mod_session-2.4.37-64.module_el8+965+1ad5c49d >  H   +<@eӶ U]q3+ y[b Y^Ujhr_u 0EqaGSv@ۮגY-=r ܭwRBrDh_{Uލ3a ՛H]Q8M+4涌vwv/U+:jMrPq+"ma&~Z fo(%O|>T kt]#tԅ M~U0e-}cO,Vs0[U|)J)ڪ|1Ej!}#zY2M`~1f>$9B°kX[qȈ'  ESب{ EnXψ \9V zN@W1}ۺ$AH(UMv;$v;#3p"'.SNZH/"@v[:!+ Q7'Q}wT2m.2<+3cyM@YeCE HpȊcc6f4d24b806ea6dc1eac8d7996b101c0501a7ca8f3b193823ae3e51ecd2b81251f53b29d45379d8c0704ec4e1e2927b8f5647a00302047c435bb500673065023006c32f8871e994935216a8fbb584a0260effd485e8f17c80ffe7ea8ee64e733152af3eb5df0c31521eac183c3da44eb2023100f0c6042e1e14f98c9d3a2aa71408e8ee09ba3fbaff3feecd1252f0aa9bbb0cc9e643c597ef7000c995e160b2c0afe9a30302047c435bb50066306402301e08d9aa551e599b6258282c35ab4ab28f661d451c58b516e1d20bceba72a5b6fb184bbccc1d5970a1969de6c3723a4602306844e9ebc08dcbcee1054c24adab593deee4b577e0d188064e77b68b8ed7bd3d81f8e4c2403ec01055d3936d78e036720302047c435bb50066306402301e08d9aa551e599b6258282c35ab4ab28f661d451c58b516e1d20bceba72a5b6fb184bbccc1d5970a1969de6c3723a4602306844e9ebc08dcbcee1054c24adab593deee4b577e0d188064e77b68b8ed7bd3d81f8e4c2403ec01055d3936d78e036720302047c435bb50066306402301e08d9aa551e599b6258282c35ab4ab28f661d451c58b516e1d20bceba72a5b6fb184bbccc1d5970a1969de6c3723a4602306844e9ebc08dcbcee1054c24adab593deee4b577e0d188064e77b68b8ed7bd3d81f8e4c2403ec01055d3936d78e036720302047c435bb50066306402301e08d9aa551e599b6258282c35ab4ab28f661d451c58b516e1d20bceba72a5b6fb184bbccc1d5970a1969de6c3723a4602306844e9ebc08dcbcee1054c24adab593deee4b577e0d188064e77b68b8ed7bd3d81f8e4c2403ec01055d3936d78e036720302047c435bb50066306402301e08d9aa551e599b6258282c35ab4ab28f661d451c58b516e1d20bceba72a5b6fb184bbccc1d5970a1969de6c3723a4602306844e9ebc08dcbcee1054c24adab593deee4b577e0d188064e77b68b8ed7bd3d81f8e4c2403ec01055d3936d78e036720302047c435bb50066306402301e08d9aa551e599b6258282c35ab4ab28f661d451c58b516e1d20bceba72a5b6fb184bbccc1d5970a1969de6c3723a4602306844e9ebc08dcbcee1054c24adab593deee4b577e0d188064e77b68b8ed7bd3d81f8e4c2403ec01055d3936d78e036720302047c435bb500673065023100b59621d181e981c4643afd1c2f9e1f9f1302b695ccfbed8e13826889472ccb71d47ca308d2e1b307a3e375a73c520d9b02305ddb66a0f3db0ba5db779c2e36e79e1af033511a357a0d966dbf8b04852ba4ef30f3f5b7cc1e657a634dafd1d08968b50302047c435bb500683066023100b7df1c5e517af43eefc54b58ea850e8ac4c8a22bdd25c3a34bb0276e7dba40cfe1c079b0ed2a6df282eb8bbd06590a68023100991eaf2fc3aea4a3773814c12008b6f7ac8c01cd9cdf79f26e809c318706af66be817586f82542169a720acd0fa79efb0302047c435bb500673065023100b0f4cd1c3291fb2abbda30d33e39f33d8775f7da1fd4319ff9a1f3268a8cbcea865a9d881322685acf6fc04edfa88eaa023079311665544e2c28f582b996bd7c114efa73d336cf8c2575258b9f24cef85b702fc64792eee09dd13956ca9574ee7dec0302047c435bb50066306402302cb0df41165cc2e9443aecfb2f1816301349133fd1cd84cc924fa6dcd8bc44820915bb6c69e0e58d14e72dc6805e6e810230471d2892fa51fa14e586de8bf4bf70954d458c022587cb212785eeb638dae1e786b9ce4d18a5e26fbc6adcabbfafb1a90302047c435bb50066306402306fefbc16c710e4d59167a1621b14bc5f87c5c5354382dc9ddaeb4f93677df0e3560d1f56589ec482875ca105eddd91fd02304aaa5c90266ee408feba18c3d1bf679fb7330f24d85d18762f2a80ed3a828fbf67d402a58b3c091bd818bb2582e826aa#SeӶ U]Vԙb3;VAlJP6[#G8CFTGKge2ɕ ;L_^ hogꬹępc42Rכ;m-0IBMyQg=P VX,횄'ZۄڨtVqyݏ wb2Z!KcUv8h ~`'dD&g>6AvfnհCw}s~~ Vz0=g'UD{Lj <뙵6w4 Fbyy[.vH i[s( Qx^+Y. cE0FhN|q Xϓ T ݜ|cʇKr)W4VMC6nGTuh,CN7/ =vsA&Ƈ{(퍱)"ڱRA =p`qf-z0W=ήQGƼw djFȈ>`=_?Od 0 ]  -Hbhp              P Q(89 :8aGd H I XY\D ]t ^bbdeflt u v4w x< yl(,Cmod_session2.4.3764.module_el8+965+1ad5c49dSession interface for the Apache HTTP ServerThe mod_session module and associated backends provide an abstract interface for storing and accessing per-user session data.e#x86-01.stream.rdu2.redhat.comgCentOSCentOSASL 2.0builder@centos.orgSystem Environment/Daemonshttps://httpd.apache.org/linuxx86_6494269p_/8_`O`Ae#e#e#e#e#e#e#e#e#e#e#e#51df0ceeb7dae9922817f4af0554f83fe01d6268025ee08260aeed69be3953d1578c1f4f8feb3dad3e2e1445a3d434f9cd9357d3c219ca64605cea99befd4c67d68f0a49ac2c325aee19fc6e5f7156f8447003d2e89d620fe886594892d66ef30d1d484fcb4b1b4d0865052128d91ffe95e2668da2071d84ed8b1de898484976983877c13e23201ab8172b2addd5c2583c926c258d2b48601e06b0bbd7a3ae5f181b775905adf9f5d9b0863499d37c73d3058695005ab7d1a8f0a49182384833../../../../usr/lib64/httpd/modules/mod_session_crypto.so../../../../usr/lib64/httpd/modules/mod_auth_form.so../../../../usr/lib64/httpd/modules/mod_session.so../../../../usr/lib64/httpd/modules/mod_session_dbd.so../../../../usr/lib64/httpd/modules/mod_session_cookie.sorootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootroothttpd-2.4.37-64.module_el8+965+1ad5c49d.src.rpmconfig(mod_session)mod_sessionmod_session(x86-64)@@@@@@    @config(mod_session)httpdhttpd-mmnlibc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.4)(64bit)libpthread.so.0()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)2.4.37-64.module_el8+965+1ad5c49d0:2.4.37-64.module_el8+965+1ad5c49d20120211x86643.0.4-14.6.0-14.0-15.2-14.14.3eN@e̫@d d\@d!d-@d-@d-@doMdJcdcck@cck@c(Ybޅbb2@b8haNaaaawaU`:@`f@`@`@_м@__@_:_^b^(@^@^]]@]߶]҇]@]g@]-@]]@\7\Z@\Yz\T4\\U@[@[[[@[H[u[[[ā@[ā@[ā@[@[@["@[YZ@Z@Z@Yp@Y{Y@Y@YéYéYéYéYX@YYYYx@Ym@YlYf@Ycl@YV=@YGY5GY@YXۡXP@X @X@XwoX[@X[@XEVX)@X@WW~D@W~D@W~D@WKW@VVVVn@VhV.VCV@UK@U@Ua@UF@UQUQTp@T=@T@T @TT_Tk@Tk@S0S@SGS@SS/SS@SSS"@SS5d@S4S&Sz@Sz@S(S@R@RRG@R@R@RsRrF@Ri Re@RVQ@QQޞ@QQo@Q@QQV@Q@Qo@Qm=@QQQ,Q,Q']QP @P6@P6@P{@PPl(PiPiPiPiPYPQPIP3x@P3x@PPO@OO@O@OЗOЗOF@OF@OF@O]@O"O"O@O@O@O@O@O@OOOOOOleOleO_6O_6O_6OU@O8@O8@O5OKO@ONNS@N{#@NoENdNBrN)f@N&@N@N MM>MMn1@MdMRMF@M(QM$]@M$]@M# L@L@LLMxL7@K@Joe Orton - 2.4.37-64Joe Orton - 2.4.37-63Johnny Hughes - 2.4.37-62Luboš Uhliarik - 2.4.37-62Tomas Korbar - 2.4.37-61Tomas Korbar - 2.4.37-60Tomas Korbar - 2.4.37-59Tomas Korbar - 2.4.37-58Luboš Uhliarik - 2.4.37-57Luboš Uhliarik - 2.4.37-56.5Luboš Uhliarik - 2.4.37-56.4Luboš Uhliarik - 2.4.37-56Luboš Uhliarik - 2.4.37-55Luboš Uhliarik - 2.4.37-54Luboš Uhliarik - 2.4.37-53Tomas Korbar - 2.4.37-52Luboš Uhliarik - 2.4.37-51Luboš Uhliarik - 2.4.37-50Luboš Uhliarik - 2.4.37-49Luboš Uhliarik - 2.4.37-48Luboš Uhliarik - 2.4.37-47Luboš Uhliarik - 2.4.37-46Luboš Uhliarik - 2.4.37-45Luboš Uhliarik - 2.4.37-44Luboš Uhliarik - 2.4.37-43Luboš Uhliarik - 2.4.37-42Luboš Uhliarik - 2.4.37-41Lubos Uhliarik - 2.4.37-40Artem Egorenkov - 2.4.37-39Lubos Uhliarik - 2.4.37-38Lubos Uhliarik - 2.4.37-37Lubos Uhliarik - 2.4.37-36Lubos Uhliarik - 2.4.37-35Lubos Uhliarik - 2.4.37-33Lubos Uhliarik - 2.4.37-31Joe Orton - 2.4.37-30Lubos Uhliarik - 2.4.37-29Lubos Uhliarik - 2.4.37-28Lubos Uhliarik - 2.4.37-27Lubos Uhliarik - 2.4.37-21Lubos Uhliarik - 2.4.37-20Joe Orton - 2.4.37-19Lubos Uhliarik - 2.4.37-18Lubos Uhliarik - 2.4.37-17Lubos Uhliarik - 2.4.37-16Lubos Uhliarik - 2.4.37-15Lubos Uhliarik - 2.4.37-14Lubos Uhliarik - 2.4.37-13Lubos Uhliarik - 2.4.37-11Lubos Uhliarik - 2.4.37-10Lubos Uhliarik - 2.4.37-9Joe Orton - 2.4.37-8Joe Orton - 2.4.37-7Joe Orton - 2.4.37-6Luboš Uhliarik - 2.4.37-5Luboš Uhliarik - 2.4.37-4Luboš Uhliarik - 2.4.37-3Joe Orton - 2.4.37-2Lubos Uhliarik - 2.4.37-1Luboš Uhliarik - 2.4.35-10Lubos Uhliarik - 2.4.35-9Joe Orton - 2.4.35-7Joe Orton - 2.4.35-5Lubos Uhliarik - 2.4.35-4Lubos Uhliarik - 2.4.35-3Lubos Uhliarik - 2.4.35-2Lubos Uhliarik - 2.4.35-1Lubos Uhliarik - 2.4.33-4Joe Orton - 2.4.33-3Luboš Uhliarik - 2.4.33-2Joe Orton - 2.4.28-8Luboš Uhliarik - 2.4.28-2Luboš Uhliarik - 2.4.28-1Joe Orton - 2.4.27-14Joe Orton - 2.4.27-13Joe Orton - 2.4.27-12Stephen Gallagher - 2.4.27-11Jeroen van Meeuwen - 2.4.27-10Joe Orton - 2.4.27-9Jeroen van Meeuwen - 2.4.27-8Stephen Gallagher - 2.4.27-8.1Joe Orton - 2.4.27-8.1Joe Orton - 2.4.27-7Fedora Release Engineering - 2.4.27-6Fedora Release Engineering - 2.4.27-5Joe Orton - 2.4.27-4Joe Orton - 2.4.27-3Luboš Uhliarik - 2.4.27-2Luboš Uhliarik - 2.4.27-1Joe Orton - 2.4.26-2Luboš Uhliarik - 2.4.26-1Joe Orton - 2.4.25-10Joe Orton - 2.4.25-9Joe Orton - 2.4.25-8Luboš Uhliarik - 2.4.25-7Luboš Uhliarik - 2.4.25-6Joe Orton - 2.4.25-5Fedora Release Engineering - 2.4.25-4Joe Orton - 2.4.25-3Luboš Uhliarik - 2.4.25-2Luboš Uhliarik - 2.4.25-1Luboš Uhliarik - 2.4.23-7Joe Orton - 2.4.23-6Joe Orton - 2.4.23-5Joe Orton - 2.4.23-4Joe Orton - 2.4.23-3Joe Orton - 2.4.23-2Joe Orton - 2.4.23-1Joe Orton - 2.4.18-6Joe Orton - 2.4.18-5Joe Orton - 2.4.18-4Joe Orton - 2.4.18-3Fedora Release Engineering - 2.4.18-2Jan Kaluza - 2.4.18-1Joe Orton - 2.4.17-4Jan Kaluza - 2.4.17-3Jan Kaluza - 2.4.17-2Joe Orton - 2.4.17-1Jan Kaluza - 2.4.12-4Joe Orton - 2.4.12-3Fedora Release Engineering - 2.4.12-2Jan Kaluza - 2.4.12-1Jan Kaluza - 2.4.10-17Jan Kaluza - 2.4.10-16Jan Kaluza - 2.4.10-15Joe Orton - 2.4.10-14Jan Kaluza - 2.4.10-13Jan Kaluza - 2.4.10-12Jan Kaluza - 2.4.10-11Jan Kaluza - 2.4.10-10Joe Orton - 2.4.10-9Joe Orton - 2.4.10-8Jan Kaluza - 2.4.10-7Joe Orton - 2.4.10-6Fedora Release Engineering - 2.4.10-5Jan Kaluza - 2.4.10-4Jan Kaluza - 2.4.10-3Joe Orton - 2.4.10-2Joe Orton - 2.4.10-1Jan Kaluza - 2.4.9-8Jan Kaluza - 2.4.9-7Jan Kaluza - 2.4.9-6Joe Orton - 2.4.9-5Fedora Release Engineering - 2.4.9-4Jan Kaluza - 2.4.9-3Jan Kaluza - 2.4.9-2Jan Kaluza - 2.4.9-1Joe Orton - 2.4.7-6Stephen Gallagher 2.4.7-5Jan Kaluza - 2.4.7-4Jan Kaluza - 2.4.7-3Joe Orton - 2.4.7-2Joe Orton - 2.4.7-1Joe Orton - 2.4.6-10Joe Orton - 2.4.6-9Joe Orton - 2.4.6-8Jan Kaluza - 2.4.6-7Joe Orton - 2.4.6-6Jan kaluza - 2.4.6-5Joe Orton - 2.4.6-4Jan Kaluza - 2.4.6-3Jan Kaluza - 2.4.6-2Joe Orton - 2.4.6-1Jan Kaluza - 2.4.4-12Joe Orton - 2.4.4-11Joe Orton - 2.4.4-10Joe Orton - 2.4.4-9Jan Kaluza - 2.4.4-8Jan Kaluza - 2.4.4-7Jan Kaluza - 2.4.4-6Jan Kaluza - 2.4.4-5Jan Kaluza - 2.4.4-4Jan Kaluza - 2.4.4-3Joe Orton - 2.4.4-2Joe Orton - 2.4.4-1Joe Orton - 2.4.3-17Fedora Release Engineering - 2.4.3-16Joe Orton - 2.4.3-15Joe Orton - 2.4.3-14Joe Orton - 2.4.3-13Joe Orton - 2.4.3-12Joe Orton - 2.4.3-11Joe Orton - 2.4.3-10Joe Orton - 2.4.3-9Joe Orton - 2.4.3-8Joe Orton - 2.4.3-7Jan Kaluza - 2.4.3-6Joe Orton - 2.4.3-5Joe Orton - 2.4.3-4Jan Kaluza - 2.4.3-3Joe Orton - 2.4.3-2Joe Orton - 2.4.3-1Joe Orton - 2.4.2-23Fedora Release Engineering - 2.4.2-22Joe Orton - 2.4.2-21Joe Orton - 2.4.2-20Joe Orton - 2.4.2-19Joe Orton - 2.4.2-18Joe Orton - 2.4.2-17Joe Orton - 2.4.2-16Joe Orton - 2.4.2-15Joe Orton - 2.4.2-14Joe Orton - 2.4.2-13Joe Orton - 2.4.2-12Joe Orton - 2.4.2-11Joe Orton - 2.4.2-10Joe Orton - 2.4.2-9Joe Orton - 2.4.2-8Joe Orton - 2.4.2-7Joe Orton - 2.4.2-6Joe Orton - 2.4.2-5Joe Orton - 2.4.2-4Joe Orton - 2.4.2-3Joe Orton - 2.4.2-2Jan Kaluza - 2.4.2-1Joe Orton - 2.4.1-6Joe Orton - 2.4.1-5Joe Orton - 2.4.1-4Joe Orton - 2.4.1-3Joe Orton - 2.4.1-2Joe Orton - 2.4.1-1Joe Orton - 2.2.22-2Joe Orton - 2.2.22-1Petr Pisar - 2.2.21-8Jan Kaluza - 2.2.21-7Joe Orton - 2.2.21-6Fedora Release Engineering - 2.2.21-5Jan Kaluza - 2.2.21-4Jan Kaluza - 2.2.21-3Ville Skyttä - 2.2.21-2Joe Orton - 2.2.21-1Joe Orton - 2.2.20-1Jan Kaluza - 2.2.19-5Iain Arnell 1:2.2.19-4Jan Kaluza - 2.2.19-3Jan Kaluza - 2.2.19-2Joe Orton - 2.2.19-1Joe Orton - 2.2.17-13Joe Orton - 2.2.17-12Joe Orton - 2.2.17-11Joe Orton - 2.2.17-10Joe Orton - 2.2.17-9Fedora Release Engineering - 2.2.17-8Joe Orton - 2.2.17-7Joe Orton - 2.2.17-6Joe Orton - 2.2.17-5Joe Orton - 2.2.17-4Joe Orton - 2.2.17-3Joe Orton - 2.2.17-2Joe Orton - 2.2.17-1Joe Orton - 2.2.16-2Joe Orton - 2.2.16-1Joe Orton - 2.2.15-3Robert Scheck - 2.2.15-1- Resolves: RHEL-14448 - httpd: mod_macro: out-of-bounds read vulnerability (CVE-2023-31122)- mod_xml2enc: fix media type handling Resolves: RHEL-14321- change for CentOS Stream Branding- Resolves: #2221083 - Apache Bug 57087: mod_proxy_fcgi doesn't send cgi CONTENT_LENGTH variable when the client request used Transfer-Encoding:chunked- Fix issue found by covscan - Related: #2159603- Another rebuild because of mistake in workflow - Related: #2159603- Rebuild because of mistake in workflow - Related: #2159603- Resolves: #2159603 - mod_status lists BusyWorkers IdleWorkers keys twice- Resolves: #2176723 - CVE-2023-27522 httpd:2.4/httpd: mod_proxy_uwsgi HTTP response splitting- Resolves: #2190133 - mod_rewrite regression with CVE-2023-25690- Resolves: #2177748 - CVE-2023-25690 httpd:2.4/httpd: HTTP request splitting with mod_rewrite and mod_proxy- Resolves: #2162499 - CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write of zero byte - Resolves: #2162485 - CVE-2022-37436 httpd: mod_proxy: HTTP response splitting - Resolves: #2162509 - CVE-2022-36760 httpd: mod_proxy_ajp: Possible request smuggling- Resolves: #2155961 - prevent sscg creating /dhparams.pem- Resolves: #2095650 - Dependency from mod_http2 on httpd broken- Resolves: #2050888 - httpd with SSL fails to start unless hostname command was installed- Add the SNI support in mod_proxy_wstunnel module for Apache httpd - Resolves: rhbz#2017543- Resolves: #2097015 - CVE-2022-28614 httpd:2.4/httpd: out-of-bounds read via ap_rwrite() - Resolves: #2097031 - CVE-2022-28615 httpd:2.4/httpd: out-of-bounds read in ap_strcmp_match() - Resolves: #2097458 - CVE-2022-30522 httpd:2.4/httpd: mod_sed: DoS vulnerability - Resolves: #2097480 - CVE-2022-30556 httpd:2.4/httpd: mod_lua: Information disclosure with websockets - Resolves: #2098247 - CVE-2022-31813 httpd:2.4/httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism - Resolves: #2097451 - CVE-2022-29404 httpd:2.4/httpd: mod_lua: DoS in r:parsebody - Resolves: #2096997 - CVE-2022-26377 httpd:2.4/httpd: mod_proxy_ajp: Possible request smuggling- Resolves: #2065237 - CVE-2022-22719 httpd:2.4/httpd: mod_lua: Use of uninitialized value of in r:parsebody - Resolves: #2065267 - CVE-2022-22721 httpd:2.4/httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody - Resolves: #2065324 - CVE-2022-23943 httpd:2.4/httpd: mod_sed: Read/write beyond bounds- Resolves: #2090848 - CVE-2020-13950 httpd:2.4/httpd: mod_proxy NULL pointer dereference- Resolves: #2065249 - CVE-2022-22720 httpd:2.4/httpd: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier- Resolves: #2035030 - CVE-2021-44224 httpd:2.4/httpd: possible NULL dereference or SSRF in forward proxy configurations- Resolves: #2035063 - CVE-2021-44790 httpd:2.4/httpd: mod_lua: possible buffer overflow when parsing multipart content- Resolves: #2007199 - CVE-2021-36160 httpd:2.4/httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path - Resolves: #1972491 - CVE-2021-33193 httpd:2.4/mod_http2: Request splitting via HTTP/2 method injection and mod_proxy- Resolves: #1968278 - CVE-2020-35452 httpd:2.4/httpd: Single zero byte stack overflow in mod_auth_digest - Resolves: #2001046 - Apache httpd OOME with mod_dav in RHEL 8 - Resolves: #2005128 (CVE-2021-34798) - CVE-2021-34798 httpd: NULL pointer dereference via malformed requests - Resolves: #1984828 - mod_proxy_hcheck piles up health checks leading to high memory consumption - Resolves: #2005119 - CVE-2021-39275 httpd: out-of-bounds write in ap_escape_quotes() via malicious input- Related: #2007236 - CVE-2021-40438 httpd:2.4/httpd: mod_proxy: SSRF via a crafted request uri-path- Resolves: #2007236 - CVE-2021-40438 httpd:2.4/httpd: mod_proxy: SSRF via a crafted request uri-path - Resolves: #1969229 - CVE-2021-26691 httpd:2.4/httpd: Heap overflow in mod_session- Resolves: #1680111 - httpd sends reply to HTTPS GET using two TLS records - Resolves: #1905613 - mod_ssl does not like valid certificate chain - Resolves: #1935742 - [RFE] backport samesite/httponly/secure flags for usertrack - Resolves: #1972500 - CVE-2021-30641 httpd:2.4/httpd: MergeSlashes regression - Resolves: #1968307 - CVE-2021-26690 httpd:2.4/httpd: mod_session NULL pointer dereference in parser - Resolves: #1934741 - Apache trademark update - new logo- Resolves: #1952557 - mod_proxy_wstunnel.html is a malformed XML - Resolves: #1937334 - SSLProtocol with based virtual hosts- prevent htcacheclean from while break when first file processed- Resolves: #1918741 - Thousands of /tmp/modproxy.tmp.* files created by apache- Resolves: #1883648 - [RFE] Update httpd directive SSLProxyMachineCertificateFile to be able to handle certs without matching private key- Resolves: #1896176 - [RFE] ProxyWebsocketIdleTimeout from httpd mod_proxy_wstunnel - Resolves: #1847585 - mod_ldap: High CPU usage at apr_ldap_rebind_remove()- Resolves: #1651376 - centralizing default index.html for httpd- Resolves: #1868608 - Intermittent Segfault in Apache httpd due to pool concurrency issues - Resolves: #1861380 - httpd/mod_proxy_http/mod_ssl aborted when sending a client cert to backend server - Resolves: #1680118 - unorderly connection close when client attempts renegotiation- Resolves: #1677590 - CVE-2018-17199 httpd:2.4/httpd: mod_session_cookie does not respect expiry time - Resolves: #1869075 - CVE-2020-11984 httpd:2.4/httpd: mod_proxy_uswgi buffer overflow - Resolves: #1872828 - httpd: typo in htpasswd, contained in httpd-tools package - Resolves: #1869576 - httpd : mod_proxy should allow to specify Proxy-Authorization in ProxyRemote directive - Resolves: #1875844 - mod_cgid takes CGIDScriptTimeout x 2 seconds for timeout - Resolves: #1891829 - mod_proxy_hcheck Doesn't perform checks when in a balancer- Resolves: #1209162 - support logging to journald from CustomLog- Resolves: #1823263 (CVE-2020-1934) - CVE-2020-1934 httpd: mod_proxy_ftp use of uninitialized value- Related: #1771847 - BalancerMember ping parameter for mod_proxy_http doesn't work- Resolves: #1823259 - CVE-2020-1927 httpd:2.4/httpd: mod_rewrite configurations vulnerable to open redirect - Resolves: #1747284 - CVE-2019-10098 httpd:2.4/httpd: mod_rewrite potential open redirect - Resolves: #1747281 - CVE-2019-10092 httpd:2.4/httpd: limited cross-site scripting in mod_proxy error page - Resolves: #1747291 - CVE-2019-10097 httpd:2.4/httpd: null-pointer dereference in mod_remoteip - Resolves: #1771847 - BalancerMember ping parameter for mod_proxy_http doesn't work - Resolves: #1794728 - Backport of SessionExpiryUpdateInterval directive- Resolves: #1775158 - POST request with TLS 1.3 PHA client auth fails: Re-negotiation handshake failed: Client certificate missing- Resolves: #1704317 - Add support for SSLKEYLOGFILE- mod_cgid: enable fd passing (#1633224)- Resolves: #1744121 - Unexpected OCSP in proxy SSL connection - Resolves: #1725031 - htpasswd: support SHA-x passwords for FIPS compatibility - Resolves: #1633224 - mod_cgid logging issues- remove bundled mod_md module - Related: #1747898 - add mod_md package- Resolves: #1744999 - CVE-2019-9511 httpd:2.4/mod_http2: HTTP/2: large amount of data request leads to denial of service - Resolves: #1745086 - CVE-2019-9516 httpd:2.4/mod_http2: HTTP/2: 0-length headers leads to denial of service - Resolves: #1745154 - CVE-2019-9517 httpd:2.4/mod_http2: HTTP/2: request for large response leads to denial of service- Resolves: #1730721 - absolute path used for default state and runtime dir by default- Resolves: #1724549 - httpd response contains garbage in Content-Type header- Resolves: #1696142 - CVE-2019-0217 httpd:2.4/httpd: mod_auth_digest: access control bypass due to race condition - Resolves: #1696097 - CVE-2019-0220 httpd:2.4/httpd: URL normalization inconsistency - Resolves: #1669221 - `ExtendedStatus Off` directive when using mod_systemd causes systemctl to hang - Resolves: #1673022 - httpd can not be started with mod_md enabled- Resolves: #1695432 - CVE-2019-0211 httpd: privilege escalation from modules scripts - Resolves: #1696091 - CVE-2019-0215 httpd:2.4/httpd: mod_ssl: access control bypass when using per-location client certification authentication- Resolves: #1672977 - state-dir corruption on reload- Resolves: #1670716 - Coredump when starting in FIPS mode- add security fix for CVE-2019-0190 (#1671282)- add DefaultStateDir/ap_state_dir_relative() (#1653009) - mod_dav_fs: use state dir for default DAVLockDB - mod_md: use state dir for default MDStoreDir- add httpd.conf(5) (#1611361)- Resolves: #1652966 - Missing RELEASE in http header- Resolves: #1641951 - No Documentation= line in htcacheclean.service files- Resolves: #1643713 - TLS connection allowed while all protocols are forbidden- mod_ssl: fix off-by-one causing crashes in CGI children (#1649428)- Resolves: #1644625 - httpd rebase to 2.4.37- Related: #1493510 - RFE: httpd, add IP_FREEBIND support for Listen- mod_ssl: allow sending multiple CA names which differ only in case- mod_ssl: drop SSLRandomSeed from default config (#1638730) - mod_ssl: follow OpenSSL protocol defaults if SSLProtocol is not configured (Rob Crittenden, #1638738)- mod_ssl: don't require SSLCryptoDevice to be set for PKCS#11 cert- Resolves: #1635681 - sync with Fedora 28/29 httpd - comment-out SSLProtocol, SSLProxyProtocol from ssl.conf in default configuration; now follow OpenSSL system default (#1468322) - dropped NPN support - mod_md: change hard-coded default MdStoreDir to state/md (#1563846) - don't block on service try-restart in posttrans scriptlet - build and load mod_brotli - mod_systemd: show bound ports in status and log to journal at startup - updated httpd.service.xml man page - tweak wording in privkey passphrase prompt - drop sslmultiproxy patch - apachectl: don't read /etc/sysconfig/httpd - drop irrelevant Obsoletes for devel subpackage - move instantiated httpd@.service to main httpd package- Resolves: #1602548 - various covscan fixes- apache httpd can work with TLS 1.3 (#1617997) - drop SSLv3 support patch- new version 2.4.35 (#1632754)- mod_ssl: enable SSLv3 and change behavior of "SSLProtocol All" configuration (#1622630)- mod_ssl: add PKCS#11 cert/key support (Anderson Sasaki, #1527084)- new version 2.4.33 - add mod_md subpackage; load mod_proxy_uwsgi by default- remove %ghosted /etc/sysconfig/httpd (#1572676)- Resolves: #1512563 - httpd: update welcome page branding - Resolves: #1511123 - RFE: httpd use event MPM by default - Resolves: #1493510 - RFE: httpd, add IP_FREEBIND support for Listen- new version 2.4.28- add notes on enabling httpd_graceful_shutdown boolean for prefork- drop Requires(post) for mod_ssl- better error handling in httpd-ssl-gencerts (#1494556)- Require sscg 2.2.0 for creating service and CA certificates together- Address CVE-2017-9798 by applying patch from upstream (#1490344)- use sscg defaults; append CA cert to generated cert - document httpd-init.service in httpd-init.service(8)- Address CVE-2017-9798 by applying patch from upstream (#1490344)- Generate SSL certificates on service start, not %posttrans- move httpd.service.d, httpd.socket.d dirs to -filesystem- add new content-length filter (upstream PR 61222)- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- update mod_systemd (r1802251)- switch to event by default for Fedora 27 and later (#1471708)- Resolves: #1469959 - httpd update cleaned out /etc/sysconfig- new version 2.4.27- mod_proxy_fcgi: fix further regressions (PR 61202)- new version 2.4.26- move unit man pages to section 8, add as Documentation= in units- add httpd.service(5) and httpd.socket(5) man pages- require mod_http2, now packaged separately- Resolves: #1397243 - Backport Apache Bug 53098 - mod_proxy_ajp: patch to set worker secret passed to tomcat- Resolves: #1434916 - httpd.service: Failed with result timeout- link only httpd, not support/* against -lselinux -lsystemd- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild- mod_watchdog: restrict thread lifetime (#1410883)- Resolves: #1358875 - require nghttp2 >= 1.5.0- new version 2.4.25- Resolves: #1401530 - CVE-2016-8740 httpd: Incomplete handling of LimitRequestFields directive in mod_http2- fix build with OpenSSL 1.1 (#1392900) - fix typos in ssl.conf (josef randinger, #1379407)- no longer package /etc/sysconfig/httpd - synch ssl.conf with upstream- add security fix for CVE-2016-5387- load mod_watchdog by default (#1353582)- restore build of mod_proxy_fdpass (#1325883) - improve check tests to catch configured-but-not-built modules- update to 2.4.23 (#1325883, #1353203) - load mod_proxy_hcheck - recommend use of "systemctl edit" in httpd.service- have "apachectl graceful" start httpd if not running, per man page- use redirects for lang-specific /manual/ URLs- fix welcome page HTML validity (Ville Skyttä)- remove httpd pre script (duplicate of httpd-filesystem's) - in httpd-filesystem pre script, create group/user iff non-existent- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- update to new version 2.4.18- re-enable mod_asis due to popular demand (#1284315)- fix crash when using -X argument (#1272234)- rebase socket activation patch to 2.4.17- update to 2.4.17 (#1271224) - build, load mod_http2 - don't build mod_asis, mod_file_cache - load mod_cache_socache, mod_proxy_wstunnel by default - check every built mod_* is configured - synch ssl.conf with upstream; disable SSLv3 by default- update to 2.4.16- mod_ssl: use "localhost" in the dummy SSL cert if len(FQDN) > 59 chars- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild- update to 2.4.12- fix compilation with lua-5.3- remove filter for auto-provides of httpd modules, it is not needed since F20- core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704) - mod_cache: fix NULL pointer dereference on empty Content-Type (CVE-2014-3581) - mod_proxy_fcgi: fix a potential crash with long headers (CVE-2014-3583) - mod_lua: fix handling of the Require line when a LuaAuthzProvider is used in multiple Require directives with different arguments (CVE-2014-8109)- require apr-util 1.5.x- use NoDelay and DeferAcceptSec in httpd.socket- increase suexec minimum acceptable uid/gid to 1000 (#1136391)- fix hostname requirement and conflict with openssl-libs- use KillMode=mixed in httpd.service (#1135122)- set vstring based on /etc/os-release (Pat Riehecky, #1114539)- pull in httpd-filesystem as Requires(pre) (#1128328) - fix cipher selection in default ssl.conf, depend on new OpenSSL (#1134348) - require hostname for mod_ssl post script (#1135118)- mod_systemd: updated to the latest version - use -lsystemd instead of -lsystemd-daemon (#1125084) - fix possible crash in SIGINT handling (#958934)- mod_ssl: treat "SSLCipherSuite PROFILE=..." as special (#1109119) - switch default ssl.conf to use PROFILE=SYSTEM (#1109119)- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- add /usr/bin/useradd dependency to -filesystem requires- fix creating apache user in pre script (#1128328)- enable mod_request by default for mod_auth_form - move disabled-by-default modules from 00-base.conf to 00-optional.conf- update to 2.4.10 - expand variables in docdir example configs- add support for systemd socket activation (#1111648)- remove conf.modules.d from httpd-filesystem subpackage (#1081453)- add httpd-filesystem subpackage (#1081453)- mod_ssl: don't use the default OpenSSL cipher suite in ssl.conf (#1109119)- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- add support for SetHandler + proxy (#1078970)- move macros from /etc/rpm to macros.d (#1074277) - remove unused patches- update to 2.4.9- use 2048-bit RSA key with SHA-256 signature in dummy certificate- Create drop directory for systemd snippets- remove provides of old MMN, because it contained double-dash (#1068851)- fix graceful restart using legacy actions- conflict with pre-1.5.0 APR - fix sslsninotreq patch- update to 2.4.7 (#1034071)- switch to requiring system-logos-httpd (#1031288)- change mmnisa to drop "-" altogether- drop ambiguous invalid "-" in RHS of httpd-mmn Provide, keeping old Provide for transition- systemd: use {MAINPID} notation to ensure /bin/kill has always the second arg- mod_ssl: allow SSLEngine to override Listen-based default (r1537535)- systemd: send SIGWINCH signal without httpd -k in ExecStop- load mod_macro by default (#998452) - add README to conf.modules.d - mod_proxy_http: add possible fix for threading issues (r1534321) - core: add fix for truncated output with CGI scripts (r1530793)- require fedora-logos-httpd (#1009162)- revert fix for dumping vhosts twice- update to 2.4.6 - mod_ssl: use revised NPN API (r1487772)- mod_unique_id: replace use of hostname + pid with PRNG output (#976666) - apxs: mention -p option in manpage- add patch for aarch64 (Dennis Gilmore, #925558)- remove duplicate apxs man page from httpd-tools- remove zombie dbmmanage script- return 400 Bad Request on malformed Host header- ignore /etc/sysconfig/httpd and document systemd way of setting env variables in this file- htpasswd/htdbm: fix hash generation bug (#956344) - do not dump vhosts twice in httpd -S output (#928761) - mod_cache: fix potential crash caused by uninitialized variable (#954109)- execute systemctl reload as result of apachectl graceful - mod_ssl: ignore SNI hints unless required by config - mod_cache: forward-port CacheMaxExpire "hard" option - mod_ssl: fall back on another module's proxy hook if mod_ssl proxy is not configured.- fix service file to not send SIGTERM after ExecStop (#906321, #912288)- protect MIMEMagicFile with IfModule (#893949)- really package mod_auth_form in mod_session (#915438)- update to 2.4.4 - fix duplicate ownership of mod_session config (#914901)- add mod_session subpackage, move mod_auth_form there (#894500)- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild- add systemd service for htcacheclean- drop patch for r1344712- filter mod_*.so auto-provides (thanks to rcollet) - pull in syslog logging fix from upstream (r1344712)- rebuild to pick up new apr-util-ldap- rebuild- pull upstream patch r1392850 in addition to r1387633- define PLATFORM in os.h using vendor string- use systemd script unconditionally (#850149)- use systemd scriptlets if available (#850149) - don't run posttrans restart if /etc/sysconfig/httpd-disable-posttrans exists- use systemctl from apachectl (#842736)- fix some error log spam with graceful-stop (r1387633) - minor mod_systemd tweaks- use IncludeOptional for conf.d/*.conf inclusion- adding mod_systemd to integrate with systemd better- mod_ssl: add check for proxy keypair match (upstream r1374214)- update to 2.4.3 (#849883) - own the docroot (#848121)- add mod_proxy fixes from upstream (r1366693, r1365604)- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- drop explicit version requirement on initscripts- mod_ext_filter: fix error_log warnings- support "configtest" and "graceful" as initscripts "legacy actions"- avoid use of "core" GIF for a "core" directory (#168776) - drop use of "syslog.target" in systemd unit file- use _unitdir for systemd unit file - use /run in unit file, ssl.conf- mod_ssl: fix NPN patch merge- move tmpfiles.d fragment into /usr/lib per new guidelines - package /run/httpd not /var/run/httpd - set runtimedir to /run/httpd likewise- fix htdbm/htpasswd crash on crypt() failure (#818684)- pull fix for NPN patch from upstream (r1345599)- update suexec patch to use LOG_AUTHPRIV facility- really fix autoindex.conf (thanks to remi@)- fix autoindex.conf to allow symlink to poweredby.png- suexec: use upstream version of patch for capability bit support- suexec: use syslog rather than suexec.log, drop dac_override capability- mod_ssl: add TLS NPN support (r1332643, #809599)- add BR on APR >= 1.4.0- use systemctl from logrotate (#221073)- pull from upstream: * use TLS close_notify alert for dummy_connection (r1326980+) * cleanup symbol exports (r1327036+)- really fix restart- tweak default ssl.conf - fix restart handling (#814645) - use graceful restart by default- update to 2.4.2- fix macros- add _httpd_moddir to macros- fix symlink for poweredby.png - fix manual.conf- add mod_proxy_html subpackage (w/mod_proxy_html + mod_xml2enc) - move mod_ldap, mod_authnz_ldap to mod_ldap subpackage- clean docroot better - ship proxy, ssl directories within /var/cache/httpd - default config: * unrestricted access to (only) /var/www * remove (commented) Mutex, MaxRanges, ScriptSock * split autoindex config to conf.d/autoindex.conf - ship additional example configs in docdir- update to 2.4.1 - adopt upstream default httpd.conf (almost verbatim) - split all LoadModules to conf.modules.d/*.conf - include conf.d/*.conf at end of httpd.conf - trim %changelog- fix build against PCRE 8.30- update to 2.2.22- Rebuild against PCRE 8.30- fix #783629 - start httpd after named- complete conversion to systemd, drop init script (#770311) - fix comments in /etc/sysconfig/httpd (#771024) - enable PrivateTmp in service file (#781440) - set LANG=C in /etc/sysconfig/httpd- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- fix #751591 - start httpd after remote-fs- allow change state of BalancerMember in mod_proxy_balancer web interface- Make mmn available as %{_httpd_mmn}. - Add .svgz to AddEncoding x-gzip example in httpd.conf.- update to 2.2.21- update to 2.2.20 - fix MPM stub man page generation- fix #707917 - add httpd-ssl-pass-dialog to ask for SSL password using systemd- rebuild while rpm-4.9.1 is untagged to remove trailing slash in provided directory names- fix #716621 - suexec now works without setuid bit- fix #689091 - backported patch from 2.3 branch to support IPv6 in logresolve- update to 2.2.19 - enable dbd, authn_dbd in default config- fix path expansion in service files- add systemd service files (#684175, thanks to Jóhann B. Guðmundsson)- minor updates to httpd.conf - drop old patches- rebuild- use arch-specific mmn- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- generate dummy mod_ssl cert with CA:FALSE constraint (#667841) - add man page stubs for httpd.event, httpd.worker - drop distcache support - add STOP_TIMEOUT support to init script- update default SSLCipherSuite per upstream trunk- fix requires (#667397)- de-ghost /var/run/httpd- add tmpfiles.d configuration, ghost /var/run/httpd (#656600)- drop setuid bit, use capabilities for suexec binary- update to 2.2.17- link everything using -z relro and -z now- update to 2.2.16- default config tweaks: * harden httpd.conf w.r.t. .htaccess restriction (#591293) * load mod_substitute, mod_version by default * drop proxy_ajp.conf, load mod_proxy_ajp in httpd.conf * add commented list of shipped-but-unloaded modules * bump up worker defaults a little * drop KeepAliveTimeout to 5 secs per upstream - fix LSB compliance in init script (#522074) - bundle NOTICE in -tools - use init script in logrotate postrotate to pick up PIDFILE - drop some old Obsoletes/Conflicts- update to 2.2.15 (#572404, #579311) 2.4.37-64.module_el8+965+1ad5c49d2.4.37-64.module_el8+965+1ad5c49d2.4.37-64.module_el8+965+1ad5c49d01-session.conf.build-id4e892a7d672d8ec4d414a3fd583f29203a656ee703416b2bbb1b8febf907489d177e19a6073b01404bb810471d2ab99a943d896953f9b06a96d134ce12a9952e07722c037702f0c85183569aabc29f4f9f8935866b0568945b228fb2bd6552mod_auth_form.somod_session.somod_session_cookie.somod_session_crypto.somod_session_dbd.so/etc/httpd/conf.modules.d//usr/lib//usr/lib/.build-id/3d//usr/lib/.build-id/73//usr/lib/.build-id/af//usr/lib/.build-id/e1//usr/lib/.build-id/f8//usr/lib64/httpd/modules/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpioxz2x86_64-redhat-linux-gnuASCII textdirectoryELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=73e703416b2bbb1b8febf907489d177e19a6073b, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=af01404bb810471d2ab99a943d896953f9b06a96, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=f8abc29f4f9f8935866b0568945b228fb2bd6552, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=3d4e892a7d672d8ec4d414a3fd583f29203a656e, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=e1d134ce12a9952e07722c037702f0c85183569a, stripped RRRRR RRRRR RRRRRR RRRRRR RRRRRR utf-8784997bf9337f115037e277b17a0af7daa6a1679058f5a58e95d8f93f31c1c69httpd:2.4:820240216084734:9edba152?07zXZ !#,ȇ] b2u Q{LXr`eBRĎK"e]sPin mv{ 2yY&&Z!z5Ҝcu m>@`Cv@Ilrkn*)^<jVhj G|bWb E|wh5ZK):1Q4󎦱\t:/wA_ʂ̧5!(gu \uA8ʏ =jD|bϵ ӃzGg\# ^8iL)@9;18e=r'O E A^"r֢x456A +Ti"Я[\iƉ0C)NA{:9δan;Z,Rqlb y4z,ᇍ4iO" >"8ㅋ yA\)]b$$c fXl%J\#Χf>{F+$5l-m)zض>uv֊<đ)iRV"^5q9vݺ̯F=uBϞP[z<ղ&;B{LQS32`t=5pdߊhs3ʹ,:U[y1{v S'2xb+GƗ.J="rJiXd"YTWڕ;Oʿs|{B9~lB?9#" r@,Ag<΄'fj s!'lb g;@QiZ*'WW0wO54('^m^1פKF z#"#OzB:75kQ^OFJʜA,5Z\pFuڃwDu N ߹YAʓ^rXʜf`PS4"ʘh=LY(Eì@!.(L;h!«243/\53vo!V׊Dkho'tBSDN;q2ew sƓ>W$ ~U;ŗmΡn $v 3^z h>o5A>Fj#ci&LAڭu KkA?M6Z%_(jy882e1nTVw`%)3ti~s!G̚HX1Q®- &e׾ĕm 18F2#^/,LtҡD2C WS(& $&܂/bGj=.VhK$^.% EZ@əi Tr0UiUL(^ݬBd$HQ]Tp<}Zx _wW&uΗ&D;f`PWqs,$WTs3@1#a9Ѫ_~䣢]b xP6I.ALl*eъ$U;aN],L_ ajC 4|D?k.I({oILRN:WҮeGebl~;y+@^pR~Q9Db#ƺ C|tIDOyfd,4okubwAO -}JF4Gdže;cv8dԔGR$Ƕ^4> Yig=U|,qT^BDe]oKr=>nhՅ톔QL&.~_(pU 3U1Q嘺R1N1 Z(s4?Coi%!m 258oj6_Jvh8~DwXmoL _xe8[׵>QD|)xt!m-OkO|-)ԨQ&a{ <fc%c yYص@5p)+G9/ ;\>6)IJtq6Q] gLz*Ռn9OV`Cru#Ms\NVS'UAJoHѾvoNA.:Odc=R}”;,idլw/DlzƊWc_3 Szo!P.&&3Ԭv={ OUNILaL_; ?3*5UJXwXn}DH%LjcQWE1ʉ{D% q ֦_7l,9w3 ~Џi`X*hN-mTeUO+JL@` DoL<-4fƤK[ y 7r6m)·Λ!д'4x%!v \pTܾ,"rtʃ_ߥV9qncedZwY/{9RI4Pم8,Bq/P-.}k|v̓ _,ǿfƮ㟏Bdz4}Iűz5_=&qJ߽ [ZKQי0>t%{K#@JEc|(]^:u^b <*iBu0!ZYAXaOY oE2YF-IN~ԦK#AezizxtA;; #tchMq /N?r)0e=f (fuGKDVT½k㉐? -Cz 8J9` gMZł !+˶y T^-顴pӌMj . FL,m}t@dN)2XeQ,I5[vy]uqޗi6`ΑhLmFW*|dkH*bQ&B1,lc5TK0 :gj4[B+~ %1x+i&2HW{/oi%9k~fA|VӾxI20h*gGP.3P5~<ZfZ?DRkB \^='SHkgkZ5DOt3Ɛ]NfjmHt#Ck9YM;dG.*97UT ?gVh$= ҝ";jCU/*qj`ڋ|æ Ozq^y ڽO*AABJc]gr-tw2ES$Q΋^_pBy@e7mƊզ-*02<. f]Ue0-e'Ld\#r"Dtܺى߅慗%}$,IO+8#,o"$&|F7.%ky2tlӐʛ@rDw-GXeeqg=q2wz e')3MiUZ#}}Y@RP8J#K j rڪSۥh͡!E>kgwY. ~I,V]`?[O9oYTAo1fGZ=ԥKϬJ-[ @|`.g4`1jC.W=GkR6Wp_FBH+g_@OP(.e aEh@ DB7V hk!UpMhJŇ)[6\gMfܳ@ 9Ki4?t%"3Wvަ(/D̕_.WjōGd;uIoh:UgO#N"|+_|_݌%<33vF.?2Ws̤70Uv ؆tc(h ?!Y%$83批/ٲ53a6 zr[uPKo-OYE("!G[{b'LZf+zfhylH?züe2C7.~DFDimehddaQ%mEQP +jt4<b8@+eh\3ѨĂK?؋u땟YG#X'bk2mؾ>ybؑ#A t%_0I ͸^VZ `}.nYqQ(7(1U|n;gI sfY՗DZG9M>}!c!/]C1U[MfX7qӀ3(E% w_"`۵hؒ\ew1WB{g9~| ze1C@|U)Q!{Eu1QCS&O풢 4Jx n4J= ߙ~8;*uEh!Zb q/Y[ipz4r,Ȟc]>~U"a@+OH= 7t'܀1da1B)Rh"ۏRXt=>K-u((v 40ؠprZ;bRitwփɏ0z:}n8Y.nܨ^꛺sа^vo=|:&)9B@# ux H*D!cw昧uMKZBO:-ս%659Wڰ4%[C:}3:u(2r.5wf`qiꓼm_/F޷H 'A5Gpb YRT#{[]/R QY9Bۦ߇v^'JB7znzb¢qjK񥽲.F.\9kҡuN'o!&^]" 3b ʳX0Dbt .@kY֖L1Py)HbÛC V ,K CEȡ1H+e%1X:"xU.+K81.Mޠ7o(3c_ÛPHn  2)> ;r;]ߤs\B]ԃQbFHSn9QTwM`F>Od= j؞qNQ*D|j>* ,21K czzv RUAVuf^R ؟l=ovqe:X0GA֠a>*Jrh*἖X@/SMlj$gv }T}r<'i&5[P^Vbi2rX\֕ yƪ4^N[):\ܸ+YhМ<ѡa,AJZ:}),61x7{} 3>tEh2og! AWM O$Ǔnȁ04)E[5ޜ͇XqvCsNqPr-]/Pā.em @Șݎ,Q9=a^\]7n ~pB]+Xh/5̒"1b(%-l,4 yӿҲ..#Q3]gY>t߶, Dzpm F巨Pw5J1;ȧ8k]+4ɝyo*ӫlx|LEÛY&.- @|0iVxHZio>onKsr09m%pU`O< Ucu&vq 3PFcWeE&ۄc'WX/!ѱgȹr^8?8n!SZYnTSnYeKd: k,CMj16( Wy̩cY' 9ebʼ%R-(6W[qCQlrj>U^n'hߑӿm2~hأOăzX"6>'~ёj.5 6\YeˍcijusnNm~'Ea}d3_OҶa= sፒ0SHy肓͆FZ0?1=m< oڠlPeRL{}2cV yO˔PAV@"er)\V wOriٕ:'Y6Bfu2(5.F!&[?_͊]kXH5Y'q7N| lvgud㰛NN; xi~258cq&j!Hyi S^s;E?]`W+r^TB~ŢzFSgF\[XvJ)HS.I$j~} iZn5XPxt a9?Qblئ㺷}doG:Ѫ"i7*k L m*L kߟjg ~$-0x}q*КvmjgtbxӇ{)żĶ?OCJGռ'?mK$? 8b'Ii,UGu&WiMDja[|A%{n41h~&/֪hϒC'T>cP,e@qRWfMM EE8#A5;]M(J_c*C~OiIG,=RɥlWw͠ K}Q|].^NatC!AC+#i6z>oDġ'IEV|_Ұ(a4VXO4!À9ߓ^;h tɴCȊot(SF%C15X?uc+6{_s-5*3r-֐(ZjUf'Z8J[׉G@ te;J&SuKv;[0 +[/:9ixb49w۪7 W{Ã9u=\/Y19PW(3قG蹿jʴJ/u֚#+z臤m/״ƹ췩RгF:#wV#CTTI8mPEjD]M(`!)gN%o!f$ί@um;<Ӎe^m5n>la"-o裰|6[Q>D@Cx8wjxA_r' (k$~fbb0P|!)wrw%<{E\x>(NYp1ar%yB32SBȾvv*z:;˦^Hi|׊_k9 Rg֓p[ 5Z9lAk,Ϧ.|\po?NpkM;jBɛnaQM#?C IeP+>? R& Q9+k?"2~ԭ81 |Sm&Lh'xbPgD_*D&STL3Dc`M*3J@HDb߭|cWs+#X+\^ 5Y:Ī{&u^Һ6GaJ?IV$VYı梥A<[~ kc&ָ}eaUFlؚ̘rGdC}̄` }]U>7fH1"C &-Z㨐)Y~^LrR.%2!E#;_p@8Nd~{䠩)Zx#w^Q3 O 4OI+m ,7D19&9mKD?qz0wmC %uTo٥nE_옒-.~Ar;ۆ#N{/s yQܡp}@wDލV sy Yϒ+v`jԽUM%#b 'NY:>L6? ׈<ޒ~L5270l$0jЯ75ֶUbN*ԎVɎ 7QVYhN϶F,(do+#4O*8 tQ3*ͪMaGHB٥H3!pA57c_!OsCɁ&Czupz|K?vz.Ye,C鱋k_ $=vXnptnMEkLmڶeM3t+9H6s84 EJې{eX!r@3}w;@f2=LH-eg-e* (hbJ壀p\(9]V8w-%uC"!5:x=soUeU ٗx?v̓NXI8a61E2E얉\k3F6wᚷ<5jU1XS0E(6intC>cz"SnwFќOE&*X%K}V2Bu ݑ?zdU{)j@V6'?e!'d_i+H/*HPkZDc9xyFFւ,)_r*F.e8gA_i%$.E&gv;%A`Umq,eȫ׎ mW>Tw k^Rp_z{Be;M^^}:yQ)NzE|+OOū v?ҦRl#}t:74i- צx~X/7!Rx_:Yo?çƇPf\q)י)05>c<)ZEA+"}Ѹ}zcZn#7m({1`r:ʓ&5z)#fVSA #Zc3p@5/, [ߘk&VYWF![kG8V/:Z$·HP+ۯjzQ,Y cfRɌf-u7*xho>te ,:%= ̗-h眔nldqaSF\G9 "ob~ jo&쬄돂*@3]~ '$plԍt;_2ct12 3et XFSu=E(LAl>t*DY= uUD(G#Meg2n+JvaV'jhچ+p7cǠ\ +~ (Qy{SZ*t Բ/p~yHMO:ͥH[ mJ{zl^61T&m"ĕ׺B68F&V֎5L"~?zt CJ2sSU7~p&~YXmUl녱t8 fϰڛm $,rSjی`c\*}[/?G<}^5&.B#'PFv.H~!92KswXtS}}C1w)1rt| uFLRr׷v PؾEZMq̥6ܲpj rNdXH("5ct8aNEԎХirtoD5tL$i8O.fS"OfR-/>/$߭X1-O&B1?' :ghMDc5t4 G>jeyJcCVu5l8GoM9%"z?JhבdZ @i:tв(9ܒB3}jh͑/Z:O0ノ^S-|⚖fJ ;? izfo}s5Rᢨ6M۪=Ep7,w [ӘY(x"~p@~?z90Tr7֞F9~j߭S3[i,?(94..vO-Ȏ~$E7yeLd*iy6@CiV- ohwf_1 VoLp20:IU@C E`]v]KHA]h)JPlOM+U+9c?/#o}hP@ER^@ϻ#qMk6Jڧ0 np=}LiE37Sv5 LqQWS)6N=V>RаBazVustJe[$z]M΁WrFܲ.=quUWkJ*7˃nmҲ']F9e? Qz'@ 쭦0ze>N!&J.3QPnײxjz$֢62")rBtG*CZk(NIAk{KFgQf(pOtkSyuk%PV*f+:U?0`[.؆m\;UW vTWؠQ2ָ͇؎ckIK1$R֝5E\i1zNv.-.XW׳]4o9{ PO~OJ/jZ@iuh  m*LAQK n:.7D"'^K7(2L0:4G& m^LgPvO|u1;S$doċgqVjG]Pt75Xk\tzzn1}MdxN6oaSz= *K]Q:S?yp_L\f"xhf'+X$w`mCNQ+{.;8^t"{UjJ5Gbh?P .}-^IeC&`ErC(-.bN\rP09`I,,GLIE#6$ڸC5h75ՠ(`<X!n{:ET (c9\G[GHVI>%;TKs_ uUQARe]` G]xOD XQ(r4oݞr[zvAwWmgSStH6gNg 5/(396I>RdAQ8\t@&FWe.VhqF 2O`/G8ۉ&xZ}{T.u2Ul6_2.NWgWC!(gTc#Ec+*j`;9]WSh}zrvpSGݓDVf>a;͵\if |!6]hsĀfe&Vd RksvBC>VudI&) $v*2cmn0_ц+?q7千0Ӏ~4%p=HRP}QPHv#YPVJKA䤊xr{Jl4VW"y`=e,~TЬ䇞浗4-]h0T"~V0f4EG4L!;"y̫~JْM0Bd [#Ҁ*'#4|Ӻ %޻d5J⓼k_7KY>LQJe`IаiA­ݭ6ry*v$_)?$j(JlĈ4SMlbV8^LXMyUUP ;fМVuԨh2ĵkDi0+X@hiRK7pxN R>|s3,OGiVUWľt*rPQ1 x|Fzip%7zk?zÕnֶMͪԸ:c.&?Pݟ_{?QBKwȔ"hzD9JzhֿECUkH`vLf蔗+uftuۚ*.[,V&^iE?mT qDI {APv-f =JV)}_  0]Dr دe;3's'ˋydV!>!ެ_ 8ו~qAaX BtgA(%A0@N!1 d?~y%Py+cw O߹qQv˒.X(I ioo~Q*Ъ'F,O0ढ़gU~H:zd^ԉش$.];a6&<|*H7POeQE#9ysQ"DL$]7G4h׃65Dv0hx$\۸b̢-d{ߦ/91X4YB( pgY2Xl$q`hNBwֲ̦ FKKv^ϭyp︯ܤ("(2uCK@^B5H?w115HW_dЕ)p絷#介 /bh toѺ|O<@4s N?fه;Pu,d''B|9 =c9Mu40q lC[y `ˉ}{!BcGzӣOH׷ ?s 5|P&!O(ڙF}g*VEp*[x"Ѳƺ+0#Foe =lNFD3@{ljgZ""BR 70;TzUT`L۪<.zj@yJ xpt(#c4(S٬.(x S)y+[^aM+Jy눙1Mv }S|cuKR^%,m{CR'.,";ZM!LT!pC:/&SҾQ܇'zGfM8jMgaHԶ/4!;AmQ~aw3M/m:X*]è;EXɔ b QLr1q )a8ͤWx~i{!VAq}ż Brh'b )B|Flvɯ fKdznu @5Ĭ1ϓG j*Xko[%sQL0+P"N.<}%(D5jGg#˞Rwkq4䟏SE:2_rGMILfHJS؄!i* 2J7\Ӳ 3vTL.x}kRē4ccp>*_?>Q1 Įܬ"Me8F+ZV PŠa- )tE+Ms앧>QoB.`9!s91 4#&,O2sC?g[ L-X(e3Jr ›GSͯH3HFU'(/ zܴ"'WӅ3{RG @%'gbHXTۺ\A߅@MZ#086g` 70=m0xj5ɪ[ uKGD?CBEjij!Zp*^no:&+kTү1He fRthdy& Eq_)7b*ViGwG\7җ=I"SqH&~tuDi.mw[T %A%ILk8r>wW}OJkƨsj=T6tv;cƏ[RInl!S!-*W;<+Lfv ޣ@ GW΃3wB< .aTnfehbGG3G]TҥJ\Kw. PHǷH(f(ZK QmJ~4`W<ǣ#(\$(XVeDUf"M I;?7AXZ_r佣֞:ChDb|0W0,,|Dam!mqm6F z]Dŵ_7xsմmN:WQ,^:vJ ~9}W.܇lP̪<__I(P&0^Qg*uEZxWSuIVMy[a b9,Fci e,G&2ysF4CB3ݦwn"zI_ˋ1|0}K6 m"MYw?1P&c=lצƀ5@hY)$hXh+3դ}a.3~fd:7z^ S7>))>֚ t;Go8p/qlmhI-(M3:r36 2TGeT%/m3]3>Bon]Mͮ񶲥QGqEA}@d\szt'|s.-9^'a_(ҏ9ÂeT .y{(ToHZ ?aR7]? xsLt۳1sCڮ]Q\L&;] م.r=ps_|zՕ| #&{7E>K]b(5+am,ʬeÔ`0SDɯէLu \ 5߶N?_5-=ރ0k1XSִLdN'xFi[B jBf~ԞtfB2@דX 3 q=>T6C?+nXT/KoP=f:zOx#-lݘc8Z+_i&oLFmXQT}wjhZWW.ߜT$t;ˍs$/kO7'5Zr#zQf[=~ktzLm?tj+fB\S6*YP{u}3&۞Pvz>79z5`L@1є`C}1D]kٙP,khyVnyP ɰFF!`F 8O~-tt.}{_mCՀ'/U\%\zʔBY+COd0r"Bs:{ <(,n ^~%iSI?'v|՞'4R\yé1jY<WY0b 'YR`t %LDw,v:74!3R*UQ},q]#IlFDYtŬ˺}Y to j(2\J2{O h^bnUa8%PA^Ρ87솦jZY''=c8-5iw-, s*j4/T ㅨ홭؉nP:,o=A"AOV$~.ທͿe'C3d4PdxBƬ8~UϩE^2vfVD9Lg8v6]Uv^黦YQb9th1&AU'MȦ˺%U^@XbҿȂ҅b .yn` r_rKSЂ@DMuJZÛ֞k7< ;wn@@V?u{ z=0[h?Vi"RtJp iTM!e.,ϳ&&'p)ӺnB(H !u $0~lc܏jdtZJ(0]!~8xsP3kQ| xi,vQYqfm`$wB B\\ˁT +&<|39ԅߜ^LOT? `AY>+vB̙'%qIM؟XؕXöM.ir:pK;ag, 1``{F5A]%U:AE $UBѭ:>pB!.}̚dy-bM#Nr'EoivᚃԃH}o_ { ST aF>]._Վ^(k+5+kZfOjh}d H `:MۦO;[% ;Ma: ~0Y O_b2-~{~`{JGxS!!ε-FUh#HbEBid,tG냶&7ė BduRM \&!@ RD%/5qUjb=і"OQ83y!n1.ɻKb5̏{D1"-DH_?jk N> ߯>ہ6IJh]HNbpҒR@2pЪ -II4c/Unko;jBiH8Z;!k"eiojFW᥇dvn9_a}N }Jݕ G7bTvFİ7z:s".{GHr 3EaŲo4`x_xS Qc.@džҩo;5lo|͊=DC}*ѡ&[V /R@pfJ;ٷX]~pn&?FRII{oZzMUOq qua&(ĝZ4KAXO*y3O?@ 'a \A\Qc 䱗Y؂ ?& IU@^JV{xpmCX_&; , SjJ5'aQ .V0XEE:}40gp (e.l=˹R9ƹ9cBss#`NZmL@_$djl'u܏7[لrʪJ|ۃ e4ߦ&$X-i1l:t@9>q:kdƾVYdv ndBDzʲMmsn *ʼFmA K}W*ʒ }\Kuuxt57 WH& [il8u;ɂ&TȩO_&w*Iq/\uQg 6@5"F ti-.*I9w zKsi{Wz?WS0c0X-J'^ǹ6QB㣒cg9W DeV~ۋ?:4{"Q6lBp0$ފ4I)~36 P] ׇmoT:>Lv4sFS3& 90\?OW)@aFj?}M5A<ýuiIvAc\t*c҆LRF1 GGZ B~]WQ/(~Cd2BX!+QF<~DSr_IKֺGE1~DWep|msh&x.31sXX uqcBSMaߏ~__ƀfQVQy{[MP;vsVeznR%sw=<G8`8Q׍=Tk˼(%&(]>9o☥"KsNC55Մ5[uKh*ɰINtļ d7`FoH{SHS}V8aupo۲8ei9e2Dn:ўQvoYd J/of(nv/uILeoAʼ oPIZbAƠ&>(PԹmd87W_.ag?C hv2 :i( VGfG y (>Z, TVPf rԆ:AZU™&=O]İr5bu ϭB:eY]%_btžBݸX ӡ)bkAhYD4S/M脾rcaEh;,^ȚODغ6.muZ}UEI R Wޕ\j0dENm$q0t*JQ})#ne -nRTq4KN_m39X.vXƽW=pk. 45xF-͆.y,g3s8xX7AfMý2<|s:(C^i>,b4 HE [l_ٞM ]3Hq/muǖJfn[{^NL Iq<+@$L_Ru-DxH`ç:Ն5LZ oj=X&!4EԅtOeL"ozDy큌=BwugrzQbTh,KB :p Co.{+F1j݅$-c 3Tn wm,R+(u$Sia0^^'^f/81&YxWt>K\Jb[M=wrҝ%kT;g)$^!'f bJc;{KtZe}K.r+#״ ,91xqp7,&3 Q,d[|8Ah@$}܊h"eCií{%NUH:Є'9LI|mzO.5̽>ӓ .v&G6 6[uDo=="?lC],\ ĎnӡI:WDLřl=ݫ"|V"PC8a3 GFǷE'J$pʉ$ L1ňX)T"p*gVĀsH1B%=tv;!Rny&IX),4ġY:پ NI3.~QR~oUGm {N艮F /-mf%}~kݍ+՟Q>̷<e#z̼#'5(mu8:٦X,+ UP>m@mIe=ߦCE-8ScAǎ,Az$5SEV(= ;hXTOZhmcbOxMXs_'< * Rze}J"z CNg2IvMG -CSPm׵F^>RgUXk0Y>25N3RT8qSfGg S(Z y, [,}s? ZK;3lUk@|>XQg9vjEn%jZW*)j;ﯿnxQ (mg1Pse=pùIvx2;Kf[m4k]pY[6{aO@63<P8ו2rÂ;u!X~aɯVj.a.ܓk  3+{\QE | z|Kxʘ RkZWVYjW<*#e^Q @|_:g8JLBYaYGo%V#_jx=X~Ֆ3@@,Gu񮧒Haqٹ#0*+ٙݡ:i h{[dCȾ33 .$mt_'#WÎ6y/N x µ&ȁeқ`像|"ح,yHX5l&5K퉒>3(׳ &1:)c2֎V!ͻ&@syOrD),%)d>gHF9"+ ?sE˵,-( $ʪSDtO!\'p2#b]ɡ|쇨pK (h9Ϋb xb঍x9ސ2%LׂemaH[6W:8Z>[kg s͇;]uu{ ^aZȱbq4lMo hCjqtibͺI=f;fIl e;ڌV[)'ouANF;Ga▵ aj?溒 `{rGIR'PQg}q[syomKka'fĤFӫxN ÁVό?]v[N ;5̄B fyLjWL$^1i7bf|y[|_/4~*},\Բ(WգG iN"`|xj2YxŢqac^^So?j/ qֆL#Rj]ulqz2%ƛ4?a iaM􄔼ڽ@u?MCWX5u7MPznz҅ h/?O#[>,鑯zFmPj`s :5[UJA&#msty6L%}K?}lŇWupTAA*vӽZGɰZakC/%ezSU{ Rnr,e]$ly"AsٛoӯXEL+)43DB` Qbϝت~F4nY1iu8dp 2̰cET% xB2*y$vIk:sq2$g|\ #qv~?$t{I{@}`Er jn(|{* !-YiiǜZ)j )uI"R.gB5lnS/ w.*`Y; V# sLH)sR 1JG1&\8]t'@,)ʼ48ޙ'զk}dfA?(?Ba: SM} W@f%v^TV0扑d WLi:n 7:wO~Q<؁OP9ĜzAflXwo(~ϙbzB Fv I6#IӭB~R\-4:Z>p/OAeqԱI^-ٳ  GAJ%s]+|7ntA~i OYVFٴ >pcKkkYonNEu[72*IJ%U$s Hkm۸RWFZY#f;XY+9 Y8~$:P/@_ߎL.W Xv [SX YUNa^pF\~nvclK b*15ᒟpv;O͗<^ejħXЗm@5"c̈,kYj5Pՠx &F,z6yWt:Rcfd 'ʃݔ«:Z#%e,٢N8A o!Уoz-SsG81?1mNcw@&G~0ȥ~SZefABKIC`[g-30u<=E-b B,8kTjGcR )si2ոZRP9}4.AD-*t]fTkzb9bG* '&\I;yǿz:y2HX̛N.ҥHzm]+ rȚt?5kp{yaxRppCWePFho V* IJjU05q6lZ1u.KdpԨC4Z4|yn_D<-P+s#jy>f{ɚngKpʹJIz V笊>h5x<ôqX@6&E:% 5SERmg\dt 5hrf4 Ȃ92*`3>+*;uB2D{^dUKBe8`1!|҇DI2z+{֨Sf`?(o,'茶4tBYGVtͽ:[<6$UNt懂ɼ!t;sd;3[ G2D 4>ė3cBދ ;zaF(h; 64 (We3(ۮ2S;h}Xi 9qE|^MSp;~Գƻ((\eX]Ak7tɂqN?8|Y%ޗƐ2esm4DNLW}4p>tMm0&z0}8y=1cBᕗ,D*Nivs6ŴyI{k1~/ѦsX7\qsbwwlAy0;[NY@g *6ҟXz% P-ql=Ɍ<>CF0e‘o,,oT {Vw #q2nRO(qɏm83\-ʿmY)rK lJ6Vdcp%24rs|JxB]IQrϧH#Kn(UyZ PEz5!i̖COQ5Q!&_G;E E0A~6 ,?W1m3z>&P-#WT1yO´Wx6Q 43Cd:c07hj)Hk̖KS]1>T?JYs&L YZ