python-paramiko-doc-2.12.0-2.el8$>.8^^"[9Tm>:L?<d # V&8 GSx~j0j j j j !*j !j#<j%Nj'`'j)0)D)X)()8)l9+l:A5lGLjHjIjXY \j]j^s b*dienfqlstju4jv 8Cpython-paramiko-doc2.12.02.el8Docs and demo for SSH2 protocol library for python Paramiko (a combination of the Esperanto words for "paranoid" and "friend") is a module for python 2.3 or greater that implements the SSH2 protocol for secure (encrypted and authenticated) connections to remote machines. Unlike SSL (aka TLS), the SSH2 protocol does not require hierarchical certificates signed by a powerful central authority. You may know SSH2 as the protocol that replaced telnet and rsh for secure access to remote shells, but the protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel (this is how sftp works, for example). This is the documentation and demos.ebuildvm-ppc64le-25.iad2.fedoraproject.org;'IFedora ProjectFedora ProjectLGPL-2.1-or-laterFedora ProjectUnspecifiedhttps://github.com/paramiko/paramikolinuxnoarch7 @ sw}+`_=` '7Cܑ\Z[)gF2K=h/27gRiG>ST) )=*$RZZci`/lc ?5_V7W>]@P&6)TOW"aoL0U.i?AA큤AAA큤AA큤A큤A큤ee7e7e7e7e7e7e7e7e7e7e7e7eCeAeAe;e;ee>e>e>e>e?e@e@eAeAeAeAeCeCcececececececececececececececececececeeC[KMeCeC[KM[KM[KMW+ϑeCeC[KM[KM[KM[LPU[LPU[KM[KMeCeC[KM[KM[KM[KM[LPUeCeBeBeBeBeBeBeBeBeBeBeBeBeBeBeCeCeCeCeCeCeCeCeCeC8cb173b482266440a92f923b7150ac06ebe22fe7d5a1c72b8c4d79f37b449afe56a3eb3a82b1fbee0adc68ad8e8355179e9d01da70f3f42b668f7c4dcb927e1bea7ff78009d34cc4ccf7548900497f96bf168b9c8d428e1a415629a6b0a9d3d1d7ffcab864089b350c0f17b8ed226ce1f8c44dbc325b0fcb9ed42f3da5149f5c7b41023a3980079d81e04ea6c87838c0ef90a07c8016fabdfb7c80aec5e0d70d1d1a110685ed0c6082ee00ed7a64e8a7bc30addaeac0b5aabaa9d65a61b262e0e7565ce8181b7021d8c4fcce721fb26a58644d3d5427371fc993d019532d096a12df4acbc751e73dfefb3fa1c573cf9ece42eb3607a407790946631e862c6d793d34c8bd41c7ebadf2281094cf26398d6504bc16bd3da5a83d3693a9e27f3a22cfb3139742ad71dd25db00d7bda8389d6a70d9713b2f44917c348b2169cd1d6202226dd9d78171284aff1861e9ba5f984df471554e579960772e45e754ade26213cc704e8b5d1f2b7a6f662abc33914ba068b6078316d36bfe1ece97dad0df483eac92069a19586b9319b71c1c7f9e942e3f720524396f49c8c7cfa493a50785ebda5663a8fc29b45fe47bd14c0e66af139e44ec4b780f3c05b8a9586b436d2a16758e4392203bb2ccd3bf0526461945d928df996b361ae24a62dc40efa095ad3d18f44d856f225ca727092895319ef98316623db67582b93fa5ed04c52fe8e02c16ac05d1d68b616db0079768dffab1801e3e9d67fa11754af7b88d4dab05303f72c0567d00f0d798f269a6a4174045e348f16a186c091e4ffb2d0024d7b7e87e22021826c782c1c2cfd26cbc656f696e9dcf198f6d2dd513bfa015b30bf49a4a7fb083ef9307761c2de03c1f3828a5fa5a2095a1a297c0b8aa542afaaf3e0069cbe378688ce6340d8a3d4765227369ce9b59bed9d239af64d934f4f8c17dd734db9bf20516c45531c276874c1839e3cd26abd75f7d3430360332c936282884ad6842a7a194867e5dd579cf4ea69a35e3cba71a293e3943d9753183c407c32631c98ea27e22fd8dc3627c3f230e6824158690a437ede04d62df2ceb5c56c018897b677302b924d67b619bd30dcd5b37c36ef28c3853db61982533bfb6116c9f7c89548eca93940c48a4f44bf650681ac69fcd18495e04c7f48f7b3361e94764c9be3d2964180f5ec42dba7961cd21336758bfb9a1d0a601a191e15da2b98341dcd5aa9259cb3e12a1f2828d388beae3966d11c968d4f3bd15f73616923ccdffc8e8f64baecbbe80e8c1c9c43fef18cf074768365532f51efbc1674d66af03fe6149c7127ea7072e6c4c1e3d2701fdce5a59e7fec9a1c038feea8b4d1761ba84aa656bd9ec8e6debe91f2bfce58309e7c8d2668715d7f8f8de4873275536beb9def73531dc956a8c06bfc616b84e99fcbfa0193d22bda18dcc16d8f34fd4a13d84743adf3f6e227a1d0eb35d361ba3e14cae026b41e54f33292ffbdf16a6252c2ebccd95eb0f37d5ec334e4394f99ca099358c6564e9c68ec3f43c7e0f08af70b96068200f3b15adcf456ea7ac771258e8f6c7e45bcba9f64b82ee10a52450119b79ecf55eb2713fbbfe88f96fc09b96089c995660b16354d44716edd930d4680a99bdc549536ef76bbc30d478c29d2d2eadb04d9744f02d96369e18caf40e98e628e2707e62f7315b0774f2f9e743e639d4855da4524385e73bfee3d0d7fbeaa5cb9302c86a3f6edcabd98a844aef7e8e0f03408c09c6b632ccf8039e5ef814df3893b74cb09ad7e62aaf5c4b984a2087e5a5a171e83038b7d17bf800517384a623cb3d09734970b187a0bf8a040c7c923b6b4bd37a9a46e8bdf49be91bb85d78b82284eb4815675a6fe9f4109293bce4a9f62332c5ade261cab78335deff2691cdde0b0cd160dad1282d726dae8932bf00de251231db2f9e1a5728a19e91f620eb3cca16e00011783247be7270382b3f26b534b3b327ac0b979fad245bfe18d11635dc0e70eadcee38578cc8f15df8ccb99383ce6d2242be2b129942c1ad410399ed066d87e220122e16b4e5811ceb09b9737ba04dad72e511e3153d8cd83ae339e675043a61fa6a13c153e7b90b7dfd7275f5a0236778dcfc2661ebb4b507bd6631359aa20448693913eec985088c3f1b88bdb2ff1868e407a53da4f07b33e774429549a6a5198b64233790d2f5a5188e04bd5da8d19ea60d9972cb0af3d6c1997dba08d0b25bc20d7bf2c633d3163dc663076983798d00c8267fe0676bb05d045fd991ddf2b208dd9bf39a591f50e6ec793416e2867f54e8c6c7e89b68c2125b6aacab7779142bb589d53abcd881af5b13df3b8e773e34cdd169960472d6b61fc4383784ca3ff8589a1bb48d19d06fddc78d6120cbc9ad31f275f62f4cce0737b92f8825f5ed0740482819f3fba7826297908bbd44ff00b64ee95d262d60866319c7cf09c3d5b2926ea9d9f068801c8ee0724dac66604b03ac50b18295775fb8b0b215a51fc05bc152a12ab32d44cda758721c5df53f2aeab1b1e3490aa539f23a6561786e3cb4e33e4a96562a1305a8b74c0d45dc215a64018692cd5d4cba5080dd83bfbc09c8440ecc3e163b7352073f7428a92facb9dfcd04ba29188ba28e8a608ee322984d897fc7952921b91c872baca0f021cba843b99051745b45c89ca40639d0bb71502306afdbc8646f6ef362b79c54a8f9211aa290ad8b363575fc30ab04aa494f8ab239fba636663b950ccff763bd3b95a3c214ee2344ec895c4bc9a16aebf38c4b950f59b8e501ca36495328cb9eb622218bce9064a35e3e0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb2187083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de47e7fc50db3699f1ca41ce9a2ffa202c00c5d1d5180c55f62ba859b1bd6cc00854115199b96a130cba02147c47c0deb43dcc9b9f08b5162bba8642b34980ac6382b0f71c695e8765ceb2c5e4a87e3f522e8923ce6ddbde5385008d001b7692fbe8d039d87d8f443d02abb76df25715de53a329a7a35cb58d4767c08a574fbe00f808f0aa32fbe90fb9c9c846917faff3fdd4e236c284b76c02dd33753dc9017742d8fad13bc28fc726775196ec9ab953febf9bde175c5845128361c953fa17f4cfe678a4446900f4081ab8d74ef3d1f8b1002edbf8cae3db292fcca0637310ed108f280badfe5ec5168738c4f70a59bc6ea9d1e9243ff2b951386fb668e935023e61ad44de4625bdd7aa3b1ac8ddad355c919de8a23bd16fb36053901ff23cb924af344a084635d4f26a0c957bf5b64f704acf5922064b12bbea2860c6b9dd802bd0d7f83f366d4c540058155f1551f4fe23c45c2fb9f31cf6cff20be650b469fb1acbd459e4460a3848098570bf2d488d80eca210e66aca9eb5f2514ca2dc393ab4f49697b669be8656e34ec86c7b89b539bcb5b4a3b76862efbdd8405e40025583ab7dffe18e10ea4103f200cf86c02a2d05f1808428a9f1c4ac8f03132802c51528e32f13404096332a9d279111d78390be13a7648ce10ec37be4e4a47083cfb11a41fa5080131e1f78377db2f9fa498158e9cba4f106b023c04133f787cd4cbd950cd3ab5db313693d44902f791ee50642cea5a71759d825d66e02af493a8e70d0c41f6c38d760d0cf210fd3b1aa23bbc58bc754297ca1a6677b0a9d0f072917facb098b8206a1f40e094ea5d6b858301696d02428c9b8116a98243cff4f6ae53d40fadb885e69232e9cdbcedc45e2fd3be9dec828cebdb3b8eb8a8fd1a3c348280818b4f4b9997f05c3d835edbbcf8302e61e0710c40ef319f5c0694d04f2342d67a304fb5287a60ae86a1678ba34c90308d9b4f4f9928959efc07ce5ac81fb6bbf801887bd73cd1e92232a6da40a39eefd29044344859728ea7a0f4826c0e1858bcaca1f625d7843d697915c806bd3e4cbc90b6fb5ed337c3780af1e5e552328725796a32a5d081e2abeed4203d15e78e97ee0194e3bcce14e189de69fd40e6ce25f776a366b9c856419737f1dd6ca5880aeb6fd67eeb7d4b2988dd68606d35d32a5f72a6f1642883e1bcd92bc684b34aa39a4fa282f7ceaa4e0d001b8fd55670c7cf88ff2d7fbea6526701210ce2a6b7a1c57b0ad4cd5ede94d5156b98b66a0a0ea583a532ed87659f09837771bdce94dbd9b1aabd51c0cc7fbae273af4494d66a4337f96fd960cfdd7794387302992e8ee35c585aab5b7d05ff326bda6431f33c8af7a17b8acf1617f22ac0e7940625595d0f6a53d7bba4de88ee14b6ff49c1e8f4be5013caab6d51712f4c0aef66029b6370ac5b9f598fd53dfd2b7a28de9e289e04ef1bc36c4b54efed00545df2a760b25f5188482c8888381c933rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootpython-paramiko-2.12.0-2.el8.src.rpmpython-paramiko-doc    python-paramikorpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)2.12.0-2.el83.0.4-14.6.0-14.0-15.2-14.14.3ecgbڑ@bx@b@bgb8hb5b0b-a@aea|aaŶ@aad'@`@``?z@`>(`U_L@_!d^J^a^2@]@]]@]]Z@]:@]]\F@\U@[@[I[*AZZ}@Z Z@Z ,@YYA@YLYX@YyYA%@Y=0X}@XXWXS@XJXJW@W#LV@V=@VA@UUTY@TsTg@@TeTeTASSS R߲Re@QB@QQP!@P On@NN@MQ0@M# LH2JJkJhPI@IU@I1.H|@HpGGGNFR@FR@Ez@E*9E @Dq@D|D(@D[>@D[>@D - 2.12.0-2Paul Howarth - 2.12.0-1Fedora Release Engineering - 2.11.0-3Python Maint - 2.11.0-2Paul Howarth - 2.11.0-1Paul Howarth - 2.10.4-1Paul Howarth - 2.10.3-2Paul Howarth - 2.10.3-1Paul Howarth - 2.10.2-1Paul Howarth - 2.10.1-1Fedora Release Engineering - 2.9.2-3Paul Howarth - 2.9.2-2Paul Howarth - 2.9.2-1Paul Howarth - 2.9.1-1Paul Howarth - 2.9.0-1Paul Howarth - 2.8.1-1Paul Howarth - 2.8.0-1Fedora Release Engineering - 2.7.2-6Python Maint - 2.7.2-5Paul Howarth - 2.7.2-4Dan Radez - 2.7.2-3Fedora Release Engineering - 2.7.2-2Paul Howarth - 2.7.2-1Fedora Release Engineering - 2.7.1-5Paul Howarth - 2.7.1-4Miro Hrončok - 2.7.1-3Fedora Release Engineering - 2.7.1-2Paul Howarth - 2.7.1-1Paul Howarth - 2.7.0-1Othman Madjoudj - 2.6.0-5Miro Hrončok - 2.6.0-4Miro Hrončok - 2.6.0-3Fedora Release Engineering - 2.6.0-2Paul Howarth - 2.6.0-1Paul Howarth - 2.5.1-1Paul Howarth - 2.5.0-1Fedora Release Engineering - 2.4.2-2Paul Howarth - 2.4.2-1Fedora Release Engineering - 2.4.1-5Miro Hrončok - 2.4.1-4Paul Howarth - 2.4.1-1Fedora Release Engineering - 2.4.0-3Athmane Madjoudj - 2.4.0-2Igor Gnatenko - 2.4.0-1Athmane Madjoudj - 2.4.0-1Athmane Madjoudj - 2.3.1-3Athmane Madjoudj - 2.3.1-2Athmane Madjoudj - 2.3.1-1Paul Howarth - 2.3.0-1Fedora Release Engineering - 2.2.1-2Paul Howarth - 2.2.1-1Paul Howarth - 2.2.0-1Paul Howarth - 2.1.2-1Fedora Release Engineering - 2.1.1-3Miro Hrončok - 2.1.1-2Jon Ciesla - 2.1.1-1Jon Ciesla - 2.1.0-1Jon Ciesla - 2.0.2-1Fedora Release Engineering - 2.0.0-2Igor Gnatenko - 2.0.0-1Igor Gnatenko - 1.16.0-1Fedora Release Engineering - 1.15.2-5Fedora Release Engineering - 1.15.2-4Fedora Release Engineering - 1.15.2-3Peter Robinson 1.15.2-2Athmane Madjoudj 1.15.2-1Athmane Madjoudj 1.15.1-5Athmane Madjoudj 1.15.1-4Athmane Madjoudj 1.15.1-3Athmane Madjoudj 1.15.1-2Jeffrey C. Ollie - 1.15.1-1Orion Poplawski - 1.12.4-1Fedora Release Engineering - 1.12.2-2Orion Poplawski - 1.12.2-1Orion Poplawski - 1.11.3-1Orion Poplawski - 1.11.0-1Fedora Release Engineering - 1.10.1-2Jeffrey Ollie - 1.10.1-1Fedora Release Engineering - 1.9.0-2Jeffrey Ollie - 1.9.0-1Fedora Release Engineering - 1.7.7.1-3Fedora Release Engineering - 1.7.7.1-2Jeffrey C. Ollie - 1.7.7.1-1Fedora Release Engineering - 1.7.6-4Toshio Kuratomi - 1.7.6-3David Malcolm - 1.7.6-2Jeffrey C. Ollie - 1.7.6-1Jeremy Katz - 1.7.5-2Jeffrey C. Ollie - 1.7.5-1Fedora Release Engineering - 1.7.4-5Jeffrey C. Ollie - 1.7.4-4Ignacio Vazquez-Abrams - 1.7.4-3Tom "spot" Callaway - 1.7.4-2Jeffrey C. Ollie - 1.7.4-1Jeffrey C. Ollie - 1.7.3-1Jeffrey C. Ollie - 1.7.2-1Jeffrey C. Ollie - 1.7.1-3Jeffrey C. Ollie - 1.7.1-2Jeffrey C. Ollie - 1.7.1-1Toshio Kuratomi - 1.6.4-1Jeffrey C. Ollie - 1.6.2-1Shahms E. King 1.6.1-3Shahms E. King 1.6.1-2Shahms E. King 1.6.1-1Shahms E. King 1.6-1Shahms E. King 1.5.4-2Shahms E. King 1.5.4-1Shahms E. King 1.5.3-1- Address CVE 2023-48795 (a.k.a. the "Terrapin Attack", a vulnerability found in the SSH protocol re: treatment of packet sequence numbers) as follows: - The vulnerability only impacts encrypt-then-MAC digest algorithms in tandem with CBC ciphers, and ChaCha20-poly1305; of these, Paramiko currently only implements ``hmac-sha2-(256|512)-etm`` in tandem with 'AES-CBC' - As the fix for the vulnerability requires both ends of the connection to cooperate, the below changes will only take effect when the remote end is OpenSSH ≥ 9.6 (or equivalent, such as Paramiko in server mode, as of this patch version) and configured to use the new "strict kex" mode - Paramiko will always attempt to use "strict kex" mode if offered by the server, unless you override this by specifying 'strict_kex=False' in 'Transport.__init__' - Paramiko will now raise an 'SSHException' subclass ('MessageOrderError') when protocol messages are received in unexpected order; this includes situations like receiving 'MSG_DEBUG' or 'MSG_IGNORE' during initial key exchange, which are no longer allowed during strict mode - Key (re)negotiation, i.e. 'MSG_NEWKEYS', whenever it is encountered, now resets packet sequence numbers (this should be invisible to users during normal operation, only causing exceptions if the exploit is encountered, which will usually result in, again, 'MessageOrderError') - Sequence number rollover will now raise 'SSHException' if it occurs during initial key exchange (regardless of strict mode status) - Tweak 'ext-info-(c|s)' detection during KEXINIT protocol phase; the original implementation made assumptions based on an OpenSSH implementation detail - 'Transport' grew a new 'packetizer_class' kwarg for overriding the packet-handler class used internally; this is mostly for testing, but advanced users may find this useful when doing deep hacks - A handful of lower-level classes (notably 'paramiko.message.Message' and 'paramiko.pkey.PKey') previously returned 'bytes' objects from their implementation of '__str__', even under Python 3, and there was never any '__bytes__' method; these issues have been fixed by renaming '__str__' to '__bytes__' and relying on Python's default "stringification returns the output of '__repr__'" behavior re: any real attempts to 'str()' such objects- Update to 2.12.0 (rhbz#2140281) - Add a 'transport_factory' kwarg to 'SSHClient.connect' for advanced users to gain more control over early Transport setup and manipulation (GH#2054, GH#2125) - Update '~paramiko.client.SSHClient' so it explicitly closes its wrapped socket object upon encountering socket errors at connection time; this should help somewhat with certain classes of memory leaks, resource warnings, and/or errors (though we hasten to remind everyone that Client and Transport have their own '.close()' methods for use in non-error situations!) (GH#1822) - Raise '~paramiko.ssh_exception.SSHException' explicitly when blank private key data is loaded, instead of the natural result of 'IndexError'; this should help more bits of Paramiko or Paramiko-adjacent codebases to correctly handle this class of error (GH#1599, GH#1637) - Use SPDX-format license tag- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild- Rebuilt for Python 3.11- Update to 2.11.0 - Align signature verification algorithm with OpenSSH re: zero-padding signatures that don't match their nominal size/length; this shouldn't affect most users, but will help Paramiko-implemented SSH servers handle poorly behaved clients such as PuTTY (GH#1933) - OpenSSH 7.7 and older has a bug preventing it from understanding how to perform SHA2 signature verification for RSA certificates (specifically certs - not keys), so when we added SHA2 support it broke all clients using RSA certificates with these servers; this has been fixed in a manner similar to what OpenSSH's own client does - a version check is performed and the algorithm used is downgraded if needed (GH#2017) - Recent versions of Cryptography have deprecated Blowfish algorithm support; in lieu of an easy method for users to remove it from the list of algorithms Paramiko tries to import and use, we've decided to remove it from our "preferred algorithms" list, which will both discourage use of a weak algorithm, and avoid warnings (GH#2038, GH#2039) - Windows-native SSH agent support as merged in 2.10 could encounter 'Errno 22' 'OSError' exceptions in some scenarios (e.g. server not cleanly closing a relevant named pipe); this has been worked around and should be less problematic (GH#2008, GH#2010) - Add SSH config token expansion (eg '%h', '%p') when parsing 'ProxyJump' directives (GH#1951) - Apply unittest 'skipIf' to tests currently using SHA1 in their critical path, to avoid failures on systems starting to disable SHA1 outright in their crypto backends (e.g. RHEL 9) (GH#2004, GH#2011)- Update to 2.10.4 - Update 'camelCase' method calls against the 'threading' module to be 'snake_case'; this and related tweaks should fix some deprecation warnings under Python 3.10 (GH#1838, GH#1870, GH#2028) - '~paramiko.pkey.PKey' instances' '__eq__' did not have the usual safety guard in place to ensure they were being compared to another 'PKey' object, causing occasional spurious 'BadHostKeyException', among other things (GH#1964, GH#2023, GH#2024) - Servers offering certificate variants of hostkey algorithms (e.g. 'ssh-rsa-cert-v01@openssh.com') could not have their host keys verified by Paramiko clients, as it only ever considered non-cert key types for that part of connection handshaking (GH#2035)- Skip tests that would fail without SHA-1 signing support in backend, such as on EL-9 (GH#2011)- Update to 2.10.3 - Certificate-based pubkey auth was inadvertently broken when adding SHA2 support in version 2.9.0 (GH#1963, GH#1977) - Switch from module-global to thread-local storage when recording thread IDs for a logging helper; this should avoid one flavor of memory leak for long-running processes (GH#2002, GH#2003)- Update to 2.10.2 - Fix Python 2 compatibility breakage introduced in 2.10.1 (GH#2001) - Re-enable sftp tests, no longer failing under mock- Update to 2.10.1 - CVE-2022-24302: Creation of new private key files using '~paramiko.pkey.PKey' subclasses was subject to a race condition between file creation and mode modification, which could be exploited by an attacker with knowledge of where the Paramiko-using code would write out such files; this has been patched by using 'os.open' and 'os.fdopen' to ensure new files are opened with the correct mode immediately (we've left the subsequent explicit 'chmod' in place to minimize any possible disruption, though it may get removed in future backwards-incompatible updates) - Add support for the '%C' token when parsing SSH config files (GH#1976) - Add support for OpenSSH's Windows agent as a fallback when Putty/WinPageant isn't available or functional (GH#1509, GH#1837, GH#1868) - Significantly speed up low-level read/write actions on '~paramiko.sftp_file.SFTPFile' objects by using 'bytearray'/'memoryview' (GH#892); this is unlikely to change anything for users of the higher level methods like 'SFTPClient.get' or 'SFTPClient.getfo', but users of 'SFTPClient.open' will likely see orders of magnitude improvements for files larger than a few megabytes in size - Add 'six' explicitly to install-requires; it snuck into active use at some point but has only been indicated by transitive dependency on 'bcrypt' until they somewhat-recently dropped it (GH#1985); this will be short-lived until we drop Python 2 support- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild- Avoid use of deprecated python-mock by using unittest.mock instead https://github.com/paramiko/paramiko/pull/1666- Update to 2.9.2 - Connecting to servers that support 'server-sig-algs' but which have no overlap between that list and what a Paramiko client supports, now raise an exception instead of defaulting to 'rsa-sha2-512' (since the use of 'server-sig-algs' allows us to know what the server supports) - Enhanced log output when connecting to servers that do not support 'server-sig-algs' extensions, making the new-as-of-2.9 defaulting to SHA2 pubkey algorithms more obvious when it kicks in- Update to 2.9.1 - Server-side support for 'rsa-sha2-256' and 'ssh-rsa' wasn't fully operable after 2.9.0's release (signatures for RSA pubkeys were always run through 'rsa-sha2-512' instead) (GH#1935)- Update to 2.9.0 - Add support for SHA-2 variants of RSA key verification algorithms (as described in RFC 8332) as well as limited SSH extension negotiation (RFC 8308) (GH#1326, GH#1643, GH#1644, GH#1925) How SSH servers/clients decide when and how to use this functionality can be complicated; Paramiko's support is as follows: - Client verification of server host key during key exchange will now prefer rsa-sha2-512, rsa-sha2-256, and legacy ssh-rsa algorithms, in that order, instead of just ssh-rsa - Note that the preference order of other algorithm families such as ed25519 and ecdsa has not changed; for example, those two groups are still preferred over RSA - Server mode will now offer all 3 RSA algorithms for host key verification during key exchange, similar to client mode, if it has been configured with an RSA host key - Client mode key exchange now sends the ext-info-c flag signaling support for MSG_EXT_INFO, and support for parsing the latter (specifically, its server-sig-algs flag) has been added - Client mode, when performing public key authentication with an RSA key or cert, will act as follows: - In all cases, the list of algorithms to consider is based on the new preferred_pubkeys list and disabled_algorithms; this list, like with host keys, prefers SHA2-512, SHA2-256 and SHA1, in that order - When the server does not send server-sig-algs, Paramiko will attempt the first algorithm in the above list; clients connecting to legacy servers should thus use disabled_algorithms to turn off SHA2 - When the server does send server-sig-algs, the first algorithm supported by both ends is used, or if there is none, it falls back to the previous behavior - SSH agent support grew the ability to specify algorithm flags when requesting private key signatures; this is now used to forward SHA2 algorithms when appropriate - Server mode is now capable of pubkey auth involving SHA-2 signatures from clients, provided one's server implementation actually provides for doing so; this includes basic support for sending MSG_EXT_INFO (containing server-sig-algs only) to clients advertising ext-info-c in their key exchange list In order to implement the above, the following API additions were made: - 'PKey.sign_ssh_data ': Grew an extra, optional 'algorithm' keyword argument (defaulting to 'None' for most subclasses, and to "ssh-rsa" for '~paramiko.rsakey.RSAKey') - A new '~paramiko.ssh_exception.SSHException' subclass was added, '~paramiko.ssh_exception.IncompatiblePeer', and is raised in all spots where key exchange aborts due to algorithmic incompatibility; like all other exceptions in that module, it inherits from 'SSHException', and as nothing else was changed about the raising (i.e. the attributes and message text are the same) this change is backwards compatible - '~paramiko.transport.Transport' grew a '_preferred_pubkeys' attribute and matching 'preferred_pubkeys' property to match the other, kex-focused, such members; this allows client pubkey authentication to honor the 'disabled_algorithms' feature- Update to 2.8.1 - Fix listdir failure when server uses a locale (GH#985, GH#992); now on Python 2.7 SFTPAttributes will decode abbreviated month names correctly rather than raise 'UnicodeDecodeError' - Deleting items from '~paramiko.hostkeys.HostKeys' would incorrectly raise 'KeyError' even for valid keys, due to a logic bug (GH#1024) - Update RSA and ECDSA key decoding subroutines to correctly catch exception types thrown by modern versions of Cryptography (specifically 'TypeError' and its internal 'UnsupportedAlgorithm') (GH#1257, GH#1266); these exception classes will now become '~paramiko.ssh_exception.SSHException' instances instead of bubbling up - Update '~paramiko.pkey.PKey' and subclasses to compare ('__eq__') via direct field/attribute comparison instead of hashing (while retaining the existing behavior of '__hash__' via a slight refactor) (GH#908) Warning: This fixes a security flaw! If you are running Paramiko on 32-bit systems with low entropy (such as any 32-bit Python 2, or a 32-bit Python 3 that is running with 'PYTHONHASHSEED=0') it is possible for an attacker to craft a new keypair from an exfiltrated public key, which Paramiko would consider equal to the original key. This could enable attacks such as, but not limited to, the following: - Paramiko server processes would incorrectly authenticate the attacker (using their generated private key) as if they were the victim. We see this as the most plausible attack using this flaw. - Paramiko client processes would incorrectly validate a connected server (when host key verification is enabled) while subjected to a man-in-the-middle attack. This impacts more users than the server-side version, but also carries higher requirements for the attacker, namely successful DNS poisoning or other MITM techniques.- Update to 2.8.0 - Administrivia overhaul, including but not limited to: - Migrate CI to CircleCI - Primary dev branch is now 'main' (renamed) - Many README edits for clarity, modernization etc.; including a bunch more (and consistent) status badges and unification with main project site index - PyPI page much more fleshed out (long_description is now filled in with the README; sidebar links expanded; etc.) - flake8, pytest configs split out of setup.cfg into their own files - Invoke/invocations (used by maintainers/contributors) upgraded to modern versions - Newer server-side key exchange algorithms not intended to use SHA1 (diffie-hellman-group14-sha256, diffie-hellman-group16-sha512) were incorrectly using SHA1 after all, due to a bug causing them to ignore the 'hash_algo' class attribute; this has been corrected (GH#1452, GH#1882) - Add a 'prefetch' keyword argument to 'SFTPClient.get'/'SFTPClient.getfo' so that users who need to skip SFTP prefetching are able to conditionally turn it off (GH#1846)- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild- Rebuilt for Python 3.10- Drop invoke dependencies as it requires ancient pytest and we can't expect it to remain around- Removing the python-relax dep using upstream patch https://github.com/paramiko/paramiko/pull/1665/- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild- Update to 2.7.2 - Update our CI to catch issues with sdist generation, installation and testing - Add missing test suite fixtures directory to MANIFEST.in, reinstating the ability to run Paramiko's tests from an sdist tarball (GH#1727) - Remove leading whitespace from OpenSSH RSA test suite static key fixture, to conform better to spec. (GH#1722) - Fix incorrect string formatting causing unhelpful error message annotation when using Kerberos/GSSAPI - Fix incorrectly swapped order of 'p' and 'q' numbers when loading OpenSSH-format RSA private keys; at minimum this should address a slowdown when using such keys, and it also means Paramiko works with Cryptography 3.1 and above, which complains strenuously when this problem appears (GH#1723)- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild- Avoid FTBFS with pytest 5 (pytest-relaxed pulls in pytest 4) - Drop explicit dependencies for things that the python dependency generator finds by itself- Rebuilt for Python 3.9- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild- Update to 2.7.1 - The new-style private key format (added in 2.7.0) suffered from an unpadding bug that had been fixed earlier for Ed25519 (as that key type has always used the newer format); that fix has been refactored and applied to the base key class (GH#1567) - Fix a bug in support for ECDSA keys under the newly-supported OpenSSH key format (GH#1565, GH#1566)- Update to 2.7.0 - Implement support for OpenSSH 6.5-style private key files (typically denoted as having 'BEGIN OPENSSH PRIVATE KEY' headers instead of PEM format's 'BEGIN RSA PRIVATE KEY' or similar); if you were getting any sort of weird auth error from "modern" keys generated on newer operating system releases (such as macOS Mojave), this is the first update to try (GH#602, GH#618, GH#1313, GH#1343) - Token expansion in 'ssh_config' used a different method of determining the local username ('$USER' environment variable), compared to what the (much older) client connection code does ('getpass.getuser', which includes '$USER' but may check other variables first, and is generally much more comprehensive); both modules now use 'getpass.getuser' - A couple of outright '~paramiko.config.SSHConfig' parse errors were previously represented as vanilla 'Exception' instances; as part of recent feature work a more specific exception class, '~paramiko.ssh_exception.ConfigParseError', has been created; it is now also used in those older spots, which is naturally backwards compatible - Implement support for the 'Match' keyword in 'ssh_config' files; previously, this keyword was simply ignored and keywords inside such blocks were treated as if they were part of the previous block (GH#717) - Note: this feature adds a new optional install dependency 'Invoke' (https://www.pyinvoke.org), for managing 'Match exec' subprocesses - Additional installation 'extras_require' "flavors" ('ed25519', 'invoke', and 'all') have been added to our packaging metadata - Paramiko's use of 'subprocess' for 'ProxyCommand' support is conditionally imported to prevent issues on limited interpreter platforms like Google Compute Engine; however, any resulting 'ImportError' was lost instead of preserved for raising (in the rare cases where a user tried leveraging 'ProxyCommand' in such an environment); this has been fixed - Perform deduplication of 'IdentityFile' contents during 'ssh_config' parsing; previously, if your config would result in the same value being encountered more than once, 'IdentityFile' would contain that many copies of the same string - Implement most 'canonical hostname' 'ssh_config' functionality ('CanonicalizeHostname', 'CanonicalDomains', 'CanonicalizeFallbackLocal', and 'CanonicalizeMaxDots'; 'CanonicalizePermittedCNAMEs' has *not* yet been implemented) - all were previously silently ignored (GH#897) - Explicitly document which ssh_config features we currently support; previously users just had to guess, which is simply no good - Add new convenience classmethod constructors to '~paramiko.config.SSHConfig': '~paramiko.config.SSHConfig.from_text', '~paramiko.config.SSHConfig.from_file', and '~paramiko.config.SSHConfig.from_path'; no more annoying two-step process! - Add Recommends: of python3-invoke and python3-pyasn1 for optional functionality- Drop python2 subpackage since it's eol-ed- Rebuilt for Python 3.8.0rc1 (#1748018)- Rebuilt for Python 3.8- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild- Update to 2.6.0 - Add a new keyword argument to 'SSHClient.connect' and '~paramiko.transport.Transport', 'disabled_algorithms', which allows selectively disabling one or more kex/key/cipher/etc algorithms; this can be useful when disabling algorithms your target server (or client) does not support cleanly, or to work around unpatched bugs in Paramiko's own implementation thereof (GH#1463) - Tweak many exception classes so their string representations are more human-friendly; this also includes incidental changes to some 'super()' calls (GH#1440, GH#1460) - Add backwards-compatible support for the 'gssapi' GSSAPI library, as the previous backend ('python-gssapi') has become defunct (GH#584, GH#1166, GH#1311) - 'SSHClient.exec_command' now returns a new subclass, '~paramiko.channel.ChannelStdinFile', rather than a naïve '~paramiko.channel.ChannelFile' object for its 'stdin' value, which fixes issues such as hangs when running remote commands that read from stdin (GH#322) - Drop gssapi patch as it's no longer needed - Drop pytest-relaxed patch as it's no longer needed- Update to 2.5.1 - Fix Ed25519 key handling so certain key comment lengths don't cause 'SSHException("Invalid key")' (GH#1306, GH#1400)- Update to 2.5.0 - Add support for encrypt-then-MAC (ETM) schemes and two newer Diffie-Hellman group key exchange algorithms ('group14', using SHA256; and 'group16', using SHA512) - Add support for Curve25519 key exchange - Raise Cryptography dependency requirement to version 2.5 (from 1.5) and update some deprecated uses of its API - Add support for the modern (as of Python 3.3) import location of 'MutableMapping' (used in host key management) to avoid the old location becoming deprecated in Python 3.8 - Drop hard dependency on pyasn1 as it's only needed for optional GSSAPI functionality- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild- Update to 2.4.2 - Fix exploit (GH#1283, CVE-2018-1000805) in Paramiko’s server mode (not client mode) where hostile clients could trick the server into thinking they were authenticated without actually submitting valid authentication - Modify protocol message handling such that Transport does not respond to MSG_UNIMPLEMENTED with its own MSG_UNIMPLEMENTED; this behavior probably didn’t cause any outright errors, but it doesn’t seem to conform to the RFCs and could cause (non-infinite) feedback loops in some scenarios (usually those involving Paramiko on both ends) - Add *.pub files to the MANIFEST so distributed source packages contain some necessary test assets (GH#1262) - Test suite now requires mock ≥ 2.0.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild- Rebuilt for Python 3.7 - Remove dependency on on pytest-relaxed- Update to 2.4.1 - Fix a security flaw (GH#1175, CVE-2018-7750) in Paramiko's server mode (this does not impact client use) where authentication status was not checked before processing channel-open and other requests typically only sent after authenticating - Ed25519 auth key decryption raised an unexpected exception when given a unicode password string (typical in python 3) (GH#1039)- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Add gssapi patch back since 2.4.0 still not compatible - Add missing BR (lost during merge)- Update to 2.4.0- Update to 2.4.0 (rhbz #1513208) - Revamp check section- Add a patch to disable gssapi on unsupported version (rhbz #1507174)- Remove weak deps, paramiko does not support recent gssapi (rhbz #1496148)- Update to 2.3.1 (rhbz #1494764)- 2.3.0.- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- 2.2.1.- 2.2.0.- 2.1.2.- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild- Rebuild for Python 3.6- 2.1.1.- 2.1.0.- 2.0.2.- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages- Update to 2.0.0 (RHBZ #1331737)- Update to 1.16.0 - Adopt to new packaging guidelines- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Changes/python3.5- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild- Use %license - Move duplicated docs to single doc sub package - Remove old F-15 conditionals- Update to 1.15.2- Add conditional to exclude EL since does not have py3- py3dir creation should be in prep section- Build each pkg in a clean dir- Add support for python3 - Add BR -devel for python macros.- Update to 1.15.1- Update to 1.12.4- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Update to 1.12.2- Update to 1.11.3- Update to 1.11.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild- Update to 1.10.1- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild- Update to 1.9.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- v1.7.7.1 (George) 21may11 - ------------------------- - * Make the verification phase of SFTP.put optional (Larry Wright) - * Patches to fix AIX support (anonymous) - * Patch from Michele Bertoldi to allow compression to be turned on in the - client constructor. - * Patch from Shad Sharma to raise an exception if the transport isn't active - when you try to open a new channel. - * Stop leaking file descriptors in the SSH agent (John Adams) - * More fixes for Windows address family support (Andrew Bennetts) - * Use Crypto.Random rather than Crypto.Util.RandomPool - (Gary van der Merwe, #271791) - * Support for openssl keys (tehfink) - * Fix multi-process support by calling Random.atfork (sugarc0de)- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Patch to address deprecation warning from pycrypto - Simplify build as shown in new python guidelines - Enable test suite- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild- v1.7.6 (Fanny) 1nov09 - --------------------- - * fixed bugs 411099 (sftp chdir isn't unicode-safe), 363163 & 411910 (more - IPv6 problems on windows), 413850 (race when server closes the channel), - 426925 (support port numbers in host keys)- Fix race condition (#526341)- v1.7.5 (Ernest) 19jul09 - ----------------------- - * added support for ARC4 cipher and CTR block chaining (Denis Bernard) - * made transport threads daemonize, to fix python 2.6 atexit behavior - * support unicode hostnames, and IP6 addresses (Maxime Ripard, Shikhar - Bhushan) - * various small bug fixes- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- Add demos as documentation. BZ#485742- Rebuild for Python 2.6- fix license tag- Update to 1.7.4- Update to 1.7.3.- Update to 1.7.2. - Remove upstreamed patch.- Update to latest Python packaging guidelines. - Apply patch that fixes insecure use of RandomPool.- Bump rev- Update to 1.7.1- Update to 1.6.4 - Upstream is now shipping tarballs - Bump for python 2.5 in devel- Update to 1.6.2- Rebuild for FC6- Include, don't ghost .pyo files per new guidelines- Update to new upstream version- Update to new upstream version - ghost the .pyo files- Fix source line and rebuild- Update to new upstream version- Initial package  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghij2.12.0-2.el8 python-paramiko-docdemosdemo.pydemo_keygen.pydemo_server.pydemo_sftp.pydemo_simple.pyforward.pyinteractive.pyrforward.pytest_rsa.keyuser_rsa_keyuser_rsa_key.pubhtml.doctreesapiagent.doctreebuffered_pipe.doctreechannel.doctreeclient.doctreeconfig.doctreefile.doctreehostkeys.doctreekex_gss.doctreekeys.doctreemessage.doctreepacket.doctreepipe.doctreeproxy.doctreeserver.doctreesftp.doctreessh_exception.doctreessh_gss.doctreetransport.doctreeenvironment.pickleindex.doctree_sourcesapiagent.rst.txtbuffered_pipe.rst.txtchannel.rst.txtclient.rst.txtconfig.rst.txtfile.rst.txthostkeys.rst.txtkex_gss.rst.txtkeys.rst.txtmessage.rst.txtpacket.rst.txtpipe.rst.txtproxy.rst.txtserver.rst.txtsftp.rst.txtssh_exception.rst.txtssh_gss.rst.txttransport.rst.txtindex.rst.txt_staticajax-loader.gifalabaster.cssbasic.csscomment-bright.pngcomment-close.pngcomment.pngcustom.cssdoctools.jsdocumentation_options.jsdown-pressed.pngdown.pngfile.pngjquery-3.2.1.jsjquery.jsminus.pngplus.pngpygments.csssearchtools.jsunderscore-1.3.1.jsunderscore.jsup-pressed.pngup.pngwebsupport.jsapiagent.htmlbuffered_pipe.htmlchannel.htmlclient.htmlconfig.htmlfile.htmlhostkeys.htmlkex_gss.htmlkeys.htmlmessage.htmlpacket.htmlpipe.htmlproxy.htmlserver.htmlsftp.htmlssh_exception.htmlssh_gss.htmltransport.htmlgenindex.htmlindex.htmlobjects.invpy-modindex.htmlsearch.htmlsearchindex.js/usr/share/doc//usr/share/doc/python-paramiko-doc//usr/share/doc/python-paramiko-doc/demos//usr/share/doc/python-paramiko-doc/html//usr/share/doc/python-paramiko-doc/html/.doctrees//usr/share/doc/python-paramiko-doc/html/.doctrees/api//usr/share/doc/python-paramiko-doc/html/_sources//usr/share/doc/python-paramiko-doc/html/_sources/api//usr/share/doc/python-paramiko-doc/html/_static//usr/share/doc/python-paramiko-doc/html/api/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mcpu=power8 -mtune=power8 -funwind-tables -fstack-clash-protectiondrpmxz2noarch-redhat-linux-gnu  directoryPython script, ASCII text executableASCII textGIF image data, version 89a, 16 x 16PNG image data, 16 x 16, 8-bit/color RGBA, non-interlacedPNG image data, 16 x 16, 8-bit gray+alpha, non-interlacedASCII text, with very long linesPNG image data, 11 x 11, 8-bit grayscale, non-interlacedHTML document, UTF-8 Unicode text, with very long linesHTML document, UTF-8 Unicode textHTML document, ASCII textASCII text, with very long lines, with no line terminatorshttps://bugz.fedoraproject.org/python-paramikoutf-8bfa02af98d308a6fb7cc47ea2fc7a275b328a169d5b249192ab90b18194f8281?`7zXZ !#,nO]"k%pa }XzӒl\[Eq̨MSڱOZ.V0a˳h ޙBľcO.pW sfxggVtNu -s!俤b@M,i"Kyi灛bfC _3>z`!2)0,YKLLf&VəFH#yu֞VeKZty79͢<@|0Ƃ cu xXl ^4{O̯DɇĹ!X vcUj0jS0(VP(T?<1I sxRfsmGqMߒTa}+@6s|{f3 "aEK9㽈A/ N|Q{=^yH{p4C:^7,+%3 CU1̻[+Fm7Ou:t O6B1=)ls@Wi1`\[ øuk 稓;5!49BRJ9N!F4sUu1WJ_BKz![D7_ ^h }pSy0ڱ>BJ7fx5Ϣ?9p}\@Է$+w|9lr"=g`J́c(snH P_6ٵy1S>5n RJEӡBG#=[$ 6Y\νI&i0NXd NߙJV円*Es ӟ:R.G8|.te.:ː!UU4у,CA34:Pwb-ig_:۷Kх3Ga?˚ؗL?;+l6\nJj04*|h>!-VsMw |}tG=kta0:ýXIX5u+$p+S ]򎈘*Y'=ܔӳQ)F֡'}7I2yI&0BkBRVyVc6"3Q6gyڡzNλio)O+,oytPvQٝ5I(Ш72D"PM܁bhTSWik'K$$5=\a+EE[T̜( 4C`x4Dfٗ^k)h+Mw!>iAL848'94r!$\ryH9u^Uɚ;R|pEh? TKjCv‚ p& EM=$/a2<ݛWFlkC0SeM0>U$qFNqɷ3l`xH8~Z3ի =Q2Aۚ'%$J W;fw_5#uoCl ?3N[%qOՁ7 ^kOV$SGhd$1DkZ l6GqDP"ErUL#?q0, BjSwJCQPw)r>GB4 >ϩI6[HU}T ~+{gEEvBS g7ɨ4 k.; ixwMk}^j vRXg.vsxDi*yCkUGDFeLURϿ4NbgimjJ/kGIQۆ lʴʀHhcze!¤%=WS:oqj7pVZa'meO;Dҫq6WwסHQfੱ{_2+|MFTZpf6)a؞Itc>9:&SF>չ{)iۭ摩]M+۳c_)rCټ  gϩA3VtƷ`+AC* BxjdO- 0Y *X}% 1uU%3'*'6 pT]>$bpqJerp*fb̄kPmxx"9꘲*N h9-|ft`sռҜZz3%]LF^O'%8.5wɺ`(K$ӑ6Ha_We,<ݫiAsG0㜕wL]2$'Yvte*z@eN I'JAwG-PA!ME5f~X,8@vs[]'j@}GcRvbp }fp(=+o&u0KV=&dq-P}aS{w=  I:XPhO׀& I%6juhGSuQĊU?.sZHt;:w')u=õԹeo,@Sd?oRj ^$ f ۻ-;m^[~ق9Ck]txHO ~@c庍u?'k#|/q kRȨHcx2`c7o-MUI,1WOq#5wO?Q$[(3އ9NF*hkrk+8 Qt2#|I',booQevJm [16cTqw_-|:!`)a- I)>_IJ\K7}wP׉1-AxB:3?JbiZzҌXQ|QNj({/iE1p*lΑ\[kZY9LJ02`@pCM#IY g3)mWݥ:PPdOw /5̜'{'/'-uN02uU,[> JNQci 5Ƀaa\p㉋u䙩ZdsM+H:B=,K$*&e:rh],v 4 HL#DjU5'6Qme/U?HYuC3>we:aJN#WM DN2.Xk z1 =7b H,9!Gݰ&C-e1*uBm d*09Cc[Zn+-.G, 򰠃 kbob[L,-r:F8@ LL ߲`*|igؚ[)۟ S+X̹Z}APЋl)&;nOJY$?4ׁ`Z{;H46ܶG՝wSam^)TV Y|;UcfӶjF@ַ?_-! W:@;[Fɾ S :7 qR=pZA}13&~ZTm/F3|v핳ue}wyxdem8SW]91 0gf1,$cÄM>}4Bя-,D }Ɏud{)1IYd& "Jx#oeu$e=R%o|==**j[i?:b Co;Bnk(v3`r>`Da)-bһ>˼iǓIotߺgNxP0)|$?ɿ)oiQgd#$ tMA͚hym=Ę*MPoQk-*^$Ku>\⁶+G I=1h>&☱U! f.uEoa5l$ =q צMue}9/}MV^TLt?K^,'gN>ϟ.T!wOc0!~?[[]$2~;^㮨C@ϻ?^}^ #Nۣk[-2fqRq) p$qѥHDt%xw._-LimŒ6͞v瞰Xmuћq.]QԴҒz܀yx떥 |wiE\:I }uU+'2۵w1X6uZc=<>xk) *($D\{o7JIvNi[ K}<v|yKG`:'~|`nӍ Ɠ]6t7{Ui$Q|[.~ؼ{#%. 1A”-'Y%F޹]8~!3}YBƼU}6&&Guu_IIGG*Tog蛽ИDT^mOJ ⻉_ȸ4%8"]!î+kgv5@XӤ|RgȰ[tv1R_9SfMӸXHd3.Fz d7*Nc_vD+,oyּF{v<iZ \DUe[g”\4bpYϙڧ:PVܵl;@Ŵ;qC>U7ljSwk$hօ\t 4CDn]nr<&`94jfPܔT/V ,ql "|ʾ)at̶P8"Ur˫Z?_$Z%[enee2͗#X-th9K[` G+qsj*e蟤eB1oT(Յ2 W>5RE# f KO7[05Fds-3 4dhHR?R Y;3.a" qz^|Q)ue] wRm¦ m eY4CWX0~I,+7[AvR^M p$A!*;%>0{)[1v9: G_얭|oׇ[4 dP VDo<uՅ@CS܋>{cV^¾dWXeO95mr=œ9Ӈ>V+5<"{bE o6=5A@V^Hu7g4N9#GYǣ왻 PVu|{~RVh:UK,LLI-}Qƀ[z[| 9 &ъʩyK_#=gwiB%;(+sC(qz<~SlQÚ ?E<ޤ' dB4Q]$JL ٴTK]5/>s$ӳ]L+9=9--gUFlb"pJc$X|:|eϾ F`q[l儗q[ո Fk9f @SWyF\}MRnaj/A)8=g=r TId׆63_h*M/޻ hGb%lV&Ԑ׽($ulPqis?A|f yY_00Tim$znw kF#,7Sx̂$4 сZW?srvȭ"pp@=ZbV To.!Kh6JpEgb` ye&2a-X*XN<$B<̥ok!ů>*z X4ߠ ~wz=ʢ e7*'25KFW[ agUV̳Ab1A{ x #ᛝ 4@ NzjWHte52SٔeRU'(&QV~ᕆ].Db5K$6%;$r~# nO}F]1ilZj[Myۚ 2}!`L^nAX㑐J~ЯsG͉#U-`jk} )R}?1ɫ~4{zQ6bS! 憎_HKꠤI%GPg}"lRd~/꿳Gh_l$eizL;)Os)pjf6ԪHfPAʥ7!@عI pLELd&|7W(ngtſ O}JCd<RUdbM=NIC{عyJ.k@%J\ p9Uޕom5Ä"*e&זQE1&$9!(CISpX؇3r4@N-Mf'fD늁ȨKVGmNE:Z>I&3,_B(1:.3IJ.DgԍN{q@B0:+T֡7*`Ƞ%#'6Azo0oF;`RnSٕ ,K91nVxuvyF$^p/M3 amf=) 9g&:Csb7PߎYD+0yX]1 QP}xvwp*ZsE?D*}+͒U-$:-Wښ5絞޻ U&ճT9'-RL 8\r-q>y>OxN);8#6m4l~M'?ܝ^{LGqC'WSQJR`U`ӷ(V Jߝ]#l(=3̵e褡fI+g 5iM4}*@mx B / 8vT|b̗9d NcKŷsB@|ؽ7S ksl5r8_Fj9\HX-w3}״|:ȳ ?y.ws;{۳!ӧ8“ X—kM]qE'%P/G`Hh(Z@EXꕳzZ4TX>t0BPIr O_mPU|E~'mas͐%aJ,΀pVܢ@p8bҢ}{ _\f@!Knbd"xs^'F)_,_y0'?ȰS+)l*;D9ː IHKߜKwyİ63zHJkJaB"[ tXV;)HIc* *̣Z,*9cqZm)Rޭ"I{~?2<Eg fW/reN'>%4>L?)e:u>d<C]hBY"_vn9.TD&79Hqs.P{qQKlWBaFPWڌ̵S_)X9f]ޜRlNJ)\WiD3a(hnx[y`RgWO &#>_c^C 2p7\#>~M R%B)}]ZXۄIku> 5(f%7ajw>pFt6mZ'dAQ%tׁjeKbF~JD,yOs8 |axVZNn'W}hm?mV `Α9꘵$#& o1: UF` œY5~v6Utۺ<.p}ʃOnCKs\2d$JwB;";q/XJzYxD(q!5##rֿN]tXIt_ǙMaaY|N~в2^L47kJxu 5_" -jlM+maJ@N 4 :7p#[0 7^!Dz7b8|W'@X8O_w *QU˺ru]ݞF4%PaqTqqS6T>e9DUα"nRS5׆_FOw8ƋJ9tC6]N4dG:y-@$>oe%l . ^vVKu-^gEa쁜l2bjE׷E!>P_FT[YNP P8G:9Q  [㼉46*.J^|(gej5,ԦPCF2biiYŢ@?S[PyJ;;R5&_. (?mrqK ݦ09Xg]Lbpս}e Fj[M0ch8NJxX[ 8ᲃw3˥] ֵ@c ā&Xf+c+Q2+q@,3W"p\:+rL#)A.ry ͉.FkNxNh SU! 4GRB])s{2% \HxqSVݸR9u$&ՆoK =IReD((hO*<̐gb#l*z?DMM1݅yO~e.T6h,B0^Y^T?o%"B2W07˗yUZg};$(ePpr *Vz@AN@]s* R5o|_dB9p,$ nege^K@L ɿ]SGsw+#ԹxgRuɖ%&e*}ϊ6xP* 9۸ABhˑ?cZFܨ4T,/@~֐F3Cs<;q~yiL0\/}J=:iH5yb )t(pJ]DfDߵTCRZS/4n4;6bG̿E"5(ƐqYmvUPDh,Rhbxпuo 2VydO:y4YlmB,5p7 KU0 ׶h ׏۰Gd; ঘ;:H3%iK6,mq8z̫팃8.ackHL{sR0-k_5ueaU":-Nѩr/:EBx' tޥ۶;Ӹs>+;&pAgxoԜx-٠ se/Hƪg]<#~) xG#>Eq#)gɒTv\O*[Z,,y89 5N%"T2w%$wy?l sG&Sj'H9ˮ~JP@n>jG7Ѳ&g0}S&nLFգ[*֣ ̽9 6Xch=?5.>fЎgeTQ΀Hx P;$LnXVw|l |$tl+T::.xi@oDfu}{2a}wz1:+v>WycOReL}/<|ule=Dmv =׃ĵ!z+ğ]ۦY`"};XvF{籀a*_]6Vy!0tM_,;w9"qw>TgŠGFP I=Ps5sI8ћVеp]^!4^BI) L\ 3& ɺj;aطcp-Y7 q9j%# 1YSOƜxwNuF#(CHnq=.D"%@}ɦ\u_/F4ql-'̸MZP1} ;h /rI"džr|Zk?IbѓSƻB av?b}|;>=VWar ڙyvjFA*<&]j8yw(uhCՈCq{ 5/kݶ{BxBpM:+n:Q8RrF)~t#x>7YoWޮ㎤oIe=_A1ۑk6O~4Au$Nw3SǬ(`l72~n#Zݐ2&YqGR)+}(aeKTJ RS8J伺Co5P[NS_cB%Ўy|>!褈m8\9Qp&U;,BI۫M?jH Bfu#ߋRC9\I A܉;_V76_Ӝlφ9 RoQ.Rˆ2غNR(в}Z>̗K''rPJ\2_eR0_GG;Jx- Zt[C2ˀ,ph#505{Y7N$f[Ő]aw(-<+g&Ĉϻ쌎 2R.&BuwV GZ؜9&alv9hW6 㧪dqM`tYJa8r|lIlD{L&,ɳN5E52-GٯEIISrn‰uٖ <Oӄ+-w>!.^]3ONz(/i:o`}̒9O^WFpO>nɩĹ(x@j R%~uU)DjO74PK.3ʁȭ]Y5rp[+FgnTj\Ģ<]`?j %#,6[ U< FE2BdEN4hF04ɺfYS~_˜8{G":0pni6S8 pG4Gc@7Ä@M džXɏ I 6u;F/%><<iHD EjVE+eЄ BKbMW +>lKԨ} uH 0hWbɹ;NjVgMohs.HO(aGA4Yes|ks*1؍4T-LZKߗ'gS6<Œ̗ٝZC ?%z?FHO1co1&-kX3ɖÑa#V&^b^c嘨692r| pǎZm?1sCC@+P4{$XRqfεU_Kd^M;r*ERz͠([B%k~߱ )qDL=0{H@F{PZ!ڃz|\G?wt|ۣQx󑉩"ͽ5!m:UB{a zyJ+7Y R{dwʳj(뻚|^uROgmc4|웸$|ľMvŠR\+Eӑ}m( 0Т)=?lq~e_Č3Ҩ Ʃ2~s쭏"M*Nݭ齖0ie!k'PG6xK|1SR/.~,_{@`r|a M[I&ih}qJF>J{=fz0}OcWw`%`$oK')r^umRtsg²Rdjϟ^Ķ%}x dCW82p'8[ FW8ƶ_ _܊i6n 23s2pJOT{gu˻aFQcP~]fq`\sTK{!nb NVΎgW;AIEV~ 64VQ5Cx3|7}܈ i5V] 9(1c8 ' : urD7AQ{a5'^pGF5hL<ޮ\l4De8-7I\b~qR\(k7>v$f7ۻڭ{Vb: kϵ'% /8_4$>1JܝwA ̢| 5'g 9X3< kEM=&Ѹ5ОQ>u_WQ_0{jj %]FZX8*E)e+E"S&A!o'0b*/!p*?W\MZ>KJ:U?Vd*D [SI /!*"s*Pzel.zƜ3飁HW+!78,jv"EРG>g@} %$_껤֛MR?rtpaoʶ|mUw8ؚbCS" 00 =jq{E̤\S^5rr2!YKoЕ>(َ`r!(VA<8p";fC( !\Ξ`Jt#p1ȹJ٩n󺪔1-[nrT뀎GwBI0hB^*>) ? Z0gHvmKCDNUBY$üЯ9]ˡRpAtK4vMZq?X+]Q%Ip5-gϴ{iU&.}xW?⨾} *?u6\DxnQAp$Ũ |!@'ڴC xYR꫘2l5| #ٱbsXҟTJ)]7}8v1( 4I}=0( uf7-3o>2tמx̗1h 2g7זG l Ks rO)rѭ%86RyFzq~+MD_(^$1_}3cWQ2`NG}x9&Tٹ T&:C*7eTpI b1yq;}O-Ӛf:{ª+XĪW{Q C=E'31ʨp3_n8! Qx]gTWYHz9[f/]7yYQ MIlXī'Ogrel&B4Ӡ.b,|i/>.S% aMXI-6 hh!B5=H(y#1:j|Bmr1e+Ηt4DōHUo<JgV%Av lw9ddlJ:ҖI S ZMqR6ܭY\;²Kh1rH[Y|߇kSѾCqkفO\C߮pM)WeZL R1f9e(?Ӵp s/1У) F 5pwS&=(My*=5Ў_aHvă(exk5W>mr Rdח.HbYELH\)5* A=Gz v%6lʼnSEx^{)&غG{MqQӟy7  YZ