openCryptoki-devel-3.12.1-lp152.2.4 >  A ^-/=„x$'$Ms/UHפSa;ZwS1CH}Ep"\ =6 ȣҌMV H&4#7uA@ Dz3V.rj.iVI=Yvp&>¦AvUFPAclw<=riR*Ÿ 9i+ d%gk,#=@1`g|{O- V,r(u>IW?ddaeb8df096ff0f2a475da82bd5ab6a60334a6a5e7170248e3f632303348efa62cc958885f8745a4fe6ab1acf655370ec08f926bt^-/=„*bȊx8T!O`l~RPST|:Q?iYA AB,vkfрʱm|PϋM)̇s3#~+c6'>D{8{FnPp[voyW+vQ hQ:4AL6)^(&׈4|U%`>GmLjE۟vB/͛w7 Ao;y\19*#)J>p;>?>d & tpt|  4 B P l s | Pp(/88#9#:G#F;G;H;I;X<Y<\<,]v>,z>K>\>`>f>CopenCryptoki-devel3.12.1lp152.2.4Development files for openCryptoki, a PKCS#11 implementation for IBM hardwareThe PKCS#11 version 2.01 API implemented for the IBM cryptographic cards. This package includes support for the IBM 4758 cryptographic co-processor (with the PKCS#11 firmware loaded) and the IBM eServer Cryptographic Accelerator (FC 4960 on pSeries).^-lamb10FZopenSUSE Leap 15.2openSUSECPL-1.0https://bugs.opensuse.orgDevelopment/Languages/C and C++https://github.com/opencryptoki/opencryptokilinuxx86_64=(A큤AA^-^-^-^-^-^-^-7e37fd0b7a0f256da60fd09cbbb142ca3b5df52ba4bf305a6c1413bd7dc0cbf71f034b6bffbeee137242958aaaec8712346fb075ba8cdb8b2c431fea98dfc2af12cb16baf5ff8344392cc7a9ce280d2f63567f57cd21c2f944e2fe33596a0a59d0045726b6889869ebb8311058d4771296ca3bb996cae80c53986135011e5a90rootrootrootrootrootrootrootrootrootrootrootrootrootrootopenCryptoki-3.12.1-lp152.2.4.src.rpmopenCryptoki-developenCryptoki-devel(x86-64)    glibc-devellibopenssl-developenldap2-develrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)trousers-devel3.0.4-14.6.0-14.0-15.2-14.14.1^!@]]ʞ]@]nU\f\&@[[@[_ZZw@ZY.@YX@X@X@X~@X2@W@WE@W@WW^@WEW@V<@VqU@U@U#U#U#Tp@Mark Post Mark Post Mark Post Mark Post Mark Post mpost@suse.comJan Engelhardt mpost@suse.commpost@suse.commpost@suse.commpost@suse.commpost@suse.commpost@suse.commpost@suse.commpost@suse.commpost@suse.commpost@suse.commpost@suse.commpost@suse.comjjolly@suse.commpost@suse.commpost@suse.commpost@suse.commpost@suse.commpost@suse.commpost@suse.commpost@suse.comjjolly@suse.comjjolly@suse.comjjolly@suse.comjjolly@suse.comcrrodriguez@opensuse.orgcrrodriguez@opensuse.orgcrrodriguez@opensuse.orgp.drouand@gmail.com- Added oki-3.12-EP11-Fix-EC-uncompress-buffer-length.patch (bsc#1159114) The EP11 token may fail to import an ECC public key. Function C_CreateObject returns CKR_BUFFER_TOO_SMALL in this case.- Upgraded to version 3.12.1 (bsc#1157863) * Fix pkcsep11_migrate tool- Upgraded to version 3.12.0 (jsc#SLE-7647, jsc#SLE-7915, jsc#SLE-7918) * Update token pin and data store encryption for soft,ica,cca and ep11 * EP11: Allow importing of compressed EC public keys * EP11: Add support for the CMAC mechanisms * EP11: Add support for the IBM-SHA3 mechanisms * SOFT: Add AES-CMAC and 3DES-CMAC support to the soft token * ICA: Add AES-CMAC and 3DES-CMAC support to the ICA token * EP11: Add config option USE_PRANDOM * CCA: Use Random Number Generate Long for token_specific_rng() * Common rng function: Prefer /dev/prandom over /dev/urandom * ICA: add SHA*_RSA_PKCS_PSS mechanisms * Bug fixes - Removed obsolete ocki-3.11.1-EP11-Support-tolerated-new-crypto-cards.patch- Added ocki-3.11.1-EP11-Support-tolerated-new-crypto-cards.patch (bsc#1152015) Add support for new IBM crypto card.- Upgraded to version 3.11.1 (Fate#327837) Bug fixes. - Dropped obsolete ocki-3.11-Fix-target_list-passing-for-EP11-session.patch- Added ocki-3.11-Fix-target_list-passing-for-EP11-session.patch (bsc#1123988)- Do not ignore errors from groupadd. If groupadd fails, installation ought not to proceed because files would have the wrong ownership.- Don't hide error messages from the groupadd command. To eliminate a potentially common one, check to see if the pkcs11 group is already defined before trying to add it. - Update the summary for the -devel package. - Changed several PreReq entries to Requires(pre) as a result of the output from spec-cleaner. Removed a couple of obsolete lines. - Removed obsolete check for whether systemd is in use or not.- Upgraded to version 3.11.0 (Fate#325685) * opencryptoki 3.11.0 EP11 enhancements A lot of bug fixes - Reworked the ocki-3.1-remove-make-install-chgrp.patch to apply properly to 3.11, and renamed it to ocki-3.11-remove-make-install-chgrp.patch - Removed obsolete patch ocki-3.5-icsf-coverity-memoryleakfix.patch- Upgraded to version 3.10.0 (Fate#325685) * opencryptoki 3.10.0 Add support to ECC on ICA token and to common code. Add SHA224 support to SOFT token. Improve pkcsslotd logging. Fix sha512_hmac_sign and rsa_x509_verify for ICA token. Fix tracing of session id. Fix and improve testcases. Fix spec file permission for log directory. Fix build warnings. * opencryptoki 3.9.0 Fix token reinitialization Fix conditional man pages EP11 enhancements EP11 EC Key import Increase RSA max key length Fix broken links on documentation Define CK_FALSE and CK_TRUE macros Improve build flags - Dropped obsolete patch ocki-3.8.2-Fix-Hardware-Feature-Object-validation-and-tests.patch - Made multiple changes to the spec file based on spec-cleaner output. - Added an rpmlintrc file to squelch warnings about adding ghost entries for files under /var/lock/opencryptoki/- Added ocki-3.8.2-Fix-Hardware-Feature-Object-validation-and-tests.patch (bsc#1086678)- Re-enabled ARM architectures now that gcc6 is in SLE15. (bsc#1084617)- Upgraded to version 3.8.2 (fate#323295, bsc#1066412) * v3.8.2 Update man pages. Improve ock_tests for parallel execution. Fix FindObjectsInit for hidden HW-feature. Fix to allow vendor defined hardware features. Fix unresolved symbols. Fix tracing. Code/project cleanup. * v3.8.1 Fix TPM data-structure reset function. Fix error message when dlsym fails. Update configure.ac Update travis. * v3.8.0 Multi token instance feature. Added possibility to run opencryptoki with transactional memory or locks (--enable-locks on configure step). Updated documentation. Fix segfault on ec_test. Bunch of small fixes.- Removed ARM architectures from the build list until gcc6 becomes available for SLES. (bsc#1039510).- Updated to version 3.7.0 (Fate#321451) (bsc#1036640) - Update example spec file - Performance improvement. Moving from mutexes to transactional memory. - Add ECDSA SHA2 support for EP11 and CCA. - Fix declaration of inline functions. - Fix wrong testcase and ber en/decoding for integers. - Check for 'flex' and 'YACC' on configure. - EP11 config file rework. - Add enable-debug on travis build. - Add testcase for C_GetOperationState/C_SetOperationState. - Upgrade License to CPL-1.0 - Ica token: fix openssh/ibmpkcs11 engine/libica crash. - Fix segfault and logic in hardware feature test. - Fix spelling of documentation and manuals. - Fix the retrieval of p from a generated rsa key. - Coverity scan fixes - incompatible pointer type and unused variables.- Added libica-tools to the BuildRequires due to repackaging of libica.- Modified the spec file - Changed libca3-devel BuildRequires to just libica-devel - Check for systemd in the 32bit postun scriptlet.- Upgraded to version 3.6.2 (fate#321451) - Support OpenSSL-1.1. - Add Travis CI support. - Update autotools scripts and documentation. - Fix SegFault when a invalid session handle is passed in SC_EncryptUpdate and SC_DecryptUpdate. - Updated spec file to use libica3-devel instead of libica2-devel.- Upgraded to version 3.6.1 (fate#321451) - opencryptoki 3.6.1 - Fix SOFT token implementation of digest functions. - Replace deprecated OpenSSL interfaces. - opencryptoki 3.6 - Replace deprecated libica interfaces. - Performance improvement for ICA. - Improvement in documentation on system resources. - Improvement in testcases. - Added support for rc=8, reasoncode=2028 in icsf token. - Fix for session handle not set in session issue. - Multiple fixes for lock and log directories. - Downgraded a syslog error to warning. - Multiple fixes based on coverity scan results. - Added pkcs11 mapping for icsf reason code 72 for return code 8. - opencryptoki 3.5.1 - Fix Illegal Intruction on pkcscca tool. - Removed the following obsolete patches: - ocki-3.5-sanity-checking.patch - ocki-3.5-icsf-reasoncode72-support.patch - ocki-3.5-downgrade-syslogerror.patch - ocki-3.5-icsf-sessionhandle-missing-fix.patch - ocki-3.5-icsf-reasoncode-2028-added.patch - ocki-3.5-added-NULLreturn-check.patch - ocki-3.5-create-missing-tpm-token-lock-directory.patch - ocki-3.5-fix-pkcscca-calls.patch- Removed reference to pkcs1_startup from pkcsslotd (bsc#1007081)- Added ocki-3.5-fix-pkcscca-calls.patch (bsc#996867).- Added %doc FAQ to the spec file (bsc#991168).- Added ocki-3.5-create-missing-tpm-token-lock-directory.patch (bsc#989602).- Added the following patches (bsc#986854) - ocki-3.5-icsf-reasoncode72-support.patch - ocki-3.5-icsf-coverity-memoryleakfix.patch - ocki-3.5-downgrade-syslogerror.patch - ocki-3.5-icsf-sessionhandle-missing-fix.patch - ocki-3.5-icsf-reasoncode-2028-added.patch - ocki-3.5-added-NULLreturn-check.patch- Added ocki-3.5-sanity-checking.patch (bsc#983496). - Added %dir entry for %{_localstatedir}/log/opencryptoki/ (bsc#983990)- Upgraded to openCryptoki 3.5 (bsc#978005). - Full Coverity scan fixes. - Fixes for compiler warnings. - Added support for C_GetObjectSize in icsf token. - Various bug fixes and memory leak fixes. - Removed global read permissions from token files - Added missing PKCS#11v2.2 constants. - Fix for symbol resolution issue seen in Fedora 22 and 23 for ep11 and cca tokens. - Improvements in socket read operation when a token comes up. - Replaced 32 bit CCA API declarations with latest header from version 5.0 libsculcca rpm.- Upgraded to openCryptoki v3.4.1 (Fate#319576, 319585, 319592, 319938). - Changed BuildRequires for libica_2_3_0-devel to libica2-devel. - Changed BuildRequires for openssl-devel to specify >= 1.0 Contrary to what the README says, version 0.9.7 isn't sufficient. - Removed the redundant DESTDIR= parameter from the %make_install - Removed the following obsolete patches opencryptoki-run-lock.patch (/var/lock and run/lock are actually the same place) Also reverted the changed to openCryptoki-tmp.conf to match. ocki-3.1_10_0001-ica-sha-update-empty-msg.patch ocki-3.1-fix-implicit-decl.patch ocki-3.1-fix-init_d-path.patch ocki-3.1-fix-libica-link.patch ocki-3.2_01_fix-return-type-error.patch ocki-3.2_02_ep11-token-incorrectly-copied-the-public-key-object-.patch ocki-3.2_03_ICSF-Token-C_SignUpdate-was-sometimes-segfaulting-an.patch ocki-3.2_04_CKA_EC_POINT-is-not-required-in-the-ECDSA-private-ke.patch ocki-3.2_05_icsf_ldap_handles.patch ocki-3.2_06_icsf_sign_verify.patch - renamed: ocki-3.1-remove-make-install-chgrp-chmod.patch to ocki-3.1-remove-make-install-chgrp.patch- Get a new ldap handle for each session opened in the icsf token, once the user has authenticated. (bsc#953347,LTC#130078) - ocki-3.2_05_icsf_ldap_handles.patch - ocki-3.2_06_icsf_sign_verify.patch- Added /var/lib/opencryptoki/lite/TOK_OBJ token directory (bsc#943070) - Added ocki-3.2_02_ep11-token-incorrectly-copied-the-public-key-object-.patch - Fixed two public key object inclusion in EP11 token (bsc#946808) - Added ocki-3.2_03_ICSF-Token-C_SignUpdate-was-sometimes-segfaulting-an.patch - Fixed GPF when calling C_SignUpdate using ICFS toekn (bsc#946172) - Added ocki-3.2_04_CKA_EC_POINT-is-not-required-in-the-ECDSA-private-ke.patch - Fixed failure to import ECDSA because of lack of attribute (bsc#948114)- Fixed BuildRequires: libica2-devel - Added ocki-3.2_01_fix-return-type-error.patch - Changing doc/README.ep11_stdll to unix-style EOL - Added BuildRequires: dos2unix - Removed globbing in %files and specified libraries to include (bsc#942162)- Updated to openCryptoki v3.2 (FATE#318240) - Removed unnecessary patches: - ocki-3.1_01_ep11_makefile.patch - ocki-3.1_02_ep11_m_init.patch - ocki-3.1_03_ock_obj_mgr.patch - ocki-3.1_04_ep11_opaque2blob_error_handl.patch - ocki-3.1_05_ep11_readme_update.patch - ocki-3.1_06_0001-print_mechanism-ignored-bad-returncodes-from-the-cal.patch - ocki-3.1_06_0002-Fix-failure-when-confname-is-not-given-use-default-e.patch - ocki-3.1_06_0003-Configure-was-checking-for-the-ep11-lib-and-the-m_in.patch - ocki-3.1_06_0004-The-asm-zcrypt.h-header-file-uses-some-std-int-types.patch - ocki-3.1_06_0005-Small-reworks.patch - ocki-3.1_06_0006-The-31-bit-build-on-s390-showed-an-build-error-at-in.patch - ocki-3.1_06_0007-ep11-is-not-building-because-not-setting-with_zcrypt.patch - ocki-3.1_07_0001-Man-page-corrections.patch - ocki-3.1_08_0001-Add-a-pkcscca-tool-to-help-migrate-cca-private-token.patch - ocki-3.1_08_0002-Add-documentation-pkcscca-manpage-and-README.cca_std.patch - ocki-3.1_09_0001-Fix-EOL-encoding-in-README.patch- Also create parent directory /run/lock/opencryptoki in tmpfiles snippet if it does not exists.- spec: do not use -D__USE_BSD, a glibc-internal macro which no longer has any meaning.- spec: use %{_unitdir} %{_tmpfilesdir) - spec: call tmpfiles_create macro, if defined in %post - opencryptoki-run-lock.patch, openCryptoki-tmp.conf: use /run/lock instead of /var/lock.- Update to version 3.2 +New pkcscca tool. Currently it assists in migrating cca private token objects from opencryptoki version 2 to the clear key encryption method used in opencryptoki version 3. Includes a manpage for pkcscca tool. Changes to README.cca_stdll to assist in using the CCA token and migrating the private token objects. + Support for CKM_RSA_PKCS_OAEP and CKM_RSA_PKCS_PSS algorithms. + Various bugfixes. + New testcases for various crypto algorithms. - Only depend on insserv if builded with sysvinit support - Remove obsolete patches; merged on upstream release + ocki-3.1_01_ep11_makefile.patch + ocki-3.1_02_ep11_m_init.patch + ocki-3.1_03_ock_obj_mgr.patch + ocki-3.1_04_ep11_opaque2blob_error_handl.patch + ocki-3.1_05_ep11_readme_update.patch + ocki-3.1_06_0001-print_mechanism-ignored-bad-returncodes-from-the-cal.patch + ocki-3.1_06_0002-Fix-failure-when-confname-is-not-given-use-default-e.patch + ocki-3.1_06_0003-Configure-was-checking-for-the-ep11-lib-and-the-m_in.patch + ocki-3.1_06_0004-The-asm-zcrypt.h-header-file-uses-some-std-int-types.patch + ocki-3.1_06_0005-Small-reworks.patch + ocki-3.1_06_0006-The-31-bit-build-on-s390-showed-an-build-error-at-in.patch + ocki-3.1_06_0007-ep11-is-not-building-because-not-setting-with_zcrypt.patch + ocki-3.1_07_0001-Man-page-corrections.patch + ocki-3.1_08_0001-Add-a-pkcscca-tool-to-help-migrate-cca-private-token.patch + ocki-3.1_08_0002-Add-documentation-pkcscca-manpage-and-README.cca_std.patch + ocki-3.1_09_0001-Fix-EOL-encoding-in-README.patch + ocki-3.1_10_0001-ica-sha-update-empty-msg.patch - Project is now hosted on sourceforge; fix the Url - Remove cvs related stuff; tarball is produced by upstream - Use %configure macro instead of manually defined options - Build with parallel support; use %{?_smp_mflags} macrolamb10 15896529073.12.1-lp152.2.43.12.1-lp152.2.4opencryptokiapiclient.hec_curves.hpkcs11.hpkcs11types.hopencryptokistdll/usr/include//usr/include/opencryptoki//usr/lib64//usr/lib64/opencryptoki/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Leap:15.2/standard/bc8b3398057e7d130d0c5319dac10109-openCryptokicpioxz5x86_64-suse-linuxdirectoryC source, ASCII textыģY2p ԡutf-8b66c56a4e490843270af87fe57c6363c0c3f6a8c8d380946131e14b63c009fe9?P7zXZ !t/J2] crt:bLL gIeɈ^K-)c^_ϑK-׌zJ=%r-C3|4WsE4ИN7 uA#y<^ $bA <0%x:qd1_ #9$DnzCR3Q !T=u"y\e̩P0r=^[0hF1 s4.|2 Ubz5M7_kuRPŶZ_'g|+><1{#!G9BOC:򈄄sݐ/rF%Ep3,`%1FlWԤƄܒ{cQ8QMlݣ5;Ppkr:&jc0m+\`G;M"ӡQtx9}}ȸ@woJ;tbxou3&xߗdPOX{V˗{^E魓t2' vCKU`\"/80:!N5'7u[cfԓ1˙hB̽4(ƞg=5g]\_0R%72xw`w35sd>b}&APwod)t^4sqy鱅AO $U^Uj\X[-942Q='&ԍT%K!PM >.]LtJYh[˗u܆MR{a&*jkTPKx=ir:c!Pe1UB${ʪl6P͌~_(WT$w-Fymn >OEsT& 5QRb M's Lʒ'Jd Tbi UsŁ{Ow+r *^U(1%s2MaV7Ssܸ\Q$aV|Mn!FIlM Yc=B{ýI,1&T$u|Gb E)[B?,j=Q@erWkD^sv(~ΠNꌛnbnG(E0M.ol^y^G{XŢ^'.z1;o!Vw23Ew? -Yftyi*I# *u#) ޏrK`{ʬlhZacVDkw'l}[[ / 3)ט65d]~`} xwGf;QNtZ^gs[H2ys j@6r1%7ɝήi DS,(ckU&4_Nv˅b%?8 OՋР-o5HIJp^vn3D.`f0F3W>X doz[L7g6z ѦuO'O[~%jqVBd?GĶ;]mۨ!4axgs>m[V1AalQBG&7flol&&e@lSX~GhW.DaRZ *L7؃0[nJ*W Tq5 #(l#&p- ݝny}Bj5wRfg NF908ʘx|fΠWL9˗NG6jRÌ bཧI+?8auE}x=Kح`L4N$@7Oo7 {w4ʬTlV\S_?ȋȮh LCX<` P%,Ylо?96B):o)VsҀ0P ԣtiUjl3{P;^ jlKA֢pӞ~ ^N Zii/^5oxfnmjVP;jB%}BՆ9'ι-P ^D587SdA*:H{b[' Am^jJGHs/:p!+\NZߧ%#j ʖ$㬔=3/3/?p8.ԥ1Q5+/HK@軂9/j"W=v]κTgKh$^DȏiS0*o52vE͜d"~zjx@wueH٠yؾ t,15Sa3Z 7 O OO^F]a9,T4U"铙r6|a/pNӼ=Q "lK)UzO < 3 kPKՁ\'BFUp Yq'RD m 5dI﵄dI[23Z(|1A͢b?d-I59B28m w:1> \7T$(Z_%'.V`z#lm0ҵ߭x0β\G j`gvǵf -Yt*`T0!:/QVNR:* +`0RJiN+] bb *LÙn Gthp6&3#Y,8kVtyC<7|Iۥ]LMGg5.ߘ fH~ucmjm5U=B\vi`E)C4 \Z 2fMK#ةW=Y2[HT.P!=)k޸Ώ! C0yec!qlqMy7iu"L{U9tG⡧ pcɩX J_zYcN+s2Ik$t)Π״*F/K<ݡ{귡i%جH?dc WrsBCTiR*Vj6t=՜u 㙥*Lt ,*4'W$q}wLS^z'V0A.'*3/N-@3znʕ3u$T0#?N%Z2+!+ _;|GP@qVrVǏ!Z͋nl鬗"(d6VcT NJS&W稻u#FG,+]dҚQj!]$,WEt B273OAJ3Qh H 8!xaG@܇we2j\D,_bItИpЅG܄V9Kr&hp:c=? 1zqTm^ C/F!HUͱ`K18Do,!ƛlڣH$H&牧[[.ő8OY9+)3UTD߲w KqdKtr' e[Щy<<;!gˍ?Ć);"Nvb=+g {&^oˤxbn"-i,#:nvhh5v|?l_(% v C3mQ}*XBHMצU"P^6K_cy0=r3۩=2IgE׽h_zt$ڍ׿:+6DoF(a۠ ΀og \JAnND'Ӳ.GS PGx:Z"][,-lNrSኴz; |tUZjQ欀)`En)b *NՊӆw2jÂAYw`ѩ]zfXNw\bpRԱ2\_&w!2~-ĶyA>^ጿ}z ծ/ C<ˤQd3&u*kA$oZ\qʼ8 fyo$×,.Tk9@Gs40>#{Gaa]wI}[)Y{wn:H!,ofXdII-08̶k߭$ѢSQ?~HL|MX^:Ԭć\~[SC٣-Gc6 ~]4/)ޔ?r\E^^ٴK %OqFkۏ[7kx/7\dv"O>ī~Kg)?]ɽڹ>Ni'rA9zIC^ 3IcnȚpr>) 䢾?w|^fY#q;=;7)y 92S6[+r}tJ%]w@#ŐXTBLU㖄{oM(^Nu}E)km:1"lߴsJt9h 4BEU[@3k{,ֆT 0 aAo,mb V\pOZׇۗϗq!ˍ,q,p^36Oe?{86f~PnȻ",%yCf7yýUQǀ|$!@*Un]]wm$BIAK>qoLıQl{] b ~AmBj{%tU3ĠULF%A~p,vp Zm䤗0+mXU.D~k!g#Hq,E?E{V/ax?O.n"+1TT$YtYCAyCwC s)\ysF`ShoЕar{4gz sG]uWm:(;yAH`aPhWzY^*R"T8"=fm"htY6KLM bX$n<+z@ع&/х} cZBf0Mon.[`,jS6R=G|:а\A9 b8;ML8$ʾj&Cܤ ԁ ?4qᣢ`tϜm1 P݉ES 7a`@ @3>yo7ߖZ0k nId=f}&Nr׿ѕdN QOΏM W`7BУdI'-_Bl[G_&;ut  O{I^Y'Nzw\Im{ +AJwe F$y~_}.Ww8 0=ǖ %"Wnؚzq 7-eK_a +<ϟ So=l{]:pQh$>E;&MxŽ>BTUHSt-n' ge ^͞bY?0-{qz/6-xC<OT RR*XDfRa^Rf@.7e=-flԦ<6vebĉy8`%q֯``9Z4@ iYK-f^?WA,l+`s dgҰvP^>U,q:56Fopgi_}~ڝ#66 tv.T^ wPAk8sӒBYd=%ko,b2LYTIj\z 14pDw{Ryբr&[ uC ^A*c+Z\4p_EiӤ Zt^#&G2er Qd71$>N=&Il'OmD^A)35_ּLJ#otqJRjufҧ>+0h® .%N/'RL *0S! 4ԅqbd=j#ag~ַ;>Aʦ'#Kev|b"۫[Fh96;S`h5j40Ӵ@u]'?t8Gk^4>JDB B,{m쬌m 4!NVaxX !ybvR `NfA˶Xh/C6;f_O_wfSq|k/I.%t "__@zҵ,GviaˊV:LaweŅěiFtmp4-B(Ik 1ٮ fH(:4e 1AˊhTy1<_(t\*G*?JI*ol Zi@e&a(#L'tm6d6SA~ݜY9̳4m <IMeoy]?m=_IvY\N)~+l4Z.Qlgh[{bx۫"uM &@ւ+fzx1!ZwJQ3DGKQ}=&X^Z3M6m*݂썺u@NP_d=ܓNM]u\pɬ*NVs$9ݣk֘~:c:YUeAG~Bџu,sdenQ"dzl@f~㊭ȼMe p)tgN *sx3zַo-~W=5I^wHb xFM\İl`,`~& gA]ْ)[Yd,=8,KBR $)Q{K+gF{AxⰠR܌y{BPZ W3J5~[Q v]=%TfGP*}n31$*R*2͚X;F'P-j[:pOoGW}V_8ݝaރqXr@zUTML,sUebQOM< '|^ȇL$B: PrJi%1naw%"A83~XX0V^t*d&]D^^MĦ]:MvBe7GT?B k$݁ܗB=Ϻe7e w(iDʾkKi+)8 xH*_JaWq֋XJһW}H,~ F\~ZB UK@pm""OwС4TZ:Ht ]rDU)BgrarK~1<kaP45i[;MRj GZ6)0eT^vYrPNqqq@HU:j7S%V#'g [/*󘣴ŪϾԑO|MneB~(1ҜJheL2,K&BTmz0#(+]K7[_k݉ODʵU\W})_0ol>=YbOk6.k3 ¶'؇\Ka$wF]fOskeWbvIs2s"$ѥ,ߜ j:XL( e5F KB}Eou f` #8ɴl]gW'"}^E}= H[)2ڧOFgN7fyo52Ig>g A]ȵ&nӻ OmNL,l͒g72eLFSDG oՙsߧ}ђYǃB"zvG)Zs= `~1\1.W pʖ^솗W"8F\.D؉cH€=ȱX1oyxtkD_}O`T sceo{< 6|%@ʰJ0*;G궝5JxYޚ\l6j3Ki>6] z-X3"?v{ *Xu-WSiUݛ 4$Ia*3~:'P5`g%jI7[{<*N|/܆ЃH#K9,Ǐ aKvy]jLKOb&u~:'aޤt ]E#+U{_RtN:gl:LQ~腟$!PXcW;X1XϷֳ8k4e'0q"U< 8%$~tMcd]בz;ZNDIU4= MTb Xn!ہa{ݩ!n)2Mx=<.ɢvG_?%5XpEEk EWm}|d3P]UHy諧 (|RڽP厤J}^plٺ/tA*cGs[tׅڬb ˃ܲ(HeTI Ps{Y`ز֋&b9?rr{Zt6C_.ڋt3Z&Rr#~Nw/8f#MUۃ#{ԊJ =lw 6 r]h@qc{L+ϮFl{Ӽy&o/A񖜲mY$,G3*gؚ$Uz o,M66tʽ\F!j;3x~D=ج}W0ul:0޷R_S-uVwX [؉`8Gع>;(/.6u*8 iB6畐Ёن*dqz;N{X%Ca'8x)~囂zP^WDT^3$5GXqc[mEj0-+$$$BZy}CƇm'c-v٘ yvV_>3Nt@d=x`mk7Ef*p-d9dܕѳ϶ YZ