nss-pkcs11-devel-3.44.0-4.el7>t  DH`p]_ $ƨLt|f,d_^v w9!pԥ׫{ԕIB)ZNU]Sߵ'=&:C 9GhD7< 0d A<0IҥeIiDŷi(Ֆ%hxja[7̄FMhMdܥɞ< ˁ3<'P%]tdzgqf,jq D2a1e1a64d60b6f5165e41340b16d793ea972732ax]_ $ƨq4 "$ \KЈ|>Z,*e+яdX^*|DYۿ$f=e( z^+՗K#WLF\ J( uض4w&Lq9m@y6ĕ1L<ۇyIeRd|}~es!ZVĔU {Gh%*1b܄UbI8.+ &\fI0XGLlw ۚgiQ2e⥷}xwk J "xmk;&obB* "L1zPkt6챬;.b nRw}LrYOFDG`DhBSLRblx/;]mԃ}dH2(IO@t4̮.nnKJU}!e0v6Uܾ>/jY 5P YopU,%7]Y{9iUIy,B _9zK0[yw#hRL>7,?d  X OU\         E  T    $ X:(j8ts9 @s:Q7sG H I( X8YD\l ]ܠ ^(bddeflt uT vވwް x Cnss-pkcs11-devel3.44.04.el7Development libraries for PKCS #11 (Cryptoki) using NSSLibrary files for developing PKCS #11 modules using basic NSS low level services.]Qx86-02.bsys.centos.orgJCentOSMPLv2.0CentOS BuildSystem Development/Librarieshttp://www.mozilla.org/projects/security/pki/nss/linuxx86_64 n@GCB:n *\\\\\\\\\\]Q]Q]Qa35ece673d12028eb93987be84491b4a5978b26acbed9391ea7c623d892114892314809e560ccd8db3aa7c73a76761c6dfdc9970766418eda2ccf5d82d7c8c87d17c98658d22e1d43bebb72e5c2fa70d38b4813cc365664cb7e012c1c205945a44468d9015bc778365581b64aa8389d29b1253027c339f0db50c4fa4041b182610323e003c49ea719ba9d58bcc8cd25e0cb04b9ef477e86532dd49ce5aab7de426ea03608b467e5d895ef62414d18e48c7eef62075092710067aa35ab7da79c77a0eecf6f3406b0ac94bde7ea8963f1ed4bdc05c48bade64adbbe3f942607a58424de03c781dc5f6985867d3c8905ef675f7f2bef4bc52abc6e523484afb4882dc8e6a0a79dc11903d89226d4fd9a1a2e6d15433c2f77b7176b727c3d2980b1b616dd39c3520cedf4a0b72c67baa0de3103d894baa8631e24020c157d21a2473f5ee187ae698bfebcb2b4df6e21edbc3d95b5ec709756e1cd6a1c3d83fca1c445677637a5bbc9dea65e1fdbfd3060067219de3ee7a6fd93331bb9d2102fb7309441d4c299ce5e2886a5515c010cb729ec90eca12bb3dd99d80b24d3c62b97d61rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootnss-3.44.0-4.el7.src.rpmnss-pkcs11-develnss-pkcs11-devel(x86-64)nss-pkcs11-devel-static     nss-develnss-softokn-freebl-develrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.44.0-4.el73.44.03.0.4-14.6.0-14.0-15.2-14.11.3\\\P\@\g\-@\\7\C@\@\@\\|\s[k@[Z؄Z3@ZЛZ2@ZkZw@Z\ZOhZN@Z Y@Y|YB@Y@Y@Y@Y@YJYg`Y1S@Y i@Y i@Y @Y.Y@YXX~@X•@XO@XO@XBX@XX@XWu WrfWc@Wc@WBWo@Wo@Wo@WW WW@Vn@V@V>@V`VpV'~@U6@U6@UAU@UUUݪ@UUȒ@UU@U'U3@UUx&Ux&Uq@U?v@U8U0U-@U'@U:TTq@TTto@Td@T)IS@S@Sہ@S@SnS@RJ@RRUR۾@R۾@R@R@Rx@RΏ@RkR@R;RiR@Rz/@Rv:Rt@RrF@Ro@Ro@RnQRe@RW@RSR@QQQ@QKQ@QQW@Q'@Qq1QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.44.0-4Daiki Ueno - 3.44.0-3Daiki Ueno - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.43.0-9Daiki Ueno - 3.43.0-8Daiki Ueno - 3.43.0-7Daiki Ueno - 3.43.0-6Daiki Ueno - 3.43.0-5Bob Relyea - 3.43.0-4Daiki Ueno - 3.43.0-3Bob Relyea - 3.43.0-2Daiki Ueno - 3.43.0-1Bob Relyea - 3.36.0-8.1Bob Relyea - 3.36.0-8Daiki Ueno - 3.36.0-7Daiki Ueno - 3.36.0-6Daiki Ueno - 3.36.0-5Daiki Ueno - 3.36.0-4Daiki Ueno - 3.36.0-3Daiki Ueno - 3.36.0-2Daiki Ueno - 3.36.0-1Daiki Ueno - 3.34.0-4Daiki Ueno - 3.34.0-3Daiki Ueno - 3.34.0-2Daiki Ueno - 3.34.0-1Daiki Ueno - 3.34.0-0.1.beta1Daiki Ueno - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.33.0-1Daiki Ueno - 3.28.4-14Daiki Ueno - 3.28.4-13Daiki Ueno - 3.28.4-12Daiki Ueno - 3.28.4-11Daiki Ueno - 3.28.4-10Daiki Ueno - 3.28.4-9Kai Engert - 3.28.4-8Daiki Ueno - 3.28.4-7Daiki Ueno - 3.28.4-6Daiki Ueno - 3.28.4-5Daiki Ueno - 3.28.4-4Daiki Ueno - 3.28.4-3Daiki Ueno - 3.28.4-2Daiki Ueno - 3.28.3-5Daiki Ueno - 3.28.3-4Daiki Ueno - 3.28.3-3Daiki Ueno - 3.28.3-2Daiki Ueno - 3.28.2-3Daiki Ueno - 3.28.2-2Daiki Ueno - 3.28.2-1.1Daiki Ueno - 3.28.2-1.0Daiki Ueno - 3.21.3-1Kai Engert - 3.21.0-17Kai Engert - 3.21.0-16Kai Engert - 3.21.0-15Kai Engert - 3.21.0-14Elio Maldonado - 3.21.0-13Elio Maldonado - 3.21.0-12Elio Maldonado - 3.21.0-11Elio Maldonado - 3.21.0-10Kai Engert - 3.21.0-9Kai Engert - 3.21.0-8Elio Maldonado - 3.21.0-7Kai Engert - 3.21.0-6Kai Engert - 3.21.0-5Elio Maldonado - 3.21.0-2Elio Maldonado - 3.21.0-1Elio Maldonado - 3.19.1-19Kai Engert - 3.19.1-18Elio Maldonado - 3.19.1-17Elio Maldonado - 3.19.1-16Elio Maldonado - 3.19.1-15Elio Maldonado - 3.19.1-14Elio Maldonado - 3.19.1-13Elio Maldonado - 3.19.1-12Elio Maldonado - 3.19.1-11Elio Maldonado - 3.19.1-10Elio Maldonado - 3.19.1-9Elio Maldonado - 3.19.1-8Elio Maldonado - 3.19.1-7Elio Maldonado - 3.19.1-6Kai Engert - 3.19.1-5Elio Maldonado - 3.19.1-4Elio Maldonado - 3.19.1-3Elio Maldonado - 3.19.1-2Elio Maldonado - 3.19.1-1Kai Engert - 3.18.0-6Kai Engert - 3.18.0-5Elio Maldonado - 3.18.0-4Elio Maldonado - 3.18.0-3Elio Maldonado - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.16.2.3-5Elio Maldonado - 3.16.2.3-4Elio Maldonado - 3.16.2.3-3Elio Maldonado - 3.16.2.3-2Elio Maldonado - 3.16.2-10Elio Maldonado - 3.16.2-9Elio Maldonado - 3.16.2-4Elio Maldonado 3.16.2-3Elio Maldonado - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.15.4-6Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Daniel Mach - 3.15.4-2Elio Maldonado - 3.15.3-9Elio Maldonado - 3.15.3-8Elio Maldonado - 3.15.3-7Elio Maldonado - 3.15.3-6Elio Maldonado - 3.15.3-5Elio Maldonado - 3.15.3-4Daniel Mach - 3.15.3-3Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-10Elio Maldonado - 3.15.2-9Elio Maldonado - 3.15.2-8Elio Maldonado - 3.15.2-7Elio Maldonado - 3.15.2-6Elio Maldonado - 3.15.2-5Elio Maldonado - 3.15.2-4Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15-6Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.14.3-13.0Kai Engert - 3.14.3-12.0Kai Engert - 3.14.3-11Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set- Skip sysinit gtests properly - Fix shell syntax error in tests/ssl/ssl.sh - Regenerate manual pages- Rebase to NSS 3.44 - Restore fix-min-library-version-in-SSLVersionRange.patch to keep SSL3 supported in the code level while it is disabled by policy - Skip TLS 1.3 tests under FIPS mode- Ignore system policy when running %check- Fix policy string- Don't override date in man-pages - Revert the change to use XDG basedirs (mozilla#818686) - Enable SSL2 compatible ClientHello by default - Disable SSL3 and RC4 by default- Make "-V ssl3:" option work with tools- Fix regression in MD5 disablement- add certutil documentation- Restore complete removal of SSLv2 - Disable SSLv3 - Move signtool to unsupported directory- Expand IPSEC usage to include ssl and email certs. Remove special processing of the usage based on the critical flag- Rebase to NSS 3.43- move key on unwrap failure and retry.- Update the cert verify code to allow a new ipsec usage and follow RFC 4945- Backport upstream fix for CVE-2018-12384 - Remove nss-lockcert-api-change.patch, which turned out to be a mistake (the symbol was not exported from libnss)- Exercise SSL tests which only run under non-FIPS setting- Restore CERT_LockCertTrust and CERT_UnlockCertTrust back in cert.h- Work around modutil -changepw error if the old and new passwords are both empty in FIPS mode- Decrease the iteration count of PKCS#12 for compatibility with Windows - Fix deadlock when a token is re-inserted while a client process is running- Set NSS_FORCE_FIPS=1 in %build - Revert the changes to tests assuming the default DB type- Rebase to NSS 3.36- Re-enable nss-is-token-present-race.patch- Temporarily disable nss-is-token-present-race.patch- Backport necessary changes from 3.35- Rebase to NSS 3.34- Rebase to NSS 3.34.BETA1- Disable TLS 1.3- Enable TLS 1.3- Rebase to NSS 3.33 - Disable TLS 1.3, temporarily disable failing gtests (Skip13Variants) - Temporarily disable race.patch and nss-3.16-token-init-race.patch, which causes a deadlock in newly added test cases - Remove upstreamed patches: moz-1320932.patch, nss-tstclnt-optspec.patch, nss-1334976-1336487-1345083-ca-2.14.patch, nss-alert-handler.patch, nss-tools-sha256-default.patch, nss-is-token-present-race.patch, nss-pk12util.patch, nss-ssl3gthr.patch, and nss-transcript.patch- Add backward compatibility to pk12util regarding faulty PBES2 AES encryption- Update iquote.patch to prefer nss.h from the source- Add backward compatibility to pk12util regarding password encoding- Backport patch to simplify transcript calculation for CertificateVerify - Enable TLS 1.3 and RSA-PSS - Disable some upstream tests failing due to downstream ciphersuites changes- Work around yum crash due to new NSPR symbol being used in nss-sysinit, patch by Kai Engert- Fix typo in nss-sni-c-v-fix.patch- Include CKBI 2.14 and updated CA constraints from NSS 3.28.5- Update nss-pk12util.patch to include fix from mozbz#1353724.- Update nss-alert-handler.patch with the upstream fix from mozbz#1360207.- Fix zero-length record treatment for stream ciphers and SSLv2- Correctly set policy file location when building- Reorder ChaCha20-Poly1305 cipher suites, as suggested in: https://bugzilla.redhat.com/show_bug.cgi?id=1373158#c9- Rebase to NSS 3.28.4 - Update nss-pk12util.patch with backport of mozbz#1353325- Switch default hash algorithm used by tools from SHA-1 to SHA-256 - Avoid race condition in nssSlot_IsTokenPresent() - Enable SHA-2 and AES in pk12util - Disable RSA-PSS for now- Utilize CKA_NSS_MOZILLA_CA_POLICY attribute, patch by Kai Engert - Backport changes adding SSL alert callbacks from upstream - Add nss-check-policy-file.patch from Fedora - Install policy config in /etc/pki/nss-legacy/nss-rhel7.config- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka - Enable new algorithms supported by the new nss-softokn- Rebase to NSS 3.28.3 - Bump required version of nss-softokn- Remove %nss_cycles setting, which was also mistakenly added - Re-enable BUILD_OPT, mistakenly disabled in the previous build - Prevent ABI incompatibilty of SECKEYECPublicKey - Disable TLS_ECDHE_{RSA,ECDSA}_WITH_AES_128_CBC_SHA256 by default - Enable 4 AES_256_GCM_SHA384 ciphersuites, enabled by the downstream patch in the previous release - Fix crash with tstclnt -W - Always enable gtests for supported features - Add patch to fix bash syntax error in tests/ssl.sh - Build with support for SSLKEYLOGFILE - Disable the use of RSA-PSS with SSL/TLS- Decouple nss-pem from the nss package - Resolves: #1316546- Remove mistakenly added R: nss-pem- Rebase to NSS 3.28.2 - Remove NSS_ENABLE_ECC and NSS_ECC_MORE_THAN_SUITE_B setting, which is no-op now - Enable gtests when requested - Remove nss-646045.patch and fix-nss-test-filtering.patch, which are not necessary - Remove sslauth-no-v2.patch and nss-sslstress-txt-ssl3-lower-value-in-range.patch, as SSLv2 is already disabled in upstream - Remove ssl-server-min-key-sizes.patch, as we decided to support DH key size greater than 1023 bits - Remove local patches for SHA384 cipher suites (now supported in upstream): dhe-sha384-dss-support.patch, client_auth_for_sha384_prf_support.patch, nss-fix-client-auth-init-hashes.patch, nss-map-oid-to-hashalg.patch, nss-enable-384-cipher-tests.patch, nss-fix-signature-and-hash.patch, fix-allowed-sig-alg.patch, tests-extra.patch - Remove upstreamed patches: rh1238290.patch, fix-reuse-of-session-cache-entry.patch, flexible-certverify.patch, call-restartmodules-in-nssinit.patch- Rebase to NSS 3.21.3 - Resolves: #1383887- remove additional false duplicates from sha384 downstream patches- enable ssl_gtests (without extended master secret tests), Bug 1298692 - call SECMOD_RestartModules in nss_Init, Bug 1317691- escape all percent characters in all changelog comments- Support TLS 1.2 certificate_verify hashes other than PRF, backported fix from NSS 3.25 (upstream bug 1179338).- Fix reuse of session cache entry - Resolves: Bug 1241172 - Certificate verification fails with multiple https urls- Fix a flaw in %check for nss not building on arm - Resolves: Bug 1200856- Cleanup: Remove unnecessary %posttrans script from nss.spec - Resolves: Bug 1174201- Merge fixes from the rhel-7.2 branch - Fix a bogus %changelog entry - Resolves: Bug 1297941- Rebuild to require the latest nss-util build and nss-softokn build.- Update the minimum nss-softokn build required at runtime.- Delete duplicates from one table- Fix missing support for sha384/dsa in certificate_request- Merge fixes from the rhel-7.2 branch - Fix the SigAlgs sent in certificate_request - Ensure all ssl.sh tests are executed - Update sslauth test patch to run additional tests- Fix sha384 support and testing patches- Rebase to NSS-3.21- Prevent TLS 1.2 Transcript Collision attacks against MD5 in key exchange protocol - Fix a mockbuild reported bad %if condition when using the __isa_bits macro instead of list of 64-bit architectures - Change the test to %if 0%{__isa_bits} == 64 as required for building the srpm which is noarch - Resolves: Bug 1289884- Rebuild against updated NSPR- Change the required_softokn_build_version back to -13 - Ensure we use nss-softokn-3.16.2.3-13.el7_1- Fix check for public key size of DSA certificates - Use size of prime P not the size of dsa.publicValue- Reorder the cipher suites and enable two more by default- Update the required_softokn_build_version to -14 - Add references to bugs filed upstream for new patches - Merge ocsp stapling and sslauth sni tests patches into one- Reorder the cipher suites and enable two more by default - Fix some of the ssauth sni and ocsp stapling tests- Support TLS > 1.0 by support while still allowing to connect to SSL3 only servers - Enable ECDSA cipher suites by default, a subset of the ones requested- Support TLS > 1.0 by support while still allowing to connect to SSL3 only servers- Fix to correctly report integrity mechanism for TLS_RSA_WITH_AES_256_GCM_SHA384- Fix checks to skip ssl2/export cipher suites tests to not skip needed tests - Fix libssl ssl2/export disabling patch to handle NULL cipher cases - Enable additional cipher suites by default- Add links to filed upstream bugs to better track patches in spec file- Package listsuites as part of the unsupported tools- Bump the release tag- Incremental patches to fix SSL/TLS test suite execution, fix the earlier SHA384 patch, and inform clients to use SHA384 with certificate_verify if required by NSS.- Add support for sha384 tls cipher suites - Add support for server-side hde key exchange - Add support for DSS+SHA256 ciphersuites- Reenable a patch that had been mistakenly disabled- Build against nss-softokn-3.16.2.3-9- Rebase to nss-3.19.1 - Resolves: Bug 1228913 - Rebase to nss-3.19.1 for CVE-2015-4000 [RHEL-7.1]- Backport mozbz#1155922 to support SHA512 signatures with TLS 1.2- Update to CKBI 2.4 from NSS 3.18.1 (the only change in NSS 3.18.1)- Update and reeneable nss-646045.patch on account of the rebase - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Fix shell syntax error on nss/tests/all.sh - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Replace expired PayPal test certificate that breaks the build - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Reverse the sense of a test in patch to fix pk12util segfault - Resolves: Bug 1174527 - Segfault in pk12util when using -l option with certain .p12 files- Fix race condition - Resolves: Bug 1094468 - 389-ds-base server reported crash in stan_GetCERTCertificate - under the replication replay failure condition- Resolves: Bug 1174527 - Segfault in pk12util when using -l option with certain .p12 files- Restore patch for certutil man page - supply missing options descriptions - Resolves: Bug 1158161 - Upgrade to NSS 3.16.2.3 for Firefox 31.3- Resolves: Bug 1158161 - Upgrade to NSS 3.16.2.3 for Firefox 31.3 - Support TLS_FALLBACK_SCSV in tstclnt and ssltap- Resolves: Bug 1145434 - CVE-2014-1568 - Using a release number higher than on rhel-7.0 branch- Fix crash in stan_GetCERTCertificate - Resolves: Bug 1094468- Generic 32/64 bit platform detection (fix ppc64le build) - Resolves: Bug 1125619 - nss fails to build on arch: ppc64le (missing dependencies) - Fix contributed by Peter Robinson - Fix libssl and test patches that disable ssl2 support - Resolves: Bug 1123435 - Replace expired PayPal test certificate with current one- Rebase to nss-3.16.2 - Resolves: Bug 1103252 - Rebase RHEL 7.1 to at least NSS 3.16.1 (FF 31) - Fix test failure detection in the %check section - Move removal of unwanted source directories to the end of the %prep section - Update various patches on account of the rebase - Remove unused patches rendered obsolete by the rebase- Disallow disabling the internal module - Resolves: Bug 1056036 - nss segfaults with opencryptoki module- Pick up a fix from rhel-6 and fix an rpm conflict - Don't hold issuer cert handles in crl cache - Resolves: Bug 1034409 - deadlock in trust domain and object lock - Move nss shared db files to the main package - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Update pem sources to latest from nss-pem upstream - Pick up pem module fixes verified on RHEL and applied upstream - Remove no loger needed pem patches on acccount on this update - Add comments documenting the iquote.patch - Resolves: Bug 1054457 - CVE-2013-1740- Remove spurious man5 wildcard entry as all manpages are listed by name - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Mass rebuild 2014-01-24- Rebase to nss-3.15.4 - Resolves: Bug 1054457 - CVE-2013-1740 nss: false start PR_Recv information disclosure security issue - Remove no longer needed patches for manpages that were applied upstream - Remove no longer needed patch to disable ocsp stapling tests - Update iquote.patch on account of upstream changes - Update and rename patch to pem/rsawrapr.c on account of upstream changes - Use the pristine upstream sources for nss without repackaging - Avoid unneeded manual step which may introduce errors- Fix the spec file to apply the nss ecc list patch for bug 752980 - Resolves: Bug 752980 - Support ECDSA algorithm in the nss package via puggable ecc- Move several nss-sysinit manpages tar archives to the %files - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Fix a coverity scan compile time warning for the pem module - Resolves: Bug 1002271 - NSS pem module should not require unique base file names- Resolves: Bug 1002271 - NSS pem module should not require unique base file names- Improve pluggable ECC support for ECDSA - Resolves: Bug 752980 - [7.0 FEAT] Support ECDSA algorithm in the nss package- Mass rebuild 2013-12-27- Revoke trust in one mis-issued anssi certificate - Resolves: Bug 1040284 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) [rhel-7.0]- Update to NSS_3_15_3_RTM - Resolves: Bug 1031463 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741- Fix path to script and remove -- from some options in nss-sysinit man page - Resolves: rhbz#982723 - man page of nss-sysinit worong path and other flaws- Fix certutil man page options names to be consistent with help - Resolves: rhbz#948495 - man page scan results for nss - Remove incorrect count argument in status description in nss-sysinit man page - Resolves: rhbz#982723 - man page of nss-sysinit incorrect option descriptions- Fix patch for disabling ssl2 in ssl to correctly set error code - Fix syntax error reported in the build.log even tough it succeeds - Add patch top ignore setpolicy result - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites - Resolves: rhbz#1026677 - Attempt to run ipa-client-install fails- Fix bash syntax error in patch for disabling ssl2 tests - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Fix errors in ssl disabling patches for both library and tests - Add s390x to the multilib_arches definition used for alt_ckbi - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Fix errors in nss-sysinit manpage options descriptions - Resolves: rhbz#982723- Enable fips when system is in fips mode - Resolves: rhbz#852023 - FIPS mode detection does not work- Remove unused and obsoleted patches - Related: rhbz#1012656- Add description of the certutil's --email option to it's manpage - Resolves: rhbz#Bug 948495 - Man page scan results for nss- Rebase to nss-3.15.2 - Resolves: rhbz#1012656 - pick up NSS 3.15.2 to fix CVE-2013-1739 and disable MD5 in OCSP/CRL- Install symlink to nss-sysinit.sh without the .sh suffix - Resolves: rhbz#982723 - nss-sysinit man page has wrong path for the script- Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Add upstream bug URL for a patch subitted upstream and remove obsolete script- Update to NSS_3_15_1_RTM - Apply various fixes to the man pages and add new ones - Enable the iquote.patch to access newly introduced types - Add man page for pkcs11.txt configuration file and cert and key databases - Add missing option descriptions for {cert|cms|crl}util - Resolves: rhbz#948495 - Man page scan results for nss - Resolves: rhbz#982723 - Fix path to script in man page for nss-sysinit- Use the unstripped source tar ball- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Reactivate nss-ssl-cbc-random-iv-off-by-default.patch- Add upstream patch to fix rhbz#872761- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build 3.44.0-4.el73.44.0-4.el73.44.0-4.el7nssbase.hnssbaset.hnssckepv.hnssckft.hnssckfw.hnssckfwc.hnssckfwt.hnssckg.hnssckmdt.hnssckt.hnssck.apilibnssb.alibnssckfw.a/usr/include/nss3//usr/include/nss3/templates//usr/lib64/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=genericcpioxz2x86_64-redhat-linux-gnuC source, ASCII textcurrent ar archive?7zXZ !#,l] b2u Q{K_U޲絠48"xnE!6Ta:'5Z__qSJ[J}p* E{R7ݠ⅐{S%-7L>V,,I*ZLRoE} z!fču0-LL/S^/]0Mj-Emˇmi|+Wwk/bW#eA, D%hjKDzl &8aAsadˠ7?1T"fMa~߆.T|[)[YH^F *쬆)nK;c׮wx}9y(x>ɠc{B@dbiFu^kI[xDˌјAW@?.Urw9 k8@I#|d.>3]%E%vrU:rȐC.ބEY$>_Ώ Ƣ +d.lk }nNl dJYš~:pvOA0$#{/F/y~fr.\ @/%V 1t z0Y_'Cw!V Ǯv:i^ސjRڳ&$ஷr=I|(AëRj":o Waum.^8A TӤzK c VsҰrSΏ % -б+i,?S]*Ng+^x4.݄  P? 0^:n1]y{ݛZ̵H ٖu5eVIH+٤Y HezmpFz74GG{E-_H+jtQbCn'0q͞)x\║5w& _u__q!S<.@kܑ˝??)\:QgdN ȳ 25~]I|?E4yGN صa(L! Yfǃϔ2q&,S$!"0 ZlRH"  i#<&6%*6<{`N@Q#kDMjF9AZ֗d(J݂e 8en_=TD+ TpYc]PN2…2m9t}[JDI)S.ĶNU⧙}fB&}a}4QdFh*;8\ 򋯩ǝ#[r6V uFlqM!` ]z=XH'dakaf.?.]:3bržVY~mc;P'ףE_CТyjxzv`ގV趝.iejCO uNO<} /aŀ,liҐLrѸLyoFmS2$ 4`QEorgxP׽[4BVUo( PU CUK;(eayUi6; J댮5EűQpZzIQ(Ly,ZTŠ~h g*o8Dzw ؁0uf.ny*%Y'Z0daa549@wOUcpN19vVρO&dOU . gS0~}KA>IO(azJLV[3EFyä׈VA޷6EHxXA8j+AsaQE1#M&kxt(Zi9q7 `3nIT[`J]Eo1ȗq4QΙ1gz.Ӊ]"6a -jqtIpxYQ?l(dG GOz3D[Tum~u.72٪_׎$Y0d8&vBԛki>_lUч['م q i0YPMttI0qBS3j2k("?/hk#(_!֨;Lt@{&UcOmW[%Hu= :p54[f 3's%O"D>g 卟+etzD>Wϕ*\eOXh}TBFEiQ1FB:@e. S>R}WPmI2ޒ9ү5#\ ~9) np| @rdZu;JJש3(D݇I_OJ:xgӟ$g0Gh;N\q,TJl=Qv1eHװtx> .ۧ`b\,!؏/`1*6[ߛWR:Y2^G c&5,9r3]BV-Q~YOQ'λsޟj@6n>&&:ҮOw| kԄ^+ݾa J=w=iB|\+x twt+ez6#䵦)[hF^7PIaro߯2mV }@7KIlx1[(-}w\yi(k_^PE>,2zm >, F:C _j*|2nYݵrYK=z헹C#'֞QEߪJ&V /9-?ͻT|s(س_Ɛ}oY&5!*!q7lS宻-McmXWM *_vM?ٜ) VGVL\`f $V)@8ќC(w}EVz6.B7 )ag[:ܛ~%tjqӬDzDjTԔ-C4NwSL|f|odFFUȯ}kc;o'CUy$1 eKR1ZLO\](#CuX4ᙝEY8rr/nrg59( ap:Aulؾ{`al}/9OhURivDf"əC(%iX~ 3>L#D5s?L )VYT#JDq?L{px9J!9?u^VK[yr [ØD4.Sj'$`ѝaoYI~r[&j㻛uo'cT!gZs:xޘ[n\uxր09 ](3 朊I1ذz4vCi@_ ˇ(`/^u$谘;:ᖐ̩îuGQ6H҈϶9|5%nh_ [X e$3ZAqISbMzLsw}νJCNm' Qӽd4BI_IkĪ'NF#"P@eK*0YRK{P-B6b@ek rؒ:Q$` Xq*b.@?ch5`w4o ֿxuցmQ8oiaʯ̳ E;oO5?D5kQupg+,F7BT&Dy#WE_?}s Go Ѱ(D쮌dO4%1.+ 1DTDneVW-}y*bl><6I> ilފYG \+ ^umnAK"[ dOЕ4yKM3SwsYOTˆ$bANa:_;gh,O|80S`MOc,[P 4xtG\yfH L?btRU'w@nW"U/jS$ǩ嵜;^ʾ߬&' g7窒[}mD5R~\|^I?D9Z\Fq-Q4e'5ҸBŸ_*i4x2h*;~g@A lk=ϚLC-ZT05V`wp>8Jp9,[ou zin(. >WCDĔ6Xc&М35ߴd0pQ31v'ݤ? y/5}P/…7ROX(ų>Qk9v22۲i@S\dB7Ik9Uk~F􎬍 9ON9.b͗%p`=eK6DSdž4ðIKޟS/j@wkŧY4PpȖMWԺúFz8Ry;Gƿd@<'.>!^MAڌCz9AH$Ώ_$& Chl<^ělҁzz:nzOIS#v2&G$j OQ+50bC!w7.?~Mj-MgĴ\7նzU[0s}u\i cv+tZ*\y/q0eﻒW5)P.(g?RǞڥ:UH޼=)K&NoaLŊFNhVP%cuNx1֢'| ncD )Ny{C;{ۆG{҈{YG=\֑΀-g+ :a'N,l. ɋ$eַ,cLoa_QtWyI#;1FHRc M^SYg9x2iܷn۶Ycjru[Hսoʾ ːcɀ{aӵ{;v8(aARS6TIȿuS)gwjo +}hT=$y!?nZݴ>O9Hypĸn?k ɾ{@AX_Jo JNAjcxn[3]{` LpB"BO$P ǣAv<݋z:3o &w;ҍUІEĮo-DbO}nb6a>=O˪6J?NXm -2K??R $秽љ]|`b?,7{L)1x :q)׿7%B潕?(6ײVŌ@5 ]`NJ+:+nd]1u̟}]@{0eMA[m3:`^]<ٯl\Er}KB{\dt=27d%s0KXڠNWW?-GءOOYȕi)-5yEQǪJ88X1bx*Bu5ZDX XP"6TX^o jFKpQRo~;KD2Јm%tx grq3D.ETPkh*,]hDzJTQIŔFhA܃3u3vs[B08ZnWNp6f872 !1c}/_sav޻< {oHb"{Sfq 9V)"\ZR|AB8;3s +?1H]jli>SjU,}Ax*jMj.=ۑ=J*r_d~Y(%9h%{ s{ha{f;R N?mPd 8SN~bȇqBgtx_BQv2Cds-Q#*0thc#*]⟺'FlÔ$€nL𕄃8G4я\:(Ky"03JyB @_h9_̛o[/bT:ъTx6TXҹ=~*"%˂"`:2𩇠 ŷ7:jDž6TlT/6֏ʀ.UT}-֯?ZpfQM1o4gFr~`=,N$ 6++3yчXoLz((@I.(K 0ބREvs&WuXѪJ8kU Ś#R.RXj)`om6@Ɣo~纘T:@DBZlک.wшC!/G`V鹻Lҟ#vD^d@' ݞ*Qn59 %/~puoP;\V %D=m>RqAD{Q T'?Z¬ZyY5k"qULMCrS5IZzF<h[`H߸7C_(xEeT]]JXoH."X~dXsf[w8~o5ŗԱ)(8"SN!u٭z=^ָ]dK*[2.sp4ϡ$}Ԉ Q_uPXVW=Rݸ2Ivl[_yXGY,Г fj8\ثXRX{9D jVN- ϝ䩆OrULS .\j/|iⅤQKfAS42UQA:Eg*֐Kf_Z#i ZHN;[-ǂ MIwKuTnXzڀ UL|:z6bsϰk#S[lʼnP"kSP#<ڠpp >yMwz" 0.>}E,y={~z puD'+Qj_uNu&ɮf|QPFPƜN*YkSpYV>u.Gb'WR\e#np07#}{"4e枑@]-S=iUª&6N*~72k3 /7qV%V,#WiX#BuwM%0/Ă 5m# E k$1f<$éZFlp1*\ Dj1AY-!ӖcϺc' [0.6Pg$ h@Nkz /<E91qY(M*75sqOtZ0# XWuMl>b!{\(.y"\[3frPE6lQI54TJs8Nu4k1ѵxehؚެ dh[BP5zR-KB}fu5˧fOxEAQ'5D\J:lө/$kҧ(=/tӄl; /t =5 ~6Qs{5,;ojW &5Qߙ)ş+5vMcHpaN06Y;;K)%$ a2({G 4@>Lq|N>9\ĄVRlMb#/.ifUDXB'ƋJh:ҳA`מ/( ^a",$.dSbT!Vװ'l'|\ڣmQܼ#uۗ)HHEF65uJTٖӫf{Ft \{\-N4jV*3d0N?;n֙){lr̮Oi|Pu O2Qn|3:^e/AX7)sa1w\ҎAן #z& pZ6IL+VljWMMI^hG^p(%b{b(>0v^)>[kAf=`'PĨcDVc..4'-S$Ӏ[BUs+I3Jex0,MPRqNDƏDz}/$Nu.a^K:Ѣ&/_p^MrUɄt>~aj>y)N2܌sl$≕xeR45=p=ՏINh2wRM|)Ivw4#ǫ' rr?>_RЋ)N`]l+ b3#Tc5BS.Sc6#"C2An\2>@,ՄR< NK!&Q"f}vG%~7*0kRƗ: 4 ȟVCutvY&?eJ^>5֥;S^mG(<2:G1)w;X%&1RkvPJOG?+%ћ#R‹S'{[|ta}pS z'a.NR q Uh!|$_is)mmL =F]~Ͽv`;ѥ?(.F#oTi͕}& :id5Z$W#w;ƪnjͽKPIGehkZbiEDxȱ#/eAz܆e1+9gVSZtw_JD惦 Ej%xMcp쏛ЈPߛ6 EUŹ gA/8OsN k, *n+ LHhNҀ/U?δ(R#m @ۂu3 VPRd^k-dǎ]x*>m"/%%B@7#%u@+߽"CNqѾފ"߸H͆/85QM/.V8װȸ>8`h'ٽN#dS\o =exOv'<{_0!f"CoD|u5乸Xǧ99A `TBbX._49v?0exzX"i춳 Őܺ0{b.{\;ʽPY8nTˈwؾaQBj$aۗO5p10xgA_֤r{zhsҨESHT1qcڰoXQi{DD# h(BmOD߀BolG)+tQ_RM4װ(:^5)C`YREXd|٪Z"%(^41c\^ LG9;h$O} k rt+P"ш%H(w$ķN%C3YC\8M}RnkPOI%iMw/0ەkʯ|A$ +6e$ߩO l`VI M%Հk_ҋ³PpY"%&`ta7eS/r޳C$s|&tޔDyXc[w+Κi{y g9/Ct`wTP.JϧY,^Ts08reLL=}obkmd2N +G$CL] fq\%XdilPqoc`Dm]@p H7@b4ni$[J~=QoVslGҾcka|خBېz ŜM/kL+oHJ򈝤dE4MJ:XnӼɕH#kR pu>Pݒ"-S05dAMS.4-K|޶#߆>zwknce~Is\cZȴ ~|rLgm":\ 9wFߐ}(t*'<~ <),Soˇl&!-/T0SZcb#)W55ix UjqD9J^38g(2Z(K *_7I7^H98Q~ )p<B.|``sLN}v֎ӟ)pe"-ؑh ve2gUvf\yc)5MiN<\wj*ΚȈ@]ymv T>>S%l03=M Ǥϖ],LůSƳM߷d*oxSrMHde~x{=ݛ"fN ;ؽ2A\2O09,YuBZBx2d}Q .ge {m N +c)m^9;͓Dge/,3kTƱ1e<``kyn nixw-Z̧?b 4uq4;I`QTrMcfk9fɉrf0׈H@r[ 6y@$, wOoWu~D9{%FE.q ~Y":8^'|l &D΃u(Gqo9KuXev;tk/&RFqY64SɲqoRYWs}#yW˘,yݴMcEV"ƹNΗk>I& R;eRt'1z{GKHr.&I(|1`.qvn̬[u)5Ƥoŭ_Y 1sqG#㏥D u'^e44uǗVMCUԌAsT*cw""إqZRytBS,?h/DSM2欈\096 MH7`@$|!ï \muZG %sT[?k248YmdYj${h%k {Z%GNx:BṖ)j$I}|z/h.!᠟¥ .Ӡ%Q -D.}V پ  ʳVX-2 q;nQGlj2jg%?.=V772vVu ofV0_7nK82)l:ঋFW)FWC$@kUIF0zHʏaAKd 4l/@ /"/95r?,h_TH~1Q*b{Nj` ]Qmޜ5w{k V €K;D.VH!CHlj\@S[}qN9B_9vԫKoaedTS $m?:uכ-Hٔu=27mfPd(5~ 4Hsqcڥ?4zEcgIf:I[^. I̞T}fl2"08{#ҬY>GΜC3R€i@O,*!Y|D2H 8eܩcW^I68*xH8%:Ǵz@iﭬF@lQ9^\rT7S^ >1N8+\F3ϛ߲8k+H.xYQhUaVlk+&=9 Nge4m5 .3;݄TS=]Tf扌(ctC֪pu>a]g6mA9N^13/T,2v阮qJC:֙⡖-Wss]gEjH;߳llLq|F) r 89p7߯*@%|AU8DњS M_tF "rٶ 4p~Zu/wYv AYݛ:|M\fЁeiIz& Us!ڹXCag Qe!@<*?5ą,0ģf<4 e1wf`~0E",湕^ˡ]nKcܘKP zvKr8ۄ㒓wPq|E67%ioN CMӭ'=~=iA81hvQf/R{\uܞ|@2@f#؏ukA^l(^jē]m!6jصE+5$"j.E`\?UAQZkkybG#9Our|J&CIj%.}a!/Y޷ap/Nl?7Jbs1ԖA6+l|;}XݷW??h_#4Q.+vdW~`iKDŽp=p:(;EfAtn#@9֋+_T$o҃:$yI<򻙁)0K[YpNSY40KaZ=]h½^./<ʮ+m8W:2S5&5*$~怡'?1FL!>=bӾ#Teekn}^ [EY x4Ж\̾HeIN1S?lh0-vxjz%݇E:}x5s<ޚܐXGcج.y$|wWd._3]ޤ>dk0hjhAB=z9 7Dj M5 b c_XkFuIrD0|Siozen5˂`jO T&=lM^@ P7( ۝*:{Vm{+ NM65˱ۙ,UlBA60=;ieM8#ioc_g Hrs:;&$]q)TwSo7 ZᔪŌx#wBdcǽq%|"&cFd.+ޯ 7{Xz blI eM[u8dj5X;>k[QKab+ PR2.# u, $5L6VkRc֤)mxhZe{nB|%.X\PR*c_sD|,6¼'z[n_NJ 8'p&[`MߙhO:!a2 {p>V,c\  "!Q`<4s\VimJK dB[1^-XlѲ$x y6 C~uVs{F]KT-PWiu8)CY=Z\- SI"VB?Hd@pi+YVtbz_]M<@m,Y2kB1:CI}:lݏL?\-VH[tg$El^zOr*Vq w9A|U$ooc K>N r+.:Z@H󗢧K1[/ kK>kdW-4>>p)ϞٮwP]=/yAuFZs˩i*'R:뵬5'8eE\- MKՅr_7 xf65}OS>Ij8L=kN?Pn !`=M~IpSv}+,4NZ&8Ǥ O7jZ GebN߾BBŜ;{]W#=.ȱփd=.aFv#ET:xNb@:䲾eɵ)YLާD$v>ǰU弐psBTUVwV+]{Sr/~#8vrkW ;)4bh4UTzF}nonh#n9ieVi=|xU[~Un,gȪIt C 7wR4pzƋJHr}Xzm"28jiL&?LS׹c!Tna^s`ѸOk0F='/@3ѥ4"@3y<yg{pe(-OʓΡG%u,єh, j(E!ٴ;z:y46JMpyQ\q_#܃,ѓx1z(v }rsULl*i3N)Z,!bh]T0RC۽poFO畕ŢMK:ǂ/!47Y6 ;!x^7SY˯mB|Js2h-[=kTneW ct^C9&5/~lf ֫+XadMKAƍ g~bķnCY;2h`Pu'*PACBLs̀=WsϿ36ؑs\KMGdvӃP[S[mz9dm@A(Ix~ f&+;ĬM!?$x}OYn-Q(_y%G Bdwts6t6o GKSIA:YVѲt|/!lV$~W3Ү'h4t;V3Ғ@38c;|-`}9&*v;[ m9^N5u/emˬVE<]tXp:@ L>$1 !)#H8tsZѺɻБqI|NZUڐG5}0J (J{ظW8%DY.)a19a<%QRRş},xJnW+ӎv%G#4`bNT2ă]4K/N _PܰHa-Sj.hWIq2Ù{ *mSY,Ek7)8 m+dZ2 ,lbz ^ba{S_څi~>7eF'vy JHVapi+\/l5 E]@Iۄ|ohr r Y5ePsrDժA%pt*_p'g~C֛qCCD"N$ŷ;DmEmFJqP_NHX|7ba.& S,^+c`Gݝ\M¯llNߴpy'28܍G(=\lV`tpSW}u;=ss}q"![t<}=^iskZobHL'qr!қtVsZ5#m MH5BHbR'i!mڑ)pdwo <2a[tL>;y NUtHj:cA 1"s2$hFl%9Lg&`}x UԕDM4xCqM !o`E⇬Ӊ+kZ#H'Ȩz=vf);N~J7'x13CM(HT۬]߫o;I8\FڑS.7ɓW|}eWmڼ o҈TFb"2{DD))DVÏF (9USLbW9;(2uJh>ȹQW:,7PֵA( 8yIPc2*љ)5Ocuog%؋\&3^_1,aO0LՁ..!>p#ӵ(lzh$|y~r4즂j@߇90jh$?z͙*W"|K ݢ3FkHاP8`?Tѷc243UW( qXVO E-:n$%Q~'ReJP"k-Y?flPٟժX"uwfmֿ3Vrg.^'5<>d&!x\t1zzT-1]R2ŰP#Kp0ԍ }oDN[ 3AzoM+P)'$Aԋ#&v+4Ǚ^FVNw3aBd?j7~V t_X,ėHS+f:a[+N1͇p0>%Z ,ono3U鋦-G ߿e` vSD3x/:- zّQDOy^OE85U IIE=2Xqhq`.)uQ隮5Y c(-"wÍNJ֒%ٚ^P+Mz#"wh0-cM1D^ipfn7R0 5X+@hO%i^y.[I\CkL}Y?2QS1&p?e6GӷxPGWZ2W%Q^]1&t7bƓJw%@>dY ;_`j3tFBYq҈i/$7)g Z>BwIѩ9[TL@F ~QȇƆ+O;#ާc6-[]CO?/^Wւ%@gPHm yc2= nW/ޏzx̂GO [{3"bz%;X;}=h%:-XۙAV1|רexg4eW"n~NWx!t%&y 1})f>HIrwgPC| ;(]ɔ` Ξo,zpUTSjMħ}٫ |y߲Yևel[ učT96/NXV0~&ʃwtJv.H;) VzKHH3=ƄH.)f9c`/Q&PaK;pDĠHLɀZ$1a6tKsWMW:q+-xzHtwMi0JpJdgcv@>$Q18Td$Fr$VpD&̝^s7faj>ji22Ϧ]^9شPc~-2TuJciAk{ ,N"UY Ťګ٨}4^X׵cY u5ϴ$<dhURP.aN`50uV,`HeF} \ϸޜjޤG-Fv=Y47;YԸ;'YQ|)Г| ҅xŐ(iֱHS }jwtwT—O)w0vm&hZk)*VVKhȧkJ[ bu@K@)xw6T1P N~hU+K)`"c'< )rVN*a1;Ycҋђ 6|7O_@i4)?*R-=T"%Yj;_шʲMe 'vtNj)0-T77Dh:jç6PV>÷FG@qϖ)~ <X|H\* `J". p[HjT"H&6v5Ep"6L!D9LMrn&5+x3MrbVfDۥ7%E#/,ldi#C=8L-'61fO2Cz-t(9/=Pf58MܾsC4ԈH-&/yp%Q rR)6хMMjj _2X\1{q";LA`iɥΙAlPI3!֯*dek.h,O|ޔ GWp :c r$3E4Nqi5)6ْAf |Zhi)Q Ӕ )+RC+i sA8wurNFDZGMV0<0{TY|JEA#oҖ C;]:Ij6} bG l'fpjJb6Rhb^`x?PEwٖw\K HRtYœ_d`T}EO7{r /=u  ,`h­YHà,9$&L+Ѥ$A7nD`z/m5^@fDfDI0RI9tqu# aXS {n^}}E]]b˼IJ PR׳ 0[jY1}ѶjU֫džF$|^%I'6J0kh-C~s͸ rzMwLO+}I?V,T2蹯gɒnYN]mJ͇ƓN0 Y}&}=:g+Rl"fvY-qg3`3$̻tO!a'Оm U(oR2q. ,X5s̀3 V5yG.Е詮hϗiY 1o"aTGTJ6M,lR T"O6ycoOziEeHʳJFf1H*_ͱ,NWz:{ q`ڻi ^bF~ RMgPdA@탨=: a^\]csN;MfR5 i3bb16)཰-C:n.d0`lEPC{oqdGZCRk."Y)QdưHAu[Hxҕ˗z5_ OWSO/cN}R')΢{$ _ֳSU )<{ɴ r8Ʀh|RetuC7ࢼ5sN`a>83f  VtrV?Kw^(t ,E~Ϭ3{>dZ"CM;>3dV̞+ 3cJd'ي@X l}\@^p._@7W 7K" . Md ? b'T0 .Yk< c6]mA*~d˽(W(/}$O0SaDrqa U^A6g?KuMJuF|uڼ.,oxQt0 `Y=~]Aa31٦3%*;%j)琝uN\83QԠbrOK~n6kՄ G4ԋuvu@RShUdA!󍆬'=i3͆\/ᇷN|ɰe%&okGo!JljeHaiiUq=G}nU#xRb,Z#ØQÆe88e8Aƒ)@ .<5KhˣU 3+EI2-_OeMk#wqs۸FSo&𨛢iiq nӯab۔Y݂HL\$$%-TY'ԎKHt!rBŴ;)|LD\q>dt05fWgZ5}/ '[ ͮeʛe0ӲIڭX8ݮc@pgaKEW ;V/xkuPiWFY=Pʯ_A0{QT SSoD{<)?_5P͕K:cZ6k)S9HLmQaZit3[Tq]i%e80B{ǿ,^}nW\5+wؗ K3)Io~>𢏐]C/f/?ui3Jiӑ̏p3U1=u3 H6A+xikF !-6m6BӗN1mʃfyb/U Ӣ+/Il>K=j}E,.`"VJ>)"Lf߿$״ѪJ2LU,$EL #%5Pֈjăa\6SW(rUژ:l#q'oef/՜ ֿX3NctbNϿ^/Lp| Xf0BZCڔ,\c{¿c,n$l) aIa=I}Y|ac_zdp}2̓_$7>nɑőP٘5xt.]A!IxVLpvm#PU_dguxn`J\cl@}Q2Kv _ee;_M &L X<ܸg`vuXw #(o[ax k.5sْzTI>}CB4@8s s7I`nƲb#?W{rTwVMy+CXz-(?& klg;X>_brgNֻhbOi9P0m+i>Q79>^B N2J*#I'R؃(0D)g\H! U%Ba9 TLst@h\@̚05mpR/Gտ9i-;r cy(_7Oh>g =E.#S1 UL46d3,pG:D-pvݾ󽎌fOVl|阐g5ظ4|)k-Ǘ־s+ZV=͉zXhh<$T*zUDuY@"+?D( Y2Z1^6޷O_,9#)؋( WdM>qKUDv`6ѽptZouѢp$ٔCuµ8xg<]6 R'.u4M[l#vF"B*YL$98u8 aXjOK%J[$tTK GӈF$Id?0K`_Q hۯK}wqVLp= 9E5 | `斠U!H{[1d/@/Jeˎ 0ْ2A(t۞l 8t>c< zq55Wшuj 8j>r`'M|O{3!Fj .x F5ўՀ#E'5ON !^p-'L9AeG=Ua aa/|v:KP@iG]Q:`K"#5x<E=1!0'@+3]x URXPpΔt.gڂlZ-TO9^iЭLʭ1@bwg^f߀촤bYeh#Zt'ڻ9T`])UEx?_ oӲY| E LBnQqO@쥻-qGE>hb=EsA*qr]KΉet@J[<B&,^,&vŦIV2wR|"؈tRipi  DĹfL=yUQZxWוI98 {@ZF+M+[iW4ܝ}I7~YVq"'I-*S=Dx5S~S ^shRGR:s-"K)1m,6[!9 764JKxmB-Nj. ػ|T.J#AD( w҃6ȓB_<av{RH :ܘ{ 4EK޺a/<YWKrZe3aG\w5 HY4f8y+ >;Ğ 6yqg&ԫ .Qmϒy'Œ։H=rV/Rt e~hpA6 ̘F!jZ{ a {Ciɦ%٠ZDtmc&̕FlCf1x/x* gO֕#WM7am1; \UE,0p(c^ C7z`Ei1&.v ^r駬HV5r5O=1c>,CLT^Atkit=vp2ո B2 $d|`lFs;$%$eJ <`ߎXn0ԛ 5<˷Oo-"=a7UCH=M[ܧ2TNs+bƸ(5wSOÌ'~U̸f_#Rg=cgvAm Fz Щ`HR2 ߭IDzS4I\owL' 3b l)_a ·6(q,R`."ڎk/JwmN)e_;<|ְ>fNYu4j(,y Zj~|i8S ckAmlM_4}j`[CKRp<6$_\̑c93.131GVf$@sn]XچU,`'0|/2]UaxO2XexU܌򻬧pӎ9i+Jެ$HrAUyಪ6ȡz|Fm˙gґ!<hĻe[ﮮBKXuk~$0gg2k~aɰW/@-9fǛ&-\:dT6nYlFBi%ٻ Nh㱬kʾʷ|@͹)?4^> =@뱡N\P-@; Mv퐲oy>6blT*gq]ϥLa,mյ$jOJq$Kles/&5ed= ozCsS-1(>-6Kw#ҥeپo+ `ɒ^gV|Iu(ử|X7PzoD $:uF$ܱ8 س̝]u^mӹ>1WsR٨^]d*Pg D%%4)Y&ame^f :Q9KoJxLon2$?7pgi#ߋ]aPm=\m'u0(7=)CInc%rNt2{LKGj}g#}J%~SW<^@ zG$iOeIWs}}+;v\}.I 7m?PUtlX vtnC#).Y(if܆̓P eX4*AQBu8S:hG T,~cFjN=}Uhd riu81WrpΟ֫:GA݄"~Ƌ[Ƹ޶/QO4MtTl= C*UR!'t/!lEJw}Mҫ6zDX@|`B`|RyßBbx3@ lh)gUBMa(k+S rG5y@=dG\ŝ 8{&_k}f隩<3m4LA";I;gqK-׀'7ñhrQo{ǸH`-- ۶Q.~ϵװ5ԩS4o(~oO@m6΂ #+S^̕7Ϩf5%sIy7s!a'-|i "zM:kG^ S.d0Jsr΀(4 HG <@ 14ZM΁Fxj0@!,X`A##y{- -y%RS׹tzh cz}J}LvqܭǹuEaMI8L@k],֭mYDQ|nzŝ?wr6^E'NK&{8I%,h,%ZɪvrnZ:M&OEo׵5p걣I`? zdQ x ?m0c` b!wwd[+9X\ގFlxiY*FTb@ì1_ʜ$ͶLm\U2,clsl k88RY&C$XanJ-ny'tbpg&ǻ3=Ң :->1*HơKϷٛZ 3D!(bNB/j#_}ӷtdUP鍌A:k&{l4<ܢoFQRL:Oy$y Tƨ0v+[xbf*DGY&iS}(BOZ{$/Iz=]]":%FsS mV j |`> s#FUW5Ini S`l-[v+[(rq ~*6V{>J;Yh@]1pv)~AŶ` T" MEv-Ҭ&ővR#a# ` `v BuuRX![^YBl+"wcC' QN5pܣ3ǩ~V4赟.Lۄu>G])txN90|u-SMapAR}ڜ.tJZZ(HN~Pszh(5n{Y:VVgH\Vb7cL޶Jzi:%5HN^nAc&!=]R5\Qګ aR v=B Ni(Yz=Df9RO`>]hTD Q*Y؟^_!d)  e?F9jF.D }zt6ߎxL5;W#1ԣaG {=M(JmFz-M2*,OGߝ<< ݵGq%B2u`GsJ~S.KPT .$$[1dVz$x־ CLdr[TǔAn t:ŭ ^UQTFقM=٠I`AS P-q`T١g8mX]ুչ{ $\_;Z`']8z559CѹyCqVAbk1$v 3.JY8sQ,h2! Gsưk潘q!I߂ʣu{w"Rk͏DZJ0Y&H -^s|C# j^İ08@yih;=Jr)̥ٝL eEJQ (JMn:t*S*e#q(g]Rn}Mn3*2 BwɩM-<͎~i$XH 0vJW 0.=xd #3 [*7e[qdV6W}y&*|UH;>fe.HpzpiNX_ެl0Ⱥ9yu K]H7eY- M۳R/`sFc:VC茽G}3Z~0'5`MG$1yAwi}&W4UƎhLapBWoMm^ (BqxQC$ӠY61{\ّi* zF"S]sL69SK$2^ݴQ9~m4!ܶ C\t4m3a+gf nӡ-{v!h]wm/AŰ{IhAnGQxMF-"(S78b}Y&wDVD(85R }Cٯ`r9s:E.\ :srAgSF?{BnHJj3]A|GDV_gž3-2_IN1A2jWGBA^E;^CyYoLTF^n΋r▉8"0d/@:f)YdGh'-Ju ~ĕ>?!ٵ $&0ҁ^Ɗ3{8f jS[:z I|GM?Cb;1r*F4z2p`#ɌcGGq^?ʼn}1Ø펴7_rrbRC\˺LYCR| ܴ ݈go>bp.8t=DvW9{~U_{\Ħ,ٗJƺ;6 e='= W ‡Ukk6:'~UH$gαCdȺLz@K禒77Yʡð%q 'P-bGإ!nidW(u1/BǬ2,g>Q/S#p>Qxų*CR*/ tfADImgRHTQZjXHv-Fݣ̔+|D0n^ "qzA;k[Ǭ X2@"ġ>#.('7VNFEVbh9%HBڹy׺?I`/O鿄 ,.Wy)(y9~sJ :# :a5(g^ty`'H`Z4\c+as޴dlGwJl1ZE{l '#Rtyz끍N%܃lgh&pQȉCo~UGJ eާ 5o)BR(k~"1_VdO qPd`=}`" kwm*'iCC% (leK-B(Y h¼}+ MV2r[Yz(BPZhFC bY\P֦HaolZ{nEXt. ;t#'y]0^sh=l$B֚A1Y@PMqՄ (|<[fé ewJW nZV v7'>7׳D+XB|DDyuиT}N!"nؽArB/6Ę[ ZDƌ<9a618x9pˬ -J1tbok_UC5^C= ?I'0fg]gAXZCQףcի=)Ȅ =I 4J'?sip)%=<`=z)bv*2GR1㆝@dάӔ(VVF"D Ƿy<<W%%c߁ZY"5vKx`0"@I^.W\zqjcmͻP2w\zfZ;o&ǯ&U@385k])xQ9#05^ީ_:'; )XY:3GQQ?QN;@(#g]".2/d&,# XJӁܚr˿J3WhI'R؊A?xt:܄x |ƫO: ]C2L*֜Nְ,]W0<\*~ip@GykMc`gA&br6 fo5Qy MR:9^ܱEMXŔѢ;NҜO>LOxyX)i+jҶ}tLQ*5{E|Y ["t}ON\v'.E'P0&8 \2m&%hsyrY'#r\p)#˧.Mg)&j]eX^ZK(p5u7(S; ZaMTj5 yun`ic_%Q6 FZ튟| vRMYSU߹5(D甮e1WV>X]s:δaJ u] f`sm}@貀@f-zd45τT@4>M@#wL`P39 nP_n@:1$,2~0`L۲KFh%\FO@u!qY&)dklI?0 3]̒Oy8!M ZMqHl,nuܠ>|ZTpAoMCΞ0a1ѿ {4گ@4 RZqr`!,.F1dxy ^,@[к:y2e}zCy |SIJ¶7Q(zm:Zpv!KM`*Wr P&$}QW9z 5䟞-Zdc%{ތCb ׼xƅh&I%NDLၙ퉰aD ޼&, [辶 OG ^hҴ(~9h/δZ|X 7wXq*hNV܇)f &ZY1@&p2`Ou ,!?5. 3&I:Sb4H^ {&Wl+TٷN|6lޮt7W'`W^j^6:+dKHfذh XF]<"(B)0Eߢ 8!8!ؐD1_cw D>iV~PeopBBZ0悂-W^ nUOሯ1F?[l%ja,vz0҈bI)5l6^Q% 9 d*)zNlHw'A^!nn c."kl! t,F |';iv9\v`VwJr]9J-[_&"x2~GCl31$(PXC&;${,JiZq00 `k}(%a6ֹj J2:Ё.0ֱicS0MFM tFv} [)|-2 z:kxU@ c$g-z2F2ᏈpiӰq*W^I-tjd/J$$Ӻֹ QW!"p"P3ds:#tesA[1ȩ61Y R UKj_ fصDUgsܬD,ړ@[B&e V/C!ժ{ڬ`?I[9S^S yuϦwL&{py-T[fu}@X!we>D0򊝯no%8mָq%({ s@j?J)&`>Y8=b~u:"hj)Gacf,OKr\~N+"2Y n}6{.J~)sL;G[/}IS~|SXfT 6&VnH.giO$Ei=27\b)X1B[%ULp:ؼMN.zJ y&.$!a__iGjXk]~qPRc]-%KtDdǮӘ@kC TSXjdF od3="/JXCǁ9=/U0Fh-6d]0M3U=¼t[:~wdfiX ;_Me1Y4k%#ӭez/.',4J(Uemvr!{BcPO{[Sr r{F넓RAKY8 򠳚/ Q Ķqc =}<ݻîN@wWH!=Gj&\ᕟMyCsf2rc?\33B]08JqLO6Y @ZR<%ր@8yx̉=~5,^kMqMZ.< c PAC{r ni7(/l `)R^r 8a_X,>f54rQ OE8J[qw1d@aiX S?yWbP^-ʹ-3ٷ`;{Rܬ2F'/O Q' CTAyZ DW̝fQ`DwTq K'o gKdtM\Ly9ro?i&3z2!򞄢s͐{[#;5Uqֲ%煍{PM8u__ 3w g%}c}wT"; KFǹLKZ!Sxf%w՟jHwq`d*,? _1se$ctby"C:@!s;$-g#,5=\pmkclXhT5[/.lF5 kHAE.~?41 5 E &oC "zN9ji:Knp_epm]8ZTÛ3 }50u ()=7陮qԬG D*QBV1`Tͩ:wq8UE*G!a:%~kYt''I;V^ n~PܚNs?\1+Ћ]OVN:@0wq|nM ~rc:e0*{QNd֥,RjH?<~Fh0mtJA" ^9Vy_y{G)v::/}:JY&K#Vƍ~H[qŪ")X|aB^s+,X`Asp^FU\X_yyT#KoPp.\'oD+TΠ xڽ'do%k7*TYIb$Q|hVϼe9kgVzfCRyn⊯,͖9w-ݗ-T/5( n nJyZXh1 H`bDֿ´U5٨ӼcU-R&jmͺD?w'Z4_8%1q%^:kܞ&j|1 1 ") N^!_ֵ(mT4<9Fwk %F ~xTOhTT*bɌ涁:X(F^=zF{D=˝@y#N2jdo|KlDnflٮMg3J m%0X "[-X3" r+C&?2E?yS6&NWnqO^Aupp ;xGV)Xg|{k6 e ݆,ʔ5]CUQ1 9ǥO霴i:i0eһ~SotҺp{7Kj:ҴcvCgҵ>P8kl_P\4쭫?DtA7붃վT܉߽}A3*t$1^gwk ꞲSs5wO3݀U]$.ˀKhگÍ['| ")Itq7) 2`baF6z%tVBL.8gMz㧯`͇TЛcť4 MɎfXV~K_XN>Ng̯EFޖ5JVRxD~H8@{+6[L:\HѾȢ Ԏs`}h?O/4!ݾV_ZLc<'qb&fFf 06n9|U6$[ Y5UNgNƧhMiv| tOְ$g.|S څI~XHZv91 c73ƻ{OV=OM:ģDXfy},!2*gU _柃R^鮻uiomX uZw7\m'2$}5Q.&ρ%=(?QTmql`ct̖-op%$: tI8$pdGM!zmd@ |GJ- >vi sP: S+> W+ix~ߩiyxmGV 42(*7^ܱef'*aH7nAg\B/JyH6K"#o8kMk[;kG>@DWyryi$,\?.{wًș-SY݃4 i4'oOt߼[%N+ Z{**?4D@8ɊwȟBG|X? TZkeQӹaڡqӼ>)ۧmsGV>`8LM k*pe߄b WO r[`rz } kUrqZЉ x<уtvfbt)EM` [5̃a&>d g0y~ V&Ԉ*kT*E(?^my.KR2޿`u8!ͬuR2>k=evKu3qnNY 󏎩0˗;r&y2ܒعe#͈=fvE55NQR_K>ݷ.96'Q?fHmf 6Nm/_fIqXTO١Iָtp4 ,ɛUNH c8 b^r'iyv& (GQRt>9BU(R0oM]?AT:trEM{Mdv0pE<<%@oS:\B'f_hL*|he];VHC'\pSk5 <}S©nyρK򵥚5795\T=iM+ʷJYxMYB7tH:}вQQ ?*G<^K\cfVU%ܬ>Ŭٍ'1JCc&Khγ4S:xՋ׏R,<*ͦNI7Nnk(2-Բr~hı(9 U zE7]]s@7En_N^ T*h|3 [.qG[ @ԅ5"j*14jyrx?% .DȇcX@AqL#U[P8ixyq7ԅPiޤ0 hZ2vظ(rR+{::|VK ꅯ!=" ;Z ӗ/D7 T) Ŵ]m|SZ[r"np:¿+]u-87T&(zpR29 .}+Yeu/UHRHTH0xTԳC[doҸ=թcUO؀q@(g'C4x(s.!+_#$bHU0(9`zznL(CQ|E13*F7 ™Ȓy2S}P8$6}nLl(A`x1IGo1La}<ʧer:9#iv?  jyx Yz$ŜNBEg}'&UY>$6bČ@ e\mH8[O]T!R#0Z Nψ sey:7NUdF n$ ;ψuKA+kv/=MWb@U %)x+BP4*X޹_\+C3w Kae.,&-V ś`tGJB)>WR;@TMsî[*n]#0z/\R5gEMksY] I=I>)kS#o:MW3LSXEWK9ӱSeX+^qk@8(XQ\B C 3fJR7@%4̌uzq8B7C$ &b۞U($vI\x@1sZ.yk*1+n>N(ڷשH/:X-T''b*NZM+U7|JNr$OIK=)! [s* uKfr͹bGЀ۽յAU^X80ȈICljォ} $#Kc\HۣB Z3Ҿ]_\G-3eBUٴl,SwKK?IfHQ|dD=cȀ[];oo(Y1S.'SJ}sXŘRssu6`9u:W )tLhݑ{kD.qvY 4ڃXS8|sV"͆pR8uBD>`'O_ͥ41#`"+;t%k\GZkfh,,mF$骏35',Ͽbg\g|SmeGb/E`?xRadz[!yv̈s(I^"{uGUƿ)>   IvT$.\nq_+W#g"?f}˗#>̵}_-tҼr' U\њ˄Uv>:.c)OVI,\yk-<6Pb(6GQe݀HM0 |{GJ~>szg$SS$/Ns-MJl>!H[ܠņk:ND,xoo-bʰ^FꂜK"Լ}Q5%:7Y\~$?gE&4h'w/q/FK5~ ry 9ڣwMkWGk<^=<֪C5 8-y\\ kz]>?b}b|.GΤE@MźEL$?)q_5 2=#QC&{Js|U2)>!IGw;]a &/ti c[}B1d_'졺gVO&xMh\ Qٜy-Fo^.eÜlG?| Tc 7 cMY`MU6ED  :y)[⃳T|sq4B5e@Wbe?$ZMukAH|7;+Ir}w wDyл+o^ 9OK'ud& Vy <65c!-vXׯC&e``~cgM^3MpH iZŔ&[2aI5]1&gFX䷎$ŋn/dx"BX.*)构OWƊ׌^bgF?\m]3f3Cc{`}%_ 9™ v6n0Ompf!xq-8LBp&wxfy9D1yom+>m:;Ѻxk~'k ~mjvF7vNiuA,wы\;a΋&:0dhk36`|#M'y'\iiTp!KJ9SP#pj\ӱ³3$1@c+/%'$6.`}u4 Qɫ^%^4  A9M{n47j"Zk|]]@uCEj }srM [6nOwy&4Ir;/D ;sNrW,۹^˼5`v8h50 Q ,7GQYnK$ZW,W'CD K+Ѽz ,#:"i-e}nV?c -!ArMbUCbcڃc2كtW,u2D4 b}!8 2XlW Kw1O8).PgF)ӿ wy386GXS`^K'L.b <= V=l)Q쑴xL,]u`)_xb;1ִF9#7m+w sN*ưlΐxyj(8T=r?H!&`gJp9g qT' _A>S@]Us:!Q8&@m٣X\B]ekmj  w̨Owkmn]*8:AOm PȊ|zjwؖܮQqu/ /&+)ԑ[{&q {™h\` ϩ.NkOq2Ӆ [&U\<>ۻYùEs V!H-U# )1g3G/SedL0"A2dLrjeXެN(0=S?ʍPaޕQF{"LJؔo8qza+ݲȪ*~9"@Q|L>zieЃ7Ȫ=m(3"C9g _밚{ҥ58@I< [Q+P BOK@*Ŝ{Ȇ ϐ͡L{`{`DVO^/f0JLd0y:=.p,킈M"02[/ƣS”A~.jJLObix9T~gT14xħ68qjGtOu;f Yœ1 Cnͦ%KVp!|1Et32"lV.ڎm%J/MhhJo٨e9}tM.Τյ/L^4K-ސĊd@WYf< G!SUw9s&7x??OY")/Awz=qq@$0CQ]qZM$x,&&+V6aHB&[T }"RnE0٬ԵkL#,k15d wUCฐ<^ΧfmrwK)*w ,w]{qI6?׷ =ɋA}5fQKSq"2p BL<-ıۀՌbtuCܡV4Y`u)-ѠIqoojUW*ee( p>*Qh;|U3vMf fRzHdi 2n&Cwnoצ~4`FRT]g[gÂHVF5 \)B.@c*YgrRMTs kճ?H?M01gA! $F}t*m4oG  W&'o$Dr|]JV #5%nZAM0 Lm!0hlAH, Z2r 6:xR~XO6wRUx]Nn~Ž}Y_1F*A~ŞUZo%̜.pWhSE'$Y Z׶y"pYqXcg aBdh9{B9LX%_&KעPʀvbPHgn\ju[C}L:}YbK0=Ymj,FW:aBuфD?͎h?J1 ut"j|FVؐW GEa_XpyZl`C#j$19%hWvY\fQ?K9=멡(2ZhCgIV2LlweePglr%Pq t hC>JO X05[{kߊYoؙ'6 MΓm݋ |빺:7| W"P&<Ͱ.Q/) ſѰ(Va yqtsY^Il*zXޓ Ba+{P92ct\@A hN+D|~7+9KCM 4mW\屼Ͻ lw B ,R"R1{b$p#:tP\vQt;ZG ʕJ1ͦplnt{(l }wK/wg9:)k#92Ḻlihzgwsu=ՖrXZsry<@-x73XQo*_ɔ:U`ӕU@gIlad3k{21~SK/$qS:W%="`;0ͺ)ǏZVV$īq|)A DY!X}:a%^E5uS&U ?`yPn̖sSbzsNݑ>YiޢlOj8&ң󰮜  #>fFSСF]YABB<%Hbk<23L{FۿIZ͖a {0tu`"9ʍ/X6&)у 4DVvP߳R|ʑxD&$l? \'>/l訙AM -K[PgQՔw݉Ϙfm|tJ*?KGl8NuV2; ҭ*dBAI ɂvHuu1-FE^L=,H 8Ĕ5i081$nTy!ՑϪEMpj޷񟽣Jū*l6EXzuuw8B-鉁{K!?qmȌ ;ւv"*yZp? rx[*H28gV+;+ _je|ْ`}`SmyU6@hl":̬=n|ykHR_Ljl,g%{0nqA_BAzH{wͯ9(ȉ2Ú'm'2q8wGJvwng8fe:z=a䋅:`q$f& HL[D){:AGFamiU=M{8?+Zժx٫EݘRV Hl;2ÂCߐ} X#/#pc^ɜ.v5o3&7WҬrï5Tq7іo3,P\PGN{%fZYaOLߌB o!Ml׼I$N}|4,.ZaZ0rFӜC8WtJTI5[Q$X:"w"v0b!ŝ$b-Y4 G/G+%-QlJإ7wx(yk&ΰ5W3CҐ#Bv G4}DأJeh.#e{薤D|UL=KM95P㸯U)bP7@1 Eܴ;18eέpa7Qk[dv s*Pa%j,>iJ};p"!$Ll$co*'qިcl_Q{z 9^+Iͦe# QXWĹ_q h$D,.]ѫXA6.IZSM.s, XHgVؠuIO\ƈI:/-@vV@ pWY5dYZ6%H8z+5#Ϻ\O%CMcF Venªr(R%4Ti B$x}8~!T Ac*HhuodPNA]ciyu\|P%\P/CJyks=2ub߀POH--A AꯦxR*9F+u|I 1GSTUj6Ìf,@LdݞuTz淈@VY\?j(S> {̞h:c9>݃ȇ}r=4AhrGڊDi>+?%Z9G$hak ?EcbU*M0ݦ BN 7%]0>;԰a| :j1XY[Ø*[%avB;A* ܅!pФ,;,TH3f_9=Ƅ~+,E&(,H DiK&DJ=M26om᜵Lq<~oI1FxB `3O7~$A*x2\4L¥EFX8XAKC"ڭI~4GhRK AIVne_,i ?ԩ{C 1]@:Ԃ9?rN I}nCb?&a]56Jq54NeB,&eWiLyWiP ꝋƌ¸q|`k$ee[O獣Vn@5ɽ_;BhS'l"\?J{ D è{|C.#9l({Ȋ91dq, {6ߩͯdq/X+ g+]B :4*vr#$農N9 [QT149D\oF"'4AS%v.*ne[{H+/EDe`VAko$8x!c.3ZӄVu{  ȥwl}4NDg߳l@ksj0qKE4 R!DVֺW錙EuN5Ŕh!Vo'P(Bj贿bD)SfDuGwkvX|[pO -\3W^Wx;&CiH4q|N^6cK{? )Nژ9U@U˫%&S Lhܹck&h \ BA>kU1!;!*ZX+|y:?5E B|?|÷in8 ͐FjApH |kW52z&×6d%O蛭C,Qc ̓҄@DhK{$'DNãG~'=zA1+.Qgr'q{q̲:\/.c>6]C/rĪ$ [ qsk8'T4@oY+#|~L!oTV?]!xڗ#̤ۤJP. YZ