tstclnt tool - Disable ssl stress tests containing TLS RC4 128 with MD5- Update to NSS 3.20- Update to NSS 3.19.3- Create on the fly versions of sslcov.txt and sslstress.txt that disable tests for SSL2 and EXPORT ciphers- Update to NSS 3.19.2- Update to NSS 3.19.1- Update to NSS 3.19- Replace expired test certificates, upstream bug 1151037- Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available- Disable export suites and SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code- Commented out the export NSS_NO_SSL2=1 line to not disable ssl2 - Backing out from disabling ssl2 until the patches are fixed- Disable SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Update to nss-3.17.4- Own the %{_datadir}/doc/nss-tools dir- Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic- Install pp man page in alternative location - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer- Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available- Resolves: Bug 994599 - Enable TLS 1.2 by default- Update to nss-3.17.2- Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work- Rebuild for rpm bug 1131960- Update to nss-3.17.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Replace expired PayPal test cert with current one to prevent build failure- fix license handling- Update to nss-3.16.2- Remove unwanted source directories at end of %prep so it truly does it - Skip the cipher suite already run as part of the nss-softokn build- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Replacing ppc64 and ppc64le with the power64 macro - Related: Bug 1052545 - Trivial change for ppc64le in nss spec- Update to nss-3.16.1 - Update the iquote patch on account of the rebase - Improve error detection in the %section - Resolves: Bug 1094702 - nss-3.16.1 is available- Update to nss-3.16.0 - Cleanup the copying of the tools man pages - Update the iquote.patch on account of the rebase- Restore requiring nss_softokn_version >= 3.15.5- Update to nss-3.15.5 - Temporarily requiring only nss_softokn_version >= 3.15.4 - Fix location of sharedb files and their manpages - Move cert9.db, key4.db, and pkcs11.txt to the main package - Move nss-sysinit manpages tar archives to the main package - Resolves: Bug 1066877 - nss-3.15.5 is available - Resolves: Bug 1067091 - Move sharedb files to the %files section- Revert previous change that moved some sysinit manpages - Restore nss-sysinit manpages tar archives to %files sysinit - Removing spurious wildcard entry was the only change needed- Add explanatory comments for iquote.patch as was done on f20- Update pem sources to latest from nss-pem upstream - Pick up pem fixes verified on RHEL and applied upstream - Fix a problem where same files in two rpms created rpm conflict - Move some nss-sysinit manpages tar archives to the %files the - All man pages are listed by name so there shouldn't be wildcard inclusion - Add support for ppc64le, Resolves: Bug 1052545- ARM tests pass so remove ARM conditional- Update to nss-3.15.4 (hg tag NSS_3_15_4_RTM) - Resolves: Bug 1049229 - nss-3.15.4 is available - Update pem sources to latest from the interim upstream for pem - Remove no longer needed patches - Update pem/rsawrapr.c patch on account of upstream changes to freebl/softoken - Update iquote.patch on account of upstream changes- Update to nss-3.15.3.1 (hg tag NSS_3_15_3_1_RTM) - Resolves: Bug 1040282 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) - Resolves: Bug 1040192 - nss-3.15.3.1 is available- Bump the release tag- Update to NSS_3_15_3_RTM - Resolves: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws - Fix option descriptions for setup-nsssysinit manpage - Fix man page of nss-sysinit wrong path and other flaws - Document email option for certutil manpage - Remove unused patches- Revert one change from last commit to preserve full nss pluggable ecc supprt [1019245]- Use the full sources from upstream - Bug 1019245 - ECDHE in openssl available -> NSS needs too for Firefox/Thunderbird- Update to NSS_3_15_2_RTM - Update iquote.patch on account of modified prototype on cert.h installed by nss-devel- Update pem sources to pick up a patch applied upstream which a faulty merge had missed - The pem module should not require unique file basenames- Update pem sources to the latest from interim upstream- Resolves: rhbz#996639 - Minor bugs in nss man pages - Fix some typos and improve description and see also sections- Cleanup spec file to address most rpmlint errors and warnings - Using double percent symbols to fix macro-in-comment warnings - Ignore unversioned-explicit-provides nss-system-init per spec comments - Ignore invalid-url Source0 as it comes from the git lookaside cache - Ignore invalid-url Source12 as it comes from the git lookaside cache- Add man page for pkcs11.txt configuration file and cert and key databases - Resolves: rhbz#985114 - Provide man pages for the nss configuration files- Fix errors in the man pages - Resolves: rhbz#984106 - Add missing option descriptions to man pages for {cert|cms|crl}util - Resolves: rhbz#982856 - Fix path to script in man page for nss-sysinit- Update to NSS_3_15_1_RTM - Enable the iquote.patch to access newly introduced types- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Fix incorrect path that hid failed test from view - Add ocsp to the test suites to run but ... - Temporarily disable the ocsp stapling tests - Do not treat failed attempts at ssl pkcs11 bypass as fatal errors- Update to NSS_3_15_BETA1 - Update spec file, patches, and helper scripts on account of a shallower source tree- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build3.79.0-10.el83.79.0-10.el8.build-idac3afd5d517c2200aac3a440920770372dc96ce3libnssutil3.sonss-utilCOPYING/usr/lib//usr/lib/.build-id//usr/lib/.build-id/ac//usr/share/licenses//usr/share/licenses/nss-util/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m32 -march=x86-64 -mtune=generic -mfpmath=sse -mstackrealign -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpioxz2i686-redhat-linux-gnudirectoryELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=ac3afd5d517c2200aac3a440920770372dc96ce3, strippedASCII textPPPPPPPPP P P P P PPPPR RRRRRRR R RR RRRutf-815bfbea1b1f727f61f82b19b302d5d2306c4d2d9fa71a4b5af26f6447c183b07?@7zXZ !#,n] b2u jӫ`(y.Sv+nLuAڲq-3&1T`i &_cW͒ȹd/PGkIrDŽV0>wc9ѱ.,($/I#Eu-tbMgA"L]PzofFIڶpj;W& "!~O׸ 9t;бy&8q%>~Av6:Rv]֐ 禴J"83Pƭ4b%5hF m +[̊33b/b{XjC򁭅+NU6Q$2 _Nܰ&ޖjXå^B\ya78u⯌{fuͫN+8. OK$%'N.z*ol[{OwbϵU^IpwcJDz0JtJrեY(\5*M$ȅI4#@rSUYZ&J37f` *wTHX+(r#X|]qXtyD}%¿ˬhD`s5t3X7/(QRA u xd͠x}8[OA#*h\3 )k|7 j~}pT9P LC/*:IN}kjܠy$p Lp߬1{xzx-A9P]ƁgI5%z^\:dz pV'ٕ.O"ֵ}tθ #Mv$9@fIx2KҊ% >/'Ƥ@"jA[,yxBXُ|Wou@aIYeT'ͅxf'mba-uJp{-{GW8Ӏ9L0ŷKfL/}>y2p3Z)ϒXMX*|E?x@@׎ |Z4cq)dRs᠄'Dǚاߦo. _TDឋ9UhFXp PtE>Q15fir":vۅ &nT! x5NZv.8ghҽ5ЭP̞47xG+}_,TW,]$.*ޅKGjO&%3d$y1?0c!B}lM]% |h ``F%60֞ݲK%ZWo%k[.5VxNFPu&09}=4W`~Ţ0SaӒ}a[ȟ Z |nFMv$c@e+5vZ^'WILygD0kP~$}ՙ9.ZT_ӴLo.+){ZEšp|ۼM *Z:.Pf`bq"m hH!ђr. K0+y [  ƍT/ j Ae{gl)^EsI'}e]$!hN[[E.mk4+=/4?F;5{{CK3s'TF)?0vr6:KD=iݹ!mwT|[;ma#PUm8` T`"qBkP:zò]GEṛR2ɍ=jK;v|H&d >y%>)xi=_ "ZjM͆ B>-*Xp/EXz)7 (]XֵK-Ҹ37( dOQ4$h>h!F鸺p|2?*ҕkun**?!ZSe0?]Ҝ+r'o)] .ō \˛ֹD35@Z1&䣠'b긛SND Nؚ73jL<{*og "zphI'Tg =8לube h',mn7ȡoyb#_UUpW.y^k;f\a8 x 2TWWDuNZLȢYˌJ S_U 6/s,x`hFq[mΠv#ttL eNeVv#uzp-)${pDbP@*T0ݪbo-ъ$)]52:STeǥ&+ۖW;0pY%j{䌘A!9"*vH.(Y1>+6 v1K sh퓆 ]HxݬlJ9&z+1mAN\r5Aԧձ⪽Uڭ8U&mށlsQRREhj8v,YBHҹb@gPhA.zRa"\c)qP75P,ؾƒ-k~6r*lUU,>xa7qWr䇄\ !m II<8s@$UXdA9ӆ@Z;K"d~_H٫h”ț}rS`O " Wn eMC֣wR Ûm̻$ޖax b֪B$ޢ46e:t;1W:@o,WvVWIA̛Ʊ@qG'p n+\kؘ#Y])ށD`:G @yp^A.(8~%C>رD2j ,LZއL{:5<4˵[b<^=|Pqrf|3L%:0.q(kqrm@{QT⿹| :3gkTh[:Mb+;`$:M[ _?&$3`#8U ͘8?%3:(?Oc2V[v0u8M_`jx9 gU.m2S.DJݔ2 MBvCjYTO8l8;J߷NM悃y?b-mQ[CtwŁvͅ^D:sj'Ji(ϖ԰z}Ԟm&92,NOSR#rVo<(3[De }TYȝө4bp?Bjh 5ͷ'לXKoᘥO,_AWoʎ껳n p墽tt_[C b1OpqI({[ s[A3z=8c%Aj@<Ã4,X:%G8eͨS=zC9)xj=/6("k`_BL7S_0d-TRL${m.Vjmpoo*|0RKc1mH\7"YA(IEf8ڽ0f1lqwGS~ă}eȰ=U.֏G3—jO dôu([o QܿJRFry הd}" f@rVcJS$!\E?S7KOIU<;'{YMv fs0`&vM%8nbRW[y /\[c`X3K D=cN2ȁql}[> I0iӖ| ]{푾a)=%wS5fOke 0IGjW(P@i^)%5I՝b(Fx8UլnZCln+3H-;_ oh&:F rC B [.x#,S~/crM(a1 x*,ױ/2<Էr0[fx1f$j+Q{=a.OJ-eڦwuM0|v?e/iVek@%@dfl(U[|PgϧtH؀9 o;YToT2! $!g;c/ u{%AZ X42wkH_,q_,4>fVXtR(,]X5_X6uS5*ZC^@})Q^06Q'Q-VS 0 衐0*&jI(NHiL롘:n1q0rx:ZU/p,@#4%%a<Wy訮 CLzRT87?(hqm>w8ۆXi˓gÕLM D"6 "ϙ ȷӆ@dK|1I׷f)+%cmV g:0ʻ K>+:(}=llO j/ X}GUj,pjy4]0 !>=Fl0(+Uͺh%r D%S~^Y4'2q= vN]yϯF\ZC߿%.$8RTUuʒʆ.P3KV!+~4nmO$ki0~kHch|,C4tG]l0^ٞʕ%QaȳZiDPs0xCUb]S'QH{ڦ+L}1B،6]2ď%y"ٽ'I2^{ܦGZzCktan- “)x,bUDz`K3HOiTF :F>3o#[Pk6*gA, LW uA7ۧ Lhk6ݵTl/ Ty2\!*YݚñP\;׼[;֌=F Ԕ)|M;> +n>F9V9 ) ܒeB c_L8yB3EڙRI1T0Pxr!*(_?%Ou7%"gʢu^∷ @-2-v\̀f5%eQNm)?9h۳O׼5xKJk(wwTrVK|Ɣ^Øj c=\W_5rO_HBi۲݄DxԎ3!1XZPCt|:a+*Z5}B[ɚ p?<֙L;_,VUasлL 1d"NAE3-R? hGߙ5fv8oPxaSMn'}%n-,+Ӫ(]B<}ܔ_S¡ פ/W/lB9dҩkr\f$liܫ! yM7-oNn {%=ϟ:K0 T,_q2G{ׇ']UZg:1D\< f&5fu|'8um0yH{ t^>r'iHFUBF 2!'93` nuIZ-"E]beOS*;_!$@ _}!E a}iPR[l$,Ev`0]wBZ:^U@|6K!JքQ[ AD1E:4U>(OV+Q|ԅ>ѦiORRW?7s?5~,G{Bu~[͍t@U9:bt0C LP~:^4 P;WB ~ILMHU!4 q?ZYTkhɜev3aLH_9j6<ϘR-MPwHPS{^=[$s=ʗkQGbn|r#$D2=:M ];zA0q%c4t~:\\]}O<:q+?-yJg[HTp,ɑۦo#:ַ= G OgٓjĀ*<Etp#VsEB`s򉚺conʨcy^$ݙq=']yl? >ന6N#es& A5# T-ucH`jˊwg ._|ׁF2"z9o.ۺ[U"6b` B@f43Dk6XnN`7XSmJلN;%fÞ)3ApD"Ƕ !ivD<ʪU&5Hݐ(_r{04,0>PƧ.Ef>vf?r"eOU+RRqy'UZJcUp,r+1:Ȩpxi2ay8ȹ-ˊl{P􍩊A  Px"U1fR J7> Q6h;Yڪ= ӐԴ b[Jza_qwW5y>#n''g[Y ofoF5KpWljrTuM:| m(($Az]m\s\?|£+() uxeG`%hB~̷.j5teb:A|X-蓙N4>$TT8, %o|Kh@C#p6%iξԳ +YIRe)Yb}DB M6I\'3LJZ,7l>F֎m.e{*C݌3Ȥuqz0uL9Q5h4}3b }g,i'(5zp>{,;bG._u :g?H$M4I%~إL:=d+L+\}@Y @cEBnvsUF ya+0P]ĮˬS?XPBX @gYM Ϡ&E[fD!]HhYDHXEG(LjZOp%go Iѳ: -+Pl$<'B20/  E`twd7Z=jb l"^VEHC\wX[?V`C#L7gϝق"!?'C(Lbei<\0WqH9l֛ B@K.#R~g0X ~&1kGio}a\tY8 {rwEQZz+?&lFNi5P7KRa "wNk(٧DȌ6f;^!  |B1 x΄ HtjE :g^ƞ$ ؕ >hЙ#7^խ5s+MNS*^/=8d09~ ZCr)CD.4} M0%c-%jB0'iRͻ]FMS|ݢz] eJt E[Sjaw!$jʽh>Ugxy`0;Q* Pԧ_dQ+^999/@㑜D"vpq ["@gGDgVxyp^zzlt p'=G-j-Nyל@, MCv󭫍h,I:Hw&z.ےqp9wdqIRiSY1CEǎY2Uj0 kl?*"1MII(7*=D9"qj?ͪ`3%Ϡ<ʏ3xVp6WL1w= oQgWxq/ͯa/d-2S"ڗ4d4k=fQ{ۼ}csB֝4%aj}$йJ,,Zj:ˇ={9~~Y-vѿ0p.#`8 c_bWB%xA6 @olFfδ*0O10*r2ifJt<]= m:WF@dz»,Bf5t9F\9G|}˱Q%l}&NtU30cC}}47%7(anȍçR4%^֨2'/:{4+ uA5dg^ue_)ѕh UmmiSY [CN5CCTLC! :Mwן;>QG>s;,ȭd `7V15iןZ)=jV7l^]pS* zkpD WAA3Zv7myC+XKՓї' 9~*sY)W?2GXG1.K7\u}eD0Ep3I}w@xVo?0ʭޡCFLHoHH6$ jA^^=U&u]{ʐgn HgźX1 FhI}gEZ(>ݫﰟ9T.cv\Jfqf`VAQvJ"L$ej˻i x)CHocg68,[/@-__8!`3 9RrQ~,Yg;57,E>7K@5H_ I8|t 3&!oPPn+u4}ҷ$ TD1ӰHK?HQj _']3,OPQtf+WΩn'b+?hkeA\lLGWսW"B)LjI h*fAh@u.Cwv(̖m}!"ҾI.qZWg6]G:^a:HΚ$Eu|$tFɰ+e&``,K?~>3"aʤ<DN4CE0 %n9[R mb`--Dk8OKM &F[k'E'{z񂸾A%R\Y0h8:y3ϽkBk ݱ؋plcۺ4]c/g"eH2&̼o[R{%ѽLD[_p+d AL>Se1R=wѶ$yVI:iv-`0(Ͱn`I`0'bް2OE?M{(JMaF^hOLq-+[})HFG뒃qGbHUTHg[)):t:}TZֿ$' tDB:B8Du|B*x͓_-!)bP WKWG L))G\ihf]I̡EN!9ԈVim&S;-Q?%#Vϲf*Q Do:eKr-qcG^E;2-2 KG c'w~bW$ₔ2DZ@GIʠ\LC(¿t(s9AvWX~omr©^zPcI*t"  ~f[:0{t{8B .0`6=OC{n#8g67k,+\tcNijpO} xFJ[=>VV>t5bsWe]A.'٣SqNASj.!m*˞W`D/x:nSӼ;?{NY\nŐ:?H Adӈ<VmVT61¨+XIIN,@ڹCXaכ8n y;e^'J`?6օ28ѳ,/ИE5/߮vlDyۘB,h!'&$G{J>4Ȟ@zl!Ik,ƥH=u`L9R7jKv8q1>ǽbw"SoDµwsq̚$ݴ *W ?Ħ*  L֊|z4}…+xWbnBu/ aPCWx37WƠ=Hk/剸`oqFm24YhՊ z2F<ؒ$ , -*`bZpT'zt!`_^_$%l!/| u"*L< *9ۜ{ Xi5רt{> V~#@#}O%آElyErY^*5Zk3*>U4Cam\l6F;Dٿ1sezo쁡;bfi務`Q!3%4TqF]S;퀙n1-NيZI mƦ&pߎJ/asSd g8sG}~+c_wVT:E#!;J)FMN`=e檉wuc$Gi>SZ[-iL;8ÊD7mtmwH .I]!#YN>CZJ`.(;7t I9JIvk(/@AOF.@Z Gj[i[Hp]Vv;cn s4U{&|q V*[=sWfō #V{]= y({c f}aYαo^ f"O!GlIv,V@$<[zXQ*f]ݛvf0' 軇wˢog sZ$aZ,4$]E{\""yf,׺i~BCq*C5DPɌ@̬nsaeDCI[E s,հ*\V()Ii0|3 6/$q&PRJfY, @,pY댚V 1~mŃuiQ@ྷr@-pj`bA湝sg ȥ> %;)~+QD:߽TCzg O/-N8UP2:pjQ=$:p8fh 4ZU HUPuRҺݳ<ӶK|Zb&Ci0E㨼Iy aG4e=STϿ ɲKb˝)<ȥ0F1f%i1?3nHg6x[r/ig[а w~Ts5OcRg6bEa;X00Kj|MÀ3 `L3QqUg$^{#X{A\͸鿬~M,84[;P½2RlrR+FB@x? rM]4"VW:aH;Pߢ*>OC{ѫT4.YE'W 7P7yS y 0Ɨ n ~x!`{R~V+$öڈQ?y=8[$Z9Un,@SKҌaqq{ B)/^Kx2N+:6 xUaKGiQp헪Gh;9֋׺t.֐9F>xV$94^ lR1iԮ+ w\t kq'^Bq:|L N`YTU,'h{ ~ovBY!n\۪ ?؀̘&i ɴ6EY G&smP}d݋Yd$+;'qkg4#VS76:KJUPUl1(V}@dtր]̘€4X%Sj-45A=Gkk3]ǹڣL̩u,<֬*On+<])|M*eFigvɩV?(, bӉ/g)g9 Z],ة4R8KST9DY? g P*.L*vke;[N ݦ Q"ǯKd; &a&DWYQOEǡA>'lluԣF P>⸿blDULO$VvXD3U:QPJ d2j{?C"vǺ-&yև(R5:G,Z$Z׹kc7G½Dj=#Ue@ƞ#Bq#a Kym zzs{m 6K"-:2PjŎ[ CnVLnv7jTVz8lWd7Ws{BzsdX|iN NO <*$p\)'h!ZO&5 Ԛu)ce]jrpch)rgSNh]l.5@ԓOd8um;L gF'!VĝAc;af "xc*ktZL?LLMx#`I9*~<Ƀiy֤ ^7('lTxEWR{979 oɸd!:$= 'Q@헙 |* w~0v;Ԗtu6J.3ʒH[>k&1yE.u(xhá %.!9\`OFcO@AРJz?I6a.a:GֽpNbA[[?0ݏqt9R=:Bђz\GEk-;h8PфggSED JiF¯5K sGwHcynBxr 6uV+xhdvG<۴,gz#;u~ifInOp%uNϋv)Lg[\n1(N,c&'3+T2m89 p,_() -* Q3oBx' їNP#xK\WNNYxjEǣ-0@_h= XhòSQWo%Q<٬EZˀIJ{}7]3>t8‚uO7mR|'JJ1GЇᚕn;dT{x-8qK!䎩c̵&َO'$Zj$l}(;p<ŝflKk"0$=8{Z<>)ȓ&f>1*/\cA3n5!{S|P++E +,yMe񦇗PjdTaPS4{59ը`FkqLŦXc3^׾+ڷżv끣_"-}~"07JVg/S4Ws~l{uց΢ \++5:L1vdT8t^:rC J(kN0 O) KvHxj.i5tFMV/,S|,GdO}yYV(g3SkõX.?"Ѣ3>DQճ|%|ket7kڰ/rzT u )30aHMQ*v.R& 4bsd"hO@Հ [R䆟OYg7iaNYwctp3U}t>"L˕DtW~W*/E#^-66lTJe}G#$@y%䐁LP D_|jJ_WŽ"d{Dz3>_ŽR2BHTbE` _ tgϴh Wʲ9&G+Cr\32l&,JڠDZeF6A[ w&cuADoLv_TV`H-t >\QTgg'Qse=0`p OM%MZNp̞3;єvC ek'+yejv|qHms7AzMڣ{L@řٛYzX`bx#VHlꃰgpW*rxc_gD+ZO}$/ŐFc/n<*%5_|-FQjY:Ȗex}vsRq_0 񝆀.zsFy֥Ԙɟ0> Da.YNTQ e6>PN;ċ|~7j04 JWGQ>ɠI<rWX2`^kfJlU{Nuo6P*]"s= 2'caq!5l:ksz_5;2;R#:=){^QdŘ!#ھ I? ZLcPbJ$F U'GF~0`ƶΎ֑jZ=vޣg|4pBaCjtFd#w|s6bd"LtqAil% q-j "ub #hJt"!Dy4ba[붅\sڼD, ؑD`keg{YzKi%K^ X\o]V~O1Zd+C1>p( ͱCyՐ~(.<Ń1$TGZlcQlܻl/9B2jau$xFxl_'.T2y&mP g#y(D.cn.2_pV@pH® 6}_>YX(E ?&ش|ޅ7_)v̟zaZjÙ=[Rr#@2Jdi]kY^h!Ț۾)*%Iʲ@t[V/2F5ܭFV_)%ϔJY+ʯ]U͂ɴNy=[7VEL:7H. P Cƫj!L.j<nppllE衄ox b`ڂr?fK>^PݝQvkLZd29ӳ; 8pªo KZÅS@y WZS,t$;s x#6l>Jpc,Q y\ %29\?5 ʏ1+€W&>JD<αo!4y75n Kt~LKFJt~!v$RS gob>v]#RmQBfv&%W7]F=-??xOQC0㖰x7ocMW=$ 4nd 6dH7pfͽٓtYVvr]Zڷn701E*Vvk|Y' cv:0K`h׈WA.@| _+fMAß],IRJ&.!tUF1i}b\J׆ aM՚G86DE;2jdLeIf@Vsjӏ [~ 8 '`,7c Kь5>-"/XZ&l$̠/lK}rQA/F%f><{"Mˌo\Jx@p;Yv:oC(@9 -?.VϐħvPsc/5 ϡv\hX_(gyG?ADW9TΏ(6Pdb&O^r{`:ǭa*QeA|zzX6p.%zV)xͪQ>oJ B}w**5|- ͈N{U]zƑIpcsJ'rx\ TuŒzrO !R9Ywc\>`.L(3k A1pn㉈, TJ 9AvM夈njUyhBiC gg`*s=P"Vt{]@8jof _/!ƭLƷN6(ERUYȣo-]:3P>q4~VG! Uh\J\mTi؛@t3\{ 9la ̚Cz!.I{`5xy"MxI3 j@" kh\eV[p!6}@ ozaEAʱ#limĘg%PPj@0Jhʷ5#&)7/LAu0w"73&qR4a2y2Lq :Uwa-?w0(o_l zԱW9 JU`<⑷hEuOP>UMd øߣzÈ^g <_iְ]}h`/kI'!UKOS7Z#RI7i r# e>);."%u4c4t]g1,Y`dnt0tғ\2RymqC.40޶Äq#?+0>-1&!MՆ"ԗ>0iʷ_l̲夛pWl3I]}z*{-]@nڂ~a} !cj{u;N[UMJK+MDH9\c n')!9q-p k ׋O]۵PۈM?f K$5މIaW @?eaEQZimK&?_3cH ]usy Ioi`$|2P ~<KT@~y/}ޥeg۾ky Ub\qܜ%_er2{B:f/ שY'}t?աL}@rZǢ~D>d@^(#%d!lq.^*}Σ-)l ΰq^ ʪ^63;UtL~;ש<|7Q}lNW'4g~ -̏ Mcl(a5wN"ZzT꙲X/o@wVxY$[?雯HW Ji:m +gc@%Uڱ-&>l> PJ8S墚vZNQRrpE^IL⵪~bᅅ>lIsRR-OM#"RtȪ#-#G"l5'RFU%o7*D^pJ!a-BEm_ev+g3ʿPKPӤBeg5Ya*an/c;]L8G3F[ٮi]4ʪe|L' Z>kʖu5c! N'01KRnwfrfEWeANLc:poܑzhS]qsV4 3$,wj 5XWw4~) ck5 1!3tc뎹FX?xֺ&rc񗚢jT>1p,'{&\UE(n=@.ןhlJo)_MYHy&z=tb?%*!(¢;Oge/D ӊ +:nO+6 `_+9Nx Z'm5ȑlvz[gÔ)f3݀NyL.n$7t#4DY}vf .po|]I$͙ D4*WlhmyO˻1:#4].¶!C^)d֨S;h6ӛ~}C荹>i|yMQRc'H8J倄dD8d Bt~ J~&AEB${}%ET0JӶ@J 2cHJ4)V^6Jj:4 XtRDaC'|˟rܰxGɸd!QV(@o^۽3?Tثrrm $-ՑnG[jٰAű 6#^0%5ӏjgeLx'.*Eh?߼"[7-SDB34wz;)61F&jzQl)]籎+PB㔵H|y&z*:plTT4b|XXoaNw= 㯭VR8Y8ǝbTm&`M]s #0k%'dȿH:cq DYQsye= D)@#>1'> < г[gl'[\4:.+P=g/paSfL!c>}yZ&9$iWm_%ILzy,gE'ZP]L|cǶ-/Hb߹̺pi{|d<0 b3tJLR$%Zlj3K f1Z<#}6M9ߺv,&se.MrN\EP<!0=(_h4^Q'4E67 XF!۹uZݘUX,Ȋf Aeom;Z>=&bENah+:ayf]&%`<3MԮPs s3K&7F;: d0%JcY.H9nÿ~AQZO']+- 6(ŽK|7 ߼]- 3C-n4ܶv`nsBBኝpVcӡ"xEen@RmΪux|̶pZs/[Ln)ӐDDOY;qv~&3O)w $gZ' i/> DmS ZHA\ xu/^-#o̦FY6m֗D&|5"YPlzavq_&!!ma˘x#c㇏ pҡ? )o5ܓ=vU:ɥ^9 &E||mJ\ R^^y7FT8uY4@S+ H0}Rw *T]In:%bQYyc>HyƊB:[Ǻa5[U[#zdoeJIBw]vǙ 8gbnEE_ՖYsڊp P>oEJQ#I$9 턡 KPG5@Rrx-? <|m[N@MQ9%>Ǩ$moRb1ǃtG~WauzX9t O Tm?GO>*~8LE{ߺX:p;!<&$˱\Xg],sY | 2=6*45 x#i]HwzjVɢ"6M .u  Or-/InWutjKմngE44]l:s*O-,Iõl Z<c 2@l7P|2 ̯ |4b#]&m̤΅W|x]🵂};c_OgRs#jIUbrVY;4E-JlCKQ/ⰿ ?({o< {n} r?a:W5,$$tE B80dCMdb0\k`#.tXXR1Mdq ?ƨ;&ZnX"NR]wG5zd3`{j;Ҭ4\Fuߟ .gUx,{&.QA߅zv-3GamzcT 1NH6B/,HBPM Au6NoMY1-_fTΌHkTYO 7w"*gIU#-H`·:l"I"ETNxDzo,Pp\Rul}2,f֞32 ǍƩ|PG^oڈU |)f!fOƶ࠿;vDk r^dbR!!@|ISďr^nL G&+?uLm͇I^9?`?vR(K8 Qx<{X̀z7' kC D x"THRX.VgjV^}ol"Y@XvQW0X&8cL-E6Fsq,Pzy5&}ZcKlг GQuF^O9γ&_)MdTxno#.Y@8$|x[MV>]}ɜ֞LɌџZkNkXdĜ'<,=RJCM!jx*4 _>BP4NW_NmQGnb"yÒF{HGa(IdSN$hj\<4`AlZfY~k kROHO }N7d>^ ꎸ*43$YKf~2ѩ|p;b~{/ ( p07Y9| M<$S 7}\ЙwǪaj45Q]RwE>wC9mėoti[,Z_輋o}ի?rP.dtJp~--t*SoQE0XQx|Ė`C*"2U+L=S+s~]S~p Z%\QԶ)z>ݒZXƥ\}-@Q9?si;n4+QrDkeiO`搉3٫Hm#mDLڲ8}쩁P9qq$LV& ]]ϛj A=Z@8R\dUb=d{},Q&1l2YKUD"@e/o9?#[8ŷKxerbNPZ}['lnQr^Aօ6["B On]+;?"e[@8A$cQ帜W$O|*>P>S)S>yBPk.Mžjn+\2v >7q$`w?9?Um&Z56l*~ 421p kddpfDYYmfff0D63˹Vj2\Md.Lɬ1zuߊABe7e%1ˇV myNЧ:3Q ]+JAG_ ese+BFD؎8?|.O[lJUSЍlWbeMgK"*;(o(w%g_$ERnIK}^AmJl7z;?+okkē" }KdV2 2ɫӨr ,_i@^ذ~1X2-͠N`6 =1u-vhuRv-)tswq:X7oIx1Fߠ1rnuixwȉN8ڥ ?vJ -FyJ!l"L,hI9] cYQ.~Tjps3}^u`)l\1Q`y s" ,_]tZ*f/ A =GSE5Z `.ؒ؊q ~j*ІBg˰Gڀ‹{,\_hHkH2V(bQ<ȖxKZ^4}KgBMu >%t6k/K4t6L0?4@c>K2ZQ(urBLX}nޔ0ttY,l 9e8D*oM8/g;Y"ߓpqRu7#aiH))bԌSF!4ԮQ .9[z4],. Lm@Z|pf*e;&ߏ;!Bwc[jq]!W 7kCyG3e:LS`c;8rP" ).x9ey=?D,!r#z4 }j襾Z} Pb/bfģO"ѬXjl,E.d0OX,Fɚ F&dhw3* 3cw !qƽp$^5OP(ubw%Q{?Dz:.mAnzP;q7K//mc\ Uc"wA(לȧ%\Oe%_/#:67rDІ2.˩zVHbH,fc{Hqֱ:7"r6yQtNPMiQlߝtL?+nQe'eW/{s}6sl [. Toj}ϲ)&`/[4zN_ibdP9lQ&5$mmAnhky$ T&gĘH빘sh14$$1SyF ]mnV[c{xe?ˬONQ-pXtIӰŖ*CH(ǐq ݉0PzCuQX']fJ@^DVI#X >V"Fo _p޽ OK`W q|fđH '⏺ZF>$FSΤ%\5Ih8a=y1t+!qYbAYu@CG#p'Fy j~u sYa _5˰F@ xH~7Ts^ŸAqL_kpɼ+l`y`.$CT^F<ʀF -f@^T!ɗuP%\&MrG?sqYGSͭI;94 \4@[h-Igyz.Y/Fyi嬝REXǟۄkyˤKdGnG-OpRMQ89 .-v Yf5j`@弐+Kzvc: Rڝ}+Ѯ]HKy,./EwbEl /i|LΘݍ(6b<)sl2qR_=ѵgDY z4E!Oaq_:Lxs6e75֮gpW5ٍe 5S bCT*Ѧ*~ONS8J:8]5fˌ>2YJ6[P#$Æ(o#qHKEsqV11`K-3̓D51ii7V 1$}%!*nu9"zS0!  n))P)PC[0S kyQ9"<`N~g#܅ָψYZ_EKb!u>B v}zM :md51X\+vTb7&jl!GwwrW) iN{+ Fti6]\'FfվLX|'U#GP©MT7|A8w3&桄̠G]&e8, Ԃ 1\w64[O5om7:_健_/a+t/b:{YFGt}\M_\1X3b.B-P'w`HK 6sP[::U`X6cF\Il|µ`V؂`¾ǖngKxo^ f rܚ5B 㞗p׷p|$J_b !C Nl(u]M|zr5~|-ش\*߼5r;*֨ m;3Əc&l 9\PBAƒr84}bxNW;Q<[˽PXh|9I<-Ĥ΄<})iu,uPNk`A/LU#Rpp^!R)4" J#Z1MgGܶr/I5bʷL'wt>%[!,>u2^p00?/%/Ws\5S갘Q2CnȐ=6Ҟo}cJ}孫R $xJ'@ L\@gE5SZf]Rڢci<&P xJkG'٥%yRO4k7,G p&-jH)ǫgi;J!/#OF?Haww\q9p{C܈@pPTR4Oe|HWxu,sڳ[۲`[& 9FTDGZ6.\tiI8Oq/E\0ՀQ!Ox=hX>mPi|u>W`ն% 4!#z #iK``cx)`B:vZ5[ְDʣ +1vamӉ˩ZEb@SL~ Ƿ6ϟ-ܵش:+vŋyw;%u=lc~Ps9|iGWJgV`Z;.wbmdT;7 iLo )~~\G]U$OpalhjʫRGen_!vi[ vuMUh^>H= N6] tlU=ɟ#(o74`>瓥9KEbǬuQ~r-)Ky=w^I%ViGtD7Z"JS│/RCҺGA4|ofp3аΓh IxpcereήnPe'pAc,f)5!*ϩܖ2K@ipgTED5H\r}q :og>H{YA]m*4w fJsX )Vmfl,k9;L:mU)ذ\Yi&%cl_,Md A9ވ ]H~,̿цc.nMM>}UJg@)jlRpaPz [6yeۇT,2*64NC[Qp 8hu ڲRQRhmܴ X8\_;Q+ 1tX,37й]73 =xj*ٻUxLZ ɨtƙeo')i,$6c'R"%&AK:5❃̂Z#:KBr2~)eUѿ5 +[+kŬ.AS-Cɶc`[-L{ 32NU6{ A u R #r敦șMlp0R%K2W&-C~]"o%!;s!Y3T:j3yk~sb <8D0IbY"C up=%1򘷓KDoNâXs6 1'&^nEOWM!9)kNV#y5@kQ|i .-R[j\|0Bw3I$/v99`9AVI%/P΂BS $aSU\j65:cP*ߓeGGOD݀qϕaȻ[Pe1k9W_gM+xUR d '^Rd􉄠7\8Hdu10[ƚ:luzIbו*KMm`Eu&݇p9SZ{A;wJ~n@anoqi8as/''YR{w8,8 v,nlp{`Od%HtB!!WJ{MMqǕaHwJs ׶%9'\!ptofЋß8m~!3;>ǨaQܚLe*Bk.(m.(f,_r7뜢A[h߅kl-6g!a&?tϮ} yě5Ȧ lvYx-pU-E&A2 i,RYykjveHv-KMF#4/?$@۩_{[IrfK[.̂aZA}6to6-Gr;fNpx͕UXl03v7?Ȉ$aMtfJAޚs9-H"}{/d .AWvX:nv"\3[Mg+|dpyo+ZARcEP\l59SIe;@?)QǟOu5rbsn.U_>DJH~#PKK?0$];wSS^՗׮RzͯIEiV^(6qUNE f۾akp)18xoj&j& 4 P-; #ئ3-ÏDm'we~ڡM|4q wհR`_~/IO\_ W-SxtZiKq\^leMTt9JjĽ>c8QnϳU_x;Qՙsˑ7Ywql4">Mxxl h#K=(ch>] kJh 85[-糒ksl -'FUQ>4@~nDt#Ң;ak%'j蝔`-4@жfZh6xo+kWw='ESIOu;#r.)~Wu19lkn' o0\z?ֹź( H&ka^ym3[-odLKA5ʀJ XߪʕH,8 I?Deϕ|EΤ@~UF &~`ݲIiIf'u$֬dV2e33"m¨bUۡf"N>2jcg?o] x}sS҆Ę'#e+#<q URҲ];y6hԸTrF>mHUj@qVdbŕH1t]B.Fb,ƅwtDeKکTB(8 EwԼ*u7¨ß::֛/4DPӷ^w'q V7}O:CKF&Vy>Wt a}'Q :b@栚JC:]c7dž{yOMtHS_;񙃙;4PTi:iDG{Y. ‘B#F3JDB@J[$m! l]u:}Ա2J&)2ʋb^xsv G yR;[f&dBpDϔ/\M\hN^O%x3/Yؕ0qCu[RrLLq$y,îQs W}Tz$A".Gv`fd..,vX.mle-HGvIdz?N[9uu5B1nBFߓ, B8z,fyG0Y7\)b%cScxo}7dFviCtfvjO-fs^JiE 7"3CR.\i1hYrl:,ǼJ - pmնDj_Kq|? #H)LR/]t qW#2VPovUq7ߖDk̸4, u/؟.t}X"84R#݆,uXU @^"U%f.9v4eB]Ow.gx}IxԊ;Hf|~`]fT7Da I/ ƴG=鬫)M]n˸IO{vu jW#V gcqR͋R.c+S;#VD徘I 'Q:T-pagauQ|$2ff~=r(V贶.q:JFJj9y)[v$l\l`vl>> /6K9:lijJ d@D 1 -!Pi&,M~SZ"$^. R϶C{X@1) ӰQ?܊u>AnOpUQ,MN\C5z44sG,x_l攜jzwY's'|xuYCOvڨxDNW!9"q"(}W"y3E /Shm4FSx휴F;a@ 8Pq <"mCrHe e@94:ׂ@%21$Sו`FWx Ql5'<=$־hw(}W9jۤ ZECH{G"zb06G+q%!<""h<~tb&ӄ:^Pnc|)ڑ9L/i$]9f EHTלyE,Kq'Q:̀׆ y ,3o!&һm(_Ч CV3H_ܵ?Wy!)2(Spa&mӆˮ޾<ڻwDž 9?/#1CsۀLvͨO0Jߨka>s€2p_VJm9/;u\P+&cO۞=H&V^xX.JUƀow= .,Hֲ1/C48#,Z3>Hn\ +v8`¸q؎>Q%{Aa֌KzFvɩ3?əE_U֑dT.}?CճVxz/<^z$%pn9%GÕ\֩}#ž|mϲ81D 0ӯ&F7n/<:smhpJsZ,4UBB\3PMB_|m98J 4ȬB9k&@?n'R>Ҍ5e Π{+Z? c27׫lD{КU-Z~ BwrٷO!_& }LSY%ztLTCP@{4Tk/ҩ$i o ]zsJItA\R. ODZ$Rsgs,0f۶j~iUo=.|OȳdϠXFl$%4Ux@iuNXwx&~.9 ?/U\iHu)uI6ސ‮Yd"w ;iOKzRGKUzlit7xpb?g?J>K% Jf IX|/aZlk\ '5@>vV~*1=%ipcv!!R1.syFg9e 6IDBA. h3qOm]\:2`X1 ޝ~PFD#$22q2Doڲ'5_mmhzWeWyۏp#^6*V7cPHE[(ĤJȷB>GХ+ɍWgZY7OG_r^V'G3%5w QFЎ#tlq+:*KgI8LTS|c=k|!;gнz dR |Has$9z^  H> b&1h(N=Bp HϜZ%a東=,-/[λ <{ru8G[ܴ;XG ɜ\~BduE迓]Xċc(ϝs Xe*r m.<*6atxqn_Wr9@Zt^yw KǷ02}˚ylB܊RJCv {t 8^Ԟ!G^Ao73 31S:5{p[y#?zU{R!!JZja>h%˸+L84JN[>? Edu-Wgdh5$)U 8si >)QId!%-V~ph.rG6IXβyUGUE/ y+T@v+Vԥ!Y3gm&MTy65/tH$}?:ӑxKz5k"fh5js`N d"3i[(:k{9x(He*pqQ>J %8 M-$vgi.O|yZ ,3•.;߼KURۋJʏVL{q0 ֧O)'B1M,΋B>^J<Χ;^rwKC+<7^dwA) ZHh)~>RϡbΎ{1˒~~{IwLF 2ҖF`lse2Vl Om$^"qGTA /ʌ4'ZZKL4i6 !*v!ޠ$1sxܸxLWG#PSׁ ^;?gKDh/t>m_žهo>\UJ"T蠲}Op+t<,D5.ClyY`䘁 E"XTq,'}m4br8Mw_x0*bfϡ ӎ}.z9H\H?2XO@,`&oH-J(4%Hac5z$HsDxs#,-qv_ep* 5vj3Ftd&=Aq` \5Qf:5zxIQE^@:/Թ L]dɭ+*"~_;kz7>#c1I"+6BpĎțHTo,SI*hafOL1IbM )uL^܇G.5 N=NS%\keہ:IҺ1Ulp¥[FאSIyk>&= ~B}٦d\.I)Ϛإx#=;,I4<#Y=6+G˕\$ʫ=͊Ƅ2.LɊ<3em鹅}kΘ~.?HHQQ 79c;UKzXvʨ]'mW0rl2OҎ@en:SYR,dSApL ./ l Ý``=j%LI"ЍG̬-ʟѴzXPCx&I`"L{Oj,EX( o>lyL@ܮH6@,.= әYV Z"7b ,^k Pc zTfR;ww=-2P"r'̒+7A41M!.1"*WԈ5OT܃}fw,{4+a\!|ww^̞,xx6>UX&`׭2=i\Fm7UHӑ8%0NŻqR^#l%*8PvI| /jdH*!i"aɕƋZEq2(a'`mMG0[.k:j3rюoP+4a$`[ewSYTҐWi>7œZ粒0t轩I Q=_ H6`xZ;BŧlzRKAmS3€ʹUWS8F yf#"ͮt ɢ}ӊV} 8rSbOM)&YglYh (*v%Ƣ&% <>*5VPw4]\uYHΗXwvቝBvYsF{{Y[ȎY3R Ȅύi+3q-z[V􃭇p;:|l _217Wx^%,QRas,ϟ+zF˯7eiou-W?SU67 ub롷k/mi-M=nJ@_hICMs+ygz/1+s g{j?le~l .F] BsߍiWA7bܸ=jT\%Rh#J¨Tb|N_$yV&Majj3^a4%@ERjH_lof&uL[ (>J5P',HYY?q*}P9`s }3 Ë?]% ttZ;V$*q4t DTu!{_0?D9̃^C l]`5 ) >809Ad,ܳ7HS8kԦX߫}M%u-D*AekW`GWdTm}D6G A kz& }К:łBp(̘iY# a$Q_RBpvc6! ]Q+ fW@ZH%ók{L9E#Q*kKq71d?gNb?H!DC;lI@vvK6%2QXR u\:F7hٸOLxw91C,r+i&2Xy mcyWIVPTA16>}ˊF ZԬI`9hT;1IfX^1{wYQV I;BȽzv('pb;ʭ4'b Un^}ؙTh ,j;x7yzB nIaGt  $"\+Wpwk5j޲P)ˢ2$ZQTi3]J|9 Ww@麖uaWb^L  fV ?h2?GӪ(('\SEx$@L*@&w!B`i /q-nWl~/oTHQǙx NW.4/8ne2xҾe RqAHs7DŽ>ܥ3\IZNج|ş&d=S cw!V 1[uCkwɩеs͓yqe>Jszz{<>F]k9SP.}YD`M(-YLp`9!;:(β>i{s.`[Åx[{nک}ad[Mtiqh H"!YǫD3d(="8HY<.C; dY#=W=8燦畤,gΟȼvf9 Ys LQk*/-Ny,VߠnkUGP}朏<[P8Ab!hXL.) ~Kh`T-QAQ+?JKR`wkn.c.X|j?Ӑ}qDZJ8Z+¬K8hߗS؞)G 6 CdIOzwJoxE\$ |;$ Z -Rħ<_p.l{[Cߌx)H_G !M1.035NK c>~zy3xdGԽLC(-~o1>š٩S wl:1 ܓ*\)je+5!N#N +cR&s(M>:dL].r7p{gתÆ"\% ixE7hTb肦tawqE7:B/G1)ӰΔmj%~J.8^Fsϣi`Q&1ڵ3!GHT}t"&㸲{^í'Q|D*4RΦ5I!@:pUF7x(Ra͈?<) `zwt);|˜F1uD=hW'V"+ctEKTL8\X!,!BEt z]I--sÆ eup)ymxitVSI왒ҼOˇxTsus@:DeSYl(E>Z|\Ny9R$ *C24q$7OLDV~+~<@*%@˙\Cm{--^Og@)bg XNc 0TvѠLN[Xϯh=V91n 3 ۾6WNyMe.BmH/oQkMF$߮|ܵ ֞K͋aJ0VyCIv:%wTGZbɯnnIֳW2,^-ނOã$F9Hs,!1$!B`64,Mo: 9m,G9Ƽb/)00^@ϫsZ $=уla&sU+_nIbм @/V?<@hD1t]"=07Z6+:k/:@~v!DhPy$g??~e- @V~ʹdRI6+|kUͮ:/:2qn᯲:9)ቦ15%1Ff$ʦ@(g?L8'|7qF邶Zڴ-M<dR[AzGT3N>I$gK3)aMy nKHg)`_{L(P^|z=RX{{O =`$xqAAR&xogC7`;I.\k>w5:͍0U^ŽK1.Lgڽ3mrOһ<~? F206x@ >‘52WbYm β&1o&CXp/<4 dV7446m \Hp.2*doU.QH;=%*)qLrY: :D{)Reʕ>8{tƈzRz \~UNfxEoȠ"Pz"EEٞI΀ߞu&DeSV"p鬟gsh pSPIS2bw3J2&C.X˱JRpJ R;^ |#gO|O,XxGZ1~|}:l:a{2XoN,;ymxgȱu&؟tgP"d`[ʬ]־; iY(YR_,п>,%V T߹ }x%^ 1R暆lyM4bnpBq۠E~0_]ώչ%Uo[}"Q;`)O3~yo{O,k"zఱ4+Jz_]ݹ*4"N(IvBYa2ih}) (`Dl n^P\ /&ÿgl"CR6B곬wӼO":N"iֈ[m?8Иh8p:T>+ ,+,l*ZelI̢]I: egp촷V0cm n EQb:L|h(k!W݈ЏF8-6&u]4=kB#Z;:Ok6 Тl55hH)0n}3JNYe#]3a8\8ٯ̓[C~A'O`z=h\= 1md#r"V W׾28ä&Teݷq[-̼d$#U ֪yٓ[TX 7f>co  c!o<¼OE{+h1wxª*ۉ,2>_N:gkɻʁE4Nf,̏8cd]>{S*zIPoJW]N54gQ # M\ SiH6bO'sP{(xRZ0^sƛ0s( Π.ɩ6Ca^BO˭R1 -ߊ2-GbYuIuwLe!ue{Z-*#\s*ml+Խ0'Z-q36=9U|W~Hv?VV2KԢ$$ѐx"r*Y3s>>x ʹYtOp]=)$2i= uz-I{UII:#p46bj@L5ջ2m7J a!攈+|1#-JFo\> TT#lp^c&bpuu F&vyQg*DuxL5P ˁq )0E°{fZHG.l߶]D2G܂dڥK۲ 4g.~wor8d) } t{c]RӼS3_ >x mZ?Č?ii?YI&2+O$@ݮ+22mMXjU3U+6sz6xWT*|} 6[Ih뙑[ԶB~Ǩ3]Hrwb\<!d'=^q6 :FTUXGO٭ Ȣ_)b~Kx9u?m̩ZڂRQ*cϞCf@=cb|^'KX_̤OD`pMks}W qM:@>,ޟD<-fd Uz]a>f}$j/(4wg.ۼ֣>21mrM`Ԏ9o`^V2ɟ_&rc1=Y)}r]B:ݮjŒh[Z2I\S:]6e\2ӱ>ۅ_]+L`ꅉ:K\jzM$#P6_W >H+|q-|%vd~ꯧMH#c-58Faudd %dJ!tcY-1am98K;ik`L*{Bv}ڿHAbP(5V-bjmL~Q:i~܎j\E\To 0 Rw wLO[xVn)+ٗā Uy4 e1quX` c/~$4b_ئ߬:OH xw>?%4^͓&7I42> qk׊!sĢhdsH Ud~`;LKwJHƢ"QRS@T=GExs )笠X[h,%/gvY_+N a+V0TL>$Epsec-s)  rv.s+u-fV5^i5Al iA^>ppяdikU}>΀?7k-X.jaS+Õ.#ф0zS^TFp_٦WYa/!P`k[3 yې)9#~='8ww2"ݕd]nS>yX%=d0[U,:"MMY\fJ|l&G<%NO|.BQ@/Ywzc Ẇ5k#e.8K,~g߄oZ~QZ1 ؕj훭 i!|֘#i:>MbU̵Mg>It5lߑ:)2;~!*4ROQ s|?hgDYғF~s:3;(lf7JKuF\!bք37MVpti-s̲" b- MTunt[@]'w4+)g );q G @&@)瘼Z*PVY%8,c'[>7E"3sQv5e {zZژ{q^,sHe\>$ x7ΗFm0գA<|wZMIqwƁEV_;dordߜam^nctQ΂u*fͷn5 (馠׃+OWM'EٳyVщs9̀˻ΒPV/Aj,sfP!>(y[NƲ3F0-*(s !1 l7`[31B=l}>ʖ1/:8x5­=2eJ HT~HEpZ5gKronr!]sy͌Z# :RT5/'Ǯc1#Ȃ!8R":G֫0w qMnùE?Okڭ#OntN- rAugГZrOnu3:I~֐44ٖ}Df?3.1UU`h?.K tf@?Fh' =hhzGj` u%43bL<3z.ޯɚ _]X!/d\SxпsR4_peT){ڒoj=H?hy*1gh'4R6Bx zYl;@۔ysq1C6* "iif*fR\}#f01.4,3M ?5 A8e*,OEFktge9M-ӹ>k/ yMOHΤi$<lj!e;k-8ݐUK|[sT If@QȉM']4Fn힪sRH1^oau@hsjRiYIu Gv ,눫Uz>hDM}gg)\ hE3H3Dk*0I2 ۋP}> g ~gk{W{{y:Lp|tkE! 6F ɍʑL&\_Ra+ߛԭкkXI"›.?T?9py4Qҵ D nxSLH}T1 }᷄<c@O.LN{ H )r9E.Mi\c$:q F?zؔf- iyDHR8+KtQM9P% $zY>(BaD Qv (%EDF&l˶TNiba)n9=B=b~B\S5ei7`Q -S [r7j r ?܆ `N.rm65WtYT}Wr&Q+75_Y8va:݋53}4۹ϕiJKֱwz# Yj"^ge/5]jnͽmSd_Rr[tQ gݞAfi56læ27 6Aд7z VGD ҺV6U_]1l}&,MJW7TĔEb~$Ӈ޽bz t^ Jj<Ѕ;~!s'SLU =Uuo.9md|I0\&E9{Q(!|hp2/NJjpSF_WnmK?j&EdT~= fKsGh,c]B|Sv3O+i6=]~< \kniE>4Q6EQl Ao\o_M]k5 q0*&LnT_FOZʿ ۶+tx@uNAGw쎤I2tQzn2qP‡lQ& 097Tbe@"-@]'$˃ b&^f,#<H[?,YaMuAcf*٭RegjÄ8tcڿ$Dj0 >r³d6q]Zr6QZhif^?&cc 1Y_,imID{ jm&״'.=BVmx풑k_NTecK6z+ lAgo7jVS l-c(c0W40ӽqxsWpGe҉*. gBhL6;-3[C𺭋M96FL7Ld?ZT H}6T$.;&kW"r\!^]y<ʩ4a}`ճ>4Ӻ#/6*+i1Xv*o9}]>׋agD!98f$XZo@N)VNAKh:h{?NH5junw |,iz;9tl8 QQDXp2RK"5c$P&BhmʁLdm/rv)׳r5j+Θ9_snWA>EQHvUHk%o٧5Z|p5$Og=ĵhG3"m-&IiK@ce_3wzR=۱r[wxD i' Ù, ]/Z3gzP-Ij~ x'|Mlwf8$T,NRՖVQsY.Аy h#^;5)*5TEk %Vj Yӂp3"}t)'c=:'8 l Ԍ q}kAiHy|e{u>hȌ{j|n!~fO~2t0Am(|=>l̝Z T椹DUԫaWqx{~};j '}eӖm@Ch*0HP*[@lr=>u0/jE٬jaNYx8LMe'QSϿ:dNdb||dJ\R>J뎕:RQW:Ll;tہ5 fEBӖ0Xw0W5T{kae:>3ww?ʪ["ݲR'sDP=_I$-U"{կǿ>75/9)4X<354)Y^'$qxdl|O3|'VO PJgexvP h 4E1qX)w8\/,)LY :HFyzrbK#'bP(0 +H ֜TeY /)ܕ@W xBuC KPhcL-G}h3:LNf71qmU? ]|wk(WyBP$ +7|<L'Q3r`ʡOJ~gd P|fR(@l.ʵ(ވ K0pm@hBz#Zy~|nw;9KUs`zq\+]IT6OuX,[x%:4,N+ygȢfX_17fTq,A3re| w$qPuXy]v޾^o;Z$3yNWy"̡>ϯM8H'OMLz? 2iƬ'rw @^NU>Ktl&V[ ~rxi¶"$+!L,ϕ'{&~R ')?p-pnVFdF YBT+խijCwZ?G O6ewkAjd7_phbL`#\c&.q7RO~A0ڕxL ooʸ` X m>WM8D1UZDM+ƗX`طnOE Lӓ]B+Jj17We>*("8 >a 'ЮӠH0fsIڞ\H`F=v `l]Le!m.TYt䭐(uIE Κc>~Ke)tSbnx#tX$;nIV+GXq-P=cSԙuϦn({rngDb 3]kx 9C%7 g\禬R&zElqlֈ #a4ȽG gY=rn'M xʨՍ@$ zp+3`70B5sU5҇ Hr}DB^ ٝZ%n ,[RpL}~ٽ"|o ]39~X㚻 %IcӤ > +J|F oU>^<̫WO   :=Zn y/D>~!hK†"C7mծlǼ్Z WN7~ѐu)=s>}>1wi׀Jˎڊd)K*fϼ|P1HrAhNJFB{~:hQnxn,N|d_sSNg0rgC,a-+ oMTI543Uz+Ƥr+ ߦGx)ey[wWZahZ(cRBs՛~P^ ؃Ϲ`6@oC,w>{`G%/ _KQrXHJE9; CPٛ9zV\ȱaOd:+72bJ]a<:Jո8 vCx][%pzܹ;ڱׂwkJ)HPoX~C[O8g_P7ܞKe%r28Sz$s̟I-xTJ#c@ћ4-I9*T ╴~Oh75Loɧt(fBAD6u-~0; H8A+LQy&5ȍaa/j*.VDt(kEQec9P_xՓl@$&'iN,/|knl(8^*~aȴm3Z /}DWbaR @TVݒ=%.i.i" *ThUDlo~xPb-d$Ï@jˮF.{l 87[]YfҶXE9Y3ysXC+Ҵ!wE;q9dFgoCq\9F!g_cG]F zލ^Ba(PN&=dJ z @/&].cf$~T$[cٗE{WC)XݧѭTMpm.߬6#UG=D)1`Rlzϥ5vH8 TN>ij=(X .lJڤDEi+;"==Cz73v z9\>x1Z\im/+%tg C9!պZ6ģ0≘WlUҞC3.X\_a-IDdpw?ac3O H֚A244 H?ԙ-B** +]DP})@ J!kÝ7As4[2N0'Dy$ ]k:jl:Z_!h ER;{3t0a# rHWF7rX%ԷfB7t f"--XNm@tW^9.זy҆w<=w8.2|Re@1vg$m&z&2N["YCkx p6`jx5|#"!]O//4r ];0\SFx/v3wEss@ׁaq-XNG-hѦ :锆o,̈|'T`bI bG@d%- PrG=qnAcWgвtu.6 jeoj/}SN?ԩyg| #jcl!pƆX3l9\sp}ͪm"T(cCr<v?m˧,#G\1^|X!t}hCu3RA<EY,6lH`S^@.Pw 1zv>↵14?p]՞7{P]3dp奓VlJSf|ѣ,IUƏIzI]mY Jx1H|H&P)S3 |~ÚF($Q{+hb9ܡK:cEp=*c?@1DL>0}:ϞyIeLcvc{fԁ y.[oNP%r[Ϻu u !Q=\Y# }ޝ#_1F(6h^}\ň ' ) &M$b4nwe 1 I1ؑS] `wF!̚2ۀ߃DH9=9i`Auf%.8hҽF":Z0U^pbhčxt~г}?٧,?'d@#ۑ *@Kb"tLHH&'^lZ߄cwF3r?T(0o=k*xYxV!0K=E{?$Hۗg0_a/fmA y zs'$_F tջL䤈"LgC/e0NM;>/'1&Vw~IR)}?-me,#MACu ߙB 8Ι3fjGiX `uX0qִjfA΁/lh7d}8N4mGϫka x|@+gƧ|(nĢWF)e_q,up[WpU)77X~H2[oQ`!lJ`ŒPsUȨH+QMee^IJ:2~P(f gh$MT,(SjIJP"KǕÔBbӪ;UhIrϹ&i=⑥p0eFDI/XY(kLsXYѲT R Fm_g;f&|H%8>WUUs:A-xvuaBGe*ۖ=uz~4E0Ѓ2 l-b)Wp3U1zzӂ[JP7 5魭s.NB+q]QSʄ89R?|6f!hJЯOn ZC ?R2Ɩz!zf;6z0]*%jI{%v2DuJ:OvE8F3#S)n(ʊ;(oQ| Z?"iwd;H+*Rs|/N2%ƶ1F i[{jT9w;?ݴ?^6=\WZOl.C|ʔDegtJhcg*v?x:_GPr8ڜ_Kc4 עUƩ 'V 2IAoC֚zѯ?1y!^sQ7_׸r?v$MV>s0ȑ=Wvr +µZv]eΉ(-+EJ}F[uѩ3Y"WKuF)0!XS+妉y0'DF7JևlD }tH".L;2Oz]C χM_9p4dbxNJFyT?=+Iv$^y=\yj 62C?vQ47B}8NұAW23q%tbOM`{5kj?0jcs֔ؽ]9q!˓決7"lQ)tp߰y2GjI1xxEr0v`'E (p-Q@ j( :FYʙ LBܞ),Fृ2CN7hOU+m1l쟚::qwYyS ~M;E#QOC̼y24":ve)yz9_) {L FV%6ײІ[3䚟Bۋ4ƄYbLm@:Th]߱l]H#{$ԨEAs,S_7;&y.˲wۊ2/&^SRzHM{ {*"S J' Z\aƷ+AXձzHo+">fyh(]CNLW[LK'y:n<$P!@ZKɢfTӮWQ*ʡ)WwaeOZvф17G,7JKyBUy55Yk(Kw麭ou)߾X0fW `LI_ி8/"b2{6mT'XkhYrpM82)paj3 ;ś (noo"LN|",Fb!4nNWkPd•Ch.#\0|v._'e?{'3գ9RnRnfa-G+bjUX%#$yV'uB;oMC[Klq'qPS RR{ʧQߌW&+^0"51kJ$!2`lCѥO>Xh#띫<(al!"kR5ԠZ9' \c=Xk<ఔC@ѵTq.Zީ%3sPp$k4JnG$Y&s7?7EuQ|z) 3fTl@F=C!-/C=V"N =t;c,aO6Lpi/&`R*l:%w3S`:R+9) ۹UpYazpgIըd-+Krݬ(hn5dg>Cr}ApD:JuLn@O9~z9㳠S47H3S2s( hPҠEd_s`# y@gdiWg>AS@AkB.9+VjM!s09' &|Q . JI8:H]&jn2s gbʚ(Ƞ)+t]XUVa{zn 80_pv>(Aaޡ18.nԉ,p !a t,:c]/-"D 7Z:8Cqa<^#!P36Ք%K4Ζ֛قQ ŝdsR#:DzwTjZΪ#m?Jؤ 4lSeUTmW{ѧ8+Ԯ V`ޡY.=g]U!Ugx &aQaC z(+[,a|<_QAo/fmF U(8- 3Иh=MaDI3\MnHP:7;Ss|yw|gdx>\($6%2 pAc6z{&ߍyg=.J|=Lg7''wtpždЬYlݡxRynG$FK jq1 f[=мp7@A j}<ͰD/rPo~h$l0qljsoIS@>x!F(N.S8 2Zg]J#C`7+IRTz랁W1E|×lϸ`V_Ʌ <1-1n+*嘰Mk̮_NbO4oEo%ߥ{S}/-@C>.Pb, }v'*Tc/(g&TZ1bf H>4C (Oy]mTő]4aPY(ō4: Ϡ8:} ha隓^ُHa8ulLBU]7uߦp^2Z"YuKɸTD)U6 ͑X' 0WiH| wPqkc,O!?7Ƶh祛J@yEjqjaE@*bGۤXS z8N?P~ -?k,g98y V$ȭb v3O5 & ;M)Vs-g/hfGB?P1w`D6`A9OY=+ fK),D 2WU11EpZĆ/{ PNeMZ5^%TsGΈ)L+TsOT*|^͜C{],<^L$b9:2aˆh_"*̭V9;cpRc&Jsd>" &"x[בb-cP<ҿH!BG Eԕ#p?nu Gg[˫q@^{h1KC":wchN kꃾ99/EC]\eJV4`@{G:Gwtw3[eIX/EF?:*ϟ([ L5נݐ9WAcǔm'\gsn8%o8^6[b$obIg򘔷z{xy0ĎP[Q![}gN & wdavUPМL4wMȗ<*8$!YQ"֚