nscd-2.26-lp152.26.9.1 4>$  Apae/=„89&d.l*1{$x6y yEb.P1ZUn%We'@t0flWyX&Ǯ>A~0z;Jsr] i""Ca&s]ŏ`]H s_'}^3=ƨ몍LPۺ5_pk{R'0; áӠY!F*G739da841393e2fc4ecae475cc311b1ea9cacde16fe8985fe8bc7f192371bb1235107d5e2f498e23ad7cab15ecac0ed0e2f6657a97Xae/=„,5eț:m9(F|$N9!O/5qhNVU*д>pMqGڸH"(Wڤڬ𳫀r Րׁr=|ᢴmr4ze *&Pcvi>H]9,€ޒZ{{T.+/O+@ZY%ĘzنU&˘IG4>"0N2\G@#jSep8(}{z\u^āj>pI?d   5 $*/  l     / L@|)T)@)(8z9z:!Ez=>?@BFGHI8XHYXZ[\]^O bcdeflu,vh wàxyzĀĐĔĚCnscd2.26lp152.26.9.1Name Service Caching DaemonNscd caches name service lookups and can dramatically improve performance with NIS, NIS+, and LDAP.ae?lamb09fopenSUSE Leap 15.2openSUSEGPL-2.0+http://bugs.opensuse.orgSystem/Daemonshttp://www.gnu.org/software/libc/libc.htmllinuxi586getent group nscd >/dev/null || /usr/sbin/groupadd -r nscd getent passwd nscd >/dev/null || /usr/sbin/useradd -r -g nscd -c "User for nscd" -s /sbin/nologin -d /run/nscd nscd if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : for service in nscd.service ; do sysv_service=${service%.*} if [ ! -e /usr/lib/systemd/system/$service ] && [ ! -e /etc/init.d/$sysv_service ]; then mkdir -p /run/systemd/rpm/needs-preset touch /run/systemd/rpm/needs-preset/$service elif [ -e /etc/init.d/$sysv_service ] && [ ! -e /var/lib/systemd/migrated/$sysv_service ]; then /usr/sbin/systemd-sysv-convert --save $sysv_service || : mkdir -p /run/systemd/rpm/needs-sysv-convert touch /run/systemd/rpm/needs-sysv-convert/$service fi done fi if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$YAST_IS_RUNNING" != "instsys" ]; then /usr/bin/systemctl daemon-reload || : fi for service in nscd.service ; do sysv_service=${service%.*} if [ -e /run/systemd/rpm/needs-preset/$service ]; then /usr/bin/systemctl preset $service || : rm "/run/systemd/rpm/needs-preset/$service" || : elif [ -e /run/systemd/rpm/needs-sysv-convert/$service ]; then /usr/sbin/systemd-sysv-convert --apply $sysv_service || : rm "/run/systemd/rpm/needs-sysv-convert/$service" || : touch /var/lib/systemd/migrated/$sysv_service || : fi done fi [ -z "${TRANSACTIONAL_UPDATE}" -a -x /usr/bin/systemd-tmpfiles ] && /usr/bin/systemd-tmpfiles --create /usr/lib/tmpfiles.d/nscd.conf || : # Previously we had nscd.socket, remove it test -x /usr/bin/systemctl && /usr/bin/systemctl stop nscd.socket 2>/dev/null || : test -x /usr/bin/systemctl && /usr/bin/systemctl disable nscd.socket 2>/dev/null || : # Hard removal in case the above did not work rm -f /etc/systemd/system/sockets.target.wants/nscd.socket exit 0 test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -eq 0 -a -x /usr/bin/systemctl ]; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable nscd.service || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_STOP_ON_REMOVAL" && . /etc/sysconfig/services test "$DISABLE_STOP_ON_REMOVAL" = yes -o \ "$DISABLE_STOP_ON_REMOVAL" = 1 && exit 0 /usr/bin/systemctl stop nscd.service ) || : fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ $1 -eq 0 ]; then # Package removal for service in nscd.service ; do sysv_service="${service%.*}" rm "/var/lib/systemd/migrated/$sysv_service" || : done fi if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi if [ "$FIRST_ARG" -ge 1 ]; then # Package upgrade, not uninstall if [ -x /usr/bin/systemctl ]; then ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services test "$DISABLE_RESTART_ON_UPDATE" = yes -o \ "$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0 /usr/bin/systemctl try-restart nscd.service ) || : fi fi exit 0 M[0 A큤A큤A큀aeaeae2ae2aeaeaeaeaeaeae2ae2ae2ae2ae23dfa1280f6c20acdc451920963074e116a493e11540d7857592b979622669fea79fe74962fbce2fa9b2a4b92f693b2fd42cbc2ed331fae268de7104879a72df879c9cec5dd2414dcb76d11e75903aa6fd9b7785c897cb9f853edcb140a71b779cbd16b163ed9b967167db911d74704d90371d6917bc181e275db952690a18447/sbin/service@YYYYYYYrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootglibc-2.26-lp152.26.9.1.src.rpmconfig(nscd)glibc:/usr/sbin/nscdnscdnscd(x86-32) @@@@@@@@@@@@@@@@@@@@@@@@@@    /bin/sh/bin/sh/bin/sh/bin/shconfig(nscd)glibclibaudit.so.1libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1)libc.so.6(GLIBC_2.1.1)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.10)libc.so.6(GLIBC_2.17)libc.so.6(GLIBC_2.2)libc.so.6(GLIBC_2.2.2)libc.so.6(GLIBC_2.2.4)libc.so.6(GLIBC_2.3)libc.so.6(GLIBC_2.3.2)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)libc.so.6(GLIBC_2.7)libc.so.6(GLIBC_2.8)libc.so.6(GLIBC_2.9)libcap.so.2libpthread.so.0libpthread.so.0(GLIBC_2.0)libpthread.so.0(GLIBC_2.1)libpthread.so.0(GLIBC_2.2)libpthread.so.0(GLIBC_2.3.2)libpthread.so.0(GLIBC_2.3.3)libselinux.so.1pwdutilsrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)systemdsystemdsystemdsystemd2.26-lp152.26.9.12.263.0.4-14.6.0-14.0-15.2-14.14.1aLl@`%@`@_^)@^@^{G^g@^`^U @^&^]@]7@]|@]@]:\@\\]@\@\|\~d[[ͻ[$@[t[r@[qr[^[!@[@Z@ZJ@Z2@ZH@ZZ Z}@ZxG@Zp^@Zp^@Ze@ZKt@Z1@Z/Z@Y@Y@YYܶ@YdY@Y@YY@Y@Y@YW@Y@YJYYw2Yp@YJ_YA%@Y.@Y, @Y, @Y$$@Y"XۡX@XWw@W@W@Ws@Wk@Wj}WYZ@WL+@W3W0{WW V@V@V޾Vm@VIV@VŲ@V`VVV@VLh@V.V$@VVZV VUYU|@UAUȒ@UU@UU4@UUv@U%@U/@U:T@TPTgTܕTء@TO@Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab Andreas Schwab schwab@suse.deschwab@suse.dematz@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dejslaby@suse.comschwab@suse.deschwab@suse.deschwab@suse.deidonmez@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.denormand@linux.vnet.ibm.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.demeissner@suse.comschwab@suse.deschwab@suse.demgorman@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.de- wordexp-param-overflow.patch: wordexp: handle overflow in positional parameter number (CVE-2021-35942, bsc#1187911, BZ #28011) - mq-notify-use-after-free.patch: Use __pthread_attr_copy in mq_notify (CVE-2021-33574, bsc#1186489, BZ #27896)- euc-kr-overrun.patch: Fix buffer overrun in EUC-KR conversion module (CVE-2019-25013, bsc#1182117, BZ #24973)- gconv-assertion-iso-2022-jp.patch: gconv: Fix assertion failure in ISO-2022-JP-3 module (CVE-2021-3326, bsc#1181505, BZ #27256)- iconv-redundant-shift.patch: iconv: Accept redundant shift sequences in IBM1364 (CVE-2020-27618, bsc#1178386, BZ #26224) - iconv-ucs4-loop-bounds.patch: iconv: Fix incorrect UCS4 inner loop bounds (CVE-2020-29562, bsc#1179694, BZ #26923) - printf-long-double-non-normal.patch: x86: Harden printf against non-normal long double values (CVE-2020-29573, bsc#1179721, BZ #26649) - get-nprocs-cpu-online-parsing.patch: Fix parsing of /sys/devices/system/cpu/online (bsc#1180038, BZ #25859)- nscd-senfile.patch: Fix concurrent changes on nscd aware files (bsc#1171878, BZ #23178) - nscd-prune.patch: nscd: bump GC cycle during cache pruning (bsc#1171878, BZ #26130) - syslog-locking.patch: Correct locking and cancellation cleanup in syslog functions (bsc#1172085, BZ #26100)- nptl-setxid-race.patch: nptl: wait for pending setxid request also in detached thread (bsc#1162930, BZ #25942)- glob-use-after-free.patch: Fix use-after-free in glob when expanding ~user (CVE-2020-1752, bsc#1167631, BZ #25414)- dl-sort-maps.patch, dlopen-filter-object.patch: Allow dlopen of filter object to work (bsc#1166106, BZ #16272)- ldbl-96-rem-pio2l.patch: Avoid ldbl-96 stack corruption from range reduction of pseudo-zero (CVE-2020-10029, bsc#1165784, BZ #25487)- pthread-rwlock-pwn.patch: Fix rwlock stall with PREFER_WRITER_NONRECURSIVE_NP (bsc#1164505, BZ #23861) - manual-memory-protection.patch: manual: Document mprotect and introduce section on memory protection (bsc#1163184)- backtrace-powerpc.patch: Fix array overflow in backtrace on PowerPC (CVE-2020-1751, bsc#1158996, BZ #25423)- posix-Add-internal-symbols-for-posix_spawn-interface.patch, glibc-2.29-posix-Use-posix_spawn-on-popen.patch: Use posix_spawn on popen (bsc#1149332, BZ #22834)- ppc-tle-htm-nosc.patch: powerpc: Fix syscalls during early process initialization (SLE-8348, BZ #22685)- s390-strstr-page-boundary.patch: S390: Fix handling of needles crossing a page in strstr z15 ifunc-variant (bsc#1157893, BZ #25226)- prefer-map-32bit-exec.patch: rtld: Check __libc_enable_secure before honoring LD_PREFER_MAP_32BIT_EXEC (CVE-2019-19126, bsc#1157292, BZ [#25204])- GNU1815 - Hardware support in toolchain (bsc#1151582) 0001-S390-Add-configure-check-to-detect-z10-as-mininum-ar.patch 0002-S390-Use-hwcap-instead-of-dl_hwcap-in-ifunc-resolver.patch 0003-S390-Unify-31-64bit-memcpy.patch 0004-S390-Refactor-memcpy-mempcpy-ifunc-handling.patch 0005-S390-Remove-s390-specific-implementation-of-bcopy.patch 0006-S390-Use-memcpy-for-forward-cases-in-memmove.patch 0007-S390-Add-configure-check-to-detect-z13-as-mininum-ar.patch 0008-S390-Add-z13-memmove-ifunc-variant.patch 0009-S390-Add-z13-strstr-ifunc-variant.patch 0010-S390-Add-z13-memmem-ifunc-variant.patch 0011-S390-Cleanup-ifunc-resolve.h.patch 0012-S390-Mark-vx-and-vxe-as-important-hwcap.patch 0013-S390-Add-new-hwcap-values-for-new-cpu-architecture-a.patch 0014-S390-Add-configure-check-to-detect-support-for-arch1.patch 0015-S390-Add-arch13-memmove-ifunc-variant.patch 0016-S390-Add-arch13-strstr-ifunc-variant.patch 0017-S390-Add-arch13-memmem-ifunc-variant.patch- regex-parse-reg-exp.patch: ERE '0|()0|\1|0' causes regexec undefined behavior (CVE-2009-5155, bsc#1127223, BZ #18986) - regex-read-overrun.patch: regex: fix read overrun (CVE-2019-9169, bsc#1127308, BZ #24114)- crt-nocompress-debug-sections.patch: Don't compress debug sections in crt*.o files (bsc#1123710)- ldconfig-concurrency.patch: Avoid concurrency problem in ldconfig (bsc#1117993, BZ #23973)- force-elision-race.patch: Fix race in pthread_mutex_lock while promoting to PTHREAD_MUTEX_ELISION_NP (bsc#1131330, BZ #23275)- japanese-era-name-may-2019.patch: ja_JP locale: Add entry for the new Japanese era (bsc#1100396, BZ #22964)- pthread-mutex-trylock-barrier.patch: pthread_mutex_trylock does not use the correct order of instructions while maintaining the robust mutex list due to missing compiler barriers (bsc#1130045, BZ #24180) - getaddrinfo-parse-ipv4-address.patch: getaddrinfo: Fully parse IPv4 address strings (CVE-2016-10739, bsc#1122729, BZ #20018)- mman-map-sync.patch: Add MAP_SYNC from Linux 4.15 (bsc#1126590) - mman-linux-map-shared-validate.patch: Add MAP_SHARED_VALIDATE from Linux 4.15 (bsc#1126590) - nptl-setxid-error.patch: nptl: Preserve error in setxid thread broadcast in coredumps (bsc#1063675, BZ #22153)- x86-haswell-string-flags.patch: Fix Haswell CPU string flags (bsc#1114984, BZ #23709) - pthread-cond-broadcast-waiters-after-spinning.patch: Fix waiters-after-spinning case (bsc#1114993, BZ #23538)- absolute-symbols.patch: Don't relocate absolute symbols (bsc#1112570, BZ [#19818])- glibc-fix-aarch64-build.diff: Fix build on aarch64 with binutils newer than 2.30.- Add glibc-locale-base subpackage containing only C, C.UTF-8 and en_US.UTF-8 locales (fate#326551)- aarch64-hwcap-atomics.patch: aarch64: add HWCAP_ATOMICS to HWCAP_IMPORTANT (fate#325962)- math-remove-slow-path.patch: Remove slow paths from math routines (fate#325815, fate#325879, fate#325880, fate#325881, fate#325882)- localtime-2039.patch: Fix year 2039 bug for localtime with 64-bit time_t (bsc#1102526, BZ #22639)- i386-memmove-sse2-unaligned.patch: Fix SSE2 memmove issue when crossing 2GB boundary (CVE-2017-18269, bnc#1094150, BZ #22644) - realpath-ssize-max-overflow.patch: Fix overflow in path length computation (CVE-2018-11236, bsc#1094161, BZ #22786) - glibc-fix-avx512-mempcpy.patch: replace with upstream version- Use %license also for COPYING and COPYING.LIB (bsc#1082318)- Add glibc-fix-avx512-mempcpy.patch as quick fix for mempcpy buffer overwrite in memmove-avx512-no-vzeroupper.S for Knights Landing CPUs (CVE-2018-11237, bnc#1094154, bnc#1092877, BZ #23196)- Readd nis to netgroup and automount nss config (bsc#1088860)- res-send-enomem.patch: Fix crash in resolver on memory allocation failure (bsc#1086690, BZ #23005)- Use %license (bsc#1082318)- stack-guard-size-accounting.patch: Fix stack guard size accounting (bsc#1074208, BZ #22637) - libgcc-rtld-now.patch: Open libgcc.so with RTLD_NOW during pthread_cancel (bsc#1074208, BZ #22636)- Mark source0 as nosource in non-main source rpms- Add systemtap-headers to BuildRequires. - Add --enable-systemtap to configure arguments. (fate#324969, bsc#1073636)- memalign-overflow.patch: Fix integer overflows in internal memalign and malloc functions (CVE-2018-6485, CVE-2018-6551, bsc#1079036, BZ #22343, BZ #22774)- fix-locking-in-_IO_cleanup.patch: Skip locked files during exit (bsc#1070491, BZ #15142)- Avoid duplicate source rpm- getcwd-absolute.patch: make getcwd(3) fail if it cannot obtain an absolute path (CVE-2018-1000001, bsc#1074293, BZ #22679)- dl-init-paths-overflow.patch: Count components of the expanded path in _dl_init_path (CVE-2017-1000408, CVE-2017-1000409, bsc#1071319, BZ [#22607], BZ #22627) - fillin-rpath-empty-tokens.patch: Check for empty tokens before dynamic string token expansion (CVE-2017-16997, bsc#1073231, BZ #22625)- tst-tlsopt-powerpc.patch: fix tst-tlsopt-powerpc (bcn#1070419) - powerpc-hwcap-bits.patch: Update HWCAP for powerpc (bnc#1070420) - malloc-tcache-check-overflow.patch: Fix integer overflow in malloc when tcache is enabled (CVE-2017-17426, bnc#1071479, BZ #22375)- Add _multibuild- glob64-s390.patch: no compat glob64 on s390 - noversion.tar.bz2: remove unused source- x86-64-dl-platform.patch: Don't set GLRO(dl_platform) to NULL (BZ #22299)- spawni-assert.patch: Fix improper assert in Linux posix_spawn (BZ [#22273])- math-c++-compat.patch: Add more C++ compatibility (BZ #22296) - malloc-tcache-leak.patch: Fix tcache leak after thread destruction (BZ [#22111]) - falkor-memcpy-memmove.patch: Optimized implementation of memcpy/memmove for Qualcomm Falkor - aarch64-cpu-features.patch: Fix glibc.tune.cpu tunable handling - nss-files-large-buffers.patch: Avoid large buffers with many host addresses (BZ #22078) - sysconf-uio-maxiov.patch: Fix missing definition of UIO_MAXIOV (BZ [#22321]) - glob-tilde-overflow.patch: Fix buffer overflows with GLOB_TILDE (CVE-2017-15670, CVE-2017-15671, CVE-2017-15804, bsc#1064569. bsc#1064580, bsc#1064583, BZ #22320, BZ #22325, BZ #22332) - dl-runtime-resolve-xsave.patch: Use fxsave/xsave/xsavec in _dl_runtime_resolve (BZ #21265)- nscd-libnsl.patch: Remove reference to libnsl from nscd (bsc#1062244)- Drop glibc-obsolete - glibc-2.3.90-noversion.diff: remove - reinitialize-dl_load_write_lock.patch: remove- nss-compat.patch: Move nss_compat from nis to nss subdir and install it unconditionally - nsswitch.conf: switch back to compat for passwd, group, shadow- assert-pedantic.patch: Suppress pedantic warning caused by statement expression (BZ #21242, BZ #21972) - math-c++-compat.patch: Add more C++ compatibility (BZ #22235) - getaddrinfo-errno.patch: Fix errno and h_errno handling in getaddrinfo (BZ #21915, BZ #21922) - resolv-conf-oom.patch: Fix memory handling in OOM situation during resolv.conf parsing (BZ #22095, BZ #22096) - dynarray-allocation.patch: Fix initial size of dynarray allocation and set errno on overflow error - nearbyint-inexact.patch: Avoid spurious inexact in nearbyint (BZ #22225)- math-c++-compat.patch: add more C++ compatibility (BZ #22146)- Remove rpcsvc/yppasswd.* from glibc-devel - ld-so-hwcap-x86-64.patch: add x86_64 to hwcap (bsc#1056606, BZ #22093)- eh-frame-zero-terminator.patch: Properly terminate .eh_frame (BZ #22051)- Disable obsolete libnsl and NIS support - remove-nss-nis-compat.patch: remove nis and compat from default NSS configs - nsswitch.conf: Likewise- math-c++-compat.patch: Do not use __builtin_types_compatible_p in C++ mode (BZ #21930)- Add iconvconfig to baselibs.conf (bsc#1051042)- resolv-context-leak.patch: Fix leaks of resolver contexts - dl-runtime-resolve-opt-avx512f.patch: Use _dl_runtime_resolve_opt only with AVX512F (BZ #21871) - libpthread-compat-wrappers.patch: Don't use IFUNC resolver for longjmp or system in libpthread (BZ #21041)- Update to glibc 2.26 * A per-thread cache has been added to malloc * Unicode 10.0.0 Support * Improvements to the DNS stub resolver * New function reallocarray, which resizes an allocated block (like realloc) to the product of two sizes, with a guaranteed clean failure upon integer overflow in the multiplication * New wrappers for the Linux-specific system calls preadv2 and pwritev2 * posix_spawnattr_setflags now supports the flag POSIX_SPAWN_SETSID, to create a new session ID for the spawned process * errno.h is now safe to use from C-preprocessed assembly language on all supported operating systems * On ia64, powerpc64le, x86-32, and x86-64, the math library now implements 128-bit floating point as defined by ISO/IEC/IEEE 60559:2011 (IEEE 754-2008) and ISO/IEC TS 18661-3:2015 * The synchronization that pthread_spin_unlock performs has been changed to now be equivalent to a C11 atomic store with release memory order to the spin lock's memory location * The DNS stub resolver no longer performs EDNS fallback * res_mkquery and res_nmkquery no longer support the IQUERY opcode * The _res_opcodes variable has been removed from libresolv * no longer includes inline versions of any string functions, as this kind of optimization is better done by the compiler * The nonstandard header has been removed * The obsolete header has been removed * The obsolete signal constant SIGUNUSED is no longer defined by * The obsolete function cfree has been removed * The stack_t type no longer has the name struct sigaltstack * The ucontext_t type no longer has the name struct ucontext * On S/390 GNU/Linux, the constants defined by have been synced with the kernel * Linux kernel 3.2 or later is required at runtime, on all architectures supported by that kernel * The DNS stub resolver limits the advertised UDP buffer size to 1200 bytes, to avoid fragmentation-based spoofing attacks (CVE-2017-12132) * LD_LIBRARY_PATH is now ignored in binaries running in privileged AT_SECURE mode to guard against local privilege escalation attacks (CVE-2017-1000366) * Avoid printing a backtrace from the __stack_chk_fail function since it is called on a corrupt stack and a backtrace is unreliable on a corrupt stack (CVE-2010-3192) * A use-after-free vulnerability in clntudp_call in the Sun RPC system has been fixed (CVE-2017-12133) * fate#322258, fate#321513, fate#322453 - fts-symbol-redirect.patch, glibc-resolv-reload.diff, glibc-2.2-sunrpc.diff, i686-memchr-sse.patch, ld-hwcap-mask-suid.patch, ld-library-path-suid.patch, sunrpc-use-after-free.patch, test-math-vector-sincos-aliasing.patch, tunables-bigendian.patch: Removed- Fix RPM group- s390-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (fate#322271)- ld-hwcap-mask-suid.patch: Ignore and remove LD_HWCAP_MASK for AT_SECURE programs (BZ #21209) - ld-library-path-suid.patch: Completely ignore LD_LIBRARY_PATH for AT_SECURE=1 programs (CVE-2017-1000366, bsc#1039357, BZ #21624)- Remove glibc-cpusetsize.diff, no longer useful- fts-symbol-redirect.patch: Fix symbol redirect for fts_set (bsc#1041123, BZ #21289)- test-math-vector-sincos-aliasing.patch: Fix test-math-vector-sincos.h aliasing- add-locales.patch: renamed from glibc-2.3.locales.diff.bz2, drop en_BE locales (bsc#1039502)- Remove glibc-testsuite.patch, no longer relevant- Use multibuild feature - Remove obsolete check-build.sh - glibc.rpmlintrc: remove obsolete entries - Use %tmpfiles_create in nscd postin- i686-memchr-sse.patch: Fix i686 memchr overflow calculation (bsc#1031021, BZ #21182) - sunrpc-use-after-free.patch: Avoid use-after-free read access in clntudp_call (BZ #21115) - Build testsuite with gdb and python-pexpect to enable more tests- tunables-bigendian.patch: Fix getting tunable values on big-endian (BZ [#21109])- Update to glibc 2.25 * The feature test macro __STDC_WANT_LIB_EXT2__, from ISO/IEC TR 24731-2:2010, is supported to enable declarations of functions from that TR. * The feature test macro __STDC_WANT_IEC_60559_BFP_EXT__, from ISO/IEC TS 18661-1:2014, is supported to enable declarations of functions and macros from that TS. * The feature test macro __STDC_WANT_IEC_60559_FUNCS_EXT__, from ISO/IEC TS 18661-4:2015, is supported to enable declarations of functions and macros from that TS. * The nonstandard feature selection macros _REENTRANT and _THREAD_SAFE are now treated as compatibility synonyms for _POSIX_C_SOURCE=199506L. * The inclusion of by is deprecated. * New features from TS 18661-1:2014 are added to libm: the fesetexcept, fetestexceptflag, fegetmode and fesetmode functions, the femode_t type and the FE_DFL_MODE and FE_SNANS_ALWAYS_SIGNAL macros. * Integer width macros from TS 18661-1:2014 are added to : CHAR_WIDTH, SCHAR_WIDTH, UCHAR_WIDTH, SHRT_WIDTH, USHRT_WIDTH, INT_WIDTH, UINT_WIDTH, LONG_WIDTH, ULONG_WIDTH, LLONG_WIDTH, ULLONG_WIDTH; and to : INT8_WIDTH, UINT8_WIDTH, INT16_WIDTH, UINT16_WIDTH, INT32_WIDTH, UINT32_WIDTH, INT64_WIDTH, UINT64_WIDTH, INT_LEAST8_WIDTH, UINT_LEAST8_WIDTH, INT_LEAST16_WIDTH, UINT_LEAST16_WIDTH, INT_LEAST32_WIDTH, UINT_LEAST32_WIDTH, INT_LEAST64_WIDTH, UINT_LEAST64_WIDTH, INT_FAST8_WIDTH, UINT_FAST8_WIDTH, INT_FAST16_WIDTH, UINT_FAST16_WIDTH, INT_FAST32_WIDTH, UINT_FAST32_WIDTH, INT_FAST64_WIDTH, UINT_FAST64_WIDTH, INTPTR_WIDTH, UINTPTR_WIDTH, INTMAX_WIDTH, UINTMAX_WIDTH, PTRDIFF_WIDTH, SIG_ATOMIC_WIDTH, SIZE_WIDTH, WCHAR_WIDTH, WINT_WIDTH. * New features are added from TS 18661-1:2014: - Signaling NaN macros: SNANF, SNAN, SNANL. - Nearest integer functions: roundeven, roundevenf, roundevenl, fromfp, fromfpf, fromfpl, ufromfp, ufromfpf, ufromfpl, fromfpx, fromfpxf, fromfpxl, ufromfpx, ufromfpxf, ufromfpxl. - llogb functions: the llogb, llogbf and llogbl functions, and the FP_LLOGB0 and FP_LLOGBNAN macros. - Max-min magnitude functions: fmaxmag, fmaxmagf, fmaxmagl, fminmag, fminmagf, fminmagl. - Comparison macros: iseqsig. - Classification macros: iscanonical, issubnormal, iszero. - Total order functions: totalorder, totalorderf, totalorderl, totalordermag, totalordermagf, totalordermagl. - Canonicalize functions: canonicalize, canonicalizef, canonicalizel. - NaN functions: getpayload, getpayloadf, getpayloadl, setpayload, setpayloadf, setpayloadl, setpayloadsig, setpayloadsigf, setpayloadsigl. * The functions strfromd, strfromf, and strfroml, from ISO/IEC TS 18661-1:2014, are added to libc. * Most of glibc can now be built with the stack smashing protector enabled. * The function explicit_bzero, from OpenBSD, has been added to libc. * On ColdFire, MicroBlaze, Nios II and SH3, the float_t type is now defined to float instead of double. * On x86_64, when compiling with -mfpmath=387 or -mfpmath=sse+387, the float_t and double_t types are now defined to long double instead of float and double. * The getentropy and getrandom functions, and the header file have been added. * The buffer size for byte-oriented stdio streams is now limited to 8192 bytes by default. * The header now includes the header. * The malloc_get_state and malloc_set_state functions have been removed. * The “ip6-dotint” and “no-ip6-dotint” resolver options, and the corresponding RES_NOIP6DOTINT flag from have been removed. * The "ip6-bytestring" resolver option and the corresponding RES_USEBSTRING flag from have been removed. * The flags RES_AAONLY, RES_PRIMARY, RES_NOCHECKNAME, RES_KEEPTSIG, RES_BLAST defined in the header file have been deprecated. * The "inet6" option in /etc/resolv.conf and the RES_USE_INET6 flag for _res.flags are deprecated. * DNSSEC-related declarations and definitions have been removed from the header file, and libresolv will no longer attempt to decode the data part of DNSSEC record types. * The resource record type classification macros ns_t_qt_p, ns_t_mrr_p, ns_t_rr_p, ns_t_udp_p, ns_t_xfr_p have been removed from the header file because the distinction between RR types and meta-RR types is not officially standardized, subject to revision, and thus not suitable for encoding in a macro. * The types res_sendhookact, res_send_qhook, re_send_rhook, and the qhook and rhook members of the res_state type in have been removed. * For multi-arch support it is recommended to use a GCC which has been built with support for GNU indirect functions. * GDB pretty printers have been added for mutex and condition variable structures in POSIX Threads. * Tunables feature added to allow tweaking of the runtime for an application program. * A new version of condition variables functions have been implemented in the NPTL implementation of POSIX Threads to provide stronger ordering guarantees. * A new version of pthread_rwlock functions have been implemented to use a more scalable algorithm primarily through not using a critical section anymore to make state changes. * On ARM EABI (32-bit), generating a backtrace for execution contexts which have been created with makecontext could fail to terminate due to a missing .cantunwind annotation. (CVE-2016-6323) * The DNS stub resolver functions would crash due to a NULL pointer dereference when processing a query with a valid DNS question type which was used internally in the implementation. (CVE-2015-5180) - Enable stack protector if part of %optflags - startcontext-cantunwind.patch: Removed - cpuid-assertion.patch: Removed- cpuid-assertion.patch: Don't assert on older Intel CPUs (BZ #20647)- glibc-2.3.3-nscd-db-path.diff: Move persistent nscd databases to /var/lib/nscd - glibc-2.3.90-langpackdir.diff: simplify- Update to glibc 2.24 * The minimum Linux kernel version that this version of the GNU C Library can be used with is 3.2 * The pap_AN locale has been deleted * The readdir_r and readdir64_r functions have been deprecated * The type `union wait' has been removed * A new NSS action is added to facilitate large distributed system administration * The deprecated __malloc_initialize_hook variable has been removed from the API * The long unused localedef --old-style option has been removed * nextupl, nextup, nextupf, nextdownl, nextdown and nextdownf are added to libm * An unnecessary stack copy in _nss_dns_getnetbyname_r was removed (CVE-2016-3075) * Previously, getaddrinfo copied large amounts of address data to the stack, even after the fix for CVE-2013-4458 has been applied, potentially resulting in a stack overflow. getaddrinfo now uses a heap allocation instead (CVE-2016-3706) * The glob function suffered from a stack-based buffer overflow when it was called with the GLOB_ALTDIRFUNC flag and encountered a long file name (CVE-2016-1234) * The Sun RPC UDP client could exhaust all available stack space when flooded with crafted ICMP and UDP messages (CVE-2016-4429) * The IPv6 name server management code in libresolv could result in a memory leak for each thread which is created, performs a failing naming lookup, and exits (CVE-2016-5417) - startcontext-cantunwind.patch: mark __startcontext as .cantunwind (bsc#974800, BZ #20435) - Removed patches: * 0001-Updated-translations-for-2.23.patch * 0002-Regenerate-libc.pot-for-2.23.patch * 0003-Regenerated-configure-scripts.patch * 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch * 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch * 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch * 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch * 0008-Update-NEWS.patch * 0009-sln-use-stat64.patch * 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch * 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch * 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch * 0013-Mention-BZ-19762-in-NEWS.patch * 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch * 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch * 0016-Fix-resource-leak-in-resolver-bug-19257.patch * 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch * 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch * 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch * 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch * 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch * 0022-configure-fix-test-usage.patch * 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch * 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch * 0025-getnameinfo-Do-not-preserve-errno.patch * 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch * 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch * 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch * 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch * 0030-hesiod-Remove-RCS-keywords.patch * 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch * 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch * 0033-malloc-Remove-NO_THREADS.patch * 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch * 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch * 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch * 0037-malloc-Add-missing-internal_function-attributes-on-f.patch * 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch * 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch * 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch * 0041-nss_dns-Check-address-length-before-creating-addrinf.patch * 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch * 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch * 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch * 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch * 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch * 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch * 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch * 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch * 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch * 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch * 0052-Fix-tst-dlsym-error-build.patch * 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch * 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch * 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch * 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch * clntudp-call-alloca.patch * glibc-memset-nontemporal.diff * nis-initgroups-status.patch * nscd-gc-crash.patch * robust-mutex-deadlock.patch * strncat-avoid-array-bounds-warning.patch- strncat-avoid-array-bounds-warning.patch: Avoid array-bounds warning for stncat on i586 (BZ #20260) - Update glibc.keyring - Unset MALLOC_CHECK_ during testsuite run- nsswitch.conf: Add fallback to files for passwd and group to prepare for libnsl removal.- nis-initgroups-status.patch: Return proper status from _nss_nis_initgroups_dyn (bsc#984269, BZ #20262) - robust-mutex-deadlock.patch: Fix generic __lll_robust_timedlock_wait to check for timeout (bsc#985170, BZ #20263)- nscd-gc-crash.patch: Fix nscd assertion failure in gc (bsc#965699, BZ [#19755])- clntudp-call-alloca.patch: do not use alloca in clntudp_call (CVE-2016-4429, bsc#980854, BZ #20112)- Import patches from 2.23 branch 0001-Updated-translations-for-2.23.patch 0002-Regenerate-libc.pot-for-2.23.patch 0003-Regenerated-configure-scripts.patch 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch 0008-Update-NEWS.patch 0009-sln-use-stat64.patch 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch 0013-Mention-BZ-19762-in-NEWS.patch 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch 0016-Fix-resource-leak-in-resolver-bug-19257.patch 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch 0022-configure-fix-test-usage.patch 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch 0025-getnameinfo-Do-not-preserve-errno.patch 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch 0030-hesiod-Remove-RCS-keywords.patch 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch 0033-malloc-Remove-NO_THREADS.patch 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch 0037-malloc-Add-missing-internal_function-attributes-on-f.patch 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch 0041-nss_dns-Check-address-length-before-creating-addrinf.patch 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch 0052-Fix-tst-dlsym-error-build.patch 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch - CVE-2016-3075 CVE-2016-1234 CVE-2016-3706 bsc#973164 bsc#969727 - resolv-mem-leak.patch: renamed to 0016-Fix-resource-leak-in-resolver-bug-19257.patch - no-long-double.patch: renamed to 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch - glibc-gcc6.patch: renamed to 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch- glibc-c-utf8-locale.patch: fix bad standard in LC_IDENTIFICATION categories - glibc-2.3.locales.diff.bz2: likewise- glibc-gcc6.patch: Suppress GCC 6 warning about ambiguous 'else' with - Wparentheses- Add compatibility symlinks for LSB 3.0 (fate#318933)- powerpc-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (bsc#967594, fate#318236)- ldd-system-interp.patch: Restore warning about execution permission, it is still needed for noexec mounts (bsc#915985)- Add C.UTF-8 locale (see https://sourceware.org/glibc/wiki/Proposals/C.UTF-8) and rh#902094 . Added with glibc-c-utf8-locale.patch. - Add glibc-disable-gettext-for-c-utf8.patch to disable gettext for C.UTF-8 same as C locale.- Move %install_info_delete to %preun - crypt_blowfish-1.3.tar.gz.sign: Remove, the sign key is no longer acceptable- no-long-double.patch: Don't use long double functions if NO_LONG_DOUBLE- Update to glibc 2.23 release. * Unicode 8.0.0 Support * sched_setaffinity, pthread_setaffinity_np no longer attempt to guess the kernel-internal CPU set size * The fts.h header can now be used with -D_FILE_OFFSET_BITS=64 * getaddrinfo now detects certain invalid responses on an internal netlink socket * A defect in the malloc implementation, present since glibc 2.15 (2012) or glibc 2.10 via --enable-experimental-malloc (2009), could result in the unnecessary serialization of memory allocation requests across threads * The obsolete header has been removed * The obsolete functions bdflush, create_module, get_kernel_syms, query_module and uselib are no longer available to newly linked binaries * Optimized string, wcsmbs and memory functions for IBM z13. * Newly linked programs that define a variable called signgam will no longer have it set by the lgamma, lgammaf and lgammal functions - Removed patches: * dont-remove-nodelete-flag.patch * openat64-readd-o-largefile.patch * mntent-blank-line.patch * opendir-o-directory-check.patch * strcoll-remove-strdiff-opt.patch * ld-pointer-guard.patch * tls-dtor-list-mangling.patch * powerpc-lock-elision-race.patch * prelink-elf-rtype-class.patch * vector-finite-math-aliases.patch * powerpc-elision-adapt-param.patch * catopen-unbound-alloca.patch * strftime-range-check.patch * hcreate-overflow-check.patch * errorcheck-mutex-no-elision.patch * refactor-nan-parsing.patch * send-dg-buffer-overflow.patch * isinf-cxx11-conflict.patch * ibm93x-redundant-shift-si.patch * iconv-reset-input-buffer.patch * tzset-tzname.patch * static-dlopen.patch- isinf-cxx11-conflict.patch: Fix isinf/isnan declaration conflict with C++11 (bsc#963700, BZ #19439)- tls-dtor-list-mangling.patch: Harden tls_dtor_list with pointer mangling (BZ #19018) - prelink-elf-rtype-class.patch: Keep only ELF_RTYPE_CLASS_{PLT|COPY} bits for prelink (BZ #19178) - vector-finite-math-aliases.patch: Better workaround for aliases of * _finite symbols in vector math library (BZ# 19058) - powerpc-elision-adapt-param.patch: powerpc: Fix usage of elision transient failure adapt param (BZ #19174) - catopen-unbound-alloca.patch: Fix unbound alloca in catopen (CVE-2015-8779, bsc#962739, BZ #17905) - strftime-range-check.patch: Add range check on time fields (CVE-2015-8776, bsc#962736, BZ #18985) - hcreate-overflow-check.patch: Handle overflow in hcreate (CVE-2015-8778, bsc#962737, BZ #18240) - errorcheck-mutex-no-elision.patch: Don't do lock elision on an error checking mutex (bsc#956716, BZ #17514) - refactor-nan-parsing.patch: Refactor strtod parsing of NaN payloads (CVE-2014-9761, bsc#962738, BZ #16962) - send-dg-buffer-overflow.patch: Fix getaddrinfo stack-based buffer overflow (CVE-2015-7547, bsc#961721, BZ #18665) - powerpc-lock-elision-race.patch: renamed from 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- Add audit-devel and libcap-devel to BuildRequires, for use by nscd- reinitialize-dl_load_write_lock.patch: Reinitialize dl_load_write_lock on fork (bsc#958315, BZ #19282)- resolv-mem-leak.patch: Fix resource leak in resolver (bsc#955647, BZ #19257) - tzset-tzname.patch: Force rereading TZDEFRULES after it was used to set DST rules only (BZ #19253)- glibc-2.3.90-noversion.diff: use stat64- ld-pointer-guard.patch: Always enable pointer guard (CVE-2015-8777, bsc#950944, BZ #18928)- strcoll-remove-strdiff-opt.patch: Remove incorrect STRDIFF-based optimization (BZ #18589)- iconv-reset-input-buffer.patch: Fix iconv buffer handling with IGNORE error handler (BZ #18830)- new patch [BZ #18743] PowerPC: Fix a race condition when eliding a lock 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- nss-files-long-lines-2.patch: Properly reread entry after failure in nss_files getent function (bsc#945779, BZ #18991)- fnmatch-collating-elements.patch: Fix fnmatch handling of collating elements (BZ #17396, BZ #16976)- opendir-o-directory-check.patch: Fix opendir inverted o_directory_works test - static-dlopen.patch: Static dlopen default library search path fix (bsc#937853)- mntent-blank-line.patch: Fix memory corruption w/blank lines- dont-remove-nodelete-flag.patch: Don't remove DF_1_NODELETE flag from all loaded objects on failed dlopen - openat64-readd-o-largefile.patch: Readd O_LARGEFILE flag for openat64- Update to glibc 2.22 release. * Cache information can be queried via sysconf() function on s390 * A buffer overflow in gethostbyname_r and related functions performing DNS requests has been fixed. (CVE-2015-1781) * The time zone file parser has been made more robust against crafted time zone files * A powerpc and powerpc64 optimization for TLS, similar to TLS descriptors for LD and GD on x86 and x86-64, has been implemented. * Character encoding and ctype tables were updated to Unicode 7.0.0 * Added vector math library named libmvec * A new fmemopen implementation has been added with the goal of POSIX compliance. * The header is deprecated, and will be removed in a future release. * bsc#905313 bsc#920338 bsc#927080 bsc#928723 bsc#931480 bsc#939211 bsc#940195 bsc#940332 bsc#944494 bsc#968787 - Patches from upstream removed * htm-tabort.patch * o-tmpfile.patch * memcpy-chk-non-SSE2.patch * pthread-mutexattr-gettype-kind.patch * powerpc-software-sqrt.patch * static-tls-dtv-limit.patch * threaded-trim-threshold.patch * resolv-nameserver-handling.patch * nss-separate-state-getXXent.patch * aarch64-sigstksz.patch * heap-top-corruption.patch * pthread-join-deadlock.patch- pthread-join-deadlock.patch: Use IE model for static variables in libc.so, libpthread.so and rtld (bsc#930015, BZ #18457)- glibc-nodate.patch: fix verification of timestamp- also filter out -fstack-protector-strong- getaddrinfo-ipv6-sanity.diff: Remove. It breaks services that start before IPv6 is up (bsc#931399) - glibc-2.3.locales.diff.bz2: Remove sh_YU locales, fix currency for en_BE.- Add /usr/include/gnu/lib-names-.*.h to baselibs - pthread-join-deadlock.patch: Don't require rtld lock to store static TLS offset in the DTV (bsc#930015, BZ #18457) - heap-top-corruption.patch: Do not corrupt the top of a threaded heap if top chunk is MINSIZE (BZ #18502)- threaded-trim-threshold.patch: Fix regression in threaded application malloc performance (bsc#915955, BZ #17195)- aarch64-sigstksz.patch: Increase MINSIGSTKSZ and SIGSTKSZ (BZ #16850)- powerpc-software-sqrt.patch: Fix powerpc software sqrt (BZ #17964, BZ [#17967]) - nss-separate-state-getXXent.patch: Separate internal state between getXXent and getXXbyYY NSS calls (CVE-2014-8121, bsc#918187, BZ #18007) - static-tls-dtv-limit.patch: Fix DTV race, assert, DTV_SURPLUS Static TLS limit, and nptl_db garbage (bsc#919678, BZ #17090, BZ #17620, BZ #17621, BZ #17628)- resolv-nameserver-handling.patch: Replace with simpler version with more compatibility- memcpy-chk-non-SSE2.patch: Fix __memcpy_chk on non-SSE2 CPUs (bsc#920084)- resolv-nameserver-handling.patch: Rewrite handling of nameserver configuration in resolver- htm-tabort.patch: Fix TABORT encoding for little endian- Update to glibc 2.21 release. * A new semaphore algorithm has been implemented in generic C code for all machines * Added support for TSX lock elision of pthread mutexes on powerpc32, powerpc64 and powerpc64le * Optimized strcpy, stpcpy, strchrnul and strrchr implementations for AArch64 * i386 memcpy functions optimized with SSE2 unaligned load/store * New locales: tu_IN, bh_IN, raj_IN, ce_RU * The obsolete sigvec function has been removed * CVE-2015-1472 CVE-2015-1473 CVE-2012-3406 CVE-2014-9402 CVE-2014-7817 bsc#864081 bsc#906371 bsc#909053 bsc#910599 bsc#916222 - Patches from upstream removed * ifunc-x86-slow-sse4.patch * pthread-mutex-trylock-elision.patch - o-tmpfile.patch: Fix value of O_TMPFILE for architectures with non-default O_DIRECTORY (BZ #17912)- Update to crypt_blowfish 1.3. * Add support for the $2b$ prefix. - ifunc-x86-slow-sse4.patch: Fix misdetected Slow_SSE4_2 cpu feature bit (BZ #17501)/bin/sh/bin/sh/bin/sh/bin/shunscdlamb09 1634048575 2.26-lp152.26.9.12.26-lp152.26.9.12.26-lp152.26.9.1 0.48nscd.confnscdnscd.pidsocketnscd.servicetmpfiles.dnscd.confnscdrcnscdnscdgrouphostsnetgrouppasswdservices/etc//run//run/nscd//usr/lib/systemd/system//usr/lib//usr/lib/tmpfiles.d//usr/sbin//var/lib//var/lib/nscd/-fomit-frame-pointer -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:17041/openSUSE_Leap_15.2_Update/6b5b8360dae1627a15213e578d1ea84e-glibc.openSUSE_Leap_15.2_Updatecpioxz5i586-suse-linux ASCII textdirectorycannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp152.26.9.1.i386/run/nscd/nscd.pid' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp152.26.9.1.i386/run/nscd/socket' (No such file or directory)ELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, BuildID[sha1]=74c8c91dfca2181197a4d951b794540acde85ef7, for GNU/Linux 3.2.0, strippedcannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp152.26.9.1.i386/var/lib/nscd/group' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp152.26.9.1.i386/var/lib/nscd/hosts' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp152.26.9.1.i386/var/lib/nscd/netgroup' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp152.26.9.1.i386/var/lib/nscd/passwd' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.26-lp152.26.9.1.i386/var/lib/nscd/services' (No such file or directory)RRRR RRR RR RR RR RRRRRRRRRRRRRF]/hHeutf-82935ea94097fa246637f088809cba8bbfea9b41dfb43ffe373ddfde35eabb75b?p7zXZ !t/Hv] crv(vX0PansxJ ]z4ڜ37utvB]=4[ OPvV{+`m>6+\K<y 3q[/YST<^@uڙ*@ 6`{W@EEQ{|/m !@ye=ߺ>u=MQOٲfaⲍP(c"4϶*|f8 [Y=>iưE2VYFa#5Q_IAf@+!? Wτ1W<TT/7aEa q_fx-X\fy|g\?j,Q2 :ի|ͯ.aw(*K@$-悺.6UD>Tt틞=ŝ̌&V6^B&|4{4~L"%\֎{&]H2SIǕ}7{*aef \tppIi7itS_!"H>g4HcBk-m0KWL`nlp\0leB} kjtRZFxhKlf76;Sm$^Qņ#7#1(,ˊƠ; :8Ok/I~?"dQ8YT&}YC9*F53|L}HUC"B!N@'D!-ՅmKAV%Q?kr27Vr14GRɁ@b&JLl*CO$ " KZMfphNٱF6_!Kr Zj>o%( F,h,24L4MSf곞j~XO/LB|He!!E.D 5Gyh,N lNuK,y A߼ x l)HcIϋ&4#߱Ƒ _*DŽl T״T*iRYNT}諂rUb$ ڵ.MmO]O1:lhi14:nwO Veħ-dK`"B{~N??8hު"F(FM΁ NFHI 5j_)E6FQpKsfL;nc2y󱦭|@AX!rEϋu=B |;qYi!'ڠS*]DGeeomNxU'$j0L(FPGëb!oh['W7Uf,fH:\y=דQ~N?N$L}?ojc9X|JnLZ9\K>B[1潭F|2Ix1U1O9="aM=7((0%bnIj6/$*Gv n.3  =¤@8$e ęu-ȩKؘofD/Z4%!ox4D}!dM_]ϫbOIR{X~YReC/ Lոg̀.x35χ`]P7P{7 b~,iHfmeA~\~~7 ƸTe{]E[!hyu7.wc:y["um!?]nw0>GX^utp5&xV1j&F@#wH{ß2\sr3XO}(vgI?>3*3\aUlis/" ?~,^1ܻGmLյSk % Gңk{7]Y!} )tCWҩ{WfP 1 N3gi\+é%"oCe#GN07)THC!](ѭg{)ҹ,uq1;C@Z'׌%UJ/ o.SD+ncroD T"٭1͊υau86xgތE ή*G!o+M5'rUTӀu_ Ɇ!^4K& h:Z]3t89OKO*.rJuX>:R%[ԗ<T#ds0H^u]`?k*F=,'ִTqœ%c3*mR'"k! rd\0gJP"2{ Ial@1!ɾȤ_bD)ۼ#nam3EQ MCManof $,rUd+I^OGf¹WPسz!Q㓩9=ڿ^UbOwJIu{O#aJctN[yL@#MyӆiDF_wxe6Yz0AUϰKNƟ!Cv2~ Olvۢ %bRsjPwH~c{/@z N#KZOJU891YT;3XHH#y 5!EKtG&ͼ;<[^l)0qJނU2։"Ȋu8R/oK yH Ur!ߪxTob:Hi\,I!a r ex_wUY/MjavCKMJWU)}X8[;q,ȃkN_t`1"$&坹Lɉ1UĹÃsq ^>ܩ _J:zx2if*Fёt̼8c %HTO>>\^Y} K8hBipPIGPHrW%1߳qN8 1[WvA)W x 4}id(e+ zmBl<󸧴em?Hc E9%v x'yE!Y1/5"1]5MSX}+aSZK%zI9Q m Oy7BnDž_0PM!Z=,sXG R> %bt(E:hSxEME6ix\n+B7V hbm5NG4:fX~Gvf0q;Wy EGCpj `vֱ:E&#ܬFe~ q 蛤u{;pn)QuG=YŞ z ho\V?t?ƅKksGy<8Z_K8ºx,ZAH*x;۝ȵi`LHd(aˎbd38( WgJ[ Ëo!B{ RAa:c eUZ딒/Xo;9.u&\!@t2ӿ;x i"M)Sz8y;:9&~^ 0X-苬{*ڤ}$n,O^hߊdjf %r|Zӥ;v/ᴲR Lk>؆`FBMcVI,A"=v{l_^jҶ'PAܖ?鰅/в.W艣Q  p] ܽm* G9^~qYWh?l+<͖BCrodDvzhF$ ?AΙe6O+U?><]y@M?&6M@Iv;$1QjASSV?*bO}}qV,(~&kJM"d| g*eZ-7#o{A*Hf=B@fsEX01='|uQ;pNd.-gRS"JxHT[uN)utIg('ffd!;Y1 SEݙ2krlnٗg :~ #^*2@5t0;6/k;l++lhйKgFjm`*[݈.x<TI&m>fp>@d/}i_acДBu e[;a?ZFA*xm/8TuEs6R َs}$1[gͩ _tv\"C||cj1a?em3: _Xi:-KO\YLl;VȞcHR!bhlD{E}<]19Z/ad M҆nhҿ0{(2j`0<[ Wiĉ9r7H۵::4MJܟ :u/hcFjl-#J Dhw}r.Zv6fjK JAp@xʹsx9s<Îן_خ&a̷+O4 So)(tXt hH4g0Ouڳ#'9NE-qHq ^`. \%b`оf)/ͱ]؆)3qĂr7"YJr0QBK@cĽt ҕEp/_sXϲ&k0#zC8-_z' _ 5ו\7q_@z$]"UZʩx0䧱\&w V/.]f_&ٷY\!F{ݶX؄MVidN4[>\ wOzRע:M1 Y ._74K``H-?z1FPt#nTHn ٳpR=Ŵ3+G*2O;b]So[ZqĽ~yl{ F>=sq$P !3uc'm`:Lv+b$G֍0)H?RP XxÅ|`*;cy"4ۊf{ 5IyርN<[| Xq+"ŊB57R69Tc]1D^N*!u $\1?I7]7D9-j/xoK'uAAtu˽ٍa|j"ff-=y0'h5|K;lr/iq>!N )ĸnX+oN/Zo]=4_ku:nwIdD!o57gyDl&!>- @QMp]3nVh K܅#Zb|6PwBۋoEsCb5mDTEbڲ4 Ψv2]Mߙ9rCˡԩ|-.6PKF* ΰog D#ǐ>`^p5삯>vT Lh(nOkI'C6};iAa8Epoo9v(}1d^CRXf%4TJj֐֏\L.*s{֡ePa5nBׅފ?j--9V8MBuxc|?`Dl[#-q V}G3vZV<\04uJP` II:-T̹ק8mƞ{/Rz/>tVhS.3|QV!b_d ؕT699x3*[ Qaw/r?IMb |xʨO;=;!#S⨷D+B9HR)蒼\b'd8 ᷓ.@W:m&۸ą\J]qE!~ Ն5o@14LjE&j%}]xՉ8+b'cD5"_I[ƣle!K?跇Pk< x}J/!T~I]VL J^G]ٍ,ukG:`aeRQ;pH=E+(u~)B KjQ3$9Ugm `q9\%͆d1':$p#26>8@.ɺKaogMNrU(z@F^'Jiת*wj0'ZQBicꌼE+GAWq?((d eD JVR yNH{mM!12WW9;g@'hV3 qMJYTfx~Xw+-SՉR}(*nj.pڈg'99kP=vb#:LzGLI Y^iy@xt(D}j7jS ӞWy ApعI? u0TT(+;Qrt !{ۨ EWLefd;X ,OB6Z J',5I:gHr&/,Qꯘrۈ?$KۢيfCӥYng)Kٌ_\#읝a<\^h#D}Z3-D&ϯ-a=`} s|cHN:S<ʝ$鐓@NoTn#oɜ̚퍺߾Qe&K&ɖAhxU:ܮB6wL7(A!F&_5DzA.Ć-N3X8G/Je]TbxOE]0u)M!z.M5F_6v έ(H b#+Lnl* tG!p*u?F$nhF/ݒt :J:hn;JuR5N GnzpJe EW\2O7@t~͖UAX[葪qw3Hڏ:?cLFL 6O[QOqaJЂKږ`%<)dCDq*>plDɷze_sI jw-) ;?ݸ:$ 6OFd<=~{N\:cM2N\S['{pIḏRD?سvZQ^2[ӝ(^d`˷8MfܰXרe&2Ӈo!(Sl ៪YHwR!EWFYkXG8VRR$_&8P-pfta$NƩtIoͅ#mH"N0!x;}@aR&KNv fvy.Fs$OqĎX6~wenG/L^JT-\‹@iXu8_kI0t9bP4^QÙ 'V nA?}l聁N1wbk? GdgPe'nlO<&x'Z~I!? K':Y=Mڂ9k*M׈Kp^\D%h٧_W<4쇬\Ԃ>ucA{ K|)$>ekl \IJzqejM -o*/epS:r:QmhfޫZ&]&LX>KT( (A}z7k3ݝ62pM <ɂ.Fב/聯:("xy\sm>3Fʹa:elipM0G"+eSVt%3v(QDUt/md5'4ث5D#ӱ.S+}2c#7 ŎhG_P jwH+J^5C#á uKajOZ$.^A~Ad{SbX#[HDGϜٶF,Tgtf-3ůE/36.oMKOIV>1b-zn&ivҖ-;,J_JC|X}X5p{€"4>ی֔ǽteXŚ L[WgBZa^W*݌/p{GCLelew+FOv""qvoMM{u<[A̅V(,KCQ?VX=aW HsȜ@)pk$ɡ ^f&ԨÁ;˳c|4RJk7&f/]]sJMx"rw׍sHZc %7"Y"{w?8\Yax&羥@b pStHb}8Qн ;T9g#>6*i=ëOsEa/~gRN)cWTi֜'Bkv9}Cb3dFWyOћ6h|Pplslwoοd>y~7>;q+aS7x4OR.T?k@EBUFny"3FF]Fp6B;_0_M'_nU Eθo a]#@`.ˢ>3_:}%Bxa&o`FQ.0|bSC4ΛARGFҍ ގ.&D`篺9yGhg/HT C3` vqt1kE<2}o1lW+W5֝74CZz՝b--x~2,W|㨲xg*ǁ)4jt&A+<INj-PeկgiTrJDuO:BZdVG@Iu(cpӏz DK4;)737oz%RsN4hZo ɪS#NW(̴3~ ~nD;,T-/blw ֮N8;VT> i0hOB;eWQ8&J+FͰN+:H +C_xٹB?L8{edK^XvM:P.)*J, Xa*ň gUh  рdeک;,cik'zw*X:VH;6fsӌ7~ LZ9_DxN s[K+ȳš4[YS|e t-vxuF^"6>Eк\'-7fJmM5b8ɳMFvW$3 g er"yroP U2> |3]1C]ٞFRR@_$bU_ٹn}EA3Fy%ǣ7*5:rƷ_wbg%׎b>IZm vJrvQ1@@?ѳ;W6'ɢ SHU#?'٭nXJCH۰֫lM-Kٖ^*٤=Q!B-^6W*7SE e[Z.ln+b7#5Pұ9_m!F."A)H:oݪҩj)g XGXbaOW%evi5KX2gt?I)&܊bRat8uzM=EcI XHs‰·HV>/ٗ.weTQ]d?<N&]hWF99Pg^J(UCqN = Ly4} )wY)Q޷^Uڨh<c+xfgUsވ\´ ]StWn~C&i uPb1GsEw{ƖԭG Tvx/$f>̴Mnue^T9YN"d9֮$P/z1 x/v]o]wVɐR6ysG~b PDٷ4?J}:00(iD~dؐJ,JFX8%Ob|(y\)6l0_DdъTҰ*=Va$[h)&?{<%L%Lx]8ADfOFr/Ql:k26wՂrǚRsOD)nVaw^:ŀw;g5N {$ 3USpՆLYZlRGVvr8SyVE+\zE`7*`2qwf̢sJZޭ`??%ǰr:*p@G6kTL6Cj)lI)jdh=seMATqK=[Q$f4'V(vyv%cdeR[vy=pT.U)B4/X 㠆}+sY/9EjbވQBQȠ#b/e2!Ipv'Mɉ̫K~ '  Z<5Ĵ `)8 /1?w(YHdƑșc_;u v|.TUՌͶ5Mn X0f<4*Z4NFIz{R\g{)rXӗvT0YWNKOs Wv T ͷdN.'= @P\>@F 4}OJ`D,#FGJ%LKKW$@96(^h$М:=:gR Sl/H6SJZzxS T eKKُ]d/7J, x)w+gm=Ji]FP5X_EJẉG[".b8]ݐ1nO2h2:ڕPx 4 vgL]6Ϯ <|d4)@3BCD8+lC'2jM+tb崃r W/*((JCnTcN2ⷅ?ytw}A 2MĈwیYz{B/NPB'k qQ8@7ɫ^S=K,Y1ȼ)gbQ,wXߜHnD{WEXe?Â& $|fS9wD6|̪NDl8:2%n&O=A8%@/_͖LXڂŶ>`t-)R2QΜ_.MbUν|57ϼ̨M6Q.I14Tk+C'jl!?kXPVAHox5|>Xe/~%=Ё16\|23Po Bn{)Vڙ#0s~E mG|ce-kXP]$(F?lmɐ]D ;%fZ03~LIukJ['?Wõ eBm4J{u3Q(m\܃[h7qO1#cp.*U$X#%yѩbq>D\qUGamfRAit}.4HPnTP9|g0/HP :^h܏&z%hwhu"A5z.fOj1_ aGY;(5kV%lun6Шb T?57eY%yXY=HWk? #X{8 (MeQ9 [͜;Rmi^gY syI O&i9^ePf&?H57}b^`%84 >J-d&D{kMҾ8aV}Lek}cy>spqyӠ@ciWh HvL@g P|`Hyԧm2aRsͻ5b\rA8Jʟ_O&ˍ` |Dl=ELVn'-dsMDBoQCnSR+oƁNxK(+u[Hh%;4Q1ٙ0_ aPD;X+i'0er9rx9YbsgX\d'9\@^^MKDT /w fO4+2[&}"Q#JdE?6Fp5]19Kit1 >uYy%̎7_RK$ qid _15]va^1;3l#]|0+sH\QNJ4Sؐ@T[UcѩL(Nvl]cE=uܒXYΊ)C@Qe?4xэՠBUbx"e XTӻ>:2&YOtHfj5͕f6[;e'N4k;)pTȽV96G }Oảc w,:YexZRBeB^w؝v^TV=NLL0|QenMd<҄,Gp߿dX>,]dcs QЙv<5 2`e7 UfB\٦!Z3m9ڄ/42Wi0KfM%#c..n0Q}5b!(gjO E޼+;sF)ƈ]GM ׮9x)v?hދW~+ ml ~-iK$hHb&'}\u Vf\ӣ$DT<ũu\[1.W.H]D7:㥧u49=P~ښ"ZI>f9,`RS1#*xz;8uN~l%62݀!hCD5CȔXٕ6[hcw&?ﭹpV{7JJO"w|0,| '(JTW L3/s! A2R(zNlD6q$~,Z99'U!Jlhٚ'bIo"G x1H֭.鋴T"$s\r`*Zu"Fw+œS(%y)],tÚN͹~Z \O4Qy#5@=SEXy) *T<~Ѝ+2po7,WÍnluKdhԤ̰S)I VzqG99:rԏWZf\8YId2\(u2@qYkml HǷTsi^XH 0~ɲ$`;~Ayּ@KGu iXRm"ژ'1`}c٥XL,џCw"=AT?drs1 W3r).1=->b1M7>ItFym]GtPE@d3[|۸'j̮#0un@dڀLmKs7Yvݐ3La؂}8dbtNUVr;OVSW.݁;7 n.M@1#\O8 'Ĉ2 6QF^0q럆ˊ7Cj{ްwL?> B9Х7_4jXf7;9yI%Kuc'O܇|Vk~#û\BaZ̨p<eVvK)&#rAT{2}5pT|~Bf j uc`%> Yba R](Y g)MCۀ 5gc"p4la>Mys;&  As%^k&jVY JA Ejnklq=b0L׸Rcf]XFNïiY$Ks%?ļ*++7x2¼| %2{e"Ε Xr+-a@ ^7a?~jG?)PA{ +e dҽ3 }<>S9 <G0GW Sxi%&?@#> 򳱘\1]{YMQi{ ظb7{rGmヲSOZggѡHok^`x>ދ۵_FIO%{GȥhHgs@h".: :W5LCεǔhdM Z.?2uQ\eգ {ƕ=&5#ZeuE%0عR`]ͬ^e´#ַSxap>_l)K`xuU˱Ȃs6NU׭:)A\WjV`RR#.$<^4CX(H)<['5/QEQ9oE (őXIRF%)֕j+oςttញLYʷrdԻl4'>ɼHƄ\1ts^G~)ƴ+klPmj9hI&Ώl@2yUdJW)׀)l#!3Dk^&zLZ=#ox{P=alftJT_yitN\^*XJ{"m@b63LT_t\=ն| fP\Ǥ*'l*c,uxMeB NGrՀj-Y K.bNLa$56e&UEj hl@oV=l@Hxx=[SM7X15^X oDkّHl5eS,8aĝj; M! ה Üg-ņ$`&0|TD̩N:x[GXBkz3"@ZY;gŸ)Cw'4%xee 炑[޼uut-񜅂cR-3*\ٝPTF-pׄkEh0Ips+<W鈬, ?Xta5WaH~A@gGI[YTwfIĹ݁1(+@w,  mQR }*`oc ѩla/]j&[=LUp Xl y{hmܿ_=[(t৥|عεq3H pn0j6ޚՊz |XN| ``")+ŀBkbJ4gEy|>jb  -`^#ƺR2. KS2@?4Jm4Gti+@#f:mg;w۴;\1Vdn 9c#.ھݥpJ(~<=q@Ul0ܢ8]!n5HlJԅ \KǢTC o?p="ԋ4YӼaѠI_-l %n`>ϲkL@Z]{vd%:++`[2#xB$<Q\| *XI’ߙEb/œ?-cw!|eZG"rE)G}O%Ķ!`",PZ1@Ӡ}މ7ɛ`V*󽾙C,9S !/F6W9J=צrۥCWc\TECF+Z4c\-&Ok2ryj5KD~ )@z#Po "} ;&{ET2/E>c/9ǪoBdB_~zLoxcgnRڃYa~~{t Ɠ|48 zfp!%kP(}J8%`Z+z|lX݈%Dj;ׇmĴe8-jK=Fb)O02+q":' 4%n+iУўͺ{8AVP1-^4yAy8O$܊$B oJAgg M+ ~*;`׵JӼ/@{S/ |D~nf1:FԜV:5KSjb9.—Ȕ ]cw}rN|(Z*U V gEV_)\>v3xP+SF^66.nG+iنÕc2(0jPV}'l;4|=א`[4XE~}Ý9p )l,dRr߿1^&39Yﰅ. %'|ɾ dFܹ#j1*h]d9V<0Zz7pՙБη "&Ŵ(z?v*ڐOd]@/="S+7RKB$FǗp\>o-rtwĝ SJjRz7I,!U=]D%ʙ68!'e)qxשu,/L0[B[bؕϻ, u1]̓lTT5Q".,p'>kpnص]b,k(^.d0 ־²q`!#Co*,=\CyVPT)&M9ow* ί?DXuB3TY]!@Ev;@'t/V[M YFlwfxoP`h!~ Yb;3rˇt }1@c5F };A_FBB#p3fǑʓ&U:M'}vFUtH=Z%H-$CM(+ 卒l<_)8q[w/,wG!̆pDeH(1.OviS:*"-߃&eA%霋%S]eNӦⱋpy +&C)޽&iJ+5e;J5'#hh̖ ;YÓ?1TfOuB-iR+<~,AP} 8Mg1D;:#_(Ia^sU +W8^M|HQCfc>,;k7xE'\H #y6 =n&55)y)]~abt H~}([EH@r%|xq&*~<6FOd=Sz0hh Oy,I3},Dxdlz,~+? b*P8@SA)MCr`[-n$™ibR̷j {7s6;ɠsEQQ =]e$qXk\ZDD z(_h.794O0Ƕ)r?F˝H̄x0vW^!@z P:ȳ/[F,rx ) li pC>74fd΃ )8 v![a]M[ri5[Urm\m\uz̃pt"EW,5[$cZ}>+ߥt~ul'YJC)'o2>߹FlM\Ԯ$߾[A1{wJ >)M~4H._lL`)??3BQ6'""\ ?91M2,B1+nv"f/' Oj Jz]#}w#uV>2y]VS]t Q9PUN-iyn[9[~6Z1.[„/XT1 ϑ06B#OUٶ-Q1 oC\ As$Sl?e^0m>/Bc8SK&=+0K^/;hGѪ[~'2Q^2^{j {26]dl9ЀaT}+ +yvYNyCj:k2Lŋfr+&o.^\e9?O'cqF S[>/2{ά -ƉƯEQ[CT)D{nw˹g#C(}Ψ5IV^_k|#rFX;W9qOIh8bz\zl1!sҚͨfєYk2H{. !VY63lƫ icS~ M;sY8fk<uHu3"`;p@H~RTUlUytSYzpc% %6d.>u_JItWX;1U|h˧5%mrVŰۓ:^ tg}r?h ^bSKC|`GYyU=Q#(iݺ*UgoMp41+L4j)0쇙V" G38Ebw=ƛ)p{'Ҩ/tF4%UXj.%7)4!qT?$mYCɇraMQ4RT n~4OKWF:&j-B˕` Y@~aBC0hl1+=ca :0~sX;Vy̙}P~y9D1~P"~A9M\RW7ؘ`>SkL,AMݠf 2YGަm(ʓD^ YCvsD.YVʮS5}6R b;4%r\]xz;Yb @e@7 +3?Լa[J{4 +o|?om$6D>ՊٯRSݷ])C ғƾ~VqENڪeK«K >Ub\*Wc*-MkqCEU B ysM"兪{_gt43ł;A#a=8/4`-"/]{)>ڛ_\ -/%Cܶio69UbݖtX޳ ޳T >Vg7y0fCW9=1LSdx)a+2)n@1cYGD&kp-B#p T ᏈʨU\EoSx\1%f,ZY6IqE%GmN| =8 Enf>[w\׌Rs _ĴCEFvqQAT vBC(݄1`rOwJHleekD bAx(m1 KJ_0sj0ieO+2Bؽ¨=j`&(_ua VTɺ(5 ˥)_~CUfRR=!1M;ٞ9bKIs5iG|Y#PApM^k2]H?|] ݽ<azx6j.ɖC֣v<zUq/c?'C '4&kV>bl\)q@F߬/4|/!Gv3g S^Kg~X[QaJY[g J&!u`9->Q >F_i/ju#ᙜ>%٬e7^|IZ7zOZa 7ڹq |]l$Jnˁ!ObY9ÉvRD},@H_TOAoy5b]ļ}ً XOboYEgeh`+ݽV@+C{&j|n {d'uAǖG`F ݽ  K*ٰϙ?D@bXg>ڌZqCH7Lԑ$G{FEs%90Z ->WC3V.I޳^ÿgy)C yQ؍,0T}:!(IHQ/y.Wuu?-ė9|/7黆*HqeڍQL[6ZEj-Dn.kQ2VMޅM G$eHf? zhfbl$/798f?l|sSfOS_OJL@X#E0&ؠ*{ZEw~]HA)X%ob `9ke(&lz˧ӡ-R'4W7#BN -&J-hf'+(~mo5mf^ún5-i#kE1g:E+I1V>.">Rb74:2%ڢKL^AUۍ0Cu44o`!1cs0>kO%NX}A&}ifX!%'Iڂkaeͺvi?qp8Z+ .@`o; ){r 8/-tA+(`3Jh@AAa׺IDWZptcS]~j>CZSϪ!@'M\= ɀ*M# XZ.W&QtX6&C!qyLe~˒$o=Cȷҡߥ/_u\dVeoEޟDK,'(Vm#ٶ҆bݓJF:ܪEYF/P) q}O󀷁 !3U0 _w˷2{lնqϩ6Ǎau"H0jܤy)̟Ȳ*29Ę0zhEL<#\gni@^Jg Zs|M?I^I (I"ヂ@U4\7le(($3c+~|KǪAD'ʃź5,6xyFB5h04*Xg݅`o.Nfz[VEmexQ;oTɡ@抏zYLZsTV48:Q4Ǚk;6nWǸښvgzv#;feX dЩZr|g;OSK74XysͼX1_lfhƲӄ _h4U^WAY`U [M^7l2 e#KDO,_уk3V[HXҫfx!gܢ /LG \W=2(%WNdSEpGB1;d2jf)rFk}`!9|+a/ԣ3VJUbXH|1NJ< cu#a :XR+Rg bUmiK$*MO3ʹ&B~~bˮb}CH[fv>lp^;CÏE=2Sy8;:*EI}IȂ'&)2#x<_Q މLɱv)0S[b<zm@!aUaKu[ekM>\ y#/|"eV:>)2orV͍}ܵ .nGG:hb"& s5OKeڕ1YI)]Zv?H}O`,6:M -=5(Je'kf`bϰo>`/'!|ܞ2g\}E̲9.Fpι+ZyD:+*м yn9 hGH99`]ZErMP~k33L,=E[Qs>M=d 63~#;Hp~cBFy< c/DVCod{: N:\5q6 ~a(kypk~Q bndъ3w0}( O=ip:6m 'R2BsѬ~H֋%ω]4&XbGz3C4Ԝ~4g N;,"I/#QFDwo:_<q-ewX~2Ha&YI~>u?)rSǁW; ?]k"׿{6Tjm{#u޿(cY-']BpYX1if1[B50=.{͐42 nr~la >Y3٣H!Z}oD:*%C <|Oד$ |l& c(é6[GΫ띸4>+o+b|rZ"/WO3fQowDo87>&= 3Zn^}ڛC2"s]&[+g^;%{HU&˗܋yW;zdl/H G [ $t E6N"s<`^:TS"RkL+!D;R9K- bL&NX74-;_AkP6Ў+oM0&% i<YRIh)?çIr]w-{6s's~t sO*Mp]M""=8 i^_ nDuTT1,uoboDvj= .8){~s%y?V_9ƈVףl]yL| # W|! sG'6|3#s#?2?L*K />bьiv9+iI$dZ Wq]BH{N=Gɣ6`7+Eemx$|K7U6vPS_"ILUAݏg]Itk/UvTyI|%(c ~ƻG{G4sQ޾G!\Qiwxrbˍ$a>g"KK0yď㹌G:j, >3sK/&,3ۏd 71|ol8ɬ$-B[ƒ\uv\(+iJ@2cXkm!+C DL!,gNO9~% 7.MYIb3x{=Z.E4nԊbrHUmWc{I)xoKlq}3Gq؟VA2]t )ڽx i)>adl]4Յܛ?L`Xa\&Ҷ穆Evԓ {`jW,6^U7x0bJ7a&K?`%jKghTSfu0!ᚤƀ Z/c`1N & fd' q]l?۪Ҧ_<lnIp݂-hdUiHS~'O&T(C R TW^]Jb dʇOD$ݠ^ 1wz|O 09[Z,>_\J p C?bK9*ʕf" @UG{mPM+H|t #"?ܹIKc>肚 :wE)[) gz} vTe*~ԇ".+Bګ|z忴i@[̊E비f,4]{m*>zhc#󘁧;DAbӜm|nƠy ="n>0H0^ 5 v`ˊ[iUIKrF lG՛.{v?7m.н#9:O!e@}Sqj=ukciՈ ~vRb?JI§}qCm{ړXEjM =Q ZX0opqQA"qoNԟ'BJ7O銩 /ݦDT9g Vcdv,#h_{pޟ6ж=tpBUfЈ@::k!x;^h46X? Dz>X~}Uw,:CߒP}Xn A4f0GP3E=6\#AJ վ+/c蛲5;Si%PI"VNe)'3Q: JH&`k>>}qe\3s ItW'$ r=H3LȕZ@[?G&R[[?!,%{M_dJ,Cdm\i߹C~޿805[#4i7E$汱^ߨKBo뗿0F_[@k%F=F,͙R>\A_$鏑 HoqT,iB=.s* mO e#^:g:9ja\ # 3z{`w݇ ZUM =JxFmN&c W$Pa),ae!}^[;ِ*2d['MErRUk+i ^>V\z~DdzΚ z3K^Nl*=]aB.l~Q,Zvtn*b]K|Qb@oWo'|يn`ZCelr?Ľ3m_Ma?%V"/1@}N-I$tf.+IVJ`Nf׀]qQA+;W'1Uc-Gw?os|W&T⇐QN5 Q0桥o ZqwY@V~j XIOmA<awd:e2LjT"&K x*^Koj!Yn2IR4425ed1NP?]dp;2ۑe+mF\}^wѬC  meD̂5f,W ȰyZR4U0@"\u NbJ*Qwʹ]VlV k/HH+#&-Y,H!@U@+(4g愵R`$Y$89ȑ*K]dg;>z{^T#+*doo`#q0|y?p}`fGv|exq`sڨ}dKsVqX$S[xם2o/ ŒUɴ٫uGC/ .ũ*fVTELNfR.&[6ziK  L ^~ܥb:A8 }îu6ԂDQ9%u{<[&(G䮜_?ѳ܁+~ؚ9e Pg,o>(dH'Y.UqAoW{ABս@ %z͐5?YwIJ7?z%j-KR3but/5=mnmG,ǦrvkqIGȗOY)44G$* tbּmULSwdy.2)~GTl@eJ ,EO+æ(x!ڜ^BV @J#(|k3#3 iG }'IO$H!}Y6Zغ :/i YN_2],maߟsƕcX3Ρoۼs./aIΣCWCnbyfqPx}t?7Lws-n@+!$@DA?^!- ?/dwp,AvqՔC FU*lwbT㇫GY2ce԰Cbի3`CΗc EG!`A* G2.ey1 =v[Ĭ>l;ݯ5(@sz[#FNqB @pq(f+0"HN!-06@AT́Eo3v P!GeՉqbٰ jEwJ?ĤY}ME% VX*BtޯD]*to46cល .?ʣ 'vN։ u{ьlb,Y)o]HߕA^ (IdDMw@I^JI %)nĂ+QG`947&hzc4<AK1-#y%0j[Ȩ:R+G=ݢzz=Wên~~Fr>E֟uB͕to/O| f nc?}(8j{N i.&~!I>u5<F z^p Y@;FM,phR'&BvBRuҚ HށB]d3y&ĨJ%k X11KZnZ+ZwUK% >/y]2!< kGkF sIdz n:֋THA- bx*6}/ku 8TfT">wLӦSQg(.ilA> 5[x/BIuHz2eeI^4o>"ď蝚2j 7 53[ sD_V5G@kՑB2t=Y ]0BwbT3NZȵMİ#i랋շtZ~4DL=9JVX>We'])ᨶo<9E[2\΀U¡20 vŝ9eDjj>qAJ-_,8LM$=(o~پi(ITj_y b4wmz#fad hGZƖ}΢DmIk2(y=A>'xr_=⣜ol* y) GwkO#@ྫeW_>rZrF}q_deo_iK+8g jp̂R`P[\B-^$²ΞA;(7AWeAn 000IAD$/} l 7S""; v0Vr% }BuN;klo%1y.ǤPZ?siwk>l`jg)w73ԑ4fэ$DŽϳ&T>"O;0<9aĽeTĦ|ҍ_ܢ/wh/dk>  p$I_˯ӭ씉^?PA38nxĈfX5б%"R[9hdvٺZHR*7zTKˢ^IـnM?kdChOTD`+; 'O{ÇMRS,2^}S6+#)ƘUPSUA Fsu%W UtU yeD˙Ϯun D&B/dxL! DllN=ys4&"P4ܫaذScmǑeEDՈI̖;5u5 "]5 (UG.ව0_󞤟rm~=̐o|t5ǒ[T(Y~};-CZI31йkXTr [s^陸 2+̩K0&bbOqXOyU|»W-$C%ttWC:][R&эx\O;Mūw97lq깚qӜ7nbd@#J'\j3>5v(ѥ- o'(pso5pΟ ^}i'hF&ϣ}jOޜ*+Vwc |7n|]%b[3\B@o VI$lHִ *p jaN0ZP+;tE VKJ*@e@mTD-(E"Egv_&N=_jSO;hSz ˆ!kM;PEOHɽsbckT=ODzFJ8bD BR]k o;E"n_ ^;ՐV@fWs#t˜Z:UWX6끣5J&15t\A{~Jαp~DA7 'P^֝ɐSbEmHy J'HLFn-e']p_מiV&V3I0ПkO39_U8nlSS+vO햗^w u>Ldj3wP}D+"ܑ4/ 5j`W(Z2 /R4@VY0`ꊳxzFGIʌgUgζi`W'iG;@ bgaqzPMn(Ӎ ~V qL^G@dɁA 2z 9IZw.! 3tAΡg&gQ_S U1(g}7RxA6+q?\)3:P괰%YA մ|$oh[8-ҪSQ*zJ8;Idt$r"  Q/Rl;ڒ/ldBhʆR`aeiCaP /xGio,0,HQqOR92EZwJ1IySlQTR.8B(`yXŻ1V6` N{= TDNi/1ː60f=pt0q6 &gЫ.W~D7͔t՜v905$.uથgˢ{Ң,1#u<4v/x*',"ޱwЅn7DK|c)V|䰔դ2OkKHx R\<H:F2;plHGsR5wC >c*jYMyD.cE4oTC* ceF.?' B]3d~S OM| z5xѯ ]\"boG`W2iVm|`4?e/a` r\)LJvZ#4=M6A+CFܵgQTvjj[l A:lFC 3Sxx1MWr Ұ(b<^ О Cܞ-=ul$Hy~yW. d3OX.Iks3RSs7N´ZPlT{ZPP`ru{| l9@E0׼V? B"o5T^8iޓyӭ vB|^v5%^33 @:FrQO5k=9hmMUD0oUc[px(+]Òh4 {) UZWL'k%7^({R$<تk<`l%d#Mr'\m ,T"U1{tdu"/jI%sEk}W J{0?lczFHdP2} ~rOː]ȏt*l3Cr0Sq#ӓ F$ze8F6)7"t߶o#WBdiEȓ`@cytЀiyoϧd_^9>\kگd#dh/[_p Hs<}D|M0{S=J {pn ׈&l nj௼z6;צ<0)#)'lܕᥱ#U*ݔklܧlڄs?prW g|R @IhUy 0V)|.,ب "ɣ=d<jEU7b*%H[JJs" (oE ^ϨWQsK " ;U鎂ӥg y2t*iΑRes4 |n56DW(ۋԘgr\.qTAv;DdRwxpn(/7M y?DYcj//w {YxsE MqWЄwAΦC Sy0af^7M1D6w~(1BzY; #؉恿hehfZ׺>8[ߢ8-ڔ.Ch5\AD k\[k>KܚΑnD[pL¯%ۜefB =7z@YR1X2/Ssc{NM'gKdA'x/"dXO/LG\!v Jimmٟtۘt}H=ԐǓɀ6^G-sB#]5[Gx _D#tC\0*\܎eߔRQYEEWҧk}aQuDJeT{W UEƄYj΂p.&٧:Z|%3+טh{n-@hx>`o4CA$D~M jh[[2X  WM7ŋN1ӇﳷG'Ÿ/@; \8C*RiKLViೲL4C}cwMUyYf ts:y|~ֆ'0~Q2i=&ME^˨\VemN4JΆB?\B5pY (qa)T4V҆ i/eqDM4E@%ox:_=i +>X, -h-= m2P7|K[=:ı[&`D (;=DZ^NBK3(ݪ.?u{QoΔjTC n?Zބ0tDJA9їq `r=ТftT-2UͅlE$kw~d 0@U wg|TDO#æ9#V8S톸mu~RT*;EW06't #Jւk (Zq=bnea㽏~u!6T ReU=^Z!'ڼahJ&nȓu />s2;n( 4}j3˲2ė>3k ֑˦@!#qf?-8%I;Ӷ:ښj`$2cT*9~@嫹 I& ⥄c%7ijLW_:l 9> X] `x06OeBF@:$"rB{F(/ִ|@An3Phw.27b3u@xF? Vx{:BC@c6&}L$sioxX+iNxvx ,V5p$;r=Z8ⲾX%@& xHkEp"۲l2S"5/+@޸;Qߒi}J)ߦٻwM{603!Y-DKU%̘* Z0̓sLb*BD3&4 ~k!d*+Y@wM3oIЅqfYf9kG\J(Zߞd$4w9|hɮ; 'mtUpUV&77oPqX94DMӏ؂_z _~KE2^3+OkZeCZ) oN%#HYbemjdBj{T?-we4hA 6KRK՝@x^]mIv/ X<L)Pz'_5dJ7j^]x7V dHl8%Yu%X9 l[^il]RlqkJt@$#";"xOeiKN-Fu{0^ i s?}T1G.Srظc :iX]D*_p}懊i X h+ozۑ w )Y=onj|ukSl$=wv*N2mM@Һ%PvLwh6fȏD]0G(]waP̘\32j߾ڒi:EW`Yhۏ+y9W,G޾S@w^T}ܚ10Ok]J#tZcgkyq2蛠" Z8uTu5WQ%!E9I? C Eϙ_Z`+QycꝺNu@P?/Bt\H2+xylBrJIJJ?oreJyz}-f@.1;!1^3T@/ѝ:1߆Ӊ 9 ESJSh4kRPp[wX 8[)hTw}X"˫4.hvh[ڙz糓-"Oj%|U48ǓI7 ?vx,/eڡh>Eu:(&WlZFPyA07L#W9k7!wpO"I;(F"''zݶLp9~@HNhonǴxԿK>hhQ&/ǦIM&j~~(Bb)^00evХ=4huD g0'<ଵn|?B` Ť~6kѱWj X(kqȔ4 sX+ 1 MfWCnj+/2eֹS۾,C;юѠ̱Tކnf"ےCܘxitfZzX6Sۿ'HqՆd(b iΊ9ӉQ op4Fx~$9w!c3$wc&BHӎυh@aWk~BjBMVyi=[c[+G ӓ@tkRDZdĹK(GȬU.dx\MլeFK0B%}7918,r j;eWC@)"Xz2L!Ҟ%''uo\[r_7&=+*wwŝ'MSHʍA#DPIoKQ2EamGtue^xX3Y ;#1K䩐kwdc'zpA:"&C@ +Uďĵ噉w}0 cFQHEuΥqz5Y.ڽka`yN:Ý7L[gL1h7ԒNJ:Ql=B`[&_xrWyh. cգגw_))NI{ {Jv=^[D?zPN31SH*9峐Xy4ܫ˘O,ӻe*XV^Rd]k0unۀ'*:܄{E!R(W! |TiE?N6I_ִDa&D9Drܕg2`9U{cyFK9ըp3R}X+k}]!BCBa_ҫSЃ-G8kQn?"\;HԎ#MKV?߄[ hGy)m%cYn[\(OfG $ЬFmI1Qk^TY+['#2X#t r 2՜ }A oKo#}O7OI„ f:v咲SLo]­&jkʽ+%t]>ȈjHoծ [Dոap ƍgHw~eХHq#9Y߭.b QܤG2x1{:|KLY2Ӳ@ͬw1/sOt^ʩBcgYH5 ?U"봫D :%7(m !SRu rqND<*U5YQq*__Q 3GT7QShZMOrY72$|Q]'ZKFmu!}hH>yS&쳠uS ZIp/JdApLsļO$S=/V>Qqr,E7+}S9|xQZՎbR!앬 5PR?j/1th5^x-^FC&q/؈aq8KVDe:jǾТAV.f~ś[6}5yqG+2$)$ϯf !,QWs˺؈3fZS@0\/1j?x3<|50u $..$;?erIZ &tc NSS&p&NmӚe" f/;co[3AKUr+$|蔑 ɞpv-Nmdv:'67b_ۆ9 uXQqR[3A}_푣 :bMDA+-S.!':Z;f;RJӧ[Pbh؜{wZ!EQ'oAɆ*}sh7`#ִ}vŧF|Yʅ`5M/B|BKrAO>29ާHO?0\iPnlqo*/#64x j5u^qi>+k k:$2R{ФMjCy6}NuMyMPeٳ] &ߢT`%^b\GJ2>GWQXJyb蜏 pt 3z htb RϷ77P^j aϩ̸]{ͿHˠYOM5o.1gLy q=]ԐU*ux8Y)%e(Ef13?j om wMȱ)_HУi@FFMO| 7R%r 4 )s:uSdii=Xվw0cB3*s$ۃ8H@0ÒX9}X\3kyLo۫݁+n9B&xūE+Y7gH-w&KWSpٸm;[-ɨ吳}"{fX7BJY׍ЪOT:Pa+nE\Ykϻ6YV,.X'|[A0|㿡j*@]n4qǟ?3U '$⋵+Knc1 ER >:$/PٷNTGT%QPC~ Pr2hؑ@|rTd\z`yѧT/!zTb#_fC(i7E CSw>{DכzzIl!?O\@^6f?2p $ff"ۿ.,?ucgOƳ,! dL>2]kg :[}БCwp\ʆ0l~<Ə+OZAvs*s t*4}9[6lP; q5xR _, nr9Tg'_Xٸe h [Dى;yXs٨GbFnҎqi̘W;di<55 HVMOƭ~8Ջvڃ7,jۿ>G?4_)3{˽ڟq'|Tc(W(N,!9:]~evhLaL:1|LKAv|kT#*#e2h- =|8xCqg| 1ҷ4nW#P;ea0O_o22D.\JM?v<;eqF;D$/m;um=?.ɖ.< K}/SfD'V,`cUCV.̆Ҟ}(rUK~:)D<7A 8MǤE15b~:labji.־O(P;]n`n6)5Rn`µg:ߝs2a8π_9o39Q<t) +H c۴oZj-yaBZپ"j.%)ȱ-j2;ȿiv<.ECCZ!+#bh5X0Ӆ@y?ٟzň!I'6BK[ L`b&lk?* >w"Sʳ!*lY94Wg?@^4gO)50,=H씞k_oJZ9\;!_۞@;=t( N԰DsZbQh,SJQ<% I3LfП>te1liUP^GH hč "BI0kk gk|XU :}ۢU=ְrW%QmK׋ m1iŭI y1BngrBm(5 '|*(\D.K=]h-],WI B_&5'K aRo_i! 6" ڽl:؄oz%(]>CΚ۽*mkǨtUijE*ǤL/}E*{&ks8C2o.Bn,KoBBl {G@~\u ]Ɠ4D_!HY\U;)XK<˧o`x|?&nÝO#ڤFᄅJEOq/ͮ&! :Dbk>À!vײΖYf;iQm)>HT:ɦT&oC&jb9xȷ$'׎t[2)a$@K ң;uֶN*^ĩ)#ϝ^+Q/k{/r0l' ܣ`v֔mA>`G_#F0ߊܜ@\oFlb2%3bp=w4oVh۔ynfLђ7wn^+C`9B1> lfBOĔ0&cfarL|v"1DwD5/] l4w6=:%XX3PـZJˊ%G64MEѮ1Cox!"H* Y^]b ϝt’ DI1+Ŋ- T4uKۚM#ʉ0xVʫ8sarve ixC֠J .(TՕn ϩfThhWpEdVcC,Y ТJtr j+<׃Q]v^)(c@:iK |‹Sk m+/Vx}q.@$}قD vDLNg/kJb] 26 =*s߱ y >.mUP&ě9ܮ?$T(K'|hn!0~ꙧڌ N~;QFD.څ>3:&qᥨkdr`aOIA﷌؈He)¡@3s2FT&u. I ϐW^]] MIm;`ԙG`-*\D.aѠ2MH]M͒DOڍ|new@T{*\j.<'v(D þǼwQ`]cysW*?dUK¡:u5_/lhA>* ˄| K -lpz7p~V"|/UW!n+=J~"Řub<,S7krkl2jAڐ]�ŸYnncq9ESeP&v>AA( "4a9336Gu$Ժd{V{*B>vخb7~iaꮣ/P6{xK(Rnz'=Ù-QQ^]F?%{ BJy{RrSͺa?Rt܄"AKW2n7vCCT6ኳ4)M<*IC*F=~;uaCXDUF'K 4|*zڴ:3i+eb$bm#x$N ȥy%'8e`F ?BH^{:jii}BjRVv: }8`i| m"tyn@bUz1(x%) H41kpo~Xo׶w뉐؄]2m1,FL$ 3ex\`":?YAzOmI R8H?Ɋ m,";Lg`\sQ?jeAʡ(,ADK9ܽ)ɻI45f2B~5,~%e>#o! YI4eKĩi J~ >a]x˝ 6Hl.8:VٔNqԴ*y`WVlW^B Ok H&⺦dr{B49"q:noD4C\}Vvt{z,В@x8_?S";eL3Kb[@V]-G+b0XKpC?%OUk]N`LSWz؀MMш m~qR_su'{:M?c6;G䤕ќ9z[8l*stA0Vtr2 "Pћzlbs];/.1m_>, Yf1 քC_pa8DA[jԢ-.U\K~v %JYGbAG8sB~u9vBMd>G$'<Y Er~*< \n--$>)9n :OhDB?w`vo.e5,fƌxmƁ/3-#ޛB.=oRdl`i{Ji?#q.ٛ&uڸ:ljEW’EV%Х-hg(bIBGɖYn]{Voe_e=r4ib,, *T9PӢq*#JpK ^{YZptp'7>,cX`3:]&]QF_PvB1߃Q'm}z3jw 뇁IIzv̷Μ? рY7i/Ǒ`c $ 9,toCi=3EǿߍxFkR!u9ؕY~]y$Qm(al}{5MtCyh_ mmQ U ,!;\X)N|xe Qt( {]9Z=!x,kyf"3F P۩,K{9] !T3JuN'>/8wϑ4lIR^5d&{dCu۳I{8KV`1+s_zz)݊&a۲/O(^ՈG7A/m!}B9?ku(,?-!JWnQ'=5W__1<"Tj(Jtuf+iRŻdrb?=P} ӺkvԵcIIO֢(Ba ^DԃIDI2_Vm4`Xbа<Ȋ`rW`>T5ĹhL7yeQ 1OAt[UP+~.<8'!rlsϹ"Efܸ=Lu85s[2hnxc@p;2#!F /Ӳy*zَ󷙐v1Wdx\A #.uk T5,Ev账_٣s3\#j&hHy|˜;M 5^Xڦּj) ]{ syγ8c3tDSŹ+%}Of{o%N:4Ć|F/I{~ Xה|uʲ X?UrJ5tW}bG+^4|1][qT]׆Il؅[o6q}(Ys|-~nMA-Ӽ+MRu#^K G{DI좫[!)/! X|y˱l1۾ݧW>/(:=OKoq(#A꩷9{ ? w+_/bˋ){PSvSaS¼kˎN^{Ʒbݬ MHn$s2'/w"DFXBL@b?چf!>eRUFAAho}&Vy88$s5}q}:}=9FYs#W\7VRigxqvߪ=W.Ef/}ؚAkk@^X2 8:8x1@b/kv߈CXv^;eqk~ͼ=şZ2d JQEX _Onl*^ud+tz-Y=Z4VEmqK3gf\53a Ѩq.a7,4|-o C ($XL>{f:~)%Hc<E 2gs NMALcy>4YLdz贏IRM~i:`%xB Mx^+`*o~2cQ%y~VW׼Ԕ+.VٱPxnGBԗr-W͋`#L _mv4gH?UE@"^9<·&Vb35 UM#1Y Y ODq1aD4{̥?G"z~M~M8QnԕhHV{/ |.yq:brfx$+pmzZidyʁ~^QjBttƪ٠ Ȧ!I~~(M9H\Q֛jHq\*p5u .bYVl IM$%i(wdΨȆb8a'jrH l΍c[e\eN tHI6ӗoz8}1 5 sC`do\0W ϥ[L)u+"= ̗̜+U0",EyvC]3Eigfk ;d!92w3 7wtVD SH@HWfsw,M2lKziBP*[ }2 YZ