nscd-2.26-lp152.26.12.1 4>$  ApaYi/=„F{]]]r1z/.#&/,|5v ]6v(Y=]'>6%E^JjC~ zX0~>n;ECg{vṬ\T/Vχ$)a'q}bCD Vp]JԾ;N|^k 5[5_1M+v_׎n yܲqik8עb`%~2 58$ǤB_hcc3d45b666d1724bbd773d057f258deea2eef029b19b5cc52867ab785e43a3b9107cc2cd1ad8c9b6b4773940db47934ce9458503ôaYi/=„ lpxˌ[s "RDy}G\d|~hsQȔW[3?hw轝  zJpI?d   6 $*/  l     / L@|)T)@)(8|9|:!|=r>z?@BFGHI$X4YDZ[\]^? bcpdefl uvX wŘxyzxƈƌƒCnscd2.26lp152.26.12.1Name Service Caching DaemonNscd caches name service lookups and can dramatically improve performance with NIS, NIS+, and LDAP.aXlamb70fopenSUSE Leap 15.2openSUSEGPL-2.0+http://bugs.opensuse.orgSystem/Daemonshttp://www.gnu.org/software/libc/libc.htmllinuxi586getent group nscd >/dev/null || /usr/sbin/groupadd -r nscd getent passwd nscd >/dev/null || /usr/sbin/useradd -r -g nscd -c "User for nscd" -s /sbin/nologin -d /run/nscd nscd if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : for service in nscd.service ; do sysv_service=${service%.*} if [ ! -e /usr/lib/systemd/system/$service ] && [ ! -e /etc/init.d/$sysv_service ]; then mkdir -p /run/systemd/rpm/needs-preset touch /run/systemd/rpm/needs-preset/$service elif [ -e /etc/init.d/$sysv_service ] && [ ! -e /var/lib/systemd/migrated/$sysv_service ]; then /usr/sbin/systemd-sysv-convert --save $sysv_service || : mkdir -p /run/systemd/rpm/needs-sysv-convert touch /run/systemd/rpm/needs-sysv-convert/$service fi done fi if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$YAST_IS_RUNNING" != "instsys" ]; then /usr/bin/systemctl daemon-reload || : fi for service in nscd.service ; do sysv_service=${service%.*} if [ -e /run/systemd/rpm/needs-preset/$service ]; then /usr/bin/systemctl preset $service || : rm "/run/systemd/rpm/needs-preset/$service" || : elif [ -e /run/systemd/rpm/needs-sysv-convert/$service ]; then /usr/sbin/systemd-sysv-convert --apply $sysv_service || : rm "/run/systemd/rpm/needs-sysv-convert/$service" || : touch /var/lib/systemd/migrated/$sysv_service || : fi done fi [ -z "${TRANSACTIONAL_UPDATE}" -a -x /usr/bin/systemd-tmpfiles ] && /usr/bin/systemd-tmpfiles --create /usr/lib/tmpfiles.d/nscd.conf || : # Previously we had nscd.socket, remove it test -x /usr/bin/systemctl && /usr/bin/systemctl stop nscd.socket 2>/dev/null || : test -x /usr/bin/systemctl && /usr/bin/systemctl disable nscd.socket 2>/dev/null || : # Hard removal in case the above did not work rm -f /etc/systemd/system/sockets.target.wants/nscd.socket exit 0 test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -eq 0 -a -x /usr/bin/systemctl ]; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable nscd.service || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_STOP_ON_REMOVAL" && . /etc/sysconfig/services test "$DISABLE_STOP_ON_REMOVAL" = yes -o \ "$DISABLE_STOP_ON_REMOVAL" = 1 && exit 0 /usr/bin/systemctl stop nscd.service ) || : fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ $1 -eq 0 ]; then # Package removal for service in nscd.service ; do sysv_service="${service%.*}" rm "/var/lib/systemd/migrated/$sysv_service" || : done fi if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi if [ "$FIRST_ARG" -ge 1 ]; then # Package upgrade, not uninstall if [ -x /usr/bin/systemctl ]; then ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services test "$DISABLE_RESTART_ON_UPDATE" = yes -o \ "$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0 /usr/bin/systemctl try-restart nscd.service ) || : fi fi exit 0 M[0 A큤A큤A큀aX!aX!aXaXaX!aX!aX!aX'aX!aX!aXaXaXaXaX3dfa1280f6c20acdc451920963074e116a493e11540d7857592b979622669fea79fe74962fbce2fa9b2a4b92f693b2fd42cbc2ed331fae268de7104879a72df879c9cec5dd2414dcb76d11e75903aa6fd9b7785c897cb9f853edcb140a71b779dfc9579e67aa91b72ff71d9d924396035a13dfc52742fbd2cc43819cf8415cf7/sbin/service@YYYYYYYrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootglibc-2.26-lp152.26.12.1.src.rpmconfig(nscd)glibc:/usr/sbin/nscdnscdnscd(x86-32) @@@@@@@@@@@@@@@@@@@@@@@@@@    /bin/sh/bin/sh/bin/sh/bin/shconfig(nscd)glibclibaudit.so.1libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1)libc.so.6(GLIBC_2.1.1)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.10)libc.so.6(GLIBC_2.17)libc.so.6(GLIBC_2.2)libc.so.6(GLIBC_2.2.2)libc.so.6(GLIBC_2.2.4)libc.so.6(GLIBC_2.3)libc.so.6(GLIBC_2.3.2)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)libc.so.6(GLIBC_2.7)libc.so.6(GLIBC_2.8)libc.so.6(GLIBC_2.9)libcap.so.2libpthread.so.0libpthread.so.0(GLIBC_2.0)libpthread.so.0(GLIBC_2.1)libpthread.so.0(GLIBC_2.2)libpthread.so.0(GLIBC_2.3.2)libpthread.so.0(GLIBC_2.3.3)libselinux.so.1pwdutilsrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)systemdsystemdsystemdsystemd2.26-lp152.26.12.12.263.0.4-14.6.0-14.0-15.2-14.14.1a@a(@aLl@`%@`@_^)@^@^{G^g@^`^U @^&^]@]7@]|@]@]:\@\\]@\@\|\~d[[ͻ[$@[t[r@[qr[^[!@[@Z@ZJ@Z2@ZH@ZZ Z}@ZxG@Zp^@Zp^@Ze@ZKt@Z1@Z/Z@Y@Y@YYܶ@YdY@Y@YY@Y@Y@YW@Y@YJYYw2Yp@YJ_YA%@Y.@Y, @Y, @Y$$@Y"XۡX@XWw@W@W@Ws@Wk@Wj}WYZ@WL+@W3W0{WW V@V@V޾Vm@VIV@VŲ@V`VVV@VLh@V.V$@VVZV VUYU|@UAUȒ@UU@UU4@UUv@U%@U/@U:T@TPTgTܕTء@TO@Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab schwab@suse.deschwab@suse.dematz@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dejslaby@suse.comschwab@suse.deschwab@suse.deschwab@suse.deidonmez@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.denormand@linux.vnet.ibm.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.demeissner@suse.comschwab@suse.deschwab@suse.demgorman@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.de- always-do-locking-when-iterating-over-list-of-streams.patch: Upstream part of fix-locking-in-_IO_cleanup.patch - libio-do-not-attempt-to-free-wide-buffers-of-legacy-streams.patch: libio: do not attempt to free wide buffers of legacy streams (bsc#1183085, BZ #24228) - fix-locking-in-_IO_cleanup.patch: rediff- iconv-option-parsing.patch: Rewrite iconv option parsing (CVE-2016-10228, bsc#1027496, BZ #19519)- wordexp-param-overflow.patch: wordexp: handle overflow in positional parameter number (CVE-2021-35942, bsc#1187911, BZ #28011) - mq-notify-use-after-free.patch: Use __pthread_attr_copy in mq_notify (CVE-2021-33574, bsc#1186489, BZ #27896)- euc-kr-overrun.patch: Fix buffer overrun in EUC-KR conversion module (CVE-2019-25013, bsc#1182117, BZ #24973)- gconv-assertion-iso-2022-jp.patch: gconv: Fix assertion failure in ISO-2022-JP-3 module (CVE-2021-3326, bsc#1181505, BZ #27256)- iconv-redundant-shift.patch: iconv: Accept redundant shift sequences in IBM1364 (CVE-2020-27618, bsc#1178386, BZ #26224) - iconv-ucs4-loop-bounds.patch: iconv: Fix incorrect UCS4 inner loop bounds (CVE-2020-29562, bsc#1179694, BZ #26923) - printf-long-double-non-normal.patch: x86: Harden printf against non-normal long double values (CVE-2020-29573, bsc#1179721, BZ #26649) - get-nprocs-cpu-online-parsing.patch: Fix parsing of /sys/devices/system/cpu/online (bsc#1180038, BZ #25859)- nscd-senfile.patch: Fix concurrent changes on nscd aware files (bsc#1171878, BZ #23178) - nscd-prune.patch: nscd: bump GC cycle during cache pruning (bsc#1171878, BZ #26130) - syslog-locking.patch: Correct locking and cancellation cleanup in syslog functions (bsc#1172085, BZ #26100)- nptl-setxid-race.patch: nptl: wait for pending setxid request also in detached thread (bsc#1162930, BZ #25942)- glob-use-after-free.patch: Fix use-after-free in glob when expanding ~user (CVE-2020-1752, bsc#1167631, BZ #25414)- dl-sort-maps.patch, dlopen-filter-object.patch: Allow dlopen of filter object to work (bsc#1166106, BZ #16272)- ldbl-96-rem-pio2l.patch: Avoid ldbl-96 stack corruption from range reduction of pseudo-zero (CVE-2020-10029, bsc#1165784, BZ #25487)- pthread-rwlock-pwn.patch: Fix rwlock stall with PREFER_WRITER_NONRECURSIVE_NP (bsc#1164505, BZ #23861) - manual-memory-protection.patch: manual: Document mprotect and introduce section on memory protection (bsc#1163184)- backtrace-powerpc.patch: Fix array overflow in backtrace on PowerPC (CVE-2020-1751, bsc#1158996, BZ #25423)- posix-Add-internal-symbols-for-posix_spawn-interface.patch, glibc-2.29-posix-Use-posix_spawn-on-popen.patch: Use posix_spawn on popen (bsc#1149332, BZ #22834)- ppc-tle-htm-nosc.patch: powerpc: Fix syscalls during early process initialization (SLE-8348, BZ #22685)- s390-strstr-page-boundary.patch: S390: Fix handling of needles crossing a page in strstr z15 ifunc-variant (bsc#1157893, BZ #25226)- prefer-map-32bit-exec.patch: rtld: Check __libc_enable_secure before honoring LD_PREFER_MAP_32BIT_EXEC (CVE-2019-19126, bsc#1157292, BZ [#25204])- GNU1815 - Hardware support in toolchain (bsc#1151582) 0001-S390-Add-configure-check-to-detect-z10-as-mininum-ar.patch 0002-S390-Use-hwcap-instead-of-dl_hwcap-in-ifunc-resolver.patch 0003-S390-Unify-31-64bit-memcpy.patch 0004-S390-Refactor-memcpy-mempcpy-ifunc-handling.patch 0005-S390-Remove-s390-specific-implementation-of-bcopy.patch 0006-S390-Use-memcpy-for-forward-cases-in-memmove.patch 0007-S390-Add-configure-check-to-detect-z13-as-mininum-ar.patch 0008-S390-Add-z13-memmove-ifunc-variant.patch 0009-S390-Add-z13-strstr-ifunc-variant.patch 0010-S390-Add-z13-memmem-ifunc-variant.patch 0011-S390-Cleanup-ifunc-resolve.h.patch 0012-S390-Mark-vx-and-vxe-as-important-hwcap.patch 0013-S390-Add-new-hwcap-values-for-new-cpu-architecture-a.patch 0014-S390-Add-configure-check-to-detect-support-for-arch1.patch 0015-S390-Add-arch13-memmove-ifunc-variant.patch 0016-S390-Add-arch13-strstr-ifunc-variant.patch 0017-S390-Add-arch13-memmem-ifunc-variant.patch- regex-parse-reg-exp.patch: ERE '0|()0|\1|0' causes regexec undefined behavior (CVE-2009-5155, bsc#1127223, BZ #18986) - regex-read-overrun.patch: regex: fix read overrun (CVE-2019-9169, bsc#1127308, BZ #24114)- crt-nocompress-debug-sections.patch: Don't compress debug sections in crt*.o files (bsc#1123710)- ldconfig-concurrency.patch: Avoid concurrency problem in ldconfig (bsc#1117993, BZ #23973)- force-elision-race.patch: Fix race in pthread_mutex_lock while promoting to PTHREAD_MUTEX_ELISION_NP (bsc#1131330, BZ #23275)- japanese-era-name-may-2019.patch: ja_JP locale: Add entry for the new Japanese era (bsc#1100396, BZ #22964)- pthread-mutex-trylock-barrier.patch: pthread_mutex_trylock does not use the correct order of instructions while maintaining the robust mutex list due to missing compiler barriers (bsc#1130045, BZ #24180) - getaddrinfo-parse-ipv4-address.patch: getaddrinfo: Fully parse IPv4 address strings (CVE-2016-10739, bsc#1122729, BZ #20018)- mman-map-sync.patch: Add MAP_SYNC from Linux 4.15 (bsc#1126590) - mman-linux-map-shared-validate.patch: Add MAP_SHARED_VALIDATE from Linux 4.15 (bsc#1126590) - nptl-setxid-error.patch: nptl: Preserve error in setxid thread broadcast in coredumps (bsc#1063675, BZ #22153)- x86-haswell-string-flags.patch: Fix Haswell CPU string flags (bsc#1114984, BZ #23709) - pthread-cond-broadcast-waiters-after-spinning.patch: Fix waiters-after-spinning case (bsc#1114993, BZ #23538)- absolute-symbols.patch: Don't relocate absolute symbols (bsc#1112570, BZ [#19818])- glibc-fix-aarch64-build.diff: Fix build on aarch64 with binutils newer than 2.30.- Add glibc-locale-base subpackage containing only C, C.UTF-8 and en_US.UTF-8 locales (fate#326551)- aarch64-hwcap-atomics.patch: aarch64: add HWCAP_ATOMICS to HWCAP_IMPORTANT (fate#325962)- math-remove-slow-path.patch: Remove slow paths from math routines (fate#325815, fate#325879, fate#325880, fate#325881, fate#325882)- localtime-2039.patch: Fix year 2039 bug for localtime with 64-bit time_t (bsc#1102526, BZ #22639)- i386-memmove-sse2-unaligned.patch: Fix SSE2 memmove issue when crossing 2GB boundary (CVE-2017-18269, bnc#1094150, BZ #22644) - realpath-ssize-max-overflow.patch: Fix overflow in path length computation (CVE-2018-11236, bsc#1094161, BZ #22786) - glibc-fix-avx512-mempcpy.patch: replace with upstream version- Use %license also for COPYING and COPYING.LIB (bsc#1082318)- Add glibc-fix-avx512-mempcpy.patch as quick fix for mempcpy buffer overwrite in memmove-avx512-no-vzeroupper.S for Knights Landing CPUs (CVE-2018-11237, bnc#1094154, bnc#1092877, BZ #23196)- Readd nis to netgroup and automount nss config (bsc#1088860)- res-send-enomem.patch: Fix crash in resolver on memory allocation failure (bsc#1086690, BZ #23005)- Use %license (bsc#1082318)- stack-guard-size-accounting.patch: Fix stack guard size accounting (bsc#1074208, BZ #22637) - libgcc-rtld-now.patch: Open libgcc.so with RTLD_NOW during pthread_cancel (bsc#1074208, BZ #22636)- Mark source0 as nosource in non-main source rpms- Add systemtap-headers to BuildRequires. - Add --enable-systemtap to configure arguments. (fate#324969, bsc#1073636)- memalign-overflow.patch: Fix integer overflows in internal memalign and malloc functions (CVE-2018-6485, CVE-2018-6551, bsc#1079036, BZ #22343, BZ #22774)- fix-locking-in-_IO_cleanup.patch: Skip locked files during exit (bsc#1070491, BZ #15142)- Avoid duplicate source rpm- getcwd-absolute.patch: make getcwd(3) fail if it cannot obtain an absolute path (CVE-2018-1000001, bsc#1074293, BZ #22679)- dl-init-paths-overflow.patch: Count components of the expanded path in _dl_init_path (CVE-2017-1000408, CVE-2017-1000409, bsc#1071319, BZ [#22607], BZ #22627) - fillin-rpath-empty-tokens.patch: Check for empty tokens before dynamic string token expansion (CVE-2017-16997, bsc#1073231, BZ #22625)- tst-tlsopt-powerpc.patch: fix tst-tlsopt-powerpc (bcn#1070419) - powerpc-hwcap-bits.patch: Update HWCAP for powerpc (bnc#1070420) - malloc-tcache-check-overflow.patch: Fix integer overflow in malloc when tcache is enabled (CVE-2017-17426, bnc#1071479, BZ #22375)- Add _multibuild- glob64-s390.patch: no compat glob64 on s390 - noversion.tar.bz2: remove unused source- x86-64-dl-platform.patch: Don't set GLRO(dl_platform) to NULL (BZ #22299)- spawni-assert.patch: Fix improper assert in Linux posix_spawn (BZ [#22273])- math-c++-compat.patch: Add more C++ compatibility (BZ #22296) - malloc-tcache-leak.patch: Fix tcache leak after thread destruction (BZ [#22111]) - falkor-memcpy-memmove.patch: Optimized implementation of memcpy/memmove for Qualcomm Falkor - aarch64-cpu-features.patch: Fix glibc.tune.cpu tunable handling - nss-files-large-buffers.patch: Avoid large buffers with many host addresses (BZ #22078) - sysconf-uio-maxiov.patch: Fix missing definition of UIO_MAXIOV (BZ [#22321]) - glob-tilde-overflow.patch: Fix buffer overflows with GLOB_TILDE (CVE-2017-15670, CVE-2017-15671, CVE-2017-15804, bsc#1064569. bsc#1064580, bsc#1064583, BZ #22320, BZ #22325, BZ #22332) - dl-runtime-resolve-xsave.patch: Use fxsave/xsave/xsavec in _dl_runtime_resolve (BZ #21265)- nscd-libnsl.patch: Remove reference to libnsl from nscd (bsc#1062244)- Drop glibc-obsolete - glibc-2.3.90-noversion.diff: remove - reinitialize-dl_load_write_lock.patch: remove- nss-compat.patch: Move nss_compat from nis to nss subdir and install it unconditionally - nsswitch.conf: switch back to compat for passwd, group, shadow- assert-pedantic.patch: Suppress pedantic warning caused by statement expression (BZ #21242, BZ #21972) - math-c++-compat.patch: Add more C++ compatibility (BZ #22235) - getaddrinfo-errno.patch: Fix errno and h_errno handling in getaddrinfo (BZ #21915, BZ #21922) - resolv-conf-oom.patch: Fix memory handling in OOM situation during resolv.conf parsing (BZ #22095, BZ #22096) - dynarray-allocation.patch: Fix initial size of dynarray allocation and set errno on overflow error - nearbyint-inexact.patch: Avoid spurious inexact in nearbyint (BZ #22225)- math-c++-compat.patch: add more C++ compatibility (BZ #22146)- Remove rpcsvc/yppasswd.* from glibc-devel - ld-so-hwcap-x86-64.patch: add x86_64 to hwcap (bsc#1056606, BZ #22093)- eh-frame-zero-terminator.patch: Properly terminate .eh_frame (BZ #22051)- Disable obsolete libnsl and NIS support - remove-nss-nis-compat.patch: remove nis and compat from default NSS configs - nsswitch.conf: Likewise- math-c++-compat.patch: Do not use __builtin_types_compatible_p in C++ mode (BZ #21930)- Add iconvconfig to baselibs.conf (bsc#1051042)- resolv-context-leak.patch: Fix leaks of resolver contexts - dl-runtime-resolve-opt-avx512f.patch: Use _dl_runtime_resolve_opt only with AVX512F (BZ #21871) - libpthread-compat-wrappers.patch: Don't use IFUNC resolver for longjmp or system in libpthread (BZ #21041)- Update to glibc 2.26 * A per-thread cache has been added to malloc * Unicode 10.0.0 Support * Improvements to the DNS stub resolver * New function reallocarray, which resizes an allocated block (like realloc) to the product of two sizes, with a guaranteed clean failure upon integer overflow in the multiplication * New wrappers for the Linux-specific system calls preadv2 and pwritev2 * posix_spawnattr_setflags now supports the flag POSIX_SPAWN_SETSID, to create a new session ID for the spawned process * errno.h is now safe to use from C-preprocessed assembly language on all supported operating systems * On ia64, powerpc64le, x86-32, and x86-64, the math library now implements 128-bit floating point as defined by ISO/IEC/IEEE 60559:2011 (IEEE 754-2008) and ISO/IEC TS 18661-3:2015 * The synchronization that pthread_spin_unlock performs has been changed to now be equivalent to a C11 atomic store with release memory order to the spin lock's memory location * The DNS stub resolver no longer performs EDNS fallback * res_mkquery and res_nmkquery no longer support the IQUERY opcode * The _res_opcodes variable has been removed from libresolv * no longer includes inline versions of any string functions, as this kind of optimization is better done by the compiler * The nonstandard header has been removed * The obsolete header has been removed * The obsolete signal constant SIGUNUSED is no longer defined by * The obsolete function cfree has been removed * The stack_t type no longer has the name struct sigaltstack * The ucontext_t type no longer has the name struct ucontext * On S/390 GNU/Linux, the constants defined by have been synced with the kernel * Linux kernel 3.2 or later is required at runtime, on all architectures supported by that kernel * The DNS stub resolver limits the advertised UDP buffer size to 1200 bytes, to avoid fragmentation-based spoofing attacks (CVE-2017-12132) * LD_LIBRARY_PATH is now ignored in binaries running in privileged AT_SECURE mode to guard against local privilege escalation attacks (CVE-2017-1000366) * Avoid printing a backtrace from the __stack_chk_fail function since it is called on a corrupt stack and a backtrace is unreliable on a corrupt stack (CVE-2010-3192) * A use-after-free vulnerability in clntudp_call in the Sun RPC system has been fixed (CVE-2017-12133) * fate#322258, fate#321513, fate#322453 - fts-symbol-redirect.patch, glibc-resolv-reload.diff, glibc-2.2-sunrpc.diff, i686-memchr-sse.patch, ld-hwcap-mask-suid.patch, ld-library-path-suid.patch, sunrpc-use-after-free.patch, test-math-vector-sincos-aliasing.patch, tunables-bigendian.patch: Removed- Fix RPM group- s390-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (fate#322271)- ld-hwcap-mask-suid.patch: Ignore and remove LD_HWCAP_MASK for AT_SECURE programs (BZ #21209) - ld-library-path-suid.patch: Completely ignore LD_LIBRARY_PATH for AT_SECURE=1 programs (CVE-2017-1000366, bsc#1039357, BZ #21624)- Remove glibc-cpusetsize.diff, no longer useful- fts-symbol-redirect.patch: Fix symbol redirect for fts_set (bsc#1041123, BZ #21289)- test-math-vector-sincos-aliasing.patch: Fix test-math-vector-sincos.h aliasing- add-locales.patch: renamed from glibc-2.3.locales.diff.bz2, drop en_BE locales (bsc#1039502)- Remove glibc-testsuite.patch, no longer relevant- Use multibuild feature - Remove obsolete check-build.sh - glibc.rpmlintrc: remove obsolete entries - Use %tmpfiles_create in nscd postin- i686-memchr-sse.patch: Fix i686 memchr overflow calculation (bsc#1031021, BZ #21182) - sunrpc-use-after-free.patch: Avoid use-after-free read access in clntudp_call (BZ #21115) - Build testsuite with gdb and python-pexpect to enable more tests- tunables-bigendian.patch: Fix getting tunable values on big-endian (BZ [#21109])- Update to glibc 2.25 * The feature test macro __STDC_WANT_LIB_EXT2__, from ISO/IEC TR 24731-2:2010, is supported to enable declarations of functions from that TR. * The feature test macro __STDC_WANT_IEC_60559_BFP_EXT__, from ISO/IEC TS 18661-1:2014, is supported to enable declarations of functions and macros from that TS. * The feature test macro __STDC_WANT_IEC_60559_FUNCS_EXT__, from ISO/IEC TS 18661-4:2015, is supported to enable declarations of functions and macros from that TS. * The nonstandard feature selection macros _REENTRANT and _THREAD_SAFE are now treated as compatibility synonyms for _POSIX_C_SOURCE=199506L. * The inclusion of by is deprecated. * New features from TS 18661-1:2014 are added to libm: the fesetexcept, fetestexceptflag, fegetmode and fesetmode functions, the femode_t type and the FE_DFL_MODE and FE_SNANS_ALWAYS_SIGNAL macros. * Integer width macros from TS 18661-1:2014 are added to : CHAR_WIDTH, SCHAR_WIDTH, UCHAR_WIDTH, SHRT_WIDTH, USHRT_WIDTH, INT_WIDTH, UINT_WIDTH, LONG_WIDTH, ULONG_WIDTH, LLONG_WIDTH, ULLONG_WIDTH; and to : INT8_WIDTH, UINT8_WIDTH, INT16_WIDTH, UINT16_WIDTH, INT32_WIDTH, UINT32_WIDTH, INT64_WIDTH, UINT64_WIDTH, INT_LEAST8_WIDTH, UINT_LEAST8_WIDTH, INT_LEAST16_WIDTH, UINT_LEAST16_WIDTH, INT_LEAST32_WIDTH, UINT_LEAST32_WIDTH, INT_LEAST64_WIDTH, UINT_LEAST64_WIDTH, INT_FAST8_WIDTH, UINT_FAST8_WIDTH, INT_FAST16_WIDTH, UINT_FAST16_WIDTH, INT_FAST32_WIDTH, UINT_FAST32_WIDTH, INT_FAST64_WIDTH, UINT_FAST64_WIDTH, INTPTR_WIDTH, UINTPTR_WIDTH, INTMAX_WIDTH, UINTMAX_WIDTH, PTRDIFF_WIDTH, SIG_ATOMIC_WIDTH, SIZE_WIDTH, WCHAR_WIDTH, WINT_WIDTH. * New features are added from TS 18661-1:2014: - Signaling NaN macros: SNANF, SNAN, SNANL. - Nearest integer functions: roundeven, roundevenf, roundevenl, fromfp, fromfpf, fromfpl, ufromfp, ufromfpf, ufromfpl, fromfpx, fromfpxf, fromfpxl, ufromfpx, ufromfpxf, ufromfpxl. - llogb functions: the llogb, llogbf and llogbl functions, and the FP_LLOGB0 and FP_LLOGBNAN macros. - Max-min magnitude functions: fmaxmag, fmaxmagf, fmaxmagl, fminmag, fminmagf, fminmagl. - Comparison macros: iseqsig. - Classification macros: iscanonical, issubnormal, iszero. - Total order functions: totalorder, totalorderf, totalorderl, totalordermag, totalordermagf, totalordermagl. - Canonicalize functions: canonicalize, canonicalizef, canonicalizel. - NaN functions: getpayload, getpayloadf, getpayloadl, setpayload, setpayloadf, setpayloadl, setpayloadsig, setpayloadsigf, setpayloadsigl. * The functions strfromd, strfromf, and strfroml, from ISO/IEC TS 18661-1:2014, are added to libc. * Most of glibc can now be built with the stack smashing protector enabled. * The function explicit_bzero, from OpenBSD, has been added to libc. * On ColdFire, MicroBlaze, Nios II and SH3, the float_t type is now defined to float instead of double. * On x86_64, when compiling with -mfpmath=387 or -mfpmath=sse+387, the float_t and double_t types are now defined to long double instead of float and double. * The getentropy and getrandom functions, and the header file have been added. * The buffer size for byte-oriented stdio streams is now limited to 8192 bytes by default. * The header now includes the header. * The malloc_get_state and malloc_set_state functions have been removed. * The “ip6-dotint” and “no-ip6-dotint” resolver options, and the corresponding RES_NOIP6DOTINT flag from have been removed. * The "ip6-bytestring" resolver option and the corresponding RES_USEBSTRING flag from have been removed. * The flags RES_AAONLY, RES_PRIMARY, RES_NOCHECKNAME, RES_KEEPTSIG, RES_BLAST defined in the header file have been deprecated. * The "inet6" option in /etc/resolv.conf and the RES_USE_INET6 flag for _res.flags are deprecated. * DNSSEC-related declarations and definitions have been removed from the header file, and libresolv will no longer attempt to decode the data part of DNSSEC record types. * The resource record type classification macros ns_t_qt_p, ns_t_mrr_p, ns_t_rr_p, ns_t_udp_p, ns_t_xfr_p have been removed from the header file because the distinction between RR types and meta-RR types is not officially standardized, subject to revision, and thus not suitable for encoding in a macro. * The types res_sendhookact, res_send_qhook, re_send_rhook, and the qhook and rhook members of the res_state type in have been removed. * For multi-arch support it is recommended to use a GCC which has been built with support for GNU indirect functions. * GDB pretty printers have been added for mutex and condition variable structures in POSIX Threads. * Tunables feature added to allow tweaking of the runtime for an application program. * A new version of condition variables functions have been implemented in the NPTL implementation of POSIX Threads to provide stronger ordering guarantees. * A new version of pthread_rwlock functions have been implemented to use a more scalable algorithm primarily through not using a critical section anymore to make state changes. * On ARM EABI (32-bit), generating a backtrace for execution contexts which have been created with makecontext could fail to terminate due to a missing .cantunwind annotation. (CVE-2016-6323) * The DNS stub resolver functions would crash due to a NULL pointer dereference when processing a query with a valid DNS question type which was used internally in the implementation. (CVE-2015-5180) - Enable stack protector if part of %optflags - startcontext-cantunwind.patch: Removed - cpuid-assertion.patch: Removed- cpuid-assertion.patch: Don't assert on older Intel CPUs (BZ #20647)- glibc-2.3.3-nscd-db-path.diff: Move persistent nscd databases to /var/lib/nscd - glibc-2.3.90-langpackdir.diff: simplify- Update to glibc 2.24 * The minimum Linux kernel version that this version of the GNU C Library can be used with is 3.2 * The pap_AN locale has been deleted * The readdir_r and readdir64_r functions have been deprecated * The type `union wait' has been removed * A new NSS action is added to facilitate large distributed system administration * The deprecated __malloc_initialize_hook variable has been removed from the API * The long unused localedef --old-style option has been removed * nextupl, nextup, nextupf, nextdownl, nextdown and nextdownf are added to libm * An unnecessary stack copy in _nss_dns_getnetbyname_r was removed (CVE-2016-3075) * Previously, getaddrinfo copied large amounts of address data to the stack, even after the fix for CVE-2013-4458 has been applied, potentially resulting in a stack overflow. getaddrinfo now uses a heap allocation instead (CVE-2016-3706) * The glob function suffered from a stack-based buffer overflow when it was called with the GLOB_ALTDIRFUNC flag and encountered a long file name (CVE-2016-1234) * The Sun RPC UDP client could exhaust all available stack space when flooded with crafted ICMP and UDP messages (CVE-2016-4429) * The IPv6 name server management code in libresolv could result in a memory leak for each thread which is created, performs a failing naming lookup, and exits (CVE-2016-5417) - startcontext-cantunwind.patch: mark __startcontext as .cantunwind (bsc#974800, BZ #20435) - Removed patches: * 0001-Updated-translations-for-2.23.patch * 0002-Regenerate-libc.pot-for-2.23.patch * 0003-Regenerated-configure-scripts.patch * 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch * 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch * 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch * 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch * 0008-Update-NEWS.patch * 0009-sln-use-stat64.patch * 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch * 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch * 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch * 0013-Mention-BZ-19762-in-NEWS.patch * 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch * 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch * 0016-Fix-resource-leak-in-resolver-bug-19257.patch * 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch * 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch * 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch * 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch * 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch * 0022-configure-fix-test-usage.patch * 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch * 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch * 0025-getnameinfo-Do-not-preserve-errno.patch * 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch * 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch * 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch * 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch * 0030-hesiod-Remove-RCS-keywords.patch * 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch * 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch * 0033-malloc-Remove-NO_THREADS.patch * 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch * 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch * 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch * 0037-malloc-Add-missing-internal_function-attributes-on-f.patch * 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch * 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch * 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch * 0041-nss_dns-Check-address-length-before-creating-addrinf.patch * 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch * 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch * 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch * 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch * 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch * 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch * 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch * 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch * 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch * 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch * 0052-Fix-tst-dlsym-error-build.patch * 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch * 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch * 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch * 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch * clntudp-call-alloca.patch * glibc-memset-nontemporal.diff * nis-initgroups-status.patch * nscd-gc-crash.patch * robust-mutex-deadlock.patch * strncat-avoid-array-bounds-warning.patch- strncat-avoid-array-bounds-warning.patch: Avoid array-bounds warning for stncat on i586 (BZ #20260) - Update glibc.keyring - Unset MALLOC_CHECK_ during testsuite run- nsswitch.conf: Add fallback to files for passwd and group to prepare for libnsl removal.- nis-initgroups-status.patch: Return proper status from _nss_nis_initgroups_dyn (bsc#984269, BZ #20262) - robust-mutex-deadlock.patch: Fix generic __lll_robust_timedlock_wait to check for timeout (bsc#985170, BZ #20263)- nscd-gc-crash.patch: Fix nscd assertion failure in gc (bsc#965699, BZ [#19755])- clntudp-call-alloca.patch: do not use alloca in clntudp_call (CVE-2016-4429, bsc#980854, BZ #20112)- Import patches from 2.23 branch 0001-Updated-translations-for-2.23.patch 0002-Regenerate-libc.pot-for-2.23.patch 0003-Regenerated-configure-scripts.patch 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch 0008-Update-NEWS.patch 0009-sln-use-stat64.patch 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch 0013-Mention-BZ-19762-in-NEWS.patch 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch 0016-Fix-resource-leak-in-resolver-bug-19257.patch 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch 0022-configure-fix-test-usage.patch 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch 0025-getnameinfo-Do-not-preserve-errno.patch 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch 0030-hesiod-Remove-RCS-keywords.patch 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch 0033-malloc-Remove-NO_THREADS.patch 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch 0037-malloc-Add-missing-internal_function-attributes-on-f.patch 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch 0041-nss_dns-Check-address-length-before-creating-addrinf.patch 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch 0052-Fix-tst-dlsym-error-build.patch 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch - CVE-2016-3075 CVE-2016-1234 CVE-2016-3706 bsc#973164 bsc#969727 - resolv-mem-leak.patch: renamed to 0016-Fix-resource-leak-in-resolver-bug-19257.patch - no-long-double.patch: renamed to 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch - glibc-gcc6.patch: renamed to 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch- glibc-c-utf8-locale.patch: fix bad standard in LC_IDENTIFICATION categories - glibc-2.3.locales.diff.bz2: likewise- glibc-gcc6.patch: Suppress GCC 6 warning about ambiguous 'else' with - Wparentheses- Add compatibility symlinks for LSB 3.0 (fate#318933)- powerpc-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (bsc#967594, fate#318236)- ldd-system-interp.patch: Restore warning about execution permission, it is still needed for noexec mounts (bsc#915985)- Add C.UTF-8 locale (see https://sourceware.org/glibc/wiki/Proposals/C.UTF-8) and rh#902094 . Added with glibc-c-utf8-locale.patch. - Add glibc-disable-gettext-for-c-utf8.patch to disable gettext for C.UTF-8 same as C locale.- Move %install_info_delete to %preun - crypt_blowfish-1.3.tar.gz.sign: Remove, the sign key is no longer acceptable- no-long-double.patch: Don't use long double functions if NO_LONG_DOUBLE- Update to glibc 2.23 release. * Unicode 8.0.0 Support * sched_setaffinity, pthread_setaffinity_np no longer attempt to guess the kernel-internal CPU set size * The fts.h header can now be used with -D_FILE_OFFSET_BITS=64 * getaddrinfo now detects certain invalid responses on an internal netlink socket * A defect in the malloc implementation, present since glibc 2.15 (2012) or glibc 2.10 via --enable-experimental-malloc (2009), could result in the unnecessary serialization of memory allocation requests across threads * The obsolete header has been removed * The obsolete functions bdflush, create_module, get_kernel_syms, query_module and uselib are no longer available to newly linked binaries * Optimized string, wcsmbs and memory functions for IBM z13. * Newly linked programs that define a variable called signgam will no longer have it set by the lgamma, lgammaf and lgammal functions - Removed patches: * dont-remove-nodelete-flag.patch * openat64-readd-o-largefile.patch * mntent-blank-line.patch * opendir-o-directory-check.patch * strcoll-remove-strdiff-opt.patch * ld-pointer-guard.patch * tls-dtor-list-mangling.patch * powerpc-lock-elision-race.patch * prelink-elf-rtype-class.patch * vector-finite-math-aliases.patch * powerpc-elision-adapt-param.patch * catopen-unbound-alloca.patch * strftime-range-check.patch * hcreate-overflow-check.patch * errorcheck-mutex-no-elision.patch * refactor-nan-parsing.patch * send-dg-buffer-overflow.patch * isinf-cxx11-conflict.patch * ibm93x-redundant-shift-si.patch * iconv-reset-input-buffer.patch * tzset-tzname.patch * static-dlopen.patch- isinf-cxx11-conflict.patch: Fix isinf/isnan declaration conflict with C++11 (bsc#963700, BZ #19439)- tls-dtor-list-mangling.patch: Harden tls_dtor_list with pointer mangling (BZ #19018) - prelink-elf-rtype-class.patch: Keep only ELF_RTYPE_CLASS_{PLT|COPY} bits for prelink (BZ #19178) - vector-finite-math-aliases.patch: Better workaround for aliases of * _finite symbols in vector math library (BZ# 19058) - powerpc-elision-adapt-param.patch: powerpc: Fix usage of elision transient failure adapt param (BZ #19174) - catopen-unbound-alloca.patch: Fix unbound alloca in catopen (CVE-2015-8779, bsc#962739, BZ #17905) - strftime-range-check.patch: Add range check on time fields (CVE-2015-8776, bsc#962736, BZ #18985) - hcreate-overflow-check.patch: Handle overflow in hcreate (CVE-2015-8778, bsc#962737, BZ #18240) - errorcheck-mutex-no-elision.patch: Don't do lock elision on an error checking mutex (bsc#956716, BZ #17514) - refactor-nan-parsing.patch: Refactor strtod parsing of NaN payloads (CVE-2014-9761, bsc#962738, BZ #16962) - send-dg-buffer-overflow.patch: Fix getaddrinfo stack-based buffer overflow (CVE-2015-7547, bsc#961721, BZ #18665) - powerpc-lock-elision-race.patch: renamed from 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- Add audit-devel and libcap-devel to BuildRequires, for use by nscd- reinitialize-dl_load_write_lock.patch: Reinitialize dl_load_write_lock on fork (bsc#958315, BZ #19282)- resolv-mem-leak.patch: Fix resource leak in resolver (bsc#955647, BZ #19257) - tzset-tzname.patch: Force rereading TZDEFRULES after it was used to set DST rules only (BZ #19253)- glibc-2.3.90-noversion.diff: use stat64- ld-pointer-guard.patch: Always enable pointer guard (CVE-2015-8777, bsc#950944, BZ #18928)- strcoll-remove-strdiff-opt.patch: Remove incorrect STRDIFF-based optimization (BZ #18589)- iconv-reset-input-buffer.patch: Fix iconv buffer handling with IGNORE error handler (BZ #18830)- new patch [BZ #18743] PowerPC: Fix a race condition when eliding a lock 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- nss-files-long-lines-2.patch: Properly reread entry after failure in nss_files getent function (bsc#945779, BZ #18991)- fnmatch-collating-elements.patch: Fix fnmatch handling of collating elements (BZ #17396, BZ #16976)- opendir-o-directory-check.patch: Fix opendir inverted o_directory_works test - static-dlopen.patch: Static dlopen default library search path fix (bsc#937853)- mntent-blank-line.patch: Fix memory corruption w/blank lines- dont-remove-nodelete-flag.patch: Don't remove DF_1_NODELETE flag from all loaded objects on failed dlopen - openat64-readd-o-largefile.patch: Readd O_LARGEFILE flag for openat64- Update to glibc 2.22 release. * Cache information can be queried via sysconf() function on s390 * A buffer overflow in gethostbyname_r and related functions performing DNS requests has been fixed. (CVE-2015-1781) * The time zone file parser has been made more robust against crafted time zone files * A powerpc and powerpc64 optimization for TLS, similar to TLS descriptors for LD and GD on x86 and x86-64, has been implemented. * Character encoding and ctype tables were updated to Unicode 7.0.0 * Added vector math library named libmvec * A new fmemopen implementation has been added with the goal of POSIX compliance. * The header is deprecated, and will be removed in a future release. * bsc#905313 bsc#920338 bsc#927080 bsc#928723 bsc#931480 bsc#939211 bsc#940195 bsc#940332 bsc#944494 bsc#968787 - Patches from upstream removed * htm-tabort.patch * o-tmpfile.patch * memcpy-chk-non-SSE2.patch * pthread-mutexattr-gettype-kind.patch * powerpc-software-sqrt.patch * static-tls-dtv-limit.patch * threaded-trim-threshold.patch * resolv-nameserver-handling.patch * nss-separate-state-getXXent.patch * aarch64-sigstksz.patch * heap-top-corruption.patch * pthread-join-deadlock.patch- pthread-join-deadlock.patch: Use IE model for static variables in libc.so, libpthread.so and rtld (bsc#930015, BZ #18457)- glibc-nodate.patch: fix verification of timestamp- also filter out -fstack-protector-strong- getaddrinfo-ipv6-sanity.diff: Remove. It breaks services that start before IPv6 is up (bsc#931399) - glibc-2.3.locales.diff.bz2: Remove sh_YU locales, fix currency for en_BE.- Add /usr/include/gnu/lib-names-.*.h to baselibs - pthread-join-deadlock.patch: Don't require rtld lock to store static TLS offset in the DTV (bsc#930015, BZ #18457) - heap-top-corruption.patch: Do not corrupt the top of a threaded heap if top chunk is MINSIZE (BZ #18502)- threaded-trim-threshold.patch: Fix regression in threaded application malloc performance (bsc#915955, BZ #17195)- aarch64-sigstksz.patch: Increase MINSIGSTKSZ and SIGSTKSZ (BZ #16850)- powerpc-software-sqrt.patch: Fix powerpc software sqrt (BZ #17964, BZ [#17967]) - nss-separate-state-getXXent.patch: Separate internal state between getXXent and getXXbyYY NSS calls (CVE-2014-8121, bsc#918187, BZ #18007) - static-tls-dtv-limit.patch: Fix DTV race, assert, DTV_SURPLUS Static TLS limit, and nptl_db garbage (bsc#919678, BZ #17090, BZ #17620, BZ #17621, BZ #17628)- resolv-nameserver-handling.patch: Replace with simpler version with more compatibility- memcpy-chk-non-SSE2.patch: Fix __memcpy_chk on non-SSE2 CPUs (bsc#920084)- resolv-nameserver-handling.patch: Rewrite handling of nameserver configuration in resolver- htm-tabort.patch: Fix TABORT encoding for little endian- Update to glibc 2.21 release. * A new semaphore algorithm has been implemented in generic C code for all machines * Added support for TSX lock elision of pthread mutexes on powerpc32, powerpc64 and powerpc64le * Optimized strcpy, stpcpy, strchrnul and strrchr implementations for AArch64 * i386 memcpy functions optimized with SSE2 unaligned load/store * New locales: tu_IN, bh_IN, raj_IN, ce_RU * The obsolete sigvec function has been removed * CVE-2015-1472 CVE-2015-1473 CVE-2012-3406 CVE-2014-9402 CVE-2014-7817 bsc#864081 bsc#906371 bsc#909053 bsc#910599 bsc#916222 - Patches from upstream removed * ifunc-x86-slow-sse4.patch * pthread-mutex-trylock-elision.patch - o-tmpfile.patch: Fix value of O_TMPFILE for architectures with non-default O_DIRECTORY (BZ #17912)- Update to crypt_blowfish 1.3. * Add support for the $2b$ prefix. - ifunc-x86-slow-sse4.patch: Fix misdetected Slow_SSE4_2 cpu feature bit (BZ #17501)/bin/sh/bin/sh/bin/sh/bin/shunscdlamb70 1638422671 2.26-lp152.26.12.12.26-lp152.26.12.12.26-lp152.26.12.1 0.48nscd.confnscdnscd.pidsocketnscd.servicetmpfiles.dnscd.confnscdrcnscdnscdgrouphostsnetgrouppasswdservices/etc//run//run/nscd//usr/lib/systemd/system//usr/lib//usr/lib/tmpfiles.d//usr/sbin//var/lib//var/lib/nscd/-fomit-frame-pointer -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:17211/openSUSE_Leap_15.2_Update/0c93e263b2282956348649f17d94b3b7-glibc.openSUSE_Leap_15.2_Updatecpioxz5i586-suse-linux ASCII textdirectorycannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp152.26.12.1.i386/run/nscd/nscd.pid' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp152.26.12.1.i386/run/nscd/socket' (No such file or directory)ELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, BuildID[sha1]=b98223d873195406647f37840f5e3fc29664889c, for GNU/Linux 3.2.0, strippedcannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp152.26.12.1.i386/var/lib/nscd/group' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp152.26.12.1.i386/var/lib/nscd/hosts' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp152.26.12.1.i386/var/lib/nscd/netgroup' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp152.26.12.1.i386/var/lib/nscd/passwd' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp152.26.12.1.i386/var/lib/nscd/services' (No such file or directory)RRRR RRR RR RR RR RRRRRRRRRRRRR7_ »lutf-8017ea904cb7b19f350886b4d42c5efc206cf0eee3db57d18a135f9cb1af112d1?p7zXZ !t/G-] crv(vX02dO_%5YǴ~#)u&@"3HPACf-"!%e;ѫ@)g٣U2Qk?$#Y掦H2bM[ӠaVl>@FDg8ijTeɬbM ע8p; s@xxڵs!3rGZנ~E&s*  -yqzlf`gs22H}47pQeD<4h;WB 4Rѱ KN4\8!?x$kY N/ Ӝ j&9" RKqCq_NOl(xBO~ R^(2'?G0 s8!uvZ}ni-&G:Я-X\Ab 6a.owvvb=堽 >Xr"Umms}﹕]j<}Lѫ@}h<Ϩ|{rηag0DkF@0XN ؾot0L۝pLS2|Һ rzOcw%HgmuVf܄rAⅵMԕT YV 8d} gnQe:lz?LrJ6#q> \tʸ0$&dAZ[8z\ ֢9yG]gE2m>CfN>w3wT̴~?$,nwQS uXj-I٭.WkkT` Yi^d:m('a&s`Be:jf@3tRoC C`3$.,祝ĺT" vtIL`l'=RZ@T4RĔ fhPY>Ҹt0{TME-fmU7Z6-+v:3MmZSomb/nv3-a ep- Y 'vHĝ}ԧ39}+ߘ!u( <~+RRaa#{%4܏ń˦X³F:T+cZhUfȂI ?`xQN e) O/SF8+2OǗqRqך-u >X7+! f׷gH ZyՓ4qm W~ j$JBo3RTVδ}S+*UQs2~ ?~Ӿ L@I2JrKyzC(i4{(.a42<+Mȏh 4zP.C-]/42KXp4EŨbcf!'# %6clPyA]4GAyq'QAAfW~^Dr+ݳ7аgtmy٤c@Q㋔5QmrXbvڲƾ]ge,Puz~!~#S֡0v*'(peȅKԃxZ^TSwEp.έ!+"^^f%1Ipᆴ *d=s-`jot- i=]!94m([SFuhĨ 6Cw<I3m[vv>33Qx񰌘 YCoӓ$UnZ5q,Y*ArkK\TH)sFּQr؝m帜o$_vgD]]lwA{%p̀Sl7(Ǘ6yekV>JG/d.ҷseby8"sy<mLѮXM,CT+NJ-ظE\f>ѹ;-nǽUT _gRݶH_$SEW&A*h_.jE8N8zIYb*u@89JWGYÃ1>ux5W07ĸZh|o"DӑUc)=XupiϞ}5YIj؃D b HXt^sq8wsbXt a(R+kZ\|׭QY$Z*ӗkHId[>wVWɪpJfkN~:y#XR,Y[HzW(-1걒|n'`@kZrH8嚇߈^eQ mQ3KZR pGqkvPb&Ssv3T);'@ jd ,{WnہI(O¿p!'թq+*PZП@7c|2 lHmQL цbnٟ3ܤq]7:vgeվQ7GMAQ,(:q(@SP%E. L&p\69'׸$Tzͺ @;E*/ejys4g0Ycq_)dcJJ3,aB"ibbpzbCT@bJ;|@1FP~ \Fɉ C9iay!\BםXsD54d`0):Kۦ>#w\G\t|`PqǿHMzYrz5dw~A,*x Ϣԓ՘~=u' f!']Z_yM1±7Ī"vk|tosČB, uT&HM\Б˝ZQЏoG4 w̼)Hm7}zX0&ja:ցcvw?N1yWvIh_[elg>{Ew6 M/fRj|v:h@ԋW{`}#$XNAO"̔]epRJ2Uυf}$76 WrXWSv>VfzБ~Jp\8y^Z3ǰN;ށ'{>b͵sծL;-6"2aw**_p&t^/ rS 8`B߅4i_cVoF`6Ҿ!gR,2P]Mfڧ-d%ONEO}?\ ^2DI0W'އ<'ogoBZu4Gf,Cuw7 g=LCG~ػjtJ Pl`,f(_4."QO7]!ZyM-gh7U+b "HKn`D">VGiiER$VHfdRro}+`rL|^ P֙! jCEc9CCV\^7ċ=p-08G0)A{Ơ)+,4@- Cxĩ]R鲮xO%Jn ;L?H5>'e׼0F5.<fEWVH̍p?yo+|$3Z9} ǝ|nx$2ӐrsK!">-;r$$tkN $i]򯾂۵]#y@T /^ gֆf -V;{m)3E\Xm>cx[~ڥ Ѫ><}& gZ;YUɀ8⥾a\b}Oj +L(Wp eak!2 oc珨J,ȷQ'YP(l\X°RԻ <6;Md8UYkH_;]\ٿɇk'4*nX}@e|Vc Y,M#{W_ lnDKa|ZP2HLiK-ɾW*Kxd%jKȼG`C{+4h^2l4(.ǮnU 0go$g1B0 1\301[ۇj`v{Ɉ-ҲnjL6cReٯqZ%ʵy͚ɮB9$| wP ؖYx"bSֻ4oS²{H}VsI;dAI曢qf47u&f #FnED&_=i E<$-RKP;n_>c19@`$SFa2U?|5>ҋ?NE2lDd#5ðrpHH9`4{Nb3/lT)#o-1Z 1( ϰJWO̹1#]x$q6NtطPXZ{W N*U3de?̯&d`V xo-w37O( %1o0_VlQr=7>and CmP b`G!K,fVԧ(\yЙ 6{C<j3OS{lć'sU`O\y4v I~k U/R/FC]:7w-n26 ifw/z+:$!{V)R=NdWBWdP}jf5j*| [Cx` 9MvMBDzO^FPƟȌL]ET eж"8O ! {;kNjE/IH;2l{Ǘ.ŞyzyF,8w/2UdU՜89峓 o1 Ayl /[Uy!3}nw 4~z1 *&v MwseDL+IozP:v⩈w{kq_ep#k BiF4Uּ⼤;&˅Lc+EUӚ3ܛoA%\FDEPxGJW*@Jj=aK~~j!I7Ќ (* #s_>321mQmͱى]pm|g]ч[_ڐ[vpQEgGGt괮so37 )z ԳShs'L-~DpN%&ـ@x|^7Ɂk'нS)nXϯv,kV9 H7d>״.>X)|wtne_ e=p [U==uUHur,Zaxz^n.VB'89ع8`ZX $B,l'cՓVF(530>9evcf8m%ُaۃXF+ݿ O <^7^MW lߎM0EN jGջ02".ɺ(bYV 6/B+Ŵ2JE4Zd+*saȀ1cӕfXDh\i?&䌔XѨC*Iy<%0y-I F`UT{wlh=}aR |/͜C3AsJr$)BP7_'UT҄틖d Ly3I%K2خ@{\.$Z}K,FTJT%8`% ҨMW0(  Kd׀&GC si\ee2d]mklN(] /J_T`Bg-uJ>wJ݋̱u!e E~f(43mq ]@^@ϔB`^ס!Hݮ*,qWnV ^ KV|P`,NtH&s;kdnfD*pztA~Z~~c7WT l%NLJ>8JWBvE )ט]%Z*IV8"IJ p ! Muo1sQ^ulZ>Y;إdڒedRpN B̻1=25O<0:Ҏf"A95O(툽x D}uceߊєtm@FHvʟB8*iQ_e[O}xӸ?Wx!1/]4߳vURۏ|``R{i p¿inRg.ӗYχ~8PV 7lm ,#W=1cCy\}*p&ti3mu c EJn7$rIT,=`A' By5-D}$S/Ϥ!l[l3QgDO}'מEdrjY&9W>UXo'HT5 pOB|FwES_%UY\MRJh 4G))n1ͤ\pDژS(^71ДVYZOKFhRFyPue+W9𘰚NQӯ,\b\_z$O "K6yW;BX -~\[ÿےc 6)[NB137P 'Ol$Bٚ?oڛRn}lon.U:uM7Œof4 9FIV0m NR~-,;xZn=<?Z\ :G;۟aϟ_*zC'(ž- W1X3f?8aX 􋡏vx7 : чF kn})Ϋ"-dN&B*'ˏXن{+tZ~,+xgu]wknʸ}e<Խו߁! {PiJ  ~?Œ/4ë%BvZV&MΎGU}nL3'o"#ea VR]+8B:;Hnj{ F]v|imY j*MĒ }c>xRJ WM.|ggG#WDtl1jbVLXHzX/f/7CF #v X`LO"pg(J)sKF>w@`T 诸^[n6Q ѡD V:$V wNrؼfa{ǂ(S,iwh[-wU q1 '?\qކmLiNTGT1b7_9s6kF^ pRUn h^ @9+_t wQ|#Ҿ,4o"\`j 䂘g;%TY8޼)$oc~`H8 P [J[La,G[B-ip1y<)bve7xV ,m"L YP@h7lc\Ӽ)0`b?KxvtiYITq떧$TE|= yk0X~+M oOרLB#3(+Xa< W O鬵cvSz7aP՚sq ö.~ h-Rzۋڪ\)F7KM$+0йr/* $tcٓOjW3%)䶻Jr-Bo,%#%˂zCrx_ָyTtYV(P$u5",A VD=\a6GB*'$'+LQs0[sY}!IgAe}}i>䊼#pJ[zaEGV_9~2=MDcB;Wq \'8TL۳_dfLv22I?P*a/GA߆[NV.8h z)>SJ rA5 hWy|m|t`HJL "Q&=62ּ^#7o%(FQ *ŭk)]1*1+KUWj>eb%έ$[xdHTB4>8! Dcm 5hTcÐt>[p!20) UJ8VasJ]-Pz򼠠WI$s23U GNoCsn!*n$#L!~*& s!ʲᑹ hBY(҂ Q"bgxr}q^j,r3r{2%k _d1G~ 8:054Ca7{DW eLKkg,@_:-1t\oEN%1E5{A\a&8;V-ْ:mX.@o|+QE_]|Pp{?byI}'4nĻsZG}Ս2}d\Qw3fG!o>s(ZQƀ 8241cۡzg[MRsbLܛ׼ t 9W$^E$ǒ͔ QW]Ssa]Q(XDF| r7slQ^Ui@cҝqb@$K;<>x.ʊ~ Jyps^B!R15|Tv]S$_ <=E)"NPӞ,J'8֕rHC!D:k$!w僸7x+[lжǷ[9z}=TQ8*Nz>BƒZؠUe:cB8ba9{6jୠe74бF,RHA냱FLuRNBˁb;v9Ač* tC=G-m ~|h+OηJUY((cQy KXSR8e s(QEXz$Yexͅd/9t%J)Mt۸ӈZFo,Sg^!KCh285U)J:Ij ew?[W @X?./ 4ܩb[fGn #PNf%Mn@h>{@ Oޒ%1 9+Gӛ/xp)ڇWC?qn2]kWfxwnSjwI݄?+(An+>JiV2JMwͫiay2tu}â= S5 r皉^Tj%& X=:yu ,+ W`q!/ MAϐԷl6;G&s QN[\ SѾ ]KՉae8]]o}>jȵ!>aƼDt>ק.2t+JjO|b_%h\7v^ rԇAiib- v ꏲh4,$'qPz72& Vf`޽9PЇ]7(/6fʨ}23\0 zYWB@ d.KU'BMAa5t;`CO{KQm+GYŤR2]fkd=ڶN!85|+&]0rV {vWo#8(+&42ƎU\/LP5 YroVR1$AhXX(vQV#8J0sgFx ֳ\;4E& sS),quܔK+cw#Xudmb[U#Q'gH^]rc@5DAfx;D.눆Ju}"90-ypBg/F_4Ϥ@aĞg?q|I9VTR:Yjvکk']#*56=-PzͲD.OžqB]^:gтy}POŀ0gr #)7#"|@XU|hߝ;¢JWW-Ȏ1Wӹ)r𥂍QMh: NS1oK>GMaim#gSBᶛUXE[:#> 3ŷ⳹yWB)eZD;ڹFvʆ_[]SF9,P, `Նer)VZ+K}5if :DNH-%w+~_YP1<,( L^ s%9Dj3&,VAi "_ Vba]+E 3le"# e}/ ݔ|HixuY0K]^8P$K){`\Ң]6' -ccv7<Eh3V0K#sv:?˰Z ʪ H?_22+{ԎMmn 1bǫ|9&;=iꚜW/Z9{Xf$3h^l]]%%S9BuSNӘGG{R8K"guCsǴ"mŕ@_{ ƫ^+D'dLV5\3el߻_G5)(G<-ﭫY1r)1bc*~ۨGw6(;bݫ(puHSL{q*~ZEzˆ +[ 쀚kn]𺿹Vg&J0Jmtx9\@>}ZcwG܌o[Yt\B;)|H+E| g n} /Wz+{2S9byVvǔ DCy0@y+v,1H @Ͽd.$ _h_\\tLaG]f`;{o0zqblJoǚh9 =m|mkgܦ{^1c.+\3vǾ>%K,>O^8Ы~rS|y}5}3R"{7J0( c0%ƛcʸc3j\"s(` gzJ:"h_r# C|~幕TNw~ ' Tap`(N'<ڽ+U3`=ٞ^"7ke_ùț~6|ƭd.jxگuemAmt4o~4N^]]*WݑN ɨFk&*{n3}l˸/X?3ZyKqF\ԢALwi^2X6MZ+,M2X:"c$%Q}S'W-j~XcpG$H"g ̏=w4X~r7/i2CLyF1hw*c|mk8N,5TUA."|{2û%`!h0ccGgAa J8Y# "{a3A]bC7}}Kl9>OςLFH}WvL>}ASki=tT?$7&jZF ]bp.:[ 'ǤKժZ2s[HE1<?֘Cْ yJ bL;PKIbaNbu~o&lV Ȗ!bci[R&I^ANS}緼.`3fF 9, hjYXh=YI:CB !/FgqL!hA˘WCӮ#Q"$ %@%@NҠQ~:'D0]p+!޾d$Ga5ǮhvGLtw|gѠ3_Rn(%6)Ϥ:oeqV[ # SYSEzE& hvW1RoEJvUPn|&446s"U9/I0ÍTKē (^iS:/4`۷wJfb[0NQ|x2 @L>ADBI_$l|_,c?I/]Ԍ 6Q0Y٫9Cj OregUJb9_JUS0Ɖ.'΄1s>Fe5!dx>z6g#JcqTH-I5ܦ1,d41Tl8F.kV M K`d% .R6]Fu%r r!v8ǀhÃmfibʯi˱*B/W֦}hZ2{-X f ~0[0^қtCMkՏ'_`Gg.5u+xb߮iǮf 6!Xذy I)K^"Cu(X 5Ha)s 'd-)R 8/l 93D! nEڊ9Di9 _XU~_0QpdfS ,r+ D]D.e7疤t=޵`>RC1*fЫV2&4}' i|>֤We:=FCI;[3.(9f ye&WLgX2.zË*, ! *﵅:ךa&7 29LeJ4;1IlYῠsמ!<" _17ڂy>bvkf*.ե&:@ Hox$`%ŶPPfЈVˇ\R 1l:Dᡨ.\n)P K L!| ~u Q s.[Mp[[t}4Grޤu{9 X$4F:qr4kO\ roB-8^_+ETa}|.!4p~ LŇ«Q%]yW+ՓoIK\DUԷ\5z#6)BD7k)ߴJ~npɍu'*iSSQZ?-ȃjţV<o wK3cj\J-9I-<.a~3PpSF:Гe !0M : ؙ!SRtm` T衫ڂ}|^b593)3EG+ 9 s5<4:U ꥍZկVf c6&UBkJ |+nC뗆0bܼ-ۭ/G֖Fmȉ"Wt\zNo5+ȖUJ1%hyeʒi;`wRWOQ鹳URHso ޗ f |GX k@#!'>9Xd*HǼu=\sSۗp_[wk&^'R ᆱTކ[|(Y" t=$ocDZӑ2T5|wY_zr}0hߨ ,'{"3iC'gPwXO"P:*R3Rm5ÀՎ:|(4O6HW ) _aT005Ʋ0⽅/*P|ȷc0JT_龇|L[70ۈ)1)FX?GUkzC_6,( a/B!!ƀml^,vc/½*A2fnрlDmnFv}FPY\ySi"זQlY%û xl6쑣I#؅-2&q-{yb{]A>^.F|l\NGg?v~`~pʶbs,39>,Щ`q<[;Pk, VS98uH_gtQf1iѡ;wLtۂsZHlN^lBP|jV[#w֡55 JƪqDu\%E+?I3T.Mϴ]~"\}&5(4IՀ69ھU+C&VYtJGIJ$1ʟXMoe`Pw$BΙ|^*6xal D"T"Z gAvǨ;=%LyiPG`ފ.s# !vƈ7r\Ҥ P#ϕp>7wAD{uS+kh8`F~Q!V5sORvtBMA`;Vĵx4XH(vtTJK+Ѓ.^C\,C/\TJ/d < ACaDS8Z%w7_y5C}|h]xdBdg,oa SS!2mHgƻlrw _uG8lGs0sX`.o P,im<&J֝$ӉRkzaqͽ;1їy6C~^00Q'#{0J Cjf 0hMJtfGH9L&6( lK!@珄6F ̈~}KV4?9SMĹ jTeM5;b=[d==;N:vvu* KT54\| ;K_t+M4N#jg{&V Lk^( 9q;qzԂŤ9w ɍp% WZ=)HV=8:Řn!eN9 ߟȲy"W)E:@bG-v~bv Qπ{"cbgQ@=җP$HRf&ʯߔ2$]DxPǴQN^%/ܯ [b hȀ Og&1B7t;-FUoz6|G8b  WZ.hGH+N'5l0,7D)8VUjj?|")4$Uૹ“ip߹!k᜖v|jRoUfx3TddkT~2%>u#I:d`3x,@m#7w&axdy*y# }h1y@3;v#+5KSXbaE.7x{[Vr*zP+RpFn[4]h-xg q{ɰ;gP3_|%m"JpW/J ~g[@kX#}v€kA HC"uvV%{5\NydBdPs), }Y'DYQޫ^aȋJpY>EAާ۸U@hV`vR p)§F"fQB{l/4 ">%C v=șf!>F*X+Tq&?hcg`dvvl:gRXi*Um C8F]hd2{مwH|bZ2-dcZ?%0\sI B $H Dh_!%tͽTN>qpS ?~1#Z R; .=9$f߄6=bi D\)uɯ9Ami`)&BͤЌv>>:جڲ?F)Enz%P$~& ǡ$,$J@ i2^$h\SW\H ]1QB',Გfi?0u3xh]5̰%)݉ʤ5<^ƚ"N"KnIicMMߧ F0^°B1o%io}wkgLH!J_.٥fEi~.[/gFV;υnx[d, >Qa5[di-f_kać3wIN&jž&(b2P2+AET@ynr@8DB1]ќK/̸$i|&y:X* 58%L"z&K=Dp^JMr6uvə ف4I^ڃ a?49/0< a.4А'WC+VպUs4`?uB D\.=NreqIF?eY;'PE1ٸO#j\FS%"#x?HQ!UެW.(feQ(+\h#Tl@{ џ>dyS RHReAiyȊЊ [/!ïX0$2"Qģ@Yj55-tLlt"[sR;tA\i k<&R ͮPMe+BJ-xlͩ`d q*65(/lY.;䣌y=9è;3ojkNxjt)tVUZ;hY(oe[WnkY KY !6Њf4 +hN*2vHu;c]>@<Ŵ`mNI O1vkfJ_/,H_FŦKO؆!^twz_(@OF^ ƣ!'eov.68~%HbN`@EN ʔxJ hI AUt^ 9U"W^!_p1@k8D-Yi+SϗрNt $e[\I!^/ Dppz;Hm&jQbWEc @Z4zcué{_il2{*!T|!h|SCO|KpN~Pmӵє剢9X9~hWT|8Ug{?H܁]KD&%PlRHtG25,lmPk<&|$_g{ lvʡR3D*:[ԧzԀt\ ϺМzcHd0|,Y e ݃q(7 tXgbڱQ՝c#9* AcS\l(-<{li19D;阂yWX̼n;[9kuZOܯ/KtnUjpFArK{<$q4rrt8{X}m.\!,J2HAaޚ|}߲61ʤ;(<13ޣM{`h®v_@=^PN8$G+%g~"t"D@H-\5HX]u&cF˚IR1 ),)$x{% i DEt2SKNSe;h#kiRYdd4b7ј F;PT⾌h7^2vzch9E󙐸.lJh"!Y I;A[5˴ /*?\T0!kw]1CZ^: 1h +2S@p_2$X&$PF/N| $/]G|JE˺ib7<-n)KŒeK)PJ|־tQK]AAC%/Fn29+fU|ć:ѬT\&a3#öV1gao^w+e`\K*nSv|kBMίÁN瓧xSbUhɜ{ȶD{̥ޓw$fYkA%7oa>Nȯ|)sqdNq˞%\VS=j%uFsP!O=z`ilJ-8nG (nKSbWщXK&^*ԧ;7 !U#ru頲/g%bW\?WK4YWr܈a5w_i0CG*&4؁e2T˺ `KA[(ejso`` )lӤ>:GbPR }_F/0@[]jiIN;Cq*<xMx7`j0B@A3xL WTocCR;1*(jx=c2^Eִe\NcG*&1;7?)"Aػ 8$FG~ |p{N2 1W + .&y>m֒m҈U.Hcϲ/ڸ+*ϟ1b:c3ݾp设\dvg9v樐Kk`O)>C^Hsj?qwDFך1NtךX/ LPs- pYGZ2 n, ;]bZ @OԢ˸LPdٷQa9\nm9.uKeM M r"+)NFp_./PSVDr z{=iPHWJ00-J 6 u1rֽԉ#kvSC gՂwcXGpr+b2‘VnqtۇؾجFL^YBZ3םѬ+8Kc(R.!@WeݶADѕJL*:,ы[r ?58|Up/x'P}Q4Dd_kOfMZ-O97" #~IOxg yUbx[_b<@CD֩9ŠNkWkOhOhiܚSu)%\t|Uy  x ֿ|T90']vt=[/mIhsMIHWwLe/(FlFT4~ ѽzc^M" DM{(uiwq›ey4it*8 aj7e IJ f4/њ6XyNO 'g۽ =Ts~Wx.9CF M+6ˌ[%5c3QTY$pAZ>~PESkcVCE/L^ݩ?os$v";־mʑIWx&#!ѧAf>PȄ%647xj"'6(K^s Ko"沆̅M(eONMW/Do t|q딃pM abtMkS$+ЉԳ"m1JP<MDz 5KaY8"nXK>.Ye][e{JZM *hU ¼Eyt7q \]cAn}HJubcEE]>, 7fB=w i.]3q|C$|)e'ʉ.E^P&)*%U*vC"[C\M;G؆M;p N{ɢ@*Ё+eMU}mY_Lc,В]\TZ?xf!uQ; Ws5bTJhE*hN|6; RJ5ׄ^o!sE1uk"!Z&"_&"<30f4|& +Gl*+{ (=v ʮy Ӄ> ' ;As5q"f(M~8>1$oc77|R>_py2i"Ϧ&s3aq_2;ba 򓇔i'yOp7EO䤀)~IMiT_FF)0E0j#)eFQ7CL%N=RUK..OehBoۺ]6.~+1 aj/{CuɦBpnZ"?>Iv3 oԹr9 3e`h>_J]~xZC63bFW̤O`&,@?ve+bօ+ʎd-u sf4t-#VL˛ jo:@HaJ* ɞE%UP qdA5*̓|TEa`5)v (Jfw'Tĕ^rrE38Hrz8TN^*])Wx^Z6m/?5f~l=&`!ΐ_j.gBPtwtF3L,?oawPzfoL7R7)zScᑚա`Vq2gœ;%+ ~]+d7T WhStK0lpXjU> M'iKyCyI cq_ IQ8W2 jk~:ro_K(j㇑T =DHe\>oIeV"K #%2>#0L {]h%w]-[Oy!BA7^\5FXL pҠ:l@t!M ^'M3SFH$_cALJ0As I86"U\OzU~թENNm3S$V&=sEa*H3{nN\ߤ6 I[zQ2&ZEƄ_|do+ر|"]CQ:hSc8O껫%V?ܸ\rD Alzs}lDr.䣣"!wx-'NкϦm/DM=/ .T0j([ wJ8oe'dla#O<*,iNLWTIvJ^ ]8<(d2GmF/1U>1:(%UUP\_b0bMG*5-ܽuj΄ ~4LN*O(.%ºfzu_J0Qf O:e"?YӜ1mKʝ2!\vh)ڵzv4:~zS_0!718 ~U"$~,ophI>bGsr̟#nAf ,`]GUT@͙Ŗ.B%7k+pYcǬuKHw#\&<]ݑ8{QJ!/db#;1YV|bIEOE,A5fԃ--;\eG lr"E|ғ̰H:)5S~Ń7Nrw#.׽%σwצae"" OOxJ߇&׷45Oz W LK.s„YV@3!6Q ADu)1Ű[NI*+)s+s˕J; p8+.fJ>pODR(l0y 0 $<=+ YL8$ьCW~WƩyU? {+s&~!U'D/ؖ8;7\ai#=@PrH6da:mYcֈD#re^޻J"IR' O w". CpF*+ﻴ^襋,}mD(h>ggI_BvѬxQ`}$Nq3Tr0vV,[R+ Z1q") kרՑkyzs񻞧W+U듳V2n[/F 5"(8\w r5r[S8S^Wv'R|,McT"c̆N$:ב]cob%5Mr֢ȉ k`\&ZO9lϷ\CFvrUx,y.J 'ſѯ3Iumw1O}o*5('E}_0α k!o=>%υ,.QN(@.r aς7&B? D{C 1H+RL W:Z2|'&詯sߨ~`e Vk~Zwكv+kI[0  %9|u]F7vF 33BggWk%ucpF0ZJ)~ȄSR(KȦ%iAZ툷ʳ*'caU<< @#XpH;z|8*yw+7fdzObmPxۇ<̯6l4e"ZܛUu7`64}s1^ձ޸ xyR-{ZvKN F1rInQ#y|`qC$߫鄻8E7?QF3M&UJM 1bH.*.4Xa;pqRص"a0s@ =R]2Hcɫ {3ƶb/<}8-L]uB:3d g ;"1l[aCd/!ecl#Q2Kpo"o8`ȒOpf K( ?2Ca ;(!h>*jXcjM"J*FkJ8a\*ש tܖkw:ܢl‚Ji0~_qu޸8 .TtNvR_jeӏkHo<2 [gE{yBEGv]W MOn4: #+q~ xQfَ%`A˨C"Ms™7u<-Az~V@j;& }E3ýa+υӁYa8cpINC|Lwq,''=)|Sx67 +OU9Ԩ^ w%{}4ЅSz1:eE>ԇkѳGwfrDW@B#!FBSԕ0q9 c.7fhVc""4 *8H[yeM(C9|րP슲Xʋ~@З]V -sbD{5I )OΠ vTyfPTЍ|ȽCNpBdGu/a2k\_&\mŶQA ʇ0HBFDukԷDi<(uvik4p΁15&oM~ =0j;^ueAUr42L!q:!˟,UlCo/vnz̺͙"x{F\?7}CZr/l3j۬g] cmbX^#}6=z]12ž!@7jFjJŭ{}}a^ۓeϧX >M`aul-CXXa 5ɥDu}=h #XqvC['5$1G?eUmtu hUfxERPacbӋ+|4qݕ{k<!emB.Cj\DUOE >c⼴lD!ɻ}'0߽eTI[!!^#RA- (=nt' &YY TJE(j,9{.JMyf; l^W%\4a÷ٻT7t;VE+ڪP,ȶ"ވ]ArU}:T߼!KrbBga/YcA2;"WE$%C8vZTٓZ19.@0Y38 04֘[h!3&oء%%f;|_4a@r4aU)M2̊[ro6VS9w2k.6Y=uV~Lؾ> jcPeڅ tKC$g0* wTLZ;ŵK(GcM'yScGɩZ|H>k!Q=LҺ>,ތqa.T_//ufK᝟H`622#".\{rCr# ZPw`3{xЕ;1-b?ȫv\7EIl; 8\8Ӧ.jQwL\] /n3zOFr/ 6/euKMP9hq:!1Y g~ZEni7*$߂k$%tVCde.ry1DB݉ ` /s׉\ 3_D-H^d;1=F\4N'8aRvp4:x+k-ZM I ֚LӚpo Odo^ny[" * S!Z{t$TZ9U:M\<`l > e_LBlzd$ jO)rx&g2N;\:Akܻ{QhqGbGmK%)S,`ɩtT XM$O_k:/s88~ك?釔dǡ\~Cvv΀DVEJ)eՌytW˲SmXtHUcP^uo"O Wv+Ohgt[w.Fjo=5' MqdtM5^sCB綺}yyn%r=PSiP?Snf`!u?ja#%Ȯ`&SJ˖0υۚ`$#8({"卾̶"DoC(⯥s&5*>͋\(X!/+nڋqC*݁|9ԑ #3@i{ylX(FnI903&rB9- k؇/2e%-EYٞZW'ꮟ` zTD. |Ǩ2֧/ Y~3nH*ڽXUU{?F$NBYaQw} RϽumEi-ԯJܩnKz;IbJd5Ui*$>y䧽ZV싻K3j]T{׻n,m%qY?b(GUt}â6}b hSMͥݜ f6Cx2yğwfN`]8o&Z#pVCc|/OV(%xq27=C1$)uv>g/童7C8;z{Rf2ʳL?KvM:b<@%)՗`[dxg*^^G;/+(j&TY\HrPu$=nEk{'V۔@/sDBuzq.*„ۚn{f$i*o[gL-Ys=`vXn5kVLwٲ5Il wtc'2UDȉP!c})oLt{j;\ꞡ}UwNKNw`#ᐰ0? wȔjtߊҸMí1&.15}!FPՕ*Α4 F|چbeH~#˳%5,üjI0/?8g3ǁqzte=<GԬ!p BQ^ 1kt)+r1Tr()9]'Blz4}ݲEW0.:04}yʇ!sZ_2>b_TZ֍bZ2!)~SA]vNܓ+oNImttv93jZO$?,w6I.M;4P,xGֱty\I+UئG0 twcت|1I zLG O@ʩ'<ԅgPʆ"ܩSLGR2Ṁ>Mb.AVźh-"ٺJ:2O6Jr`x;3*H t(1Zazb$~;D@ت*H+ * ޣvp#񐜀b6Tc B(K@tRlK;XtW6@01S f3 Lql~" h*. ;X dJCj+ E do^#gIP21΢+mY=,|٩uK?$0#'2U醁ڿwQ0.#L, D!zt(dP-UTn`qDR:i&}?Hgx~ _JaK*G3䴢 _UCBÞ Hp&}Y owh:7jDe*5-4`1f-"NW*~(+Jc+[ k&3(܆%eA풵' SC88s¼vb4cӨ|~ϛ}t?˕5qJNUlv\pzW9E".|jqu(F4TwCJ)@\х< k/R ,Z ujnVHCo &\scߨ&Kd`*6e!zGgW^Ѡ}A6V3f+u'lgLr9/;u==8rAu&Q6lQdcFl2b-X2rE.@J/37N&y~|rUS:Pyہ%$\NvJobzFЮn\StPxh'޹B#rmF7%ֲL`>Quo6+o|;{T&qn;S?՚Mı(" DD/ ۿWsE6*nuu\?vyWU>n!2FcFE|tD ~)n{~7W~u9 1sq3jt#ߙ4}+Q0kK;#z@gMl|y sw ÒeA([v% "ߏHìT5Ž=J2(Ky.OH/c4+Jt[YL !S1#BaM;,RK@@MO?PU n1s?};&rq5s u\Hk(Ugm2܃p5۬ג6u{er$CJ,T, ѶY͝VuW <OSr~9 u`v C+=|i S%𪤑N*ҏ {}rk-QytSѳJíI&"G jMzF50L׀8\$lUz*aoj4Nw$$11MTӼ2tޭBD0F. ^=T2yv:`!~/IAn)DzJX Դjhd)W#(ܧ״ h,GMm5*?vLx-2m~KTsҏ+LlCfQcsCvS'$Y]QEl5ކ)4Bʙ#/AjXU }mcy1Hg Ban yq)kC_0"ċۓs@tPQ}A258&=%Z@X{C?h?|,z؏9hrM{ fr>F<$0\-25tSkB U,Ty z#)1ZC6UĪnkԆ@Cyyɫx!ĹkeA7NJ`<_;|Τ,c8}ȜW{++3PvdQW!Q&`FCG+D LS|pmF'NQP*aC’lUV b\!u5fpe a#lזQ}I;#GSRѰ@ !qb. E7Qo<Ѐ6eFEFNCf m ໮O)\c{UuIЦʫvk,[AHw` ݤNţԒԮ-'FH{!F =b 7gSA|GlslGa{")gXR#|&JэZ^v(I)r]`7YJ<8hQq#gǨ 7+D4mFV%w a'~4<]f[#CxK孛^]z1Sb{YT-a+hV6BLS_1xIueݯDO4d`-Z"$IA(Pʻk;? $4skoWƈJiO }$BWlKhRޚXFhJܭLJ1PD#P"K%~c0a49X`1$᫇/POlW6vDae с ' *y ~zd߿H#Wꋔo{]Bi]oUg5 ܵ#{B0HG&.~ Հ%/Hź@o?$j}c=[ Rw }W¤GT"/̥IthO@E7nٜ!ۥ7fJmEΎr3 <>T@V/[Ӟt\0$t_@ZWCPAa Idr} Bõ`sZT'xsP\NJȥ(Ԯ DSw,J3#3 !jѬ#ge\o'M~LsUjWO@05ŮdμE.ޕMI36 }9s[\YVbGOlɒ_oZ3zukU:#믬bZ.@o}qٹqsUZTGP7iRhg|KƵX'iGB:v~{"y11Wg~1@ָCԋj߷ Wu$X:'I{U 0jv+{dN_R<΂ң,er?B.{xŋꛈ[Jcč>| jݎ>^nNgb 暁{q7V`(пQLI8't,D;0-%fVZ,[p],{091')rceL(5"Lw K(t_Cea&]>nKKHd!a)I?RqR%9D*r}{n?ˠ+ Dsy- c9O彈" OMKW]j,dbWy*\] /*DZn5E o*V&DGE$WwL!fb<16ܺ#p~J: Ll`fRDžAG#pJJ!2Nݧg ߍrY xkgKfvEuP@# ;u`|?#jY V݄۟;ǜ]u6_~)%oy r%)3I!Cx"} p0&jjqIH<,~ ~i-DsLT[t膕LK@^ 笝<Ӡ˅B6r1|:mtSxǢrչ}}kxT~3eF-`ܯ6~uO-B:`mAzPCL҅~oHؠ?jܡ ]x[[=F'Pd~^ZQ'w*A1覆+>H.aVخmJ5f)5Abp]<9@'w᧌0%qu(4YQfسtJtvtLwzZ,E^Ùog̽/##f(+69/WkGVU}pöOGC@k>Ch̩ZNG`;ܼ0am>*sy 7ńj?œơlLW5xEǽxUN!;;gMjk!%F(M^!j,48=էr2qD\(C$Dg~aY$a>œ"*UHEdn0޷=b@Qz MלnJ혦Ʌ\|t'cP,Yly,O VNVGc W+Oglnxɺuق|sR!R;xhYUV_ޤ5j4+D 9ymW^Na H/š#Lp0rk̽{O6W-/9W2{h)*в{c "ƕ_j7Hf LHKeP_M<-{=X2ȝp =dTK X/gxdD-,)TZ{hO~ׅbkM"xNcLMU ,bl4pW!^ Ԗt( G"*e?wכM{ÏW"Hw7mx&Ȣ yN4u ^IrS*AAAN N6'޸y8&<[/.VUb(\xF0zǝMBϏMR)*5b4+ԌâKٽ\ulzeX܆_RjZxKiۚo }o:'o7)J(Z*rd>OWL7GU;,be] ܥ]bYK2Xh)w6P_&;MI0r{aG R.)NavxF0^Ϧ^7:X.V,G(ῴvH*b]"t_qخ_hY*A|tA;O K&Pvy+N[2MW&<NF_  WQʦ~?jT̿ϱ~@`/a|'1{Zn[ܲ@(iu6jܾ뫵!DˬBG-)LE۾Z |Es j8# e[dFѭbs:c$H: 6cqo2#V'?%,PYسOK&Bzyj`R q"ҭ4h$ 裑6M~2K,aĜ4ʁji8v??ralY8G~_#ƌD|tCoڥN4i)aP( %sVM0/et j\p\o/!58YF+="sD-q,>$\l [ngNP>kO*xK.n91YA ƈp؀0\(.TI"TQ%oc>l[kc퉞A9B[4:BA&~"^)e19cښyC\e -}gfA&>jb,3Z)^yn!No ",3u:"E݆NEц>v_'d暒V w} H mV~Qd RdD0źl-Γzs&lʎzZ ܋Ƶt[4[..Db@ϫX0\D)r !W:%pўbe5}= ',ӻ/LrwL0N ;aWzhTğUaIrn9VeN[?=iq%kRq#444zu'Ċ`Ȅl騮z$N܈Ja[)+>3ycQAhYol=w$fy¾OM.8HZl +B  ^3 ͞2na6V7;bÅ"8\ivnفbB p gkSP[&B=["^EO.Ǜ .ψ%;@ osqWߧ< 7 k8|i[A>ЭVRK(L@Xpb~9٤ q>[YaSpik~?Uq]txpIۣl+N-"yt~hZ)̍ey`yOK ٝUF(Bx0P,N-/b[KL^po9?cL!䖫6(YJ0{I,OȑzMj%u<%"|M u{H{>1)/Kޗ}*^FF}Z?PbG$ܹ27J#POcY~z||<'*EQ)Bh/UkKLZf?tD:b 9PA䴰"Ԇ^@zc+4َ>//HmkoAI'g}o'WA6is@q|ڷ).#ӛHgwl(#N+9m=x, =W9Aє'!}j,˾/{nY?rs >*m;YbX}M73X;^k1T|;؀ήa@o)R|t/sP#1 Ȓ{˞> {\E"ǮcqV?5~G}seP~H=**@ϲ> 2pbo|=c$pN2^KVQH޸j4t1:.La ]W91T# D媝Mz[> ~~r!u< ˁ!lbjT*yKxVBߧ1GRZKG(zzCFAԠb.$i?#ouPso`ʋvE]GPx'OF#5ıQT]TtgLm>V":w+%cD?ܣ5%/%uw3W'|7ODۄW'/!Z&]gx0)l )n9x+b mPh ʹ4E@IharWV,zT?e t`.^\|7R)ȯ;MSki MMgÐ}]fG}^iӹsrs֊~fXdN\_( $ct3b 0`JH,U"x͎r[Kyc] 14XS^΁0f!\' y=p!Y%Y0eи!aoC"3LI^UVoUc9<5TΣ4-,h4k5VÕ=R$]xV.GQtW|5$MdN*HUtRU _MC [8`#9ƴqGEjDOSnzߌ %UɆ8AVk fU(c{9tC#[Ǘ/G~oMfu^Y7f[p~taB, RF?AD(eG}I;gl> G7Je]\)Eu^WI/+­ژ^cFyu% RlTs Rdg44?n4 YR8xhJHar  4>E&,6HVacl֝l%HכJE Ej>. PDtcF/G׳ǔ_e:+F&6S~2;(1[իH<gyCjX}VOٖ ^Rf#[aiwȐmGH+,x؂HsF6:xun#n .NGJ)VW94/3]" ],&e3>oӻhy諞AoOϜ(F .l3 3":P u^"Jy*7F;A'x2ʴG^ KRoLABIì>$=kjll@>iM6Ϗp#$|ւmP)^ 9CIy7Fjl\هvnU0:B&/rtD(?K(׽=: w<>Qs8$AeO2X[oiVR1`ENxoS# ڠ# ؅'R0gCG?Ǝ3gωPWg9 ۯ&~sI:6L#nRXHX"%@؏3;t0١'fV'q\/M0^`)jM%DzW1^PAU8|NoSů):K鬀rL)HJH)Fx7łavKR2^/QE4w/O߅d{PZ#׶O"KFG#?ޕCF8o cSd"YXq=ycvŽN+F6z Π7 ŀGⶎȓ*b]EWLf%&P6# H-@ z shadsqT3bJ[M,#!B^8xr%m;Kg,Ԋ>g܊XAK}-n5>e\|9%P >q1Jf٠\І9j=Yw&7]&*ǎ(D Yy!Ɖr}! [*]5MS 71XPlA1)Zwa7]_d~44S:?/JOvɽrCzv=YHf,dT`!E4 0|MPlo 2Q5GI=Ǚg&sZ}udtR:@+Pw6̾+XK&^{hzOw6}F$>أzBPoѵ.A\& .R?q w~)4DӳSBĔy'R;i';{A>CH/*_ASŊ,ߤ+ܛ窏C|qL 7ItÉT)eAe xf끂\yn+܅ZhS52~+!{%`a&oǖpFi z5I*+x" yrdFZA..XxOoqwδ;bRBz*JEz!)~P5UeGI>Z:o!k>)ȁ0?6[/3xىQu bsHM#R,I7αIPIT^`!n3B=:6g5ݑD L71W~r7<8#ŖC{TKbR߼ -EZ@)tyBQTxCt!ĈT?x6@Gu|C/OyWWTHqDвG20aH.ݎb ş0GbѶeٟr'RW <0!~՝z5N qI<$3:s/vWǸaPQoN7c"LVE<]{Hm@)ি|F opdݜ?+Z|jJWC[LMC$ fe=Iњy@7~MhuY]5xPO-?j}E06/}s˪ dԺ\IP@ߟz*X=QѲF ˅H/%S^ ]JЇ4f]3.=/gpcv_}m}O_4'w }Cd-ȵY .@h[Ti' t{I'=e|Ǟ9,[;آr Sy2VvlvӨNVmIr)^8GP! xCf kxB/L0PN̈N%ANnْ6:3Kӯ ɦ\:_k *a}aakv,xʜm!J3uDWL8jL = kNS0\:eGfEQ{l$x_k:`.ʝժ2Jsy|xпtdDҲ}󵅲T9 V Ld2#vS#vWgw߯t'-ΈK?CgwW m9ַjӑͼ+wdmECtt>#P@ "~g2%7 O*B"(&_f; qĜ0}2C#ъwٳ<[6C!W@I;gBg]B9<ڢ휓^}1G"!@c$U<1imS}fAWV>'r,(wc1u##iќ<;;CMpeٴs4hTNb1%m0c,(}69ӷ%- pTMa[ME|{7Y"A݅T2Zk32,FQI8SkB{nXo}ykS1N2,;5ulұwO&y4BJ|`S@'ڇ1{ye$eKuh(Ln5r/8Y~DP+T`m`!1WST"n^MYҡoH+)zFAt(2)Lk_Z듔q"ETir ;5q4JV]^Nӄ(p/4<'b>*2bhwSf3Iy;F:'꼿39P;*E`4%"i!ɏ# `d5<-mR`:BYə{Ս瑡UrenGё /1mVT zEIʶB~_#n*b>9 tc180۶?mSI `4Eްtdޢ6VE PRFzžx C:EuG#dflc%fɐxr^$C,w: a1rqr[xUYx5R`IZYz&I{Fs+{0gafn[а% &1O{s eG!JETcd,M݂5q&DM WwnyrLOD$PsH(Nx-!O #. u7RiO[ Ze{'d\XAvm%IwLdȹ, t|{2wo#a`];t瑙: y)KFPdĂȷa'~J1%I^DbL%cs\AvA"k| V5G>Ů5HOC0W~Y2Y8ID4l玪'?r-5xo^y Speĩ6r!Qjk.B")h  W@LcSWTAR$:+k!%ivw+)Xܦ'ZhU$]mui\|)9ʩؿآ0qf EAB]wfT %Tɪh U!rI :Ft'J*]]Ļy.#^I}ĺo ̟;G"Πu);'@5g^hQF`5y/W*i2ƹʉQy΄3>|`Bs+zJ97Ak(;dH܉hQ ^(~ 85_U!p;{$#t@z B f$Ljk+ 2w%okX>ٳ%x'xK%^V?nfy!D:w$k :*eA gfv;iM/\@3r~G'D[c ?]cƶ=gsB8jmlߍLKX#l"옯ywjxUq.б1ŵ agk_ @vpNS|)7No?J%pUsԜ#vTfjGAzCײ@zTS#ʢڃ3 e|oVMhIV-ə}9*`ːp<6v +:L6@&O/@..bDfnEyYA#i;kF#gܐrKzs74z] z<C,+Vқ|< 5\H2I9Ej%^8{*syS0 8Br1~8~3R%eEIVYicYY_^!Cs-][T? 'Ūm M_GAaߎݲJu7A?uж>9F)u2WYի, (tA1ae =PbAdgS^iNs'01@i D1@(Ra7n;`n'Sf(^֌9ߴdmZ*y*Sc!.<wI)bb"ۤ[n RigĽw xJӌMO&)oRӡFfoeUtdz">DŠ[SXQ7}]un-:*Īc_Tr5<{[4\iqqjgVq,?GvIT^< zvbQضv)/P>?[8f LHcd1ԉ2LP§+H64! XF􆈱EQ#2݇Tv*0^P&;s>@dXS3}7HDlsJpX{hʾ]$ȿ ee#Et1)cm܁%8sC4RUZpWk_m n $N{Bц|!0ωZ1Nٻ(Z63qחͯA/ /k,];qPlt.l] }7| <̣Q@A+xGWus\`/&O'kɱzbU07jPO+Ө0lEWv@FpzٚQq(¶-ۀS^pU'BC!O"rA/u-"*AĔ!"z3揑5@<_XS<5&͈`wsRiM??> tAb4 6/4#b6^$:TI [4VjC'X%wvbR8hݴ4W-A[ s @э~c~<M 6p%r~yiYZ*7byhIG./f))OWgetpf2EU ix+t}7Έ~{-#KtgQf (Ċ]6hK;U۠ _?_*>)uvʯw&N4D-9 e5_"7p'XboFjmf"W[xR;/pФ<#K吰ޣ C/*º& upډwM!dHF͵}SS#4g]k@txuioSΡؾp`!6*dZ{lpBʂ;[J͙e5.N(:z?ľU̢R i l)A\6/7|䮅zzR 84 隌oK\Pebrق#@={!#(#m鲸֜r󰼋;cK%NIlJ䮱l|O޷i>kaT?x8;dBK)UEA= <{&"K P5JҢP| 7.0@X\M܎ 0Š9 RZgJ/ ck)ej!Gٴ%+N-LMH4ݭ$3Sm_ Sxk_.aGQ]iJƃNc*˳TOƖbj}A="J4x#4!u8%I0F݄;C.r뮢7ۋIz kv9ح"(K}WҡmUW+z1 YʼQf3`vjel%lQ== 6HOJ* 2 !\\~R]ZuYScĝņknO(-xZ|L:(E Gmt=IR+-1;F|PRim:c=$7/v1n?? ۅBb$= ' &Y~0jE%P.P J[B ažbF㱴(*b֨SYVF`J"t ($x.آgFS#QI|erad}C,m.ɣˌb]/SCN|+{JPWNd.ژC?TۯKć)L:=_٨ rz٩,{=Hd)h7pe8YF03L5{S˜rN~;G&Y=?-EЍQ;660ǒM9$]\Ȳ+ jObJz/MkGRCREhF m4<b<~24.NHytq8bԕJ\.4 \Hy嵣"aѓJڍ<~M OC1LXKCIA/6Mn6.r>?}%sf-`fC`K*LIW_"1IBSn@xHJr{g>#*O۲Nzw1M?֭#o/e@dG`RA2 ^X5>$J.ww~A r_r=.2v42\N Xȣohm \;R*a j hR#>T!Nj!>a sThgA3͑@h5@R6p5%nY3*%p@,PdSDɁ5oy(7R%KMGR>-n~k& /erXkG.qBAxO+\51G-_Þ)=W}M[eb0|\ BTNuꗪ@9ؔoˊ""F"?q!?iR}vQ{:$_8;`QƮ~4@o.Ehd>:йM"UK:2r)81 0fJP@vK^ $%p/,ñKgo-m>z=GSb\lX1\} x=?ҡO4pɸm䏿 -WoMf޸9R^ d_ވzܔ_Z_rn #ņb\?Ηk# S@2֔vpJ\IL|D4Booݓ+='rb|tG _t;F+coPd:͜}x8 8q#k~>Dn<~=# kj7.L=Cal'u˫1,6g6DCf֤X)rRfu bW~"T> !wт`i4G}\گ21#;'k0/ϼ AS6G;V3 S' l*htaTp+)}ّ6{9X::՚`EH܈dP pՅ dV I5WѲ0)8Z+dBvդ(7-i;17ȶZņޑlq 'rzʭrWg_My#`!UDrmM.|&Yp%Qq A dfX%fѹtw_Π#I(3c!c5qоD\ۮI1D?ꨩli#t'cG* C;'eY@[`r7HlP7`Y".BRB9~HoLеcm-ڑ^](xʷ;͔KmmXB%N"H P%i/UmD[ "=m`I;Lê~Si͗}ݦRoj*O2$bY?bNj%lMSdܼwPU֖ @zVNпhſ+FEYC/f?y̶vz:ȸ6C+?@~e!72%~hj a3 i G YZ