nss-util-3.79.0-5.el8 >  A b HU]{,9hDr‚sp#B Rd]~DD^ cdeG*0D Si,ui]UkOXT=9n>q=æpB7RA_4ٵ>IjX˜=^4Dp^VkR$p'nW#u^le\ѐ6Ҳ{epgvN9''<&0fZ*4*Z=ixƗ]b(q Up<x?hd   D  (@ L X p   8VtT(89 H:[GtHIXY\$]<^bdrewfzl|tuvwlxy"dCnss-util3.79.05.el8Network Security Services Utilities LibraryUtilities for Network Security Services and the Softoken modulebx86-01.mbox.centos.org HCentOSCentOSMPLv2.0CentOS Buildsys Unspecifiedhttp://www.mozilla.org/projects/security/pki/nss/linuxi686"ƔFAAA큤bbbbobbNY5a01d4764d33ec9f18ede0c50cfe164ebba29250ee14f84984e92380a076f2cea20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4../../../../usr/lib/libnssutil3.sorootrootrootrootrootrootrootrootrootrootrootrootnss-3.79.0-5.el8.src.rpmlibnssutil3.solibnssutil3.so(NSSUTIL_3.12)libnssutil3.so(NSSUTIL_3.12.3)libnssutil3.so(NSSUTIL_3.12.5)libnssutil3.so(NSSUTIL_3.12.7)libnssutil3.so(NSSUTIL_3.13)libnssutil3.so(NSSUTIL_3.14)libnssutil3.so(NSSUTIL_3.15)libnssutil3.so(NSSUTIL_3.17.1)libnssutil3.so(NSSUTIL_3.21)libnssutil3.so(NSSUTIL_3.24)libnssutil3.so(NSSUTIL_3.25)libnssutil3.so(NSSUTIL_3.31)libnssutil3.so(NSSUTIL_3.33)libnssutil3.so(NSSUTIL_3.38)libnssutil3.so(NSSUTIL_3.39)libnssutil3.so(NSSUTIL_3.59)nss-utilnss-util(x86-32)@@@@@@@@@@@@@     @libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.3)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)libdl.so.2libnspr4.solibplc4.solibplds4.solibpthread.so.0libpthread.so.0(GLIBC_2.0)nsprrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)4.34.0-33.0.4-14.6.0-14.0-15.2-14.14.3ba@blbbb@a@@`E`ݮ@` @`ٹ`̊`9@`Ȗ@`D`r_@_^@___@__"@_"@_"@_!d_@_ L_ _@^^@@^@^ۅ@^4]N@]]߶]e@]M@]µ]L]]^@\F@\Q\\\\\\@\I\I\U@\ `\l@[[[u[#@[[W[O+[M@[ZZw@Z|;Zo Zo Zg#Z ZZZ@Y+@Y{YY@Yn@YV@Y@YyYm@Yg`YJ_Y1S@XX@XX @XXYX@X@XX~@Xx@XoX>@X*X@WW@Wt@W~Wv[@WrfWoWm WbWQq@WPWJWDB@W4p@W@Wo@W@VV޾V޾V@VяVIVɦV@V@V=@V@V@VO @VHsVEV3[V UYU@UU@U@U>Ua@Ug@U[%UUU @T@Ts@TTء@T@TÉ@TT@T@T?@T:m@T"@S@S<@S@S@S @SSSSpShS(5@S@SRy@RJ@R@RR@RSRR@Rm@Rg@RD!R@RRR|Q@Q*@QQ@QKQ@QQW@Qw@Q]k@QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.79.0-5Bob Relyea - 3.79.0-4Bob Relyea - 3.79.0-3Bob Relyea - 3.79.0-2Bob Relyea - 3.79.0-1Bob Relyea - 3.67.0-7Bob Relyea - 3.67.0-6Bob Relyea - 3.67.0-5Bob Relyea - 3.67.0-4Bob Relyea - 3.67.0-3Bob Relyea - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1.1Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-17Bob Relyea - 3.53.1-16Bob Relyea - 3.53.1-15Bob Relyea - 3.53.1-14Bob Relyea - 3.53.1-13Bob Relyea - 3.53.1-12Bob Relyea - 3.53.1-11Bob Relyea - 3.53.1-10Daiki Ueno - 3.53.1-9Daiki Ueno - 3.53.1-8Bob Relyea - 3.53.1-7Daiki Ueno - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Daiki Ueno - 3.53.0-1Bob Relyea - 3.44.0-15Bob Relyea - 3.44.0-14Bob Relyea - 3.44.0-13Daiki Ueno - 3.44.0-12Bob Relyea - 3.44.0-11Daiki Ueno - 3.44.0-10Bob Relyea - 3.44.0-9Bob Relyea - 3.44.0-8Daiki Ueno - 3.44.0-7Daiki Ueno - 3.44.0-6Daiki Ueno - 3.44.0-5Bob Relyea - 3.44.0-4.1Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Bob Relyea - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.41.0-5Bob Relyea - 3.41.0-4Daiki Ueno - 3.41.0-3Daiki Ueno - 3.41.0-2Daiki Ueno - 3.41.0-1Daiki Ueno - 3.39.0-1.5Bob Relyea - 3.39.0-1.4Daiki Ueno - 3.39.0-1.3Daiki Ueno - 3.39.0-1.2Daiki Ueno - 3.39.0-1.1Daiki Ueno - 3.39.0-1.0Daiki Ueno - 3.38.0-1.2Daiki Ueno - 3.38.0-1.1Daiki Ueno - 3.38.0-1.0Kai Engert - 3.36.1-1.2Daiki Ueno - 3.36.1-1.1Daiki Ueno - 3.36.1-1.0Daiki Ueno - 3.36.0-1.0Fedora Release Engineering - 3.35.0-5Kai Engert - 3.35.0-4Kai Engert - 3.35.0-3Daiki Ueno - 3.35.0-2Daiki Ueno - 3.34.0-2Daiki Ueno - 3.33.0-6Kai Engert - 3.33.0-5Kai Engert - 3.33.0-4Kai Engert - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.32.1-2Daiki Ueno - 3.32.0-4Kai Engert - 3.32.0-3Daiki Ueno - 3.32.0-2Fedora Release Engineering - 3.31.0-6Fedora Release Engineering - 3.31.0-5Daiki Ueno - 3.31.0-4Daiki Ueno - 3.31.0-3Daiki Ueno - 3.31.0-2Daiki Ueno - 3.30.2-3Daiki Ueno - 3.30.2-2Kai Engert - 3.30.0-3Daiki Ueno - 3.30.0-2Kai Engert - 3.29.1-3Daiki Ueno - 3.29.1-2Daiki Ueno - 3.29.0-3Daiki Ueno - 3.29.0-2Daiki Ueno - 3.28.1-6Daiki Ueno - 3.28.1-5Daiki Ueno - 3.28.1-4Daiki Ueno - 3.28.1-3Daiki Ueno - 3.28.1-2Daiki Ueno - 3.27.2-2Daiki Ueno - 3.27.0-5Kai Engert - 3.27.0-4Daiki Ueno - 3.27.0-3Daiki Ueno - 3.27.0-2Daiki Ueno - 3.26.0-2Elio Maldonado - 3.25.0-6Elio Maldonado - 3.25.0-5Elio Maldonado - 3.25.0-4Elio Maldonado - 3.25.0-3Elio Maldonado - 3.25.0-2Kamil Dudka - 3.24.0-3Elio Maldonado - 3.24.0-2.3Elio Maldonado - 3.24.0-2.2Elio Maldonado - 3.24.0-2.1Elio Maldonado - 3.24.0-2.0Elio Maldonado - 3.23.0-9Elio Maldonado - 3.23.0-8Elio Maldonado - 3.23.0-7Elio Maldonado - 3.23.0-6Elio Maldonado - 3.23.0-5Elio Maldonado - 3.23.0-4Elio Maldonado - 3.23.0-3Elio Maldonado - 3.23.0-2Elio Maldonado - 3.22.2-2Elio Maldonado - 3.22.1-3Elio Maldonado - 3.22.1-1Elio Maldonado - 3.22.0-3Elio Maldonado - 3.22.0-2Fedora Release Engineering - 3.21.0-7Elio Maldonado - 3.21.0-6Michal Toman - 3.21.0-5Elio Maldonado - 3.21.0-4Elio Maldonado - 3.21.0-3Elio Maldonado Batiz - 3.21.1-2Elio Maldonado - 3.20.1-2Elio Maldonado - 3.20.0-6Elio Maldonado - 3.20.0-5Elio Maldonado - 3.20.0-4Elio Maldonado - 3.20.0-3Elio Maldonado - 3.20.0-2Elio Maldonado - 3.19.3-2Elio Maldonado - 3.19.2-3Kai Engert - 3.19.2-2Kai Engert - 3.19.1-2Kai Engert - 3.19.0-2Kai Engert - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.17.4-5Till Maas - 3.17.4-4Elio Maldonado - 3.17.4-3Elio Maldonado - 3.17.4-2Elio Maldonado - 3.17.4-1Ville Skyttä - 3.17.3-4Elio Maldonado - 3.17.3-3Elio Maldonado - 3.17.3-2Elio Maldonado - 3.17.3-1Elio Maldonado - 3.17.2-2Elio Maldonado - 3.17.2-1Kai Engert - 3.17.1-1Kevin Fenzi - 3.17.0-2Elio Maldonado - 3.17.0-1Fedora Release Engineering - 3.16.2-4Elio Maldonado - 3.16.2-3Tom Callaway - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.16.1-4Fedora Release Engineering - 3.16.1-3Jaromir Capik - 3.16.1-2Elio Maldonado - 3.16.1-1Elio Maldonado - 3.16.0-1Elio Maldonado - 3.15.5-2Elio Maldonado - 3.15.5-1Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Peter Robinson 3.15.4-2Elio Maldonado - 3.15.4-1Elio Maldonado - 3.15.3.1-1Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-7Elio Maldonado - 3.15.1-6Elio Maldonado - 3.15.1-5Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-1Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.15-0.1.beta1.2Elio Maldonado - 3.15-0.1.beta1.1Kai Engert - 3.14.3-12Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- FIPS 140-3 changes - Reject Small RSA keys, 1024 bit keys are marked as FIP OK when verifying, reject signature keys by policy - Allow applications to retrigger selftests on demand.- Fix pkgconfig output- NSR Coverity fix changed selfserv from passive to active, change it back- Fix regressions found in test suites.- Rebase to NSS 3.79 - Set FIPS Module ID - skip attribute verification on attributes with default values - don't export trust objects if they are default trust objects from dbm - add dbtool to nss-tools- Fix CVE 2021 43527- Fix ssl alert issue- Fix issue with reading databases that were updated using unpatched versions of nss- Better fix for the sdb timeout. The issue wasn't a race, it was the sqlite timeout waiting to begin a transaction under heavy thread usage.- Fix sdb race condition- Fix coverity issues- Rebase to NSS 3.67- Restore old pkcs12 defaults.- build nss for older nspr so we can pass gating with the new nspr in the build root- Rebase to NSS 3.66- Fix various corner cases with ike v1 app b support.- Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC.- Revert some policy changes the generate ABI runtime issues.- Add support for enable/disable in policy. Now if your policy file has disallow=x enable=y it will act just like our other libraries.- Add OAEP interface so applications can wrap keys with RSA-OAEP rather than RSA-PKCS-1.- fips need to reject small primes even if they are approved - code to autodetect whether or not to use the cache needs to do so in a way that doesn't mess with filesystem negative file caching. - add kdf selftests- Fix issue with upgradedb where upgradedb expects standard to generate dbm databases, not sql databases (default in RHEL8)- Disable dh timing test because it's unreliable on s390- Explicitly enable upgradedb/sharedb test cycles- Disable Delegated Credentials for TLS- Fix attribute decryption issue where the private key components integrity check on private attributes where not being checked.- Update nss-rsa-pkcs1-sigalgs.patch to the upstream version- Include required checks for dh and ecdh key generation in FIPS mode.- Add better checks for dh derive operations in FIPS mode.- Disable NSS_HASH_ALG_SUPPORT as well for MD5 (#1849938) - Adjust for update-crypto-policies packaging change (#1848649) - Fix compilation with -Werror=strict-prototypes (#1843417)- Fix regression in MD5 disablement (#1849938) - Include rsa_pkcs1_* in signature_algorithms extension (#1847945)- Update to NSS 3.53.1- Update to NSS 3.53- Fix swapped CMAC PKCS #11 values. - Fix data alignment crash in CMAC.- Fix coverify scan issue- Fix endian problem in SP-800 108 code.- Install cmac.h required by blapi.h (#1764513) - Fix out-of-bounds write in NSC_EncryptUpdate (#1775913)- Add SP-800 108 Generalized kdf- Check policy against hash algorithms used for ServerKeyExchange (#1730039)- Add CMAC- CKM_NSS_IKE1_APP_B_PRF_DERIVE was missing from the mechanism list, preventing PK11_Derive*() from using it. Add gtests for the PK11_Derive interface for all the CKM_NSS_IKE*_DERIVE mechanism.- Backport fixes from 3.44.1- Add continuous RNG test required by FIPS - fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor specific mechanism- Rebuild with the correct build target- rebuild to try to retrigger CI tests- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set - Revert the change to use XDG basedirs (mozilla#818686)- Add ike mechanisms in softokn - Add FIPS checks in softoken- Update to NSS 3.44 - Define NSS_SEED_ONLY_DEV_URANDOM=1 to exclusively use getentropy - Use %autosetup - Clean up manual pages generation - Clean up %check - Remove prelink dependency, which is not available in RHEL-8 - Remove upstreamed patches- Update manual pages to reflect recent changes in commands- Make sure corresponding public keys are created when importing private keys.- Fix the last change - Add --no-reload option to update-crypto-policies to avoid unnecessary restart of daemons- Restore LDFLAGS injection when linking DSO- Update to NSS 3.41 - Consolidate nss-util, nss-softokn, and nss into a single source package- Fix the last commit- Support for IKE/IPsec typical PKIX usage so libreswan can use nss without rejecting certs based on EKU- Backport upstream fixes for rhbz#1649026, rhbz#1608895, rhbz#1644854 - Document PKCS #11 URI - Add warning when adding module with modutil while p11-kit is enabled- Update nss-dsa.patch to not advertise DSA signature algorithm - Update PayPal test certs for testing- Backport "DSA" keyword in crypto-policies- Update to NSS 3.39- Fix LDFLAGS injection when linking DSO- Install crypto-policies configuration file for https://fedoraproject.org/wiki/Changes/NSSLoadP11KitModules - Port enable-fips-when-system-is-in-fips-mode.patch from RHEL-7 - Use %ldconfig_scriptlets - Remove needless use of %defattr, by Jason Tibbitts- Update to NSS 3.38- Backport upstream addition of nss-policy-check utility, rhbz#1428746, includes required fixes for mozbz#1296263 and mozbz#1474875- Switch the default DB type to SQL - Enable SSLKEYLOGFILE- Update to NSS 3.36.1 - Remove nss-3.14.0.0-disble-ocsp-test.patch - Fix partial injection of LDFLAGS - Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream- Update to NSS 3.36.0 - Add gcc-c++ to BuildRequires (C++ is needed for gtests) - Make test failure detection robuster- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Fix a compiler error with gcc 8, mozbz#1434070 - Set NSS_FORCE_FIPS=1 at %build time, and remove from %check.- Stop pulling in nss-pem automatically, packages that need it should depend on it, rhbz#1539401- Update to NSS 3.35.0- Update to NSS 3.34.0- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka- Fix test script- Update tests to be compatible with default NSS DB changed to sql (the default was changed in the nss-util package).- rhbz#1505487, backport upstream fixes required for rhbz#1496560- Update to NSS 3.33.0- Update to NSS 3.32.1- Update iquote.patch to really prefer in-tree headers over system headers- NSS libnssckbi.so has already been obsoleted by p11-kit-trust, rhbz#1484449- Update to NSS 3.32.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- Backport mozbz#1381784 to avoid deadlock in dnf- Move signtool to %_libdir/nss/unsupported-tools, for: https://fedoraproject.org/wiki/Changes/NSSSigntoolDeprecation- Rebase to NSS 3.31.0- Enable gtests- Rebase to NSS 3.30.2 - Enable TLS 1.3- Backport upstream mozbz#1328318 to support crypto policy FUTURE.- Rebase to NSS 3.30.0 - Remove upstreamed patches- Backport mozbz#1334976 and mozbz#1336487.- Rebase to NSS 3.29.1- Disable TLS 1.3, following the upstream change- Rebase to NSS 3.29.0 - Suppress -Werror=int-in-bool-context warnings with GCC7- Work around pkgconfig -> pkgconf transition issue (releng#6597)- Disable TLS 1.3 - Add "Conflicts" with packages using older Mozilla codebase, which is not compatible with NSS 3.28.1 - Remove NSS_ECC_MORE_THAN_SUITE_B setting, as it was removed in upstream- Add "Conflicts" with older firefox packages which don't have support for smaller curves added in NSS 3.28.1- Fix incorrect version specification in %nss_{util,softokn}_version, pointed by Elio Maldonado- Rebase to NSS 3.28.1 - Remove upstreamed patch for disabling RSA-PSS - Re-enable TLS 1.3- Rebase to NSS 3.27.2- Revert the previous fix for RSA-PSS and use the upstream fix instead- Disable the use of RSA-PSS with SSL/TLS. #1383809- Disable TLS 1.3 for now, to avoid reported regression with TLS to version intolerant servers- Rebase to NSS 3.27.0 - Remove upstreamed ectest patch- Rebase to NSS 3.26.0 - Update check policy file patch to better match what was upstreamed - Remove conditionally ignore system policy patch as it has been upstreamed - Skip ectest as well as ecperf, which are built as part of nss-softokn - Fix rpmlint error regarding %define usage- Incorporate some changes requested in upstream review and commited upstream (#1157720)- Add support for conditionally ignoring the system policy (#1157720) - Remove unneeded test scripts patches in order to run more tests - Remove unneeded test data modifications from the spec file- Remove obsolete patch and spurious lines from the spec file (#1347336)- Cleanup spec file and patches and add references to bugs filed upstream- Rebase to nss 3.25- decouple nss-pem from the nss package (#1347336)- Apply the patch that was last introduced - Renumber and reorder some of the patches - Resolves: Bug 1342158- Allow application requests to disable SSL v2 to succeed - Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails- Rebase to NSS 3.24.0 - Restore setting the policy file location - Make ssl tests scripts aware of policy - Ajust tests data expected result for policy- Bootstrap build to rebase to NSS 3.24.0 - Temporarily not setting the policy file location- Change POLICY_FILE to "nss.config"- Change POLICY_FILE to "nss.cfg"- Change the POLICY_PATH to "/etc/crypto-policies/back-ends" - Regenerate the check policy patch with hg to provide more context- Fix typo in the last %changelog entry- Load policy file if /etc/pki/nssdb/policy.cfg exists - Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy- Remove unused patch rendered obsolete by pem update- Update pem sources to latest from nss-pem upstream - Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key- Rebase to NSS 3.23- Rebase to NSS 3.22.2- Fix ssl2/exp test disabling to run all the required tests- Rebase to NSS 3.22.1- Update .gitignore as part of updating to nss 3.22- Update to NSS 3.22- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Resolves: Bug 1299040 - Enable ssl_gtests upstream test suite - Remove 'export NSS_DISABLE_GTESTS=1' go ssl_gtests are built - Use %define when specifying the nss_tests to run- Add 64-bit MIPS to multilib arches- Update %{nss_util_version} and %{nss_softokn_version} to 3.21.0 - Resolves: Bug 1284095 - all https fails with sec_error_no_token- Add references to bugs filed upstream- Update to NSS 3.21 - Package listsuites as part of the unsupported tools set - Resolves: Bug 1279912 - nss-3.21 is available - Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit - Resolves: Bug 1280032 - Package listsuites as part of the nss unsupported tools set- Update to NSS 3.20.1- Enable ECC cipher-suites by default [hrbz#1185708] - Split the enabling patch in two for easier maintenance - Remove unused patches rendered obsolete by prior rebase- Enable ECC cipher-suites by default [hrbz#1185708] - Implement corrections requested in code review- Enable ECC cipher-suites by default [hrbz#1185708]- Fix patches that disable ssl2 and export cipher suites support - Fix libssl patch that disable ssl2 & export cipher suites to not disable RSA_WITH_NULL ciphers - Fix syntax errors in patch to skip ssl2 and export cipher suite tests - Turn ssl2 off by default in the tstclnt tool - Disable ssl stress tests containing TLS RC4 128 with MD5- Update to NSS 3.20- Update to NSS 3.19.3- Create on the fly versions of sslcov.txt and sslstress.txt that disable tests for SSL2 and EXPORT ciphers- Update to NSS 3.19.2- Update to NSS 3.19.1- Update to NSS 3.19- Replace expired test certificates, upstream bug 1151037- Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available- Disable export suites and SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code- Commented out the export NSS_NO_SSL2=1 line to not disable ssl2 - Backing out from disabling ssl2 until the patches are fixed- Disable SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Update to nss-3.17.4- Own the %{_datadir}/doc/nss-tools dir- Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic- Install pp man page in alternative location - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer- Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available- Resolves: Bug 994599 - Enable TLS 1.2 by default- Update to nss-3.17.2- Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work- Rebuild for rpm bug 1131960- Update to nss-3.17.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Replace expired PayPal test cert with current one to prevent build failure- fix license handling- Update to nss-3.16.2- Remove unwanted source directories at end of %prep so it truly does it - Skip the cipher suite already run as part of the nss-softokn build- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Replacing ppc64 and ppc64le with the power64 macro - Related: Bug 1052545 - Trivial change for ppc64le in nss spec- Update to nss-3.16.1 - Update the iquote patch on account of the rebase - Improve error detection in the %section - Resolves: Bug 1094702 - nss-3.16.1 is available- Update to nss-3.16.0 - Cleanup the copying of the tools man pages - Update the iquote.patch on account of the rebase- Restore requiring nss_softokn_version >= 3.15.5- Update to nss-3.15.5 - Temporarily requiring only nss_softokn_version >= 3.15.4 - Fix location of sharedb files and their manpages - Move cert9.db, key4.db, and pkcs11.txt to the main package - Move nss-sysinit manpages tar archives to the main package - Resolves: Bug 1066877 - nss-3.15.5 is available - Resolves: Bug 1067091 - Move sharedb files to the %files section- Revert previous change that moved some sysinit manpages - Restore nss-sysinit manpages tar archives to %files sysinit - Removing spurious wildcard entry was the only change needed- Add explanatory comments for iquote.patch as was done on f20- Update pem sources to latest from nss-pem upstream - Pick up pem fixes verified on RHEL and applied upstream - Fix a problem where same files in two rpms created rpm conflict - Move some nss-sysinit manpages tar archives to the %files the - All man pages are listed by name so there shouldn't be wildcard inclusion - Add support for ppc64le, Resolves: Bug 1052545- ARM tests pass so remove ARM conditional- Update to nss-3.15.4 (hg tag NSS_3_15_4_RTM) - Resolves: Bug 1049229 - nss-3.15.4 is available - Update pem sources to latest from the interim upstream for pem - Remove no longer needed patches - Update pem/rsawrapr.c patch on account of upstream changes to freebl/softoken - Update iquote.patch on account of upstream changes- Update to nss-3.15.3.1 (hg tag NSS_3_15_3_1_RTM) - Resolves: Bug 1040282 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) - Resolves: Bug 1040192 - nss-3.15.3.1 is available- Bump the release tag- Update to NSS_3_15_3_RTM - Resolves: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws - Fix option descriptions for setup-nsssysinit manpage - Fix man page of nss-sysinit wrong path and other flaws - Document email option for certutil manpage - Remove unused patches- Revert one change from last commit to preserve full nss pluggable ecc supprt [1019245]- Use the full sources from upstream - Bug 1019245 - ECDHE in openssl available -> NSS needs too for Firefox/Thunderbird- Update to NSS_3_15_2_RTM - Update iquote.patch on account of modified prototype on cert.h installed by nss-devel- Update pem sources to pick up a patch applied upstream which a faulty merge had missed - The pem module should not require unique file basenames- Update pem sources to the latest from interim upstream- Resolves: rhbz#996639 - Minor bugs in nss man pages - Fix some typos and improve description and see also sections- Cleanup spec file to address most rpmlint errors and warnings - Using double percent symbols to fix macro-in-comment warnings - Ignore unversioned-explicit-provides nss-system-init per spec comments - Ignore invalid-url Source0 as it comes from the git lookaside cache - Ignore invalid-url Source12 as it comes from the git lookaside cache- Add man page for pkcs11.txt configuration file and cert and key databases - Resolves: rhbz#985114 - Provide man pages for the nss configuration files- Fix errors in the man pages - Resolves: rhbz#984106 - Add missing option descriptions to man pages for {cert|cms|crl}util - Resolves: rhbz#982856 - Fix path to script in man page for nss-sysinit- Update to NSS_3_15_1_RTM - Enable the iquote.patch to access newly introduced types- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Fix incorrect path that hid failed test from view - Add ocsp to the test suites to run but ... - Temporarily disable the ocsp stapling tests - Do not treat failed attempts at ssl pkcs11 bypass as fatal errors- Update to NSS_3_15_BETA1 - Update spec file, patches, and helper scripts on account of a shallower source tree- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build3.79.0-5.el83.79.0-5.el8.build-id0d2612c701529a318144340d7a0d1ce8f28c354flibnssutil3.sonss-utilCOPYING/usr/lib//usr/lib/.build-id//usr/lib/.build-id/0d//usr/share/licenses//usr/share/licenses/nss-util/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m32 -march=x86-64 -mtune=generic -mfpmath=sse -mstackrealign -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpioxz2i686-redhat-linux-gnudirectoryELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=0d2612c701529a318144340d7a0d1ce8f28c354f, strippedASCII textPPPPPPPPP P P P P PPPPR RRRRRRR R RR RRRutf-8b0284f1dcb8d9760e0b54b06d62d1a57e559b1b12b2fb168a805ce04a43c858c?@7zXZ !#,n] b2u jӫ`(y-]R^LNLUZ0x?p5љx!%س$1yYgVxN$-% ?Sy( yT'F@K H%֫bY 1!5>0"o[Rvd tߛ@* ȇJרJ+Z^ːs+Q'A[hWf??ez㯶b\W1\zNJ0-o^=Wof^tȃvu BzR>Eyt:#Xu ԙg"B Fj]6E`*uB|`uײyrqy<$KnP\&`][JIk*bRkHV^푺WƵW!~\NdJCSzvǤJ5sݱ%Vt>͖OdKGtE\T-oxIlE KppU٥i3.镯Uo;uܑa_Sk&Ԩ4Nn+t^\H ұ=嵋)žSЦXZ7ë Vl?f=S.d19T?IEy#u>P785D}؎ɸk".@,Bj7Ĥq;(1 _8" p}V,>#K#ę<{:l( ҳ'$Tot57&@8BEiK)Ҍ6(O#h$](˝5+h j PrvAr=p^+qR~s$a"铼k3R5PAU$CniW pSua%o *[c3>v RtL c¡!)dG% `E=@ 0:fuuc շ693W4ay&6_ݾ i/.uI-{5F RF 9"_]z?) KMcTOc0vvTUsvdu:L8k/2Dž/CSM<$߅$: DA ƇVYyxYuq7P}/׾Wv!V^E$B e,Q~0U2F"r&%M7^3v)k²KVLNpGU1S_/DV[q$D F$zM@W@z;D GseW6#6dO|cbe:+^#1 hQѼ/'1*[0^e wH3WP$+5uZ2n q}2'8#1Ͱ!VI(}vA!ݿn\|[=%p&yփ]g._Dr ̽ c~K8zCRFI!G}ԱE eU*L ܣ_ PQt`}Om /JSkNbrtSf:0嘚.\⾿t TyGXD--MfV Y y3N?VRV=.d3GR^_|> &Qoڑ Jp' twBbzSM+14Lcڥ%.H/~<z5#P&qh%?ƂφZl}ن=ė&K4)iCuzum%w`q+Q$`t.D'~ tVxI=ȋz5E.?( %Ң2+a) VH\U<5*>BF6lhF5dP sy$h /+ll;)ySO1xw 02 ÿy5yehYb}f1Q+ ۼ@Q#x"ݵޯ!@B]rMgxVl4٫H:Km/}{n䪷 R*]P񍠃fe[>mB)yWד?tGl姱9c@;7(Ω_bYFoB4I3vyʏahFT ħVMm8a)ªoɚ5՞B<"劣JE!6O4Z ݐO lW=u +2d[ 0k8zY^JOZ+bNYuD\"~w6\~# ydxwq wJ /~h{LiFe3&۫u@{X6S@4 ,R(uiz~eS>S<7RVff̅r`U`պ2C'"7Rt胲cY _,S.`;¹s sjy׈EZ@+\JٷXp ;_pVabQd,_ğT %$`-rMLskVXbM1IاY-7MRQwMΊ3YӵT1^Vp:PWx `iPN)C85U,҅~yTn3tSv}4j&|0d|VJR<&{`e TرH 2T9nQ\|"}P.)Խڱ$;\|~@BJÃ'ڧIgQ" lG0+R rAMd>#LwA4xؘ,aGx[3˝ 'C}?tb]!].bN}pFC7φ@y?j4%f(%, 5,Z37J6J2QaN7nz4TH&e'sར5/6~.p=fvĀbWQ?}Mk"=;<ǯv &?Ba%ה;l pL|Ajpj_t3+iDGq6Iϋ'MN.6伢uέ}#}%/pwS xxԀe9,A\-8 io=`K6-1{wR-H yAG#qz~@fcʢ ׅܶ]?ҩ< t~4nIP'/)>vL&Ewp|yi^4nJD&h1R+ 4)T8s#X NxեK1 ^hBdj9rzVlK+T;)byg/1k׿A1OVs-ohЅ\N:IEy#Y^GRLP _;!Dg[̿7˼?= ƃk: z^_lyvp]'O.9iϜo߅P y(dxZBFuV޳ (ӓ1xZOF, ha4j]{Q? yrNCT<ޜlW.K3YMiɸ SnMqǻ+Xaj(*<66R5sw8"=;UZrcO5S! ^\*96=dPN)9+&# .lg V rU:ȇB;yGo!wQ{H[}\E{y}#lBiuޤ@u!2ը(c.Mњ:]P* ͯ^щjU)O c@~tEXt驨|`5H{Ƕ)[͚!J,0AḾKZ[:G$?.1j?`FCH`mԞ+֛,[ۺPf6"Y:\[j ~TQ0(R}XCk_'AuG~CFv99U/R=ȉ.<ֻHwĞop BjĄ0@>~D'fܜ#d5xʘd_@Zv_'yy\bW%/-z(A;,. prIcES %i=#g>2~sǖ0 )BiAY>BX%hm[g"_Z+sN62~_V_k^ Rg擝l _ ߢO3[K\L~;(jbgؑ4%v-?:o$NmH\Zc iwO6 mуڷ`ʐG~.as5$SN$EVmaϻ$v!)FuYſ-9Si6bѻb\Fex 5[J ; #Gސ=ŕ\O/BJXx /A=h1:볯lmp{pYm uxlpW`eklmJY:ɣ<=0 8{HA:'ܞhGD @bn>Vv&bMtf]ݢD/fȉ)+8`;cQ\J*qH0E[Bަ eV$6%LTa?EGiMO 6m$^#I%4?sV!2p'1[띒|6ZXʟP І/woA7/:ŅD-UT.FnK%LC'e#3cv6v9EBquMycKVM} sh;ӮrW"X`X[+pW2Vqqsq?Ȍ =UPRٍ > &'˗7 iXފYP}E#>Q%I9rY4n)?1۪%;t4l?]uaJMO#tT0 ZDgMt{h]j?o`s ̙;}HVB )" E%YQ.gevnwW]mݎuLEL$F 19D7auȉJ#ogo;".OL$ԞM"Mʺʺ"b I≸qSI Uzp ~rDqםTJZΡyb8NGE qB.В%[Ƚ$MkH*bw0?iFX7 Wpݧr9WgTüX'G9t)s,Vm7djDh99[9`?Nm,3#rI5KP&3e89l)X~ R_Q:A>|VLv- UZh@G(Bk1KP,{5ogJ$ #7 tjwZ$JoׂŻI=q#3T_b֜Ӵ7{CС&0*Y!DNEM>UH{L ʱb b)YQv响 r^cx:A4yϛ2dzCCJr&A䜦-Dqߺrbgc c-`_H ۳c+h/GL/A"d`U )Ud+Op!׊Hj1hsrU!ȾRlNNJz-;-U_f[ڡ|]kZQv;BhktHivX 8\GkU +UN襠7.au5sn|ao۟Z1K/&Rs<>k]ˈ:Fv5\cg 2tZd%7_/w/]=#zۿ+mFz _ w5rȴ<b#B6#Hљ RiSg]zRx/~5: D0年P w2c{Uvև$딬lIl"$$ZHezArXu+$ =.+U~-ܟBt/Y=y: >l>q4cRUn$\SϗK34[Ԣ!l1@} csBΦ[+Bya#$+C3tr&J `wRk¶QMR1fupT~9̖*kd>yRC@>Omu=e<;{JcbsUA\cuEuwO2j7j򊵈K~јxm99qeҕlPzMӐI]u(oW [s 11:!eHoyS}F àͲ'ߒ& _(zBdtqŸ`%]u#(9>$4/jח1[aCs` <%ٰ*5}S;>5 D4OP6^YaeD->*0zW>tq.t()jn=\qwaˁC՘f[tکB%eh&e IѶ+do+B`vdC/8JOF:[ʓk#J2Øco  lFM/ A~q FbPxT"YNH 5Y:>3el Qiqp89jHAFxs6ZAf_$$"7{kй+i0YRak&2K`RaT\BH3Eѧw˽w'®.\B.t=#1sҍ M9xst+ 5FbLg}ppM82&4 N0 j[ 06ptP\oIv"ӹN a=`t"bPЖv׿nV|BUn|I0`J W`?1,1C0F l$ f OblXY*e*'^z1!>( Vǝ tZw P84(O $ ,\uw; >M!iglD\l$2.*sߏduBTm[aO/\FڭynD[k %OE>a<*qJ˔nKDDFP*EW")k% RfJ0E sQ] m mtxcc,Jw-l0,2GI@?ddκH'd=Uf{/R7~s҃oŻx$Ӕ$ ʏq͗H1 tX}u^FBMk#QvUOf@~j~|!Pr-x@{#bW]1S?Ŧ3r!B9OzߙfP}4qOK0Ėb;(vA&osgn1"[o'5nA켿hcU*JxGޡR8Jfٓڥ2g&i-|toȵp > shac!68W;]@ Rz;8]x)}{XcEb:RCf-">ItA#ȗrd 55CThG3мu=CR]8 `:UHvCoλ647[ ևlaƷI \OxGث,^-EL"4+uyIK}Sm ӃӲxnGG©|mk*`!; AؿΡ%GJCqvؠBkz?k21B?B]bb\j4NIJ22VZN~'ŧBlxŐq(Gn) h|xL(KI"8Jzb6k!)2Z%EmY<V؜)J D`宧HM)_\S2χ36Ä,w<9HF03;fǹ'ʹSN4gԩ?"\p1 f%10)ԴQaB7!Q\J"vtKEPxq!b@1W54]}ME,`>Ӕ"C "̋C?6`h"%dy?Rgj +@Ɔ6/;uYp ;o,M-X!FB{浃5=kԙNiղ{V8 1Y1#!v)`| g柱v.b;!`ioa&)FZ @cđ$v*iucٸwE;&#  ` l7⑁՚_\z#*+jya-k#T [ aOR[+4ATb96\{E:~_w䀁sأd+3m`ď-'U(%A*@ Mf e]\tvS"qN~0]Fc_n ^N` X6.B|Ur&]`~S5iyt?\I%&Ęk*UJ@׮4B/1a`QrUۧD+%u=:8|+cͺ.<SvdY6R96C{ 攞a.xMA>PmaR/@ 7J}jHp$VvcVt]DBҷ)-bMz#hsՙ}B{>R*- ?CDN^`gQ/Kɹ95+ª.hc]YWl Ч5=@s]Fn_qV>_ރ)N$ʘO>yBGͻrzK^J.?-IY߂а0P@%%*y [nKJZWaѤFʰ֕:n#[x/J_(/~)Z"c3ŹO`֛3Ȟ_ bf+\/|@vĊU*W7Av?^L1hap&m ֲ@ iZ'ۭ8UR';u{ }&ȟh '`"!VSyr!}ÁUxkm@,I s>=7//n" "[O&Ppsg,?*(o x>j؟Z6ۗmO&9HO|J]Cc4`IQҰP]+eFu +t_`-_VG\bSs[PFGJ.;*[-N6spc@l[od8жZ aa_$o J|-Hy ɝ2b\̗o0lm`@/VzK9"MĞ9Y,qp.9ΑbMWefĂ yMyOZ{>vLQM\F0ZA h욙A}܅)+am|њ|&i^=en{iVDB=o3O=>{DLʚ"VRfis_v3^Kf|nM'﹀ZЋC,؜@- N#xLSYQ#26{fYޯX=dzUL6:iNdoڸx_ZK\awLB tU6q oCԫ1m)?Ц>V]\RE >0jv}EKCc Ъ.< + J,_ DžX(ٌՄ)f}l5#t\&vr;k:RO=tC47꡺RBӟꉢ:ga N [wo?}vͶ;w9NI/gƛlÝQg\aʙwzl,[4mQ%{%3wC>@-Yiul_/!0 vC-5'v;]f"Dӗ߼N {ڟT_EÖT +Dzm!6v12"O!#هB,HR΢~SC`l}&$b!a~X .xtm>َXExhhQ."u;Ƚ[|}=1f:kEc -A&.=ۊN/k`!(ނ@{~ Rtp(RBN؀p 6m ob'nu{t4+ |F`EXU3rC9ùEg;~?G|r7ILps:iwtQtmh ,.8KyQw+&'N Lmr3^/FɵLupB?.<ݐMes N濪ܝV]ziӟ\iaDoE耊ipZ=[ސVM*^kW17뢦hY?.0C-zTs-s< 7A@IiLbVkC#%:Xߜq !-?6.x~  ҸgU1=KNmAKQLSWD"czO\BՍB}1jf7SN5%6bʫaE/'aW^JOH@ڞ A'ܦs*FXJI=ڴ/:Q~ (JH7&:Z'+9APRjq_zsb>@O0l.XrAaky73]:1˳HbfRr-zg vb60s@S5.8/NzEc^14.a. Ҧ]+m8 Q[A&. hсx#i"fD$vHx_/oʹ'ѱ;jx߉Ӵ]71Ds=<*ʘX7vj#?q#`uy9lдR1ػ*nk2ZY}Yߵό mM'N3̲i1̃BoOK`z{vVhIVɶ/A!A;䶩ڮ *9e }LѢtj8Y&x`C4#\ M-t_y`9Njgʬ9V{9XRl ʙsSG|._tQOr:ET$k(ylPu0Chy%Y}fW:75g䌎s? KxȹF\&&:O/}fs9rmA\ 0~߉Z7lg!XD-67Rz*Ki*}4hw%H$x JTabYbz׍DԃI~Uye?_< ЛՂu: Xu_!:qO ^%PR^O҉Ў4j7bUbL MٓEr Q640F7g/``XD>p=?F9DN @g^LŤGeK~h1$7Kw0 ](5(˨iKcpԶN8ggLgF!.$b?@1Flt60e$XЍvƩ´Av ^qes 8EynJ9Σ`<M -o2È)]t6+Uᒊ(m_W!1Xu1ldTF3>w!$vl ءM*?GX7PE+4? Òtۮd/Etvfq'^{N̤V@ַ`|za17=!A(YnSyt?9b$Hbl ~aHa(⿶zʉ%)p YRlʴAM\V-֍e0nB!k/ꬫijRv^Zͨ9hv()pd9w w: &)?h>y=\2%9֌ ] im"lrdLsm?`UFPk_xය2Vm%"tDXwן]Lrh,~X ٿ sF*m(sȫNxސ'=E.2Y4@YA\}>{YODMф'L:'4 Z} K* !_Jp48Ǔ\PBagB2{JBᰮ2V6Ǫ ʩw}xRe/ŇnqujHst\Krr0o,Y*ݩ-c-dy0+.׵؍eB;w68㪛e/6}^:d> fY"_* *_fZt,PXPA$GjlE،f}vSp-X8SI|b)3]U$H:Dih FN9BcvYLi!Wsz*޸n;pksM [{CMQ"$ؑr4m+4TW]f\g ? HZ gF"?H)L8W,2:_-ZlN{0DТz@;KSI 1O)&5E2`a5wZX0$[Ey aWdM+5?YĄ" V*K \洍D!gPnMbW٠8j QJ{^"ytgc1}qf- |`ݠ&"إ'X1qFGt>{r t|sӻ续Pվ;Z' RKj/ʟ_e}F\}|`1S0?Vr^t#mɒJ¶r^"wi*iynxY}! <Vה' AŽGfJ69g#Xz #Hh/ʀyiO2)T3p1(0䊃槆;9 o;S` %2 Hs,U>O EtjoUMDJ;/o~ *w5(`Gx 84 &b'Ǘu-eh{<%  -=5FБ31dPH. FeaVV^c{w'P-z FRR۪MKچі%G,Gm&YU1f ^pOfkB=Rܓtw y8;uV;tvifAy~dSTrߠ}؉|i/$ Ÿ[j]vR sELZlݨ>f+;}1yK7Â-Ew&-T1 jVe9w|S.fHp,aЉ{y97o,nzư@aK4ʝH8Z^9 YnşNC/nUa]2 ݐ#i|ÿ_pEvTLW%ɽ '3xҧHKԽvV+38Ӂ'}d T"h1DĖM`pLpGo:bPZ.-&q(EOZiU :1ӼߘZ] VE2QF.57<ƾf-8*7D^DW lhvSlkE}?D8PR@2#:sx] W͏d>86 *򑪳nJo=\Y-VxHeɼ#-4[>~hԊ Q&hNTɄݦE;MgnœЏJ5k F*&0%;_sŒt:q&--"1U_5qH޶`6E2:Gz bIijPPtP- j'ӄ|Q!T3C5σK]L~v 𾯰$ic|xp,I)T=e`G^I%߱E G*-|^TR=e.S]`խA:-#0WnV m#*Q ]ҳ vcsdw8)[3$ޏ w.GNG?~/̴ 8Q٭ IDs [yk_&adEy%B> 9^Ə9i1rx=sbfkzulOLF)vnΆPٜStaRLky{L:ݬqPT)p]p t!Gzg<+UW샡kob  ]{ؾHL6he; ^M*ҨZ]ޓuCSQ5, t:(,r륂^h.ϭ2J:.Fl"F|s6'{Mp|6O2CY^{. YdUyp'Le7n\ 4ը;:@xq=çrgT}ɜUb|zTI.^ m;mAn#AՕ'Xc6X:tP|B3H\hPs>^z¯ڏ ҉r#Yd~^2No٣aRf)w( &#oiZQs1>lV@e='uLl"uMB&B z6(4yYT Vcff"Ѣy^؊xLby=Ä|{_ e :|O޾' CC~0 u^:_|h$3{y)ִH)p$-Rb3 ίp~1ǯx c뾀&GH^Qs=622-p{h*OZP' 0=\€Y޲*`/v}hū\^`zkƦ@+NMa[k@*vR}w!MZ8X'B}d+ZB9/YڟXؙ7{2fO켠"jm[Ty$P+ ?(J-!H<on nSޫo۳'%O`PHRHa"p LSf6LO;i6 2 ,<@G ;AWVbn;M+kSO"_I*R<6-BN.=GzZB''=N\bn>PSбh]g;G )Yo#YoW^Ϝn{q\*Uؽ~D瓘b|1x!z_Q=XWD$, 27 J쥰0{@N<ծfSZ >rf1?ZG:[a-(f×{,r&nkЂrE5?khyhKW.YjeU ng9@踡m qQT`ч'Ns,;y 6qk,tr2|8+5[1"!_P[6['iMi;6[}\Y+ lRl`pq{y e\!kE:Iq|,M5^ƫrRuF9JS/5)LDA~P/Ej^mo';6;hX+=Ϯw CLں\4ׇޝ&zAʈ6s7P)4g哅\7qn)2ש3I~-$ THğþ#cW{ˤX O ľc4؏?`l֜.AcOxL2nGNHF+?PӾF=mwTPPU܌1/ 07tN A ьn\ a$>4WJx 6f>X^,݃&JbaxC0o6n>匮6?$.۳SYrrDAsI7J=@TF{(( I$)~ HEAI"`F Gl72)r'db|bwZ\a+9xrBҡܼZ&vE[t-lݜ`j(-y&H7q[olt3ƪK~76c=47ґzx,5;E (A1exdEY՟O}27W,Ƕ̬r}6Rh $m?])^[ve*tHHB0{n97DSdnqcA (lC֝l4H{80H6#ix֮v0}1x5:%-H ݕS RH!U`)@s~ \洣:0d#Xɴ\;hê%7_:Ttjd8J A1]{Vkp~k0!p)+\^|lpx%yrd5b'lhv>-WxjݕLp D)Lnan碳ZoXj$! L¢|7u;ُ);@":-d))ErRf9Hdlއ8Յn;efb$I'ba΄7lE:t)f} c:GMz:[9?0p*H%7<`[ 3]*fJʢF#&F7ˠHIkq%Je} B2Gbk 7AU wܢ*d Y - j7`L(H0i녮 Pf$,ʢuNٍK^t۞W3ۖEdmgʚEHʡQ |*8L"w޹G pE][V`g + fG- UY7%#jE6ɠqȘ)M#v6L8G*-r yvk<(i`‰[c9tV< /9d(Uv  OxqI1! (B=Ubt5.臮ٍ5%`)mȌ{.K"@m/']pY2F2Fy1no7d̥߳)7i oyOxN1+Si!-Ϸ'oCf7Q 0f\1ZA ah9^F<`SK]rm2҄kFO̡MOI:P-Dwy ȜCm 7&T"2"J"%ϴtLY*c.{h~4\V3v>&&\h|$`%Ju3EYOQȥ7ȩDn-n*h< }{72P҅LMu,~O"C/q0ԘG~gs N2)= p4g&un^X>u\.6U[0?9P,mn(A:!GG\-hwHn|F0Q~piCq bb,5Sv`@;mdAp[6@Ϧ;n:~|UYt࠻oKX G{ 縐?M%2eӎnkZ &""E1fl9(J/@ L)?t"ˑE&qxF^Bzgq,8F9yJ X 4;kŊ~p!X=jk'2*LzP͚0cϋkMONY>4#PFi2Nýa W s&ؒ nb"L4^,gHt;rznsb7Էuh,3H]gm\Eܷia+% im(JYCi>Z;`m81^>2-w }2:*[XX^9==aapTYM L9y?22W#IT}vH:)5(uE\'i[q} I^h>+ np*o {fO6N`>P0VaCVo0/,Ujլr@/[?ȨW=x84\ؽY$QQ|/F}"\#3"*.SJh~ POa9B@LmI8M\' G\$@x>W\#b9qB4GLHL4ZP^H58ۻ]FUbQO̵>#gTR"uH 8wй3!Ӈ|2OwfKÈ/[孂rߢ*@t{Nd xO8i+{R7[g՘4U% H+ۤv%m(";?gԵDn DMd.TPn,EZٯh>Z 8ޙhy2+Jp,TWκx# ; o/bT,ǛzHCt5ݸTHN]^Z^Uɮ)u>7qѳe%c'F_>g:BLaAV{v|0v<Ð>퓥)r03Js`U4F֤H|/$Xg$Mו 6$ekV*$WLDGG1T:8ieNEҍښ㐾@!v9X1B ?ŖVd07ѧJ]8竅˚+XzM@ls{%aXWE ":WGe3Q{GP7c F< >=}x$~o >S!_@PKA]bF2GTGճ:*ۍ?'F 4ZO-vI(YIC{il&x͙s!cHxX}jՃ|M=inXA,^>°s%BJ%:/mI}y HkA_V]@ hN=CTvz]?6ܦ7+ 3;Q0z79*p0-j|*U}͟+LB4=X851.46Mc_7Gr7"1<4:LP:;(*䆔r~Ei`XNظ`Pn44@̷pB0JΑ_uAX#ӿ4O6zAC&֫| wO=+,))[Q>0`l2 #ܫ20'@P sF47] E$'[CXXf]`{GE2~)+Zkvǜ"qS"&g*V]C!g:f,'E٪8h~|ڳky*F0''vCicS>OԧF ؜Vb0<T BK#.eZxVL1ZVgcQE<A\52~8/ ,a;,Fؐӫ/h7b#*=FsW/S܋gF2%ߴ!5lںrF7 Sm8PoM7ρ3zpۨocF~ܭ*\u1Sr_!$\/| 2aY@0:֝iKzA=YAMWܻP45Yv8-0ɧ83mi>8*.X P-y세90~`:X9Wş狀/~`=-.x  \rVzhb?`eNH :n&8{ւUj]B!d!#m{alhS, @JLV3Z *};xaȼKha#Ub g.HU1XF(oT4h=>X+<ؾMS)[_S;w?ќuESòr}h p_E*j Q_>:A")<"V9A 3*(0&8iwfhRunbU}0R s^4xa~9FŚ,.qg =n?\A=Z[kpU:^L\`齪–GN;"~ fpR ܸa{4ݜX Ԝ,8̰wUITOxdkg c"ZR]xW qoo|x_A$(M88$MfR`2m" O*SRxyy)m%UOf>vϊo#ZWI^O}?M>c"<| 9wy`R kaeF.i++P&\d<ӴQqb 9^z`/HD7q( [)fkLȜ'>}U^ԧë|5W@r^6b&ѹoּ->͇;dz-Hg0u a ,`)c _K/2o>njT -雃[H3B(d`ݨSL+-%Ct6@d`@SDdt.3) rbEh]P*> C2SX`(Ɉ\)$l ЦgE q&%]Đ}_(Ξ&V%l`Gz):&Q,s tmP;ʓ#([egZ!nL~,Vu|3fkhq L7ğ1P‹ec>wv7 y=8zcYZmI7c$ԋ"֋h$CTP} Ӑ ı)r$^^c$ ll;^bzx:¹W7*>_dAo J #O%Eˆs?AhoѮQ4ݙ |O6֫5l #hr~9~_j2,5#jOI1vR(I9~w]Tp^tMюPFWEӡCqJ=^U{`aW;KݐU( ?gM{ Lh,*Q]3_: Mm#+_% 3yDC#l _;v;rCS{x 슊)K9b> w4؉8 Fa熫gXPթJY6΃(u)]$|H/ڞ0srY1_4e.=Z 3 J1hQsf)Ž!B-lfP'ì躗֗ᑉ3? %i.:<kgʙ%BёpfmD= u(]aYc;jfGntlmƷD598f|#?ZTY2IBj!(RUNG;5RmeL=4lVCԀٮ>UeH^$vOHèiġ( g, g))az_Vu<5N{JKLu&$ ,T *O.>3.*@)u6{Y)~<67';i%f s\w :5>OZ KLjH :Uͧ))'gAlRkտŽ.fF~;*lcT䍈sC OKʳ$0 ( qZkK6ߺ@ȓLj[J`ߩ"xqq1xI_Iq[8mܾ~2l9E$4wroT:/X9X(Zb碋*I[h %tfEj\6ca]+2S((>PM~T6<3yNEuO!"vGghOSB9U_ު9Vof*!]Z)Q BfK%~PplrdӒnyBu2qJ5hӢqBjCNΟ$3c ͐h>¦#R'xdf3!hcܨQQA='s}[1A.KyjZz5;~AAf8^$#]DrѢ@v"49&+Դ+ $XTuf0d@gtpA2/oCxT/uv'G;r,{^ٛA1TnsU{7V>ݫ@TK|Tdq\"~p .]l 2ʆdvvVDp"W95P[R(č.f>`JY\6؍Nrz10eF]G L{ps~oP[=\Zm;f#nC)Ɲn= !Zv/O{?֪k"o+_3io"3rL55$hC!~^A> #~Qm:T7BEKM0UF;~%vpnLs0|9HAt C 2c'KxUestҍ R,[4ueox淯H?GGУPl<`L*%#Q;_jo7zpVJ jصq["wy+PѰd0JRɣ|sO ibSh0O>l% qzޓ,yJ;^,:s$WܴZr8f{.kMewZK jh|HMCH뇺?NޒLZ/}F1yYxH.|Sͱl}`HM0^w9L(&4 {uF]վڪ[v'.ңƗ<܉(q VUUZ7bt*5Y̟eϐ-R[~Y(2N9LicnêW,_H `:>3$Ϛ.)mĩhknJO!Q]J:WA,Al1P&CgU_Y0ɥ.A# sh=X2o6+ c|)=m_;:0^k~[&m[\Z:{ԣrVFi9wjw<=2@ pQ>?㽯pQ%2Iv_<3^D05~rvBݝ!%-Ǽ; 4FNJpL\ VO= w8 ))Fk=VuBߖEMFJi!+vy4|n]lu$͞O@ً?~9'C9$-zv6^!t[I>"D iDTj{J'ʅ܇gunx1.~ IS7<5h٦VaJ-KoU9W8F=s.Zp-ޘ@O7 %Dqo0<;C%.gyw/{ a10ys:[;ShŃg,kh ',=31NH4zlϾ[ojgԟJGR]O;&Q+S9QC5$Q&k;'7fdI߈7*]&2\|B{iOݲ!;›.`/=b`SV~Y!/`N#COYStomjڙ):o* \N/{6˩2jՁ <,ycY|^nߥ:}-%.ZyX{d#(qd,}\iF/inw-jW݌py_PVG֕=j bwًa* {: Y5`80\uzg7L/fM)SPZr#rf8hXP>1 "7h NMmAyh|"T1WW"y6n^sf"50)[_4QiICH\7`=aDQ0=UUTµ0k`e߼M##nm ky&N"^(ckߴ8w42&j9T bJ*nhɌU6m_nߤfN(/)].MA:/Am3JHl}Ow?koN?'eL.L-˂:\prX3f /"}'c9 =y 4 6sq\G}%O6}f:o~5!^t%|&n]US_91hu#r$w֜/: c~dn쭵9dr鶨Z]Dퟥ=|U5S@ÌYbHaCuǃhWB<+Y6r4c?wyKL7R@HbF[r*ɛ{PQs)vm9E/"Whr'{\Q1:p ysCJeEYQQ^NKB}g.iD٠&겙K6O- #CWT=\QO\ܞ:SÕs"VuȽ6E cV83DV"N̖?a9@O[ ]]QדzaBXf"*"Dёb /2F*ΞłOץeU (b_Ctں$ ᤥ-~ށ|>/٫B+(,/ :!Bta|Gϛ=jN]J6[<:g.}AH\὚k9DY1ލ7]~&[ԲAB*|B@bYD@a8X/Xᩖ>[,QJ+mֶMq*ޛ +sP䞟!)'^8) -tb CUww3dm\ŽE&t&zY"}& Y72^Qlv{R_](Od/v %S}qq`0M$36Bup5s2Ң(嵑ÓVcKMx\<281JWO&96alRv| V(c}or A\w5 r"YEDŽCNi@3F9l&SD`d@(`?: Kz{>hXڎ"*fKr e՟ @"ܞ>tJVm̘نx$_T'!p5H2=OpDzi.|)7DSi0Y\#%^h>Փ /,˺ZCZȜͩ#P<8kN [tjbnjl,1Jý!B32! >4s, 1V&⃢BO66%rc0RcH(ItNuh? dk4S~P"'峱ͱƎy az4o.Ǒ8? ExawBj 1; &֨-+B2ֱr+R3B W:oܪN5.֞zss>=H7LuSr 7.j˴d!RDv ({!N2&N#ƿ;U4vHXH&R&ST8 "9c'qsjeCI#9bm54N J<)EB v_ {9rJ^|*AcA+zӉo`z;ZO]$-:C4$b5 .b]U^76MA>_ Tl:HYο(17#Q G8Nfe$9wb|dXlَiyP;S:Sr@ _BZ*"I"іpշ8O!9-3kh;imo0 ˾ddP) {Q V+`a,8j_oaV뤀.:#Y2<`to*4{M$z d!6͎m>E|4m9X`Y0nB+dOCU~CU#s 'd}&I¡q "jz,нA_P,kn` '僤 ¡S3JM5(LIod\y0"q>Abm%U[4a9y8Kʰ6(vQ kZc7|'}gri̠`M5(pS[ppu"),8ч_V;}-bg(B3 Zﹶ\Ucj1Me`C#~ VJ'AًcȻBpR#fIvy!)=ר@"p"GTQBr<% l2!p>py.ey0ݙ.B3u~ؒ7~E2?&,yE&j_L!Mc$g&2%xH (L d\[j%:xrm{rYxeᜫy6stu=6,?@6ԋS[ feQA`RBM.hMmHtT5N4"T%PSzu6%^0nu?w- oߓၲ`j4+$Hl&f߀Ͻ#5M7B&$mƼ.=BSv :ta#?eN&C.`˷H?Y}h jND=У8@ݍ%B6ea"3svBw"I0<|DSPr#QI5gZ, TeFƅ\D{5VLpXV4o&뾖/>u0m uxR7CUXb^/Y!7h~xQ=dN=Yjy?Y?>TfT A‹BL;N%tye(um>0w ν߳A_>v3Ndꣃ8t0_L۵ oI!c%QLuD_ VMC1L컹ߘ9$`48Or[9CVK7H䊏~G}][<̯u=sC]eZFJ0L1czQAgOMXg oHX3- j`bkO|+;28ӘXYI<=5ZW&}C`)o#ѻ.vz E[u@rjEg ܯs=Lȑ?yGH bقb++]_Obs.GPpRJp0ИH'_S|tn 9M7C@88k"vdgoԴKPV7_0ѯm)SEEkW#oJؿF&|1$5+_a@9ZOQ3"+s ,3W~Y/C-z@esR/Ugu٧- ]؆\hZ̒È4;q踪b4ڭȡ,Akd&XDF9q]ŤX_};/ @t3)o^ Q o1 ~F4 D'і*0ƏPHCH_q#wLh>Ew}~x Ȫ4nnɅɅ&xztN;[G'h(dzoNT_=}p&Jj+| qd|Wx%D  !!7PPk G5N<V~LoO/fϛA)mTCh~1tޣ5-^sQ?HSE"458}#bz;ep-OG_캣¥>j`W2?x!]T| U3׶R7Q -K$^ל<\S!Qg^ +?g鑢n$K`u*r',9@i`M2w ҰAZeS^&d݅k\Qr5jifR8xJqo@47-(PtMq>ݵ &G/7mY4]4u O=^L! :Bp N)P^DcTVl<tYY̚:$M m05I]jJLmyMB&,J=VOzSp(\SP/CG;-o@^hR[=k5@B=/vT.Rr\"ac5P[vBFt"P4#Sel#E1? #ІD]II{y{6Xy ֵ%|iGj԰[#]LܷgRvn2rV5WeWD5[1ӯ󶩣|wbgl"mie)Nv 60D{Bv2C?W}#?[a9[9+}T[ٽ~ ʋ8\U^x~Ϩ2]fMŔ9'$7@o1D:Ne3~IN&/;Y;,~i鷆! `m4"^0sB(s{82#ʷאgF?mC=⓪}v~"Q/UF"ԭWl)DwqM+,{{ךo?rRp'z7=[ ZzTQu6 &kI׻gVWG}VuF;VfsĈU[K3䇩v]#aߩu9 ۂU[[Uq7!oP{bg? m†kI`$vD"Qڂk oަU_2[\пw+VZ/S^FyM{rJ2 ҿWbD'f#_fdA^PFk8?,bjf0[]lXHl:F^lpzKE"]`UD,4D1534 zpt|+;m;rLedĎʹaѠ'g/N.Hd}csUu8{cY|ʝ])ƹcdzvehJʊt<i Rl.tP%V>VBZt<[6e7I++έX'8s9s fu`c6y s3*eFUfo?Z(x305ԩVT-L``Y(>&P^-H ol81biZφ [FXa߼ے`㨊h87@H3;vH sˀK ^{EyuP? 1k <8TWS0NweK*/"d}%٪ [Ҋ5Whi0cpN$[akO^; 'sΣ :#.0P <!<'1kBtGK^zP( Sf'Y3l.$f= ׵~XS}t*{A N1a@7B()[NhPg/?ܻ׺W#WK7S*#La4^|csTGSV0(? kMwq)ew3t 9rsI49c>,jQzNLw:Svy |yT5V(jcw胂5Bagf̼fPx=)='3$?X)oX<]|GDLaaSx&JXK% ^)d$b' d\GQ7=~Xw Vcz0",) ua]IvܛwեՍi2.t KJR/$AeCuG'M=;Ad*+,NvbDYOt gϷt4OQ=p@6:IKǴ"}&`^Ϸ#hy!0YTb/IE8Pmo^0Hq@c~X4X4JR*1X˗ճB ^Ҽ5/X'Gwm-yJ ˿a_ZH q_`?[FpX]U"mL&Ҕ`4n]}ԸB* e6 `YIl*G3nEvs&,6pV5~)fm;˧1 \BnCzgNA =z@x;:NC}LcM@sTe%o|la%7D&=&5~Gm6T* $j꽁Ex=KSU]٥Lznx]F>nCpȋ֭_IZ6===)yVl̻Um6B%漤7W)f?UJ)1RKSc+@V0+bbC9z򊩘 bcZ)Kt߾s>T*q0'\bQr]̋0Ӵz8`Q@hO#Z,_hy*-Օ61d*ݟ!4bJ&KMǼ]`"n)iDd0Iy4wAW/xq\{JzP: kyT9/<ɂ2JBNl Ybl-εsP(֝W ݢ-<¿׫ȽfZ} be|O-s[`MiC ~m-c"˴D5&9|$ZG>r> Tې;&CW9Gvt /Xf^;X)SXM 晌PM/OC(Ow֬h CuxȳM 5F/}fFaꝅpVDY &(wU"!3*gȜ$[ p,ٝ,sZk\NJ{>O$HԮbK^NhTZ5r[n|HxH&8/806oy-b[wH qGq7v!wAxF3d'T],.xnF$~$0rbA-!ãI9ک҇>27A g[/!nVEn x{(t=M(QԊj5H/ے 4Q2E/Gn((NP]vSIr|*UaHVJ[1<%UV.6RcZ,#4B9vD^U׾aeP޶P'sJʎwZƊY ggVe6PT $Ce"<n8jϩG͏Er;s^&MnPDri&BX9t27oes/B )(\$HdMv {9Ȱ&5&YႯ^Lԁ(E@/!%5\D & wM'W/WTdZ}ͤ0] 1O701J@{=:TO] &[?wim 0t!yj(N8n^Lo35Dɟ6Lm.c7.PPb.[+ Y1mNU9l(n̹v`A#jL^ rY*- >,@: I:&U8}I )h(J)P8+CXhs ??˻-*?$A1Bì[.˳{?zfe-A|tf[AModU2S>Sbh?wKެ.:`2$ɴ("3j$L~v\u#`4TB+.rcF?'y{X2J1á,ǦyE&~S=\Nt7pJY$0N6"cLgzIo*cRκGI='.$FvܟyT|jC~R gK􁫮`1V{QTc)8pOS t1B*3*1Z~ 3n)|TjAe TaQ13R$>qFyScr,)bsR!gub(aV:0#y?>t 4҆醫CqdAjH5Kb{a5~ҦExlqFS zYYQ E OSM/jI}Gq kΨQn` G|oaʹP\tO"Um!]7zC(=jxnʀ-?#,J"޳c/@Y$ haeݬjFĉ RdX?_N;[ ſ{Eunsfi#RKŕZi%#sKz%x/^@!K3g0ܶ)j/2cHbGe!e R {^IꛝGx@ǍC*HE2XG%UrEӞ'Z'~z;_5#t"-M_(rU&cen ( w]"#Sozplwpm v*{h? p:$̝ qX k}/=(hZoh̭#"vWT$ŀ~l;v;̬RmbbPf?$e:G[*}OF~>?p 59糟+1qk܇Hb 4Df}*Jo 6rݝny>7-K̠ܣV 4@1e#(rX$08ԥz.N'ۆEap@4*mRޠ^W۟lt|eld"S< ˳n"S~27,A>H轼 w('[g#|,NBMW˩!bR_l=q&}(r7r )dԝEKDt@u8Xj |7`l:z,3& @#U1O—82Ⱦ n,:l"K= ;dndeoRݔֺC_*%qFa(b6k-mv L.]Rݪ}Lq}gZ a`gxr' ,]+ _87k?>y0)Y҅8-`-JހTf.Ww)>8^!UQOv|2ڊA +33݌T]ŀ·S]kqWH>P>zێglKjgm2?z?jl `"6Y<)ˇ 0?_/d5m^y|G5B5#F}tzޫևuMlLۺх^1sO;mxPSLp"aRG a~quꂗ-tfG! u~- 0f$7 ɺ4+}g $ t ##:W'o<_k7CX4@g7*9 1#lN2NjI9blX3yJ*fı\jFvFfR̚Ƀ* \QJ&x9,gFnY`sAmn\ 9J5Lh=8s=27?k)5WO,EGIβhJ"f(2w1hں('zE&xF퐙Fv Tt~A&PJÓi}N B@2PH!{>Rd M >RnC+5Z%x13 9tW'%Vibج6"Nŏ|`=$ /i]lAyt˟r+brF $9|-7W1cVa*iFR.MXS`T+P4c` kn)q|O^Mz8S(O_*+&M!%r(}=OdM@O/K$ӧ671wynLWA[3!Y֩G)pL+xJKI[I}ЄG*Gv=^`]7v~xvѻ} y)"m'6?>Ny.1gMݕac-xeuǑbqW4uyѰ{<'NTO .o_Gw3;~üG`L[]֏{E[/ܗdR*bm~(|`a y?Jqt]( jHCF[6EU]ṕ]@l TRA}ut`R_jNӡcoHZo-"~"Y+fGB (*|Y%ʁm rgW,OՑa /cAw*?^LEQG#g۷֒5Uny9 Tvxe5@uPFY#5jF|(1X0Fn zy}a=y`pGDz=Jve kGJ~li5C20l25;W#eQHe)Q?%.B@a' 8f̾B?/8yk+FK7'DHRs{X3.<9b‘$OuhrʿH)%$Z@SjdzĒy{c ~k`',p09SSL8*,lS&<P%Fz":GoVOTٓyqH[nq1j#Akς]?ܢO[l!nv8^X  cnl^=< Eյ84k /csj]Q1S֫^0%B: {O IU#[F~2gJ1BRs]>n>"LĴ/ b 8 ]J9Ԛ#16[,II }Ǿ^tخCb4J`&p@5y頊`P {:_e숱VCЂYa̲y~Ķ~l {=(UeEOxa.5p^dAP f-UN0NM62󚵞OXc&~ljyhP{  Y]r6֏3CI/a7k1d"jҴ5i3D?T胥̐g~H5Ũ#5PЛib  `7z{=zqZGRiO&kun|M)03.:_@b B4U΍OtvI4*>]7vs9w8eGS< `j<~++DSJZ.|;ͭ95?v-%HT._飫P5]FAYu µďB PN|2'(6\,4cxxJvxT.-Dk'n&o'{6iWrH'x@#hInMo8 (dž槻yϊO#CޏұT#x_ց4r=o 70V̏pov[yw 3y9&oeYpPaB-jiis@#{5۷/LЋV/h Jֳo*X?ڻIڴ`r:|1Zx{Ta{ 1qBvI$f _c3CC'>6=î7x~f2]FX$Sb.=5~&#܂}2W_F S}^#αrnbrX9 uAռ'8s$s\ \&(eyO0a$ GI*u5]g*Sl-+Zј@Sjז|>{1Y4l(5mc4WO& VT=I_affb`%#z!0I4%d)S3R־kd gydM|}\P/;d~#Ql R'B3ν}yS_(>ÅTFh,uAΕjw|Pf6 Wnu5tÕ %n۰Λ0<ȟTfnzf=^yd{RAkPb/?^p "`G 2FXB [@+B]ǽ$Ļ@ V/LD]J6URiR<@I, "j`_b>dήUS Q%I"HX#&vSb9v؎=)9\/%% ._i;M T9m\z1#ƀ6u dآ9(&QR814Nf_yMXݳZ޸@a->T-0>h%@_QiԦh!P]_ϖDb BRZ]`gw!fq?N{Gu/a'a0[8綼IvgUlOLþƠ2Ir0б:y8e59j :c@X8"͜Neo#L ?%pHʎY봮]>W?:T[`TwxΓnU16F|=j.ceXvċ"z+L\u'& FenN eo"]$A_XQ΍0"!]6_|ǮO a'w*ӄ9*J`j0Q;2- 8r-MZW x3Q!AkGBd+$:YAۤ~Os9휄d뺌g Wx6ŅXRp 6?W\PˌPxn/O"HA$$S>}9({='.ݷ;tkG[|,iiM. f}[Zz`C(-q#%>Acc$+QcLz7`fޙWYO]kgl8ThzG6U뮛V~H). GHGq9 Qw|Sɪruq!]lM2~ۄt^^}܌A<, ڃlzNBVFg=!6DȘygW%30"**@yZs-W]=(4Oqt}F߉vIO"b~K"QuxB:cJLh#C/SʻS8xjƽ7+ M) VQ֙o;6z8"$XzCA=0KX8fiE $ Jy 6/Eyo'Hr@4vioxR.U^>rI][Q Q%| 1tNZK0}Q4|\RG!?_P'Y~@mԶPg; T3 .WߖU{6c̒#<36;=i؁ҧЮsUߟka|GS3f)xXn"1}|`&}"͓5O%2[u+/h}\$V^T-.t+_w#>vt~=lPr1Z$L'y)9_nQg{!w7{XU& O-{MY5TeS8`-Z"0җ6E/{ "p YO~ew,|Zظ3`Qvd)11Ml6!׈$R*q- rXw==ʦRvzH6#'H!  vIkⰖls/3?K6Gn4/o܁@^U ,#2%πLIv-wk[3"GivV/lq_q$S=ٱv[>B:F'Xi_+4ޮUbH, ۫'vDx@{@ mۄsφ(EX1$0Cb\K\$OqRN\-t 9oZoksֻ@v߲fU_!NbD߹!Iu@P ض4@^MSL-2;k{qyYNa7Xk 4r CQS)GWCCDc|YXXdWۭ}tTCjqiq* 8]2J*E "rSZvoI ׸V]C~βjU$uɜ# V'Ya[B >?{q}#~=%N1{35l>9'=7S3ldP F9 ~Z:ؒ၆xr?Kf,V"AH q݂ʋI9]rPޙ~ь.5![:>8r/J3k+M 70߯o9 >PSk, p q⸏I@@]>6NշedY%4.+%u܌`zBՐs&Z?tB @ \=wғ63" FV+JNTۂbغ@&7N&8TE 'Qm{ΥxiPd#/ ~LyUʂ)rKzo\c]M&qn@;k: u.r߹ؕ(y&:˄_CIָYQ'6(ӕ3vŇ!hT5@ H7Ŀ5\|^A;\ܢIV(6J~_6bfq걹l%5!$ $@*K\)ZEI+h/_^ScLCƌ, o%TﯷnIkc>~@оa.P=dHr)_rL7~QT[ý3b'PA'90m~˭(Rݵyږ|q<,e Ԃ(3=rdՉXpJvv[ F@I ݧW Qh%u*i_iEh~2ϑת>1Sj9M1&ijjG{AhxNuø <;xViW6I^½{`aVsyջ\$-MubBL:Gkq,OpqX!.J}.G3G@ s !/5`Zɑy 4hPju g ]$RQ޵F!M5p?C U f") YAbncSt 3Up$au=]Z-pT*Nhl`gSA3-8% RNa$nCO}kz8j ;3"u{]|< T7U(IAQSkGk_Mغ2ے Z$mnv@*D3tے IaaJB0r /XbYκTTYXߕaT唝Zm2D4d@iH.L{}?+X!wflWG12a2<~t F"7"B\ {hS2)tҭbX#ZO!s̺>! i_0aE'Q¾M3㋥DPnNx06!x̀˖km;c^&kH&&y*ehHPO%CkqF1LI;]a/E +}ܧ *U56ښ6:y"߱>B6I"hPDrg@iTZw49LJz%*S塐a /EU 3""{XQJ&͸lb a1 If4sUwroUYbzU܄2vZaҩQ;FaT+%k`9>@Zogp'C+á1xejlZ5*@ ~wl+98;P `779ω[hn,S3kAI]yn 79rwZ<*ؤ-bcq݃~s yj06n BJݚH3\. @8A9B{M8|knVWUw^"\Zz*Y#F+9^ɷw1Qh(`pNsQoN2 d/L@eEL !SV3eA`>u:\+?ɇmoK?y 46޴V!/@rT:͙b[;lt75_Y8Af89 KܬZ$:AN׽w ņ8љUʋ]% xHvE͓==+T[q—?%g۔~r(0>s2NUiGQd}CAKZDŽ౸sƬqXH@c55gm`oLIeL՟m([DZM`QLe@& .Gh͒,gң~؍Bi=󌢒:<$hAФ+=UUaxvg̴"*-4:Cb|6689sBʥ)CMN򿆊TcWkՍL8d! Znɕ'4UN!1. Xw86U& 3k œsp4,N?,tl-RbOQ&{wD6W{8~gK{y jfEɬ W|;@43k(Z7Mcclzp/_?K}ྒྷ2N'V,sDױl2ށFxZg@G_{:3te0z_۴|ɗӤ62K^+Q 8w% tG|k51m(edI:4oT@GD2wr@uջGRw!\ӔUy za/Gp4SġA& YP~ǘ^:rºi9a3hfbH 8p#cF_Cq\[tU)KՐ\W jBmoXnv2h,@&Ʉ* )skݫ) Jbxy @oX&3J!]i\(+~c ܱw= ٍA$,;QSzv?W?Т@7|aWKtuWckj!Dθ >F\hٴwUА*d& ۰LߕH50@ sY9PeeW>h05]=58Uۅn PƨD\5LY 𮰃;ݻe/,8Ǣ4d bk0bLcuY_T@U%#qrd{>ao̖1z"JnH- g60e"k ^uL"FxC3H-@7Y>INc@ýȢ3@Q r3&8AVF'P|BN6Mv_f1fel[ nxu;5 0kzbxP([Wcd|/XĽtlYu# [lGyen0M"9`=h'%4þ~W嘉<37œ&=Cǝ kP` 9@ۘhqr$Y o )[*5ٯ=GYر+a'|i9#bE x~@帓{6V=2YevE*SL{#:+lP W3S FkfW0㫵V!2;Z»rJNtU=W^F܀)qz'4MC0`%;wt5K1 fꟙ4v ?wBad.iy1tٽ GK60D?Y l#AK3$U#:*9MDc^ -|Mj=Y'#Un_"W[Oj+ j'CWR/" tm3-~;\՟itˤlL{c˯}ݕ$-D(Ez)Ymu"*T],Z&@P{-[mWeAD*ha8ϑREۤ'p=Vz},oX`x1[GE(_Ϥڮ$ˡ!KU8B4XU /qֻ)nȒ¢I(~ $x1u(fr,ToPM%sQ(󓛢.[Z|زT4,G 6r-VeJ9Qf:@]SdDbʞNs?CQON+2B年rجr;] VSμTJxz~t# G6P]O7qdk".ye-66#ϼ9 BB WQI/\N1 Ai{(ڈkE_°+fPyvT}c`A=\R~QK7%'FK> 8I.5'6+2 _6qQitZ lͻLk5K+ I@Ez(m&G1E&/-2N܊8DؑsP\fѴf =n-?Hߋ1T:_THC"O+@橉/ @è+mhRG]2 4H ,:ͿXygMRdKղ_Ԭp{~.{Sķo _nqԖ_V 5b 3gw8"kqZ /P͒Mώ!iФF{HJ6bHq(0_~:?APbў$]k_p%=>_0")o*ZTpJDŽ2.a89Յ e)%sgPW*"Z47/Gs'B``(dw:~=zM7^JC6$cA*6|Toynw7Y4wGW#BJɄ)FN2N ";O0 Ş\ YE.ܤ C%֪zTl%Q`GgA*E耇_N)?,]/!qy-Wt)m!ZzsGH+̙HTݎ&"19D@$(53AJn5P5>Py;D_/lfS?m) K#dmDNpdkG^LB弌$4DCajYЃ BiZ܉yչP~M )#ј]l2R=!Dkg5խ@!Ϻq`zcb F(~p-@`++DPF%cNZtǎW]zj 8\/g2Ҽ)hu0/O4Ͽ Fx__]QTօ~% (.r=%|f8v{u(_/esC hWS͠[~eXck6DϘP^ٚEPmr_>wrc'mf-?2>+R=-'z-@ .@[qfwJԉTQv #b|!n RငW“la |l|ز \Ӂ帠i5@;>Rg!>(bȨ|?j9vS f6BvS(+C.{fƋ6*¡t\<5vոCʚh]5@ ?QN{4]Th*KgmI>*15}\kRH,͘KgcCjXLwd ="xUI]7l'݅Q-F8U#5,u^ťgn!0>IU%Eq2ڢA3 )G a|7 qnƐB#DDO[XVvA*~ls +%zNη T7UqƛmڮC Y<US"'nG3-C eC- jv^hO(8~9plgYx^\1,4pe"4~`[&4|c Y8(afCiAXE n! 9v/F}nɼBQE^l¸FyV SNP-53dkĶd6`m0m|3Ii} 2w">n*WD R[ۧ<%ʻS:wp5\-sw1zB$>i'%uǔ4 @Oz]2^^;A[oBTãy _ !jރ| ܎j.5nKJ w) d;Y+TQgH$Ejv x>AAnqQFҿJSTIm2}0XOˣ=YqP 1 (zp|ſ=WXͣ,yu H@x00Rp0tex) ]x!^7ʘø#AG Ȼogt Ty&SU>G XѬQBj ۷oX$-6; y) w^pm,G̽ esHIM 9T"DvHC DrMP*x!.ָD~Bb / F#&'4~Zkg3Whr%Kp0CuP~,Ith\"g(  Y\?p Zexy0I :C/7 ec==W9%^Cҟ|,"(b`FI.g<:M* ;Jd%P1yQ֏ ~n$&HN?] [t'yP[|h8ԤiadvjwjzaF(o3 |+]QLc$:.]r/Hݘgjy W0\0wj{މ-7[s>Ӧ`D)P7Zbswq*t| +IwxoL#ͤ;8e;Ѳ:kbz>M"r)^N#6}5EZCH}VJãK:{= ^\Yp7&_]I?z =@me{['1R$;KlP'|~F l?]1E?^= G~>4׼1GsnJn8ӖLqfZUհdxN6w7mDxc8_ҩB%旣`vz=PRj AV b@*8cm8>w- 3k@-i奣8[:+^/ PBg&Gi>7Yo>lkP%r.NM1Jd4S_R~עy -{-$ rJS9s:\:D tyuSf`\' WrH"pBQP3—y oYi PUPG^Q@劉ߞ cxEd]J|RŦKIa-Va20w.!Lrt2`7ۡ*j;@:s0<%3%Q GHݥU[^KtL ɪr%h c; r*/HK4UK>זDE9%;K8I *ɨgY:M+5%0ʁV2#;AcEFD,Wޱ/I ZBBp ]̻Ն> 9GU2lED@Oz r#?pys+&^e%:KD(TAd+ӉNp'7[좊Tx6%<В3)\k%Wg stѧJHKD}v#I׿`UfILa ~oYc~PWmu#'/å2̪zI ܠΠ@|>тxpr*zK% Ix(d Ey* ϙb%cwxoq Dx z,h8lmE~p'羌ذ5t^.vci~x2(].HC{كXpLmNV?uSwjyX,̇v} F-կg*`&Q<0Vj5+ [t.nX y)X] ۼZNr)"h~ؕn)H OMg4z!;C^!MDy\;uN~Nn#sՑ,KF!溺XNSh, ^u+rYH1QuLLP<̚K:~@oj·P:&㬫G,SM(zAϫ; #-}i}D1ÛˈYӿ@$jC6OUj.^;(Ŏ"Usͥ+6X$ۓ!NQH#K~b۞J!ƙ̹ziDCh|;%f9,FU'#wzvid{Cm4i 4;|ua22g#9WDJ4A?\eٸn@}d\%t_ݦXteB{{-*2af񍂅:4NB%Тڅ:*|s~FHmi7rR/()|h&)[]Majw5Ε梚JX\h`o2 < t &a@:Cu 8>KŢ9Y48GaJ%#Zikxb-Q15lMU75<(4pV Z@˥hc){cʙ /q̉9CQ4b@bZJڴ&oиpuk-;cR/! 'Zq)B \-_^2WyU۰1Z=ɗO#V(`aPqRm) 6'$-&NP2ٛmG>ol=ҘtŬmaI1}vmT ­FkW>BѰ;䘘9cAWC`V n Ik׮"swxض^#)`$P<<>9'P e)2gN~- ]͎ &p /k#g(Ge\cWeYmq&GL]'nɪ*l!+f:{>+;M̲bÅ Ņ 0F͊ݡʉS j˥[`foMrML_bpn{l5&w|YwuTj#3 B}H:,wȟxFѰnk6򍷷R@8o&9w]\ qwLdȖQ}^6o6P-p-{հVǘc\pOpH!61c]/~iq ,~J_fqE:\Jڝƻ, Tl.kPYOD,x?%(X[Pv밠~^cHd@d=lsͷ]_Yy80&";j`QX8+k.51U#lj0" K65HL|Θ,'$+#g'oG;WE]`c4anNyBg"˷2qld6gP/=$zF=kqh;.i^TvOjڶ/+[9#C}-Y^vDw37k`e(RJU Ω@%tA_q@%,J! Y .͛:2X[}GJ`}У_벜c Fd`?\NhH]ƈwN-fJrz?>(X]Pl0J;P#uGD=+>#AV&q~[ דYl՚s2 C}ڰC3cKgFHq8f%  sSV TKnSY΅$dN gE5'eN![\ܼ7ԟAY\uOi|Ҍ<̈́7Dr)iys*;f:®544Uue[8Wgbb!U !flw=bc(EG2 ɾdcfbz&>.ө3<mUoMHUu@ώG6sR!o r;PH+jnM\MM2}*i28BqBFwdpv~h-9T[Uwl CX$Y}w4mcI.wH ;@$P% }l|R\oƅ[-rj_j[k\,| k ;rg!ߥs4z\q E' p M%b\JSpv 1Ud*V$ #:Y&ٿt0Ajn0WS QGTpp) xT78vdz\?d#MŮXs3u0NM_ztK#so>X? BK_F 촺"*r(*w>bu@$[)l†5MU )}݌ɲMN4U@YU"&%s\(k CԶ-$#3EaЪM|` 'Vz@b4TWbˮZ{U@5:<[+T.%Q\!ܳOi a.B`ÍR,< rl1-1WiݗoR6߬i67?kDeq^r;&X-q!h3+~w/( 7[<ipZl*Db/ے `K.閱e@!C[.: cOl/)B9_$;AFڥdꪗm@\_P߳fbB}Q[~)`W0nm%>oėq9Wiu+{ߪC2}C3uQGF!LWY1U{hP}2V7r.R eN[ik .(؋{w/D 5h3XY5u~î 5tIİ.yB G(|( ΎY/GH%eU\ū@ht"r$ˀ G-dP0{wcsW 32=/(Bz}?3#m%65D{XY50,Rī#e1fE6d\χjQ6 R6c%^:ĸ*4*:HU¨PC}1<zk2Y{EҸ!6p"g?⾆1.g;FHJ+kքږ:N]+ JwgrZH6&nu E.Jmus2P#Fu֙ 2p{1~Õezm{}Ѳz(tw#/Ox9H>Z Lp %Nt홞{~5j=5y/Ap/'?#Z--Zv!p 7K3= ^?9Ua<+&vr_ym@yd`؛ G$msHꯋCPf⓴`Þb - ym%op ][ 0ICCŁt5m6/{ze 3n3w ɯvWnI "Q2֩֡xsmꬌ4ulN5aA?D8<U Tuq߫:DRu߿ A,+ qu姇93Y~T(%#m'im1]ڌF"Dx1-=Tm2f%S!OLelqgNZl8uDȉ߱Um۸HO@[]~Å*VWӭҶ]w/!d c(;s!vr!o֌ :@ZLКY"צGh8蟑vԧy;qx[K1mDI˲\nO#7vI<:uUWf7}Cѡ蟭)LOp']VJy|/@eǞ@k2ξ R963"QEM:8U2e=g =īmuJBHEC{97`VڢU n$؃UH1Ȣ  YZ