nscd-2.31-7.30 >  A `p9|M45o!{h:E*vd3!ʃUJ TC,m0m3h<>ݻ4mi'>^B?nM͐9ڴETsˋNhX] ^C,1DuC*1flӠvL N$RL,;7# ,ݿ6^*d+mXEh<~eP!|ŶQ+nƸaҡ,ݭ2lf5W9da7c827ede9f990bb37802a7faf05447faa14a26cc38b908db1155145f374bece119577c76d1ae80bbd7dacc457f7d1516ad2f0 `p9| 4j!]@{Q٦!AvmrP/$ F`!;Ϳ(곶oyCU.}EȭT&'rN&kjLp$W-/< L"\pxa(W'ɠ K8!7t+b:]ZN WMH^%յЏ=ރHh(;dw׈U-O f5T6p G"PnEi]/8Q+#e;V}1c^n_*7:$b :)#Rx\\ a>pI?d   - ?EL ; 8   < K h:T"L"#"(j8t9p:=;>C?K@SB[FaGtHʰIXY Z,[0\8]t^ b^cd^ecfflhu|v͸ wxy@zҌҜҠҦCnscd2.317.30Name Service Caching DaemonNscd caches name service lookups and can dramatically improve performance with NIS, NIS+, and LDAP.`sheep18]USUSE Linux Enterprise 15SUSE LLC GPL-2.0-or-laterhttps://www.suse.com/System/Daemonshttp://www.gnu.org/software/libc/libc.htmllinuxx86_64getent group nscd >/dev/null || /usr/sbin/groupadd -r nscd getent passwd nscd >/dev/null || /usr/sbin/useradd -r -g nscd -c "User for nscd" -s /sbin/nologin -d /run/nscd nscd if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : for service in nscd.service ; do sysv_service=${service%.*} if [ ! -e /usr/lib/systemd/system/$service ] && [ ! -e /etc/init.d/$sysv_service ]; then mkdir -p /run/systemd/rpm/needs-preset touch /run/systemd/rpm/needs-preset/$service elif [ -e /etc/init.d/$sysv_service ] && [ ! -e /var/lib/systemd/migrated/$sysv_service ]; then /usr/sbin/systemd-sysv-convert --save $sysv_service || : mkdir -p /run/systemd/rpm/needs-sysv-convert touch /run/systemd/rpm/needs-sysv-convert/$service fi done fi if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$YAST_IS_RUNNING" != "instsys" ]; then /usr/bin/systemctl daemon-reload || : fi for service in nscd.service ; do sysv_service=${service%.*} if [ -e /run/systemd/rpm/needs-preset/$service ]; then /usr/bin/systemctl preset $service || : rm "/run/systemd/rpm/needs-preset/$service" || : elif [ -e /run/systemd/rpm/needs-sysv-convert/$service ]; then /usr/sbin/systemd-sysv-convert --apply $sysv_service || : rm "/run/systemd/rpm/needs-sysv-convert/$service" || : touch /var/lib/systemd/migrated/$sysv_service || : fi done fi [ -z "${TRANSACTIONAL_UPDATE}" -a -x /usr/bin/systemd-tmpfiles ] && /usr/bin/systemd-tmpfiles --create /usr/lib/tmpfiles.d/nscd.conf || : # Previously we had nscd.socket, remove it test -x /usr/bin/systemctl && /usr/bin/systemctl stop nscd.socket 2>/dev/null || : test -x /usr/bin/systemctl && /usr/bin/systemctl disable nscd.socket 2>/dev/null || : # Hard removal in case the above did not work rm -f /etc/systemd/system/sockets.target.wants/nscd.socket exit 0 test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -eq 0 -a -x /usr/bin/systemctl ]; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable nscd.service || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_STOP_ON_REMOVAL" && . /etc/sysconfig/services test "$DISABLE_STOP_ON_REMOVAL" = yes -o \ "$DISABLE_STOP_ON_REMOVAL" = 1 && exit 0 /usr/bin/systemctl stop nscd.service ) || : fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ $1 -eq 0 ]; then # Package removal for service in nscd.service ; do sysv_service="${service%.*}" rm "/var/lib/systemd/migrated/$sysv_service" || : done fi if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi if [ "$FIRST_ARG" -ge 1 ]; then # Package upgrade, not uninstall if [ -x /usr/bin/systemctl ]; then ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services test "$DISABLE_RESTART_ON_UPDATE" = yes -o \ "$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0 /usr/bin/systemctl try-restart nscd.service ) || : fi fi exit 0 P A큤A큤A큀```````````````e2cdfafd373d24fab07018d0e95dd49510ea6c992b7be2b0611ab23bbc2750b579fe74962fbce2fa9b2a4b92f693b2fd42cbc2ed331fae268de7104879a72df879c9cec5dd2414dcb76d11e75903aa6fd9b7785c897cb9f853edcb140a71b779e9023d64ba6611d491e1def77339a96a1a5f333acbe28c8c7be3a890a4e0389d/sbin/service@YYYYYYYrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootglibc-2.31-7.30.src.rpmconfig(nscd)glibc:/usr/sbin/nscdnscdnscd(x86-64) @@@@@@@@@@@@@@@@@@@    /bin/sh/bin/sh/bin/sh/bin/shconfig(nscd)glibclibaudit.so.1()(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.10)(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.17)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.2)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.7)(64bit)libc.so.6(GLIBC_2.8)(64bit)libc.so.6(GLIBC_2.9)(64bit)libcap.so.2()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2.5)(64bit)libpthread.so.0(GLIBC_2.3.2)(64bit)libpthread.so.0(GLIBC_2.3.3)(64bit)libselinux.so.1()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)shadowsystemdsystemdsystemdsystemd2.31-7.302.313.0.4-14.6.0-14.0-15.2-14.14.1`a@`H`H`?z@`@_T__/@_O@^)@^@^{G^g@^`^U @^&^]@]7@]|@]@]:\@\\]@\@\|\~d[[ͻ[$@[t[r@[qr[^[!@[@Z@ZJ@Z2@ZH@ZZ Z}@ZxG@Zp^@Zp^@Ze@ZKt@Z1@Z/Z@Y@Y@YYܶ@YdY@Y@YY@Y@Y@YW@Y@YJYYw2Yp@YJ_YA%@Y.@Y, @Y, @Y$$@Y"XۡX@XWw@W@W@Ws@Wk@Wj}WYZ@WL+@W3W0{WW V@V@V޾Vm@VIV@VŲ@V`VVV@VLh@V.V$@VVZV VUYU|@UAUȒ@UU@UU4@UUv@U%@U/@U:T@TPTgTܕTء@TO@schwab@suse.derguenther@suse.comrguenther@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dejslaby@suse.comschwab@suse.deschwab@suse.deschwab@suse.deidonmez@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.denormand@linux.vnet.ibm.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.demeissner@suse.comschwab@suse.deschwab@suse.demgorman@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.de- s390-memmove-ifunc-selector-arch13.patch: S390: Also check vector support in memmove ifunc-selector (bsc#1184035, BZ #27511)- Update glibc-2.31-HTM-vzeroupper.diff with a AVX-SSE transition fix.- Add glibc-2.31-HTM-vzeroupper.diff to avoid VZEROUPPER in the AVX2 accelerated string routines which cause HTM transaction aborts. Instead use EVEX or SSE. (bsc#1181403)- nscd-netgroupcache.patch: nscd: Fix double free in netgroupcache (CVE-2021-27645, bsc#1182733, BZ #27462)- gconv-assertion-iso-2022-jp.patch: gconv: Fix assertion failure in ISO-2022-JP-3 module (CVE-2021-3326, bsc#1181505, BZ #27256)- sysvipc-sem-stat-any.patch: sysvipc: Fix SEM_STAT_ANY kernel argument pass (bsc#1180557, BZ #26637)- aarch64-getauxval.patch: aarch64: Accept PLT calls to __getauxval within libc.so (bsc#1167939) - iconv-redundant-shift.patch: iconv: Accept redundant shift sequences in IBM1364 (CVE-2020-27618, bsc#1178386, BZ #26224) - iconv-ucs4-loop-bounds.patch: iconv: Fix incorrect UCS4 inner loop bounds (CVE-2020-29562, bsc#1179694, BZ #26923) - printf-long-double-non-normal.patch: x86: Harden printf against non-normal long double values (CVE-2020-29573, bsc#1179721, BZ #26649) - get-nprocs-cpu-online-parsing.patch: Fix parsing of /sys/devices/system/cpu/online (bsc#1180038, BZ #25859)- power10-support.patch: Add support for POWER10 (jsc#SLE-13520) - iconv-option-parsing.patch: Rewrite iconv option parsing (CVE-2016-10228, bsc#1027496, BZ #19519)- Update to glibc 2.31 - glibc-2.14-crypt.diff, crypt_blowfish-const.patch, crypt_blowfish-1.2-sha.diff, crypt_blowfish-gensalt.patch, crypt_blowfish-1.2-hack_around_arm.diff, glibc-nodate.patch, powerpc-elision-enable-envvar.patch, s390-elision-enable-envvar.patch, crt-nocompress-debug-sections.patch, resolv-context-leak.patch, dl-runtime-resolve-opt-avx512f.patch, libpthread-compat-wrappers.patch, math-c++-compat.patch, remove-nss-nis-compat.patch, eh-frame-zero-terminator.patch, ld-so-hwcap-x86-64.patch, assert-pedantic.patch, getaddrinfo-errno.patch, resolv-conf-oom.patch, dynarray-allocation.patch, nearbyint-inexact.patch, nss-compat.patch, nscd-libnsl.patch, malloc-tcache-leak.patch, falkor-memcpy-memmove.patch, aarch64-cpu-features.patch, nss-files-large-buffers.patch, sysconf-uio-maxiov.patch, glob-tilde-overflow.patch, dl-runtime-resolve-xsave.patch, spawni-assert.patch, x86-64-dl-platform.patch, glob64-s390.patch, tst-tlsopt-powerpc.patch, powerpc-hwcap-bits.patch, malloc-tcache-check-overflow.patch, dl-init-paths-overflow.patch, fillin-rpath-empty-tokens.patch, getcwd-absolute.patch, memalign-overflow.patch, stack-guard-size-accounting.patch, libgcc-rtld-now.patch, res-send-enomem.patch, glibc-fix-avx512-mempcpy.patch, i386-memmove-sse2-unaligned.patch, realpath-ssize-max-overflow.patch, localtime-2039.patch, math-remove-slow-path.patch, aarch64-hwcap-atomics.patch, glibc-fix-aarch64-build.diff, absolute-symbols.patch, x86-haswell-string-flags.patch, pthread-cond-broadcast-waiters-after-spinning.patch, mman-map-sync.patch, mman-linux-map-shared-validate.patch, nptl-setxid-error.patch, pthread-mutex-trylock-barrier.patch, getaddrinfo-parse-ipv4-address.patch, japanese-era-name-may-2019.patch, force-elision-race.patch, regex-read-overrun.patch, regex-parse-reg-exp.patch, 0001-S390-Add-configure-check-to-detect-z10-as-mininum-ar.patch, 0002-S390-Use-hwcap-instead-of-dl_hwcap-in-ifunc-resolver.patch, 0003-S390-Unify-31-64bit-memcpy.patch, 0004-S390-Refactor-memcpy-mempcpy-ifunc-handling.patch, 0005-S390-Remove-s390-specific-implementation-of-bcopy.patch, 0006-S390-Use-memcpy-for-forward-cases-in-memmove.patch, 0007-S390-Add-configure-check-to-detect-z13-as-mininum-ar.patch, 0008-S390-Add-z13-memmove-ifunc-variant.patch, 0009-S390-Add-z13-strstr-ifunc-variant.patch, 0010-S390-Add-z13-memmem-ifunc-variant.patch, 0011-S390-Cleanup-ifunc-resolve.h.patch, 0012-S390-Mark-vx-and-vxe-as-important-hwcap.patch, 0013-S390-Add-new-hwcap-values-for-new-cpu-architecture-a.patch, 0014-S390-Add-configure-check-to-detect-support-for-arch1.patch, 0015-S390-Add-arch13-memmove-ifunc-variant.patch, 0016-S390-Add-arch13-strstr-ifunc-variant.patch, 0017-S390-Add-arch13-memmem-ifunc-variant.patch, prefer-map-32bit-exec.patch, s390-strstr-page-boundary.patch, ppc-tle-htm-nosc.patch, posix-Add-internal-symbols-for-posix_spawn-interface.patch, glibc-2.29-posix-Use-posix_spawn-on-popen.patch, backtrace-powerpc.patch, pthread-rwlock-pwn.patch, manual-memory-protection.patch, ldbl-96-rem-pio2l.patch, dl-sort-maps.patch, dlopen-filter-object.patch, glob-use-after-free.patch, nptl-setxid-race.patch, nscd-senfile.patch, ldd-system-interp.patch, abort-no-flush.patch, fnmatch-collating-elements.patch, nss-files-long-lines-2.patch, iconv-reset-input-buffer.patch, nscd-prune.patch, syslog-locking.patch: Removed. - long-double-alias.patch, glibc-nsswitch-usr.diff, euc-kr-overrun.patch, riscv-syscall-clobber.patch, nscd-gc-cycle.patch: Added.- nscd-senfile.patch: Fix concurrent changes on nscd aware files (bsc#1171878, BZ #23178) - nscd-prune.patch: nscd: bump GC cycle during cache pruning (bsc#1171878, BZ #26130) - syslog-locking.patch: Correct locking and cancellation cleanup in syslog functions (bsc#1172085, BZ #26100)- nptl-setxid-race.patch: nptl: wait for pending setxid request also in detached thread (bsc#1162930, BZ #25942)- glob-use-after-free.patch: Fix use-after-free in glob when expanding ~user (CVE-2020-1752, bsc#1167631, BZ #25414)- dl-sort-maps.patch, dlopen-filter-object.patch: Allow dlopen of filter object to work (bsc#1166106, BZ #16272)- ldbl-96-rem-pio2l.patch: Avoid ldbl-96 stack corruption from range reduction of pseudo-zero (CVE-2020-10029, bsc#1165784, BZ #25487)- pthread-rwlock-pwn.patch: Fix rwlock stall with PREFER_WRITER_NONRECURSIVE_NP (bsc#1164505, BZ #23861) - manual-memory-protection.patch: manual: Document mprotect and introduce section on memory protection (bsc#1163184)- backtrace-powerpc.patch: Fix array overflow in backtrace on PowerPC (CVE-2020-1751, bsc#1158996, BZ #25423)- posix-Add-internal-symbols-for-posix_spawn-interface.patch, glibc-2.29-posix-Use-posix_spawn-on-popen.patch: Use posix_spawn on popen (bsc#1149332, BZ #22834)- ppc-tle-htm-nosc.patch: powerpc: Fix syscalls during early process initialization (SLE-8348, BZ #22685)- s390-strstr-page-boundary.patch: S390: Fix handling of needles crossing a page in strstr z15 ifunc-variant (bsc#1157893, BZ #25226)- prefer-map-32bit-exec.patch: rtld: Check __libc_enable_secure before honoring LD_PREFER_MAP_32BIT_EXEC (CVE-2019-19126, bsc#1157292, BZ [#25204])- GNU1815 - Hardware support in toolchain (bsc#1151582) 0001-S390-Add-configure-check-to-detect-z10-as-mininum-ar.patch 0002-S390-Use-hwcap-instead-of-dl_hwcap-in-ifunc-resolver.patch 0003-S390-Unify-31-64bit-memcpy.patch 0004-S390-Refactor-memcpy-mempcpy-ifunc-handling.patch 0005-S390-Remove-s390-specific-implementation-of-bcopy.patch 0006-S390-Use-memcpy-for-forward-cases-in-memmove.patch 0007-S390-Add-configure-check-to-detect-z13-as-mininum-ar.patch 0008-S390-Add-z13-memmove-ifunc-variant.patch 0009-S390-Add-z13-strstr-ifunc-variant.patch 0010-S390-Add-z13-memmem-ifunc-variant.patch 0011-S390-Cleanup-ifunc-resolve.h.patch 0012-S390-Mark-vx-and-vxe-as-important-hwcap.patch 0013-S390-Add-new-hwcap-values-for-new-cpu-architecture-a.patch 0014-S390-Add-configure-check-to-detect-support-for-arch1.patch 0015-S390-Add-arch13-memmove-ifunc-variant.patch 0016-S390-Add-arch13-strstr-ifunc-variant.patch 0017-S390-Add-arch13-memmem-ifunc-variant.patch- regex-parse-reg-exp.patch: ERE '0|()0|\1|0' causes regexec undefined behavior (CVE-2009-5155, bsc#1127223, BZ #18986) - regex-read-overrun.patch: regex: fix read overrun (CVE-2019-9169, bsc#1127308, BZ #24114)- crt-nocompress-debug-sections.patch: Don't compress debug sections in crt*.o files (bsc#1123710)- ldconfig-concurrency.patch: Avoid concurrency problem in ldconfig (bsc#1117993, BZ #23973)- force-elision-race.patch: Fix race in pthread_mutex_lock while promoting to PTHREAD_MUTEX_ELISION_NP (bsc#1131330, BZ #23275)- japanese-era-name-may-2019.patch: ja_JP locale: Add entry for the new Japanese era (bsc#1100396, BZ #22964)- pthread-mutex-trylock-barrier.patch: pthread_mutex_trylock does not use the correct order of instructions while maintaining the robust mutex list due to missing compiler barriers (bsc#1130045, BZ #24180) - getaddrinfo-parse-ipv4-address.patch: getaddrinfo: Fully parse IPv4 address strings (CVE-2016-10739, bsc#1122729, BZ #20018)- mman-map-sync.patch: Add MAP_SYNC from Linux 4.15 (bsc#1126590) - mman-linux-map-shared-validate.patch: Add MAP_SHARED_VALIDATE from Linux 4.15 (bsc#1126590) - nptl-setxid-error.patch: nptl: Preserve error in setxid thread broadcast in coredumps (bsc#1063675, BZ #22153)- x86-haswell-string-flags.patch: Fix Haswell CPU string flags (bsc#1114984, BZ #23709) - pthread-cond-broadcast-waiters-after-spinning.patch: Fix waiters-after-spinning case (bsc#1114993, BZ #23538)- absolute-symbols.patch: Don't relocate absolute symbols (bsc#1112570, BZ [#19818])- glibc-fix-aarch64-build.diff: Fix build on aarch64 with binutils newer than 2.30.- Add glibc-locale-base subpackage containing only C, C.UTF-8 and en_US.UTF-8 locales (fate#326551)- aarch64-hwcap-atomics.patch: aarch64: add HWCAP_ATOMICS to HWCAP_IMPORTANT (fate#325962)- math-remove-slow-path.patch: Remove slow paths from math routines (fate#325815, fate#325879, fate#325880, fate#325881, fate#325882)- localtime-2039.patch: Fix year 2039 bug for localtime with 64-bit time_t (bsc#1102526, BZ #22639)- i386-memmove-sse2-unaligned.patch: Fix SSE2 memmove issue when crossing 2GB boundary (CVE-2017-18269, bnc#1094150, BZ #22644) - realpath-ssize-max-overflow.patch: Fix overflow in path length computation (CVE-2018-11236, bsc#1094161, BZ #22786) - glibc-fix-avx512-mempcpy.patch: replace with upstream version- Use %license also for COPYING and COPYING.LIB (bsc#1082318)- Add glibc-fix-avx512-mempcpy.patch as quick fix for mempcpy buffer overwrite in memmove-avx512-no-vzeroupper.S for Knights Landing CPUs (CVE-2018-11237, bnc#1094154, bnc#1092877, BZ #23196)- Readd nis to netgroup and automount nss config (bsc#1088860)- res-send-enomem.patch: Fix crash in resolver on memory allocation failure (bsc#1086690, BZ #23005)- Use %license (bsc#1082318)- stack-guard-size-accounting.patch: Fix stack guard size accounting (bsc#1074208, BZ #22637) - libgcc-rtld-now.patch: Open libgcc.so with RTLD_NOW during pthread_cancel (bsc#1074208, BZ #22636)- Mark source0 as nosource in non-main source rpms- Add systemtap-headers to BuildRequires. - Add --enable-systemtap to configure arguments. (fate#324969, bsc#1073636)- memalign-overflow.patch: Fix integer overflows in internal memalign and malloc functions (CVE-2018-6485, CVE-2018-6551, bsc#1079036, BZ #22343, BZ #22774)- fix-locking-in-_IO_cleanup.patch: Skip locked files during exit (bsc#1070491, BZ #15142)- Avoid duplicate source rpm- getcwd-absolute.patch: make getcwd(3) fail if it cannot obtain an absolute path (CVE-2018-1000001, bsc#1074293, BZ #22679)- dl-init-paths-overflow.patch: Count components of the expanded path in _dl_init_path (CVE-2017-1000408, CVE-2017-1000409, bsc#1071319, BZ [#22607], BZ #22627) - fillin-rpath-empty-tokens.patch: Check for empty tokens before dynamic string token expansion (CVE-2017-16997, bsc#1073231, BZ #22625)- tst-tlsopt-powerpc.patch: fix tst-tlsopt-powerpc (bcn#1070419) - powerpc-hwcap-bits.patch: Update HWCAP for powerpc (bnc#1070420) - malloc-tcache-check-overflow.patch: Fix integer overflow in malloc when tcache is enabled (CVE-2017-17426, bnc#1071479, BZ #22375)- Add _multibuild- glob64-s390.patch: no compat glob64 on s390 - noversion.tar.bz2: remove unused source- x86-64-dl-platform.patch: Don't set GLRO(dl_platform) to NULL (BZ #22299)- spawni-assert.patch: Fix improper assert in Linux posix_spawn (BZ [#22273])- math-c++-compat.patch: Add more C++ compatibility (BZ #22296) - malloc-tcache-leak.patch: Fix tcache leak after thread destruction (BZ [#22111]) - falkor-memcpy-memmove.patch: Optimized implementation of memcpy/memmove for Qualcomm Falkor - aarch64-cpu-features.patch: Fix glibc.tune.cpu tunable handling - nss-files-large-buffers.patch: Avoid large buffers with many host addresses (BZ #22078) - sysconf-uio-maxiov.patch: Fix missing definition of UIO_MAXIOV (BZ [#22321]) - glob-tilde-overflow.patch: Fix buffer overflows with GLOB_TILDE (CVE-2017-15670, CVE-2017-15671, CVE-2017-15804, bsc#1064569. bsc#1064580, bsc#1064583, BZ #22320, BZ #22325, BZ #22332) - dl-runtime-resolve-xsave.patch: Use fxsave/xsave/xsavec in _dl_runtime_resolve (BZ #21265)- nscd-libnsl.patch: Remove reference to libnsl from nscd (bsc#1062244)- Drop glibc-obsolete - glibc-2.3.90-noversion.diff: remove - reinitialize-dl_load_write_lock.patch: remove- nss-compat.patch: Move nss_compat from nis to nss subdir and install it unconditionally - nsswitch.conf: switch back to compat for passwd, group, shadow- assert-pedantic.patch: Suppress pedantic warning caused by statement expression (BZ #21242, BZ #21972) - math-c++-compat.patch: Add more C++ compatibility (BZ #22235) - getaddrinfo-errno.patch: Fix errno and h_errno handling in getaddrinfo (BZ #21915, BZ #21922) - resolv-conf-oom.patch: Fix memory handling in OOM situation during resolv.conf parsing (BZ #22095, BZ #22096) - dynarray-allocation.patch: Fix initial size of dynarray allocation and set errno on overflow error - nearbyint-inexact.patch: Avoid spurious inexact in nearbyint (BZ #22225)- math-c++-compat.patch: add more C++ compatibility (BZ #22146)- Remove rpcsvc/yppasswd.* from glibc-devel - ld-so-hwcap-x86-64.patch: add x86_64 to hwcap (bsc#1056606, BZ #22093)- eh-frame-zero-terminator.patch: Properly terminate .eh_frame (BZ #22051)- Disable obsolete libnsl and NIS support - remove-nss-nis-compat.patch: remove nis and compat from default NSS configs - nsswitch.conf: Likewise- math-c++-compat.patch: Do not use __builtin_types_compatible_p in C++ mode (BZ #21930)- Add iconvconfig to baselibs.conf (bsc#1051042)- resolv-context-leak.patch: Fix leaks of resolver contexts - dl-runtime-resolve-opt-avx512f.patch: Use _dl_runtime_resolve_opt only with AVX512F (BZ #21871) - libpthread-compat-wrappers.patch: Don't use IFUNC resolver for longjmp or system in libpthread (BZ #21041)- Update to glibc 2.26 * A per-thread cache has been added to malloc * Unicode 10.0.0 Support * Improvements to the DNS stub resolver * New function reallocarray, which resizes an allocated block (like realloc) to the product of two sizes, with a guaranteed clean failure upon integer overflow in the multiplication * New wrappers for the Linux-specific system calls preadv2 and pwritev2 * posix_spawnattr_setflags now supports the flag POSIX_SPAWN_SETSID, to create a new session ID for the spawned process * errno.h is now safe to use from C-preprocessed assembly language on all supported operating systems * On ia64, powerpc64le, x86-32, and x86-64, the math library now implements 128-bit floating point as defined by ISO/IEC/IEEE 60559:2011 (IEEE 754-2008) and ISO/IEC TS 18661-3:2015 * The synchronization that pthread_spin_unlock performs has been changed to now be equivalent to a C11 atomic store with release memory order to the spin lock's memory location * The DNS stub resolver no longer performs EDNS fallback * res_mkquery and res_nmkquery no longer support the IQUERY opcode * The _res_opcodes variable has been removed from libresolv * no longer includes inline versions of any string functions, as this kind of optimization is better done by the compiler * The nonstandard header has been removed * The obsolete header has been removed * The obsolete signal constant SIGUNUSED is no longer defined by * The obsolete function cfree has been removed * The stack_t type no longer has the name struct sigaltstack * The ucontext_t type no longer has the name struct ucontext * On S/390 GNU/Linux, the constants defined by have been synced with the kernel * Linux kernel 3.2 or later is required at runtime, on all architectures supported by that kernel * The DNS stub resolver limits the advertised UDP buffer size to 1200 bytes, to avoid fragmentation-based spoofing attacks (CVE-2017-12132) * LD_LIBRARY_PATH is now ignored in binaries running in privileged AT_SECURE mode to guard against local privilege escalation attacks (CVE-2017-1000366) * Avoid printing a backtrace from the __stack_chk_fail function since it is called on a corrupt stack and a backtrace is unreliable on a corrupt stack (CVE-2010-3192) * A use-after-free vulnerability in clntudp_call in the Sun RPC system has been fixed (CVE-2017-12133) * fate#322258, fate#321513, fate#322453 - fts-symbol-redirect.patch, glibc-resolv-reload.diff, glibc-2.2-sunrpc.diff, i686-memchr-sse.patch, ld-hwcap-mask-suid.patch, ld-library-path-suid.patch, sunrpc-use-after-free.patch, test-math-vector-sincos-aliasing.patch, tunables-bigendian.patch: Removed- Fix RPM group- s390-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (fate#322271)- ld-hwcap-mask-suid.patch: Ignore and remove LD_HWCAP_MASK for AT_SECURE programs (BZ #21209) - ld-library-path-suid.patch: Completely ignore LD_LIBRARY_PATH for AT_SECURE=1 programs (CVE-2017-1000366, bsc#1039357, BZ #21624)- Remove glibc-cpusetsize.diff, no longer useful- fts-symbol-redirect.patch: Fix symbol redirect for fts_set (bsc#1041123, BZ #21289)- test-math-vector-sincos-aliasing.patch: Fix test-math-vector-sincos.h aliasing- add-locales.patch: renamed from glibc-2.3.locales.diff.bz2, drop en_BE locales (bsc#1039502)- Remove glibc-testsuite.patch, no longer relevant- Use multibuild feature - Remove obsolete check-build.sh - glibc.rpmlintrc: remove obsolete entries - Use %tmpfiles_create in nscd postin- i686-memchr-sse.patch: Fix i686 memchr overflow calculation (bsc#1031021, BZ #21182) - sunrpc-use-after-free.patch: Avoid use-after-free read access in clntudp_call (BZ #21115) - Build testsuite with gdb and python-pexpect to enable more tests- tunables-bigendian.patch: Fix getting tunable values on big-endian (BZ [#21109])- Update to glibc 2.25 * The feature test macro __STDC_WANT_LIB_EXT2__, from ISO/IEC TR 24731-2:2010, is supported to enable declarations of functions from that TR. * The feature test macro __STDC_WANT_IEC_60559_BFP_EXT__, from ISO/IEC TS 18661-1:2014, is supported to enable declarations of functions and macros from that TS. * The feature test macro __STDC_WANT_IEC_60559_FUNCS_EXT__, from ISO/IEC TS 18661-4:2015, is supported to enable declarations of functions and macros from that TS. * The nonstandard feature selection macros _REENTRANT and _THREAD_SAFE are now treated as compatibility synonyms for _POSIX_C_SOURCE=199506L. * The inclusion of by is deprecated. * New features from TS 18661-1:2014 are added to libm: the fesetexcept, fetestexceptflag, fegetmode and fesetmode functions, the femode_t type and the FE_DFL_MODE and FE_SNANS_ALWAYS_SIGNAL macros. * Integer width macros from TS 18661-1:2014 are added to : CHAR_WIDTH, SCHAR_WIDTH, UCHAR_WIDTH, SHRT_WIDTH, USHRT_WIDTH, INT_WIDTH, UINT_WIDTH, LONG_WIDTH, ULONG_WIDTH, LLONG_WIDTH, ULLONG_WIDTH; and to : INT8_WIDTH, UINT8_WIDTH, INT16_WIDTH, UINT16_WIDTH, INT32_WIDTH, UINT32_WIDTH, INT64_WIDTH, UINT64_WIDTH, INT_LEAST8_WIDTH, UINT_LEAST8_WIDTH, INT_LEAST16_WIDTH, UINT_LEAST16_WIDTH, INT_LEAST32_WIDTH, UINT_LEAST32_WIDTH, INT_LEAST64_WIDTH, UINT_LEAST64_WIDTH, INT_FAST8_WIDTH, UINT_FAST8_WIDTH, INT_FAST16_WIDTH, UINT_FAST16_WIDTH, INT_FAST32_WIDTH, UINT_FAST32_WIDTH, INT_FAST64_WIDTH, UINT_FAST64_WIDTH, INTPTR_WIDTH, UINTPTR_WIDTH, INTMAX_WIDTH, UINTMAX_WIDTH, PTRDIFF_WIDTH, SIG_ATOMIC_WIDTH, SIZE_WIDTH, WCHAR_WIDTH, WINT_WIDTH. * New features are added from TS 18661-1:2014: - Signaling NaN macros: SNANF, SNAN, SNANL. - Nearest integer functions: roundeven, roundevenf, roundevenl, fromfp, fromfpf, fromfpl, ufromfp, ufromfpf, ufromfpl, fromfpx, fromfpxf, fromfpxl, ufromfpx, ufromfpxf, ufromfpxl. - llogb functions: the llogb, llogbf and llogbl functions, and the FP_LLOGB0 and FP_LLOGBNAN macros. - Max-min magnitude functions: fmaxmag, fmaxmagf, fmaxmagl, fminmag, fminmagf, fminmagl. - Comparison macros: iseqsig. - Classification macros: iscanonical, issubnormal, iszero. - Total order functions: totalorder, totalorderf, totalorderl, totalordermag, totalordermagf, totalordermagl. - Canonicalize functions: canonicalize, canonicalizef, canonicalizel. - NaN functions: getpayload, getpayloadf, getpayloadl, setpayload, setpayloadf, setpayloadl, setpayloadsig, setpayloadsigf, setpayloadsigl. * The functions strfromd, strfromf, and strfroml, from ISO/IEC TS 18661-1:2014, are added to libc. * Most of glibc can now be built with the stack smashing protector enabled. * The function explicit_bzero, from OpenBSD, has been added to libc. * On ColdFire, MicroBlaze, Nios II and SH3, the float_t type is now defined to float instead of double. * On x86_64, when compiling with -mfpmath=387 or -mfpmath=sse+387, the float_t and double_t types are now defined to long double instead of float and double. * The getentropy and getrandom functions, and the header file have been added. * The buffer size for byte-oriented stdio streams is now limited to 8192 bytes by default. * The header now includes the header. * The malloc_get_state and malloc_set_state functions have been removed. * The “ip6-dotint” and “no-ip6-dotint” resolver options, and the corresponding RES_NOIP6DOTINT flag from have been removed. * The "ip6-bytestring" resolver option and the corresponding RES_USEBSTRING flag from have been removed. * The flags RES_AAONLY, RES_PRIMARY, RES_NOCHECKNAME, RES_KEEPTSIG, RES_BLAST defined in the header file have been deprecated. * The "inet6" option in /etc/resolv.conf and the RES_USE_INET6 flag for _res.flags are deprecated. * DNSSEC-related declarations and definitions have been removed from the header file, and libresolv will no longer attempt to decode the data part of DNSSEC record types. * The resource record type classification macros ns_t_qt_p, ns_t_mrr_p, ns_t_rr_p, ns_t_udp_p, ns_t_xfr_p have been removed from the header file because the distinction between RR types and meta-RR types is not officially standardized, subject to revision, and thus not suitable for encoding in a macro. * The types res_sendhookact, res_send_qhook, re_send_rhook, and the qhook and rhook members of the res_state type in have been removed. * For multi-arch support it is recommended to use a GCC which has been built with support for GNU indirect functions. * GDB pretty printers have been added for mutex and condition variable structures in POSIX Threads. * Tunables feature added to allow tweaking of the runtime for an application program. * A new version of condition variables functions have been implemented in the NPTL implementation of POSIX Threads to provide stronger ordering guarantees. * A new version of pthread_rwlock functions have been implemented to use a more scalable algorithm primarily through not using a critical section anymore to make state changes. * On ARM EABI (32-bit), generating a backtrace for execution contexts which have been created with makecontext could fail to terminate due to a missing .cantunwind annotation. (CVE-2016-6323) * The DNS stub resolver functions would crash due to a NULL pointer dereference when processing a query with a valid DNS question type which was used internally in the implementation. (CVE-2015-5180) - Enable stack protector if part of %optflags - startcontext-cantunwind.patch: Removed - cpuid-assertion.patch: Removed- cpuid-assertion.patch: Don't assert on older Intel CPUs (BZ #20647)- glibc-2.3.3-nscd-db-path.diff: Move persistent nscd databases to /var/lib/nscd - glibc-2.3.90-langpackdir.diff: simplify- Update to glibc 2.24 * The minimum Linux kernel version that this version of the GNU C Library can be used with is 3.2 * The pap_AN locale has been deleted * The readdir_r and readdir64_r functions have been deprecated * The type `union wait' has been removed * A new NSS action is added to facilitate large distributed system administration * The deprecated __malloc_initialize_hook variable has been removed from the API * The long unused localedef --old-style option has been removed * nextupl, nextup, nextupf, nextdownl, nextdown and nextdownf are added to libm * An unnecessary stack copy in _nss_dns_getnetbyname_r was removed (CVE-2016-3075) * Previously, getaddrinfo copied large amounts of address data to the stack, even after the fix for CVE-2013-4458 has been applied, potentially resulting in a stack overflow. getaddrinfo now uses a heap allocation instead (CVE-2016-3706) * The glob function suffered from a stack-based buffer overflow when it was called with the GLOB_ALTDIRFUNC flag and encountered a long file name (CVE-2016-1234) * The Sun RPC UDP client could exhaust all available stack space when flooded with crafted ICMP and UDP messages (CVE-2016-4429) * The IPv6 name server management code in libresolv could result in a memory leak for each thread which is created, performs a failing naming lookup, and exits (CVE-2016-5417) - startcontext-cantunwind.patch: mark __startcontext as .cantunwind (bsc#974800, BZ #20435) - Removed patches: * 0001-Updated-translations-for-2.23.patch * 0002-Regenerate-libc.pot-for-2.23.patch * 0003-Regenerated-configure-scripts.patch * 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch * 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch * 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch * 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch * 0008-Update-NEWS.patch * 0009-sln-use-stat64.patch * 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch * 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch * 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch * 0013-Mention-BZ-19762-in-NEWS.patch * 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch * 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch * 0016-Fix-resource-leak-in-resolver-bug-19257.patch * 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch * 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch * 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch * 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch * 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch * 0022-configure-fix-test-usage.patch * 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch * 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch * 0025-getnameinfo-Do-not-preserve-errno.patch * 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch * 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch * 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch * 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch * 0030-hesiod-Remove-RCS-keywords.patch * 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch * 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch * 0033-malloc-Remove-NO_THREADS.patch * 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch * 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch * 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch * 0037-malloc-Add-missing-internal_function-attributes-on-f.patch * 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch * 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch * 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch * 0041-nss_dns-Check-address-length-before-creating-addrinf.patch * 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch * 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch * 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch * 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch * 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch * 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch * 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch * 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch * 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch * 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch * 0052-Fix-tst-dlsym-error-build.patch * 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch * 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch * 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch * 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch * clntudp-call-alloca.patch * glibc-memset-nontemporal.diff * nis-initgroups-status.patch * nscd-gc-crash.patch * robust-mutex-deadlock.patch * strncat-avoid-array-bounds-warning.patch- strncat-avoid-array-bounds-warning.patch: Avoid array-bounds warning for stncat on i586 (BZ #20260) - Update glibc.keyring - Unset MALLOC_CHECK_ during testsuite run- nsswitch.conf: Add fallback to files for passwd and group to prepare for libnsl removal.- nis-initgroups-status.patch: Return proper status from _nss_nis_initgroups_dyn (bsc#984269, BZ #20262) - robust-mutex-deadlock.patch: Fix generic __lll_robust_timedlock_wait to check for timeout (bsc#985170, BZ #20263)- nscd-gc-crash.patch: Fix nscd assertion failure in gc (bsc#965699, BZ [#19755])- clntudp-call-alloca.patch: do not use alloca in clntudp_call (CVE-2016-4429, bsc#980854, BZ #20112)- Import patches from 2.23 branch 0001-Updated-translations-for-2.23.patch 0002-Regenerate-libc.pot-for-2.23.patch 0003-Regenerated-configure-scripts.patch 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch 0008-Update-NEWS.patch 0009-sln-use-stat64.patch 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch 0013-Mention-BZ-19762-in-NEWS.patch 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch 0016-Fix-resource-leak-in-resolver-bug-19257.patch 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch 0022-configure-fix-test-usage.patch 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch 0025-getnameinfo-Do-not-preserve-errno.patch 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch 0030-hesiod-Remove-RCS-keywords.patch 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch 0033-malloc-Remove-NO_THREADS.patch 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch 0037-malloc-Add-missing-internal_function-attributes-on-f.patch 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch 0041-nss_dns-Check-address-length-before-creating-addrinf.patch 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch 0052-Fix-tst-dlsym-error-build.patch 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch - CVE-2016-3075 CVE-2016-1234 CVE-2016-3706 bsc#973164 bsc#969727 - resolv-mem-leak.patch: renamed to 0016-Fix-resource-leak-in-resolver-bug-19257.patch - no-long-double.patch: renamed to 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch - glibc-gcc6.patch: renamed to 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch- glibc-c-utf8-locale.patch: fix bad standard in LC_IDENTIFICATION categories - glibc-2.3.locales.diff.bz2: likewise- glibc-gcc6.patch: Suppress GCC 6 warning about ambiguous 'else' with - Wparentheses- Add compatibility symlinks for LSB 3.0 (fate#318933)- powerpc-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (bsc#967594, fate#318236)- ldd-system-interp.patch: Restore warning about execution permission, it is still needed for noexec mounts (bsc#915985)- Add C.UTF-8 locale (see https://sourceware.org/glibc/wiki/Proposals/C.UTF-8) and rh#902094 . Added with glibc-c-utf8-locale.patch. - Add glibc-disable-gettext-for-c-utf8.patch to disable gettext for C.UTF-8 same as C locale.- Move %install_info_delete to %preun - crypt_blowfish-1.3.tar.gz.sign: Remove, the sign key is no longer acceptable- no-long-double.patch: Don't use long double functions if NO_LONG_DOUBLE- Update to glibc 2.23 release. * Unicode 8.0.0 Support * sched_setaffinity, pthread_setaffinity_np no longer attempt to guess the kernel-internal CPU set size * The fts.h header can now be used with -D_FILE_OFFSET_BITS=64 * getaddrinfo now detects certain invalid responses on an internal netlink socket * A defect in the malloc implementation, present since glibc 2.15 (2012) or glibc 2.10 via --enable-experimental-malloc (2009), could result in the unnecessary serialization of memory allocation requests across threads * The obsolete header has been removed * The obsolete functions bdflush, create_module, get_kernel_syms, query_module and uselib are no longer available to newly linked binaries * Optimized string, wcsmbs and memory functions for IBM z13. * Newly linked programs that define a variable called signgam will no longer have it set by the lgamma, lgammaf and lgammal functions - Removed patches: * dont-remove-nodelete-flag.patch * openat64-readd-o-largefile.patch * mntent-blank-line.patch * opendir-o-directory-check.patch * strcoll-remove-strdiff-opt.patch * ld-pointer-guard.patch * tls-dtor-list-mangling.patch * powerpc-lock-elision-race.patch * prelink-elf-rtype-class.patch * vector-finite-math-aliases.patch * powerpc-elision-adapt-param.patch * catopen-unbound-alloca.patch * strftime-range-check.patch * hcreate-overflow-check.patch * errorcheck-mutex-no-elision.patch * refactor-nan-parsing.patch * send-dg-buffer-overflow.patch * isinf-cxx11-conflict.patch * ibm93x-redundant-shift-si.patch * iconv-reset-input-buffer.patch * tzset-tzname.patch * static-dlopen.patch- isinf-cxx11-conflict.patch: Fix isinf/isnan declaration conflict with C++11 (bsc#963700, BZ #19439)- tls-dtor-list-mangling.patch: Harden tls_dtor_list with pointer mangling (BZ #19018) - prelink-elf-rtype-class.patch: Keep only ELF_RTYPE_CLASS_{PLT|COPY} bits for prelink (BZ #19178) - vector-finite-math-aliases.patch: Better workaround for aliases of * _finite symbols in vector math library (BZ# 19058) - powerpc-elision-adapt-param.patch: powerpc: Fix usage of elision transient failure adapt param (BZ #19174) - catopen-unbound-alloca.patch: Fix unbound alloca in catopen (CVE-2015-8779, bsc#962739, BZ #17905) - strftime-range-check.patch: Add range check on time fields (CVE-2015-8776, bsc#962736, BZ #18985) - hcreate-overflow-check.patch: Handle overflow in hcreate (CVE-2015-8778, bsc#962737, BZ #18240) - errorcheck-mutex-no-elision.patch: Don't do lock elision on an error checking mutex (bsc#956716, BZ #17514) - refactor-nan-parsing.patch: Refactor strtod parsing of NaN payloads (CVE-2014-9761, bsc#962738, BZ #16962) - send-dg-buffer-overflow.patch: Fix getaddrinfo stack-based buffer overflow (CVE-2015-7547, bsc#961721, BZ #18665) - powerpc-lock-elision-race.patch: renamed from 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- Add audit-devel and libcap-devel to BuildRequires, for use by nscd- reinitialize-dl_load_write_lock.patch: Reinitialize dl_load_write_lock on fork (bsc#958315, BZ #19282)- resolv-mem-leak.patch: Fix resource leak in resolver (bsc#955647, BZ #19257) - tzset-tzname.patch: Force rereading TZDEFRULES after it was used to set DST rules only (BZ #19253)- glibc-2.3.90-noversion.diff: use stat64- ld-pointer-guard.patch: Always enable pointer guard (CVE-2015-8777, bsc#950944, BZ #18928)- strcoll-remove-strdiff-opt.patch: Remove incorrect STRDIFF-based optimization (BZ #18589)- iconv-reset-input-buffer.patch: Fix iconv buffer handling with IGNORE error handler (BZ #18830)- new patch [BZ #18743] PowerPC: Fix a race condition when eliding a lock 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- nss-files-long-lines-2.patch: Properly reread entry after failure in nss_files getent function (bsc#945779, BZ #18991)- fnmatch-collating-elements.patch: Fix fnmatch handling of collating elements (BZ #17396, BZ #16976)- opendir-o-directory-check.patch: Fix opendir inverted o_directory_works test - static-dlopen.patch: Static dlopen default library search path fix (bsc#937853)- mntent-blank-line.patch: Fix memory corruption w/blank lines- dont-remove-nodelete-flag.patch: Don't remove DF_1_NODELETE flag from all loaded objects on failed dlopen - openat64-readd-o-largefile.patch: Readd O_LARGEFILE flag for openat64- Update to glibc 2.22 release. * Cache information can be queried via sysconf() function on s390 * A buffer overflow in gethostbyname_r and related functions performing DNS requests has been fixed. (CVE-2015-1781) * The time zone file parser has been made more robust against crafted time zone files * A powerpc and powerpc64 optimization for TLS, similar to TLS descriptors for LD and GD on x86 and x86-64, has been implemented. * Character encoding and ctype tables were updated to Unicode 7.0.0 * Added vector math library named libmvec * A new fmemopen implementation has been added with the goal of POSIX compliance. * The header is deprecated, and will be removed in a future release. * bsc#905313 bsc#920338 bsc#927080 bsc#928723 bsc#931480 bsc#939211 bsc#940195 bsc#940332 bsc#944494 bsc#968787 - Patches from upstream removed * htm-tabort.patch * o-tmpfile.patch * memcpy-chk-non-SSE2.patch * pthread-mutexattr-gettype-kind.patch * powerpc-software-sqrt.patch * static-tls-dtv-limit.patch * threaded-trim-threshold.patch * resolv-nameserver-handling.patch * nss-separate-state-getXXent.patch * aarch64-sigstksz.patch * heap-top-corruption.patch * pthread-join-deadlock.patch- pthread-join-deadlock.patch: Use IE model for static variables in libc.so, libpthread.so and rtld (bsc#930015, BZ #18457)- glibc-nodate.patch: fix verification of timestamp- also filter out -fstack-protector-strong- getaddrinfo-ipv6-sanity.diff: Remove. It breaks services that start before IPv6 is up (bsc#931399) - glibc-2.3.locales.diff.bz2: Remove sh_YU locales, fix currency for en_BE.- Add /usr/include/gnu/lib-names-.*.h to baselibs - pthread-join-deadlock.patch: Don't require rtld lock to store static TLS offset in the DTV (bsc#930015, BZ #18457) - heap-top-corruption.patch: Do not corrupt the top of a threaded heap if top chunk is MINSIZE (BZ #18502)- threaded-trim-threshold.patch: Fix regression in threaded application malloc performance (bsc#915955, BZ #17195)- aarch64-sigstksz.patch: Increase MINSIGSTKSZ and SIGSTKSZ (BZ #16850)- powerpc-software-sqrt.patch: Fix powerpc software sqrt (BZ #17964, BZ [#17967]) - nss-separate-state-getXXent.patch: Separate internal state between getXXent and getXXbyYY NSS calls (CVE-2014-8121, bsc#918187, BZ #18007) - static-tls-dtv-limit.patch: Fix DTV race, assert, DTV_SURPLUS Static TLS limit, and nptl_db garbage (bsc#919678, BZ #17090, BZ #17620, BZ #17621, BZ #17628)- resolv-nameserver-handling.patch: Replace with simpler version with more compatibility- memcpy-chk-non-SSE2.patch: Fix __memcpy_chk on non-SSE2 CPUs (bsc#920084)- resolv-nameserver-handling.patch: Rewrite handling of nameserver configuration in resolver- htm-tabort.patch: Fix TABORT encoding for little endian- Update to glibc 2.21 release. * A new semaphore algorithm has been implemented in generic C code for all machines * Added support for TSX lock elision of pthread mutexes on powerpc32, powerpc64 and powerpc64le * Optimized strcpy, stpcpy, strchrnul and strrchr implementations for AArch64 * i386 memcpy functions optimized with SSE2 unaligned load/store * New locales: tu_IN, bh_IN, raj_IN, ce_RU * The obsolete sigvec function has been removed * CVE-2015-1472 CVE-2015-1473 CVE-2012-3406 CVE-2014-9402 CVE-2014-7817 bsc#864081 bsc#906371 bsc#909053 bsc#910599 bsc#916222 - Patches from upstream removed * ifunc-x86-slow-sse4.patch * pthread-mutex-trylock-elision.patch - o-tmpfile.patch: Fix value of O_TMPFILE for architectures with non-default O_DIRECTORY (BZ #17912)- Update to crypt_blowfish 1.3. * Add support for the $2b$ prefix. - ifunc-x86-slow-sse4.patch: Fix misdetected Slow_SSE4_2 cpu feature bit (BZ #17501)/bin/sh/bin/sh/bin/sh/bin/shunscdsheep18 1620317181 2.31-7.302.31-7.302.31-7.30 0.48nscd.confnscdnscd.pidsocketnscd.servicetmpfiles.dnscd.confnscdrcnscdnscdgrouphostsnetgrouppasswdservices/etc//run//run/nscd//usr/lib/systemd/system//usr/lib//usr/lib/tmpfiles.d//usr/sbin//var/lib//var/lib/nscd/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:SLE-15-SP3:GA/standard/e678176f9574a47ff2e591d9d3c9fa6a-glibccpioxz5x86_64-suse-linux ASCII textdirectorycannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-7.30.x86_64/run/nscd/nscd.pid' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-7.30.x86_64/run/nscd/socket' (No such file or directory)ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=50dc4ad737ba990f07ac5783a0eebb08e0d10340, for GNU/Linux 3.2.0, strippedcannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-7.30.x86_64/var/lib/nscd/group' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-7.30.x86_64/var/lib/nscd/hosts' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-7.30.x86_64/var/lib/nscd/netgroup' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-7.30.x86_64/var/lib/nscd/passwd' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-7.30.x86_64/var/lib/nscd/services' (No such file or directory)RRRR RR RR RR RRRR RRRRR~m0X.3ǘutf-8dc985beb988f988a5c1577ba6c86e7a662edd6d667359559b924843a169d1775?p7zXZ !t/a*] crv(vX0ШEJ&N~ Z2d ۢGe/]kIJySj6Q:{ =hV]ZRJt.ohRBUAU]n*gPƟ.4z1ȸBjuRO?jl}fj,]kLI̔%Yk\zq_I?=t{Y~*naH왬@UӢ',rbJMtGSD_*Տ7ox\D+ Nɻ&e D0D$zd}oQA,#^"qNy.z@k,TW\sɭPPebsV:<,ӂ 뎒PjHϱH`@h~|!kќĞh'|oC1\]\K/onWA)Cxa4jEVħulLrd("#dHu@䂼 5xL21ȂVsW<')k[ϯi"ol.34ad vTp3ӕS`2알0?= Y}Bv(`㺗2 7tuj 0 oǫX3[oGbj)ېQ"*\O1,(d@vl=x}7~kHf/#K58X,i,zM,ڍR!+`et;)=>.R& FhC5U)(p pkJW .7t8ѮtdY@<V(uD@wm*n?9YM^?.ߕy_(O ͏r٪( -4-QF,Ѹ;h ˤy3e7#NI]w\lb ~JK`)X ;Hѳ!cZyx$dXbtܑvqifa>/eUu8F 23&"z*qY[NPvGG8ǯ/IqiP}!.׼3JkGOnA:8'j'wB<8g+qP6@w}%pz[?AZ-FH5ū7ɵ4ِtu(/0-/w{zaw=i_%ސ_e_Vt{5k4yፚsjp7r?a_M6C}`nB~df>5k]Ӹo;q-*颴 q}q`b5TeOxܾ-dPGѠs=(` JД+7(U50‰0GQ!kR~x)DJv:ȃNw:Ľ@Ot,7>3lUS-|SFc~}C(7s@Nu,:yn^vl.n)j0X҃=w ox#@*~[b'q@CmϐDnS~/$/yo5GU  _ Yxg4TC)XT7~Mb\A͹zo_\< $H >Fۮ!jMO.gb6˺x"%F,\UY&2NiDQB필Jm9,5̑iap22׬Z}FMїPǂ$ܶ6_~( al_Gkjc"SEA `B:y:tlq_eu(.*nhg+}ڀ71cz%@P޻_t@;S3S1NаY1Q %ա^l xI'~ 7o7LlKC,X^ @_~QeWIq)e s&\ɸڻ+&\>WO*? EpMW }tlPP5{⊰ʞN,Z<1 9RMGjm Rڤb5j]I+.:=r|46 D[xM{&S-i|^*Vq#ehG9)_K`gOFG! N!d~|*̟ x01繾/ 3 xm]rdr^VW$ U+(+0%8B)/3voƳ,W++(N޽h\~R^7F9Q*=!>+h_dp wz!\(c/~t\9?a}:0n`횛li 1/NnHXTHe=}׹o%`\1Oo@oIl."xS9 ѵ`12I,'6!|hWΫnZOoD*;|$2'ך`HᇨS-(zZ_npV⤚ XU#zz zZZSbq 7h~_Zͻ =LNEw`)ɾUـJ'͗ q!rRpb"nU*ܶZ`l"X:XaY%{ܠ:pع5'_W|wrhj`z@[%#mbzDPTʠٹ5x଒kN3&xy`H&1Js53=dQ3vLDZ*<6^V/[`0IEs:&e=M/Ň2# ;ˎ̗j0oyBн=[#P`\0St0-.Ceo2DNH# 7x'ЖϽ x T%DO7&i#xK< p\l5]5 12PoK2./#c2!2b'A#4'.m%x_u_M3Mz<ͣg[%&?:86pp3/^aB M`ӹ3ݼ㚨҂rA"lMzJɒqAou@G9&7 }2NO#,գP.צ|F2tR{$/t).X_ZX&op #A:8<pi?5bqb<9q'72 {;&cWFU@(MYƷ?g>Wlzx9&@6\e9VsaT`Q\ z}~ N9bZmؚ1RP}fی\/?6@Jj9=Yt羕M%0(1fC!ԋ/At~G†_@g;LlNߕNҴ04$11I8f ;QS:)jlb.2 ZPwc@p^rh6nI.YquucRle&%Lp%dDq*ղg",?`Eb+PDkO!9nһ1#M D s,SSHB_ɷ^, ;H8$FNwܾHy|4Vt!4Pa%| #V^3\Ld x)0s-jh25,l9Y9 YS{g ѿ`g K?)/7Hx+s8&h.TS߼և?1;z(Bʬ'-88>Pd-*&) ҶQ.L ( -7]A> țacB W! meОȋsL\,͕L6oRlc9<@c?p33i#V.qK߫☘~ VCOBN S+*9[<]W G8b$kiE a )ADrߌS:T(lBvO9V.]`ɞi{}& 8tsT[fp w|DM=fUPUcxTXg 始NæZStnR ?"(ى_,&sKp9٠i<MiMqر5M&]6xc=1dnM_05ꐗ@Hqx?G2L?^04kkq%oX=&;-ʅ2ߚʼn݋'`AqڸT !-drx :5G<\w87h|'TФ=Qv:`\^'dVjJCkշ= xM\IX.5U&枯Ayq9 bO+^gcv<%5U FLȃbĪ=+4͌r鿆|`yΉ9|Kaƈd ܒ͙o쇷f806|Zi$ǤBp5Îgn>X9XO]'hqס$@^%)79x YtJt!;MJޫ,0BWjOOrJ>:Pm_X [9!ynCʹV[4,͹ɸKa2-}v8!-ābB3?G}p4\g[᯸G,z:Z!RcxLkSӆJk嬄ӧ0aT1o8Ab,i(-]śu ۳ED 0\hC$3nBx`IlfV,!Y1ѧ:7s>\-sZğ] |+Z ?}"ߝaW W)۷ɣ,fv>%$ʁPz4[fzjü!:fJo@;P_t[ɸpBQ)t-kHPjPI?V.y5O<`Y-i/_ĉL n]]Neqaq`ddPI^yT7)n)x ab kgzy)˧~FobƣU(Py~6W!鿔qr)@h ` rZt>MG;?b~,ξI<>ďZD—PG &$^Oda{ ˱nL}4OoU| H{Q+𓌆>ҭ: E 2DTĕ5OQRP9 k0mk \ܭu>7LDk{%_g{AC l%EM5)3@.?k';J+3ܹq"b=8 M }')ׂQ:"+$ orR؅|fLƔ^ꚝk :̴YJJQ̹z~o 9i5@P90}㵽 Al_^ EtJ;Hcjn;=#DZfX%Gצ!aI.y. i)k09sy ڢ\o;Ȉ}{6vmc{ 7`σEZ؍V7 c$YnOiCe _,BJ˅uuk$#Ubb?tꋧe rJ>vr~TQZb\{ASq-;&]{b\'9E#o>+n+Q6:uK@C䍐P(,v, 8i9ֱ54*҆fBd-pY־ma+aiK~nR.^7ۡ ۟y +8##1&C_Sb@E-Uc/1ƛ+4xOƐT~010i9'w;w{!&tPޘW&_ޫc >}3H̲rՀ{eĐ t(.5Н Gܛ՗F+Ja(ن "m˖uFJ=Ǣf׫2Ӫc-޻5@$CVi nOGRg3w6:pOE]"+I0iHr _}-R Al}(>ba.ցEG%IQC_V5>{ok9wT\% [}*jz!"%U c Yd :?rם׍+aCBM˺זBE`M% wȓ; 6<O_MY؛_Z:> WX'30501!vf@aT8ŴۜGyF͗EeCu~?zPrh3yn <%EH31ې?"/q ql(9c^xɆ,5y wUp^x'Ep=D~V[:iOb<=d4NЂzV@h*+%)bnO/i _|-, @t}{ !2?6+Y)mUOGB QSԠ$>~kyhc;r{􆶸"Ƕ ךo܍j @CBñ] A{ cVSϔaRXR9vV}X o-_}s0񍁶0-Jˉyu&&gY8!\ &>yP%U 0=Ԛ߀9{ ~q2cpCMOa4,Q~bŘ+J ]׮hKnD1nz\ Aڇ\)6irnEOsw本řbH4^"$Feq.t!,@O]@cpA¨C =,upQӨZ_K74H,QW~_‰\-o&%q,VȮDOFs;Ɍ&\Jkg) B]CTMEHv%;)) >}m=+:_t2?˕#Gﱟ%X5[OE.3Zu ,G\4iE'NЯ.)e45k-{5])U8ع23 gA N,wD_t|f?)ILdXg> HYjŽVpjF NaYķA.v0*6wxɏʛ7B}$yAL Vv>@<4oy+f1C}iz%v\ 5kC)0&ѧ'{S% n TV\R:zڡ'Ҽ ]DM5I׳(5{hyM-ą-XX{w"mY)4=Z%yX]_>H4Q2=ޏ5tw?Xhɦ. XW6))E |0pmO%O4u"*,.w*)A`ԻJe1r&̙ף>ِ}1ʐ؟-(-$z;TAݏl Y fٴ| n"LQ )} (8?MO`ItR}H·е9”-f E~'/}գc}\}xk gfO}6b'0DooqMcr5MUc~eԔIڊ_,\ S$g~^x=6|i I%F.?K[DR U`mJEBo«/cC[ߊM6D+ Z$}syħqRq@u.lǏMqXI9!?T5OqH:jN*"ڕnSmUw36pUIғj?%ޜ&Lߊa8撍WQ감5za*Te bFDv,BGfRt}*Jr%Cdձ˹-)0a^Uhy/ٮ*kKZ4EѦ7&b@M+"CF*dJ0e0<.CG9L^}OnY,+&ƺG$ ^@伝@?m<6Lz \Z <]hf Zٌܼe[j9K?|ZwUY(h*S#BuTbU)ZVf(Nd`wwWfA3ssʡ\|2K'M25$f^ rvٿ4?e@f.M}/,gm BE"y<]z]Y!3$'鵌|4;`_7I@۸|V;t4YxMK=v֎sU]=Isӎ0W+է"KŶENΐaE-wR +EsA?fݿNկS:t׀L\޺KM`c.\W4GU”8_Sw}.aoxpo9+PցbhuSKW1 ~('p#%wA߰UI=sFOvlnd4N[91^tĭ?繕PY~=m㵏n(l2"x<61wu)põM|gO`^ @ yR?.%%df< } IJ?aTĂHʷmh׾LK)Z@}3_899QB0mtӎtP(ӍSMA(bP]`c7JK\;u@##59*E5Jx25v\hn2SxI^mǐٗFbC[nrrΠ$y1M2'R {j)m/ (""YkVA9¯Oǚ-q;iO"(jxv'0|[:N$<'RFr+^>n[ ܋^23?؇Oi( Y:Z_`}щ) *40*%B;7#Q OAg+gY,_u3w5({ ˞L8%A{ U}2ui-[W]bvA@|j~[S(@o$@L  dd/LONvdc2T\k{ Zx ݜQڇT}}[1 ױB6:Qjj?@chDA1"b{nb؈~tR3Lsߵ!kTbE_y#ycj<a@ao7%Gc{G/@—?P46@1kJ.~"ypv3T9m`S & ??kz&fF,Sa i#3zd2:5vᓺET(@ćv`ʇP6›[@RW]3z-f e_ko2F)53yd@?[nLj@ :-ʆxq@uq{ԗq[nN3UW' c?ZU]ZxL@1`zV yӔLc}7:/4zƎgbWb|snriYFk__%dMjhd씻ąF]bKO&͟_~z|vA{矨k lh2V4xxpؠdm LEBm.MVi&.F,ϬKJ4B::TMA}05o-.ʇܢ 2ɽ9`gw Ehr@79b[CDY#7C7go[F0TO$;G)^GZqmxndA/OǠo&Z"+vb2ӝƄ _ΖT̢49[u̙߄/ω{N{v3%s=VSbx52?R4j~BG}D:7GwXosq󷕞ć| /K֑0 5HifbSoS}% w3r{˪8PYVT\cZދqo%XgF&@T=8;o*]:nx7*nBm"Y^PA'-p(~ E<СC9G͙ۂ7ڳcimUU YvXHDl'jC YrI5$Q m%˒P OM"j;]w%&,A:b.`d@?w-PgWytbU,{fX{JAL+W9͖g Oyy=ذ~)6\UЮ0Κ|yuyWqXћR+!3Z %v@E.1]BיRr f 8Va df>lw F Y!hT6걾T+{!5:NHԴǬ4Ӷ2!wb2Y&%?12=V*56m.T$[-/MT^W~=UC7 ԊXW iFIx9ݠ"3,a _T.dξ! 7i+ SH2q>?D>U4ޟ1Zs9ޞŰy`$=_%AAqq| ]PLYtgE?P,E\1+\*:g%`-8 +nGC5Kܩ;g&pݓ)IV5Zrl @:~ϏD^j$cizM /O (řQ^YǞ!:!cɥDP>M..1kV/ARcbFC1wpE{ҟӏ[*Qj jNe=q?2_ήD8FC)H(M~ %xdIԀ6q6)|c!ق²P4!*_Cxc`ԥi*1,P`j5X ̡T(3#ُ%q%+%G=|k?3s5{EI8G=}w8G'TԐ+1IljΉ E1G39,ĉ g6 |A*#sdC)U܋*/p?Hd#a@ j,"D|Q?j~P<{VκB[G#lkgEK vvAt^$PyR.Žv>G hxX/Osd^5Qՠ%_yn 'hYK 45L90$' \l e&򢠚1SxAӅ6Xl;$(y=a&Z*h|ƭHRk aJEd ka 8wҩ@I#{hc"e&'=L[T^FeaWi֒E 7졥or05:PIMZ dv cNB湵±(q?|6Te͗Gs@Y's u=}8J"-L {ڮډ>&"Ĕ>{RgR Q0O;.睠*%XU ;FSP}Y\:2 װD15 ϪFv #45{T̙?U^]fKZf攛{wB|MB!aW,B()n8r/;.RB>a{r_X; _NZd^];|ceeV\AYO,KX˼Wd a݌M5;@aS"Aae;}SR%5LvZ :C6 (ɮ "y(Yeޓ[ +6 mz\߱"*&Kb XbFz,TA./94#om"߀R<(:* Lm' r־@H/qmrِwzX\5xXnwt_(o&{B@7fHX˭}|BY'55,OϽ;8me<-;f$&0OG6nTZዑYH2IDӓe(Q}5}_Gi T;[iKMi[mE_ih'3 0fBnY8 +lTdlT%OZǦ&UD]Ff nX"Q5xsZ*<}8yny/7/47N#I,FGĠ\U>.q$}E\t;9qr>cj|woЪp=w)`Pۤo i9ȥ;͡_zi֟nX*Ȝr\XZ<҃*𠷚CF|-wwS/˓_?w٥"BLznq 40wgu^a'BAY(h@r9:;r6 rl(eMSM Mr<:J4B$dA&-9+~tybeəLr@.^Br=ۀ MBنVaRDQ$aЬЅ>)seמ)]o9[_w=S:C}0zPt  0Co)MwC,I"Z8obΑ̞'@*t$AwftP# QW}hύss; 2kFXz; *-9;YrmԐVs7B8BNu@)?'9 !ѾcPl:z&]gڹ,5Demq&nSZb3Z30 6Y~j\cQ-o=3{qx]2hߐW&KEHr&Yp'Qɱ :( 'TC |5(Q^h`+횬ڤ`AXr" 2a)XBmrnf0!,6֎GAJw(D2ɨїNpyKlqCNHǰK6{JlQHq-X;g\2ua(0}u! U#!TOߣCDDgߒCU9jnaB/}H"G7@&{K-y 70x\3(%,t_m>{r3:ͷv3lZt ͧbmw~5Hm \$4Bb7uZ.4tKl̮VLf$[eV['7MOuVbCf W9O4UpLDHs?ȟGl :T( Ή*Ryb,[i1ӧXz-l6,DfSܛҘs}g ~n z9VNz"膵I. Eb_,R65ys;83Gf%-\ zſ't;jZ5#q`ׇ$7UXo\ʸ8j'mTcM6jd] |cOKzz:Qe|T{NSov{*GhT` g,56H7{*@s0F‗Y<__zIѱg14/eM7hYwm<Trɑ'c{&<7\%Ү4Mt3PL9jU舉;B@UU82@_ō h)Knߒ'Rb  5g*f%FV zxG2J|qIsV7aG@EɘkYg{ cκT;E`)눆q(\#jVS/1$3)q mHɎimc#Pۀ eYC9v' Y xhOy 6Ran9f7Cy,DLdleX"L:>n)_u8ntCM[.l$Kc^Aqh*Hs9Q H6Բ2kEβ)o6{#'Nf}Kј]z?5̭R&}G-;cM5|n|_kSRk/+U"eXЉWDX`:=Hpm['7ͲL;{ %|x.K2ZwJ<}% 3}0YGN9d@%_⢎L\ƻԚPbEhEIsv| aTc:=xҟ)8  jjkʌn 2Ap*]Qɢf{bX %ow7Ff"d΍9^ w&8,4Cu*x߰ +FZҦciӇ4ZYr޺ɹu ֖g/΅],K9o9JgLHZhU0lD"2%Sr' A-3U\Eqzp48)BlMo4 [yKJkg|j\Omq2KB8%'X^sed\XccEgPvrG!*N}Vp^tbx%VK':ORK^yu 7 m\܂RxW`t:[I督4o= Թw~Z|O`7pg{i9 x˔E03F thmT}2 VQsw/k:Fe%-\0!Wa3 kf Дo[uwK(f7o*mwbiF[$t20J͔]#D-ІᖁAcpWGq5HHݜ"gT0kK5zpt"eFr!Lu[BTcxCr-֣y-bOUTiMNٺʽz9Az٦݋MY#^sâ'(M1.!S*b0OȨ"q9a:F@Ֆ3y{Jǎ|qÜM+ۂ^vjl^r`MsH̙{@5'/c{ _6Kw=B'!*SI`ںY,1r|83 L{2; Ȼ50M9[?jsHL'}Uu"Wp=EJkh8T<# \hqlT V~F/t O.ﺰ^bvWvl6Zc^#+0o^R_g:b2'fV&b;(m( !'>6]WfAd"l$aݺ"|kˊs82MkH~h `z)$RevN~&Z?Bvd:RVj^W#1[}x$}#g0Obm©QJ.c0j ];6Na}W=4-*!cјhA`ޣR\?Mm)v@5 mlF `5rϴa 춂AP׫e\rи I!$ZwR%= hhNgšI{q;8B?> ygeDF 'cR&'{բUz0$- u&ļztwB'SϛȎ?IUQe^}xH'uul/Lb"ܪVf86˸>YfGW /?{qt$ctsT͉DL½mT?{Qb|He,ؖF˴uKR" oVrʭA7b 8#d]*sB\zLZ̵M;`$9R?.9Ur [| DZ4k1BL,j*gdA+Zfx} LIᢜW<lX4N(zKXCuYta#Out}t52Ι#Y ֫AXE8 <C4{ტLjuv >[roSΐޙa 9A#jcH= FS9-x=)0& wE=L>N6>;lнLOQ2CV΄ߒLwq(*+SwzF 8xr/C'eՔr_v /j7`؈ ]swБytf`_2`Dud_&LŹ'~+FlosFLGNW0zUkDrAuVLqd1&@ڛG$on nґnGPxܨ1,U_źhSF`Ht}Z,}7_d#|MbHE6Y[j䒑@=_h=4uh'] yh6ZhɎs4!6Ksv, #' ڢ-^h\QHiζ+-J7tMTr@33HxC{0#˘Akr"57eLkڠaꤐH0Bve|SޘJRx/?I4Ih0`mt+^ٵ(=Ðid_> AT?N^"u-QmnF ϶z>ŌkτɄ'`p& @¾yIVI +JB*n~`g\3ADV\ttꝥԖ>ɕ}6qhL۷uro~+7TO)<"%,jZ ʽ.,+~Jxsɪ&Zw0mZN0%Y}MzzO'6i=2Oݰ%+0Es-:p8̛E뼊[Mvfx*[-VC(ƣ!|1+y]uR-+R.ֹZqfY^mt}믈{sL3]ci ZJux,T3ӧމk+n((M&-*}Pn5HZ+ڎ[|26CXo96ۭ E7 -95~ &lQ=\\Mg?nS+ZoGcVY\aaSKw36Be+BP埼9i]nK~kge9o2:vAɶ'^O`pvuU:-zoЁNY!pD8 ޹~~؀@.jZ8SVTlO/[]:h[{'meB!'AW M&v;nI~u[gM5&ڨ7!!!.|\20] pm5kDTx~&dŭνɩ qf%i d@;<B_Ӟn)Gr0d4[Ch\Z:87f.h Ҷt⦯BVN][hȫƅ`(˂xO?aC`ևz~_wRY5ћ꺤H3:}[u"'6咂D.YJuXmIY*w;&NyĸSx[ xY帮C,pxU}*I]h+-v ?d-Jߤ*}pF_p T\ϯF+R`V\ڄ-sݫW?wƻ IOXIv`xYAN0 F#</ cAtf>Ѽf q/ZdmW`^I'P?WTYR[8?_C|=7o/O{~SW kv 2C7`WvIl(0dֺ* W׮G ެUynMJZ*57)Pa'J8вHҒak4ڥhUn$(YYapze'-(!76D5sEf`giJAgqDlNkT*BIOt;HR+t4=,>`ǾֿKāISOaH-D-O&A{hto?Cut=OEF;Umn TuB)5Eff(9Ԑ0<^@AP"'!%J ۇ\.cghR$Oy$}k3p;K2#Oͮ*~ƧcUwq 4R 9$=v]d@ "c?HtR3zvIM=Vi^u[:|hi 8ѓWbCm;> .‰aF\oFl:9tKa7/Gs9`OZ%=ƯJbwā@#i+KiRaZ}zjsKٵ. % 'G(S&*yMXo)b6Bjҏ#yR?dHQ]THT]t8:9-^s}IX=@ )X++(a#$M- %a~(1xW"+=L,wǎ=UF ;f?1RG\SCSϪjsDz iO }V"|GB]d4 ISC> sbAy|3E~ͭ.ph u~8<~G'(@E%i ,$LksJ{H]엠$ZY`.YVMW#+eP[%H5pdJ_ʱ+w;/\x\fYY(٢)?_?UNC9{Tr4p,0aSP=O<}6'7u6!~p ,(#/Fk1n1?%V`9VshZKLSsp󬡻 DARHڵF0}$>kfq>G{}d6QOk)`,%/Xz^ Ul9#42Dn6׽+iL¤ ȧ$\clE' 8ӳ,bX0!wʗGF*C-e[-["tt#ʞ0O4¢֐ [j4 Zta~]Dn}rU"` .! l| ꦰP# P^ƒ?CB6'Bev2 tpIRO@㵔c`N;^Բ(W(]6lu +b4f/= |wa}OwOt!B>^h Bu-k,=q3_YP2(9XK0a,ŨX-2AT1h/9~)pz~=KY, &McΞԽ5 ;4ZuDpfuF lTQw$f0q,KJ㐬9pXLYǽIvFi5y9Ʉw 09+P7{?pw7󟭬K>a6 |GYc ;m>0&^G1lav*w{ wـQ_K/2n19*,%熞@5/=)VtbmmVbFGDC 9DYs/JWZ?m&L=!SY'T'04ٰ~b8ї#Zg@X.Λ,Y<+|)YZF7f%7AwF]E8HƺlFd|>ydϕ2pL8|V Wz|v1b|j٧*b6 ,ԥB?k܌ju^>0?G(x52jC`iYK-3v9~LJIA&.@z};jJ"x Qŏ+r2Cf+ܺ4.)+xH*19 }rItЪOZW+=$:iCYͪ>fH)wu?Avg .I.`-(xY,h'iL?J{(^f))zd7nw3ׄXsf˾)R8^%o"q=Cơ~6}R_ͧ>ʃ T5;Xճ4I i'f iI6&fucF %LF%gcS/4 <=ZZz7^{t=!ߙU%=rBpl"IJ>{@]AY0}XRG S/yXos_*$N{PC7kTsXEkORTt1jtbpmR*,\1ʨBT:# -`ZV4r^ڢ; j3;\:ߺL}pQLiaV|OIDi8//Ϣl|?̈́|?SWz D)*w#7lá ,`Ú԰SRgI왗;F¥OI;ߪI%\L׳ Si(BԄռ Ʉ ‘;i*Аz7GLg@K,ń7NlV:]D)yp^aR vLwȤF-[2[Ӑ8N>@$x)0 д ԚW"Md-&;FK ʍWiK߽̼a畧0'f%+jErtG8&T.`V j ʞ2+OV\慟Hf6K(l߉!*F9i0? [MuB gHE|f&hҗma;[ pX5>ew.|'q`rM@}Jy5@vL^eHL϶-֔cmQ+^ΦKuvs]^F9>sAyQbm ~7uS**X(0:V qRɬ?ߗ'/7r h8qj㳙`7 n>SzšGْ# a1 O"Є \<: 'Tei9h++'q.[dd'dk陋Ɋ8QƄn7Œ6L Έ9пzkAۿ8Hb[&QqٟqM+-,a L=lC}>HIyӢZCJ6g x'qTJ$hDhΉ{5fPHEw8j NA>mXQ뻋l:R&ۼ"9.1Pĵ'*l#{ƾ< @iԷ1 [)]L6&db-QF)z\Pmpa2_gĴUC"o;t/x_{k/+&427ˢUL[j@< dR}嗠!CY/7<`叞~-5z<8 Dj7m_x\$/ik( ·?:WU/dc=N50ĵy5"6{y ¹-}'mĆz72 =p~l']">VڄWiKX!MR%'4u!A!gp"8\ M7D@^t.Ӕf窸C{Tx #廬mlo44OI'@n†24lcOH#cOcߘC5!B,i35/Եbߝ_b% mRCWOk~QPm/SYF5+Q8^qw!ts30?< :L1ƛШiAEKx`A*bӨǖ: (y׽+am+A{cS+'ʠK(8!4TL4iTzZr(%\S\8׾J~{?B!l (PN[,Rh̐WspVJFGzK.f H?!$V`RhJz)lߋk-d^D?~Ш{oʖ<_]_}mE:zu)CEaad!dKM^jp Xm<{k^:xUG(V0,HmcFZUjw/S҆eǞ/vG?[9LАEB£ԪZM 8ޥuN~0`aj/{i*A6ع??3QÍЖyֻ@p\Hcizb)@ ]?s/xF> $l?{yvwp_W}_4L;f ^ ݚcډa;y'.|P=C  dߑb+t|^gyn5ف3VT,=M% }t[4}RueBe4HBVOmK(<ƣ>NzeiR9nM8Շ(ѳ[qmNĂYSY l9\0ˍ%P@ ܺ5Z+0ry$;Ɏ[@ɵEj@im 8@>h(?z]4Q&qG =:SO;Տ2V %SNXʌ' ڭ#SsedM3EdrYW$WlZc\$DbřΞEOHyJ χVW6|2 znFD%f7^V'stFAț.$L[ q<[aL屰ﲩfTOHuH<}ci"ٻU81|<~03ٽ=:&ƂbW?~XXЉ? {e.,(9(^C3!xLJYA%[üjyiŽ<x0Z AA}ɱ:"^`Á ^&j}O)ZG`U}0Vv7J'_G0`x\2 #yq"V ?/ij00Mc]D׈} +l!Wn\f~l>mg9CGGJ='(cVÑcEk ,ߵub*vcOz֩!-}8efXun!EK>9;t,ǐI} E*òW U =S 1Gv{糺St6oA!Hd~S 僕sG ZC ,_^uXnhIntyc %լ6P\G'R._aZ" u^'ou;qV1 0-?} iӤvpy>5h OP(}@V1\-H'f 2o=nY0TX+Kobo9IhVA  >E:I pk}vu5sVǼHGVp0B[M6Pzl=UT-*8Ώ>=,6jj樭҆4 (+<-0))hQ]Ģ gmɝ(u= ~4.A*<>y|P[4(Lja 'X ; MG``6ϺʃJq/ 2d!K4!T_hwE9Icdvb]d\VT΅עwZJ8eB ^mI]Jz6 4rE  roJr8؛cf]t!z:+VZcFhM2M{.KgfyҗNCt GS\'yu#u$X9S&&GIk2nxf# ;&-а٥`"}=GR*`#ڣg1YBqֳ {]-C3%*̑RrbǦ#U~lIh󘵰tTfl~ (P ,I}Iynv0ځp*o/0sRs݁B%e2$/x˚yWaʤEGɭb&% 4՜V!5݄X& ~.}8*nJ= (^1UI\G:z؟[ƻ-l.4`޸@x uPѣjN[?jVǻjlvu6`Q GSL[*VņJg4UeEщ,p%Żg%e)1W)VLfLĸ*Rcb< ND*1rF/ȉQ2=oǴT<':D}_ÕH Kէ-β r̥`vwXf{:x5\>5" pV+x *-Rg}]# *,E,Lmøg=q!*n_]no6eM)v7"8=N;b/M`dE8a#)o"|i$)磽o0C1TQCQG*EM%ETZÅ09JQIF,e^nv;wؼHk רݕ-ej+o.qj67 c;b|0C"$P|]TuOeu!MEt(&y P:k~z3,~Ƙ}QdOϊWDw*|/龮,Z)ri½5Da.Kr׌pUCu.,(r]W>rMł0F@ #pLq>\JHY~k[9${g_` _[/ 'Md%F.؇ ^zD"lXl)`p$ FQKGCɛDl Qվ@7U:)ۭ7pYr,#ۇny2ġrx¢̠)"5 6|"-qtC֌] \IuS~ =}Ŷd'hrǹ8g[YXTk6=O~-?Z}vODlRL;b5 c*l,te*?e{9Jxڝ8؜OBLc{]ϿU&`J#NB˕r?_ UVL:6̆@i&K4y6Y^%*1r'5(" tP 91Bk{-Y;jw(Mx&{05Ejѵ'3@m6\i=߶^f (dMqiGG֋RѸ.Q@ lSz ra ih$DO`Zah ]_1J#$IAQq UGS6RO 6Þ!ANLą#Ø+]-h^ңr4vڭLಽ;oHN! )5U{yڈ!Z) r` e +=+ Ch@T@ bIPιPs kiETny .W[)JvϷ~7:$D9|wno0 ū5ߟdI2C]($?Sۦԝ~2\S8/2Sd:K~옇hϰ_ =' r0|O^$X/FұzS] г[v!u_ͶMPaPxoWXB"Ԓ4Y{jcwxȃJQKw)~D‚ۏu[$~LJ;]_E3O'5Cay ^/*e1 ̭5g. 1?)$6LOݿSQۜJI2v́Ʌ4j<a|U l1 *ox[Q=k\_IWIv8 7xFL2`\Hk ,vC[ X=vU' y/~b귥F;g1QHAa|-wHrY!^aC"xMrX>>Ԙ%ؒw/2ʦnෙQ!G0[D'[,;OflI(sVS355PȜX$C!i_'2Ròз]38Ƣ !I\<@ Y.-,Z"&D_Ea`@w,۸x-0 醲n^7 ؇{~sU"@vq٥S/z-I%Q Uˎ!? U,rfܲ|т]FD)J&ű{-aC2?܌ށk?bfa}fΌH ZxNVuk,RoZiW=4T( :1Y`Ζ)`l2v_|!{KDYz ř'8=C Fs^<dS}3XZy5;l3cS)Zd2jaYo>ٻDžX@a" GO\6Pmšh~DOy,8VP4|sh8|Z{j3T0yZ\Lw2W7Ĭ=KUP7o!.4>;.NW$B ),TyF͍.m\Г|Nַj\FJQ#- IJ o7/DRub`|F^(#*-)Fͧ;Vּjjـ=A PWGL7;RF`T@ S*1C<$ _4}Xk`I{]Y?Zh0lXc,~QP' k_9Jm2Xu${E~B@@n'_7N_"Z13@H5Ƃk*Ze8ϻu{bˍکz#sQ.Iin*g00@;,-(:s&"f^;}$wئսmE4< J1 EDͷJ˨kF2͈Cq(X4X7F$Ul^΅ O!P0aZB30j>,A~O.gXz1 awtQ~NԴp\^݁4̝4a|r_!r};̰)}4;A+6o_]Dkʪ,}4_:|~g(T{s^C3|vd(ʽbV GH"i9̞:3+惦սO %dhs= OJ@u~stx=*Z料/}ް{h8j[.sw&01';-aȒpP9Z:z!_7\SlRϰt$F`Dci'֋`,u+=; XA |!$-O8[hN^q'sWmhu>ڒyl[!q3AfCn=.HdCZsi u>q޷CBxr:7=P$SB 4Rz)>hSDW6+x.RBmɅv0''^Bϖ:9fBkF~߉uC(Dne8_QUI2(qʄJ[wh ֗ +4tlՍXA[EiCWfgPmV_p~k~P<Sէx=SVS7%wcu;fZX8&WH O3E+B0o1B5 (\ ~9ԌAq*(ET^STQsr2"  $duP.Rgb_C.u08t!gYkŨ~pQN)'?ys\tB )H7E[WiX29ur:UDb0Gt>X6r,txg|ƺǷݒcfNC:*W7_Ȧ~jd4TA&r%C:)!4ؚ6iA-ݣKSt$x|#13,0u+N 7 <mCkw<*8N_a,Ht=TEk?Qg8EֿBrru/Nƙar9+tBt bRp($WΪacn>ΝGpX+jaкڭA#<#hR2?6~*Ap4aU]¤}e^mېo F֜buŎ >pCz)L9#Uk3ޢӒ% .ēnFɑ[ԀzKLH@ ^R7a-h@t'ТQRѳ ˬ#>P]tiL@aCXؘ+خ>fR!u+KdmXe u^c{ZH=^EO{DiȻm,|ԷY\q9u${J]Vu&Wn U{#Yq,|.s6mÉ1eRށ:\¬38L^3̯èĥ `BÔ4o}}@鱢vܾ32yX-ڗ-S%BSJj)Jt;i.)Y\Q[N-o0WfPi,֤<9ramǺK +;wZ9iB̽EP CKv7.Vs(T }W:-r7Ώ͔\ c`e%,wI~ #,߷!x!cf_ D+r,.-=v |L-X!dCAOwݝ!y;PPM؃bqHgJ K@ԊH:<%#K] &IMbk]Cl= ` \O8/-/TP/XI!ep1[qs-b@?1$qS S&]8l4TZ~,wJ{(/a%;-6ywwN ]2!ȀN>.panl9[> |sB +MW<- SF)[r~1M`􁜫=!fz:m?Sg8Oo|ؼ IwuH6_/$R?!=<$Ps܈eJ@Bv>ֲ&AE"cqrq.V<Z|!Ҟ/ǑusYA5GP,mWB|}lsİyˣɜ|7~_wzA GP12ϓ' _ 3_`1eCqT1˅ΒƄ%YLCT; hxurΣpP :MGb D&E95]^ 9Ƨ>^5|⇦bh ufTc^BWZYR@~u`2&W|/m5ݱճ^w9@#XQC;2y@1,EH)ˬv(y Ee0t>U( k@ُ[k۴lSGs'+zvF %^.XvR*i~%Z}  UpJ[opɒ(dd[/z"7p peq0ʷw{?gD(+\2K!gGQ@;fćh ls&Z#Cu?ݽgw: 67iZbbhf`=ۇҚ{3tr\)SS\γrL8h6FQ^RΌ waflP-9LtxFs@D3_77<8X81]K/`!H XJTwjt!ħC%'50* ӯHJ-?/esUc+e~sO,&*G mpiיCG5uEz栙šƗ7k '`*E0]ATy1`z$shX%}a㚔Ie?ah AC@tFJܺΧ}nd09%w8 \{lQ4(\\S* & jٵ,^ Uf. i$Z54狉Sf{I'8nM5tg H pg=k9;J~ɸyMrN]z ʠ _OV"u{C؎9. ߊL3:iDٯfwΡq<6O!k_,/! x_Ew:hL* #!)_oYv SL%8a-Y"Sc1 d(@ 㾁N&(hވdx7w:kp)scs͔ tYjs}"@)&6"k!u+N_ݦ2rߑ^b>^cz 3 v)Zj+PGNAYNjB~ ?k[+q!GS%݄e߃ azL~>}V62K,~p!R}CKOA&Sp3ve_$Kd8{6uLe﨑wgX>+ AHE|p[eU 9Rv{a&zcB$s,<}, 3AC\M4-OD'"-ǺGRd@0Yo5Х#O]D):^$ #_t:| 뿌CN4n E5n; n1d0ёka9lbY׬Σd)@w[#:PO RP@կ*h^k"\[β SŠiVF .Wazf}kVs˄DVoyL(q7CH٨/)1}~QQ{k6kg^?2lk'^I: +Xꗎ&?nS{ĕ%́Zf\œAJAG0)@fMʔ6“Ei>6{a ڦ 2CQvGv\wK:2#5'cZb'Ҝ {=T qx| z C˕rQ! s[\s?Ҿ)[OF%l{:e{]뷍.c*Q`yߝkցPSD@J>ϐ'is×MZA•'2 7>s 2sb67,ј˄Y*ExܚE{{9)ļ l@?UZNN<껈b&%j3,ڭmcΖO$IVSQK"QLG%YZCD|%YdyϡٯdR3* %>;u2>A"r N.8 ';o,qw9 JRXF=Dͺ!Vǣ=2lu Uw(/4;bbޥ⭀g JU2=^LY|+upS=q[? CV|f<3ѦIaH oPrb.Ǒ=\i^AR6 ;6f#/%<`QOΣ\ L@^ep1ƪ "qBR-Y3BݽP9DI äieZ,*puNxG/8@(u_vǍ8,f:~+Dl gRm 2G@4o g2 gvJowjE| @ۆ#ǚ|ְOaVW$$I'V\iD9&rѰzԹmoj̕  F*o/h^KOCL,2;s֡_;gtP͆N=_+8}c豦X ߘyyRB+7/Fm X?5aS8Eg=}FIw <,܎wVjDBt7a'-Әa3Z-_bǫKK !.k@Xcv0>vo?D3)yO*uㅐ!c :e1oa1H=k&G1MAur'ոBy?{_ZvöF2+~* 7*>i1/9mXΝ|x e$@9&ee ]tuG~QyN䶑N 6/WԷGs(-w|}*"fl4$9yFei&L2j}f'ճ: _U+Kl(jKvbRpºyo<-qQΣz  k-;r u@|y,8?zn(eR(E;;p.eeGк&;¡ܘiDP—vlmfV5NqCKIm1gGvGiԖ]l8-df3(2Di!i<5ϜA`Ԍz%wFTFךr2Iת>:o>L/l̕x}t, }KbD8HWx=F$O"Jлxq]ݧ}F]L,ULY 2l`caHPt84Ģ@>2ܣǬY[rpJ\ɷCFHJ[ђŷ(LjPވOFKRoI1U2* ّdB`6鷍~i$ѥHL Rm]I[ Se?b1t-}~XDJ9Yp=KPw*ƙ%qzܪCB7TIAx?[tѫN!C=Xn0}iKzY]xE:x{eJi>,WP%|tEџlqqr"#]" EGJ|b2D!-ARx*G1[bʶz΁4?9fEE=eN<%d7$@h8"qZSM֖.+/H[K7yL]| ҩI7-[dRi a hß} e?g"{ atG+4wW:8DԿrAQSђЫ᥈É? We o"B,2%RdaFJ.^JtM51LI %@(/2_yz f Xf 1 cFM;?a oZ:~^i;ٵK٨"\>syoGN$WPnQ?.lvN^Nu%JOYJ*m^!:\2O9|$1fj<1xgRBZR(rPb0emb ܖ;q+t]>뙶`$ 6gWU;ZRw`p X^h}"P眨Sϫ^,`G6=} d]]Nv`2Wq֎:r=p}h,n4Ţ뇓T5plS$#~Ю?FB ..P:#|@g}>9{ {!B!o dd /\p7uE!d_oma@0^$|9׏.@Ҧqq/nXE{[^Gm"an |{_ݦZRZxfSB✩5EnE;gAǴuq{ēDhHT q>A*bo$\3ψyJs䅱EƱ).MK>N{4\Po]aH jVZO44RJEf(G'iD Pޖ,1xt€l%KqDy%pe.C itpDVtcy*Oc_я0NaYO7m3It.fAÕ.v&$FDŽLֲEiЅKZ]IۛN=8PZLʆqݫ&Q 7Smn;ߢ2紞Dbg&G: umd_TBS={фh漝~*bF-4K}3J2(N3xD0xVIyr(PN%LNߘN!1O/v8xHi]vq-T5{ bUPIii-/|M:n@і =𑄊fM_WX-T2Sq3~}a<4sセJЅh{Q_ ymΰ|ޚ.WHC{ܴGǙ}xBzXnC"qIG:| ĝ"d:%#gd G͐u | ~K~$%wIAq(1PP+_b[/u/Q,L<u~?jVUwik>PiБW> :>XkQǓK]GA`ʥ٧ T޵}J4>,Bf|b=7<)E>hqS,t m61y5~|FX5%5AW :?p8]E=53upqesSr-M-xNp5;E-$) K `nEI1VzL$VvZbK@0d@U3>LNcXJ g8-]%mmnbݧd, 2cGyE)3E6-"ÊKRWɶfƉiJ]\ ?r47u.0%v=;D€>-)4 haB4 F|-a8v#4N;tf^V駾Q~R;^aVgMiwj pV]V&Dbհ~R~ Zh ^ R)V̖ւNGjr6@n ~9B{ahm7,2J!J {p msxp•uoRSUŕٺۨmEè4nT֫4?.5BrXxoJ8rim-RZ7"+oNij/UA<)4}o"W*js/*TL_z~TB^Z?xdS&& Gm~2W=+a-*lX+Hl'L bnj[y @:(5EP}k5.DCDP7.v[R+HS$(28m,zYA8nDJe3RWxȫ씏趇zғ_# =k mP976XU#[#+>-ltJfGi UD> p2 lG'`io|aOH5訕`~7m]6"*I0Q X<"!ZUȸ=QϺdyo`m7X C"h9~; 7X5gXk RahϙJrhI E- P",jQ&9Ӂ ;_l_UV+䞏Xk-˼ssQ@A_&l4DxV~D3H*m|RԦ4oNeexQ(%d_niy:rWg1qƫ69~c=Aux쬮$Xy9eGH9D#zP\HBcepݜ*oFxjح'R*"ž>l ^ W.Rbn~%D*oՊ[AX|鐣g짼# UL[m~JDoZ7G5btv " NJjt)X?Ij&TsG(uL_ |;DDZKJP-vⵐrLUɯVgRQ'3@ٮJwAŒmSdbfBX.G=)x5R{ʲ6N51Ң,B_-lNƵPA|(&kR=8V_k ֮!Lx8NI Wi2¦"4Txt1"rYL'"?0+\qз[ގ7=p3ú B@/.xk9JkCcojZi^[v 7=>˩ U$K.+rj , t|pՎ B4c:̑䨵s=@jvVۭIV5I%e@%0|= yd>J )lY0`V2yxcwU. =ݕ݉w7 Fc3n߾?N& jnQx#Ff飂{uA88rUʪԊn>BkR<[mAsE•!jI T)+4 :ē7+0oS2'U̳D9Ŷ|sͶ'}[<}7ctn솩MqAצͳsL5d̥06 I{Z¡UEI 1s0[LQıj޲0 48\/Kp͐ <)MnGOH/>)E }Q4г**VE-)BjLv&n]Ik9iBG~I7γSD780z[E e8XjJ|ZRߙ#-,S U>ٹ7HG%jrk'dg{2㵭 uq-،NGexZ -^DĈ&},rȿ׫W3;\H+7bu7v~R;>_حqG–(&w(=h=ﱆlZ`?jU=Vebon6YG1J\y'4H͂Ձ@]wCdybqƿ Oä$Q=^?!eH9]CP ~R ~nArP~g!Pk.R+R$Oq#ǭjs@Ň9 cp6Gم흣6t^M!SA))@DŽkT:/)k'{EO}ӹ9oRl\$lQO{=K=dE(?jW/Cq )RQnU򺓵 2]v3hi0@;{z籼Ptխ ,;*FL9FY}fBv\w0#h؈ͽd*' /QA;n`GT۴4Eh"m;@_k zU:I;'rT׋c{`F58U)Olj=uzk!*Mi_i sx n{1P2ivW y X 0XP|SqQOE#̈́xn̼Ȭ%& A%p>dȓ,D +٠7I43Ryc]fr~40 Mm}hv{ h 5}k߻:m,X6i+/-߫ $jL=ЯD#H]Ox,Sh^O@&_WxÈOlʳ__8宼;t6,f [Y#]Y"AGcr=1617ҧsY%,:cjFؒ+Tܡta@ :4)SCyE,ޮb檃ߩ#$ 7)IPQ  XXG i:"1[̆V}_Ns!oXxo|Rݮ;m0Rf6X3*Wk4Z1(՘rY 0!rAO(a}Ϗi,"RG-a_E̴\\J!RlHܧ lAՏmLYI̎0}S [{4)rʱ㊀(IAwW&(:xTV]ͺtkuUÞ2f8GWYפ>7LP[KB Pкǥi+i܅ §֍?aal`#IBY Y|[ ,|0[91yq;2V3|~mjm,;onUb(5`Kh|:%gl‘E/Vt|Zs7l|)/7꜃9Y.MH Cii/dC;C 2ج7u}pݼCi3W^o)t͚IjF̬"ݞ(cczI͍|잶$ fߙCfa1HOjɑ:BI{zCX).{sS(Ta3WV̄ag\Gpˋ'Ƥ{kZ鮈IzJڈ C%;cDa]Dzμ)n@xjf `  ,v ҪyI#>Rt%jK*%#9 ar$+kpEHurZLSHb:쿶;3*㕪M<;jΚ&aͲjO *)L#Zn#{wg+ǭfSXt%F ] vun$;Q_9~Z;W0I=(~/뛡(+%+9IpQX&g< &Hk\~b [;HrqǚnN|Fٙ[~"`(ztɟ(@+r,M*URbEz}*s(35pUP!rt0$?" ۏRTXF  ?π?P1GTVLR(aЙ"0"[NT Ƿ{ơu E0'6 `dqJ 7(8wl ߢlN~|n`ZRk% UjiR.f=oO\+g)@ ne1砠Ne&-\o[i`R!?ڐ+k;R @sk%e*4<!;TpY&@lNp|Ebـ~ MCWVAC%;ҙ6ҽ;(RU`ιpzo6Իk{~iERb S_x| XQfC_0~Hd!z+hרĈ*;AeQeޗAlD~rF43z9ƾ\H;X~c_2!E|uL7|>>P.l+ Rt(XRB#qžb$% GE GhFdHU,+RGst0 Ӈ7_:#y-^ tarp=YC;)!G֔vKT@L ѲRR,EҭVq<]쟢|._$D̹ہN][*Oĵ哴fGUf"%>Mc,3cEh%Ċk†}8 !- ޳厇 {fyĚ:hRhRͲB.a1߫2L`m^KV$>p:V]FmE~=MNB)c+ )r[O`~L-} _~lrエ_Z/r [uIǖ@ Ne8$T!4QZ g!oYvUְ -N!j9ZLVSWh藲g<>Cl锍Ō'r> V? FJ㜰trJ.6kD)B(ύ%AL719uk|Y>WAlRKAid s9k?Sq,AA@s2i^cF&ܛ76-LH 0[,g([vdL!k^J|GFcY NމД'JTD|a56;Met[ј? zL ,X皓[a2 Df ۶/|J@PeLu}w # yF+(xE+VY#`SH\T'Pr Q$Ga Rۜ)/5Ey\Uؕ5jD^ )tq"0 u`XxEUKX=PRn{x\X0aL{ g4eOCF[1h wLt|q w4u2kb{Z?lc2[RDF (h_^]$f]S-8iiAzr^DЙjЯ,~vzބ7r*denjR UQV+JZ>`d:90.>en~${Trr2,|1Y|V C>϶Ϫ(5ŏ)V9=/fܽ_֙1C78,o),pIrye>y,IS|NP+jDx}tlɁܘ:dXY"_/lSv-pl Yam災$!U~n//BxVK')N|xN8lL m^0vknt73QٺL:Q=k}UVQ5D&YCBY&i!>1s!:ɠ i*AC8 37GzlKc \i~M{<9i h,b~p}1yo߳$Ivb*E\w z]3#vKetl٠b&.rm47R{ect:IHg=VU 2N;;n4ϩGnqNH,%0/e)<\ٝ52ـDҙxuG3uk61G|u%9%ơ2 yuމ%_z5 ,KntΗmkOd/e%-h?&uwbtd>(oe7fƒS(hvE-HS \'ziG}U)\bLg'BX0D&sCYfxfH<$Y]Ξ93S(Dƞ%|*'d ηyr*ݮAWCHen$ZVjL ?+tL6-39RY@(@Ihm`XҠku5'e -g8m;?>5jQ2UJݝXnZze|&F[);]ML6ϒz?_tQ g@O=stEXP:Q)# .l} Y?kʻAU !`^y;=1) D2C~% d$ qrY͊' &Sx7H\5cQÅ[fO{s|L}'p@`sGl]wn[5b(Y|!9BPԅuGzԉ໖Vp+ ljo5L\Sbr-q~ħgB{ݴ''P^:#;XDJ*  iކ* ' P!{㯛/ e!+2~l\qA/wba͇3csΟ`"$tCN2Y ݋͐68D|bwxf!T9lf"I%Ž7$aĶ[V׍h@gLU=c~'KEp)Ͼi p¸yS(P)YĦpI:ZG .]cshUVzm ;pIMh}m3|\&8зujv 0PdD[Jo.Vݥ,lVWFK{ۺW1-n M76el)]|m*`8ZJ'waku[sL/WV̒<;qa[J JĶ YZ