nss-util-3.90.0-4.el8 >  H   ȉe}v U]+@;.m6򀂀Xe)ERNvYC ,hx?^&YQ8bi̝V{[J$%'!dΙ|w^JN V)OZ:tQ@GD@#|Hzg<٭zjb† .b_%F9&L:P+AX %:\|fԷ!|l(ѵ|jCyCt_@TA*`qA^f6]+m"ʹ Qruc"7:\? 7(aۙrWۙ,=>p&n2^:+|1U#5+ 4#lBʭc@ 1 `[wECrL`<?pd   D  8 D P h  0NldV(89t:_GHIXY\H]`^b(dxe}fltuvwpxy  $*lCnss-util3.90.04.el8Network Security Services Utilities LibraryUtilities for Network Security Services and the Softoken moduleepx86-04.stream.rdu2.redhat.comnTCentOSCentOSMPLv2.0builder@centos.orgUnspecifiedhttp://www.mozilla.org/projects/security/pki/nss/linuxx86_64$'FAAA큤epepepepepd|N395f5ef64ec91637fab5db8843b0faf153b9150d11e31ccca1c8f43680858e54a20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4../../../../usr/lib64/libnssutil3.sorootrootrootrootrootrootrootrootrootrootrootrootnss-3.90.0-4.el8.src.rpmlibnssutil3.so()(64bit)libnssutil3.so(NSSUTIL_3.12)(64bit)libnssutil3.so(NSSUTIL_3.12.3)(64bit)libnssutil3.so(NSSUTIL_3.12.5)(64bit)libnssutil3.so(NSSUTIL_3.12.7)(64bit)libnssutil3.so(NSSUTIL_3.13)(64bit)libnssutil3.so(NSSUTIL_3.14)(64bit)libnssutil3.so(NSSUTIL_3.15)(64bit)libnssutil3.so(NSSUTIL_3.17.1)(64bit)libnssutil3.so(NSSUTIL_3.21)(64bit)libnssutil3.so(NSSUTIL_3.24)(64bit)libnssutil3.so(NSSUTIL_3.25)(64bit)libnssutil3.so(NSSUTIL_3.31)(64bit)libnssutil3.so(NSSUTIL_3.33)(64bit)libnssutil3.so(NSSUTIL_3.38)(64bit)libnssutil3.so(NSSUTIL_3.39)(64bit)libnssutil3.so(NSSUTIL_3.59)(64bit)libnssutil3.so(NSSUTIL_3.82)(64bit)libnssutil3.so(NSSUTIL_3.90)(64bit)nss-utilnss-util(x86-64)@@@@@@@@@@@@     @libc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libdl.so.2()(64bit)libnspr4.so()(64bit)libplc4.so()(64bit)libplds4.so()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2.5)(64bit)nsprrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)4.35.0-13.0.4-14.6.0-14.0-15.2-14.14.3epb@e\d˖d\@d\@dxb@b@bγby@bba@blbbb@a@@`E`ݮ@` @`ٹ`̊`9@`Ȗ@`D`r_@_^@___@__"@_"@_"@_!d_@_ L_ _@^^@@^@^ۅ@^4]N@]]߶]e@]M@]µ]L]]^@\F@\Q\\\\\\@\I\I\U@\ `\l@[[[u[#@[[W[O+[M@[ZZw@Z|;Zo Zo Zg#Z ZZZ@Y+@Y{YY@Yn@YV@Y@YyYm@Yg`YJ_Y1S@XX@XX @XXYX@X@XX~@Xx@XoX>@X*X@WW@Wt@W~Wv[@WrfWoWm WbWQq@WPWJWDB@W4p@W@Wo@W@VV޾V޾V@VяVIVɦV@V@V=@V@V@VO @VHsVEV3[V UYU@UU@U@U>Ua@Ug@U[%UUU @T@Ts@TTء@T@TÉ@TT@T@T?@T:m@T"@S@S<@S@S@S @SSSSpShS(5@S@SRy@RJ@R@RR@RSRR@Rm@Rg@RD!R@RRR|Q@Q*@QQ@QKQ@QQW@Qw@Q]k@QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.90.0-4Bob Relyea - 3.90.0-3.1Bob Relyea - 3.90.0-3Bob Relyea - 3.90.0-2Bob Relyea - 3.90.0-1Bob Relyea - 3.79.0-11Bob Relyea - 3.79.0-10Bob Relyea - 3.79.0-9Bob Relyea - 3.79.0-8Bob Relyea - 3.79.0-7Bob Relyea - 3.79.0-6Bob Relyea - 3.79.0-5Bob Relyea - 3.79.0-4Bob Relyea - 3.79.0-3Bob Relyea - 3.79.0-2Bob Relyea - 3.79.0-1Bob Relyea - 3.67.0-7Bob Relyea - 3.67.0-6Bob Relyea - 3.67.0-5Bob Relyea - 3.67.0-4Bob Relyea - 3.67.0-3Bob Relyea - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1.1Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-17Bob Relyea - 3.53.1-16Bob Relyea - 3.53.1-15Bob Relyea - 3.53.1-14Bob Relyea - 3.53.1-13Bob Relyea - 3.53.1-12Bob Relyea - 3.53.1-11Bob Relyea - 3.53.1-10Daiki Ueno - 3.53.1-9Daiki Ueno - 3.53.1-8Bob Relyea - 3.53.1-7Daiki Ueno - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Daiki Ueno - 3.53.0-1Bob Relyea - 3.44.0-15Bob Relyea - 3.44.0-14Bob Relyea - 3.44.0-13Daiki Ueno - 3.44.0-12Bob Relyea - 3.44.0-11Daiki Ueno - 3.44.0-10Bob Relyea - 3.44.0-9Bob Relyea - 3.44.0-8Daiki Ueno - 3.44.0-7Daiki Ueno - 3.44.0-6Daiki Ueno - 3.44.0-5Bob Relyea - 3.44.0-4.1Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Bob Relyea - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.41.0-5Bob Relyea - 3.41.0-4Daiki Ueno - 3.41.0-3Daiki Ueno - 3.41.0-2Daiki Ueno - 3.41.0-1Daiki Ueno - 3.39.0-1.5Bob Relyea - 3.39.0-1.4Daiki Ueno - 3.39.0-1.3Daiki Ueno - 3.39.0-1.2Daiki Ueno - 3.39.0-1.1Daiki Ueno - 3.39.0-1.0Daiki Ueno - 3.38.0-1.2Daiki Ueno - 3.38.0-1.1Daiki Ueno - 3.38.0-1.0Kai Engert - 3.36.1-1.2Daiki Ueno - 3.36.1-1.1Daiki Ueno - 3.36.1-1.0Daiki Ueno - 3.36.0-1.0Fedora Release Engineering - 3.35.0-5Kai Engert - 3.35.0-4Kai Engert - 3.35.0-3Daiki Ueno - 3.35.0-2Daiki Ueno - 3.34.0-2Daiki Ueno - 3.33.0-6Kai Engert - 3.33.0-5Kai Engert - 3.33.0-4Kai Engert - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.32.1-2Daiki Ueno - 3.32.0-4Kai Engert - 3.32.0-3Daiki Ueno - 3.32.0-2Fedora Release Engineering - 3.31.0-6Fedora Release Engineering - 3.31.0-5Daiki Ueno - 3.31.0-4Daiki Ueno - 3.31.0-3Daiki Ueno - 3.31.0-2Daiki Ueno - 3.30.2-3Daiki Ueno - 3.30.2-2Kai Engert - 3.30.0-3Daiki Ueno - 3.30.0-2Kai Engert - 3.29.1-3Daiki Ueno - 3.29.1-2Daiki Ueno - 3.29.0-3Daiki Ueno - 3.29.0-2Daiki Ueno - 3.28.1-6Daiki Ueno - 3.28.1-5Daiki Ueno - 3.28.1-4Daiki Ueno - 3.28.1-3Daiki Ueno - 3.28.1-2Daiki Ueno - 3.27.2-2Daiki Ueno - 3.27.0-5Kai Engert - 3.27.0-4Daiki Ueno - 3.27.0-3Daiki Ueno - 3.27.0-2Daiki Ueno - 3.26.0-2Elio Maldonado - 3.25.0-6Elio Maldonado - 3.25.0-5Elio Maldonado - 3.25.0-4Elio Maldonado - 3.25.0-3Elio Maldonado - 3.25.0-2Kamil Dudka - 3.24.0-3Elio Maldonado - 3.24.0-2.3Elio Maldonado - 3.24.0-2.2Elio Maldonado - 3.24.0-2.1Elio Maldonado - 3.24.0-2.0Elio Maldonado - 3.23.0-9Elio Maldonado - 3.23.0-8Elio Maldonado - 3.23.0-7Elio Maldonado - 3.23.0-6Elio Maldonado - 3.23.0-5Elio Maldonado - 3.23.0-4Elio Maldonado - 3.23.0-3Elio Maldonado - 3.23.0-2Elio Maldonado - 3.22.2-2Elio Maldonado - 3.22.1-3Elio Maldonado - 3.22.1-1Elio Maldonado - 3.22.0-3Elio Maldonado - 3.22.0-2Fedora Release Engineering - 3.21.0-7Elio Maldonado - 3.21.0-6Michal Toman - 3.21.0-5Elio Maldonado - 3.21.0-4Elio Maldonado - 3.21.0-3Elio Maldonado Batiz - 3.21.1-2Elio Maldonado - 3.20.1-2Elio Maldonado - 3.20.0-6Elio Maldonado - 3.20.0-5Elio Maldonado - 3.20.0-4Elio Maldonado - 3.20.0-3Elio Maldonado - 3.20.0-2Elio Maldonado - 3.19.3-2Elio Maldonado - 3.19.2-3Kai Engert - 3.19.2-2Kai Engert - 3.19.1-2Kai Engert - 3.19.0-2Kai Engert - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.17.4-5Till Maas - 3.17.4-4Elio Maldonado - 3.17.4-3Elio Maldonado - 3.17.4-2Elio Maldonado - 3.17.4-1Ville Skyttä - 3.17.3-4Elio Maldonado - 3.17.3-3Elio Maldonado - 3.17.3-2Elio Maldonado - 3.17.3-1Elio Maldonado - 3.17.2-2Elio Maldonado - 3.17.2-1Kai Engert - 3.17.1-1Kevin Fenzi - 3.17.0-2Elio Maldonado - 3.17.0-1Fedora Release Engineering - 3.16.2-4Elio Maldonado - 3.16.2-3Tom Callaway - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.16.1-4Fedora Release Engineering - 3.16.1-3Jaromir Capik - 3.16.1-2Elio Maldonado - 3.16.1-1Elio Maldonado - 3.16.0-1Elio Maldonado - 3.15.5-2Elio Maldonado - 3.15.5-1Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Peter Robinson 3.15.4-2Elio Maldonado - 3.15.4-1Elio Maldonado - 3.15.3.1-1Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-7Elio Maldonado - 3.15.1-6Elio Maldonado - 3.15.1-5Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-1Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.15-0.1.beta1.2Elio Maldonado - 3.15-0.1.beta1.1Kai Engert - 3.14.3-12Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- FIPS review changes - add PORT_SafeZero to avoid compiler optimizing a way zeroing memory. - update the indicators for this release - allow hashing of longer than int32 values in a single PKCS #11 call.- Fix expired certs in tests - Fix CVE-2023-5388- add indicators for pbkdf2 - add camellia to pkcs12 doc files - fix ems policy bug - disable ech- fix the change log- rebase to NSS 3.90- Fix CVE-2023-0767- Fix QA found failures: - remove extra '+' from sslpolicy.txt file causing test error values - only use GRND_RANDOM if the kernel is in FIPS mode.- FIPS 140-3 changes- Update fips default for pk12util to AES rather than TDES - Fix bug in pkcs12 files with null passwords- Better fix for test regressions- fix nss.spec so it works in a rhel-8.1.0 buildroot- FIPS 140-3 changes - Reject Small RSA keys, 1024 bit keys are marked as FIP OK when verifying, reject signature keys by policy - Allow applications to retrigger selftests on demand.- Fix pkgconfig output- NSR Coverity fix changed selfserv from passive to active, change it back- Fix regressions found in test suites.- Rebase to NSS 3.79 - Set FIPS Module ID - skip attribute verification on attributes with default values - don't export trust objects if they are default trust objects from dbm - add dbtool to nss-tools- Fix CVE 2021 43527- Fix ssl alert issue- Fix issue with reading databases that were updated using unpatched versions of nss- Better fix for the sdb timeout. The issue wasn't a race, it was the sqlite timeout waiting to begin a transaction under heavy thread usage.- Fix sdb race condition- Fix coverity issues- Rebase to NSS 3.67- Restore old pkcs12 defaults.- build nss for older nspr so we can pass gating with the new nspr in the build root- Rebase to NSS 3.66- Fix various corner cases with ike v1 app b support.- Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC.- Revert some policy changes the generate ABI runtime issues.- Add support for enable/disable in policy. Now if your policy file has disallow=x enable=y it will act just like our other libraries.- Add OAEP interface so applications can wrap keys with RSA-OAEP rather than RSA-PKCS-1.- fips need to reject small primes even if they are approved - code to autodetect whether or not to use the cache needs to do so in a way that doesn't mess with filesystem negative file caching. - add kdf selftests- Fix issue with upgradedb where upgradedb expects standard to generate dbm databases, not sql databases (default in RHEL8)- Disable dh timing test because it's unreliable on s390- Explicitly enable upgradedb/sharedb test cycles- Disable Delegated Credentials for TLS- Fix attribute decryption issue where the private key components integrity check on private attributes where not being checked.- Update nss-rsa-pkcs1-sigalgs.patch to the upstream version- Include required checks for dh and ecdh key generation in FIPS mode.- Add better checks for dh derive operations in FIPS mode.- Disable NSS_HASH_ALG_SUPPORT as well for MD5 (#1849938) - Adjust for update-crypto-policies packaging change (#1848649) - Fix compilation with -Werror=strict-prototypes (#1843417)- Fix regression in MD5 disablement (#1849938) - Include rsa_pkcs1_* in signature_algorithms extension (#1847945)- Update to NSS 3.53.1- Update to NSS 3.53- Fix swapped CMAC PKCS #11 values. - Fix data alignment crash in CMAC.- Fix coverify scan issue- Fix endian problem in SP-800 108 code.- Install cmac.h required by blapi.h (#1764513) - Fix out-of-bounds write in NSC_EncryptUpdate (#1775913)- Add SP-800 108 Generalized kdf- Check policy against hash algorithms used for ServerKeyExchange (#1730039)- Add CMAC- CKM_NSS_IKE1_APP_B_PRF_DERIVE was missing from the mechanism list, preventing PK11_Derive*() from using it. Add gtests for the PK11_Derive interface for all the CKM_NSS_IKE*_DERIVE mechanism.- Backport fixes from 3.44.1- Add continuous RNG test required by FIPS - fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor specific mechanism- Rebuild with the correct build target- rebuild to try to retrigger CI tests- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set - Revert the change to use XDG basedirs (mozilla#818686)- Add ike mechanisms in softokn - Add FIPS checks in softoken- Update to NSS 3.44 - Define NSS_SEED_ONLY_DEV_URANDOM=1 to exclusively use getentropy - Use %autosetup - Clean up manual pages generation - Clean up %check - Remove prelink dependency, which is not available in RHEL-8 - Remove upstreamed patches- Update manual pages to reflect recent changes in commands- Make sure corresponding public keys are created when importing private keys.- Fix the last change - Add --no-reload option to update-crypto-policies to avoid unnecessary restart of daemons- Restore LDFLAGS injection when linking DSO- Update to NSS 3.41 - Consolidate nss-util, nss-softokn, and nss into a single source package- Fix the last commit- Support for IKE/IPsec typical PKIX usage so libreswan can use nss without rejecting certs based on EKU- Backport upstream fixes for rhbz#1649026, rhbz#1608895, rhbz#1644854 - Document PKCS #11 URI - Add warning when adding module with modutil while p11-kit is enabled- Update nss-dsa.patch to not advertise DSA signature algorithm - Update PayPal test certs for testing- Backport "DSA" keyword in crypto-policies- Update to NSS 3.39- Fix LDFLAGS injection when linking DSO- Install crypto-policies configuration file for https://fedoraproject.org/wiki/Changes/NSSLoadP11KitModules - Port enable-fips-when-system-is-in-fips-mode.patch from RHEL-7 - Use %ldconfig_scriptlets - Remove needless use of %defattr, by Jason Tibbitts- Update to NSS 3.38- Backport upstream addition of nss-policy-check utility, rhbz#1428746, includes required fixes for mozbz#1296263 and mozbz#1474875- Switch the default DB type to SQL - Enable SSLKEYLOGFILE- Update to NSS 3.36.1 - Remove nss-3.14.0.0-disble-ocsp-test.patch - Fix partial injection of LDFLAGS - Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream- Update to NSS 3.36.0 - Add gcc-c++ to BuildRequires (C++ is needed for gtests) - Make test failure detection robuster- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Fix a compiler error with gcc 8, mozbz#1434070 - Set NSS_FORCE_FIPS=1 at %build time, and remove from %check.- Stop pulling in nss-pem automatically, packages that need it should depend on it, rhbz#1539401- Update to NSS 3.35.0- Update to NSS 3.34.0- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka- Fix test script- Update tests to be compatible with default NSS DB changed to sql (the default was changed in the nss-util package).- rhbz#1505487, backport upstream fixes required for rhbz#1496560- Update to NSS 3.33.0- Update to NSS 3.32.1- Update iquote.patch to really prefer in-tree headers over system headers- NSS libnssckbi.so has already been obsoleted by p11-kit-trust, rhbz#1484449- Update to NSS 3.32.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- Backport mozbz#1381784 to avoid deadlock in dnf- Move signtool to %_libdir/nss/unsupported-tools, for: https://fedoraproject.org/wiki/Changes/NSSSigntoolDeprecation- Rebase to NSS 3.31.0- Enable gtests- Rebase to NSS 3.30.2 - Enable TLS 1.3- Backport upstream mozbz#1328318 to support crypto policy FUTURE.- Rebase to NSS 3.30.0 - Remove upstreamed patches- Backport mozbz#1334976 and mozbz#1336487.- Rebase to NSS 3.29.1- Disable TLS 1.3, following the upstream change- Rebase to NSS 3.29.0 - Suppress -Werror=int-in-bool-context warnings with GCC7- Work around pkgconfig -> pkgconf transition issue (releng#6597)- Disable TLS 1.3 - Add "Conflicts" with packages using older Mozilla codebase, which is not compatible with NSS 3.28.1 - Remove NSS_ECC_MORE_THAN_SUITE_B setting, as it was removed in upstream- Add "Conflicts" with older firefox packages which don't have support for smaller curves added in NSS 3.28.1- Fix incorrect version specification in %nss_{util,softokn}_version, pointed by Elio Maldonado- Rebase to NSS 3.28.1 - Remove upstreamed patch for disabling RSA-PSS - Re-enable TLS 1.3- Rebase to NSS 3.27.2- Revert the previous fix for RSA-PSS and use the upstream fix instead- Disable the use of RSA-PSS with SSL/TLS. #1383809- Disable TLS 1.3 for now, to avoid reported regression with TLS to version intolerant servers- Rebase to NSS 3.27.0 - Remove upstreamed ectest patch- Rebase to NSS 3.26.0 - Update check policy file patch to better match what was upstreamed - Remove conditionally ignore system policy patch as it has been upstreamed - Skip ectest as well as ecperf, which are built as part of nss-softokn - Fix rpmlint error regarding %define usage- Incorporate some changes requested in upstream review and commited upstream (#1157720)- Add support for conditionally ignoring the system policy (#1157720) - Remove unneeded test scripts patches in order to run more tests - Remove unneeded test data modifications from the spec file- Remove obsolete patch and spurious lines from the spec file (#1347336)- Cleanup spec file and patches and add references to bugs filed upstream- Rebase to nss 3.25- decouple nss-pem from the nss package (#1347336)- Apply the patch that was last introduced - Renumber and reorder some of the patches - Resolves: Bug 1342158- Allow application requests to disable SSL v2 to succeed - Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails- Rebase to NSS 3.24.0 - Restore setting the policy file location - Make ssl tests scripts aware of policy - Ajust tests data expected result for policy- Bootstrap build to rebase to NSS 3.24.0 - Temporarily not setting the policy file location- Change POLICY_FILE to "nss.config"- Change POLICY_FILE to "nss.cfg"- Change the POLICY_PATH to "/etc/crypto-policies/back-ends" - Regenerate the check policy patch with hg to provide more context- Fix typo in the last %changelog entry- Load policy file if /etc/pki/nssdb/policy.cfg exists - Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy- Remove unused patch rendered obsolete by pem update- Update pem sources to latest from nss-pem upstream - Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key- Rebase to NSS 3.23- Rebase to NSS 3.22.2- Fix ssl2/exp test disabling to run all the required tests- Rebase to NSS 3.22.1- Update .gitignore as part of updating to nss 3.22- Update to NSS 3.22- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Resolves: Bug 1299040 - Enable ssl_gtests upstream test suite - Remove 'export NSS_DISABLE_GTESTS=1' go ssl_gtests are built - Use %define when specifying the nss_tests to run- Add 64-bit MIPS to multilib arches- Update %{nss_util_version} and %{nss_softokn_version} to 3.21.0 - Resolves: Bug 1284095 - all https fails with sec_error_no_token- Add references to bugs filed upstream- Update to NSS 3.21 - Package listsuites as part of the unsupported tools set - Resolves: Bug 1279912 - nss-3.21 is available - Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit - Resolves: Bug 1280032 - Package listsuites as part of the nss unsupported tools set- Update to NSS 3.20.1- Enable ECC cipher-suites by default [hrbz#1185708] - Split the enabling patch in two for easier maintenance - Remove unused patches rendered obsolete by prior rebase- Enable ECC cipher-suites by default [hrbz#1185708] - Implement corrections requested in code review- Enable ECC cipher-suites by default [hrbz#1185708]- Fix patches that disable ssl2 and export cipher suites support - Fix libssl patch that disable ssl2 & export cipher suites to not disable RSA_WITH_NULL ciphers - Fix syntax errors in patch to skip ssl2 and export cipher suite tests - Turn ssl2 off by default in the tstclnt tool - Disable ssl stress tests containing TLS RC4 128 with MD5- Update to NSS 3.20- Update to NSS 3.19.3- Create on the fly versions of sslcov.txt and sslstress.txt that disable tests for SSL2 and EXPORT ciphers- Update to NSS 3.19.2- Update to NSS 3.19.1- Update to NSS 3.19- Replace expired test certificates, upstream bug 1151037- Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available- Disable export suites and SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code- Commented out the export NSS_NO_SSL2=1 line to not disable ssl2 - Backing out from disabling ssl2 until the patches are fixed- Disable SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Update to nss-3.17.4- Own the %{_datadir}/doc/nss-tools dir- Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic- Install pp man page in alternative location - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer- Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available- Resolves: Bug 994599 - Enable TLS 1.2 by default- Update to nss-3.17.2- Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work- Rebuild for rpm bug 1131960- Update to nss-3.17.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Replace expired PayPal test cert with current one to prevent build failure- fix license handling- Update to nss-3.16.2- Remove unwanted source directories at end of %prep so it truly does it - Skip the cipher suite already run as part of the nss-softokn build- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Replacing ppc64 and ppc64le with the power64 macro - Related: Bug 1052545 - Trivial change for ppc64le in nss spec- Update to nss-3.16.1 - Update the iquote patch on account of the rebase - Improve error detection in the %section - Resolves: Bug 1094702 - nss-3.16.1 is available- Update to nss-3.16.0 - Cleanup the copying of the tools man pages - Update the iquote.patch on account of the rebase- Restore requiring nss_softokn_version >= 3.15.5- Update to nss-3.15.5 - Temporarily requiring only nss_softokn_version >= 3.15.4 - Fix location of sharedb files and their manpages - Move cert9.db, key4.db, and pkcs11.txt to the main package - Move nss-sysinit manpages tar archives to the main package - Resolves: Bug 1066877 - nss-3.15.5 is available - Resolves: Bug 1067091 - Move sharedb files to the %files section- Revert previous change that moved some sysinit manpages - Restore nss-sysinit manpages tar archives to %files sysinit - Removing spurious wildcard entry was the only change needed- Add explanatory comments for iquote.patch as was done on f20- Update pem sources to latest from nss-pem upstream - Pick up pem fixes verified on RHEL and applied upstream - Fix a problem where same files in two rpms created rpm conflict - Move some nss-sysinit manpages tar archives to the %files the - All man pages are listed by name so there shouldn't be wildcard inclusion - Add support for ppc64le, Resolves: Bug 1052545- ARM tests pass so remove ARM conditional- Update to nss-3.15.4 (hg tag NSS_3_15_4_RTM) - Resolves: Bug 1049229 - nss-3.15.4 is available - Update pem sources to latest from the interim upstream for pem - Remove no longer needed patches - Update pem/rsawrapr.c patch on account of upstream changes to freebl/softoken - Update iquote.patch on account of upstream changes- Update to nss-3.15.3.1 (hg tag NSS_3_15_3_1_RTM) - Resolves: Bug 1040282 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) - Resolves: Bug 1040192 - nss-3.15.3.1 is available- Bump the release tag- Update to NSS_3_15_3_RTM - Resolves: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws - Fix option descriptions for setup-nsssysinit manpage - Fix man page of nss-sysinit wrong path and other flaws - Document email option for certutil manpage - Remove unused patches- Revert one change from last commit to preserve full nss pluggable ecc supprt [1019245]- Use the full sources from upstream - Bug 1019245 - ECDHE in openssl available -> NSS needs too for Firefox/Thunderbird- Update to NSS_3_15_2_RTM - Update iquote.patch on account of modified prototype on cert.h installed by nss-devel- Update pem sources to pick up a patch applied upstream which a faulty merge had missed - The pem module should not require unique file basenames- Update pem sources to the latest from interim upstream- Resolves: rhbz#996639 - Minor bugs in nss man pages - Fix some typos and improve description and see also sections- Cleanup spec file to address most rpmlint errors and warnings - Using double percent symbols to fix macro-in-comment warnings - Ignore unversioned-explicit-provides nss-system-init per spec comments - Ignore invalid-url Source0 as it comes from the git lookaside cache - Ignore invalid-url Source12 as it comes from the git lookaside cache- Add man page for pkcs11.txt configuration file and cert and key databases - Resolves: rhbz#985114 - Provide man pages for the nss configuration files- Fix errors in the man pages - Resolves: rhbz#984106 - Add missing option descriptions to man pages for {cert|cms|crl}util - Resolves: rhbz#982856 - Fix path to script in man page for nss-sysinit- Update to NSS_3_15_1_RTM - Enable the iquote.patch to access newly introduced types- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Fix incorrect path that hid failed test from view - Add ocsp to the test suites to run but ... - Temporarily disable the ocsp stapling tests - Do not treat failed attempts at ssl pkcs11 bypass as fatal errors- Update to NSS_3_15_BETA1 - Update spec file, patches, and helper scripts on account of a shallower source tree- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build3.90.0-4.el83.90.0-4.el8.build-id604146519d4efaccee8d29998cd6506f3951f721libnssutil3.sonss-utilCOPYING/usr/lib//usr/lib/.build-id//usr/lib/.build-id/60//usr/lib64//usr/share/licenses//usr/share/licenses/nss-util/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpioxz2x86_64-redhat-linux-gnudirectoryELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=604146519d4efaccee8d29998cd6506f3951f721, strippedASCII text PPPPPPPPP P P P P PPPPPPR RRRRRRR RR RRRutf-8941468957d89d780d9696286ff630d29c5adb48c7485cf6f3604293746f7c610?@7zXZ !#,] b2u jӫ`(y0qWet*K*?O;!kK\c)xϵSzFR&M@HᎺijm0 ܽ#15\szsDòURI>YOSWParśx#n =Xo~_kQ:l/)++GEcm8u ,<J}E YcCTJB1/ eINb:) Ĭ "dչ% (^;9ch)_A2yrfZVПXEAH:A/yƦЪD$)̩#x 3FUyvPǡYsS/xaad׺)pJhp yͭfy-2̄gA.b^`$U[(1;މ'7ٯ޼fJށ(|A^/BdkO8ڥU'tXGgCZ A[N".&tqQ< ]`n][æb=.VAcG2)z^W?_frow#{D+aG缢heUʍlTvlT cg966 זZ{M_O&<5)׮ r*bBǏ+Td0V<9D򯵥-\9P|m;,\^UL0M `|GomLmc` GVJo jG]خ< t]3B0:V-?~}*CHOb$;7ʰ2%))P:̉Q^n,gN: F30"5ʗFĻ ; @%U&v8'q&.x -c h"3[=яM +$W> 2~0×k$D Iy`2LŚ|wKWMyl sƧ=4vAr|٧+¶_ypY|%#puErvurNW@M'瘙 iXU '%T \ EjsTY,rGރp1?|p\ʗ9[ ^ʬ|rkF͇ߺ^4{ / WrsTe/`\9ܛ/4=ٽv)]Ow9,A|B&x.|]<ӲA<嬯Z8*bRa&Y \C,ŞIrj')LfDʕEX=Ô}z1r\ZJL5R^B;uynl6GソR&6<j&N, о< e5~Ɏm\|igB_ÃKêp\$-L-do("UYjyP)U|qntC烯t΁.n!q5 4͚$HDs$~Q*h?W$W]'wa,eԔM&ۨl%y%htr5g-i ﶱZ\@6~_\0nms{h*=iK1' $qx:ykN<c~ՠ6&>U6FMK8Cl#28޹+l>)ijjA\^ǫJuyptQ!cZ((ka_v.? :T!$dD&).'!h'aDLo֧鉱,lp=q/ 0c[h};NJ~B֡֨SH\E2zK{?Lj i/`K,ƅA0{]~<6*^^pnәCZw qt- W G#"Uׂ$R+: Kˎ],5ꟳt UW;!!6ծV$u '>h|e6ɉ;[E g=Iqk-",D%1 _M-ɚDRw=ubbsxgݞ5~:wgWeiCˀw+BPś<:/bkĂu2>VnŔ8۫KE -Fz }vQ-Ռ[Д ĮZRPu^y.l`MX%PxJƺhmMY@ؘ3+!3BpZ*xP^9ϩQte7V>1ZnZdkvEiM3!Bgvf "6JhZ CO0;h讜Uk _ke="&LtI(qOVn }6Yer98y U~/,me%(n9StRM( 89|:>*үOkךhgSqc(Ul>Ռ } 붃!mM[ou1Mk%sB,WJ3)Rt37s0y3dQKW}i6PgZjsQOv(/z P,A&]xٽT'XHB<4 lϦ1:g A<W; -|qQV\aA=ৗOx ; n9@ˈxsdxD<)XС}k(6C}>_C֙H޶tTCj~%/Љ8 8S8$ 1F9zMƯ?D3DJrum5y/Y-uRqI:&(DU[Yz=Z ~ea @%fLܠ|X6edA \Ua ˢ7 D)+VIt`=,X&Lt:L~ (\DII%krYMX30w,#ן"Mn/G^ +%{Q6u_80>!.Α ,W`!3I~X߇Yl*ۦTAWlAh{hR͝{`j9D~d$ q%"uh vĊWv#mCLSV؂~AcViGTEZ,7m(:쳖n,z !+rjv0{<C4Rr$]2Qoet\(+GR/lq_PA&BZ3E*|A%ԽDV,* UUgԳ5/.ljE{SJTW4 KGUQPco"w>Z|J\]gLg YQmvK(.N'跳Q:C\XN1hMtv{7zjR.*aEr٣cg!Z^E$*gl5'/!;(oOe&`[ԆT_NOy"J1 vLRkKUX($yj -$y]`m #P .ŷ5f'O sMDـ1 4?JF8K{Ĥ4Y·HSF3[MllGhpl9[MP<?ʪVlU;1gF}8U& 0Jߥ YkَFs2X|D(agwwK Dgz-p$cUBK$'kܬ׮oE{rMZM*"B_GpNxΣIQM'i,K'lj \?q/})E lH%TKQ-S睻؄}TK`Y~Os~]$]-yr tgAŋ Q¼Ǔ v\}AXj:n&.,z .3 ]A3p^pt\KJ Ft@fSp)'qg659ь~XuyS\aI2& [gdٳY~" ǂ@~(|ska5{Faϕ zFtaG.ge6LJ—>G ` biY&gO6H*bcBrA\~a:{8 Od]ʬ6áK&h[Ӈ=jgObf!Ң  fz,+ J1]63EK Fiu+sdg@di;dz(4Xy@l36kZJD(n^ [X)+5 wcv (i^ 7^- pnu ľA鲊wxå~;-=. b`x]-[߫ׄz=Y'J<T1 !Q ` -nu&8eysQ!,g0䮸ZChng#` ,IV4sz )6;;$cP_.YsX1b_ߐPN ӿӯ_}_!>;Qzf^l;~>ᢩ.#Rf(kZmhw!zVV 5Xy$᭬Xg7.xBMd0{_b4M)O0=@$ڱ -waQ)1(Yt?dL"zpz/u@Om+*̿,Q{!0f s="e(8Ot`WS\T6 'lzBMnk#4rŠbWa|Ulx_S0Lh6j2;(R yCEvf騀e1ɂ7׈*BXRPy g5{DT|6 ׼m`RҟK:*KoGn#Mk.u6H;3mʘW xm?~(lRSh 6Qt`ns"жO?46 d\OS'mhfU0^2cfQfI8uzzvz1),4/Сx1fČsG#@GmF˝N⚊Rr`dB)$*"8nfuxdJ ̣ӓqT}HХzFL$*+OvO' pbvu5(3kdUx(O$:&{WJ]^g:P\] D(e75KʌQw|x79&)VlxUͬx:TgJ?MϬfuJ;wigYj"E..%.'<﯑ebԢ&qiXRz-@l+8W00O0gxʧ]^{$nzlˈDחLi;䲮bO0+^Xl6oJ JnC|5dDn?W,aK8 笯0~26y5r@T_Иe%qٷxzM*1N 8[^q̶$u(7 ՁLP@!<$5 Md'5F7)|U#CS%.rg.>q2)U0\=Bs˻; m.XsvtIzz7 )5cURQl#ϒzΑ fFFs^57l_v]5.GϟT!$4<5!bx4Y -Lus,pEOta_7(}迼L܉-S"^\{&z+q$9V oʟd{{s*N2=ض6Ǝ(AfhIoڟEy嚥UARY$" UNY7ȧΗOYd(ByM삠WT]|˚Gtb׳0pn鰫$8x~xXrNE;[k=䅏[dU,4+8/5)?{6<(K~&mg퉘 #B:~&F t՟,bL^Xܭ@lC 膞#Y~WM*heG­uؾ=3]jR3"ĐY6 Rù{oAIYW+;yJ[I}]#&,ͦ@Skےƒp0)q @c FAn.Ӎ^ Y$$Tg$MBj{^GU`3˽ɋSpZVe@ C[k"Vrrd3k>0 ka0OIjjGL}2Rz:'#/o5Gŝ@R9MX|Hc8nBvPTO]cjmA,"O@e }?=dHDz׉f=U7e #CKrr[^A[?D#Kd'x~(pEK)O쨽҃YxG"Q Uq{)ԺD]Ōv[~ ằ%C$"c(Byj|fY@n1?GĎ`岡aF&HB7iN (_j ^^m&CcAw n::k=O2ۧ[%q1@im9%N_pugte?j Xq#ɄD/;q}0 OX?"iڽ܄$!8I)T[Jni z~I<2{TgʰA#O'䬫';C0] yP$kxJ b#![GzT &TU~ۂ?w-:0h@uITP0c-RLsqS i{Nʵq̒G6jr&a5#(rq }!/ݜ7U(~6 38R ]dGVQ`d^oKCMҿ2h,KQ^y *"i4p>Gs9ỏ95myP+1`;)evסT[ZsO8&<.&۬ʪ" y_hhFc…y3aAD#VE7#Y擾?sJ; թN_v98cc=erBy>tn+gh/tSҮ[盫ӈթ76SRf6\mɗ"ET\j%}"ݘ#{cg(Bv/uCk5$F<\|! $va5m>̓xT-A:^#* DjզƤ=։dTv7={^.p:jeq9) >::ĘV$x뤵ek4'':HM%ݐGNVy{K#mZ(/Q}_EjXEj3 .Alj躴3)V풽([[34^ 1Ժv}cW <j?>t<| r-qafv6[m (?#'*oP34^דj3,*S%c%U5p6KPIA܎w\kVn.$hF%r:T+fg`q&tjPIqtX>`&08^.~)Uճafp4C؛:6dGkaPZX=NeѶt17*7ބhpLդ) P>Uɧ~V",$9^f?v^#~r݉}/KyTS)d voQ8SE6I!Vf%KzVie|p)&#; Rq. ?y#Q姽B||?1PT:I`Nr*HLPoCS2\TDw?Y#P&q0TXlE GowEx_S"Y^ %m23.H`n6ioN50Tt#~ tPK7` ;NL` +ʵ{ A|-{V }r]$h`O 6\CN_Ԣ}J<_@3Ƣ-|Ɏz"z"VII_] UZ!!wXVFׁ'M6"'b RA9H3s[D1}eXbj*xJNr]N弚Ϊz벊s(?U*1} ͸GS_D&-SSmkқ5ibLdARЦq|x^}{;fMZ2\hub/DmQ.ɺJ$~maQxGm9UI/zkmcLI{e՚n_iy夣7\z/qrILw S_ArS#Z@xڰ =fb>C'Z2:p5B_aWqW` Q*y XiysԚ6qfM-UƄR4&e6_'?b@MGO\s gZb)&RJ>,j҃**ʏDOv}yl gSz I3+}7[m)ΪGшO $7)r&qB4M^JN.kog< ) G%(R6Z:a kW:aFm7pDf> AtR1f&H|BAG{rqUv;Xiyv`66 ^ЂApw_EF(z<%Nǝprr)/^ a b}g~.АCp(>$WtU9%q˸h}?;w{t1;GCJwo&q7?TrDԹ p͝Kb n[xxXG'L FihKoHt!|ʈ UsYƌQQTrٵ&ӯYu>9xl%4U^CqcXJ6R ٓr);@x \'ILzɰ]]Cs>.wDqx`axUz̻vɖ%H'&}&w]qcK58լ~ [/*#^ J8={AShucRpE=tA& z{ZV~=qFNRD@#(ig?_ Bmz[\B4PiΊ4];k{a64!,d/ n>ڞPbf~6>@Ge1/Z>5b{RKVnE+Y[F-DŞqLF ްK{Ή `u^B;S4o5g^/qx=< ^>l#{Ndɡ7?V¬($7z]FIs+y=yyA~ . k+ 6 ˷&6FIV+@D NRf>LE(Ps`٧ߌi&\]Un,O0g5{9wue0eFP[Y׀'i9Nxi\C`Ml  Al G. ꋁý4wLVb!,ܸ&)^ F HR~⮢ս]&A*X'i=T/MjtuPy 7{Gų$^. r/o[nб`j oNΌ(ěL O;ڤ3^IQ(_# ?z{ef+yF0 lI"Լ#BRQBthYH=X @:xidŢaBI(5]s.h& ӔP Ĵ Y"(Ou+7f--^nILn&"![N>+P#̈ "jTUXx ]~m7UHԃ-0=4jwW>OtY8Jݛ: gHOO=TW? Z-[48ۻ9շ$awjDxB)YM=4Fxgt7`QQ&|T*:jeoA}z!Ȳ_պf3`[M\(Ѕ*oVk=?mf¬Q US7X/. [<ȌkP(˜SiN+ aic3un1"B:k_ފ &]v9n3&lOW['l.K RzX|!8Ն64ok`'̓/sGA*Eq ^y,(kRXb-tH[&wʘ@pk ۷60jqCS|Q3:DAɝ9::SfE7EwM-ԵfҘ8vW~sģEqJŚ%wp} Q cL7 N8H2@ w1GgV/^4K[YRg8+4fvL n6mf"h9!~Hzh[~tI''5|i)h*s٢hl ˁjSʭt3eEE/0oET7D^n=цhc8 srz&"nN5fp;2tly=: g&26gKjI:r}2ၾ9׃>܋]M=IeL:+לq=K)vhPu~ bU* A8H(_oRcQ9;Qd]9kф X;ց'@[$S@RkR7tSt軆,T-c߼oJҤH, v^sjEil] =5P>a}X[+̢wH,7hdv%w~D cpG3 Nv3͖(]Hٔ+㖿ē-h\~ǩ?c<Y Lsh-(m{j:Μ/a3IR[+ϗIU#*FU Wd.!E%ί=лZئ]gg=Z& aKR xZ CM3QrX>4 2~X.vS\(sAx]P5V3k+ ̐N;4t)7KW P1dBxS%v\}GX~bS]z]//F"ۑ١)0klS+ƅnF|T^ȉ~>oov5 ޴&;1`zd#g@rF.IWFۦ~iJK4P?COmޢ;,6H1\|^\)Kst_F:r,R՗u'E-jdXRE !Vp.̸^k5*- : #\˱㱽j۹ c1”4ij VY ɳL#ӊ MD<ɤT 1ܪ'T}֭%& D]r[ VW]h˻>c/~|ȱ ;Ržz}1w>υd+r~V]qLUFY<_6oFA/_dW&Wgd)ʨ,H:% FSxu]/s"4S6xv>LGAGd2|bFPxmZat* { UˣXj^j_HJ6@c?Jc/cX _[TF;eSBZ,"yTs + >.)Ӎ.'p(C$<]twr+B+$&ھ.\WʌG%:z-`GS;a,4},^)tݖ}rVY8 h_ࢪ"L.*/ŁB7}1EmaIw~* &LLyQ DkUz$t\4:jk'ciS-Bg:x-s?$ޅ2<#Oj^~{L HbSOD0hu7cĥ7. vpb %4kۓU! iʹWq9NS a olZE+L)lG1sz$%}9;9}ZB*\~ GTNVf\8%/X:laVa xq)" s)-nj™GUN#,r^çaC t|̭ʂ:灊+Y'WڴR}!m'kcER^azԔ2&ؤID!)!g]v5c,@JzKHB%o#::#  ]Y*:EZ|Y.s(v)rJHWMrXvK3zX*%ٜDK "[ :kD{/<5|ij.IGuJf_y]b1]Ԣ7' XDaqj c^9t:BE7SĈˉ8g]A"R%w*\ۖs$@X 4iX!i1q oh͇Tz)A3 N{MXOzhRM$IJyjO4I-%=Pk 9&'IΕOA~`껒yp'DJf>go6x|^m0+[;ކ,GPPk)`ؐz[5(I #G %Z Ys:D43Yx(r"Fq(4FaLlu|>^>w#\IXq1GoQ"ot{g& 5Adz+-{%@x]P1'rnvGq ?e]=߄GJ ٌw#&D32q` VxwT~s wQa~LC,W/U[0-1 : R[D?=LL@LUwa%nm:- J%S]|N>,uq(-YLW !3 oۑчFz Xva~Pq:wsP$8\pc A]΋ F=uxӭx;QUĭ~ -H}9z"5?6:%!.XFi/gĴCBi"A?q;Rh-F;*Hyٖ PAʞ!`*zzE Y>w 5cx&rBWWЅ\#;ee/{b\}@ A.Y<-&7*a $kCOJ8Sߧe7+TQםw:O)]N!=Ћ Q$]ʰ2% *@/EJYOBnxG9l@YsC- 󲫏}LlT}2LVDlRh2&YfAf۞~i% R=7T`}A0]=M&԰!^*A\=uj>;'2|f]TSje3VcXc8yZ'XZ9v# I*"[$@$D|fX&R{Y !1jQMLep"ddy?q|op+9`2F9%-D‰[4dҝX?1D5嶵T6Mʞ=w]s="s.0l0YM ́[DSvu5iO{knaWG;(u$aK ~ gӸ%{"!07Ӗ򸐍ۉN,'Wq[UdKxZ!Z_KyU% r=*{jؿ(g~loڹw {wӢ"32Br]OSQ.9eWp W0owy AQ[n}I<=G.2ь3wK"G!^΂`/'ٜcܭk!,W )<UͰS_H 8ѫ">q+qִ'-r")5yL|]>*+Fc}&U+0_88dEH+c 5rY4g#^1+2{9(YK>Cc,P|59" }tRz5O9 }m_ɇa9@y)O~e񜆻6Nwhdkk)&Uz8` yCRd#c'+n'xeh?dY0.pvc(}آ<" d" 3n0FȠ9ԨҜ' *zJV]Ⱥ|.Yydpu d$-ǃp}o۠%Gok5j:1|ތcd澘N z.7Qqƚ,Tp8ie14(cJ>5sf2EE-Ⱥb_xg{gm N=&ؔtȾB6!^Lh YH=‘M f.-}Fm 0AauR@E6njx^mg/[[ϲľnWM qtl"2߲eyrBCӅXgZ1Y6#Zu CKWɰWL֑]_9`BkH <1NN͎]A1O``o*~@NZ&|a߄`+>y&&8:؄vl68o$ڿt$U7 q+S@>;u@˪Jo1qh9J[a t0,#@5" /&t ^b M9*_dzxwd7VGF0=4:DYmP+ *+8xj?g/ۧ-#\3Xֵ"vKjqd{i)M|wHv-;tV+ ,/7Oc]fc:Jw杌\pCnr\\dlBhvd H(-!nWgw*Y;{:~G(/~FVBɩ W"8 =.bG15ψoRV Cy];߁䡎Ǚ`^ע#mv','E b}cP^0|+"E+!r߀aWc$o?&e9A@c"܍>\b;%9Q`8Dޤj{Rq{]Nkn!TG fFev=CwfCk(mBmu=SIHsdwc`Yx !y%8OtK-7^s#e% ap)̍eSfḊ@0=vb V*Vt|ٙ|@>1aG/.)ibJknW$"^3cUfԜ~JZ;;R r^h!w98tpGy.CP~AUmRFW*7ᤆ(XO#CU@X(GVLv\iEX>)66`(UltZhZZ4ֶr:'^aicq1 "/ck/=al(<ǠI |ܱ 4r#"_qBit.M/@MX%%X/[^$ vUNwcO)jӄ".Y/=CaU[ FgtDR*Xf%czXl vRRVpVGˬ 1PZ=eo°dOXIgg#G"(A@ixsF]!~ Mtc\6E c6ڟnys׾I~[BU>?1xa>3D@tkQ2sk}>pB1Qg%pG^L%^CFs=r&@fxGC7c.B*%5Nר"!lB"Hm=;`[Zd/,"~_εWɭX\L oZ4~"2\t%a?P8̃@b[wW `oB35`pahf1xtƖ)糷w9dCzӯ!+7^*jluQ) X%ؖ\$a tfkG$9q(?L| X)W 0~!1JxZnZDf(쎵b9^]["^7@4&N %*7lkC\ޖL>[#7?Ss"M觶-zBI}Ýp)".Q5][֚ڴwg`$'jAQؐ,FI[8hrk,d9'+98$=9 >߯ Q*b aT8PQ~H#I0 jzxLEn|NOdjZ!lH} b%{XcI.c+c(/x,PZ([zSM9C!όvOkwiޚ!kA]|vZj[W^A!/Y,#: L}5 Re<^J39xl. â=')C:PҷᦺXqC0ǂ)lNCfAK"_9]]Q2t) H^`/H'>"ov+JDm!CN\Kj5眭"1@qi"ͽgX 9ĴalR@Y˚7z%( uA2P=Ы͗Ĝ> })#v%e_ wlRaS^ˎ>|[I3ح-X G/άP͠m)TMvy]^YJ;/!QkoIhsQ$#y-bnk/0;&,5Ϡmp]cZ.âmC_D݂@h‚t\m5WV Uh?dW28fc5M@$88Y5>yvvoin[$~Cl 1*MsCLg8n]7x;+dz}qd8UzI_-z隷G Bg̗fd ).sq йogFcFSvD@,}麷N!bcBisTiIeW6}Ph\Kl`rc !ԹIdov}$ʥ6M0[ߧyoi pce#au&FS|A{e[!^o 5 ťd/s0weĀ@b9}/`a8˞r^W7~-y'Hn52&#fzgyIK GFC. 3 X)RnjN\VҍcnǔơK<# ^1c||[f] sM[bs"./f >Y͗B'xxPL|6d0NZLיjUqp݆O60sG us&3䒟9|W/E.ͩ'QZƈ#tҐү5,jarzdž j> :n֦LaTڭ~NRgtThQU7ʾ`vV )VɼJD ڹA>k[Pݢ/S6,=Z 3(fM3,܊q9FI &wCdgG|c.ֺ|u=L /[:C.AU7.ܑWHbM/׌/E LI/i͛`< KƧ|ĬoWǕ[A/It UY!#'F#)E0?;F-i!`R3g@O|bMW*30q޹N˥^>uH?ØzQRmMq% HxDɚN!ϠE W} 2äJ{H.epOND~kv=L q4Z P I g: uevDCT2( 4`m՗%1|H>-b0Ȅ{bndz%BN.bqF& V밥S灡~/sтXƵĻGr7@wJP?ШDq.Gd`>Nc5&ޭymw}ѝtyc](Amrrkzq%oKwjn`1?J]`)m.mm,t W+ *wê,~8/XLmN=?lkGֶlgMF*}1a44θaO%-hrP'ũ&2۸#L :B&~C5o*[ܭ>f}MeEn_ AyU() ZwoŹ#lhTD` DP8}FǦC<:mw"#/"XT "1 aMb'3֡C+sLZxo'I mBQ^O87ĄpuS%X6M铪rkx󱶣3P dZ62:)X:^n\%Ԡ\?g@wēKzSMa]Y C{zUGrhi5AY^Yqwezhv+JGL #S o:6n^-*騑{w{%dEKSK"JR:_ 3dfU" GQB 883=r8H-3])F;'X3%{cu.VқiSaJ2h,3wWK-keRh2_ #" ?,f yHN_#i!ͧc .f 2_-n]f3AÓ%n1GN TUpʥ刪PO"$Qnygd;HSlg^-~2ES1,h?A<6qVC߼a[>ce>8!B~"cŤz}EM0%]?GJˣ$s܆X7 pU32 W/IWR S9fP( 9w0[o<\X ;iz.ϸt%c&wwi=Q& Ea~+VvdBE: zH;P:JcM:=k`1BڪSTZ<'j*~WvC'74scvbd`!) VNϱwˍ{Sˈgw1dVF<}YǟCQ>_YRD1[·c'UVrg#gӱv %KsxyM~L7ģƎ|ÝIKdBC LQ̰Nds`7L_"@^r3N>6OIgU3Hc/9#D8^$-l<,F|ZڡzԹT8؞We;5`/1Y3{KRwiҭ=}pvXPCj򇣫R[:#s[/j] z8#OL~ehe{:@G:@^ 4@.U-ƒ,lS(glFY][u=$GH,`Q_ucQ ~91.w>!DK`; Ii2Z;_Ivd+ʰ# OxX9lT/P&ո8λM1hī~ ߢ`g!LlhXC,,g^f=a A̱é b1_pkn=S. ިsſ+'6a #O۹dt(;um>i?#>zuK_~S͞ր[ΐL]Vee1zA˧!=dw3~oڕJLY, f*&/sf УA;riQ&/úboiPYW!wp`h?ړy(ibC2G1̓ºbY3:Ʌ]-c qڮ\L"#όLVNkz \bh ȷa4*B7z{3/0(VB?QE53?`ju')>yXO DME"MS5S>$ͅDY.3gRMt=+Úʅ3Ӹawx䞸 P1;s{i{.JzdLtާ"n?LYLYP e\F@T35D|x$<Z$m,aj /2&v^k@I)scSK WiporfS$ENsJ((&g&UxB̆eO(>a:'&V)RYُ'-6ᶠKi{"c+eM^6٣6t+&C,^Y f۸Fvӎ[5$3Pe=/ LaI( pp)E^+0J@󨪂$i Ox[mCD^z8#g#ĤvUo`F=M둗S,R, "Nf(ꟼW{#AKT}<2 w{ :G b3Y9q􎺊]fFlO8M/, ܑši~Cda-nwQd:,Àgƪ҉g}ހl=YU2q`Ʌ󰨘] vaFgg^Zen%6iz(Ik%Xt:ikxl/#1:'K WN[a;C8@y۝euΫ#S54yi( f#r8("pڠve[&rBTe z"#amGVwp&u~Ӷ խacWZF8!~%>|>i~WKG qa6H^6F[]LK6A t! 1ovێGF^Λخ=̎TuYC%'SnAf.i˩^ԜG]4!4xQ曂W!Jv: Rm:iD-7l21?Y>T4 郘 7gL(1B@0=bL O5|Οl{aDl/ueB.35rmn9#7 h S|J eN&"xLuka <w^}zy#ހ=ϹY?(-M>7>Ǧakϴ q_gsKY7E}"Hد|cp=p:H.XfcImc:y0ܢ6xqjT5} .8P9#O .VS';RB 嵗̑5tV(F^Kn#aOdwepaOAmmW +4hCS)usp.`ĿE 9&f)PNŐ&UBsAYD7ŵlY֊Wso@^ap9 T/d:-Ӡw2珇Gd\%J&R7Il;SW'nMrԵ˶sWȹOpơHzư"8ۮ#FE],z87 )GdyV ?lw`{lӜsԹ dž7)e<|&c3`Zᦁ"CQxQ0{D 9ʩ^Ǜ~6A Pî$! YRk:~蚪j9\O uz6R=U6༒F Ru^OJ.HIOuCa!` 9GFԸsգ1<<#uE[X/lus Q/? bJ{B'~^ G_ݚ^u; =#RAj SVrȯ!pʦOy<32LCI `.51TZPWcr%g$')n={mkY:,sKCt%Tpq#E hKB i 4eL ^^y,lQ恽Z|vT ח7mk 6'j[v\a3+\KQ6+B9p)OƲ! +̳q0 쿝f@oc/]B5R娏t$d.e5X\?kHeh3jw@"o&Y=[S T2RNh53y)r^xnz1lLɪz/'m^^݌Sb',yy@ds ,o P RYU@ n:7MGSq DvJ^Rĉ3rsz4cv"3_'%&r2 pd5X=˽Ïͫ|D[/sre>UzY⡽UZuݝ=i &tQ \0Z'|3ޘ93 rvB%"|Š3$U!#q(G{#6BΥ{1P 'zRC9q>Cu>جuJ T3uՕh"Ca/zqJh[A癵`b ~n`Ξ#v160'wV͗mVQWGFbtK1>/Տ7 )y7fs<>?pz3\eQs_~ 톋0P\(:5ܸKy߈ _c &f~t &^jn,nT֤HHjB.*R)@DYv3)ۏZvυ/j vˬ{_ntm^6.bHZtwd1HW]b͋;ҍ OQ$H)aq?t O'?m:Eg,k+~CtfoνPN\$qQΟGO(%i"}dt!TlC տ_>)MH-{Z \0'ÀۚH.Cd 2p~Υ$v$5tg!Tݑ |FG櫥B(lƫɤC1m@3ivE[DE\R=H3s 3-quHOkrFk"e~tf?)xBtТ S |ZX=7\>:}P@'ύD!zALP+1wQhrL.cNGuƍrOACO2Z.S+xL)_?KbxR?\P\|W=ph1vp;X:m"%ٳ;dNBֵ\tYwdK (6 NGg7#o9?ȴ~N$Q=Y3" >Y7>G2{:[ķo+8j(˖d}cfOC u_1mx&-8:xxm k7|},c?鳘;[DI@SHt3w+J^L^ *^@s$MϤZa%E"Gw+yҡZKs8w@Pm9vq'toa&`x2 ![8K:0̨mbU D-&Ye+Ie`m{ ^20Y".집0-gh ȼK1'_A8)^I6:N_!nנ9fX(r8Pͅ+,Hv|> d냮o;O<Gq׀%=Zt쌔oplķnmh4᳎_{9,Wu`Y&:,DX*"wh*1tE.iG+k?|} 12l0˄D,ږ8#!6[-ڲQW/'q%?s/bnEXz&ryvѢȋ|#xҪT \бV 8R/CbpPkCQwDj7}|t d,hD2&*!$K@UTf9<IZ68tPPH[IM4oz$JgOL>}^toe?@0(,7PCk<ϕb)RJqanU*OY{Fn򍯗pso[?-/&P/i+^lu4Q|aUra賈X*Vi&g]?xL8w.4p 9Yr8=>9^*HTzu2rȸPbz[a< >9#'D⪤`6%!bYZ(fopXVRB7p,*vՊcPG'ZG$D3}DE7 H 5{U#fRH{?[5m;DaH <7!%9•+71ܤ"9%tuBeuEpo5#"Wms;kP_Umkbj*(8HyMhqC!AÊJtR:yU?yI۵7#Fr6Nض#s>gj: ^/ mC"Ԉhaf&6tuA:MRm O܁y/i4Bo`㢸Z:,13ptd? U)박2$;AZwqR u"e~%˦M}WyVN4QyCx= Hb#wt>WICVGϷ3:$HtDC.[nNM۶?VF# Q8e_y@1QKP\'jDDczT?+(k x{LX&X@tvj/R+B*Xsۘx "heY=d%k;Oj 0V̊?RǕXB~H/Z\AM=nNY@Wߐxd % bOoXIȯMX2p|p99&b%3Ut8BJşt@9z ]a |I>W/ʛO{J~IeD`_7Z%jmkqAfW I+r64 nmGv ?HQq(\IߖϽ+ JVyٛvR9IsPSԯKSlij{iC[ _+u/X \B֫_/ I93Zኲ 6 Q 3U1aRu Hm*Oc[z)JMv7g]eZ٠X.jUZY-z15A-I,>ŖJmzxg_KVۍEl) VTy2m錁vcfsNԙBz5ĹXVn.6N5zz2pWj`nd5KD+2V Adئ7^$8Qh~/bTK*:$`&;eURQVU!܉?$cdoǞ4ZaQ*Ii^'wwN9Lm^>GSd,8B!FO[|_rmOCYPO[ns`N6@2`IӫOLޢm.xXGvv~\Ρy$\0'YIN3R\7T:?DH*9S"]&؞eJFo,{ "#&zRDɕE`$|$L]S~a%I$ExN̆ Jӹ(KVT\)0le<z#jj2ܣ‹8ҼBUUABr'8ۜ <ؿHZѱNrp,U5xlͮh|C;mUvY@(N7@u]7GY [27ZT56qOtdp&OͫhpR)Em?Ό;0S&Kk:֛Z=Q9ϿRb=>騟{ l GG;j!1ΐ$mj~>+]%jjBx:s u&=H7 pc<-I&jwajȖ`_M\J"s.4%{ȅޅU6 iNG݆jS@@o?3 h }FHƎ$UD&Y;:5R8 #¡QjȢ1{#fmjtۊ%[nNR/`lV+؇@\!t&-V${ƹNhM66"SV@)t;cjdeD\M7ewԒޫq-_ro9F1׹-2 "ti:{D|Lўŧq1~&~ID>dMZU7se&_,___(иK:E\̙/Z\#uםJ@:9P\qx1Hip}ףSW}fAno{Ʌ?QցʹTC\'I4=?x(T6|bVCހYl0Rh\6`cH"IOy~Ӗk5F/ϕ %`D7CRiݪfʶ*8M2u4`x9NCk Į]Ir!O1^5ZL&ImH |tͬ %Vj>^SӃ'P;C(A <חtm <;Cnwt$AΑ 8 0 E^487gSo~nbUzR=rď7?(ŝ1d䶗f|CNz}j34an@V]݅OJm(u cmDޟ $`+4}M$Nw@5u' qVgj> 5^r]@4C/JީYzTH+SFL蟵M..4n夙@(qQ8qw뉛6Se|٭5_gҐ3d:62dZd{#.0Vwz3Q7A:8eWhSK\PW dqbC *QFi'D~SQsV*&ke^)9# )&仩նtd*mq_)e}L'Ʉ op݇[Q&l(:i1:o wP/vA2 `5F#ak5›< P1-h07G, L49IQ:Y,}y(˔g43 r E=1*D! (GϞc3|sypprÙįJ̎Z:E$P&_Lz!/:[8i}}E@wG,n%c K&E҂z#KJ[&"j?y6/Bʏҫ kO,N00l)YF(!H4#6d ŶϽ "_'A˹GhGfzB_란Ђ!BSpX3&XZXZ%d~`A>=q='.dH3HSXQ AK8RarC_MJ*rw:z/:o9X2Rl5kϼsӒZYiiDP|`V 08D='&'_ Kc{6u18*\;yk:A(6?Nײ38m1U%nU:“ko#4Q蠺%"E^[{Ȑ.$ 4WO% F rnb:LZƱNpQ5\~îIC$+č L0_lnh>#i+F*`'"isMբWJ~Q>noMbJ 10wWKU1b0gWx B,?`r(À86(X%稫P7DR"6%-$mENjb1nϳPa͉A|2{m% (>8ʸC4ZXH7RŽUJ(A:V ~S5nwGJOL+D\f$2ɸeBGA(hAgK;| >R&YՋ5֒ln161cyAy`+Q} Mbqrѹю l'pP wFv%n#Ѱ1~TpF<|^mwX(P?Ӥƈ2ܓ#WHeу? h9ueȑo Za: 6MSoFfeGjJGNޛYn⍔2!QHqk! Cz)wxI̎| KP: [IAKʌr$:7oTl`-5?Z+Q6؜:?H{C)wѦM)IBA;B^>"V9noct|#nDݨ#0D7hl?!?-)E%mk*u w,"jX܏9͊_{pNK`@3 Mƙ_[!VRKWfÍZ,? խ%G42dtpZA ѐ9> PaD.Vvule`_ԀLrq ֒dF~91Kwa,\:$i@Gb\n{c*QGL9zHlO|*#8=l2&  {tb 1 Q-.**w-h)sVA[Z!f坘 93px(WD+X3\D~C[CLmXe&l{RHkAYgqOeO6LpfKH޼4a\q4֦=s咾Çv!̟~g[6F"v]<+emqug)Y*?r@57>)?zHZFo!XL҇gxޑ-̂+JR,azt4!r'S`u*ZU?5@Ls[ ;gևKeW70mHJl(k%ҧ 6nq$hikncv> >qF[7S(q4и(br#% #Cg?{z#(ȈZjOw|[H:F "1 ;yn7[&t*T@[wNHaF/Z!dr*5}?垪2eiqׂAf! sA]d+~a [f*R"F&|m״ZzRY1)a%!j |wT-N^\x㝂i$ݬ\Sꮐi|LPLVYI0#g%[X~sӍijwEq;~mjeݦVC#.L`4jm]U }p~i $M{Ag5h[raE}S-.0-{#m`\? LS@VLd+];cag w\ď'O+-_мV/n rv|%s 蹘,)̈́D޺ Jw%5ui@O9sS_51ondkPBJ9nٕ/.;/L Ijs1cIv `NݓšׁN Hcҫ yVbե̡hXĠ3^iֻ-S_C(ZA̫w,.)<$G46YJ ?ҷ8;u[UK]~֠Ňes,}M>2@nHN|hd%#s9~鍲 7/Di^w͌X(|r))2h"_)U]w7c+tTbW_7pܧڐ myiXbKie@@0"W&/%xpdnjH.Kh BZSk+-h99 ؄!۠ ` "zh~aًO}x?M^d$K|;5F@͚h'D=kB\B+V ֦DA\ۻ쿦^/jNl3bPݔ$\V3% vzR;T#۵L"{7=<ᣳ NqpQfʙٯq;{*?*/VJaĺolzjE WkV:S ",hx5 ["`ROH:)#͍Kw.8cB"-Iτi%*v`T)Owe9™,{%;9>61AbӛK*5ŷȅ:I-3h^g>ݬhFEn`hބDۣJ~DlϦLr9 o5S)Uf6fo+z6hsޱdJ I SW+9:d2BR5*xkMIlX&":w':,dL\ݸmU#"kb!r'劸 "գ:V܄2$>H,l 4[YަuzN*>B#Ӗ="Kc^pqYM= Z+؅⯦=x΁x?}p*WZ[;X(.~r&tʢnכidU"Re93}Qڇ29;e\R<=6 2^/b|J>bb [1-* JC;%5^1t ځ{SSxk !bـnĺA*|`89V=pCà $y9?BX QdowT5E=XJT{T풬k F4h*9= NFmp>sz FNUXQqCEj~iWt 0x[ ' At *H0(-|ŘAL20>{{a7q#fH$9ÂE;7O;\Dl-Q#dZa'G]`L)Hs~f:/!k8r+s\&1t!RF6T~_˚^}Yy\hl;BG}C6=՟Zʘi>BF( m ;=L *r='LL8L L~Rھ ;|N j"K&C9hQkaUFKxKx =}~;O$+8iHgP Sr ՄIw 0qYfT9SU&<-؄s֫)j!nY5m O顳Q.^g0|9-%\w+ҰC7F e5ָW> 6eȴ0Yc2׶*8}M1>r.˚ۓRX^NM6ōN_j;V(##du=R*jw/ r-IcGX}}$|mPGYFC0nЉjC p5쁉Z;C5Si34&ۀ>2hAs(׀'#M{*kl U]iZ3dBj`&G2b_&&/kp6_HŔPt>+k_Y_P<yU!NlY{5Yjh^ޟT{3T%4+,P97&gJ>u.{2 yHw[|+"~ǫwݛÄb~&=X+i*)i;Je$bRNxٸ9av fo!1G}2JL8dd:v~e 0q*o< s'%#9*`_H18m$6@Ȥݫ\ 1_Fh9OA3H ;'&EyVw-s,$-1JyIU\&[w"1X./Y$oY#39,΁B4ԵV%{9gSvKC2;8tmWd_2iiyA:B'˅ g3Qxw@gzlfew\uH/&KbrUEx,mϱeT{tJ~-HN3}G[04. ӳ}afa|{ӗm#&*o:8 fسVwˣazԴ.M-a|h  U5ݫ"9?~ #{Qo G5axf3YCzx7#n&zڌ꼃:o\ːsB(kt)o/Tж3+ƒN{|;W>G#1%#&x7-pz}#uj!n<˃4<Ф[-E46sy(wC!}hLҾ6E'hu $8L'to'P3J=]$4[sHQW3[2Rr71Y&eIqu<5tMHο?\dH4@B&/$uv$!m2qv{-n9Νu+-;&269VnDGUtmyuK GS 7ǽU~UpNדּ;t-,y9!1#2J[Sb"_!{Xt8;z*$o)t~1C+g- =E)jd߅\YR`:m|Cidn5FB5 2Hw9L;͸T>j6a Xek]p%w_wMdB(j .Mc\:O.p*9q81LM8ծU'MۦRUx y}X;`h4BX\DK 6FrFGwm%Q[_i̺H/(;_Af·rytZ_y%_Wߩix60 vR|{˸r%{q;`kN_Мl&n߆+Pmukk'\wږrei6 '=;~V/Qy!]qtПZ@e :)G H!^K *>fLs~m3\2j⺳V#6_rjjׇK5Z{ڳ<@tKKqP,L!hp3!;G.xUv*}GX`euvG1ʤ.<pN~~8r~wJ_Cz1uXc=w5 7H ϥWNfrGOW}0AgE?kj3$ޥ ?9H(^SAQ:<8 |G8ZjQ4һ΅D;RD~8c>:׶-Tϕ/)T Ugc?@gU>.(M\gBGFBQWqq &2j;G>E>NyL9Z>kYCJAߟGV KXB. ̒%@Zm?2r(dTmb2ד[B8(~mN,IT/G}ZcD5U\aRNQ TՈ6E1iwR!ΦF_GVbSXck7/-^m:qC 1y!Ul M躖ZsJTHc\lO;=%; 3%X{y8ea{!iDZZƙ(8k2y!c:-\^5ׂ7|6萦[ƹՕ0r%˗(ށ<;X2 x. {Uʅd2/ \4ܹfU[$9H8陪QK>ػ^u?zQ+G!%2' ƋCܷ> eb4´V,$s"wɈ`,$a5=|쟵-}ENJx{f9v ϙ'6 YZ贠8:5$_^5//_W0'*1a?QG@IN=2mrŊjdxsT^%IQz=11MܜS2qdoW8pcN M|YlG@`3޺DBV:~`-I8:.RTnr7qE%?\V} Փ?y]`f<G?*6nbhx Ra?#<28ݲnGpca0p79sgER&6)gf%5zUi4*D*wl1űՕøB~5vtssȍ{!p<5yjvA{ҙX/_R]ׄp <Lw rYQGKrkLӘwOݻgC8&yG/W%{Nv VP^m@Wۿho US(sЪ7'K&Y<+F! 5brzC:2B~[ce!udBlƆίk&XT猷פ7D Nf,%ekLk'͊(7z^io]CA 4CЕ;IK㕊v>r)\֥=: ,E cդO<$'}]џȨ՟x<2p낐@wVB-2J<_P@} |bi⢻݃20,bE~v+3tjڅڱ1 h)Ε:\*Y ]IuFjcxsG)i'RĶ[ũ_:MA#ɆD~ u7NΥu LMUMl"`% n !]yP( OiML H^%!&1㠆-FY_<)䟍rQ&!֞D)%H }Aq\jڣ]GF(^ L-Z <^bRsaήƏ4EA A{hWo㚑Gݝɵ< Wmz5 X bHh8;l{y 3R9pY>ݒ]L fKI[%NOL6 5k~z| dS8;@9lZsb{cAs+d;c^6|9AȨ',n=ܝ z]c67FZ,Rz#{ ٽ;e (%k9's=~@K2|M)Sl9@.w҃{RKNd.]#ZMb %󬠭,|%&R{&c`o *ڴ .Stk"F##iّwFRr~D_gS>]08z~!B jᐚ & x"._2A&VWFe%@}IԑQn8ʑkVE JOa7>n:#C-p${ֿ.1q'4dq^xFT#@T8CJ?[ &Z~ӉmwhNh.: phPqE38T?n4eFXtG]HLEGy: <qK_AoZZT2˭ȱRѭ6Ȣ1+b;&)-/f8'*C-Ya|6Ai7&8"v|5cЍwH [Pz ^"Q0&yO _3}#!b K A XnbNVjBia/؀5E{D''J^(*RZdFi~_8ą3럒}!@~]`VI3]9 #]|'uЙ>,vB\GyK.Zj{FfDPGHb.^5MLU>c,*'-ciZ[qa߉Uk;ŧ&xn_e+]2;nE;.!;_썶VNo(LL^p̍! K@\3w"簧[S^_Qcu0|AJQjj 0)?7)p>|P*`c7!Ϲ:q!*m7VrQƂߩڃP7`807tGH2*07H^%SxKɏBʬt$+$k$>&3ox!ۜrBwDJTU9/cs zשe?s UCnF'ʦShXߘO8|^2􆐖PAkOƮg|IL #Xk+n׸y\v2:di.6e(B~9&8i J#0#BLd&{*ҭ9z@EkDIX?@^ըӫ?WʞV~&%:/5!h \R ޵սUL^'#eTq8tK*vT¯F=H͑O AHµ9!뇅"rq,-k¢zǽ7TC~bUrwBacusvVϣS& %rYu3 r%jVdK85TXpS 2,;wSGE&8b#ިƗ<ּ1 11}|JKv2pL2Blqx? 5emZLG}y51C(siˉY+ͣ aٶVnu4C D-EJ3/'@r)m =>&3Bլxl/ޛd?~۪RNEWGu/4 hAtxp?:8 |*L|逰r{-$^3{&eMSbyG+0"pgiA^?(hQA%N!OAZQA&tJo,|сZGNT+ #_#w 0C`xag7ݍ]gdÀUy4[(jp,v% ;"/q~J |rh _"'I ʏZ t Ȩ1ܜ+z]I/m<77XYYDͺy\/q!fo"LfiK 5?wF k|:uXbUmb!c6(RBP-tU=D!3#c&*sK|N~LuA./!ޘVgc,96\lCJGy.&am|Z#E_|Iz# | ]7&4/MԊ19oJK튑>jC?nW1%Õ1(c 3i%e6X74eh}8dx:Bp)* G/ugoD15s@2AncqT\O7c|2"[W;~dyfLk,4fÕ<}3$m L^jCNb*k3TC;kw{oGWɦmp&O0Hdٛ9#ץ1\kkK̪ M9J*?',<m9~13y׀ȹY8-vf>&[8fNi`-䇲qeeowꓒ-5G]K2Н7Sm/6/"ԎiȆ6z ЉHV̞E\J$;.Xn͚7PoB#Sun_Ej}-ٯ c7 Z/}s鐏2g`#nBt ځLt9.@IV,lna͉ =ڌoٝD)AB7ow2j[JO[<+({Q/%LE8w?fu?~c7O(e4G='{5+]Gg*9zZ <ʐ䮡p(i4h%/E!`tڲ0 ^ֳ*)АLuY؉5}lVK3"JSȭfMٕdI9/\F@ߨ ]|< G~)k2I䀄Q،޹K)XPAxn}s]='j:.0QyrvL.A[lr_4smuÐ;+PR*Yh#!õKjd Z$doT,T>Ao\vSa/ll:m$-\/yR6dr%(*5k\9/ EZzh5?1êbeR\{< _sd"j8PiT/HPhm HЈ:XQ1yeϐӅJq')9 `F*AA M: Tv> W(Wq+V)+ [1.[,Ũ퓒 XsT8G/=ʘ{2Glxs*#iiĩV~cѸYRt ݯ1A'*8vٵ'8i{F_'z#uP[BVzT^O9&P`/ !}J{q'ZÞl BN@|5R̴팀SE+[5V$'X7Be]qY<1>,㤱,YAK7!7qX4ޛ:eQ ?r@3%z#ZML1`"G(| DA:7;]CN@H)"KW1j}AUM=@S[\ZD BJyV7 /(?w>am<\*9ݚMqa(tU,{{&J:GnŘ[~l_Xa ?3TE¢trBէ l'o Em/G?r5Ͱ;ǵ)sb ߙ4,"c! { Ah#$Fƌy'X;(!7خcFGz}[Q*8yЄuEbh,nZ7(ίsV- +/S.6N˸2α i_>.<]Կͤ%,.Ӿ# 뗸v ٧T5e1F9>, Q؁iak3M/񁯃[[Suy@g8x!1 aÆNm:ޠY4ڪ#S8#?J*%AwGY3±ڀl jࡩ?iN+v ʹ~V4.3V1Y$Vm-T]U:$$3YOMZA݂she{J\t ՀT KKMk w.J{ *wo2n&V**d8>1a>"_ 8*( oPѲK;,'kRE)sSwk6=ZҨFgJk !HRw8ca5֤5pW(^]\H]J)Yno}a}!}QCz"ͦ)1NCj"q :@8ηnv qvhmF5m ԩ[1[`Ҩڪ~r#J7ǐMxB.0bXp2E7ЌEAI3_-W#RAipM.t~:b,v:y*i+d䋤ُHqլjhTGO*#iDG4 k -M"+ҼԒ1(~1kw,3p׸KNi0Y#B$6߹@eyav_3OxB?s=-|^w'A z yw^ͯDȋ)gEZwv&P{(BcV$>ȅQ{Ϲ:h4Uy3"ŅK iʁ dTfH\>юOUTap]\]sXފ)OTY{ :Q=r$aRp"[8d󖏴rh{Кd A#{|ZQ߲@Z Gi8g/}vqffj* 62nѦtVeG?ע=:y@ 6=8OJvm^LKJ9Z4 )NKǗtoLVQ`tvIemL$L ` ,Oqi΀38YqU>Es ZL!MԀn^[ v?מ?j7xQ:8VM 7*iHLY'yS (@{ag1 ;?0~pD+| 8]]z~CO'NQ [qz!"(96z ?o|]9cH(Nw05)GCwbiSV/yQR;%Ci*9䣽+\gL~J-[g4z=vr94aXy'CYJac!O3Xcvx2%u#?rx>V7z˒(+@?D/+hnGf蟙(Yq݆6GB->!@.ri@D:w=eIA[I;1I<ϨLMXKR)|<&Hq4taBVvBL+:@ oVW'.2Wܔ9ԍS:Vujz+_MuHk#̂#V(L:;3V*eKٜ1/zv 5QrDIlBlsM0W[@%$`πdzFLjd}ai.̅*p vzmNk)äkmmUGѷl}n~CS5^XJ޽tuvCW[P!Q:`ef^F]rg\qn_#:N{hɓxGf~Q-ɸ_rSxVW,0(y"#5hui^MEZT;bn4%SϔyHb1sF'qBVj`IPmf_'.c H >p2NL]ctl4sOM\YDቖܢ1 kc9%͢՞0ADڐB}֭CM;zTA\@l^8WQ0;0SG+O^&u^A$r@-1{𙏕mlJǜ k3Ǽ9D$Q|[cFQ 5RlNb\k QB&a6 1TƏh!q\5yȓ]h12iu&s|-Q܋褐 hk)f /ԫo㘅 )(?a4(1Wr8M͗dg7A*mwę~>F \:.^$@lag`ļaگtjx wt\9ꇜ)^+fx[Y# SRuإʺؿh{_qk PE ߀QmoHi#w4Y>;',dQ/R!Z'ư +vAu]r4~8c(0`Lfrm`8!2h3CG$#A2 e{u!|N@R,^33`fJq:EY%Spz9Ĺ;gV%q(Z+CV6o70f+u-nCG\8kҸa.-wL֪z# \ Wb⇜ث ]*|dݙ74 imEY S |G'm#3k.!!%+RX{V@_C!VW=+"iNyvcia%_a8.qb3_5OSIT|+o[&e߾6ԤRDc(ݝ2x-R#,zV[ՒSmmTég_kqǦy?,^ q %%.B?pfiS/z) 'NKEI1X$>ȫu-ȦqSz?JH%{}q&*+]/}6߄ZR#r5R?Jfh~da5'š/7l׬ }Hcɕ?{w>D۸\W*cJ>feG!_ opUN(]n`S愤H:3탬1CN(ۑZ hV>'f7N\2׿9'+bOt/ "t:{De,>RO5 ǻO<@9m FPUˏk rPvp~g"*fm{c-40Ȃn FyyצC >lq ⶉV"S =[PQs J")xO7J'iTE äBSa̚`fIgP%n]MR賟f 12O͒ZCZ'UM&sMoʂ4k%PuRX瀷p\i*5R?\I,J\(8S1_&msG"cOLAqIs>* lHgn>7= qDOr #[@bP!m`"f Cc 2}( 'uiW2J}W+TMT PƒĎ q0lJ;ղ[WwHneb2[oSgcIXP=>LvB#{WaOYxrUHS!*S\P 6E**s6ZADRFvl89z Xr ,iǗS34lz-h1z_\f+E>6otei6TCNg>NV6Ĭnʛs8qX)5ѥE X t*${A5Oي/pΜn~ׯ&a'#K4۰g;V,\y1 %ʐXqsQ$>0 >(Q'&d& I7u9,bQ=#j- yo9QOUΛ!b'Կ.YR)p'BI -vJf+|]m8fߕZl"6YjUAK)2 .YvA20}^,?}cX-X"zl\JFFG9 .s8:5$lt ,dmL=(2ZBUոBY v\^0r<{xS嚶myw[Q 1^ CrQȋ)DJ&!~JEYՌ,M'o`E= MF{`U3Z׎0=:EAzkӪ:*jF.1znmP(bZ)m7UYHDGЪ džŷ']/P|[ mSLulK7;fH%+-5)ng4'OAi p_lz1>IբLr* Gmdmi*m%;)>ݩ㇫mIs &m8eϏ 6-Ӂi`O7mвށh:Cs6}%Q]`J#>P@bon)I:CI}ygQpiB>PaGmńsfq'^v,!'wit=^ʺ\;"0W}^v|m~EY[nG:W=n2|9/&4yQh:@`' 9Ggypwb8f}M>bv5Ι*@PO!Ϻ?B cr"1ש`2dWu\H KwFxs-≅.lЉXnԚ"|ݹ&6 G; &IqjL l = TA ZYkٰ -mqӏD 9d9cmZ*-d٬iG|!~ɣ] ~ājLHkTMOM ٹRqGbrDcDb).A(% g:̚1JUrru1/sѮ CX0;D2$qπ~y8(iN>ˌ)d'"')fJDBP#07fmgQCw>Mo&UʈQB zN1 H]Tzb dmМF͔{?*e; x95xf lɌWz"Z.%O. /|̿`Z<u }-)P~yf1m=,)co&i`,ʩWb"\99e۬0{G{bٕI|R'1cwQ^q:]FDzRvj7x9\.v0tT]oVrvn7kxĞ6]lSnm%贿_r%O"( eKҔQ1<\i4~9 2J gkGRvN|,zUVn˘Xe* z(J/71̧^_i(3;V'SV$Pt4b{QHț+w'eڱ,q6̡UO˱yt5O.f3Z r츺s.)PQ8 '-SE}93(qaSst$4KV*5:}k?Fު_/}j4nSl#O4k}7|+AV,A&\gȥ_uPa~ןj(&d%=bPSwǡXZfxɀk*Mڱ7miz&CP)I"ؖ!*"sJj^FOb9#K\K)0~`u쓜u$jW]q{ o-n=br65ei aU b'dF>*=ka&ʕ/j l"|ݣ _n2J 4N <-HyܝcJ=.1sٴu@O$n~M!rǠGVs-ϜX[o$3Ǽ'fKꀞfq/5Pny[7IÞ\Nhz-ەu}qiG-,>Ǡw#JuA汮TMDpcIU ' }B(s 2[ztݻcsIo^Blrɏr"g*ݛy6X߆U&`w#XNSFI޿hRd&K72^iЍBuP`o۶.t* \0ulTwm;vt7[ZHQ.>2C`L>~I&H hѸ|i#Fbte,ͯQޗ0['Y#u|\e CF"3YiF\<RlVӼs_H ʲ~՘gu@n0;/@RJ(nne7ءp͠/.UYQ6JavxlʔQ7'͐fk; Lkwm'pWZKcxOᗅtgvҴ\aqNmP,bUG>@a b@ k832;-tZ86 Sw"etI//'S鈭qk}**ծP"h_Sh#Pg$76$">#.D9<KwUk ߷]aai6Pa~f`/bّs*)P a8(|XX:hJxW[oC/̗̾~0U2ЁdO> ra ڗ@Ku&\GF Ŭ+ݕPO#{0f}ۺg$!j~:Oz6dnu?#*nG6_`u(wQ\ɨqi+94/fׁiUCEXn{xPtd lɽho<)&N p̕Mp&=4Zx/ XzNA}_t\akWC%`kT0~NEuᳵ2\>0͐e&tqzPN8G9[>ei~VE W18 gmIs"^r2߉ݒ=@xBJp \r<]ĻB4^?6kpWmPek<3a.NATWՀa+Vb$8[zא>r]^Y7 8cBrT(J,JdzKh$y|q:"Pyqbj->(4ϫ9f^ыC y YZ