nss-util-3.79.0-10.el8 >  A cMU]6c=.eP% TXrd3IzB A{,ʣ]#̟ⳟb5#m[dPv2z:Fc7.0 kdq*:*ɲ+-ۑB.X.x& rm{4Q5-"P!Ҵ4pnd-C*)O`Y_*-*/+Cӻ'79lpQ Cghа@cJTyz*Q+EfPaOWi-*50lk"4qi\7]Kj:r[oiuku<blWw @p=9E[QR [/$O@:|ZIV_^wIJS^Sp\"FW6un ]e8f477b6c28e41c2b555e1ff9028105793c170cec82db4548d08e6efcfbf7e4230599485f3fbba1478b5b7b6070bb08179ba09c884cMU] Vk .K ~L}@J'!{|/c  ,v96Ƿ{x[-'}8` Ta#6LM#G0a]NΔ'Ț?1o\^-(5mݰ]p.جN :hf&um Ƌ9-dKG! ?%Y&+r`>p<p?`d   E $,D P \ t  $<Zx(p(L8T9 :]GHIXY\@]X^b dpeufxlztuvwhxy\Cnss-util3.79.010.el8Network Security Services Utilities LibraryUtilities for Network Security Services and the Softoken modulec&x86-01.mbox.centos.orgn\CentOSCentOSMPLv2.0CentOS Buildsys Unspecifiedhttp://www.mozilla.org/projects/security/pki/nss/linuxx86_64$'FAAA큤c#c#c#c|)c#bNY0332248a2c1d9d4949d1a88b22708f405b6676c80185d404cbc1a671999d0853a20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4../../../../usr/lib64/libnssutil3.sorootrootrootrootrootrootrootrootrootrootrootrootnss-3.79.0-10.el8.src.rpmlibnssutil3.so()(64bit)libnssutil3.so(NSSUTIL_3.12)(64bit)libnssutil3.so(NSSUTIL_3.12.3)(64bit)libnssutil3.so(NSSUTIL_3.12.5)(64bit)libnssutil3.so(NSSUTIL_3.12.7)(64bit)libnssutil3.so(NSSUTIL_3.13)(64bit)libnssutil3.so(NSSUTIL_3.14)(64bit)libnssutil3.so(NSSUTIL_3.15)(64bit)libnssutil3.so(NSSUTIL_3.17.1)(64bit)libnssutil3.so(NSSUTIL_3.21)(64bit)libnssutil3.so(NSSUTIL_3.24)(64bit)libnssutil3.so(NSSUTIL_3.25)(64bit)libnssutil3.so(NSSUTIL_3.31)(64bit)libnssutil3.so(NSSUTIL_3.33)(64bit)libnssutil3.so(NSSUTIL_3.38)(64bit)libnssutil3.so(NSSUTIL_3.39)(64bit)libnssutil3.so(NSSUTIL_3.59)(64bit)nss-utilnss-util(x86-64)@@@@@@@@@@@@     @libc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libdl.so.2()(64bit)libnspr4.so()(64bit)libplc4.so()(64bit)libplds4.so()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2.5)(64bit)nsprrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)4.34.0-33.0.4-14.6.0-14.0-15.2-14.14.3b@b@bγby@bba@blbbb@a@@`E`ݮ@` @`ٹ`̊`9@`Ȗ@`D`r_@_^@___@__"@_"@_"@_!d_@_ L_ _@^^@@^@^ۅ@^4]N@]]߶]e@]M@]µ]L]]^@\F@\Q\\\\\\@\I\I\U@\ `\l@[[[u[#@[[W[O+[M@[ZZw@Z|;Zo Zo Zg#Z ZZZ@Y+@Y{YY@Yn@YV@Y@YyYm@Yg`YJ_Y1S@XX@XX @XXYX@X@XX~@Xx@XoX>@X*X@WW@Wt@W~Wv[@WrfWoWm WbWQq@WPWJWDB@W4p@W@Wo@W@VV޾V޾V@VяVIVɦV@V@V=@V@V@VO @VHsVEV3[V UYU@UU@U@U>Ua@Ug@U[%UUU @T@Ts@TTء@T@TÉ@TT@T@T?@T:m@T"@S@S<@S@S@S @SSSSpShS(5@S@SRy@RJ@R@RR@RSRR@Rm@Rg@RD!R@RRR|Q@Q*@QQ@QKQ@QQW@Qw@Q]k@QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.79.0-11Bob Relyea - 3.79.0-9Bob Relyea - 3.79.0-8Bob Relyea - 3.79.0-7Bob Relyea - 3.79.0-6Bob Relyea - 3.79.0-5Bob Relyea - 3.79.0-4Bob Relyea - 3.79.0-3Bob Relyea - 3.79.0-2Bob Relyea - 3.79.0-1Bob Relyea - 3.67.0-7Bob Relyea - 3.67.0-6Bob Relyea - 3.67.0-5Bob Relyea - 3.67.0-4Bob Relyea - 3.67.0-3Bob Relyea - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1.1Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-17Bob Relyea - 3.53.1-16Bob Relyea - 3.53.1-15Bob Relyea - 3.53.1-14Bob Relyea - 3.53.1-13Bob Relyea - 3.53.1-12Bob Relyea - 3.53.1-11Bob Relyea - 3.53.1-10Daiki Ueno - 3.53.1-9Daiki Ueno - 3.53.1-8Bob Relyea - 3.53.1-7Daiki Ueno - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Daiki Ueno - 3.53.0-1Bob Relyea - 3.44.0-15Bob Relyea - 3.44.0-14Bob Relyea - 3.44.0-13Daiki Ueno - 3.44.0-12Bob Relyea - 3.44.0-11Daiki Ueno - 3.44.0-10Bob Relyea - 3.44.0-9Bob Relyea - 3.44.0-8Daiki Ueno - 3.44.0-7Daiki Ueno - 3.44.0-6Daiki Ueno - 3.44.0-5Bob Relyea - 3.44.0-4.1Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Bob Relyea - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.41.0-5Bob Relyea - 3.41.0-4Daiki Ueno - 3.41.0-3Daiki Ueno - 3.41.0-2Daiki Ueno - 3.41.0-1Daiki Ueno - 3.39.0-1.5Bob Relyea - 3.39.0-1.4Daiki Ueno - 3.39.0-1.3Daiki Ueno - 3.39.0-1.2Daiki Ueno - 3.39.0-1.1Daiki Ueno - 3.39.0-1.0Daiki Ueno - 3.38.0-1.2Daiki Ueno - 3.38.0-1.1Daiki Ueno - 3.38.0-1.0Kai Engert - 3.36.1-1.2Daiki Ueno - 3.36.1-1.1Daiki Ueno - 3.36.1-1.0Daiki Ueno - 3.36.0-1.0Fedora Release Engineering - 3.35.0-5Kai Engert - 3.35.0-4Kai Engert - 3.35.0-3Daiki Ueno - 3.35.0-2Daiki Ueno - 3.34.0-2Daiki Ueno - 3.33.0-6Kai Engert - 3.33.0-5Kai Engert - 3.33.0-4Kai Engert - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.32.1-2Daiki Ueno - 3.32.0-4Kai Engert - 3.32.0-3Daiki Ueno - 3.32.0-2Fedora Release Engineering - 3.31.0-6Fedora Release Engineering - 3.31.0-5Daiki Ueno - 3.31.0-4Daiki Ueno - 3.31.0-3Daiki Ueno - 3.31.0-2Daiki Ueno - 3.30.2-3Daiki Ueno - 3.30.2-2Kai Engert - 3.30.0-3Daiki Ueno - 3.30.0-2Kai Engert - 3.29.1-3Daiki Ueno - 3.29.1-2Daiki Ueno - 3.29.0-3Daiki Ueno - 3.29.0-2Daiki Ueno - 3.28.1-6Daiki Ueno - 3.28.1-5Daiki Ueno - 3.28.1-4Daiki Ueno - 3.28.1-3Daiki Ueno - 3.28.1-2Daiki Ueno - 3.27.2-2Daiki Ueno - 3.27.0-5Kai Engert - 3.27.0-4Daiki Ueno - 3.27.0-3Daiki Ueno - 3.27.0-2Daiki Ueno - 3.26.0-2Elio Maldonado - 3.25.0-6Elio Maldonado - 3.25.0-5Elio Maldonado - 3.25.0-4Elio Maldonado - 3.25.0-3Elio Maldonado - 3.25.0-2Kamil Dudka - 3.24.0-3Elio Maldonado - 3.24.0-2.3Elio Maldonado - 3.24.0-2.2Elio Maldonado - 3.24.0-2.1Elio Maldonado - 3.24.0-2.0Elio Maldonado - 3.23.0-9Elio Maldonado - 3.23.0-8Elio Maldonado - 3.23.0-7Elio Maldonado - 3.23.0-6Elio Maldonado - 3.23.0-5Elio Maldonado - 3.23.0-4Elio Maldonado - 3.23.0-3Elio Maldonado - 3.23.0-2Elio Maldonado - 3.22.2-2Elio Maldonado - 3.22.1-3Elio Maldonado - 3.22.1-1Elio Maldonado - 3.22.0-3Elio Maldonado - 3.22.0-2Fedora Release Engineering - 3.21.0-7Elio Maldonado - 3.21.0-6Michal Toman - 3.21.0-5Elio Maldonado - 3.21.0-4Elio Maldonado - 3.21.0-3Elio Maldonado Batiz - 3.21.1-2Elio Maldonado - 3.20.1-2Elio Maldonado - 3.20.0-6Elio Maldonado - 3.20.0-5Elio Maldonado - 3.20.0-4Elio Maldonado - 3.20.0-3Elio Maldonado - 3.20.0-2Elio Maldonado - 3.19.3-2Elio Maldonado - 3.19.2-3Kai Engert - 3.19.2-2Kai Engert - 3.19.1-2Kai Engert - 3.19.0-2Kai Engert - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.17.4-5Till Maas - 3.17.4-4Elio Maldonado - 3.17.4-3Elio Maldonado - 3.17.4-2Elio Maldonado - 3.17.4-1Ville Skyttä - 3.17.3-4Elio Maldonado - 3.17.3-3Elio Maldonado - 3.17.3-2Elio Maldonado - 3.17.3-1Elio Maldonado - 3.17.2-2Elio Maldonado - 3.17.2-1Kai Engert - 3.17.1-1Kevin Fenzi - 3.17.0-2Elio Maldonado - 3.17.0-1Fedora Release Engineering - 3.16.2-4Elio Maldonado - 3.16.2-3Tom Callaway - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.16.1-4Fedora Release Engineering - 3.16.1-3Jaromir Capik - 3.16.1-2Elio Maldonado - 3.16.1-1Elio Maldonado - 3.16.0-1Elio Maldonado - 3.15.5-2Elio Maldonado - 3.15.5-1Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Peter Robinson 3.15.4-2Elio Maldonado - 3.15.4-1Elio Maldonado - 3.15.3.1-1Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-7Elio Maldonado - 3.15.1-6Elio Maldonado - 3.15.1-5Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-1Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.15-0.1.beta1.2Elio Maldonado - 3.15-0.1.beta1.1Kai Engert - 3.14.3-12Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- Fix QA found failures: - remove extra '+' from sslpolicy.txt file causing test error values - only use GRND_RANDOM if the kernel is in FIPS mode.- FIPS 140-3 changes- Update fips default for pk12util to AES rather than TDES - Fix bug in pkcs12 files with null passwords- Better fix for test regressions- fix nss.spec so it works in a rhel-8.1.0 buildroot- FIPS 140-3 changes - Reject Small RSA keys, 1024 bit keys are marked as FIP OK when verifying, reject signature keys by policy - Allow applications to retrigger selftests on demand.- Fix pkgconfig output- NSR Coverity fix changed selfserv from passive to active, change it back- Fix regressions found in test suites.- Rebase to NSS 3.79 - Set FIPS Module ID - skip attribute verification on attributes with default values - don't export trust objects if they are default trust objects from dbm - add dbtool to nss-tools- Fix CVE 2021 43527- Fix ssl alert issue- Fix issue with reading databases that were updated using unpatched versions of nss- Better fix for the sdb timeout. The issue wasn't a race, it was the sqlite timeout waiting to begin a transaction under heavy thread usage.- Fix sdb race condition- Fix coverity issues- Rebase to NSS 3.67- Restore old pkcs12 defaults.- build nss for older nspr so we can pass gating with the new nspr in the build root- Rebase to NSS 3.66- Fix various corner cases with ike v1 app b support.- Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC.- Revert some policy changes the generate ABI runtime issues.- Add support for enable/disable in policy. Now if your policy file has disallow=x enable=y it will act just like our other libraries.- Add OAEP interface so applications can wrap keys with RSA-OAEP rather than RSA-PKCS-1.- fips need to reject small primes even if they are approved - code to autodetect whether or not to use the cache needs to do so in a way that doesn't mess with filesystem negative file caching. - add kdf selftests- Fix issue with upgradedb where upgradedb expects standard to generate dbm databases, not sql databases (default in RHEL8)- Disable dh timing test because it's unreliable on s390- Explicitly enable upgradedb/sharedb test cycles- Disable Delegated Credentials for TLS- Fix attribute decryption issue where the private key components integrity check on private attributes where not being checked.- Update nss-rsa-pkcs1-sigalgs.patch to the upstream version- Include required checks for dh and ecdh key generation in FIPS mode.- Add better checks for dh derive operations in FIPS mode.- Disable NSS_HASH_ALG_SUPPORT as well for MD5 (#1849938) - Adjust for update-crypto-policies packaging change (#1848649) - Fix compilation with -Werror=strict-prototypes (#1843417)- Fix regression in MD5 disablement (#1849938) - Include rsa_pkcs1_* in signature_algorithms extension (#1847945)- Update to NSS 3.53.1- Update to NSS 3.53- Fix swapped CMAC PKCS #11 values. - Fix data alignment crash in CMAC.- Fix coverify scan issue- Fix endian problem in SP-800 108 code.- Install cmac.h required by blapi.h (#1764513) - Fix out-of-bounds write in NSC_EncryptUpdate (#1775913)- Add SP-800 108 Generalized kdf- Check policy against hash algorithms used for ServerKeyExchange (#1730039)- Add CMAC- CKM_NSS_IKE1_APP_B_PRF_DERIVE was missing from the mechanism list, preventing PK11_Derive*() from using it. Add gtests for the PK11_Derive interface for all the CKM_NSS_IKE*_DERIVE mechanism.- Backport fixes from 3.44.1- Add continuous RNG test required by FIPS - fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor specific mechanism- Rebuild with the correct build target- rebuild to try to retrigger CI tests- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set - Revert the change to use XDG basedirs (mozilla#818686)- Add ike mechanisms in softokn - Add FIPS checks in softoken- Update to NSS 3.44 - Define NSS_SEED_ONLY_DEV_URANDOM=1 to exclusively use getentropy - Use %autosetup - Clean up manual pages generation - Clean up %check - Remove prelink dependency, which is not available in RHEL-8 - Remove upstreamed patches- Update manual pages to reflect recent changes in commands- Make sure corresponding public keys are created when importing private keys.- Fix the last change - Add --no-reload option to update-crypto-policies to avoid unnecessary restart of daemons- Restore LDFLAGS injection when linking DSO- Update to NSS 3.41 - Consolidate nss-util, nss-softokn, and nss into a single source package- Fix the last commit- Support for IKE/IPsec typical PKIX usage so libreswan can use nss without rejecting certs based on EKU- Backport upstream fixes for rhbz#1649026, rhbz#1608895, rhbz#1644854 - Document PKCS #11 URI - Add warning when adding module with modutil while p11-kit is enabled- Update nss-dsa.patch to not advertise DSA signature algorithm - Update PayPal test certs for testing- Backport "DSA" keyword in crypto-policies- Update to NSS 3.39- Fix LDFLAGS injection when linking DSO- Install crypto-policies configuration file for https://fedoraproject.org/wiki/Changes/NSSLoadP11KitModules - Port enable-fips-when-system-is-in-fips-mode.patch from RHEL-7 - Use %ldconfig_scriptlets - Remove needless use of %defattr, by Jason Tibbitts- Update to NSS 3.38- Backport upstream addition of nss-policy-check utility, rhbz#1428746, includes required fixes for mozbz#1296263 and mozbz#1474875- Switch the default DB type to SQL - Enable SSLKEYLOGFILE- Update to NSS 3.36.1 - Remove nss-3.14.0.0-disble-ocsp-test.patch - Fix partial injection of LDFLAGS - Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream- Update to NSS 3.36.0 - Add gcc-c++ to BuildRequires (C++ is needed for gtests) - Make test failure detection robuster- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Fix a compiler error with gcc 8, mozbz#1434070 - Set NSS_FORCE_FIPS=1 at %build time, and remove from %check.- Stop pulling in nss-pem automatically, packages that need it should depend on it, rhbz#1539401- Update to NSS 3.35.0- Update to NSS 3.34.0- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka- Fix test script- Update tests to be compatible with default NSS DB changed to sql (the default was changed in the nss-util package).- rhbz#1505487, backport upstream fixes required for rhbz#1496560- Update to NSS 3.33.0- Update to NSS 3.32.1- Update iquote.patch to really prefer in-tree headers over system headers- NSS libnssckbi.so has already been obsoleted by p11-kit-trust, rhbz#1484449- Update to NSS 3.32.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- Backport mozbz#1381784 to avoid deadlock in dnf- Move signtool to %_libdir/nss/unsupported-tools, for: https://fedoraproject.org/wiki/Changes/NSSSigntoolDeprecation- Rebase to NSS 3.31.0- Enable gtests- Rebase to NSS 3.30.2 - Enable TLS 1.3- Backport upstream mozbz#1328318 to support crypto policy FUTURE.- Rebase to NSS 3.30.0 - Remove upstreamed patches- Backport mozbz#1334976 and mozbz#1336487.- Rebase to NSS 3.29.1- Disable TLS 1.3, following the upstream change- Rebase to NSS 3.29.0 - Suppress -Werror=int-in-bool-context warnings with GCC7- Work around pkgconfig -> pkgconf transition issue (releng#6597)- Disable TLS 1.3 - Add "Conflicts" with packages using older Mozilla codebase, which is not compatible with NSS 3.28.1 - Remove NSS_ECC_MORE_THAN_SUITE_B setting, as it was removed in upstream- Add "Conflicts" with older firefox packages which don't have support for smaller curves added in NSS 3.28.1- Fix incorrect version specification in %nss_{util,softokn}_version, pointed by Elio Maldonado- Rebase to NSS 3.28.1 - Remove upstreamed patch for disabling RSA-PSS - Re-enable TLS 1.3- Rebase to NSS 3.27.2- Revert the previous fix for RSA-PSS and use the upstream fix instead- Disable the use of RSA-PSS with SSL/TLS. #1383809- Disable TLS 1.3 for now, to avoid reported regression with TLS to version intolerant servers- Rebase to NSS 3.27.0 - Remove upstreamed ectest patch- Rebase to NSS 3.26.0 - Update check policy file patch to better match what was upstreamed - Remove conditionally ignore system policy patch as it has been upstreamed - Skip ectest as well as ecperf, which are built as part of nss-softokn - Fix rpmlint error regarding %define usage- Incorporate some changes requested in upstream review and commited upstream (#1157720)- Add support for conditionally ignoring the system policy (#1157720) - Remove unneeded test scripts patches in order to run more tests - Remove unneeded test data modifications from the spec file- Remove obsolete patch and spurious lines from the spec file (#1347336)- Cleanup spec file and patches and add references to bugs filed upstream- Rebase to nss 3.25- decouple nss-pem from the nss package (#1347336)- Apply the patch that was last introduced - Renumber and reorder some of the patches - Resolves: Bug 1342158- Allow application requests to disable SSL v2 to succeed - Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails- Rebase to NSS 3.24.0 - Restore setting the policy file location - Make ssl tests scripts aware of policy - Ajust tests data expected result for policy- Bootstrap build to rebase to NSS 3.24.0 - Temporarily not setting the policy file location- Change POLICY_FILE to "nss.config"- Change POLICY_FILE to "nss.cfg"- Change the POLICY_PATH to "/etc/crypto-policies/back-ends" - Regenerate the check policy patch with hg to provide more context- Fix typo in the last %changelog entry- Load policy file if /etc/pki/nssdb/policy.cfg exists - Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy- Remove unused patch rendered obsolete by pem update- Update pem sources to latest from nss-pem upstream - Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key- Rebase to NSS 3.23- Rebase to NSS 3.22.2- Fix ssl2/exp test disabling to run all the required tests- Rebase to NSS 3.22.1- Update .gitignore as part of updating to nss 3.22- Update to NSS 3.22- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Resolves: Bug 1299040 - Enable ssl_gtests upstream test suite - Remove 'export NSS_DISABLE_GTESTS=1' go ssl_gtests are built - Use %define when specifying the nss_tests to run- Add 64-bit MIPS to multilib arches- Update %{nss_util_version} and %{nss_softokn_version} to 3.21.0 - Resolves: Bug 1284095 - all https fails with sec_error_no_token- Add references to bugs filed upstream- Update to NSS 3.21 - Package listsuites as part of the unsupported tools set - Resolves: Bug 1279912 - nss-3.21 is available - Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit - Resolves: Bug 1280032 - Package listsuites as part of the nss unsupported tools set- Update to NSS 3.20.1- Enable ECC cipher-suites by default [hrbz#1185708] - Split the enabling patch in two for easier maintenance - Remove unused patches rendered obsolete by prior rebase- Enable ECC cipher-suites by default [hrbz#1185708] - Implement corrections requested in code review- Enable ECC cipher-suites by default [hrbz#1185708]- Fix patches that disable ssl2 and export cipher suites support - Fix libssl patch that disable ssl2 & export cipher suites to not disable RSA_WITH_NULL ciphers - Fix syntax errors in patch to skip ssl2 and export cipher suite tests - Turn ssl2 off by default in the tstclnt tool - Disable ssl stress tests containing TLS RC4 128 with MD5- Update to NSS 3.20- Update to NSS 3.19.3- Create on the fly versions of sslcov.txt and sslstress.txt that disable tests for SSL2 and EXPORT ciphers- Update to NSS 3.19.2- Update to NSS 3.19.1- Update to NSS 3.19- Replace expired test certificates, upstream bug 1151037- Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available- Disable export suites and SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code- Commented out the export NSS_NO_SSL2=1 line to not disable ssl2 - Backing out from disabling ssl2 until the patches are fixed- Disable SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Update to nss-3.17.4- Own the %{_datadir}/doc/nss-tools dir- Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic- Install pp man page in alternative location - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer- Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available- Resolves: Bug 994599 - Enable TLS 1.2 by default- Update to nss-3.17.2- Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work- Rebuild for rpm bug 1131960- Update to nss-3.17.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Replace expired PayPal test cert with current one to prevent build failure- fix license handling- Update to nss-3.16.2- Remove unwanted source directories at end of %prep so it truly does it - Skip the cipher suite already run as part of the nss-softokn build- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Replacing ppc64 and ppc64le with the power64 macro - Related: Bug 1052545 - Trivial change for ppc64le in nss spec- Update to nss-3.16.1 - Update the iquote patch on account of the rebase - Improve error detection in the %section - Resolves: Bug 1094702 - nss-3.16.1 is available- Update to nss-3.16.0 - Cleanup the copying of the tools man pages - Update the iquote.patch on account of the rebase- Restore requiring nss_softokn_version >= 3.15.5- Update to nss-3.15.5 - Temporarily requiring only nss_softokn_version >= 3.15.4 - Fix location of sharedb files and their manpages - Move cert9.db, key4.db, and pkcs11.txt to the main package - Move nss-sysinit manpages tar archives to the main package - Resolves: Bug 1066877 - nss-3.15.5 is available - Resolves: Bug 1067091 - Move sharedb files to the %files section- Revert previous change that moved some sysinit manpages - Restore nss-sysinit manpages tar archives to %files sysinit - Removing spurious wildcard entry was the only change needed- Add explanatory comments for iquote.patch as was done on f20- Update pem sources to latest from nss-pem upstream - Pick up pem fixes verified on RHEL and applied upstream - Fix a problem where same files in two rpms created rpm conflict - Move some nss-sysinit manpages tar archives to the %files the - All man pages are listed by name so there shouldn't be wildcard inclusion - Add support for ppc64le, Resolves: Bug 1052545- ARM tests pass so remove ARM conditional- Update to nss-3.15.4 (hg tag NSS_3_15_4_RTM) - Resolves: Bug 1049229 - nss-3.15.4 is available - Update pem sources to latest from the interim upstream for pem - Remove no longer needed patches - Update pem/rsawrapr.c patch on account of upstream changes to freebl/softoken - Update iquote.patch on account of upstream changes- Update to nss-3.15.3.1 (hg tag NSS_3_15_3_1_RTM) - Resolves: Bug 1040282 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) - Resolves: Bug 1040192 - nss-3.15.3.1 is available- Bump the release tag- Update to NSS_3_15_3_RTM - Resolves: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws - Fix option descriptions for setup-nsssysinit manpage - Fix man page of nss-sysinit wrong path and other flaws - Document email option for certutil manpage - Remove unused patches- Revert one change from last commit to preserve full nss pluggable ecc supprt [1019245]- Use the full sources from upstream - Bug 1019245 - ECDHE in openssl available -> NSS needs too for Firefox/Thunderbird- Update to NSS_3_15_2_RTM - Update iquote.patch on account of modified prototype on cert.h installed by nss-devel- Update pem sources to pick up a patch applied upstream which a faulty merge had missed - The pem module should not require unique file basenames- Update pem sources to the latest from interim upstream- Resolves: rhbz#996639 - Minor bugs in nss man pages - Fix some typos and improve description and see also sections- Cleanup spec file to address most rpmlint errors and warnings - Using double percent symbols to fix macro-in-comment warnings - Ignore unversioned-explicit-provides nss-system-init per spec comments - Ignore invalid-url Source0 as it comes from the git lookaside cache - Ignore invalid-url Source12 as it comes from the git lookaside cache- Add man page for pkcs11.txt configuration file and cert and key databases - Resolves: rhbz#985114 - Provide man pages for the nss configuration files- Fix errors in the man pages - Resolves: rhbz#984106 - Add missing option descriptions to man pages for {cert|cms|crl}util - Resolves: rhbz#982856 - Fix path to script in man page for nss-sysinit- Update to NSS_3_15_1_RTM - Enable the iquote.patch to access newly introduced types- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Fix incorrect path that hid failed test from view - Add ocsp to the test suites to run but ... - Temporarily disable the ocsp stapling tests - Do not treat failed attempts at ssl pkcs11 bypass as fatal errors- Update to NSS_3_15_BETA1 - Update spec file, patches, and helper scripts on account of a shallower source tree- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build3.79.0-10.el83.79.0-10.el8.build-id3cc168ed4daf42c5c2ce5e946d729a8bd515173dlibnssutil3.sonss-utilCOPYING/usr/lib//usr/lib/.build-id//usr/lib/.build-id/3c//usr/lib64//usr/share/licenses//usr/share/licenses/nss-util/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpioxz2x86_64-redhat-linux-gnudirectoryELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=3cc168ed4daf42c5c2ce5e946d729a8bd515173d, strippedASCII textPPPPPPPPP P P P P PPPPR RRRRRRR RR RRRutf-8c2d6e698ce71c62aafac824d6737abfee92b26e24a82f5b561b3d073f441b079?@7zXZ !#,] b2u jӫ`(y.SO`uCxHw aL`%Fلwşf=uĒu\+ >d'II[,$V Ih7p Kͻ&qdv$1;0$ZoWeM;E'+S(Q#zϦM "ƹz:zFli@sr%;UIy0@ѐ|ϓޱ$d3`Ba{U s#Kl9tsSKϵ3}?6CMP*}+dIC[NrٞaCQs.X8MM ] ˎ/`!j6 ;M f4 MZ&7S!ZuPm`p#mGჷ/'7nsur[E?^k{rѻhq/<_@TNE~;0KmDLp d._=cL<ɚ6ܲv-Fn!l羱P~eTRZB0ExD-*+Kh]~~dg+vL 1iOs٦{ Ԡ IB,mqaZu߷Y#L\*62L\ˠv̓(CíS7/"]V*Tu9Si\hv=.n9M %r[kf>#Pg S) ]Br؃>[dБQgdq{`>@d3i$6^^amR1a/~Xw9y}oT3.QloʧxU)A ]5Fn䐼T+Mݝ6O$k]nO"_+QR|"\>cUTQk`/l`(fk=lF0 ]חG\؆xxb,Vf~,J KuwW@"-^> Y:34htb.ȶгrs;ϨB7MߎƏ(9x@4,flYjxJ:!*Y4oAD +-bmS1;,l@Wsx`oxznUDgx;x|UGIxOv0M/$(G-Lv%1V~ub;pJnZzAl{w5k@+Z3|q_ƨ_(ń#r.)m1P ظR x+VZWm@ Cs9q O2կ<y'Ðv`LY6fΦ>/l!aT+z@|#G<\Xd +V/ ;J&9ȳKeKv` >V2Ն֦ <Ldߝ4>?L% Ӑ.f`\#!¾?_aς,;[}b*]N$2LŤ8Uځdt.{&؜XF^];飧V+?5.הx Z2I-+!O9JM}M:lwB 7*a/7br*Mbu\ՀeVn(KEnUNM[lab&Oh& ҧz.Yʹ<2*WVF?3 d212Љ75SДꎓi9!K21!\Mv DhD,4V*Ȩ9wui^rbA:pM 5 B{ KKҶ H8z(?ྲ<yR(5O̒ &(x@шcH׻FfUz]dQLQ` hALZв0Di/sfՐs M ] Q>90\Z>?g$ZkbeZcA‰&'5+גV}"L?b߆ԝƭ> ^cI+ &XU=rZ PGW: cg6#G1ϭUHѱ&a4>R!BJuņ|r+}„6nSl :ʁNfφImn5Y+Ph4'WU )jU<^TĠ1avaU +iuS ag4?UwH5f$:]JNՆW(ͦowvrI9FmYC1+qt1] :MÊ5[ŏd5lxySF'mQsÕ.#W,Apk# K=*Gdڼ$F}) H^8 \9 6]N-N!=_JlUZBisJ劣r'ES<\2d\I5Wwu|kpsR(A]\|{_r]˿=8DT2uC]ū0v@1oڤAhC"%:j) @fn['zz'5C ܹ>hKm95 /D{ kY}$Hn"I+bGu]W4_ȾBڭh1!{J}/v: IŌ.<d!Q'f4EG'}1'E}3' ( KR7 .,GԔk%H]&lSpG$_Dsg,q++++(:}O{#) J% &ͺ*BWm2` X??k囧ɻz?eNV98la 5:~n] h} cטuk;'Ʃ+kB"b8!D)f_D^mMm24xPzs>m[\$/}T<pKނlOPkFQ'WDJ+! eE>:KDҀ'yVIA2!լř/a0m݊H _& L]gմ=5EJ,D @C=6:.!K0A+5Y=cJ1_8塐}kErV3O#f;n yμ9!}/|"-Rcv8/zcAj&eʋǠF"JdbkpsJ B([X"ړjK TuJmx vw*7py|$p⣑k49C$y]Uƴak?țVLLnhf\*7u' NW. h2^]hw()(lpxĚL~༅A3|԰"CIJB3 8 K(a=# M5"6 ,chܽT:*k8 O:ϥx{!(KR+e#nlo '̮n`,6n"H t*9AgSdbagH"se^gE*Dv+_!`G& ')uJgTByuԊNOU^WD;u b.(PjϢ㯨DkyNM꩟PNm+ 9fl-%ٻ|Mj$wpY\"9HHc@Џ^a]]+%j){u`j8;aG[kM7g4#A6]|GaAGg^-el)1ratO,ߙƶq 6ri)0gمK+Š"nhi<>&TY%M,:厴-~uUyKќEG{E> Se'el,?=9lGj\acFJĕ/` O%oO.#PDW}?S=Lo/[dwD_'9H? ۱8uAԬX\f@Q@oY^6=fܪ﫭"Y{ŋM D]T&{bu۩^g5,@i('_ſ'K@>^6ָyExz8 WxesDÙY9 ->O"uvUc5. #gS.VgnfoM^:0o''M:֮U9Ce[e_z2}(-8 { nO( I{gtH|/QY>Q7, bCqkk&⛔ 1,2L]畽FXbY}#=!z??+ko;ANgZxٓ8o 8vy:zFq[&2"##$r Rc]wA4~fHۦps u 8GWic [= 0!(8U']@7U5+UWix )]-ӫYVU|m#P }1q/ 4 hxXxC;4ͣa,8^ 5wȃ}8*'7u=#IunU@Ik7P!JQM@hyJ%J~j\*`A+-asQ72 ˎ5Zj}Z6IRC!-H"ՀqSLC Oڶvڏi\k 2@Aiqr8DtϠ|Ky.Aw?4LWI֞* ܙ4m5z&%uK!OQhiV2Qrn/cHivbZ}A=ueSÎY[pn54p},;VoނffHkLc(%@qoYnb}V}s!SW+< .z%*.Mf)4¼9tvy sq .R^KIpeЈآm Eݖ"nʝFPDm ``}؝RDHnaZoZE5%lRv<6mL_z yƚ/=֥R2@ ؋h[#&ɖN iF 9b/;q ʫGu9 !i۰%D9C1y\h=p)}g <:vUG]DTy {}qhp C1S %*A~&]Lu,"Y裫;lʯ7nx+NA4}>Wvz/p(#+Y1h?Jg#\xB`'\}q׿1&5Q9ONL"Sp>I3D?Dt*PYB\[!ЈK]%.9挮^B^"ks 61JSfX`IJZ[jY*$JoyX[V"Ҧow'p59ބA$*DԢ4$|ZA׺шDvOp܍"py4\H֔joPXe4& 醽GLo=^mmS$oփN~ 6;!gҘɉ")IAvp Tر&Vla|[lUjXNiܐqDA{Q9 ̅obOU .{LYv?εGJ_kߚ&#K֏RR,`7K07 u%>値?;{@ۯ)DsD0)ZpC6wq{)ӟeo!l(s[W L*T7p8@,R[elC^ ~gju# e?=PJi밷-aX/_'䯰cH]Sv-sڊ]kܽܵBe?YZ.ͩj -|x{ޠטspEʳk[\ݱV ]h6jY:Yg1Vj}1ЍVѫJ@,G֊FżC7I}uXy2~<Ѱ}VL fZRAKڠ?PsX%SP*يr_r:*R#0@&d9F=M"Ȼ|vx z(^ V6F#&)I9oLℯuA#{qs,:vVkh>_I%fwWsG$*4[ fd輿dnWFo܇3yh9i-(Fv--/ ::yJN`\,~") lVc(tFd!"D).NŸto/8=)S\\pW3ީ;'vܯ$@ýCW{hN׈zZ4p.3U3:^mmQ3t5,!ϝ-N,_(嬶,@tʮBkrpBoݗ,iUeSQslDpg2 &U%oǭ)WmYXu.~V^D ˨FHc$Y8[Xwh$AׯpoB:s P^1A!7YNXqQWx1 O;Ѱbף>Փ%s!AŅ8c&JDRbF?+\sI^@ z4tfkXGV1[djK[Fq.wPǦ͕aiێܛ3Ohq fkߌ蓦V3JffwCŮ`OY=ux.@aJ!A() Ioq}6w[r@Fi|yÛ kR])lBH&5p ;E:KۥP5ju~rTȑ?4+Xby&* YSCnkN`q1W҇)1'Ctebݍ2&i5_uK`/cPtn4V.7Nh:,:F[RbK̫LJr[q(jba;#킵 "78 ,~yLd~w˃1({pn^}ePF.xekKL(Ҕ[06 ~wx-==.y96~b"[4-jV &3ah୭=*/Do7 Up$makܦuUłꍻ8 #Tg;?f-u k.f@nw[W:H+b]tC1 B' /B56' i@6(JN؍om#ޕpY#{m#6 7$Қ Sy>DBsØkf[#5[6;aSld`T~OdQLAB"W<:E iRdLw%A9#Q&t2`%*Js,S;~ni+n(#<@)ⷱ]%G&6(>J~Wm3r mt)0~t\b Nqqaxj7!1[J)TgQ=k]}Y`?!JwBFS.>O񥖍)2Cş,{h}ve+ڒ>y_[[CE `ok|ς?VG#^y="dQeuwB )A ݨ? žÌi#yW {vfRe5*Q /50"wFHĜ-OVu2STEYԂ [¬O- .&D׼FV>hbmc`Ws$H$ l=|qd[} @>g-BOE7yV>E$PSң=)dCq8j}v DrEK.-c"i2XDi}*c&vyTKy)j)Űy7]qL)*|< I.x Q+XT\zBr;m pu6|wZ el8+RHJ >HvJbi&+p Zb>O>?he>gYR)f;Nq^[;v`Т*rZf> veCa>pѻ4%|5| p)ֿ_Zas7tWs2ZQDɕ_X,a @>{~R#' 3f7fjA92A'~8NM_q $LB- asV]BO&0hEpW& ,BZ؏XMM}Ci.СGc/}ݧMZ! bK=o w!,V+]({=ZӝӘ[t5aH'1!QeC ziYp )RG~b2$t .I֗aS: ~큲yf1K@f 1+< 6OdX0j;_~A}MwTnd~cC7f^v V6_ Ui5wr)Ay,Qi8\Hua2ΚANqH$i gl?_-K![ti+ x% i-; B8> MК Rv6Y)ξ hLy(۷7Vc߆xL^$|@S@AЁgEqlWx˸|F`ƒqaDbVÏ#0eI<3@$0JP8-jVd֑'dWtX+ڍY{'h6|oqNF|0݄uC !r46ٹeeIsIbdrnMSDӮkrJ[׭Y酀W.j,7[)-E)j{&]O۞%%2Q&C8_ojZ?dps'0@8uƹ\CDR!$CMN-7**!M)\Pپ <{(n%V3juĝo>c3VwN *_C׷/Zw-]5ʁs:m27K''M-WNn-Mr"NltPsY4>ިNJ ,+߅'9i0>jիCaS5޷1@;7)ͅY7 IXUW#̃bNLI],EͧW9hT"/r1jxrm+B`q2hb(Z%8eaT/-NFSg,e)g" ÷3]a}Qn GUZh%]~dF(MyOw)p^'&;FˣeِDC>cca䲗 J,OY0HP۔ $aݳ[` [hl:[SJK_ 7{'6m'>]-I=Wݻ % gt94' OC7g&D7 Vf|.g(E䋏%ocPԅt*ז*>$N0{b#e(D-Q~?U[x||@[1{cz 5ciZIP_Sr~\ g7 ߡx[qeGD['Q)iܕC"-A@%V=-:b+]B4?d)Z*|ắWj/tÜ Vͷ@D NI.`|3Z fac!lBQacTWUs庿ɠ{GnL3fBubH[r~=ZOJQzt{}g=R4/Ɛ 2!D4P/Vl4 rLfP'JWEʝ)|?-OһDwƋk?b;bB{؊*3J6ڔL+(fXŹw4tK.# ըކk W GVhcyk"U\ /xdFn y̋7o:&?4 hH[L^uT<XIK$Ǒ\@Nx%)X4mBhSA;NrB+UY6sGu';#Y"wV8RF)ۋMur?-OS)5m3uToˤP`bP X\ZDPĽWEf\ԝj5t~F;_J*mtEDy>,C@0u3 H,܀͂8NxNqknl#Uq>b6mjĸ{xϏQ<:ڰO%b#gKMfIvk*Gg 19cjr"uӼأ.LܕU jxs{"j9&j_R#l`h.q|\A).:DNM_P}?-1GcO\"ˢOߴ0WrY0V~m@۬IVs 1+{>?(@kQH 8^4ۊwWBoF-w`kka1:tO_y.OQo[-/|]|n4;PFAnۜI7̴EwgV[U:MNqKtJJ=NDfLLl/0x"[Z Qj` b_,*1>QA*ET[ESag"sDFWxB. NC33Z ʆ?~{,0G/ @3\_#$1@M>yL=̓xj1Ck1мPYW*v NJY0gU@!]~z&7Oo|\nۻZ5-?m6H<7SaςK(V3ngGo`WPuS}u4GVu򐩈zdݎ+r9nL;܂S#ۮ)S9eKiƣd㸫3wvʶ6r; [T.`ӛGѴ  y,v d<eۢXWG[% Mk.5| 9,"o|%cZMPjtr{iIZf{?.qYr\eoPmlc͔,tT`F62!!#d$(#b,@:t$M] FW2waYЛdH& }1Y)%ȐA %rL,FH\UmYp nqM=(WGV^u"gڰZShOۯkWv_±@3= (x&RCvΝ`#a^w>lm(bx9IGM@d!l}V\6.zٲH~cF_YI..'{] fv8ɻվ5 LLy mhW D4۸}3s~x$5'nxCꦮ8Tb>~}d-_F -r{QR鳶5^sH "'-HK<+fyqs䎫R<8mtNz!_Lf6rk{ ~an4;е' E‡v;&!B zqni~ &WB|!l*y'؎)c.\&~[xV=nOdH6 P~$SV.@B)vMJGc|ZB!R I#3vW9p6I3$*vg~w&?"Bh\i0M,Q)i8Mu\ u /LnUcdȈڬ$.Ԝ#QԪ4&׬`W5W`(5a5T\;ı"EH^-@fMF;VeMF ܥ͜a+[i<#uku!woj]"䰸7|!tC [u4d{#H h|Z}@dNh˲ˣ$u=dnx)G2`R&ec2≓oBzZAP5*D^18@t, 18tAu;ܽrXf4j|mZ2yK3ŪӚ#X]xTCr@Ğ)8@] x-A~)P9|J%̌(ԡ&V]Jљ_VI ?@ Hr^}vvC فե?y4^Ӕ@u){4P'BL78l2x6TTwd>F`*yGL'c}2@?s)Șe!Ot v^1 ݣܲ[*Vlrat\rlI>W% Vϸ&C3-~tzt;)mZ\wȱw I.^/+Z $7`;bp x] 6o=jLdԾ r 槟($<7èEI#K ql}K޵\ƂJOkBɎl^fAJ,<9*i+ ,$ML:PxD²TP:`iALmbVrS9+vs 'G9P~@ak|]: nfZyEtcTx񥄚[1O9\9=! £t@AMEآsՐsI<S1P"1o ʚy`01M&.vo՛9ƄO-zj qoRΰ"XvV+'P'-f4HS@太hΙ;@J.#;o[|/0{hΛ=վLdwq.k5s S)rs(7p6⹑^̳(MLk(W_l/2E)aiחN H"DB.! \Po.챎P}:$Ji)D,C}q\H`kiI a2B倐$wQTkldxa/ *?T[I?^ x#\ӵ"=}c;25<|q4~.nZhԏzhs}nKۯg`{RhXδe[^Cw{n@vM^.[3-:7z{.1^ƺ@;RvDȃ1"?jZCcmW_梔$}f9rvvr0T +'@K/c󵌍)YRFvE+VRd82tj|LQCTn 8u~L[]}j܏1q{8#c:^ ˆśAr*By,nT"3|85j(~;|cN+c͢53K9H9NAc;QZ@J%6UpWB{(|!v~^ h;2 |{z؝jÒ{uG/D Dܤ@B/F0r`]7_6 JGd/ofy|/ҜX"q gZ-8VtQ#g;|>שtbXJYb7n@ 3,Ay̫Ud ]u(:OTᨃog@1e;(4uX0HP*kɇ2b>t3 30p\4oKy+Y8ЛGenV(k p͗hUpAc#㳕X^Le3=0KG/-NZ#\SZ)QN`IDY k! VnN&pNQɾDUh\Ea>}ёA)IBPsr+f~c_"Ͼk5qv tz{g:xlcVOљv D')f'%U¨TVr+^9{H(,Dˆ3^3\3 N鹭q;t_V(Ply8a\ãy*`bٓW(\D h o׈L,G c6d=Nk(  y>ENIlp"1>C!V8f$R5%N^)plcSX  QNFi#&=}=XsU%`qVn6@ E݅I^ ,Yyߦ\pAӦcY? sb,E`8"i߃At#]Kway!|jV뺄!˺S~9ٔkWyRE#yLWSwK0( Ì!NsDTGz}d%Uv{/c+Ҿ塉붴y! z&Mb_l B E#}ny NEF9?cBߐZFճ8ؒ ˃ޥ'۷4|U˫ps(ǩø>IXPy\3R(at<F̉nUU]^faJ}VpR]]npbg* rs_SZqo.HLAz /c&{KGnB':?&Һee6Rrh(%iSTە~}L I Aғ뫥/e)뫲NřQP#e!" Vz_8O7S_d&5@À;"I6YNaR6_с uk5?1),sM|2&l,p}QG8r70 5·A#yu,yӻv`:LsN7Z_VKϢaV{ (i6fXv%Й⢈&o,B>(B@'˵<_nB-}tM YӴQ595\/$Dq3ߜ#{㩤pny۹A?HҁD)oT"\V6Ê+64K6r~>s5+4f >Iښbfc[wz=TJ[ YqmYQlԦOY3e,dIc7r%dad+1Ӗ Kdq*#kB(RsL t4y]環mo7B4N>ދc0wfQ~#-T>rqv1Rң|k B{q3H (ON`o<*TQ*h8Tǒ79ƁwDc7{J!F*'ӵ K_>9|2. hb~}sc0Xpa`C5 vR{q\s@w3g%ŀ6•Waz=8>fLx^Hb\R9 )=hG B|?~Ɛ(y*f:[\;y`=Md(yd6i_!X3O+v*10٤щgŧօf+Dyx.Kz\DzGl(NVaNtQ_0)(y캳BviՅ ߪrYr!fΡSsq#_Fdu`'MN_[ =Yԃ$%WjiDF4#:pYlt}S460t^;Ghx\`f咐JlNh#\?ngD9A}ɗd̋Տk&іOu,n6; ǰkad $-/5R*z.69-9V<oQA gܤD͍fDΝ4~UGoczǜ4Wbz {UrE"A l:4߻Mh{BX2#F沸1T.ѿRvmTڂ:l֮gR'L7~mt錮2bF%8tɻ"WKx,M,=T T8r0At+CSk'ò!,` Qq-@s]]'=Z<Ŷ׿R-}0@ÍĂk /,Smq iJ,Ċ(_k!i]}4gg|*.v\x,2CcXNygl T] ed|O#NgA7]}4 C1I^iF'B~TՋMM4rYZ VqTQ!X)J0wf))z-/ќ90fݧ Gb"-ٮ[wz оzhFⷉ]88.˩^[nZlC70ZY"tkSo`+#Eۛgth(O/r~X*HMorZGcBvZ)v ^ YVcθt #zdt~ xR)a'!NɎOAq+>JnDjW]),/en$Eyp̄wf$y\*B.i0n'tI ޚSؙww’ Æʑ3 v6ˢe.07M\2 YqUMRBpa3,iK %oJ E6Xbk@RϔW^qa;l.& v -Yκc7%z1~}Na>x1ꐚ \͞E/p%W!||@n`ifpD* HLFE@6x8D dL[[WTs } }jm7g*#UI(s>^7n';ML 1(kT윙_ry̪{9ųT;fa7 xRyLJV6֩Af~tP S{{/E͟mA՗&Ty- PIQv֏75"SqBu]sX:vD3H fV2"bK|F^ 2(pw֕һAzQA^R .ǿDh6%jE*9j6}ĢVEHz ɫBl•5h&kQ̷(_RzjWw*bٜ{iQ@1/?OP95G|:3xHRNm9>gN* '-<Io>obd<.Ţ, s&uя6kX.AH>ALWܚ]r z 5SZlߋ}v7O`,1G9PhDDr& VGYtC*q\m%¼ bةJky8i"{a|lRwodUFFgF_\ٲ0Ö ,%/'4#yNRߠWT{NM{`C|'*xs4Fxߢn)֭_--0'#md`y|lQ\C\NN6 \:m{I%fZpj ޘ2<6 K: na6@T1hXa,b%N?ٻW/l4-ކbI4Nlx{zV^q6ܝL7 @: ƒ_Ջe#'x{p?LF~vNSA;'p04\!YQ!0_"aFD#piޑf JZSHPK]#DMJ>B gX 鴡j^?F\_B0l",~CYEDfX,#}F(pťNճ!#"  ̇l*nB.*J nݙ?Ȟ6 8*e ]΁vV b +l hofg$sy%Y\.ۃKn~럛Y#$?(JAكai2#2qщ=c?PZxYa86 6G'br9 p \4T:ht>tHE:# Ȝ~o=Ε&yڷ Fyۙbu;ށMmw-켺iqv*ܷL&Wի΃3:pߨBr,5IFM҉Ql5i!I^^#VMiFT[ ^S[ȍJKHi9I@=7ztqfDlb8[%]rd)jA Se> eH jaE6 s]6b] 9La' ?+L;Z^hPhգ {Gk(0t>RB˯ъmoKHْ5/ kJՐ\0ى8pR1P~[U,F H#u(IP8vE[_gJkK| x4|[^3%Gc(ETMJ}s-Wui%ԢaRoXAxqD6*]Ƙ4)q>i+:%(*Ġ%gBGNL?:L*lDJa=aLm:g!,M OtyQ(C6,_n;{|Z ؖ09gEN hxWVnynʓ!Sάz/4#a_tJw-˪Rξ PN_ EθSr$=ҧ߾Rs+2@>U0$ :c׫2Xϛݔ$"\9VPغ؂ /w2GfC\.a(SfUpg9}z?H J jHwK)ϖmزinnb 9U3)#c,ǞP;U$%KH}u1${*mh"|lGBzze0Œ2[iix D樂IYWY4⸪:] tKqӋ&6jۿ3D%m_JاYd)|v Sيdz1VdcxG@[+ʿaF߽xIsHN{"I} >`VfKBjx ġ(o(h ,&U<7EsvW᜚?rLʐ4X/ mREu-T# \XX%7́hK1m+E2Ɨw^ <˞\2R-k`Pƞ:vJߊ'9س,y?@]˔oKFXWɇrx"%8<ڐ1RVCTyOߢg14DEXy)Y]eYXlL\BZuFNR.g&&u^<^b/ '{r=ԝ&?p > : K.]}m3qx w4PWMHZwAqƔ-y}wf8&-ZYc6s{s|QY3,|íI_3;jkA!O ɵOz߲=n_La7r2vJ M'_}pH*1ƨAɗDT[oPGHatɾ#f-G3-.$DY9}e)DJ FkV>E->~jݚr;I%sHQܨ$CZH4Ս-}Nj|&'-Qެlf:k@07|&xKvTPдL5txx> -奣 RپRHO*!}~؄%`k:hf $"zw~42XBtqC}cjC}i݃\)Q/m]dݳ\ 7нX3@J\pDI! {WL)gB$s~#P=x.<Nq:gZ$8V2Q[!JܑTI: z̍!q|y]AЊ\33QAD!\8$%)]T2v ~^iv&u$cpoZɳԹ%z7c\,K!JX0-3k ܟy K-p?@d]"]Są ꦯ*ѱOP}VN[|6cPoCO-eNGaTiUsh #D娣I/'>[WvwxnBqva>$ ]:J Iw5T:C1La= qiz2?oQ8cgOALg#<mpf _<BE{J+-Sl"ř{Yh4';n>о502@wB^,~;jT@J0}[uB^L}GNSrJ-L'@!'X9c0L<it hIĄ Ycw5m64gey*t\Ummس^ȃ9=CUbBk8,r RUcc@Ou'L8 Oż+ycQ)֤ ||p~?pٮI4o!eD5zO~  ிWpw/N[5#Yc>/n%f>U?Z3} ڜ z&B?)] o3k:cp$26/*~Јgetҿ@N#~"Uήd+HuI5CO`)5W! Qe̊k؂RXDBΠHhMf\H >cuG-\~oۃσMk& >}ogS o! ۆ!J%rMi+];=%/>OXRz WႚQ{`J'lZ0 t:&ۗ=8Đd>Q쎅0_o Kd!pSΔ.tO Vb5̹m*0NNHəD=_%w~6bSImNtm3A3qPCN֥nKa6PϯpӖ` < 's@%:T&'U PJ0~nQy/=Tލ+ܥJҁT TTJ{uq\{).R1ViÁغ\Fc0 j|A;B!QmðR~ Q<05ZY3g._)3>VmтX?\{8^T҉ <V> yX6cdL; 6^||Tj3.}e&kt]|@Ȗ85/* ۆχ89KfK9 w;e?+yhgf@SPFdh$-CF9]˺άu`aI/{ *n<'GFq.S2WJf"u76x]:ꚾڏ3:\:o_=7@2-*" ǚB'df d._,]I`{@DY}j/W5 HK7gF ِ 7Y/%j/ gGDFRf1LN%XY"X|KH2IZa t60fdmSw>((Z $xj=}D\ OI0An&-#Pخ~Aۆ͝Ĩ h"5>T qFAU8?Ox4;MxJ *@X5~l*>"wm[T*MmD&'`yI_u.i@ñUYӢyLgl; B 2:kB'\K+cz\e`ODZ|IE C&5. )þֻqFHf2ȁ?XwȤ;^ YP;_쾿MFs~'>\ao@xb)bԒjph6STD|X[ruIҶƓ%_[q!(9/i+DUN%UɡzRkA (Cʄ) (QL|I5:/{=Y4d1VE_dF$,peng$tȎ]K*'U}옶=#qj g'ηԲr ?ڒNףH]L33b tN+ YOڥOʃu.DTu}m; םL?` SDñV#uLM+Ӄ.ˊ4)]ʁUxRϋ߉غlVUA VH'yd)2+EFz!_B <#qS*@>3Z1SDq3KPMA@k,]}i9vu\`chXyÁ5s%EVݶʼndV%tLZ=JE4цЋ&O{ 4Iz; kNL 4#_Su*(g ba^\ĴI;V&Ҷax\w!`ЅzetE7WX )In^AM[iԎg쒡B }4%530,33ɮ}ϡ{?2{6?n_k`L ğbjV4nU KC)xem 6 FW}ynɍw* %l_K7# zEö2Jݯpre'@XqVPkIteHHUG4}Ѩ:TB˿e݂6ZgjQDv5C.9͗f2:_lk]$3c:x͑kau)OĚ2{=rV`rLU(?]{,ֺ^lg'Iy8t!&(i{ZH(>;TGgSk<֙@5BBjP"Lw3+~m&U ln"aQJuj\xw A/̦0cjL*xg[(}Kv6;Зs6 )>U0}XAyGR5~y*5\^> m/&ap4^FLy4sͤt@:A5Jl,h- PbŠmޥ$̕>0Ÿ!x  XD{\(ҖFObW1`fحF]ޯ=AG8A`$\ Hnk*kZ[s}CdarP#R %l/oQ!+z}Κ;+˭F!7 {p"tlx+bZ=N+|27R_9y)"20?L)[Ww`2LvШj=I>/\Z1ԓ;쨌2gr1ƍLūWø$2a:Hq-]@"a^X8ۚC5݁oS}Nz>hC:Ou8^CD/S+]QLadUuZ 䁊fӆkZ'X슉{ȓ>4:.QMwN%ږk+dhr-ԆF?q]_6%Q)D}NbU^L (`IOl3M'N$t%}4L^zy"L(a'أ$q}ZžoY9D 7]5fJ߹ ؇{W0+A0˔03q {_h_cT1Aa;QL ֲGG6lOew4=f9^Z2Ag_p~.^ph欎̵Xڬɠ41Mٶ>5wAne,syAgT̕/>S][v ꐻ~BČڿRc)z EvS emc49=`X|Xގ[nC`ytY!6Wo]kJ2^a) ;d!DeQ񉢋l]}@*lYH HiGYI$q;]\$b;y-mN]dy6/iZ9 %Qu),\͍a P!Eg _8)]R,dc-:bG\4,`2qUdj -܅A%XDY٪1B=\7T)ֈ\$34X܎g 9Tu]_(ZvD4Txγ76%=d$6~|6 2myYJ._͏lzHyf-!{Vk-<,0nH)'oIFSP]rFE1g>Fm]?;8~]VÆu(.l7&+Fe/1۾-cI7,2K/Z%^oH-R$^+Ob9 ͍=0!62Ƶ+`K^8d;T7LSǭ__^ (+?b:ة-k ZʽW(U@2.hp{@һzHP>4!;b rr'q忹.4Ϭkc mHeLeo*e yzy^y9a]I J#b uq95bO6\VkMǚƁԑ=O\ e̜A}ir|IO3/kq4Es/|WSŀa :;an7e׌QiM#!"r sj|OV/?dqQQ 1aX0@ 򞃢XV1$H]F8?%L/MR] j$=)~=:_>p=R[ šRV\33}Rˍ#`@˹F-Hy3QW:\-7 ]upqXXɖc"LCM#.B#%Ӥ@eR"P#߁b PvM}ZPuu_/?"qT ^uvO9~,+,ąmΓ`oZ~TԵypFJQD7beuU:6:0;jdZP ( aަ̟"mͲ3>r+:ҤmLA4 j۟HHID0Ӕ+[hYx;Kg 3ಬFuX,-؅lX-퍙z -I Gݔ[mUqYxYlH̺Zcz2Qy F.>ĕ}F4@ZpF(ƫ=ȒR'WG̊Y7x? i0B9 Q)+(T J.1TutXrj/?4 H]{:-W0PC:|1H~gF0iő }Jx%m}2 $vhWb\GoDK&>Aڊ#U4Njr@k1Q lJ`6 $],8# m5vJTt+c7N8 (P{P1yvDN̗5'?( HsMy:zW 0a֋Dk1e௑;;o,uEks!zSuӣDAʄUa93y T G+G gB`*[n 'Ú[AwRQjvљQCRњ gR-=&%AB\-a+ (O.ǰmӗڄ._{f%)EWb[ S82zS< u򥍯yW YwƷҮ)*z}ݚDUUtW8 I!aC}\G#^nP ZQ2BSK(};uع.Z4;ӳHM^H$ 4qh@57X7׺Nl- mlrua.o2<NjD(7'~V|u;`3 f?=i<ׂ[Dv2C[>ZT{BP tC̒"5ZbUJ,BUjG ޔINoV֌$9ɀD2TPYW`~}(a. >bZ' @h_9d} ]_$]һE6 ZKo1oY_1:P .ikZ "YE^*oG r[[z3nc\ UGښ⨼@F̿cBR,@n hF.jڟ Kneqpmo|}jI  20 IS(CFtdtKr|Q^ٶ`i (aߣw8f<=[t׃l"5=(إbsV ҇yRV _avDfJ o8L`Uٜ.7*B RXY+6v#jkq<DOJ>Օs^bvڿj{,)-`~^ );7^gnTgo]~|lȋ6*Upf! E5ڰYFDW.ZcybkP̢얼Z¸P}й'3[BjZOe|!X$g$%B* vM,/{3)Vy%6W{jLP@oa]o~W3>ݱsAN=RNL b" ^'>='<N X6۵ }ݓ 1XG'Cy3{gD|3ASgݱ{yf…pjd*LjHӊ<$L%3.19)"A53.YJ6O@h&X1o$2 6I3=8WTwױ8=>:hMptgN@?| BׁgQQN!J!O]/{v1S\ IZ;j;졎7LFjڍ#3{q`Vx,:?@4y^Ks{;_Mzp.'79g0;}BP2% U q. SPweˢ#=9U&ѶFoG4z[^IWalkV*ʃ}t5wmKRۙ$55P.'n&"DՆ5 F)y7ه1eyliNv1 RN;LDef0T]%k1"ni,jqwhcݽk,#}QX†"3wG֢Fz=825L&a7*o[Q9a-(veS֬hJ/|E&JE0P4'฽Emݨ$MMKb.BZ*)ۦ/Rd 눧5)gNC3L8SbJ 9 &ՠ\ohS(xO@W@Nx:fUku N rmmMahzmEBx)ʽ*Wp 9+ ׈U=,U+k~>1:nZ7g<׏^r!hh1^ZyxgPvk:|}Z1bA"ͶB;QG^rpbSO`uBcHyq瀦I2}lh˨Q W:7^218<8o`#epڙgX=Fq&6Kl\Gkxj*'px8aiwVM͚lӋorcp'`C@ےrii*neժ&|PiGuЏ_ + Y)øgJz&( ;$H!ֆrY\O=:E2a7bt?Pz_XV^ ( T¿B'c}N*zi*l+@ܥzZ +J3A\N )H^$orvq`;U^\!hs]VG|ཌྷF@?N&e C _]t(;7bR|]t5 EXY{q[?T)qz^|%z9 3*^mG;\j,̌ ڻɣա:a"DZ,H391iCM۵Gٯ9VV H Q<º^֞U#_WNǢϯ }g3b,ZOf}tq,hցqia̓ٲQK+`RJI cGtk&-e#/?33KIȵ8΂>T2 %m:o?g*IQ^I:m)6ueA@X/ ¶^mQZ@QڤYzx^1W.G-FX!t ϱ֎GAd-1~JTgw5u;b B6eI t}&/dUՐ) Zv"п(g^y<3ex$h@Z!D'R4.y[vT4G,S9T[/d7wlvĬ3QERe*SlҪ)QZ ȸA؃:ly`/@N_kHҔ4e]}@(ޖ<ũY[dcccy'5尅[@`ʓE2.$5_|s?&w`rprr+0G%l6H_<k{>ϙ#qy.KtЮDMj]B _dhdʑ&9'!!U\ *bH8 j糏o\DѾ(ڥ8ڡ=!TE`XfoH@ qmʛ٦Fa2zZ`6\3QͩЇ|Z#.]3M9m(NxYˆ IF1v%'xQx[f-l,GܸKq %s5T*'ˀKcA Y+Dv) ְg`h0}gl"Xbs6 5iRS7=$␝^QgX=,};I<2 e]tú H2RuLD[LzMXjB1%"?F|: Ca~WGbniBfPBHm'ctv#yڂjm@}GȻN!ncwm;ߪϬI>BVLŷ~'|_Cojj/>sZ|SDCXJ 5*ݻ-;{7 u;YSG J{q-'LnОR \rUK ֋.m* /|N>CQp.]k||]+ԱA"ʦ/2_f77[aIeCi2ndHo`5OG;Aʌs^h LHyhmۍ函.Xhjb>|\̴\) |y*+?9oWl[ͽqDG_E=٘7H5 @Yl. 3,9xO!:T(nOxYCC峥pV Ӛ?tInEPYzuQ'r_u-WIY]Ėȥcj FgFkhO}d7Yư z7,)oj˖jFx::[—e^bC/U}51A,rmw%rBWwoͭhYuNKD%kNhbBnF}|Z#eYmQfv|pZ6 cVIIP x(?y~G*8N`!-T2 Ѧ0އ;1~G<ñCF`8:"Dx2"[4z1gKu}ϢWEv9x~AIk-6{XnJ|(RIɪD2RzC6`%[I]oB3߬inb/LlN(@DL.H]J4;U`= ́* /ќrMm4mJg5Q5F8ې"Xv Kq3Rw/쵎W C OYAWo Ǖ7 jX&] I9: 3aMvyV9>lBrC0N<$]]Ά0ZXlѓA^$NۤܤxQ߮/%1軁&!<nxuL,}Nr=k懙E-G|[i )::ٺbNƲl$qԝ-.*l r`,{3_q$FRX0Wd5\7o@ߞ21Z9X꾝,a~ ld*C9  * ㉐գRy#EIjQ*8߸=+>]Ffd 4=v@qclg[RKq2R<Ի>}aH|t< VQ= [YFPcCtMz:`=/iO| ՝>+d/V<U~o5C $Lqơ!)>cB*|0Mto[Cs2j_ .ru\OCJbwؔn@|vPCBG-As)DR u[t.]_)z +*>R-]RMZ+ym~l7mq,&22RŨ&_]_kf:AMYr)`:[~g<9#o9~[*r`zCgʁa[1ŭ/9@OIp%5-Egqff9WgC WSGrL6O}B~n{UMb1ԇWD*m]8i?щ1U 6Gs@Ar`mo >e|u3x(y-bc'8P"q؛beFC̎IhMJd~=%e~-tc t,Y~$< mrN]ʺ§Hf)wyXf}j# vq~s*L"Fu,Mu[E|J 4(wyrz^_R<`PipIW>(r=;90l{ձ)DR CAKa35 RٯDZ7=X3}ֶpa=J(UFKRqs˥b9uQWv?8\X71YFQ?G؈B.:n-Z>oCs'ҕr!B*vyj6) [D!{Ӵ-ޛvMjDGUׅb?=~3?LEj+"+gq rUQBm}MCQݙp-#?yǿm4_YK1Y4Am FNWBa7=(." %zL۴ЃĽRnY_qwuw*^ M|񥇩z)"CЧg F!LS=;I7+*3PA\ f~\2f/rՁrCѓ,>DnH)=K›^.p n=%SkZȿnY۸4OT4r8L]Lp-ېki`Yf]ut29 3o*IO8Cb2Z/gUgMy1 ?+5[7\9i8[J9} Zp_zܵs`2Wc\S( K(3;ңSM}@_٠!;)qD[IWLGXHfZ!p4@e̾Pvz>`D(#u ꃻω=t o`kP.9YC/ Sg&DHȖ桹.V`9ʑω/Pxzk0)bcǓRd-lIt'J~C9~զ[(1gx(xg7s!Ll.ٮr6oڽT'1knn>T.kvy#ؔjD+X OD nP7h(}F!gG5: :.pxM= 5v:a;eW:ʕg^"Hiiˆ9)bѧAv~8 AU١_1.ʬ!4 riSdZy=0`Іj9%5\i@v}p3D~@HT NjΟEUk +Ձ:OZBlbʖIȷ!cp-)9{[ee5z)"qX>jyN}͒5U2@ !zϔ>cPS3@/Dao Y8R5jz sQCGh! nSG?McCܮ)k @># \[Q̀T}ޫ4nd}.qG(Et>*eq[LHW`4DOx'tK tyؕ]R0~j @||3ïRI{>|7=̥䙂Un0?vM,0( ͎&,k~F ٕ'ܪG4"JQ|M1+ox/}falqaYfwI@N#V."z4 x1U܎M&.(:0skx%ʷ#=yޯLaI R_La7j.Њsk^FrW>H\^?2uCpH^Q e-Epgo&)*Е0|$+H\.s "MPm(ܙ,14\.Ԓ3BgyY"$wha+힟i58]闡 t:w&.YT[6="ȯu'RHtl-">un"I\&(ٸ7:GxRJ%wZ:tg=9ɲ]%;of(̰u sVMW]SIUD(xs 'UP1WREn텈ve ,i-S&sz<kM?Ɗ] E8i: b(X7W^yt"N`*iԬSC*-s w"Ƕ7i5-H|l/Z`O?R/y(9$ g@2/{u*g70y;,?·Nb`;bӈuYP$2Qg' ,*Wuf T!ЅyiS)FBA< p28^9@nㄽRܲxE 6-,:6p؆/Pq;ѵV|xD!b)Kd>MjMKASRSCpQ g 0-]ȵD {#:,KM1Ny^j\J&0{%_m܂X<p Vk+ȑyT(q_B-U`r{Oвefd@9C(~eq*Bn"ELu_ ',(|| (2RqOkՊT$Vx/r9  +?=~툿0ZuBZ9⯂|I]\<=kg 8SnxI[b2f%06P乸]וQ;$\ 9L@ rB/|h' -Khfy$e!r)v&b@,]*Q~R ۫;h߰Y} <Ά$ՌAꚲl$rc:UP`Bd>9iVT@tk+n Y,d]r\ƻ$SA T`/dՑzAHvLa|(z6\֍L|**jh dJ^)BH ؏JyVyXI[gU\|T%PKjpp\$P4PK>'prϋ֠H%d_hC<]rZV֬Yb\L_pbu )1ݙmNΤ-<Vحq 'vf[RѠ,\ݯrz[eZuŀ;9oUf IlX<'o*H0o JM)M}4A;٠r yWك!*4%"E!>eK z7#ZbGH$H|E1 N+| bdzlha[I^Gaȋ Uw1zV#HaxoD/tY%G#2fiM;r5ٳo$1sx#[YK8oWm@o+T1fxF*aRo(h=jžV5U.0"эAê7e'X:adEdURC:P8/|1_^ֿnD@FLtxsd!b*m. pyD/9Bun˴ $̒TB,"#AJ~FbM4FN91L!0 DRُ,9]~O/sިZmr:27PYWzY Kg|uaHׄ-cƓQ SBS @u1!swv[7;]!⚡֑f,z}^@3@Nta6qmҲR 3n-1*_|@8VkѦ8@bRnAo~LJy٪boAOG݉څ7d&ה_U-8-a9 *>G}~xp@|s7M[=;`5ӾӟCt޼ wɟ$}H:Y: 7j29m?~)K7gXP]fFؓ6 s@-*OL!b* 6,R*Y Kȋeۀ)hKZ~F\+3UиiAiG#Ê$N(qy$lE#[JM<\ya#ϽwE,%)LxЧ Aa r}Aj$.!@޷&0{XL{u[s 9WYz*zYJb͒Tb诈U }?Z'#NBF*Wd(Sqq<D VM1za\jq|@| b$$Q PhHO\B˜UxTM22XZ%o D!rЄ&i}%6d}=s`єR]ZI)j|;="Sy k5eTؕ7KT΅ igƀReq0X#+ѲhBɦz$5~$.{Γ|$mnE^Z97"9H ~^ La%f[4 ڭLV'wUή.4݄䫸nףg1үMtQJ1ܤJ21JCkʮzHjOoe# *I5oH3bע%vĘ^~lu.*x.~- %3p={ѝG'ndĒs fdpDlgDgD03><zs]M]#T\W&d9R-~mJ-؎C Ku]U'LV2L2HIh#lΣ2؞Z.KXV_gG2ZV)+SY&3%%N([xfz!.Fn@.w]Lg03bWTЪ yqu<C ~;&DD*kǘ^h:dbe2XH(R-4 Z؜a#n: Y'y=d6P!W'e#jfL&nsOsA#kr_B!hP!f9MȠKJ Rp˝Ta4au+,c;bԓD>|{@l܄.,o+7Ύ[G }^@ gI*YAGdy3_XN⡖衯;iyX~wTѦO5wdK ۓN`!@=~wE2kh'~9 $&{fCEL@jX }v -J`,+5,ҧb$嚖}œZG7jW@֎wf$[xbw/5sTw*.-1jaQQ԰C~~ҫongR<3k?Ȓd?0{?}j\6t'2QkYkN5Z*&gB8?fmC:GzTc+V?/tH\)4;l0TĆތb4}Ҷ4 t2WxfWH RM%)o3*_`][C;J ,r}P -i)q3OoӮlYqe%z?+NIcVo)T>b) Skpq,)qKw0%mՅ?I>=j"Ûm-_= 99m|$8dzx0$kBb3t&?yfG629LTi:6fRVgH*v̎6)1f€v,e?0+j7*)S5 (0H UP:FڹAR8#syN烍AnKVtI6kSGy$0Re "twWa_.KsSd`(GXp7H#rLkv<DsE[ ,6n S hj9qEׁ8zg/eQܻsE/ Ֆ(,'nQZY/SϞCpvl-Rk22?!2liwuӝ;ʈWБm#KTuB݆suGPv^,.2Epx2QXn%4wiKۿ>,&]j#>1~QA93~Sλ_{݆ͣ)B_[u,׊@wF1 J.8htAzjԪS?EbBrF6t#}fWr=‹K- [IsC.^^ZvD{wʐvlI+㋜^k%̅ / jvifEG8, FNІw (ֵ8PE.9K3I3(RY ڎ~ԋ ݏUő뚀(>$\{|cW7g%=iHA1$vsg𻰸@m~xkn&cCoZLi!T&)E$e?%ۉ ,FMx֫.(]0v(j2n p"G∾#+!0t E("vTicH!DW1SJ1ai> s}R:W^!1l>t"bNoei!W:#~jGĄ 7La6y8adJ.ssn2=6 fTIfΥuwxX4 O$Uv o&2(}A}RhV A+l2i+TM*.`ƱhuZVa@j*(,sү1C!¹ ῅;R~_N!­ﲦyPQඋN[u2歡>?He=wQ;&tl<%7C|?nGff Vy4NטKAh-P8~IwPVMH@/ ]͂?U'׫F~W?C:>cY?kEMK1Gyx2{BXb^~]vk^j O dP%KsQ7 T2Pr/h3Ƒg?FTbȭ~qP5CObH6syifv.eNB8^b5*% )oC44 *.vUi;Eu 8k._) $]x}KO 8SNh '9éFn)@?Rv| AI7,$q~ɩ={eILCpt#JH:.'NBBՌx;,)@jCKYt_Ә6_Áza7X$b߮ η?i6LiҟӚ"uHJ; Pp,:%}t|屁*F4DV›{  -W:оFqib!0 SY-"Wy_O? 6fMc33?ϱ1uZVXuh̔rn[lGTdx.~„fxk< [p8U޹QUӛPC&iZίWFD>J:GU1 tmag "Gڸҿ dq3d<0]3Lo}2D)P= f5~kgu;ht^n>5|Wzq(Xqz!rڇ"ڣڶx!ZJcP51?ֵx-n)Ȝo\Y1'&ezF,|왣P_$՟,xar1gOv7𪀍@)9o q4_ 6zJ_ :@B&k6ـ0 5_^ ڽvDZ3,::h8yVvJIuHzLb{/-9pa5[wz= {Aפ`EeHn;զsvB ľ$0q~݇AwzNH,'EM[w\j_{ݺV&:j3h8eo*zP?걢{ýv5 k`[SZLxm=˫[ j[~P{B5d(W)(NI$ց0w|UhJί#ɸT=yyeVV襤@̟gORCuvp2(h wj&dވ]p(?a r-2|cQjZ|CehB6rlIL!\FѨK?nmUAƹ#1h!kQc-sHJaI?ܵvIJzWm+ب`z0O=T@S]]#*ح%E%Gk{W\ϩ'ݐ<̽5t@2׷8Z|do̖T[`ýCjGd,""foLtC1.SL{ GMh.n*2"AZ3,;l9R?BMJţj ú5qK =ѢX1Ef6 $?lb"ܳTrAEk"KdaJa`G1ג۠~j0D?52'zXGzqŏ蠈VR8x'+/_wD$I9Ásyֳ7󽌮G_i%DYO E/3|e]fj%^}M=0˳WkVjr@Q}S{&~'Zm$/WL|V>gEj-l!өp!)ܞzꝋޘ5^Ew% <;=dL::(o5ewǑrb(*mdt_U{ٴILGf4Ҧ17Gp€w*[0֐ғopdݤ8w=+h{>[i>^ڜO՟s 7Dfv鍷i 5 'WѬ枭$-j֤A0Mĵ@n)0w^Ř؍VR3P&鈄iOK;jtvzh[`7NrRTv_@ NOoׂb{Y0tѕy,+ĭE &L)GC1g`at= ǃ:<4?8jB,B:w?TwvӮBqqxݞ̓8L8V]S}2{aw3^Ґf_, 6ו[UEn]+i$Jֶ"Mh3  kN{&9E$lTw7Z`L/~_®n}wrD2rr17 mVWܺ-ifXŨb}&4ѡ CY6Z^HYMş? i~d0M5uC$CB x{ݖnYe 쬉)85dOe׫(z9#L?C{|+= qPUK#E?)R ud~p w1tec],эPπ v!3x&+1KQ~t |`$t^|BANTfDS_wJb/W?kc b<=. sj[vD`DN)7}k6`ωz~!V;GuZ8$c!°VXI gޚ'K%ch\2|G"eETG:A:T"pA:S/.uͅ#}A ch,4:S s j"CŠ=ERdʒؕgCPӽD qhDCtQF>ak JE, g%3ho8<駫4.S_ ُzHTn .ĶTq?},&5'pi,̥F{#x ^iMѸmK?IX5.9 vtD{RGxFFf@ܾUlhD`T2 N9dG3V|U庈cT3IKJ|)Z' f`d%u91 ,&ZaF#ן'UR3t%*$`nzV6܉ש1SjCh;׃>(+ZK VO=]"jґ6R*;B-U^V6}|b8_jSar\CzX{?!$4tH79A<%= ~zrz RrX!PR4K[\n9 @ГJ?Eքa}7rYS&V2F+kɈ툻Gui8Q- 5}@q]p4ne`WMb>9q\> 67(g_3/ej[H7/ %BiN! Hcޛ%0ABl"79ZhaW[Baˍ`FQVF_]وϬJ`(BYRcsЫ0g:Qvu a<!uvT`>aQy .㞿ᛚDpcCdr{D&bV bVB-<ei{ bKY2:h9a*xGwZon`B*l\^rG`e>9+C`\#<K7"aD' /ճb27עw>Dڤ$OW(kSٵ/:C@f+.eLR"Xپc:aN귕1*m?Ϗբ+kr#V}RvՂ`,^Fc#DYFZ*sMUw|;H!{9贔٫|AUiWl$Ѝ6=`EasJ(ۖoڟrg UW'uK HL Kw;ƍ_%q0h/Wi޾W+Hjd+bB`vtY8˝Lw4&9' UQY+w-zw̧_oMM(kdOέ*Nc͞{]QJ;tFB7O Y,H,~c*Іa?%{@9_8>AyhgŽgim@lt| mIۮbjDaIXOtG{Z"*4)H%DKH SHo< L)GxS:KӼei{SQmTL,.bٴkY9s>H•9>*}}|ֿʘv~{L4TkG!JS54U6J5 W)r GtX쿃 Q:W+{9`C¹IZ}o˿нU$}*]x}ѮY;xw< &N3CzjwUz[j} YOo||n?f:RZOySi:pk*d Α'Po37WAtT Lw# #E6MćMDe.;i=cTȰ"e,U>%oZ!O{c(Cxd*}=MDeK2e!(`ũpC+.c˩(2ԡSB=IY0;Ľ3x|'ΑLLF EntuPbMtP%pvy1F|a gDjN0 4yXwRX$J|C eyYޛ2<>Kl[!"MSC#1! (_seחR䌽 1? -|{?Se@\NyoƶBTyXWfIw8b#@h"qi=>-8vcv0p^_`|B8kԏ$gRa/]JsjjmF=DeAdQڀ mldּbb(=MǑsB ®]6HS׫T P͵mJ:j/̮!oq*< }Z)Q.6%(!hT?m+g%?rNJ-A|@`ֿBej/YT>ӭbQu,;<S-|UGsPm]X`GRu oh"Ԁt LǴŊ`wxF-nc k{9 !F9>f +!{}cژ ]JYUk5"c.EG;a ͺ RNғpJQC|+t*+8$ǖ Xxy^ BW Ǹb@$Ϟ!R4u^C[bp;),+w@jq|ZZ?lm㲨Q@2"V9 g׏%IHUM>6֬C $))#G`U+x9G+S:ɝ%#IAڻedj%'w׿LD@YVnwe@n͜LP?j?^cErp?{p`Wѓͣd`È C򡻎juu/@byl&H_%e5m>֯ DC# \\>NeAb2y?EHf$)ŰSN0:=yէ+¥v7Tf}nfYf:E.Ĭ{hF46q%KįA)BC LglEP~ݢ%c{WN_eQJY|7>CN -Bk4=ψݪqTQ2H &7:oGZ^zwőzr;QDyɚ:XhWYpalr7e1[K7JtWLeߘT ~=5 Ge K"H[o e6k8ƣ>n~3 #H81E,g2\Pf1d: ޛH @%+! :`SE wŇ)hDA/^j.z4e~,[u5]$+WYnKPңG[*0FT\5a󍹞"OK(RsS= dl f~JDŽ|%@yGK ^2-xN6Ⱦ hG.I<BU2lxV*\n|%JC<\yP>缌?}s\+C*rx& |hc8i;ТE )"9H h1zd (eU]^q9Y9"mA| xi^)1Τ+Xi9JBaX;XT([=o>dX}dO~k%z  8@|RdbYU&akYY`}6Q$2/}HL23-6?@# Ny-% 0ȦߵN)I?%u*)R΍!g_ù:SryrJm.`^oŮ20U{dH'A'ãlyBw_,iEA fv[c tNڐ/byTa[D c+dެyj1mvb;l-rՌ {4ԩhf71w#S')ϜT"N%VjNbHYul)Py;&Bl A/=Սǿ /٬b(羳$jRm D3ǵl}~ú8l:<  [%(pV 5װgG N7:{{,,߆~=`'|8apAN3YZBp B]мu3ҏ(+nM{7]^{"ꤴ7huQhL.4ot>1, o6 U풬|5sCލeId3΀7pXߙ#W!\B 5qb# B s^6lIO4}x5֝~Q2 vj 7P8!C&{D8>{D@rrRob wTGXcFuGy1Cp'zmJ Fɞm&(᠂bVNg(ڦJ-P0 k6.9Q"  2KKqq@:9-Xf&=9iLB: IF._.ęӹ6S4ɘ #U3-!~CP34+k t!]R%Ll'\.%am` ( +B` d%` }R[\J{w*S[B?H1O6nj 4:t 2Z>R>Dl#} ` V/Yxmi)qR(QOF̺:گX%˃;Jd>|иR; 5aB&uę!χ#@l]~)&oQau8MIQQ a<> U2MfCLVgS|xQ,\~m-3c$s%[ ɔk/;:O_[*"4)J)B#y:.==!l9O$ 6MF{g2\`!=i8gfPZ+ډǎR9kҏ3! ;s0T[ONԳta Rx ta ?h~xPC1e{*æ7nDsB9\!;;oGP-մP_TgNjeqƪdm'.3~{#gDY^~t$~E.}2㶴-k/`ߙ(C9S) $|"UAlZ;c`x:ЧXGNK4TEX𰊜g )#|.{A{gI[\fu2ZR.(751ւ:w#XWjPn Ltӭހ7PnPSΡ.,G+Bkc}Tђ;⚙u{URr[: ^AJV0ndewŦnid<m(hjH{LQXGJJ߮c˵Y[wT? y0vqmwPhNÕLjf\B>A(J~vkk͐F 1p8yޚnHM#@kB|<\nwqa)k~nӟNNhLۅdF,gnᄚ[42,:g7n:` C$R%=[T7g70,2q-R.^Rx^ܑ󼅒Iu7\-ךULzQDLFbeJbl]? nωJ1襬%Y K 'oM9 j$J|&l{ǁ"gP]+JT9q?3_HxKZwG}Uc!^ɓNcMiX~J{-ܭ<p[aPv2c&T/# %6vF+3[ WkC5q32M_Ȓ**!2c  %w~E&$*w[Zǧg-Qq`;Xc|w6ʏq^]_q@̾Ԑ(! b_vpm%{@Sus%.ɡ$Sn[L[K+GL22u]4r5&BAC~9J!ܗQ=>AayӤa'es^]zU]-A`!P gPQSu