nss-util-3.90.0-7.el8 >  H   ȉf U]W6Hj*^* . ':3,0\P|Yϡs+)i})hSYI@5~Hm: P;dϩVr{}l2ƗY([kEL KAoEԪJĹНWizDQ`XيF18E% S" k& p+ɿ]S 84Q#we(ъ\c?Ia^*>*Á# t"U/toEfUVҽKl`d8_:T &"HT`g/X2S.RR7KB#R[&zA7 M0؞bj /SaN.L%f ֬[!T>`<H?8d   D  8 D P h  0Nl((89 :^G0HHI`XhY\]^Xbd:e?fBlDt\utvw4xLyd!4Cnss-util3.90.07.el8Network Security Services Utilities LibraryUtilities for Network Security Services and the Softoken modulef3Rx86-04.stream.rdu2.redhat.comTCentOSCentOSMPLv2.0builder@centos.orgUnspecifiedhttp://www.mozilla.org/projects/security/pki/nss/linuxi686"֠FAAA큤f3Of3Of3Of^f3Od|Nca998b3842c2d659ea0c225a31b77c266a58d2981f08d9835dc8ee1949ba3005a20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4../../../../usr/lib/libnssutil3.sorootrootrootrootrootrootrootrootrootrootrootrootnss-3.90.0-7.el8.src.rpmlibnssutil3.solibnssutil3.so(NSSUTIL_3.12)libnssutil3.so(NSSUTIL_3.12.3)libnssutil3.so(NSSUTIL_3.12.5)libnssutil3.so(NSSUTIL_3.12.7)libnssutil3.so(NSSUTIL_3.13)libnssutil3.so(NSSUTIL_3.14)libnssutil3.so(NSSUTIL_3.15)libnssutil3.so(NSSUTIL_3.17.1)libnssutil3.so(NSSUTIL_3.21)libnssutil3.so(NSSUTIL_3.24)libnssutil3.so(NSSUTIL_3.25)libnssutil3.so(NSSUTIL_3.31)libnssutil3.so(NSSUTIL_3.33)libnssutil3.so(NSSUTIL_3.38)libnssutil3.so(NSSUTIL_3.39)libnssutil3.so(NSSUTIL_3.59)libnssutil3.so(NSSUTIL_3.82)libnssutil3.so(NSSUTIL_3.90)nss-utilnss-util(x86-32)@@@@@@@@@@@@@     @libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.3)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)libdl.so.2libnspr4.solibplc4.solibplds4.solibpthread.so.0libpthread.so.0(GLIBC_2.0)nsprrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)4.35.0-13.0.4-14.6.0-14.0-15.2-14.14.3f@e@e@epb@e\d˖d\@d\@dxb@b@bγby@bba@blbbb@a@@`E`ݮ@` @`ٹ`̊`9@`Ȗ@`D`r_@_^@___@__"@_"@_"@_!d_@_ L_ _@^^@@^@^ۅ@^4]N@]]߶]e@]M@]µ]L]]^@\F@\Q\\\\\\@\I\I\U@\ `\l@[[[u[#@[[W[O+[M@[ZZw@Z|;Zo Zo Zg#Z ZZZ@Y+@Y{YY@Yn@YV@Y@YyYm@Yg`YJ_Y1S@XX@XX @XXYX@X@XX~@Xx@XoX>@X*X@WW@Wt@W~Wv[@WrfWoWm WbWQq@WPWJWDB@W4p@W@Wo@W@VV޾V޾V@VяVIVɦV@V@V=@V@V@VO @VHsVEV3[V UYU@UU@U@U>Ua@Ug@U[%UUU @T@Ts@TTء@T@TÉ@TT@T@T?@T:m@T"@S@S<@S@S@S @SSSSpShS(5@S@SRy@RJ@R@RR@RSRR@Rm@Rg@RD!R@RRR|Q@Q*@QQ@QKQ@QQW@Qw@Q]k@QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.90.0-7Bob Relyea - 3.90.0-6Bob Relyea - 3.90.0-5Bob Relyea - 3.90.0-4Bob Relyea - 3.90.0-3.1Bob Relyea - 3.90.0-3Bob Relyea - 3.90.0-2Bob Relyea - 3.90.0-1Bob Relyea - 3.79.0-11Bob Relyea - 3.79.0-10Bob Relyea - 3.79.0-9Bob Relyea - 3.79.0-8Bob Relyea - 3.79.0-7Bob Relyea - 3.79.0-6Bob Relyea - 3.79.0-5Bob Relyea - 3.79.0-4Bob Relyea - 3.79.0-3Bob Relyea - 3.79.0-2Bob Relyea - 3.79.0-1Bob Relyea - 3.67.0-7Bob Relyea - 3.67.0-6Bob Relyea - 3.67.0-5Bob Relyea - 3.67.0-4Bob Relyea - 3.67.0-3Bob Relyea - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1.1Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-17Bob Relyea - 3.53.1-16Bob Relyea - 3.53.1-15Bob Relyea - 3.53.1-14Bob Relyea - 3.53.1-13Bob Relyea - 3.53.1-12Bob Relyea - 3.53.1-11Bob Relyea - 3.53.1-10Daiki Ueno - 3.53.1-9Daiki Ueno - 3.53.1-8Bob Relyea - 3.53.1-7Daiki Ueno - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Daiki Ueno - 3.53.0-1Bob Relyea - 3.44.0-15Bob Relyea - 3.44.0-14Bob Relyea - 3.44.0-13Daiki Ueno - 3.44.0-12Bob Relyea - 3.44.0-11Daiki Ueno - 3.44.0-10Bob Relyea - 3.44.0-9Bob Relyea - 3.44.0-8Daiki Ueno - 3.44.0-7Daiki Ueno - 3.44.0-6Daiki Ueno - 3.44.0-5Bob Relyea - 3.44.0-4.1Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Bob Relyea - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.41.0-5Bob Relyea - 3.41.0-4Daiki Ueno - 3.41.0-3Daiki Ueno - 3.41.0-2Daiki Ueno - 3.41.0-1Daiki Ueno - 3.39.0-1.5Bob Relyea - 3.39.0-1.4Daiki Ueno - 3.39.0-1.3Daiki Ueno - 3.39.0-1.2Daiki Ueno - 3.39.0-1.1Daiki Ueno - 3.39.0-1.0Daiki Ueno - 3.38.0-1.2Daiki Ueno - 3.38.0-1.1Daiki Ueno - 3.38.0-1.0Kai Engert - 3.36.1-1.2Daiki Ueno - 3.36.1-1.1Daiki Ueno - 3.36.1-1.0Daiki Ueno - 3.36.0-1.0Fedora Release Engineering - 3.35.0-5Kai Engert - 3.35.0-4Kai Engert - 3.35.0-3Daiki Ueno - 3.35.0-2Daiki Ueno - 3.34.0-2Daiki Ueno - 3.33.0-6Kai Engert - 3.33.0-5Kai Engert - 3.33.0-4Kai Engert - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.32.1-2Daiki Ueno - 3.32.0-4Kai Engert - 3.32.0-3Daiki Ueno - 3.32.0-2Fedora Release Engineering - 3.31.0-6Fedora Release Engineering - 3.31.0-5Daiki Ueno - 3.31.0-4Daiki Ueno - 3.31.0-3Daiki Ueno - 3.31.0-2Daiki Ueno - 3.30.2-3Daiki Ueno - 3.30.2-2Kai Engert - 3.30.0-3Daiki Ueno - 3.30.0-2Kai Engert - 3.29.1-3Daiki Ueno - 3.29.1-2Daiki Ueno - 3.29.0-3Daiki Ueno - 3.29.0-2Daiki Ueno - 3.28.1-6Daiki Ueno - 3.28.1-5Daiki Ueno - 3.28.1-4Daiki Ueno - 3.28.1-3Daiki Ueno - 3.28.1-2Daiki Ueno - 3.27.2-2Daiki Ueno - 3.27.0-5Kai Engert - 3.27.0-4Daiki Ueno - 3.27.0-3Daiki Ueno - 3.27.0-2Daiki Ueno - 3.26.0-2Elio Maldonado - 3.25.0-6Elio Maldonado - 3.25.0-5Elio Maldonado - 3.25.0-4Elio Maldonado - 3.25.0-3Elio Maldonado - 3.25.0-2Kamil Dudka - 3.24.0-3Elio Maldonado - 3.24.0-2.3Elio Maldonado - 3.24.0-2.2Elio Maldonado - 3.24.0-2.1Elio Maldonado - 3.24.0-2.0Elio Maldonado - 3.23.0-9Elio Maldonado - 3.23.0-8Elio Maldonado - 3.23.0-7Elio Maldonado - 3.23.0-6Elio Maldonado - 3.23.0-5Elio Maldonado - 3.23.0-4Elio Maldonado - 3.23.0-3Elio Maldonado - 3.23.0-2Elio Maldonado - 3.22.2-2Elio Maldonado - 3.22.1-3Elio Maldonado - 3.22.1-1Elio Maldonado - 3.22.0-3Elio Maldonado - 3.22.0-2Fedora Release Engineering - 3.21.0-7Elio Maldonado - 3.21.0-6Michal Toman - 3.21.0-5Elio Maldonado - 3.21.0-4Elio Maldonado - 3.21.0-3Elio Maldonado Batiz - 3.21.1-2Elio Maldonado - 3.20.1-2Elio Maldonado - 3.20.0-6Elio Maldonado - 3.20.0-5Elio Maldonado - 3.20.0-4Elio Maldonado - 3.20.0-3Elio Maldonado - 3.20.0-2Elio Maldonado - 3.19.3-2Elio Maldonado - 3.19.2-3Kai Engert - 3.19.2-2Kai Engert - 3.19.1-2Kai Engert - 3.19.0-2Kai Engert - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.17.4-5Till Maas - 3.17.4-4Elio Maldonado - 3.17.4-3Elio Maldonado - 3.17.4-2Elio Maldonado - 3.17.4-1Ville Skyttä - 3.17.3-4Elio Maldonado - 3.17.3-3Elio Maldonado - 3.17.3-2Elio Maldonado - 3.17.3-1Elio Maldonado - 3.17.2-2Elio Maldonado - 3.17.2-1Kai Engert - 3.17.1-1Kevin Fenzi - 3.17.0-2Elio Maldonado - 3.17.0-1Fedora Release Engineering - 3.16.2-4Elio Maldonado - 3.16.2-3Tom Callaway - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.16.1-4Fedora Release Engineering - 3.16.1-3Jaromir Capik - 3.16.1-2Elio Maldonado - 3.16.1-1Elio Maldonado - 3.16.0-1Elio Maldonado - 3.15.5-2Elio Maldonado - 3.15.5-1Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Peter Robinson 3.15.4-2Elio Maldonado - 3.15.4-1Elio Maldonado - 3.15.3.1-1Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-7Elio Maldonado - 3.15.1-6Elio Maldonado - 3.15.1-5Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-1Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.15-0.1.beta1.2Elio Maldonado - 3.15-0.1.beta1.1Kai Engert - 3.14.3-12Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- Allow for shorter ecdsa signatures by padding them to full length- Fix ecc DER wrapping.- Pick up validated constant time implementations of p256, p384, and p521 from upsream - More Fips indicator changes- FIPS review changes - add PORT_SafeZero to avoid compiler optimizing a way zeroing memory. - update the indicators for this release - allow hashing of longer than int32 values in a single PKCS #11 call.- Fix expired certs in tests - Fix CVE-2023-5388- add indicators for pbkdf2 - add camellia to pkcs12 doc files - fix ems policy bug - disable ech- fix the change log- rebase to NSS 3.90- Fix CVE-2023-0767- Fix QA found failures: - remove extra '+' from sslpolicy.txt file causing test error values - only use GRND_RANDOM if the kernel is in FIPS mode.- FIPS 140-3 changes- Update fips default for pk12util to AES rather than TDES - Fix bug in pkcs12 files with null passwords- Better fix for test regressions- fix nss.spec so it works in a rhel-8.1.0 buildroot- FIPS 140-3 changes - Reject Small RSA keys, 1024 bit keys are marked as FIP OK when verifying, reject signature keys by policy - Allow applications to retrigger selftests on demand.- Fix pkgconfig output- NSR Coverity fix changed selfserv from passive to active, change it back- Fix regressions found in test suites.- Rebase to NSS 3.79 - Set FIPS Module ID - skip attribute verification on attributes with default values - don't export trust objects if they are default trust objects from dbm - add dbtool to nss-tools- Fix CVE 2021 43527- Fix ssl alert issue- Fix issue with reading databases that were updated using unpatched versions of nss- Better fix for the sdb timeout. The issue wasn't a race, it was the sqlite timeout waiting to begin a transaction under heavy thread usage.- Fix sdb race condition- Fix coverity issues- Rebase to NSS 3.67- Restore old pkcs12 defaults.- build nss for older nspr so we can pass gating with the new nspr in the build root- Rebase to NSS 3.66- Fix various corner cases with ike v1 app b support.- Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC.- Revert some policy changes the generate ABI runtime issues.- Add support for enable/disable in policy. Now if your policy file has disallow=x enable=y it will act just like our other libraries.- Add OAEP interface so applications can wrap keys with RSA-OAEP rather than RSA-PKCS-1.- fips need to reject small primes even if they are approved - code to autodetect whether or not to use the cache needs to do so in a way that doesn't mess with filesystem negative file caching. - add kdf selftests- Fix issue with upgradedb where upgradedb expects standard to generate dbm databases, not sql databases (default in RHEL8)- Disable dh timing test because it's unreliable on s390- Explicitly enable upgradedb/sharedb test cycles- Disable Delegated Credentials for TLS- Fix attribute decryption issue where the private key components integrity check on private attributes where not being checked.- Update nss-rsa-pkcs1-sigalgs.patch to the upstream version- Include required checks for dh and ecdh key generation in FIPS mode.- Add better checks for dh derive operations in FIPS mode.- Disable NSS_HASH_ALG_SUPPORT as well for MD5 (#1849938) - Adjust for update-crypto-policies packaging change (#1848649) - Fix compilation with -Werror=strict-prototypes (#1843417)- Fix regression in MD5 disablement (#1849938) - Include rsa_pkcs1_* in signature_algorithms extension (#1847945)- Update to NSS 3.53.1- Update to NSS 3.53- Fix swapped CMAC PKCS #11 values. - Fix data alignment crash in CMAC.- Fix coverify scan issue- Fix endian problem in SP-800 108 code.- Install cmac.h required by blapi.h (#1764513) - Fix out-of-bounds write in NSC_EncryptUpdate (#1775913)- Add SP-800 108 Generalized kdf- Check policy against hash algorithms used for ServerKeyExchange (#1730039)- Add CMAC- CKM_NSS_IKE1_APP_B_PRF_DERIVE was missing from the mechanism list, preventing PK11_Derive*() from using it. Add gtests for the PK11_Derive interface for all the CKM_NSS_IKE*_DERIVE mechanism.- Backport fixes from 3.44.1- Add continuous RNG test required by FIPS - fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor specific mechanism- Rebuild with the correct build target- rebuild to try to retrigger CI tests- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set - Revert the change to use XDG basedirs (mozilla#818686)- Add ike mechanisms in softokn - Add FIPS checks in softoken- Update to NSS 3.44 - Define NSS_SEED_ONLY_DEV_URANDOM=1 to exclusively use getentropy - Use %autosetup - Clean up manual pages generation - Clean up %check - Remove prelink dependency, which is not available in RHEL-8 - Remove upstreamed patches- Update manual pages to reflect recent changes in commands- Make sure corresponding public keys are created when importing private keys.- Fix the last change - Add --no-reload option to update-crypto-policies to avoid unnecessary restart of daemons- Restore LDFLAGS injection when linking DSO- Update to NSS 3.41 - Consolidate nss-util, nss-softokn, and nss into a single source package- Fix the last commit- Support for IKE/IPsec typical PKIX usage so libreswan can use nss without rejecting certs based on EKU- Backport upstream fixes for rhbz#1649026, rhbz#1608895, rhbz#1644854 - Document PKCS #11 URI - Add warning when adding module with modutil while p11-kit is enabled- Update nss-dsa.patch to not advertise DSA signature algorithm - Update PayPal test certs for testing- Backport "DSA" keyword in crypto-policies- Update to NSS 3.39- Fix LDFLAGS injection when linking DSO- Install crypto-policies configuration file for https://fedoraproject.org/wiki/Changes/NSSLoadP11KitModules - Port enable-fips-when-system-is-in-fips-mode.patch from RHEL-7 - Use %ldconfig_scriptlets - Remove needless use of %defattr, by Jason Tibbitts- Update to NSS 3.38- Backport upstream addition of nss-policy-check utility, rhbz#1428746, includes required fixes for mozbz#1296263 and mozbz#1474875- Switch the default DB type to SQL - Enable SSLKEYLOGFILE- Update to NSS 3.36.1 - Remove nss-3.14.0.0-disble-ocsp-test.patch - Fix partial injection of LDFLAGS - Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream- Update to NSS 3.36.0 - Add gcc-c++ to BuildRequires (C++ is needed for gtests) - Make test failure detection robuster- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Fix a compiler error with gcc 8, mozbz#1434070 - Set NSS_FORCE_FIPS=1 at %build time, and remove from %check.- Stop pulling in nss-pem automatically, packages that need it should depend on it, rhbz#1539401- Update to NSS 3.35.0- Update to NSS 3.34.0- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka- Fix test script- Update tests to be compatible with default NSS DB changed to sql (the default was changed in the nss-util package).- rhbz#1505487, backport upstream fixes required for rhbz#1496560- Update to NSS 3.33.0- Update to NSS 3.32.1- Update iquote.patch to really prefer in-tree headers over system headers- NSS libnssckbi.so has already been obsoleted by p11-kit-trust, rhbz#1484449- Update to NSS 3.32.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- Backport mozbz#1381784 to avoid deadlock in dnf- Move signtool to %_libdir/nss/unsupported-tools, for: https://fedoraproject.org/wiki/Changes/NSSSigntoolDeprecation- Rebase to NSS 3.31.0- Enable gtests- Rebase to NSS 3.30.2 - Enable TLS 1.3- Backport upstream mozbz#1328318 to support crypto policy FUTURE.- Rebase to NSS 3.30.0 - Remove upstreamed patches- Backport mozbz#1334976 and mozbz#1336487.- Rebase to NSS 3.29.1- Disable TLS 1.3, following the upstream change- Rebase to NSS 3.29.0 - Suppress -Werror=int-in-bool-context warnings with GCC7- Work around pkgconfig -> pkgconf transition issue (releng#6597)- Disable TLS 1.3 - Add "Conflicts" with packages using older Mozilla codebase, which is not compatible with NSS 3.28.1 - Remove NSS_ECC_MORE_THAN_SUITE_B setting, as it was removed in upstream- Add "Conflicts" with older firefox packages which don't have support for smaller curves added in NSS 3.28.1- Fix incorrect version specification in %nss_{util,softokn}_version, pointed by Elio Maldonado- Rebase to NSS 3.28.1 - Remove upstreamed patch for disabling RSA-PSS - Re-enable TLS 1.3- Rebase to NSS 3.27.2- Revert the previous fix for RSA-PSS and use the upstream fix instead- Disable the use of RSA-PSS with SSL/TLS. #1383809- Disable TLS 1.3 for now, to avoid reported regression with TLS to version intolerant servers- Rebase to NSS 3.27.0 - Remove upstreamed ectest patch- Rebase to NSS 3.26.0 - Update check policy file patch to better match what was upstreamed - Remove conditionally ignore system policy patch as it has been upstreamed - Skip ectest as well as ecperf, which are built as part of nss-softokn - Fix rpmlint error regarding %define usage- Incorporate some changes requested in upstream review and commited upstream (#1157720)- Add support for conditionally ignoring the system policy (#1157720) - Remove unneeded test scripts patches in order to run more tests - Remove unneeded test data modifications from the spec file- Remove obsolete patch and spurious lines from the spec file (#1347336)- Cleanup spec file and patches and add references to bugs filed upstream- Rebase to nss 3.25- decouple nss-pem from the nss package (#1347336)- Apply the patch that was last introduced - Renumber and reorder some of the patches - Resolves: Bug 1342158- Allow application requests to disable SSL v2 to succeed - Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails- Rebase to NSS 3.24.0 - Restore setting the policy file location - Make ssl tests scripts aware of policy - Ajust tests data expected result for policy- Bootstrap build to rebase to NSS 3.24.0 - Temporarily not setting the policy file location- Change POLICY_FILE to "nss.config"- Change POLICY_FILE to "nss.cfg"- Change the POLICY_PATH to "/etc/crypto-policies/back-ends" - Regenerate the check policy patch with hg to provide more context- Fix typo in the last %changelog entry- Load policy file if /etc/pki/nssdb/policy.cfg exists - Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy- Remove unused patch rendered obsolete by pem update- Update pem sources to latest from nss-pem upstream - Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key- Rebase to NSS 3.23- Rebase to NSS 3.22.2- Fix ssl2/exp test disabling to run all the required tests- Rebase to NSS 3.22.1- Update .gitignore as part of updating to nss 3.22- Update to NSS 3.22- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Resolves: Bug 1299040 - Enable ssl_gtests upstream test suite - Remove 'export NSS_DISABLE_GTESTS=1' go ssl_gtests are built - Use %define when specifying the nss_tests to run- Add 64-bit MIPS to multilib arches- Update %{nss_util_version} and %{nss_softokn_version} to 3.21.0 - Resolves: Bug 1284095 - all https fails with sec_error_no_token- Add references to bugs filed upstream- Update to NSS 3.21 - Package listsuites as part of the unsupported tools set - Resolves: Bug 1279912 - nss-3.21 is available - Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit - Resolves: Bug 1280032 - Package listsuites as part of the nss unsupported tools set- Update to NSS 3.20.1- Enable ECC cipher-suites by default [hrbz#1185708] - Split the enabling patch in two for easier maintenance - Remove unused patches rendered obsolete by prior rebase- Enable ECC cipher-suites by default [hrbz#1185708] - Implement corrections requested in code review- Enable ECC cipher-suites by default [hrbz#1185708]- Fix patches that disable ssl2 and export cipher suites support - Fix libssl patch that disable ssl2 & export cipher suites to not disable RSA_WITH_NULL ciphers - Fix syntax errors in patch to skip ssl2 and export cipher suite tests - Turn ssl2 off by default in the tstclnt tool - Disable ssl stress tests containing TLS RC4 128 with MD5- Update to NSS 3.20- Update to NSS 3.19.3- Create on the fly versions of sslcov.txt and sslstress.txt that disable tests for SSL2 and EXPORT ciphers- Update to NSS 3.19.2- Update to NSS 3.19.1- Update to NSS 3.19- Replace expired test certificates, upstream bug 1151037- Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available- Disable export suites and SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code- Commented out the export NSS_NO_SSL2=1 line to not disable ssl2 - Backing out from disabling ssl2 until the patches are fixed- Disable SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Update to nss-3.17.4- Own the %{_datadir}/doc/nss-tools dir- Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic- Install pp man page in alternative location - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer- Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available- Resolves: Bug 994599 - Enable TLS 1.2 by default- Update to nss-3.17.2- Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work- Rebuild for rpm bug 1131960- Update to nss-3.17.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Replace expired PayPal test cert with current one to prevent build failure- fix license handling- Update to nss-3.16.2- Remove unwanted source directories at end of %prep so it truly does it - Skip the cipher suite already run as part of the nss-softokn build- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Replacing ppc64 and ppc64le with the power64 macro - Related: Bug 1052545 - Trivial change for ppc64le in nss spec- Update to nss-3.16.1 - Update the iquote patch on account of the rebase - Improve error detection in the %section - Resolves: Bug 1094702 - nss-3.16.1 is available- Update to nss-3.16.0 - Cleanup the copying of the tools man pages - Update the iquote.patch on account of the rebase- Restore requiring nss_softokn_version >= 3.15.5- Update to nss-3.15.5 - Temporarily requiring only nss_softokn_version >= 3.15.4 - Fix location of sharedb files and their manpages - Move cert9.db, key4.db, and pkcs11.txt to the main package - Move nss-sysinit manpages tar archives to the main package - Resolves: Bug 1066877 - nss-3.15.5 is available - Resolves: Bug 1067091 - Move sharedb files to the %files section- Revert previous change that moved some sysinit manpages - Restore nss-sysinit manpages tar archives to %files sysinit - Removing spurious wildcard entry was the only change needed- Add explanatory comments for iquote.patch as was done on f20- Update pem sources to latest from nss-pem upstream - Pick up pem fixes verified on RHEL and applied upstream - Fix a problem where same files in two rpms created rpm conflict - Move some nss-sysinit manpages tar archives to the %files the - All man pages are listed by name so there shouldn't be wildcard inclusion - Add support for ppc64le, Resolves: Bug 1052545- ARM tests pass so remove ARM conditional- Update to nss-3.15.4 (hg tag NSS_3_15_4_RTM) - Resolves: Bug 1049229 - nss-3.15.4 is available - Update pem sources to latest from the interim upstream for pem - Remove no longer needed patches - Update pem/rsawrapr.c patch on account of upstream changes to freebl/softoken - Update iquote.patch on account of upstream changes- Update to nss-3.15.3.1 (hg tag NSS_3_15_3_1_RTM) - Resolves: Bug 1040282 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) - Resolves: Bug 1040192 - nss-3.15.3.1 is available- Bump the release tag- Update to NSS_3_15_3_RTM - Resolves: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws - Fix option descriptions for setup-nsssysinit manpage - Fix man page of nss-sysinit wrong path and other flaws - Document email option for certutil manpage - Remove unused patches- Revert one change from last commit to preserve full nss pluggable ecc supprt [1019245]- Use the full sources from upstream - Bug 1019245 - ECDHE in openssl available -> NSS needs too for Firefox/Thunderbird- Update to NSS_3_15_2_RTM - Update iquote.patch on account of modified prototype on cert.h installed by nss-devel- Update pem sources to pick up a patch applied upstream which a faulty merge had missed - The pem module should not require unique file basenames- Update pem sources to the latest from interim upstream- Resolves: rhbz#996639 - Minor bugs in nss man pages - Fix some typos and improve description and see also sections- Cleanup spec file to address most rpmlint errors and warnings - Using double percent symbols to fix macro-in-comment warnings - Ignore unversioned-explicit-provides nss-system-init per spec comments - Ignore invalid-url Source0 as it comes from the git lookaside cache - Ignore invalid-url Source12 as it comes from the git lookaside cache- Add man page for pkcs11.txt configuration file and cert and key databases - Resolves: rhbz#985114 - Provide man pages for the nss configuration files- Fix errors in the man pages - Resolves: rhbz#984106 - Add missing option descriptions to man pages for {cert|cms|crl}util - Resolves: rhbz#982856 - Fix path to script in man page for nss-sysinit- Update to NSS_3_15_1_RTM - Enable the iquote.patch to access newly introduced types- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Fix incorrect path that hid failed test from view - Add ocsp to the test suites to run but ... - Temporarily disable the ocsp stapling tests - Do not treat failed attempts at ssl pkcs11 bypass as fatal errors- Update to NSS_3_15_BETA1 - Update spec file, patches, and helper scripts on account of a shallower source tree- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build3.90.0-7.el83.90.0-7.el8.build-id023489903ceab9c89e549b3b33f49005264a38eblibnssutil3.sonss-utilCOPYING/usr/lib//usr/lib/.build-id//usr/lib/.build-id/02//usr/share/licenses//usr/share/licenses/nss-util/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m32 -march=x86-64 -mtune=generic -mfpmath=sse -mstackrealign -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpioxz2i686-redhat-linux-gnudirectoryELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=023489903ceab9c89e549b3b33f49005264a38eb, strippedASCII text!PPPPPPPPP P P P P PPPPPPR RRRRRRR R RR RRRutf-8f1375930ebc1537597573f7756409cd0ca167b637c4fd4738994b560418962dd?@7zXZ !#,m] b2u jӫ`(y0L}k~Ì\|Su[kmi #wAnˣɢ8HWd dc9׫ˮyZ|ӚǰQ|GN/Ըu V+a6Uq6ޚVϕ`L=4b!~渓,Kڵ?.%R:fiTmWH2.ds.a#bCoUUwrܥM'pY9XI* ?z8ؔV?`ht:`` )#=bi Eԫ0(a;#8Ʀj9EOJ"KZ* 8|Br(ߴ 1FP6LՊq.* jj=/@yF\&sJ mD8\rI \˃zK-_g; NM43#;b L y?QWto|-zww;]T(bJk_i8gQQMfL vxZ oAPYڵ/z]y6%/4!dx÷6ZY{Gڍ;(['Jơ!5}-RL8 c`Z'O;~{mN{,^6w26k?VD'{O<0޽OuzJa]^p@JJ}gd7s=vo4.9-Dǜ_*"Ocn?\K/Y3]Q~2G_{^EQ}!|x8T@V6F1.<2Q[D=}Iy)ʨ[m7v̼a{ KxZvvqΓ J8 9,fzp}cvt`K}r{m~/8&qglѯRٟ z: A7ϩvl\Ԅca!8{%<W٣B33$Цw>f-0wSp ֩DLW]hP'D>Y# /EQw2Թzq}4?՛g:VsmnxR6?LƏhSU9v(y#?63Z *4&Ju |{8Ն`K]9i $_,hI]*= 8_ȝj%No}E v)%N>+F#.rr ”CLގvq ( /RǨF+w̢à N2?HCnRܨQdr^$gaM,7`>_($3/2@@3~+3ͽuӝ<;4pZi/Qeޫ xHY)/n= tZ$*suSp_[Q%=;)gή 8̨xb@qqBe8 )cM~ZR'\GL.$wM_X,irGu¸#f9OMTH3r,#!*XGҼ븪zC))9ٿUDG-?OU} 8ƢTŎ~!-% SiZ#з;?9$PQƛk\R8n'QT3= NtP4OU)zMQ8vnK~;[=n#BB;c!M( f+WS*ok)Xeh!۴U&BJ4DiEtB6!|'" i:ɷ!J\Ĵ{KBe=jXV@GGT裉|yMW&O-< Xl #ȔB'W)$ 1V։-Ҏh<]fabzy~.fXx)Vvmؽ`J\W>8 2,h1OYjP۽`KrH~fY٥J[+dH*Ŗe]ΔѡގЩwYa[E?=Nm.C=&B;=ɧ>e#_币,7v6No\=j5hx82b@''%WX=WE,Z5 T=2^ nUmAi%Y5-O~v;!nUW+x8%9C[d-H^]>D!cY0+K^ߙݟ L$Dr`Gᅬ21t%[i)S[0(QۆUUP:M.<-YN 6}7 t%v9Q'TڵnHǧbQ3DjfD1ɹi=( L,o{\=fo}#hG;jMж|EdupݫQ[&N'BjQ;VOl+1X ~f`L R_y0J ̵7 l6>L)tp!,Uw>t@֞ s0*v,dDX()V{Z}fu ]^N=}o:"B1 ;C83@윲ٻ DT=u^e9hֱby&U215J'D-H7Z?+Pf/TD}CNPQM̞*ZuGpIطY;IDGGZqŦmRNѷCJ<fY03ʹ.KxJVvrVGP$'7F윙煲Fb }ܯiwI&X2k;as]˹ф nUT)7O5iC#/m 5V1)TDҋyŠ<{B+Q'"IRn* I;~:9>nyh {O&7 V88j6-Hg2ʢwF*63Sš$ *wS xKXَο_d>$@^IwK >WvJ2ѓc ϊKI,YjYr71R8A۰FvHZ˟Al[{{+Ͳݹ"ڃm? Yu}dJԍ3/yzFQsR 7 nyHYxߡƔyݠ.bT6=U(9ClRJajӑqt۟LA[ HXEJ3aڶN؛ ,ؽ-ol-GL fP6ALLliEYzLG\OIl.=Im{ Nդ0061jK*h󻢟j%־p7jY}`1(`0{˷Na5PV}&v\9cUtqp0Ta㯟zt5FSv}`ZB#Zz6K95㽂,EZ򠐞Ɩ&%*)Ze93h[3r/bk"qCN߶gJOu&<~FǥV*\/znc^WR=#rkdE. [_i`%!ߧq$]a eTVQl`c9\/4_4Pźì}1^v(7a8#ssQKFT:zj!q}0>o$k~mЁ'VFcMLoQjZtnHç#q=ʀ {P^Sc8'ԋRw>y׍0hRX⟂ ϰ.ʹ?,N(mgkUƤ#Rc,E<gA[)M @lh4؎sqv\j0 FQ:x!J_h~VuP{wy:UlP{VTc:CȀ?gY^BF/(qժpr>b`֫ud;Gl4\wREio&'4<蟤ҥA{?@QY3-s"ߗx*@ :!GcPÍ+[#⛾]|۬ Usn?UA+Wu/_%y =onBB{4}DQXLLAMtF)xa4*H% S`~sK[]dؘJ\ezsh PWt}~3xJiӹ2ZAGܳѺ5x,㢎\ 5~D} hRl x5l4i*J[8=b 3Q-,Uk.VX r! >ͩ^"΂C8"Ji~1=j¯Uǣh1a`aOy^}VI)(?l]yzpYGOHcrj%ϕv/YD65~/K(0:ܧm'66L++ME1k48 )_4:u+Rs]T.ym[rvG% Ke~r/ZK/hmymulP cYChqQ@-l܈T1.jSs,(3J3"_ҬrQsE쁀ЬoahU]:p>52uK$"6 cW[~Bfk }k%La^fuR@`1g&3X4|bO }Ok,?&~FP P+z?H$R]H[<KcD!#t)5LuCK߀jl2:)ƭXS|ldR^\gTTzt1^)F{k.-"S]DQ#)bbQ4Lj9FZ= ܺЮnp0yc^O <u6L5z:e& ʪ!La %nCDD%Wu{nwZ"dTll9s_KexB)z F+s65:0^ۍo)<` *.'?:bx54>A;7gY'8CāWT*h'vfP+UhPo`|༲ @C^?qA*4 fx[5<}'7hfA3 _r*`Guy WN,DdBDכ<g4;4mm \%4!b{|qzG[1VdBAbQΜ<#O7-Eosq:N~ =_#Wː1gjbenErPQ?1Ys oqN#G Jq* tAgb'Ojjҷ};WnHԑ PwLd=BDž Ba,%Σ,@#C{ra6r玆/!e lD)0a@ )*%g0OP̙pr,T`>rUOol>Qþ9Dϱ&4 uJy6v& D=  Z*cܭLNdH7$rq=]\F4vhZ\j$)sVkLJ,bz$ D}%^ܱVWΉ}H ]| kkp3I ːڧ@ ԁbePu.}:Z2xQI!&0ܕ;0HjTaEm&]y {! ʼnl8F3.-U ~x}2_%jЬ KQtΓzar8u1MH`l4}i1K9[9S+"0e3dSC'CZ7YI!hDZHD !+8F piN .A-{1hơRHj溂#%=6yG١Dr-s[_ӮѤǓ^7}jo8i஺Ss~S_sda·v듧OrȯYO$ i۸:9<̰b"fQ=) .+3RB6Ygh"Y8pM=?0|3JjC&~lf`jd7gHklC@Q 2"`-qBpt[#;A+ho9v8M7=a6՟5 ^!D\<=ֲ`*Qjsl9 N|/bېWE=LZI.MkGxf6X %GձQB z"D\ܙ6 pxD^$РSSҗovt'#VEN[cP+6c~o {sKirAO1_Ni')5J+{Pn \G tk9S]Z`KO}ox‡-md[5`8ˬYb[-xr hS4 s*UJm0J5 犰>/M)r99*k>ucjxz=FHЀf#ӵ~@zGKV Lb*ypbT|l_HR".?V*Iyzb'駘>T 1ZŘ<ܐ`m.{{ @1(in\M1;u dKS1NʋEhk!,Xo_pG4}F#.0#tUd'3˷>$Nȕ3ޯy`Ȯ@Z}sY_ArVjRiPc}'T\idn*\E INu^tհ3f={[:%D|,q׽³A#J&L3I]/9KZ2\Q^:S[4b טdGn-8 TV_8=\ռh̏)P}zyo#FE:R5s}9ҚR_XXiÏzV %B,Z&$sqͥWo`Rѭ1ђTck3!u X?PehBD-^JLc9j3!f#rDӛɿC}eaWS{Naie)jvB Ȳ^˟1tJXµ(%189]꤯%* pUgf*m֏'+ZAZTMv7Io> ,Mh`AŋQ2Z+KP9T[ gG'7a)!7hx:\J޿TG"E$:bI@Ў]Ihim!@֡VB*8@ Q*vHZγdP>ƗjEx 3z^=X atzȲ×`C4ەIڧ?r2N%bZFUPqjBCǣ ]bS_`Bs]Nּ+vmT3Vxg]Z5WX~5\wIN GV/XHPKVb:4朑C,La`DIT [wR]l^gJm.Sq+IV].5tvfζ:ϨN>t^ *`2 .c)"K?z#[&Gu-8\(nxz#(2i6tɎ7uY%>-QykGMy3em [)F*uۘ"_np| 0 ٗBUA31?!/ye`9(sg}. x=UC\:|UZOO-Y䄉goi];EnS(RxksbFB#@9.h/vt%+޵ª]U%or*2͈ R1@ OV .x8E*j=(%4]WvKn*Av9aȕ,@W]ixI><]<+ZN9DFgs2L۔q%}@x'mQ5l>.mH+y  Lw55GX `ߞf8716KV.ߥw=f3S6qo!=;0k-@)^TοWHA"j~ॱ_s#&abO$&?F1=X7p^}rGCi$$YilwOn:8|^'8 Ҽk!VDmCڙ߸ xVX1 h#QQ+u8P9vS uݐ%>oE-} TEҋ[k<= m53łgPel%;l&/ޒIac8lr@gRhaG]CkW5j_#RMH7*q]%/JaZ?wDSP4~X׍0񜇘zFKGLYeew࡝XfhdB_ |?P: WD*ωCTro2U=f$ rvs!)ȘUȚ#Fq}`א?"i|sb6}S$ۮ64裏0>OրK%Dh ? !qI:-75\Cu&|u Fj ePPͲ3[AND6py%PKY-N=J2N&Lܼa,)Qڔ+8սo/3FKjҝ)7>0MV1N?nt .pjrioa=1i5Π/2򂿟s' Ђ}jfDW뇑R?5VOȫ8*¢iZB+&w*$ndVnى 3Dii4lhXT55qQ0j aƀa,C'my0MHZOUg!o2vU`eCeR_,׌M*w9yvgC W!wΑ;YyVՇ2%=Y.T*yZH_| 9@%GmŠ_ OH^y `7)?a+6 #AskpC2@Y|h<ṕ 4}7-՛R~g{};/ @Ӆ\]r٫|冾0}*kIwF#錧:P H|7*(Z_e{G/L0S3RNpHbv6~]f.gbRDŽ/w FáЮO~{UP_}WȺThs8WqばQJCon`Q ) YL \ Yp9~!T8L0yTt^`d޿-r'.HP}C9AnPG*Y3(GSǎfT 7,6k䦴=R\\!N^ mo%=؏}Hog^PAizv⑓GgUv)Dud> _ۺ# ~ TĆXhrW\E^j`=|Y+IMkWHWl=B-s;KM% ]s@ǵy*0x@#ㅆUa@˺7k>. ~nC$~UBeP(},a)\%oӱjG"sas%^"yu҉eAS|OfIUMXHT6% xB/9ja*֚kZ E{:7~ktWk=bRc<5?7i YK'o+vB<к8^4L ,HEb/r] ɥSu OFD9(s@J%Ar][a-`1GQ_$!'q&4Z+;71w_Z0-UCtlo7nHg!I`ǕA}D50@̋Ӛ|C7LN[2S8Pmơ&)`])OtU ( $ BT4Sq/΢~53h> Ny2K 1YS(um;Z+6hU j)<* G٨P5r@$K^N;1?{!W]A_Nl3}mJ ׅ YPSuT~TX"o`lU5y><>92+UV`uhiI&n}o^(9 :U29`RID?aƟLe:&wC\%Sq^`r-kK3FmL8lrW-^{gd9p[uh~vAOGKyb&>0b/i[@K;,H0e" :L'х|B8vV]z7vmgXJT#B BÄ*j^Tۀv1ݲQX"2;&n܆y:6GOWISlMƮ@D& WɃui@`A/?ʍREk5cÿVK̯Z+ph0JMIltHUEt=\[o\d؉:jr{jA{3ƕj~'*eAw8NЃ˱ K;g<0Z8"=噑Sa  npb'c"6[C( rqWe*&ʭ 1nrOKkՌ: bPKlwyr~p1k{%uAjIѮ!Br׎%D`N:״f rݱhftɤ:bz?aEmO:[ |Kԋ-ɒf#.Ey \f=SQyiV7 fiGe/T vN/Zi&fѵeWCrGj[bwJ]nq/zi58  /{tw7' ?7 T^n !`͂|婹*x[a(9X/nI/:^'\GSERҼGĊڱbdSqd?kFVd?1Ղhbu*wTAF(1Ќ8xqNI H~;1IA*}iItΓ'8B27a$Ј_;ZL͓s.#oq) }ƨQ+?*]R"c;%onDŽ_»SdIڤgpiύ/ٗ wHcM)`N 'q6Y"h5b!>);ko>'i͗~d[Ǽhjݧ+X8a4+9Ъs!vSmҥҎ%Pq0QH󪏐?=|v:_n4qC'\`Bk.?1i'on^,@ PpӘ/sFÆ0so,3bu]K/ wv~&A0gJ煭m%5fF'? ͬ1BV|c~uI"4j#DzLC:]S,-Efef@?Xu 1N,IiUWFŵ%ׯ, 5y,!Æ&MsbFqg{i.(JDe?<0x$qAwxF'{|TK7mgC<%5BPSLvH:/X71b?lnUIx]CDR"HV~ʚ$4kzbA _dLO[!0RH&ispUNmҧz:^k/2nK~q]ƥGjm޸\f+q]e^ihY w鄟 bpxJWQ5^wX.M&-5L[+tC?W}̶>y 6»Ġ`b8$K=g"M˯o a:szMN~{j:!02x屾˚Η5`nƤ&gNDw-;W7qQڐEW$tsYD9L^,~:ISoV$HyaTƂFN!Ir"!\T'Fn馺sM ^a$ &g#y-]$ jZg,!e %[=[c;^'+<KMJ"{Z"ijrm֋ U3j" ݚwq*8/5pQ1_z`ׇۍGI2:X;+j3ކr0(/;r :ˆµF'!qÊWV@χ&zh`M !>͵moB-XQA#{v312I eRay wߍUsYEbA.xŖԐ(TD}4=u>==JOEU$p}g`&`wRk;YQ3̂U)Z" wBHFv[u9Қ.{jM~U; QᜐlbW?e9 :t ^D8ܯ_6D|e :й.ڟ[\y&4bXC̺oWsGX\,(A+.wi$w7P)y;4&1Q#Uuv"z2e8j&_h a<5F-؛R-.KXq@ 7j$C z,TLJ2}j\v*!DݙA כ!#G 6#ڜ)ǯ'Y yK%zcEмHBKMXzℊY%rlO׵9B#ު|}>֑ֆ m!r4$aѡMjIwu-!n:dΔ'q8*LesYX܏ ـ3{/[L/x-$Xn_2m\Cžf[aEM' .?2@7A 4/Yh!38<;dpCRNYe`PLo0-1zNW?*sM<*i].KWHiНCqLe{J0bo{Ky7@ԨR@ȏ\|fi /DR 1d [r~ry|e \!df^ 񭪚JshZ<܅.#E\U%ͿvT0K3ڰ#}|¢? !_z=\X ŭD!1>% Ьb,1 |tkٛ mdMV#9JCTu 4$cpXc}CZmB"FƸa-3;hgFo[\ bJO5[8Q^BN̓t\\:3rz5~,Z6B:(ݢVkXԗE*,2{)Q)e헱 ,1'DQ vT/9YT{D_m^XuS-(;I\DF>h? E\!t%hs#4~=ev3y ٨7tFTKr7h$]<(kkF'Qzz|2U@VYS6g^-2IaUc^w$exPO97l{tGtDZ('xE d/R!<2K̦@6ˆժY~#+̐t !hSS&)/b63&6:Y$z2\@${Q~ݥ86$[ngJ݂ 52DEp Q:#VS;=`r9뿢ʖ2c`?Bi{8±BӰJuJ:Zc?0y6IXLwQV+u&1>C6(9SQwPûy^UiCF!*01X,4|.y${,ETYRb}?*T3*<QKB)ĮT&\e ${uxosV/+.5q-a1Kj!Arpî7iC0Fvbp C4D##H*!YEOn3[N\P1AjWc|O""š8.B6UnĵS7#`ajY4; F!){5]k5 |8Ȱ,@g}/b'NAݿA7mh9괂`8ak./"Q)“.0n4(7obwOozRǽ$b5Ӳ@sT[:Ȫ"tMQjA=\f$fm*d܎MҥOia2ͷ.p wٸueᦹ"9V0 BY]N 4{*,Wң:mֆGtkUYMW6Y ؿѪ =̀jCJ'X7n N$(f^usPI%2*P^)0 [dDSX{( '׋9:/KdJyhLH1RL\Se%]G-va{ %`ńlhM<ټRwu? $A)*=/Y(ӿFYTqJV')%ju5M>Io?ol3hdB43][/8Eä^Pj{<aoC3 ߃ Z6 LW+xpˈɔ S23 IZGkz}~eU>mI v*;@=__sާUhfkamEs0 1tHS=AYo&04 :Q8m3t~{L \}}2/'j z`u؋J VrgV܈h6 xT]>P@n@z= &CRYO35_\3#u@g?I ʻنL 0rJt)IR Mm30#zԠՌ/LJH5Hf #W IRX+ /ە`4F+,)l&=VʖߒRzU~l:/ziIorA1m?#QnԟK+`z/P5$8'v=9_[`kd E@2*q}8f米Q B6f_QAXxsE_'{?.>0AI>#C5Os\BWzf &k< Ty{sZ6xYHӆ ua!Ά]f",iŮyr Lb\OsTY{VX 1cKĵ ib#̟)?Ob&~gF:IW280-$B F}+6=vՠJD¾˳hKca8NjaK>lP,+si)lPN^U2o@zA^ʘB %f>ܹPp*keX3hJb]%S|HZj{ޑG{=#ryD8e.Ξ45n {rٽt ]4$IcH'U.'A2cGRfyrDǭ{6K9_W-O)!d$o=Q{^,=DX >Wg0k,MؓGܢ06ٱJ]d< '";́Bx;r{#UtƆ *M 1 k̓mlFh/hiC;T6#B0j,9-Cz-h0 KS CתJy^~MV,C *'izy쫌5/=d^QٮLJCݓԆ~(?2׃!{PC82%~* >N0H y썽tlEZXq[AӺuSm }OE$4k4+*3WQ2M"fqL42|L1qMUIa%m]HU)L.(.f~qLY{ 2D0&/1#9LIc %?r2bG#b(_ ""+Y-|#phԾ:*4s8lrN@ ADfխ ]p #v̴nGriUh(>.!Icpr`8䩉-\wS N4` -JTrQtQ:O׺jsxxӯN^;dM MRpe4Y,8TrwBZ*'eJԻ0`0X"(:mXҴAI.Yr`^z_8gv+:,m"i擃m-ysFh6ZOlHu0Cx?4=`v.ډh썎,kfuzJ5hNS3WX<⁋;%$Ѵc> ?)ʐmbzՙ-n>ɏFI+tl?[g?t\rAݷ4g0B[A-X2^kI<}(+ oߦn1 }[{Ǯ d &+Tl^N<؉`_D:'>RAYKռJyjK(Y5+o}Y! \ ۠ûj6 `\J d8El# 5*v[F-]+Ca3c\ c2W*CD^j<&xz/?y~9_fRl#0ö(;xf1sη|P]%/`'Yw%78Yh'̣ץϧM.'m@[ n w綰M$<_ )D>25xRz U?K[@k6E ſK*T{-煑f.fɣ.s`闿GZs&>j JgA{ h)pQc"ù2jWyE7:NPmcZ1eBxW4O!ÿ ab ͠ne'Uxx6j=RU?D&Y䁌p lPcq'ͪˉqdna@f+EOKL6 {|=:#ƂB<庴}+}vq(hek dL @xGrt&P< UBH0{02c1 a~ްt1nA!l C~響ȣMI ߡ};8f*DžL >CkG[[(y92ߙeUx\I۾[KNe Ad߲[DM+(ȥ@ = W:~0]7RڒI> BrusB/̐E,<~Ior& -LzIşN=y,5bȲ{/7_;|N`ߑy ;%Kzo ߌ+^Dg>ѭ38v  pJ񈫛(WyoU3ƎՋi<&hxG\l?BFx ]1@耤_d  \b/+!վ `MQE j-< @;S.L5%,K>~"d#֐ +ꪭ94 гle$EiMWDs7k5_F拏nXZK/'OiOy5cȆ ,quYSjUl6U"IX-F29<۷$4}ih &qs۪WoqiT+QߡXÁp\J;> >Of*fX@15\N"L;5Ar$#zlF<͗!O_cwT+RCM?.] pt4PO)NF`GRu i?tV9VIv1c0ڰ}U6qżO6!98d,GSBo( 1ݐ)3r֥,\I-*,ۡ l~p\Ioꙥ#kӗ WocFQ:U+m DwVnQ6$`G;QZ82YJBJJva =v۝|> zʳw!l\0(<$<5Qhe f^Y*dk^U{[clᕜSB@g;/M.ABL-D7~gɎ40 `|m 1ylpXBoq3Dj;5#ĴE ]m\&j0KbVjTEth y9r2O/W>͞]M)D{sǡ4j &U9 7O!Dž4!Kbc(+/CmviЇY, "l],NBep98p \0|͌0UtY7/'$t ^Ԇ"Pߨ@Hjı!~h,%"xpxQdctغ"¿ke='%!7Qke/TIaeH+?DT([~P1g}eRPo'<*rOF$e \!aI"U׍0?KgWd7wx~)`ZRזǰGj7c<~`[S1Tr*L(oR<>3~(9?|@h ? _]\ˢvb2/NO>]9TBEˬ܄Uپ9d6mOƭ.q1v@{G4h4X*$3a>F9 Ϙ !T{=O`rtnJ^@7߄62d,viCT/!܁E[M"XdL3}b15Z+ `(G/U$[s򋑺Etn?o3 `:,+2ժB=ynK1`~Tz[*1[W+P>Yo@pѲ|#T'm~[>VPVsƌQR~4͊ir7p8*{'7WAxsH딒25Ĝ$%ppLSh+_*ds]?w&!-~v*h`]Lr?Mf!&^|GoD>U'\=H?NL8EdR #0榇-W.ÛvMr@HC$|ȸ#"LDCڎHq{T{(xjU@=J &f+ۦX0-SJ׫7Beig+u\} 8'E[L+Sh! ~|pz䥉5}HǼmMp{2隹-z*uQy0SWZw? )ښ⅏imu+l's{9~SǛO$[L>rS\ H^@gdΫL1#gǯsՒȟ:>$U; H/n6ծqwGz!W[h$4_"PW|$ 4J-0]=6wpSÁ[@.MF8W\ ;1.,.|"GwxaP)s:cW15O4 -րc&ٷ{ Pf?y;WxE~?v~젰JhoӨ ~R$}|rHgTZ*yU}/; (Tt%xȅ˪hE-P[_ ^!ߡ=MF8y("+ .pݴ;n' x`+3M䝟F[:L\nP($Jx$g N+ BU!.`q`Х2>%PL'?s.SB+3Rc:ٰ?4l+vAOfI]t >wULe@̆PڹB/xl ZP K_=^8Z]qE%kB K@Z L BP|G ih}}$2H$3"ŴG9WYib^7 twO%x7ћth_H~eAY/"xj3Ԫ5NxKD;wl` O;CmFk b/nvϚ%i+ 荅 K&%iljˬY#'h[\=hv4}'rU>8P*eX>sfpa=OSp~!Cak 5*sS>}z,c۵d5v:=ɧ}߬vVb(%u_@i)&ab3PӁuG<߸f !Db*8:r9^Pp0j3 9&?  S0N95NψZza1b#ʩ/0-tѧX2ԋ2g K7Z}1|nWSrzυEj-2{+Iѱ(? : ߅\81ZQkXE &?6++@C [V[Uo`ꧬX(MΣiuߌE MUUWK}LZ}L9x:bȨx&S b7%Ϳ/[&sZ [yF&PkӵK h3sMtSW>ثM ξ\r:/<T̒_Po aqnR4Aͬ~/‹Fv@<#>75&&=IuA͌:jnߓ0O8"YH-ʓ#zy#fl`CkdÓGh:o$ڗF\GԁC-{cVUI_SԂ5c{hnQ1ls>k8I|f{ Ztu;W܋˻ 1k]7 FlInZd35&sF+UUlh3ZA^%!ZY04-(C E\PG`n{v{sZd90wAxҴ©ٓE!.NsSOڀ<֢^R碸aP @IݺT#ʙ{4M=U4ʫkL`_׃6"zvk‹:@Cx~%LKBWGnpu69J-sfdE]ziσEYݤ8/: /n[L\eὩmZ;&i"cWQ` {VSVs| JHr 4 h\~ťk5p=WPبglQFE$[jV(m5ƛ<:W7KOWX e3a1un,vw23ТQ[vW 'mQ#ˈlԋK0é{l_ dzCDn_G/51_ B$ 1ÏJkU=hk]g4QfmG(7M :@/VPnm=WmKxK]/MV| uOKS .ůs;ݕxg1T+k9}-nAZ$nh:P3*jS{_mDSPkJ7NՇw17wT%X4> d%qCݵӥ`%+J3*I '^5| q'rsy[XL=4\ t7KE\&. J!s/•W6e-3Ya _NxѬ:!*W8,Zט׊[heg[o򽝺C/ ,MpئYaK*{J̰@y2UmtAy[PW\%s=AV8k<3c _EYA*ڪ@P !'H>$iYʁJg@TKƎyȷ(}`0Q䤙:j+0=CSZ7d ZE+s}=^!~wr<%{ b/&Ft/\V!]1\nN7BkUijD>esپKp޷u ܪI:[`*8Afa ){BǞCa %')Fg+ԚD(8<@W}-Z+Hrr#;IQl'7kTAc*p= XNqzc&2C[Ǚ珢fAȈ5b-:,^~ϵ[d7Yܾ!X+S?BڪOQ6ڿW jFהyMw^ PtGA,WX"yzeTK6HYeX-<0jtf0ͼ Z(\JU§8m!x (5}pikB޲y2\lo&pڌ &H A mDvu!捶EN~"jVn`'[JR_<ċ@e^p|V,|| c(~1B$`=LqUDRʷi~c&rnbFྲE{7+ܝ9gzip(V+a<س'EƈQzm?QEuiM8}!PS)Q,f T]m Z{yt:螀hhassG^Q1 =,UiRʞRS{G QEIҹ^he̩2&;";dXLЉm4&Ѯ+oV_]"i-]S!Vie8퟼1RggͰ0!FF^Nn@m;0zGUkg$wAس6qct)g 6~,FX]t*Olۢ8zHYfqaf"7姟 :$͔?Gd2ͪm@C j X 9T l/]QDJw{u/̎< ԓbG:LʶܵSpsYQ?'\+H*s@ cҴ_MTR}ۻ% N kHEZ&kG kpZ|C:SZ,-ٛjF/@7w1P-`PRuя{V VVBk=@5 )^:- @{ ]Ze:5i9A y`|4y YNW xf*2?s!Zu,&  |Sn,h4V/ wBǣ[ _*+JX( H7Z,Udt:t_@H$p9AZaMidoߐlm]ZlT3;2E+ƵGBZ GwU H7JmzEo{ hoJþ^ \(/(U:Jk<e"#2'֏207JWap=-8C=i0'rƣvET[0|%6k{Hu7]$s| J YyU^Χfz"(ݹkBU,'chCT9"(NokkV(OXzӓA9"d }+k4'Yƶgg:(@7*6bIn+AŽ˖֢}kq#d >vK@A~7Eo?rb RX{^dX{,*"w2GkOh  $jU^ cC? IAPOyr/SJdHƭ̝֩t~GϋDH$0*[͌#,lRvu*zQWD%ē+`hݰC<*H c>"f{} Ui68ݶX j!S=},a$p-.odm`\YltMA ^ [66;r&X(lU!q2}(Wg+2,`˨/y Uwhѥ%qۀpݪݥ;g 4ԛ,pkF[hf4jIKG ^}Hlн+%`Rb"!S-і+AEe9p᷉TLV *ououeS~ d'9LM['OէAs7Z3B_xzVV98Jۃj'-n ,YJIxSOHt_&c Q[/O Y~&CN381Cf`:rm{ Z6:~@VPۂ'Z&rPhdyHg~\ u{D^j2n`}йy{[}DyvU㷕$C#FȮH;/oEx̖qB`[tȖ)c7j R5T!<~ie݇4(A+$ɼ~DQ68'{;.ӼjY,:;Wsۯ3)@xx@hp} Mq0}J]$ngUCRO}GtA1zPWk³ *7ٔ TÄ$Rqe09eud2yŅE..zޟ( T{]]%q0D |VkeTX]޷ STZ{ZY!g#$chV"4YWCGдM掭ut&U^Oz%1fF̈́I[wnDT+W籶I""2f/'P!pRنNU㈀'@(>9P忷¶aˏ.Ii&(TO:;s1=K?{3[ѫ}ܭ{Fa5 54pLE.5 <}c㱰Hl0TW\V]7 [U u>,bT>?"y-9 [1~A7{~,З5 !}Kq^=!l HGb5OBt\d|t]p*N'U¸Ki|uȿm!?w_jX]'(Ú׋pqQcIWc+Bq,# fR^8S:Ydyɤ4rMpQbҮWnX4T* 8LkPfqzVNEyw^+M& z5@BP7ǧ^F[BڐhLl*|c} fWܪ$!2X G'{ <n]Y?e7;`(Q%'_Ǭ,$u7#*C+Fuo;}v`65d_Yae:yrWDfq9%,tH.\ĹdB8C2m7.ß'v<-8ɏlFySNSCىk`IW!VX<y }NѺ+d@0N˽3/FjAp)ѹaa'Q(ٓV`^Ms<}9|+5Jb!xH?Mk!O0EJ&)P|@|2 z`k &YE]VZ$wFʍ:3*_0?^ &4:':rɪ) "z*qB"A@8"nk7Gޤ6S/ ƀ-% /aE˚dLmUTQe[`& Y£knOOƯ'4֍GZ-gwM>U?B Dyaי LPކґ>8#IHbe~%qB@ݳ3ܻo :䳅|ݡi]>S=gr99=޸n 0OWv;'~OPK@\ޗ@g[ۦ۾BokOG@}ˑRp ʄo~OUՓjäs^4#zMl_s:Fj3/e$zD#dzɈ1 +=z-UstȔF_W= t"ꆄHV~3'oca9#rySH:.؇7uuJ>4%Au|Ӵv)&oΤKn2?4XMW ͣh ֩zxdNHZiՀ鉅#y5:T7">uEfzbx"F^ J$Ɠ?c;TtTL-πrFNIxsUS'ۛ)2kTDN ~9|:gm'Á ;SQ^"%nE B RUmG2瘔_3^ݥUW-mjq{MFtt"F΍yG% G3VO8m]ǹ$\3Ouc:N;rѲnp6cW17Q~WFw0ltaS7Ln˓9@QHS1 ~sC8_ *J#ePFaaD7#[hZfQ/Dn*2KAb*ٯVA-4ǠgypfSlר@r`\LaP%`p Qǣzš'l39'C6@Ƀ>>B<0wK ~ho ;QU ,hͩ`= 6ߥqaO_9C_bv'mQuAm3 Cm :2DH+iPuF3)` 1|9h[i<[0gU?xu]ۯW9Z0.1$g둛DDBe Z%x8㮂EiWTu?!ǻ(KiF6WR>}'Os<4kiա:i k^;[w;ݵDDWQ]~my&Fyh`TTۇ ۼ Ԗ&>[Ƈ3(uce "LGg(]HFoY*_2Ҷ6fb7 `9ef:n]Q >lZ:aáa:98Ny*.g-Fp 눴l &.JVe '??*dA&'LN蕩`?{mО\hk+zzr;3--˺ٝM2Wx?hn#jj?=ɢΒL X 1ԸZjOw G{SxĴ_oU I1RZwqI34vO#7WUͯ[pLf~g?kYy@[CNH25nB$s3M`UKEp'awIj|6HyU6ˆi#6/!3FǞ' D?8^ GuC-ӆe+_4Q|ҧ'CܬrVJ1K8]xFQ3,[%+aqn-c儋DI-ܢ>n452Ot^;Z= lpQk Ę%Xn ;hkk~4+dlcJP$b9ú a$NjWe;58%NtjN`:ٵ5獨G[^a7F+C8VinjWzp迫'wdblU'@!QSF1%up:B[e˜KDeJU Ϋ(`+֟%C^qlߕHQk)`cgJ_Aلiqj2.dlv1y~y=90՜G2B`3ao0-T(_jK\n m|xzes߃\(ҧ ڍӦ3 pN.?a;³z1.jU\C!VF"c;%Ďqg ?V .uǦ/H(M2D& }'rE})Z 5+${;N%<5>]{Ru45&M$ LPB0we z8tVq u4g y [?ŋx9^0%h"Ʀ3ǝ 0Ӯ32<xd{, ,~fCY 0 8fܼ"(>Y:1BYf:=)_J`tJו ?GyZ_8B٧9-:?eI ɱ_s@Xi1E$}+PwD1h~?`sZ#Pޫ-" 腦ʪhm2b] wb&4y(P]Tg/Bަ7 C_D;F=[(ut/[ʺK-{OEXx G>ƹżgqۻ`3x#b TOAⱗ9ʸa~u%o yP=/ГTb4VP*D@n*f&L%7ׇnsF1:YN+^C/<\mY9 "Ep%Qg:R@pD @d F}kw~ohZv $_c~[ڳA$#s?q S%$gL:Ycoǵ6 <&(=A~+f\2R!%3+-2|7ƙ&b?,iI|(\Awߞ.>݇OwXr#g9Ь;uîu E! ~ct@a$\g{*z$lД,f޺K~ⱩS짷,C 4;!̲ذ7SlW/g)BÁxE& R}Y> N*Hf8zr :!-bSZI*㻨bX,8Z('91ZubѣP .jɶh7SКrj"mV i_aif9 `ԃOټ+,J\:++--so6=|Kl|x9}W\3K'+W! X8&X&m!~k vppTJFΆjMV2j{-U|oWjpb/䝱UCLl ~x, lI3k9G-mn 6sk}B=Ì%־]SkZtc VF7 U{0H<ЕՠfxQOʔJ 5 "٢Bv&T}y>q ZZ׌nm{ex< KVߜ*;k]A LQK]5(6 E=C]3EL7q+SZN}#Cz '1J9dBV5ط5˝λna,!@`[W'y!P~Z{jܤaFKnRR6a`HÈ# ^&D|\˿ -Mo0DW=w'Zo|:mi-xپFЁ鍙SXWA? ȷpd { h I]1(vRzϯR)̎^H3_ZO!SmYKTPU]͗f82j-0~+1x%6EH_9,sǠ.A=Hk-6B O2 vyQd O0R? i2pA3#7Sf/&[t+;Խ7Mҟ2ɻMǤ]Nbn$RU":pfgͺ,mo2'"IUVLjZ0l৫^ge\.ߝ~Z8l"q*-֥z۬)2,WSZ36,/\ܞ#cZԒZe s(HzOS0#eqi ۂcJ]$K"yE~ȜgJ9{A}g`bYRlbYf]ТpwVEŤM Ci1X#>0ҁcBS.y HpʒAH!89U.w;-&02/ֈ/b9)ظ?xȍ%m |`{IO "oקCܱAOr`ұ=Z[K?lG]e`"Lۨ(&c +#rjb41 >ZԣW{AEC=^FPn Ueڝ(x|NP͓-aN#u܍2Rap32v!ɼ7xjIH#h 8iL4Tg@(+1]Ϲ܂M7H'P|䫚&!0i|5-SęE@^[垟#B8<<阓iICX1)*~ K;W0W9;'Q:C$٦ Xz ~d@[au  ^puHTF׭v?$% K w&{N8{E}O+e_Bk+[ pG_S䣎H1Ԭs݄ecHmegZ˴$ϳ|=q.S M3.3M.,-Z!hUhyQk^@&PK8AĶ'-:ǮDз:#JmM=lr_G@Xh-;%’Uv7r.{(s1J&>ŲiI44(oNAg bd R8nr< ްI `EQ@̰ƿ L?֑wb$iIH@'?L=%t٠^IEais q.GU\#4݇i4 0+$"TB"dlaNڦŔFkrs:v @bn9_JS)GZkB3 {s ->R i\.nѡoD|sm?!a|?Lȉ$=9Y̴F骑4?Y L+x" w9iF%<`T/Wp Exsg)}UGi%)1A|-80>mΕ@#iD6_b)+nn? "IZm!+F\yaF>W[`Ӧ3[iM4|2Xke1tó:BL. Ju'jq76{I,J9TXAW, -6 uR"O>k b?dxs>F~ ͒%'cs1lJ۾o֓oN_ˬȳBʳ9`0^m<H+#Vn۶&cgXaUE6x ,/+v c~+WkXCy]a݄bhC"*/AJuH3CdTW]?q,[ yz3;n4y__BkυX15) VR;wOBfOS F{BN v7l%.B5!A:xbʄ0-LRk"O=LƥzjJ[؂S)ִ.G.5qO _ܑA"J\%?9 C6-+kA\- G^uQdmv.pgK\ ݄7zdjtc2:nHԵ  WA,ϷݚUv۝2u*) 3HQekؚ ^>)H KWNIk'_cC+Q6_>0gDrvhmEϊN7UR\TWC^Ed. Ta%iKyȮЊ *#)%nHk+4펲kb T(`ޜN?ɕR` +hyXB  ]1!]F3T|C4ʬf؜$&)t\>wLY:bazrFsJ(Hl~|m?8U=< ~! yزR[Mk@͛Ow1M dFg{\uNH5.uE ~ RV$Ԋ@ 0_ܣmDX@}$m ˇa\ S茯ߨ4xir|%ȇNO: #uZ׵g9%BtذV;rz\tɐn- KExg- "b?^fNtq1tM]I :G`F.R2QvM\ayVv p gs 9-jp2󍞈 ]"\h{&UoZ{˦s^Li& CrAx+*64`.%ws~`#%T2+{\ <1dS]gi!"_߹r;K(;jӊU\ayˁy13c&[]~p_Z*?Ҏ6Qydnx#~qݞOSi`Zn·OQL]$Ȓ˾-L5 'D yK.$p[Qt ݣ~Ġg׻8a?Goأy ;>l,OAI8s`.y$uTZI]ƪS~tZɍtKQDgE3Hs3TO'<^q+!IKOi"ĕx Nif07ZV8f̌`B[ !;9ۙp-V6sMÖ](9f{+Td]ªD^ҥDBk ǒ (5"4flP">6!F$Sd;p &jv+rk{>5~͔uC8Oqo)Ėzl4hUAiP\rSBр\u)[89[ ;~ĸz1]I۷%YFnq+@{&qa gdTI~Ii 1˵ٝʾ߿b*&G% q$|T/:`CYVvz([BTn֮LdH)|qӬzX : cGm~}<| awOHxFXcP [hš*Pj #2k*Tb@B}&-Tr 3erxh Wޤd v鑄[*3()A|& `^,gɶTS!2vϥ9!q?cU@O}&Es̟=(XuF@4cj)f1g%V{%1$k2p~G @C?tvfcLhm5W]F5'a|$#r(!THB 2@E~G^7P1U%t3r]4$:~!jM=ۗ+\aI7+J/?XA{vcDd0mNRoIcMXZKԅ`U/H#'3$?aL {Bݼ<l@e'B^FYlyR8Xw9B8* }礋#/g2s(UY5xA3ݖY/>|a<+ ޳orjcV&L ZoX噅 #~evoʪ ROt+)Y!%v|wC#qmH^H[^^T;*ުEm. $v{!?UۺȖUGMMY1ka DkHDfcecdJgT|U~/"qˆgڀmyV\$O g5RF"5ˋv7T[: wlFeDg *BQH)7^@/beFj žGr$)<cRsmSm'$lR&S}Oٚ~r2_4B}n",އڲk&D/w^Ts8j ϯrE72{2ݸZv7e!>CJЉy;Kp>+D!DDQg6RjL?". @}>:SN0X؀9 ;LfVVCY '33ͿQ$Y^ T8by?4P%qg<}PX$ӫW% C1K`Hw |R FG&m~܂y% B| O!; :'<%f$// dZm6R6Ο50]X\!@=Eo6yn_2G\X;!iEGߠwm,W4/ c|A5(:J2lnoHN4YqrcgVh}-.OݝwegEȯ}f=/1M2x=|Œ^MmD&(W Z>[Hq\wX@GBQ&'Aߛ'pRݑu_;mт.j {<9^tܖr*ez{U4\;>4yvBjX_Cnm(k:@NbR AL;!ÉA YD%d(bmʑ;U$ء?ŮO$->A!5Lq|yjB¨"یSChbxj1ƂqBFJ ;h wˇXf^f|Q:җN[:vD %/s"hmqbN fzg;)M^ 3qlnnpfF4b9 /6]@|:bc彔 7hhN]l;Jm9nB0&[~xmb~Ljc9,c91 V\A`:Ouš[垬R"׸kpvD^$G7ԛvO^+NpW)1f]bǕoI2ŤNi2>NKM;ד3qS: `d$,f֡u>يnsʾAUTS& oM_'Ĺx3/){C4)VsHPʫ29 ܐ܉R1jv_mcXS$ D9}I0~mQYS @? lrk@]٥eRdC4Z;7#(d"σ Lrwj@˴}]φJ習'ҺRUaДt{IP:O}E:>0;ʷ2Pڰ-ϧ Fh4)(! M xN`> GGSܰS!lx F _B}|zqS. M@p=}AZ1>ڞX_j@ӏ|ã`RWc\"%E},n䱺1> c/{ιo`,k9_LHI} vP᎐ pG؈r\i;1d5v+^.[ml=0cp;) Aj1$o5Jgn m%<{077u$GQhjKOh`ntDuz7~+W[sV¨(j| Q6Р#G "t Aײ~!tb7e!M myF89H^~2H-KZXTfݝD+F@ ƱT^EXx7X֬9G]CQxK|BfՅU )0X*4rJ~dcƹ]au{AsLTJal qLݑed>7yLD9*:K.77ı2}T;n 3!5`1 jNJ9040OI6AOeeSF. a8A㱞A[WӍVgoch>BE߱MQ.Q?2jpCgڛXiYᬠGR"n$(llyx^2rcPH|I[S 0^ J_4JpI(FX ~vWu2c[?% "cs#w]xx LOgF N87W?~vw{Vi{'DٍnO4;"D=C裕 \oē2yѥ"  JBjiZ+2SuU؀V=g̭'řL%>  .ŜADRB<1PL݋3&Po~If.J.&3MٟeLiԗUZvޥ>xJ1(y?H(/𖧝:".bcO]^~Kw4x7N)6"0PFEӘkkzzm]CCoJչxfi4Z^4kc@~FW/=z"ุ㰯0~X-q=:}Efe0KS])S%ZcB ! ߥJ-u7aC}b^KZ $Jނ#+lXpAفJ"M.p'pUꚨd{YҬMapb"UwWt2t?8vbD6.EQQ[y$#zaP Qs֎l]yc'iܐ9%!| Z[v(# MC*q6(Nj4KYI-^Х ý_!#*n m]cG!b C$TA5D*< -D Zy ehv`D7UJ[Nm - 8mݥ>^W{.sPZQ( ˾b#(X"^kgn w z#\\E)S5yc}3BE:H0ʀJOXTd@tlKLI&(bA8b)YFƳ#m~mvHeY=o9ߔ]\k]:ݔC2,mC7n}w ߃öNAy^ GMsn)ZJԐ=:@ɶ)R~–C»D[x&IXTw@C]VhŹe,wU>{Q! ߅u'j%' ^6ɂCʮChCRl:K,8:S&/8F٫E]DG+/P)O-k_0M&VFno䀞 B1Yv9G{h^W̼V *i!y{BuH9 A$V\9_w9R~$69HRTK?MNg +gFMU<GdW1RD/q28 \Pga:/֗ U8|U,8(31Okt%ۘ?iE`/S*TK 9mv+G>X;kEVWDoZ;~N7s'B@/B mQ <]\~UnX"ۻg[SQ6Рyb!OY=+XmxkKv|d3UߋG],fyXoSm\haaZ:blM7H%f1@DxPe@ٮ<&d?p'_,4{pQu@#4>qwEPZ^)ܤݘ/c1R+h±'&WQ3 ]>z]^>'m_1PCג A$QaS1SJ)a-N{+ Y_%_TP0ʜYךA`v~Ѹ㊮SG~a436).fINxC. gy ƅ -X̗ׄE{t<_PCԴG$UlζC?W$[ 9.-AhJo$oRK">8Wל.Ae={!)5e}J)˾=fk&.A Ej(r๎ /I@zQ_:06G-uVD^Q.V,nT\*v`nNvQ+]~`AS(`.ѽԕJ "á>O=QQ:Y/6 @wGFŏMfa@LZ6l"NGyJ'!Ʒ.ztNb{Zڧ~,qj3R8>~3@˷y#,r%]5y ~WatE)TC< B|_႒[j&pO9 k(ƝƦ7X ^Ue'Au-&IXY0 'FlM@*V+|Or݈ X\{ Qk1,k}ucd,//qh9q(hf}\2'Մ\fZ>k6J2Dm: )k'A%6m9_yz7e-6ɂn:+7X-_ ՓD3c| !^6jf\5nqx+{nJHT2cNm-#t>9I4w=h#65T '*KF?A /j6JH{َ`d iAԗ7ឱ0 bm\Ȓ6^uՐg_XЊ`c%[ "<=B+GXi>ppXP#"vUaKa۠ ;[b_01jT{c9&6WLr›tKǠ@31,DcxS7qj V?P<-DC6=Mݗ[`jɼc<8YUPmƋT?*Qsº~?!0\òd;S?Y'.dvz@@>Qܑ?jRCK [$񻵼04Cr{OշsGnF1żlV?5?$->d1Xg}0 R:t٩Q|Fx5џ}5z2nH(nOā{p?=!U`gtNf$}?4K#LXCi[lYIk= cj'ܩ\vR(@poL`#m*Þ?L.l.NN[CŠد6f0|&LhoЯp( }w`RKh#$ގss<n4C>p2y1whEK/8*uc1F{`14k!JJGhQ_J0!Kֶ>,TDYtIVowpy{hj t@wm1SB^O#]DLN-/cz zR:@\^F0I^ֆ^8' l6o.B9 ; uIIr4{T%x!`0Zײh7=dXAD-ɦIYT^&Eyc ݟSq9ýKU{DMT׳GȦچ)eSȌj ߥEiLRh͐2ךpώ&4 .3Gl_-" #`< AzM^ C0y0~u+]d@’uqb/ݭ W%mޭٵSe!X.$bԴ1qщP?O_9@`g)')[8isd\~Ifr" 5:;yX8_dq\_nv;-8]Avw6.aԞYv( r0r0aoM1=D9|WmK7tKw fX~/p\o(-AD7D 2ҳfůz'n; [ U%loZhEoG@ǏR)0%NGjq)kq o=)GrKy@h2MoJX#:X@$@< @ݚ|}"{_ FH.q}-:HJVitdsf;-]kC؃J_s!taILkZumƴ.2_{]+#T9&0Z׺Eud\Z@n\PA5h}o {*02ְQށlCzNOe¼Lp*T0(B(FdrP 䂨u7?*̱ Y1_tjZ>Q{RR~wK7 %, +l~( svۇsd:z{*/C!h0qX'L0"7/u,J@JȷQBGr'E2P^Pf/R 2/t Wˇ}z|>}״=tGSrXZXO$oOcF]~r OːByAǹK;]M_Bب0P#vPHq&AJi vh9OGxxܲ~J͝IC0, sVI!ItQh ѕa|Hnڠ=A*,M@9CJ78$?͕:@8fmo]HVO 48<֐UZ?ԚK7;{{)Is(MD ico[o{baܼ\UCW}XAIJd@MB^BI)ic3 .\8r ب+ 93?܎~?|zu8?t2$'O>}0BO4!o)Pk1 k܌?͔$`axU17q6_ЊX/Ɇnp9bܕVV@3fHMleJgAfSa2^Sk wWGeu2̀4 8 Z]~fK#.l%]pI4 >|.VO3 :m0-n'$sPfs|}Q}aysF&*RN4.:s/R$D|ۿBMH/7UEzΉMOohs--@wpv%5&JZZpn闼ItVPɟY l?@˛3UiZP5ȫ:u;.lv%#_m# ]T)A@rh @Ut=m MtiA3򴧴& ~dUtEdS![J}.bjؤfpqӁ| I)3} w[r.!5eDvO/"BO:rJW8̬2A*/|s `&p@ $> (ѐFwrCUp@ 7-#N5y+G|*le\XUw]M1Whk8u8i(CPڠi}'~qe5Z҇a;tR$oGy$U:Tx"McKGnw@]s:;ǔD&vP С,j&Jbb&V1b~s+ɫ̺֎tF:J1@!TKT'=S?ND&I?AZ(^CNfi/5&{|߰"i+C~I &;ukib~,|p}Y{wcy+ ~X%nw}w.q>O跣{.VS*6 #GrL~F-Lj4o\w3&)Q)2%vf.U39lyn LqTYk؜Kxxd VRVޟ-vQ;轁bK:z9$EmmL<Y;Od.{hn^헵 +nVLMA'~ӯSBX~u/{}cγhU<Dfߕ S %WDBΙfT`^}( TΨut6.T*xӯ7< ^pB<{*$*']SUw[U^?~сFlCH'y=J4 tr*I#6Mץ+:]XKKqZyy+;#ꔮl1I;vo[jcIl^w*r-!႟B^-fR$ inVo 1\D]&|>utz[v=I[vBݹʟz^ʀ h(Lq5}?a˵ˎ)Ί.<nb @7mE-塥Xo~-,wKɋΜP*I?-P=,"C:l"Wز*w~/[29jwPAb(+%zd$SH]-_XSS5;@Y?:u}g4J o%<Ƽg[4M"[ e2)/(CiY4vE dYਥ$}H:])tx:yl`2k GiȂRA~-Ӑ+H2:E/ w2tb`Eۺn(Y+rAv'RMNk)ϦID?5w< wIR]q [zkN@%4vJ}? .-u' iO&r- MG1BvIr&ƋX]w&b g`8ԳR_vˆ""sK^jOm _P' m cpJNT$P 6=NMT@9wqy*&_⎺|&6rc}ΌxTͱsW*W$kAǭR. sNstpnuxLXJ59X6)zws]qQ7c Et՟1Y;H: TNz5f!fgl$1Qj +^!Avm`sqE rW}.H0$6*y\My 7+X+2N:\2-j ݵqח o41)P:$HCujА'%"{:җ?ej)s+Z7uyGVڑȍ;qcM꺽?S╘5& c[փ9JF<d`y` >=b]3i0~λZxS~_bC3K6[dZ|W` t"&wA]Qf7l^z7M&`{3d qzP/1J-%O6%enNzN Iǟh i}ˤR.UR.m{ETb|/w(`s欹3#+ӭ3)]=} eq( >XtU˕>hFY^,tHY{;,FU#0}28jwqjdHd ߵԈwR. 9CNyl>L "`s⮢%(Ά^Uu1I5(XzmҸ` c3 "2*njR(wHiDִP0AQ g+ﳺn"OdqK^ڞk/G]ΔPŖy%j)ݕg\J${ڒ4jI|{tE};V`t#EޤIR%pB`@mw"~0U="At]LeB]nLn1U3#E1N:~ϖ9($eZnAބw(RMkùW^,OC82] z)i|+YY8/6Ƹ9CN#>u}H$2NrjpXӄ@u^rۅl%2z$M)SR Up RșNțv[pRrMwxSv} iSd^59ju-&H kDMWN ƾIce#qr8џcS^켩h='2*F%bgEn? ۅ{^o*|I{Zt2-3k@u}3,u&'x㒏-X6s['0 Np&\BBߟR6{U^Ruqg-W^~nRcHb/|:DyGVN]&?%CzxZ!V%N/CZ QR.\ձ`N?Ap^|ܰ 9!ՆaOg6Q nضv<ь=8(P0/'!έH.\_r ,8هT3^V (lsd2J7 v?l dm+MHnŭ#ca3olol_\ dTЕ 1loyz|6"kr hKYc<%Q"^<D,B>rkAWU:4*R֯M.k\mrLV;h՚' 9?!bdi_POzkF\fg7\OjsBLRdHԒM M|i*L GK)3?`\g,TeYx~j |"7w\S愯T47Bzb(r(YU 0ȅ8IыiJK@QU@VbڗFF/3g`%ܭvPIYٖwGM;iod> Oz+jd9%;S&~xPGi<:[y}: ڦ/J!qO)qnYw ޽KR|0>D<91`Z/`u돞oWX1XS!cM,pNvx` %Mv;{rsC'ImfL֜ki*@xaCylMs) S1 4-bN5b`J3c0cԯ픗H *Gq483BĈcURAM4ZQE"Ej'\YʑrYkS!AZ@eZөam|~ShaզML$9L uژ.koׄ [H5REXƓN4t"c}+pM[5H8v3b2fL r`fZ4,{1XB&cCxvlar QJ ) ^|ad0sCK*< Fud~*xNMՆfH~\e2ɀ.zV\gSs7t*ղMcy)^P.iP{GDh1G:>tѪ>'L:3Qڎ†'Qm @|ʣbA >$qf,7܃I^ϺgN&q?32K ª"kY>Сo8QQ,FNo[w'Qd׉o\fr-VrLXpc9sFq<^}GgZm]T ZZ:͗|q~s?V1$ /k m`@yV V=".x+y<Qmņp)]I K>Cg14*򲇙/(ᚵuS+a0oX?lx )S[>WZ;>&okte'=b5Y7R??qɱno+W,HkB|y2.P`x?6W$F!T6:}Acso6"JGoQq3e~ˏWp.guB 8A97Epr$11Đ!(9G~".;7Yv"\YDd}P'fnZoh)Rj=h#/E.ߒБ},iK5tv_kǛ eehc׎nn9 9( bxa0պ$6vCPW4Kߌ8oy}Ny$3¢dA 2>1Oo锥/|qs㩍{M1}]=I)kXk?z$cH"z6j2\)@ʰW.aK˚KKRAbx:5h[^[!"֯$|Ymt%1={ k+,9a 3+(`\$szx6T_,.4鿙P\$\U ̈pjKeQP*)nteO!ҟ@*%<52- L$˯.vR vPP o,2$c`e38N&Zپ|$ }Ze9# H>x,Z|Rwmz?Lm@sar4H) Qɢ@U?~8k$aWjפrVk|!h_0laxGFX2 )XMvr7ƒC ;W8z}w2gkE^GVI ;UMrHv(!Nx`#wjnߒQhb2CLBaʊ+{8$i =ֆeN QU{QVSax=ֺ~*Xێb';JJWUQR!8A*Z"2K/U6F}dcݡouЩ-UPEwMOFfASz t#xA~ bn*6*j$-0(EHY~2x$F8H2ˁ]lW@3dMPڢ<ˎ'hpfd寠B}.z#^+AnꌏU+`!oN^EJD"?D@?*Bpye Ha:`J9|%ƽ{A@J c\b|jN1h-"ު:w |5* S]MwjvN\Qe+rk|)ˎeh7v7|~Wptu!&aB6˧|xǢݜdT8֑,U:"oQZ>٠ 79wU +SuTEe~2UㄻvU >B,3Pa$Ue&I@_HGy3Pi;23e|< =YD;Ջ | eI:Q ,ˇ =UǤD; R7nƞ C=fز{tM392 ޭ+D}RA|`[q@e| gS*bE)U[hqt<"pXPپV#M)lxu\5y5zWIs*N%ˆ R(̼Yt>E,W?FKZR iTxi8 ó7:;cZQyÂTP[u,QΆWis"DAPYxIa,v]4,0ʛ58CZ39g[da ;(B7P,P>9UJEtA~ V$a@\]? P EΫΚa5ۛbS eґVޜ3zxFv JoMRSŜV%6~Buﰮ+b¸^orl3Csv{~uՑфz(Mdz_OީW ɴb}$\gb,m~xy\VCPZ)Vx'0q4rJʦlL2!\X=igoSLZy# D mw F뻒8zU e_-_*H 0hv`JNV]!۴DfݕY $/O 43d\ȲNa b\d5^7(wɽGj#C.tu:9Wm sXx !5_fN}qOJpbCA_Uq,-#@]*g*1wZE>.oy0hq_x_])uUifJJfhK*"]2ƇK=gmXYҠƊΠ汉¸/[kfZzPqԀ>y˃#/RmxѺse)`^Bzr}dmֱn^~&lJ7Ԯ)mbi?ǯI}#I?#ƷO5̀'s.Vr$3WU4+,)Fr^ wouHBV03ٮvU0K݁HϹÒr>"R급ѳA\(Ů,FL9ZFJ2$^?@#`+T^:Hh gkPVfoL6}5'uV~$pyN]U)ce[l@-,mLuߞe'ޠC |rC #Lh( i$vm=ʒcט MNINT.} ڿG2]k-Scs7Iw+qD1gomrP8UBRH#S`]"*mNa{HÒCPWrH^\q4SA[_!FMhʓ2xa|AؙkA `҆obd_+"X%ܿpJ^ww&g\2