proftpd-ldap-1.3.7e-bp153.2.6.1 4>$  ApcL!M@eeeXs©.%wҁGB0M$JWaC^`(pDϵ׍hdtS = LzfQ+9Bp6˖ZVGd^a6?ԭQp{":|>p>1?1pd " :`dpt      U X\af   (8 9 : F.\G.tH.xI.|X.Y.\.].^.b.c/d04e09f0<l0>u0Pv0Tw0x0y0z11 1$1*1lCproftpd-ldap1.3.7ebp153.2.6.1LDAP Module for ProFTPDThis is the LDAP Module for ProFTPDc:old-cirrus3SUSE Linux Enterprise 15openSUSEGPL-2.0-or-laterhttp://bugs.opensuse.orgProductivity/Networking/Ftp/Servershttp://www.proftpd.org/linuxi586c400dd0d6c9fe7559e30a41e5ce7933a918caca09080e3e3485d2d7f1bfd752f43rootrootproftpd-1.3.7e-bp153.2.6.1.src.rpmproftpd-ldapproftpd-ldap(x86-32)@@@@@@@    libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.3)libc.so.6(GLIBC_2.4)liblber-2.4.so.2libldap_r-2.4.so.2proftpdrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)1.3.7e3.0.4-14.6.0-14.0-15.2-14.14.1cbL@b@Qb?@b ap_^@^3^S^5h@^C]@]o]@]D%]\@\+@[E@[DYqYC@X@XӸXO@XX~@X{d@WW/*@W/*@Ujchris@computersalat.dechris@computersalat.dechris@computersalat.dechris@computersalat.dechris@computersalat.deJohannes Segitz Dominique Leuenberger chris@computersalat.dechris@computersalat.dechris@computersalat.dechris@computersalat.dechris@computersalat.deMartin Hauke Bernhard Wiedemann chris@computersalat.dechris@computersalat.deJan Engelhardt Jan Engelhardt chris@computersalat.dechris@computersalat.debwiedemann@suse.comnmoudra@suse.comchris@computersalat.dejengelh@inai.dechris@computersalat.dechris@computersalat.dechris@computersalat.dechris@computersalat.dechris@computersalat.dejengelh@inai.dechris@computersalat.dechris@computersalat.de- Update proftpd-basic.conf.patch * remove obsolete config option, LoginPasswordPrompt - rework proftpd-dist.patch- 1.3.7e - Released 23-Jul-2022 * Issue 1448 - Ensure that mod_sftp algorithms work properly with OpenSSL 3.x. - 1.3.7d - Released 23-Apr-2022 * Issue 1321 - Crash with long lines in AuthGroupFile due to large realloc(3). * Issue 1325 - NLST does not behave consistently for relative paths. * Issue 1346 - Implement AllowForeignAddress class matching for passive data transfers. * Bug 4467 - DeleteAbortedStores removes successfully transferred files unexpectedly. * Issue 1401 - Keepalive socket options should be set using IPPROTO_TCP, not SOL_SOCKET. * Issue 1402 - TCP keepalive SocketOptions should apply to control as well as data connection. * Issue 1396 - ProFTPD always uses the same PassivePorts port for first transfer. * Issue 1369 - Name-based virtual hosts not working as expected after upgrade from 1.3.7a to 1.3.7b. - rebase proftpd-no_BuildDate.patch- fix deps for SLES- remove configure --disable-static- Update to version 1.3.7c: * http://proftpd.org/docs/NEWS-1.3.7c * http://proftpd.org/docs/RELEASE_NOTES-1.3.7c - Update patches * harden_proftpd.service.patch * proftpd-ftpasswd.patch * proftpd-no_BuildDate.patch * proftpd.spec * proftpd_env-script-interpreter.patch- Added hardening to systemd service(s) (bsc#1181400). Added patch(es): * harden_proftpd.service.patch Modified: * proftpd.service- Update to version 1.3.6e: + Invalid SCP command leads to null pointer dereference. - Do not limit to openSSL < 1.1: proftpd has had support for openSSL 1.1 sice version 1.3.6a. - Rebase proftpd-no_BuildDate.patch.- update to 1.3.6d * Issue 857 - Fixed regression in the handling of `%{env:...}` configuration variables when the environment variable is not present. * Issue 940 - Second LIST of the same symlink shows different results. * Issue 959 - FTPS uploads using TLSv1.3 are likely to fail unexpectedly. * Issue 980 - mod_sftp sends broken response when CREATETIME attribute is requested. * Bug 4398 - Handle zero-length SFTP WRITE requests without error. * Issue 1018 - PidFile should not be world-writable. * Issue 1014 - TLSv1.3 handshake fails due to missing session ticket key on some systems. * Issue 1023 - Lowercased FTP commands not properly identified. - rebase proftpd-no_BuildDate.patch- fix for boo#1164572 (CVE-2020-9272, gh#902) - fix for boo#1164574 (CVE-2020-9273, gh#903) - update to 1.3.6c * Fixed regression in directory listing latency (Issue #863). * Detect OpenSSH-specific formatted SFTPHostKeys, and log hint for converting them to supported format. * Fixed use-after-free vulnerability during data transfers (Issue #903). * Fixed out-of-bounds read in mod_cap by updating the bundled libcap (Issue #902). - remove obsolete proftpd-tls-crls-issue859.patch - rebase patches * proftpd-ftpasswd.patch * proftpd-no_BuildDate.patch * proftpd_env-script-interpreter.patch- cleanup tls.template * remove deprecated NoCertRequest from TLSOptions- fix changes file * add missing info about boo#1155834 * add missing info about boo#1154600 - fix for boo#1156210 * GeoIP has been discontinued by Maxmind * remove module build for geoip see https://support.maxmind.com/geolite-legacy-discontinuation-notice/ - fix for boo#1157803 (CVE-2019-19269), boo#1157798 (CVE-2019-19270) * add upstream patch proftpd-tls-crls-issue859.patch- fix for boo#1154600 (CVE-2019-18217, gh#846) - update to 1.3.6b * Fixed pre-authentication remote denial-of-service issue (Issue #846). * Backported fix for building mod_sql_mysql using MySQL 8 (Issue #824). - update to 1.3.6a * Fixed symlink navigation (Bug#4332). * Fixed building of mod_sftp using OpenSSL 1.1.x releases (Issue#674). * Fixed SITE COPY honoring of restrictions (Bug#4372). * Fixed segfault on login when using mod_sftp + mod_sftp_pam (Issue#656). * Fixed restarts when using mod_facl as a static module - remove obsolete proftpd-CVE-2019-12815.patch * included in 1.3.6a (Bug#4372) - add proftpd_env-script-interpreter.patch * RPMLINT fix for env-script-interpreter (Badness: 9)- fix for boo#1155834 * Add missing Requires(pre): group(ftp) for Leap 15 and Tumbleweed * Add missing Requires(pre): user(ftp) for Leap 15 and Tumbleweed- Update proftpd-dist.patch to use pam_keyinit.so (boo#1144056)- fix for boo#1142281 (CVE-2019-12815, bpo#4372) arbitrary file copy in mod_copy allows for remote code execution and information disclosure without authentication - add patch * proftpd-CVE-2019-12815.patch taken from: - http://bugs.proftpd.org/show_bug.cgi?id=4372 - https://github.com/proftpd/proftpd/commit/a73dbfe3b61459e7c2806d5162b12f0957990cb3- update changes file * add missing info about bugzilla 1113041- Fix the Factory build: select the appropriate OpenSSL version to build with. (fix for boo#1113041)- Reduce hard dependency on systemd to only that which is necessary for building and installation. - Modernize RPM macro use (%make_install, %tmpfiles_create). - Strip emphasis from description and trim other platform mentions.- update to 1.3.6 * Support for using Redis for caching, logging; see the doc/howto/Redis.html documentation. * Fixed mod_sql_postgres SSL support (Issue #415). * Support building against LibreSSL instead of OpenSSL (Issue #361). * Better support on AIX for login restraictions (Bug #4285). * TimeoutLogin (and other timeouts) were not working properly for SFTP connections (Bug#4299). * Handling of the SIGILL and SIGINT signals, by the daemon process, now causes the child processes to be terminated as well (Issue #461). * RPM .spec file naming changed to conform to Fedora guidelines. * Fix for "AllowChrootSymlinks off" checking each component for symlinks (CVE-2017-7418). - New Modules: * mod_redis, mod_tls_redis, mod_wrap2_redis With Redis now supported as a caching mechanism, similar to Memcache, there are now Redis-using modules: mod_redis (for configuring the Redis connection information), mod_tls_redis (for caching SSL sessions and OCSP information using Redis), and mod_wrap2_redis (for using ACLs stored in Redis). - Changed Modules: * mod_ban The mod_ban module's BanCache directive can now use Redis-based caching; see doc/contrib/mod_ban.html#BanCache. - New Configuration Directives * SQLPasswordArgon2, SQLPasswordScrypt The key lengths for Argon2 and Scrypt-based passwords are now configurable via these new directives; previously, the key length had been hardcoded to be 32 bytes, which is not interoperable with all other implementations (Issue #454). - Changed Configuration Directives * AllowChrootSymlinks When "AllowChrootSymlinks off" was used, only the last portion of the DefaultRoot path would be checked to see if it was a symlink. Now, each component of the DefaultRoot path will be checked to see if it is a symlink when "AllowChrootSymlinks off" is used. * Include The Include directive can now be used within a section, e.g.: Include /path/to/allowed.txt DenyAll - API Changes * A new JSON API has been added, for use by third-party modules. - remove obsolete proftpd_include-in-limit-section.patch - rebase patches * proftpd-ftpasswd.patch * proftpd-no_BuildDate.patch- update to 1.3.5e * Fixed SFTP issue with umac-64@openssh.com digest/MAC. * Fixed regression with mod_sftp rekeying. * Backported fix for "AllowChrootSymlinks off" checking each component for symlinks (CVE-2017-7418). - remove obsolete patch * proftpd-AllowChrootSymlinks.patch (now included) - rebase patches * proftpd-dist.patch * proftpd-no_BuildDate.patch * proftpd_include-in-limit-section.patch- Sort SHARED_MODS list to fix build compare (boo#1041090)- Removed xinetd service- fix for boo#1032443 (CVE-2017-7418) * AllowChrootSymlinks not enforced by replacing a path component with a symbolic link * add upstream commit (ecff21e0d0e84f35c299ef91d7fda088e516d4ed) as proftpd-AllowChrootSymlinks.patch - fix proftpd-tls.template * reduce TLS protocols to TLSv1.1 and TLSv1.2 * disable TLSCACertificateFile * add TLSCertificateChainFile- Remove --with-pic, there are no static libs. - Replace %__-type macro indirections. - Replace old $RPM shell vars by macros.- fix and update proftpd-basic.conf.patch - add some sample config and templates for tls * proftpd-tls.template * proftpd-limit.conf * proftpd-ssl.README- backport upstream feature * include-in-limit-section (gh#410) * add proftpd_include-in-limit-section.patch- update to 1.3.5d * gh#4283 - All FTP logins treated as anonymous logins again. This is a regression of gh#3307.- update to 1.3.5c * SSH rekey during authentication can cause issues with clients. * Recursive SCP uploads of multiple directories not handled properly. * LIST returns different results for file, depending on path syntax. * "AuthAliasOnly on" in server config breaks anonymous logins. * CapabilitiesEngine directive not honored for / sections. * Support OpenSSL 1.1.x API. * Memory leak when mod_facl is used. -rebase proftpd-no_BuildDate.patch- fix systemd vs SysVinit- Remove redundant spec sections - Ensure systemd-tmpfiles is called for the provied config file- fix for boo#970890 (CVE-2016-3125) - update to 1.3.5b: http://www.proftpd.org/docs/RELEASE_NOTES-1.3.5b * SSH RSA hostkeys smaller than 2048 bits now work properly. * MLSD response lines are now properly CRLF terminated. * Fixed selection of DH groups from TLSDHParamFile. - rebase proftpd-no_BuildDate.patch- fix for boo#927290 (CVE-2015-3306) - update to 1.3.5a: See http://www.proftpd.org/docs/NEWS-1.3.5a - rebase patches * proftpd-ftpasswd.patch * proftpd-no_BuildDate.patch - remove gpg-offline dependency - fix permissions on passwd file * unable to use world-readable AuthUserFile '.../passwd' (perms 0644): * 0644 -> 0440old-cirrus3 16621212741.3.7e-bp153.2.6.11.3.7e-bp153.2.6.1mod_ldap.so/usr/lib/proftpd/-fomit-frame-pointer -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protectionobs://build.opensuse.org/openSUSE:Maintenance:17645/openSUSE_Backports_SLE-15-SP3_Update/ab9e0f45935eb6d25a7b92204ab91e25-proftpd.openSUSE_Backports_SLE-15-SP3_Updatecpioxz5i586-suse-linuxELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=c7b0d3e195d3e745aa60a78bdb9ac0cf9e6a0a84, not strippedRRRRRRR{0&Y7(vutf-8b68a09e53b0a3b877e8bd5bbf3b3d7889edc0df31ce16e5351b412d13eea685b? 7zXZ !t/O] crv9wυ&1>AurHWڊaizRPs0PkT]e؂N<0 -h#SI GפoZ#UEZxRj  mӑɜ[+_03Fة楖\"S5:e0i-%.lj1x #Pgh|-OfCwӞr䱄,SCgYxJ֨Oc[&rOh(i"*sG:)G =}f<1QM/?nXlvmzV0XSq'}W([=-- +r)'*13U]SD\RFULpɋ0J.9/}Ki.]U'*B &&hBB;E*j#nBPÞcoL2\nu~g<`]3u.x?AEKpr[D%P5D6 }Jzi QCRBdh'7[75 e:}$mlm4C!?o_Z3(~=Mr+|ĎrE=8*óC]* "3j&^A}7̔ϭ%:G}cӧ6LSTFI#yJM °HgB"/eؒ[X @ZjZȱ.B˄ -,uZ^,oՔp$PH\"ꢷ?Nj^&կ݊MnF/Lg Lg`FܪBX$T>M̤'t>Χ &o SMvwqp)fJA8,ڶΜh0h @PƠ\*ߒ,{ dB5g-LA:&DzY Zv74@ړBUbh1Aq5G )E#sE'RY!愅Xtkjm e?x>5_̺bDjJVfs7(nt"Nwx1YQ)ħsSM'66RLvΆk5mf5W+k1 %{$[Hbԧ)de+,'ohNyS#I$E鞳ؤ+>5 4 dƚ7:r-.+KӪˊxʼJ'yod~<Mb5@ڿߡ2rr0[k~zDǚQ! 8d݆qR?jforXcE6k^U#Ie۲jrWS:g]0!;@hJ&ew}7wiUx;$l{tjNvnNF &7lp?K1Y R6<BMoA\'l(S_fcZNASfE+nk}ZJ/)<<`Y_ODiK`M+)a1 mNs_;++r@ЙRc8Kϊ%9e簎/x贈U9z vIfzRi}ݴ<~y5|,3>O %i_u!x&y~<ۇ w꥞n|םkFRw!vWK-A:E,'+(- S%?iv-NҡW۸ x&b`No ᦃBy̾Os ǟQ*Q@^-)7nvB,H>릿/_mUzAWQa! {t"OqQכּMʩ_|pxmۛ5n?#oo&Od[> ^juR█F@xd~:~ٗ܎˨;0nߗeV/lh2"X'8Ǘ!":C1̰"P̪>(2z`F遬=X׃v+TvQ>[9k8MNAOH< TES)Gpy?E.!z,OU1:UKU\9lV4~A?F%`Uf>h:7|% &[fIXqeTViQg 8˃/kD諎=58Mi¥ƨ",EO!|I"L$Mvplk(3_@|ú nU`?4硈1{pm®2%MVq8  d}H8|b sKYp-.UnNWm t뀘wa{*_!f5UrZ srrmp>쨲>'g.Mly 3*2k0@+SsCIFOgBeQ,|c/>J>"\N3O)2ܸpYW|౐u `:aLd`x$ ;C?xE"<Uw{NdWkBO5daF\PGSFTd7צ'$@lJoXرu7h9E:6^2#<|w pq%1I?wIMOj ZQyz/ۃ cCigI\ ߰QOt]g4=Q)sV˴ś6y,X`NvՏ"s+wptVg3A'NMb~88 Zy'7og[$y g ӌjax&C/n>IQ/Y3 cX-( ` NJ#l  t|) 8*j͵&~ģjWx^;.h: G3x?kEpmdyoBc6u!0NsUYG>EA poI*,.{do_zߑcV@,dv \gF*S3uNy_euP5=9 \ 9)jd.!"vʅ-VH:wq##ʤTB+Lrg-a2C'Πύ?^m[p9x#6xX#E8 _H 銌 z zMQ~^Mu.);kܬYr9fG]qbltɝ g$)F;BŰvZ]2ic^qFa%H_!o1CW`^QUՑ"ӝ|>1]U 7"&F75}Xw6':ȧwO=cG_vu]p;Zy Z=?%xE_z:f.kBoYy+},AA+Aiy)rQ•$;D52e%x.QB(#Kb&J@ޮW)H'QkF[4!0a%={`SMXN1}r8=(j,A/-v7(Ifg:~n-X~:OR.B+R&u,z|`κ&](WEtG5STvFKyK<\GUv o>lPbuoE \d BJZzT]Γ8#ES__W-ߊ]X:e{8N) ^UWϪn5¢ Ld^s5{RlcS]%8'Q81O_#[zO:|˚e  G-k^g@ 3ZmSԀE^!鳗ћNtᱝGC ]GQtޝ%n;U|-!xMql*t]f'Zрa)@H.d`ezV|\v4t-+h|ݗs0@C3jgX2:r\~*撉$P {JuylIt/[5 k8rBՋSKBP/9huAly<+œ F&a@Q@U-]zUD` \jlH:" ṉg"jw+IυCٽ zB_ X9jBe!6Cn8t_?xΡw̛䨲5&1fPB2!r8nqz\rezrWFC+ OϦE4{3;o팚rOݛUv=}c]#hpAPmS$"&hX"PT~{?1k/<*eQ ^\Q,8p`I@C͈Ga v?-3ȅYP=n+iIz)(at1AbJŽ$& BI"Xu)&!lje!NiRܩ3 />/Vw+zC-헷/Zt.#δĉ.ā+O$x"5:*HLU4uRw PyCqwb|F$JNrr?-dϷΊ:ڂ֠bEFQE_ $RF.iV2φ,'1$gqrϹP+\v;ѰLR?86 S7nnUq6p/ Q2V BHPAQ^ F?#?E I(:w7:kP p1g\ Dh$xcW-KxC̱ 4ssT ]J9rr1 x%L$p(Y*%,E?U1U:;.Odk#taڵ=ŷwVϔK{XAsH3Y#U >7QM:}qn?SB&3ӘMWfw:i@7LA6>?j-HCWZ؇bFGaa/6f>LizYt/s=l oA&ӿZAܶ7vD~cF"8>a:%vg&%9dP/*4uz絼 ʁ/yREgVzy*AVң.gbՓ`.i/sBA97ߙ# Ӟ%/NMः_Q^;/N&Ţ4ˁ@aW7LR^ܜ3kֱ)|ɎuɊ@!Vv1_rfn@^0Qu)Ռ^4QZI:Ci "& ͼ|lÄJ֗ /+ ~6%p!h@bWM]?ܑ%H;7 Wݱ\kk(rkc^6E98 {pbH򴡶BOZ"Me|0Iffp' BUTL/0[RP1N59Y֛n:1h[2cOʟug$H_vK9bszz 9Ό cZ#!)P/9 &[oZ1V2kђ}? ohlP .܀qdC ʰʠnv[P9xA,`mOv[HmQ3שM4~*ӀxI블j/-r`z_XFw'G8}kcQ{!;TIGIJ@5%ZI$;M#"u`"R|Nŏ ׸ltW 6x f6(~xE9rH8P6gd@5\xtui2rE0m*wڸ|nJ'$dV5^O7@NX@d!g(J!XkƔށTk^䉦i(](o?7)fx~DYYa\8/¾h{\,X1|U1ږ݀Nl{quJ@dVk]#qg Reةzw&ԩ#͞U n.Nyا@+J8]NH1@ZQ; )*~G YDZ͔\0Њ{wH>F*8e2(VCVhw< 4F6[M\ %ءĕ(|pKgH,4\4ieEV+І4knzRc2Yn"ǎ^V~ ? ʂ {'SRoDo3ēxRԢq:H5_3R8sQt$eGn6O G6a'6*qywrw5 /#edP&N_\_(MP`\khY `Oq\ڃ3P^?cKS]hP{lJm$K +\1mA ~bZj<ȓJbO4!fqPReߍ^? )դ-&9Y;^y.nF-4SxR OYHA 2G$7J@ٷV%i>]c'aDqin'*H%H+%ဢg$e,y< vA-|cvkse_{1208|$WZ'*rI(?"ڠ)n'ANOnSHp3iHX~^O A)@1~Q.y4?i-J"~MfDe-\$=+ K>kGńS0gtkzGt'dCЦ>enM@($4;d^B l~Qʺo/4Go! &8'F&˭d7FӿR~zgͥGTƱ=oܟUR*{ 6`-9N2<+jQl3+vN~0Ǣ8 g;O7zqekH2vrka>Nø`s_"-)wR!r3M@_#(2Jad(L"eJK:THuq}e_GOVۙT)n-R),6$p.nzx8C FXLɱH]^[=l|z yO|ho^fFl( ʖ)/e7J@G8EAb~Iޢ},azQ;Nq($12U9x#sP{ב]}u;w ZjRܒhPhuzhΊaޜEkw y5VMHP4Y-TU [m! JA賾I74#ֶ!B.RƪV"Uaޫ hI3q5qyoBO ]O]; $0iJş(*5?HTb7.dBʟvn~`iaTa!lM.sc8CK5eoe@t妺nܔ7q8 yO~ lA$bPpÿ}؍1 ٜ-9h,7l1Y;WXLZ|hȜ=MD GA`h,xz h/6ɎFAЩm~^u!_^;b\cVd i5kgQ" ۦӅ/접["f2$W}3QlG#D#j^B&W ;A$nlNI Z1]Y6&,aBW `NPLBP)("\)X Shp%6Q9Uo8#mX+wɞc|y$q S6EMoWŒ}=%Al{RgCg0{pt0A| LSerhx1@iE,SHrO@Uh]1k1WM1uܼh\/D&]ìIt1 pGneeBlZX_%B鳥brdvB+`QƝY_ze~h'/Cтj^ ,ڂ4ᄪ?xxq[&I}|MI)! D]r^# 2Or7%+ѽuX 8:WJhA1T&&U9q4ޓש>{K 'r Ϳ(N0=}wm\,_d"JJ#Ê-6ӆYYY~0/_DH)S5tH/+ue闺Eax`xpGv N~g }@i &N1SVC F1NH F(}|Rj!tDSV}ڼpIu}{.,۳ mChWH2)&,*B8}~Cy&X̠ig9) b8St20f"[VBTΤLqIv3!Ó ВЭ|M^*>{ozߞ32G %e@fjwi3F}خ 0WYH R6| ii ;c8Bl Y{"IںeZ%2|1K(:4[ '+K=zpxZ=)%[7jsg5!'> 4cPkOT6ҎTLP=<v-!YܵssHW*n`mG4?j?KŻ^>8%AYZ+1U޺w481rM)`8g0'T`bJnX y|6d?]a-kIuĨYyH#gNy} "H^lr=KH#مs#;+)'չ[EVj\481*m)r?SˀMj IJlϥH+?>~(Ƹ(p;~uYX((ˁ%F@˿BL1d;` l"i jӰ(AYig .B9&އ1 te׉~6#[Y&P.P=dLDRr︝[7Df: PzMY6ħ۾VdMNZ&>!1 DKܑҞA%^3n2=p}%t`%sI( rlg$TuKV1adR4s-Ɛ,n!Njn0]ng<>Ev;L6<0%;u>{nW+֟a)-ۛ+4m8 ,H.Z\C()zС ,cU]iR(m) w2sDIf5Dcڌ17>a"a,ztX:{R&j60pIo_QKEZG|jҥ-z837{kAʴ[7Cid<-vy&<=G_JRjj4>*$Xbz(y55 kTJBIv ꧬaH+?ZHeTu U㑛p+#tgXsQO3ւh%&$ <%b-<~c?ì,8 ]H(E RK|o[4'$G>uLcjϚm3ŊaHj=XʭqRH9#\GKx1 *1 =R q,qJ:]JށAqOmzC%(t ӅhnTG.evj?`ZmN@=E$SXT*qk 5.N<%^Ǻ)7лѯ IxV oت FˢA1OӲJ~ylPY5E("I6FxgO32a~+\-ɓ“ .7`3!0  oh]a;˽JVy ei % ~t_%ů1mbe[6.BjPAC pܰO=]¦r1܀3VpsTD>(yL6(vTB*:fpGyԔnq"kJj;Zyjj82o69o*OND"pB8)kmJH-uf/hX~)="x7եtC[nv,=f.JOα]-0hJxqulz믞Edy^)bK^B[}RlIBY),٭9d8VUZ:E 3m)OvPPpnVg}η5kdD أ tв Wn%rR;Nb:t y?˭E5U|M9؅Wdx2m&֞͝;>aG=~t\Rw"y Z'1U/쀵ZvdUvі+V-Y׋‹ݳy DNFz‚t%-HL~im$%;?;_+f`J ^L/"o8Kl!#r<3'Ӏyxj:ζF#@iUioE\ {1F<'Qj K"wE. fM0iۀd}"=FO,/UUij 7n Y,Q9L/.qQElJ?lSﺣk8oϩ r&Sj?Wu9MQySLTaC˜qf-]_w* ۄ1|~̈eb~IS519`.8PEKvaOuאXr9і:fz*)uo85E*N9, .fXOmâ#B|ڄ;"h<?xB;'2]VȰ鐗u%ihrR0d,U@YMQ8w\y=Od1N@ȴly4ZCFwa5pF!+ێu')@iK%E$Bڸ(fMB.jzS@5NS5:g5F:R&Fq:/?h_%ӅY1up?n &T@Ր &3ſzo/Sna l "MTS]0~}\in$;w8#olUhIp, )ctffIsUN_?%lPҐr;ABp-;tSu:>Cy~:6DTS}F3!E`|wޠ̤yIްz:WD 9q_r5ln1,"^%Iޠ 0`L[^EƭXXc;K`7|:G~`5)h a.Tm"'@@`KHix6^?_\ߢrk9Nn'fr q|_r4a"[[wg" ҶC.UeA}Ԃ1l(Fm01$Z&\F\ߐ=ϡ$:*Ր-p{]5]. Cn'`~ahXyh.x\đSZoW5mKT˕*grjX=(ň4Ԑ/|O/]}7IxS2)uKx\ {ǯ?f6}C +?]Ч|E37өϞ,8N[ MErJ28d_Nƍt_ `LX-4sG'>h4bCQIV+s) -%`~*11gq܃~،PcP`\jt5ŭ9Cs>{ɜm4u"ž|ه5;4.F㙛]C .[Ƽ_sV;M_C_jrc>KrpBv؁(l㨃cUzᵴ9+3< 2lO/ˍxͱ`&poV|x R].TvLk]XτH?.DU00(Z]У&ΣS}o*|MA#r4i&FJ·HӋVCQ:>s:Kxq`yqKx8ܰiǪY=7U?r9bϯb[&-8 [RI YX78RFi%x -j|?{3c8J W 8̕Dm;,2VT.{VߣK/dHN1ʇmgLiS{ %T2 Mn9,^߸8\tL k6terE{SAW_7GeD39Q7:z}hnt u!A'EcWCN>%^R4]D!3Ek f7Lk/FP# vd#F#^WH+E:w#߮)2JȗChݙϾ֭ki[C/O ґǷKYl^zKE2&[qG.N\us/ X+1'+r΃n}\LՅ `<Ȁ?xؾaHCoE*Ɋvl bT$(N81OBIRqӎqq@-^us؆?tlى;h0o8T lƌt9<렵7mۤho7%lt>#t2 4tXJ^ώu'1&k1fBN;n" zIVS֧lZ#'fq0$%B}3eM}z eYw$9X?cIAW-'ZoAu䧪[q8k|ު4$H}E:J2&,ȳņsF[5KHp|,ކS5ۧ;Һ+5(sݹGu"@~E ;ƅrl9QE [ ){IH8ƊT񅞚3bb"}TڥckD:n oaQ IPErvQEP,}keJ)Lzc2 2^MP?e۝7Z1T9XcdF]Qa̰G$ u:w8h^Ioğ([2qb!yܗ`jo{qQ /'wن@}*h?(!җ~Ga(=o> ٪jc֪c,OpАa-8Y5Ty\b<=o f,UA?l/>UoIJHPh")%'%:+ʼSUa8zbyL~Ͼ8ٸBJ4 Td_W'cw=`VR3'wo "VJoތ+ 'd쇈odP/Ui۟D}r DG4+DOz̅|'vde.>#dH.OC'87XG:GXPw8I DNONI&ўsWGkSli{C$٘b}@XQ<_ȀqW 2W?-;DFlF+}hU+;:dDroH( QT÷4w7cݵ0L6](ݪ` {:{שu9LkNi:B*8xnkhm,rG9 \PV?C)P+?xԎZ*>9 VӘCҬ n̬YItzGD,'~ BS{ (^PW~ϢyE$SUź`P!RJ|AѢŒy>4m2](.+B+1d8|̇F[M/c,ʘEiآ{ۑFf\E05:WR%XrNd>ٰ;y¯6E T/ w0 zy8Tu =ȁ70`r+#FSrlPU<};L~D **WRݤ:o(4 G .p"Dꏶ YZ