nscd-2.26-lp151.19.3.1 4>$  Ap^sq/=„`A9қR+>fJi#O@!VVbKz W'҈3Ra?Yr?&}(y fdk@LV]x}|;"uDs{K ds|w͓2&kWvQ],ܓ30}-pU<e#M691d5fd28e11e7ae239fb67de9ceddbe9ab1650bb792587336e01b5dddc199550702b54223fcf92e77799c1a1ef6041004cf9c8fH^sq/=„ T!)ake-xN-?Uot]3"յ>W電%Ijn e-p]&r \]Iuqf,=k39&皼Tba^rf[w:{˸LwQMV~҇5QuwUAj]IBJ~_4FJ$o!Y]S^^.*+ι3f2n^ȡW|:6`&Sʮ z>pI?d   5 $*/ , J h    W4)))(8$r9r:"r=>?@BFGHI4XDYTZ[\]^K bc|d eflu(vd wxyzl|Cnscd2.26lp151.19.3.1Name Service Caching DaemonNscd caches name service lookups and can dramatically improve performance with NIS, NIS+, and LDAP.^splamb03vopenSUSE Leap 15.1openSUSEGPL-2.0+http://bugs.opensuse.orgSystem/Daemonshttp://www.gnu.org/software/libc/libc.htmllinuxi586getent group nscd >/dev/null || /usr/sbin/groupadd -r nscd getent passwd nscd >/dev/null || /usr/sbin/useradd -r -g nscd -c "User for nscd" -s /sbin/nologin -d /run/nscd nscd test -n "$FIRST_ARG" || FIRST_ARG="$1" # disable migration if initial install under systemd [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$FIRST_ARG" -eq 1 ]; then for service in nscd.service ; do sysv_service="${service%.*}" touch "/var/lib/systemd/migrated/$sysv_service" || : done else for service in nscd.service ; do # The tag file might have been left by a preceding # update (see 1059627) rm -f "/run/rpm-glibc-update-$service-new-in-upgrade" if [ ! -e "/usr/lib/systemd/system/$service" ]; then touch "/run/rpm-glibc-update-$service-new-in-upgrade" fi done for service in nscd.service ; do sysv_service="${service%.*}" if [ -e /var/lib/systemd/migrated/$sysv_service ]; then continue fi if [ ! -x /usr/sbin/systemd-sysv-convert ]; then continue fi /usr/sbin/systemd-sysv-convert --save $sysv_service || : done fi test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$YAST_IS_RUNNING" != "instsys" -a -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi if [ "$FIRST_ARG" -eq 1 ]; then if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl preset nscd.service || : fi elif [ "$FIRST_ARG" -gt 1 ]; then for service in nscd.service ; do if [ ! -e "/run/rpm-glibc-update-$service-new-in-upgrade" ]; then continue fi rm -f "/run/rpm-glibc-update-$service-new-in-upgrade" if [ ! -x /usr/bin/systemctl ]; then continue fi /usr/bin/systemctl preset "$service" || : done for service in nscd.service ; do sysv_service=${service%.*} if [ -e /var/lib/systemd/migrated/$sysv_service ]; then continue fi if [ ! -x /usr/sbin/systemd-sysv-convert ]; then continue fi /usr/sbin/systemd-sysv-convert --apply $sysv_service || : touch /var/lib/systemd/migrated/$sysv_service || : done fi [ -z "${TRANSACTIONAL_UPDATE}" -a -x /usr/bin/systemd-tmpfiles ] && /usr/bin/systemd-tmpfiles --create /usr/lib/tmpfiles.d/nscd.conf || : # Previously we had nscd.socket, remove it test -x /usr/bin/systemctl && /usr/bin/systemctl stop nscd.socket 2>/dev/null || : test -x /usr/bin/systemctl && /usr/bin/systemctl disable nscd.socket 2>/dev/null || : # Hard removal in case the above did not work rm -f /etc/systemd/system/sockets.target.wants/nscd.socket exit 0 test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -eq 0 -a -x /usr/bin/systemctl ]; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable nscd.service || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_STOP_ON_REMOVAL" && . /etc/sysconfig/services test "$DISABLE_STOP_ON_REMOVAL" = yes -o \ "$DISABLE_STOP_ON_REMOVAL" = 1 && exit 0 /usr/bin/systemctl stop nscd.service ) || : fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -ge 1 ]; then # Package upgrade, not uninstall if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services test "$DISABLE_RESTART_ON_UPDATE" = yes -o \ "$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0 /usr/bin/systemctl try-restart nscd.service ) || : fi else # package uninstall for service in nscd.service ; do sysv_service="${service%.*}" rm -f "/var/lib/systemd/migrated/$sysv_service" || : done if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi fi exit 0 Mk0 A큤A큤A큀^spY^spY^sp^sp^spY^spY^spY^sp^^spY^spY^sp^sp^sp^sp^sp3dfa1280f6c20acdc451920963074e116a493e11540d7857592b979622669fea79fe74962fbce2fa9b2a4b92f693b2fd42cbc2ed331fae268de7104879a72df879c9cec5dd2414dcb76d11e75903aa6fd9b7785c897cb9f853edcb140a71b7792c95131706d71a58e035139481c3841433bf3c0a3379e434de7093cb86ee0411/sbin/service@YYYYYYYrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootglibc-2.26-lp151.19.3.1.src.rpmconfig(nscd)glibc:/usr/sbin/nscdnscdnscd(x86-32) @@@@@@@@@@@@@@@@@@@@@@@@@@    /bin/sh/bin/sh/bin/sh/bin/shconfig(nscd)glibclibaudit.so.1libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1)libc.so.6(GLIBC_2.1.1)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.10)libc.so.6(GLIBC_2.17)libc.so.6(GLIBC_2.2)libc.so.6(GLIBC_2.2.2)libc.so.6(GLIBC_2.2.4)libc.so.6(GLIBC_2.3)libc.so.6(GLIBC_2.3.2)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)libc.so.6(GLIBC_2.7)libc.so.6(GLIBC_2.8)libc.so.6(GLIBC_2.9)libcap.so.2libpthread.so.0libpthread.so.0(GLIBC_2.0)libpthread.so.0(GLIBC_2.1)libpthread.so.0(GLIBC_2.2)libpthread.so.0(GLIBC_2.3.2)libpthread.so.0(GLIBC_2.3.3)libselinux.so.1pwdutilsrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)systemdsystemdsystemdsystemd2.26-lp151.19.3.12.263.0.4-14.6.0-14.0-15.2-14.14.1^`^U @^&^]@]7@]|@]@]:\@\\]@\@\|\~d[[ͻ[$@[t[r@[qr[^[!@[@Z@ZJ@Z2@ZH@ZZ Z}@ZxG@Zp^@Zp^@Ze@ZKt@Z1@Z/Z@Y@Y@YYܶ@YdY@Y@YY@Y@Y@YW@Y@YJYYw2Yp@YJ_YA%@Y.@Y, @Y, @Y$$@Y"XۡX@XWw@W@W@Ws@Wk@Wj}WYZ@WL+@W3W0{WW V@V@V޾Vm@VIV@VŲ@V`VVV@VLh@V.V$@VVZV VUYU|@UAUȒ@UU@UU4@UUv@U%@U/@U:T@TPTgTܕTء@TO@Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab schwab@suse.deschwab@suse.dematz@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dejslaby@suse.comschwab@suse.deschwab@suse.deschwab@suse.deidonmez@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.denormand@linux.vnet.ibm.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.demeissner@suse.comschwab@suse.deschwab@suse.demgorman@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.de- ldbl-96-rem-pio2l.patch: Avoid ldbl-96 stack corruption from range reduction of pseudo-zero (CVE-2020-10029, bsc#1165784, BZ #25487)- pthread-rwlock-pwn.patch: Fix rwlock stall with PREFER_WRITER_NONRECURSIVE_NP (bsc#1164505, BZ #23861) - manual-memory-protection.patch: manual: Document mprotect and introduce section on memory protection (bsc#1163184)- backtrace-powerpc.patch: Fix array overflow in backtrace on PowerPC (bsc#1158996, BZ #25423)- posix-Add-internal-symbols-for-posix_spawn-interface.patch, glibc-2.29-posix-Use-posix_spawn-on-popen.patch: Use posix_spawn on popen (bsc#1149332, BZ #22834)- ppc-tle-htm-nosc.patch: powerpc: Fix syscalls during early process initialization (SLE-8348, BZ #22685)- s390-strstr-page-boundary.patch: S390: Fix handling of needles crossing a page in strstr z15 ifunc-variant (bsc#1157893, BZ #25226)- prefer-map-32bit-exec.patch: rtld: Check __libc_enable_secure before honoring LD_PREFER_MAP_32BIT_EXEC (CVE-2019-19126, bsc#1157292, BZ [#25204])- GNU1815 - Hardware support in toolchain (bsc#1151582) 0001-S390-Add-configure-check-to-detect-z10-as-mininum-ar.patch 0002-S390-Use-hwcap-instead-of-dl_hwcap-in-ifunc-resolver.patch 0003-S390-Unify-31-64bit-memcpy.patch 0004-S390-Refactor-memcpy-mempcpy-ifunc-handling.patch 0005-S390-Remove-s390-specific-implementation-of-bcopy.patch 0006-S390-Use-memcpy-for-forward-cases-in-memmove.patch 0007-S390-Add-configure-check-to-detect-z13-as-mininum-ar.patch 0008-S390-Add-z13-memmove-ifunc-variant.patch 0009-S390-Add-z13-strstr-ifunc-variant.patch 0010-S390-Add-z13-memmem-ifunc-variant.patch 0011-S390-Cleanup-ifunc-resolve.h.patch 0012-S390-Mark-vx-and-vxe-as-important-hwcap.patch 0013-S390-Add-new-hwcap-values-for-new-cpu-architecture-a.patch 0014-S390-Add-configure-check-to-detect-support-for-arch1.patch 0015-S390-Add-arch13-memmove-ifunc-variant.patch 0016-S390-Add-arch13-strstr-ifunc-variant.patch 0017-S390-Add-arch13-memmem-ifunc-variant.patch- regex-parse-reg-exp.patch: ERE '0|()0|\1|0' causes regexec undefined behavior (CVE-2009-5155, bsc#1127223, BZ #18986) - regex-read-overrun.patch: regex: fix read overrun (CVE-2019-9169, bsc#1127308, BZ #24114)- crt-nocompress-debug-sections.patch: Don't compress debug sections in crt*.o files (bsc#1123710)- ldconfig-concurrency.patch: Avoid concurrency problem in ldconfig (bsc#1117993, BZ #23973)- force-elision-race.patch: Fix race in pthread_mutex_lock while promoting to PTHREAD_MUTEX_ELISION_NP (bsc#1131330, BZ #23275)- japanese-era-name-may-2019.patch: ja_JP locale: Add entry for the new Japanese era (bsc#1100396, BZ #22964)- pthread-mutex-trylock-barrier.patch: pthread_mutex_trylock does not use the correct order of instructions while maintaining the robust mutex list due to missing compiler barriers (bsc#1130045, BZ #24180) - getaddrinfo-parse-ipv4-address.patch: getaddrinfo: Fully parse IPv4 address strings (CVE-2016-10739, bsc#1122729, BZ #20018)- mman-map-sync.patch: Add MAP_SYNC from Linux 4.15 (bsc#1126590) - mman-linux-map-shared-validate.patch: Add MAP_SHARED_VALIDATE from Linux 4.15 (bsc#1126590) - nptl-setxid-error.patch: nptl: Preserve error in setxid thread broadcast in coredumps (bsc#1063675, BZ #22153)- x86-haswell-string-flags.patch: Fix Haswell CPU string flags (bsc#1114984, BZ #23709) - pthread-cond-broadcast-waiters-after-spinning.patch: Fix waiters-after-spinning case (bsc#1114993, BZ #23538)- absolute-symbols.patch: Don't relocate absolute symbols (bsc#1112570, BZ [#19818])- glibc-fix-aarch64-build.diff: Fix build on aarch64 with binutils newer than 2.30.- Add glibc-locale-base subpackage containing only C, C.UTF-8 and en_US.UTF-8 locales (fate#326551)- aarch64-hwcap-atomics.patch: aarch64: add HWCAP_ATOMICS to HWCAP_IMPORTANT (fate#325962)- math-remove-slow-path.patch: Remove slow paths from math routines (fate#325815, fate#325879, fate#325880, fate#325881, fate#325882)- localtime-2039.patch: Fix year 2039 bug for localtime with 64-bit time_t (bsc#1102526, BZ #22639)- i386-memmove-sse2-unaligned.patch: Fix SSE2 memmove issue when crossing 2GB boundary (CVE-2017-18269, bnc#1094150, BZ #22644) - realpath-ssize-max-overflow.patch: Fix overflow in path length computation (CVE-2018-11236, bsc#1094161, BZ #22786) - glibc-fix-avx512-mempcpy.patch: replace with upstream version- Use %license also for COPYING and COPYING.LIB (bsc#1082318)- Add glibc-fix-avx512-mempcpy.patch as quick fix for mempcpy buffer overwrite in memmove-avx512-no-vzeroupper.S for Knights Landing CPUs (CVE-2018-11237, bnc#1094154, bnc#1092877, BZ #23196)- Readd nis to netgroup and automount nss config (bsc#1088860)- res-send-enomem.patch: Fix crash in resolver on memory allocation failure (bsc#1086690, BZ #23005)- Use %license (bsc#1082318)- stack-guard-size-accounting.patch: Fix stack guard size accounting (bsc#1074208, BZ #22637) - libgcc-rtld-now.patch: Open libgcc.so with RTLD_NOW during pthread_cancel (bsc#1074208, BZ #22636)- Mark source0 as nosource in non-main source rpms- Add systemtap-headers to BuildRequires. - Add --enable-systemtap to configure arguments. (fate#324969, bsc#1073636)- memalign-overflow.patch: Fix integer overflows in internal memalign and malloc functions (CVE-2018-6485, CVE-2018-6551, bsc#1079036, BZ #22343, BZ #22774)- fix-locking-in-_IO_cleanup.patch: Skip locked files during exit (bsc#1070491, BZ #15142)- Avoid duplicate source rpm- getcwd-absolute.patch: make getcwd(3) fail if it cannot obtain an absolute path (CVE-2018-1000001, bsc#1074293, BZ #22679)- dl-init-paths-overflow.patch: Count components of the expanded path in _dl_init_path (CVE-2017-1000408, CVE-2017-1000409, bsc#1071319, BZ [#22607], BZ #22627) - fillin-rpath-empty-tokens.patch: Check for empty tokens before dynamic string token expansion (CVE-2017-16997, bsc#1073231, BZ #22625)- tst-tlsopt-powerpc.patch: fix tst-tlsopt-powerpc (bcn#1070419) - powerpc-hwcap-bits.patch: Update HWCAP for powerpc (bnc#1070420) - malloc-tcache-check-overflow.patch: Fix integer overflow in malloc when tcache is enabled (CVE-2017-17426, bnc#1071479, BZ #22375)- Add _multibuild- glob64-s390.patch: no compat glob64 on s390 - noversion.tar.bz2: remove unused source- x86-64-dl-platform.patch: Don't set GLRO(dl_platform) to NULL (BZ #22299)- spawni-assert.patch: Fix improper assert in Linux posix_spawn (BZ [#22273])- math-c++-compat.patch: Add more C++ compatibility (BZ #22296) - malloc-tcache-leak.patch: Fix tcache leak after thread destruction (BZ [#22111]) - falkor-memcpy-memmove.patch: Optimized implementation of memcpy/memmove for Qualcomm Falkor - aarch64-cpu-features.patch: Fix glibc.tune.cpu tunable handling - nss-files-large-buffers.patch: Avoid large buffers with many host addresses (BZ #22078) - sysconf-uio-maxiov.patch: Fix missing definition of UIO_MAXIOV (BZ [#22321]) - glob-tilde-overflow.patch: Fix buffer overflows with GLOB_TILDE (CVE-2017-15670, CVE-2017-15671, CVE-2017-15804, bsc#1064569. bsc#1064580, bsc#1064583, BZ #22320, BZ #22325, BZ #22332) - dl-runtime-resolve-xsave.patch: Use fxsave/xsave/xsavec in _dl_runtime_resolve (BZ #21265)- nscd-libnsl.patch: Remove reference to libnsl from nscd (bsc#1062244)- Drop glibc-obsolete - glibc-2.3.90-noversion.diff: remove - reinitialize-dl_load_write_lock.patch: remove- nss-compat.patch: Move nss_compat from nis to nss subdir and install it unconditionally - nsswitch.conf: switch back to compat for passwd, group, shadow- assert-pedantic.patch: Suppress pedantic warning caused by statement expression (BZ #21242, BZ #21972) - math-c++-compat.patch: Add more C++ compatibility (BZ #22235) - getaddrinfo-errno.patch: Fix errno and h_errno handling in getaddrinfo (BZ #21915, BZ #21922) - resolv-conf-oom.patch: Fix memory handling in OOM situation during resolv.conf parsing (BZ #22095, BZ #22096) - dynarray-allocation.patch: Fix initial size of dynarray allocation and set errno on overflow error - nearbyint-inexact.patch: Avoid spurious inexact in nearbyint (BZ #22225)- math-c++-compat.patch: add more C++ compatibility (BZ #22146)- Remove rpcsvc/yppasswd.* from glibc-devel - ld-so-hwcap-x86-64.patch: add x86_64 to hwcap (bsc#1056606, BZ #22093)- eh-frame-zero-terminator.patch: Properly terminate .eh_frame (BZ #22051)- Disable obsolete libnsl and NIS support - remove-nss-nis-compat.patch: remove nis and compat from default NSS configs - nsswitch.conf: Likewise- math-c++-compat.patch: Do not use __builtin_types_compatible_p in C++ mode (BZ #21930)- Add iconvconfig to baselibs.conf (bsc#1051042)- resolv-context-leak.patch: Fix leaks of resolver contexts - dl-runtime-resolve-opt-avx512f.patch: Use _dl_runtime_resolve_opt only with AVX512F (BZ #21871) - libpthread-compat-wrappers.patch: Don't use IFUNC resolver for longjmp or system in libpthread (BZ #21041)- Update to glibc 2.26 * A per-thread cache has been added to malloc * Unicode 10.0.0 Support * Improvements to the DNS stub resolver * New function reallocarray, which resizes an allocated block (like realloc) to the product of two sizes, with a guaranteed clean failure upon integer overflow in the multiplication * New wrappers for the Linux-specific system calls preadv2 and pwritev2 * posix_spawnattr_setflags now supports the flag POSIX_SPAWN_SETSID, to create a new session ID for the spawned process * errno.h is now safe to use from C-preprocessed assembly language on all supported operating systems * On ia64, powerpc64le, x86-32, and x86-64, the math library now implements 128-bit floating point as defined by ISO/IEC/IEEE 60559:2011 (IEEE 754-2008) and ISO/IEC TS 18661-3:2015 * The synchronization that pthread_spin_unlock performs has been changed to now be equivalent to a C11 atomic store with release memory order to the spin lock's memory location * The DNS stub resolver no longer performs EDNS fallback * res_mkquery and res_nmkquery no longer support the IQUERY opcode * The _res_opcodes variable has been removed from libresolv * no longer includes inline versions of any string functions, as this kind of optimization is better done by the compiler * The nonstandard header has been removed * The obsolete header has been removed * The obsolete signal constant SIGUNUSED is no longer defined by * The obsolete function cfree has been removed * The stack_t type no longer has the name struct sigaltstack * The ucontext_t type no longer has the name struct ucontext * On S/390 GNU/Linux, the constants defined by have been synced with the kernel * Linux kernel 3.2 or later is required at runtime, on all architectures supported by that kernel * The DNS stub resolver limits the advertised UDP buffer size to 1200 bytes, to avoid fragmentation-based spoofing attacks (CVE-2017-12132) * LD_LIBRARY_PATH is now ignored in binaries running in privileged AT_SECURE mode to guard against local privilege escalation attacks (CVE-2017-1000366) * Avoid printing a backtrace from the __stack_chk_fail function since it is called on a corrupt stack and a backtrace is unreliable on a corrupt stack (CVE-2010-3192) * A use-after-free vulnerability in clntudp_call in the Sun RPC system has been fixed (CVE-2017-12133) * fate#322258, fate#321513, fate#322453 - fts-symbol-redirect.patch, glibc-resolv-reload.diff, glibc-2.2-sunrpc.diff, i686-memchr-sse.patch, ld-hwcap-mask-suid.patch, ld-library-path-suid.patch, sunrpc-use-after-free.patch, test-math-vector-sincos-aliasing.patch, tunables-bigendian.patch: Removed- Fix RPM group- s390-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (fate#322271)- ld-hwcap-mask-suid.patch: Ignore and remove LD_HWCAP_MASK for AT_SECURE programs (BZ #21209) - ld-library-path-suid.patch: Completely ignore LD_LIBRARY_PATH for AT_SECURE=1 programs (CVE-2017-1000366, bsc#1039357, BZ #21624)- Remove glibc-cpusetsize.diff, no longer useful- fts-symbol-redirect.patch: Fix symbol redirect for fts_set (bsc#1041123, BZ #21289)- test-math-vector-sincos-aliasing.patch: Fix test-math-vector-sincos.h aliasing- add-locales.patch: renamed from glibc-2.3.locales.diff.bz2, drop en_BE locales (bsc#1039502)- Remove glibc-testsuite.patch, no longer relevant- Use multibuild feature - Remove obsolete check-build.sh - glibc.rpmlintrc: remove obsolete entries - Use %tmpfiles_create in nscd postin- i686-memchr-sse.patch: Fix i686 memchr overflow calculation (bsc#1031021, BZ #21182) - sunrpc-use-after-free.patch: Avoid use-after-free read access in clntudp_call (BZ #21115) - Build testsuite with gdb and python-pexpect to enable more tests- tunables-bigendian.patch: Fix getting tunable values on big-endian (BZ [#21109])- Update to glibc 2.25 * The feature test macro __STDC_WANT_LIB_EXT2__, from ISO/IEC TR 24731-2:2010, is supported to enable declarations of functions from that TR. * The feature test macro __STDC_WANT_IEC_60559_BFP_EXT__, from ISO/IEC TS 18661-1:2014, is supported to enable declarations of functions and macros from that TS. * The feature test macro __STDC_WANT_IEC_60559_FUNCS_EXT__, from ISO/IEC TS 18661-4:2015, is supported to enable declarations of functions and macros from that TS. * The nonstandard feature selection macros _REENTRANT and _THREAD_SAFE are now treated as compatibility synonyms for _POSIX_C_SOURCE=199506L. * The inclusion of by is deprecated. * New features from TS 18661-1:2014 are added to libm: the fesetexcept, fetestexceptflag, fegetmode and fesetmode functions, the femode_t type and the FE_DFL_MODE and FE_SNANS_ALWAYS_SIGNAL macros. * Integer width macros from TS 18661-1:2014 are added to : CHAR_WIDTH, SCHAR_WIDTH, UCHAR_WIDTH, SHRT_WIDTH, USHRT_WIDTH, INT_WIDTH, UINT_WIDTH, LONG_WIDTH, ULONG_WIDTH, LLONG_WIDTH, ULLONG_WIDTH; and to : INT8_WIDTH, UINT8_WIDTH, INT16_WIDTH, UINT16_WIDTH, INT32_WIDTH, UINT32_WIDTH, INT64_WIDTH, UINT64_WIDTH, INT_LEAST8_WIDTH, UINT_LEAST8_WIDTH, INT_LEAST16_WIDTH, UINT_LEAST16_WIDTH, INT_LEAST32_WIDTH, UINT_LEAST32_WIDTH, INT_LEAST64_WIDTH, UINT_LEAST64_WIDTH, INT_FAST8_WIDTH, UINT_FAST8_WIDTH, INT_FAST16_WIDTH, UINT_FAST16_WIDTH, INT_FAST32_WIDTH, UINT_FAST32_WIDTH, INT_FAST64_WIDTH, UINT_FAST64_WIDTH, INTPTR_WIDTH, UINTPTR_WIDTH, INTMAX_WIDTH, UINTMAX_WIDTH, PTRDIFF_WIDTH, SIG_ATOMIC_WIDTH, SIZE_WIDTH, WCHAR_WIDTH, WINT_WIDTH. * New features are added from TS 18661-1:2014: - Signaling NaN macros: SNANF, SNAN, SNANL. - Nearest integer functions: roundeven, roundevenf, roundevenl, fromfp, fromfpf, fromfpl, ufromfp, ufromfpf, ufromfpl, fromfpx, fromfpxf, fromfpxl, ufromfpx, ufromfpxf, ufromfpxl. - llogb functions: the llogb, llogbf and llogbl functions, and the FP_LLOGB0 and FP_LLOGBNAN macros. - Max-min magnitude functions: fmaxmag, fmaxmagf, fmaxmagl, fminmag, fminmagf, fminmagl. - Comparison macros: iseqsig. - Classification macros: iscanonical, issubnormal, iszero. - Total order functions: totalorder, totalorderf, totalorderl, totalordermag, totalordermagf, totalordermagl. - Canonicalize functions: canonicalize, canonicalizef, canonicalizel. - NaN functions: getpayload, getpayloadf, getpayloadl, setpayload, setpayloadf, setpayloadl, setpayloadsig, setpayloadsigf, setpayloadsigl. * The functions strfromd, strfromf, and strfroml, from ISO/IEC TS 18661-1:2014, are added to libc. * Most of glibc can now be built with the stack smashing protector enabled. * The function explicit_bzero, from OpenBSD, has been added to libc. * On ColdFire, MicroBlaze, Nios II and SH3, the float_t type is now defined to float instead of double. * On x86_64, when compiling with -mfpmath=387 or -mfpmath=sse+387, the float_t and double_t types are now defined to long double instead of float and double. * The getentropy and getrandom functions, and the header file have been added. * The buffer size for byte-oriented stdio streams is now limited to 8192 bytes by default. * The header now includes the header. * The malloc_get_state and malloc_set_state functions have been removed. * The “ip6-dotint” and “no-ip6-dotint” resolver options, and the corresponding RES_NOIP6DOTINT flag from have been removed. * The "ip6-bytestring" resolver option and the corresponding RES_USEBSTRING flag from have been removed. * The flags RES_AAONLY, RES_PRIMARY, RES_NOCHECKNAME, RES_KEEPTSIG, RES_BLAST defined in the header file have been deprecated. * The "inet6" option in /etc/resolv.conf and the RES_USE_INET6 flag for _res.flags are deprecated. * DNSSEC-related declarations and definitions have been removed from the header file, and libresolv will no longer attempt to decode the data part of DNSSEC record types. * The resource record type classification macros ns_t_qt_p, ns_t_mrr_p, ns_t_rr_p, ns_t_udp_p, ns_t_xfr_p have been removed from the header file because the distinction between RR types and meta-RR types is not officially standardized, subject to revision, and thus not suitable for encoding in a macro. * The types res_sendhookact, res_send_qhook, re_send_rhook, and the qhook and rhook members of the res_state type in have been removed. * For multi-arch support it is recommended to use a GCC which has been built with support for GNU indirect functions. * GDB pretty printers have been added for mutex and condition variable structures in POSIX Threads. * Tunables feature added to allow tweaking of the runtime for an application program. * A new version of condition variables functions have been implemented in the NPTL implementation of POSIX Threads to provide stronger ordering guarantees. * A new version of pthread_rwlock functions have been implemented to use a more scalable algorithm primarily through not using a critical section anymore to make state changes. * On ARM EABI (32-bit), generating a backtrace for execution contexts which have been created with makecontext could fail to terminate due to a missing .cantunwind annotation. (CVE-2016-6323) * The DNS stub resolver functions would crash due to a NULL pointer dereference when processing a query with a valid DNS question type which was used internally in the implementation. (CVE-2015-5180) - Enable stack protector if part of %optflags - startcontext-cantunwind.patch: Removed - cpuid-assertion.patch: Removed- cpuid-assertion.patch: Don't assert on older Intel CPUs (BZ #20647)- glibc-2.3.3-nscd-db-path.diff: Move persistent nscd databases to /var/lib/nscd - glibc-2.3.90-langpackdir.diff: simplify- Update to glibc 2.24 * The minimum Linux kernel version that this version of the GNU C Library can be used with is 3.2 * The pap_AN locale has been deleted * The readdir_r and readdir64_r functions have been deprecated * The type `union wait' has been removed * A new NSS action is added to facilitate large distributed system administration * The deprecated __malloc_initialize_hook variable has been removed from the API * The long unused localedef --old-style option has been removed * nextupl, nextup, nextupf, nextdownl, nextdown and nextdownf are added to libm * An unnecessary stack copy in _nss_dns_getnetbyname_r was removed (CVE-2016-3075) * Previously, getaddrinfo copied large amounts of address data to the stack, even after the fix for CVE-2013-4458 has been applied, potentially resulting in a stack overflow. getaddrinfo now uses a heap allocation instead (CVE-2016-3706) * The glob function suffered from a stack-based buffer overflow when it was called with the GLOB_ALTDIRFUNC flag and encountered a long file name (CVE-2016-1234) * The Sun RPC UDP client could exhaust all available stack space when flooded with crafted ICMP and UDP messages (CVE-2016-4429) * The IPv6 name server management code in libresolv could result in a memory leak for each thread which is created, performs a failing naming lookup, and exits (CVE-2016-5417) - startcontext-cantunwind.patch: mark __startcontext as .cantunwind (bsc#974800, BZ #20435) - Removed patches: * 0001-Updated-translations-for-2.23.patch * 0002-Regenerate-libc.pot-for-2.23.patch * 0003-Regenerated-configure-scripts.patch * 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch * 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch * 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch * 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch * 0008-Update-NEWS.patch * 0009-sln-use-stat64.patch * 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch * 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch * 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch * 0013-Mention-BZ-19762-in-NEWS.patch * 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch * 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch * 0016-Fix-resource-leak-in-resolver-bug-19257.patch * 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch * 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch * 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch * 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch * 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch * 0022-configure-fix-test-usage.patch * 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch * 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch * 0025-getnameinfo-Do-not-preserve-errno.patch * 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch * 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch * 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch * 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch * 0030-hesiod-Remove-RCS-keywords.patch * 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch * 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch * 0033-malloc-Remove-NO_THREADS.patch * 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch * 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch * 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch * 0037-malloc-Add-missing-internal_function-attributes-on-f.patch * 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch * 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch * 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch * 0041-nss_dns-Check-address-length-before-creating-addrinf.patch * 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch * 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch * 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch * 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch * 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch * 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch * 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch * 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch * 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch * 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch * 0052-Fix-tst-dlsym-error-build.patch * 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch * 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch * 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch * 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch * clntudp-call-alloca.patch * glibc-memset-nontemporal.diff * nis-initgroups-status.patch * nscd-gc-crash.patch * robust-mutex-deadlock.patch * strncat-avoid-array-bounds-warning.patch- strncat-avoid-array-bounds-warning.patch: Avoid array-bounds warning for stncat on i586 (BZ #20260) - Update glibc.keyring - Unset MALLOC_CHECK_ during testsuite run- nsswitch.conf: Add fallback to files for passwd and group to prepare for libnsl removal.- nis-initgroups-status.patch: Return proper status from _nss_nis_initgroups_dyn (bsc#984269, BZ #20262) - robust-mutex-deadlock.patch: Fix generic __lll_robust_timedlock_wait to check for timeout (bsc#985170, BZ #20263)- nscd-gc-crash.patch: Fix nscd assertion failure in gc (bsc#965699, BZ [#19755])- clntudp-call-alloca.patch: do not use alloca in clntudp_call (CVE-2016-4429, bsc#980854, BZ #20112)- Import patches from 2.23 branch 0001-Updated-translations-for-2.23.patch 0002-Regenerate-libc.pot-for-2.23.patch 0003-Regenerated-configure-scripts.patch 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch 0008-Update-NEWS.patch 0009-sln-use-stat64.patch 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch 0013-Mention-BZ-19762-in-NEWS.patch 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch 0016-Fix-resource-leak-in-resolver-bug-19257.patch 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch 0022-configure-fix-test-usage.patch 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch 0025-getnameinfo-Do-not-preserve-errno.patch 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch 0030-hesiod-Remove-RCS-keywords.patch 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch 0033-malloc-Remove-NO_THREADS.patch 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch 0037-malloc-Add-missing-internal_function-attributes-on-f.patch 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch 0041-nss_dns-Check-address-length-before-creating-addrinf.patch 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch 0052-Fix-tst-dlsym-error-build.patch 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch - CVE-2016-3075 CVE-2016-1234 CVE-2016-3706 bsc#973164 bsc#969727 - resolv-mem-leak.patch: renamed to 0016-Fix-resource-leak-in-resolver-bug-19257.patch - no-long-double.patch: renamed to 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch - glibc-gcc6.patch: renamed to 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch- glibc-c-utf8-locale.patch: fix bad standard in LC_IDENTIFICATION categories - glibc-2.3.locales.diff.bz2: likewise- glibc-gcc6.patch: Suppress GCC 6 warning about ambiguous 'else' with - Wparentheses- Add compatibility symlinks for LSB 3.0 (fate#318933)- powerpc-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (bsc#967594, fate#318236)- ldd-system-interp.patch: Restore warning about execution permission, it is still needed for noexec mounts (bsc#915985)- Add C.UTF-8 locale (see https://sourceware.org/glibc/wiki/Proposals/C.UTF-8) and rh#902094 . Added with glibc-c-utf8-locale.patch. - Add glibc-disable-gettext-for-c-utf8.patch to disable gettext for C.UTF-8 same as C locale.- Move %install_info_delete to %preun - crypt_blowfish-1.3.tar.gz.sign: Remove, the sign key is no longer acceptable- no-long-double.patch: Don't use long double functions if NO_LONG_DOUBLE- Update to glibc 2.23 release. * Unicode 8.0.0 Support * sched_setaffinity, pthread_setaffinity_np no longer attempt to guess the kernel-internal CPU set size * The fts.h header can now be used with -D_FILE_OFFSET_BITS=64 * getaddrinfo now detects certain invalid responses on an internal netlink socket * A defect in the malloc implementation, present since glibc 2.15 (2012) or glibc 2.10 via --enable-experimental-malloc (2009), could result in the unnecessary serialization of memory allocation requests across threads * The obsolete header has been removed * The obsolete functions bdflush, create_module, get_kernel_syms, query_module and uselib are no longer available to newly linked binaries * Optimized string, wcsmbs and memory functions for IBM z13. * Newly linked programs that define a variable called signgam will no longer have it set by the lgamma, lgammaf and lgammal functions - Removed patches: * dont-remove-nodelete-flag.patch * openat64-readd-o-largefile.patch * mntent-blank-line.patch * opendir-o-directory-check.patch * strcoll-remove-strdiff-opt.patch * ld-pointer-guard.patch * tls-dtor-list-mangling.patch * powerpc-lock-elision-race.patch * prelink-elf-rtype-class.patch * vector-finite-math-aliases.patch * powerpc-elision-adapt-param.patch * catopen-unbound-alloca.patch * strftime-range-check.patch * hcreate-overflow-check.patch * errorcheck-mutex-no-elision.patch * refactor-nan-parsing.patch * send-dg-buffer-overflow.patch * isinf-cxx11-conflict.patch * ibm93x-redundant-shift-si.patch * iconv-reset-input-buffer.patch * tzset-tzname.patch * static-dlopen.patch- isinf-cxx11-conflict.patch: Fix isinf/isnan declaration conflict with C++11 (bsc#963700, BZ #19439)- tls-dtor-list-mangling.patch: Harden tls_dtor_list with pointer mangling (BZ #19018) - prelink-elf-rtype-class.patch: Keep only ELF_RTYPE_CLASS_{PLT|COPY} bits for prelink (BZ #19178) - vector-finite-math-aliases.patch: Better workaround for aliases of * _finite symbols in vector math library (BZ# 19058) - powerpc-elision-adapt-param.patch: powerpc: Fix usage of elision transient failure adapt param (BZ #19174) - catopen-unbound-alloca.patch: Fix unbound alloca in catopen (CVE-2015-8779, bsc#962739, BZ #17905) - strftime-range-check.patch: Add range check on time fields (CVE-2015-8776, bsc#962736, BZ #18985) - hcreate-overflow-check.patch: Handle overflow in hcreate (CVE-2015-8778, bsc#962737, BZ #18240) - errorcheck-mutex-no-elision.patch: Don't do lock elision on an error checking mutex (bsc#956716, BZ #17514) - refactor-nan-parsing.patch: Refactor strtod parsing of NaN payloads (CVE-2014-9761, bsc#962738, BZ #16962) - send-dg-buffer-overflow.patch: Fix getaddrinfo stack-based buffer overflow (CVE-2015-7547, bsc#961721, BZ #18665) - powerpc-lock-elision-race.patch: renamed from 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- Add audit-devel and libcap-devel to BuildRequires, for use by nscd- reinitialize-dl_load_write_lock.patch: Reinitialize dl_load_write_lock on fork (bsc#958315, BZ #19282)- resolv-mem-leak.patch: Fix resource leak in resolver (bsc#955647, BZ #19257) - tzset-tzname.patch: Force rereading TZDEFRULES after it was used to set DST rules only (BZ #19253)- glibc-2.3.90-noversion.diff: use stat64- ld-pointer-guard.patch: Always enable pointer guard (CVE-2015-8777, bsc#950944, BZ #18928)- strcoll-remove-strdiff-opt.patch: Remove incorrect STRDIFF-based optimization (BZ #18589)- iconv-reset-input-buffer.patch: Fix iconv buffer handling with IGNORE error handler (BZ #18830)- new patch [BZ #18743] PowerPC: Fix a race condition when eliding a lock 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- nss-files-long-lines-2.patch: Properly reread entry after failure in nss_files getent function (bsc#945779, BZ #18991)- fnmatch-collating-elements.patch: Fix fnmatch handling of collating elements (BZ #17396, BZ #16976)- opendir-o-directory-check.patch: Fix opendir inverted o_directory_works test - static-dlopen.patch: Static dlopen default library search path fix (bsc#937853)- mntent-blank-line.patch: Fix memory corruption w/blank lines- dont-remove-nodelete-flag.patch: Don't remove DF_1_NODELETE flag from all loaded objects on failed dlopen - openat64-readd-o-largefile.patch: Readd O_LARGEFILE flag for openat64- Update to glibc 2.22 release. * Cache information can be queried via sysconf() function on s390 * A buffer overflow in gethostbyname_r and related functions performing DNS requests has been fixed. (CVE-2015-1781) * The time zone file parser has been made more robust against crafted time zone files * A powerpc and powerpc64 optimization for TLS, similar to TLS descriptors for LD and GD on x86 and x86-64, has been implemented. * Character encoding and ctype tables were updated to Unicode 7.0.0 * Added vector math library named libmvec * A new fmemopen implementation has been added with the goal of POSIX compliance. * The header is deprecated, and will be removed in a future release. * bsc#905313 bsc#920338 bsc#927080 bsc#928723 bsc#931480 bsc#939211 bsc#940195 bsc#940332 bsc#944494 bsc#968787 - Patches from upstream removed * htm-tabort.patch * o-tmpfile.patch * memcpy-chk-non-SSE2.patch * pthread-mutexattr-gettype-kind.patch * powerpc-software-sqrt.patch * static-tls-dtv-limit.patch * threaded-trim-threshold.patch * resolv-nameserver-handling.patch * nss-separate-state-getXXent.patch * aarch64-sigstksz.patch * heap-top-corruption.patch * pthread-join-deadlock.patch- pthread-join-deadlock.patch: Use IE model for static variables in libc.so, libpthread.so and rtld (bsc#930015, BZ #18457)- glibc-nodate.patch: fix verification of timestamp- also filter out -fstack-protector-strong- getaddrinfo-ipv6-sanity.diff: Remove. It breaks services that start before IPv6 is up (bsc#931399) - glibc-2.3.locales.diff.bz2: Remove sh_YU locales, fix currency for en_BE.- Add /usr/include/gnu/lib-names-.*.h to baselibs - pthread-join-deadlock.patch: Don't require rtld lock to store static TLS offset in the DTV (bsc#930015, BZ #18457) - heap-top-corruption.patch: Do not corrupt the top of a threaded heap if top chunk is MINSIZE (BZ #18502)- threaded-trim-threshold.patch: Fix regression in threaded application malloc performance (bsc#915955, BZ #17195)- aarch64-sigstksz.patch: Increase MINSIGSTKSZ and SIGSTKSZ (BZ #16850)- powerpc-software-sqrt.patch: Fix powerpc software sqrt (BZ #17964, BZ [#17967]) - nss-separate-state-getXXent.patch: Separate internal state between getXXent and getXXbyYY NSS calls (CVE-2014-8121, bsc#918187, BZ #18007) - static-tls-dtv-limit.patch: Fix DTV race, assert, DTV_SURPLUS Static TLS limit, and nptl_db garbage (bsc#919678, BZ #17090, BZ #17620, BZ #17621, BZ #17628)- resolv-nameserver-handling.patch: Replace with simpler version with more compatibility- memcpy-chk-non-SSE2.patch: Fix __memcpy_chk on non-SSE2 CPUs (bsc#920084)- resolv-nameserver-handling.patch: Rewrite handling of nameserver configuration in resolver- htm-tabort.patch: Fix TABORT encoding for little endian- Update to glibc 2.21 release. * A new semaphore algorithm has been implemented in generic C code for all machines * Added support for TSX lock elision of pthread mutexes on powerpc32, powerpc64 and powerpc64le * Optimized strcpy, stpcpy, strchrnul and strrchr implementations for AArch64 * i386 memcpy functions optimized with SSE2 unaligned load/store * New locales: tu_IN, bh_IN, raj_IN, ce_RU * The obsolete sigvec function has been removed * CVE-2015-1472 CVE-2015-1473 CVE-2012-3406 CVE-2014-9402 CVE-2014-7817 bsc#864081 bsc#906371 bsc#909053 bsc#910599 bsc#916222 - Patches from upstream removed * ifunc-x86-slow-sse4.patch * pthread-mutex-trylock-elision.patch - o-tmpfile.patch: Fix value of O_TMPFILE for architectures with non-default O_DIRECTORY (BZ #17912)- Update to crypt_blowfish 1.3. * Add support for the $2b$ prefix. - ifunc-x86-slow-sse4.patch: Fix misdetected Slow_SSE4_2 cpu feature bit (BZ #17501)/bin/sh/bin/sh/bin/sh/bin/shunscdlamb03 1584623805 2.26-lp151.19.3.12.26-lp151.19.3.12.26-lp151.19.3.1 0.48nscd.confnscdnscd.pidsocketnscd.servicetmpfiles.dnscd.confnscdrcnscdnscdgrouphostsnetgrouppasswdservices/etc//run//run/nscd//usr/lib/systemd/system//usr/lib//usr/lib/tmpfiles.d//usr/sbin//var/lib//var/lib/nscd/-fomit-frame-pointer -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:12136/openSUSE_Leap_15.1_Update/d9c828a87c0d746733134f9c13d27e1b-glibc.openSUSE_Leap_15.1_Updatecpioxz5i586-suse-linux ASCII textdirectorycannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp151.19.3.1.i386/run/nscd/nscd.pid' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp151.19.3.1.i386/run/nscd/socket' (No such file or directory)ELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib, BuildID[sha1]=38e49b70fded26903d5c7586719f9610eee0974f, for GNU/Linux 3.2.0, strippedcannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp151.19.3.1.i386/var/lib/nscd/group' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp151.19.3.1.i386/var/lib/nscd/hosts' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp151.19.3.1.i386/var/lib/nscd/netgroup' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp151.19.3.1.i386/var/lib/nscd/passwd' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp151.19.3.1.i386/var/lib/nscd/services' (No such file or directory)RRRR RRR RR RR RR RRRRRRRRRRRRR~60ec|g۠utf-8d00c4869a6ecc54066e434d43c203f31ebc7292937eda031706f87ce454634ca?p7zXZ !t/GX] crv(vX0DoǴs{^6HNno KL#G +-IH\>ۍdd%03VШ' SF~@Iae)\5'q3sY͜\-AVV.䦷NK$ό nT%4| "TPeg93ktXs~ h՟ṗߙ9퐙d[ay{SvM{a0m>WD*Q]v6TE|I񉌭D،W1GŠ"O- ;(Ai^6z|NϠ=WitM>|B]XRr{^x%o1> qoI{oȦo@#M+KȒvעrT4q+H2z0)˂q(3Xo*%ۣhtCSM-o9YeƼ7@]eX&DpBi(Ŧ dtI )%9:V: 7=ܧ VE =D.!):M'NɅjY|(ϨzwNкwZ7y°Z;3,tIJn:eFWqgГ.Aa˅b.Bek/0 (h #*nJ#`Iڑ\}_TiXg8% {jnR>kj,\R:O溜Qܞ>*L1kCUg%Pa+t}C RFxC5FOӱ)ƒ îu,vt]ax&bEsǃLc 0l^Nj6UdgbvIOd*žNuWRaFsR%~FbCgYn!J4s) +e0b$3?nW3Xq'[\\'kmZ&yhtr.5UB=-无3tuPڜ 9T\a1xDW&2  AElxHꢶREUl̯T>B8t6Is"S}@G/zEsWᚭO-N~ŞS2U0+]bguҿSyWrL=t}@`@(?&7F-'>os%2~5vֆƎIvTd#< _ؔqVY j=x5}ĝ .-#e* Li'H Tfe;G0%Lj_TUiFmYx=o%"h>#d+/=ZwI~`E"*+s0ʲkK2ƪ.\%f"W I5'3'zmP C 4LҚVM!- CQ._:(N"NL_ϐ?y춡flް][H^3jsYkNfg6ffŴ4ychIZ(ч2~NЗvh];>Tm^J:Q΅drƵ:jwIJZ[ӁF>1]6N AF`"(ް0 ~јK9A) V@?.Z7)yC<䪻.ҪR;Se WÓװnL}f\I?t!5:.*d; 886uz: ])rPHPJUmKKGeR(C՝q^)U|i)' n]Pz5~Y(z"v^ ?w; 7$RQXB  FCS KaqၐnBvOd|7 NF`]) v)jLud<`@8K(IULFA+1V  w8K\:z{c?K "S5\SeB62#ssҝKkT1 V9/ _mqci8XIVVWΕY$/|٥ˇN_D6֭`sa>ާvH 4wqJ07P5, \(Mҝm;eZKM`jwR]%LՌ?' |q񕶔z%\Rp+'؜_R[}ؽ$}pB[ Jo<^vO?̻g,3QEUf[sfev%|bm,bmHVBy~Q}̆,zb "tM-%' dbH8³-DI-Pv8byo-Ksym爐j HŖ}BV {uK(@(a蕴;aO q;1PG[(ۧg_)(H<}o$p3,xX1`bC^.v4&9tե ͸u -R?)XTVLXWkIշ{k[ֽuU_@~e_ն: Fʍ_e\ڢmՄd[@ F’r+1S#.i` 7)7L%&,,눅E4BizƗQ\ʡqBГާܐIfN5' ױw/FD#V{5|yR*A׹2S+րnʸ1shy>.R Tdf5%/sm~29T.O$GOA3ZP8@3ci  e kA7|D)*J+i$"#.@#Xʲ,MgV&Ë ձaVpB*(d_DhYJ "ǔby܊"-C?PbzEMrf!UV jS$lx@O#Fӓn9=m~mD[cl :@'%qԊ(X> 0G>!'.xt"[XROlY+kBOSc*Š4C9v՞Vϼ{ %V\ ;TPthYx+C$^jxnnNELN5s#;3ZJV NF35q3`Ac)!t6Z6DQ@c]E)&G;aMI]nHI\RI}[@!&y߿4ƹJT+{3KXE~W`O^EbeDטKg͑yKX SpqpٶJ.W_l?r9Ѫv!%*^T;~mmIm\ꮷڑo +8l*ʰن}hDc0< U7du-QyhL6ߎAkֺ0svG]}l!,24k(t~5ʳvAtugϸ:+u7u )'Cp+  ~?FӋi9e?U c]Kq>Ƽ &VEA4j1ai)ղLVXa3`}jT> nc=)rv3`8>CreэO&?gRYb8b ўiC؎gEu) qB?"yخOЖpf7ݜrM B@S3oc B|vCp5| (Aɻ]AS gpqUqg)āoBuVvE}v7i ̷[̸%'%ƅyFr~/?#g w&sTB{2*nIea"&vi/ b `<:8HcQʚ!`i_;iK!j ZKE#KOF4q=+H':nbu_t COl sRQ-\t*%g~a?4EuKj>zyfz&guz߇2Pd>$%'o$ARIc7@ulW}tDՆ( zy}~`{Fѫg9&bԡDqUN@*U2Ĭ& t"7df4[,ftG0t|gisuZ)2FQY`!{5pJT!^SqV9Uw$dcmg47PHk{`yk`B4["ݷoc[eBbׯRfûi"WlHN@\h'QF'hSH>M^4/I{/py1fgٲ \  bG츻X$?6Eח+=,r/%3]rl_ .xaKğn9n-fBM T(-7Qiw/'Nڷ}8+֬FE! hƀ_ "rD].Dc:@(N8Ȅ(uܚҾ@ 5@"r*z9ܓ E84t2 BxU PԞD<_E y.,b.-0g H1ݺ0yLTZ CQw Pu0</ ,u;qA? @χ;'ƖA͘j7ŲrBu-'^̥37'p\Sjj4IP췂*# Yc$ 3]DY۱McfP%?qVJW ͵"*Dk !}O6a԰aτ}p/RN`Um⛑Id"2VHWQꗓ^'U@:F4hѓߌ?Zfwуg#Vlm,Jރf+prqktDTJBld tch3Ƨ̩.6+$jp -} ^y'1(H+G pmDUX;F/HQHE P3#{#{TIړ*Wi*nCOeD576Xbl3)%zVl-x?3HNͣ%@} EDƾXiÞa2KAC>iE64kcUQ򇛘CT/f"oGBJ! l`/Z?'Qc-Tw/#(UނTe*ͣ>|ʦ-[&3$ a2U|UpPrc1PSztcH+?|*E1=^ʹG3& 1[Q.)s(zە_آQA'Y_bpϳ"nmttxM 4J*]F<$֫뉙v+ ꟢J<=EC"l pxʌVT L-m_J2q6*d겗% ܵq`Y ;/3OtmOfEEI?(b7fSp.px/W~[)&8K~ zUNB*Y{%uY\œA.u_=4ƠXQyB-'bJ-s8>,:/{PǾ'4y1F0d9d _oKiعcLX`bƉ.-8(]6^̱jlwv>5ɸVOpWpQHαXlv~ )peNj ؇YO(CSQp)@ 6>s??1\ΐkx@D(6>WcPEu[TH7Ƥc>Sfh⚻x;Wb(¤Y-i z"N~G̾lWX\W"lY \Bh#&3ُwձ#@8^]rs bis2:"yH=nr}}%Y;V@#zYO.JD aC+$qڅrՈ6t0>寀UgWI[ d-(IRtMdvx9Η`YX=4 -F󁚖~9ټ& <"cjVI&3~"L+sz|߳ZL,"Bi?=M3R#I;Rg?6QKNz:{玍+hBvh49CꏧdvG [jeO-bsc ѓoZ̹DԖv-`TU<+X~&誸QG^y_.e@kVuZ#yLy2̥s9zҧ?_F MxǒbG`4AŖ牾J+YI3O`gҏ坄ޤ xCa鵊=d,$TLMl*IX(*%'Atcd!h>4"&R nMM F IN {jqw}mMC=ȿ"f<):H:~"< Ӣ@R7'HGu׺PrFEQshxߜ^R#B ~`-]&a;3?o:L 5")&JM?aL{^wQK/!HQKb[nAeLBU8>qqJ/"J-ae9Lu8,&#C<؝AoƮ\厳S6JݹWR4 ݩ)j> [BCx)|Fջө>HmZ{i]OǤ2K8HLk!e!qQ'lϣkp+ U =^gxe⧅-Xt'x\Lǖ ]rijpdwvW! !%{) >®8AE:wRll,D=3!f;m#ꌻ!4xRrrA$Ě5q>?|?N 1AFټfadh|s,xjQk5@ҟS]\r&*՚G.!q}4@!{ԛ{a4nvf^;)'x~G)Txu*&p4wR=Q; (8a(q]0;^ bYoix%.yU(yhq=ɵ|5%@UIT- `0zn}ssĈef8|x!=\ɜ̹ęr0\pOCBnHgN"fM}ǻo`Ym1cׂ9x2ENK0ِRqIx)PN 懣ڟ:1*>9hԷ)bJ4-M^><6$'|َ})dgb9K\Ƈ),M6u_\^,-H:iOxZg9,**+May\!ՋT4 0,sG^1m6KHM\PJ$JCw,xcc$~a36sQ* `9gg-lg[dCz|AuEy̭aɀ_ARm.}K o2%@:$hSv=g@1 @.PVKu"A]'FE~7_Cy|8X!iيhTw;;Q)E+dѢ44Ll@#f5"o:klԁA(b*D/:nm>u!5)FyFGԚ/IqbxnNMUnF̮UW t/t+8Pxendk-N;IŇ1ȗi 6t|OI2{.=~Ÿ2s9>^8:нBZ*= eṼy͘"Lb /qݓ+xo?sw+҅ 3[8;L&W(G}-P넢ƒ㌽N;<lv</ 1?6>9[ !k S9 "ϔ Qb#'uU/_$NoЫ(A|rbA\؂ @^ڄ"˖ 'sVaWn4Xm(JI=b(vvYQ BVf4qq@+|[aT7[kp@tD +0GT! "o)vtSuKk 1(#P/> [Q;]UywH7gw?-3)Ʈk!1CtU{ۀ,p+Ï6^"DajLŨ}JRds`}r Ziebz a>|I 3?ߩam_.';@~ԛh(5^O'5 zNKB3IeIx|8|U?<$x_r9"WݚVl q%>q+ Fڹ(qm,mZ*K_[Er#4;G;'ܕ;i %? ')[h4E&I9š-O}9sQ MÈFKܫH ˓2C:HD(S1щh ܄H>76ϔcy {a*>_ ""%0ݝHBb?U{#ŢWb@'6W7 r}scHq5Q"?M;MeCm<;x{|VPA@X잘2?n?~~TdW.xd<E%,~cE'BlO;vͺFVJMg $u$mέ 5Svn][pR!!%`Yړ3htVq!)å=etꡜE'h40)6@Ҍ;qW2ڸ 5ax}ü?ZYQj8O%QSSf=Wqp^mé^RJP7ҩ -~v{Wx@U6ĻHwmBZ-h*?CWSQ]T̓I6)0HH `rk5).9JJGȦghh& Gqː}RbL%پl 3Ȱ7Ex6;/ wQBp!P'!K/_br kaOuW,GWt/ӟɎ>*-(SPl TH AV1hvCEpت #íVܜ o ֕IcS86V^AW4 Wwbv(?D1ɀ>!G3LM%]o!RȨּ`:ٿJ?_P`tŻݑ4w3`PQ*c |0=y9\ 2=)U@EFrA{zA:Iv?aYFG!qm0ug(2l;5<~Y5Wu 5S{~ڑX|ęEhS} ^]qJGr DX}f.~\R{,(R &RH8|`1D`'Tj")?h:>rw/w1,2]`6CMaQ6El9N$RhpalHP&nxU Z`:P M~~n}>Hwx4u*HK}DJHVC:,hS@~b=Z5LpHh4rLV!k_ibn)y4G~*^۸TkhTT>of=UI44Saݬ@_Qw|TngS5n iMG%Q }~spYy`o-髑F|?7s>xqƭ)ƒ 5`dRD#wB!p]nEdHN)/SFkGnP+%0&MipVTh{\76qQ^ f:1[$myDWX_ Vas/qA۔v?x{8č{ȿϛ"NV4F\"3\D Cevpd}ŊSHSqigpjړvjǹik6.K(}^RJQWl\ ntQ3Y_cc d/U_q\~5rX0 lCDC$3={^4[KL{1bIu5V/?ºO]mSc<$ŎlA$/1n&lhLf`y6alK `߿ dUkd_wVxuP'7HP}ğXfl*!gBRJ(hᱳ>!.T)eKhٔI~HD?wJsiݗ}RB9f72>_A}=?H [F8G~+%}4rlvu(~oPً7DE2 5mv1k~e"Σ\@\wIA640AS ~wxq  ym$9\`e^K w.ԧzB35mGA-^ywvc0([] ;s7S==Q~T9-95wq .QHiBYpG TE]ww$n# ( iѭ՘qn `]p|stT%Y1is`nY[zOӾs2iIZ]zlbZ-t"d)̆.dEI,ye bc"y5a&%F'`eَnC| J}j3 gxY Y_eB0[n ]K.tJ(ýJtiwF1ܾP By@ܶb;20Ӥ V |`fʴ^ʶ6IOګ& VKc# Kg%D'DB24%BqֺY%ITnM;ڹP0bu!R/s 2T鹖$] Bt9N;# ˏa3^YT)|P%_GĖYc;sp(c/9QzQA`?tdv喯W7Q=s&PL1@<Gt '&*bl}2%K c S;SkH#po,{Us$ m\=\2~IXKVI{:6E\Ö~<6\'qy4~OGOՋW~]>[x/ݒ[ۖl8Nx 8Ӡr$AW7AиP#>f1,Pdd \Hʼ-HzػqaeXLnCԮAZ^$O$jrC˽Ҋ8RIժؠ>?JRLG%ZꉉZ^z= Mt LФ5|4հA''E}UCKw}\$Hn+|f>/)23L{[h9\1؟<RM:{@p(Yq|,0#c| uqJTV&{аmrM-ֹܦw(Z,@ҳRxTvԩ@){4׌bJ-)l>,>*IP'yNڂ-g[ߒA 0 gwF(CSeGvK>[zv>d"N/ɛzGzPü=3|rf Ş?Lځq 4n [s&'U-a']j&LiBq_'F,mJTqbC䒞N}Ȃ;H*$6x"@IO9EV$+Psp/gei>*v+Y(SV̓7VBL׼dۍJ^{b.HJ|n{چlH4ωdo+W#+-+v+tc(Y\iYa"HI/`"+V~]}89A33r%uxa QVX!a k@?Pہޚ ҋkE2КdzDC\:)zĝkL^XJLJ[ _~ˋ>-坂ŲTC=2ZosBeHGbriux!S;K%Q8tqP0ȭ-VAY ڮ0pȕ̎+(&B9Qgљw%4юx%cRSti\3g} HjPA~hyiJ&=>|Eʾ]}'J^zxQ珒/۞F vL3KId)(rYݑa Ъ8v^W^d@DVtumqY @mi-]%s+H8%'G<`:1b|[Oo$2ʫ58%<ED4QE>0GzP0Nz;Ͳ6 ](aM;TR4/"P5%] |6J2E; zH SY>,o,p8BOuE>+ht>42~frL&]{>A~D7=đDT*K/y7Cmj'XCx=cir^ۗ~Ox~&+piwyى_*WɬNN&'m߱; Z.jS!o+|ǪqG;.T!TFACJ|Xd\v恈uҫ_JOB.OZfc%LlʳʑKJ-*x|tSQѡ+?uf(ѷ8h_$rheX~mH퀚Zuߜ <7{,TCbk^[4)l)ɚof?ct[^:E.@Ȍ`?1F1պe*X[Bo:)j^wJrnQ;2/:ZYJ<kď 凬fH7Ť4TPI]S_uAl1t&-Ⱦ4P:;:q ƐncE_2Leq\ e'w6^]Z ?c+ y.V|m?sZKBʔMRT,e8hTvy+5\t8[ݝnyo(KwC3Z#D&>QnèuNs[ޓ3uNL@V &e!@gyL;00]niHߚ}]Mg¿ҿMTs,ϾX ErٲrͦZ>81wm{Q仚s70 @GWg \E0X-?I/g|TNkÞ4{p,=JV]ꬁ4!}e=:n+1 o)կ%=H `\FpXH;4`gjmǕ_ JQOIk5V>!g]#(sg V'yJzf F8%)&1HA qvQ/")xY~;@{Ng%*ZcPή2l9Gmb<l),wyP(gjH֞Óҧ]V|qi^pe+\(k|t:8%7gI7Ն.M*$z%C4b<2z¥7}X OP)8^ai`XAZzk>?hR .*äKWfnqll;bd];p~|3a;BxSL$/s n0h.|.Z@5`62tmQ= HÜ*.}XrO I{ oʪ.i`sV,'?,g%: \p|4gihFKRѪmD^*ۄTR:UЉ.enZf܆[8RW$!@ݧ@CiS\䝡j9AY(p fv6hi{3ׁzXl}o5v %QǢH9@\Ŏ9}!(f;ȩMu߁CȥVl,YIDÏ{%䩛SNr!쵎q}=`[QC |#zB%ܬ-Â*@@4FgLAߨ{#&iā{v6 L͋s^@V=GyDI#9q{&hUhVO*3jۘv78eF|z` ek?@XYAO Adc1]EfI}&?j8!಍`K3 E/sG*I1} q{I(,r,xM4Dfzw,ˎdiFq?=-?Zԟ>GTw(1O֬'w-t8DqܲHcm2|wو.Jk\S8?|QfW![?HhT NnH }6+q:$aoZA>dzkz_;p;贏H2 8$!6E5jTpeav=ƞTv!AJ;,[*6us@d*im%ƹYY+f)Ht@}$>93ڱ SnEOΕ=-AkxmpT(<6YIpȜ@E0AU?x⑋^lC[|zCY[ۊw$R+>Iˋх!DCOZY \LML}CQܶ`bDjVm6kޝIyU>#X~]v$gU:OGcR!|!x_93jɘA@ZUJv2 KqF&)c{X* 7z C}(1XnUKf<" 8rΪ5/8O6Λe!|r& s =T3*f`iMNSo+u6 1TkC%<ݗLedv W GA4]A ]&g$R,|L)hkзHuY{ {:`甝~Sd Y8`rh)8(L9>.&vљ.AT7VLAÝy29+.χ]Π1Ym/,]v)Qw̦R %l,nܲ. 0kzrMS3#,U= r6ı[v$L$Znk6]Z`|[BË|3#^Tݧ@L!!Km/T"&Wr7WyG݌E= T|A˜WO,[?)@pE_'k$,/mR?fįqۥءN.Ȉ0jb qrd$REba-Q"} ԲCQWNU|آ. ~X4OM1J'N.Pt_v4FQxa0:RB17$s(ʉR4B@b:J1w(a%DÂȜEZFNg] 9vȓ->vӉKA4K٢דgO_rEGW`8GESSqƆS^5BwCWCQ.'g۔?gfa7ZxhVnMO8T]&U)QB0;\C膊ScڞRse/rZj)e@21) Ev ;3M >ig@\0R.TgYS #>&,x3OY<,B'qӼL`.b{/?hd/L*AθxêΠr1OYyT <:$u<= Ѭ>U 5x HH~ӊ {ĵFKcwH Gߣ >z.J>$F4Fvٵ/ttB?FCIِ8q{IɁНQ-kLѥ9񉗘 (:|I8#UDو ׌QqݤES"QeYnI{;u~eaaS<4 >%`fGt1gsOAW'YN g |u0x~gZ'*HEI&`۴H~d5ۇb{s Lp!3{ ۖM:ks (cx٠ռ^~JX դ.ɵ9qjQۈ͵yw8]t< PhT0t.̲^jGJ'K- [QcA9 sH郞C4*`EƏ|tQ){ 5Bu=9 [ qׁxiro'1m(lK!5K5Ȭ5 V|@d [Q=[NRߡzV?`l5IJןZ. iL˨qXs& }{aH|¤!$᭍ۇ}isIKcix e@t=⥹ $q']h Ps :\WJ4GW$﵂' (S{SD׶jYhj$@(B)ۼ@=iB8+/LEUbX(wiBǰNq oQ>ۦhTMn2{iCBAzסE[lab!GYuZā<~WIE 6 Æ&%Fz]X/8^u7T~2cB,S%1pބ)c)9%|s@$v{rc ^s5 l }MWN*>H ~H =@?ϡ,b~7s֮Q6|g 3|լV<̑^@rؗ%ͅo.C/̘ݢE/j#Fo:%U eﲡ>g@T@,5"ΖWClU#ås MAv#" K-SB i42Jo24u?olV䔏#4v߉$Zĭ]$đϟ͍۠wM$޴:&3VV< i2U4sp8/Ћn{_ ؏i=WqiӣTO&kEVG$_i }jG$lEk\`~hIBXyHCO^[ٰB(6-˰er jlLz nI9l!Ж[z]MaVh^pҊTs/@+LDsb?d(=* *JNE~fፙF݋20qdE),Yi:>񧑕{tD$U9y3fs)4ӼvCu0?1M71h9j),d&1&L}e(w+?iɁݺ?pDOb'ŞlH^m$E9a_3pIKlp pa! !z>D ֜j@c)|%A$}?FhcO1dwhC A,h0uc&F.}j0S2t(x003B8kI r"5=ddߒ@t;}p/Z<Ħ^ĵ66_ⶖW/(<@\j' 8 >hy&)VV؉:}Gun.Ϛ:iLDK@I–K_-&ٽcE(JD,W:>:_1BWsHʐqI$X-[w4?R Ji~ga@5;rL9@Ltse9_py1|Õi"4`j10Q}1쀢\,|eһ蓱Lz*'~ǃ$<~7~C!Hܱ=OԘQ4{3ZѻǟL);%8)Ql4^Vh { j˭Z(-m4g%ŏUp l7h5HR/wQC8.xhoGUm̈"hd0W8R5zq&̾S"#],uM2ޅ[idkKml]Ccz5hUla껾LkaXmTݓ1~$ t05g-DY3&|b&-xJw{NnQ73>eFU+BEteVxsVJ!ec pٹof%ng "|%EpT4if<0v{{Z̄`&$yúS<>>9.j4܈+$yx ϣo >  .WEh' N=]fzrKCDt$'+IKŧo^_T3q>mw ()8gkșaĖԙECA ^ kql4?'+Ew&⳧A8Q;fk?~s UV:;%܁.4z F˘&3ÌGAdbp;`H'&HXe?1JQ>0.w?z9}H\s PGdK&ĉA&HԼyTnR.lIZG1;H9#voɅ,,_G1NRG=xgQHyda+Zc !P0=z^#/іi;GJ]ZoqPVU,kfp;a*l1^M rl̜!6w 3q;y1A[dY!d'P;Țb1ԘMR+ҺOn@(~} ޾ XѸ+\"λء*;ykWH$OF|;` X ="m(ɱHO(Dp m*ڐ<\:F6>[dhmS5C=F5ͳ"L` >a dFU^!jMm»@\M~YE ܹ_h? 9wG}82HΓxP/' `X x?LKZe ɝ""\ xnSrFGLW@"nѷtCv'?vs`u ?`ޫd+S臏QciRBm"B><][^SIpXN}&,f:U8[ eQOtR3NC4q* 1PAi^ΧN6U['Tn/7.%zvE̵? v5G,S>x3/շ6E~}R*'D197:A(Vexfl}PJA3#c:f8UYsyP=bbD& |]~SHzBdE!d8y%eAMfaFw|Ok0I*,Inn{s"Y1XFE@n<\m莃5w;𰽨dqҾ,!iS.g#k 0 _'z!JZ(P=%4<hy>Ei$~;*G#:6Eݧ8&!&KGmv )'"76M)٩UHIoL7,Dp"4+n#Ȧ2Jo/,*~n2_˒I1RO,0?yr:EnІ[hzIbuNKydY$Jt{=:CAA?J*'t닓"&@},D Y_&J\d7<=)})$T@nj אxnoⵉuSyK SYՔq6[G 74й?M "jqI":&r48m+λl*٭Ƒ;)d~v/JwW\Q=5PRMpU]L?*n`w9ѡ[/ݱ Wjf7l1tu0ݫ'/6Bf1'Bs!]2cn- @P*_R`ҹuqLӖgF2o\.@9h]MǤ8GjR<~fxVQ}kbMq 20l];*ZJy"f9|wv2KT r| .jnFZ4/)ǨV4gAh ZbbuwCfI!Zփ)Yf^?9i0VdPqYN'gl!b/4[~5?"!~_K4WVBʺHZ=VM L깡JP[989;koe>ûd}ŌQ^ "k8%StEOi]^ -{qZ?"F0MO<]jpE)c ѤSqG)H$V C3̧x ȟFy\ "-Lt$ȸa<1{;OuGom.&mjϜY|'5j K0VrkDmXPtVAl3|Furq$u,0<xqV8yW=~̽=C9?iQ28-E9[]KBقNWLxLp g!ZcUH6+9E,b0{.6ƴ(tmfLT:̗ۛ. `I'8u)x*SUǪ|87_K0m&6 8.>`aC9D>Mέ'אMxzK &NYoo?]"wWמ0n ZaKHy<,bp9 l0Bng01gɿFQCv_T b[ )TmlCiӺeeownh„г4{~Zc:0 Jg111p߄ce%:+ɱ ԋɺS"oH^ i^ϝIu mK~ 䢖-DEbxr_\V[ &a0)}Sڹś3B~X\Պ䪮sV$}ԈrQ6@a} c*+{cj15nzΈ Lb &/񧯖Lj֢ HR<,lPjdٻ]ֱCF6m9QY7Ð$sLA3P"wƫhTrI5WgI~ygjeG뚖`TRP+Uqm!*4%I?H}S`TXw~Sr<#FL1~a5XNЫaG, =hEe+Rr2{l)HmNۮt[1_4(rTT vp25:Rɮ="Y'y1Tlgc{xia62 z6i;A*Str 3ALXh3y\h ] H5Jk.B{줨Z3ԫ`t%zTaNP=nw[:i:(!:5/Gf%YQ , 9*S|6u8YQJbl9ͣ5DG? ᬏɝ6\&m~|LiYzHROmzEp*Yd ncAÝpڭYr64DCD;A$kv5I=`N)0F6 ?H _d"Pl0gLp< ]Fb—R@zȼC38i1_ nA :nh/Ѩ_)558>2yrU1+Wu *,

)YyזVWYDlc56*e S}'O7-4I*ֹ`2 ˲00EF@D|Uei^j%SR!֡a¥(ty'iAu)7%^dvLROZR36>{6k`un*q) ^s[PK]) Uh-J8o}1:S?ՋsN͓ɺ]oa}t`Q[u$WLmuL=|-ieh:OyRs/ mٸvq 5!nKmoއtFu$|4JXwLAgv*l'Kg: )- @8i$' 2)?z~j+sP\dRqg7#R!.cDB( :dhuHhMEQPX*DZfZ VoSvF ΊyIGz2c!p^ZL6fz:ϻ\4FH梒Mӽa>YQuj 2{k㉵hM=.a8=q“)0m-j/yzeyHoZ;UAҀpŕX}Jxɹpe-wcKV8CiԴOtowxvˣ'1d# 7yegGVm^+B)Йhm>hCosAz4hF`2SDlÑ4C-p߾hiYZ!.}IamB #Bds `H*^aB-=|ֲCLыc(i:dan(`eZh?q<JXw2Ƙ3Q&!_ n8pL-f HRlS0{|ةYȸv1 `ީiΉ,1f uxvJ'  RŜ,>jGU1zf :N)YtC{,), L[VU!6RGf$0UR]ҞU׵8i!(yCV|\2i6OF8=[/YGfM ( 5фsc >^Xo=$Ab @2dؓpKl.szh yp#5CR6AܭE^/IM? ivؚ:,SFunŶ I-ڸ:Hr= ' 2`hDjɅA'˅mzfɀ6GQTFMHb NU璠zCTzf/vM? j>$r(BQ' 4DgLӢO҅vԙbDʥOdi-FJt+6qٻ ~3X  "JѦ!<}x}sޅt+H7n "c}qϷ*J䉁Xy*?Ifm⾯rA/i~H)t^KES([6#^ 0?hqܩ'ǐPn/6P&l,.,C`PkIxF|e0US^.F/!F,z)ːIpht[fS.20FxAeN%9M^i3Tِÿm'yFzBmVNSDvHFfVl 1t::x{Nx)k1 &zȐ5ljPО8vHbtyVn;t:b(}*1="DYΚD Ol4ɍuT{!k?7o YW7fxw{[}fAGg'nm,\ XMX7Ot& usoe)ICT/U^V?9nP rKГ{:&ȿ#l` ؚN0ЎAL)0MOԁK-_RD͙?33\YmD_W9߇͚8Hr+۝57:z#6ge͍EԺcUaɬH 7".wd| PLwVk xE]7";0irP%wD[ۡzm]D7v\zˏ3%LZШ eH*jā6.~%.ߠ.3deֵ$-:,XA}iN?@|Hv"{]fI|q]}<<$7 3ީj -^Wb=6HCTD^1~D"ӫwNN~l/Q'd^WrOUgÓ0f*+bY%#:mOJUwSB@Ic 3gBܸwsZY~p[_Kh wKS8mv;Ux 'a#[ݚVOc!u-lO4 6~zݾhْ Uo';s"&yw> m-bI%KȼBF}v^x~wE\dQF@G?9ƽ48)|GF"Pc[YcwH.>Txݢae+)rS5)e? PcdEM^fN]T8m>HT@ӷ#V;K*w R R~MxdFH~M]CKXo۴{UfU,$}GѼQH'qB Rdii dG`&&99kCNuFIiMS4īk N(KYRoz&..IxLp3 n|(6/}'7pM¼ ,lV#ҫ.qvt9B,ӗ7wNs[tm Av3Z/+?1'wVܡ›l/=$ YW"Wz7aMBsd|27(ZOp !ʘסfq?~0"X2>;7I]U!辇 w5zllB3J{K фʼ+*? 6p@%-Ǣķ5鷔SJ.g)|WHwb4Ξ܆ns3n;SW֮!G`//\SEfɺXDs?[]ACXX6G U$4nKz>[b !I]曪Acz$6Q2Y5iQz6ss-سρdfm@~H#"o&%Q[RP8LgCfSS\X>VxFo9f 3Aɏ o_޳;l;7.w4HNaV$Uw*aN~FԑM:jB S6^B7 gW)iaBu VeSt/ITH\;&,=bz֫kSJ_}wmL2e|HU9u*j4T3d)qyvtWӀKߖ.c6݌{4k"}m!#N{4Pl$>4ZI= L5> !e}p?5bY?GPJtld$/tNx9 B'*uKsѠꭘkWoP:1ċkynJu9U>~U2n zqQrQxޕP.-o^;N9A&u$2\E:I^ >F*+Z4 r^DY#nG\\Tc<2HgJGTi^ t4~e <>}/wYv73]@HP[VIeT׏j(VeOVGd7/I؍!ÉBR ٛ JRahF89 z SϷ`V-)`/X/Q@+CZX&ΐa}I!/w*i9?# ͖=+BL"\m?qVE85!B깚urF.tNV;$m1)mMoɁOty|Cu[ a/*:hH$=lNJo wL]]l20eȣzCbͯI ym,|xMPXJ$NJ1>eŀ,<Ҷ,K0O7Ĺb2$d?8{m#,D?19_֛宺|Ukhdnڛ-gԕ%hq,k  t7թ@ȼH"k"j=.)qZ^9+I~%'T@Nvltv8R4mTĽ"b>Cl=eЦzVqzş|8)[7.Ѕ.F-Ħ{p26TofBu<+u[x.{tstlS6Iω1reC䒋.r DQj<\13J/0zyƗBWk7]q;򥫭Nw6} ҳwY]Va8 ;3egqpXU߯%GIhRɸh5i%gd<2wR@x˧w#d8RKᨀbaxpj`}uAC $IUzyoE^xtUtA8o& C_zLGn$)2ec_9[4kyJ}V:9ph onCo5{Zy _r.Nq0_cH="U}+W>V IwEAhtYYy[I,yãgr;τ8csձr'| Z%)[yLB6TŸ>!E'E;aaFuv?[YHs|۷\)d}Sݏ]S}aA"ʆ7X@-~G@yr./4.W՗o3oAhUIHBvnO)D/ݟdFC ϼϙ݉Þ3a 2lFR*m]mSrhn4. BtAqIW:hcK.)24 g7nc Qw)BrE*Y<.) >j:߉yE|K:rAg;F FLB̥ۮe. sKS)[=rB8A }F;-i>5$sW|exL0Om-<=28{nשS,b'9)ULyOs< Y65̺9$n5t͎2 ^=۩I]LD{R=+T}gpPyp$*L#fx~Ҩ Oj>ڏg t>97TsPB L#*uf„[7AXL Y(Fv3A狛/<(- >I:8}jdQj1co.fnzyS5 ~:7-=-xo‘6Q/#4~'+DF` {ʨ5I}mP>)~!s{_'߿`JS&!IS]h\ש _)؟׆]JTQ؄36bF=@hw.K0Ɉ#Пp#RNÊ |zu6]_Pk|{?oǑq[ph*QUDMIM_0v [V7Ndx 3aV;ߪ3}Ǟ4b3#v)EtTM1ͥl[c_f|cO+zێˈ6/TvssoL/) =yb+e &6s!}\8j`(?zBi-vAruٶ-zz(0tv47 qn}P DD;F^.7(~BP L(KNPsOUD&r4u!4&ni])hJ<;p: h/U 4Y9kݺӲ(~byl\qϻ2nTqsɆrݾR]#j:`q]l:K!4Q{;((L"4pR{7v !iyU`:q'@6ao055r[`rmS*Û{ҕO/6Vzu LAsVcpR3S}Ўnk pW?{_K9m\pG s/ks,i/Lɭ9gQO!̲Yӕ|œ=+wj}zԬ 3.( N0b.ɓ@p~;uٺ2#kCt364`OdZ Jty߁AQVWjgal룱/T}|ݭ^ΞP?NLZ+l1N,\xƕuīX<`bKrMI=tvp(s̆Q8KFxg\BI2Q@Qt"Tqgt^QsHT;?s" W+H;:8dU?.ga>&Un剜n9?mtF|z RD5WYCO4yv@ˁ+$.?x3>ê~½$:EDA6,sM!\hL ɱ9{.7mkN3~I6M_QQgIvw!gvB)U?>l4=Jd/5Mvg ʬOV=MeG!/a^br10[R6f -MhBI`}͝1X2pXJf7*:e-SINp_|OHҾ4{MD<GF􄢝Q;Oi+@RϪMrw:;/\b <"gcrfN~_7񼮘'vh,I|%^0wb7"k7ŁH~`U(= y?aŲ62>,#|z[FiH凥dabrGt`?[19Y'1ʧbrYE'2`{$S`vպpg]? +M(ՏޯbLim;UN3~oL+mw T!AHsҟ/31R;;yg|Բʬ'МF \}C!QK \%@p<.E|LCI|N2nWs9イM?ݜ7B4 o(!ު( 6'/ 缪d˜x 'o֪M@aa$9\rATN',۷+HB jdaQwZaa~cXWJ1%vV⺟@Dbږ&n]LUODx$T'`d[/"^m4E+am-[$%ngٙ,|(GO\j_j l*>Gނڰ:_X[֢״ZEn{T%K,/!(&uhF'm'7;rXkӜEOaGG={x%ϾkLGR[!\(qagÖLQ41đ!uv4.Ip"L%4՛^]{pKS7HI l<hUi*6gfy4R,ݩ`F;VV6F8zdz 0I+O˷24Ej0b͡}+RG![vU"o$F.ӥC󒑎Y H a~0oBh$9ɜcE,]G< 3}Mh>t:]Fq.8f ? H ݄U:[a'H%"rFͼfGBtzAxC,ڍhg{@ ~=%߰3]GG/`ABubufUm*ZۆwM,LJ*ς &Hz^n8ŀЁJцdlQ~M";P Mr@AP =!'$Jr!CӸ|F@PAq$c1³In%GzHSB2%w9i}/]׃?!B҂^{?!PoɔZAG @/`7Ǔ(|dBP&g 6E(*V{L|9%|B,[F"qVm+jBOs@Ԗ!Mk^'\9ϰNlB_g TXe A"g Nzem۱Kѹ?U:"LLvf2|QUHu_^#xݨ^!W,(N/kZ VOfOuG|{^ z!L%FzRr z* D%3~}oj[f 4[ h(x0h'&gpDh#OEG/aGzr7IdsO\#V,yQBԯ)Ƒo U>B(1.O 1W8So Y?dq⻪y]I  T>^%g#|m6:+1iͬ</o `B)Ad"!^KNd./bG f5'306gjm]b8]JWPLQɩ·/m =TKm^-P8UˬYᔈvȠ"IVېLStitjHV͜3r[{S]~vЛ]f`kkv msrZ4ʑTg3ɓ^ߗT/ӏWeo>~Vyh_ZDj'`࣎_\iCRxOJС‚XH\ßQЅCdeOhFG`bf+ o+v*cIpʱkg1 [kE61Ph i A3uVqy_'R+ROHSr3!+yh\[O"" W]EB~?5E˱l3ȿpR~Gk"/ڶ`CDBmqI!\ g`\c~$dx9BnS1LPp$Eh jj*PQSaIJ.\]@헱qu3<UL"G(ti;Ux3L$-sߨtQw-CMؘf7; }Ng dnuizs'6Cրs}2Sj%x⃦dx u9xhpaNNa:4CizSL:^m>{}sUF#ͯ<xd3Cِ߂fJITB Mp<.ћBg1F<(ABEt0_)@YD$7~4q MC126NGTmD;N ?g]*,7w-Ǐ pG@-DybR ?;-9+d"$ )7ۋ$; V>4M[ '*Z:咙Qe|~ ^#yF mFʕ]*=l>qCzKԽ%`]ž$ Z+b vrQ1KZeZ-)סZ>N . |{+)_ojƘppG8e#[U.xL>jvR=̄!⬝'"W]/y6\"%USgEHzn,Da8yyAPY?f,kpdUjg"0% b_Wy;)9婽mP ,ڻWpyÔ^ds@wcae>(q;×Kqc"@s|AqbL#hfgd?c{[H2/t;L,i:6qXf,H9JeUTR.?-A4Uw)z)(6MZ;%n'B,s{˕2GqYA3-bY#&ܻR!vň67%z1eni-5F"\2(\^~q=7"Ϣ6{E]}_ޛ$< E=23/7>G[ yܖ.=6NgD'e kHny7ۊzbD).z]SX=}A)pϪ-'S!6 BњbnQDʼnFukqQy{i: ~ /-z˘ƨkXf[i"-n;z`:BD}okN.Cq<dUZ1XF&C@?wdz\\: K:qX vL;us5+LfĜ>~,FZtg^ۤ_nnv.5 |6QɍË2[2DO^Dj u]|1}X^c"$Yܔs&Eq~[D!d%k4|) ,A\L?Lk 5`f5 |BCj i~ ŗ;;TsI` ԃ6Єj eJFɣܑ'\BI7FdzǍ9qOn"}W]O1՝fmH]կWs颣x 4HKrUYHJ zb\>2YKgdh?)ag̢A~aP K-{`)W {75=SHw O E ŠT19 > NbV1#ĪP$%wJLmgjD@3XD]MɩG03-lQ|V+Mc+d*G܌֑Ա-O֙Po9qt&y(#g.5,ݛJTMr?l,ܣv"ţX&p=p\[Ւm/FvkR) z۹&[ioliB?mpR8sϿX c*d6v]o-˦#LƷ;qFrw;17l< _ۻ,9 mFp>A,@`ԉKzZS-pG&0F7%NI=~R;̃KJc6K*: ݊R_<ʚd8S`e[EpG?71GbźGdEzt^·2)x嫅\/<rQ=! 9Hu;ȮOul_i:u멘#v$m"n[1m#$yukyR|G!vem{a#D&_x&4}3pfmnYXC*EDP"j:]fA1wGӚـ*0%}ߊ|+uGM=ѫubb_2|7^?;JxN-Ny]p$YSYX`mg΀8~Ȋr^|Ø*+J*iүX@9K,9/v*lxf}'qXP'8/]ʓJ޼nQSE!j;Q}9% sZ,< CH+)֨9i\_$8f4mc^ >˂=l/7|j}C4f@?PiT>][h \0' ٷ..RC42XXLb9dJ!* Elt1~ M#лa;[WAEA<Ž@$w~ sgV'/ |LkT56`C &!D|8zVHR"{!3ᤳd(>t¤P@+ʝثmٞg_]W"0k9l90!:i ӎ}ђ\ɾv _:n to'?CW}SAt`8@bH*nޮ _(RI2:}|\FH!`הeu(Lph,}=B⨅筦W|]Mj 6tr!va v2Wf)K|5/ޮy8\﯏Xj?iQkNN M*xh֩4%WvWf=+kPo: Ƥ{$mr q m jI>>u )2!s}F0ƬxQ[ +zdf=.fi p͚Hu+gH8g`Ij_:3N8^Cс Wٯoզ4RT9E!d_il0=7Җwi%#1@ϻqq`6@uMs'g<˟RKSIzAoN_iWD NhXz\EcDylôX&8K3);l}mfGW2 rӴu\)8ns@]ǏN" i<ӼLL9h kg,)qSF]CI~e e'ǟ!>^gD [JpdF1[X ӎsJ[Ȉ޹J# f)C*ag1)YS yWN%(2mPm),_]b 1sbO7!L+˷)\H7yh$j:1"?& @"e+Rg53\s&e OUӿc1H)F@U U䭅-{tw2iCZ>ok+ou{ 0m BFm| _1&T{3Ⱥ; [m`֧g)wBT\"MW%OW>p 4x6|FDw}³kÒ1Bl%_ys2̄NsdG>6PH֘M= `2z'<4cL&Cf()`ۃ|WHr,1̏֐)3:i9M 5=n9?hP;5oz]RKھH^Խ}$""hc~邖r +XjWpE6\2kҌ)?ӹ`0W@)uǂ)e.r=yhM@3Yhj0FW5hG dޭ2w`VHX1_-sJk INGlDZ(5oKP-Q2,F·2!M]u*/Q?l-퟿ ?_6p'Z%ߪ޲mν:2"ufF1 ViPp !@:Xp.yTSN/ 6 E=RLϺ AZiRKJy;ܦdurWZ^9m01Ä$Ly z܍ S<<9;4#M}e'X{,;_E0aTG۴mFe@ A 62ef7`#9=_ >O>s0f'90Y(GP%F.1  | 2cG'{H l'F:خ4)(f3LRIλ.)=ihJ}'_rDn\}h62s+qdhZu i^%vEzU)wT,J\A%Ig7@;njbEljm&q`M3W` 옰z C9čiY-1=/3v,5m4E!|ԃ#W:Z/Ҁ|MӮ@&,ͫ瀜Q#ڽEogb-/ݠ쏅Hđjl7'S7K(ݚdca:+Fxy&xEȱN t D((XYb%_Q0\򰤍3*yxܩ{YVNhSmHS2LjQ5仉wtS?3wV X+5_aō #$oc9!VG8H4C_ ޼AG]Дj=:i4]J m|KRM@jRez [Vvq/:k̒+;~ȬcN8d1i)q$˾ $+#qh9l CR}w7_M9awO`&ƃ1C-(-35a9x ?nZzAm=JTNy@_USFfzfUhvc o9`0 (8O8}B$3'\N˗l ?2=xޠ@ t*!blq[ ૲W #@j}[% g:" 4odA Z씓喽=]}qumWZ}¹י@ Ex9/Z?ؿ&P8+ѥ R/M& C? z j-CazFJߵ+-k.*w ğI^H䊕ZB=L`|Xjo}3 F tri!x=B,\׊ӝdO1M5K<İ5/Nq6ңA1<ܷˇRf+>a{?`WL導KQ̲iB8k+wIC\wp7O ˁ|3쎣ϲ`tcS$̄i6kȎ5 `Jk%*-3Yȹn Ac 4 P{׭{8mitE%8%)f*x֦҂{HvO Fnpێ(qcρN3&n8YY"ANi@Ӣ3/<9pD\ (. Zqec }ЌW&̥mYH`ROC6f sAIr}$cW݇G? |:vEµ.BW?M,RöXKƝ[H0sD$D~ÐPtq6]_~I4٣5z3qm_49*bzglIsPV f7-l(ԯB?L`4XO< *@)[`rC*ELVfeڛ9y_}P'd0\+$CR>Eoà{I&Ziѹ%k3u4R4oNpΕZ'Q9LÇ>ιO;kz`xtCmOE+݌r'o\pAJCN? K* Jtd+#՟6;\ )]6ijirn yeUKШ<\h#Z*  u#~׻Z yY%!~ɪ8QyQ QY>o l|$u`>>):V qi?Eog'~o 6ㄍI+\߷$Jj6%Hi缆#a>EѹQϴWuylLsȢ.`V!O'C}f'hxj9#JփLHSbD-X NG>{SkEcM&[^gH4q+<ݝ#$cThM6; Qt-OV,I U,VxGَ_,[:6d(XhJ!<=,J' \Bvqj4pg44]sF }Ce_ fk&+ 0ցNjTZC[.v%Rs"e7]IG. lRQ"dB_gwk"IXK;r~(ޜbWK6JX:UTƜf @h[\U{._Ď~5,ib6 r$XlWݱ-o=ʅ7Ek5zE(>r@q؂53{| H{CO"#rJœ;{}1mT /@/ P/f+oCQ=N}0u1I5&3A*tl[?RE?m^'ImUD/§Np7|*2_JKoH&6yɳw/,K 餠rsFCuUmx8BQcrU!1Be@Vؽ.r'k’7鶋S5R]'pӐշid1(MAc߿)/\M- D t= ^^1#|/FC[BK~6:Խ\x^ GCTm*țHl˘d NRkEWL:> +5L/E2ÈQ-)1e2QȥCA(>.3I杤ԀRT:l"@-,(/TBM@t3w">0BzL @gR@[y)ɼQrvj?NtkV<蹃RIr g+$A,aFJdEF/0l9$}!$eZ  A$`V&HPp !YbVd.@Li kʯMsDrSX_iDFmQQřq(}EyӤ ~K9T! zm )jr-7~_8ϏwcC==lql=R^M6GoPC0=`tEg&dy9 t%;o9,~Lm尳>_od}V;&lȍ%:9,o/>L&|g}ǿB)62쓫#{JDxSWWz 2T0@X3QỴÆ$KO— Ǿ{[4k5 9ϩ,5+8cdž6sOfČ=9-o j2\#JnV5u B+o-GM@?D6 H"t>K4NU|JR,5jV٪Ci\Ύ SW2wCwMV?b dB=E3j)< .Al[0Ŷyg=@K&U0YwNxQ b5U}\`e+}'n;YnYf5m Jr!佯2kc{fY6,#} y^@dJPXL-2Co? `>!ٹ f% }RMU?ԞX*_ ưǁa% fU`Aw7jx7S'Y@!(F" A؆Mxy!㬊Z²#^#c=Y'Cɀ.=SSwn~4PN>]yldu̙cM IFꐇ3>ԤWnĺ\,N(ij䵇ޖH]pۺc|1؝1~KN[ۆYq@ĩ5ZoGQ+z*[P8Ȃ ۇNQWk/FZ8 P<{=#SL`{. ]Z=cJ -AJ(Ty:b̡2; Nت|s찘o>^!8rIU;z,)ՅʎO ;] FrOB-x~0 Dv.ZrV)Z+|%"c: Qʣ菩bM]=-%P<)FaxD$8!~/=yjGNoSfҭ `]>RL!c;>s^gCW!I3֏P-\mrKX0h0GT9شtA5S78\t: /+; *Px`2i#<|db;pr[<ޭsv 9\٤_@Ш(3.N[)91hS4eQNDN w paSŸ:qqIJj<&WAkիsO8R AA kyoOL!,%'x ^C//L. o#Aׯ=ìӼ՗IՃ>zm Y/ QuGb9{6LV"6H 1D;t/v=jkM׺]3s7 P.h_0RD\C.wE@0sty B mS=$86jhʎ |B2>'u-! %+.N3aFyQLD?莇J$tW 6+%́ts_i#j#Ï=Jti<ʷ@l el^0y Uv\3&:][@ƾSzAkp- *v>C >J7f,΁@K/&(/nI7z{-voHhk&δ"M͡uƑ4Q- f]@;_ӛGg͛cV؛/m[jLs2Cȗ8;me8\&Hf[ 0Hrd>OZ K'9,?vAZ[J`ڀAWڴ p(juo'!q5kҀO3I d/ oG#M: J%`̖a6UUaߴWH sYw|j?O F:hٟOK=<@_eS ldǦ LJT+f,Mi|2mn>BĥzkIѿQ!@5[ g##:ZoXw{k272EG p _^nuլGb⽄38LvT QharQ&W$5 knW|AŜ/O(Tkڋׄq\* Ѹyę)u YRoZ&|PM"Y-of+(2m1rU>wp6ЏS(QH4^}FdÀw̬\`w4>Ʌ=PQd` JoJ5_.ovvtK7z_^W)Z[edHuX,J;0)2VMp28"\ }9RtLVG,޳S2j!SJz# 4 %ŭ}*󹂲 WSR9գqI!|bd&7bCu&-:XQ׋llv4zy~MFA2S=pׇ@12Kb'oQD G^k!ڍ-.>@h>3cuh>ORJWʿͽݜ ^Z4EO{GSwCBw_hA Q JsCpgv6 Va))}ys(å}SQ 9g5K+8*,no hhAWsj|jxq&&cu.,$@A3r lHy~іhj?"R8wFxwXeLVd pbXy&yU>LFkLHF i|cx͓ ^[s=B}6j΅Kh)9u?A\Q$ë_衄`tfmC,bB{8 tYZ.sMAs"؆bB4z~Xe"yb{Uthv[b9њw h#b y~IPԠ0ۡ4`9%Ȋ I`P6@bB "ado/㒅恾$c#$4`GJ<I(=[@K?lHy4:{ $fN !ajx/0$!R'FjC` j=-hM:򽕪!RCDS͍?w'dN!a080^Rx+ﲥz^Bo I]겙|_ VǼ4|on3|n63/T%J> AI+C}_HWsu&JHj_#XIQ2V!R&#"z;MJ1e%kUO/++#v]*t|8>p4\q`;&cuP44[ i=҉j=ibD΢wDDN G3#I|%nŠ nYi;׵%5A5w[4u \F/yr}AbLƪ]ѷ8'iec>7)!=q|>s,NF^X6eчҋVi Ep[tRGK7H4'UN3λĸl +Z_oi[o.*J駉4>60…ɬugB T+oM+S]D珠BG-kѭ13ﴵOP3p{.=^~om+Fϳ[*[۪,%>bN,˃׬k\ 9r' i?س.-[ xVj&PEIGc _Û?}@7\4B;=DB4JV;𮵌^X}DiWes{q-)ήaQА(I29т2;΢yZS=bk{%3$29v8F5'TIVFRh@ӈLUAgգočlx)GLyf7 p_wvזzRo)xB6k2z a8 "bF.V8^ΨVZiyvyVW|Ąp3VHz`je zH/r7^)>GhG VVpkyƢ؊2> Bx-i%T=<l6 |DJè"Y ] .a MdԼk^ԵLw2?%gO3F\S2Mi%ot9yMhy~s-)yfgyV\xj ^ 7Z5@)