policycoreutils-newrole-3.1-150400.1.5 >  A bvp9|9|3-1W$$ roҸˮ^E{(޹C *iP'^Ü ܩٵ7H\m$SUps3F"u=ɉ#3m@7"E4[PAْo ;1:%P-ڏ4 z{lE7=p>K"G|=dr'¼;IgGx1搂 d,2rXԗb-D]V1g=UF27b22dfd7d71f643a8b6d2e667fa7aad696794806fd0ce8f71c648203f0f5eb5db64b2bb186c49437028bfd9fcc498016f1d250cqDbvp9|sIE?{?鎯֎"pŀ>πp_ۆy1Z^P{i5UJm Mpq&gmɫqAN>.ȤM(O X*Ҧ5 3;{Yƍ9D.dOZF77Kt &gfg5ynKj5Ur:qQd2|k|~a2B~QUzMJz0F/XTݧUv'C _{>pB?|??ld ) N )?iou       4Hp8`(78'9': '>:C:F:G;H;I;$X;(Y;4\;d];t^;b;c<d<e<f<l<u=v=w>x>y> z? ?? ?&?hCpolicycoreutils-newrole3.1150400.1.5The newrole application for RBAC/MLSRBAC/MLS policy machines require newrole as a way of changing the role or level of a logged-in user.bvs390zl37xXSUSE Linux Enterprise 15SUSE LLC GPL-2.0-or-laterhttps://www.suse.com/Productivity/Securityhttps://github.com/SELinuxProject/selinuxlinuxs390x if [ -x /usr/bin/chkstat ]; then /usr/bin/chkstat -n --set --system /usr/bin/newrole fik@*/큤bvbvbvbv0c0171b7579b3c3e2a69df88a47e9516b97b53ac201795b7904b71c9867248355637880e053ff5644b06a222cb88ba312a9acca245518ff8147bfb8578402838f718e568ba9e86aeabffa77aef9ce5c5ef68e5b9e21847f5ca085f21896b4b92dd0663d9211486b6a18050d5a0217dc64419451f152cca982a4e55a5e416ffcbrootrootrootrootrootrootrootrootpolicycoreutils-3.1-150400.1.5.src.rpmconfig(policycoreutils-newrole)policycoreutils-newrolepolicycoreutils-newrole(s390-64)!@@@@@@@@@@@@@    /bin/sh/bin/shconfig(policycoreutils-newrole)libaudit.so.1()(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.2)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.7)(64bit)libc.so.6(GLIBC_2.8)(64bit)libpam.so.0()(64bit)libpam.so.0(LIBPAM_1.0)(64bit)libpam_misc.so.0()(64bit)libpam_misc.so.0(LIBPAM_MISC_1.0)(64bit)libselinux.so.1()(64bit)libselinux.so.1(LIBSELINUX_1.0)(64bit)permissionspermissionspolicycoreutilsrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.1-150400.1.53.13.0.4-14.6.0-14.0-15.2-14.14.3 /usr/bin/chkstat -n --warn --system -e /usr/bin/newrole 1>&2az_Z@_!d__ @^@^@^f/^^F^W@^M#@]@]@\+@\d\Yz\X)@\R@\8@\3?@\ `\ `[H[%@[$@Z@Z@Z@ZmZ2@ZI@ZZ;@Z@Z XWW\@W~TZ@jsegitz@suse.comjsegitz@suse.comkukuk@suse.comjsegitz@suse.comjsegitz@suse.comdimstar@opensuse.orgjsegitz@suse.dejsegitz@suse.dejsegitz@suse.dejsegitz@suse.dejsegitz@suse.dejsegitz@suse.dejsegitz@suse.dejsegitz@suse.comjsegitz@suse.comjengelh@inai.dejsegitz@suse.combwiedemann@suse.comjsegitz@suse.commrueckert@suse.dejsegitz@suse.comjsegitz@suse.comjsegitz@suse.comjsegitz@suse.comjsegitz@suse.commcepl@suse.comdimstar@opensuse.orgjsegitz@suse.comjsegitz@suse.comtchvatal@suse.comjsegitz@suse.comjsegitz@suse.comjsegitz@suse.comrbrown@suse.comjsegitz@suse.comjsegitz@novell.comjengelh@inai.dejsegitz@novell.comjsegitz@novell.com- Add run_init.pamd.patch to adjust to SUSE pam setup. Removed run_init_use_pam_keyinit.patch and included it in the new patch (bsc#1190098)- Add get_os_version.patch get_os_version is implemented in a very RH/Fedora specific way. Ensure that it returns a valid string for SUSE by changing the default. Also remove the RH specific logic when generating HTML versions of the SELinux documentation- Align more with Fedora spec file to get rid of python dependencies in the core system - create new python-utils sub-package - move some tools to devel sub-package - Cleanup dependencies- Proper default permissions for newrole (4755)- Update to version 3.1 * New `setfiles -E` option - treat conflicting specifications as errors, such as where two hardlinks for the same inode have different contexts. * `setsebool -V` reports errors from commit phase * matchpathcon related interfaces are deprecated * New `restorecon -x` option which prevents it from crossing file system * boundaries. * `sepolgen-ifgen` parses a gen_tunable statement as bool * Removed Requires for python3-ipy as the ipaddress module is used. No requires for python-ipaddress as it's assumed this is used only on recent systems * Drop chcat_join.patch, is upstream- Pass the right value for LIBEXECDIR to make / make install instead of trying to move the file around post install. This caters for the planned change of libexecdir to change from /usr/lib to /usr/libexec by injecting the right value no matter what.- Move pp binary to libexec directory instead of lib- Dropped Recommends: for %{name}-lang and %{name}-devel. Not allowed by openSUSE guidelines- Update to version 3.0 * fixfiles: Fix "verify" option * fixfiles: Fix [-B] [-F] onboot * fixfiles: Force full relabel when SELinux is disabled * semodule: Enable CIL logging * semanage: Add support for DCCP and SCTP protocols * semanage: Do not use default s0 range in "semanage login -a" * semanage: Document DCCP and SCTP support * semanage: Improve handling of "permissive" statements * semanage: fix moduleRecords.customized() Refreshed chcat_join.patch- Ship working pam config for newrole (bsc#1163020) - Recommend policycoreutils-devel to have perm_map file available- Package perm_map as it's used by audit2* tools- Added chcat_join.patch to prevent joining non-existing categories (bsc#1159262)- Added run_init_use_pam_keyinit.patch Added pam_keyinit to the run_init pam config (bsc#1144052)- Update to version 2.9 * secon: free scon_trans before returning * audit2allow/sepolgen-ifgen: show errors on stderr * audit2allow: allow using audit2why as non-root user * chcat: use check_call instead of getstatusoutput * restorecon: add force option * semanage module: Fix handling of -a/-e/-d/-r options * semanage/seobject: Fix listing boolean values * semanage: Drop python shebang from seobject.py * semanage: Fix logger class definition * semanage: Include MCS/MLS range when exporting local customizations * semanage: Load a store policy and set the store SELinux policy root * semanage: Start exporting "ibendport" and "ibpkey" entries * semanage: Stop logging loginRecords changes * semanage: Stop rejecting aliases in semanage commands * semanage: Use standard argparse.error() method in handlePermissive * semanage: do not show "None" levels when using a non-MLS policy * semanage: import sepolicy only when it's needed * semanage: move valid_types initialisations to class constructors * sepolgen: close /etc/selinux/sepolgen.conf after parsing it * sepolgen: fix access vector initialization * sepolgen: fix refpolicy parsing of "permissive" * sepolgen: print all AV rules correctly * sepolgen: refpolicy installs its Makefile in include/Makefile * sepolgen: return NotImplemented instead of raising it * sepolgen: silence linter warning about has_key * sepolgen: use self when accessing members in FilesystemUse * sepolicy: Add sepolicy.load_store_policy(store) * sepolicy: Make policy files sorting more robust * sepolicy: Stop rejecting aliases in sepolicy commands * sepolicy: Update to work with setools-4.2.0 * sepolicy: add missing % in network tab help text * sepolicy: initialize mislabeled_files in __init__() * sepolicy: search() also for dontaudit rules * add xperms support to audit2allow * replace aliases with corresponding type names - Dropped python3.patch, upstream now- Make sure current devel package conflicts with old policycoreutils-python (bsc#1124437)- Replace overly complicated %setup calls.- Removed hardcoded python 3.6 path from spec file- Fix build with python 3.7- Required python3-policycoreutils instead of just recommending it for policycoreutils (bsc#1121455) - Added requires for python3-setuptools to python3-policycoreutils (bsc#1121455) - Removed requires for audit-libs-python from policycoreutils (bsc#1121455)- properly obsolete/provides for policycoreutils-python - remove unneeded obsolete from the devel package- Don't require selinux-policy-devel for the devel package- Obsolete policycoreutils-python in policycoreutils and policycoreutils-devel to prevent file conflicts- Included content of selinux-python-2.8 and semodule-utils-2.8. I think it's easier to have all the relevant binaries in the policycoreutils package (bsc#1116596). Added make_targets.patch for this - Removed restorecond, is now a separate package - Added python3.patch to use python3 interpreter - New runtime requires: * libsepol1 * python3-ipy * python3-networkx * python3-semanage - Provides and obsolete policycoreutils-python- Adjusted source urls (bsc#1115052)- Update to version 2.8 (bsc#1111732) For changes please see https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20180524/RELEASE-20180524.txt- Rebase to 2.7 * Rather large rewrite of the SPEC file * Significantly, support for python2 removed For changes please see https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/RELEASE-20170804.txt - Dropped patches: * policycoreutils-initscript.patch * policycoreutils-pam-common.patch * loadpolicy_path.patch * CVE-2018-1063.patch- Don't build policycoreutils-gui for anything suse_version >= 1500: there is no reason te believe that SLE16 will have those old, depreacted dependencies back. Fixes also the issues for Tumbleweed, where -gui was not installable.- SLE 15 doesn't have the necessary files for policycoreutils-gui, don't build it there- Drop the requirement for selinux-policy for the gui tools.- Drop SLE11 support, needs the audit that is not present on SLE11 - Fix service link to actually work on current releases - Drop SUSE_ASNEEDED=0 as it seems to build fine without it - Do not depend on systemd, just systemd-rpm-macros- Added CVE-2018-1063.patch to prevent chcon from following symlinks in /tmp, /var/tmp, /var/run and /var/lib/debug (bsc#1083624, CVE-2018-1063)- Remove BuildRequires for libcgroup-devel (bsc#1085837)- Removed BuildRequires for setools-devel and added new runtime requirement for python2-networkx- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- Update to policycoreutils version 2.6. Notable changes: * setfiles: reverse the sense of -D option * sandbox: Use dbus-run-session instead of dbus-launch when available * setfiles: Utility to find security.restorecon_last entries * setfiles: Add option to stop setting the digest * hll/pp: Change warning for module name not matching filename to match new behavior * sepolicy: convert to setools4 * sandbox: create a new session for sandboxed processes * sandbox: do not try to setup directories without -X or -M * sandbox: do not run xmodmap in a new X session * sandbox: fix file labels on copied files * semanage: Fix semanage fcontext -D * semanage: Default serange to "s0" for port modify * semanage: Use socket.getprotobyname for protocol * semanage: Add auditing of changes in records * Improve compatibility with Python 3 * Update sandbox types in sandbox manual * hll/pp: Warn if module name different than output filename - Update to sepolgen version 2.6. Notable changes: * Add support for TYPEBOUNDS statement in INTERFACE policy files - Dropped CVE-2016-7545_sandbox_escape.patch- Added CVE-2016-7545_sandbox_escape.patch to fix CVE-2016-7545, bsc#1000998 Sandboxed session could have escaped to the parent session- Trim description in line with other selinux packages- Changes submitted by MargueriteSu: Update to version 2.5 * sepolicy: Do not overwrite CFLAGS, from Nicolas Iooss. * sepolicy: Rename policy global variable conflict, from Nicolas Iooss. * newrole: Add missing defined in #if, from Nicolas Iooss. * newrole: Add description of missing parameter -p in newrole man page, from Lukas Vrabec. * secon: Add missing descriptions for --*-key params in secon man page, from Lukas Vrabec * semanage: List reserve_port_t in semanage port -l, from Petr Lautrbach. * chcat: Add a fallback in case os.getlogin() returns nothing, from Laurent Bigonville. * semanage: fix 'semanage permissions -l' subcommand, from Petr Lautrbach. * semanage: replace string.join() with str.join(), from Petr Lautrbach. * Man page warning fixes, from Ville Skyttä. * sandbox: Fix sandbox to propagate specified MCS/MLS Security Level, from Miroslav Grepl. * semanage: Require at least one argument for 'semanage permissive -d', from Petr Lautrbach. * sepolicy: Improve sepolicy command line interface, from Petr Lautrbach. * audit2allow/why: ignore setlocale errors, from Petr Lautrbach. * semodule: Add --extract/-E, --cil/-c, and --hll/-H to extract modules, from Yuli Khodorkovskiy. * audit2allow: Comment constraint rules in output, from Miroslav Grepl via Petr Lautrbach. * Fix PEP8 issues, from Jason Zaman. * semanage: fix moduleRecords deleteall method, from Stephen Smalley. * Improve compatibility with Python 3, from Michal Srb. * semanage: Set self.sename to sename after calling semanage_seuser_set_sename(), from Laurent Bigonville. * semanage: Fix typo in semanage args for minimium policy store, from Petr Lautrbach. * sepolicy: Only invoke RPM on RPM-enabled Linux distributions, from Sven Vermeulen. * mcstransd: don't reinvent getpeercon, from Stephen Smalley. * setfiles/restorecon: fix -r/-R option, from Petr Lautrbach. * org.selinux.policy: Require auth_admin_keep for all actions, from Stephen Smalley. * hll: Move core functions of pp to libsepol, from James Carter * run_init: Use a ring buffer in open_init_pty, from Jason Zaman. * run_init: fix open_init_pty availability check, from Nicolas Iooss. * Widen Xen IOMEM context entries, from Daniel De Graaf. * Fix -Wformat errors with gcc-5.0.0, from Petr Lautrbach. * Fixed typo/grammatical error, from Christopher Peterson. * Fix typo in semanage-port man page, from Andrew Spiers. Update to version 2.4 * Fix bugs found by hardened gcc flags, from Nicolas Iooss. * Improve support for building with different versions of python from Nicolas Iooss. * Ensure XDG_RUNTIME_DIR is passed through to the sandbox in seunshare, from Dan Walsh * Remove cgroups from sandbox, from Dan Walsh * Try to use setcurrent before setexec in seunshare, from Andy Lutomirski * Stop using the now deprecated flask.h and av_permissions.h, from Stephen Smalley * Add a store root path in semodule, from Yuli Khodorkovskiy * Add a flag to ignore cached CIL files and recompile HLL modules, from Yuli Khodorkovskiy * Add and install HLL compiler for policy packages to CIL. The compiler is installed in /var/libexec/selinux/hll/ by default, from Steve Lawrence * Fixes to pp compiler to better support roles and type attributes, from Yuli Khodorkovskiy * Deprecate base/upgrade/version in semodule. Calling these commands will now call --install on the backend, from Yuli Khodorkovskiy * Add ability to install modules with a specified priority, from Caleb Case * Use /tmp for permissive module creation, by Caleb Case * Update semanage to use new source policy infrastructure, from Jason Dana * Add RuntimeDirectory to mcstrans systemd unit file, from Laurent Bigonville- added Requires: python-yum, yum-metadata-parser to fix sepolicy (bnc#903841)/bin/sh/bin/shs390zl37 16519626043.1-150400.1.53.1-150400.1.53.1-150400.1.5newrolenewrolenewrole.1.gznewrole.1.gz/etc/pam.d//usr/bin//usr/share/man/man1//usr/share/man/ru/man1/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:SLE-15-SP4:GA/standard/95b5d0b12cec2f3b7c51184fe2f6056d-policycoreutilscpioxz5s390x-suse-linuxASCII textELF 64-bit MSB shared object, IBM S/390, version 1 (SYSV), dynamically linked, interpreter /lib/ld64.so.1, BuildID[sha1]=5a754fce8fbc83bdbc320774e43dc3adc9f7cdae, for GNU/Linux 3.2.0, strippedtroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)troff or preprocessor input, UTF-8 Unicode text, with very long lines (gzip compressed data, max compression, from Unix) R R RRR RRRRR R RR[>p;YWutf-89f274b5331c7742ba09b57b33abec560124841bb10f39b666fa99a90e89b962c?7zXZ !t/z-=] crv(vX0&EKgv={)f}yp1[un@`gɆDJV D/ ĺ/X^-`Y'jw`[3~ 1v, Wqm&QS'7/#zW1scGm(ߚu.z[D7dL\rR7|.vezC3s,`u㙤HC3[ӗP(8C]ahe. ѥ;4CUHaS1" BJ!Q*K'$Xni-W ,Tlqhq7q7aVgZLw0LE!usj:RgX32uึ,|/I$R Df\X'4۬ǻe *a,Fsn)%Wp)=>փ DYG3*Hv .(n^lÑz%8s&{8ӉͶ@lr-i)E&tJ~VFҘ mX>G->C~WCz'(5Y'm2AqGC&|XJҗƐOQ櫶-N؝bh ԕFqaj]D]/y3dFL7Y_NJaiђ¬7!(| ΐL,eu iufyF#;]X䯠͖Ȫf.m8o9;\^BzHد!kwPzh/٣ͫhW#@:`N* v%͎ΏLϫ~rV4Gwz$S,4`>Wҍzak'H'w,n^kM< de4~wJ-ĝ ٴK醿ӽa-g'< 0S}j"8ܳ_O6T@H5Ωղ wE"d,0[=p͐hj0CZe;vEu}U ZK5tV'S.Bׁ aUS/pwL̼KflX29H cYǗƾwy@";ؒ7E]s,- 2Sd:VPys"q6ьzfg첱ʒmHRO] <Q1G %3]299DcE 7pNu76Ȅ{%d[[|'9#msΤ_xl7y!?uɜ:P˷\ b:.8@̗B Cl\nxA׷ęT΍F.D ~HwqE̸E_g)-FU~˨1`  0^U-Bl]L_\39\@ȉ0?I 9l6bd==&Kǻ&#$(%{MEk-#^d׾:$ob:0Q=4(ilqj5%jdE-ZaEF7ਫ਼7.ӭJQ9#}"!Q_Yd;\h|$:HRi]\FʅW~"$DE8 Z -6u-‡L($/ֻP}-*$ rd|V ̓^, a܉a&y> <艘b$z̷/˒4_4aH<} 9[0BIO -zU8?H>TO!(;21lEӨdkcӡrܻ8Fʧ ||)v3GvZXR4R01s7 xX[9SW2K{4 #+͒N>1%KyWJ JD_WWéHM8*][& =uǭVr\u  c/kyG={oMMߝU%qSKyF $Xl.iDEq r8JuaK~/NL; 2/XY:h,ʯwnR{sy'_= eCX`Io>c&6"Tbg$rvVDWtݠUd _Mމ9'*p%9mK/52c>sky1>Jxhؘk<*ݢ HW끕\kf᳇uԄ[-Mc5C!J `Wx>sV&?m?z[{t*3K񸢒Ϝ g>h6MW]ܓZ X_[ijT X7OVoZt)^Ɗ`S$; F/v=\|}218 .dd|=bu$ŕ/JShc7P4=N)Wgs"h;F9pkcKo.ԔQ"WmՔ+7k"?Vsvgx|du5a-:Q{h#e瘒1UȂE (I`hk.S"C,U:g5"[Α5ܡ|MiRre1ϲ=$- ˄ͼ}a#f05*p_[x Xqcg}xRƀEȻT[7~1T>M9b4]A?:%*dj=et^`5sczfFv(ntٓ$,Ql2tg!l ]EODZq9 F 6&DZ;X"M槇2֙)Pd57FӫOBj{?Y7uًΆrIɏA yp;"cfnA8$j+^S!ID(]K.fwgh*KU\s #!i<66y69<9A9ţhn3zUwndYjMgLv.$±],u*$[Ζ \zŕ3 pOVJK߭քtgrљ6` 9=! sʻ|R|K1ˍ!PU3NEFfGY@{Q_' 266Z !}5Pp809X\ HJl3Aʳשf !߰kv󉁒䐏3q1`wV tͥiHb*CBUmXnqp ?#u >۔uZb /r/w~5dmg'̿kNJmy8*SCD[ecfnz)yka2+޷cQ@J + zVKb0 AVaSash~+_jPcm<Î20Ppc_ LmNx~\`%Wop@h{5YLLiS&{wN%5<B1h(rQh-їyuuwH+X;4)}ZkiXUsvNzZC3!K Hy(i,cڄT0{l/fh%p|i[xVëcK2ZzVA8Н%LQf 3e^ sTh.gCx%=y禌V}o]"/O* /drFT\O")ÄEhGŤ^?Z-x/]!hb-QoEzyqEiZA`J*X'lPB͑mϨ`wzlj:` ́)#i;C$4`ˎc۝9FԀ6ؼmTv_xNGOE[S4z;Q#VI-nńW,NC0 錔Xh 4ci[p\ͧ3P0F(e5QSXh4LH*UEtknIV O`~JA?i#F$qNJSaTi$da}`&/Q7S݂xiFm@m&A>tRc)X7x!vGEL&I(,:qK Uէ_97.fgjɵx4Grh:6n~J⥃PN?]dx`.B% A@TvRt"oXR|5λiik$r/WO?vJ/duĂ2:+Zw!%c\}20}Ka_KZz>!eo@jS.jՒ ,Fk;/}B>L'EFф 56PۡΗB9nf^QVyC4ҀV)GɼѨ?sH5`>nh10'?-˷@aX5Ŕ!`{_K( HF߶]&`"Jd6g6).C60ZaqL]q-לv.$~v8l+;S6UpcxݒJ716t9Ёax%hlmB}?蠊 j]V㞏^i7oGz;`QS?~`F] 8*hlyJ3A^nlyse_Q!{&&goQ 0HY(OS/{l M}}q2lGU5\l78:EW~f:>6o9܇Mcvܲu %ak&sp7h6q1 KҌQdRduZSVM"ҩE|ɴi3I*Gk05A ЉE -'O8o(<ZD2:U7(MT!e˞#l\2Suf'Yj?W͚S"9\ X"o*{^TMaȶG'4źJ3̯sme7^żKĔ@}"ז)Z[(Ap 2;VeȴdlOXoi82t)C$ OkBWQ{?ҩC*Imk%mmDHm/v@X`m0H/ h,6.Sh{ W-}{1]qh:u$oyE" X*_,1bXyP(FM^S25m]7?ŀQ|aǯpP,lȱ3R+` I:bby8xcm4j|N·f@( $c\8bDzp'u4 9Krx@liqLZQ=I,]ToM5$Bre#LYp2zGTwȪ=nQҟEQ@]!beA'WpH |@ݪ͡{׍NB/"w? v a"@5"I_jV n@~ kkwqWMsBo{ģܣ> J_$S#sC__e.ܾ"۫TLdI1}oA!u 5/&EcZW젨k-Lفgٰ8)%6|exc/$ dBi>!)P<9-Aǘ,W'NW .s`P:pxޞ`귛o;PT2{0'}Aj؎%HDBNCY]3' =;a6g  <%v -QՔYbJUm àI&S.2N^Y]OAF-cCZHJH6_8b{轌ȭG0 [î:zPNS4Rt4@X8WHWrhy5qZYt3)X/,np#9oJ9pTOwfRAPlFwkq͒/=ES˹kNG #YpNhk}h&U^yW<-{uF#oRJ],+TNm2&EtΌʞG՜?m+cF5UͲ Hƍr*m.Ld.fNp̶ي~!fCNF*mxm$!$‧jdz]4K2PRYw]@l]NyʤZ*١0DCڪ1ó C*KRwHGjr DAxƚxkZWUFdǙe|MvYpKLeʄ "fEY}m)8?}Aq)3S($znth4λW?4B2x Gp >ĖP_P{ڼQl'a"pRnHb\©͝_Qz#`g8ygj6_)"y(?zRrO9RcMU-zf4~@4ƙKUBҢo3ntkZlS\/1fP(J{gwco5fVr2)] Aqx6ze:>zZ,$9c||2[0zX#u)!WojLHj- ܛ!ߐ햬uPL]YQ V Ug" UA? ;-RjA 4y$A Oc dR6h lP-{1iDΗIE`u]ڞ*)Ԛ+}X5Hcm۝k^M]2䶳cKL6OyzNZ rnAqu/s0{w 0M}WZLy B(N⌗pLCի-pB,{^j2qq~Ce űU{#θᩛoUtѵ0.P6cM&>wȇvMe3IP*=Ht'mvc 5T16ӼRkFpT:@s|&БR0LI P):'ܦ.fertGF :}\Bp|JSP> kX{Lӂ&*B<^+U) JJ5v¤/uO%ݚѫAsW vDhxgϏ(2o0#R]6mhMm') <Ԥ@ @;"‹yy% DD*VB:CTK%O Ln֗)!X^'qp""ˢxLNR M+ܼ`E.y5B%n0-X#Lb];-[c3y0%zzC{cל%!-Iʺ]*RޫpA `c9=?!ȨL13H{˜p^@̢7orm+ֹewIBƶJ"hQER&HV9ӳJZ4!,pU^ȷsJQ,s*̹,`5 lZE^4QD~.{,/ۡYWRc{ T]"L/+H{M AQe܏I.An>`Kkc&}nR:-FE/׉ډ۸3ym @iaB %u 鴫T|ױņf˿_5*\ؾqܹ<o߰A%} K8~)C%f`N\{]^tA® sEC>+|e bV-m/H2&/+Ls3%kBTu-YP&.}JW, ǜ~` (J$*/VD ؼڴؿ# ٔ5 ZkF{XwD3kN8.uH~ 9m -4_%~-T|-V20$(l}@*H4@IzȖQv!#--T] kVQu0~XCaPYGBTq xWjY[gnHs&c[}H5,!c@WloޓojY*J:/m6Tbߤ,:~ú(&^n <> dZA3* YZ