nscd-2.31-150300.26.5 >  A bbbp9|?B l?z_,\3y4Qxof>-w9/I#$EyYEOD+>!qyrc?#D#SYXKVVy$ӥRҶc}hecgq\S,HKtj<, DcExLz$NSb=VVdPSS8G)=cˏ飑ZBM_J[WaL4AuNpq;YkPAk~0c8~3&[0ܫw1kڽ2Co0h2.3dѼ$yP]n{%! !>pI?d   4  GMU" D A   D S pBd8(28<9X:e=ѽ>?@BFGH4IpXҀYҐZ[\] ^Ӄ bcԟde$f'l)u<vx wxy< z`ptzڼCnscd2.31150300.26.5Name Service Caching DaemonNscd caches name service lookups and can dramatically improve performance with NIS, NIS+, and LDAP.b]ibs-arm-3SUSE Linux Enterprise 15SUSE LLC GPL-2.0-or-laterhttps://www.suse.com/System/Daemonshttp://www.gnu.org/software/libc/libc.htmllinuxaarch64getent group nscd >/dev/null || /usr/sbin/groupadd -r nscd getent passwd nscd >/dev/null || /usr/sbin/useradd -r -g nscd -c "User for nscd" -s /sbin/nologin -d /run/nscd nscd if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : for service in nscd.service ; do sysv_service=${service%.*} if [ ! -e /usr/lib/systemd/system/$service ] && [ ! -e /etc/init.d/$sysv_service ]; then mkdir -p /run/systemd/rpm/needs-preset touch /run/systemd/rpm/needs-preset/$service elif [ -e /etc/init.d/$sysv_service ] && [ ! -e /var/lib/systemd/migrated/$sysv_service ]; then /usr/sbin/systemd-sysv-convert --save $sysv_service || : mkdir -p /run/systemd/rpm/needs-sysv-convert touch /run/systemd/rpm/needs-sysv-convert/$service fi done fi if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$YAST_IS_RUNNING" != "instsys" ]; then /usr/bin/systemctl daemon-reload || : fi for service in nscd.service ; do sysv_service=${service%.*} if [ -e /run/systemd/rpm/needs-preset/$service ]; then /usr/bin/systemctl preset $service || : rm "/run/systemd/rpm/needs-preset/$service" || : elif [ -e /run/systemd/rpm/needs-sysv-convert/$service ]; then /usr/sbin/systemd-sysv-convert --apply $sysv_service || : rm "/run/systemd/rpm/needs-sysv-convert/$service" || : touch /var/lib/systemd/migrated/$sysv_service || : fi done fi [ -z "${TRANSACTIONAL_UPDATE}" -a -x /usr/bin/systemd-tmpfiles ] && /usr/bin/systemd-tmpfiles --create /usr/lib/tmpfiles.d/nscd.conf || : # Previously we had nscd.socket, remove it test -x /usr/bin/systemctl && /usr/bin/systemctl stop nscd.socket 2>/dev/null || : test -x /usr/bin/systemctl && /usr/bin/systemctl disable nscd.socket 2>/dev/null || : # Hard removal in case the above did not work rm -f /etc/systemd/system/sockets.target.wants/nscd.socket exit 0 test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -eq 0 -a -x /usr/bin/systemctl ]; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable nscd.service || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_STOP_ON_REMOVAL" && . /etc/sysconfig/services test "$DISABLE_STOP_ON_REMOVAL" = yes -o \ "$DISABLE_STOP_ON_REMOVAL" = 1 && exit 0 /usr/bin/systemctl stop nscd.service ) || : fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ $1 -eq 0 ]; then # Package removal for service in nscd.service ; do sysv_service="${service%.*}" rm "/var/lib/systemd/migrated/$sysv_service" || : done fi if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi if [ "$FIRST_ARG" -ge 1 ]; then # Package upgrade, not uninstall if [ -x /usr/bin/systemctl ]; then ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services test "$DISABLE_RESTART_ON_UPDATE" = yes -o \ "$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0 /usr/bin/systemctl try-restart nscd.service ) || : fi fi exit 0  A큤A큤A큀b]Kb]Kb]b]b]Kb]Kb]Kb]Vb]Kb]Kb]b]b]b]b]e2cdfafd373d24fab07018d0e95dd49510ea6c992b7be2b0611ab23bbc2750b579fe74962fbce2fa9b2a4b92f693b2fd42cbc2ed331fae268de7104879a72df879c9cec5dd2414dcb76d11e75903aa6fd9b7785c897cb9f853edcb140a71b7790f85d5c124e933fcaf3c857b5d973364d55fff8d44aa9c6c5693924c5586d68b/sbin/service@YYYYYYYrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootglibc-2.31-150300.26.5.src.rpmconfig(nscd)glibc:/usr/sbin/nscdnscdnscd(aarch-64) @@@@@@@@@    /bin/sh/bin/sh/bin/sh/bin/shconfig(nscd)glibcld-linux-aarch64.so.1()(64bit)ld-linux-aarch64.so.1(GLIBC_2.17)(64bit)libaudit.so.1()(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libcap.so.2()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.17)(64bit)libselinux.so.1()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)shadowsystemdsystemdsystemdsystemd2.31-150300.26.52.313.0.4-14.6.0-14.0-15.2-14.14.3bf@aa@aZ@a@a@a0`ݮ@`a@`H`H`?z@`@_T__/@_O@^)@^@^{G^g@^`^U @^&^]@]7@]|@]@]:\@\\]@\@\|\~d[[ͻ[$@[t[r@[qr[^[!@[@Z@ZJ@Z2@ZH@ZZ Z}@ZxG@Zp^@Zp^@Ze@ZKt@Z1@Z/Z@Y@Y@YYܶ@YdY@Y@YY@Y@Y@YW@Y@YJYYw2Yp@YJ_YA%@Y.@Y, @Y, @Y$$@Y"XۡX@XWw@W@W@Ws@Wk@Wj}WYZ@WL+@W3W0{WW V@V@V޾Vm@VIV@VŲ@V`VVV@VLh@V.V$@VVZV VUYU|@UAUȒ@UU@UU4@UUv@U%@U/@U:T@TPTgTܕTء@TO@matz@suse.comschwab@suse.deschwab@suse.deschwab@suse.degiuliano.belinassi@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.derguenther@suse.comrguenther@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dejslaby@suse.comschwab@suse.deschwab@suse.deschwab@suse.deidonmez@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.denormand@linux.vnet.ibm.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.demeissner@suse.comschwab@suse.deschwab@suse.demgorman@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.de- Add s390-add-z16-name.diff for bsc#1198751.- getcwd-erange.patch: getcwd: Set errno to ERANGE for size == 1 (CVE-2021-3999, bsc#1194640, BZ #28769)- 0001-powerpc-Optimized-strcpy-for-POWER9.patch, 0002-powerpc-Optimized-stpcpy-for-POWER9.patch, 0003-powerpc-Optimized-rawmemchr-for-POWER9.patch, 0004-powerpc64le-add-optimized-strlen-for-P9.patch, 0005-powerpc-fix-ifunc-implementation-list-for-POWER9-str.patch, 0006-powerpc-Add-optimized-strncpy-for-POWER9.patch, 0007-powerpc-Add-optimized-stpncpy-for-POWER9.patch, 0008-powerpc-Add-optimized-ilogb-for-POWER9.patch, 0009-powerpc-Add-optimized-llogb-for-POWER9.patch, 0010-powerpc-Add-optimized-strlen-for-POWER10.patch, 0011-powerpc64le-Optimized-memmove-for-POWER10.patch, 0012-powerpc64le-Optimize-memcpy-for-POWER10.patch, 0013-powerpc64le-Optimize-memset-for-POWER10.patch, 0014-powerpc64le-Fix-ifunc-selection-for-memset-memmove-b.patch, 0015-powerpc-Add-optimized-rawmemchr-for-POWER10.patch: ppc64le ifunc improvements (bsc#1194785, jsc#SLE-18195)- clnt-create-unix-overflow.patch: Buffer overflow in sunrpc clnt_create for "unix" (CVE-2022-23219, bsc#1194768, BZ #22542) - svcunix-create-overflow.patch: Buffer overflow in sunrpc svcunix_create (CVE-2022-23218, bsc#1194770, BZ #28768)- Add support for livepatches (jsc#SLE-20049). - Enable livepatching on x86_64. - Generate ipa-clones tarball artifact when livepatching is enabled.- 0001-s390x-Align-child-stack-while-clone.-BZ-27968.patch, 0002-S390-Optimize-__memcpy_z196.patch, 0003-S390-Optimize-__memset_z196.patch, 0004-S390-Sync-HWCAP-names-with-kernel-by-adding-aliases-.patch, 0005-S390-Add-new-hwcap-values.patch, 0006-S390-Add-PCI_MIO-and-SIE-HWCAPs.patch: [15sp4 FEAT] GNU2007 - GLIBC: Support for new IBM Z Hardware (bsc#1191592, jsc#IBM-869)- mq-notify-use-after-free.patch: Use __pthread_attr_copy in mq_notify (CVE-2021-33574, bsc#1186489, BZ #27896)- wordexp-param-overflow.patch: wordexp: handle overflow in positional parameter number (CVE-2021-35942, bsc#1187911, BZ #28011)- s390-memmove-ifunc-selector-arch13.patch: S390: Also check vector support in memmove ifunc-selector (bsc#1184035, BZ #27511)- Update glibc-2.31-HTM-vzeroupper.diff with a AVX-SSE transition fix.- Add glibc-2.31-HTM-vzeroupper.diff to avoid VZEROUPPER in the AVX2 accelerated string routines which cause HTM transaction aborts. Instead use EVEX or SSE. (bsc#1181403)- nscd-netgroupcache.patch: nscd: Fix double free in netgroupcache (CVE-2021-27645, bsc#1182733, BZ #27462)- gconv-assertion-iso-2022-jp.patch: gconv: Fix assertion failure in ISO-2022-JP-3 module (CVE-2021-3326, bsc#1181505, BZ #27256)- sysvipc-sem-stat-any.patch: sysvipc: Fix SEM_STAT_ANY kernel argument pass (bsc#1180557, BZ #26637)- aarch64-getauxval.patch: aarch64: Accept PLT calls to __getauxval within libc.so (bsc#1167939) - iconv-redundant-shift.patch: iconv: Accept redundant shift sequences in IBM1364 (CVE-2020-27618, bsc#1178386, BZ #26224) - iconv-ucs4-loop-bounds.patch: iconv: Fix incorrect UCS4 inner loop bounds (CVE-2020-29562, bsc#1179694, BZ #26923) - printf-long-double-non-normal.patch: x86: Harden printf against non-normal long double values (CVE-2020-29573, bsc#1179721, BZ #26649) - get-nprocs-cpu-online-parsing.patch: Fix parsing of /sys/devices/system/cpu/online (bsc#1180038, BZ #25859)- power10-support.patch: Add support for POWER10 (jsc#SLE-13520) - iconv-option-parsing.patch: Rewrite iconv option parsing (CVE-2016-10228, bsc#1027496, BZ #19519)- Update to glibc 2.31 - glibc-2.14-crypt.diff, crypt_blowfish-const.patch, crypt_blowfish-1.2-sha.diff, crypt_blowfish-gensalt.patch, crypt_blowfish-1.2-hack_around_arm.diff, glibc-nodate.patch, powerpc-elision-enable-envvar.patch, s390-elision-enable-envvar.patch, crt-nocompress-debug-sections.patch, resolv-context-leak.patch, dl-runtime-resolve-opt-avx512f.patch, libpthread-compat-wrappers.patch, math-c++-compat.patch, remove-nss-nis-compat.patch, eh-frame-zero-terminator.patch, ld-so-hwcap-x86-64.patch, assert-pedantic.patch, getaddrinfo-errno.patch, resolv-conf-oom.patch, dynarray-allocation.patch, nearbyint-inexact.patch, nss-compat.patch, nscd-libnsl.patch, malloc-tcache-leak.patch, falkor-memcpy-memmove.patch, aarch64-cpu-features.patch, nss-files-large-buffers.patch, sysconf-uio-maxiov.patch, glob-tilde-overflow.patch, dl-runtime-resolve-xsave.patch, spawni-assert.patch, x86-64-dl-platform.patch, glob64-s390.patch, tst-tlsopt-powerpc.patch, powerpc-hwcap-bits.patch, malloc-tcache-check-overflow.patch, dl-init-paths-overflow.patch, fillin-rpath-empty-tokens.patch, getcwd-absolute.patch, memalign-overflow.patch, stack-guard-size-accounting.patch, libgcc-rtld-now.patch, res-send-enomem.patch, glibc-fix-avx512-mempcpy.patch, i386-memmove-sse2-unaligned.patch, realpath-ssize-max-overflow.patch, localtime-2039.patch, math-remove-slow-path.patch, aarch64-hwcap-atomics.patch, glibc-fix-aarch64-build.diff, absolute-symbols.patch, x86-haswell-string-flags.patch, pthread-cond-broadcast-waiters-after-spinning.patch, mman-map-sync.patch, mman-linux-map-shared-validate.patch, nptl-setxid-error.patch, pthread-mutex-trylock-barrier.patch, getaddrinfo-parse-ipv4-address.patch, japanese-era-name-may-2019.patch, force-elision-race.patch, regex-read-overrun.patch, regex-parse-reg-exp.patch, 0001-S390-Add-configure-check-to-detect-z10-as-mininum-ar.patch, 0002-S390-Use-hwcap-instead-of-dl_hwcap-in-ifunc-resolver.patch, 0003-S390-Unify-31-64bit-memcpy.patch, 0004-S390-Refactor-memcpy-mempcpy-ifunc-handling.patch, 0005-S390-Remove-s390-specific-implementation-of-bcopy.patch, 0006-S390-Use-memcpy-for-forward-cases-in-memmove.patch, 0007-S390-Add-configure-check-to-detect-z13-as-mininum-ar.patch, 0008-S390-Add-z13-memmove-ifunc-variant.patch, 0009-S390-Add-z13-strstr-ifunc-variant.patch, 0010-S390-Add-z13-memmem-ifunc-variant.patch, 0011-S390-Cleanup-ifunc-resolve.h.patch, 0012-S390-Mark-vx-and-vxe-as-important-hwcap.patch, 0013-S390-Add-new-hwcap-values-for-new-cpu-architecture-a.patch, 0014-S390-Add-configure-check-to-detect-support-for-arch1.patch, 0015-S390-Add-arch13-memmove-ifunc-variant.patch, 0016-S390-Add-arch13-strstr-ifunc-variant.patch, 0017-S390-Add-arch13-memmem-ifunc-variant.patch, prefer-map-32bit-exec.patch, s390-strstr-page-boundary.patch, ppc-tle-htm-nosc.patch, posix-Add-internal-symbols-for-posix_spawn-interface.patch, glibc-2.29-posix-Use-posix_spawn-on-popen.patch, backtrace-powerpc.patch, pthread-rwlock-pwn.patch, manual-memory-protection.patch, ldbl-96-rem-pio2l.patch, dl-sort-maps.patch, dlopen-filter-object.patch, glob-use-after-free.patch, nptl-setxid-race.patch, nscd-senfile.patch, ldd-system-interp.patch, abort-no-flush.patch, fnmatch-collating-elements.patch, nss-files-long-lines-2.patch, iconv-reset-input-buffer.patch, nscd-prune.patch, syslog-locking.patch: Removed. - long-double-alias.patch, glibc-nsswitch-usr.diff, euc-kr-overrun.patch, riscv-syscall-clobber.patch, nscd-gc-cycle.patch: Added.- nscd-senfile.patch: Fix concurrent changes on nscd aware files (bsc#1171878, BZ #23178) - nscd-prune.patch: nscd: bump GC cycle during cache pruning (bsc#1171878, BZ #26130) - syslog-locking.patch: Correct locking and cancellation cleanup in syslog functions (bsc#1172085, BZ #26100)- nptl-setxid-race.patch: nptl: wait for pending setxid request also in detached thread (bsc#1162930, BZ #25942)- glob-use-after-free.patch: Fix use-after-free in glob when expanding ~user (CVE-2020-1752, bsc#1167631, BZ #25414)- dl-sort-maps.patch, dlopen-filter-object.patch: Allow dlopen of filter object to work (bsc#1166106, BZ #16272)- ldbl-96-rem-pio2l.patch: Avoid ldbl-96 stack corruption from range reduction of pseudo-zero (CVE-2020-10029, bsc#1165784, BZ #25487)- pthread-rwlock-pwn.patch: Fix rwlock stall with PREFER_WRITER_NONRECURSIVE_NP (bsc#1164505, BZ #23861) - manual-memory-protection.patch: manual: Document mprotect and introduce section on memory protection (bsc#1163184)- backtrace-powerpc.patch: Fix array overflow in backtrace on PowerPC (CVE-2020-1751, bsc#1158996, BZ #25423)- posix-Add-internal-symbols-for-posix_spawn-interface.patch, glibc-2.29-posix-Use-posix_spawn-on-popen.patch: Use posix_spawn on popen (bsc#1149332, BZ #22834)- ppc-tle-htm-nosc.patch: powerpc: Fix syscalls during early process initialization (SLE-8348, BZ #22685)- s390-strstr-page-boundary.patch: S390: Fix handling of needles crossing a page in strstr z15 ifunc-variant (bsc#1157893, BZ #25226)- prefer-map-32bit-exec.patch: rtld: Check __libc_enable_secure before honoring LD_PREFER_MAP_32BIT_EXEC (CVE-2019-19126, bsc#1157292, BZ [#25204])- GNU1815 - Hardware support in toolchain (bsc#1151582) 0001-S390-Add-configure-check-to-detect-z10-as-mininum-ar.patch 0002-S390-Use-hwcap-instead-of-dl_hwcap-in-ifunc-resolver.patch 0003-S390-Unify-31-64bit-memcpy.patch 0004-S390-Refactor-memcpy-mempcpy-ifunc-handling.patch 0005-S390-Remove-s390-specific-implementation-of-bcopy.patch 0006-S390-Use-memcpy-for-forward-cases-in-memmove.patch 0007-S390-Add-configure-check-to-detect-z13-as-mininum-ar.patch 0008-S390-Add-z13-memmove-ifunc-variant.patch 0009-S390-Add-z13-strstr-ifunc-variant.patch 0010-S390-Add-z13-memmem-ifunc-variant.patch 0011-S390-Cleanup-ifunc-resolve.h.patch 0012-S390-Mark-vx-and-vxe-as-important-hwcap.patch 0013-S390-Add-new-hwcap-values-for-new-cpu-architecture-a.patch 0014-S390-Add-configure-check-to-detect-support-for-arch1.patch 0015-S390-Add-arch13-memmove-ifunc-variant.patch 0016-S390-Add-arch13-strstr-ifunc-variant.patch 0017-S390-Add-arch13-memmem-ifunc-variant.patch- regex-parse-reg-exp.patch: ERE '0|()0|\1|0' causes regexec undefined behavior (CVE-2009-5155, bsc#1127223, BZ #18986) - regex-read-overrun.patch: regex: fix read overrun (CVE-2019-9169, bsc#1127308, BZ #24114)- crt-nocompress-debug-sections.patch: Don't compress debug sections in crt*.o files (bsc#1123710)- ldconfig-concurrency.patch: Avoid concurrency problem in ldconfig (bsc#1117993, BZ #23973)- force-elision-race.patch: Fix race in pthread_mutex_lock while promoting to PTHREAD_MUTEX_ELISION_NP (bsc#1131330, BZ #23275)- japanese-era-name-may-2019.patch: ja_JP locale: Add entry for the new Japanese era (bsc#1100396, BZ #22964)- pthread-mutex-trylock-barrier.patch: pthread_mutex_trylock does not use the correct order of instructions while maintaining the robust mutex list due to missing compiler barriers (bsc#1130045, BZ #24180) - getaddrinfo-parse-ipv4-address.patch: getaddrinfo: Fully parse IPv4 address strings (CVE-2016-10739, bsc#1122729, BZ #20018)- mman-map-sync.patch: Add MAP_SYNC from Linux 4.15 (bsc#1126590) - mman-linux-map-shared-validate.patch: Add MAP_SHARED_VALIDATE from Linux 4.15 (bsc#1126590) - nptl-setxid-error.patch: nptl: Preserve error in setxid thread broadcast in coredumps (bsc#1063675, BZ #22153)- x86-haswell-string-flags.patch: Fix Haswell CPU string flags (bsc#1114984, BZ #23709) - pthread-cond-broadcast-waiters-after-spinning.patch: Fix waiters-after-spinning case (bsc#1114993, BZ #23538)- absolute-symbols.patch: Don't relocate absolute symbols (bsc#1112570, BZ [#19818])- glibc-fix-aarch64-build.diff: Fix build on aarch64 with binutils newer than 2.30.- Add glibc-locale-base subpackage containing only C, C.UTF-8 and en_US.UTF-8 locales (fate#326551)- aarch64-hwcap-atomics.patch: aarch64: add HWCAP_ATOMICS to HWCAP_IMPORTANT (fate#325962)- math-remove-slow-path.patch: Remove slow paths from math routines (fate#325815, fate#325879, fate#325880, fate#325881, fate#325882)- localtime-2039.patch: Fix year 2039 bug for localtime with 64-bit time_t (bsc#1102526, BZ #22639)- i386-memmove-sse2-unaligned.patch: Fix SSE2 memmove issue when crossing 2GB boundary (CVE-2017-18269, bnc#1094150, BZ #22644) - realpath-ssize-max-overflow.patch: Fix overflow in path length computation (CVE-2018-11236, bsc#1094161, BZ #22786) - glibc-fix-avx512-mempcpy.patch: replace with upstream version- Use %license also for COPYING and COPYING.LIB (bsc#1082318)- Add glibc-fix-avx512-mempcpy.patch as quick fix for mempcpy buffer overwrite in memmove-avx512-no-vzeroupper.S for Knights Landing CPUs (CVE-2018-11237, bnc#1094154, bnc#1092877, BZ #23196)- Readd nis to netgroup and automount nss config (bsc#1088860)- res-send-enomem.patch: Fix crash in resolver on memory allocation failure (bsc#1086690, BZ #23005)- Use %license (bsc#1082318)- stack-guard-size-accounting.patch: Fix stack guard size accounting (bsc#1074208, BZ #22637) - libgcc-rtld-now.patch: Open libgcc.so with RTLD_NOW during pthread_cancel (bsc#1074208, BZ #22636)- Mark source0 as nosource in non-main source rpms- Add systemtap-headers to BuildRequires. - Add --enable-systemtap to configure arguments. (fate#324969, bsc#1073636)- memalign-overflow.patch: Fix integer overflows in internal memalign and malloc functions (CVE-2018-6485, CVE-2018-6551, bsc#1079036, BZ #22343, BZ #22774)- fix-locking-in-_IO_cleanup.patch: Skip locked files during exit (bsc#1070491, BZ #15142)- Avoid duplicate source rpm- getcwd-absolute.patch: make getcwd(3) fail if it cannot obtain an absolute path (CVE-2018-1000001, bsc#1074293, BZ #22679)- dl-init-paths-overflow.patch: Count components of the expanded path in _dl_init_path (CVE-2017-1000408, CVE-2017-1000409, bsc#1071319, BZ [#22607], BZ #22627) - fillin-rpath-empty-tokens.patch: Check for empty tokens before dynamic string token expansion (CVE-2017-16997, bsc#1073231, BZ #22625)- tst-tlsopt-powerpc.patch: fix tst-tlsopt-powerpc (bcn#1070419) - powerpc-hwcap-bits.patch: Update HWCAP for powerpc (bnc#1070420) - malloc-tcache-check-overflow.patch: Fix integer overflow in malloc when tcache is enabled (CVE-2017-17426, bnc#1071479, BZ #22375)- Add _multibuild- glob64-s390.patch: no compat glob64 on s390 - noversion.tar.bz2: remove unused source- x86-64-dl-platform.patch: Don't set GLRO(dl_platform) to NULL (BZ #22299)- spawni-assert.patch: Fix improper assert in Linux posix_spawn (BZ [#22273])- math-c++-compat.patch: Add more C++ compatibility (BZ #22296) - malloc-tcache-leak.patch: Fix tcache leak after thread destruction (BZ [#22111]) - falkor-memcpy-memmove.patch: Optimized implementation of memcpy/memmove for Qualcomm Falkor - aarch64-cpu-features.patch: Fix glibc.tune.cpu tunable handling - nss-files-large-buffers.patch: Avoid large buffers with many host addresses (BZ #22078) - sysconf-uio-maxiov.patch: Fix missing definition of UIO_MAXIOV (BZ [#22321]) - glob-tilde-overflow.patch: Fix buffer overflows with GLOB_TILDE (CVE-2017-15670, CVE-2017-15671, CVE-2017-15804, bsc#1064569. bsc#1064580, bsc#1064583, BZ #22320, BZ #22325, BZ #22332) - dl-runtime-resolve-xsave.patch: Use fxsave/xsave/xsavec in _dl_runtime_resolve (BZ #21265)- nscd-libnsl.patch: Remove reference to libnsl from nscd (bsc#1062244)- Drop glibc-obsolete - glibc-2.3.90-noversion.diff: remove - reinitialize-dl_load_write_lock.patch: remove- nss-compat.patch: Move nss_compat from nis to nss subdir and install it unconditionally - nsswitch.conf: switch back to compat for passwd, group, shadow- assert-pedantic.patch: Suppress pedantic warning caused by statement expression (BZ #21242, BZ #21972) - math-c++-compat.patch: Add more C++ compatibility (BZ #22235) - getaddrinfo-errno.patch: Fix errno and h_errno handling in getaddrinfo (BZ #21915, BZ #21922) - resolv-conf-oom.patch: Fix memory handling in OOM situation during resolv.conf parsing (BZ #22095, BZ #22096) - dynarray-allocation.patch: Fix initial size of dynarray allocation and set errno on overflow error - nearbyint-inexact.patch: Avoid spurious inexact in nearbyint (BZ #22225)- math-c++-compat.patch: add more C++ compatibility (BZ #22146)- Remove rpcsvc/yppasswd.* from glibc-devel - ld-so-hwcap-x86-64.patch: add x86_64 to hwcap (bsc#1056606, BZ #22093)- eh-frame-zero-terminator.patch: Properly terminate .eh_frame (BZ #22051)- Disable obsolete libnsl and NIS support - remove-nss-nis-compat.patch: remove nis and compat from default NSS configs - nsswitch.conf: Likewise- math-c++-compat.patch: Do not use __builtin_types_compatible_p in C++ mode (BZ #21930)- Add iconvconfig to baselibs.conf (bsc#1051042)- resolv-context-leak.patch: Fix leaks of resolver contexts - dl-runtime-resolve-opt-avx512f.patch: Use _dl_runtime_resolve_opt only with AVX512F (BZ #21871) - libpthread-compat-wrappers.patch: Don't use IFUNC resolver for longjmp or system in libpthread (BZ #21041)- Update to glibc 2.26 * A per-thread cache has been added to malloc * Unicode 10.0.0 Support * Improvements to the DNS stub resolver * New function reallocarray, which resizes an allocated block (like realloc) to the product of two sizes, with a guaranteed clean failure upon integer overflow in the multiplication * New wrappers for the Linux-specific system calls preadv2 and pwritev2 * posix_spawnattr_setflags now supports the flag POSIX_SPAWN_SETSID, to create a new session ID for the spawned process * errno.h is now safe to use from C-preprocessed assembly language on all supported operating systems * On ia64, powerpc64le, x86-32, and x86-64, the math library now implements 128-bit floating point as defined by ISO/IEC/IEEE 60559:2011 (IEEE 754-2008) and ISO/IEC TS 18661-3:2015 * The synchronization that pthread_spin_unlock performs has been changed to now be equivalent to a C11 atomic store with release memory order to the spin lock's memory location * The DNS stub resolver no longer performs EDNS fallback * res_mkquery and res_nmkquery no longer support the IQUERY opcode * The _res_opcodes variable has been removed from libresolv * no longer includes inline versions of any string functions, as this kind of optimization is better done by the compiler * The nonstandard header has been removed * The obsolete header has been removed * The obsolete signal constant SIGUNUSED is no longer defined by * The obsolete function cfree has been removed * The stack_t type no longer has the name struct sigaltstack * The ucontext_t type no longer has the name struct ucontext * On S/390 GNU/Linux, the constants defined by have been synced with the kernel * Linux kernel 3.2 or later is required at runtime, on all architectures supported by that kernel * The DNS stub resolver limits the advertised UDP buffer size to 1200 bytes, to avoid fragmentation-based spoofing attacks (CVE-2017-12132) * LD_LIBRARY_PATH is now ignored in binaries running in privileged AT_SECURE mode to guard against local privilege escalation attacks (CVE-2017-1000366) * Avoid printing a backtrace from the __stack_chk_fail function since it is called on a corrupt stack and a backtrace is unreliable on a corrupt stack (CVE-2010-3192) * A use-after-free vulnerability in clntudp_call in the Sun RPC system has been fixed (CVE-2017-12133) * fate#322258, fate#321513, fate#322453 - fts-symbol-redirect.patch, glibc-resolv-reload.diff, glibc-2.2-sunrpc.diff, i686-memchr-sse.patch, ld-hwcap-mask-suid.patch, ld-library-path-suid.patch, sunrpc-use-after-free.patch, test-math-vector-sincos-aliasing.patch, tunables-bigendian.patch: Removed- Fix RPM group- s390-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (fate#322271)- ld-hwcap-mask-suid.patch: Ignore and remove LD_HWCAP_MASK for AT_SECURE programs (BZ #21209) - ld-library-path-suid.patch: Completely ignore LD_LIBRARY_PATH for AT_SECURE=1 programs (CVE-2017-1000366, bsc#1039357, BZ #21624)- Remove glibc-cpusetsize.diff, no longer useful- fts-symbol-redirect.patch: Fix symbol redirect for fts_set (bsc#1041123, BZ #21289)- test-math-vector-sincos-aliasing.patch: Fix test-math-vector-sincos.h aliasing- add-locales.patch: renamed from glibc-2.3.locales.diff.bz2, drop en_BE locales (bsc#1039502)- Remove glibc-testsuite.patch, no longer relevant- Use multibuild feature - Remove obsolete check-build.sh - glibc.rpmlintrc: remove obsolete entries - Use %tmpfiles_create in nscd postin- i686-memchr-sse.patch: Fix i686 memchr overflow calculation (bsc#1031021, BZ #21182) - sunrpc-use-after-free.patch: Avoid use-after-free read access in clntudp_call (BZ #21115) - Build testsuite with gdb and python-pexpect to enable more tests- tunables-bigendian.patch: Fix getting tunable values on big-endian (BZ [#21109])- Update to glibc 2.25 * The feature test macro __STDC_WANT_LIB_EXT2__, from ISO/IEC TR 24731-2:2010, is supported to enable declarations of functions from that TR. * The feature test macro __STDC_WANT_IEC_60559_BFP_EXT__, from ISO/IEC TS 18661-1:2014, is supported to enable declarations of functions and macros from that TS. * The feature test macro __STDC_WANT_IEC_60559_FUNCS_EXT__, from ISO/IEC TS 18661-4:2015, is supported to enable declarations of functions and macros from that TS. * The nonstandard feature selection macros _REENTRANT and _THREAD_SAFE are now treated as compatibility synonyms for _POSIX_C_SOURCE=199506L. * The inclusion of by is deprecated. * New features from TS 18661-1:2014 are added to libm: the fesetexcept, fetestexceptflag, fegetmode and fesetmode functions, the femode_t type and the FE_DFL_MODE and FE_SNANS_ALWAYS_SIGNAL macros. * Integer width macros from TS 18661-1:2014 are added to : CHAR_WIDTH, SCHAR_WIDTH, UCHAR_WIDTH, SHRT_WIDTH, USHRT_WIDTH, INT_WIDTH, UINT_WIDTH, LONG_WIDTH, ULONG_WIDTH, LLONG_WIDTH, ULLONG_WIDTH; and to : INT8_WIDTH, UINT8_WIDTH, INT16_WIDTH, UINT16_WIDTH, INT32_WIDTH, UINT32_WIDTH, INT64_WIDTH, UINT64_WIDTH, INT_LEAST8_WIDTH, UINT_LEAST8_WIDTH, INT_LEAST16_WIDTH, UINT_LEAST16_WIDTH, INT_LEAST32_WIDTH, UINT_LEAST32_WIDTH, INT_LEAST64_WIDTH, UINT_LEAST64_WIDTH, INT_FAST8_WIDTH, UINT_FAST8_WIDTH, INT_FAST16_WIDTH, UINT_FAST16_WIDTH, INT_FAST32_WIDTH, UINT_FAST32_WIDTH, INT_FAST64_WIDTH, UINT_FAST64_WIDTH, INTPTR_WIDTH, UINTPTR_WIDTH, INTMAX_WIDTH, UINTMAX_WIDTH, PTRDIFF_WIDTH, SIG_ATOMIC_WIDTH, SIZE_WIDTH, WCHAR_WIDTH, WINT_WIDTH. * New features are added from TS 18661-1:2014: - Signaling NaN macros: SNANF, SNAN, SNANL. - Nearest integer functions: roundeven, roundevenf, roundevenl, fromfp, fromfpf, fromfpl, ufromfp, ufromfpf, ufromfpl, fromfpx, fromfpxf, fromfpxl, ufromfpx, ufromfpxf, ufromfpxl. - llogb functions: the llogb, llogbf and llogbl functions, and the FP_LLOGB0 and FP_LLOGBNAN macros. - Max-min magnitude functions: fmaxmag, fmaxmagf, fmaxmagl, fminmag, fminmagf, fminmagl. - Comparison macros: iseqsig. - Classification macros: iscanonical, issubnormal, iszero. - Total order functions: totalorder, totalorderf, totalorderl, totalordermag, totalordermagf, totalordermagl. - Canonicalize functions: canonicalize, canonicalizef, canonicalizel. - NaN functions: getpayload, getpayloadf, getpayloadl, setpayload, setpayloadf, setpayloadl, setpayloadsig, setpayloadsigf, setpayloadsigl. * The functions strfromd, strfromf, and strfroml, from ISO/IEC TS 18661-1:2014, are added to libc. * Most of glibc can now be built with the stack smashing protector enabled. * The function explicit_bzero, from OpenBSD, has been added to libc. * On ColdFire, MicroBlaze, Nios II and SH3, the float_t type is now defined to float instead of double. * On x86_64, when compiling with -mfpmath=387 or -mfpmath=sse+387, the float_t and double_t types are now defined to long double instead of float and double. * The getentropy and getrandom functions, and the header file have been added. * The buffer size for byte-oriented stdio streams is now limited to 8192 bytes by default. * The header now includes the header. * The malloc_get_state and malloc_set_state functions have been removed. * The “ip6-dotint” and “no-ip6-dotint” resolver options, and the corresponding RES_NOIP6DOTINT flag from have been removed. * The "ip6-bytestring" resolver option and the corresponding RES_USEBSTRING flag from have been removed. * The flags RES_AAONLY, RES_PRIMARY, RES_NOCHECKNAME, RES_KEEPTSIG, RES_BLAST defined in the header file have been deprecated. * The "inet6" option in /etc/resolv.conf and the RES_USE_INET6 flag for _res.flags are deprecated. * DNSSEC-related declarations and definitions have been removed from the header file, and libresolv will no longer attempt to decode the data part of DNSSEC record types. * The resource record type classification macros ns_t_qt_p, ns_t_mrr_p, ns_t_rr_p, ns_t_udp_p, ns_t_xfr_p have been removed from the header file because the distinction between RR types and meta-RR types is not officially standardized, subject to revision, and thus not suitable for encoding in a macro. * The types res_sendhookact, res_send_qhook, re_send_rhook, and the qhook and rhook members of the res_state type in have been removed. * For multi-arch support it is recommended to use a GCC which has been built with support for GNU indirect functions. * GDB pretty printers have been added for mutex and condition variable structures in POSIX Threads. * Tunables feature added to allow tweaking of the runtime for an application program. * A new version of condition variables functions have been implemented in the NPTL implementation of POSIX Threads to provide stronger ordering guarantees. * A new version of pthread_rwlock functions have been implemented to use a more scalable algorithm primarily through not using a critical section anymore to make state changes. * On ARM EABI (32-bit), generating a backtrace for execution contexts which have been created with makecontext could fail to terminate due to a missing .cantunwind annotation. (CVE-2016-6323) * The DNS stub resolver functions would crash due to a NULL pointer dereference when processing a query with a valid DNS question type which was used internally in the implementation. (CVE-2015-5180) - Enable stack protector if part of %optflags - startcontext-cantunwind.patch: Removed - cpuid-assertion.patch: Removed- cpuid-assertion.patch: Don't assert on older Intel CPUs (BZ #20647)- glibc-2.3.3-nscd-db-path.diff: Move persistent nscd databases to /var/lib/nscd - glibc-2.3.90-langpackdir.diff: simplify- Update to glibc 2.24 * The minimum Linux kernel version that this version of the GNU C Library can be used with is 3.2 * The pap_AN locale has been deleted * The readdir_r and readdir64_r functions have been deprecated * The type `union wait' has been removed * A new NSS action is added to facilitate large distributed system administration * The deprecated __malloc_initialize_hook variable has been removed from the API * The long unused localedef --old-style option has been removed * nextupl, nextup, nextupf, nextdownl, nextdown and nextdownf are added to libm * An unnecessary stack copy in _nss_dns_getnetbyname_r was removed (CVE-2016-3075) * Previously, getaddrinfo copied large amounts of address data to the stack, even after the fix for CVE-2013-4458 has been applied, potentially resulting in a stack overflow. getaddrinfo now uses a heap allocation instead (CVE-2016-3706) * The glob function suffered from a stack-based buffer overflow when it was called with the GLOB_ALTDIRFUNC flag and encountered a long file name (CVE-2016-1234) * The Sun RPC UDP client could exhaust all available stack space when flooded with crafted ICMP and UDP messages (CVE-2016-4429) * The IPv6 name server management code in libresolv could result in a memory leak for each thread which is created, performs a failing naming lookup, and exits (CVE-2016-5417) - startcontext-cantunwind.patch: mark __startcontext as .cantunwind (bsc#974800, BZ #20435) - Removed patches: * 0001-Updated-translations-for-2.23.patch * 0002-Regenerate-libc.pot-for-2.23.patch * 0003-Regenerated-configure-scripts.patch * 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch * 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch * 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch * 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch * 0008-Update-NEWS.patch * 0009-sln-use-stat64.patch * 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch * 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch * 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch * 0013-Mention-BZ-19762-in-NEWS.patch * 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch * 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch * 0016-Fix-resource-leak-in-resolver-bug-19257.patch * 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch * 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch * 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch * 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch * 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch * 0022-configure-fix-test-usage.patch * 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch * 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch * 0025-getnameinfo-Do-not-preserve-errno.patch * 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch * 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch * 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch * 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch * 0030-hesiod-Remove-RCS-keywords.patch * 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch * 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch * 0033-malloc-Remove-NO_THREADS.patch * 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch * 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch * 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch * 0037-malloc-Add-missing-internal_function-attributes-on-f.patch * 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch * 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch * 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch * 0041-nss_dns-Check-address-length-before-creating-addrinf.patch * 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch * 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch * 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch * 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch * 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch * 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch * 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch * 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch * 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch * 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch * 0052-Fix-tst-dlsym-error-build.patch * 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch * 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch * 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch * 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch * clntudp-call-alloca.patch * glibc-memset-nontemporal.diff * nis-initgroups-status.patch * nscd-gc-crash.patch * robust-mutex-deadlock.patch * strncat-avoid-array-bounds-warning.patch- strncat-avoid-array-bounds-warning.patch: Avoid array-bounds warning for stncat on i586 (BZ #20260) - Update glibc.keyring - Unset MALLOC_CHECK_ during testsuite run- nsswitch.conf: Add fallback to files for passwd and group to prepare for libnsl removal.- nis-initgroups-status.patch: Return proper status from _nss_nis_initgroups_dyn (bsc#984269, BZ #20262) - robust-mutex-deadlock.patch: Fix generic __lll_robust_timedlock_wait to check for timeout (bsc#985170, BZ #20263)- nscd-gc-crash.patch: Fix nscd assertion failure in gc (bsc#965699, BZ [#19755])- clntudp-call-alloca.patch: do not use alloca in clntudp_call (CVE-2016-4429, bsc#980854, BZ #20112)- Import patches from 2.23 branch 0001-Updated-translations-for-2.23.patch 0002-Regenerate-libc.pot-for-2.23.patch 0003-Regenerated-configure-scripts.patch 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch 0008-Update-NEWS.patch 0009-sln-use-stat64.patch 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch 0013-Mention-BZ-19762-in-NEWS.patch 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch 0016-Fix-resource-leak-in-resolver-bug-19257.patch 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch 0022-configure-fix-test-usage.patch 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch 0025-getnameinfo-Do-not-preserve-errno.patch 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch 0030-hesiod-Remove-RCS-keywords.patch 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch 0033-malloc-Remove-NO_THREADS.patch 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch 0037-malloc-Add-missing-internal_function-attributes-on-f.patch 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch 0041-nss_dns-Check-address-length-before-creating-addrinf.patch 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch 0052-Fix-tst-dlsym-error-build.patch 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch - CVE-2016-3075 CVE-2016-1234 CVE-2016-3706 bsc#973164 bsc#969727 - resolv-mem-leak.patch: renamed to 0016-Fix-resource-leak-in-resolver-bug-19257.patch - no-long-double.patch: renamed to 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch - glibc-gcc6.patch: renamed to 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch- glibc-c-utf8-locale.patch: fix bad standard in LC_IDENTIFICATION categories - glibc-2.3.locales.diff.bz2: likewise- glibc-gcc6.patch: Suppress GCC 6 warning about ambiguous 'else' with - Wparentheses- Add compatibility symlinks for LSB 3.0 (fate#318933)- powerpc-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (bsc#967594, fate#318236)- ldd-system-interp.patch: Restore warning about execution permission, it is still needed for noexec mounts (bsc#915985)- Add C.UTF-8 locale (see https://sourceware.org/glibc/wiki/Proposals/C.UTF-8) and rh#902094 . Added with glibc-c-utf8-locale.patch. - Add glibc-disable-gettext-for-c-utf8.patch to disable gettext for C.UTF-8 same as C locale.- Move %install_info_delete to %preun - crypt_blowfish-1.3.tar.gz.sign: Remove, the sign key is no longer acceptable- no-long-double.patch: Don't use long double functions if NO_LONG_DOUBLE- Update to glibc 2.23 release. * Unicode 8.0.0 Support * sched_setaffinity, pthread_setaffinity_np no longer attempt to guess the kernel-internal CPU set size * The fts.h header can now be used with -D_FILE_OFFSET_BITS=64 * getaddrinfo now detects certain invalid responses on an internal netlink socket * A defect in the malloc implementation, present since glibc 2.15 (2012) or glibc 2.10 via --enable-experimental-malloc (2009), could result in the unnecessary serialization of memory allocation requests across threads * The obsolete header has been removed * The obsolete functions bdflush, create_module, get_kernel_syms, query_module and uselib are no longer available to newly linked binaries * Optimized string, wcsmbs and memory functions for IBM z13. * Newly linked programs that define a variable called signgam will no longer have it set by the lgamma, lgammaf and lgammal functions - Removed patches: * dont-remove-nodelete-flag.patch * openat64-readd-o-largefile.patch * mntent-blank-line.patch * opendir-o-directory-check.patch * strcoll-remove-strdiff-opt.patch * ld-pointer-guard.patch * tls-dtor-list-mangling.patch * powerpc-lock-elision-race.patch * prelink-elf-rtype-class.patch * vector-finite-math-aliases.patch * powerpc-elision-adapt-param.patch * catopen-unbound-alloca.patch * strftime-range-check.patch * hcreate-overflow-check.patch * errorcheck-mutex-no-elision.patch * refactor-nan-parsing.patch * send-dg-buffer-overflow.patch * isinf-cxx11-conflict.patch * ibm93x-redundant-shift-si.patch * iconv-reset-input-buffer.patch * tzset-tzname.patch * static-dlopen.patch- isinf-cxx11-conflict.patch: Fix isinf/isnan declaration conflict with C++11 (bsc#963700, BZ #19439)- tls-dtor-list-mangling.patch: Harden tls_dtor_list with pointer mangling (BZ #19018) - prelink-elf-rtype-class.patch: Keep only ELF_RTYPE_CLASS_{PLT|COPY} bits for prelink (BZ #19178) - vector-finite-math-aliases.patch: Better workaround for aliases of * _finite symbols in vector math library (BZ# 19058) - powerpc-elision-adapt-param.patch: powerpc: Fix usage of elision transient failure adapt param (BZ #19174) - catopen-unbound-alloca.patch: Fix unbound alloca in catopen (CVE-2015-8779, bsc#962739, BZ #17905) - strftime-range-check.patch: Add range check on time fields (CVE-2015-8776, bsc#962736, BZ #18985) - hcreate-overflow-check.patch: Handle overflow in hcreate (CVE-2015-8778, bsc#962737, BZ #18240) - errorcheck-mutex-no-elision.patch: Don't do lock elision on an error checking mutex (bsc#956716, BZ #17514) - refactor-nan-parsing.patch: Refactor strtod parsing of NaN payloads (CVE-2014-9761, bsc#962738, BZ #16962) - send-dg-buffer-overflow.patch: Fix getaddrinfo stack-based buffer overflow (CVE-2015-7547, bsc#961721, BZ #18665) - powerpc-lock-elision-race.patch: renamed from 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- Add audit-devel and libcap-devel to BuildRequires, for use by nscd- reinitialize-dl_load_write_lock.patch: Reinitialize dl_load_write_lock on fork (bsc#958315, BZ #19282)- resolv-mem-leak.patch: Fix resource leak in resolver (bsc#955647, BZ #19257) - tzset-tzname.patch: Force rereading TZDEFRULES after it was used to set DST rules only (BZ #19253)- glibc-2.3.90-noversion.diff: use stat64- ld-pointer-guard.patch: Always enable pointer guard (CVE-2015-8777, bsc#950944, BZ #18928)- strcoll-remove-strdiff-opt.patch: Remove incorrect STRDIFF-based optimization (BZ #18589)- iconv-reset-input-buffer.patch: Fix iconv buffer handling with IGNORE error handler (BZ #18830)- new patch [BZ #18743] PowerPC: Fix a race condition when eliding a lock 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- nss-files-long-lines-2.patch: Properly reread entry after failure in nss_files getent function (bsc#945779, BZ #18991)- fnmatch-collating-elements.patch: Fix fnmatch handling of collating elements (BZ #17396, BZ #16976)- opendir-o-directory-check.patch: Fix opendir inverted o_directory_works test - static-dlopen.patch: Static dlopen default library search path fix (bsc#937853)- mntent-blank-line.patch: Fix memory corruption w/blank lines- dont-remove-nodelete-flag.patch: Don't remove DF_1_NODELETE flag from all loaded objects on failed dlopen - openat64-readd-o-largefile.patch: Readd O_LARGEFILE flag for openat64- Update to glibc 2.22 release. * Cache information can be queried via sysconf() function on s390 * A buffer overflow in gethostbyname_r and related functions performing DNS requests has been fixed. (CVE-2015-1781) * The time zone file parser has been made more robust against crafted time zone files * A powerpc and powerpc64 optimization for TLS, similar to TLS descriptors for LD and GD on x86 and x86-64, has been implemented. * Character encoding and ctype tables were updated to Unicode 7.0.0 * Added vector math library named libmvec * A new fmemopen implementation has been added with the goal of POSIX compliance. * The header is deprecated, and will be removed in a future release. * bsc#905313 bsc#920338 bsc#927080 bsc#928723 bsc#931480 bsc#939211 bsc#940195 bsc#940332 bsc#944494 bsc#968787 - Patches from upstream removed * htm-tabort.patch * o-tmpfile.patch * memcpy-chk-non-SSE2.patch * pthread-mutexattr-gettype-kind.patch * powerpc-software-sqrt.patch * static-tls-dtv-limit.patch * threaded-trim-threshold.patch * resolv-nameserver-handling.patch * nss-separate-state-getXXent.patch * aarch64-sigstksz.patch * heap-top-corruption.patch * pthread-join-deadlock.patch- pthread-join-deadlock.patch: Use IE model for static variables in libc.so, libpthread.so and rtld (bsc#930015, BZ #18457)- glibc-nodate.patch: fix verification of timestamp- also filter out -fstack-protector-strong- getaddrinfo-ipv6-sanity.diff: Remove. It breaks services that start before IPv6 is up (bsc#931399) - glibc-2.3.locales.diff.bz2: Remove sh_YU locales, fix currency for en_BE.- Add /usr/include/gnu/lib-names-.*.h to baselibs - pthread-join-deadlock.patch: Don't require rtld lock to store static TLS offset in the DTV (bsc#930015, BZ #18457) - heap-top-corruption.patch: Do not corrupt the top of a threaded heap if top chunk is MINSIZE (BZ #18502)- threaded-trim-threshold.patch: Fix regression in threaded application malloc performance (bsc#915955, BZ #17195)- aarch64-sigstksz.patch: Increase MINSIGSTKSZ and SIGSTKSZ (BZ #16850)- powerpc-software-sqrt.patch: Fix powerpc software sqrt (BZ #17964, BZ [#17967]) - nss-separate-state-getXXent.patch: Separate internal state between getXXent and getXXbyYY NSS calls (CVE-2014-8121, bsc#918187, BZ #18007) - static-tls-dtv-limit.patch: Fix DTV race, assert, DTV_SURPLUS Static TLS limit, and nptl_db garbage (bsc#919678, BZ #17090, BZ #17620, BZ #17621, BZ #17628)- resolv-nameserver-handling.patch: Replace with simpler version with more compatibility- memcpy-chk-non-SSE2.patch: Fix __memcpy_chk on non-SSE2 CPUs (bsc#920084)- resolv-nameserver-handling.patch: Rewrite handling of nameserver configuration in resolver- htm-tabort.patch: Fix TABORT encoding for little endian- Update to glibc 2.21 release. * A new semaphore algorithm has been implemented in generic C code for all machines * Added support for TSX lock elision of pthread mutexes on powerpc32, powerpc64 and powerpc64le * Optimized strcpy, stpcpy, strchrnul and strrchr implementations for AArch64 * i386 memcpy functions optimized with SSE2 unaligned load/store * New locales: tu_IN, bh_IN, raj_IN, ce_RU * The obsolete sigvec function has been removed * CVE-2015-1472 CVE-2015-1473 CVE-2012-3406 CVE-2014-9402 CVE-2014-7817 bsc#864081 bsc#906371 bsc#909053 bsc#910599 bsc#916222 - Patches from upstream removed * ifunc-x86-slow-sse4.patch * pthread-mutex-trylock-elision.patch - o-tmpfile.patch: Fix value of O_TMPFILE for architectures with non-default O_DIRECTORY (BZ #17912)- Update to crypt_blowfish 1.3. * Add support for the $2b$ prefix. - ifunc-x86-slow-sse4.patch: Fix misdetected Slow_SSE4_2 cpu feature bit (BZ #17501)/bin/sh/bin/sh/bin/sh/bin/shunscdibs-arm-3 1652710888 2.31-150300.26.52.31-150300.26.52.31-150300.26.5 0.48nscd.confnscdnscd.pidsocketnscd.servicetmpfiles.dnscd.confnscdrcnscdnscdgrouphostsnetgrouppasswdservices/etc//run//run/nscd//usr/lib/systemd/system//usr/lib//usr/lib/tmpfiles.d//usr/sbin//var/lib//var/lib/nscd/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:24065/SUSE_SLE-15-SP3_Update/6dcd82b8cc2d0ba3ea2646a855dd9ab0-glibc.SUSE_SLE-15-SP3_Updatecpioxz5aarch64-suse-linux ASCII textdirectorycannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-150300.26.5.aarch64/run/nscd/nscd.pid' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-150300.26.5.aarch64/run/nscd/socket' (No such file or directory)ELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, BuildID[sha1]=fb4146b5d4dbe866e9dd2631911c4c933258a774, for GNU/Linux 3.7.0, strippedcannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-150300.26.5.aarch64/var/lib/nscd/group' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-150300.26.5.aarch64/var/lib/nscd/hosts' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-150300.26.5.aarch64/var/lib/nscd/netgroup' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-150300.26.5.aarch64/var/lib/nscd/passwd' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-150300.26.5.aarch64/var/lib/nscd/services' (No such file or directory) RR R R RRR R Rw7B"vQ[˓Kutf-885a80b3808f8405f2065dbbe42cd80d4d07f2341e3e043a7822fbd133ed519c7?p7zXZ !t/!&] crv(vX0l=z !mٗI3EA*պVTgt?!Y0H#Afxj螃&VM<[= <׾`L7G.BNHwͲlbv?;8/n Z$l -n#kw7SWϟ1As`$g/|\&fa>9FYCml!SIdpx^s^Y+#M#90L}2 ˊ&8O2Ch[ &mbBH %A@׬$u"p&6#A7crA҄ [ XIblu,^^ˌ~t= R1keD3YwÊPa/"y4CZI鮍f1OUQ|Q9Z88-h(Lh CJUr#[4Uƴ]-+$`% Xs+R}s}[YC]pᦪ4|iEesYԾX2|pQ$˅o@zI kT%@,U2tvNT՝~]iQ+Z"H>[qӢEƛFAIhezf9_wRf6\}!)f+tX,yX>N|{x@|i{\nA3ԙLl8Q\ #1eȜ)ԐkWC!E$n6#l5(gVPǕL 'ʞbC#{/,s5cA9mfLT)[:PFH`5p?<5uJI1;lDXhZOG\.%•5 ظov'j 0RPUF 8z)n|k;qδ{yPuJGgG<#vg|'+c|stlӓWPta}dѦ< ɤ& RRС[?j3El u{4Ix P|ku-1ݻ]}ZVlKVf7kD$$:̾=6 [W'mݓz獏>ld ~P"{11>$B/\L5zR9b6b3 Hg{p+ U S <MzBh$,fܷq %lãRK6No26.gcO ^yR4Wp-eG=}IR5V3-KPC$ C8| _kCo=t@I*d.!~Eɛe-V#Z"7q1O:A^/™mӞ߃;O\[_W ݎf y},9GKډşQgւ7}z#l)0sS#FǞ9a2 o[~,SY$o[Ix9چڟg{O ðKէ/zjwVRlOStc(SPpg=6',,mbSfHa,è\y<]jP(ݧM!2:OZf:~:~!%1ӱ(!8:&@7:QK=1S (Fi^P9ֹ\Z;_ṕ!'{Q ^y1GI(nuѱ4p: *vU7U#)կaM81m>x=7dk?țlDL;G.e#Eݩ.a;>Td$fʩ2޵^Y2E4ka6CuLLH/jT)戺{پ/"ߐ6;tKve.x0A9 "PrnݶQ/W,&phS?_9B5ZRpnu mzN?|=?-u)e۫eByR!0xSipvY wK^dʍR$$u-B礛0b^R@0!6qSzߴZ)ayCf[|@#y[‚XvH m r֭k- ygtbbncbj SGҙe9Ok?/&FkK=J&`GAzP(dW4`,~|~b1 75l{n^xx(p45Z>F}>I[ށ5 l.4IVʈm3ĊTQKcvjxOgFh*}>s4?)tD9xgWr"@ mBk ͖6[K\{hM2tD:شÏ)f n3j)T*~[EX< siJ Y &GöbHb"[HZ:RE?Qٺo:gvM.Xߒ:*ɘ#FlkDZǬ´& $wF$i8Hz] WG";[ hʚ؏^  2.))'1߆vرԒ!#U֥<ךVm})L䂕qn!ˈܹm=l ǝ;rGaK _kK^bCkKm%Q%q\q\0ߺ7? ow\5-@Hj~@5݀Hhl%w\pzn}/vc8K;z 7rI_A@l@6hr Ѻ,2 ,$f Pы҈59^XĪĆ8^Й/%5h#U.6>m27)u>(:E7+l,4ܢys6CUg)bq6fnɔhZ'tE젟ݏƌ.2%l(_Iޢye!Q@$YviYo/>xY{)+&ͬ0v>v; OXj5wqsәijeR2B}{4U]m:W^c~C9^uz{]N4I3eA?M{<CAl<ܪBd|&nM@equ%uj=UڋQy#aQV3} ʓ,vo䊘ˆP[U<0Z@5-K-zELGLFPoZ[_"ͦlC3 JkvA 6J3MbK5V]f>)BN BQw VMy+t^LVpe=3#UqTlyL KnrI{<\=vB˫|mA_blUL0'YIg 36-An9RfB-Fڹ&>ž8#<ijl@na"RVYS*҃%g TG}o_]qY+V ˀP.mv#0D#JȊ1K?h=D3=v9+hV3kL$WWy.c})/'#ؙF0ҷ}{g, K1T~QU./lYgi;$YutΉ ډ3lbsiBqEL7c1_=[8P9vE.#G'9?tGSΐ @tC_(Wó5&4>B~4pUx+[#!!;ok7OAt k =IA̽0(Ҋ4Ma*3< :m uo4SA#qULu4RéJ)[#kx% X{ޤ)X^}(ԉv;l_b,۠ Fx'W)ZT܉ZI`HF1C H xԥ#itqMknP~NF1{WEsX,腌!F ju T?tMV^Q>J3nrֺ}QT>4S6>-Єyfُd"j98&'-v:hi4I *^%-_ՑEl#j#Lr9q>fћFnTIh[Xlw 8ݿi~Lvw$"& ~ $1F%EUjO:mo@+"97 nJn^Y:⹡OWMp^sg,rN HȪȠ2LZ"4o;hRql.~'MWerTQ]HW;שpZ,_ vW!hS{|_;p ڪ*X5Nh(dDkEVA9̺׺gx ) N4~Nٔķ!S]Ej`c/uE3%b1;K+i(C9D,#̙2 fTPb耺tN`LFQ )|QQuzn-&nn+@,) +L+2-%:VR筓ҍA%#L_5t8)@sDϩ.3+<owԧ/Cu|;bQ:6zf# ? Zd-2`0NL9?9Ҋ΍Pml훑WHQ=}DҴ9Z }8vo_72^zB<Ȅp,4{b3' u =Q+I +8fȩ)#wyh.Y\~rA6 CZE$siզbREZOu:JWRey6|qҊsdDh\J{;3 Kq\{O[ȌSjJsV))3ª2Q4؊Fg1 g:C 돣t=FRc@dSûcʈAX%=Pj<9|s[T$d*Tff#O,Xdw4#󅜯\} MTҏ)B۱.ASamc˞؅#O@EWpu5;h2b1l-GQk'_ Ϥ'1≏|d~+07SnW 1;E#ˆʒvx;uU~A=`yг[K08Q}\K/b"A [V B^>nJl1&  439 mQQWhF)ٯrZ=Gug% #0\h"Q rep I<1؏#f 1W~OA;穊dk a79H L[. a>nnaL"ҷ&z]2BǂM =Vd5W0de0I EwM%ϻփj)HhͿ; sx'GI9cC! !5mK\|Xx"a$ hd; Wv3Plsw#iG/dOOBS 09`C+5aB c,Y |O6 'M.3wjl8J< pZ9 [r݉#VǃQO/Ɯl #\o!M5eO7=_Y(U۔D?sel>h+ EB!G7{MƏ̙ۧܬ z J,Sۇٻ_EB TzqP|{r>=v`pnpX/85n84 0Jk"]Ož@SYQUB}!V nps[b:7?ǫ rcuVv"%.LfВCr{橼 7̑'@iiU}Ldf p/5=fBa=P8.ύJgMӝ1u}"N]CN_C ,L{FGGmiZJ2ۯpa~ZV єbS?R}}Pgvnp0ylP&qV^GI) Rؗނqe^&)MKwkV'¹a* `Fy7sN!M2bi>|x[lx*?(0v;" UH_SwTzV(٠)t_/c }h_yl /ڃH Oci,L%2Hf:z*vi$2SŒ[,e4v_P ;bgcvM KWF >2~yኻ 8x=din'_OoϏEۑZ],/RXJfN{C:KlLxYVjPb@)oz4o@훐o/ōXĮњPOlkkX>3w6Oͮ{o-bnDUci$cZ!#ϴtjhSp7y#^9n'"Ut/¡_Cc cˁxTų wӫñ[J f-~ QIY-+JG-Pz{C>PBJ[:EzO(Pn5bRvW[᭣ x[u[$1j"]M'I4phNKg9W`;Y70>2JzIX}i|clbӝz^P#~ƋnD2kmIa'ȪA9eO w"'P("|2^t-Bw*ɵH7ٗ38V"03{wȓf 5^GL]&M)45B}r 2 %9ȗű1I%+w=y[VN0|jy^ `8I*&d`.0N=7%&!굈D\QUHPB|Y ܦ5cf6T\x,6RBC}f;:O$afA+pl+H.d5` c蚒x""; [2CWB'e@_$euyg=`F|j"_aH813GVhzTym_ү6 C;ɤo(* هzBfo2Z^[+WE\_4*6VV!F;JvlRl#F{G7&E(bE4%tzU|s#aBDf3KOq8\TN_%j {w?;|B\v &a$pӐFsPJGX? d)_#og]YIsT~CTtW/8K4 ΎFMik4 ZĿ1d3%>5k{)7Ԍ"$ߧoO,n&fw8)QCqioe\9^?5v*cY;3;=yg6C8YG٬i9\~S5I +[!-. yz#qA\"MsZgpaN$7r;v4\7IХ9/JidU>o|cz!YBaD͈ܸO&`,7~.zi62/~ ގyꑰ oЁw%^jf7 'N)?U7!:Cup|/aƒq'6KSkFw$=) g^ZE*vLHόY^b~ GCEkc)jȃV6T| >_eҤ Pʱ#f0ۮV3G )\ywh˳+;Klsi+=QTR+vυO\vWmQpP54JQElBP/Rca3V'b69A6fHPZ-.+20%P6D6XFa_vΉ s~˛[,1J~9JޡSBe`ۡaRH_tn9WޓW]<XZvpه=iBX , 7l=*& JS5UU]bOM)FFdy|nԣƛ*}@\!{bG`+E`?(o|\=~G$;镊Zv]FԝxC_\~b:jҔo^7aZBi:,*e,uIJͳKzC&~aD OeHOqFؖ$^W%[ /|B=-m2@9P=}~GXO ˵95c22$~9wqF+ rl®_H0Y yyF=c0ԋGǩOpvشrrvuzg  b1`] ,VE+pܗt#'b~:" 2ʡ2_6a_84zaE*Y9 7ԛhZsLlQ ~Ag0(HE16y^OY86ƻiClv4Hlh,Z:6U;  VV\jgL抵u$i oI޻xĚ4* ^fKrݢm+n@C_b2Y0Wb%܎G8L҆8r 4k;W&Ep|5]2-i_2 ֥~fW;}7S$Se'".8##l*%5]1״ܦE ~ƚ}Hq9bruzq$ ^ Yq ertBg$;%m=[4؆iut 6J>W VPPq7LjWu, hXk}xA2Wm! yL6d MV-W[`B^Tc˴)X4oH-z&ȅ?TN<3%V MYb8N+"sޭR˸ۡIʱb# ŧXOAx=}.j|en4ya* @Iƍ,1窱`uPn)f qpfd\LNwin& LY!hYe>ϥ۠rBĖ6 6RJأ崾ڥX'-/;kC?3JWYT0 ʺgl>Liϱ5I63b _-ςlQ# ]E)S5(dC)kق5K;wPd ǔrz_tfjr*uwᨺm=ק~ pPa i,  anH$}PWoy[T 5oٲ/e9WׂYhR`wh>Js وFiB `WrvGwoUonχEGdr@+a!e$ڪ#{O~1mU(2z@3.>],}q_epP…0½!, ի xFq (,{+``m }qn-txUX,n;o;mREJBͰ_`'O@ʤ9 5!%l6o}Ra 򨖡v2+iT?d!~/Pek0`]MSIQJ:_M I;YJ8[ Vm&96P 'vT739YJw6#vVޤ-C#U CVHs:o^w2j*AVɌ݅WQޘ$3v!HxctԞ_^1@/"°c'PTIkTg2@P6'+??Q).5Q3'zC8uPxqCVVJ= ֐ +a؉GEVgd@Nc9!lEVi/7?0hӸ@c֛l !#T}1>S6=oޡ1&xA'/[:$z=0oJM"?!<'a>NĒx%1H &Ihk?OFٯ/h7a)xQOQN ;L :}r-o?ci!fe,M/H$8&\ī/QD #DQ2=ӷPlHY>G@=.y8,_5_h4}FjRge,Lc)B<7S`,}( I‹\wnPi5')\g:9bk佡GwCv,-r8iRT\^Ԅÿ\ݐ$IYh鋠pKP3.קo-SB`,aDz@րy*G 5wܙFmP 'SD&ⷜE GyV"t!$15S+@^{K܋+18vja!9.5$k2kN" ymUo[)QNݹnwKdFل ˢ/v]ݘ{j1vj{AęIwS:VLgѮ!_BB1όO;d͑xHnjr%G-`\zQ@Z Pg3{{(`|t r ZEu-f߻-S|hW-̍ʋ΃歅zPRWeGCJܞ|24Ϭ=OU<2WIJvɼ\){i(c ueWɛ ciNh{uzhRߠox(36eRTHc?t;+?_>jWMAMABƖaJ %VSl:=;QTID٢+nEr]`kX^=[o Y@5K._O x~^D[{z#RU0iIFLV<amYb >#ؤZfgY>8jU_9[JҷZJ8g釒"mꩢbxYrct09HHOLG!#S >THWCC˕W6wCyl)>M,E"=4Z.۲\>3ԑy]5cKh$VMU+AYlRQS$S&Q)7zgtK%'jDOO١Ռ[x~%,-~g 8w#8]h[I7'xBq^Ċ抙QץGx+سWxu>n0yD !n(Kϐ ѕw3<2}㣃M*qҾ PRtxAKIaٗ12/YC,~=p;Q]0pjw'{S]CpdFrsZ2oMS‡ǩ svoNYjf]Il~֌=\I aqх]4]n|!( ||H-=V?2C՚1Uc9-JYw_j;;)z%8 iF[|Sj8Irt5 T9 &泂N4@,'\ōBպ}h8cXeeE68%{ xIKb諦M|X o3>r| Mp7ȿx<$/799 *V 30%,f`A*-#j`w8+[M15­#+K$qTŮ;b@|K ̫d4+9hڿ]]<39cyn~9},TEmIh"iōPBʩ`)b3@X?H+lw|jp*^a4fnIHN!3 ?>m`hGƙO%j3W! Jڙ8! +ILw6K WK,hgd?q~7l OTkz=5.W As#QK_\UwxR`swN/yT7z]Ԡ^{J'\# 8GhI.HqњԸ3fB ԂZ\r1rM*MFɕ/—o9 :C /n$LJV93jF{ mc&KNՒELFN`"1p ^4!X+^W}/O30U*n$z=5.ȞkatyoU`j{ 'צT 6s"dM҂⺅w [~$zM#zDE wfײ71)"y137s|("!e93@v(0&WσEJj=F/ ֗7lk* _VGLE57=h&+MCv2 +jj>4h y<̓27-LLvs'g_ >0 yN4LF}n<~(`SvɲAO M@s9Aa c1~NX(_&M 5/҄avW0dVli^m`miCxz@)R4TP/@gTA= k+ESqsۣh67w0"Hgи~?Vq,G>6hrwJYfcJ6qcàAގ`ow`=m gZ~5N#ڣCbcD0Xq䶧Қ)iVQCOyZ=QaTJ XA +p |% -e5-š'UÔR[䰠lnaZf3z=2/bBYJ4^al H#x]J6'`YĞ%ds/3ǶxE q;u;,ˉOXԀ9:xɴmͼDQ͈/[E7f0sU'B1‡i ҲW9V+ڝcTh3(!SWk\bl$64܌O'#W5@p>=%4bM[p%!֔:wI(`A-JZ>t]跂tG4bOݼJx朓يg.iiL0<sA;ϙ(`<ԌN6WVt.Cmd`vZ&<RFSA^1maʦ&.-s64r5,_8fNZ_ GTwfނPCCq2z!4P>p`z|uۭHh]}D0"9p3sRi~.g)j\BC9eFqvK+՜SE~`)ݩ (Cûi{X.:}=>*~bҚ+gv>j>Jr0NN O=f M[%0 @iTK]f,=Ît*{V@fܦGwA'qϾL?8y2%^דV 5=::v\kgo u}dTLz՛/X Z6+#/>%&fЄtR-x+qϴmQfݭv2nGedn6E?J8OS~<1Ń|?j.{D:s(3n tQy z"4(WcP6g8ۡȲ9mWglbvn x?n km ^,EfL8.8c.*[8ˣˀq%?0yӤuU5EkZ86`EK^GϧkQ=#eZ'TאJYM=?7'ƆdO]}ϒyJ=zM 62Q 6)éG>;~B2bShOKjV02ُ!03߱6QOq$B2W M9S& llkH?@'sͬ`zcN^TXh}3#kT`&R:/?D.;Wf95ss ]Li9ǖuC$ ZV۞v*TdʷQp$/Ժض8 iv6kn;?)wצGS ~ZSqiLVG^wE%o\"xI`9, pf#I`jC0zzQTVKO}oTm(u|\6:"㈦P0͂¾eԘQ{]=Ž[{_<3A@|ԭޮ~f01+mEƯEaҶ_hwt@Yv=\x2Gud풌Iv>t{,>~%!4]le9b 2 :gVCAM9kS~1NhdCFBgs ¤HƮ 2=иW~Euumᶗh`ǥ'b6c7i<]u͹9mEُ1ZyLY>Ƙ7E]U, |:9Ѹo $g/G] 5kC]Q2m͘$83PqS]fܔ@{\%U'o ϒ+5O=0ZS/IK3YA[_qb DTPdR4Yɔ%.%M?H{ƈ@J{0uEu&f '|tdJ"uLq|b5fk&n@d|h:&=?:ëAF 0O08UKt`'k!I2(rhϻDMĜ"S>p-Xdg bMԏބ*eC!U?VYa},un{:ŅBE\EQ=0dmF>/~?[%:[z%Wjfm(8.גwn[z̢׊{o{6sbmJZeW`u'ɴ/6myfʾ|֞Iؐ'ɶJG|jBh.PP\320֑=ViO Nɽd@Cv-,WT4D~Rm{]#^vaI  x|fAZK}.h-Ѝ'BF5AQ0ջU,ztxո*q{㬀Vb8fܭ4B7/!9 RfE,Ln[-Lv JWM38P8̝`6YQu,@wnRW . gmOL['%Kj 2̌\GiJ2dns1^w~*q?@v>`]Eَ dMYag TLht8zT>!vXutz5/)MⴲL(6i쭢yX&{ $'k4Ǿ@U3K`8k7?W`lIq@>y#F @;m=K]N%BgݩF%|LdQ'|\)04;\ds_0CCrδ*8$E(H\Sh ݌*DZl aڠQMQ  ˞e>+d<z$#WC(jxڷ!Cͣ NdS~94T#xtC&PF*w|d!L"w3#k} 0qf\݀@9ǿ/NiXxG9-SfWXD9yp.H%>yq|qLnH1iӮ{m(æDP @J}{8^q4$u.ܕ<Ԕֻue"jKBsbbr)Wd9 (,>b>]HsuڙkKrZJ* p _}.um !#~mb>^4<"D\/A:ӉDoQ9vqg3sJfL?~`b4Jl_1>n} 8ڄb UBأ m }YVV鹴8HTxGJs^ͻ(RE׫poy4WX:V=@VGXCmƟ)A"?%Z Rv9跲^6zXGdF?㌥8;q@ 1f|c?NBgk , 1d!l7 )n3&in0/|Ecll*>,nr7I\=5C\ڔ5 LS/I"O®5jp'rveh$-8bL! 9 0>F ~*X.%i*&UNm3kXjNn,u֧{DJKs3H@ebGH%lϛBr,T,H=*dO"+W ŷU:@=jU̎tcp}R.?j,y{8j!)p|0/(4Q5{wMbA̕1+0 X2rHr;̤# PN‚;HϷ3K+LyٖK`O+Xχm/~Ԛ+WʄUX"5pd/#7UGf*ghg}Pfn4K \d~=O y AKHCh?3Y&P~G ˀ@p?_)oݼKB F=ZZCr()ՠktx4u:QPcgQ̸Nb11q 6gj?ޮZl=;9۠-=iXHQ9VJW^n2(V?w2U8Ћ1$JTfE(i6SCt|nEVA9|U \b"wDHKk=NA~Ū2[)G!<š/dHax1yu $.o9_L tOBzcwov$ZH+aC(e4 g~޺*,I6Nlam0U%Ec#`;~ԛ[qb#B:4KCIG-E'/QxAPsNbK2%5ר3I5;)'Dֵ5G|\cޑ( Zu.ecЎl2UXTn Eix8RBQ`Nu|IGLXN{SY@(d6>jn>ZE|RUC D鏪 ݣ!Rdz=zu@Ē[O&cf]4|D4!w.;XrTרHdqGm3@_^&'+Wbʵ\IrWL*wʹڕXFJYTT7P_"x -ig {cyaxl9NR,R~MTz2 C6bp|<ՠߞeQkݠ9`aM0"vk$Ќ jI>"QTtO0\8WqTsj>(4u  Z[DcDP<3[$}Dzzz*3$V?/AYxܾc-zA@x8zWI2)q(bE^/n.OH_"-Z/,/*:1Șpj7=G ('F(nIAe*NiQZZ9ZWS=,,s kueVw~#_)8!8$i'96J!m: NCи-$oWmN<O$~ Dur0SE/ _(*8˭2HMɪWI:p#Q_.hӗ'O֋nu65b:3kz T9N<ܝ nҠ@Nl1$ L)"W-`Jk!%6IaI3pmaL˼d<[듑U$4E Y[D] +qB1fGf8 e3 u'1X`}AfBь-aL9(&eحP`ƠQ9cj"0ڋK%<ҎqTm@Y5+\^)d ˢ!EQ|0SpOP &,#}SdeHnAϝ?p 'tdqe~EOM P͕]XU%i=:0] w)~mn7;J*=ţ5!͎ N7BltD,Ьۮ'31'z1GbC4ئvT+q(#x}Wxd!Nѻ_yz ᯐtsa9'GVFu ~*ؚ9w&ю݀:9,{eѩص_ss"þG*t27H G ej['4He(&b7SilBr|M/ SX3a(Qfc,]I.X-,K[cSM&+jLZR+!?dW"WiLgob8l٥d5oK% p-5>)yϫ@4ɚK1@"ǮqTZ" x7zc]Qpu\\ӂc1m!>/xu1 n{ʔp w&;"wy"eUNBs2e@h8!o3EM^l}9sfʭ+BfB$8x%+xmhD7(.>K+0qw)YN۳f&f4%̗mLtOL(.mn_fVdۣ\Bv o߄4G$փ% v:vv+(]ȜZYS*L\ʚqߋYS۾CN\3ASa;~#)ڱ)ܶk`$]̟_d#;if._Z.eWΚ, Ű$zpoȊ$`:SPcMn'E3§h/kPHKubn2%O# )68친e?[uRQ[^nE;Gnı38BR-iLRPmQl$f< a%gBܕ*ǁ)B_<%k.Ǚz \!q#\3J^h{*΄'˅UsS=ͪ=S y-T([O^0=" ŗ;l`"ˆX&~ſO4-/M"jO_""ExeYB$ed%gw>uNﮊ4v;V@jSj/AwnV/Z3E׺@!~i$T9I9,b)dR3sYPX.IӐj粮3Eeٌ ze1۴8@K156uZ&q fi c-ȧ=pliBlP>fВ Pq2Dt7?a#P+# b-g :ſ j&n1F\qޘåh" rk̶hDH dŹ1Vbym$`an^H \yjoW ZwkcҨ"\i2yzӦ, oK6b n>:jBFax:̔|u\8I.v&xШ!FXН_&?o>Pc"N$pqT%f?[Z Z5muWg_A,o 쐯 X}` Ԯ]I1bc  aZjrCi`x!CT`__3^(R=}E EIKx יpCR]E)*o :oT4P`+-3|)"1j3i K>q ߻iuH5@S{v!y,[BSH a"CÎ+-к:pgfZ'a:ϱi¹[B ^G RĖ09nLH^Él݁ji߷_5![=ï a0a 7RR: Mwy w\Cw8 ܁ֻ1_dxTݨq'/ wSi GE W .X"Ā'm7a`6lG G*DQo&)l꾭Pz83l&uOYBCŞ)@s 2Ǹ>H̖ddf oNHd u&=妐rPڮ>V]be@eeUrg)'ZaD"k(-9?u抶x|:рZ}.~"AW{u]G!bWu%%#+{.`ds{7*E6+0gzdGcgW]4yabyw6@VpA#@9!zfGm =ar؀-. u𵰲l8P{&ydjhjd,5/G3 Y)CA%Ñ c9X*PMdJʠN24fsA2#^ ) m$àeOG~vādZ:Ay"/9S4ŕFt ATw?iZJI;O?7vLSo 6s4ơ A6 B/OT[v[KF=]uGMޡ-y!'XWܵs@w@ ۀ;Q-HJ&d C_7,r;マz1 bOct_#㗼lgdFׇ$Jc"i\T4 \Yq @13L# sXBhRz] |S. o8}D{P6aٟ5PC5teQ(?wbuήA]':c,/:aM^!m΁1gBr@({ZN,bM#$~a]}4TL75B|SzPD1YL~/':pY^3&] CzN1OUM.ecm f3ioJwme;=P/1EJ.i/+67mT vr˖$N|EhY4vrU\Z#sz_ݴ-$u)g@=հDBathH#*Dcơ3',r& ߯ K#YG JMbtܹݥ!"k a#Bӭd!9@Qe ݬdAA>†"qZ<{0dp(ؒфj4{'y/͟s'?<\jӆ2kűTVU;9^Uû_/&PVo爴Fp-h' ?ْ&i4kL!/_^럒yS/^~uCZs!o.ae}뼞n[P2"0q0I׶p]YAMRyqtϨv)y]dU4_4'eY$ROAq)88J89k Jy? (7ĄGD"u:b{]nS7XC`*xl:| j@XR΍M -c%zj`oub'"+e%)dWXR``$]K] aڇrFo*5pDpJ&GiO=+~_2zhQk2n:_3),yZ)-eu0 'eel$*>fLSDEx>cLZRRPz%% *(c"(o \Rpe -j@7H7U:'k6{ [I`*!f7"Tvp7p7\)vRhYa|RAIQH(%^=S/:FƢCJsHR6*[ ?:¢2r, )^giܵ  +@/q3K#hS nq4&KKȡG)i59ˌhpE?/P;13AB>ѽ aW}S1òz bY99=GV^ŜepRFa6A(~$Xa BƷdɮȅe)5N6Z}(V0UU?9jSjXɸ˽$Z$?hQ~㭦c]̈WJM(v;FZ m?|X+zhlhpGmI rcK(" 3꤁=[i=6+IN;K!"XέO' l,0ѨO3vOn4nW:#[+{jdKbAדimcYoQ <8d3$pWQ ٳghWoeli6=>α'wўtFfVMiD4ٺ.#Yك{]}ؠZ!/ livwfZ۹XX͋\#$ 2_KM:7RY,f)Hc) .gh J`3&JhQB|Y̟kKTk)%d>Y+,٭K(Hx>aT^ ˊ^GVZ/5Ay^{5D{ q΅) Y|K>#7WRxYHP(ޡ$hA}px~P$A1Jr2#ϜQ<Ƕx Blj[IrQ w,d1o(:PV[[C14hܖ8\7bJH'7YF&Je\R1NnEP84U/mPΑ8{} 2ylifO:ZEaN2D\ɡ;x_,WC&)d[{BWx?~Ij荡nocɘL MY?xebFWBA ,Qr,DH=Ў-˹?/^ŗAM ^}d10'^l1FK_sBQlG4 F׾g2ͽ%[Sٓ2.HANSYP/`azLu*%w܄9HW'dh M"[{ juzFe-L`]ok5&biG)68Ls+*xXFP0#O6brA]nOQMB`YMfXk^J-Z b#?5[jx|;3"}v5`zp]NC߻[s-|XZR0tm2AEbϙMINr1s§~E0̤_w7H6_c^G<6}&juMw  a#_% u7Ї/.ū2* V <'A g>F#k vjNq4Jht"m}~x|ҀdA_߼~TpsFu|wW`|JQ1C 5KpE;YkQ'.j)BeV;.?2HDu%]iЬ?ՍݰCb e.[C|KOtQ~T#گ]5|24.X3Heh~eEs撚*kM#qqRA _wOM_hdx6nGvu>R({H $'#4>34KLT؋תoM߅F=YAG"DMZ=V~4 h^R$긩HҨ&8R{L)$zjZ[IvȧAJ~!"*hRPߩ5V9'SGm@wչt7V6RGgqټ1Ӳjf`k@ :rq1nnq }2waAzc8t5TuۯcNjCJpcdӆ.<[4'*;4׭o7Av/$8f#C+ /YP&vu oƀ%;x.NnJ]qtK (aRd#b%YDVdH)u ]KM~G G+g*e;DH$Q}ĂoB;&J̈́42Wx5z7h4}Eԥ(4eYEkLLe mؘ6Kyhc>Wr":Q :rXhh4w 0gv'KU_Kef_g|aEz~h'8$PAꂦp'5,̝pЩ-Nżߍd31K92MLqbUz!7La{K򷈔 Oؖu@EGNC[\̽XaVH\B~ ک&ry H}NpV1D[xg/^:(A߅l6ƽ ";m@Im./t̚ޣ`NQ!`yF5 ׏Uw> /*@ \cBo31HMlw-q}فlX O9sG4mn"?!ƌ7 ~%N@9wPFS;ORhhv40Gڛݧ?AR7K!:= N1 %驠ːx$K(ggU:! >j=v-=Hݧфe|-QM{}5vP5yyyw,tIXקDվJ ^JϜJ^U<:3kڬ9Kdalˊʝ ׷pfx'h dK>ahp0ݦ Fkz19}T3&Ya=v%`pnj^ӹ2ow $wehc4`9!*cJ8V[yMsjH9ݿTƚ7Pna6ru]R0) iq;IevyY];I*1"=]o;[o>웦,#I$L$^/?Hu%ՙl-~"u R@2}ܱ/Z,Jڗ~,RX*"G% W|x9V[{tT!ý"or,R-~!?W0U JUӧiXRX6gʀ]V Ҹ8 QvJe D]#sWw׽ ŋ!, 8Gw@ʑŠU̯#_?M"Ϟ-EGlH.ۧyR^2 l*bhTe$h'83 l!iz6!C'NvfaA?Ad /fz hw_~x"d^֐sWq "_g3y,Bʖ2e84- HU5W Y?ۈgk~Mc ]0.SEV+n;' 7 78 7mj<}ߛ[h/W/ɉ*nh?M5S)T"-kmni=Ʋj'i#&/T)V$e!wonEiZ@Y_ܮx־HvQlN Ek[ɀ06EYjc͘ 9e##qؗ(W)K;"Ou`Q%٘9Z9.ԌjxYjYU1I5 (uZQ;ݳ kYߚw0M(Ow}'bNiRқ&/fA(+mƹ'3b,z`S(Uv֞zǵߋ>jPiW&ܵt8P`v&y%Bʦ8::}tgwvN]LVXGǂ;NHV>Yr>Oť sU= ڛ4_QtIiy]s4lZg,6pm / ,|8*$_y<^ʎ`GzJEۈfZ< R'[+⭚nh-,&KD< 4Ty(elxޤӇ:)cĺ;{6 m˘HG["J'E`Bvy)rGzQ߄㙟OJw!rua6AbƏ V[|z02# W 81&sM;_+G ] sMt;<I}lG̲Gl20Ebxlc뒔D! KPᶒ5D.\mZDj.vX L7 2(lQc1TO8Y$oݸ{N=ИlPC1 [@gnly#!T6GPވX԰_^avyT1U$j%\`B]aw$6o3([f4*IYgXX=8N]S16DY@3qf鐷66uXdp4 ï΍ej oG,KcF͠',Ʋ峓ЬGg-/߲2rظCO4ժ@eC'/ܺ>Ah*h83@5}Rm, m#HWOX$gzvpO"\e 0n}̇ NFq="hk+-e*; fUjO><`XԽ5N?> MFEobbר8P3C;hBtf2/: ?8"@682jJvޏW{ 7CV5 MDŲP~, HF:K=THf8YcV#][{{,+r=1=]jH'6ГE(%[Zwܫ2ۧUmyC\n+Z½R~Y:%c)?$zG=J)Pn\6ֵaaT:c}#3s ꦮeqiHWQd<7P>ˤ>KE-tO[Ǧ 0@#frOE0rJl< /kTB75\ |* nX $jJj0^*#;F%]*_wߋ_qz&Ia3 ْ'3~"!xG4+ ֙Y !:r t ,q mjH {5l=wh?n!] 2%C[Zn:]O+"67+`~%K̪fr, 'j tO#ÎZ_<ԦQwwPM `DS fԁ)b;w(NiZ˂.wu)W1ZJ(peH\&DG(CiͦY\6E`n7Wy$"Jml(QF}&M_<*ljfŨiAx.{5_Eq,<;K+D)3pGWZ_0kl,T %m30BV hPVҪ]ݔ-Uo >Gߐ $N/Q,,sSz2ՇQNĹx{9<`1`:|aA(aM ftv6j!Q)yRz}Z]4咻xXxjpR`3Y-5\$``Bm~ "(Q]'Q{BT# ]՜HDCDED/t{*=ܧx-zz _ѧzhbd[ QS䥷绲mݳ 8IO^AoPYL^)( cR8~11A&:3X‚v-vPZ)?MV]9 O:fhz凫O !s^+n_Tb"%U5@=HanEO}dmd]=q9sןV@;1Z 2!M'@W= _sIQb3~.΅} }"~$Y붻DIRL-EO*eޘcMV,e0Ō$BcUSu_;VRS K3f1‡l1w.S>)nn"Q{ !2ly,LW"87 t_ X Vx)H;\d |]~d\l:~JtY;){?DgXٻ(ה7^Uh6@^l)̴;N<؛ρzR\.%Љy϶`R2y"57UĩRCE4`<=`9G8; 3ӹrƳS}KH2ђEO}:6F{"zryzc:쀏#uhdS[ '#VXW(B=> VގκiciuZi!538b$^q؉\ p$t BrgdCFG5BZQ=%%a>9blP O zyRRkř{$%?;kͿ gJlc ʂrDD՘Zať9>ZR?}q} xqt_ ;`TТskCR Km`mkXDA1+w2<s>kk-C0x ${;޹X.]@*3\S`}6*%YH #5SyULJxyL+R)TsEƐmF Mު6uel98ߍ{sS(Cd1š]8 !`fPODۢ;8FhvI)9)(\q`:wRUo0ߖcA=m{˜GaQR[ mz;6d ׃Fܺ6Ufs8=,zWOWADYՓ%a ]Xjot@gś"WbCk n ǖ8`h| Lkղ پզIg0?_i~$=g6g w]N IYA5昭E)-RíhuYŦz4<:վ4;hC*ޡIe@ z5d&W(qԗsL2̵B|Dt 6]Ե~!z0f4̴Zl'+l,7q 9AmFu3ńY/ٴR4v@*3!v+ PJ/ )Py 7in'5sEl!?u p.)C ϖ&z.94CZ[ ;so/FIc4VgyI&+ #7 LXݞU7"/Aՙp4~ 0(N0Rj{ H"t? Jqj%  ZK[~:'DDY`KklltMU@ pSHgT޳5ٯP$五*I*v|)qF o^T)9밿 h[ ?t+ tK1Qeʜ΋ƇeDžxz)O2OJֵpWngp$78 &큪Ib\]8x:j?ITC'lU1gV7]'M< )]=4MqoŊ)74qXS`$F$άq\f=<23Br^-0glQF&T Y֓;B(wjVNE%)+oŵoliVxwI6fU|_HR:!2C3wb69It" %3CRru_dA_f,I"h75FFwy7rl6&LKw. YQ&ּC خta u:%ú+ n`~j GmQ"9E+̈`+ 0 yu"{dG&!x f jM; x;ڦ)&8 Os3iN- -*kEQ~+ǁnEg&Dd9cc{G9'G5ܕ%AZ#gT,uȞ:^=Z BI ʘ)גfLC9zHvW9r' 84EI~N w*Qn.Yű1+JESS '9HTay+mJ*ͤO7ʏͦV/ȤZk)_ 'i_ yQpU2.`p" `Js.#F"LA2K<_2Cxf[BlI^]/vo B0M-5o'vGw\yUzhhӐc&eJtSw* iOX9 `]P;cdqsOT8FCV_<$c'e6 {XhZFҷ㄂tHXVqn wn]W<`e'g"xŗ$04鰯Eߕ$%h(jI|JG%+[&pfk3֠:^S@RBsl|!H,>h @/'KYr@rīY,YdT;}4ʝ}%WE7tb՞݃i4ƠEN$V=qIЀ S;;? }]KZaESFhƠRuj$bC]9*J~*FZ'SiZ7 mq9*Wr?N0f9'1ThV`:am*d}fHa,EM{7.^DZ0Q> Eq$(& ]*a1腒@0 {CH~7X+aƯJ]cJ.i 8O /#8K8L0gW_rv^UF 5!;Ym=.'I\M-]Nɴd(Ln CCY TH)99\GPojfQ>tWyph{i<;Zvpِ+;dc,!ɴ~^˟hdrMޮ.fu2e4(70cU%w2W[ǩ nLziĚ:/h"ו3`D2!ZXIt 3Qˮ4$/~r??NĒKy(ɹ{vIy.nYs^D"32`k Өҗ3eЊG eyͨ7ӎ p\B}a{Z]f5Sw5P:z梩ۗ.r}85dɃ|̋/guf$7(G@~i"捍XoYlY/4\T_#W{D':8mvtMp.A7wZK] 6xs*[}WTO}RZ=ḵsonEw5a\CԱTE11뀆}oa>w F/vjQkn?|)|E٩.TBjpyZHǾ%Pe]׶7bҭVdt3tk+PAb.\,OIt 9tv+tzp&++`Ds4a9": p-C{ g&Ivwr`p` +:&l5jp_8qs#fWx{FU5a]AD6^kQrtP+P‘RMp070rsi:( lqo%4J{Xd PUe ٬ைzoT`L"N"k)I(|e3a%m"pY :JF imN.RneLbZK"EM1kw(mXA[hSҿuJmfy}j!kٍ:G"ÕgrV&*Ź 7; [fn1!RJ:= $!k ߥ烬K ?.Nl)}ܭ.ȇY%(j7ʹOR6NQpcr`4M.Zр0?%:'*>DhУtG߀O? ]u05OY[Ys̸AAs#NI=[iEm^gT;jMxq ӠER@">$*ŕ3R ltϥ;){>'? ;wD0v`b 6E˾%IU=pHXYʁrN u)@~AɱŒѥ`A/j NA45)/v (sΕo4 ;~{x}{\UysɵnFS4uX߇-G$-_M),cؼ gE 0UO"﹈],$c/◐tUQ#2{c3~jCb o80Ez~Y3~d"@䐗 5ob=<ՐY&mguIdٷ`-Q `V*?4?뒅"8XePLf3/yoZ(R&kܷd#xR4ڥ]'#-x!qZjnٛhLA]Mʃ @-'}+qJQ:B`T./`S@ :2%\,cN*gt}F-$C>菳 W9c z2\?NqMVs2MC,>Xs+]r}%d'niɏ̃?u.~ٛt1,MױS< _CD.N$s,c]_o X9}TYEuŠ4\6Ml1S"#`#MIAۈ rU%1#G=hu, ȓ 6~1z֫͞wa4C5%cjW5Y'yca=bJkM/> ,ͺ Mi&+y-!PEKO5}R҉\7a9:زvowvH307n FaRA[#c?ۅWkkbґ-]o9P)Rt/e`V+415 ͱLW3͒J#Q%:Cm,rS'9a/ < n!'' /|px?vQ> O6 \]+8ӏZGpTNv߿Q֧Ϩ8B+h\fDB-4uf~`*Q=A~Ϩ SBGGY'0`ҁcIsFvfGnx*g|iOR.2XddpEznt|PZm' ΌrJ]¯o䂁UdԨSg$ҏ[TO DoRP3aZTm](uZ|yy1V]e]氥az?)U8.E"GPrrg]n!`+\VJª ktBd]UV#:ҜFwem*aְYqDvlgQVͬ]@8*cOSbv vϷEiݤsڻ2sbg a;TWg;9կtފ2ub,S(Xe#6,QDF9`G}.AVK?5 brǢۯ \3"H&me|p/((D LTUHt s-֌솦+fn^[‰ xx{^BR15㦼 M*fH0g7_Z J %9@:y&ُH @ qڨlh_gG޷K{%g߾~HUM~ ͱ=wp+ t'FKk6$7S]B;G]p A8{ݩ#}zVLB|a]˳Gx)@Y8Bbz5"a ]F5aۅ>Bõ28x< Q $$g]8š됂KFhUyt?yV[~5+LCICK]kzb1M,Xha'jU1~P\v:$̚h·`iXdCὋ.D5%HuI9y~yt8S|WL@\_3+ԭ@7cj$6hi1;Y5k.10@0~ hq ftS#E$㸡ǛHw.6zH fCwF0viC3&w7$:y5SU-k:6']"ӳ/ Gԉ!i1me^M^VLX0QS!W V k+4u?q}ߒ#l},2V.׿+?O% ?Itl1^Ʀ/Ҝuj㿀J׶8ScsjVdzXc;p*ܖ_4׽n ?$ՎH@|tpX VZ -Պ#)@pXꇐ'4*[}(W! f)l̕+c` JKڪDm #4,_^2MB&wQU McC }=5r>rr ͤ r Tta%G;Ut WrDѰbxܳk_pߣIS^ .dHJ=JWm 7 cQ-A{M1ӣ†+8E6c&2Č8##9C8Ֆ|xZq81p izz?>_2@A> 3|}NބY3UbQfHv-UoxWΝNN)Ek/p=])%.k7ꛐ|>=!DYB{ YīO<`}F}#8z饷(*Ə =j`(<ݠH#$k8n g(6YAR'ڝD fq < ҵt|5V6bTkT-E易Yf"q'"rqu| qꝻGܣV%.:x䫂v젞VswSJٴHNX,9+WYR/ LBM~ H^ i=Z.lp _Pbf/6e.eM"W_7),͍ 4GNz-6gM8Nײ*enG+4m.h%iZ B~Z#8 (DMâ,I =#l? Nn>WUPʃDQ*-rהưRz7w, ]geЋ\-$bY0~YOԀ*X?d\q(@p`=3%S%ά ‰JX eq˶P`۸CB>@d xr})x#Δ%WfASv%| @sI)'2 'Gs.?OJ׾0Jﰸ(0CzWJJT,Ż頦NvR/%mày`LP#z%u[S+ m|<$DQWc[iEa[v&w/-޴؄ZKDp)U5y}?fzg[i~$mBW-C"f8]ဵ%3-u,; \nljixUV`WJY柦+oΩnWVMʀMq_ϗZx#h^4tf#J'ڰ W YZ