nss-util-3.90.0-3.el8 >  H    ĉd U]`-2paNU4ShEu,[Qg͙[VLQ!Zv؏ <&+XK;{ 3]s{4 j)V;By #dV;#7%S4 0N/`mc~v@Yved_& p,t6qJISd>O?T! "?{Ec2w72nAG לֵUJ`$ًRt4^ܼ"5~Ns#!pC{#eK{T#3#ɉ8Rv-Ss^, [f*,] ?pHx 0V DnU37e_7솕9&M#d{D Xf!71L?.9 +Jٸ6Y>t ߩ "ˁ >V jK~uTB~I!4i0ab^'WVf40JɒԧGuHtZݙȔH \x}~.PԼ]?(7fAl?9:* 4fvawYpz"s ],$[6qjI0or>a2`Ie .ہzݨ7Y bvU 'b"aVG]|~2(LIQtObqFgVLdCՒWp =mW, lQF+)-oiMXCsޥclC1jR')=ȵvv O)*XL S_?krX>`<? d   D  8 D P h  0NldV(89l:^G(H@IXX`Y\]^Pbdeflt8uPvhw x$y< Cnss-util3.90.03.el8Network Security Services Utilities LibraryUtilities for Network Security Services and the Softoken moduled:x86-02.stream.rdu2.redhat.comnTCentOSCentOSMPLv2.0builder@centos.orgUnspecifiedhttp://www.mozilla.org/projects/security/pki/nss/linuxx86_64$'FAAA큤d:d:d:dd:d|N271172f16ff320d42fb090941c97a08482817c9573dad07d558758a29d7ebf2fa20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4../../../../usr/lib64/libnssutil3.sorootrootrootrootrootrootrootrootrootrootrootrootnss-3.90.0-3.el8.src.rpmlibnssutil3.so()(64bit)libnssutil3.so(NSSUTIL_3.12)(64bit)libnssutil3.so(NSSUTIL_3.12.3)(64bit)libnssutil3.so(NSSUTIL_3.12.5)(64bit)libnssutil3.so(NSSUTIL_3.12.7)(64bit)libnssutil3.so(NSSUTIL_3.13)(64bit)libnssutil3.so(NSSUTIL_3.14)(64bit)libnssutil3.so(NSSUTIL_3.15)(64bit)libnssutil3.so(NSSUTIL_3.17.1)(64bit)libnssutil3.so(NSSUTIL_3.21)(64bit)libnssutil3.so(NSSUTIL_3.24)(64bit)libnssutil3.so(NSSUTIL_3.25)(64bit)libnssutil3.so(NSSUTIL_3.31)(64bit)libnssutil3.so(NSSUTIL_3.33)(64bit)libnssutil3.so(NSSUTIL_3.38)(64bit)libnssutil3.so(NSSUTIL_3.39)(64bit)libnssutil3.so(NSSUTIL_3.59)(64bit)libnssutil3.so(NSSUTIL_3.82)(64bit)libnssutil3.so(NSSUTIL_3.90)(64bit)nss-utilnss-util(x86-64)@@@@@@@@@@@@     @libc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libdl.so.2()(64bit)libnspr4.so()(64bit)libplc4.so()(64bit)libplds4.so()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2.5)(64bit)nsprrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)4.35.0-13.0.4-14.6.0-14.0-15.2-14.14.3d˖d\@d\@dxb@b@bγby@bba@blbbb@a@@`E`ݮ@` @`ٹ`̊`9@`Ȗ@`D`r_@_^@___@__"@_"@_"@_!d_@_ L_ _@^^@@^@^ۅ@^4]N@]]߶]e@]M@]µ]L]]^@\F@\Q\\\\\\@\I\I\U@\ `\l@[[[u[#@[[W[O+[M@[ZZw@Z|;Zo Zo Zg#Z ZZZ@Y+@Y{YY@Yn@YV@Y@YyYm@Yg`YJ_Y1S@XX@XX @XXYX@X@XX~@Xx@XoX>@X*X@WW@Wt@W~Wv[@WrfWoWm WbWQq@WPWJWDB@W4p@W@Wo@W@VV޾V޾V@VяVIVɦV@V@V=@V@V@VO @VHsVEV3[V UYU@UU@U@U>Ua@Ug@U[%UUU @T@Ts@TTء@T@TÉ@TT@T@T?@T:m@T"@S@S<@S@S@S @SSSSpShS(5@S@SRy@RJ@R@RR@RSRR@Rm@Rg@RD!R@RRR|Q@Q*@QQ@QKQ@QQW@Qw@Q]k@QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.90.0-3Bob Relyea - 3.90.0-2Bob Relyea - 3.90.0-1Bob Relyea - 3.79.0-11Bob Relyea - 3.79.0-10Bob Relyea - 3.79.0-9Bob Relyea - 3.79.0-8Bob Relyea - 3.79.0-7Bob Relyea - 3.79.0-6Bob Relyea - 3.79.0-5Bob Relyea - 3.79.0-4Bob Relyea - 3.79.0-3Bob Relyea - 3.79.0-2Bob Relyea - 3.79.0-1Bob Relyea - 3.67.0-7Bob Relyea - 3.67.0-6Bob Relyea - 3.67.0-5Bob Relyea - 3.67.0-4Bob Relyea - 3.67.0-3Bob Relyea - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1.1Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-17Bob Relyea - 3.53.1-16Bob Relyea - 3.53.1-15Bob Relyea - 3.53.1-14Bob Relyea - 3.53.1-13Bob Relyea - 3.53.1-12Bob Relyea - 3.53.1-11Bob Relyea - 3.53.1-10Daiki Ueno - 3.53.1-9Daiki Ueno - 3.53.1-8Bob Relyea - 3.53.1-7Daiki Ueno - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Daiki Ueno - 3.53.0-1Bob Relyea - 3.44.0-15Bob Relyea - 3.44.0-14Bob Relyea - 3.44.0-13Daiki Ueno - 3.44.0-12Bob Relyea - 3.44.0-11Daiki Ueno - 3.44.0-10Bob Relyea - 3.44.0-9Bob Relyea - 3.44.0-8Daiki Ueno - 3.44.0-7Daiki Ueno - 3.44.0-6Daiki Ueno - 3.44.0-5Bob Relyea - 3.44.0-4.1Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Bob Relyea - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.41.0-5Bob Relyea - 3.41.0-4Daiki Ueno - 3.41.0-3Daiki Ueno - 3.41.0-2Daiki Ueno - 3.41.0-1Daiki Ueno - 3.39.0-1.5Bob Relyea - 3.39.0-1.4Daiki Ueno - 3.39.0-1.3Daiki Ueno - 3.39.0-1.2Daiki Ueno - 3.39.0-1.1Daiki Ueno - 3.39.0-1.0Daiki Ueno - 3.38.0-1.2Daiki Ueno - 3.38.0-1.1Daiki Ueno - 3.38.0-1.0Kai Engert - 3.36.1-1.2Daiki Ueno - 3.36.1-1.1Daiki Ueno - 3.36.1-1.0Daiki Ueno - 3.36.0-1.0Fedora Release Engineering - 3.35.0-5Kai Engert - 3.35.0-4Kai Engert - 3.35.0-3Daiki Ueno - 3.35.0-2Daiki Ueno - 3.34.0-2Daiki Ueno - 3.33.0-6Kai Engert - 3.33.0-5Kai Engert - 3.33.0-4Kai Engert - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.32.1-2Daiki Ueno - 3.32.0-4Kai Engert - 3.32.0-3Daiki Ueno - 3.32.0-2Fedora Release Engineering - 3.31.0-6Fedora Release Engineering - 3.31.0-5Daiki Ueno - 3.31.0-4Daiki Ueno - 3.31.0-3Daiki Ueno - 3.31.0-2Daiki Ueno - 3.30.2-3Daiki Ueno - 3.30.2-2Kai Engert - 3.30.0-3Daiki Ueno - 3.30.0-2Kai Engert - 3.29.1-3Daiki Ueno - 3.29.1-2Daiki Ueno - 3.29.0-3Daiki Ueno - 3.29.0-2Daiki Ueno - 3.28.1-6Daiki Ueno - 3.28.1-5Daiki Ueno - 3.28.1-4Daiki Ueno - 3.28.1-3Daiki Ueno - 3.28.1-2Daiki Ueno - 3.27.2-2Daiki Ueno - 3.27.0-5Kai Engert - 3.27.0-4Daiki Ueno - 3.27.0-3Daiki Ueno - 3.27.0-2Daiki Ueno - 3.26.0-2Elio Maldonado - 3.25.0-6Elio Maldonado - 3.25.0-5Elio Maldonado - 3.25.0-4Elio Maldonado - 3.25.0-3Elio Maldonado - 3.25.0-2Kamil Dudka - 3.24.0-3Elio Maldonado - 3.24.0-2.3Elio Maldonado - 3.24.0-2.2Elio Maldonado - 3.24.0-2.1Elio Maldonado - 3.24.0-2.0Elio Maldonado - 3.23.0-9Elio Maldonado - 3.23.0-8Elio Maldonado - 3.23.0-7Elio Maldonado - 3.23.0-6Elio Maldonado - 3.23.0-5Elio Maldonado - 3.23.0-4Elio Maldonado - 3.23.0-3Elio Maldonado - 3.23.0-2Elio Maldonado - 3.22.2-2Elio Maldonado - 3.22.1-3Elio Maldonado - 3.22.1-1Elio Maldonado - 3.22.0-3Elio Maldonado - 3.22.0-2Fedora Release Engineering - 3.21.0-7Elio Maldonado - 3.21.0-6Michal Toman - 3.21.0-5Elio Maldonado - 3.21.0-4Elio Maldonado - 3.21.0-3Elio Maldonado Batiz - 3.21.1-2Elio Maldonado - 3.20.1-2Elio Maldonado - 3.20.0-6Elio Maldonado - 3.20.0-5Elio Maldonado - 3.20.0-4Elio Maldonado - 3.20.0-3Elio Maldonado - 3.20.0-2Elio Maldonado - 3.19.3-2Elio Maldonado - 3.19.2-3Kai Engert - 3.19.2-2Kai Engert - 3.19.1-2Kai Engert - 3.19.0-2Kai Engert - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.17.4-5Till Maas - 3.17.4-4Elio Maldonado - 3.17.4-3Elio Maldonado - 3.17.4-2Elio Maldonado - 3.17.4-1Ville Skyttä - 3.17.3-4Elio Maldonado - 3.17.3-3Elio Maldonado - 3.17.3-2Elio Maldonado - 3.17.3-1Elio Maldonado - 3.17.2-2Elio Maldonado - 3.17.2-1Kai Engert - 3.17.1-1Kevin Fenzi - 3.17.0-2Elio Maldonado - 3.17.0-1Fedora Release Engineering - 3.16.2-4Elio Maldonado - 3.16.2-3Tom Callaway - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.16.1-4Fedora Release Engineering - 3.16.1-3Jaromir Capik - 3.16.1-2Elio Maldonado - 3.16.1-1Elio Maldonado - 3.16.0-1Elio Maldonado - 3.15.5-2Elio Maldonado - 3.15.5-1Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Peter Robinson 3.15.4-2Elio Maldonado - 3.15.4-1Elio Maldonado - 3.15.3.1-1Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-7Elio Maldonado - 3.15.1-6Elio Maldonado - 3.15.1-5Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-1Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.15-0.1.beta1.2Elio Maldonado - 3.15-0.1.beta1.1Kai Engert - 3.14.3-12Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- add indicators for pbkdf2 - add camellia to pkcs12 doc files - fix ems policy bug - disable ech- fix the change log- rebase to NSS 3.90- Fix CVE-2023-0767- Fix QA found failures: - remove extra '+' from sslpolicy.txt file causing test error values - only use GRND_RANDOM if the kernel is in FIPS mode.- FIPS 140-3 changes- Update fips default for pk12util to AES rather than TDES - Fix bug in pkcs12 files with null passwords- Better fix for test regressions- fix nss.spec so it works in a rhel-8.1.0 buildroot- FIPS 140-3 changes - Reject Small RSA keys, 1024 bit keys are marked as FIP OK when verifying, reject signature keys by policy - Allow applications to retrigger selftests on demand.- Fix pkgconfig output- NSR Coverity fix changed selfserv from passive to active, change it back- Fix regressions found in test suites.- Rebase to NSS 3.79 - Set FIPS Module ID - skip attribute verification on attributes with default values - don't export trust objects if they are default trust objects from dbm - add dbtool to nss-tools- Fix CVE 2021 43527- Fix ssl alert issue- Fix issue with reading databases that were updated using unpatched versions of nss- Better fix for the sdb timeout. The issue wasn't a race, it was the sqlite timeout waiting to begin a transaction under heavy thread usage.- Fix sdb race condition- Fix coverity issues- Rebase to NSS 3.67- Restore old pkcs12 defaults.- build nss for older nspr so we can pass gating with the new nspr in the build root- Rebase to NSS 3.66- Fix various corner cases with ike v1 app b support.- Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC.- Revert some policy changes the generate ABI runtime issues.- Add support for enable/disable in policy. Now if your policy file has disallow=x enable=y it will act just like our other libraries.- Add OAEP interface so applications can wrap keys with RSA-OAEP rather than RSA-PKCS-1.- fips need to reject small primes even if they are approved - code to autodetect whether or not to use the cache needs to do so in a way that doesn't mess with filesystem negative file caching. - add kdf selftests- Fix issue with upgradedb where upgradedb expects standard to generate dbm databases, not sql databases (default in RHEL8)- Disable dh timing test because it's unreliable on s390- Explicitly enable upgradedb/sharedb test cycles- Disable Delegated Credentials for TLS- Fix attribute decryption issue where the private key components integrity check on private attributes where not being checked.- Update nss-rsa-pkcs1-sigalgs.patch to the upstream version- Include required checks for dh and ecdh key generation in FIPS mode.- Add better checks for dh derive operations in FIPS mode.- Disable NSS_HASH_ALG_SUPPORT as well for MD5 (#1849938) - Adjust for update-crypto-policies packaging change (#1848649) - Fix compilation with -Werror=strict-prototypes (#1843417)- Fix regression in MD5 disablement (#1849938) - Include rsa_pkcs1_* in signature_algorithms extension (#1847945)- Update to NSS 3.53.1- Update to NSS 3.53- Fix swapped CMAC PKCS #11 values. - Fix data alignment crash in CMAC.- Fix coverify scan issue- Fix endian problem in SP-800 108 code.- Install cmac.h required by blapi.h (#1764513) - Fix out-of-bounds write in NSC_EncryptUpdate (#1775913)- Add SP-800 108 Generalized kdf- Check policy against hash algorithms used for ServerKeyExchange (#1730039)- Add CMAC- CKM_NSS_IKE1_APP_B_PRF_DERIVE was missing from the mechanism list, preventing PK11_Derive*() from using it. Add gtests for the PK11_Derive interface for all the CKM_NSS_IKE*_DERIVE mechanism.- Backport fixes from 3.44.1- Add continuous RNG test required by FIPS - fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor specific mechanism- Rebuild with the correct build target- rebuild to try to retrigger CI tests- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set - Revert the change to use XDG basedirs (mozilla#818686)- Add ike mechanisms in softokn - Add FIPS checks in softoken- Update to NSS 3.44 - Define NSS_SEED_ONLY_DEV_URANDOM=1 to exclusively use getentropy - Use %autosetup - Clean up manual pages generation - Clean up %check - Remove prelink dependency, which is not available in RHEL-8 - Remove upstreamed patches- Update manual pages to reflect recent changes in commands- Make sure corresponding public keys are created when importing private keys.- Fix the last change - Add --no-reload option to update-crypto-policies to avoid unnecessary restart of daemons- Restore LDFLAGS injection when linking DSO- Update to NSS 3.41 - Consolidate nss-util, nss-softokn, and nss into a single source package- Fix the last commit- Support for IKE/IPsec typical PKIX usage so libreswan can use nss without rejecting certs based on EKU- Backport upstream fixes for rhbz#1649026, rhbz#1608895, rhbz#1644854 - Document PKCS #11 URI - Add warning when adding module with modutil while p11-kit is enabled- Update nss-dsa.patch to not advertise DSA signature algorithm - Update PayPal test certs for testing- Backport "DSA" keyword in crypto-policies- Update to NSS 3.39- Fix LDFLAGS injection when linking DSO- Install crypto-policies configuration file for https://fedoraproject.org/wiki/Changes/NSSLoadP11KitModules - Port enable-fips-when-system-is-in-fips-mode.patch from RHEL-7 - Use %ldconfig_scriptlets - Remove needless use of %defattr, by Jason Tibbitts- Update to NSS 3.38- Backport upstream addition of nss-policy-check utility, rhbz#1428746, includes required fixes for mozbz#1296263 and mozbz#1474875- Switch the default DB type to SQL - Enable SSLKEYLOGFILE- Update to NSS 3.36.1 - Remove nss-3.14.0.0-disble-ocsp-test.patch - Fix partial injection of LDFLAGS - Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream- Update to NSS 3.36.0 - Add gcc-c++ to BuildRequires (C++ is needed for gtests) - Make test failure detection robuster- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Fix a compiler error with gcc 8, mozbz#1434070 - Set NSS_FORCE_FIPS=1 at %build time, and remove from %check.- Stop pulling in nss-pem automatically, packages that need it should depend on it, rhbz#1539401- Update to NSS 3.35.0- Update to NSS 3.34.0- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka- Fix test script- Update tests to be compatible with default NSS DB changed to sql (the default was changed in the nss-util package).- rhbz#1505487, backport upstream fixes required for rhbz#1496560- Update to NSS 3.33.0- Update to NSS 3.32.1- Update iquote.patch to really prefer in-tree headers over system headers- NSS libnssckbi.so has already been obsoleted by p11-kit-trust, rhbz#1484449- Update to NSS 3.32.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- Backport mozbz#1381784 to avoid deadlock in dnf- Move signtool to %_libdir/nss/unsupported-tools, for: https://fedoraproject.org/wiki/Changes/NSSSigntoolDeprecation- Rebase to NSS 3.31.0- Enable gtests- Rebase to NSS 3.30.2 - Enable TLS 1.3- Backport upstream mozbz#1328318 to support crypto policy FUTURE.- Rebase to NSS 3.30.0 - Remove upstreamed patches- Backport mozbz#1334976 and mozbz#1336487.- Rebase to NSS 3.29.1- Disable TLS 1.3, following the upstream change- Rebase to NSS 3.29.0 - Suppress -Werror=int-in-bool-context warnings with GCC7- Work around pkgconfig -> pkgconf transition issue (releng#6597)- Disable TLS 1.3 - Add "Conflicts" with packages using older Mozilla codebase, which is not compatible with NSS 3.28.1 - Remove NSS_ECC_MORE_THAN_SUITE_B setting, as it was removed in upstream- Add "Conflicts" with older firefox packages which don't have support for smaller curves added in NSS 3.28.1- Fix incorrect version specification in %nss_{util,softokn}_version, pointed by Elio Maldonado- Rebase to NSS 3.28.1 - Remove upstreamed patch for disabling RSA-PSS - Re-enable TLS 1.3- Rebase to NSS 3.27.2- Revert the previous fix for RSA-PSS and use the upstream fix instead- Disable the use of RSA-PSS with SSL/TLS. #1383809- Disable TLS 1.3 for now, to avoid reported regression with TLS to version intolerant servers- Rebase to NSS 3.27.0 - Remove upstreamed ectest patch- Rebase to NSS 3.26.0 - Update check policy file patch to better match what was upstreamed - Remove conditionally ignore system policy patch as it has been upstreamed - Skip ectest as well as ecperf, which are built as part of nss-softokn - Fix rpmlint error regarding %define usage- Incorporate some changes requested in upstream review and commited upstream (#1157720)- Add support for conditionally ignoring the system policy (#1157720) - Remove unneeded test scripts patches in order to run more tests - Remove unneeded test data modifications from the spec file- Remove obsolete patch and spurious lines from the spec file (#1347336)- Cleanup spec file and patches and add references to bugs filed upstream- Rebase to nss 3.25- decouple nss-pem from the nss package (#1347336)- Apply the patch that was last introduced - Renumber and reorder some of the patches - Resolves: Bug 1342158- Allow application requests to disable SSL v2 to succeed - Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails- Rebase to NSS 3.24.0 - Restore setting the policy file location - Make ssl tests scripts aware of policy - Ajust tests data expected result for policy- Bootstrap build to rebase to NSS 3.24.0 - Temporarily not setting the policy file location- Change POLICY_FILE to "nss.config"- Change POLICY_FILE to "nss.cfg"- Change the POLICY_PATH to "/etc/crypto-policies/back-ends" - Regenerate the check policy patch with hg to provide more context- Fix typo in the last %changelog entry- Load policy file if /etc/pki/nssdb/policy.cfg exists - Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy- Remove unused patch rendered obsolete by pem update- Update pem sources to latest from nss-pem upstream - Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key- Rebase to NSS 3.23- Rebase to NSS 3.22.2- Fix ssl2/exp test disabling to run all the required tests- Rebase to NSS 3.22.1- Update .gitignore as part of updating to nss 3.22- Update to NSS 3.22- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Resolves: Bug 1299040 - Enable ssl_gtests upstream test suite - Remove 'export NSS_DISABLE_GTESTS=1' go ssl_gtests are built - Use %define when specifying the nss_tests to run- Add 64-bit MIPS to multilib arches- Update %{nss_util_version} and %{nss_softokn_version} to 3.21.0 - Resolves: Bug 1284095 - all https fails with sec_error_no_token- Add references to bugs filed upstream- Update to NSS 3.21 - Package listsuites as part of the unsupported tools set - Resolves: Bug 1279912 - nss-3.21 is available - Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit - Resolves: Bug 1280032 - Package listsuites as part of the nss unsupported tools set- Update to NSS 3.20.1- Enable ECC cipher-suites by default [hrbz#1185708] - Split the enabling patch in two for easier maintenance - Remove unused patches rendered obsolete by prior rebase- Enable ECC cipher-suites by default [hrbz#1185708] - Implement corrections requested in code review- Enable ECC cipher-suites by default [hrbz#1185708]- Fix patches that disable ssl2 and export cipher suites support - Fix libssl patch that disable ssl2 & export cipher suites to not disable RSA_WITH_NULL ciphers - Fix syntax errors in patch to skip ssl2 and export cipher suite tests - Turn ssl2 off by default in the tstclnt tool - Disable ssl stress tests containing TLS RC4 128 with MD5- Update to NSS 3.20- Update to NSS 3.19.3- Create on the fly versions of sslcov.txt and sslstress.txt that disable tests for SSL2 and EXPORT ciphers- Update to NSS 3.19.2- Update to NSS 3.19.1- Update to NSS 3.19- Replace expired test certificates, upstream bug 1151037- Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available- Disable export suites and SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code- Commented out the export NSS_NO_SSL2=1 line to not disable ssl2 - Backing out from disabling ssl2 until the patches are fixed- Disable SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Update to nss-3.17.4- Own the %{_datadir}/doc/nss-tools dir- Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic- Install pp man page in alternative location - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer- Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available- Resolves: Bug 994599 - Enable TLS 1.2 by default- Update to nss-3.17.2- Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work- Rebuild for rpm bug 1131960- Update to nss-3.17.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Replace expired PayPal test cert with current one to prevent build failure- fix license handling- Update to nss-3.16.2- Remove unwanted source directories at end of %prep so it truly does it - Skip the cipher suite already run as part of the nss-softokn build- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Replacing ppc64 and ppc64le with the power64 macro - Related: Bug 1052545 - Trivial change for ppc64le in nss spec- Update to nss-3.16.1 - Update the iquote patch on account of the rebase - Improve error detection in the %section - Resolves: Bug 1094702 - nss-3.16.1 is available- Update to nss-3.16.0 - Cleanup the copying of the tools man pages - Update the iquote.patch on account of the rebase- Restore requiring nss_softokn_version >= 3.15.5- Update to nss-3.15.5 - Temporarily requiring only nss_softokn_version >= 3.15.4 - Fix location of sharedb files and their manpages - Move cert9.db, key4.db, and pkcs11.txt to the main package - Move nss-sysinit manpages tar archives to the main package - Resolves: Bug 1066877 - nss-3.15.5 is available - Resolves: Bug 1067091 - Move sharedb files to the %files section- Revert previous change that moved some sysinit manpages - Restore nss-sysinit manpages tar archives to %files sysinit - Removing spurious wildcard entry was the only change needed- Add explanatory comments for iquote.patch as was done on f20- Update pem sources to latest from nss-pem upstream - Pick up pem fixes verified on RHEL and applied upstream - Fix a problem where same files in two rpms created rpm conflict - Move some nss-sysinit manpages tar archives to the %files the - All man pages are listed by name so there shouldn't be wildcard inclusion - Add support for ppc64le, Resolves: Bug 1052545- ARM tests pass so remove ARM conditional- Update to nss-3.15.4 (hg tag NSS_3_15_4_RTM) - Resolves: Bug 1049229 - nss-3.15.4 is available - Update pem sources to latest from the interim upstream for pem - Remove no longer needed patches - Update pem/rsawrapr.c patch on account of upstream changes to freebl/softoken - Update iquote.patch on account of upstream changes- Update to nss-3.15.3.1 (hg tag NSS_3_15_3_1_RTM) - Resolves: Bug 1040282 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) - Resolves: Bug 1040192 - nss-3.15.3.1 is available- Bump the release tag- Update to NSS_3_15_3_RTM - Resolves: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws - Fix option descriptions for setup-nsssysinit manpage - Fix man page of nss-sysinit wrong path and other flaws - Document email option for certutil manpage - Remove unused patches- Revert one change from last commit to preserve full nss pluggable ecc supprt [1019245]- Use the full sources from upstream - Bug 1019245 - ECDHE in openssl available -> NSS needs too for Firefox/Thunderbird- Update to NSS_3_15_2_RTM - Update iquote.patch on account of modified prototype on cert.h installed by nss-devel- Update pem sources to pick up a patch applied upstream which a faulty merge had missed - The pem module should not require unique file basenames- Update pem sources to the latest from interim upstream- Resolves: rhbz#996639 - Minor bugs in nss man pages - Fix some typos and improve description and see also sections- Cleanup spec file to address most rpmlint errors and warnings - Using double percent symbols to fix macro-in-comment warnings - Ignore unversioned-explicit-provides nss-system-init per spec comments - Ignore invalid-url Source0 as it comes from the git lookaside cache - Ignore invalid-url Source12 as it comes from the git lookaside cache- Add man page for pkcs11.txt configuration file and cert and key databases - Resolves: rhbz#985114 - Provide man pages for the nss configuration files- Fix errors in the man pages - Resolves: rhbz#984106 - Add missing option descriptions to man pages for {cert|cms|crl}util - Resolves: rhbz#982856 - Fix path to script in man page for nss-sysinit- Update to NSS_3_15_1_RTM - Enable the iquote.patch to access newly introduced types- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Fix incorrect path that hid failed test from view - Add ocsp to the test suites to run but ... - Temporarily disable the ocsp stapling tests - Do not treat failed attempts at ssl pkcs11 bypass as fatal errors- Update to NSS_3_15_BETA1 - Update spec file, patches, and helper scripts on account of a shallower source tree- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build3.90.0-3.el83.90.0-3.el8.build-id4b196e25b7edb912d263b36bb8752027623afa3dlibnssutil3.sonss-utilCOPYING/usr/lib//usr/lib/.build-id//usr/lib/.build-id/4b//usr/lib64//usr/share/licenses//usr/share/licenses/nss-util/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpioxz2x86_64-redhat-linux-gnudirectoryELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=4b196e25b7edb912d263b36bb8752027623afa3d, strippedASCII text PPPPPPPPP P P P P PPPPPPR RRRRRRR RR RRRutf-89dbf5d1573f0b9d2016332b6ba6def98c174c56d8ee04456bb40cf49f8ac01ff?@7zXZ !#,] b2u jӫ`(y/=enua.FJ'GL:pZ [A߳x# 9 +9n^civ%V%Ѽ 5RJ`QF4K/ t'J] xIu8rHxSDNo/H`D{k>4Ar^IHݕ#H Ϥ+=P.e ֚: Y^($ZKvdѲ! uL>f+Dؤw!R'$Ylڇ qgՀ}KFa 9G~t=id)TH٫ ,QCɝ0?1tkߥI9/LZc_E9w]~ڽ8n1!՚+!l NҜPN du+L>r},^K R7h Dl2F쵒_kS[hPƮW՘]ͥY =ceb)LgZ$#bQ/Yt.OՑ5/ʑ\6MN̖9mw%ᅵ֐-4j B F]=u[2'Ho_gWqt/U5u`bz)><P0xWȃB3<@'D"9R?'S;N3PъP/=$WS2UpzuQm(`1?[bLoNp:69yEֻe^[b-P6~9"(I)VL>>F%B$d-ճ&*֍3L )k<ܴ?ڢq&Ow.s"8,RrKDy_.@zʊq+FS3Dq&2RZ0^"#cpr+ΆS9vwڐW;Ʀ5gM3H'SQ6i+vCa{6|V"#Ѹ'lvI)?ujvBȶ\Z:p{\;u6Ǣža}9=Ţa>h%$z\ͼbV4QR9e/br+FjlQdU utŐ {wJȢPU?Β+"#a!>~ʾK d.N"J]!Rjnru:QJ Ni!Y)wVptDj MwЫӫ@K-C/UJ\̡K'O E޽wy* {љ 6DF58O, [@D\=bˬnkeyqt;} Hvuuy6 a &+uNn쀔,t{H~)y} D'/* ؠ8|_y t*zp_AM=X;yݯ8^/v[)XhM)i ]]#$`}|.̜08Tymo(Y,hb<1i2 TA<m`]8B62<״:`A rQDD=&<%ߘ}-WTρB3zR5%&mEY_p <.}j[U0عQ-5.K5EN=L$N0C8'3#ǃ,,䇧^0Ub\qi6tܒ:Q۠ y[}OlħCJ!<"{bv2C"pgV禶>!xG\S+gׯxR#,٢yƦ"md< ,-HaC1bCtLL )<.7!D E3H'DhT`jW):98'N: }}ZFaasΜE *rXp3" !e#8;{"6dAZ?6SIgv8?D 0TR&д&5 ^LwPo:S ;QC>d%Դ'Ʌf_8EC" U;7;ȔoQ暎df̬RyC%6@҈$nAI1΅(Ԑ{CՁ%5;su|-߱gJ1*+29JQY+ب fG.#B: s=.SVWAF/|wͪONJ1oN)xF'qQůVFe ;neB8 C\i1ŞDỄ`E:|8q lS&&!Ӣm$&uQ jS)f<>U{mwhVfu_G1G[GLMef=4AvBy̏/2<~a)Ju93>JZJDQwR%jQG15n_^sZ,z-&:R=v "WCI!`گ=f2a}#5 iǬY n|^πF8M$lvI)QM]]ByOЮ:jcr"fZ7|tJ1V R8CapF}iVqDk/'$noT}*J[ƽ8S mYnxDǡm6IJ;>/|_Zi,w&A2ĢG遬[V9d}s{%,"'JLJEkH.mq@H7Luw)Q |.{u+vQuFp)d1s?< 'yFEƭcr梻dIcNYQ4_zh[.xD/<$EۄGD8jO+U[Uݲ1DŔ턳Ȋ-XG.3T0.*4H zF~"=|i11y&*NOO#}d1#9ƪ! ӳ_V'3P6,knۜ$\y2Ɂj!! |=b5wLHq,tFB@zLޑ?5R~ǯTWysK9'= {OP+bS+N Bu6K_iʳk6?Ӱ[g\ 4ͅ:>Kr,nDv(jF쳺kr1XYC!Bc"QZCJ_7d7%+PR~MpKX&>0"7~2p,UE/ɱ2t,R;U e %g\,899kH Huy\n(Lw*WFf`l-`p qSaQt7kSKAA*>t - _SdaNp).9{ 2Bw7וM=mlA҅y|VWަ:kɉ%9kOVW^ƌo-'/ܹzEPțu6K>w,QijP D T*v:HpW2@~ 7G'03 +\wjk9T1 wau])2E$d%[>;`x=3j/ך809XDtYMU .7A0a`P|wgk,iPgfpRr8ZI {=0X5o.HsFBd'[TI zks޷7{h -P;`/` !}RJM#BPuĵ%CBQ;;¡z2{'x' %? Sh]ܑ+7f  ^Dqv>%QutyܫHL@EaCIv1vK3 AGݵڎ ف4۞^s]2\0`P z 8nM_~~Kf!փ^]9kl_f:|b/¥ӳEo\PrEZEEމStVu$Q:! K](-Ʊ?O: 2QG`@*BT͈l-Mb Q*a d rex&L({e2u~`:U)"ݯJ4Ê_F !DΦQeQ9y?}+Z8H*Fٳ&(??C8?kM[rt xε۲`c L%\ߧ`Aal+&³Nұs*UAQVHj>40{)Id _a*}vSeus\6Q &c\c u i+4IO'>xJO?PHeP5գZ;|oYU~Lz'j.16ʔ9@!ӤK iNƢ^Ks6KbA^ [#&QSBqm"HhsZקg(%m"ҞYދzh|8O.islmTD]ޠyh>L1UQĹ->)F 4 gv@ҹghm>Ȧd Qt*Vx3uq|m ]Lب%5@  _`2h::[дe`Č]0TweE& @ykΦG\vį]<Ϗ-34NC g_UԺǩU_8CoIy/B%)zBӃr:}D!_s! JС/4|c?UGwQe9t=CؿHozr7k2P#4 ' 4̷hbI;Lst73Tq%q^e'Ws6* eCa, -K0[AnzkSzwew *OӬ cТdCǙ2 Ƭӯ4j胱Z#F>}j-xt\ XQ$V`ùo5UwEp0}y5hmF& Ӓ$Lvo?H+p 甿Eu)&0T˩)v\&L% ~l so8KH 7TFtKo\fw?@"xk4WF)x<'A+>Brs%: L*t>D`F前~&l$EfGtͲ̖!y^bir^Z;^5r Srs_I ƽKȊj eHpXBXȭ1患gf`Q )y`i 87f@709'k`B+4lX&CSfTm30ffISP0B)!l4sGX3] w_MZA qR`&°{.#>" 2r*,b@dsZf @;0йWE2Ox= a3 @8CaLJ`Ql'8rZ~咹7ژ[})2'Kn547b Ju*H  dn(SX%.Y4h ,A6>"B5$%VH!bg>v89fM)AXvv*$i u)`anl~~q=if*[?+J,tܯ}2s SnU)laź܍^".âPhШKw#nEha_K 'j?DG։xZnwZfR,駍V|XQʾ'\)Wc$vfM`,svZkq)22ӌu0-H@D ,@޹9[M L eGbPYVFBAg9 ?%5?3-,=nI&6ߜb#Fz-v0\$2iaxQBr\c|k pwVjr x@<|xQ 8\r[-649[xs{{[msU!|D4X.` %-Q G*C ȣ6̄/bPTvیԨ5Qa,ulr4YJ]Ni_u0tX*p ۰tbn2>{Q -%Z;4XHSfHUxRa~I stez2ɩ*x4܆, P1?Xvo%RLT7P2%"ׄ6j2  }I2^g@l*ԭ* *G,]+Y.XqB39 P6|aהq5SMCi9@i$q?bf9z5nۀjyA*;tTבU׊%@h0X/*WҌ]R˵b%P[Ve OM>Jz_vgƵb W>E%,>}R+誦vgd&;o6֚o~Tp,fDDӒ23;qfy$ϒm.G&fxw:cιm:>*=*&lԵO6?wmM47a1X]A*-&&8O'\Y}YͨN2BuS9כ2`9N係pNmEB4\*.16%3-p Wn/ovJHlFqY&l0^̬e:B;1p(G`gՒ1گ5* R/5cJm|eB#֛xxW-4U-R[X/O\;hF43R-gA#| (~-78Jb&)8Zz\ip*]U2{Bz`Mqέr%5D]3R;}'FDq*1~k0"iV9#ԹFUd*f 0)%iy?)qo%3W::¤($鮭Ժ.薢uOhQ6q=9LjA%n=%h0"mGH{rQ߇15bƇJ1\&iWZCY4YYQм2WmjAlDs뺻?k6>M5rbH>9H‚-)]TGts2}9^2oζBhhv51f-d$E5g4phor -o~+K +E7} )sb'OÔI .k ?C87I}̀ Ǐcd2xRܲmd {[,*.ѧlY߱rLi@; ݱQ}ʓHb/!iB;N bQUe2'By3gX;gZ [iP [!Wxӓݎk͆ŅB> [D.0d:Ė!W͊6:^/z@jCR<$?q*HWQ mIvW AWR2gc"Vq|4~1#+_qAEn)j].ˉlj{6-TtF>ۈj5 ;XH{fdQ́GbK)PMq;aoк.Amk/cr:+^$ļAԫ+9ZY6Z-L k`X~f>dd=a:x# O`'/s]ۆd&T0t>n{&nx;ys4?,Y(ZbBaA96Yfӿ+djB'{IF]J"2>I<8OdIم ]`$7lV<݃XsA[䷴#\p`v Àd/n̶H[]ے?mL+Zx@h5 [fZFg$#xrOQQumSQ춞o<ښ9'S^Zlf~ C]+ǿ7RW@Y{vue?]WK?릥!G8;aC;Wխ)I(8JOCXߋSce)ǃ/vЙ3U2 Ws,e)u`X'-f}E̍/2 '+ň0:'Zp~9Ƅ' \yU-7rz02Lߦɨ1)<6TR\3xk@bH7w8$T]¨uÝ!mn׮dn{ʐ3MT=RWX]*2em -~Ku&J5ޔjySó.5=CنJϒ@fpWv^25i"؁-1?Va/"o,[Wm)1"bAB.jӻ@i ۠9`gk-eZu+K4v'cyO j,I|0.pr;oj.&yH[œ[՘ӌOݔ2\JBDΐw QaV`y+ &W8(5Si"xꩥf5 h]p͌N ,ekߐAF0KBU(bMxl%`Qn |ץAjwT-z9.lT&qrR-Pfgז^nJ QjlQsUC"Tell]ʶ'!l=OAGK`LD!YF+_k:BG,/BwAMrJ1sC2`{C5lsdЋpKEI*BL>KHJ/Èp9F=i3 !ch*+^\&.>xb %6%BbK@Q`9+'y]Nv.m W_#~ݒ"v\pR$?1U!7_T0Y/0:7"}6/,QQMZb'h'\w>LrGR&HP~i58$Iw6+k\61 tmRnR|)]Rc{w}-6bI-䤑 }&%+Q $F{`[ =dQz"-p˯ #"a4c+ߍ ץ*-%\PKR'&M#EM-hns;5yI$'E5 QmK@Aş # hUʜiSy^cMg !^p&  z Zhw1 5P5..t{DED3_G1hC`LoFnA3;2\=ڙBήM)bŻ\S2K87 o()Azpm CXƣ!gk$-J,$۟v{"E%QêEz…~}XCfs4W9t6*ct6cİq>XA"Bjv{O ͍ը*yHNnPuSCsBr#tuCzAD4uՒ( gK1{:0261Dc2cu\ `7 yC16$hWnBեb1c>E)ÝVdoXo(q \Y{o8)jT-SY"ƏnOAتEO),{L`}x4\ %x7 ƀHKD z|nB%yoW:JTqdH+ 1*X R2.PѲrl M;\'uFC/=Bi[ȳS5bo{h#lNU%s)eJ? tlk9KWΕqƃ"qxZkTClt#e7f}Gr[l8'|o3{b2aO˰~=i[at2m*:4Kqjglm" e{g .G1aBZ5+t++5g"xPc԰DF ]Ngs \B坣=Ade~!'D5…V$j.BQc/piMeו :ڝ# vKH]/:PPAaIn^BŰ}PdgA;Y\ wq[* 1B̷O`^1QK3cSk6.z7 ;]'A9caQ -"_ p$֧`k"w0G+Qv;~xFlfa Dku軦_,%:9N*2!pȨ^^m͸WA8Hnc>d;:s ,aabi !p l7C`X8ݩ9To| hHo`WA\!>s"a|-Ջ` |]Y]}H.X}GcM}> M> >A#Zgf5#3_OknS'hc?9LϜDWA|V3ݐ ]{Vap0rcGɸ#Ƀ7[1 ːk#GqЃI*k ݉F@x4%$Sb;6W]^  *<7C)gX}p5jXR}}]$d0ʟw%0}g(x}H|:ԊOV 89pBD+@]HH";" 3܎V,+fEbO[8#Y)!߃D,E*]YsiAI,/YO[6No8{q)QuCxȤz#=Zg] .$]6 0`T;H9ZjTr("sHĕ[VW7S_췧|⮻~U\<;GNr/zi;un7ut{oCNN6oIKȪ+QgSՠ%id$-ج.mek_tR8?=#/P,4rd}Ǔ\JԄcކ.2GLe6X2ZR7J8Z)Q9q_#rs"`W 0;|pd:HPm| NQИr+ i}Zȸӳ,0ՉUq7X}^q? 3qr"|4^NE:(wV\)7dW_b":@ g;A;|X\1,6i^VRk;zSwpm++$uc\jW \$Cp E>Tdz+ė=vXPHb_|(ta6rˁ' d eKX\FDP6-t*KhbVa S*DBK3iG [yo!79É!(qWS]9 WH#ms6#msJ920ꨲ2ѐ{H7uSZ&x0Ɋ\M1uegbZ>vy}a2nؚ!`֓EcTNS2W v!8HiϨ]F6o}UR yR%Kc`k[|h-`k~ff<~;, m;RR00k΢&d X>|_\nudzp~:qvlHxeƧrsbKXnျ]ڡv6xavFrg0=Qt6}4l':ĉ-xܒbY?yQ6\\hs1xŒǽ^Z0 yz7/eE|ڔ3^ ]oqb Tyl[ 3a2!%39Qe0N_in6%u t2?\yt -Kz .w OAŧ' cR=J5{=T5*e_s`vy!EGXm%S7di|\lq7S)ٍB=xO|H@x, 86}@1o9@RU3kovU=Xrk11(ȿ>z&$udPM^ iطr@}F*7Î\mͲ-)bP7Gx^$?Ѽpa ¿3\мŢRV sԘ-^ߔcϨd){a(GM:M~HmAs^NH`Eq_ҡ n}aݺ,`pӝKʳGOɤ ~=7,^4?Hde ro|V"BJΌxc6L^eI"Dy3mYgspb ͱxJ-d@= b LDs60S}gVb,g&gĄ9Pc%NQ7>(6 2C'AJ\Ӓ;7fM𻙻0Xq!|0H}eP53_nJ=FwXaҸς!.&f;h'7Μ'H:ApEJq,q8 _$AEǓOWX:8i~A%tybMa;aSĜI353/#ke*V{6 IZ c`gQ u{[J8 tp,_xGp5a) +x ̛8ػW{Mȁqm4BH׊CoC7qˆ|(t"٩|D=Nb eg5`ύy#1\NL|D==",_zAx3.kJhxP2rZ2wڐ| T'.^q^I6BBk.:H) ;+j׊ßsKLT: Fj٬دQDs#d;Fp-L* ;(+'\E칀.y-]'*˃rB?jPiky,04|*5NIncO 8Y9ꟅGQκu=[p܈*JUŊ!=tg. jɧ*, /+#{l:hayXI\_Jfw\ޯ:,G'ClV=X*Uj({s,QO+FzL*,Eԍ]wJ&Du4'O,$9sPpRZ]OeaXlJKEf \@,<(⒒msȋ*6:pJE9ZW,}sgf1M4$a#^\ XL"!g:sUo¦Y\ippP,m| \CSЇDyQ+״X,l nBCh Qo [,PqYjyO Qv#L Tx 3C`"vڶp,߿9XyImcR7o'QzV\Tqb61xsB`ȟcq"vmG]X[7 M.Fj _;4YHXbN01toDt15Ih5Vㆂiai4xc&w qgo):7IwOCX.f= ts(sY:T]J92&j8PҌ#`ՆJ?΢џQdkM7?9Klz&~5.D"zÜYm%#Ë42vmV 'Q!ژLr6I)Ȥj#Auϴ01cĩ=ՉulT(SjEX֒1FQ_5<p=uU40У4|b#pRyK{ 1&eeDALv\Ӥ D]q 7-leS4Ou-mH^0"6|'ayo[l j ?q VzFooġ?}ڌ5<ܣߒAJ 9k{8 &ΆgpզWX&gEOeֳ${Nje֩ZG#C۞JzelYv5&s˜7ekݗVr)Y-^YЦll @^W6⓵fS8&oSxuK($#kt%vYn:1{ 8 ;m[+끽ڟiM6tWHf1%LIVnޝʜAVP=ߖǫ\o )1& ;Euvnӕ2};Yy`&Co48 X!cY;3~^mF U$7lN@)q&v缌zFnp8|,{ 4Fuub7CTZlŢJn;2 PtatUT߫upi1]F[lOͰ-CCS|B% _wl1/ZC.*y}cá9IW9܎Ik$ b@.pچg(b&^UFzj08 =Svum} !(փ!L@3CbɐTHzzGjOp77A'UZRZ&UAx(;-:̈0u|<`征{=>| 0f||ͿeDMH:Ej/0.f:}TWSaVjڢиe3>4^Pr J, | WQ4jz-m8-XB15WJ0C"1WmWH}'BGPIwm`< ɯXO4ЏE T\htzxYdW;%iK]V9ĕ_LWXIoii n+$A}'XqCu6p=H|B98uE%[6v^ y0M?;.˘5֬wއoژ׬X0I♍:.~'3dО]3=H^sCcu&1Jae)螒4ZU`K*{,R';a~oBu_y&vnWJI oxJv/ǂ+)>QT2yghC:b΋8;0Nwφºc7ur#I\0@5uJMvٺ&mG 2z(ppXV5ɼ@O{m<'6t"#m󨐔Hp?3 d~>aϐ^~f)&H~,}/ ޾`uv3_+b/d<< &QaMhu0^Qh>Y&m7`aXGtWdUwKPi!ELZ@d2 ] mv"[""N1[rt֢:T&)^/XG)d~m@\{h]|i&oZd7Xx?na t4N#KPHKU_+hƖdo?sUTV OIofϽ@w jCS6L"[k,VYEkzI=^;l9ݫe|u8X4ÏXn\{bZ\?~#i9'5߁óxtVz!,} [f toj *~5wuw-(_\vM_jx8Bz\P!BtNyj,WFE O8z|QJG}NXDEsoBJ@C}Gs)-zڹ_6De` {kj캭ы.M }k1q偳q40>ceh҃MK>l{dH"P0?ϴsN "77D~BPPۺJI f I9.hbG]\GY)I?3Қm8!F呓xsTo%PhRA8 LW>t?N+BhwNQ ]=9VyLLd֥>xGHMSaMH䕴1gu#8#&pj0nL)`Nit g ҟaZM_Q"^J"ׯ'C}Q+ aEDKBf^Wx&1Ni"ġ)XgHڣn9bӷ9+ 6Y_ȪDl(dJd97n#JEV.:K-LӬ/#./L2  ՚=yI~2<%u2",T eeu]3Z5?8Opטcbun_Dg[Wqz3Ds#OO!UvKpI4|]dec-\i{O3}"+@AxupaksUb3=*jt.' zNL wfڎYM~S u[r8˴L2VjG8ᣤ@)q53WɈ}f`Ьō#0~kD"t?ؕlmlHZ Z4u} mG{ۨ&]( |:a u+#2$dGk~o;P8p6^xz%&>BHC܏͞0ٿȃߪ3h!MAA|<"2ԛ_Ԑ^ñz_oW.FPa "B×V83h'ģp3v;eK@pQ B5]IVc9X;*͉SiW`2ǖIHSX-03 #Z6Y}wh ,V4eN\ ][̴VeώڌCˌ-D%cXʛo⩆CEgl -N@G-f_8}}Rllh}%mm:mtlssC"a-:*xvJ(#]B2!51hZN׼5>>wɰWt 0!D=nvOK15ܶ{> ܏b5 a\.\N-^'\ˆh}8\e:w<_KGK,nOE,boi֯Ha~ -ݛ`l/1H|$ylGB4iV@,mtڈ\WX%_ѼdjJm{%cfy,v $I -ه:TeR޳͟a㶟F0&V޺8T~€/h=tMI&8Jt| B:fmGJ^ǥ1nmL**zg8 Ծȫ[6`ˮ=o!M ҦeD9[E`^hw濺_du|p,!Ug4x"Ƚ?;{وṮ屶ݣ+96M8QJ#lQM@~"rsNOIóeҢ9ĸaZ&t1gBH/iL/LOrdig%KrRs5?~D&y SZ' eH x胗!bv9z1h$3ԐR}={E"b%-lܻq ̀Sk"L{;CIr*R:|Jhbk1l\Toy 4, ";Gl],g=ρ%c&O,(9XDDOVEHn-LnvrS*|m:C߂sOnѳ+3k?=hD.p_>J)*#T+8u//q?K=pXS@V{6b@U9+Uڿ  Ĭ!=lXD ` LZkIDއ zr2" uo ꈢȂɴjYWfC2H@dj e>=nß8  rI2J|!.sz*k5 ң|X_D=zM-1VB |+ַz [‚)BдhCNA;ݙ7Hsae,Vm;wN:U+a` )'ļV`%ͿEz#DM_< #<\gwr~LR7Z@yM:5o}Z(dD5Y]ז5C[i͐/&? g(Y[s/kKGY $W`utWC-? /!IPFwMID/ ?2b"Y;}۪^N̝͘I`SgG):2JIncّ-],t Z;PlM()!JY8M+65@=87>jkS#"9GofHb3ށ= 8*[5#jmze=*vL"M4v.;? avE^lڣTv^AK[LW$FF'9R?XG1*"lc=HmwpԋR5G'3_ob i0X_q(nuR< +'Y\b0=̙Gf, :g>f 4=( ]^ϧ |@vho=Kx竀'hF`O=y#lx/~h %s/&%PxfMފ@%.o#!l c=07aYu,z"a'UG@XN?ۼ\*͊`HW-Vg͹2lxH@6._Gǀ'Jx>⬗FlX OⰆpX4Hϑv7%|.P_HlVfxje{oGbC"/8(/8L[;Ip 7Mɹ<^Z"B_L_F+[6_7޲H .g٣ (fn֫xȴMo ˿W$v#b5;F{U-?6,^t[I7&ďO '呲e9I$Ȫ!H hB̉ger\Hw#1[?9|# u-ޘ@ݑȻ)ä-ݼDmvpH6?L=g\ wB>Zj"4Yh?I(lpm{mvF'&2ApRB)\yOXR=8q0æp'T5CYpGBA& 5nمh B}"c^>otl:*l ٨_ܛAsDڎ> O:e. TbՕr\O\>ȩ޴e7sk~ % l^aKSͻqff-mGeiimoaG/VYQØΝ)×198=+zgv/cf[Gei}iq>d0׀IRaUμ̣ 9Hř//NǓE\>Hm_4h; 6Hg5xWz6"qp?AIDpQ&4=nL}ae>?n 1) Ќ%c{ ~8/:a 8>_)0:CHiMRVP7>f-@/+iW,:Z]i7Y/*;,Et=j*H9<_uT1_|S`:קM8Jw5:Ҳz |q,ʖ2L-!ZV]Ւj=989k$ܔuK05١秳/3`r<gOAK Xb0Hreza^&uR?W. {fK.JT5: f4# XY! 7`%,4Vb1c WOGDbyӎ,Iy5T_(p_A)O/A1IYʙqvrXWFFr{QOVZS/➵@MM6\so3J|UM4v`ѵ 9:I{.Y(tխ!vN6fAЇ`ࡶt}9zfnn0Ϻ#h^ҳ('C9eYHd)OЅ+r`J4H37ۚlLf"qιG%$"?^ӀDҢr]]iXk =$xY0wö/OjEU4JD%X1 >? ^M&ޝPgr\J蛿zufn0LCh/@  _A9Ze?kE<7\rrN~+ҷ07H:DxAyR=.ZZFt$= e& 5|,s22 kTe| n(2)IJD~SAb9jBӝs/l͏^RgufJJ{q)g=LWNHq0Yhzi[E?n:%B1?!_ C_Y0 |\0\Ò$l=㣿/uINDSXj~U0xmo@_9=O دUmG&Yu?k/xA%g A&1O!N:Yyf繼 d"o?,}X+'xם645CJ! Wmn.MExF,Dl֬ 8 Onʖ0oA,u SJqֶ2 i(J9C;#oB3ٝ$MFj(g)d8Z^Vdq 6ū,^=F(9K1RpjdnW=# ?g+QΔ9i'u_+dq1SR-tܕ0Tdb<|>d Z7J&$?~N]Y!3K 0C'YU?lw)Er(U=)uW A,3+G Gpk%U_7VqT5|Յ6ⶌMY+N'c%Џ#|A$Yѧ| fYg͍ߑPv2DA< x(> ,]PLu zMLHy|^r'C~Z᭛!|2 Ug z Qcts DeBe|q^x\<>˥UH_iHz%(ѫ,)l:(% Z5w7_63@_B0ҕ{O$;k ŴTbb/Lq#GELss8]IU1zV c&h1h]P%/RtXVVel0~4 K_3(estb3$j*At5Ea_k=bJ}9jC U_ߤ%9&օׅFZU 7ȏNj n:& ~= S^Y+=1M?SP+"JrI2z)ڔշS! qR\;r%%go1YA,u] [oψ-0ѸM6 iYJ|A}| hBۂtZ&P1":.o=n]{bKO⓶[aqDZB{ꨰp]AxrB;/I)^!;'v($ .%Lia@LJ{g 7B @K5v߻ӫ˛!RX2GeP@0kzyɬ^xهo ?21C,h#k(Utp H%@(rE,a |ko ,в̱13wWo=8<^ۯgqȘ֩cʩX*ZBm+Ƅ(,1hMlx4~9rd:gqcZ صsQAa]VarF0e83/NyU@~&dJO4pyp ڝUHNF|/#J]-sJ6[Ydt#]p7޼{&@z N9Jc9'x+K{: Y Hocd5!2(=Õ±S%Q[B4h?%|ԕ|khr"hy[R9s+.n1Zy+W1to}@P!y6WGiҖ&̌l_rwͤ8O"t\hʋ|Y9keCc?D; nKgLY2'ğF<|*B$t#GlW56a;[@ޡuZۂ65IF.3D*VCQԃ h-Ȃ%IfB_A bz\|lkU|oªnYy* m@iʒŷ1/8ܙfbT"4U}B~Nz Y78!#y;*/+JژHGq^܍ veD>K`ľ[M%YԚqz$YM#2vDUq*=.y2pNygW@; /ZnY7L@42hd5k巶E rzwglip#H[<<эX`*Xn+KmC$쏧R'Aggw*Ev [.2|Vyb5s(;_joe;nw*8ҸժȂ2m阕|.Ǭ#Lf9'Ҍ1aYB-Y ח5K:D`>pp\iLaO5|i+`Yq6ذR@~ws}U)7YV=XC=H,3-W7-PBOXP<"+'7:\ sT4S#?] gxI|򻒥WbEťP;P#U(yr*mj(jj$U7u KBtk y";5;eB6 eyY23‰;W3+CK[~@ y=-^A;8Π\&/B1"CLqU+#KOihgTz(4i!rbp^P %3qMZIz#,k"0VXۏ}S0$9<(4$/Ljd?)W \ MdZq %3~wJx3H8z﬿8\k쑃bdƗRwԻf#Nd?U}vd7Yz_oxL!l!Fﰕ#olJ<~"f) 1{N`n V-ܾ愬q/F^+|F+R<HD/H/wCP׽T;-d$(@ް&8A;$ɺzuZ|)~ARe4e #89>Ֆ{+Ƀ2nMu5#(U?I\bz bEnQ8 ~y1gF$O{'Z>ymS7j5w{ RG\s]8w$~׽dۜvve}hmIg >1`#5ƞ> LEBW:Aײ2Q$AJ2ճ褀Dp z f lYWEbQu?ӷk: g.˺`paV#lS{xTyAŧnnocIbe>+ƪ? ~r@P߯:Tƽ)$ VdaJ=7o>98 /7Lpm)8<4lηE NP0k'^b^':E@%x%9&ӎ%%a#J(9L^2q@-w?nhd\S4S6TT 87a|) yYhu(u+z%=#@'U$tDt\mVV0PIF![OLT8XŗPQBR.V<2Ol:P˶t=iۺҭ ګ?cOd,i[#iN 'Q_v/uW^6igUбG+MS'g#WYQN,@(KG>6U"[sM0)G gs_^σJBRݛQb(+ 儒gѝp!nTLZĻkrQkzxӡ8{>RCÍzKK&?{Z/%4gߥGdd^m4oVh߬䗻V2ء$uq6Y9S5Syj毰>[]<[;Lc;PBX N݁_VD?4 JJCD+# )P _0cWØnyb7䂋!@Ҋ#^g' 7`*Jy- WQtv!O0-0U=ǿܛ])na2&Ӹff,g^~s9vcKdWG1ЫΰҔ%8w%j#Bfےa$ocz,v8N6Pli,7)nciSj.* a[oAp*k s KӚLh^w,y},cO%c5H#l xP 0f{Ny"!ө B>!=G5 _\~[Vʸ˲DX NV guJj0n\ڝ=-*Åsſ2?|&BF9"nr~1,{ z=E'+ɭ\A>"{XmNmg.,e9c%,\zBn1̶^ > XJ؃ i$w{+A`Kyl;\^^ A{g.g[YBb݆=LYafyv,SI5dBX9F?TU@?n$T,Z_"x/'>er{酨 ܨ:Xjed؝izX`EF><֦,t?;"7n@Q/{qcCMɜKdjQS p!_L{ǘ$42hw%ܽ.M]=F[7􇕏%IzT IHe&Ls$s,bւa4Յ/!l%Al-qݖ;Ӻ|Gw6zNm0XTw3"Mh"(ғ=MQ.L){6=X0ՀN Dbp.:q^z԰NK6w-yqNY (~"V>!l(j;[CD ` }[4xm'p"WԨɉh뵫]yed_xPy9LrR`\I1 Mhgs}I>6k eQڙkC}BK[x)I{)S\[PM$={{oݘ|JkT*2dvN¨%{=#^:y Q6˭n9Цg7쭰b37PzM]<)=3s g jب8@'vUj-!5eJ$և#rc;{TILpl>FeHsC icvH 'gfj^yHj^kG0IE:+ MB;khRK[ɶD|wʹ:K5~x {[Znx4}N[GdTR+2;~}큠n \kop(+6 Fc,h%eVS9wk N[ 8TXloMy͑A.S Tmn>6($=z6YpqM崖syk`*ܼв>s~ PI2O KIQg[w#uw5j? @NƧz7b|eW e!N|ݏUV 44#rF/I:ainSD6'$A)uŧ=1'e^h1YSm^&$>m)L[Ca8^K阫/z.iƐ:YgPr5Xفx`4oXr# )D0#0.IۚuU2l],FCT nMJfwvhxT5q>vHw_/@b/>Z3_qWOsάqS̟Ad7Ls DRO=\ӆZ  "Ug!ۄvW>\e_&7k׀@*>_FNw~mYAdͪj 71r[RaHv0̗A:2p xI] 礍TɧbvKdG?5AӍL^Q=>!NA);CRW&S2/i=U! BWhMcCy B5zD,#$$(υX@ ܕ?Yn2WRU.]WAhzz^Et!7ۻJSC^ҍ=mb1a?mLD-*:@t[w%r5Li!ai"Ҙ whUYnIL(oM;}q Kב{徤TsnOyO9ATY D͇HiS,0s/AP$R2bEwjM4 qGZL2 M b1Ѡr3zL908&r8s-Q|՟R^q@ːYB!⦶tPAEQ}6/~/TL&B6(A#>\VA&*@y&}:kLӺ}C=N ]Qq1 +Ӊ&ޕD03W#;Ns_?N LGEmWmwS}yа-쎽dxGڠMpy  g8e Jkj:-C'ym0T#{&hXbëGp"q+)́w(LFI"n'(//C`tzn_wo7\sbTiŗNY>DH:;TgCb$W,Jyh%q{b` V\ `D eXw£D?5U )nk!oC t_vj{ξv|x5uA2gH%_J-p*+-Io@<>u]r_FR1f{VI ݦr$ ;UgȾʄsxEn*lrؓ[ Z4zrn([x#6ĿU,&ۺDwhV>,O|RjGoG猒wWSӍң<+,Ը-A;>b63 $at=G`._vԥ:'>Yd* `U6r[^, =!?^1Mtd%9c:Fpg;i8f\ю;+3'6{|k\t|mv- o[ eӳe kW'RGp5ŀ7G43F^Y0X7 ~/1 s1;&oMTiKI!>]V|*2یi;Ckeɤ-^R`0r)c3gQMo6kmWV!BWw! ʌ9'۽x254C+f!,t)ޛkX66q4Jew ,[x@49\MTI7(G Ɖ{ 4!k-5OBbLP.EiSD"p0{0#2grÚ}?1M3 rN}^ߪ*xkDOԶ^&{ڇW-ZB:P`AyrVUx[RFn `B:'3?b?%&5BYzr9OLJ>]_"VbdIڟִ.[Z*A;[: BLф\PE*ѣsx Ǟm8,zV}6Q`,M4у ;ml* bY&HeC-|& @J,7Ys,D5!3ޤKQ֤QoKV/+؃I|c?TۗeSC}IOʯN:^m:4p{]l q N&6 [bmE,/ph㊡Xnpo-*iSOk+Kv oxPULTԕO5z^kR#wNW'g cެZеz3i/3n8<Uymt=U*;Mm"π6Rr{=C OC"%KkrfSx8rp2DVlrjC0>1]#}SmEDvu<6@.H!LkT0"H\]SICFs`?Of,hjZ7& N<:v5Vg$uK @3?8i .(DxRLg}$Fą;yW(_Y/w!^z,KGXH"MZ(\bnޮcn÷'b20xAQmdPj}m큲-XY ܈2Qi:[[v-tDvH/;8k_Ɣ3!t2PywVk#՝K$u4 yv+f>V[ښm\%-瀣${C5f'ƶ6|G9#ԯ5$X}=[绿%bJ {~ dQ)=;\jMD=VlɠJ}Ɂ #߂S 'r^{i_ >:$f:K;4LJE: MDRRJ⵮0O~j-G!nqޅĐ`ir_H+ 4,a[] QQ{Bub%LƀHhB?5>!$2`J`j0'"sW !MQXI%XjOdtPf  K?f?zQMvR_zEd\T:#$3,^ QT7_hfIk<8(6.iypoIZ1|ꗵ|&8~hEKc$HM~[=Dt*dWH :v~^A:kxB)GHL ?)i̫ztڭ] q*L^O#µKzֈ,S r O= J@Q2$_EUr98AEՀGRcƕ/ &/ GU[4aE iCiWfsMXߤǾ ֒C)&D*Q tharT/Obе+> Ie)4 EҏuW}\o͋0ѷ9XeǾ1ռA$z/پ&ka"V\[-VU,=/jAZj5}4UǪ$H]qŬKF15F5[CQlHĠ>5gk,"Ύ!`Vj+?p) c"N8V\LgZ1F@$K2zv@4{ :,ٽ+m\>vҦA᷇9"ndJsj$'. ]D_7>tu@À(E *["3iRd=d Y G1 .uUt˟d~I11fʒ.^x\0.2L<x`a!og{Z#,-A6X!߼BHP?)%UO3y\)ʛy b9Si:\J*KY9ot`u6gh(pi@lkTWapUQQY J%l1Eh9z!ٶ.!7A2>N2J=#""x`-P3hSlsѻ5'QǎF@b[ *O[ K+Lڈ}:* V ` j+쪒 1_Tkn[9Y"-&@6Cyc=H 6`u]-G)lU' }u;!j@$_+pwSp᲏pqڮMrXK-צVO`'{nؗCGL>8bJYe)lf0;C9 %tͳzj̜Hz_~:g/w&БMɓ~b_K꾀,ʳfV~];`9Rgߊ/=G-B+hCk򭯰h NkH18[ޟP5AսӴ71߾r*u_~v#knfUy 5b[u nVZ&be(q7l]iUchqFgՀ-(DV@Ԍ&7:nC z:A)7l#&xK?evȚVg/ Ľyh1?SE $W|||=wNI_gK5jl@P3}cadprj!`l!QSϱ\RGdm`90W-ln,Һ!QaL RM]JR _q* Gq trvW#e貞'Crvm.mY}NB=U(3,/ygd?yB' n2fe_VsĢq@">iTi[JP>Ly)Ӊg)k48]rj ~/D\ӸCL8;KP>8xI>{b&n/7PGߘȣb7|_x@d.^ )/ H$Z9LwڬsoR%38N}[́[+qKbTFד, :(HɑmO?Z擬;uͺF'5Ї9挥V1Mw& ή :2 /R[1N8Q`,܋LUH3ӓ\Ѯa-~I}N1Y+}R_pP icz7e0ݍ: Mq?(^ 0ׂMľt1{kQ{JKzzKp T@(њ٘9 ?G+zwsi8:('0T.(P)\ t0%7*8p[=vst%I]Ɣra Yz-/ֿ0{!_ݫ |g/Y_Z ~4ea1~韯nɆ$iZ~(z_\t%hw- 7Z*D=[EU<# wm O᭞YVhὣSDgW:>:aa\6ھ8<扥Eq}Uez=kUs|FR.%FתP.Ba산п-R> qHZD9}λe@OތWk/%mRӖԘ YZU<|EZUGlO^o[aiSkm#B?7S[p)sNZF-~O銵5|'Yi +uܶjK A(GҁCw6%S-ȊC:Ƌ*WCsUpX`N|/w#ٮF2byk1/O{51 \ca\ 78N2t< q PIRT4OZ~mZ5nq~ ʾmF2DU,H)"6 >~я=7I"'(8sE22,B[.IUYXQ.)́X~B= 7~-Tx\E4羱{nAAOZ0B\Bw>-YkG8Xv(U%\s_j L 1M[0IaXͭ.Bx۾;$  t2i1X ]״o%eHi?9lU:J(PUO_5hFmR2Z U ϥ -.LULӧ_Mp6Ƹ >oyA$MUU샩1ƣXm:;ؚaZcxm)5?_$[xEYaJAɳ|=? qρHGIh%Ѵ3rcxz[℺'nNrZwAŝ[LS?b'ʛ$IƱŵ,%Co7]L Z8A1 BVp,CU[.J>'wNn3/ eRsQtcUxN7?4Yk͵T)t*(]T~1UGxjėێ-aiUl@IȟQ%vqeN\?=Az'el{+PBn~s8EvI\5c>W;}-)> bpRywu#X1 $y8" EmԾ.Fۯo(?Q@`%U5MC튷d;$9r* (_td4CL*N p+mMMM- ]L[!MCdp#yS0?쩎6(A-Lxd8KjҨl \Z~(xeÙa nZ3Eh4;CjY :Z\[c@s,^rѸ^Vn&X]^MStNѳyhhtumQ3Wcǔ F}c7I"=7B P$E+;DG#3qHi34r^RWyp?sثda%=Y̞A黅jya Vjj]6KѼB uJ)!2Y) x싦^ \#t/ J.r`C|]1&]]>(^̅1]?lPΦb 06u]8AUd\Xl69{'ٗgѤ0-f4cM0JLy""JzQQFGqOpa`юlc#]Rv6Dwq)J] o%d~خ1G"aȆOE5! OB5O]-ܛrob50&] 0ȷN~7•@g)]S#2L7?:|A~{uhSnqzt[s6=eӾuXdyd #h+Ǖ/`%I!\')/c0ᬷdK$~}롎6 ޺9uimԃJj>;dCwLӣ @45` E!~bG(>A޵z} bv5c/wS.Q@Ct("P$އ<ڞ k.3@Si^'K u)VD7;F@M8,kO n.un̽݃퓥Zo>c3 F @!zXnWĻ`+7KJdfca*i SE~aCL;^ÕѨ4p)P!<:Y&o$~!%C n7чLk&j7!:E_an̟0:jYJpKRΥh_Isp0~֘muy5"Y]o)2G)o GfHS5\+T[YPȕAT!\HhUJd?FwOzc/8>)@<0e%GHTZ :Tud8Zc3Tq _ f/B KBdT6-t@{}&)BM 'g;ХL?齉0ن!8Wft![Ӂ[4D E;c}ݬ+T;7[,y ,DW5zQ;q)FIf Rӛt˝j[$d6Z Y0EyZv`V4 ̽?jz>I^ӽloDY1|6tYϽ-C0N7KM&W:;;qPae^S'Ħke[Y@ ]yvfeȒIH ,K 4*Nv^Ai8UuJA{D1o/5#!<3LQ ic4FhsXq'+Ξ @xթᱏ=U!B#fާCRZ/|S[q!] H/أv:h=L.y 5 1e;ZwtNN"{*OLxQVǃN ݡ\PNh8?3]OA委l7 'G%E op)z] P"*x0chW36N a9yÒ9Yz[d+([W9F 9 T €<# *f{ǀQPN͑!dnr| K@k˅i71;[}TL@"y\ZY,N[ko;vS͚>yvTPkU$gkcP)3BE!FIࠜwS|KCo@gѹ /^xa}Ͽ }J  bw3 2d";c=^ ,Z{ۜM4'ֶu+(ݩr:'XRի1͚ ث  8>v v`ؔ=/.ԫ޻88O7~M-X&~s#qMij⫮=K5^`hha BW3|\3dpZ?:ɓ u ޹51/fN۽MFfu%K83x/c~x1W,Fr$;%4* n44sG -Pg:dMNK!ykL::3.iH_'(-|}6 TE.Ju%{9?X?*Z ߗK$?f'CCͤá5nTg׺C1jj# ącIؓ)g o,p?*sB{*{|st|QG%p`BrQ̇A)|jdhPrzf$¸Y*Qp";}_WғW75 ك(Kur%FHR ~c-—EMvH/24FT\j3Ruѷ{NI`KNIOx&G;Mޅ'fhWF- D960d&3L6Ia ,2x,)%Ax^F$ lT4iAM:+$w~dn]) HBLbok $1ЩԒU!a IMtG9|eV8Z?PS~MO s@ٹUΩ_icI 0fސm!qYN|REՇ v"x*0a;COμ%t|rij&;BȔ&a17zFiDk;f1 ׾>GrDL) $pET@96:$eNT4N=%Hp?ǎ$ eJȯvj9ְ*BZG VU NhI͛; 懻uڧe!_ŀ{a)yVvz{lεe%{2=]8SImBNNJ}B }ݞ~wX~,^]I0!װZgb4U7NAc2ͼvKҐnI?UPQPqqDDn0WE:1З{>HBzvk”ajWTo_π&l!֒@byeW7PЀǔb1[0~w7'N7F 5w˘0z&y'o°AB(`,o'&˓$`f,UE0;@_]xŔ="JbGdx$>X~Ю\@tE/5[#4[\i2j"va7ٿ<=$ '!Pͨ.HK4u]%E{R2qL|,- )H篳JED ꑔiŋ(I=<nĉFqE[qA W=Dhk2O O;Vqa)[ !/0"rw wIE`j|^<1H· <{^05則,#݁b`I\96\Nȏ%C&<{) X`8˴ů+mߘ8mp.hߞQFj u(N`XغfIG5}_TKg+ Ÿy)i6)LxvR6"W^F׻")*7ܴ(ݟ@ǽtDiqJ|JB^XHJi8ĉGe3a 4!;d;!Y\.*5sXP $sLW27%4}!=,g9 j`d[;X62d_д5v6i`qw?v7ڷs޹c23f5Rg[kcw6:/:\|TL[5 #=29N 0{ƕzEp)ArTq3VzL"6u\ BR؉ݗ5a\3̯}nn%̱7իi7B^{~<TMwلD%tޭ9!^%O-Hֹ]XHi̢2s zBcV|#59{Ƥ|6n>/2Jg8I\vN"6wԚn xWK 0ڟg>&@\njQ`?X\.55ߘY& ~Ϲ Y>w𶲫*EIvcgizf U`鴓t¾pF/Cܦ>W;oN D%hLFr/{z<(UѴPg.ʿPkB%:̅fN~9lU`F>d>R (ܡ{¼rGqeр5%A| q3#w$)ߔ~]ő4̰/gY0R,V>JX ˏJZ_8 nʥr0yEn3-qd-O^)/C$bd"btcז!5&O2d~Z$#33cg}RŜ2CEɦI _He9IaT3s`}=b,{9Z8L3^3gb{BR9^.!Ct|Ї{I(q VN<*&M`S(&"{c%LQѱ!^ o*bL^aV/̸g-)kkAکP2}c0Nz@^+h;\Hf j1 5+&лIk\C^ޑ(m犍ἔLY9 D&;LmI/ļP9z x47>ʈuJpboإn+1Vqxn$S yZиZ=/%P6mrofg7 GYSkɭIDq}J4}ImC+gn@hES24 mkûS*w=Pz$TH|*집Ҷ5m*-`\(5^d ^F퐝[\97u <*lG^ jC Op_\S3IbvQ5:v Y ݻ"5$ ac2z{)u`Yu&Dܴ.JA9؏҂Aܗ?sXWh3A$sgNݜv]ͅ7܈5dD<˅iҽqCtduMgM*ѕ9o:7L_\ M0*Ϡ⡁2 j_S {mլyqbU4T?(PT2]2]٩3@Lcs!*%R,.:qajgo]#j8Ro,)@PMRХıQ\̥db/Oss֤:,Pˡ˝1Il)I䛾՞%6YzL3|xUbX 1}8`F aCUL#حjNƈ gr(:3lSNI.Zps`&V}*ejGK0㏨ť~Ր*0k8Up#:'GEF8LǷ#+vyi䟠N;Wr#Z~(rMؘMsM!w>M|DMC)k#cr\۝B'(`x[t83~h$d 6_*3i JwT$u~#j,ݡlc99 z> q2t]`voԛđRJ,h1Dqv\p @-̍җu3N|T0O~FVAQ6}P,D` 4mG98ޔD!?L o/>meRd\%d)RIb{a+yHb^/t8w欁G/pQ0XaqBՌEaՊ)SnhQ be-#\vY@!iw>@PKtt dSN1KlZw4w)ݢ &,Z40?m͹a.ҴN@p檄%6O 5l$Ή_dg]@G܎Fb kyB0e& 4J%!?V V`H_w\7|&.wU/X~2~T ^.D o>#^w6rŘtk*%R;Yv[#િqOF-^u8p:96[p\ctpXw1ζ"v}iA_ JS{$smh{ƣQ~?pwR:$ItXШ,_,m~ ;XMz8iyMp?Pp!RtEveD3ccZU b]wU<A1Zs<SQV[V6d3KSV6f0KĄZw_',/F~!;& 2p': X)5Ld'%].14dW%«Lćti-?Rvӈ1DuYǡ;dQYRmADТE`d-bxCV57ߏ%*c1`£2Z^jaIB\\TFo78kXBh0FN/(inS<.Ix:+|7@[O.xR?qp 흀,/\7Gj?(6{g&O'{óqn\lHTUP&CS`[x\-$\kYJPܽ3|Ս?55S}=T +^P#_TS?LVO}O G}FZ0bŒ!Y+VL[$/R6AFI⎕*!\O"] E׋BAh 9)!, =2(㦧TYcoDZJ"UFEqS@+ܮVǖk!$ۧV,P}mx™# nXnP4`Σh5~441+B}ï~m0ȗֵpuR]gkN|~`m(),Xr4TE^T[_ C_IjVZ@[PQ'xevSWɆ(`)z(?]6hȦ/׏G8:.WVK&8rgJ٨q:v>E^0b'Ex=@-:iY,o__2oF5E0$j~XRNVyO⩜kzٚ/_b.WdPi9Ru0$Zx[!F&eX>Z.2KG5fR%;N*Ήmz}#l^_2zg.'0~7 "P@1rS}TjEIcMn .%@!}gցzf$Z*|;"$fx9I~([`bR- 'wKjI-uG~$ʽq")?W9阕Y^r돤!~:4ԀWH%vΒ-;W.`b国*`/$w.`-G.uL9~oe UQmwg7ZzҸcb(@j"-BrPj)iop}峚{EEPWRһOS D>ifgdýʐ)MH.*6R\s4MqV쏪 bPPz]f{c`&FՆxXEVFIѓ;2n^d2a{%>9 ;7tto~.F1ep̽7ܪ8chaUh;ؿv4'JS#:lZ/IDP ;.ow-Duw>wOA'%ه3߭y(Z+y*= l "Y,+ѫi<̯<o2͓€iF\U@bIE2.s~Ð.㙞^kQqa0( ΅I"SsDw~Ф#l~+YE㨯Y6K 0_Bc ULYK)UW}3APcDK./sZT׆ʸBKI,~XwHamz)&"+@sdD|NC֥SX>:dYFxDq6!˶=*qXY_YH&eb6F JH;wtU5ּX4iH_,O>_*uFR(p*"4v@} pNOސ;(r#We܁35Ac̉P=#\]Z1h$_boitnDx >N {yftdtRӞR-&('OTp>tN dn(җ|Oj`)Y|\OIX.Yd v8VbFN)[\k&%sPP-D;'}柝:n?C}ƏgRijiU.TbaZ*)gX!MN h?#֍;ٲzN-Tej1.{2ѩM'Kcݒ'w{K8jr=F0 eH@B2^' 2Р/nFF>:k,BS;FȫrsL[*j~zF(~[YR?:IDM(CDq2~wax+8_ו`!wb" d32OőSvL /-;d<5,F7 )U!&`Zh⾕2AwzZZ  ~?L&́Jڃ1x俯R/*Z"%"G)/f^Fi*ߌrЭQ+<!Dqk@6 +P犗^05w1g!Er߶Qo$ 62VN9vP8QY[I(kpKMT5B58D'42[ P\e!B#t{ D\yEzm7ظ5sdCy &|v"{oX?1?]qgQ/_P=oK'm3=^^UV*!I*.ݢu"ְ!ByZһ/\Jk>̫yOA= 0 Nb.ڇiV{0c@q'$g(-ŽQ8LUVgt89h+J܈)]pJL,9[eayLüiI/kȟƗ8VF",mS>Ƿr3cəitWeJu | |I-g^o@x(uWVc]u3NjNxncz 6rw}Gܜ$;~ 5{LFk>S7r.H uIY$(&D=Ֆ{rR n &'B~SD=NHhU2q\ќ)AQuu>,&OA3bP >m5n^w}4V'ɈBwTAly Ecٽls+\G=mz%#VdduYձ,>X*Z|L UJ1P?b<ͱ?nje_Sp`Wm u ;NLg:!|Cd>eg.5D̻>nL pjwI{ֻ\5$w]܃c~)/D(4Y-O!o#9$()5+oa|>9E\;:={S %s @fJEVz6pޛo[viNF&\6NӋy.PpZ?§]zqv6Ѣ҈l^ R+,m>GX_q&rā{GAZ>5E ~e7 L GH C'uVKƽ.>=v.,G׆;iI##1E"1 &}">)Ϟ. إPyY@<&c =^~4t0o6, 5Y~&@scr_u۵W[Vh }b>U"pIڲ  I@ I.rV=DCE̺܎6mU4Fʆ|_7K=@sнXܚTRYv5%B^׌<E@ci*鐄уm+PP:ofp(nl1++q}Ckþc!#0BvZ(73[و)Ĝ8ѧYO';r4jr y͇iLlZ,SUYE/ܝ)N[p~\3NX1v MERyk:  c?#|n48f3h z{wO4\ȉ<kJNsD T}{ܷ!p5 i^JTƮN g} S1~8(5}H-3sޕ9tU3 ĵiF tY$)snD7"%\HV VLQw'DQ~b}vX̉Ďf[NʛJL4b"m w֫qJB;6V&#IW(YxA<Xjʔ|~ֿ_4YP =}gW+/H Wf~k;LR _ jXH05CV<:n:lzB|u6M|=i`P_ȽmD= B{Eo% z~=5ޜn6!`Ec':ꆛYoT%[p]ǑLjh~ukKzը.,pbq $/23D'4E 7 1uX#00 og6:RopJvozr̸AY4Ѳ"stmdW3X 0^^Uo됍E&`䨪Z`?]S]gL~7| (м,,Iqs@$h:D ;ZP]$8 WmO\6 Lj Hy{0-#Kad*Zd)(/y1lkkhdwc.O8vĮ,"na)"$>vCz\Q,{>.$5Hߓɞb但fUOOB5Ҝ4Nyx+S@f'Xj`fˡ6QVT*ȕhH|~'4 QQqVъwg!sƹKFwE*А\ծ{๫"!GRoanWd[j}ĢEu1;ML-@-ygQA@Mh,( #-?<%kLk"ʍ<|i 3I0#4[ѳI=_"DL7>V2$fUx=S\!:\B.7N:IGZ]?*Ҹ%PB_pSCؘg b|a@K(8 agyR/(2TZ9h!FBގO+zHàSD"Vz"ДB@;;no~ԳqkK.šJ_ʄ;_:-=Л S&Xve -u9JƐE ~gRO}f=\ J7;m }~T\3a,⾉vãPasN 32u=XEբjmHCH 2zY=\5uD7H