openldap2-contrib-2.4.46-lp152.14.18.1 4>$  Ap`Lg/=„YhI_. R[9՜ ܞ[|/uG-eF|`MX8)`p5g{)H :cᢋw:'XUuen8,*tEKIoӄ1NScCL݇pD;r1o)Nq|*͓SNEح&3|pRB$ ?W|B\ l( Zm LVD>bZ-^1e0096d1981e631e61276bdba577b430bd44fbd149d7d32f046107d0ad052f224b2dc977a893d84edf75a6ce422a5fcd4a58dc85ĉ`Lg/=„<{8 Ϝvr:? (M>~0 фd`9̢$ř`uR.cK|ޛNѲR4{Gf\4dKLi\ ?I1-WV[f.KYt1H,ÑR˓JGQ&Ngt F;?) |QO3}mgLfG|JK?^:@Ʊ{ ,$׀J%+C3 >p>q|?qld ) BLP\`s| 44 $4 4 \4  4  4444  J (t8|69T6:6F_.G_D4H`4I`4XaYaT\a4]b\4^ebecedfQefVffYlf[ufp4vg@wn4xoP4yp ;zq qq q&qhCopenldap2-contrib2.4.46lp152.14.18.1OpenLDAP Contrib ModulesVarious overlays found in contrib/: addpartial Intercepts ADD requests, applies changes to existing entries allop allowed Generates attributes indicating access rights autogroup cloak denyop lastbind writes last bind timestamp to entry noopsrch handles no-op search control nops pw-sha2 generates/validates SHA-2 password hashes pw-pbkdf2 generates/validates PBKDF2 password hashes smbk5pwd generates Samba3 password hashes (heimdal krb disabled) trace traces overlay invocation`L:cloud1166openSUSE Leap 15.2openSUSEOLDAP-2.8http://bugs.opensuse.orgProductivity/Networking/LDAP/Servershttp://www.openldap.orglinuxx86_64(pp(p~8p)w(@)(Xi (@(~H;Pp((큤큤큤큤큤큤큤큤큤큤큤큤`L&`L&`L&`L+`L&`L&`L&`L,`L&`L&`L&`L,`L'`L'`L'`L,`L(`L(`L(`L,`L(`L(`L(`L,`L'`L'`L'`L,`L(`L(`L(`L,`L'`L'`L'`L,`L)`L)`L)`L,`L)`L)`L)`L,`L*`L*`L*`L,`L)`L)`L)`L,a29e90de58f7fc18fbe7962fcfbe5add2fdd3c85fe715a1d6639551f37d3936e673688cee8f465f8f672be600255d6e657e205f80b17ca8a46bd64c6941c8de33fc29e4e717f3fa44236e6b004246cbfb579d2bb816398755e4a071ede5d40acb3046f18a387f7a6109d50970ac81300df44b1166cefbb5d88c0b58868af95222f61a1ff922f16618fe8becd68d62b51badb81a6f266f384e566bed25b3c920ab38a8df67cb0a3053b37f7e26ff058939c1f15e3cb75616513e49062d3f41e0d3592f976ca689d85c457aaec0f6af293783d07c3304f5421f3a8428416b1dbd62a9cf68045140d27754b865ed6a7fde8fcb319350afefd324c7bada4a8f982bae084b9ff54510aea552ca6661b6d9f36a00ae11a6d01401bb0ebaa0572f1606a08e34d76a727bc5db97dc9fd2b0b9d943313d8beb7e929a341e63377baf78974b13a9dcc49ef2f54f573378a09b32679cfd6b5a6ffd009998a6dea39888d4f61ccad42d22d5992e11a99469452dc6ff67d27161651e31759b1aca74fbc3cf37bff5303bcc6b5d36b7f6e7fa20481975e2b7fff375bab602290db5c7f796534e6649e13f610d14b1766366d89f32516e09fd17b8c9c1cb42b27da2f3c7f7102d56c7788713fdec6736ebadd99e17c817dc807dea3fceabdbf0cd7b17865ed827ee2ed3cf22f8f2bc1eb9f3908c3c5cacca2484e3c04fd6f028ba79c2c7c061235d1d040e86ccb662118e9ddc449b0dde6f55fe1052a313730ff351787156706ae1c54ebd6313b9c40df789d18efaad8d48562de27572a0eff47b3cc889400a9979cf9cb1bab260523d73902e3d57aac9129137d2e6f6ebe792ad2b2b62b0b372516db228b82f9e8234eba29cfc94f36d1d02c154bb214b1bd63e6ef5180a942a51b0b9927dd05e1b0fa4d17885adf92d2de83287ca6445027f08531867c265cc9dd6d1064262bdb5d68009350167f71b8f2e6bea428d141e325952bad4b37d8138fa7c296b29698018f89f2bab899d100df95c2080ca2c3fd5b7d738926382e78648f09fc8e888badd171adb6b4fa0e34935605283dc63b6ddf663a787355c06b56bd132fa0c0a1323f07e24fc2916523838aab85e43703a44abfda0eb2afd0811e52f435ecd15d713bd6ea54a174e0315898da41b07b8b106b3bb8dbbedb98beaddpartial.so.0.0.0addpartial.so.0.0.0allop.so.0.0.0allop.so.0.0.0allowed.so.0.0.0allowed.so.0.0.0autogroup.so.0.0.0autogroup.so.0.0.0cloak.so.0.0.0cloak.so.0.0.0denyop.so.0.0.0denyop.so.0.0.0lastbind.so.0.0.0lastbind.so.0.0.0noopsrch.so.0.0.0noopsrch.so.0.0.0nops.so.0.0.0nops.so.0.0.0pw-pbkdf2.so.0.0.0pw-pbkdf2.so.0.0.0pw-sha2.so.0.0.0pw-sha2.so.0.0.0smbk5pwd.so.0.0.0smbk5pwd.so.0.0.0trace.so.0.0.0trace.so.0.0.0rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootopenldap2-2.4.46-lp152.14.18.1.src.rpmlibtool(/usr/lib64/openldap/addpartial.la)libtool(/usr/lib64/openldap/allop.la)libtool(/usr/lib64/openldap/allowed.la)libtool(/usr/lib64/openldap/autogroup.la)libtool(/usr/lib64/openldap/cloak.la)libtool(/usr/lib64/openldap/denyop.la)libtool(/usr/lib64/openldap/lastbind.la)libtool(/usr/lib64/openldap/noopsrch.la)libtool(/usr/lib64/openldap/nops.la)libtool(/usr/lib64/openldap/pw-pbkdf2.la)libtool(/usr/lib64/openldap/pw-sha2.la)libtool(/usr/lib64/openldap/smbk5pwd.la)libtool(/usr/lib64/openldap/trace.la)openldap2-contribopenldap2-contrib(x86-64)@@@@@@@    libc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libcrypto.so.1.1()(64bit)libcrypto.so.1.1(OPENSSL_1_1_0)(64bit)liblber-2.4.so.2()(64bit)libldap_r-2.4.so.2()(64bit)openldap2rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)2.4.463.0.4-14.6.0-14.0-15.2-14.14.1`/@`+_@_@_/@_FN_?@^^^*@]B@\ڭ\r@[H[@[vZ@Za@Z@ZZ.s@Z@Y*@Y*@Y@Y@YYp@Yf@Y7Y6@X@X7@X$a@XWk@WbW;VVɦVŲ@VŲ@V@V@V@V@Vf@V^@V\:@V@V @U4@T@TuWilliam Brown William Brown William Brown William Brown William Brown William Brown William Brown William Brown William Brown William Brown William Brown William Brown Peter Varkoly varkoly@suse.comckowalczyk@suse.comckowalczyk@suse.comzsolt.kalmar@suse.comzsolt.kalmar@suse.commichael@stroeder.comfvogt@suse.commichael@stroeder.comrbrown@suse.comjengelh@inai.demrueckert@suse.demichael@stroeder.commichael@stroeder.commichael@stroeder.commichael@stroeder.commichael@stroeder.comhguo@suse.comhguo@suse.comjengelh@inai.dekukuk@suse.comhguo@suse.comhguo@suse.comjengelh@inai.dehguo@suse.comhguo@suse.comhguo@suse.comjengelh@inai.dehguo@suse.comlmuelle@suse.comhguo@suse.commpluskal@suse.commichael@stroeder.comhguo@suse.commichael@stroeder.comhguo@suse.comhguo@suse.comhguo@suse.comhguo@suse.comhguo@suse.comrguenther@suse.comjengelh@inai.de- bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. * 0220-ITS-9423-ldap_X509dn2bv-check-for-invalid-BER-after-.patch - bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN parsing in ad_keystring, resulting in denial of service. * 0222-ITS-9425-add-more-checks-to-ldap_X509dn2bv.patch - bsc#1182412 CVE-2020-36228 - integer underflow leading to crash in the Certificate List Exact Assertion processing, resulting in denial of service. * 0223-ITS-9427-fix-issuerAndThisUpdateCheck.patch - bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service. * 0224-ITS-9428-fix-cancel-exop.patch - bsc#1182416 CVE-2020-36225 - double free and slapd crash in the saslAuthzTo processing, resulting in denial of service. * 0218-ITS-9412-fix-AVA_Sort-on-invalid-RDN.patch - bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service. * 0217-ITS-9409-saslauthz-use-slap_sl_free-in-prev-commit.patch * 0216-ITS-9409-saslauthz-use-ch_free-on-normalized-DN.patch - bsc#1182415 CVE-2020-36226 - memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service. * 0219-ITS-9413-fix-slap_parse_user.patch - bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service. * 0213-ITS-9406-9407-remove-saslauthz-asserts.patch * 0214-ITS-9406-fix-debug-msg.patch - bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck). * 0212-ITS-9404-fix-serialNumberAndIssuerCheck.patch * 0221-ITS-9424-fix-serialNumberAndIssuerSerialCheck.patch - bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read). * 0215-ITS-9408-fix-vrfilter-double-free.patch- bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime. * patch: 0211-ITS-9454-fix-issuerAndThisUpdateCheck.patch- bsc#1178909 CVE-2020-25709 CVE-2020-25710 - Resolves two issues where openldap would crash due to malformed inputs. * patch: 0209-ITS-9383-remove-assert-in-certificateListValidate.patch * patch: 0210-ITS-9384-remove-assert-in-obsolete-csnNormalize23.patch- bsc#1179503 - fix proxy retry binds to a remote server * patch: 0208-ITS-9400-back-ldap-fix-retry-binds.patch- bsc#1178387 (CVE-2020-25692) - unauthenticated remote denial of service due to incorrect validation of modrdn equality rules. * patch: 0207-ITS-9370-check-for-equality-rule-on-old_rdn.patch- bsc#1175568 CVE-2020-8027 openldap_update_modules_path.sh has a number of issues in it's design that lead to security issues. This file has been removed, from the package, and the %post execution of the install. The function is replaced by /usr/sbin/slapd-ldif-update-crc and /usr/lib/openldap/fixup-modulepath, through the addition of the source files: * fixup-modulepath.sh * slapd-ldif-update-crc.sh * update-crc.sh- bsc#1174154 - CVE-2020-15719 - This resolves an issue with x509 SAN's falling back to CN validation in violation of rfc6125. * 0206-openldap-tlso-use-openssl-api-to-verify-host.patch- bsc#1172704 - Change DB_CONFIG to root:ldap permissions. - bsc#1172698 (CVE-2020-8023) - local priv esc via start script chown -R on olcdbdirectory path. Remove chown -R on start to resolve.- bsc#1170771 (CVE-2020-12243) - recursive filters may crash server * patch: 0205-bsc-1170771-limit-depth-of-nested-filters.patch- bsc#1158921 libldap-data should be requires, not recommends to help prevent user confusion around configuration ownership.- bsc#1143194 (CVE-2019-13565) - ssf memory reuse leads to incorrect authorisation of another connection, granting excess connection rights (ssf). * patch: 0201-ITS-9052-zero-out-sasl_ssf-in-connection_init.patch - bsc#1143273 (CVE-2019-13057) - rootDN of a backend may proxyauth incorrectly to another backend, violating multi-tenant isolation. * patch: 0202-ITS-9038-restrict-rootDN-proxyauthz-to-its-own-DBs.patch * patch: 0203-ITS-9038-Update-test028-to-test-this-is-enforced.patch * patch: 0204-ITS-9038-Another-test028-typo.patch- bsc#1111388 - incorrect post script call causes tmpfiles create not to be run.- bsc#1114845 - broken shebang line in openldap_update_modules_path.sh - fix the script- Emergency fix: move tmpfiles_create post from the library package to the main package's post script, which ships the tmpfiles.d configuration. Fixes the post script of the library (-p /sbin/ldconfig does not allow more statements in the script). - bsc#1111388 openldap and /var/lib/ldap/DB_CONFIG* (transactional-update) * source: openldap2.conf - Added a patch to let slapd return the uniqueness check filter used before constraint violation to the client. Fixed broken memory handling in affecting error response of slapo-unique ITS#8866 slapo-unique to return filter used in diagnostic message * patch: 0001-ITS-8866-slapo-unique-to-return-filter-used-in-diagn.patch - Don't require systemd explicit, spec file can handle both cases correct and in containers we don't have systemd.- Fix CVE-2017-17740: when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack * patch: 0017-Fix-segfault-in-nops.patch (bsc#1073313)- Fix slapd segfaults in mdb_env_reader_dest with patch 0016-Clear-shared-key-only-in-close-function.patch (bsc#1089640)- bsc#1085064 Packaging issues have been discovered around the openldap_update_modules_path.sh which has been corrected: - the spec file was wrongly configured, therefore the script has never been called - the script should create the symlinks first, as slapcat is useless on a system which is already affected.- bsc#1085064 Add script "openldap_update_modules_path.sh" which which removes the configuration item olcModulePath in cn=config which is after upgrade from SLE12 to SLE15 holds inappropriate information. If the cn=config is being used on a system, the conflicting items in slapd.conf are ignored, despite of it, the backend DB configuration section has been also commented out in the default slapd.conf. In case of correct cn=config (the olcModulePath has been already removed), the script stops without touching anything.- Upgrade to upstream 2.4.46 release - removed obsolete back-port patches: * 0013-ITS-8692-let-back-sock-generate-increment-line.patch * 0016-ITS-8782-fix-cancel-memleak.patch OpenLDAP 2.4.46 Release (2018/03/22) Fixed libldap connection delete callbacks when TLS fails to start (ITS#8717) Fixed libldap to not reuse tls_session if TLS hostname check fails (ITS#7373) Fixed libldap cross-compiling with OpenSSL 1.1 (ITS#8687) Fixed libldap OpenSSL 1.1.1 compatibility with BIO_method (ITS#8791) Fixed libldap MozNSS CA certificate hash matching (ITS#7374) Fixed libldap MozNSS with PEM certs when also using an NSS cert db (ITS#7389) Fixed libldap MozNSS initialization (ITS#8484) Fixed libldap GnuTLS with GNUTLS_E_AGAIN (ITS#8650) Fixed libldap memory leak with cancel operations (ITS#8782) Fixed slapd Eventlog registry key creation on 64-bit Windows (ITS#8705) Fixed slapd to maintain SSF across SASL binds (ITS#8796) Fixed slapd syncrepl deadlock when updating cookie (ITS#8752) Fixed slapd syncrepl callback to always be last in the stack (ITS#8752) Fixed slapd telephoneNumberNormalize when the value is spaces and hyphens (ITS#8778) Fixed slapd CSN queue processing (ITS#8801) Fixed slapd-ldap TLS connection timeout with high latency connections (ITS#8720) Fixed slapd-ldap to ignore unknown schema when omit-unknown-schema is set (ITS#7520) Fixed slapd-mdb with an optimization for long lived read transactions (ITS#8226) Fixed slapd-meta assert when olcDbRewrite is modified (ITS#8404) Fixed slapd-sock with LDAP_MOD_INCREMENT operations (ITS#8692) Fixed slapo-accesslog cleanup to only occur on failed operations (ITS#8752) Fixed slapo-dds entryTTL to actually decrease as per RFC 2589 (ITS#7100) Fixed slapo-syncprov memory leak with delete operations (ITS#8690) Fixed slapo-syncprov to not clear pending operation when checkpointing (ITS#8444) Fixed slapo-syncprov to correctly record contextCSN values in the accesslog (ITS#8100) Fixed slapo-syncprov not to log checkpoints to accesslog db (ITS#8607) Fixed slapo-syncprov to process changes from this SID on REFRESH (ITS#8800) Fixed slapo-syncprov session log parsing to not block other operations (ITS#8486) Build Environment Fixed Windows build with newer MINGW version (ITS#8697) Fixed compiler warnings and removed unused variables (ITS#8578) Contrib Fixed ldapc++ Control structure (ITS#8583) Documentation Delete stub manpage for back-ldbm (ITS#8713) Fixed ldap_bind(3) to mention the LDAP_SASL_SIMPLE mechanism (ITS#8121) Fixed ldap.conf(5) to note SASL_MECH/SASL_REALM are no longer user-only (ITS#8818) Fixed slapd-config(5) typo for olcTLSCipherSuite (ITS#8715) Fixed slapo-syncprov(5) indexing requirements (ITS#5048)- Use %license (boo#1082318)- added 0016-ITS-8782-fix-cancel-memleak.patch- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- Add openldap-r-only.dif so that openldap2's own tools also link against libldap_r rather than libldap. - Make libldap equivalent to libldap_r (like Debian) to avoid crashes in threaded programs which unknowingly get both libraries inserted into their process image. [rh#1370065, boo#996551]- use existing groups instead of inventing new ones- added 0012-ITS8051-sockdnpat.patch- updated 0014-ITS-8714-Send-out-EXTENDED-operation-message-from-back-sock.patch- Added OpenLDAP new feature implementing OpenLDAP ITS#8714 0014-ITS-8714-Send-out-EXTENDED-operation-message-from-back-sock.patch- added overlay trace to package openldap2-contrib- Upgrade to upstream 2.4.45 release - removed obsolete 0010-Enforce-minimum-DH-size-of-1024.patch and 0012-use-system-wide-cert-dir-by-default.patch - added 0013-ITS-8692-let-back-sock-generate-increment-line.patch for supporting modify increment operations with back-sock - added overlay addpartial to package openldap2-contrib- Remove legacy daemon control that was used to migrate from SLE 11 to 12. (bsc#1038405)- There is no change made about the package itself, this is only copying over some changelog texts from SLE package: - bug#976172 owned by hguo@suse.com: openldap2 - missing /usr/share/doc/packages/openldap2/guide/admin/guide.html - bug#916914 owned by varkoly@suse.com: VUL-0: CVE-2015-1546: openldap2: slapd crash in valueReturnFilter cleanup - [fate#319300](https://fate.suse.com/319300) - [CVE-2015-1545](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1545) - bug#905959 owned by hguo@suse.com: L3-Question: Are multiple "Connection 0" in a Multi Master setup normal ? - [CVE-2015-1546](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1546) - bug#916897 owned by varkoly@suse.com: VUL-0: CVE-2015-1545: openldap2: slapd crashes on search with deref control and empty attr list- Drop binutils requirement; the code using /usr/bin/strings has been dropped in openSUSE:Factory/openldap2 revision 112.- Remove superfluous insserv PreReq.- Introduce patch 0012-use-system-wide-cert-dir-by-default.patch to let OpenLDAP read system wide certificate directory by default and avoid hiding the error if user specified CA location cannot be read (bsc#1009470).- Add more details in the comments of slapd.conf concerning file permission and StartTLS capability.- Test for user/group existence before trying to add them. Summary spello update.- Move schema files into tarball addonschema.tar.gz: ldapns.ldif ldapns.schema rfc2307bis.ldif rfc2307bis.schema yast.ldif yast.schema - Package previously missing schema files in LDIF format: amavisd-new.ldif dhcp.ldif dlz.ldif dnszone.ldif samba3.ldif sudo.ldif suse-mailserver.ldif (bsc#984691) - Fix a minor issue in schema2ldif script that led to missing attribute in the generated LDIF.- Enable build flag LDAP_USE_NON_BLOCKING_TLS to fix bsc#978408.- Move ldap.conf into libldap-data package, per convention.- Move ldap.conf out of shlib package again, they are not allowed there for obvious reasons (conflict with future package).- Build password strength enforcer as an implementation of ppolicy password checker, introducing: ppolicy-check-password-1.2.tar.gz ppolicy-check-password.Makefile ppolicy-check-password.conf ppolicy-check-password.5 0200-Fix-incorrect-calculation-of-consecutive-number-of-c.patch (Implements fate#319461)- Remove redundant -n openldap2- package name prefix.- Remove openldap2-client.spec and openldap2-client.changes openldap2.spec now builds client utilities and libraries. Thus pre_checkin.sh is removed. - Move ldap.conf and its manual page from openldap2-client package to libldap-2_4-2 package, which is more appropriate. - Use RPM_OPT_FLAGS in build flags. - Macros dealing with old/unsupported distributions are removed. - Remove 0002-slapd.conf.dif and install improved slapd.conf from new source file slapd.conf. - Install slapd.conf.olctemplate to assist in preparing slapd.d for OLC. - Be explicit in sysconfig that by default openldap will use static file configuration. - Add the following schemas in LDIF format: * rfc2307bis.ldif * ldapns.ldif * yast.ldif - Other minor clean-ups in the spec file.- Use optflags when building- Upgrade to upstream 2.4.44 release with accumulated bug fixes. - Specify source with FTP URL - Removed obsolete 0012-openldap-re24-its8336.patch- Relabel patch 0011-Enforce-minimum-DH-size-of-1024.patch into 0010-Enforce-minimum-DH-size-of-1024.patch- Upgrade to upstream 2.4.43 release with accumulated bug fixes. - Still build on SLES12 - Loadable backend and overlay modules are now installed into arch-specific path %{_libdir}/openldap - All backends and overlays as modules for smaller memory footprint on memory constrained systems - Added extra package for back-sock - Consequent use of %{_rundir} everywhere - Rely on upstream ./configure script instead of any other macro foo - Dropped linking with libwrap - Dropped 0004-libldap-use-gethostbyname_r.dif because this work-around for nss_ldap is obsolete - New sub-package openldap2-contrib with selected contrib/ overlays - Replaced addonschema.tar.gz with separate schema sources - Updated ldapns.schema from recent slapo-nssov source tree - Added symbolic link to slapd executable in /usr/sbin/ - Added more complex example configuration file /etc/openldap/slapd.conf.example - Set OPENLDAP_START_LDAPI="yes" in /etc/sysconfig/openldap - Set OPENLDAP_REGISTER_SLP="no" in /etc/sysconfig/openldap - Added patch for OpenLDAP ITS#7796 to avoid excessive "not index" logging: 0011-openldap-re24-its7796.patch - Replaced openldap-rc.tgz with single source files - Added soft dependency (Recommends) to cyrus-sasl - Added soft dependency (Recommends) to cyrus-sasl-devel to openldap2-devel - Added patch for OpenLDAP ITS#8336 (assert in liblmdb): 0012-openldap-re24-its8336.patch - Remove obsolete patch 0001-build-adjustments.dif- Introduce patch 0010-Revert-Revert-ITS-8240-remove-obsolete-assert.patch to fix CVE-2015-6908. (bsc#945582) - Introduce patch 0011-Enforce-minimum-DH-size-of-1024.patch to address weak DH size vulnerability (bsc#937766)- Introduce patch 0009-Fix-ldap-host-lookup-ipv6.patch to fix an issue with unresponsive LDAP host lookups in IPv6 environment. (bsc#955210)- Remove OpenLDAP 2.3 code and patches from build source. Compatibility libraries for OpenLDAP 2.3 are built in package: compat-libldap-2_3-0 Removed source files: openldap-2.3.37-liblber-length-decoding.dif openldap-2.3.37-libldap-ntlm.diff openldap-2.3.37-libldap-ssl.dif openldap-2.3.37-libldap-sasl-max-buff-size.dif openldap-2.3.37-libldap-tls_chkhost-its6239.dif openldap-2.3.37-libldap-gethostbyname_r.dif openldap-2.3.37-libldap-suid.diff openldap-2.3.37.dif openldap-2.3.37-libldap-ld_defconn-ldap_free_connection.dif openldap-2.3.37-libldap-ldapi_url.dif openldap-2.3.37.tgz openldap-2.3.37-libldap-utf8-ADcanonical.dif README.update check-build.sh- Upgrade to upstream 2.4.42 release with accumulated bug fixes.- Upgrade to upstream 2.4.41 release with accumulcated bug fixes and stability improvements. * Add patch 0008-In-monitor-backend-do-not-return-Connection0-entries.patch * Remove already applied patch 0008-ITS-7723-fix-reference-counting.patch * Remove already applied patch 0009-gcc5.patch (Implements fate#319301)- Add 0009-gcc5.patch to pass -P to the preprocessor in configure checks for Berkeley DB version- binutils is required for "strings" utility invocation in %pre [bnc#904028] - Remove SLE10 definitionscloud116 1615651386  !"#$%&'()*+,-./012342.4.46-lp152.14.18.12.4.46-lp152.14.18.1addpartial.laaddpartial.soaddpartial.so.0addpartial.so.0.0.0allop.laallop.soallop.so.0allop.so.0.0.0allowed.laallowed.soallowed.so.0allowed.so.0.0.0autogroup.laautogroup.soautogroup.so.0autogroup.so.0.0.0cloak.lacloak.socloak.so.0cloak.so.0.0.0denyop.ladenyop.sodenyop.so.0denyop.so.0.0.0lastbind.lalastbind.solastbind.so.0lastbind.so.0.0.0noopsrch.lanoopsrch.sonoopsrch.so.0noopsrch.so.0.0.0nops.lanops.sonops.so.0nops.so.0.0.0pw-pbkdf2.lapw-pbkdf2.sopw-pbkdf2.so.0pw-pbkdf2.so.0.0.0pw-sha2.lapw-sha2.sopw-sha2.so.0pw-sha2.so.0.0.0smbk5pwd.lasmbk5pwd.sosmbk5pwd.so.0smbk5pwd.so.0.0.0trace.latrace.sotrace.so.0trace.so.0.0.0/usr/lib64/openldap/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:15919/openSUSE_Leap_15.2_Update/bd6d5659d0e6fc9a7232bb1e18577238-openldap2.openSUSE_Leap_15.2_Updatecpioxz5x86_64-suse-linux     libtool library fileELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=5355e48f182d56b5e483d979eade4c4ebb34ee6a, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=855adf4d961782aa986ec9e6f6ec85c5c7206b4d, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=cb218bd129f41df94773224d6ecf2bdfe64bf0bd, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=e80a4bf69a702a0f744ca8c45856317e2bd1df3e, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=9c8c12af3e6f46d9256771190bcfc692f8cc6516, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=24c6df97d25df0cf3691f4390b0d0900db2e73c7, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=851ad2fbe999694fb1469133784ebd753bb67a4b, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=1172d2f4b0ec0c270d2cf6b5dc0796808fd3f353, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=03414c413d03d5c58319b04f5648615e95f6b29a, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=f6f252c44eb55b679df34ad20aa469e37b53f945, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=f00250e0a7bda4af42dea80648fd64082b21b4b9, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=27f1c4e35ae49ef944b138290ff03ff4e2a6a83e, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=54c0f670d1a58ca3fc33834d458765aa447dd909, stripped "#&'+,0178PRRRPRRRRPRRRPRRRRPRRRPRRRPRRRPRRRPRRRP RRRRP RRRRP RRRRRRP RRRˇcObH |tNsutf-867bcfdbde78eb7e4ec65ff0e03d7761fa35f6dd2bc1815539b19b751f85a9dde? 7zXZ !t/] crv(vX0ǓAelKVGlΉP8UYvQPT?y:0Ij.h0 n豢#dDFk"5p%En&C0 8K~`OOc$3+Hi0 ,ӗ pp -,NAi@1MSjEoQ>ꯙUb%▐̈LQ=\[i.nqHUtl Mi { /AӣJL#. ,Nai?{[m2)}wKWGeԾ0&E;s-O@|>,AOF?,5`giV98ύR|o*(6A?n=~e8ze;0K.O܍N j'jڰPV R zxN [j ZU!P a {醝HVw/9CPQԵdGn֗J${O4ӻ;dV/1p:m'^ِO wfh vi/r! փ*{D& #ٲ=޾ٴq#`*7=AGn)pGws̀/ȿ4Ŏ ,3K:W^9jmȄ.0C]*bPZ6@($s=17bG~5ѝ@l/XMKKEa "l&K]L>K N%wJ8_B> Q+ lU)Bl G|v$, 4O如8i>&/Rrfjx_ۤkIM/xH{X~m9:7#ÿtgK%qO]Q$x4v48Ko[I0%YCNL`כ3=qevᾛ6`zC>݆8V sLeUr W-=1vO[萍ʓ07r(*d"94jq5SWO3]_M Ċ;5zM7%]?׋gxa\@[cv;I[ul'\S=/+F6e '_Eه?֪PnO%qRDqAL4ԹJ862esRj&Mѥq$ *=b64-潘\QTvivtQILB3AOTMNzfD1@͆Ga?8p;[^0 8i5qndڄ`b:kH-MR/zdnۼk_4^!*",[ftM@?pşL L9! ^:>_XTF^k2 F:8*`4Z,Zlu/I߇ۍZ)r ב* ,nqqnxlC0h ғ~eJ}`ˉbl(g Lx LO}3L*"Δ!=&dJc j1{jðU[LfLJ t$>e3Zmu w8XNp7S ㆝${(^^˫fYI^: z> ix<: N$V: ]Hsh=,pAOڤaHC!yӮ) co|y.wWVQO1Ѻ+"ɉU~^,u *؃e_Tgp^[ZfaBPl8G XNRs|qwS2ԴrRdrE.aah4 xv2&lYQݭ.W?Ir>A(4tx q:UaKiհ{OKfj]!Ǝ,^mb) 0DžtC?+,[^2*͸~q)fIx1xb`WsdϿKB3_4N`:9H5if7 2tϾ\!MN_ XxF/YU)36d~@44Sx$gZBNWwa0$aDp v^6Űs+v`)9yk'ddPr1n rb^lQ¾q>/^&oZ~  ̄BLOXO{7EmqrVh]&E997I[2u\0.9܃/I6.G& y(.9q\G8g`dH9l}& JmNޓ {iڏG\e$겐Ǝh6}{rIB{ =75Yh+lf<݁$Ё?|bMT=0Q: sB!-~#!~ fZY9 :/r_4>BƐ=r_g~%+~jUff5kA$X`s~bz#HG[Q5Rɞ3AaI.77l>NdC8x$hS£5ZBb]{+0E5ǧWNsIAWz \ S:M.\"׺[׷ud\$a=)GYk= Vq[ul4ZCT31C]p x2U{z1gU3FJ@Jw; x!nqԓs"#ջ|ҢII24ՕJs5]I@Ʉ`h4CFXVf"*d'*_C7bJ_51@Cm>rFEm6t$G7C\r$R 83URhUya7\no@$IFZgs"=ɇT S Qæ6wƲ"Z? "쭥~ lTS1~kREVTKh bw4 隽mНz>Xţ\Ǿ*r w`(x.K&v9Vup&pyms}r̾wV2 +^aQho!c茔.>1ڧ#m}ƯX K4l5 7hv4qiT eQ_/S䌦ZPcFi_74^,g-aT0^4CHmժc!>y?F܎nȶ*@'R$m-?j%NW;Br$ `R8$2T<B,s۰a?Sm+ l[aΥfu37H$:Vj!\ mϟorGhdq{QΜ`kb[Ԯňo IkBfBX*%W*l뚶fHJu|z !̻]ɁXS鿷YW\U6 6S9҆5/]ut=+L,\mMpÈCeB\]]GQ@HbG#;>}ZiMޘiƫv5#E3᠐U:Q^1UKƢNJKXU_mb.FSpG):3[z@ eU9Kg~HN*]BiVuI\\T;){hE%q js䞷v>v> ݥn'r8%nhVT 72(edխ7NZ6d/אQi[bex 9,vW%xRd(Fɱai-MXu$),ؕ!o{6=Z 7bm3c99stEdө*Đ AWsi~ՅF rThKC:=i?C*wfoKXDP]  t+,"*İz\Yvb'֠[yU5u&*8طmQGx 3pL0 $'u4-:$:M1\idAz9u{%^*G/э_>6;wl;=TTSUfO#TA#Ծ66r.&p^R~8tKc2 {O,M+vD1[ܱ`McEoD@2 -Yp߂Áv*kdg}+Ln zIx?k?ݠoS 8wcEܰ }w.v|s9e\/ Vז hMoEqI/*.3UŪU7Ay] *)}qIV,ܤ QDG7ckʅ'/Bja˽[zC9|Tʣ= wy}r7%4Ԓq$;6:K(: =CN|ic׻=M w<խˆV!RV2Wx>.Jptx$S]6+qB3M]YYTkm3KS;Zg`g>H^{1ݜf+Z7]OCf#:a82S'6)2B(x16i^BVB]T7g6>|Y,?P'h"{ tSnmѿչlu5)VKO&L'ݛىQ쐻@:u"XL|BYs:~xj^/JZ`mw6[:C+ȯ;ƜTٯsѮ3b߅'͙T?$0t *:.J t)$z1»̍ue . ;6HT( D(VT곜$jL}T-g6 (}+zplSܮAPC %67"I6$b |/EK2ݫ#r 23Jb7FmxTp흌 H,h u9cu1POx4"P6, P>&P%ʺ)v!g gn'WWC 1ab cvP\]8n8$,Sl-0 '2hzhQvф(jH;ܷY*g׊Pΐg.J;{k@nGJ|vO> db;ͲRV#)~&Z,2g'A-/&Fڃ!E^K5r-tGCo]+Ϻ{q9D`@CUw_O6CR@g,{C(|e?IP_Ёo8o}Fhv؎\MkZ2Kkb. ǘ/eK7kIby6ۋ7PΨ smwQt0_ўhAydYG;J5Ԟ4'mz6V0c*SS *6dIܫtT[qor@Ȉy"SqWz98p˪՞/"vz*2,7pE2i)0n*{nف AOݿL z#]*ۧ5&/Jk8f܅+͹t*5ޓ'/l`cYx'<ª6j)dPr5dü[N/a-Ʀ1Vy2-b) $Ŗ΋rM7pw~P6߅zc\M[FӢ otrs=۫T /0?h?Y9NFW'Mݐxh t`tH|񘹝U?-.f82sEڦk+EÖ[?ϷԶ¦P<dv~ґ3z_qϽBa:*Jԋ;S,cg![;?8WȵU/|wpgJ0V W:%L2{|ɞ(vOg<]0[_co`O;|*Ȏ3 U7g  o+ND=_OCYc'SY0JLCnD<Օ+3ӽ8w;2> N½õ( 6ZHn*=~;OkAԣr}F \Ѧm9v]+S8A*1QrD_f9ى8s>y,W mYi9_gg溕TBpyh=fF6+_' 0DUk1WeA\jW7gOiz;ϯst"ig/YC sd:uihK}Pk`%~ Q"ˏڡi힛;謓ŏs&izA"KIC<Piq9t'dB.7|}K*Bk33\Yw- A91MxzL\Iph`uKv4va֘ɈC^ܾrw7t`eW}K;(ΤРSAn;Ux_}kSkU$w\z FVPeM*cs ekߒ޸}ؖfa/lQoAа;:Yʱ:vT+u:E1BL/ǽG4 fXXfln4wXD]NE Fˌ:s\H:Cr.jl|{># zSAųHuAaӨY.9z~ E&J՟ 0PSͻcpg37om 6O% "1Ap1noYOlvzʧ2mj[sԸA#oq:3X>Td&-e쥵Pe}nU,I)%8kW?T$`Ł XEryYK@0x<ʢP.xDTek6@u b Ԍ}Y=xu=O9lL5ɤ[U > 2R.er?^otTa*P{ 66XYvC*(gVjV;쇧.9L[UpҠdXUy>>o8%;J/43ѿI9MJ:b40 Sj񗗽Ust$ly;$)[Љ ARS^/X@,D68M i߆uhXY9HnNDS8SO>44fVa>_]9xZVͼ8Z[ƳUoeDeVJ\Ӭ5?++0JTX;'` sEV{;JW p0͓i!?'Ʃ>3 #BަͰ V[ieVVi**h -~ a OK}|21c4ǜRTt;?< ގ1e` N]48@_/vQ5C&V XwS*Le6d9E,xМ-ň!j@hJ a5-]1aHHɠ$h#/˧ņ @g @%VQקeg8<Њ,ɵy}P aIyT7:k^f؏I먾CGEv h5^41{87 f#yhN kjHA{\Cm/ۊBnDX^cE.T;΀{We\9+ȩȴ8 <Ъml8lT&SKN2ꇞh@Ώuv,5hQZᾤbDf # 0ȼBX~;pSFASp|6bQSI`O7@-&wR;,{{9&l>~jE/ў' *N_ & J"{5ÓSyE|mL1_tH E1U#^3~hÙ$ |kboGn vM{}8<0Xfk0o;-hWYV\^u8[,y0zbY 1%5ñCp %f[C?Z!'7t |C{gkdXT7!Puej nz+p?iZ8=uE"(* I.ͽSZՒ ߤDo,OJSaiݍm.pWmmY4{; EWDRsa[sr_sk   N#Lu y 7@F lG {ja:-,,!:ɶ/D?*K1H͢c%Dٯobk(cU M|(_JkF?Jq [ $S&9BY*Xgd[M{?Ъό[`+I`쒁pOo}NBH5m_8=f F{33,EUT,bߢZ !r36H pاZݔEp\  p;&ShI(\mbUh֯Oږ A1HǷKQ|qV깡WnPBՃ<=yTf,J\K3it+eGaL&GMZ+ >5l~q'` guBKV+l?4Hʷ-Zr [7B4ʊ}!gnڒe i({ +qWQ.ǥc3?AaS&Vp* 7XZxw!U`f76-uҠqh '˃8Gms2zȗU2U }?oU c$t*riZ0bNBӖ,l}szڹ@;1"eB/s q)7LM,2Go#OBfi߬!n.kwXQv3}UIr o- nG[}ojLІ86 +tve~Uwt]p7L=Yڈc dwaAX wo8,J@P3l!!Q77ΧӇhSKlpD#س$Sۇ߻%*Pu"$i:C%@ -,Ě7Qhlz©7|d&hȧB4& #\@&AqPO` 7)X` ]`r-s$0Zo)iDIKzwX {7aR^Ԉ;R+N1?޿W8k7B k]9Mt'p SQ*cF Zvq!Jc{Wә:_XmIJ !^Ȍj˿d|}4|u;ZmNjB|s%O!{\/9$GQ.л\+_z)T8&bImf4j"G:XXCּ`iD]{q7/_9&p]SOiz>1>0c6@l1 =7Vœ5ZdVOPY3 %(\j鞂ȚUNMd5+M^bu͋h$?MNuŖ! Jyƴefp["4DUH'l+إilCR[ 0g`vgxA&_ӒhoB?RO(@}АkrTȼWҫ~w㸠VR:zQʁ r{vO]q:.DDNlG][=0b)6H lbI9F чM$[q5C YjqFy)@n@l?B1PN0}L%@?niq'˫Py A[+,.iK.qu[e]'Y'5dbL6iI1׃Ȟ6lw˲˙8pAT؄?nY diƚFHvE]HS?a|*SEv{'qJ?=u9ȶ#틔 $WBoǵq7 0pF3"G3lR\ܿ޾LLLbsZ]b(:vU4\X_;_7A&o,HǮnJ: _tdaeE,FջW9`=b,t,gcûq.\1m8\&r z;aerwKRh~-8|D; n 2GP:huAJr(I^J9E,52U[%/@TȹMNjE4Ƕ#go|hq!8k]ox0M)p&b5;躱hIUǩѲ{ 0"W~'zìhF:ĒĈa:1%f `~."6DEh,ԃƬ @U1[}mV)j{h!#!.}FہX}GycUy: Ѓap}q+wRHзt/ҙ//)jlHkTGol9TN*e8xjk^L\S'#^:dpڔVU8_P[PFXnOÊq9 rn]2G,?p2tҍhe`B9I($"NCN?H͐3# mNG$?<0Qk@Ȯ! w  XB\V`h`ڡ]#j 6 ~$f)#&V/4f#.D0 |뎯]H˩a%P!l݃8E[ .xݺB=^@MKd/Z;"đ]1lipQLAdk\ ފ;S7CvVCr@kuYȉ8`ƻ38E ܲ~ݥz'{V[h+bQlnfCVϗװkDv6L7cE3ҁEZ y*c#jU(*5|nGH;shgVoc\YJ}2),(ių!Ty~!Q#u. 6ގݬG&ZNJ3Bů k}=RZzXnI1&2f[1PLpr)TvVHSx 26Mh%Gwħ0:[ n4GNP:~⒅)puhΓެW8C *)yVw6^⍜YE>a=@Xᘵz]"w~/LIwԊtpkbZ9vML2=+Q('m,d.~/?Rjtǚ }HG-€4@kQmCpV931줽;F= k /Ksv^pt$Lt.%tNϒ,۷*k"ohz2k|u/9x:Z!OiPB ĕ 5h5sI8JF:_!חS"{ %!2qmSUJ-eQ4qfT൙)<Fп`-$"9dб&f)qzj1H`Xr~5+Sr̐>gꅅa{78lss3١}d3jP'zU!l2p7Ɖ+);m2c'8~l  ~ö>c@k<80"M7*r HH >/7# NDr!Xig1q).z/AUjJO}㩶TWYq^x.1up Ɣ!Wpj,1Zq'/_?U"z $c/A%OrR&f۱1P?BJIQhSc Tнi0Hޱ~xEmEQ^9.8LlWHE`ȟ\Ήve:T|ng?93cZ-JA@Y32kvc#cyP+v"SQ~Y 8#.f]n5wQ1]STi+K%(bR{Asjy[]ܾX9g%"Oy#&"{{$ s+淐 _vSe]\Z+V !*O F +$c-q'"nJ/hp'ƺNo>ӹep~ATq0o s%kʖs33_nSKv uvW3JfG;ڤRF&p: i.Z0UrȚh|^v9_={|E u+8~5U=z~kHMm#" HƁqt?/X"*lB ?n1M΋ = ONz#yg6FpIɟl3phD:udB@km&51zN7vLP<o>ѴtSBhs t8a; &Kb {Y# _j'en u,P/(z/N zf1ի]|GC.Pz6 t'l!Y5y;d,o,;E5qzIBǬ߲g0$DUЅL]x{GWfb\I;5fA meZڭi2T"Eum\nZ.p6. j0J ?Y߉jhͨ;[=O^c0g]kli8vi\텸O/e 0N ;:^鐹+{0frU .Cirs,{Uޙֲi;c+#Ȼ|B x&I\ָXRᤖbE L.:(ֽ.(fӊtBަd"\Sq%)y&!bt4T[ݷً} :8T%ZFrJ/@kDuoCaUyKi5!evA}Me SJ"bs| .,EYy˥QZqřK.XFMq_tD`I_ Q֮7#NP[-`^~Cԍ%xͷ>Y@m3gIpLa "7=$;$4SNflz^^S#Et +])k4rxbn^<р8 cxb):1TW -D<ڃv 3"5@]#x8!m jms2ОD3Mr7}񛹤S8l?b1-7)_LL= b&"6(8g:)߸5@ \r'-3}.y)g7ڍH"k6X!1#yɄP1=-ҫ\@D鸳w J{ʕ{'n[Ӆsv^8<0;1#4|j`ھ`Ӻf81eNE\\FA1qF#wڊmNq!U4yed]{d 3SͰUwZ^E8ıo20! \#;ulN81*ӣ{P[c950;bEG[WG( 6dRi-M A)!ɛ3L~1Ī99_I)VN##[WqgBp9C sR災>ÝMn%(C/b3OރDRӍm #61\T5'v8tRR@=zZdj5'T9P~VQo3".dMoT\\T`[ /UJQs?0 /E()7pQ0y6=`G]*xǼ}Gǔu '\YFA+pz΋eMփQ&>fy>>lK6ڎDɲ%ǮtQٵKzfn=_ϩaZQjHBcp*1z)}@B*@:O9p '-kG|J-~;'Vj-ܡ$R @ƥbb䲫qW\A *J h,s;x E*݈Y(]B gEwhx͘4Xl#F!rfY/44YR=QI?MV$t4/e`[L4Py1 w,q :@[C~쁜vhtvXՐvvq Čb7I~N5=IL7L(ڊ .E'+d\?e_33b(yy}izzqKhAK'>L(dCbUy5 Θ68Ǜq~8k:{Z֌#g J,:&o=&K3 SCG9MI:'"}é;5yBRyq&7ݠ|TeJzD2E#GdC%Cg۔,J0٧7pQ8n朳_بԴ#kpIsŀ(0"qT=f鞊V**knXSZL ȓ7@xGK):,4"N0JD/6㖗opt/)@2T^b9u4kT5.OWtSm {o~4,ޥdtX ៉`9HeJ栩f@3+ _ྒྷT a>a&%psBR~B3o8m{u `\^c¼ 9&6P /͝223ҬjnfLHGc^qDk[R\#2 CRNi⩻WwY7*E'!?mq6WGJ+7h/V-F"ӄ3]NkAI%*X CGC5|θe?(rlV6Rb~%LqPD~ܔur GV^ wwR1{QEL gN@ײ]k yPsN,enϪk~qٮPe#t *8;+~{J%6 _wR0ucUFB?`!8 i8t)R0IeLw+g#&`Ŧ=bW:ʻKh1|8D8R{ y"[~~~k+^g+(5z&+5 f\cu=:2rΣ ?e^ŏz1Xd#p`OsdܭQ@\Gy7yϑVO`,r(,KZqecm^ւ* #Bb`+KI(KԎ D86"3!w%t1BP*ӧU% =jQi>Sѯ_ڹ6ݩ%g0, ^Sk~֙?,IO^_U쥘vէ(g_^ "*A5Bլ9Vpu,ˍ>m P: d NPmp4U`QozegCw  5 (_SgVh$,[)?;;UL8IgF]7ʟ b|c &2zQY4g603Y(bwcp]p1.=a"-YFH׌q&lɟ6$RqtŻՈ7Ғ .*f8b9ImzAwKCb «ߐ~p-VAF3Z|LYu6D^_[ft:Dwř6J̗c*3.C|f} fpa%L$VLWNF`QM#okpi⥰Qf&a "ՙhfw~󾼈Wzt6*Cz+T9jpY(\EdA}LMIiM68ih8+5n5tgOV$,96̃mPƒJz/8mlϾBp5mN@DN"xN&q.n=?Ɂ <wQ) iT36QeZɄ z0:f -;s, ɍk ~r+*BX>!!I2|ǖJf?,^4NE:: &-TeDPvm'l,ީ38y/~U/rG\6烼 :lO)^K1(RKvtM~}dYkn0@OAF)Ef?<ÍJEԡ)>Щ6=@hhO\+g߫n W'@N fw|+BKH shFX11 ^{1GY>0qǼ(}T,]E1c8Z͠1R ]Q`YAI%;wO#!=: [Vi]%(ZbEP*AĞkt]Lf7 :`Cʶٸ?ZׇMJ3|Pr,9O/a-3ԊhhR$ ٖ~NO¿B)F{i~hCg}U9)~ Rb:wNj]F1V2PUc:cUj1+nB ,Ϣ8|-8 vYK`5H?ԩ${4&{s(7a5碞%{(%+ '+ŮU"E/_gRM=bNpApP?kW/ich?j%[H#E;G]{T;\gt`_}H:I -6iGO~<;H.Y1ayfN7_4`w 7;(P%g4)D?iJiVH,=L5/Td4&CS*gw sb\ȹSrQ;iفMk_9oki\q9 Ǖ+D=dAi+,`sچz$_ɶmn=F! z/K=ʾTc V͋*銫U^`?ti(2:S޹̀ sj<G gGt`;IY~f0L-aL$ &0+&'@r=R 9@CDJOa1OnS0#'#+6晔57!c~7ݗ#(s:]QZ󸡽c1p,&Ds.W1d/$^6>z=%kWQ\F*McFaqC 0#ߢ$ǝ]~{F: O斃7@'dof׏܌ZnMx$h zf0.2;ίY| S =Xd57a.F&4v M!4xAhr:7lH䎧c%ԥ?'<([H`ɭKg]rq2 @5.x8ym](=4/lTS,UXü\]o[+X &Y twXAތ VQ@΄ -ZF[K(z]@½NvNN`|wx^ DFsOF4H0G-i,<;J4xW7#}ҌM%oo:w!Hִ7dѻp#簺bxp,!ͥQ_iHW$]Cth@u>(b|o]0,0Rw-t 9vWP:@{>QA̟#QAp|PCmE{!-2X&?`CdW$}*3s l*00!).ko{O%h1q(-s')0$P1[؎Aİu!$%E"I}1PȨ5#Zveg;W ]4 BS O#_tz3NCSJf` l1*w̲5!4hU ڷ#tOBbcJ[vǃ*ZH8LPG^G_xV0yw&U&LB- to6acAxA#PZ 2'|J-.dmڛd;E@iF$IӾ-j5S]\f}yPdgOtB i4m 8Ml&Ơ0KbW6WJ1ϴ%]5\B˕336f#l/wM=<`ۑPmoJŴukA%x/+ƻS> U9S`-yPrC &P}YڿBvCIo!MAHk ;Q{<] g?̊xxt UW|_&2%7b%Kk>sۯpۦj#=! Q;lR%3' B?Ob'm)5ZQ}/taƜ8mTR(8p:Wkv-$Pϵ'nPA8Zx4F"h!d`9.Q%^. ȝɓv?y<\a}|SQ锬w'Y{ jbqs! Ajo0Ξ% 1cL#N_AԪj YX^Utq>Ťڔ8ۧVNJ]i ('&4C@zoe BCfT>|~OED ] IAtD^Af8ϯ>q[Dr kupAYߎr/EAouKWY#~vţަn;[n&Ū1703KfIy!*,!^SW#e pqdEG<_Ϣ,+ck[Ɋ/V/!k9a) 3ъ.k.𙠀Npy@oɚСF?%3zI)w-$KXĴ}B4=r*Uf B XiZzDoo<gpk\HjhLZ@NimhR[`OF8a:HrzV6 |TBk{eTHH D,RLU[3n#2adž/Z,v>J3J2jMҢQl: jtO|z6cf \Ode8Iy?V6IF=3=gYԷ())?nQYeAs*?EkBdӅ,BB8GdT%U4ћ$ڮ\N%7葘L}Uov]gn5БU!06WȲu R\`[8}x[\@Ro4Y>qB c: 1%_KX7%֊yWe%a(N)4 %SnW̷V 4ktǺ]KmX/ U3~8xt4 M ׍z'FQȮƄUOW>h3j6)[B7Qlr/CDS~Mz@M~uIpc'6]WllAmBKB8g  6h[рpbS O#*~#Gf=6:|єC# A{tt&y@w,f>?]|1QPLDKoEj7~He`E/s|:{CT_V|8|-fRڜ* bB#|5*+8;?!j&^ qLRcYZ?B t{M@kI "eO~tXoEo4[JLIA M抶zOwC+C:q^&1Y4+"ltZ {9+pP^/R1qn/H@/^ @u vsǴWA|Iu N3[߁,mBL>0C<~9d*椞rKV`B r{q z.3Z~d, !ipn`t. řr9m$JX$OgƳ4') i\TH}hG쿿Juܒ Pz[6s8S;h{Z6 ϋjwkݠeNªl-v6$ ̟FkM4ۀaBXRN[OrkC aKP9@3ϒn_#еi2c)ysKdrpVDdE:Rc.|t(nZm5kjÑC]6WNBWQgWqd"Wa9|]Yb(!5-V*]ݐN.}N?suE`Xd8OSG U^!]hğ(ގe{Cvh+Ar~7/rm&_]ꮧ4!l1,$JoE˷j*/ /'l2~߄#Dç %Z>AWS}|/R+wedh}(RKN/WQIbu;™v,({TKl'9MRSseXdNʹ]*pn^TsU-*V.| ˬg !#-"VK = yN8L~Нv ppO[vX+ZO{z 3|Sx K_,xd\"Sմ߹fkj:ezޡH0\E~P̎|iy%G8 YS?MرFbCbM^FqrAMEI$g*o Z|9gI%:#Y]ༀ}Q+NYBÒi 㫯1~$\߄l ģLX6&18QV< ul1&'i66ZI]^8N#Jn}~tяtsJ=zڿͿʚf8$>B*! wX_ Qmߗ8:?lcիwٖkgjO?Ma2 \!Aѳo3&,OMxEHc3ΎF"jusvw;9䶩P H8hk.55Q_ӈ 'l732u%AT"M^:OɃTmj%_Vj1V/mع:~G W/5NEۙE s*&?%RdE(.Ajl:v5 z\ynY;9jK8ZZ0yV Q#`OFa*#L5-)8 ؗtBk"ܯ(籠;lu @./ۡ+$@iT-zV1X߫h]X /+, <&2*O%Ɲ#Nq#D. =fN,2[eB B''GE/v"RlI1Psł; d $)[-~,F LRJ'ZVua?T?痣#Fc;ɭ5pok+` r'IgH㡒V,)ϗ@=#IE]I~-Y)ke.@Zʃ?_uQX,(`UBW|䶥$q ^(ѽ d%LC4006xA:3Jw2wnƜV tbpelc{>E&mE%Z ?ٞ+6ՀEnr.āxm@@IvYPKSشU|1v$b]T&B kv3w z$^d@;sR@$]>n$ E\w0]yˏH:%+JD5s`T;MV]KxsoqP`hZvvl 6SH,Gm;u^&,vn{{.eĥvYVJ*?c&^M1X֤%~+nON0*C\6ӏ̦qeOV/̩S?]U66(N%4?+g|i(|m[]+JXdN1!.M W/6a# <1U$ ׮; &zZKv'7 U{B6:Th<,AY@Ky&m3lM-sGkݺ]2)_%bkb#԰HL(C -G+aGw7΍11hƒOntZcwq9P:d9"Nm@61DdkJ4orpxK<9ԂmD _'5jöю~х̸"i>ȗkS`\>'VGM/YX-u%^d+0[uR2 ~F2,_xܪEXs-b9S/ֹJA/ԣd< S,S0h#aw6$PpQDF(;`B9!Iؕ?Ѳ42:cȉ Dkn('vWx=?_gdyiz>uy&j8DS#;D#}힚94;0Յ!<\젟!K(" ] A5 %5Y\<,_t{S}iG՜r Wz׊~&TוKe|eP86(Qy:?Jveˌ5a2arC=O]pÉlj|q{UE ͤ)O T *V9 Ļ4Q;vDwAe[\,C})F)BM40^r*]hsJX!q>#((8) h\WSїyOI39NH)& p|kPvΦPx?IPh&(PAVJ sLw mχ-hrGd-d uFlIn[/7vțʏm? .%xc Y`?GmݼM})T΂5 I7Ecl[zP =x+B<<(pY9P֠2B 6'a r̘u~"VA}įn?.H45\w_qAHd:GB ]FKH.d 0t@ර! qj0rNyͣX=`@HYIK&3cr8)Z1( 2w#<.~.Wqa?E1_9?? HߗJ3n`94C9v吨N zTa5,ك<&dXαHrpap{a M1J{YYI9Y;f2zd4& uAe.5oJQfCSs839WUnD 4+L:W:'.0[yy/T -$o0t9nmra5HettC/> <!Pw)z*4h&OjY6^y{yѣEtp=CM+u*:o'#ZkfB3JY@7v]{AGC 5e=6Qj+ gۯ4S[8β@Gz]d4d5P\6C!1-CM; hW7vs~fL.q_!# 5*?+^j^e5e 10SF0CO[~K"3{Q*%oA>p 4T dV4 c2TFL> G2)D)qR[M\k\%!soԲ<-G)7@լdUD#ɜa)r81o)w4J $M[B-`ԗo{̘|Y+FhTvl{ c@h[i1 pW]r]N,%24~ xx@?Q]>{4wAUPVuj=cORb4JԪզ~b5,]JUd85`Z3Q[Ldm bED DP0$.y};70G}SHdWHSFι߲ĎY} ݨ0)ɇCR\9E%N480j9**rr>κy?,W<8 o|I'zE.9kh)bsLȃT˛Xj8L}L X8LQ{f)2sc(C54e$2Zdı8唫B%MFF䗽w9w{!Wu^n ]ߜ,.#!xf٣*[rWܻ^sl *wwp= Ny2\Bճhb|xܺ 85j%9ybCbgrvۋkp2U*Vz+X-dK24ׯUi d!Tz)ꈾdJW`L( }}`\Ave4V|'f=QMK-~3.L3YpaEXSk"xg}]Fן`<׍Npi˜TPO`x#G.wSy ےOe*LD; ܶ98^ ZC/oN^ɱf nv.}{YpSr}"ohJOq^)'Dg9W#j2e|mGX; pI)@_ F5U-F}8@ d,~_aE@5|4irY懙`le_Ad:k'{gZY18PRMIҞ ]9މiVj=uii@aC)Ԭ \f!36x㨀{oa0Qme/;v+BuG ow qPc=ϐ:_j?W, 6.)"^_Ȥ{硕Bc@I8D{6Y2YgV . xm߰_ :i$ Ip}y g|Ah3I5^XY5IW%]z"WErZ]ZS+~uF9hIr'6|R>ncu/t5Ue%W"OP?&1}`x_`CrjɴvxO+#hlOIJ

o&Q%q.vBI;o7ki+=5 !noh8]}[Qn<}DqgNWm!-jHa THP-7^r 8#H ULzdkɦdCBOh$|VtuюPbqAPnxʰ߆@sE,暑eӜ #sۮ]`&Xqn3w!eآ蠏ųFL4 #]j-|ـLyvX_.̇y|&5YhBwxg`r~_"D .xJxY_IbDl|Bh%( ,߫AӾW^R5CW܈g/p?u<|y+lqx5u_@d`[ ߖ96I8qz{\8s%2~3*݅]ywSv4}J\uk77 5s-WZ gFGTF\:}^|؉(#PAóCB`L]%9k_AP 7#}Vq.%1FI#_-F5\Gͩʦ,R۶sWvm6 \<%ͳ`N ^~DC`ҁ$k`eb*RŠEQ%+Eń7'`FHP_gU*ZhrP!wvCsx^xoN#ZQjxb @>ݣ; 3h z'k1pN?u`0>0t@"ʷ0߳R2w'0Sl?-yfZV5㮺N07@ߕNg&I"Y\4 Q'v'&VX& vg N{/:Ww-G&y+fu9v ^} 'þ8B-^&g@ӟttP$ It #sj2oݐJP7:ݩt͛["lP#vkJ =e+ 7.0byw0EGx*D8-b Twu-[Ae8*<=IJ(\.[th)Cb+)fn)4\걑@\H!-6ݩ!ʵv}WW0l&7:\D[+JZ5ODDW1&Y|,ҝqv`B+ZYoe"DG7z&hFŔnݸqDwg3l_u1<\\>@`؟~tY31 P>T;8GB!n _ꢶ~pvku6j6Ճd,F -33?$YM N3'No' 9 o 4S#_HTLM 呉/gwN[kYϟݵE]4(%St*HAm"̒(u̾ AR8ܭ:SEWT^]co2iNt̑D5QS!wu/=kxjZ@'꘨!};a[Nv;,QE&igjPrYм/S_Sb~}I. 9ZzB>tԒ"eY(AE %`We4N lw9a^"0R|b Wu*9EeP.̶|@Vp}};<_WT3p˯<"I^'[ u_ ]t W(Csn(?oS567'n{Q)x^SN8 ,|RK)JTI&G{}g 8?isT UcN~|Oq0'Y?DH:v\s0[WzODid=T"WŹ.WDaS-[Rm69LٛRt&>\S^r։D16oHeT\˩<+] F$"S!G i]BAiMЌniDsh$8/郬v&l" b~*LZ7ygW8P>z/# 1n+ͳ۠5M!+ 1o!\#wk[ ɄQ~Ioٿ诧Q}^cy9bTHv+t6ajt@HJ}W(o dU'M eofh*M1_x &: ;@_X[i ˁrWHK r0 {r5$WC?.X~*U(={#+`*# hOS4_g>b"hgtrP"+f{׽]%Y#t5PgxV%!h~lFQ/=$p)5hu2M 7t)]C H   YZ