nscd-2.26-lp151.19.15.1 4>$  Ap^Ը/=„%#7P~kle-3WY!St$ {r"`048ϝYj끱tƳ| }Ҭ`znjG5DL*S(WͻX!"E ~jqN* ms\(#k*}NbPmA&(WoZ>0a6`H7!̥0rf*}Jb%h"x!U焿6/͘0d726b18f8d703c3dd9f9e55c1f02b38772973df29a7edf404a71ad53f94949cc7b85a152dbbb576ab6cc3d9771da11cf35e883a5¸^Ը/=„ޔU:&xW}x#rUn8oj|ͨO:%il)P PnroGl h*.5zp@$ey(A*jHËOXVaa*$HZ$ENtX(׍,]˅a*2(nMT{TR"k9 DBVNvP,ra[plpI?d   6 $*/ , J h    W4)))(8$u9u:#u=Y>a?i@qByFGHI XY,Zh[l\t]^' bcXdefluv@ wpxyzP`djCnscd2.26lp151.19.15.1Name Service Caching DaemonNscd caches name service lookups and can dramatically improve performance with NIS, NIS+, and LDAP.^Ibuild83vopenSUSE Leap 15.1openSUSEGPL-2.0+http://bugs.opensuse.orgSystem/Daemonshttp://www.gnu.org/software/libc/libc.htmllinuxi586getent group nscd >/dev/null || /usr/sbin/groupadd -r nscd getent passwd nscd >/dev/null || /usr/sbin/useradd -r -g nscd -c "User for nscd" -s /sbin/nologin -d /run/nscd nscd test -n "$FIRST_ARG" || FIRST_ARG="$1" # disable migration if initial install under systemd [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$FIRST_ARG" -eq 1 ]; then for service in nscd.service ; do sysv_service="${service%.*}" touch "/var/lib/systemd/migrated/$sysv_service" || : done else for service in nscd.service ; do # The tag file might have been left by a preceding # update (see 1059627) rm -f "/run/rpm-glibc-update-$service-new-in-upgrade" if [ ! -e "/usr/lib/systemd/system/$service" ]; then touch "/run/rpm-glibc-update-$service-new-in-upgrade" fi done for service in nscd.service ; do sysv_service="${service%.*}" if [ -e /var/lib/systemd/migrated/$sysv_service ]; then continue fi if [ ! -x /usr/sbin/systemd-sysv-convert ]; then continue fi /usr/sbin/systemd-sysv-convert --save $sysv_service || : done fi test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$YAST_IS_RUNNING" != "instsys" -a -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi if [ "$FIRST_ARG" -eq 1 ]; then if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl preset nscd.service || : fi elif [ "$FIRST_ARG" -gt 1 ]; then for service in nscd.service ; do if [ ! -e "/run/rpm-glibc-update-$service-new-in-upgrade" ]; then continue fi rm -f "/run/rpm-glibc-update-$service-new-in-upgrade" if [ ! -x /usr/bin/systemctl ]; then continue fi /usr/bin/systemctl preset "$service" || : done for service in nscd.service ; do sysv_service=${service%.*} if [ -e /var/lib/systemd/migrated/$sysv_service ]; then continue fi if [ ! -x /usr/sbin/systemd-sysv-convert ]; then continue fi /usr/sbin/systemd-sysv-convert --apply $sysv_service || : touch /var/lib/systemd/migrated/$sysv_service || : done fi [ -z "${TRANSACTIONAL_UPDATE}" -a -x /usr/bin/systemd-tmpfiles ] && /usr/bin/systemd-tmpfiles --create /usr/lib/tmpfiles.d/nscd.conf || : # Previously we had nscd.socket, remove it test -x /usr/bin/systemctl && /usr/bin/systemctl stop nscd.socket 2>/dev/null || : test -x /usr/bin/systemctl && /usr/bin/systemctl disable nscd.socket 2>/dev/null || : # Hard removal in case the above did not work rm -f /etc/systemd/system/sockets.target.wants/nscd.socket exit 0 test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -eq 0 -a -x /usr/bin/systemctl ]; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable nscd.service || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_STOP_ON_REMOVAL" && . /etc/sysconfig/services test "$DISABLE_STOP_ON_REMOVAL" = yes -o \ "$DISABLE_STOP_ON_REMOVAL" = 1 && exit 0 /usr/bin/systemctl stop nscd.service ) || : fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -ge 1 ]; then # Package upgrade, not uninstall if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services test "$DISABLE_RESTART_ON_UPDATE" = yes -o \ "$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0 /usr/bin/systemctl try-restart nscd.service ) || : fi else # package uninstall for service in nscd.service ; do sysv_service="${service%.*}" rm -f "/var/lib/systemd/migrated/$sysv_service" || : done if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi fi exit 0 Mk0 A큤A큤A큀^^^B^B^^^^^^^B^B^B^B^B3dfa1280f6c20acdc451920963074e116a493e11540d7857592b979622669fea79fe74962fbce2fa9b2a4b92f693b2fd42cbc2ed331fae268de7104879a72df879c9cec5dd2414dcb76d11e75903aa6fd9b7785c897cb9f853edcb140a71b7797924b48948987848304bcff6dbc8950bd8f48f5e5adfdec8cd03b7cff9a3fd1f/sbin/service@YYYYYYYrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootglibc-2.26-lp151.19.15.1.src.rpmconfig(nscd)glibc:/usr/sbin/nscdnscdnscd(x86-32) @@@@@@@@@@@@@@@@@@@@@@@@@@    /bin/sh/bin/sh/bin/sh/bin/shconfig(nscd)glibclibaudit.so.1libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1)libc.so.6(GLIBC_2.1.1)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.10)libc.so.6(GLIBC_2.17)libc.so.6(GLIBC_2.2)libc.so.6(GLIBC_2.2.2)libc.so.6(GLIBC_2.2.4)libc.so.6(GLIBC_2.3)libc.so.6(GLIBC_2.3.2)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)libc.so.6(GLIBC_2.7)libc.so.6(GLIBC_2.8)libc.so.6(GLIBC_2.9)libcap.so.2libpthread.so.0libpthread.so.0(GLIBC_2.0)libpthread.so.0(GLIBC_2.1)libpthread.so.0(GLIBC_2.2)libpthread.so.0(GLIBC_2.3.2)libpthread.so.0(GLIBC_2.3.3)libselinux.so.1pwdutilsrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)systemdsystemdsystemdsystemd2.26-lp151.19.15.12.263.0.4-14.6.0-14.0-15.2-14.14.1^@^{G^g@^`^U @^&^]@]7@]|@]@]:\@\\]@\@\|\~d[[ͻ[$@[t[r@[qr[^[!@[@Z@ZJ@Z2@ZH@ZZ Z}@ZxG@Zp^@Zp^@Ze@ZKt@Z1@Z/Z@Y@Y@YYܶ@YdY@Y@YY@Y@Y@YW@Y@YJYYw2Yp@YJ_YA%@Y.@Y, @Y, @Y$$@Y"XۡX@XWw@W@W@Ws@Wk@Wj}WYZ@WL+@W3W0{WW V@V@V޾Vm@VIV@VŲ@V`VVV@VLh@V.V$@VVZV VUYU|@UAUȒ@UU@UU4@UUv@U%@U/@U:T@TPTgTܕTء@TO@Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab schwab@suse.deschwab@suse.dematz@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dejslaby@suse.comschwab@suse.deschwab@suse.deschwab@suse.deidonmez@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.denormand@linux.vnet.ibm.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.demeissner@suse.comschwab@suse.deschwab@suse.demgorman@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.de- nptl-setxid-race.patch: nptl: wait for pending setxid request also in detached thread (bsc#1162930, BZ #25942)- glob-use-after-free.patch: Fix use-after-free in glob when expanding ~user (CVE-2020-1752, bsc#1167631, BZ #25414)- dl-sort-maps.patch, dlopen-filter-object.patch: Allow dlopen of filter object to work (bsc#1166106, BZ #16272)- ldbl-96-rem-pio2l.patch: Avoid ldbl-96 stack corruption from range reduction of pseudo-zero (CVE-2020-10029, bsc#1165784, BZ #25487)- pthread-rwlock-pwn.patch: Fix rwlock stall with PREFER_WRITER_NONRECURSIVE_NP (bsc#1164505, BZ #23861) - manual-memory-protection.patch: manual: Document mprotect and introduce section on memory protection (bsc#1163184)- backtrace-powerpc.patch: Fix array overflow in backtrace on PowerPC (CVE-2020-1751, bsc#1158996, BZ #25423)- posix-Add-internal-symbols-for-posix_spawn-interface.patch, glibc-2.29-posix-Use-posix_spawn-on-popen.patch: Use posix_spawn on popen (bsc#1149332, BZ #22834)- ppc-tle-htm-nosc.patch: powerpc: Fix syscalls during early process initialization (SLE-8348, BZ #22685)- s390-strstr-page-boundary.patch: S390: Fix handling of needles crossing a page in strstr z15 ifunc-variant (bsc#1157893, BZ #25226)- prefer-map-32bit-exec.patch: rtld: Check __libc_enable_secure before honoring LD_PREFER_MAP_32BIT_EXEC (CVE-2019-19126, bsc#1157292, BZ [#25204])- GNU1815 - Hardware support in toolchain (bsc#1151582) 0001-S390-Add-configure-check-to-detect-z10-as-mininum-ar.patch 0002-S390-Use-hwcap-instead-of-dl_hwcap-in-ifunc-resolver.patch 0003-S390-Unify-31-64bit-memcpy.patch 0004-S390-Refactor-memcpy-mempcpy-ifunc-handling.patch 0005-S390-Remove-s390-specific-implementation-of-bcopy.patch 0006-S390-Use-memcpy-for-forward-cases-in-memmove.patch 0007-S390-Add-configure-check-to-detect-z13-as-mininum-ar.patch 0008-S390-Add-z13-memmove-ifunc-variant.patch 0009-S390-Add-z13-strstr-ifunc-variant.patch 0010-S390-Add-z13-memmem-ifunc-variant.patch 0011-S390-Cleanup-ifunc-resolve.h.patch 0012-S390-Mark-vx-and-vxe-as-important-hwcap.patch 0013-S390-Add-new-hwcap-values-for-new-cpu-architecture-a.patch 0014-S390-Add-configure-check-to-detect-support-for-arch1.patch 0015-S390-Add-arch13-memmove-ifunc-variant.patch 0016-S390-Add-arch13-strstr-ifunc-variant.patch 0017-S390-Add-arch13-memmem-ifunc-variant.patch- regex-parse-reg-exp.patch: ERE '0|()0|\1|0' causes regexec undefined behavior (CVE-2009-5155, bsc#1127223, BZ #18986) - regex-read-overrun.patch: regex: fix read overrun (CVE-2019-9169, bsc#1127308, BZ #24114)- crt-nocompress-debug-sections.patch: Don't compress debug sections in crt*.o files (bsc#1123710)- ldconfig-concurrency.patch: Avoid concurrency problem in ldconfig (bsc#1117993, BZ #23973)- force-elision-race.patch: Fix race in pthread_mutex_lock while promoting to PTHREAD_MUTEX_ELISION_NP (bsc#1131330, BZ #23275)- japanese-era-name-may-2019.patch: ja_JP locale: Add entry for the new Japanese era (bsc#1100396, BZ #22964)- pthread-mutex-trylock-barrier.patch: pthread_mutex_trylock does not use the correct order of instructions while maintaining the robust mutex list due to missing compiler barriers (bsc#1130045, BZ #24180) - getaddrinfo-parse-ipv4-address.patch: getaddrinfo: Fully parse IPv4 address strings (CVE-2016-10739, bsc#1122729, BZ #20018)- mman-map-sync.patch: Add MAP_SYNC from Linux 4.15 (bsc#1126590) - mman-linux-map-shared-validate.patch: Add MAP_SHARED_VALIDATE from Linux 4.15 (bsc#1126590) - nptl-setxid-error.patch: nptl: Preserve error in setxid thread broadcast in coredumps (bsc#1063675, BZ #22153)- x86-haswell-string-flags.patch: Fix Haswell CPU string flags (bsc#1114984, BZ #23709) - pthread-cond-broadcast-waiters-after-spinning.patch: Fix waiters-after-spinning case (bsc#1114993, BZ #23538)- absolute-symbols.patch: Don't relocate absolute symbols (bsc#1112570, BZ [#19818])- glibc-fix-aarch64-build.diff: Fix build on aarch64 with binutils newer than 2.30.- Add glibc-locale-base subpackage containing only C, C.UTF-8 and en_US.UTF-8 locales (fate#326551)- aarch64-hwcap-atomics.patch: aarch64: add HWCAP_ATOMICS to HWCAP_IMPORTANT (fate#325962)- math-remove-slow-path.patch: Remove slow paths from math routines (fate#325815, fate#325879, fate#325880, fate#325881, fate#325882)- localtime-2039.patch: Fix year 2039 bug for localtime with 64-bit time_t (bsc#1102526, BZ #22639)- i386-memmove-sse2-unaligned.patch: Fix SSE2 memmove issue when crossing 2GB boundary (CVE-2017-18269, bnc#1094150, BZ #22644) - realpath-ssize-max-overflow.patch: Fix overflow in path length computation (CVE-2018-11236, bsc#1094161, BZ #22786) - glibc-fix-avx512-mempcpy.patch: replace with upstream version- Use %license also for COPYING and COPYING.LIB (bsc#1082318)- Add glibc-fix-avx512-mempcpy.patch as quick fix for mempcpy buffer overwrite in memmove-avx512-no-vzeroupper.S for Knights Landing CPUs (CVE-2018-11237, bnc#1094154, bnc#1092877, BZ #23196)- Readd nis to netgroup and automount nss config (bsc#1088860)- res-send-enomem.patch: Fix crash in resolver on memory allocation failure (bsc#1086690, BZ #23005)- Use %license (bsc#1082318)- stack-guard-size-accounting.patch: Fix stack guard size accounting (bsc#1074208, BZ #22637) - libgcc-rtld-now.patch: Open libgcc.so with RTLD_NOW during pthread_cancel (bsc#1074208, BZ #22636)- Mark source0 as nosource in non-main source rpms- Add systemtap-headers to BuildRequires. - Add --enable-systemtap to configure arguments. (fate#324969, bsc#1073636)- memalign-overflow.patch: Fix integer overflows in internal memalign and malloc functions (CVE-2018-6485, CVE-2018-6551, bsc#1079036, BZ #22343, BZ #22774)- fix-locking-in-_IO_cleanup.patch: Skip locked files during exit (bsc#1070491, BZ #15142)- Avoid duplicate source rpm- getcwd-absolute.patch: make getcwd(3) fail if it cannot obtain an absolute path (CVE-2018-1000001, bsc#1074293, BZ #22679)- dl-init-paths-overflow.patch: Count components of the expanded path in _dl_init_path (CVE-2017-1000408, CVE-2017-1000409, bsc#1071319, BZ [#22607], BZ #22627) - fillin-rpath-empty-tokens.patch: Check for empty tokens before dynamic string token expansion (CVE-2017-16997, bsc#1073231, BZ #22625)- tst-tlsopt-powerpc.patch: fix tst-tlsopt-powerpc (bcn#1070419) - powerpc-hwcap-bits.patch: Update HWCAP for powerpc (bnc#1070420) - malloc-tcache-check-overflow.patch: Fix integer overflow in malloc when tcache is enabled (CVE-2017-17426, bnc#1071479, BZ #22375)- Add _multibuild- glob64-s390.patch: no compat glob64 on s390 - noversion.tar.bz2: remove unused source- x86-64-dl-platform.patch: Don't set GLRO(dl_platform) to NULL (BZ #22299)- spawni-assert.patch: Fix improper assert in Linux posix_spawn (BZ [#22273])- math-c++-compat.patch: Add more C++ compatibility (BZ #22296) - malloc-tcache-leak.patch: Fix tcache leak after thread destruction (BZ [#22111]) - falkor-memcpy-memmove.patch: Optimized implementation of memcpy/memmove for Qualcomm Falkor - aarch64-cpu-features.patch: Fix glibc.tune.cpu tunable handling - nss-files-large-buffers.patch: Avoid large buffers with many host addresses (BZ #22078) - sysconf-uio-maxiov.patch: Fix missing definition of UIO_MAXIOV (BZ [#22321]) - glob-tilde-overflow.patch: Fix buffer overflows with GLOB_TILDE (CVE-2017-15670, CVE-2017-15671, CVE-2017-15804, bsc#1064569. bsc#1064580, bsc#1064583, BZ #22320, BZ #22325, BZ #22332) - dl-runtime-resolve-xsave.patch: Use fxsave/xsave/xsavec in _dl_runtime_resolve (BZ #21265)- nscd-libnsl.patch: Remove reference to libnsl from nscd (bsc#1062244)- Drop glibc-obsolete - glibc-2.3.90-noversion.diff: remove - reinitialize-dl_load_write_lock.patch: remove- nss-compat.patch: Move nss_compat from nis to nss subdir and install it unconditionally - nsswitch.conf: switch back to compat for passwd, group, shadow- assert-pedantic.patch: Suppress pedantic warning caused by statement expression (BZ #21242, BZ #21972) - math-c++-compat.patch: Add more C++ compatibility (BZ #22235) - getaddrinfo-errno.patch: Fix errno and h_errno handling in getaddrinfo (BZ #21915, BZ #21922) - resolv-conf-oom.patch: Fix memory handling in OOM situation during resolv.conf parsing (BZ #22095, BZ #22096) - dynarray-allocation.patch: Fix initial size of dynarray allocation and set errno on overflow error - nearbyint-inexact.patch: Avoid spurious inexact in nearbyint (BZ #22225)- math-c++-compat.patch: add more C++ compatibility (BZ #22146)- Remove rpcsvc/yppasswd.* from glibc-devel - ld-so-hwcap-x86-64.patch: add x86_64 to hwcap (bsc#1056606, BZ #22093)- eh-frame-zero-terminator.patch: Properly terminate .eh_frame (BZ #22051)- Disable obsolete libnsl and NIS support - remove-nss-nis-compat.patch: remove nis and compat from default NSS configs - nsswitch.conf: Likewise- math-c++-compat.patch: Do not use __builtin_types_compatible_p in C++ mode (BZ #21930)- Add iconvconfig to baselibs.conf (bsc#1051042)- resolv-context-leak.patch: Fix leaks of resolver contexts - dl-runtime-resolve-opt-avx512f.patch: Use _dl_runtime_resolve_opt only with AVX512F (BZ #21871) - libpthread-compat-wrappers.patch: Don't use IFUNC resolver for longjmp or system in libpthread (BZ #21041)- Update to glibc 2.26 * A per-thread cache has been added to malloc * Unicode 10.0.0 Support * Improvements to the DNS stub resolver * New function reallocarray, which resizes an allocated block (like realloc) to the product of two sizes, with a guaranteed clean failure upon integer overflow in the multiplication * New wrappers for the Linux-specific system calls preadv2 and pwritev2 * posix_spawnattr_setflags now supports the flag POSIX_SPAWN_SETSID, to create a new session ID for the spawned process * errno.h is now safe to use from C-preprocessed assembly language on all supported operating systems * On ia64, powerpc64le, x86-32, and x86-64, the math library now implements 128-bit floating point as defined by ISO/IEC/IEEE 60559:2011 (IEEE 754-2008) and ISO/IEC TS 18661-3:2015 * The synchronization that pthread_spin_unlock performs has been changed to now be equivalent to a C11 atomic store with release memory order to the spin lock's memory location * The DNS stub resolver no longer performs EDNS fallback * res_mkquery and res_nmkquery no longer support the IQUERY opcode * The _res_opcodes variable has been removed from libresolv * no longer includes inline versions of any string functions, as this kind of optimization is better done by the compiler * The nonstandard header has been removed * The obsolete header has been removed * The obsolete signal constant SIGUNUSED is no longer defined by * The obsolete function cfree has been removed * The stack_t type no longer has the name struct sigaltstack * The ucontext_t type no longer has the name struct ucontext * On S/390 GNU/Linux, the constants defined by have been synced with the kernel * Linux kernel 3.2 or later is required at runtime, on all architectures supported by that kernel * The DNS stub resolver limits the advertised UDP buffer size to 1200 bytes, to avoid fragmentation-based spoofing attacks (CVE-2017-12132) * LD_LIBRARY_PATH is now ignored in binaries running in privileged AT_SECURE mode to guard against local privilege escalation attacks (CVE-2017-1000366) * Avoid printing a backtrace from the __stack_chk_fail function since it is called on a corrupt stack and a backtrace is unreliable on a corrupt stack (CVE-2010-3192) * A use-after-free vulnerability in clntudp_call in the Sun RPC system has been fixed (CVE-2017-12133) * fate#322258, fate#321513, fate#322453 - fts-symbol-redirect.patch, glibc-resolv-reload.diff, glibc-2.2-sunrpc.diff, i686-memchr-sse.patch, ld-hwcap-mask-suid.patch, ld-library-path-suid.patch, sunrpc-use-after-free.patch, test-math-vector-sincos-aliasing.patch, tunables-bigendian.patch: Removed- Fix RPM group- s390-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (fate#322271)- ld-hwcap-mask-suid.patch: Ignore and remove LD_HWCAP_MASK for AT_SECURE programs (BZ #21209) - ld-library-path-suid.patch: Completely ignore LD_LIBRARY_PATH for AT_SECURE=1 programs (CVE-2017-1000366, bsc#1039357, BZ #21624)- Remove glibc-cpusetsize.diff, no longer useful- fts-symbol-redirect.patch: Fix symbol redirect for fts_set (bsc#1041123, BZ #21289)- test-math-vector-sincos-aliasing.patch: Fix test-math-vector-sincos.h aliasing- add-locales.patch: renamed from glibc-2.3.locales.diff.bz2, drop en_BE locales (bsc#1039502)- Remove glibc-testsuite.patch, no longer relevant- Use multibuild feature - Remove obsolete check-build.sh - glibc.rpmlintrc: remove obsolete entries - Use %tmpfiles_create in nscd postin- i686-memchr-sse.patch: Fix i686 memchr overflow calculation (bsc#1031021, BZ #21182) - sunrpc-use-after-free.patch: Avoid use-after-free read access in clntudp_call (BZ #21115) - Build testsuite with gdb and python-pexpect to enable more tests- tunables-bigendian.patch: Fix getting tunable values on big-endian (BZ [#21109])- Update to glibc 2.25 * The feature test macro __STDC_WANT_LIB_EXT2__, from ISO/IEC TR 24731-2:2010, is supported to enable declarations of functions from that TR. * The feature test macro __STDC_WANT_IEC_60559_BFP_EXT__, from ISO/IEC TS 18661-1:2014, is supported to enable declarations of functions and macros from that TS. * The feature test macro __STDC_WANT_IEC_60559_FUNCS_EXT__, from ISO/IEC TS 18661-4:2015, is supported to enable declarations of functions and macros from that TS. * The nonstandard feature selection macros _REENTRANT and _THREAD_SAFE are now treated as compatibility synonyms for _POSIX_C_SOURCE=199506L. * The inclusion of by is deprecated. * New features from TS 18661-1:2014 are added to libm: the fesetexcept, fetestexceptflag, fegetmode and fesetmode functions, the femode_t type and the FE_DFL_MODE and FE_SNANS_ALWAYS_SIGNAL macros. * Integer width macros from TS 18661-1:2014 are added to : CHAR_WIDTH, SCHAR_WIDTH, UCHAR_WIDTH, SHRT_WIDTH, USHRT_WIDTH, INT_WIDTH, UINT_WIDTH, LONG_WIDTH, ULONG_WIDTH, LLONG_WIDTH, ULLONG_WIDTH; and to : INT8_WIDTH, UINT8_WIDTH, INT16_WIDTH, UINT16_WIDTH, INT32_WIDTH, UINT32_WIDTH, INT64_WIDTH, UINT64_WIDTH, INT_LEAST8_WIDTH, UINT_LEAST8_WIDTH, INT_LEAST16_WIDTH, UINT_LEAST16_WIDTH, INT_LEAST32_WIDTH, UINT_LEAST32_WIDTH, INT_LEAST64_WIDTH, UINT_LEAST64_WIDTH, INT_FAST8_WIDTH, UINT_FAST8_WIDTH, INT_FAST16_WIDTH, UINT_FAST16_WIDTH, INT_FAST32_WIDTH, UINT_FAST32_WIDTH, INT_FAST64_WIDTH, UINT_FAST64_WIDTH, INTPTR_WIDTH, UINTPTR_WIDTH, INTMAX_WIDTH, UINTMAX_WIDTH, PTRDIFF_WIDTH, SIG_ATOMIC_WIDTH, SIZE_WIDTH, WCHAR_WIDTH, WINT_WIDTH. * New features are added from TS 18661-1:2014: - Signaling NaN macros: SNANF, SNAN, SNANL. - Nearest integer functions: roundeven, roundevenf, roundevenl, fromfp, fromfpf, fromfpl, ufromfp, ufromfpf, ufromfpl, fromfpx, fromfpxf, fromfpxl, ufromfpx, ufromfpxf, ufromfpxl. - llogb functions: the llogb, llogbf and llogbl functions, and the FP_LLOGB0 and FP_LLOGBNAN macros. - Max-min magnitude functions: fmaxmag, fmaxmagf, fmaxmagl, fminmag, fminmagf, fminmagl. - Comparison macros: iseqsig. - Classification macros: iscanonical, issubnormal, iszero. - Total order functions: totalorder, totalorderf, totalorderl, totalordermag, totalordermagf, totalordermagl. - Canonicalize functions: canonicalize, canonicalizef, canonicalizel. - NaN functions: getpayload, getpayloadf, getpayloadl, setpayload, setpayloadf, setpayloadl, setpayloadsig, setpayloadsigf, setpayloadsigl. * The functions strfromd, strfromf, and strfroml, from ISO/IEC TS 18661-1:2014, are added to libc. * Most of glibc can now be built with the stack smashing protector enabled. * The function explicit_bzero, from OpenBSD, has been added to libc. * On ColdFire, MicroBlaze, Nios II and SH3, the float_t type is now defined to float instead of double. * On x86_64, when compiling with -mfpmath=387 or -mfpmath=sse+387, the float_t and double_t types are now defined to long double instead of float and double. * The getentropy and getrandom functions, and the header file have been added. * The buffer size for byte-oriented stdio streams is now limited to 8192 bytes by default. * The header now includes the header. * The malloc_get_state and malloc_set_state functions have been removed. * The “ip6-dotint” and “no-ip6-dotint” resolver options, and the corresponding RES_NOIP6DOTINT flag from have been removed. * The "ip6-bytestring" resolver option and the corresponding RES_USEBSTRING flag from have been removed. * The flags RES_AAONLY, RES_PRIMARY, RES_NOCHECKNAME, RES_KEEPTSIG, RES_BLAST defined in the header file have been deprecated. * The "inet6" option in /etc/resolv.conf and the RES_USE_INET6 flag for _res.flags are deprecated. * DNSSEC-related declarations and definitions have been removed from the header file, and libresolv will no longer attempt to decode the data part of DNSSEC record types. * The resource record type classification macros ns_t_qt_p, ns_t_mrr_p, ns_t_rr_p, ns_t_udp_p, ns_t_xfr_p have been removed from the header file because the distinction between RR types and meta-RR types is not officially standardized, subject to revision, and thus not suitable for encoding in a macro. * The types res_sendhookact, res_send_qhook, re_send_rhook, and the qhook and rhook members of the res_state type in have been removed. * For multi-arch support it is recommended to use a GCC which has been built with support for GNU indirect functions. * GDB pretty printers have been added for mutex and condition variable structures in POSIX Threads. * Tunables feature added to allow tweaking of the runtime for an application program. * A new version of condition variables functions have been implemented in the NPTL implementation of POSIX Threads to provide stronger ordering guarantees. * A new version of pthread_rwlock functions have been implemented to use a more scalable algorithm primarily through not using a critical section anymore to make state changes. * On ARM EABI (32-bit), generating a backtrace for execution contexts which have been created with makecontext could fail to terminate due to a missing .cantunwind annotation. (CVE-2016-6323) * The DNS stub resolver functions would crash due to a NULL pointer dereference when processing a query with a valid DNS question type which was used internally in the implementation. (CVE-2015-5180) - Enable stack protector if part of %optflags - startcontext-cantunwind.patch: Removed - cpuid-assertion.patch: Removed- cpuid-assertion.patch: Don't assert on older Intel CPUs (BZ #20647)- glibc-2.3.3-nscd-db-path.diff: Move persistent nscd databases to /var/lib/nscd - glibc-2.3.90-langpackdir.diff: simplify- Update to glibc 2.24 * The minimum Linux kernel version that this version of the GNU C Library can be used with is 3.2 * The pap_AN locale has been deleted * The readdir_r and readdir64_r functions have been deprecated * The type `union wait' has been removed * A new NSS action is added to facilitate large distributed system administration * The deprecated __malloc_initialize_hook variable has been removed from the API * The long unused localedef --old-style option has been removed * nextupl, nextup, nextupf, nextdownl, nextdown and nextdownf are added to libm * An unnecessary stack copy in _nss_dns_getnetbyname_r was removed (CVE-2016-3075) * Previously, getaddrinfo copied large amounts of address data to the stack, even after the fix for CVE-2013-4458 has been applied, potentially resulting in a stack overflow. getaddrinfo now uses a heap allocation instead (CVE-2016-3706) * The glob function suffered from a stack-based buffer overflow when it was called with the GLOB_ALTDIRFUNC flag and encountered a long file name (CVE-2016-1234) * The Sun RPC UDP client could exhaust all available stack space when flooded with crafted ICMP and UDP messages (CVE-2016-4429) * The IPv6 name server management code in libresolv could result in a memory leak for each thread which is created, performs a failing naming lookup, and exits (CVE-2016-5417) - startcontext-cantunwind.patch: mark __startcontext as .cantunwind (bsc#974800, BZ #20435) - Removed patches: * 0001-Updated-translations-for-2.23.patch * 0002-Regenerate-libc.pot-for-2.23.patch * 0003-Regenerated-configure-scripts.patch * 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch * 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch * 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch * 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch * 0008-Update-NEWS.patch * 0009-sln-use-stat64.patch * 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch * 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch * 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch * 0013-Mention-BZ-19762-in-NEWS.patch * 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch * 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch * 0016-Fix-resource-leak-in-resolver-bug-19257.patch * 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch * 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch * 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch * 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch * 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch * 0022-configure-fix-test-usage.patch * 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch * 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch * 0025-getnameinfo-Do-not-preserve-errno.patch * 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch * 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch * 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch * 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch * 0030-hesiod-Remove-RCS-keywords.patch * 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch * 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch * 0033-malloc-Remove-NO_THREADS.patch * 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch * 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch * 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch * 0037-malloc-Add-missing-internal_function-attributes-on-f.patch * 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch * 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch * 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch * 0041-nss_dns-Check-address-length-before-creating-addrinf.patch * 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch * 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch * 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch * 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch * 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch * 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch * 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch * 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch * 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch * 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch * 0052-Fix-tst-dlsym-error-build.patch * 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch * 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch * 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch * 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch * clntudp-call-alloca.patch * glibc-memset-nontemporal.diff * nis-initgroups-status.patch * nscd-gc-crash.patch * robust-mutex-deadlock.patch * strncat-avoid-array-bounds-warning.patch- strncat-avoid-array-bounds-warning.patch: Avoid array-bounds warning for stncat on i586 (BZ #20260) - Update glibc.keyring - Unset MALLOC_CHECK_ during testsuite run- nsswitch.conf: Add fallback to files for passwd and group to prepare for libnsl removal.- nis-initgroups-status.patch: Return proper status from _nss_nis_initgroups_dyn (bsc#984269, BZ #20262) - robust-mutex-deadlock.patch: Fix generic __lll_robust_timedlock_wait to check for timeout (bsc#985170, BZ #20263)- nscd-gc-crash.patch: Fix nscd assertion failure in gc (bsc#965699, BZ [#19755])- clntudp-call-alloca.patch: do not use alloca in clntudp_call (CVE-2016-4429, bsc#980854, BZ #20112)- Import patches from 2.23 branch 0001-Updated-translations-for-2.23.patch 0002-Regenerate-libc.pot-for-2.23.patch 0003-Regenerated-configure-scripts.patch 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch 0008-Update-NEWS.patch 0009-sln-use-stat64.patch 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch 0013-Mention-BZ-19762-in-NEWS.patch 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch 0016-Fix-resource-leak-in-resolver-bug-19257.patch 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch 0022-configure-fix-test-usage.patch 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch 0025-getnameinfo-Do-not-preserve-errno.patch 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch 0030-hesiod-Remove-RCS-keywords.patch 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch 0033-malloc-Remove-NO_THREADS.patch 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch 0037-malloc-Add-missing-internal_function-attributes-on-f.patch 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch 0041-nss_dns-Check-address-length-before-creating-addrinf.patch 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch 0052-Fix-tst-dlsym-error-build.patch 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch - CVE-2016-3075 CVE-2016-1234 CVE-2016-3706 bsc#973164 bsc#969727 - resolv-mem-leak.patch: renamed to 0016-Fix-resource-leak-in-resolver-bug-19257.patch - no-long-double.patch: renamed to 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch - glibc-gcc6.patch: renamed to 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch- glibc-c-utf8-locale.patch: fix bad standard in LC_IDENTIFICATION categories - glibc-2.3.locales.diff.bz2: likewise- glibc-gcc6.patch: Suppress GCC 6 warning about ambiguous 'else' with - Wparentheses- Add compatibility symlinks for LSB 3.0 (fate#318933)- powerpc-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (bsc#967594, fate#318236)- ldd-system-interp.patch: Restore warning about execution permission, it is still needed for noexec mounts (bsc#915985)- Add C.UTF-8 locale (see https://sourceware.org/glibc/wiki/Proposals/C.UTF-8) and rh#902094 . Added with glibc-c-utf8-locale.patch. - Add glibc-disable-gettext-for-c-utf8.patch to disable gettext for C.UTF-8 same as C locale.- Move %install_info_delete to %preun - crypt_blowfish-1.3.tar.gz.sign: Remove, the sign key is no longer acceptable- no-long-double.patch: Don't use long double functions if NO_LONG_DOUBLE- Update to glibc 2.23 release. * Unicode 8.0.0 Support * sched_setaffinity, pthread_setaffinity_np no longer attempt to guess the kernel-internal CPU set size * The fts.h header can now be used with -D_FILE_OFFSET_BITS=64 * getaddrinfo now detects certain invalid responses on an internal netlink socket * A defect in the malloc implementation, present since glibc 2.15 (2012) or glibc 2.10 via --enable-experimental-malloc (2009), could result in the unnecessary serialization of memory allocation requests across threads * The obsolete header has been removed * The obsolete functions bdflush, create_module, get_kernel_syms, query_module and uselib are no longer available to newly linked binaries * Optimized string, wcsmbs and memory functions for IBM z13. * Newly linked programs that define a variable called signgam will no longer have it set by the lgamma, lgammaf and lgammal functions - Removed patches: * dont-remove-nodelete-flag.patch * openat64-readd-o-largefile.patch * mntent-blank-line.patch * opendir-o-directory-check.patch * strcoll-remove-strdiff-opt.patch * ld-pointer-guard.patch * tls-dtor-list-mangling.patch * powerpc-lock-elision-race.patch * prelink-elf-rtype-class.patch * vector-finite-math-aliases.patch * powerpc-elision-adapt-param.patch * catopen-unbound-alloca.patch * strftime-range-check.patch * hcreate-overflow-check.patch * errorcheck-mutex-no-elision.patch * refactor-nan-parsing.patch * send-dg-buffer-overflow.patch * isinf-cxx11-conflict.patch * ibm93x-redundant-shift-si.patch * iconv-reset-input-buffer.patch * tzset-tzname.patch * static-dlopen.patch- isinf-cxx11-conflict.patch: Fix isinf/isnan declaration conflict with C++11 (bsc#963700, BZ #19439)- tls-dtor-list-mangling.patch: Harden tls_dtor_list with pointer mangling (BZ #19018) - prelink-elf-rtype-class.patch: Keep only ELF_RTYPE_CLASS_{PLT|COPY} bits for prelink (BZ #19178) - vector-finite-math-aliases.patch: Better workaround for aliases of * _finite symbols in vector math library (BZ# 19058) - powerpc-elision-adapt-param.patch: powerpc: Fix usage of elision transient failure adapt param (BZ #19174) - catopen-unbound-alloca.patch: Fix unbound alloca in catopen (CVE-2015-8779, bsc#962739, BZ #17905) - strftime-range-check.patch: Add range check on time fields (CVE-2015-8776, bsc#962736, BZ #18985) - hcreate-overflow-check.patch: Handle overflow in hcreate (CVE-2015-8778, bsc#962737, BZ #18240) - errorcheck-mutex-no-elision.patch: Don't do lock elision on an error checking mutex (bsc#956716, BZ #17514) - refactor-nan-parsing.patch: Refactor strtod parsing of NaN payloads (CVE-2014-9761, bsc#962738, BZ #16962) - send-dg-buffer-overflow.patch: Fix getaddrinfo stack-based buffer overflow (CVE-2015-7547, bsc#961721, BZ #18665) - powerpc-lock-elision-race.patch: renamed from 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- Add audit-devel and libcap-devel to BuildRequires, for use by nscd- reinitialize-dl_load_write_lock.patch: Reinitialize dl_load_write_lock on fork (bsc#958315, BZ #19282)- resolv-mem-leak.patch: Fix resource leak in resolver (bsc#955647, BZ #19257) - tzset-tzname.patch: Force rereading TZDEFRULES after it was used to set DST rules only (BZ #19253)- glibc-2.3.90-noversion.diff: use stat64- ld-pointer-guard.patch: Always enable pointer guard (CVE-2015-8777, bsc#950944, BZ #18928)- strcoll-remove-strdiff-opt.patch: Remove incorrect STRDIFF-based optimization (BZ #18589)- iconv-reset-input-buffer.patch: Fix iconv buffer handling with IGNORE error handler (BZ #18830)- new patch [BZ #18743] PowerPC: Fix a race condition when eliding a lock 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- nss-files-long-lines-2.patch: Properly reread entry after failure in nss_files getent function (bsc#945779, BZ #18991)- fnmatch-collating-elements.patch: Fix fnmatch handling of collating elements (BZ #17396, BZ #16976)- opendir-o-directory-check.patch: Fix opendir inverted o_directory_works test - static-dlopen.patch: Static dlopen default library search path fix (bsc#937853)- mntent-blank-line.patch: Fix memory corruption w/blank lines- dont-remove-nodelete-flag.patch: Don't remove DF_1_NODELETE flag from all loaded objects on failed dlopen - openat64-readd-o-largefile.patch: Readd O_LARGEFILE flag for openat64- Update to glibc 2.22 release. * Cache information can be queried via sysconf() function on s390 * A buffer overflow in gethostbyname_r and related functions performing DNS requests has been fixed. (CVE-2015-1781) * The time zone file parser has been made more robust against crafted time zone files * A powerpc and powerpc64 optimization for TLS, similar to TLS descriptors for LD and GD on x86 and x86-64, has been implemented. * Character encoding and ctype tables were updated to Unicode 7.0.0 * Added vector math library named libmvec * A new fmemopen implementation has been added with the goal of POSIX compliance. * The header is deprecated, and will be removed in a future release. * bsc#905313 bsc#920338 bsc#927080 bsc#928723 bsc#931480 bsc#939211 bsc#940195 bsc#940332 bsc#944494 bsc#968787 - Patches from upstream removed * htm-tabort.patch * o-tmpfile.patch * memcpy-chk-non-SSE2.patch * pthread-mutexattr-gettype-kind.patch * powerpc-software-sqrt.patch * static-tls-dtv-limit.patch * threaded-trim-threshold.patch * resolv-nameserver-handling.patch * nss-separate-state-getXXent.patch * aarch64-sigstksz.patch * heap-top-corruption.patch * pthread-join-deadlock.patch- pthread-join-deadlock.patch: Use IE model for static variables in libc.so, libpthread.so and rtld (bsc#930015, BZ #18457)- glibc-nodate.patch: fix verification of timestamp- also filter out -fstack-protector-strong- getaddrinfo-ipv6-sanity.diff: Remove. It breaks services that start before IPv6 is up (bsc#931399) - glibc-2.3.locales.diff.bz2: Remove sh_YU locales, fix currency for en_BE.- Add /usr/include/gnu/lib-names-.*.h to baselibs - pthread-join-deadlock.patch: Don't require rtld lock to store static TLS offset in the DTV (bsc#930015, BZ #18457) - heap-top-corruption.patch: Do not corrupt the top of a threaded heap if top chunk is MINSIZE (BZ #18502)- threaded-trim-threshold.patch: Fix regression in threaded application malloc performance (bsc#915955, BZ #17195)- aarch64-sigstksz.patch: Increase MINSIGSTKSZ and SIGSTKSZ (BZ #16850)- powerpc-software-sqrt.patch: Fix powerpc software sqrt (BZ #17964, BZ [#17967]) - nss-separate-state-getXXent.patch: Separate internal state between getXXent and getXXbyYY NSS calls (CVE-2014-8121, bsc#918187, BZ #18007) - static-tls-dtv-limit.patch: Fix DTV race, assert, DTV_SURPLUS Static TLS limit, and nptl_db garbage (bsc#919678, BZ #17090, BZ #17620, BZ #17621, BZ #17628)- resolv-nameserver-handling.patch: Replace with simpler version with more compatibility- memcpy-chk-non-SSE2.patch: Fix __memcpy_chk on non-SSE2 CPUs (bsc#920084)- resolv-nameserver-handling.patch: Rewrite handling of nameserver configuration in resolver- htm-tabort.patch: Fix TABORT encoding for little endian- Update to glibc 2.21 release. * A new semaphore algorithm has been implemented in generic C code for all machines * Added support for TSX lock elision of pthread mutexes on powerpc32, powerpc64 and powerpc64le * Optimized strcpy, stpcpy, strchrnul and strrchr implementations for AArch64 * i386 memcpy functions optimized with SSE2 unaligned load/store * New locales: tu_IN, bh_IN, raj_IN, ce_RU * The obsolete sigvec function has been removed * CVE-2015-1472 CVE-2015-1473 CVE-2012-3406 CVE-2014-9402 CVE-2014-7817 bsc#864081 bsc#906371 bsc#909053 bsc#910599 bsc#916222 - Patches from upstream removed * ifunc-x86-slow-sse4.patch * pthread-mutex-trylock-elision.patch - o-tmpfile.patch: Fix value of O_TMPFILE for architectures with non-default O_DIRECTORY (BZ #17912)- Update to crypt_blowfish 1.3. * Add support for the $2b$ prefix. - ifunc-x86-slow-sse4.patch: Fix misdetected Slow_SSE4_2 cpu feature bit (BZ #17501)/bin/sh/bin/sh/bin/sh/bin/shunscdbuild83 1590416201 2.26-lp151.19.15.12.26-lp151.19.15.12.26-lp151.19.15.1 0.48nscd.confnscdnscd.pidsocketnscd.servicetmpfiles.dnscd.confnscdrcnscdnscdgrouphostsnetgrouppasswdservices/etc//run//run/nscd//usr/lib/systemd/system//usr/lib//usr/lib/tmpfiles.d//usr/sbin//var/lib//var/lib/nscd/-fomit-frame-pointer -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:12717/openSUSE_Leap_15.1_Update/742d5836a7e40d443af3ed9b3d4a631b-glibc.openSUSE_Leap_15.1_Updatecpioxz5i586-suse-linux ASCII textdirectorycannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp151.19.15.1.i386/run/nscd/nscd.pid' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp151.19.15.1.i386/run/nscd/socket' (No such file or directory)ELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib, BuildID[sha1]=a003e3afcb384524997a281bd052c1e077ae9a0e, for GNU/Linux 3.2.0, strippedcannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp151.19.15.1.i386/var/lib/nscd/group' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp151.19.15.1.i386/var/lib/nscd/hosts' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp151.19.15.1.i386/var/lib/nscd/netgroup' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp151.19.15.1.i386/var/lib/nscd/passwd' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp151.19.15.1.i386/var/lib/nscd/services' (No such file or directory)RRRR RRR RR RR RR RRRRRRRRRRRRRq#c}utf-85ab3ad3ba44c8687827a90b72214fc79d9fcafcd7a2385e3a2c4f347fba4f694?p7zXZ !t/Ex] crv(vX0e‡wby+` ^S@ s9D{v' :HH T:AFIZLp3-RC(.'II\F9I3{sn\Jʁ˧} HxDGSX/Ui2y ԟ'y)h ѡnduqk^^cc`h1ru%DžVj[N0F+Zs/!:wmW6*'d6A 3ްԼ|zցIʊ '|o^-y$H{-]PԩmzQG.\?{=?I4, NHr<#(\eȡzOMulc풘6>~*@gtZy9(o[t#.OJPtC*:%>;`!o| QlD, oVxL^A4[obWU$Z  &)#uy-"mq{R$) !tBD|./u t-R>5!q53aYN|>O-|AD/`!CYf*_]l`V"xf4>wwl o/!ߎL9l$1P{pY@KDEC@@G%&2Dj bs0Di)jY|sK`**cA(HGux3U{罷0F$gӇ Eҭi`(,=Z|#Cz)nj^?w8}ip"'b;Go30sGM{8Ms}c` TȺ+ W#D'[]R݃#p/ \C{7s׉xetwEW uOWWRE|qǝr%ypbwu76@^ׄϏ,}B2|;qByBrcH#`(5Q ~hGA=i} G Fo) Z1%-XsQ}QNh(]{i"'9uXm%05]ך6)""ob4&ii*\Yh.g G tJ17B|d*9y;Ū[vOKc,.&2JOVKgE,ĝ&|()C7ΞjiƃrXG*7xgx8y>%U>wFFux} P̓S=bg<*?=Z!qCwWIv]A$5M'K(atyXy);Ux &vG(Om:=r߫/UgyEJmkBĎv;珹?J >S$M-T hoEGE~-(HlH[Q 4QjaP--\<;`߻yZ&c%2=Rac"~e͛ Y NJ Mh]3ц *\H̐cb$А;E7f, ‹3lflѳ.Tr"Ӟ 7)[J`sC9 PTTP|<*3"4]^/=5Cmlwu)q '>,`ghKSHEY>(0$Ovsᰲbbvc9O@h^ tTj|[<-AQJR=eqG:H9Ͷj/nJZeQrM hΚ&39v2r+rk$h˲H2Z` T-_[ ˲eq3R>s+&c9`}M* wD P}!@x3"]T?*GBvO&4)*rga <]Ejv~l/-r[rkS P/Ium Lu^ Wۓ .} .l qB?vt>S;u>cCHjO;{,kgk3FsMp<;C_5kwMFUo>;YnVxg^K>B 3>~l%uB6ECUH45l2J(eD}6ݼv^ |'AWۮn١F0^VvKܡs`xۡس V fQ_9Xʎ%+Uaa3lX9Bl`&"O+a/<[|aU@~dd3|3 I]@e3 L}G" NyT{Jp%7-''_Z+9~_r<,yχ8+:x)#T/KS^W촪ey|=y"l/Q'D 'v痑 g'5i뙛 )ΐ["rץk/=7(蘕8 7LYcp2Dt#'AJNwF*eQ`y,{qI=BS@DO!¯m^fɦHE >}o1Q=iSβlҗ;c SL%NАĢïrpʾPH8=Ս$"@h[{WѾA'~m!JAej0 kF<'IUZ{(m6>1܁?:"jU-Tg% z&RO/3HнQ,v,e\1u 6Ů=d.(p,eKDrn\J1ZpUbA}b @1C 3zNy봉5QkeZ-QU0f8lIXN<ݻ>'pfiJyy $;u4Ds&њUDjuGn[j|_MPm5v^QQjW -2` 2[\rRLuMF`쟄G&W#Sst򼋩VHJFaYȋ%vBs`yz ^e,-_|W I4UMիmԓ Փ;[UEbmHVb:ekodݠMe{` G3 [:ȳ"Є86f:(sΨك T̍eᤑu]АxT,:&b+p(f)V$a> 82 B/^"BB`[|dZ˨{ (jh\GklAK%@xa甹f%!IJ*ciJRڨBz~<(E.=yJu1u9"]nc,Sc׆ &l.EdNMvzPbP pVk^%C˓!muVOqSnRwW (Q#-*?6S1Bc*z{ҺR ą5/yt2 -s~J/mEJ(/ڪzqE183 zA"@<5>`SW7v VP^8n?X ;a.TS3ǍKǎu*ܮ5>mYObɌl~Xbި`czM:͜-6cw8`g;!cRAoQ]@)O^dmW@Xq_O&" wI%6xslRN.p^.NR"?<;{n 5g\>=EQ5),њ!9rA(A -/x#!j.OU-)=𙄊J.:ɉ\u+ XS_=II}4NJk}<ڇҭOs~&OqG⚽90n*D!7+G[<b'nc ޝͧ1|\s*B&sȂ]LK?Mb{*꼉_m&_n6#AOhcZ\eLCF(ۊ>j]5dîֺ5; T9ى,a8y(* [`Vk~fAC},d yWe>ZE^b'bGX m'MEn֨:SA4&Z5ZԋP.X뉙H߆hjc6z5{PbQҀyzK/񴍕#av-Ҋ-εcVrƚ/ pM ?H|XدbvX~HGvPYxZXi8ݙ4s FA|`%bϴKG]p -&4$sғF[i7mdGC{DAc+a&1m%sj)Y(E| ~MIR"ȉ8KDbnt wl y@5T M@'nhh;v15L;"_Pu6J` l`)*n0ME4mwpMOҥY+Ҽ+Zz :AIj);"PXL^"֎-_ifmh&JAvmǪܘatkvJuӱˌhߡAI \@؍e㷣ʥ1b9RZ3n>!2:s%lDY= T)j9jB$7 ‡ګI?nzʵR(bBj"s4UdΆ H"#XrcH0{nռm(:EҜ!# ey!+Ǡ1i%/q/=ݦmWo&T2;k(\)v#C-x Ef(%_bC $,9 :ِN#?t+ޅ\6iM@~e+vT>MjSJ2:NV_4]'-}^YIIQ)x 4%3"6VPTnkjr9]@?+|4y.a4)ł<#*BZʥֿ m?,>ݹ5]Pkwonzj}Lw?ujDP\3FLwuǢ2z*F' ib.cfY6wgԩ)^`$ {+Z 2 Ma* i|5ˌ[7Xi?ûMr[ZM)c,z""oKwAC1ǛA bm}ƈ5>*5's>PF# l?w.Qϙ=pp?lfk 4hWsb1oβZSN=PMҵ35I^Mz`aXj;wDѼ]zY#*KQ~+HTQg3fP`d>=ovkj% _`:J(fs<#$$Y:,9j:dI&Ts2";{9_3!µ|À5HG|Ws:ch|b侾m.r3-A| Hf+B\8#O-My6z7e."p|N~{=e(XDߞ4- x6n>,SKlLftŞտ~M_/MQd/@ynC$M.}b=N1we9ʉ"R%>o8%uNY!a* r!+f!UƳe|K9׀sZ57 2񴒜{ew3`7yʡriɱ8bRb^U>߃QinZ1ӯ΅e6զ`O47?"cǓ+bF}˃8l}-4ݟhQ^͌pV5U0 "E8ԮPWNTCGl2b;b@`L=a/^G0?UUZ,p?2\Ehv eO%JGs!I}s)~$t0׉}y@;8m1mk 3F McQ`j !el1w$mZ'fg2mbŠXgnŁ뽡V2NBmBǮp a#P&TC&1yD.d󌨔D^餽St:nwd ?=X[:c)r8=PFP-8 #>Pn,!vQb`(ɲq#0 h P0sA6#lI17\/Zj8.m˷<]iaHB(/!r aufߌ~U}O2U B0w/C.}zk<avtQ{_mIwk)ǹ㘦Y -TUNTMic s`4;Z̓@{Q.3X4nxv$ez"Ŀ ^X UU^5H-5w 6+9fuɹ&ek<0#j=&7a0m'1#KDGyq/K }ܨzͽ|bov:8tKCY8X n!A;8$,4>v-64cs߯0BC:~9bf=| !K4Ȁ,n.߿uk򳛰y=0G}PȕL(|>}IYC猱Dmû#ZxԪDw8Jz1T.˙8G2[ڛ ~rX?X[B" \{GyD-.lgiTѧ HEV X"0 'Uo)>lYɋ1z@F6oz@w1,^s2ԇj+7nr",Zk +Bv(Y^k+-??8Ͻu?bDgTR:o[ϬJž4nǘ&j, wmM9Й@)vO<ضM+-; W򵪎oW27~O@[n|X*@2 MqY+CMo4s=G<]Οß7ɾ-[Lps€J1LF{!XᄷJ݉|aAq>mfdgOs4jJᇘ#8=!dN`4=^ +CyD MBb f|!ػk^5{]#9?k/WG,ߤl$̚/v- pzY(Y2 ?jQ9g{q4 Em… | A2k9n ]H8պ#z'52/~QDr WI<<z1P E6=B >IW}&f[ CRWhZ5ӣP)kژ%xl$~F;')[scfc؋Bc$zdկibs2vP4|IvXg3ɔ`t.#:嫫Q_(#҆JBAǓK<%2 4(S[/#(־ijfBå{߸{Wҫ ƥ)`t 5yk_SX?8USGNm2'Od> bB㵬Vύ`] &(0lҐ566t4Ga!6ף<s/-% y"@S!د~PngU=sQ(m}ʽԧK~sRMvii0sWB2n#2QEκ٫I' y܌AAj"kE[;AWmh.p_hz*Qc=GGB]#ڶ6gs+eIuVK( ]7.51{4[ʙc :o .ϔt,x6cU*4\sy5M"si (%m m,&zsGskxM)SԻm1ӦrѽO%/2/N# Gv/$;f[˘)&?ɶ+VW!˗r#k4Z2!-^nB[\LUT71a$$t[ޤ]];H=4IݱkZ85j~WEE<`DYRVh ޗ{H?'nIjINk=|\CiL_k!==d& " B1W6@upLOU=|3nU9jq@|f^h*l#IJc8M#)bH^RGeDOg4R닖IgarLKۀݐ0WvᠨR&ǿoH$9b )\3 NᰂI1SΆ~(hMA!%w_%,".2n2^b wlDLޝ dPTk>\e5mbŃ$Pm^q0ׁ,'ta2I oNKtS2½|_/E-.%2fEQ{ttr!o %F¤qEaǓBQWϸCN.jEmi"ɂg]}v-sS|Hvxe][)@Fc98-i#% G0|m6,-8VYr}N'\P*ʡڤh BdTywR>]?k-Rqe1*iyߎ]୳8BzУNJ榔 ]#b18U-7VtCY)]N7.[R1f; fptd|gY{}0@$~-H&NuȬE|z{)y 2Gx™Ԃ՛M ~|NIez- R6qzjLNYbx4ocjl4L'_+UgClQמ"2z[AE}*)ZvjYD4 !lW0VtC+WV`՞l-ǝRLbt<.dz&ƽ2`1qMs1FN|b6R!q3c,f˛YcjȔZM6[*ɃAcbU0$ pZ!0*N'2OG4{OS2"lkT`$uf=ZlCGI *jhWhr+P@Cx,| l<3]d" $oez`PSR- Ŵr$5-~K#L ,Wt85 >DK:*ʌ-ÁLlkDU_(ɬpf<8(4:T1P)dS"Hhx7#]IG%c9Oۼ bzRŦBubc:B !ŸNA_m1m\p!J\h-"OXQ+GrX~wzQ˧H~mh-ܩ#0^"̢gsY6]pug .VЬY$"_Ƈoa\ `UIL=+bڈL":Uę >LϚXÍֈ>Qw\_OLi s"\=Jp!Q1fujWcQ_ҒH5Y _$YynPz}a#`tI23@LdfD9qG#업&lNC'!\c/f([jY@) = U<4 ri[jy9t9vUaŽ"vJ\3 BC(])EeNWg+C.OR뇦FY WC/]_lP tYD3 ;ylj_!& 4ҢӄKE{udi%-TE$B#FGalޖgrs9(Rʯ:ӒA0,EvxT+Vv\QQ!pN尿3=ux." ȏ1>{ 8R@#bsGB|%,怞$d>2irߪ-ov RTԭ,K}^<᫇{EpQl7쪤rd?٩JLH? TTBC{pK <匶aYDo43"J7;.%76IG?:vC\l`vME:{ ;shʎ+5}b+fհ(̲n{s2 4-XŖwۚ#tΧ~~~'U/sXFÝD74 ǟ&~fڂbN[})F3*~+e/a8ǿ|4|]ʯ[NCMPݒzՙ>OV⨛^z (Uɚ -)k-uVr7Ǯ?Y HVWq"k=랦%fUHnp.mԌ]*Q&釈 |8YʮA3+ѪP7f !')\ϱzhP;'!{!2bex,cV~hl=JM.NV" +.5S/ywϼy'F}eq-bߏ(.b75@ZZ%]QE̳3hxbzY%U!{V\fI&5w*5rIcmRӜn dauGܸ)@hRgUKC]rvI\gԆ}:rIg|^"Sy!Ұ9M|ɪX40I(9|KGɏ}FuRZ&JR."[f8 IZE͏H|G-n܌f5cb0@Yn+Y?rKҚ%@soӏ]bE&IПSjr$:h~TsL#OLdQ U،lHErg SPЯ+.0Y ]_Ř.SS0V{aܟ3̹P$L塈Μ:R@S`y@ER*q-z?\2#_p@Rss&84ĈwYEba=.Z^ʻ!hYk9ߩbb'[4FR[ >8g tTG@'P7 D=bA^aDm5_٠"oyDZ=|~! WKuNB"Zsڬ?UPA#EӹD$Zj}(nTuvYѩ}{;[3$J_5^ؒULj|{7OWg~ͫ#%W@iH.O⡰jӡc~1-Zyc8JGv7({?]B7H 8Cߏ:Jވ>QP 6UaEG$;pnώB%Yѯ[xzKp$`LJBQ3 ?4aN~tAZaZ' O**dRy5RdxZqyvrY,p$15yΏn?/EQ/&gpM̝sZ,#~v D_-!n@4Ul䘳NҶIU[Lb?&:Ĵi|q eP)W_XR[;uϑ Zٔa hSj8ΕuS@>vpޤZ%6T&6G;%r=iS:۾a5\S:Nj4.spPb'(4S& '(: o+J5hȦK-%my\&N~CEOB#4N҈Ok7[eyzsSOFv!#kjEDE {by#g-`y4Ј>8.=ɣ~$UFJ`L-'Yi"FrHs`d %F#Jݥ7\[O6{Ɏ4c)F?X$뱗 כDiƏ Ӂpy ֦OT'hذja '/XQY3gbBEⳲpp^6TFv*!2l5s7T:,qsh[Ң%,N1Aa> ☎k%GkB b^kWw5yV  PaBGOĐV iņ/=iHL7e\tJ ٣7\BBNr =5<r}>]K-A}orRk@u"F(}rxT=gv,-UToZur嫛)ʣ:+q\P|N-UAYlZ&˳ȾY="r%kkvl+ Fo -KmځĄ$ 0yOB1N3+M`2bDQ} K?8Me^e +n~Ad 8.C~r8HgxEwD |_҉ro& C-!\*#DGfvL+)=Mi+/l݉!p,P, "֘yg}J`RM}66"iφ 0lr#wKb=oU>3 *%.k 2B0p5]ׄON:IV2-'e&kO $?E Y6m-ilL`e;/MGR>8<s*g>Ig>|Gs0O9^332ߤpU| 8o:x2 뵞@V1YF4/S4Qv%NjW,E Q?9l໲ΔDÀjڛO' _F H4U9pzZGXJo@~=W`&CCą>ǫ[?4Wvb.}9:;'ь' &8vI jUN C]G$AeH;?}/%˴Q G`6K2M 0*bդ09?D@`Mp?Ya*xFj#0r2 m0j'REZVGL)/V i|XbRL L"q>B-CI- )hsp'\W#{Q@hC?Z< ZJl Te<j̛ bU5h 5zȸVyqxum @b`+ <04~kl oMX3ZTf@]gkނڋ0brɸ~+!ogZlSEZbaߴCytmUEkJDBEhB-h髪su=I2Re7y6 .1'(b}P5(PƩ!*\!}nQ 'az[ 3jg[ Tpm"/Q& (|*qR>aW v>8uy2>&2` /s0`G(IưZ&# y,/J -GWѠ;'ƛNɂQ=$Cu]y+Ӄ PZM9ha_6ң i[vⶥw8׮(ۭy%BN4"Ѷj+a+0N1a`tTiѢ U|#usPf6p}[t?{[ȁ!8|6'EQ@T2673SXG:t^;n9׾+2M6veY7Zg-7;Hc4$-+BMf87>MSG܀?:%3}(1E0/ÿ$2LEqO'9($Ic|7;IF3l?"!~kϕ[`K` }$sЛ*KCT@BA-2mR#W6CLOHjϕ"AdO97nhb5wK6/ ΧEetXognB"U٩<<peqO\3 Wh@Ǻ*7N5| V@DT'nJO_}JP:Ÿ5˄kInxUa v$@\(7)wшxF ;L> Ց&}L6[{+inޱ(k-lSC <>Z 9`;D{}Xd! `PBC*#]rHJE"}:c; ~ ˈkoyu#?s9=5i{r2ɻߐ/pӳSK-^?(BL/yJ{Ń+2}`OzAOB;o֦CF Sy^y 5UvBBCl1 7RV޴ _]V/hJlO~nzOŞ[`*JaGZr*]$zgW8=rʡS11Ш\=ɇdೌtx?8]7+57ԽE ))QXx/` "Q퐴q@^_r;:x2 >ه  40G?M/Pf{OYCvm^n lyu"@\sQ *L(o&%_O;20b!$RN#?E,`܋UD?\q9=}"* AV_YY2S)*mZ.rcCwDZIlϡʨeto:C(Y,BU(QB@67,/5nq@NAz*wvQ Q5cħꝖ?фS(ȘGlh}n/qi!^2>H>hkǦڄVC%;e,|NR>yO6CK%F[4l)UҢf- O @yҘE{ҠeY)}8a}/šSUO,V!yRsrv4w7Y$;C^~zqF9ֱM'Z6 ІٴVЋ-"K&)"𬷑T m$e$medPtۑO߇,,=@Ǒ TmM">QPbH к͜?ٽ`*V-d\K$ՋkLc]VKLGSmkv[. GIEMHl43o֓vt8_:I&+~j`u E<5Ey^јzj'6Ms`\YoqjcuZ+|K]m]X8שr!Hhm] dꎯi%w'cq=5 `<yVV9I:3w_.C$Q7A><0v7 ๅk4L⃝vɁ%~qnSC7|v@VǞx "«fVha)sݻ&}ԣ_QtQ 8kTqFȞCI'WN>2%Ace Kg2HqBL?]^J;dD=4<ϝ}CY䢪^8Pl&PN|=581:HGc, cwbb"-tb,H) 0${#/Mx:*J3]|=*E1`י8^NEC[$g] ;ܪH0C \xr?iRD^3 |zfQ D:%9[\Xd"5}˾%^an%ƛ]yBUWL윬Փo7K΢QEsggCJ}%gu0f' /= _K؟NĢ\+yGS OPE*\Q)a lŘr!,3sµo Fy1ek@ۥi^E*gk* Āx!>m ].JI/]$LEA aA2֪"(g;$7_!=@a"-: Qy;&Ş{amhZYә\gA5aF8S<- Ic'7g'@unReH!uwdή'Fe֋`""h`3wߛl9vI'qn{rh4V0IϢ6j3e+ar^NhT֤ۧvAC0UZyEsSᖸEȷmye'eIYwlԛWkݴo@F |Cau9yA-բt}crAkXT^`a?,a~XtߜI6^aHЀ3Z&0-o1A[WUX]! !ia nzX{04O˳00i&v0AѿxJ5gTNAӸ6HwdVt@83-d,c?ߑbE9Pe!9a"Ptը M%0jE()~ [<:QF& +%>⦂NV*c:9dN|~ Ae\E(| ;*SBmQ?^J=o[IB4$Q\_^*A2ɺ"I'LQdGgn$Yٚ$ot [=E,85TTW V v\-"^^ NuHaU/Be#bp Ec3,WTwOV姍 t0urG/Mhq"nϧ7ܝ˜):< O$BjIRح-)gh62~v?r^)9w[q^{{=$¬wb] hMОIvgfk=q{*e8(TeB00ZZѥRE.d$ƛA k+H )e5a$6K~)R+>f5;!15n*r/ M "M?[^Q1^Q1ǒm#YĜU$uDnKlgaBᓸ \>*o1)"6BYzĶ'XxyN^h#H*nt$]{+Bn"`ñ ïy:ܪoX4$zi+$ҹ,}.e%%yn1&yu3CO;ky6Rp9hp/E/Dlyӧh]wMTsn-}̚r*w_o {N/aYrTo`ir)ʆ!wx5nh_;c_ں.4mY^{z&{$^>C`\XGgvpV`Ha1UѻhOR9DR5xF<` Tu{BF1HɮpN?5=XhUւweٗݣ 8{HAK nkˑ9 xp&[|W+kTT?V8U>!@䁯#~pz͍n ҂㋓ѳHoE"Ʃ@J ;й.AKA VJQ4Y@3PD>L =UI/Im7/h2H6jG7ZuI^<V9ö(E[>Z>\|w#ԍ2BQCI hhS)[UCAo\Ȯ35I Zό%OٵZ޺m ^qQwf,.N4/rnAEez0ߔC->=I9Z(`y&aٔ/6S$Tu_ 6<: K< AEeX Iߥ^Mh "g8 Q@h}!xu~aGz3i:^qe^z7xtR'TVZz{h9Hk9-~HA[8A aog('fV 3j }ctmTnSGtsdpvHQ=1u;\Wpz.UÜ߸e- !PЂ2*m 4u CH6wJ-9Vj9'/^+ zl26H{ރ(eXnS!?rzD<5rv MhU=#C7q< rtpw霰<|^+'6[:[tWVv8X>\q D} 3 ٯ6U36!:$!q*f^;*xF܉hq3OO+<ag6?fٜ-dk%>[4nTTU#gK*J]Ե^K:'QIᇽ>dk50kV6B<@/4nl^M_w=1lx0ΊDޣUuב6ѻt2oiVTQ 9N@B\4!^ke'w: 2:FPSl)R)H<$5d-HPnmF  ]eGP$ؤrSKje"]H Kmtv&>[v+KW |M -٢ICu쎍H#u?1@3ϟ; XK1OȑߛWI \vY Tܨo-txtk0'$*C8벃7 }# kxp.gh^خmlp%$[/=֢eJqzz!2.[v)\"e9i+Z扙;P)\-<̕U)@a)Ѥ5>XMn&%[׃EmR.z?5]1viz}JТbJURZQX8Ȟ rg-z sJ=UfGݴ u=7=٩weq.{;=\z*y=ģ")ӣqvܽ)gzIgbu$PTэ#m,D:rh7"ZVF{ Rozx sHHAk85/tP?C3 nY{@tw\ߝ%3y;$[<00lF]Q kL0Gm`-UL Bff5{/TT!gqW1xaзADUw , /QV{7Pu %74,M7-:dJSc(qH̭M/j}G mP &-,eT{Ў!"hf4)\QzUbzrpIˠ<SX 3 س׃T4vQF /llF_e3rY :/@&?}8iQmTU8N=[nCJсTLf+m~;(ng)<uM)/qh7 tz6Qu"X X)(>q8(2Sd9߳H?{{7Of=JuzA@R5dtAWN=q#=ǧY_D}XtLցia41gXٜM𶱘[q߅C[lEs>D ЗkkENWWF~~-˔O( >;ҵdcGp^ђv%!kU, "4alX-l9 T[3j{-5/մU Dލc#AytkTV4R<ެ.+C}SS7mlL~ֆ}QrE3p^F; ,#peMVR g}#!CӷI 8 ҭEm3IHoQڃqQܓtHI)=mb qĒBAzb%J6 n4x[뵇LKfecjRgu`@u^Jt[DSyLO|rl3ZWa!/˼YCL36]l= Lr`ZK,"!߲~^;ۋ+YR):޺iʡH->:lT/@s2y"}z`_a#RY/8ؼQ;9y޻V4;:̇~ebZ čџCFѦͼX39ikvJFЬaD&F+t31?"PO<7O(#P1_%w~HjaÀA&PAmX,U ?l }C|jfz{>:Ð: :Cn `  B>[5f-lf paF>>joO\#ˉXRd!x9A;Ъ1N2Nfeq$z C Uջnx|kEZ^MnYr>˥8}DMxLѲQףsis4╯m5,` 38#q4 "̺ZXsPXVs&`콤pK}3h LM-ҝ=Е11& w7"dnr dNaX=FZ׍](y`0#˖$o(gB9L]jeݜlZ5v*j+3\ sV}[*ƞ6O v/>s>{1RA|NYLO 6qe nqm+Pþ;pMwV/YTei!=QX?րq¬4%,_>Wi{K 38CS { Sa|q#"Ǽ+pTJ8~% 47[ d@;)BQ,&Lpr4M xI<|wă6BIUT.lETH*ę4_雲|sfyz)3 {J!UL}ϟSF6f`Oi:kyn|Ü'^Xg53_a變F+G;Ҕt?@-c"dP>x/ br}¾POܶexb HKk&([!5nKbz|REQ(-X'"&Si_0 (].4kU?cQȡ\k%vOz_~}C\}6n+dmd.S(~M3=U<kɘ}g2t*bXB/KL"~a\2Y%j~:y %oD ]oMҎrƓ,:|My = ,+Y{~iTBq˥Bd96 GS>2E(YgEf!h7l *$698H;&1܍06)SI:%pfWeS8hd$й\USHT ԪOkFNYFC ߑFJ&ғv>'*=RrLxTGlñ ~)"Pp}K@fȸԓtA>^BR)YH,#$X-`zT#*'J1hw0z~sУ>R JH~tiP=dQZ^$+6'P#wa~V8Vw6a#w=t~ )O83lu]UGchܴ8*]jԎÃ=qCI*.3_-V))(UIY$ܤB'5$0cMhg 3@ -E&,3hV4$٦7w|M铢1 mYI~>9i׮wFk<"Dt<_ݑ8ӱӛ~"rI6AOv gʹEs!JOFz'TɎY2 l`b*ی22 rvl։J:t0dYa$&HyA1fWTI]]0MgWͯ?S{?}C0 ѤlԛF@57Wު5.;*:/3b: /+Q&*ֹ{N wZ#=tO,5D}ͣa1Gv_TrEH4ǧ5 ~7'mUZrW7TPAY8ȵr'ML?f:H?`u[谴 L21A*ʧ3":f`B®eki=iCajZ&BZj=,F5ͮL,RTO17(d͟#;xHGK%%`a`! ;UgsΑ+:\M-ߕ*1<>oZ=oҐRuW&8+m{?`sl5c7 #yMNM8uj\GG~i^;tǂB"WVlL_](聆=X`51.Zp,b^T)TX(R + дS{M gBP@jOn?!7l[4efeJ_'0ld&5tLB/ 8Wx2r&6(n+ r]<9s֧A7EnCP= Q "Dz2O X'6(WBFQJH 1xYc~RmjAG$V \9d@GaҚΛw`]a,T_(fG0u%[{*~FUM [aD1ij<}_#{p;6oUu۶gN*G\ORK^z I\ci8*\Wۺ_Vl&4=pfp;cG=\|-rC@`;JE^"S3ߕ7jBПJd`%S$V(K3z$pE1/@VHEMQd#ߧqԗΘcHM0׻rhd9&CUTh}t4%PP\\pgOBޖ+j9r@a FH"p꜂S="[gمo4-Jʸa\B35LR:ʒڐ= JA iȔ-y3D)#{pM T/U}eߚw#h+`,`NZuAa2?c?I=ΊA%;w1lm9%C\ă 1tG$lb$~(•7` *Y^'GtXKr7h'$=:Y?YMn 8Ԣ#}vՇ:hFIN= ~(8oM |Yls.`{qC҄T|) Fϱ2;\d|L~Yކ;bB؏=|f?T' kؤ42Ieq?snȀw4*D5!7XϬA5G%5ZXs/Ȭ]q-x-Vƹb_err[ _]N_c#w_#Qɥ|Zދً%;z# 7BZ8^֊3=fA-[\}"srtߚL0Vķlznja=qrNy~9R"0S@uGHI-':0)BaFđQiG~`ϔ)_aUAr,%{_5ER5K ]nrtwF$84I1f6m>iPFwXLu^!>ql׶Ί&r˦7ZqA  =aQ>)a kEzLMWu$G㟑=Sgut;84诞f-.e"Udn[lQ9G9Dɝ5RH S~4t[-I}պhD2A8a*^9&#B\џ[Uwr)YDf# ʢV@@%5Ka gB)*C[6^_^I}bXJuOm[m ^Wy17IK=# qT&`$' L[,*x!עѹ6_ ˇEp9 ߧsk_cʁgb!AJZ*I%ԎiԱ5\p]ﭒ ZM]iNm)_,Ӎ չ{=A$W5m]$X'#m*d=!,6XXfC73E,Vm)RyP;$Wq?Ҋ{ƱڬX"2wQ͇5aZᣏ+<wk\ ܚL+&^x&G^ف}?9.&1$͜봕 G\5 הsxK5%jꬓ5oTֶ95]NN⑌頻7>8&O\6[ _},f II}[t'r#6JJa?AH #/n&kjiP8H^`!p ~v'OP)986s`(eg.oLxGc&sz{^G@!n6w` F pi fi+Sݴd)$Z`4:32B~&oynіifBJ54|͇}Mص%h*Z|`Av&R_w7vY (̷'ki^YAdLyey;u!bL@\]1eL\m$hژG -Ew|L}FR2Ż&fvHՉZѝrLP"]JKkdÁS.mE :_i{=>XQəH"A1Х>(R {cerhٽcK,|_FRQP[?-Xr Vsz̊49(h}za38Pxc nQ JPd ![$Mw9;]qA+ڷBaR융҃hq$bV %T56fkT y^%UP(Pq <|E]'FyteA#V0(BGGZO%Tce CȶH* WD1"Tt=-^#EqC\L`QDobs%҉)xkesbPփ28W1CqGŶmDjc˲nW5!s)K4z9?^*z'+q\ Dz>B9mT>TV:Eh QFHvTW5EΞ*P:=NK S2 %%,Œ\<%)jYkh諾 X<`e~PKdcc>ߏi >q?z}s5Ԑ|R T)ݴB=ZFa )%{ T O`-#XzÌE$IL񆇇v|p= 9 p~_á |u+*/4,B.Z]x"rbЭn @T^y''OȒ3&rq:D6G0QD̽|fH@" f\($z1am6AhU},ܐ/ __FXw1*dY l?B?R89&ڑ&D2TkznIHi3ǩ+gi`zx^JK{7joH?g-}~F/:1)M|-'?xfU~E#~?bzXvU/(6 b*Ȗ l4*S vXO% od:HA@GJaK%߶yLIx&,vyߜ s~R݃[ W7>I b^,֯}\_7;Bv 2}EQs(HX&%{N_x7IUU7L$m.b{,h"Q4ھV_ 7YVQnua:Ql63;=744 p0y55Y70>6{Bddo_k:Cf*m&(֚[/!*(qYmG0/p){j#cNoNghHΐiSŌSqC}rI+qۄ,Qm=Hڛ PfUKI`ٕU%Hlq~@G#=\lTn~Yn&ob6[h'~bQ 5Eͧњ]@ le[#K X5IA*r>Y3{MWx_7: n}zvܗ:-\jk}F)\ܟdkͿCتvʩ#Y.Eu6gVUP}a;{P ޹;5=ú2Ktա(o9{Dﮣb]2ŴC%k~FPIi,eLDs) S]Ss~-K9d6YK([XdїXp44@n3PX$6ԟyb5yB9# WnpW? 2fL`oPPy%OֲF TdQ>ԁ5B$V+'$:o\,O/4Y?v\nkvp@22o⬧rr-}lr[ĺ?S2IJ/Di{H"Æ,bT}x;xoBd VN`tUZf'Pi436v.Ey O?+85,HgҢ5o`)Wp4qϧ-UVQv [/ k:B0dF5T!# .\vC`3r) 5TíkU<$֡^}M~q\?SB* ,kwP+V- V" jeeM^Y+pf;n^yM%d(\AM% yXV L]ٳ7=>|t"b LlkGXWiBwM%?g*te5T {ͧg)Cl( |7ڔmC%Tsm8`S8_/#i/mT Y}<ⱴǡ޶HCbi>DKt>jf-:kʎ%(Nީ*QVpFN]Mq0j-cξlߖP\"EQuiV0JIQA) $M)Ɠ- @KuV @"3oIkZ̟X\Jp܃nSujC6qUŐ{Õ*Sy/BY~TLr=fvV熭I]%߼FɎNF3FQ_,76b CTk:+[u27]*h\~ wg |*E':YASriw wFu2[N5O~L1(ۉ3o S?7's C렙{G2TDsRS>s*M/\g}Zpr\aQvƯ4#ܭ~^6As2Wq R=, 2_]5n&.\RC.*z&S7)LC1;LL1k{`3R]QHKZ$݁PYN$DnhBQTf*|`Cr2e@|%uTݥ6VQ01~` ڝͻ6iÎIYsFc15*f],¸323UY[Yi 'B7?VE>wT5a&&q%4'4i'IlT8 $f̴X4T9B7B_@e4(PxAjAsQoCTh ^nǵ9pga2_Q6iZw%^LO|j H0 33B8D>:^0zvsf7}%5{GQz&E_jv@[mvښ@6'JBe/!z*y95rLJ3U#-%~ fe qN86?(fjjL&eŐm|5ͧp @9fN>s ̝k?KxŃjFf`g@aE*ydC@@$ET܀2 :"Xًj Z|ho>q?f&Vj,\`εz&j a`^Nd8L5;mUgpd!X$!le[ӶxbodqZ4ZE}8_>Qiw|LZV3Cp_Φ0~~[u`LQ濋m? 4,]/3D!h}Ey9 36#>X;+6NpݞN.1>%B|'D6զ4zf7L,{A$ua7=9z`ZrSA`=Ardn3TJ\Yſn dr8=d[Lgnou>.zr]a6W w\&Tidx#hM|[Z!,$k<5B}qzE]?7(:QiQӄUWoHOmy&# :|~ lt kz9X>F6+).?c_>dRf&SAf8_9Y:T0N:TSs0RW$^EZ <3GW֩s UynPI )xߝW2&Ns!VkWUZt )nmsuO!dR,`fwզ-@oCxoH(QhJ=]⃶<)'ݕS?Nn8^]OFZNG&0|NE<\c/Rοdaʃ(KP:=rZ/ )[Gb-~UjFǐ>`RC=]lͯpf6N5%Ȣ4Ydtד #&Qu:m7KiȰvbhq˽Ag\y<85WR%&8&oAБRί]VN PO=i|<E@|kADbd&`XLP@ͱ,S-擤kP}z<5/R7oti]#'Kb`#fq@P~B- 34,}Tnc?MF OZꑶqq2J" +EP*-8d3D=m^SM#g}k^Q2 L{P}{slyN4N`-1h+KJu*:2 Oٛ&4ݩ?8FqMx>aG$P9_@muK?jV ώG9Z W5 6YQ;soփ|0!fD O9bp=U7j`&MBɇ˔H d'&JlT3p\@E~l )K|k?IO,[ -s\@u$t6 Ty|cʘex畤  Ò؂^qj53{ Pc@Cd?:On 'wJABwkSu$?a>:ΦGGg맕;Cy7a\pqϽt ^X \v3k5Ȼtl:2s /WY HB[bYwC*xR[j~}9C-}g2@;`5:Eb> jͰ_p`[VT.ˤ0jg,晡.d"g'@7e||@ ;ܜɸ<<㞪JN.b1+)IJ5NzթZ }j~eq6 ٠PZ` C|>T^k#6M81xq.x*sޞɡOƟN;$2.AWDܖ F߂Q^?9,Z!ںAinOcoJIU Y;K+_>G,<揹I+8? im Z)=b bnK-8*^C1`u /+ݾsa 6|{x rJ'Tİ7 ԛgHz""ٻ_w\1dz]1k*J3?Od Ȫ+c|'RGҳj|be29?#D+ `ogFOi6ͼst(@'W 4ua%^CG63A4k%s'zs=:*mױ7 Ǻ3ZcCJžܳ{Kφ"SaX|2QV |v7C\`6CN',.z&WwʻPjL c#خ!FYm-m>S:/g?&Lw>@(Ӆt/Y꛿o9 5B7iZ0г~ Bf:Wҫ٤Fk5AvMuB_E?zb`QZA8~&~BJuyζfe[*iV*Ip¯G`GCƱ+ 5TɖiQj|K(\ctglw= !tBԫչ 'b]&zF MdHqš#Pb`3Kj63՝D1eGG"C~9rL8Yd`<'Yo3ʣ 83]'m?5a>I/LKxXN|%syw &**@K%;\7;e6P# _R$i馘\E;jT-/rbE Y6^={mp\ЌHٸ~^1}u s1 }_f7Jbǐp嘥n ">:nټM Gg>0S˧|'śIICJX#:DVS5u@;r g 9Ee7y OJY#~z h4o4x`m-@cN8qP\<ɋj'd ]b_åM׍`V ~b&{ 7'J"'4lȰA`QCP*~칍* ˹cF; :tٽ|F&W,# |!F. ,zoWA qtEjO NnS>8^'% %>^ jR~{)(dס#%hL%zx >}cxFDlPQ17CA|V^-!% oRf_)ʰe! hOaUW218F)Ssnk.PdI;"l$ BEKDd1ן0zg:} p|yto>oS+c\K+cfh/xW@|랍ܘj7i+[Q2|e37]UõºVq @x9/29IpD"We7V#R1T\(4i+/v T؂AD_o2ǠLf,-`RBÍHRxKZ$ġ]UÁ?Aww v, X.#YqoSïhPCw9fPy٢/[Ϲō| LYéV'7@#+KC•~Z g1s:B󨋹mEMmM _{{yGK/lv.!7uR,Oa#Hk*P18""|.49Ha8Qy$v0t+TtP=~ϐ? (oH\dhxh΁7vy|YئFShn"뺎rΊby0Lx.4[* &9oqX O H'Ԩo$t5PpH2hJ&SC(t cE L ϨbiHy(68FsEQ(X!YFq+츻Μ/OzD=V=w)[h|;sNƎf\P Iy-M)):í[L~i3UE(_xQ_6N- $$1ـ+r`pXy&}•,#쁂3L}76 !M 4_Y琣i!8Onl?xO`WB(UX"Ev[ElfM"nVzS_}`5 >]_78j6O wBds1@~I.)QLQΪU SY }>=\ bf/uY~x@%lF)28(_C Qf]EI@ʅ%>%y^$jLߗGi0ool,嶀0_Z#Ug!s)~ޒ_Sdi1 17 i0ss:7ee+!7X%VAx6P`oRpR8?e*""oteSl# 66O7kI$[ph%& ':<@Mxg$4.hv qmؐ/-ѧۻNy-j@8gZMlc!g% 5sOۛmD,#IePG̎ Љ b,;k7z`DAƓPwNMIQh8S_B^:re+/l 7\7GeָOh&Žǝ:2=rsN\݄Sm.A"F Q1.TmxK Š2++r{}>)#:й{ ٽ]N ნVaeY^fEpWf36IS(V}aZ%m {hĞDt Ϧϒ{ӳWvt<װ! 4Ѕi#? Q,ӹk'mAsxٺ l=ހzόLC/}Ȃ̑$n3H[K̟0*kluOid< WoCYZR Gѱ?0TY$mH]3Q/-#ѡ?ڀ I#ʑE6z7{~^q'$?[Kǁ˅amj)$GvM )mİ%=Ü!k2mM0tS3j1^r>h%vBWrq}=="- L>C"~~i].td/pcH]N/(9tOU%͔FJZpLw-~u UDkГMp1 rz.n:ұqD)Uwnʷ 5Hw,Qw݀:֚X=TF&0 ?&_rNHr 4gE4.iࠕr$[Nw)oHɨPvcc\&E3%a1w,0#_83ϨEסǚ]6϶BDhCu]pJäej~I )A)6x>pqcg̡@Mv0}lFc2>r R K$Lj%4ѐ:I p)YDxWX|*xӛy+ζwīm ͨu ?xY]"޴![VG}O vTrU~sX]H1cp?raqKY(Iu&SoAfOWJi&/vI$9"lvaND'~o5?iM|[{?oh)#q Z_ufѫJXѢ4W0֣N5j9f5z٢DrwF`h8FUO~^E铟ǟKP9Ĥ%ORLbH *i`BdcyRۙZ 7EJgkO.@9TpdxR~$UAm#e.H$93ZCҦ@0'NDx . ߭74G2J(z)m'4h[@F \޲qfkًfY(O+oxT*D~iĠS[;*HJȁw]Vuˋ%Lb48^MwMd:fB|&fBe vt?ZVj(da3Jԣ#ʋa#7Ol&3m[vzdAj$wQ~y<|RpQR"GM C`]hZ O:KVa՚lQcE,px'B[Id]2NOW.'ʌy/lBe1PnR',~6L|4-H:R\:#Y8O-M * A ފMORڢ,5ż giWbKwaԊ+K,i.ƒ1=?Hi>?(xk׳JeI&|WaL퟉|vƪ$tCi^<7ަ(U63&;^q 1P;}ItY(HCA&J袞 IJyo?YhQ0W!⨦}>U QU=y1W1aqc 1# gz)~**x'"?{+ja!p$&lAlaYN'r[:EXMWS3$!$@bSYQqH 0)*9{HzX@Cctx{؝DJBh 6/( 2 G6DVT zẍ4/deik!^21m=>1I3ag< 22H8c)p;N:FZb3cälCz!zZ٠vPmEPʕ*#=bξ"G7DxQR :[BBV)s94|+5{6W)ފx=u4iab2+JT[v"<JJgs'|Ц3wkBDյ0&r;_ɯ"&";(pKV ;GOQqhS!yu^ʳӨֵqOArfR&dhXTH Rr<dD60ۛBezO}xY#8^ ,*K}X\"6tWg  Ǟ a%zފ[|2TF-!W)"z|tl_%:[Wmw)ϕ` |?`ǹɖ6U>UBU2ϼuO40WoR  Iw_bPc4哠Г(B4+B($YzE /G_\Y7'O36{ aaݹN!eX 'b[_AӅJvzΈONCu%B#:%[yO4CMzᢋpsl&5=$!ǔ#d@:F Bߓ2+f!JCP֦KcӼf5kK }{]JłR9]-59Tŭ1D!l9_>:}?PfeU+H].^9˫h~?۞fmmu/S"K+5*L_פ9qi}ω!:^ +{W@d%8\fBźWDy7eu+`U4΁5iXXq PT{ \V[a ixok-)D b*=h_iں$@SS 9^P/J&9p nض'(g/lp #漫 ߮*{ǭֻ4&0j:-L,_*í4QmO AYMiݭGe ثw A::SxnITrؿrvn4o14r ˸86ntG%W\(ڰ]qVr~R F.;@QXt69HiWSo45-*-W1wVowVo'[0#b:qt,\.ew\ h8Z$~_c>lsfN5IBe@7#/ ۙUɊ]u"b*_UTJW5]ĝ%] ZGaC1( sQ dho #X3k7~C*:bSFPHq$YeFڀ s U|/#F`!qҡ&*R{;&P;jI]Ml﷛UnjKxw~y0aK-"ANQa_xcy`k'Z`}}1𚓠=[y:E\_#<)S Xb*Eq,n5{ ˦eh?Qqr7;HSS죆):6Υzx)a.%pHpIW҆CW 샥 hKGUi2 Xh$NڀQ MCe.ٷ3}ۂ`UF.|sЪ\7H\?qZO8kݕ6# TxbISZ]ıkC'w#5<*n*&uShiub)I2k?BJF1xuIU͑"Z`=NZ@TX]cD MIMye$]v8Jcy1hCd)n̝Vu7fZ%߯Qnt!OXZJr7,nްKv2$P*,>94>f& DZ PljIup4)ԀH WFe2,_Xɺsb1+>b3HX8%v._CK  4R9KLMx?}<<JE0!A{ c2盗@+\f OvjB1x:j|19IVzNHJV jWaR"L:LPZՆoXئY+9|x1oH穓-}`FFgXAJӟŢK%`@8\P*%uy$.plHK$ Ш_|E W-SDet}lɷ5" aCt V;V;lK@S;V2c4:Jy:rco_uZ.q2"ΥxNzC^3Fd>xkH2Sd1ȧ$M՗@ "pT|潡}Nmѱ¨W a.ES:FK`09SAi}z_leʹ'ks6!g;b"Aje0K\#,b*ڸcP1 cvfoHqo|"Y_¨ ee3_pa*ƱWK8x!v- 5_evA1F;{Hye/'PVBd-mh}i.zmf5x"ۮQXQ2c.Tr}mJYi$ Y,q[&9[L4[yu +7<'U+ 6ZepjpI[0&{PjdM샟=c NT΍=(Mu!7yr@A08,,Im ' )%S,l)8)d g7IJJ[شW԰ztti,I.~q2vղjmF_F oXaq|+|>QR""SuESQPb7B#4"U:/,Mw~FEZV/g`bbg&qh3ͣ kA"5Aor-GNCyq^f>Iv1h]96ڏe/%/ߐ µRI=Dž_]C;d3 BUj^CDUqX<{; %:Vn`ጼl5J.=uJLxg.l~a6RSb(!Ej.OV!G@49p{YAy꽑t^ Ej0VꇜJDo / &\?h<)SX(>yl<΅97ګ_ԡ3LZ쩐D|3|ÿ2.5R C Q(%g1ٖ%b0P#18GvmN3hf}[A 'K㰁ǽ< ZRSm^Q>-=*%R^njf3`Rp-`zFAWR=jͺ~ !*T|g@84 V9_YlQmT\Iʦj~5JtL$(u9K[#EیdzVk1u2zpLC zPFN,d{ئZ;"]1 m7Y( 4/_2 &Ac {eFZ"pŠa)J7oʀ̏>[0ψl@MmSMd7amAϛEYsJ'EU!wv^ |!LT Hd%_/y"3\idBQ[nfd~!Hpw#* B/>p1[=]O Qrr5αbG`%:hphH(q2@6E#4֚tTJHmo߅Εd EmL gF贷!"^=|aN/#.ig HkΗ'wV=KNVՙWf% H|Q1<)͑QmTւ ̞8@Cs"_\(Y#+EA<ŧ*_Я) /c<3JY5xewP1Oy2(e+8+^b)KJY[{l7(yr'L%/Peĭ3 x5~f<|G.L 1q54[z(@ -yu@Ks+Jc?1^76bflv?o]#~LsŦKzEI_ӟx=B.˵,9)%L=%E~]\~u6cJpmqfu9!^cڧNR:rPD.O#g`fhB]_m7۶m{Aϖ1o JVQɬZ7l$2nto=ksr}jq~vU P"l-j&aj\l-{ VVX1]E`8: x'ħY^z\_ƬX=eB]|V1+6,^̳c$M)o݁aETr,WP'׫D|wҭkȶach(˴~m&3(l‰H W=U?CV ~ tvj{ب$&z;G0馧[\PI>&S_Ϸ%qFIN(l½llQjd[K䍜) Sڝ`{Ti)^VQT'77kĺϼcuB*T/Ok*mPGMS+X6: >CN+6RڰϽ;<<ŒY~saJbt*7 9רϮw+lp8-@9Cajye?Kjݘdy>٭TV׻ₙ0EQ3%gdmp&ži6刏6mV3OZ3"-![ٶGMKpoV F).[&˵\'@A7SDUO@u:u`;!tܙ1̧=z3+ c{>8i;n7a &eWZW|^ ;MY8?9W>`х%ׂO)8 0VMMc&@AL8NsHf*nBmZw/1QG{O25_KNMrfvG(ܴ b YZ