nscd-2.31-9.9.1 >  A a݂+p9|8hASvGb?"(|hCP"goOA욪@LY؋vlTȦ䀎{.Q}YX"ԬtTy4#\ J8 g2N$1FytpAs| ,n:905 "PuV{oyT5VybxsY~z!NP)h݄5@^qiL#X{e%D#Kц%4U~v7J8 ̨ HZ_]j2]lm@3\ U^ ̨lu~I8vlS)DF_S0Oh( ۋS |If[4%)598sp-%k ;Ȱ> jE $$uq"n-e!>pI0? d   .  CIQ @ =   @ O l>X,( 8(94:=U>]?e@mBuF{G̐HIXY(ZL[P\X]͔^ b~c'dϧeϬfϯlϱuv w$x`yԜ zCnscd2.319.9.1Name Service Caching DaemonNscd caches name service lookups and can dramatically improve performance with NIS, NIS+, and LDAP.a}ibs-arm-4}SUSE Linux Enterprise 15SUSE LLC GPL-2.0-or-laterhttps://www.suse.com/System/Daemonshttp://www.gnu.org/software/libc/libc.htmllinuxaarch64getent group nscd >/dev/null || /usr/sbin/groupadd -r nscd getent passwd nscd >/dev/null || /usr/sbin/useradd -r -g nscd -c "User for nscd" -s /sbin/nologin -d /run/nscd nscd if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : for service in nscd.service ; do sysv_service=${service%.*} if [ ! -e /usr/lib/systemd/system/$service ] && [ ! -e /etc/init.d/$sysv_service ]; then mkdir -p /run/systemd/rpm/needs-preset touch /run/systemd/rpm/needs-preset/$service elif [ -e /etc/init.d/$sysv_service ] && [ ! -e /var/lib/systemd/migrated/$sysv_service ]; then /usr/sbin/systemd-sysv-convert --save $sysv_service || : mkdir -p /run/systemd/rpm/needs-sysv-convert touch /run/systemd/rpm/needs-sysv-convert/$service fi done fi if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$YAST_IS_RUNNING" != "instsys" ]; then /usr/bin/systemctl daemon-reload || : fi for service in nscd.service ; do sysv_service=${service%.*} if [ -e /run/systemd/rpm/needs-preset/$service ]; then /usr/bin/systemctl preset $service || : rm "/run/systemd/rpm/needs-preset/$service" || : elif [ -e /run/systemd/rpm/needs-sysv-convert/$service ]; then /usr/sbin/systemd-sysv-convert --apply $sysv_service || : rm "/run/systemd/rpm/needs-sysv-convert/$service" || : touch /var/lib/systemd/migrated/$sysv_service || : fi done fi [ -z "${TRANSACTIONAL_UPDATE}" -a -x /usr/bin/systemd-tmpfiles ] && /usr/bin/systemd-tmpfiles --create /usr/lib/tmpfiles.d/nscd.conf || : # Previously we had nscd.socket, remove it test -x /usr/bin/systemctl && /usr/bin/systemctl stop nscd.socket 2>/dev/null || : test -x /usr/bin/systemctl && /usr/bin/systemctl disable nscd.socket 2>/dev/null || : # Hard removal in case the above did not work rm -f /etc/systemd/system/sockets.target.wants/nscd.socket exit 0 test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -eq 0 -a -x /usr/bin/systemctl ]; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable nscd.service || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_STOP_ON_REMOVAL" && . /etc/sysconfig/services test "$DISABLE_STOP_ON_REMOVAL" = yes -o \ "$DISABLE_STOP_ON_REMOVAL" = 1 && exit 0 /usr/bin/systemctl stop nscd.service ) || : fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ $1 -eq 0 ]; then # Package removal for service in nscd.service ; do sysv_service="${service%.*}" rm "/var/lib/systemd/migrated/$sysv_service" || : done fi if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi if [ "$FIRST_ARG" -ge 1 ]; then # Package upgrade, not uninstall if [ -x /usr/bin/systemctl ]; then ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services test "$DISABLE_RESTART_ON_UPDATE" = yes -o \ "$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0 /usr/bin/systemctl try-restart nscd.service ) || : fi fi exit 0  A큤A큤A큀a|a|a}a}a|a|a|a}a|a|a}a}a}a}a}e2cdfafd373d24fab07018d0e95dd49510ea6c992b7be2b0611ab23bbc2750b579fe74962fbce2fa9b2a4b92f693b2fd42cbc2ed331fae268de7104879a72df879c9cec5dd2414dcb76d11e75903aa6fd9b7785c897cb9f853edcb140a71b779de7ffea25fb7ba01b4e35ebe7bc51425850c0aa6dd163a7f035d2f7cce0c1393/sbin/service@YYYYYYYrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootglibc-2.31-9.9.1.src.rpmconfig(nscd)glibc:/usr/sbin/nscdnscdnscd(aarch-64) @@@@@@@@@    /bin/sh/bin/sh/bin/sh/bin/shconfig(nscd)glibcld-linux-aarch64.so.1()(64bit)ld-linux-aarch64.so.1(GLIBC_2.17)(64bit)libaudit.so.1()(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libcap.so.2()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.17)(64bit)libselinux.so.1()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)shadowsystemdsystemdsystemdsystemd2.31-9.9.12.313.0.4-14.6.0-14.0-15.2-14.14.3a@a@a0`ݮ@`a@`H`H`?z@`@_T__/@_O@^)@^@^{G^g@^`^U @^&^]@]7@]|@]@]:\@\\]@\@\|\~d[[ͻ[$@[t[r@[qr[^[!@[@Z@ZJ@Z2@ZH@ZZ Z}@ZxG@Zp^@Zp^@Ze@ZKt@Z1@Z/Z@Y@Y@YYܶ@YdY@Y@YY@Y@Y@YW@Y@YJYYw2Yp@YJ_YA%@Y.@Y, @Y, @Y$$@Y"XۡX@XWw@W@W@Ws@Wk@Wj}WYZ@WL+@W3W0{WW V@V@V޾Vm@VIV@VŲ@V`VVV@VLh@V.V$@VVZV VUYU|@UAUȒ@UU@UU4@UUv@U%@U/@U:T@TPTgTܕTء@TO@giuliano.belinassi@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.derguenther@suse.comrguenther@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dejslaby@suse.comschwab@suse.deschwab@suse.deschwab@suse.deidonmez@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.denormand@linux.vnet.ibm.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.demeissner@suse.comschwab@suse.deschwab@suse.demgorman@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.de- Add support for livepatches (jsc#SLE-20049). - Enable livepatching on x86_64. - Generate ipa-clones tarball artifact when livepatching is enabled.- 0001-s390x-Align-child-stack-while-clone.-BZ-27968.patch, 0002-S390-Optimize-__memcpy_z196.patch, 0003-S390-Optimize-__memset_z196.patch, 0004-S390-Sync-HWCAP-names-with-kernel-by-adding-aliases-.patch, 0005-S390-Add-new-hwcap-values.patch, 0006-S390-Add-PCI_MIO-and-SIE-HWCAPs.patch: [15sp4 FEAT] GNU2007 - GLIBC: Support for new IBM Z Hardware (bsc#1191592, jsc#IBM-869)- mq-notify-use-after-free.patch: Use __pthread_attr_copy in mq_notify (CVE-2021-33574, bsc#1186489, BZ #27896)- wordexp-param-overflow.patch: wordexp: handle overflow in positional parameter number (CVE-2021-35942, bsc#1187911, BZ #28011)- s390-memmove-ifunc-selector-arch13.patch: S390: Also check vector support in memmove ifunc-selector (bsc#1184035, BZ #27511)- Update glibc-2.31-HTM-vzeroupper.diff with a AVX-SSE transition fix.- Add glibc-2.31-HTM-vzeroupper.diff to avoid VZEROUPPER in the AVX2 accelerated string routines which cause HTM transaction aborts. Instead use EVEX or SSE. (bsc#1181403)- nscd-netgroupcache.patch: nscd: Fix double free in netgroupcache (CVE-2021-27645, bsc#1182733, BZ #27462)- gconv-assertion-iso-2022-jp.patch: gconv: Fix assertion failure in ISO-2022-JP-3 module (CVE-2021-3326, bsc#1181505, BZ #27256)- sysvipc-sem-stat-any.patch: sysvipc: Fix SEM_STAT_ANY kernel argument pass (bsc#1180557, BZ #26637)- aarch64-getauxval.patch: aarch64: Accept PLT calls to __getauxval within libc.so (bsc#1167939) - iconv-redundant-shift.patch: iconv: Accept redundant shift sequences in IBM1364 (CVE-2020-27618, bsc#1178386, BZ #26224) - iconv-ucs4-loop-bounds.patch: iconv: Fix incorrect UCS4 inner loop bounds (CVE-2020-29562, bsc#1179694, BZ #26923) - printf-long-double-non-normal.patch: x86: Harden printf against non-normal long double values (CVE-2020-29573, bsc#1179721, BZ #26649) - get-nprocs-cpu-online-parsing.patch: Fix parsing of /sys/devices/system/cpu/online (bsc#1180038, BZ #25859)- power10-support.patch: Add support for POWER10 (jsc#SLE-13520) - iconv-option-parsing.patch: Rewrite iconv option parsing (CVE-2016-10228, bsc#1027496, BZ #19519)- Update to glibc 2.31 - glibc-2.14-crypt.diff, crypt_blowfish-const.patch, crypt_blowfish-1.2-sha.diff, crypt_blowfish-gensalt.patch, crypt_blowfish-1.2-hack_around_arm.diff, glibc-nodate.patch, powerpc-elision-enable-envvar.patch, s390-elision-enable-envvar.patch, crt-nocompress-debug-sections.patch, resolv-context-leak.patch, dl-runtime-resolve-opt-avx512f.patch, libpthread-compat-wrappers.patch, math-c++-compat.patch, remove-nss-nis-compat.patch, eh-frame-zero-terminator.patch, ld-so-hwcap-x86-64.patch, assert-pedantic.patch, getaddrinfo-errno.patch, resolv-conf-oom.patch, dynarray-allocation.patch, nearbyint-inexact.patch, nss-compat.patch, nscd-libnsl.patch, malloc-tcache-leak.patch, falkor-memcpy-memmove.patch, aarch64-cpu-features.patch, nss-files-large-buffers.patch, sysconf-uio-maxiov.patch, glob-tilde-overflow.patch, dl-runtime-resolve-xsave.patch, spawni-assert.patch, x86-64-dl-platform.patch, glob64-s390.patch, tst-tlsopt-powerpc.patch, powerpc-hwcap-bits.patch, malloc-tcache-check-overflow.patch, dl-init-paths-overflow.patch, fillin-rpath-empty-tokens.patch, getcwd-absolute.patch, memalign-overflow.patch, stack-guard-size-accounting.patch, libgcc-rtld-now.patch, res-send-enomem.patch, glibc-fix-avx512-mempcpy.patch, i386-memmove-sse2-unaligned.patch, realpath-ssize-max-overflow.patch, localtime-2039.patch, math-remove-slow-path.patch, aarch64-hwcap-atomics.patch, glibc-fix-aarch64-build.diff, absolute-symbols.patch, x86-haswell-string-flags.patch, pthread-cond-broadcast-waiters-after-spinning.patch, mman-map-sync.patch, mman-linux-map-shared-validate.patch, nptl-setxid-error.patch, pthread-mutex-trylock-barrier.patch, getaddrinfo-parse-ipv4-address.patch, japanese-era-name-may-2019.patch, force-elision-race.patch, regex-read-overrun.patch, regex-parse-reg-exp.patch, 0001-S390-Add-configure-check-to-detect-z10-as-mininum-ar.patch, 0002-S390-Use-hwcap-instead-of-dl_hwcap-in-ifunc-resolver.patch, 0003-S390-Unify-31-64bit-memcpy.patch, 0004-S390-Refactor-memcpy-mempcpy-ifunc-handling.patch, 0005-S390-Remove-s390-specific-implementation-of-bcopy.patch, 0006-S390-Use-memcpy-for-forward-cases-in-memmove.patch, 0007-S390-Add-configure-check-to-detect-z13-as-mininum-ar.patch, 0008-S390-Add-z13-memmove-ifunc-variant.patch, 0009-S390-Add-z13-strstr-ifunc-variant.patch, 0010-S390-Add-z13-memmem-ifunc-variant.patch, 0011-S390-Cleanup-ifunc-resolve.h.patch, 0012-S390-Mark-vx-and-vxe-as-important-hwcap.patch, 0013-S390-Add-new-hwcap-values-for-new-cpu-architecture-a.patch, 0014-S390-Add-configure-check-to-detect-support-for-arch1.patch, 0015-S390-Add-arch13-memmove-ifunc-variant.patch, 0016-S390-Add-arch13-strstr-ifunc-variant.patch, 0017-S390-Add-arch13-memmem-ifunc-variant.patch, prefer-map-32bit-exec.patch, s390-strstr-page-boundary.patch, ppc-tle-htm-nosc.patch, posix-Add-internal-symbols-for-posix_spawn-interface.patch, glibc-2.29-posix-Use-posix_spawn-on-popen.patch, backtrace-powerpc.patch, pthread-rwlock-pwn.patch, manual-memory-protection.patch, ldbl-96-rem-pio2l.patch, dl-sort-maps.patch, dlopen-filter-object.patch, glob-use-after-free.patch, nptl-setxid-race.patch, nscd-senfile.patch, ldd-system-interp.patch, abort-no-flush.patch, fnmatch-collating-elements.patch, nss-files-long-lines-2.patch, iconv-reset-input-buffer.patch, nscd-prune.patch, syslog-locking.patch: Removed. - long-double-alias.patch, glibc-nsswitch-usr.diff, euc-kr-overrun.patch, riscv-syscall-clobber.patch, nscd-gc-cycle.patch: Added.- nscd-senfile.patch: Fix concurrent changes on nscd aware files (bsc#1171878, BZ #23178) - nscd-prune.patch: nscd: bump GC cycle during cache pruning (bsc#1171878, BZ #26130) - syslog-locking.patch: Correct locking and cancellation cleanup in syslog functions (bsc#1172085, BZ #26100)- nptl-setxid-race.patch: nptl: wait for pending setxid request also in detached thread (bsc#1162930, BZ #25942)- glob-use-after-free.patch: Fix use-after-free in glob when expanding ~user (CVE-2020-1752, bsc#1167631, BZ #25414)- dl-sort-maps.patch, dlopen-filter-object.patch: Allow dlopen of filter object to work (bsc#1166106, BZ #16272)- ldbl-96-rem-pio2l.patch: Avoid ldbl-96 stack corruption from range reduction of pseudo-zero (CVE-2020-10029, bsc#1165784, BZ #25487)- pthread-rwlock-pwn.patch: Fix rwlock stall with PREFER_WRITER_NONRECURSIVE_NP (bsc#1164505, BZ #23861) - manual-memory-protection.patch: manual: Document mprotect and introduce section on memory protection (bsc#1163184)- backtrace-powerpc.patch: Fix array overflow in backtrace on PowerPC (CVE-2020-1751, bsc#1158996, BZ #25423)- posix-Add-internal-symbols-for-posix_spawn-interface.patch, glibc-2.29-posix-Use-posix_spawn-on-popen.patch: Use posix_spawn on popen (bsc#1149332, BZ #22834)- ppc-tle-htm-nosc.patch: powerpc: Fix syscalls during early process initialization (SLE-8348, BZ #22685)- s390-strstr-page-boundary.patch: S390: Fix handling of needles crossing a page in strstr z15 ifunc-variant (bsc#1157893, BZ #25226)- prefer-map-32bit-exec.patch: rtld: Check __libc_enable_secure before honoring LD_PREFER_MAP_32BIT_EXEC (CVE-2019-19126, bsc#1157292, BZ [#25204])- GNU1815 - Hardware support in toolchain (bsc#1151582) 0001-S390-Add-configure-check-to-detect-z10-as-mininum-ar.patch 0002-S390-Use-hwcap-instead-of-dl_hwcap-in-ifunc-resolver.patch 0003-S390-Unify-31-64bit-memcpy.patch 0004-S390-Refactor-memcpy-mempcpy-ifunc-handling.patch 0005-S390-Remove-s390-specific-implementation-of-bcopy.patch 0006-S390-Use-memcpy-for-forward-cases-in-memmove.patch 0007-S390-Add-configure-check-to-detect-z13-as-mininum-ar.patch 0008-S390-Add-z13-memmove-ifunc-variant.patch 0009-S390-Add-z13-strstr-ifunc-variant.patch 0010-S390-Add-z13-memmem-ifunc-variant.patch 0011-S390-Cleanup-ifunc-resolve.h.patch 0012-S390-Mark-vx-and-vxe-as-important-hwcap.patch 0013-S390-Add-new-hwcap-values-for-new-cpu-architecture-a.patch 0014-S390-Add-configure-check-to-detect-support-for-arch1.patch 0015-S390-Add-arch13-memmove-ifunc-variant.patch 0016-S390-Add-arch13-strstr-ifunc-variant.patch 0017-S390-Add-arch13-memmem-ifunc-variant.patch- regex-parse-reg-exp.patch: ERE '0|()0|\1|0' causes regexec undefined behavior (CVE-2009-5155, bsc#1127223, BZ #18986) - regex-read-overrun.patch: regex: fix read overrun (CVE-2019-9169, bsc#1127308, BZ #24114)- crt-nocompress-debug-sections.patch: Don't compress debug sections in crt*.o files (bsc#1123710)- ldconfig-concurrency.patch: Avoid concurrency problem in ldconfig (bsc#1117993, BZ #23973)- force-elision-race.patch: Fix race in pthread_mutex_lock while promoting to PTHREAD_MUTEX_ELISION_NP (bsc#1131330, BZ #23275)- japanese-era-name-may-2019.patch: ja_JP locale: Add entry for the new Japanese era (bsc#1100396, BZ #22964)- pthread-mutex-trylock-barrier.patch: pthread_mutex_trylock does not use the correct order of instructions while maintaining the robust mutex list due to missing compiler barriers (bsc#1130045, BZ #24180) - getaddrinfo-parse-ipv4-address.patch: getaddrinfo: Fully parse IPv4 address strings (CVE-2016-10739, bsc#1122729, BZ #20018)- mman-map-sync.patch: Add MAP_SYNC from Linux 4.15 (bsc#1126590) - mman-linux-map-shared-validate.patch: Add MAP_SHARED_VALIDATE from Linux 4.15 (bsc#1126590) - nptl-setxid-error.patch: nptl: Preserve error in setxid thread broadcast in coredumps (bsc#1063675, BZ #22153)- x86-haswell-string-flags.patch: Fix Haswell CPU string flags (bsc#1114984, BZ #23709) - pthread-cond-broadcast-waiters-after-spinning.patch: Fix waiters-after-spinning case (bsc#1114993, BZ #23538)- absolute-symbols.patch: Don't relocate absolute symbols (bsc#1112570, BZ [#19818])- glibc-fix-aarch64-build.diff: Fix build on aarch64 with binutils newer than 2.30.- Add glibc-locale-base subpackage containing only C, C.UTF-8 and en_US.UTF-8 locales (fate#326551)- aarch64-hwcap-atomics.patch: aarch64: add HWCAP_ATOMICS to HWCAP_IMPORTANT (fate#325962)- math-remove-slow-path.patch: Remove slow paths from math routines (fate#325815, fate#325879, fate#325880, fate#325881, fate#325882)- localtime-2039.patch: Fix year 2039 bug for localtime with 64-bit time_t (bsc#1102526, BZ #22639)- i386-memmove-sse2-unaligned.patch: Fix SSE2 memmove issue when crossing 2GB boundary (CVE-2017-18269, bnc#1094150, BZ #22644) - realpath-ssize-max-overflow.patch: Fix overflow in path length computation (CVE-2018-11236, bsc#1094161, BZ #22786) - glibc-fix-avx512-mempcpy.patch: replace with upstream version- Use %license also for COPYING and COPYING.LIB (bsc#1082318)- Add glibc-fix-avx512-mempcpy.patch as quick fix for mempcpy buffer overwrite in memmove-avx512-no-vzeroupper.S for Knights Landing CPUs (CVE-2018-11237, bnc#1094154, bnc#1092877, BZ #23196)- Readd nis to netgroup and automount nss config (bsc#1088860)- res-send-enomem.patch: Fix crash in resolver on memory allocation failure (bsc#1086690, BZ #23005)- Use %license (bsc#1082318)- stack-guard-size-accounting.patch: Fix stack guard size accounting (bsc#1074208, BZ #22637) - libgcc-rtld-now.patch: Open libgcc.so with RTLD_NOW during pthread_cancel (bsc#1074208, BZ #22636)- Mark source0 as nosource in non-main source rpms- Add systemtap-headers to BuildRequires. - Add --enable-systemtap to configure arguments. (fate#324969, bsc#1073636)- memalign-overflow.patch: Fix integer overflows in internal memalign and malloc functions (CVE-2018-6485, CVE-2018-6551, bsc#1079036, BZ #22343, BZ #22774)- fix-locking-in-_IO_cleanup.patch: Skip locked files during exit (bsc#1070491, BZ #15142)- Avoid duplicate source rpm- getcwd-absolute.patch: make getcwd(3) fail if it cannot obtain an absolute path (CVE-2018-1000001, bsc#1074293, BZ #22679)- dl-init-paths-overflow.patch: Count components of the expanded path in _dl_init_path (CVE-2017-1000408, CVE-2017-1000409, bsc#1071319, BZ [#22607], BZ #22627) - fillin-rpath-empty-tokens.patch: Check for empty tokens before dynamic string token expansion (CVE-2017-16997, bsc#1073231, BZ #22625)- tst-tlsopt-powerpc.patch: fix tst-tlsopt-powerpc (bcn#1070419) - powerpc-hwcap-bits.patch: Update HWCAP for powerpc (bnc#1070420) - malloc-tcache-check-overflow.patch: Fix integer overflow in malloc when tcache is enabled (CVE-2017-17426, bnc#1071479, BZ #22375)- Add _multibuild- glob64-s390.patch: no compat glob64 on s390 - noversion.tar.bz2: remove unused source- x86-64-dl-platform.patch: Don't set GLRO(dl_platform) to NULL (BZ #22299)- spawni-assert.patch: Fix improper assert in Linux posix_spawn (BZ [#22273])- math-c++-compat.patch: Add more C++ compatibility (BZ #22296) - malloc-tcache-leak.patch: Fix tcache leak after thread destruction (BZ [#22111]) - falkor-memcpy-memmove.patch: Optimized implementation of memcpy/memmove for Qualcomm Falkor - aarch64-cpu-features.patch: Fix glibc.tune.cpu tunable handling - nss-files-large-buffers.patch: Avoid large buffers with many host addresses (BZ #22078) - sysconf-uio-maxiov.patch: Fix missing definition of UIO_MAXIOV (BZ [#22321]) - glob-tilde-overflow.patch: Fix buffer overflows with GLOB_TILDE (CVE-2017-15670, CVE-2017-15671, CVE-2017-15804, bsc#1064569. bsc#1064580, bsc#1064583, BZ #22320, BZ #22325, BZ #22332) - dl-runtime-resolve-xsave.patch: Use fxsave/xsave/xsavec in _dl_runtime_resolve (BZ #21265)- nscd-libnsl.patch: Remove reference to libnsl from nscd (bsc#1062244)- Drop glibc-obsolete - glibc-2.3.90-noversion.diff: remove - reinitialize-dl_load_write_lock.patch: remove- nss-compat.patch: Move nss_compat from nis to nss subdir and install it unconditionally - nsswitch.conf: switch back to compat for passwd, group, shadow- assert-pedantic.patch: Suppress pedantic warning caused by statement expression (BZ #21242, BZ #21972) - math-c++-compat.patch: Add more C++ compatibility (BZ #22235) - getaddrinfo-errno.patch: Fix errno and h_errno handling in getaddrinfo (BZ #21915, BZ #21922) - resolv-conf-oom.patch: Fix memory handling in OOM situation during resolv.conf parsing (BZ #22095, BZ #22096) - dynarray-allocation.patch: Fix initial size of dynarray allocation and set errno on overflow error - nearbyint-inexact.patch: Avoid spurious inexact in nearbyint (BZ #22225)- math-c++-compat.patch: add more C++ compatibility (BZ #22146)- Remove rpcsvc/yppasswd.* from glibc-devel - ld-so-hwcap-x86-64.patch: add x86_64 to hwcap (bsc#1056606, BZ #22093)- eh-frame-zero-terminator.patch: Properly terminate .eh_frame (BZ #22051)- Disable obsolete libnsl and NIS support - remove-nss-nis-compat.patch: remove nis and compat from default NSS configs - nsswitch.conf: Likewise- math-c++-compat.patch: Do not use __builtin_types_compatible_p in C++ mode (BZ #21930)- Add iconvconfig to baselibs.conf (bsc#1051042)- resolv-context-leak.patch: Fix leaks of resolver contexts - dl-runtime-resolve-opt-avx512f.patch: Use _dl_runtime_resolve_opt only with AVX512F (BZ #21871) - libpthread-compat-wrappers.patch: Don't use IFUNC resolver for longjmp or system in libpthread (BZ #21041)- Update to glibc 2.26 * A per-thread cache has been added to malloc * Unicode 10.0.0 Support * Improvements to the DNS stub resolver * New function reallocarray, which resizes an allocated block (like realloc) to the product of two sizes, with a guaranteed clean failure upon integer overflow in the multiplication * New wrappers for the Linux-specific system calls preadv2 and pwritev2 * posix_spawnattr_setflags now supports the flag POSIX_SPAWN_SETSID, to create a new session ID for the spawned process * errno.h is now safe to use from C-preprocessed assembly language on all supported operating systems * On ia64, powerpc64le, x86-32, and x86-64, the math library now implements 128-bit floating point as defined by ISO/IEC/IEEE 60559:2011 (IEEE 754-2008) and ISO/IEC TS 18661-3:2015 * The synchronization that pthread_spin_unlock performs has been changed to now be equivalent to a C11 atomic store with release memory order to the spin lock's memory location * The DNS stub resolver no longer performs EDNS fallback * res_mkquery and res_nmkquery no longer support the IQUERY opcode * The _res_opcodes variable has been removed from libresolv * no longer includes inline versions of any string functions, as this kind of optimization is better done by the compiler * The nonstandard header has been removed * The obsolete header has been removed * The obsolete signal constant SIGUNUSED is no longer defined by * The obsolete function cfree has been removed * The stack_t type no longer has the name struct sigaltstack * The ucontext_t type no longer has the name struct ucontext * On S/390 GNU/Linux, the constants defined by have been synced with the kernel * Linux kernel 3.2 or later is required at runtime, on all architectures supported by that kernel * The DNS stub resolver limits the advertised UDP buffer size to 1200 bytes, to avoid fragmentation-based spoofing attacks (CVE-2017-12132) * LD_LIBRARY_PATH is now ignored in binaries running in privileged AT_SECURE mode to guard against local privilege escalation attacks (CVE-2017-1000366) * Avoid printing a backtrace from the __stack_chk_fail function since it is called on a corrupt stack and a backtrace is unreliable on a corrupt stack (CVE-2010-3192) * A use-after-free vulnerability in clntudp_call in the Sun RPC system has been fixed (CVE-2017-12133) * fate#322258, fate#321513, fate#322453 - fts-symbol-redirect.patch, glibc-resolv-reload.diff, glibc-2.2-sunrpc.diff, i686-memchr-sse.patch, ld-hwcap-mask-suid.patch, ld-library-path-suid.patch, sunrpc-use-after-free.patch, test-math-vector-sincos-aliasing.patch, tunables-bigendian.patch: Removed- Fix RPM group- s390-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (fate#322271)- ld-hwcap-mask-suid.patch: Ignore and remove LD_HWCAP_MASK for AT_SECURE programs (BZ #21209) - ld-library-path-suid.patch: Completely ignore LD_LIBRARY_PATH for AT_SECURE=1 programs (CVE-2017-1000366, bsc#1039357, BZ #21624)- Remove glibc-cpusetsize.diff, no longer useful- fts-symbol-redirect.patch: Fix symbol redirect for fts_set (bsc#1041123, BZ #21289)- test-math-vector-sincos-aliasing.patch: Fix test-math-vector-sincos.h aliasing- add-locales.patch: renamed from glibc-2.3.locales.diff.bz2, drop en_BE locales (bsc#1039502)- Remove glibc-testsuite.patch, no longer relevant- Use multibuild feature - Remove obsolete check-build.sh - glibc.rpmlintrc: remove obsolete entries - Use %tmpfiles_create in nscd postin- i686-memchr-sse.patch: Fix i686 memchr overflow calculation (bsc#1031021, BZ #21182) - sunrpc-use-after-free.patch: Avoid use-after-free read access in clntudp_call (BZ #21115) - Build testsuite with gdb and python-pexpect to enable more tests- tunables-bigendian.patch: Fix getting tunable values on big-endian (BZ [#21109])- Update to glibc 2.25 * The feature test macro __STDC_WANT_LIB_EXT2__, from ISO/IEC TR 24731-2:2010, is supported to enable declarations of functions from that TR. * The feature test macro __STDC_WANT_IEC_60559_BFP_EXT__, from ISO/IEC TS 18661-1:2014, is supported to enable declarations of functions and macros from that TS. * The feature test macro __STDC_WANT_IEC_60559_FUNCS_EXT__, from ISO/IEC TS 18661-4:2015, is supported to enable declarations of functions and macros from that TS. * The nonstandard feature selection macros _REENTRANT and _THREAD_SAFE are now treated as compatibility synonyms for _POSIX_C_SOURCE=199506L. * The inclusion of by is deprecated. * New features from TS 18661-1:2014 are added to libm: the fesetexcept, fetestexceptflag, fegetmode and fesetmode functions, the femode_t type and the FE_DFL_MODE and FE_SNANS_ALWAYS_SIGNAL macros. * Integer width macros from TS 18661-1:2014 are added to : CHAR_WIDTH, SCHAR_WIDTH, UCHAR_WIDTH, SHRT_WIDTH, USHRT_WIDTH, INT_WIDTH, UINT_WIDTH, LONG_WIDTH, ULONG_WIDTH, LLONG_WIDTH, ULLONG_WIDTH; and to : INT8_WIDTH, UINT8_WIDTH, INT16_WIDTH, UINT16_WIDTH, INT32_WIDTH, UINT32_WIDTH, INT64_WIDTH, UINT64_WIDTH, INT_LEAST8_WIDTH, UINT_LEAST8_WIDTH, INT_LEAST16_WIDTH, UINT_LEAST16_WIDTH, INT_LEAST32_WIDTH, UINT_LEAST32_WIDTH, INT_LEAST64_WIDTH, UINT_LEAST64_WIDTH, INT_FAST8_WIDTH, UINT_FAST8_WIDTH, INT_FAST16_WIDTH, UINT_FAST16_WIDTH, INT_FAST32_WIDTH, UINT_FAST32_WIDTH, INT_FAST64_WIDTH, UINT_FAST64_WIDTH, INTPTR_WIDTH, UINTPTR_WIDTH, INTMAX_WIDTH, UINTMAX_WIDTH, PTRDIFF_WIDTH, SIG_ATOMIC_WIDTH, SIZE_WIDTH, WCHAR_WIDTH, WINT_WIDTH. * New features are added from TS 18661-1:2014: - Signaling NaN macros: SNANF, SNAN, SNANL. - Nearest integer functions: roundeven, roundevenf, roundevenl, fromfp, fromfpf, fromfpl, ufromfp, ufromfpf, ufromfpl, fromfpx, fromfpxf, fromfpxl, ufromfpx, ufromfpxf, ufromfpxl. - llogb functions: the llogb, llogbf and llogbl functions, and the FP_LLOGB0 and FP_LLOGBNAN macros. - Max-min magnitude functions: fmaxmag, fmaxmagf, fmaxmagl, fminmag, fminmagf, fminmagl. - Comparison macros: iseqsig. - Classification macros: iscanonical, issubnormal, iszero. - Total order functions: totalorder, totalorderf, totalorderl, totalordermag, totalordermagf, totalordermagl. - Canonicalize functions: canonicalize, canonicalizef, canonicalizel. - NaN functions: getpayload, getpayloadf, getpayloadl, setpayload, setpayloadf, setpayloadl, setpayloadsig, setpayloadsigf, setpayloadsigl. * The functions strfromd, strfromf, and strfroml, from ISO/IEC TS 18661-1:2014, are added to libc. * Most of glibc can now be built with the stack smashing protector enabled. * The function explicit_bzero, from OpenBSD, has been added to libc. * On ColdFire, MicroBlaze, Nios II and SH3, the float_t type is now defined to float instead of double. * On x86_64, when compiling with -mfpmath=387 or -mfpmath=sse+387, the float_t and double_t types are now defined to long double instead of float and double. * The getentropy and getrandom functions, and the header file have been added. * The buffer size for byte-oriented stdio streams is now limited to 8192 bytes by default. * The header now includes the header. * The malloc_get_state and malloc_set_state functions have been removed. * The “ip6-dotint” and “no-ip6-dotint” resolver options, and the corresponding RES_NOIP6DOTINT flag from have been removed. * The "ip6-bytestring" resolver option and the corresponding RES_USEBSTRING flag from have been removed. * The flags RES_AAONLY, RES_PRIMARY, RES_NOCHECKNAME, RES_KEEPTSIG, RES_BLAST defined in the header file have been deprecated. * The "inet6" option in /etc/resolv.conf and the RES_USE_INET6 flag for _res.flags are deprecated. * DNSSEC-related declarations and definitions have been removed from the header file, and libresolv will no longer attempt to decode the data part of DNSSEC record types. * The resource record type classification macros ns_t_qt_p, ns_t_mrr_p, ns_t_rr_p, ns_t_udp_p, ns_t_xfr_p have been removed from the header file because the distinction between RR types and meta-RR types is not officially standardized, subject to revision, and thus not suitable for encoding in a macro. * The types res_sendhookact, res_send_qhook, re_send_rhook, and the qhook and rhook members of the res_state type in have been removed. * For multi-arch support it is recommended to use a GCC which has been built with support for GNU indirect functions. * GDB pretty printers have been added for mutex and condition variable structures in POSIX Threads. * Tunables feature added to allow tweaking of the runtime for an application program. * A new version of condition variables functions have been implemented in the NPTL implementation of POSIX Threads to provide stronger ordering guarantees. * A new version of pthread_rwlock functions have been implemented to use a more scalable algorithm primarily through not using a critical section anymore to make state changes. * On ARM EABI (32-bit), generating a backtrace for execution contexts which have been created with makecontext could fail to terminate due to a missing .cantunwind annotation. (CVE-2016-6323) * The DNS stub resolver functions would crash due to a NULL pointer dereference when processing a query with a valid DNS question type which was used internally in the implementation. (CVE-2015-5180) - Enable stack protector if part of %optflags - startcontext-cantunwind.patch: Removed - cpuid-assertion.patch: Removed- cpuid-assertion.patch: Don't assert on older Intel CPUs (BZ #20647)- glibc-2.3.3-nscd-db-path.diff: Move persistent nscd databases to /var/lib/nscd - glibc-2.3.90-langpackdir.diff: simplify- Update to glibc 2.24 * The minimum Linux kernel version that this version of the GNU C Library can be used with is 3.2 * The pap_AN locale has been deleted * The readdir_r and readdir64_r functions have been deprecated * The type `union wait' has been removed * A new NSS action is added to facilitate large distributed system administration * The deprecated __malloc_initialize_hook variable has been removed from the API * The long unused localedef --old-style option has been removed * nextupl, nextup, nextupf, nextdownl, nextdown and nextdownf are added to libm * An unnecessary stack copy in _nss_dns_getnetbyname_r was removed (CVE-2016-3075) * Previously, getaddrinfo copied large amounts of address data to the stack, even after the fix for CVE-2013-4458 has been applied, potentially resulting in a stack overflow. getaddrinfo now uses a heap allocation instead (CVE-2016-3706) * The glob function suffered from a stack-based buffer overflow when it was called with the GLOB_ALTDIRFUNC flag and encountered a long file name (CVE-2016-1234) * The Sun RPC UDP client could exhaust all available stack space when flooded with crafted ICMP and UDP messages (CVE-2016-4429) * The IPv6 name server management code in libresolv could result in a memory leak for each thread which is created, performs a failing naming lookup, and exits (CVE-2016-5417) - startcontext-cantunwind.patch: mark __startcontext as .cantunwind (bsc#974800, BZ #20435) - Removed patches: * 0001-Updated-translations-for-2.23.patch * 0002-Regenerate-libc.pot-for-2.23.patch * 0003-Regenerated-configure-scripts.patch * 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch * 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch * 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch * 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch * 0008-Update-NEWS.patch * 0009-sln-use-stat64.patch * 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch * 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch * 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch * 0013-Mention-BZ-19762-in-NEWS.patch * 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch * 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch * 0016-Fix-resource-leak-in-resolver-bug-19257.patch * 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch * 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch * 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch * 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch * 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch * 0022-configure-fix-test-usage.patch * 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch * 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch * 0025-getnameinfo-Do-not-preserve-errno.patch * 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch * 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch * 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch * 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch * 0030-hesiod-Remove-RCS-keywords.patch * 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch * 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch * 0033-malloc-Remove-NO_THREADS.patch * 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch * 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch * 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch * 0037-malloc-Add-missing-internal_function-attributes-on-f.patch * 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch * 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch * 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch * 0041-nss_dns-Check-address-length-before-creating-addrinf.patch * 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch * 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch * 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch * 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch * 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch * 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch * 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch * 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch * 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch * 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch * 0052-Fix-tst-dlsym-error-build.patch * 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch * 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch * 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch * 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch * clntudp-call-alloca.patch * glibc-memset-nontemporal.diff * nis-initgroups-status.patch * nscd-gc-crash.patch * robust-mutex-deadlock.patch * strncat-avoid-array-bounds-warning.patch- strncat-avoid-array-bounds-warning.patch: Avoid array-bounds warning for stncat on i586 (BZ #20260) - Update glibc.keyring - Unset MALLOC_CHECK_ during testsuite run- nsswitch.conf: Add fallback to files for passwd and group to prepare for libnsl removal.- nis-initgroups-status.patch: Return proper status from _nss_nis_initgroups_dyn (bsc#984269, BZ #20262) - robust-mutex-deadlock.patch: Fix generic __lll_robust_timedlock_wait to check for timeout (bsc#985170, BZ #20263)- nscd-gc-crash.patch: Fix nscd assertion failure in gc (bsc#965699, BZ [#19755])- clntudp-call-alloca.patch: do not use alloca in clntudp_call (CVE-2016-4429, bsc#980854, BZ #20112)- Import patches from 2.23 branch 0001-Updated-translations-for-2.23.patch 0002-Regenerate-libc.pot-for-2.23.patch 0003-Regenerated-configure-scripts.patch 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch 0008-Update-NEWS.patch 0009-sln-use-stat64.patch 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch 0013-Mention-BZ-19762-in-NEWS.patch 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch 0016-Fix-resource-leak-in-resolver-bug-19257.patch 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch 0022-configure-fix-test-usage.patch 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch 0025-getnameinfo-Do-not-preserve-errno.patch 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch 0030-hesiod-Remove-RCS-keywords.patch 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch 0033-malloc-Remove-NO_THREADS.patch 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch 0037-malloc-Add-missing-internal_function-attributes-on-f.patch 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch 0041-nss_dns-Check-address-length-before-creating-addrinf.patch 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch 0052-Fix-tst-dlsym-error-build.patch 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch - CVE-2016-3075 CVE-2016-1234 CVE-2016-3706 bsc#973164 bsc#969727 - resolv-mem-leak.patch: renamed to 0016-Fix-resource-leak-in-resolver-bug-19257.patch - no-long-double.patch: renamed to 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch - glibc-gcc6.patch: renamed to 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch- glibc-c-utf8-locale.patch: fix bad standard in LC_IDENTIFICATION categories - glibc-2.3.locales.diff.bz2: likewise- glibc-gcc6.patch: Suppress GCC 6 warning about ambiguous 'else' with - Wparentheses- Add compatibility symlinks for LSB 3.0 (fate#318933)- powerpc-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (bsc#967594, fate#318236)- ldd-system-interp.patch: Restore warning about execution permission, it is still needed for noexec mounts (bsc#915985)- Add C.UTF-8 locale (see https://sourceware.org/glibc/wiki/Proposals/C.UTF-8) and rh#902094 . Added with glibc-c-utf8-locale.patch. - Add glibc-disable-gettext-for-c-utf8.patch to disable gettext for C.UTF-8 same as C locale.- Move %install_info_delete to %preun - crypt_blowfish-1.3.tar.gz.sign: Remove, the sign key is no longer acceptable- no-long-double.patch: Don't use long double functions if NO_LONG_DOUBLE- Update to glibc 2.23 release. * Unicode 8.0.0 Support * sched_setaffinity, pthread_setaffinity_np no longer attempt to guess the kernel-internal CPU set size * The fts.h header can now be used with -D_FILE_OFFSET_BITS=64 * getaddrinfo now detects certain invalid responses on an internal netlink socket * A defect in the malloc implementation, present since glibc 2.15 (2012) or glibc 2.10 via --enable-experimental-malloc (2009), could result in the unnecessary serialization of memory allocation requests across threads * The obsolete header has been removed * The obsolete functions bdflush, create_module, get_kernel_syms, query_module and uselib are no longer available to newly linked binaries * Optimized string, wcsmbs and memory functions for IBM z13. * Newly linked programs that define a variable called signgam will no longer have it set by the lgamma, lgammaf and lgammal functions - Removed patches: * dont-remove-nodelete-flag.patch * openat64-readd-o-largefile.patch * mntent-blank-line.patch * opendir-o-directory-check.patch * strcoll-remove-strdiff-opt.patch * ld-pointer-guard.patch * tls-dtor-list-mangling.patch * powerpc-lock-elision-race.patch * prelink-elf-rtype-class.patch * vector-finite-math-aliases.patch * powerpc-elision-adapt-param.patch * catopen-unbound-alloca.patch * strftime-range-check.patch * hcreate-overflow-check.patch * errorcheck-mutex-no-elision.patch * refactor-nan-parsing.patch * send-dg-buffer-overflow.patch * isinf-cxx11-conflict.patch * ibm93x-redundant-shift-si.patch * iconv-reset-input-buffer.patch * tzset-tzname.patch * static-dlopen.patch- isinf-cxx11-conflict.patch: Fix isinf/isnan declaration conflict with C++11 (bsc#963700, BZ #19439)- tls-dtor-list-mangling.patch: Harden tls_dtor_list with pointer mangling (BZ #19018) - prelink-elf-rtype-class.patch: Keep only ELF_RTYPE_CLASS_{PLT|COPY} bits for prelink (BZ #19178) - vector-finite-math-aliases.patch: Better workaround for aliases of * _finite symbols in vector math library (BZ# 19058) - powerpc-elision-adapt-param.patch: powerpc: Fix usage of elision transient failure adapt param (BZ #19174) - catopen-unbound-alloca.patch: Fix unbound alloca in catopen (CVE-2015-8779, bsc#962739, BZ #17905) - strftime-range-check.patch: Add range check on time fields (CVE-2015-8776, bsc#962736, BZ #18985) - hcreate-overflow-check.patch: Handle overflow in hcreate (CVE-2015-8778, bsc#962737, BZ #18240) - errorcheck-mutex-no-elision.patch: Don't do lock elision on an error checking mutex (bsc#956716, BZ #17514) - refactor-nan-parsing.patch: Refactor strtod parsing of NaN payloads (CVE-2014-9761, bsc#962738, BZ #16962) - send-dg-buffer-overflow.patch: Fix getaddrinfo stack-based buffer overflow (CVE-2015-7547, bsc#961721, BZ #18665) - powerpc-lock-elision-race.patch: renamed from 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- Add audit-devel and libcap-devel to BuildRequires, for use by nscd- reinitialize-dl_load_write_lock.patch: Reinitialize dl_load_write_lock on fork (bsc#958315, BZ #19282)- resolv-mem-leak.patch: Fix resource leak in resolver (bsc#955647, BZ #19257) - tzset-tzname.patch: Force rereading TZDEFRULES after it was used to set DST rules only (BZ #19253)- glibc-2.3.90-noversion.diff: use stat64- ld-pointer-guard.patch: Always enable pointer guard (CVE-2015-8777, bsc#950944, BZ #18928)- strcoll-remove-strdiff-opt.patch: Remove incorrect STRDIFF-based optimization (BZ #18589)- iconv-reset-input-buffer.patch: Fix iconv buffer handling with IGNORE error handler (BZ #18830)- new patch [BZ #18743] PowerPC: Fix a race condition when eliding a lock 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- nss-files-long-lines-2.patch: Properly reread entry after failure in nss_files getent function (bsc#945779, BZ #18991)- fnmatch-collating-elements.patch: Fix fnmatch handling of collating elements (BZ #17396, BZ #16976)- opendir-o-directory-check.patch: Fix opendir inverted o_directory_works test - static-dlopen.patch: Static dlopen default library search path fix (bsc#937853)- mntent-blank-line.patch: Fix memory corruption w/blank lines- dont-remove-nodelete-flag.patch: Don't remove DF_1_NODELETE flag from all loaded objects on failed dlopen - openat64-readd-o-largefile.patch: Readd O_LARGEFILE flag for openat64- Update to glibc 2.22 release. * Cache information can be queried via sysconf() function on s390 * A buffer overflow in gethostbyname_r and related functions performing DNS requests has been fixed. (CVE-2015-1781) * The time zone file parser has been made more robust against crafted time zone files * A powerpc and powerpc64 optimization for TLS, similar to TLS descriptors for LD and GD on x86 and x86-64, has been implemented. * Character encoding and ctype tables were updated to Unicode 7.0.0 * Added vector math library named libmvec * A new fmemopen implementation has been added with the goal of POSIX compliance. * The header is deprecated, and will be removed in a future release. * bsc#905313 bsc#920338 bsc#927080 bsc#928723 bsc#931480 bsc#939211 bsc#940195 bsc#940332 bsc#944494 bsc#968787 - Patches from upstream removed * htm-tabort.patch * o-tmpfile.patch * memcpy-chk-non-SSE2.patch * pthread-mutexattr-gettype-kind.patch * powerpc-software-sqrt.patch * static-tls-dtv-limit.patch * threaded-trim-threshold.patch * resolv-nameserver-handling.patch * nss-separate-state-getXXent.patch * aarch64-sigstksz.patch * heap-top-corruption.patch * pthread-join-deadlock.patch- pthread-join-deadlock.patch: Use IE model for static variables in libc.so, libpthread.so and rtld (bsc#930015, BZ #18457)- glibc-nodate.patch: fix verification of timestamp- also filter out -fstack-protector-strong- getaddrinfo-ipv6-sanity.diff: Remove. It breaks services that start before IPv6 is up (bsc#931399) - glibc-2.3.locales.diff.bz2: Remove sh_YU locales, fix currency for en_BE.- Add /usr/include/gnu/lib-names-.*.h to baselibs - pthread-join-deadlock.patch: Don't require rtld lock to store static TLS offset in the DTV (bsc#930015, BZ #18457) - heap-top-corruption.patch: Do not corrupt the top of a threaded heap if top chunk is MINSIZE (BZ #18502)- threaded-trim-threshold.patch: Fix regression in threaded application malloc performance (bsc#915955, BZ #17195)- aarch64-sigstksz.patch: Increase MINSIGSTKSZ and SIGSTKSZ (BZ #16850)- powerpc-software-sqrt.patch: Fix powerpc software sqrt (BZ #17964, BZ [#17967]) - nss-separate-state-getXXent.patch: Separate internal state between getXXent and getXXbyYY NSS calls (CVE-2014-8121, bsc#918187, BZ #18007) - static-tls-dtv-limit.patch: Fix DTV race, assert, DTV_SURPLUS Static TLS limit, and nptl_db garbage (bsc#919678, BZ #17090, BZ #17620, BZ #17621, BZ #17628)- resolv-nameserver-handling.patch: Replace with simpler version with more compatibility- memcpy-chk-non-SSE2.patch: Fix __memcpy_chk on non-SSE2 CPUs (bsc#920084)- resolv-nameserver-handling.patch: Rewrite handling of nameserver configuration in resolver- htm-tabort.patch: Fix TABORT encoding for little endian- Update to glibc 2.21 release. * A new semaphore algorithm has been implemented in generic C code for all machines * Added support for TSX lock elision of pthread mutexes on powerpc32, powerpc64 and powerpc64le * Optimized strcpy, stpcpy, strchrnul and strrchr implementations for AArch64 * i386 memcpy functions optimized with SSE2 unaligned load/store * New locales: tu_IN, bh_IN, raj_IN, ce_RU * The obsolete sigvec function has been removed * CVE-2015-1472 CVE-2015-1473 CVE-2012-3406 CVE-2014-9402 CVE-2014-7817 bsc#864081 bsc#906371 bsc#909053 bsc#910599 bsc#916222 - Patches from upstream removed * ifunc-x86-slow-sse4.patch * pthread-mutex-trylock-elision.patch - o-tmpfile.patch: Fix value of O_TMPFILE for architectures with non-default O_DIRECTORY (BZ #17912)- Update to crypt_blowfish 1.3. * Add support for the $2b$ prefix. - ifunc-x86-slow-sse4.patch: Fix misdetected Slow_SSE4_2 cpu feature bit (BZ #17501)/bin/sh/bin/sh/bin/sh/bin/shunscdibs-arm-4 1641905569 2.31-9.9.12.31-9.9.12.31-9.9.1 0.48nscd.confnscdnscd.pidsocketnscd.servicetmpfiles.dnscd.confnscdrcnscdnscdgrouphostsnetgrouppasswdservices/etc//run//run/nscd//usr/lib/systemd/system//usr/lib//usr/lib/tmpfiles.d//usr/sbin//var/lib//var/lib/nscd/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:22352/SUSE_SLE-15-SP3_Update/6d0ba0570fc507ac3b10ac375b133b0b-glibc.SUSE_SLE-15-SP3_Updatecpioxz5aarch64-suse-linux ASCII textdirectorycannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.9.1.aarch64/run/nscd/nscd.pid' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.9.1.aarch64/run/nscd/socket' (No such file or directory)ELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, BuildID[sha1]=52113516b899c7aee6e379f6e6def2043850f8ce, for GNU/Linux 3.7.0, strippedcannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.9.1.aarch64/var/lib/nscd/group' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.9.1.aarch64/var/lib/nscd/hosts' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.9.1.aarch64/var/lib/nscd/netgroup' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.9.1.aarch64/var/lib/nscd/passwd' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.9.1.aarch64/var/lib/nscd/services' (No such file or directory) RR R R RRR R RN|%mhjutf-8c70f30f71689f7da8275ab9165eea17ca31699123966de695eb26df6674114ba?p7zXZ !t/!] crv(vX0=fjn`N9Rl=B$a2ɵG隢'UZC g7J>Cci ^F7&7O{b\wlW|ٵ˸8Xt j-Q7XUOs\_Vu482.rGHGq]ic?-`Z 6TV9^/,yB-|16fDj0}3 קݑܚG:1)G@OPә` ތ*'TKX8>u04FaF7omUJΊ.Jf?1~{ 8)js gF11X4iGNa,;떓0-fp' pT`dɆV'ty;3Xze3>C| GSDk ʎl\wCKuFz[qz]zS c< D`] g8<}E)dZŅ_]iW I,Wm] I J&11GV4r~kEp-~v&ʝ/ ~b֟·p{YX0Rƒ?v0&qMdPSuPMg˜#I!&Cj棫 αxi:GbUhh᪷֟x`.Nb n6ƶJXrcqR:LkC&ūK#ޟ2gr0oV5aݷH^$"d7o9%xwHC HE up?OȄ{]4o?Bai`TFR8&J.:O<uBnyh-;(D34w1uL sr2ahsT',c4^$;R)b@`4T>)̉\E.DFʼ( '6ah>0ȥ+)MY9c,+kQ afܸ ܙA-y0Ene60]~JOv(teH,bk 3\wUׂ2+7nsLyCt:aG"o)k MNޮS6@lnZ3V{vPc%F –6ٌ3VD邐u HjKjq$,)=lqlKcs./.$7]J}AZ+~~F_'qåBܯI@g+{7M0[/lE[ԧO/1>OǫY|;)ڪճ)Xm\Z+?Btb5\n; (7Nʷ0H@6"%ԅ; 2i]c!9Vx>gqB*Kf4j_`. Ǽ'% ~4e^AK]hF2Nv`%Q&1l!{|3Ff/UfTdLeK}KWݙ6 jfV݈&X;Wyx1xUホypz%ժRKX&3})Ab!PԯE7JjM^|my8'¢50bD~,p"^β}̣\)r%n&$C9 LF0f( ?'E7S u9 Z$S#pSônۋ,R{|զ$SBYUFWdL}jPjzaXԇqv3wUunlzC4UA^#E÷.o?Zr[`"g|E(J=ԯ$J.ִ(GXy}{ ohķ?4xZ_iY~˹jd % :3ԿalN}=fAdy-ёeOKy2WP;lӗh806g486Fhܭetgm0mh{Y¤8p%6,(0 Ea#q47%ms 9H;?#,U4d\"nc>L*0MrQ bz(4`z 39ETswyU@iSL'ǩR^2?5f)!Y^L=q3|'^ f]}>or 9؅H&IB2C:k9.ഘ҆?S#BM Dπ#`!!V* 1XfV _p2>1,w*j~+KR;_K/cM˛q.[Z/v.GnZHm~Tj;[O*1.MQ{*dL#SgK2~lzDtpi+-E1FЅhMZgd})g="y5z\J^B7\`Zrw2j^z~=ʻ@Ra1WHB.WwvBwp;OD]z |<>|D*ܠs[ii*KwlTOZ$s jݲ^U^gcX1o`jM/gK+umeWza<+^NZ@`<뫒D;6*jn]i:_4PZٺ9OId O$.-H©$u|>Y-uhE5FQq+9$a6:>$xzt"Eq aQ ?X:} r3 CmԢ7~^(tpwB)iXZr'~ p< >^MRJ:Cv/@hSa9A.vQQmNdx4`'?rj&Z?! <)tȻ0F n%LS=qL}osғ~ci+6t}PUfci%RBRU5bcwg*X;$ Xvv鳅!#$T5!Y'/h)STŽJiS6R*MP<)29Eƃ,^TJe,g>I5]~UUD;uRڐ]8@"TL_jMI Ӛ?!M:)au,n^8m'o y*@!\HU!Ŝ>?J -+w:ۖ|fk Ot~^QG:FՒ>[qTŋ,X.%ZFhގ$)sهocrf柠&)v>nN([ÖGg!@G+g 7C! PFaOrީ9Jq397PpȒsHSkJ`pTvC-ioM[W QCO5bsGpj" '-9R8TCIlKh E<|{9"TCdLUIt7Djݸ:I6R{iT乤Y L&B (E~LN5$ ً<#,!PѨͅUŰnt4rSI4hw&=PWI.4V\6;AX]!t\s֓,0P G򔉁 K}ygСz1"pEL,8 *xR@t T(}tοǀEBj:7HD ,kwkZζ-2oXX Уl7hݢlφ0@>I4C: ƿ2^k0\:,5S/^iFrFЌ$Wn3Rtf(Gl#-=̘";8 LHWR Ђ ,c\AT\ &_%~\dz:4;Q [B7P__ oSb: u BBߌa˸}-dex#l_=J֑ֆvWߖz$%@4[Y3#uit:xI$lT9:zKZiܸ_>䒛ũs79j}=#ݷtmȔf4ry\xQt^+BG*=+ Y2R-)5C( ß=px%4!* C hcypl 2Ez(^֕4b(0Ȱ S PPW6ۘF; G8ۓEi ޮdwb $E;F|ұzdI?E2dӏ:V^(x0ǖA[u5k2l>lM:[,h~ZD*DlD^T{Wj]'B΄p=gQǺ4: |xfˎ8s1o:_NH2+ 9}G0JvԕqEƯoF}4P $Œ-~/p ؉Yv{7tz2B͆1D+755w>4l][ /neaId<+ 3[z|8䁅JPhl0:PnO{i5wTIvճXKn2&>槨뽰渴 rR9^^ cO(`Wۇif Ϫ\ӕmE"30B/_R &Mn` c2?./"F|"}+f[~p\wq8/NjSvW rK1~gӊ/.~l{XvxہM{ps\!!5nXNILHBw8P^>;5N[2"`vKSK1qp6>Wo߷۲ݡsP4I¡lFV0:&wP| (G"Dȓ@q U052L.P9ɸg楗^>˜r7w;dYio}=AcE)M`pТh^9?yxj@##{+TXߧgXʡ_OOn8J?D[Q#{tz>L gVL:;Q1[*ܗ"&RJς?=erAJp\Rw=BPI6zTvaav9Zyds"3{VwFL||p :p`dTpy-n0(6++?.0Ъ%8Zgh rfB>ʡe( }ka,GE(2ePiKcaBF3-8p6j @o$/ڟǟ˸! lY B\1̎-~NfV&d)fFŠ`*ǻHQf9ɆS< 0dT&G[Z4^7uHg\^ %|pO=8p|[Wkkż#v " P}vi#` yQ\ԫ;H?B7wl}{-k8I{'% 7^|," TEd`Ns&A`C&Mϋv}x/1bI3Vu@df?Av$wTQg۳4/߇Ⱥ~7k٨ZSVQ֣2JlrD6BrF9_K-F VեIx­TWSFi*pPlb"$T)w"^u?Ado&a; Gos 9?қrIQaXH[yC+h~ܧ &PLCH臮jн [,6xea(jN9-q42L*vny+rɗaBbeN ߃վ fJ#ҩ'_O h*\gVh9e&3T?piW". ['IiDd23'+ÞwRt` =nrhB!Avxg*U k $srY{8ܚfH`Qj*VjR``$YSvrA{t쐯ؖdvca/尒T/Y\ؠeY!IB7iy5M+i,ZeȜizdB*y<#t$6a]j9ayEω׏(1Idr gg ?58F[/30, 2eJ!^8ܬ FPkE% &"!) FjNY4X˓,c>xn%ގ$A[.2~k*":Mbz:%r5%&n@X|sQuOۚIMCzwnκ03vT3n lk̈́vSppo&Ap%C4|aoq ОZDq+T?,/`\l 2Ǎ/xCb/AKa=碞Vq1B7Su]#D2픫&2F' !vrT;ϳ UYۦw+paz=2t_,mvf D/i!l.o;n?4Na)+j2mQC6ֶ. S4AⳠۀSE᧽q8we?liRl^XH*IY lc#īq8W;Kldp2 T%[~G'7^c05漅? \8Jj/e5=g9 {(]j;iL=]a|N3tԇ$Xp7:zJIv3D-jt)TkxyC:]kF8ֽ6`Gq֢۟ԱDNԣ85ZG"ꝝ}Ed镗eNq_Y9.j)^<) ݽO@!`y&\R x@HVa{4byfBX:3x* n@˦8pZg%RαG$nʇY@¿bݟ3m?Ġ7׺,ћi;]{ͽm'Cd119ЈR/]@C1 ,|+q`uqF$Z]8jG̞d"d Np$OT8Y}|{<аQA0zQpv);ot槶Gv  Im<(/30AqKο+9v=gYVWIq?U(kDȚ /Y R$n uScEQF_7d/b)> E#ͲZ_Z{݅bnt̀Vh{)ovp(ޕ|Ԩ2qؖV>.c/yтA^]-r!B|̌+mroj\^7;lG} }yB.;?$_ܝTSl֗|T(1d*zy Fa.iFE Rui( k=e>aGOK̙8frkp:aT!tە0]a"ny\L锾NTpW0s c艒^"^)9v0|aj0C_ ~x( }Y })M8@eDKpGx WsCACj g K#٣f#wO P) n(,6tsLPF>dN[O8EaNQB\G79W;aOMHsla}' B_LeGsck$/ g%lݓ²ÜvݎP ULo4`@**eR$ ߁t=W b% Ŷe.  )%\0@gM $"2%Ef V/>. ^,s73dG0o,C u7>muC`mD"ĚBo~\V˼Mxɹ{BVP)Yx'1a,-P^c}906}ӷkáR&40DP:gi/}/lrhҥX t-1N_  t,M~<2DV&sNfӏ(ݗ?dwQh KKI{[4ċth08]q|D=iSQ˜1Mt, _zy&~uۭsf& 5㲠j9BoJVkL+*'q ͍.'Jt Zħ!ҩ8O۩ _*u*Z+p3T ^;#a,fS(;`%Gt_"=7A ХL6! ZQ-6bvku0R_[hćf~To_XCՃ 22Pq՘VgmCVW@~SSEӒ5ʒr:J'V~ǐZ)sxY?+ңvLA?w⨬m(}BVZ# MۤS[1P9k}}` {x=c2¡M?j7$LHTIbF]4wLR^+b$fhWd N;4 R05$f[fy,i5T Q_&7W+cVܮy0zk_Yi.OEN!-:Qʦ 9? GoSdiگm>GW{\ߦ/ (]ԃY[Tvdlpt"<Hqja?d ']eM+,8X1GzIf=/ { Gha'%MH]eymL{X`q&Nv@|)dxp33]ĩ%팣\4 :f?_ 9WNpuQ!%tc}/+kz(qt}Yy?5 y6аyQ+T8O+p3>?ZdV+F}XHV=/q gZ;:mDNCZ^qyemU~2y!Fdiә 筫Àհ* U`:hCS0Ejl1ܓ( Pni+|uʵks٣' R,yƄտºjc~c+oA(@Ew$D{]8?DZ)U@mHia˻k@m>F79rL悛w4N8LR5_* `k2Fl#xSYE p!;O-E8z[Z !,}m=Y@ZN^q9G8ώ7ןܯ'ֈk;"WJgO;R@l0OPU&pl &B{'RV\>͙S .~R6DʼnH8hafJHJ\=7+ Gw U*GyH%\# Y5N_! R1[œ X\z^ Tܶ e9֣_=Ob}*4X}ߴ:i_-Auϟ.l6K~Ff)wzQ/:i}kmgK=sB_"!x;Iw·:^KnH3TĩݦaܛKe{рޱtMqM8Ipa?C+*"l_ܤi=eZ/ 0%G̣PB_ }s ,*Cq 5+ '!"_j/lRo;]7P ${ފEklb1[31l~ QS_ wLv6ud}8;pPo@ԈiI3IQ^ѫh/;|QljzԲ 5s*|o+?13u"ȯqWf<~mS4Y}i󚁂] ڎf-:;'M+1#|s*b6}rkՈ½'䐙V䶜 @/֤Kl?4Wsȕ%ztXl{8d ]6 C"D3;~bώMWYV~P\}[5IrT>w{n#XtY(9ѐgYz:d\ FKk.wYdCD?0nGofHFeQߙnd0Fy'M7zЩro{Ahb>Ji;vf wtB]'*ol fxW^)`%SV)7"\ w xG2X=[PWQlBcdT^DAM,I{*nngPxQ(h@^vhEv'з8t^epΔP h̺bWJ_]*FV1pP,a=t*i-T=Ccw N}Zһ9EOߧB Wɇ}. &O$<0@#5- h<<]4 / i6e3U M"8fJ~; [ -DthMZ̪ 78`ǝ}WޅyyH<|8*a_AapG_aa Qw HHpiP j#?~.&kKnY։:4Pܚo>VP%ĉlNgye1#2>5Wkʵ'LE/l=:;rT11}a-G ~{71ہ3 8 I^f&3Hc%_oWۄAϲ *][Xa-t4X3_#hNj5)-O\"ՌGpXθV-X vsOiPE,pR&5`VK !#e [6k`ɵ4XQO;~_ f"xmN:!10@9쮪/ b2;n;X>k*P.}m\1 HTwͭǵ<%JӤϽ;Jҥƴ E$ xT bwA5V ::XLӫZʨ[ 762PE݃v?vxG$F$́x/pwk!ƛ̍*@{L"" Bp`4'r1Å\K+.p6.x.hWXkJꧩ-N;T? d=G$=_9<  sJ>x!~!;VֺJ Z=q&OW4Ac>y@?<ԛm.;.Ks h(maVAM72~DAs 7! 7}E .Mj!p/ Ә;Mx5M/nW}r6cMEk#t^H|PZSM(C%Zw]l[3.Q^IO}=9;6BD:j M8Y%YDg 2?WYw<:#nqmaGږs4<${BUcT.ӫBlCYY3[h0sK٥Jڪp0ULcIX! R~>) uRͤVq+75lnh*U*O$)ΨBpqFnܨa"r znxן!Au-%(E|Ǟab M3l/aVT3v#ua98yKC|(4ߚzCgAA U4\+QQl `S| Twf䙶I6O4D/,WRQj6iȬ[CT" ٸy VZ\q6uEux9`GKthS4#܎@xj5en sTqGl{gJvib S1Pf=Öh<\gMwHX%j"{H\-VAЄowZ"lh0"aO{*2Mц3g $>"uoR?q2&Nǀ@Udsл mv?H:҈|qXLˀ zӵj'(; LSzGj*AȷZ4Ă$d u#U(ܦ˞]zD9]IKs0ھ*}e\.,ofi$4EWrh!R>!Ta珃{I:dnTvբ&[A57:U  #mø)DH}: U_:_+&0u,eXCw=6T C FVM(dl6 C6~)qPxA na:jCb /6ׯc'@ w)ʟF=iސ:XV^tlSgͨ/(Y w!-\),;NS}ށś@}bВp\|)/=,h9]O9.?&oNA)dMBD$FdzW&L"sޮ;kYsR 9R W@_B4l2h1aÀs^ (ۂOӀ0]HI(M/B҇n#XUH(6 >ut۔GMS1pgS.8 i34LQkƱAʱ3xlv!7Y Pj<ڈ$V}+=װ9+*)ʋEh7|8zP6%`ʪ)(x(*!|CP s(7F洴Hr? &hNNF9\H9JB _^֮"EG_jUh!\Wz ]Eg9j_H[ΏKg9EGЇqԂB|Eiy\Tm3t"F88;7scP+Zq-_ʜ4_CB$[6g $,5*=ly:!Q;*䝼[fԡJwŌ OfbBlj(8+(J=K 'Λqmc-3ez']G}A@t:9j*aϾٴ *ia@ Ӥmu\9[Q~@χ1XGTP&VQ'S_FgKQNZ(M?*ap:ΔA<.\/khEw $LDr$D+ա5H쯺0T6{Ls|7`ΫOmPgԅr/3|vWStgYYp-Tj d]iтn/ɹ[|ͭmqH EҰTJI6@Ne#-bX )R⩌'SVտnZg~5چ)qik@zJRap,|M4fRk!UAڼw-O!wuszncGA}E>z!`YqyP%Skkx rY  p6SaA=xF|>- eJ92gp^039V_ խ'2!w}^KdGq(#"qT+G^EV RR< ) 6ea>BYUX$ۃ,7趭Yy ժ#t<2t+L^K>Lhܷ49ϖ*t]l]YZ֕,/pn!#>irwIq[3uBYU:dhk[nm>P{ ^MƁc䊲2MI3yq}-':%U:hn1tL+iH%j\8?΅ظV feϧ妧o;3_l 2Mɑ^mLUT(lԕZc[ ߯*$buxX戜߄Y4~*[bxgyJRɼK7tȜDk?D`u6SZ7sܽ-#3z%5x\_C"h{!yH\WO,k]k0ı#ק ,uPCJ/k_7W'3*<$$RZW{1qu٭=Rxif4m4+rA)h`&v| \ v[q;1E=J\5~m}f y=XR$@†Q3Xr`Rkse^0ęɭ^<7[ba)@1E#+ O+$.[c3qLe*L~ Z׆lV2oMZ|w'fwHSiYK&hhrKL au+xU%VtAe-'iZ^߬JC઻x`='O!wj|T3bk NP6&mfLq?7|FKlfO=s[5ӏ-=F" Q>=E :lPjV7#Z鎖/.{v?`KJYPPX _wHlz4I:tUf[ILf8߿c ׺j(͘>Wd9/4?N` , -[)@.NȰ!$r$8 nCE01"X:W=\30m PRÌ./2O]l(nΘpXͩgH)ijf[, p dΝd:IQý*/sđSuH ߐ̿'؆}_iCw҄j|⟽L",Ғ՘c˄88SAssz^v"8:h\F%!N耈j6َWvlV8k /"ǵS&v~WCsaBwsS̋t(߈T f%Qe7@\v|&#hX X+yYӌ59|QƧ'6TGCґR^v]sz2vn \uXTf`%{ǥÃXw>+Aրs /=}Q.xuQ ޓhlUYEjAsbڙփ #c}罬uGR:Qۧj|J$cW)<_콒. f iYh& 1IG yc~lsUEH d&8uC,p9=t~$c!VC–wx]<ה1ZJ 2sB>R}`/RLC&v9Sb6R8Nyvk%-m_^Aph#ѪmbnbUMW#\IA 3};fNJ >r[ 1b$ӊ ␆&׌첻 Ds}\OJ=`u%%84g_vE1zNG6S,&bHn}`{'M̓UG/o$7A)> 0꺅a|V|9iDe+̻e4 zyCZq]$M׎,EaDO}â!}*6LUVpq._U&ppFDǫC؅ /!sK=\N3VDݝW9%niiAKRZ6lڸP7="궈㛂f A%31LD(Ë|Y7x1mmR6N{^)(+аw/"+""9jxҷ7|&?'qYȹe W;ƻLArƳ&psхm`R@gcP1C.'._u>H@%G ?MYj S?[Y2t[\iZf{(wndcg, LTrOq..SV~F8Ph͢\)R{p(E.S: qМ Im;?bI;h\,!XOS.JhiA$T7;^ph)z,k'^g! tT |Q}b\kά&e7D.`qQ%$^g Sw^ @tsNV,3̿q4v $` ;թ2M؂ x6vj~R .Ai}{q#S[;+q49<2f{us#\emߕ }]g(bR_ G0:Ж>FwN 9 g'Kz,sp] nm+{3'DЛ'B6#ssd,‹b!BٹeV<{bRl rҘ=^EQ&Ԅ V `qt~/k:R1ߣRl5OzE?e Bλ7l3JRv89#`E"ݏ弈j/ /*/@c!:8 WR#N:#"Thb(ۣ:I C@1h8pWBp*8q9 5ߺIlQ^95O)G("mbM*BbIHN;?<.C~(Wu x92>A{9d+hS-07:'ԌOq%LEME`@I(au I:Ĭkk`!oo%1XtI[SDy?2f)!ǧVOfc( UCȶB # j&ɦ'q:6< Ѓ k\)Ahm}^[ t͓tui ze_ 9!k|;I ݬf.wSѭ؊0pjN38v^O^q9T'!T/&ϳ`W!|tCL(J/׆H]n] :<_HC҂ B_s)!o^5vTPqW# E%\!N_<8}tGz h́Q)+1@*:>L2%Uք{-6:yEIb K]Kšomy,8?#2W0\MzzkamLڻ{ZIs"ș̟013v'f<: Mo><zZknc8lpa<ʔͻOVb&N;X/xӖS$P`qo9^5c{ ygf h8r5|f*fU 'X|8S~.&{A#^dدźlxb:K2+Rr,_~23Z8jp\g1,W^R&q%Bu {Lb][Xk)2;xBrw%-I %2݁(㕠k"L ?H$xDYUv1U'xguXZjNyH{d>%Tuew# kS׃mKQ>!#~u(~h|^9IKkkrځ]Z2QBVT0ԲģNӂ""T u0 Sxæuל5&=TџEpFU)URI scL/ԈQ up6KFP_`tenMP B8TQ``il 8S.%Q4@&?2fRE{v5s|VN-8ĵE~oօD59s (8AlF陁Ґ{SP)wh`x䇍B {ZxJG 9C AM}õaqc2$h}[!ceƄN~Q˨ssA#bֹjQ]=A|feXJ`P2 "FM 5NvҝF+mJWJNMfh6@p@eX`Glga&&%줮c-#p4O$hz(ћkWv;tGT- )m5.n=\n?3 4 `  ޫ!+0?OM黜ᐶv 8ed(k?( ^rVuc܏'.FN7o5Yn$KR|X~)I@_E:5\ ~_w#H|Ѡe .{,#T^JfmR4ynXlX؍A˨(rS2ӓ4s(QlLץC2!7#+2g:]гJCohPQ7"0{s܆qxb?~,'$YAZ kNlIO%N!jug))27;pڡ(b󑧙18|r*6`CT8e*ʄU+hZcД+ZЗ@ <8lKOJ@ڽq /vvDMZ -c_<@}oLeՑ*Xq"Bh>H:d}(<7_NΩ{fuaVx+z&Vx; kcg(!sGR݁CY5w= ]A%MZkPa-FF7ǘǮNp5Lb9pOt_lk6X>fukhPbkaP'NboCGڀH+"aJ!%怊qI-޺>1Ե粛o[ l Dۚimو{A e )ݨ$(/8HbzmUgÌ% ۙ@,2+ [\ ť}$EQhZaTn|͙a^AM  |,N3 ǩ=aQҸu)%ξeI+^9umZJ "22C2kL9j_ t)Sm̡`(X˜'Qփԗ6Zp_깟p_'fex4J݃zq:܀49_Plm'!iw}C ,(Y|0F PclCQYyaN6&뾎.rL\ͯS>=x-ђW(G~!Q~Q]t/E}YPe{d IF%;[Ns],oA{̄~Se4 J؍$JW9~],fW@rqNc^_"Wm 3ҞffCFh6v&d!˫A|JA: ">9U4[ ]䣫"L񖵫xʔhXONpy\l>iBvR73Mk\*sQcwdtxhyR Ҍ;kh+7sɗ[CMi>H3= xjxXSt`TUA/ u"yEx˚{!1lfꮙo fe7T/d+/Ici'f&V6/9.wom(eK?l@w'rHޤ.h08MʏeX2'Je)@K/9EV1SœѦrt`Vbұ]mD!))!ff6fEm&>5?ڈf㬍#9^5SNa}aD6?:px*ls&n$J+p!l"()++V'_φW)>kA/}fxJ8jB CT(q!VIyFyʮ^z9^=$np:cYs,vQ ܪHoQ 8\ #L-Cj4uJ`jt a岎ILb*s\AصG`gOa %&c?M1x\#u CqbrJ65Ǚ>wY#(3\fMg˅?˂끎nM2Hv_T`znuֶͶ]L0Ae}{-a ­l C'<-A pKi)C4|5 I+D~CspoϬs(*D1mO6ZR,M]zzjΐG9b`v/m.*Gڋ/.`XK'ordB*U\um͉#STDpx[) -fiHϸմȗ'Ystʕ]$z㶷{L{ OK[2&O'2na\C{=7>iͨpcK{Pq43+%l>yRG|f(e(\?FA%($sž&&"OzAGzs}B-lCi]i XTbDȫא{RmѕViY~!ٽhc-t΢^Ԅ r"4.5k+SkGm|"!lkM ggP)Np5{=Aa=@lK"Iܲr̝z!D$n#E[KlKrj4"n fI |耷q8Lߖ` !gzV\VRQQ`G ~z b.%NŒ߸=('ZlCl|-ܿf̹( ]BzcLMj8ol?tl4wJUaDk'$1GwK 9!G-j>n%Hθ?.@*-!Q(% $V͜eB&5[JBiA9uz1E?nuJA?dsvCSԓq /ˬj_ݏ#11^ncd!>:ez*N7`plWVoݾy ԜjTxO[葢MfгPX{xTUG;U9$v&{bXj05ӟ >>N7r9cVs pqqiDQ 6O4xvgN|0|ӛ{{glLMpKV)Vo,+I9+V1z>5޺mN>˨5t IqHs'_azqD&OlAwF\2$aƻkvm%[B YfmSȺsun]q?m줊gNX$mNLۏgm'cv< Q n41^ 5}SՍ;XdfHr&DVWp蹊,,M%o°2ąH>#hUՂBiiĢ!ei|ÌGIaV%sJScCo̊~U^. 2AϲhEw-L%|}^*r$ZVm]衞Z‰_#car@U,@=Qj7 %tqũjc>wВ 12ۤfx<1@.|"/63,C5[T,KrC׾銝N?8}*BCcHK  m8D"Ja/pPԸ!XR' mC"s Bsd-WqU;:<;PxKn *Pex/s-̚VK{%a#bgf"sRG=rY`La y}6HN\H1O!a&&1ѵSTioIU@ps0%KZe>w?[Q}UT'8 Z=j^`*E'X7~,IDn"^m~uH,%8o{:TlvbZ%RzLkb~&!Q1Tz?󊬫\t3].$~_a ,k6?ɞ(Gd:r<qeGendUY9 - F%'YL_ŽckJm'|Kx=)dtJWv.n9pvkyGgmǪR$H w}O6f:ٲf(z2$I'Al.d}<ߴNq.Bgyx@!ePAђ5[j1Ym57'w>\cB"i_ڀy9;ɽb K yHtED y"NG 1t:q{)D%U*=f)łl!}e~g9o"RW\@Nf1΍(R77_5; HG0m0HVx@Jra s̒jrsUY9OB ʽP.sɉP;%K tg>d ֏3P ,_jiv'.ug7۸včp1|o\zܵ[dлh|ڃp3kKMbuz ;@vR 8ފ<y>5;(^^ytGC?҉IpO,PIfdŴIOڬ΍cZN Uݐ6$(Na'v lw3AL7>[X?Ȓϴ5&}*P_=n0T-Ur7= w)a8aC_^rvˢCToy08H\r]hpt}~jsHeaFRcC9x)F)|>K9luFfBџwqR }4Nƞ_EKEh? C\ܭ,B=߃"QowzAV:K!_b i1_w=eUb0"(!cU+ Xx{(ڛܖDk_%45GefMs$La 2'һRUF8$=XQƷd#BO,Ěa#Lh&_%lqftHy)L?{_tzv9FBY\N4^p6E( `z&!]*C!)DflhH5ZUj=,P2Z%\Ĩ>:|P)PkO_Y t 3C꟠;BI^u ܝy`9;zq\`jL"-["4AMc=+nјX~ej D+|2ۜ #Q7hDy.2Cl'T\3ȯlӉ7~:Agdf~ׅ}j8S0(MKXPUXC>;ZI!u}3ӰN< ۴63|FC /0 @^ #fAC8~N,ʬnm6j;@v /{f*Z:2I20 \yAGwB7qq9Kr q2~Ţ1,fYks;ADJ }t::T= D,Ո}'+T\aܴY:dR,RAu\(Q[gBYjz>i.d.QPRsl}߁u 'ne,߁G/kHFٕZ8OsrI 6P[yE5'w8T;eܑ0 +/Gt{eQZ~/]Q=j?28U윝H;j_gz U-&IecW!3"wbyV1J/!6}S՞.;Ks MY_G9lYé`&T@5>̦"bAq&;^#pؘ~2G Lk:8Tn-\6|r &ugw:,Ke WT #7@rE3x9荹RCX|Eqx7V¹ǖ!~46u_!ÉF!ŀ?Zqׇ&1M)|9X$ʝ`,wSU^RU~|˴K(\$\@)` lyQGJad=Y2LBbcdhPDܳuXĞXj6'?䝱IKO饉g(=#< Rzg8EwC, ,i1h/_N`]0Tum s4!5)lVC8#Jkz:IĬJź#V8Q5 "9H^L|B&ôih˪<|ؓ)Äob@ HNJ:xF饈\d:{07- pU@51"Zy ,W6*vt|纟FTkh(EkX-NP؊*ͶJXf'Z!!a54ŏa穠s{s-,[~LJa;8Vxl1&;zna)2{x2!{fO(oy i&d0؍VMK$>cxy"E;h}wba55eI(s+Fm CnosnYLlD5줣cp+lPYFy]gV?DOPE&y<uI\ /e4$rxCK{d7Du5֭ݑaϿo}%<2{O|~w7ٰ-"x|9 ɥ9Ɲqϟ!.|Hv!ħrD?͓No;a07G9OtdP=3,^˟slRRҙHI"=Fj)qR,<ܣ1֖As&7̨o!;&(3ɜ= (J{^M!:HV+1WW(4"o4E'E0;oB[NbROҷHn>(6#hܿ^?O'9lgoAFH&<ʸivb쁱%Ys ^F|C_y5[̄'mʿ;b* CS!**=('WV* |wd)"vei]l^F;HbeRغDn/:@ct9(BGBeҳ< o6_~Bu"5#wH:a;SɉGا#[L9b8_CNjщGZ'LmIxY"p,(r`0!Vݦz:ۮg+cfq#_:QH!֝{W*is֣.tQ3SupKT!Jit`'4NFoiܛL b!'!gs1!%q!5qZz]GlARU/4&`K2y9v}U|p?Ƅm ^!θQ׫ =8N=Z:Ml-* 0$h^% Qt+L(lT|Zk&~d+_o  1K3֬~6,n T054inJgW}*H[eմ@x6%Y" u/bpEbH8cUW!eqx%K~ϝ7݄nČg:x[&(%[7m+aRW@|F>YFz-wTpX;>s┃&vABB8%#V!razmחlvuW5"ǡ1ӨɆsZ}5Ds}dVe3*nfBvoIڀΫvθ;%_(E -r$1ɴ<)a.1L#x=ȗ#12L@Ǥ@_}?XU 'm`6{(?QW;9)R"hxmG)nΟQPx\g`̄Zȡp{hS%a-HT+zl ziP^ki֘} YU{",w' ;n0`~!뾳 p(G7嬰۽\xväbc~~|L')Kw 9QA1Zm7tuHKJf \sHAz61"Z;/(WdX@rψ Ew1S9%XU&h\T$ehfEGC(5\H9rBoj3 wozF !g="Q:cx-$;.!*sB|re(!Xt -[[E\Q̼&\0.= Cɫ,2ZlaiZ;'eF b]j+cgcM{ii4F㢣?#EM *~W',!YT "ԱXXOk4h{hEH!W-c7&^X)hNfc~Ԅ[%͞$zo~XzNP0\2(UUjƼ(-}A9|Uo'Z \m)g4Q`Ȁ4V,{Oa1N/|u@%n4[j.;`{æǦ %丸L3((jq1Z8 `^<1E` 2o Ru@gD\$dU@) OƏwaF^.äV/5>2Vvdq v@?Hti\V`#Yo;ң;?-9.dkr ^ba.zq bg(wjC7e3{z7s۱ςo#< ѱf|z<{ƛ+qܭ=&b c)30E4^Dr<8~]Yl"(BEҌ_T5g](ԬvzkXN/)122X,';k R@Q}L4SuJzI5h^2GWje'xFa@w"});KW Χ5?eX-U Jzz \A0cٲO7&ִFoCڑ{q Oy6B5C|w$,^`w@~sE/2pHdr_]F5 . ϫ|5&Qfg3p-!In* Y{`le?t@Lbeـ O3AsayZ>'d)t E2mGޕZ3i{8S#=x,ZnV7h1fFv$*@sv45T}Jn sVhU"5Dx67P/iQ{Coi.[*[R1\|K,+=g,gԻY0ZSBQhӢirNG, ɿױ8Xhy-iZf肞jH.ڇ}PkYAamH:5'uE ,jȁ* ooJmޔIu?({HsTWB9_ 8ⳗH-a~А3IL&$E4sM7rxҳ|tj`{VF٨S<] }6"?Pz =c-2+SJ)3O:뭸c?THĜ j2Cl#1gs~:.t .!e5 @驂%´V`PήvTeM_Nc2w˽>M}#U4q̟uw7tӮFaUv[nYKn_iܓ{--K CΖLq `>8L7 rRuNB5OhjT|-,X݊AwNLd_τI+b;ĖfBO֊<@`kXu%V%"0pi=D$#l9Mս Kb LO$w/=  I`|r_EO23#ڣPoL&%S߷yX,a$Pl^E<,*y\$,FZLn'c_Y4"=Vd"π'gIQYŌh25ꔯ#[ w4L@>!O90<r$9($X^l=5ݍ@&p8ztl!Eo ɾETsjn NGS!@r9d}'yUѽ2 :«"pahN;r 1>:R MEH돡0n"6<8;&cXH2d <MIbh(D sL"H%u,UH=ZxH\H7?JG^ʹP[/}mBKe:wNWv6V]X0]A59tqj@,mIOtDS2V(7q\ 67->@0 $).L|iR)` 1qަ{l[uX@ +ímeF@IYi7Ű}RZ)DX9\#)t%G.[ :kw-qsRCYԻ շ([+QfX7UsDˣZP2|\%{:cj$_YxSM=6d G"/cbO/A*bQE@Rļ7ɟ'Y#~\-{vG*  Ǔnx{.O%9 Rjr ZX>&\LA] Ęy%EnDkrEk0b;VPNcr6qbR"7n y*H5v)A_z~{o0Jo/7YP&9أ+zLb%vأ> 7tچ (E\`*6=ZZp3G1O/md}!L SläY ouJ RAM=7 km>5~Yͫ\2in[)(eWl-~ ͑fdy!q~bFMV8:;u3r#P@v޽dA\e'H>N02+p)3m ]u?Z 6 )F|Byud tR+P=,cGwQ#J DZ ^\Fc4hb/CxD/X~C02H뿦F ,Y\5j+k`P4;r3QkY"vwD!-fV#?бXمmԮa@WYg?=Bse6q}'AL<=ڗ`EZڥYv4}Оʱ?8c+S2P /& 0vl!$gLIسeZ^)B"h4'l3jȅU`̿d38LaB ĵVK Qpc* #i&o{7u]5Y7љw틝s0_-df`o1Q!@zV(L7-LȞV6b(m?JM n;Q(cсXaaqʯo5}~4 <>[({@qH}g!} d9b:lإC ѷânY^xD}*;+faӣGwxnIV9]<)Y;cAҗhIƟ__HK36`7ZqH K̙ qơ >C%E=Z 1p<2(=78t^,;Π/ΣOx^1/Od]mIdK1z)Q0\I/}1;j&#eMkGeJQ R_VAd?O2[: ]2.LEŏ D%rܵ;hX QTYJKX?䪍U_DKk .z`%bNSGpv rHG8b [pM?]іa{Wigڲ['QqAhBоmφKdp8,z<ȦT\Ҡp$FDx<{2q)#6"g1gdiW]?¨$Pvs6b9JMk @I8}}sH΄CG ܒ.7W%fvS\T% b%޶MAq (`3RBQ\wB@w7h0/F)(!p npG3q5'b|/BkH[~´;`;"S{30%4dCZ -zD;wDp #wA~'!LS9!KUí 1Fv?Gt֩.hp7do#Wܻ[vړs{HsXFw)k9e+6r5>[O Q <:#C\.-ϊѨu ^1Oi[C$k9kL#f9Dq"!ZtF.;HkD:};Q;:/GMPx;'eAb!skScH߳@ʴuS 1s,cJ.c0`S-K7 ɗkрGRH57ؤ+Y!9ju:?qO~;@ JbxmkW> 8ʁgq;36MG?ǙK5''b7YKNdl_ֲ=*b<2Aӿ܀5o]kȔ>ImUh!jvYI/{W0$GzxrQ.8e;> |\8xahdaU.o֠&r'1V`lw*x[U~g˹ ay&*UEw>ˆ&D5,|l1YFhAo`r92aL+d\bS1oy..0U|T ~FVoJ"+~:;K Rxln˙NƊFgH=YO8y3C8,QU&~&D.$6x|R=(_ n} %rMsG udP=u?0gċo-*Yp9Bӥ^LfUX ܀Krg7.rߥ-?LӒCĕ{(T;T%yKLcXωFdv7yҽ'.yӜ&ZvO;˪&gkقټ̤XefuTN؝.+ךSClipHsTZlstK  "|5SApP셟9nzx.Zm ոCl<5el ATV/PkF|_M5۔9"0 N3v( Dg_ [~dF&*mC_3}p~l6)-뛄R} lyt!ՐݏH.g&JS~Le\<$h.od;6n_wJ;!)4N^{8jMQuLirLYb/YQqfioAgz`+>.U? @!#b-=@Z RY}ea[RdęF=.ӵ8gC N~^qsJCgIy JNkK]A;"qZ"d8b vlC:slXX>lZˤߐ-X-"H};J_:ˢvW} >̼09)\.H'%*݈ߗ!A]' U3{L\|iG=95v *gyT>1~ͱJV0c q%cٔ clx-_κBܵ4* |s$]Mtx8އoxL?eN1BzCon"zЕROM9㕹-탐EOT:R۲u( <}[}{[K({K%Ab1yM Hlsb2Yy蠮N`#A.ka8W1"g *" fmzbL]$$eZ%ﹽHӻCo+Z-_[WN6=Ҩ# }X3m.)J:NbȰz:E6P=١*FMxbtC\q+)Gs$g~6hAmܔ>ÌVhmiTȕ4U\}/8 `$AS70 { a.!_>:q"j=;8rC>Å?oֳ'f;]A͍&;XFb^+->XMleio0Ǚk࿨ .@z,JRڹo;k)%zL+=ЁǹKtĨeTzUڥܧxUs&cX#a;Onϒ{k?y4_c}H)gQ/$ϓRD=Ԟ Zҍ+f^u@]NQp;'=ΈR_ip7RP6TyCՏ&|ZYeKl9Ukn6i {.q z. OW }*܊hqb12:I^[Wj!B $uH;[`قv8nT' v;^F$<>(]8vJ  NU4cpWXU`ٙl?bzx n+*u^ #Y7be:[pm6I וjshuC‰tq)j`'Gkb>zp5"YA u#a_! ScJUoKz8%;LsȋaW(M'?xy5VlQ2 l8)V|C^'ǡW=9C:OPqͽdAM*ab9)~°zΩH* "bݶVº?L}mkkۮ }ƈc3pL-$!.yT>. 5Oi̺,ɨ w?9零'Z>*iQ,0K#bhU,Y<ADZ=wk_!AMGA' F~܄-@*{gm~B]FjW~(1GOҡ%]oʵw.@AY>3 HdDd0oa:9 ?HiQEuYdz{JPsIBC`+^a}S3aBrڑET"uHЍn=kSV儷ȧ>%vY QTŷP^~fD'OkZL /f6@{Umr P1h>\ 7fTFpi6=JzZ􍻥i]o'ǯj=˚:d:jqS|6dUbC? gyq$#yowNmS6@|[qN"Qg?I{H[~SC=ŷ7ӯ6W(IF?P#ZVr]a(*|[ZzV{Qf¢x{Hd<01^W}Ne_jVAEnK(hcMy"mMFEk=\qN ®({R=Tiʎ7y?,X UrA^X_OЧt{o-Qhr)8$ PQǡjʄyc N7NeaD9ݦ^r !Vѿ\AQ@=&rao"w SMkXњKe룀HNP#jpHQ Qcbdx.iS(OE o9ya0? uԡ~WԢ' 6jʄYₚQ߀T/y _llz}T1B:c_-/R!3i c~mt/ ga2!YYqRC xⓃ1߀9ڻM0$Qϱ!k1϶}(e q6%*f!;0˔.#RK V:<<0l̼W)$,돦1Vf4Hw0Buoԕk ʩhWv_w% @]~{Q,rԻE+{\M2BoK:0Cu:ꁔipU M\?sIr#*ziAպ魒[1g'bk{I`%*ޜ9Xw R0AIZ;V¡7sS1PLҨ}{86 >V-݄~mb_3sƎ aAwhp67wa rZ~㨳GΕI 1qr`̧C `jPDJلykѢC$ G PZ9Pa ϼ_`h-&q+AAja"{dдsG{ S}k"=Z5iU. A97-k' w@qth-D9y` ?YlN)ᤩbV !ixD3C?edmWrjhA&"GV*Bl/cf#v Y{vR]ɾ~G/'V >FRШ"۩k^n)E٪ s;~*X?v?/ (LI%Ϥr$&*grx8|ss}NT RWһvoD Վ ZىwoRbɏφk$ܿxONQniyG; w+̴KˆaDZ> Wz i6x ·o5}ii,7[Ih"!q=M^wFqk Q["ЉGgMl,HH $>~5kB1׬2XckdΤDrk0B |Ws34$g<6Q@D9]XvG-J.; ;F}$P&$TŢ2){03Z3^S.5Jt_\HG/ he퓽'|)N^5DGzN(>1=ZK /~XDߔ$=(1j V\cGLW}"T (_iK6d!֌!Ѱ|E.e ӘŪCMәڸ98P9Ξܯ XnR$+0˱%9ۿ th"Hb3qp1o`m6l8Z"\&9txs ] HKR bϣ!_tS+i(Ո?Z9O:ﴒyHs![|hIYJZUѯͽ{mܩOeIKWWgJ 5V0IB⊹7 t[$p۟ ^@Q YZ