policycoreutils-sandbox-2.6-lp150.3.1 >  A Z渋/=„x3^=C*|H7R^2"~<%/(:|Ww`> ÝE{{m=Z>hK020b16719f89488d4778f4a0c29a7934cd456de045c58edefbd364d8434c654f65ae5fbafa1b9814cfcc380b61d17dbd2a058be4jTZ渋/=„v7Fߟ`[&F/,A}zc%SS[3 'ͰO>z4[=Bn,nכNX.&񬴗0iV8ǘ_/qƚd7<- AlΔLialw 'F96`KזhgGJwEKcG=(E»+K9{ͻ'` 3nk65]9q?ݼIZxm_]mwcFěsFGBU l3fP>p>B$?Bd ( B #)0H T ` x  @XN(y8$9$:~$F=,G=@H=XI=pX=xY=\=]=^=b>Vc>d?ee?jf?ml?ou?v?wA\xAtyA zAAAABCpolicycoreutils-sandbox2.6lp150.3.1SELinux sandbox utilitiesThe sandbox package contains the scripts to create graphical sandboxes.Zbuild84bwopenSUSE Leap 15.0openSUSEGPL-2.0-or-laterhttps://bugs.opensuse.orgProductivity/Securityhttps://github.com/SELinuxProject/selinuxlinuxx86_64ZU큤AZZZZZZef27df7e16107cdb3d236cc9c21d9873d050e301d81e8ad41c2c8dad6d413564f876fde286ac4e87b1ac7030de42180d60ecca1f08d1a62d0d529b70f13703bf729cb2a09fc5caf38d1b5e5f4160f6aa87965b365e75bfe9725b2230a9fdb663848c661eb93adfb914b2001bee730cb3e8b7858c654c2dfce4557001f659b57df28875cd3f94441ae8b7a40acc8385c7f029bb082df70253a7b308088ef5d0e4rootrootrootrootrootrootrootrootrootrootrootrootpolicycoreutils-2.6-lp150.3.1.src.rpmpolicycoreutils-sandboxpolicycoreutils-sandbox(x86-64)@@@@@@@@@@    /bin/bash/usr/bin/pythonlibc.so.6()(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.8)(64bit)libcap-ng.so.0()(64bit)libselinux.so.1()(64bit)policycoreutils-pythonrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)xorg-x11-server-extra2.63.0.4-14.6.0-14.0-15.2-14.14.1Z@ZmZ2@ZI@ZZ;@Z@Z XWW\@W~TZ@T @SxRRRrF@Q)@Q\QU@Q @P @P7@P|@P!@O:LO8@M~@MK@LKK[Kf@J]J;}J+@jsegitz@suse.comjsegitz@suse.comtchvatal@suse.comjsegitz@suse.comjsegitz@suse.comjsegitz@suse.comrbrown@suse.comjsegitz@suse.comjsegitz@novell.comjengelh@inai.dejsegitz@novell.comjsegitz@novell.comjsegitz@suse.comcrrodriguez@opensuse.orgvcizek@suse.comvcizek@suse.comp.drouand@gmail.comvcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comaj@suse.demeissner@suse.commvyskocil@suse.czcoolo@suse.comprusnak@opensuse.orgtoddrme2178@gmail.comprusnak@opensuse.orgmeissner@suse.deprusnak@suse.czprusnak@suse.czprusnak@suse.czprusnak@suse.czprusnak@suse.cz- SLE 15 doesn't have the necessary files for policycoreutils-gui, don't build it there- Drop the requirement for selinux-policy for the gui tools.- Drop SLE11 support, needs the audit that is not present on SLE11 - Fix service link to actually work on current releases - Drop SUSE_ASNEEDED=0 as it seems to build fine without it - Do not depend on systemd, just systemd-rpm-macros- Added CVE-2018-1063.patch to prevent chcon from following symlinks in /tmp, /var/tmp, /var/run and /var/lib/debug (bsc#1083624, CVE-2018-1063)- Remove BuildRequires for libcgroup-devel (bsc#1085837)- Removed BuildRequires for setools-devel and added new runtime requirement for python2-networkx- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- Update to policycoreutils version 2.6. Notable changes: * setfiles: reverse the sense of -D option * sandbox: Use dbus-run-session instead of dbus-launch when available * setfiles: Utility to find security.restorecon_last entries * setfiles: Add option to stop setting the digest * hll/pp: Change warning for module name not matching filename to match new behavior * sepolicy: convert to setools4 * sandbox: create a new session for sandboxed processes * sandbox: do not try to setup directories without -X or -M * sandbox: do not run xmodmap in a new X session * sandbox: fix file labels on copied files * semanage: Fix semanage fcontext -D * semanage: Default serange to "s0" for port modify * semanage: Use socket.getprotobyname for protocol * semanage: Add auditing of changes in records * Improve compatibility with Python 3 * Update sandbox types in sandbox manual * hll/pp: Warn if module name different than output filename - Update to sepolgen version 2.6. Notable changes: * Add support for TYPEBOUNDS statement in INTERFACE policy files - Dropped CVE-2016-7545_sandbox_escape.patch- Added CVE-2016-7545_sandbox_escape.patch to fix CVE-2016-7545, bsc#1000998 Sandboxed session could have escaped to the parent session- Trim description in line with other selinux packages- Changes submitted by MargueriteSu: Update to version 2.5 * sepolicy: Do not overwrite CFLAGS, from Nicolas Iooss. * sepolicy: Rename policy global variable conflict, from Nicolas Iooss. * newrole: Add missing defined in #if, from Nicolas Iooss. * newrole: Add description of missing parameter -p in newrole man page, from Lukas Vrabec. * secon: Add missing descriptions for --*-key params in secon man page, from Lukas Vrabec * semanage: List reserve_port_t in semanage port -l, from Petr Lautrbach. * chcat: Add a fallback in case os.getlogin() returns nothing, from Laurent Bigonville. * semanage: fix 'semanage permissions -l' subcommand, from Petr Lautrbach. * semanage: replace string.join() with str.join(), from Petr Lautrbach. * Man page warning fixes, from Ville Skyttä. * sandbox: Fix sandbox to propagate specified MCS/MLS Security Level, from Miroslav Grepl. * semanage: Require at least one argument for 'semanage permissive -d', from Petr Lautrbach. * sepolicy: Improve sepolicy command line interface, from Petr Lautrbach. * audit2allow/why: ignore setlocale errors, from Petr Lautrbach. * semodule: Add --extract/-E, --cil/-c, and --hll/-H to extract modules, from Yuli Khodorkovskiy. * audit2allow: Comment constraint rules in output, from Miroslav Grepl via Petr Lautrbach. * Fix PEP8 issues, from Jason Zaman. * semanage: fix moduleRecords deleteall method, from Stephen Smalley. * Improve compatibility with Python 3, from Michal Srb. * semanage: Set self.sename to sename after calling semanage_seuser_set_sename(), from Laurent Bigonville. * semanage: Fix typo in semanage args for minimium policy store, from Petr Lautrbach. * sepolicy: Only invoke RPM on RPM-enabled Linux distributions, from Sven Vermeulen. * mcstransd: don't reinvent getpeercon, from Stephen Smalley. * setfiles/restorecon: fix -r/-R option, from Petr Lautrbach. * org.selinux.policy: Require auth_admin_keep for all actions, from Stephen Smalley. * hll: Move core functions of pp to libsepol, from James Carter * run_init: Use a ring buffer in open_init_pty, from Jason Zaman. * run_init: fix open_init_pty availability check, from Nicolas Iooss. * Widen Xen IOMEM context entries, from Daniel De Graaf. * Fix -Wformat errors with gcc-5.0.0, from Petr Lautrbach. * Fixed typo/grammatical error, from Christopher Peterson. * Fix typo in semanage-port man page, from Andrew Spiers. Update to version 2.4 * Fix bugs found by hardened gcc flags, from Nicolas Iooss. * Improve support for building with different versions of python from Nicolas Iooss. * Ensure XDG_RUNTIME_DIR is passed through to the sandbox in seunshare, from Dan Walsh * Remove cgroups from sandbox, from Dan Walsh * Try to use setcurrent before setexec in seunshare, from Andy Lutomirski * Stop using the now deprecated flask.h and av_permissions.h, from Stephen Smalley * Add a store root path in semodule, from Yuli Khodorkovskiy * Add a flag to ignore cached CIL files and recompile HLL modules, from Yuli Khodorkovskiy * Add and install HLL compiler for policy packages to CIL. The compiler is installed in /var/libexec/selinux/hll/ by default, from Steve Lawrence * Fixes to pp compiler to better support roles and type attributes, from Yuli Khodorkovskiy * Deprecate base/upgrade/version in semodule. Calling these commands will now call --install on the backend, from Yuli Khodorkovskiy * Add ability to install modules with a specified priority, from Caleb Case * Use /tmp for permissive module creation, by Caleb Case * Update semanage to use new source policy infrastructure, from Jason Dana * Add RuntimeDirectory to mcstrans systemd unit file, from Laurent Bigonville- added Requires: python-yum, yum-metadata-parser to fix sepolicy (bnc#903841)- removed execute permission from systemd unit file- Version 2.3 sepolgen: Add back attributes flag to fix exception crash from Dan Walsh. (drop policycoreutils-sepolgen_missing_attributes.patch) * Add -P semodule option to man page from Dan Walsh. * selinux_current_policy_path will return none on a disabled SELinux system * Add new icons for sepolicy gui from Dan Walsh. * Only return writeable files that are enabled from Dan Walsh. * Add domain to short list of domains, when -t and -d from Dan Walsh. * Fix up desktop files to match current standards from Dan Walsh. * Add support to return sensitivities and categories for python from Dan Walsh. * Cleanup whitespace from Dan Walsh. * Add message to tell user to install sandbox policy from Dan Walsh. * Add systemd unit file for mcstrans from Laurent Bigonville. * Improve restorecond systemd unit file from Laurent Bigonville. * Minor man pages improvements from Laurent Bigonville. * Ignore selevel/serange if MLS is disabled from Sven Vermeulen. * Revert automatic setting of serange and seuser in seobject; was breaking non-MLS systems. * Apply polkit check on all dbus interfaces and restrict to active user from Dan Walsh. * Fix typo in sepolicy gui dbus.relabel_on_boot call from Dan Walsh. * Remove import policycoreutils.default_encoding_utf8 from semanage from Dan Walsh. * Make yum/extract_rpms optional for sepolicy generate from Dan Walsh. * Add test suite for audit2allow and sepolgen-ifgen from Dan Walsh.- sepolgen: add back attributes * fixes build of selinux-policy * policycoreutils-sepolgen_missing_attributes.patch- fix issues which prevented accepting to Factory * mention the dropped patches (merged upstream): - policycoreutils-rhat.patch - policycoreutils-sepolgen.patch- update to version 2.2 * Properly build the swig exception file * Fix man pages * Support overriding PATH and INITDIR in Makefile * Fix LDFLAGS usage * Fix init_policy warning * Fix semanage logging * Open newrole stdin as read/write * Fix sepolicy transition * Support overriding CFLAGS * Create correct man directory for run_init * restorecon GLOB_BRACE change * Extend audit2why to report additional constraint information. * Catch IOError errors within audit2allow * semanage export/import fixes * Improve setfiles progress reporting * Document setfiles -o option in usage * Change setfiles to always return -1 on failure * Improve setsebool error r eporting * Major overhaul of gui * Fix sepolicy handling of non-MLS policy * Support returning type aliases * Add sepolicy tests * Add org.selinux.config.policy * Improve range and user input checking by semanage * Prevent source or target arguments that end with / for substitutions * Allow use of <> for semanage fcontext * Report customized user levels * Support deleteall for restoring disabled modules * Improve semanage error reporting * Only list disabled modules for module locallist * Fix logging * Define new constants for file type character codes * Improve bash completions * Convert semanage to argparse * Add semanage tests * Split semanage man pages * Move bash completion scripts * Replace genhomedircon script with a link to semodule * Fix fixfiles * Add support for systemd service for restorecon * Spelling corrections * Improve sandbox support for home dir symlinks and file caps * Switch sandbox to openbox window manager * Coalesce audit2why and audit2allow * Change audit2allow to append to output file * Update translations * Change audit2why to use selinux_current_policy_path - Update sepolgen to version 1.2 * Return additional constraint information. * Fix bug in calls to attributes * Add support for filename transitions * Fix sepolgen tests - Remove restorecond.service; use upstream service file - Don't provide support for sysvinit and systemd on a same system Use either one or the other- change the source url to the official release tarballs- fixed source url - removed old tarball- update to 2.1.14 * setfiles: estimate percent progress * load_policy: make link at the destination directory * Rebuild polgen.glade with glade-3 * sepolicy: new command to unite small utilities * sepolicy: Update Makefiles and po files * sandbox: use sepolicy to look for sandbox_t * gui: switch to use sepolicy * gui: sepolgen: use sepolicy to generate * semanage: use sepolicy for boolean dictionary * add po file configuration information * po: stop running update-po on all * semanage: seobject verify policy types before allowing you to assign them. * gui: Start using Popen, instead of os.spawnl * sandbox: Copy /var/tmp to /tmp as they are the same inside * qualifier to shred content * semanage: Fix handling of boolean_sub names when using the -F flag * semanage: man: roles instead of role * gui: system-config-selinux: Catch no DISPLAY= error * setfiles: print error if no default label found * semanage: list logins file entries in semanage login -l * semanage: good error message is sepolgen python module missing * gui: system-config-selinux: do not use lokkit * secon: add support for setrans color information in prompt output * restorecond: remove /etc/mtab from default list * gui: If you are not able to read enforcemode set it to False * genhomedircon: regenerate genhomedircon more often * restorecond: Add /etc/udpatedb.conf to restorecond.conf * genhomedircon generation to allow spec file to pass in SEMODULE_PATH * fixfiles: relabel only after specific date * po: update translations * sandbox: seunshare: do not reassign realloc value * seunshare: do checking on setfsuid * sestatus: rewrite to shut up coverity - removed policycoreutils-glibc217.patch (upstream fix) - added patches: * policycoreutils-rhat.patch * policycoreutils-sepolgen.patch * loadpolicy_path.patch- update to 2.1.13 - drop policycoreutils-po.patch.bz2 (updated upstream) - drop policycoreutils-gui.patch.bz2 (added to upstream) - drop sandbox init scripts (shouldn't be needed anymore) - numerous other changes- added service unit for restorecond- semanage needs python-xml and python-ipy to run- Fix compilation with glibc 2.17 (add patch policycoreutils-glibc217.patch extracted from Fedora)- updated policycoreutils to 2.1.10 - adapated patches - updated sepolgen to 1.1.5- fix seceral rpmlint errors and warnings * use /var/adm/fillup-template for sandbox * don't use /var/lock/subsys in any of init script * use set_permissions macro and add correct Requires(pre) * fix the languages to new -lang package * fix policycoreutils-sandbox Group * remove runlevel 4 from inint scripts- patch license to follow spdx.org standard- updated to 2.0.85 * changes too numerous to list- fix a typo in the package group- remove usermode-gtk from Requires of -gui subpackage- remove incorrect and unnecessary rpmlintrc.- fix build by moving _GNU_SOURCE define (gnusource.patch), thx darix- updated to 2.0.79 * changes too numerous to list- disable Requires usermode-gtk- added libsepol-static-devel to BuildRequires- updated to 2.0.62 * Add btrfs to fixfiles from Dan Walsh. * Remove restorecond error for matching globs with multiple hard links and fix some error messages from Dan Walsh. * Make removing a non-existant module a warning rather than an error from Dan Walsh. * Man page fixes from Dan Walsh.build84 15250923092.6-lp150.3.12.6-lp150.3.1seunsharesysconfig.sandboxseunshare.8.gzsandboxsandboxX.shstart/usr/sbin//usr/share/fillup-templates//usr/share/man/man8//usr/share//usr/share/sandbox/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Leap:15.0/standard/4321900e6b428c98e6fc12d71c83b04f-policycoreutilscpioxz5x86_64-suse-linuxsetuid ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=035586dd1d52910bffa7e2c346e42d3322e56243, strippedASCII texttroff or preprocessor input, ASCII text, with very long lines (gzip compressed data, max compression, from Unix)directoryBourne-Again shell script, ASCII text executablea /usr/bin/python -Es script, ASCII text executable RRRRRR RRRR emUкK|_utf-816adc43beb7e1e94ad848f024e5374634f5246a7e0a46da58e0ee5c6934a2437? 7zXZ !t/fO#] crv9uP̊ $qt=@0߰<ǁ)N8>m7*3ZRlZə~n1Եy5e3Dw'Q?/0GЏT# Өxuu@R$#ݹa3mq_( TW&|$t()aj+BsfI˙Ӵjg@/Ӗo'sܔrTgFm:XsD2QM$dxh7-o5c!/JbԼ*cYXMjaԩHnV+^&#o}|t@PrhuYr&a3JT1L_P%+٭k:b=ڄۑϓ30)qS}U; nV6)t~Tڳ?)Mb7}pxQZ?oLO 7%e?aѓIt@g`jRМ<@R{"Q6|:̦ȵ)T0.I\]SDHBʥN:6$+Ԩ:ke[ߊ۫|6hO\*㚒w:mʞIn ed.PݩBMdFKT:L"VAԕ1_4gQBH[qt}.SGTjUeSMWr`l~_&_e:ֈ~x|씚xR'_6.LRf;ONA!$Gcꇨ!5]u=tΫ?J@!/$|G|ĒJ[^))6"`/F3D:onaC7*3@@ u K%żϰG=,E6 ;"զ kC<>ͺQRֹ[ʡڪ2; /FB=CV\VD1>kJ=Gbh; 1K+?hٽ%^3, 0o:8CʣހX#PVA&drP CdgO9b_UuN+b jGRaʭ߱kq뉹 X7z.|0AR)Ѵ`Yr<}(tw$%?xK:E0"ZCc{ehL !nyqړmQU]]09֕<J( [2̏6=g,c':En:rU\tԛF9B~/@"$8e{ˣܷ0==D0[߯R+cu qZӡ|ll1z9<Å=KdȻ+zQFG ;( :=nQ65qXū @ 9m<ΜJ̨ĕo>L* _鲮n?p:JbͶF}+p=b_o&M֕ʱs?_5=lŃ~<a݂Mc]?7? K:v?'=x%ɪ=0lCJW Fbtl6%7jY%)iްZZ햷(2?sRmW2QZ1Ě;u(J̥yiؓ<{d԰PC=䊫H  ;R-x #YvM[n|WbvD[C0 rC-JW">*NŋA&e- G1׎Ϗw]EпA\g}";[%rhآ]]gֹw3V ўB^|Q]Ɩ}4\n\ΰ[hyPR(tz?A4R?Fr[z<7w2cxte*܁^A+0_m1^@ ?vFA Gas$O@BxX¥ȀsiKQ$@ c Yտ6߄y3eJx/k^ט}i Ʈ(\9yda#8z$g10ځ9~b\#o8Zj%c<*NFe {ƖogNtu/#7s&2SH;3zTeFcT^y?9~A8dY^qDTgm]a2B(2i>d3lLHk̑43tYѕiEYOsI0ij-zoæ?WT,n9ѤjeA/VU1e)Td%{>Pa)yT(w,@L$S1!7HBtQ"ʹ@*bD6=`S6)0%bG|9?7Acjάڮn͢@S) `+D8sc`n}~iŎ+(*$)ƄՋm0WK e*z n7&exbw60*|J6AS8Lv0-X!ۊT5c|hawvuq ڑeh5p]wݔ7z~[(, *4L|^|%,/yOX=kU|N_at~-;Ɓ5sˡ0!R\Cy HǰٚH2Sf[6NB j6h =;Fn fD`pe _ 㪨sĒݤ?[!hV]}\kLSzr}\㶥zG6:UoE%t-P C}~JF"b |-꽽M=gY סnPH]Qք#9 5}D* Յ\8-']TG~+^!8^ x[aJ|7GfY*j|hTQ|˞)PqT'Uʿ2p|`~`Rd6"yK369J,%,=4j2Al m9#͸oH5Z +^eW$Ъc,(k@cR6vMYNHɦ6ĩ[Ԟ}M9FF9NGam-ak Ze)(~a&H8Ur65(_NM{9|y27b0CY34MrA=ي {o4m'YXm<P9i@x{tKel`eBWf#Z!pi]|[M11ñK -jPTbjkR}7llahlrom)T]@f"%`/H icf +obZp\\SY ʇ XzY8\Qe96#ԡQ.϶2'}X#t:pWj%Ў*DLy D{& K͜(g ,̘O>3֨sRQY3_zQSvlkml(G=MI3-_pB`&Xy1z+!mTZ6Ky± 9YuAbHyP,O 4kx: TU~)*3eu[ j!ZU`3{Qc mryW<ͻ!&i]uԎO]T-HD>Lq_y"84P?˸S_d1}-%4@r F2دyQ*{j#Yv\9!EⳄ{S6@HلDN%C'cz?)L(G zM7_Ԋ9_]y?x]0#Xoc9[{-K"&nG\Wt1\iƜܣ^\n/\cmߠ¶|?ywhGN XE4frԳg?8RG>~2]<Ȭ D,f?&2CysѓHխJ7 WJ4`Xɒ!b>V|Y; 7b#RTD,f94P, H=CoGG p**:6vkLAl8ü %c4yQ9Rx$ǶQ0qhO]#r$k&Us!@̄9SMf+{۔d˹oZT^y%38A>Y%рL-5y<ޤY4Έ˦Hv&fWQ%k;Zd.U <ڨ,=<'c 9{r9)Q[: XW2Y3Ņf A.s;kvYȢ @204EPHX&~ 3G:Qβ,_>F"E^;e "Hf/5G)d|wrS"BC$s'^Ch/X-u`/.ZJdF#mww Jާ?qw`n$Hu?9໦i˿aNi:/zI.%~&0IQ` /#rf9 s",1!,ox ϐ9jY՚ގqu8KXF=d0co56v`"ucp&r~-apW-7jS?a A}}f$ah@#lG%Jc~ҮAOq!8NǍ>mVmMS,J6xݮ/ l c5L]Ħ.ź :de"u~UuF?G\"pi;}OdV">a  /UC٨WsU=(L1<a&Ӆ|b#2>C؆1ΌґK&z"31KŶfݬ,'$pt˩3(m,֐ 4t^5' +Q/bp; ,<۟S5*%ќ9%b˰?Wϭ\SCE E^?~Ap@K/|&Xר]!lC!zvL48P>J Z'UZ )M{EB?"z*ozs"F)\5)}L 9|#W͆jXGV@EU'2҆b7$?8'6 !ʺ.1jH4g+rb;hL+[yblA~㴛 ۼX>AL))WJkDͮbm-Ag63%K:V+ GOud[=jWT[~[FvP?0bgӊsu f:C .Rd,KظG~3٠y#v$.e?~*~dn֞Oy{o7 ,$I&f0rcMv #.zm `Di;?ظ3K̑wOur2dr~S"m4i%:;F#mbZm}'~v#r)FCyݮ,;itSIzew#^]bKxBV(:S@ YE1"A] uEQ󀦚͏Ż_žu2'ȉfOo] f|;VE eAV|i1G^{</Ehe(sB|P[.M[aϛW@ : U yd@5($Rl!RpYM2DAgrjb=s?weH 7zuƦ@x 4g,"xrShHp񱔹$Υ<`Qv@t(.B~EKY\o؃mjl8sj̾`y5 lnd4Pɺ4I}|ll1,K Dh,F/7B1*[_QЛi )'-}}%1^`B+Һm ←|O~wx,F~H: _߃8C!e3cwyW vaDfm7= ԊAN^Iv}L$/h$F{7:[2'u@2S g_zQ:v?; (B[zHRݢec@Pr =3VN7ceWp_\Jj2>@HQW^JOBES<=x`$V^rbu`t$q~EǤcP 95 Ñ$"@%0^2fkMG \Ba1hӃ]ܰnp2$V@,$c/2bf @ a2C: qr9h(wGA%?[iL UBMlE~᱑2`$Zi*p) d+ =G@)Cb3Hc-&g&X-FMp@ĞTctdݳndlS 4С\|x"l2F2UGi ߠw҅جDS1J6ĵ6f} !ē9Ʈ Kȋ)$]kJʰQLCUr,zjmX?@A \qwυcH 3$! o*jT=eW':٧TucB6Nxlp=6 'l۪K1ILq-C5䲺Xx(FBX٥^Q]aJZG$XB:bw7%*wH!^0xK=()}=F X+C:P@<-f'WgdH"gE6 YZ