mod_proxy_html-1:2.4.37-61.module_el8+563+4ebf229f >  H   d U] +mMF _bfP hJD"v $=DZSb6kE|* |7՜LK'xF5$~Uz ɁaN99ISH \p)w[9Bzfhtnp;)ͯ=9?=y| g ~抬2rN#rXhzHX*_[#î":A4@p]V%α8 =½3ݑOܥB@?%lpMsDLx1Yf εۅ 2∻1hmd߮T(i@ ߻PǨnR-0Ekkm1MXZ!p34Y1(g}#"K/ ^?~#=tw>ᱣ&c}|- Stj)aS@\~+{\+/oq_ž)8ILn*ΛK5?yda5bd4ec1a4fcd70c2339a3fe660b5db00ef245a046aeb39b90de3912fd1bd14b7da17127ff98e68c6933650f9c60c20b94d7bcb0302047c435bb500663064023061da8fb38a10e7dcaba80125144017243a318fa63d03d63ef23350c5110645e4a419f4dacff395aa7932a61c89e9c9fc02303a7de1c7924b851afc350876a9c705038ef980d88778ce84e3c38a298c46968b7167e9c80a94e6b714f8e1dd6f59751a0302047c435bb5006730650230455217b6738b1c7057f6db98ea2d1c8c57d4e4c3bc336b3c89f11559515c0303865607de068265cd0e93173092e113ab023100de300f87ab6647015105cfb90c681329f3abe98007f3ee95a6844ea8236643275c0e71b672a289fee2f6feef68b1e87d0302047c435bb5006730650230455217b6738b1c7057f6db98ea2d1c8c57d4e4c3bc336b3c89f11559515c0303865607de068265cd0e93173092e113ab023100de300f87ab6647015105cfb90c681329f3abe98007f3ee95a6844ea8236643275c0e71b672a289fee2f6feef68b1e87d0302047c435bb5006730650230455217b6738b1c7057f6db98ea2d1c8c57d4e4c3bc336b3c89f11559515c0303865607de068265cd0e93173092e113ab023100de300f87ab6647015105cfb90c681329f3abe98007f3ee95a6844ea8236643275c0e71b672a289fee2f6feef68b1e87d0302047c435bb500683066023100d20c59c632380e6655740a8d6282bfefd195e908a5fe5cee95d811f6d0e9df6f2dfdb6d1c3dde638919f1a6b1e8d8bde023100a0ff01c1ae941263298b17990ddf1fe37e3de2cebaa37b1add86845a7ce69141aa29342f656d0ad11cebde549b93d1670302047c435bb50066306402302c5d7e2c78c896b698309e56ca74782551e823fd7ee717c1565fc74dec98ab68a0f60534ebb00964f88487df416340c102302c4b704ca671fd4cbdb93fec6901c6ae705a5fa06dbd8d38ad6a87d4daa2710ec40239752bcb8a8077a8ba016df173efd U]A*Rg3*\-zu]RQDnJ8:&eȸtH_.j9JƗw*S$OW/Yg){1J4きg_5E|#jăg!7Wdұ)pbZOcY'?(+yVޅ8d~H.mѹT'&$z LKz4ˎm#=0OÓbn?D8Vq'Y6#LdsDE|:\Xr[!cNxS]ҿ}5^l<}#'Ba3f] z̸ނN❦^ \,8`6uowj^faad󈐪!ζGM*ń崥ȜI,D=ћL36R#5\<>PAw?gd4 8 p 1Lflt     &Dt(I8P9 8:6BGHIXYZ[\]^3bdefltu,vDwtxy@DCmod_proxy_html2.4.3761.module_el8+563+4ebf229fHTML and XML content filters for the Apache HTTP ServerThe mod_proxy_html and mod_xml2enc modules provide filters which can transform and modify HTML and XML content.d1x86-04.stream.rdu2.redhat.comCentOSCentOSASL 2.0builder@centos.orgSystem Environment/Daemonshttps://httpd.apache.org/linuxx86_6425_(Ad1d1d1d1d1d1a2211995b7e55b781f68666664f0bcd84550ed9a16edee07121f63477dfaaffa280b2bd63901b93d3fcff24129b3e8c94cc41088a9e60c559aac8e123f1889578eaf8c8d5c8d9e683a1a0a18e8e6621ee1ac76c660f4bb70cade7133fb543d72../../../../usr/lib64/httpd/modules/mod_xml2enc.so../../../../usr/lib64/httpd/modules/mod_proxy_html.sorootrootrootrootrootrootrootrootrootrootrootroothttpd-2.4.37-61.module_el8+563+4ebf229f.src.rpmconfig(mod_proxy_html)mod_proxy_htmlmod_proxy_html(x86-64)@@@@@@@@@@    @config(mod_proxy_html)httpdhttpd-mmnlibc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.4)(64bit)libpthread.so.0()(64bit)libxml2.so.2()(64bit)libxml2.so.2(LIBXML2_2.4.30)(64bit)libxml2.so.2(LIBXML2_2.5.2)(64bit)libxml2.so.2(LIBXML2_2.6.0)(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)1:2.4.37-61.module_el8+563+4ebf229f0:2.4.37-61.module_el8+563+4ebf229f20120211x86643.0.4-14.6.0-14.0-15.2-14.14.3d!d-@d-@d-@doMdJcdcck@cck@c(Ybޅbb2@b8haNaaaawaU`:@`f@`@`@_м@__@_:_^b^(@^@^]]@]߶]҇]@]g@]-@]]@\7\Z@\Yz\T4\\U@[@[[[@[H[u[[[ā@[ā@[ā@[@[@["@[YZ@Z@Z@Yp@Y{Y@Y@YéYéYéYéYX@YYYYx@Ym@YlYf@Ycl@YV=@YGY5GY@YXۡXP@X @X@XwoX[@X[@XEVX)@X@WW~D@W~D@W~D@WKW@VVVVn@VhV.VCV@UK@U@Ua@UF@UQUQTp@T=@T@T @TT_Tk@Tk@S0S@SGS@SS/SS@SSS"@SS5d@S4S&Sz@Sz@S(S@R@RRG@R@R@RsRrF@Ri Re@RVQ@QQޞ@QQo@Q@QQV@Q@Qo@Qm=@QQQ,Q,Q']QP @P6@P6@P{@PPl(PiPiPiPiPYPQPIP3x@P3x@PPO@OO@O@OЗOЗOF@OF@OF@O]@O"O"O@O@O@O@O@O@OOOOOOleOleO_6O_6O_6OU@O8@O8@O5OKO@ONNS@N{#@NoENdNBrN)f@N&@N@N MM>MMn1@MdMRMF@M(QM$]@M$]@M# L@L@LLMxL7@K@Tomas Korbar - 2.4.37-61Tomas Korbar - 2.4.37-60Tomas Korbar - 2.4.37-59Tomas Korbar - 2.4.37-58Luboš Uhliarik - 2.4.37-57Luboš Uhliarik - 2.4.37-56.5Luboš Uhliarik - 2.4.37-56.4Luboš Uhliarik - 2.4.37-56Luboš Uhliarik - 2.4.37-55Luboš Uhliarik - 2.4.37-54Luboš Uhliarik - 2.4.37-53Tomas Korbar - 2.4.37-52Luboš Uhliarik - 2.4.37-51Luboš Uhliarik - 2.4.37-50Luboš Uhliarik - 2.4.37-49Luboš Uhliarik - 2.4.37-48Luboš Uhliarik - 2.4.37-47Luboš Uhliarik - 2.4.37-46Luboš Uhliarik - 2.4.37-45Luboš Uhliarik - 2.4.37-44Luboš Uhliarik - 2.4.37-43Luboš Uhliarik - 2.4.37-42Luboš Uhliarik - 2.4.37-41Lubos Uhliarik - 2.4.37-40Artem Egorenkov - 2.4.37-39Lubos Uhliarik - 2.4.37-38Lubos Uhliarik - 2.4.37-37Lubos Uhliarik - 2.4.37-36Lubos Uhliarik - 2.4.37-35Lubos Uhliarik - 2.4.37-33Lubos Uhliarik - 2.4.37-31Joe Orton - 2.4.37-30Lubos Uhliarik - 2.4.37-29Lubos Uhliarik - 2.4.37-28Lubos Uhliarik - 2.4.37-27Lubos Uhliarik - 2.4.37-21Lubos Uhliarik - 2.4.37-20Joe Orton - 2.4.37-19Lubos Uhliarik - 2.4.37-18Lubos Uhliarik - 2.4.37-17Lubos Uhliarik - 2.4.37-16Lubos Uhliarik - 2.4.37-15Lubos Uhliarik - 2.4.37-14Lubos Uhliarik - 2.4.37-13Lubos Uhliarik - 2.4.37-11Lubos Uhliarik - 2.4.37-10Lubos Uhliarik - 2.4.37-9Joe Orton - 2.4.37-8Joe Orton - 2.4.37-7Joe Orton - 2.4.37-6Luboš Uhliarik - 2.4.37-5Luboš Uhliarik - 2.4.37-4Luboš Uhliarik - 2.4.37-3Joe Orton - 2.4.37-2Lubos Uhliarik - 2.4.37-1Luboš Uhliarik - 2.4.35-10Lubos Uhliarik - 2.4.35-9Joe Orton - 2.4.35-7Joe Orton - 2.4.35-5Lubos Uhliarik - 2.4.35-4Lubos Uhliarik - 2.4.35-3Lubos Uhliarik - 2.4.35-2Lubos Uhliarik - 2.4.35-1Lubos Uhliarik - 2.4.33-4Joe Orton - 2.4.33-3Luboš Uhliarik - 2.4.33-2Joe Orton - 2.4.28-8Luboš Uhliarik - 2.4.28-2Luboš Uhliarik - 2.4.28-1Joe Orton - 2.4.27-14Joe Orton - 2.4.27-13Joe Orton - 2.4.27-12Stephen Gallagher - 2.4.27-11Jeroen van Meeuwen - 2.4.27-10Joe Orton - 2.4.27-9Jeroen van Meeuwen - 2.4.27-8Stephen Gallagher - 2.4.27-8.1Joe Orton - 2.4.27-8.1Joe Orton - 2.4.27-7Fedora Release Engineering - 2.4.27-6Fedora Release Engineering - 2.4.27-5Joe Orton - 2.4.27-4Joe Orton - 2.4.27-3Luboš Uhliarik - 2.4.27-2Luboš Uhliarik - 2.4.27-1Joe Orton - 2.4.26-2Luboš Uhliarik - 2.4.26-1Joe Orton - 2.4.25-10Joe Orton - 2.4.25-9Joe Orton - 2.4.25-8Luboš Uhliarik - 2.4.25-7Luboš Uhliarik - 2.4.25-6Joe Orton - 2.4.25-5Fedora Release Engineering - 2.4.25-4Joe Orton - 2.4.25-3Luboš Uhliarik - 2.4.25-2Luboš Uhliarik - 2.4.25-1Luboš Uhliarik - 2.4.23-7Joe Orton - 2.4.23-6Joe Orton - 2.4.23-5Joe Orton - 2.4.23-4Joe Orton - 2.4.23-3Joe Orton - 2.4.23-2Joe Orton - 2.4.23-1Joe Orton - 2.4.18-6Joe Orton - 2.4.18-5Joe Orton - 2.4.18-4Joe Orton - 2.4.18-3Fedora Release Engineering - 2.4.18-2Jan Kaluza - 2.4.18-1Joe Orton - 2.4.17-4Jan Kaluza - 2.4.17-3Jan Kaluza - 2.4.17-2Joe Orton - 2.4.17-1Jan Kaluza - 2.4.12-4Joe Orton - 2.4.12-3Fedora Release Engineering - 2.4.12-2Jan Kaluza - 2.4.12-1Jan Kaluza - 2.4.10-17Jan Kaluza - 2.4.10-16Jan Kaluza - 2.4.10-15Joe Orton - 2.4.10-14Jan Kaluza - 2.4.10-13Jan Kaluza - 2.4.10-12Jan Kaluza - 2.4.10-11Jan Kaluza - 2.4.10-10Joe Orton - 2.4.10-9Joe Orton - 2.4.10-8Jan Kaluza - 2.4.10-7Joe Orton - 2.4.10-6Fedora Release Engineering - 2.4.10-5Jan Kaluza - 2.4.10-4Jan Kaluza - 2.4.10-3Joe Orton - 2.4.10-2Joe Orton - 2.4.10-1Jan Kaluza - 2.4.9-8Jan Kaluza - 2.4.9-7Jan Kaluza - 2.4.9-6Joe Orton - 2.4.9-5Fedora Release Engineering - 2.4.9-4Jan Kaluza - 2.4.9-3Jan Kaluza - 2.4.9-2Jan Kaluza - 2.4.9-1Joe Orton - 2.4.7-6Stephen Gallagher 2.4.7-5Jan Kaluza - 2.4.7-4Jan Kaluza - 2.4.7-3Joe Orton - 2.4.7-2Joe Orton - 2.4.7-1Joe Orton - 2.4.6-10Joe Orton - 2.4.6-9Joe Orton - 2.4.6-8Jan Kaluza - 2.4.6-7Joe Orton - 2.4.6-6Jan kaluza - 2.4.6-5Joe Orton - 2.4.6-4Jan Kaluza - 2.4.6-3Jan Kaluza - 2.4.6-2Joe Orton - 2.4.6-1Jan Kaluza - 2.4.4-12Joe Orton - 2.4.4-11Joe Orton - 2.4.4-10Joe Orton - 2.4.4-9Jan Kaluza - 2.4.4-8Jan Kaluza - 2.4.4-7Jan Kaluza - 2.4.4-6Jan Kaluza - 2.4.4-5Jan Kaluza - 2.4.4-4Jan Kaluza - 2.4.4-3Joe Orton - 2.4.4-2Joe Orton - 2.4.4-1Joe Orton - 2.4.3-17Fedora Release Engineering - 2.4.3-16Joe Orton - 2.4.3-15Joe Orton - 2.4.3-14Joe Orton - 2.4.3-13Joe Orton - 2.4.3-12Joe Orton - 2.4.3-11Joe Orton - 2.4.3-10Joe Orton - 2.4.3-9Joe Orton - 2.4.3-8Joe Orton - 2.4.3-7Jan Kaluza - 2.4.3-6Joe Orton - 2.4.3-5Joe Orton - 2.4.3-4Jan Kaluza - 2.4.3-3Joe Orton - 2.4.3-2Joe Orton - 2.4.3-1Joe Orton - 2.4.2-23Fedora Release Engineering - 2.4.2-22Joe Orton - 2.4.2-21Joe Orton - 2.4.2-20Joe Orton - 2.4.2-19Joe Orton - 2.4.2-18Joe Orton - 2.4.2-17Joe Orton - 2.4.2-16Joe Orton - 2.4.2-15Joe Orton - 2.4.2-14Joe Orton - 2.4.2-13Joe Orton - 2.4.2-12Joe Orton - 2.4.2-11Joe Orton - 2.4.2-10Joe Orton - 2.4.2-9Joe Orton - 2.4.2-8Joe Orton - 2.4.2-7Joe Orton - 2.4.2-6Joe Orton - 2.4.2-5Joe Orton - 2.4.2-4Joe Orton - 2.4.2-3Joe Orton - 2.4.2-2Jan Kaluza - 2.4.2-1Joe Orton - 2.4.1-6Joe Orton - 2.4.1-5Joe Orton - 2.4.1-4Joe Orton - 2.4.1-3Joe Orton - 2.4.1-2Joe Orton - 2.4.1-1Joe Orton - 2.2.22-2Joe Orton - 2.2.22-1Petr Pisar - 2.2.21-8Jan Kaluza - 2.2.21-7Joe Orton - 2.2.21-6Fedora Release Engineering - 2.2.21-5Jan Kaluza - 2.2.21-4Jan Kaluza - 2.2.21-3Ville Skyttä - 2.2.21-2Joe Orton - 2.2.21-1Joe Orton - 2.2.20-1Jan Kaluza - 2.2.19-5Iain Arnell 1:2.2.19-4Jan Kaluza - 2.2.19-3Jan Kaluza - 2.2.19-2Joe Orton - 2.2.19-1Joe Orton - 2.2.17-13Joe Orton - 2.2.17-12Joe Orton - 2.2.17-11Joe Orton - 2.2.17-10Joe Orton - 2.2.17-9Fedora Release Engineering - 2.2.17-8Joe Orton - 2.2.17-7Joe Orton - 2.2.17-6Joe Orton - 2.2.17-5Joe Orton - 2.2.17-4Joe Orton - 2.2.17-3Joe Orton - 2.2.17-2Joe Orton - 2.2.17-1Joe Orton - 2.2.16-2Joe Orton - 2.2.16-1Joe Orton - 2.2.15-3Robert Scheck - 2.2.15-1- Fix issue found by covscan - Related: #2159603- Another rebuild because of mistake in workflow - Related: #2159603- Rebuild because of mistake in workflow - Related: #2159603- Resolves: #2159603 - mod_status lists BusyWorkers IdleWorkers keys twice- Resolves: #2176723 - CVE-2023-27522 httpd:2.4/httpd: mod_proxy_uwsgi HTTP response splitting- Resolves: #2190133 - mod_rewrite regression with CVE-2023-25690- Resolves: #2177748 - CVE-2023-25690 httpd:2.4/httpd: HTTP request splitting with mod_rewrite and mod_proxy- Resolves: #2162499 - CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write of zero byte - Resolves: #2162485 - CVE-2022-37436 httpd: mod_proxy: HTTP response splitting - Resolves: #2162509 - CVE-2022-36760 httpd: mod_proxy_ajp: Possible request smuggling- Resolves: #2155961 - prevent sscg creating /dhparams.pem- Resolves: #2095650 - Dependency from mod_http2 on httpd broken- Resolves: #2050888 - httpd with SSL fails to start unless hostname command was installed- Add the SNI support in mod_proxy_wstunnel module for Apache httpd - Resolves: rhbz#2017543- Resolves: #2097015 - CVE-2022-28614 httpd:2.4/httpd: out-of-bounds read via ap_rwrite() - Resolves: #2097031 - CVE-2022-28615 httpd:2.4/httpd: out-of-bounds read in ap_strcmp_match() - Resolves: #2097458 - CVE-2022-30522 httpd:2.4/httpd: mod_sed: DoS vulnerability - Resolves: #2097480 - CVE-2022-30556 httpd:2.4/httpd: mod_lua: Information disclosure with websockets - Resolves: #2098247 - CVE-2022-31813 httpd:2.4/httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism - Resolves: #2097451 - CVE-2022-29404 httpd:2.4/httpd: mod_lua: DoS in r:parsebody - Resolves: #2096997 - CVE-2022-26377 httpd:2.4/httpd: mod_proxy_ajp: Possible request smuggling- Resolves: #2065237 - CVE-2022-22719 httpd:2.4/httpd: mod_lua: Use of uninitialized value of in r:parsebody - Resolves: #2065267 - CVE-2022-22721 httpd:2.4/httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody - Resolves: #2065324 - CVE-2022-23943 httpd:2.4/httpd: mod_sed: Read/write beyond bounds- Resolves: #2090848 - CVE-2020-13950 httpd:2.4/httpd: mod_proxy NULL pointer dereference- Resolves: #2065249 - CVE-2022-22720 httpd:2.4/httpd: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier- Resolves: #2035030 - CVE-2021-44224 httpd:2.4/httpd: possible NULL dereference or SSRF in forward proxy configurations- Resolves: #2035063 - CVE-2021-44790 httpd:2.4/httpd: mod_lua: possible buffer overflow when parsing multipart content- Resolves: #2007199 - CVE-2021-36160 httpd:2.4/httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path - Resolves: #1972491 - CVE-2021-33193 httpd:2.4/mod_http2: Request splitting via HTTP/2 method injection and mod_proxy- Resolves: #1968278 - CVE-2020-35452 httpd:2.4/httpd: Single zero byte stack overflow in mod_auth_digest - Resolves: #2001046 - Apache httpd OOME with mod_dav in RHEL 8 - Resolves: #2005128 (CVE-2021-34798) - CVE-2021-34798 httpd: NULL pointer dereference via malformed requests - Resolves: #1984828 - mod_proxy_hcheck piles up health checks leading to high memory consumption - Resolves: #2005119 - CVE-2021-39275 httpd: out-of-bounds write in ap_escape_quotes() via malicious input- Related: #2007236 - CVE-2021-40438 httpd:2.4/httpd: mod_proxy: SSRF via a crafted request uri-path- Resolves: #2007236 - CVE-2021-40438 httpd:2.4/httpd: mod_proxy: SSRF via a crafted request uri-path - Resolves: #1969229 - CVE-2021-26691 httpd:2.4/httpd: Heap overflow in mod_session- Resolves: #1680111 - httpd sends reply to HTTPS GET using two TLS records - Resolves: #1905613 - mod_ssl does not like valid certificate chain - Resolves: #1935742 - [RFE] backport samesite/httponly/secure flags for usertrack - Resolves: #1972500 - CVE-2021-30641 httpd:2.4/httpd: MergeSlashes regression - Resolves: #1968307 - CVE-2021-26690 httpd:2.4/httpd: mod_session NULL pointer dereference in parser - Resolves: #1934741 - Apache trademark update - new logo- Resolves: #1952557 - mod_proxy_wstunnel.html is a malformed XML - Resolves: #1937334 - SSLProtocol with based virtual hosts- prevent htcacheclean from while break when first file processed- Resolves: #1918741 - Thousands of /tmp/modproxy.tmp.* files created by apache- Resolves: #1883648 - [RFE] Update httpd directive SSLProxyMachineCertificateFile to be able to handle certs without matching private key- Resolves: #1896176 - [RFE] ProxyWebsocketIdleTimeout from httpd mod_proxy_wstunnel - Resolves: #1847585 - mod_ldap: High CPU usage at apr_ldap_rebind_remove()- Resolves: #1651376 - centralizing default index.html for httpd- Resolves: #1868608 - Intermittent Segfault in Apache httpd due to pool concurrency issues - Resolves: #1861380 - httpd/mod_proxy_http/mod_ssl aborted when sending a client cert to backend server - Resolves: #1680118 - unorderly connection close when client attempts renegotiation- Resolves: #1677590 - CVE-2018-17199 httpd:2.4/httpd: mod_session_cookie does not respect expiry time - Resolves: #1869075 - CVE-2020-11984 httpd:2.4/httpd: mod_proxy_uswgi buffer overflow - Resolves: #1872828 - httpd: typo in htpasswd, contained in httpd-tools package - Resolves: #1869576 - httpd : mod_proxy should allow to specify Proxy-Authorization in ProxyRemote directive - Resolves: #1875844 - mod_cgid takes CGIDScriptTimeout x 2 seconds for timeout - Resolves: #1891829 - mod_proxy_hcheck Doesn't perform checks when in a balancer- Resolves: #1209162 - support logging to journald from CustomLog- Resolves: #1823263 (CVE-2020-1934) - CVE-2020-1934 httpd: mod_proxy_ftp use of uninitialized value- Related: #1771847 - BalancerMember ping parameter for mod_proxy_http doesn't work- Resolves: #1823259 - CVE-2020-1927 httpd:2.4/httpd: mod_rewrite configurations vulnerable to open redirect - Resolves: #1747284 - CVE-2019-10098 httpd:2.4/httpd: mod_rewrite potential open redirect - Resolves: #1747281 - CVE-2019-10092 httpd:2.4/httpd: limited cross-site scripting in mod_proxy error page - Resolves: #1747291 - CVE-2019-10097 httpd:2.4/httpd: null-pointer dereference in mod_remoteip - Resolves: #1771847 - BalancerMember ping parameter for mod_proxy_http doesn't work - Resolves: #1794728 - Backport of SessionExpiryUpdateInterval directive- Resolves: #1775158 - POST request with TLS 1.3 PHA client auth fails: Re-negotiation handshake failed: Client certificate missing- Resolves: #1704317 - Add support for SSLKEYLOGFILE- mod_cgid: enable fd passing (#1633224)- Resolves: #1744121 - Unexpected OCSP in proxy SSL connection - Resolves: #1725031 - htpasswd: support SHA-x passwords for FIPS compatibility - Resolves: #1633224 - mod_cgid logging issues- remove bundled mod_md module - Related: #1747898 - add mod_md package- Resolves: #1744999 - CVE-2019-9511 httpd:2.4/mod_http2: HTTP/2: large amount of data request leads to denial of service - Resolves: #1745086 - CVE-2019-9516 httpd:2.4/mod_http2: HTTP/2: 0-length headers leads to denial of service - Resolves: #1745154 - CVE-2019-9517 httpd:2.4/mod_http2: HTTP/2: request for large response leads to denial of service- Resolves: #1730721 - absolute path used for default state and runtime dir by default- Resolves: #1724549 - httpd response contains garbage in Content-Type header- Resolves: #1696142 - CVE-2019-0217 httpd:2.4/httpd: mod_auth_digest: access control bypass due to race condition - Resolves: #1696097 - CVE-2019-0220 httpd:2.4/httpd: URL normalization inconsistency - Resolves: #1669221 - `ExtendedStatus Off` directive when using mod_systemd causes systemctl to hang - Resolves: #1673022 - httpd can not be started with mod_md enabled- Resolves: #1695432 - CVE-2019-0211 httpd: privilege escalation from modules scripts - Resolves: #1696091 - CVE-2019-0215 httpd:2.4/httpd: mod_ssl: access control bypass when using per-location client certification authentication- Resolves: #1672977 - state-dir corruption on reload- Resolves: #1670716 - Coredump when starting in FIPS mode- add security fix for CVE-2019-0190 (#1671282)- add DefaultStateDir/ap_state_dir_relative() (#1653009) - mod_dav_fs: use state dir for default DAVLockDB - mod_md: use state dir for default MDStoreDir- add httpd.conf(5) (#1611361)- Resolves: #1652966 - Missing RELEASE in http header- Resolves: #1641951 - No Documentation= line in htcacheclean.service files- Resolves: #1643713 - TLS connection allowed while all protocols are forbidden- mod_ssl: fix off-by-one causing crashes in CGI children (#1649428)- Resolves: #1644625 - httpd rebase to 2.4.37- Related: #1493510 - RFE: httpd, add IP_FREEBIND support for Listen- mod_ssl: allow sending multiple CA names which differ only in case- mod_ssl: drop SSLRandomSeed from default config (#1638730) - mod_ssl: follow OpenSSL protocol defaults if SSLProtocol is not configured (Rob Crittenden, #1638738)- mod_ssl: don't require SSLCryptoDevice to be set for PKCS#11 cert- Resolves: #1635681 - sync with Fedora 28/29 httpd - comment-out SSLProtocol, SSLProxyProtocol from ssl.conf in default configuration; now follow OpenSSL system default (#1468322) - dropped NPN support - mod_md: change hard-coded default MdStoreDir to state/md (#1563846) - don't block on service try-restart in posttrans scriptlet - build and load mod_brotli - mod_systemd: show bound ports in status and log to journal at startup - updated httpd.service.xml man page - tweak wording in privkey passphrase prompt - drop sslmultiproxy patch - apachectl: don't read /etc/sysconfig/httpd - drop irrelevant Obsoletes for devel subpackage - move instantiated httpd@.service to main httpd package- Resolves: #1602548 - various covscan fixes- apache httpd can work with TLS 1.3 (#1617997) - drop SSLv3 support patch- new version 2.4.35 (#1632754)- mod_ssl: enable SSLv3 and change behavior of "SSLProtocol All" configuration (#1622630)- mod_ssl: add PKCS#11 cert/key support (Anderson Sasaki, #1527084)- new version 2.4.33 - add mod_md subpackage; load mod_proxy_uwsgi by default- remove %ghosted /etc/sysconfig/httpd (#1572676)- Resolves: #1512563 - httpd: update welcome page branding - Resolves: #1511123 - RFE: httpd use event MPM by default - Resolves: #1493510 - RFE: httpd, add IP_FREEBIND support for Listen- new version 2.4.28- add notes on enabling httpd_graceful_shutdown boolean for prefork- drop Requires(post) for mod_ssl- better error handling in httpd-ssl-gencerts (#1494556)- Require sscg 2.2.0 for creating service and CA certificates together- Address CVE-2017-9798 by applying patch from upstream (#1490344)- use sscg defaults; append CA cert to generated cert - document httpd-init.service in httpd-init.service(8)- Address CVE-2017-9798 by applying patch from upstream (#1490344)- Generate SSL certificates on service start, not %posttrans- move httpd.service.d, httpd.socket.d dirs to -filesystem- add new content-length filter (upstream PR 61222)- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- update mod_systemd (r1802251)- switch to event by default for Fedora 27 and later (#1471708)- Resolves: #1469959 - httpd update cleaned out /etc/sysconfig- new version 2.4.27- mod_proxy_fcgi: fix further regressions (PR 61202)- new version 2.4.26- move unit man pages to section 8, add as Documentation= in units- add httpd.service(5) and httpd.socket(5) man pages- require mod_http2, now packaged separately- Resolves: #1397243 - Backport Apache Bug 53098 - mod_proxy_ajp: patch to set worker secret passed to tomcat- Resolves: #1434916 - httpd.service: Failed with result timeout- link only httpd, not support/* against -lselinux -lsystemd- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild- mod_watchdog: restrict thread lifetime (#1410883)- Resolves: #1358875 - require nghttp2 >= 1.5.0- new version 2.4.25- Resolves: #1401530 - CVE-2016-8740 httpd: Incomplete handling of LimitRequestFields directive in mod_http2- fix build with OpenSSL 1.1 (#1392900) - fix typos in ssl.conf (josef randinger, #1379407)- no longer package /etc/sysconfig/httpd - synch ssl.conf with upstream- add security fix for CVE-2016-5387- load mod_watchdog by default (#1353582)- restore build of mod_proxy_fdpass (#1325883) - improve check tests to catch configured-but-not-built modules- update to 2.4.23 (#1325883, #1353203) - load mod_proxy_hcheck - recommend use of "systemctl edit" in httpd.service- have "apachectl graceful" start httpd if not running, per man page- use redirects for lang-specific /manual/ URLs- fix welcome page HTML validity (Ville Skyttä)- remove httpd pre script (duplicate of httpd-filesystem's) - in httpd-filesystem pre script, create group/user iff non-existent- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- update to new version 2.4.18- re-enable mod_asis due to popular demand (#1284315)- fix crash when using -X argument (#1272234)- rebase socket activation patch to 2.4.17- update to 2.4.17 (#1271224) - build, load mod_http2 - don't build mod_asis, mod_file_cache - load mod_cache_socache, mod_proxy_wstunnel by default - check every built mod_* is configured - synch ssl.conf with upstream; disable SSLv3 by default- update to 2.4.16- mod_ssl: use "localhost" in the dummy SSL cert if len(FQDN) > 59 chars- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild- update to 2.4.12- fix compilation with lua-5.3- remove filter for auto-provides of httpd modules, it is not needed since F20- core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704) - mod_cache: fix NULL pointer dereference on empty Content-Type (CVE-2014-3581) - mod_proxy_fcgi: fix a potential crash with long headers (CVE-2014-3583) - mod_lua: fix handling of the Require line when a LuaAuthzProvider is used in multiple Require directives with different arguments (CVE-2014-8109)- require apr-util 1.5.x- use NoDelay and DeferAcceptSec in httpd.socket- increase suexec minimum acceptable uid/gid to 1000 (#1136391)- fix hostname requirement and conflict with openssl-libs- use KillMode=mixed in httpd.service (#1135122)- set vstring based on /etc/os-release (Pat Riehecky, #1114539)- pull in httpd-filesystem as Requires(pre) (#1128328) - fix cipher selection in default ssl.conf, depend on new OpenSSL (#1134348) - require hostname for mod_ssl post script (#1135118)- mod_systemd: updated to the latest version - use -lsystemd instead of -lsystemd-daemon (#1125084) - fix possible crash in SIGINT handling (#958934)- mod_ssl: treat "SSLCipherSuite PROFILE=..." as special (#1109119) - switch default ssl.conf to use PROFILE=SYSTEM (#1109119)- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- add /usr/bin/useradd dependency to -filesystem requires- fix creating apache user in pre script (#1128328)- enable mod_request by default for mod_auth_form - move disabled-by-default modules from 00-base.conf to 00-optional.conf- update to 2.4.10 - expand variables in docdir example configs- add support for systemd socket activation (#1111648)- remove conf.modules.d from httpd-filesystem subpackage (#1081453)- add httpd-filesystem subpackage (#1081453)- mod_ssl: don't use the default OpenSSL cipher suite in ssl.conf (#1109119)- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- add support for SetHandler + proxy (#1078970)- move macros from /etc/rpm to macros.d (#1074277) - remove unused patches- update to 2.4.9- use 2048-bit RSA key with SHA-256 signature in dummy certificate- Create drop directory for systemd snippets- remove provides of old MMN, because it contained double-dash (#1068851)- fix graceful restart using legacy actions- conflict with pre-1.5.0 APR - fix sslsninotreq patch- update to 2.4.7 (#1034071)- switch to requiring system-logos-httpd (#1031288)- change mmnisa to drop "-" altogether- drop ambiguous invalid "-" in RHS of httpd-mmn Provide, keeping old Provide for transition- systemd: use {MAINPID} notation to ensure /bin/kill has always the second arg- mod_ssl: allow SSLEngine to override Listen-based default (r1537535)- systemd: send SIGWINCH signal without httpd -k in ExecStop- load mod_macro by default (#998452) - add README to conf.modules.d - mod_proxy_http: add possible fix for threading issues (r1534321) - core: add fix for truncated output with CGI scripts (r1530793)- require fedora-logos-httpd (#1009162)- revert fix for dumping vhosts twice- update to 2.4.6 - mod_ssl: use revised NPN API (r1487772)- mod_unique_id: replace use of hostname + pid with PRNG output (#976666) - apxs: mention -p option in manpage- add patch for aarch64 (Dennis Gilmore, #925558)- remove duplicate apxs man page from httpd-tools- remove zombie dbmmanage script- return 400 Bad Request on malformed Host header- ignore /etc/sysconfig/httpd and document systemd way of setting env variables in this file- htpasswd/htdbm: fix hash generation bug (#956344) - do not dump vhosts twice in httpd -S output (#928761) - mod_cache: fix potential crash caused by uninitialized variable (#954109)- execute systemctl reload as result of apachectl graceful - mod_ssl: ignore SNI hints unless required by config - mod_cache: forward-port CacheMaxExpire "hard" option - mod_ssl: fall back on another module's proxy hook if mod_ssl proxy is not configured.- fix service file to not send SIGTERM after ExecStop (#906321, #912288)- protect MIMEMagicFile with IfModule (#893949)- really package mod_auth_form in mod_session (#915438)- update to 2.4.4 - fix duplicate ownership of mod_session config (#914901)- add mod_session subpackage, move mod_auth_form there (#894500)- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild- add systemd service for htcacheclean- drop patch for r1344712- filter mod_*.so auto-provides (thanks to rcollet) - pull in syslog logging fix from upstream (r1344712)- rebuild to pick up new apr-util-ldap- rebuild- pull upstream patch r1392850 in addition to r1387633- define PLATFORM in os.h using vendor string- use systemd script unconditionally (#850149)- use systemd scriptlets if available (#850149) - don't run posttrans restart if /etc/sysconfig/httpd-disable-posttrans exists- use systemctl from apachectl (#842736)- fix some error log spam with graceful-stop (r1387633) - minor mod_systemd tweaks- use IncludeOptional for conf.d/*.conf inclusion- adding mod_systemd to integrate with systemd better- mod_ssl: add check for proxy keypair match (upstream r1374214)- update to 2.4.3 (#849883) - own the docroot (#848121)- add mod_proxy fixes from upstream (r1366693, r1365604)- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- drop explicit version requirement on initscripts- mod_ext_filter: fix error_log warnings- support "configtest" and "graceful" as initscripts "legacy actions"- avoid use of "core" GIF for a "core" directory (#168776) - drop use of "syslog.target" in systemd unit file- use _unitdir for systemd unit file - use /run in unit file, ssl.conf- mod_ssl: fix NPN patch merge- move tmpfiles.d fragment into /usr/lib per new guidelines - package /run/httpd not /var/run/httpd - set runtimedir to /run/httpd likewise- fix htdbm/htpasswd crash on crypt() failure (#818684)- pull fix for NPN patch from upstream (r1345599)- update suexec patch to use LOG_AUTHPRIV facility- really fix autoindex.conf (thanks to remi@)- fix autoindex.conf to allow symlink to poweredby.png- suexec: use upstream version of patch for capability bit support- suexec: use syslog rather than suexec.log, drop dac_override capability- mod_ssl: add TLS NPN support (r1332643, #809599)- add BR on APR >= 1.4.0- use systemctl from logrotate (#221073)- pull from upstream: * use TLS close_notify alert for dummy_connection (r1326980+) * cleanup symbol exports (r1327036+)- really fix restart- tweak default ssl.conf - fix restart handling (#814645) - use graceful restart by default- update to 2.4.2- fix macros- add _httpd_moddir to macros- fix symlink for poweredby.png - fix manual.conf- add mod_proxy_html subpackage (w/mod_proxy_html + mod_xml2enc) - move mod_ldap, mod_authnz_ldap to mod_ldap subpackage- clean docroot better - ship proxy, ssl directories within /var/cache/httpd - default config: * unrestricted access to (only) /var/www * remove (commented) Mutex, MaxRanges, ScriptSock * split autoindex config to conf.d/autoindex.conf - ship additional example configs in docdir- update to 2.4.1 - adopt upstream default httpd.conf (almost verbatim) - split all LoadModules to conf.modules.d/*.conf - include conf.d/*.conf at end of httpd.conf - trim %changelog- fix build against PCRE 8.30- update to 2.2.22- Rebuild against PCRE 8.30- fix #783629 - start httpd after named- complete conversion to systemd, drop init script (#770311) - fix comments in /etc/sysconfig/httpd (#771024) - enable PrivateTmp in service file (#781440) - set LANG=C in /etc/sysconfig/httpd- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- fix #751591 - start httpd after remote-fs- allow change state of BalancerMember in mod_proxy_balancer web interface- Make mmn available as %{_httpd_mmn}. - Add .svgz to AddEncoding x-gzip example in httpd.conf.- update to 2.2.21- update to 2.2.20 - fix MPM stub man page generation- fix #707917 - add httpd-ssl-pass-dialog to ask for SSL password using systemd- rebuild while rpm-4.9.1 is untagged to remove trailing slash in provided directory names- fix #716621 - suexec now works without setuid bit- fix #689091 - backported patch from 2.3 branch to support IPv6 in logresolve- update to 2.2.19 - enable dbd, authn_dbd in default config- fix path expansion in service files- add systemd service files (#684175, thanks to Jóhann B. Guðmundsson)- minor updates to httpd.conf - drop old patches- rebuild- use arch-specific mmn- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- generate dummy mod_ssl cert with CA:FALSE constraint (#667841) - add man page stubs for httpd.event, httpd.worker - drop distcache support - add STOP_TIMEOUT support to init script- update default SSLCipherSuite per upstream trunk- fix requires (#667397)- de-ghost /var/run/httpd- add tmpfiles.d configuration, ghost /var/run/httpd (#656600)- drop setuid bit, use capabilities for suexec binary- update to 2.2.17- link everything using -z relro and -z now- update to 2.2.16- default config tweaks: * harden httpd.conf w.r.t. .htaccess restriction (#591293) * load mod_substitute, mod_version by default * drop proxy_ajp.conf, load mod_proxy_ajp in httpd.conf * add commented list of shipped-but-unloaded modules * bump up worker defaults a little * drop KeepAliveTimeout to 5 secs per upstream - fix LSB compliance in init script (#522074) - bundle NOTICE in -tools - use init script in logrotate postrotate to pick up PIDFILE - drop some old Obsoletes/Conflicts- update to 2.2.15 (#572404, #579311)mod_proxy_html1:2.4.37-61.module_el8+563+4ebf229f1:2.4.37-61.module_el8+563+4ebf229f1:2.4.37-61.module_el8+563+4ebf229f1:2.4.1-200-proxyhtml.conf.build-idcded8df49935e1a02c52e8caca49f6d6e2523c84494365d3b80a95d83dd2960c35483e59932emod_proxy_html.somod_xml2enc.so/etc/httpd/conf.modules.d//usr/lib//usr/lib/.build-id/42//usr/lib/.build-id/a3//usr/lib64/httpd/modules/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpioxz2x86_64-redhat-linux-gnuASCII textdirectoryELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=a384494365d3b80a95d83dd2960c35483e59932e, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=42cded8df49935e1a02c52e8caca49f6d6e2523c, stripped R R R RRRRR RRRR RRRRR RRRutf-8014f1a62c65c4d7c3104a900d6446124dd4e0ef6bec7304163303f3fe669193chttpd:2.4:820230720125714:9edba152?7zXZ !#,;W] b2u Q{LV9g+`xЄ|@(6b\*b忯vtpGfN¯FjB.qLΈN3y|ٻ9 rw>cl>.e+ |C,=/Ԋ%:|@llܡ:gMAKTzIg^ѧXNVRAd \8#\0Ob>[aT͋WPI@TB4;5䅜b#j껁ChAP2=ř4|W#1Y V Yݶd1g^=zH0QY3Yh&psaBQNZw"YY嗙si*vèj[gT(h~~sTS W.rdˤEQt&X>=+~i1Mhg>k+&TYaJ#8-.6RӳGqjv;ґEQ;7@qCJ 1w5ʤQVa$VKHoh}C ˓0{TJwb-@Rzݩ]ke ͰEl[Il%ix0:-قd=QNCP@Liim6׷5[*DpqQdӢr6lM@OKtwE;IEl5}#ߪҀl^C7uFB,91QR2 -uz:HlcI/v+V>c>5:Uڪޜǯ2Ol[3C:RLZᛲ%hKZ ]k3oIݲHSb˴2fr+MA@kċBIv#F G*z<7Fm _O1 /cǦLA8Sѡ4-E,޾>n9'xx*bB5{Z x;JBr'+~6Czz' /פxos{&kg0i}ESzȨ Mr}k]p:UGH6zݻJ{gD4Uԓ.E (=rE3 v RI+oq ST@F2OoH@?dcb\od+(v17/DaM{Kʓ7^(jƨ+K{QoxbPDPr_]4є{Kv ,XeAHw[miTLQh1xۅZǑ(K>o|~P۷,i'geT TPR*LS@,xY=˞Bݽjf>-6v{N\ qZ%б/g۾tڵ&u@߃EF9қ[FuI3AUQjkHs0v~0(gΒ׊&) c()#?5X-K/K18bD,z%LGa:IaoZ~ [+i)X@ѨD3_,1$M<*6xE}6%1B6aU[@Ԑ <\Q6.p#cQY[;>tX!Z;wvxO9|C d٬p?(v$%o(u#;`_n D$6E)G U2K NY%?"P@DH ?six¬95jn -5a'Y .*VSiơP+j`Z%9Z\%>@XwzS.e&l_1VhNT?s"=A7l<kZ@|g6_FIF*[gw_|^B6PRQ' UiiUmֆ;YfN>\[wA^"6N3чL807(+{l>J ;0]r4w2m!]Wn슅*1F|o¥EqGy>.H3M>ƠX2F ;N?g}ۭ>ae5 DpBTA%;$=wX`;v>=[Ra1OȢ!4JMSyPm[T2mMG9Rh@ YޯhrabY'>mX%Z(ڿa'ٟd8Eq&4B և|mT{N$S.~YemGSz&Ng=RZia5Xiq%Pz z1pk ԥ7Q|/TZA'!^F$~mnjUɗ{,WR'ֱ-Hj['ip\ oc9-w8袞ec˧Wנ.hI(ڍ06,{qd2̘OjͪRELU]/Ki1N%!ԭvX,fDÈD(RLOʉ!y P{RL%EMRU8$rxgL1US֔c_7HQ_J9J ERtK˄Wײro&'0H^X<ޕ7\6RnzUѳx_x Y+Kj5 fۓ7NY@.kEy?pxb_~gi꠨}-jVG3FJiʹ8F߂5ww2A˺>}gL[?[]oSʇHF|g?\ 6=,~GD(/ a醴^Vj`j=x].O_{(WS`81l[io6pK6v܍n8CkYnߚ珕O'l/}\Yq1L4εx2łixws%l92MBk11KP :VJ)B4ZQ 36m4iV5hDfA8p:l&SytXuAa7C^`t9c7Vl']m\5|M~>7R '?;Z.<`Jf?Ba;.8IՆ.eEWayDl@3LZ'J;-:bh{9Bh haCrkU ,X'c;dk]쮤 ͆jR *w+Vqm3vP aPa"9{,&:biљ6qȔt5K)*c jMW}E/^=?ߧZ VτTU-a\ f7Cj^uUݓQHnqT9<63XuQDř(m hZAXN@x\2<ՠnC}Zm[VIJt*ˉNNwţ A-'QtyQ4vrz$\γ;!F,A$* jԆx{%{L*>z뼇AjXs/ ʓR_HP8[QQz-.1Omy)-&ԌC1c86i-`=-\{3c%65Nb-`:"$ OaJӁ*4v{wsѫh'g;s)n3Ta4*>HR;`j 0LP-`+S2Eg5ҤPӏʬ|g,kpW$Y%e vh,+lRxљgG!lŽp_JXlw9-Y#(C]6{@j1"T[;ϝG.M [Dlv_yY$2tCXߚ}SjFDI΢I7'5SAkV3~'X^ t¨+lm}DvpRnBU G(H}u͘0`--ed$4u`*ۆe eiEjD;GƷJ7t@߆5׶B -fxdw<27̷7!%ڲ zuGu .]mI |(5/Իed7?ya^U@X"z U1Y@2ڟ$q߮bEe`c/S470O+1j NdeLh;^"ؕϩԥd* H7${)}aR# | zCI=}R,JJOby8`Bnsӱr2?rs܀6 (Vt6!LPc@,7҈8L`Uj~  x:9UdUg:"SF,:Knn6ھ? K[Р&Ǩa>pSS ^XBMj}w;mNVCx7.5&WO+e^Fx(IJToʲ?fH&E”}2X$ܨ<#R/WOb$Q'mi~q$M𢴪ڍB@h{N}ZWOU"v\puL|kiffo-thA$aJ t$(ieF7mk:[5.RtΖ?|>L2QůJ .8K7~3lUj2Xة|娭$ڍ5u&rUQsʆ^e&c}>I;$?6_) ;QwS_;/,YV@`.ըJ@oae)3r(yr ;4G2p0Z@?(%)g,&<G;*ʾB;-;Bvx\\j܄D:ۼ7zy<8'vnLǚQȯ]e|!/AN0w8DST9iIn 1T?^tg;)Vw[[8&kKHsD6x]*}kO!8qaI~̴i m-H}}S aSHVt#XyLT[GO䂁@pCQ6n Zia g_ x^ggĐӶO61g?o0-k -+Z! ?BW;s ]JQ~r8V bqRq"ԑλYE1䪓RlMN59Dzo]_)RڮHAЙn]pp Ѳ@b„ֺT^uutXSn~#6}d$7p{ɟ.0d-O mJ,+ғx5]eLjPEraKRF[?CHnw™;/}ZvdY TAxq8VOsJ7 kcbe:fQCo<hΡ/Zoev/[GXIY~릟Yg䢌/|xD5͂"|E!dAuR`|H:SUAuL&Re+{ew&Jl5X䢞 BY⼨ę k.1Z8¶w*m0Mf9cxg[mTX5/DgɯI/ N1"6qJ$<l=8ea(hh,I Do"9Cl;Ad0KK6%/f6p(>EϩM9,MgCl c QhdrѸ`dtWA9e+ ,?o3"y[jp$I4g9WqJjɗ5(GB| H> H9D}:fIEQ0扐A@- M\2(M2STиA|YfT:+l;"q?YJzF@-ԅoӇ#ܖzt[2='@ZvHrw/.޼.jf#>e RY4U Ti\A<χs#Ed)TOL11jpdl%6*B[*LC*-f;o)[8j QR18u'̣:qƱ$jfQ& d*3?cAіxc5[X{h^M-¹8 m=z)뮈kA.:['=t-:ݼ,atm.dyV?oxbX?Ӷ`TmOM=,M7yl!&;T^г6,3AX؃zAؠט-_@UbF_]VSxp""kV9kU߾_ݥNƶ 2hq~>AEOD&1+O'[dh: 44el0qYW@!!0Hl؅JEgK3 U/ &X:oOv_ml0uӾGjx qȒ1Fj18+9섀pН*9Z_;1^"ț b=լ޳ՙK "&(oZCn+CYaO{dtSC@1Y!M&EMl؃{OB }]{{DW!p#7V / ukF%>HNQ9[<C_|<6R)L }Ȏdֈ$Yir3%{>*k֑,DF8IIGs 縎*!(k.~WX~<'-áJnWܶdO$w0Nn)㝩Kv~.9$'ț%:G;c):L[bL#/d&L/$ G-{ ڙ>xfZXsl5Z^1?Pϫ`rR\J$5Yڕ "Wȃn~\D 0]FLc7\C #0/em#@f·Dx$t#IR4:>mCv|$pEiK/EWy9-]^ "]/;nm|$ Sĩ~!?i&C$PGUNa=Ɏv%~ !TfB:z*?ZQ6["f](TaiY x{eIuOCTcbը".e훿 ך~^ڃ|AK|DY'Vn SfΗ5TBs|d;J2G,vRQ ȰkxĤo]1U JuhW?ٷt1VsGL!Z,%9-*/G1V֦E&dX5ŘYS~mR {lKce,ITPdGƠ i\ 4a&7HHI| ]2+\_^`c99-DKe4#=ͺ#RN峕Lԛ__wYD܋_OoP`4oܝ O_ϨK(pmt&%EkDFm%Xuح}U ic6Y.zp$3 fRb!F2QJVE`pRnM~ZKq AcG (HL2:F9t`"PP׾N;O^x5œy϶vjO 5Ќз*b*6ܒWA- zHi%wHcʃ%2ghCf<{;|ãm,Ei,.a옹zVML@q7X^<;O(Aňשyd#޼svP:\? @)\@l: o S;Y'`L&uo`?sI`ùpnؠ j<]z>%Ο 2# :'(N%:]J_Ek\vp} zz+I9XE5#jVIŶT=A`ھ(GbJwrNC1eXbY9 =Rt1/75X/0=ѝ^]FX.Eh,Ó+U78ֱob?w¸ls=h9pƇ_ЎV D ~3DϳMVeeKJ"]gǜФyO0x [?x]xN'z~qp)piH3($, x>“Yye[xes+o֧.Q_G+b1b}&u_jHu[X+88LTx;% ، ]&HM}ufYi)ʷWov#uQxy$n8+Fɉc4UN#:qG̗gtdMj#*⬊{H8M͛zȃIjU4p/F<:rˇjB n̍'ECL@RmhMM:|r]Tsmb$6GJV>Wgh0Lj$Ľ؏++$zZn EEw ah.âЮGE3xLs?guՖY~DC}}kU^LȢ+Rc `aan[$l| |-M{cWM_^1p_:tn;SNqAQ-Uq&Tn7oUД#Y:+3U1MĶXO<'%!ٚgCXO/#+ |>{}eܖLmJF#U>)^TW#G˼IM|Bd S-(qynPp.o>v E+s uf ;ب|45ൽDc7/[Dݲ?/1=(OrHNyJ΋166ٗS&H<¤笶鱫C%)Wj 3~eeMi'1 i{c-o\ su}g_1p4`űs_[0eZ촢k |ASArUF`V8͢[6Z#$RAzc@hGd… {+ ~Ñ d›|(gTti;]f)`n>s"ئU&l$bбRJY2AU位+L`'"i[& jJL%0x#HT \ޯӓ%:T8UFZr_Mcb; Ra#Ȯҵn7,;nl1KgflM'#V^7:Ӎ7aWx4K}iZO2SlJJ= _/4742N䯢)5AE69i$Y2>֬ 6݊̓,كFJؙl؅Mx?$8"8T 0 Ϝ0Ɉp N\)i[kh8A\Ud7 N̑dR9B!vpd(sҶ'2{bQn FX}+87wUӻZxbH%A a`4EطGQ@LT+A殍>'sCjS`wg.)AO%SŐ$%}*L˔aTk VYV=/L]du}f/qcB 4g `w%LEH>0d>@ɖzBtxhw' ]蠐 6kviNF~: STZ Bq@~՜D@'L!DlbF[wO`4&?70n_9I]4!WY~%\NrY^r`+6)2 u;x72IF !mj3a:e/kY[yh®qbyD$Nd5]:Hu__r+8Cߍ"?>E6pu Uy?uGoL@ ':Oß>ݬO^5Yȶ;_0t[D)'tXpQ& bRQ~# IB+%GrIO 4fm]h,k\ Zb!7q][fOKCa,)TAXn6F׈;Æ Tя1@g fViQoĀW6NA s]ܚm5 )*〟yi[h c|Y6IQƯއ#вiNGтV ܫ@Yx">ŽȂUͫ8gr- gD W4Ju )#{Ys'H++IWI;3RA:m o\K>Y?i,.\o'Gkd&?~V@"Nlќ~y'osJWIs YtlZo$`pR&Q#n W<_\AxmlfY3-ݯ*l۫RL2#ƌ $׾}bN|}q pSM?VL/0;͛?Q:n[k&,`FsK+.sj[i? AGSG`X3j|u<ӪwJ,;t*2.ۜ*Ȕ:Nc bgvls$ W<( fF6* AVP܁LŲ(7஢H_Rs.l W}j%$gGd WdKR\_c.j9Qkruip_P}/i{;o')֖LD"_~p۬o(0 ȇxJWg Tw%ʝ3k#/? "%؏cڙb2%=jpPE wJlvGmGmKKoOԔӋG"ȸK+Boyi `(s۱BQ2Fޓ\m+ sPf D\Yvq(nmx6l5*% ^'ȹCdfL NO6:@G{i>2:5[ѵ 8 9XO&_v&7^@lFR&:wyV f4P gAtA_2.d^ {Mw_Ϊ)|՗g/^y潂ў6,xV1i&>ҽ +({D{x1$^S>iiL@ghJ 2M((Ɋ/ѻHgBߘ)'a)Ȋ.C:OfmK)TTtVyyI)ݥOe$*Ke}Ι]ܡQn71bQNZ uXY3ODt#q{W70kyMYMB7'\廍.}9RAh쮭{,}Q..x(n P ]d}Ns{ x ͗4`Ձ3~T,9qa`"?dw`R}Q({sMj0ܴ, -F4hxo&=Hmt 2dapʍE>xN`>TrbJd{gxZLfn0]Ni%c.}FK8_&ߑE7 гiG3G2m %xl(->Lm] waUJ+%G0*h8,@BHY<ׄ൨ GR@Q#V 2 evt׶ g2+PYF7Y~v,)e~&'W ZLs|'ccuo~uD]w `SSq Fdfyd(׿~S+ f.7W/qNN(`{Ty#?8 }ܛXs,PeR(FW_/3i*pV˻oE!,٩n ~`U\u0YLC k>_az.|`%5fZaĭI/g^S|d@ȃʾTG(Tr|pXzr=pÑEi! (];g_UvR<>txGe`"zS)d$/%F W ê RgQ4EL"2aC*ڹ xs"q,ԗRrK)ݘ: _k Ћ!>!žCgB*_9wn֙T@$C/SȻ.@7k*%&ă{l,A>[7M*o0K6̇!^R*lD'Sq,Y_:{bj6{ O(D>phvȝ,/7xu;LvCO+p7u& Wnh5o{1 % cPf+$WDRo@Rrҗs*-g1~ hQ7} :I #J|ٙsnڣHs_=r}%1c+iX2;gd ^<ԥV~Z?^gQKƏd'-¹2m@m4h5p+|IP7݅5>N_;EmV %0M@k.[Hk5hMԗ䶼9Щ+0EW_t+cbGtQtߐvJV.M/ß$/GVYPasb-0(\,BL==skiț{=A7UV^c(<)V^~֍ca#vJupMw۱ i^mr#&&\J sxC)D]$gxhF{PdS)ZYWx2g._tSzfA1'3gWB`77ah DZj J$Jٴh.V&7}_uXysu%4 82Y.+c4&l5ӯT޶ YZ