nscd-2.31-9.3.2 >  A aJ&p9|6F!N>g^F=C?hToq/ag(|SǥD zt1 o@CYɤo:Z$~1NʃLDu-5C;*g1,^ AO"AUQO*b,xDyjHFVy.w3e?{BFy$ U㋷bܢܭLs5%6blYYjJm?[ Ё")22ba0ffa8d23625e1fc0d7155c47af96b6f2c1b5677f3bcd098ecd681434a909976652db561e24ae848c8e2f1aa522f4641eaeeeaJ&p9|upv7Efh|2Z95%|ASR>pIh?Xd   .  CIO > ;   @ O l>X#X#J#(89: G=~>ˆ?ˎ@˖B˞FˤG˸HI0X@YPZt[x\̀]̼^3 bͦcOdefluv( w0xlyӨz TCnscd2.319.3.2Name Service Caching DaemonNscd caches name service lookups and can dramatically improve performance with NIS, NIS+, and LDAP.aJs390zp31SUSE Linux Enterprise 15SUSE LLC GPL-2.0-or-laterhttps://www.suse.com/System/Daemonshttp://www.gnu.org/software/libc/libc.htmllinuxs390xgetent group nscd >/dev/null || /usr/sbin/groupadd -r nscd getent passwd nscd >/dev/null || /usr/sbin/useradd -r -g nscd -c "User for nscd" -s /sbin/nologin -d /run/nscd nscd if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : for service in nscd.service ; do sysv_service=${service%.*} if [ ! -e /usr/lib/systemd/system/$service ] && [ ! -e /etc/init.d/$sysv_service ]; then mkdir -p /run/systemd/rpm/needs-preset touch /run/systemd/rpm/needs-preset/$service elif [ -e /etc/init.d/$sysv_service ] && [ ! -e /var/lib/systemd/migrated/$sysv_service ]; then /usr/sbin/systemd-sysv-convert --save $sysv_service || : mkdir -p /run/systemd/rpm/needs-sysv-convert touch /run/systemd/rpm/needs-sysv-convert/$service fi done fi if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$YAST_IS_RUNNING" != "instsys" ]; then /usr/bin/systemctl daemon-reload || : fi for service in nscd.service ; do sysv_service=${service%.*} if [ -e /run/systemd/rpm/needs-preset/$service ]; then /usr/bin/systemctl preset $service || : rm "/run/systemd/rpm/needs-preset/$service" || : elif [ -e /run/systemd/rpm/needs-sysv-convert/$service ]; then /usr/sbin/systemd-sysv-convert --apply $sysv_service || : rm "/run/systemd/rpm/needs-sysv-convert/$service" || : touch /var/lib/systemd/migrated/$sysv_service || : fi done fi [ -z "${TRANSACTIONAL_UPDATE}" -a -x /usr/bin/systemd-tmpfiles ] && /usr/bin/systemd-tmpfiles --create /usr/lib/tmpfiles.d/nscd.conf || : # Previously we had nscd.socket, remove it test -x /usr/bin/systemctl && /usr/bin/systemctl stop nscd.socket 2>/dev/null || : test -x /usr/bin/systemctl && /usr/bin/systemctl disable nscd.socket 2>/dev/null || : # Hard removal in case the above did not work rm -f /etc/systemd/system/sockets.target.wants/nscd.socket exit 0 test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -eq 0 -a -x /usr/bin/systemctl ]; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable nscd.service || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_STOP_ON_REMOVAL" && . /etc/sysconfig/services test "$DISABLE_STOP_ON_REMOVAL" = yes -o \ "$DISABLE_STOP_ON_REMOVAL" = 1 && exit 0 /usr/bin/systemctl stop nscd.service ) || : fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ $1 -eq 0 ]; then # Package removal for service in nscd.service ; do sysv_service="${service%.*}" rm "/var/lib/systemd/migrated/$sysv_service" || : done fi if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi if [ "$FIRST_ARG" -ge 1 ]; then # Package upgrade, not uninstall if [ -x /usr/bin/systemctl ]; then ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services test "$DISABLE_RESTART_ON_UPDATE" = yes -o \ "$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0 /usr/bin/systemctl try-restart nscd.service ) || : fi fi exit 0 X A큤A큤A큀aJaJaJaJaJaJaJaJaJaJaJaJaJaJaJe2cdfafd373d24fab07018d0e95dd49510ea6c992b7be2b0611ab23bbc2750b579fe74962fbce2fa9b2a4b92f693b2fd42cbc2ed331fae268de7104879a72df879c9cec5dd2414dcb76d11e75903aa6fd9b7785c897cb9f853edcb140a71b7794e729d99d00ad8477faed6ae9603f7d9f574d1163657449297063813f40f84ea/sbin/service@YYYYYYYrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootglibc-2.31-9.3.2.src.rpmconfig(nscd)glibc:/usr/sbin/nscdnscdnscd(s390-64) @@@@@@@@@@@@@@@@@@@@    /bin/sh/bin/sh/bin/sh/bin/shconfig(nscd)glibclibaudit.so.1()(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.10)(64bit)libc.so.6(GLIBC_2.17)(64bit)libc.so.6(GLIBC_2.2)(64bit)libc.so.6(GLIBC_2.2.2)(64bit)libc.so.6(GLIBC_2.2.4)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.2)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.7)(64bit)libc.so.6(GLIBC_2.8)(64bit)libc.so.6(GLIBC_2.9)(64bit)libcap.so.2()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2)(64bit)libpthread.so.0(GLIBC_2.3.2)(64bit)libpthread.so.0(GLIBC_2.3.3)(64bit)libselinux.so.1()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)shadowsystemdsystemdsystemdsystemd2.31-9.3.22.313.0.4-14.6.0-14.0-15.2-14.14.3a0`ݮ@`a@`H`H`?z@`@_T__/@_O@^)@^@^{G^g@^`^U @^&^]@]7@]|@]@]:\@\\]@\@\|\~d[[ͻ[$@[t[r@[qr[^[!@[@Z@ZJ@Z2@ZH@ZZ Z}@ZxG@Zp^@Zp^@Ze@ZKt@Z1@Z/Z@Y@Y@YYܶ@YdY@Y@YY@Y@Y@YW@Y@YJYYw2Yp@YJ_YA%@Y.@Y, @Y, @Y$$@Y"XۡX@XWw@W@W@Ws@Wk@Wj}WYZ@WL+@W3W0{WW V@V@V޾Vm@VIV@VŲ@V`VVV@VLh@V.V$@VVZV VUYU|@UAUȒ@UU@UU4@UUv@U%@U/@U:T@TPTgTܕTء@TO@schwab@suse.deschwab@suse.deschwab@suse.derguenther@suse.comrguenther@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dejslaby@suse.comschwab@suse.deschwab@suse.deschwab@suse.deidonmez@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.denormand@linux.vnet.ibm.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.demeissner@suse.comschwab@suse.deschwab@suse.demgorman@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.de- mq-notify-use-after-free.patch: Use __pthread_attr_copy in mq_notify (CVE-2021-33574, bsc#1186489, BZ #27896)- wordexp-param-overflow.patch: wordexp: handle overflow in positional parameter number (CVE-2021-35942, bsc#1187911, BZ #28011)- s390-memmove-ifunc-selector-arch13.patch: S390: Also check vector support in memmove ifunc-selector (bsc#1184035, BZ #27511)- Update glibc-2.31-HTM-vzeroupper.diff with a AVX-SSE transition fix.- Add glibc-2.31-HTM-vzeroupper.diff to avoid VZEROUPPER in the AVX2 accelerated string routines which cause HTM transaction aborts. Instead use EVEX or SSE. (bsc#1181403)- nscd-netgroupcache.patch: nscd: Fix double free in netgroupcache (CVE-2021-27645, bsc#1182733, BZ #27462)- gconv-assertion-iso-2022-jp.patch: gconv: Fix assertion failure in ISO-2022-JP-3 module (CVE-2021-3326, bsc#1181505, BZ #27256)- sysvipc-sem-stat-any.patch: sysvipc: Fix SEM_STAT_ANY kernel argument pass (bsc#1180557, BZ #26637)- aarch64-getauxval.patch: aarch64: Accept PLT calls to __getauxval within libc.so (bsc#1167939) - iconv-redundant-shift.patch: iconv: Accept redundant shift sequences in IBM1364 (CVE-2020-27618, bsc#1178386, BZ #26224) - iconv-ucs4-loop-bounds.patch: iconv: Fix incorrect UCS4 inner loop bounds (CVE-2020-29562, bsc#1179694, BZ #26923) - printf-long-double-non-normal.patch: x86: Harden printf against non-normal long double values (CVE-2020-29573, bsc#1179721, BZ #26649) - get-nprocs-cpu-online-parsing.patch: Fix parsing of /sys/devices/system/cpu/online (bsc#1180038, BZ #25859)- power10-support.patch: Add support for POWER10 (jsc#SLE-13520) - iconv-option-parsing.patch: Rewrite iconv option parsing (CVE-2016-10228, bsc#1027496, BZ #19519)- Update to glibc 2.31 - glibc-2.14-crypt.diff, crypt_blowfish-const.patch, crypt_blowfish-1.2-sha.diff, crypt_blowfish-gensalt.patch, crypt_blowfish-1.2-hack_around_arm.diff, glibc-nodate.patch, powerpc-elision-enable-envvar.patch, s390-elision-enable-envvar.patch, crt-nocompress-debug-sections.patch, resolv-context-leak.patch, dl-runtime-resolve-opt-avx512f.patch, libpthread-compat-wrappers.patch, math-c++-compat.patch, remove-nss-nis-compat.patch, eh-frame-zero-terminator.patch, ld-so-hwcap-x86-64.patch, assert-pedantic.patch, getaddrinfo-errno.patch, resolv-conf-oom.patch, dynarray-allocation.patch, nearbyint-inexact.patch, nss-compat.patch, nscd-libnsl.patch, malloc-tcache-leak.patch, falkor-memcpy-memmove.patch, aarch64-cpu-features.patch, nss-files-large-buffers.patch, sysconf-uio-maxiov.patch, glob-tilde-overflow.patch, dl-runtime-resolve-xsave.patch, spawni-assert.patch, x86-64-dl-platform.patch, glob64-s390.patch, tst-tlsopt-powerpc.patch, powerpc-hwcap-bits.patch, malloc-tcache-check-overflow.patch, dl-init-paths-overflow.patch, fillin-rpath-empty-tokens.patch, getcwd-absolute.patch, memalign-overflow.patch, stack-guard-size-accounting.patch, libgcc-rtld-now.patch, res-send-enomem.patch, glibc-fix-avx512-mempcpy.patch, i386-memmove-sse2-unaligned.patch, realpath-ssize-max-overflow.patch, localtime-2039.patch, math-remove-slow-path.patch, aarch64-hwcap-atomics.patch, glibc-fix-aarch64-build.diff, absolute-symbols.patch, x86-haswell-string-flags.patch, pthread-cond-broadcast-waiters-after-spinning.patch, mman-map-sync.patch, mman-linux-map-shared-validate.patch, nptl-setxid-error.patch, pthread-mutex-trylock-barrier.patch, getaddrinfo-parse-ipv4-address.patch, japanese-era-name-may-2019.patch, force-elision-race.patch, regex-read-overrun.patch, regex-parse-reg-exp.patch, 0001-S390-Add-configure-check-to-detect-z10-as-mininum-ar.patch, 0002-S390-Use-hwcap-instead-of-dl_hwcap-in-ifunc-resolver.patch, 0003-S390-Unify-31-64bit-memcpy.patch, 0004-S390-Refactor-memcpy-mempcpy-ifunc-handling.patch, 0005-S390-Remove-s390-specific-implementation-of-bcopy.patch, 0006-S390-Use-memcpy-for-forward-cases-in-memmove.patch, 0007-S390-Add-configure-check-to-detect-z13-as-mininum-ar.patch, 0008-S390-Add-z13-memmove-ifunc-variant.patch, 0009-S390-Add-z13-strstr-ifunc-variant.patch, 0010-S390-Add-z13-memmem-ifunc-variant.patch, 0011-S390-Cleanup-ifunc-resolve.h.patch, 0012-S390-Mark-vx-and-vxe-as-important-hwcap.patch, 0013-S390-Add-new-hwcap-values-for-new-cpu-architecture-a.patch, 0014-S390-Add-configure-check-to-detect-support-for-arch1.patch, 0015-S390-Add-arch13-memmove-ifunc-variant.patch, 0016-S390-Add-arch13-strstr-ifunc-variant.patch, 0017-S390-Add-arch13-memmem-ifunc-variant.patch, prefer-map-32bit-exec.patch, s390-strstr-page-boundary.patch, ppc-tle-htm-nosc.patch, posix-Add-internal-symbols-for-posix_spawn-interface.patch, glibc-2.29-posix-Use-posix_spawn-on-popen.patch, backtrace-powerpc.patch, pthread-rwlock-pwn.patch, manual-memory-protection.patch, ldbl-96-rem-pio2l.patch, dl-sort-maps.patch, dlopen-filter-object.patch, glob-use-after-free.patch, nptl-setxid-race.patch, nscd-senfile.patch, ldd-system-interp.patch, abort-no-flush.patch, fnmatch-collating-elements.patch, nss-files-long-lines-2.patch, iconv-reset-input-buffer.patch, nscd-prune.patch, syslog-locking.patch: Removed. - long-double-alias.patch, glibc-nsswitch-usr.diff, euc-kr-overrun.patch, riscv-syscall-clobber.patch, nscd-gc-cycle.patch: Added.- nscd-senfile.patch: Fix concurrent changes on nscd aware files (bsc#1171878, BZ #23178) - nscd-prune.patch: nscd: bump GC cycle during cache pruning (bsc#1171878, BZ #26130) - syslog-locking.patch: Correct locking and cancellation cleanup in syslog functions (bsc#1172085, BZ #26100)- nptl-setxid-race.patch: nptl: wait for pending setxid request also in detached thread (bsc#1162930, BZ #25942)- glob-use-after-free.patch: Fix use-after-free in glob when expanding ~user (CVE-2020-1752, bsc#1167631, BZ #25414)- dl-sort-maps.patch, dlopen-filter-object.patch: Allow dlopen of filter object to work (bsc#1166106, BZ #16272)- ldbl-96-rem-pio2l.patch: Avoid ldbl-96 stack corruption from range reduction of pseudo-zero (CVE-2020-10029, bsc#1165784, BZ #25487)- pthread-rwlock-pwn.patch: Fix rwlock stall with PREFER_WRITER_NONRECURSIVE_NP (bsc#1164505, BZ #23861) - manual-memory-protection.patch: manual: Document mprotect and introduce section on memory protection (bsc#1163184)- backtrace-powerpc.patch: Fix array overflow in backtrace on PowerPC (CVE-2020-1751, bsc#1158996, BZ #25423)- posix-Add-internal-symbols-for-posix_spawn-interface.patch, glibc-2.29-posix-Use-posix_spawn-on-popen.patch: Use posix_spawn on popen (bsc#1149332, BZ #22834)- ppc-tle-htm-nosc.patch: powerpc: Fix syscalls during early process initialization (SLE-8348, BZ #22685)- s390-strstr-page-boundary.patch: S390: Fix handling of needles crossing a page in strstr z15 ifunc-variant (bsc#1157893, BZ #25226)- prefer-map-32bit-exec.patch: rtld: Check __libc_enable_secure before honoring LD_PREFER_MAP_32BIT_EXEC (CVE-2019-19126, bsc#1157292, BZ [#25204])- GNU1815 - Hardware support in toolchain (bsc#1151582) 0001-S390-Add-configure-check-to-detect-z10-as-mininum-ar.patch 0002-S390-Use-hwcap-instead-of-dl_hwcap-in-ifunc-resolver.patch 0003-S390-Unify-31-64bit-memcpy.patch 0004-S390-Refactor-memcpy-mempcpy-ifunc-handling.patch 0005-S390-Remove-s390-specific-implementation-of-bcopy.patch 0006-S390-Use-memcpy-for-forward-cases-in-memmove.patch 0007-S390-Add-configure-check-to-detect-z13-as-mininum-ar.patch 0008-S390-Add-z13-memmove-ifunc-variant.patch 0009-S390-Add-z13-strstr-ifunc-variant.patch 0010-S390-Add-z13-memmem-ifunc-variant.patch 0011-S390-Cleanup-ifunc-resolve.h.patch 0012-S390-Mark-vx-and-vxe-as-important-hwcap.patch 0013-S390-Add-new-hwcap-values-for-new-cpu-architecture-a.patch 0014-S390-Add-configure-check-to-detect-support-for-arch1.patch 0015-S390-Add-arch13-memmove-ifunc-variant.patch 0016-S390-Add-arch13-strstr-ifunc-variant.patch 0017-S390-Add-arch13-memmem-ifunc-variant.patch- regex-parse-reg-exp.patch: ERE '0|()0|\1|0' causes regexec undefined behavior (CVE-2009-5155, bsc#1127223, BZ #18986) - regex-read-overrun.patch: regex: fix read overrun (CVE-2019-9169, bsc#1127308, BZ #24114)- crt-nocompress-debug-sections.patch: Don't compress debug sections in crt*.o files (bsc#1123710)- ldconfig-concurrency.patch: Avoid concurrency problem in ldconfig (bsc#1117993, BZ #23973)- force-elision-race.patch: Fix race in pthread_mutex_lock while promoting to PTHREAD_MUTEX_ELISION_NP (bsc#1131330, BZ #23275)- japanese-era-name-may-2019.patch: ja_JP locale: Add entry for the new Japanese era (bsc#1100396, BZ #22964)- pthread-mutex-trylock-barrier.patch: pthread_mutex_trylock does not use the correct order of instructions while maintaining the robust mutex list due to missing compiler barriers (bsc#1130045, BZ #24180) - getaddrinfo-parse-ipv4-address.patch: getaddrinfo: Fully parse IPv4 address strings (CVE-2016-10739, bsc#1122729, BZ #20018)- mman-map-sync.patch: Add MAP_SYNC from Linux 4.15 (bsc#1126590) - mman-linux-map-shared-validate.patch: Add MAP_SHARED_VALIDATE from Linux 4.15 (bsc#1126590) - nptl-setxid-error.patch: nptl: Preserve error in setxid thread broadcast in coredumps (bsc#1063675, BZ #22153)- x86-haswell-string-flags.patch: Fix Haswell CPU string flags (bsc#1114984, BZ #23709) - pthread-cond-broadcast-waiters-after-spinning.patch: Fix waiters-after-spinning case (bsc#1114993, BZ #23538)- absolute-symbols.patch: Don't relocate absolute symbols (bsc#1112570, BZ [#19818])- glibc-fix-aarch64-build.diff: Fix build on aarch64 with binutils newer than 2.30.- Add glibc-locale-base subpackage containing only C, C.UTF-8 and en_US.UTF-8 locales (fate#326551)- aarch64-hwcap-atomics.patch: aarch64: add HWCAP_ATOMICS to HWCAP_IMPORTANT (fate#325962)- math-remove-slow-path.patch: Remove slow paths from math routines (fate#325815, fate#325879, fate#325880, fate#325881, fate#325882)- localtime-2039.patch: Fix year 2039 bug for localtime with 64-bit time_t (bsc#1102526, BZ #22639)- i386-memmove-sse2-unaligned.patch: Fix SSE2 memmove issue when crossing 2GB boundary (CVE-2017-18269, bnc#1094150, BZ #22644) - realpath-ssize-max-overflow.patch: Fix overflow in path length computation (CVE-2018-11236, bsc#1094161, BZ #22786) - glibc-fix-avx512-mempcpy.patch: replace with upstream version- Use %license also for COPYING and COPYING.LIB (bsc#1082318)- Add glibc-fix-avx512-mempcpy.patch as quick fix for mempcpy buffer overwrite in memmove-avx512-no-vzeroupper.S for Knights Landing CPUs (CVE-2018-11237, bnc#1094154, bnc#1092877, BZ #23196)- Readd nis to netgroup and automount nss config (bsc#1088860)- res-send-enomem.patch: Fix crash in resolver on memory allocation failure (bsc#1086690, BZ #23005)- Use %license (bsc#1082318)- stack-guard-size-accounting.patch: Fix stack guard size accounting (bsc#1074208, BZ #22637) - libgcc-rtld-now.patch: Open libgcc.so with RTLD_NOW during pthread_cancel (bsc#1074208, BZ #22636)- Mark source0 as nosource in non-main source rpms- Add systemtap-headers to BuildRequires. - Add --enable-systemtap to configure arguments. (fate#324969, bsc#1073636)- memalign-overflow.patch: Fix integer overflows in internal memalign and malloc functions (CVE-2018-6485, CVE-2018-6551, bsc#1079036, BZ #22343, BZ #22774)- fix-locking-in-_IO_cleanup.patch: Skip locked files during exit (bsc#1070491, BZ #15142)- Avoid duplicate source rpm- getcwd-absolute.patch: make getcwd(3) fail if it cannot obtain an absolute path (CVE-2018-1000001, bsc#1074293, BZ #22679)- dl-init-paths-overflow.patch: Count components of the expanded path in _dl_init_path (CVE-2017-1000408, CVE-2017-1000409, bsc#1071319, BZ [#22607], BZ #22627) - fillin-rpath-empty-tokens.patch: Check for empty tokens before dynamic string token expansion (CVE-2017-16997, bsc#1073231, BZ #22625)- tst-tlsopt-powerpc.patch: fix tst-tlsopt-powerpc (bcn#1070419) - powerpc-hwcap-bits.patch: Update HWCAP for powerpc (bnc#1070420) - malloc-tcache-check-overflow.patch: Fix integer overflow in malloc when tcache is enabled (CVE-2017-17426, bnc#1071479, BZ #22375)- Add _multibuild- glob64-s390.patch: no compat glob64 on s390 - noversion.tar.bz2: remove unused source- x86-64-dl-platform.patch: Don't set GLRO(dl_platform) to NULL (BZ #22299)- spawni-assert.patch: Fix improper assert in Linux posix_spawn (BZ [#22273])- math-c++-compat.patch: Add more C++ compatibility (BZ #22296) - malloc-tcache-leak.patch: Fix tcache leak after thread destruction (BZ [#22111]) - falkor-memcpy-memmove.patch: Optimized implementation of memcpy/memmove for Qualcomm Falkor - aarch64-cpu-features.patch: Fix glibc.tune.cpu tunable handling - nss-files-large-buffers.patch: Avoid large buffers with many host addresses (BZ #22078) - sysconf-uio-maxiov.patch: Fix missing definition of UIO_MAXIOV (BZ [#22321]) - glob-tilde-overflow.patch: Fix buffer overflows with GLOB_TILDE (CVE-2017-15670, CVE-2017-15671, CVE-2017-15804, bsc#1064569. bsc#1064580, bsc#1064583, BZ #22320, BZ #22325, BZ #22332) - dl-runtime-resolve-xsave.patch: Use fxsave/xsave/xsavec in _dl_runtime_resolve (BZ #21265)- nscd-libnsl.patch: Remove reference to libnsl from nscd (bsc#1062244)- Drop glibc-obsolete - glibc-2.3.90-noversion.diff: remove - reinitialize-dl_load_write_lock.patch: remove- nss-compat.patch: Move nss_compat from nis to nss subdir and install it unconditionally - nsswitch.conf: switch back to compat for passwd, group, shadow- assert-pedantic.patch: Suppress pedantic warning caused by statement expression (BZ #21242, BZ #21972) - math-c++-compat.patch: Add more C++ compatibility (BZ #22235) - getaddrinfo-errno.patch: Fix errno and h_errno handling in getaddrinfo (BZ #21915, BZ #21922) - resolv-conf-oom.patch: Fix memory handling in OOM situation during resolv.conf parsing (BZ #22095, BZ #22096) - dynarray-allocation.patch: Fix initial size of dynarray allocation and set errno on overflow error - nearbyint-inexact.patch: Avoid spurious inexact in nearbyint (BZ #22225)- math-c++-compat.patch: add more C++ compatibility (BZ #22146)- Remove rpcsvc/yppasswd.* from glibc-devel - ld-so-hwcap-x86-64.patch: add x86_64 to hwcap (bsc#1056606, BZ #22093)- eh-frame-zero-terminator.patch: Properly terminate .eh_frame (BZ #22051)- Disable obsolete libnsl and NIS support - remove-nss-nis-compat.patch: remove nis and compat from default NSS configs - nsswitch.conf: Likewise- math-c++-compat.patch: Do not use __builtin_types_compatible_p in C++ mode (BZ #21930)- Add iconvconfig to baselibs.conf (bsc#1051042)- resolv-context-leak.patch: Fix leaks of resolver contexts - dl-runtime-resolve-opt-avx512f.patch: Use _dl_runtime_resolve_opt only with AVX512F (BZ #21871) - libpthread-compat-wrappers.patch: Don't use IFUNC resolver for longjmp or system in libpthread (BZ #21041)- Update to glibc 2.26 * A per-thread cache has been added to malloc * Unicode 10.0.0 Support * Improvements to the DNS stub resolver * New function reallocarray, which resizes an allocated block (like realloc) to the product of two sizes, with a guaranteed clean failure upon integer overflow in the multiplication * New wrappers for the Linux-specific system calls preadv2 and pwritev2 * posix_spawnattr_setflags now supports the flag POSIX_SPAWN_SETSID, to create a new session ID for the spawned process * errno.h is now safe to use from C-preprocessed assembly language on all supported operating systems * On ia64, powerpc64le, x86-32, and x86-64, the math library now implements 128-bit floating point as defined by ISO/IEC/IEEE 60559:2011 (IEEE 754-2008) and ISO/IEC TS 18661-3:2015 * The synchronization that pthread_spin_unlock performs has been changed to now be equivalent to a C11 atomic store with release memory order to the spin lock's memory location * The DNS stub resolver no longer performs EDNS fallback * res_mkquery and res_nmkquery no longer support the IQUERY opcode * The _res_opcodes variable has been removed from libresolv * no longer includes inline versions of any string functions, as this kind of optimization is better done by the compiler * The nonstandard header has been removed * The obsolete header has been removed * The obsolete signal constant SIGUNUSED is no longer defined by * The obsolete function cfree has been removed * The stack_t type no longer has the name struct sigaltstack * The ucontext_t type no longer has the name struct ucontext * On S/390 GNU/Linux, the constants defined by have been synced with the kernel * Linux kernel 3.2 or later is required at runtime, on all architectures supported by that kernel * The DNS stub resolver limits the advertised UDP buffer size to 1200 bytes, to avoid fragmentation-based spoofing attacks (CVE-2017-12132) * LD_LIBRARY_PATH is now ignored in binaries running in privileged AT_SECURE mode to guard against local privilege escalation attacks (CVE-2017-1000366) * Avoid printing a backtrace from the __stack_chk_fail function since it is called on a corrupt stack and a backtrace is unreliable on a corrupt stack (CVE-2010-3192) * A use-after-free vulnerability in clntudp_call in the Sun RPC system has been fixed (CVE-2017-12133) * fate#322258, fate#321513, fate#322453 - fts-symbol-redirect.patch, glibc-resolv-reload.diff, glibc-2.2-sunrpc.diff, i686-memchr-sse.patch, ld-hwcap-mask-suid.patch, ld-library-path-suid.patch, sunrpc-use-after-free.patch, test-math-vector-sincos-aliasing.patch, tunables-bigendian.patch: Removed- Fix RPM group- s390-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (fate#322271)- ld-hwcap-mask-suid.patch: Ignore and remove LD_HWCAP_MASK for AT_SECURE programs (BZ #21209) - ld-library-path-suid.patch: Completely ignore LD_LIBRARY_PATH for AT_SECURE=1 programs (CVE-2017-1000366, bsc#1039357, BZ #21624)- Remove glibc-cpusetsize.diff, no longer useful- fts-symbol-redirect.patch: Fix symbol redirect for fts_set (bsc#1041123, BZ #21289)- test-math-vector-sincos-aliasing.patch: Fix test-math-vector-sincos.h aliasing- add-locales.patch: renamed from glibc-2.3.locales.diff.bz2, drop en_BE locales (bsc#1039502)- Remove glibc-testsuite.patch, no longer relevant- Use multibuild feature - Remove obsolete check-build.sh - glibc.rpmlintrc: remove obsolete entries - Use %tmpfiles_create in nscd postin- i686-memchr-sse.patch: Fix i686 memchr overflow calculation (bsc#1031021, BZ #21182) - sunrpc-use-after-free.patch: Avoid use-after-free read access in clntudp_call (BZ #21115) - Build testsuite with gdb and python-pexpect to enable more tests- tunables-bigendian.patch: Fix getting tunable values on big-endian (BZ [#21109])- Update to glibc 2.25 * The feature test macro __STDC_WANT_LIB_EXT2__, from ISO/IEC TR 24731-2:2010, is supported to enable declarations of functions from that TR. * The feature test macro __STDC_WANT_IEC_60559_BFP_EXT__, from ISO/IEC TS 18661-1:2014, is supported to enable declarations of functions and macros from that TS. * The feature test macro __STDC_WANT_IEC_60559_FUNCS_EXT__, from ISO/IEC TS 18661-4:2015, is supported to enable declarations of functions and macros from that TS. * The nonstandard feature selection macros _REENTRANT and _THREAD_SAFE are now treated as compatibility synonyms for _POSIX_C_SOURCE=199506L. * The inclusion of by is deprecated. * New features from TS 18661-1:2014 are added to libm: the fesetexcept, fetestexceptflag, fegetmode and fesetmode functions, the femode_t type and the FE_DFL_MODE and FE_SNANS_ALWAYS_SIGNAL macros. * Integer width macros from TS 18661-1:2014 are added to : CHAR_WIDTH, SCHAR_WIDTH, UCHAR_WIDTH, SHRT_WIDTH, USHRT_WIDTH, INT_WIDTH, UINT_WIDTH, LONG_WIDTH, ULONG_WIDTH, LLONG_WIDTH, ULLONG_WIDTH; and to : INT8_WIDTH, UINT8_WIDTH, INT16_WIDTH, UINT16_WIDTH, INT32_WIDTH, UINT32_WIDTH, INT64_WIDTH, UINT64_WIDTH, INT_LEAST8_WIDTH, UINT_LEAST8_WIDTH, INT_LEAST16_WIDTH, UINT_LEAST16_WIDTH, INT_LEAST32_WIDTH, UINT_LEAST32_WIDTH, INT_LEAST64_WIDTH, UINT_LEAST64_WIDTH, INT_FAST8_WIDTH, UINT_FAST8_WIDTH, INT_FAST16_WIDTH, UINT_FAST16_WIDTH, INT_FAST32_WIDTH, UINT_FAST32_WIDTH, INT_FAST64_WIDTH, UINT_FAST64_WIDTH, INTPTR_WIDTH, UINTPTR_WIDTH, INTMAX_WIDTH, UINTMAX_WIDTH, PTRDIFF_WIDTH, SIG_ATOMIC_WIDTH, SIZE_WIDTH, WCHAR_WIDTH, WINT_WIDTH. * New features are added from TS 18661-1:2014: - Signaling NaN macros: SNANF, SNAN, SNANL. - Nearest integer functions: roundeven, roundevenf, roundevenl, fromfp, fromfpf, fromfpl, ufromfp, ufromfpf, ufromfpl, fromfpx, fromfpxf, fromfpxl, ufromfpx, ufromfpxf, ufromfpxl. - llogb functions: the llogb, llogbf and llogbl functions, and the FP_LLOGB0 and FP_LLOGBNAN macros. - Max-min magnitude functions: fmaxmag, fmaxmagf, fmaxmagl, fminmag, fminmagf, fminmagl. - Comparison macros: iseqsig. - Classification macros: iscanonical, issubnormal, iszero. - Total order functions: totalorder, totalorderf, totalorderl, totalordermag, totalordermagf, totalordermagl. - Canonicalize functions: canonicalize, canonicalizef, canonicalizel. - NaN functions: getpayload, getpayloadf, getpayloadl, setpayload, setpayloadf, setpayloadl, setpayloadsig, setpayloadsigf, setpayloadsigl. * The functions strfromd, strfromf, and strfroml, from ISO/IEC TS 18661-1:2014, are added to libc. * Most of glibc can now be built with the stack smashing protector enabled. * The function explicit_bzero, from OpenBSD, has been added to libc. * On ColdFire, MicroBlaze, Nios II and SH3, the float_t type is now defined to float instead of double. * On x86_64, when compiling with -mfpmath=387 or -mfpmath=sse+387, the float_t and double_t types are now defined to long double instead of float and double. * The getentropy and getrandom functions, and the header file have been added. * The buffer size for byte-oriented stdio streams is now limited to 8192 bytes by default. * The header now includes the header. * The malloc_get_state and malloc_set_state functions have been removed. * The “ip6-dotint” and “no-ip6-dotint” resolver options, and the corresponding RES_NOIP6DOTINT flag from have been removed. * The "ip6-bytestring" resolver option and the corresponding RES_USEBSTRING flag from have been removed. * The flags RES_AAONLY, RES_PRIMARY, RES_NOCHECKNAME, RES_KEEPTSIG, RES_BLAST defined in the header file have been deprecated. * The "inet6" option in /etc/resolv.conf and the RES_USE_INET6 flag for _res.flags are deprecated. * DNSSEC-related declarations and definitions have been removed from the header file, and libresolv will no longer attempt to decode the data part of DNSSEC record types. * The resource record type classification macros ns_t_qt_p, ns_t_mrr_p, ns_t_rr_p, ns_t_udp_p, ns_t_xfr_p have been removed from the header file because the distinction between RR types and meta-RR types is not officially standardized, subject to revision, and thus not suitable for encoding in a macro. * The types res_sendhookact, res_send_qhook, re_send_rhook, and the qhook and rhook members of the res_state type in have been removed. * For multi-arch support it is recommended to use a GCC which has been built with support for GNU indirect functions. * GDB pretty printers have been added for mutex and condition variable structures in POSIX Threads. * Tunables feature added to allow tweaking of the runtime for an application program. * A new version of condition variables functions have been implemented in the NPTL implementation of POSIX Threads to provide stronger ordering guarantees. * A new version of pthread_rwlock functions have been implemented to use a more scalable algorithm primarily through not using a critical section anymore to make state changes. * On ARM EABI (32-bit), generating a backtrace for execution contexts which have been created with makecontext could fail to terminate due to a missing .cantunwind annotation. (CVE-2016-6323) * The DNS stub resolver functions would crash due to a NULL pointer dereference when processing a query with a valid DNS question type which was used internally in the implementation. (CVE-2015-5180) - Enable stack protector if part of %optflags - startcontext-cantunwind.patch: Removed - cpuid-assertion.patch: Removed- cpuid-assertion.patch: Don't assert on older Intel CPUs (BZ #20647)- glibc-2.3.3-nscd-db-path.diff: Move persistent nscd databases to /var/lib/nscd - glibc-2.3.90-langpackdir.diff: simplify- Update to glibc 2.24 * The minimum Linux kernel version that this version of the GNU C Library can be used with is 3.2 * The pap_AN locale has been deleted * The readdir_r and readdir64_r functions have been deprecated * The type `union wait' has been removed * A new NSS action is added to facilitate large distributed system administration * The deprecated __malloc_initialize_hook variable has been removed from the API * The long unused localedef --old-style option has been removed * nextupl, nextup, nextupf, nextdownl, nextdown and nextdownf are added to libm * An unnecessary stack copy in _nss_dns_getnetbyname_r was removed (CVE-2016-3075) * Previously, getaddrinfo copied large amounts of address data to the stack, even after the fix for CVE-2013-4458 has been applied, potentially resulting in a stack overflow. getaddrinfo now uses a heap allocation instead (CVE-2016-3706) * The glob function suffered from a stack-based buffer overflow when it was called with the GLOB_ALTDIRFUNC flag and encountered a long file name (CVE-2016-1234) * The Sun RPC UDP client could exhaust all available stack space when flooded with crafted ICMP and UDP messages (CVE-2016-4429) * The IPv6 name server management code in libresolv could result in a memory leak for each thread which is created, performs a failing naming lookup, and exits (CVE-2016-5417) - startcontext-cantunwind.patch: mark __startcontext as .cantunwind (bsc#974800, BZ #20435) - Removed patches: * 0001-Updated-translations-for-2.23.patch * 0002-Regenerate-libc.pot-for-2.23.patch * 0003-Regenerated-configure-scripts.patch * 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch * 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch * 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch * 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch * 0008-Update-NEWS.patch * 0009-sln-use-stat64.patch * 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch * 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch * 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch * 0013-Mention-BZ-19762-in-NEWS.patch * 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch * 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch * 0016-Fix-resource-leak-in-resolver-bug-19257.patch * 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch * 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch * 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch * 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch * 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch * 0022-configure-fix-test-usage.patch * 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch * 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch * 0025-getnameinfo-Do-not-preserve-errno.patch * 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch * 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch * 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch * 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch * 0030-hesiod-Remove-RCS-keywords.patch * 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch * 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch * 0033-malloc-Remove-NO_THREADS.patch * 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch * 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch * 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch * 0037-malloc-Add-missing-internal_function-attributes-on-f.patch * 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch * 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch * 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch * 0041-nss_dns-Check-address-length-before-creating-addrinf.patch * 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch * 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch * 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch * 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch * 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch * 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch * 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch * 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch * 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch * 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch * 0052-Fix-tst-dlsym-error-build.patch * 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch * 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch * 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch * 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch * clntudp-call-alloca.patch * glibc-memset-nontemporal.diff * nis-initgroups-status.patch * nscd-gc-crash.patch * robust-mutex-deadlock.patch * strncat-avoid-array-bounds-warning.patch- strncat-avoid-array-bounds-warning.patch: Avoid array-bounds warning for stncat on i586 (BZ #20260) - Update glibc.keyring - Unset MALLOC_CHECK_ during testsuite run- nsswitch.conf: Add fallback to files for passwd and group to prepare for libnsl removal.- nis-initgroups-status.patch: Return proper status from _nss_nis_initgroups_dyn (bsc#984269, BZ #20262) - robust-mutex-deadlock.patch: Fix generic __lll_robust_timedlock_wait to check for timeout (bsc#985170, BZ #20263)- nscd-gc-crash.patch: Fix nscd assertion failure in gc (bsc#965699, BZ [#19755])- clntudp-call-alloca.patch: do not use alloca in clntudp_call (CVE-2016-4429, bsc#980854, BZ #20112)- Import patches from 2.23 branch 0001-Updated-translations-for-2.23.patch 0002-Regenerate-libc.pot-for-2.23.patch 0003-Regenerated-configure-scripts.patch 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch 0008-Update-NEWS.patch 0009-sln-use-stat64.patch 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch 0013-Mention-BZ-19762-in-NEWS.patch 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch 0016-Fix-resource-leak-in-resolver-bug-19257.patch 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch 0022-configure-fix-test-usage.patch 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch 0025-getnameinfo-Do-not-preserve-errno.patch 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch 0030-hesiod-Remove-RCS-keywords.patch 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch 0033-malloc-Remove-NO_THREADS.patch 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch 0037-malloc-Add-missing-internal_function-attributes-on-f.patch 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch 0041-nss_dns-Check-address-length-before-creating-addrinf.patch 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch 0052-Fix-tst-dlsym-error-build.patch 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch - CVE-2016-3075 CVE-2016-1234 CVE-2016-3706 bsc#973164 bsc#969727 - resolv-mem-leak.patch: renamed to 0016-Fix-resource-leak-in-resolver-bug-19257.patch - no-long-double.patch: renamed to 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch - glibc-gcc6.patch: renamed to 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch- glibc-c-utf8-locale.patch: fix bad standard in LC_IDENTIFICATION categories - glibc-2.3.locales.diff.bz2: likewise- glibc-gcc6.patch: Suppress GCC 6 warning about ambiguous 'else' with - Wparentheses- Add compatibility symlinks for LSB 3.0 (fate#318933)- powerpc-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (bsc#967594, fate#318236)- ldd-system-interp.patch: Restore warning about execution permission, it is still needed for noexec mounts (bsc#915985)- Add C.UTF-8 locale (see https://sourceware.org/glibc/wiki/Proposals/C.UTF-8) and rh#902094 . Added with glibc-c-utf8-locale.patch. - Add glibc-disable-gettext-for-c-utf8.patch to disable gettext for C.UTF-8 same as C locale.- Move %install_info_delete to %preun - crypt_blowfish-1.3.tar.gz.sign: Remove, the sign key is no longer acceptable- no-long-double.patch: Don't use long double functions if NO_LONG_DOUBLE- Update to glibc 2.23 release. * Unicode 8.0.0 Support * sched_setaffinity, pthread_setaffinity_np no longer attempt to guess the kernel-internal CPU set size * The fts.h header can now be used with -D_FILE_OFFSET_BITS=64 * getaddrinfo now detects certain invalid responses on an internal netlink socket * A defect in the malloc implementation, present since glibc 2.15 (2012) or glibc 2.10 via --enable-experimental-malloc (2009), could result in the unnecessary serialization of memory allocation requests across threads * The obsolete header has been removed * The obsolete functions bdflush, create_module, get_kernel_syms, query_module and uselib are no longer available to newly linked binaries * Optimized string, wcsmbs and memory functions for IBM z13. * Newly linked programs that define a variable called signgam will no longer have it set by the lgamma, lgammaf and lgammal functions - Removed patches: * dont-remove-nodelete-flag.patch * openat64-readd-o-largefile.patch * mntent-blank-line.patch * opendir-o-directory-check.patch * strcoll-remove-strdiff-opt.patch * ld-pointer-guard.patch * tls-dtor-list-mangling.patch * powerpc-lock-elision-race.patch * prelink-elf-rtype-class.patch * vector-finite-math-aliases.patch * powerpc-elision-adapt-param.patch * catopen-unbound-alloca.patch * strftime-range-check.patch * hcreate-overflow-check.patch * errorcheck-mutex-no-elision.patch * refactor-nan-parsing.patch * send-dg-buffer-overflow.patch * isinf-cxx11-conflict.patch * ibm93x-redundant-shift-si.patch * iconv-reset-input-buffer.patch * tzset-tzname.patch * static-dlopen.patch- isinf-cxx11-conflict.patch: Fix isinf/isnan declaration conflict with C++11 (bsc#963700, BZ #19439)- tls-dtor-list-mangling.patch: Harden tls_dtor_list with pointer mangling (BZ #19018) - prelink-elf-rtype-class.patch: Keep only ELF_RTYPE_CLASS_{PLT|COPY} bits for prelink (BZ #19178) - vector-finite-math-aliases.patch: Better workaround for aliases of * _finite symbols in vector math library (BZ# 19058) - powerpc-elision-adapt-param.patch: powerpc: Fix usage of elision transient failure adapt param (BZ #19174) - catopen-unbound-alloca.patch: Fix unbound alloca in catopen (CVE-2015-8779, bsc#962739, BZ #17905) - strftime-range-check.patch: Add range check on time fields (CVE-2015-8776, bsc#962736, BZ #18985) - hcreate-overflow-check.patch: Handle overflow in hcreate (CVE-2015-8778, bsc#962737, BZ #18240) - errorcheck-mutex-no-elision.patch: Don't do lock elision on an error checking mutex (bsc#956716, BZ #17514) - refactor-nan-parsing.patch: Refactor strtod parsing of NaN payloads (CVE-2014-9761, bsc#962738, BZ #16962) - send-dg-buffer-overflow.patch: Fix getaddrinfo stack-based buffer overflow (CVE-2015-7547, bsc#961721, BZ #18665) - powerpc-lock-elision-race.patch: renamed from 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- Add audit-devel and libcap-devel to BuildRequires, for use by nscd- reinitialize-dl_load_write_lock.patch: Reinitialize dl_load_write_lock on fork (bsc#958315, BZ #19282)- resolv-mem-leak.patch: Fix resource leak in resolver (bsc#955647, BZ #19257) - tzset-tzname.patch: Force rereading TZDEFRULES after it was used to set DST rules only (BZ #19253)- glibc-2.3.90-noversion.diff: use stat64- ld-pointer-guard.patch: Always enable pointer guard (CVE-2015-8777, bsc#950944, BZ #18928)- strcoll-remove-strdiff-opt.patch: Remove incorrect STRDIFF-based optimization (BZ #18589)- iconv-reset-input-buffer.patch: Fix iconv buffer handling with IGNORE error handler (BZ #18830)- new patch [BZ #18743] PowerPC: Fix a race condition when eliding a lock 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- nss-files-long-lines-2.patch: Properly reread entry after failure in nss_files getent function (bsc#945779, BZ #18991)- fnmatch-collating-elements.patch: Fix fnmatch handling of collating elements (BZ #17396, BZ #16976)- opendir-o-directory-check.patch: Fix opendir inverted o_directory_works test - static-dlopen.patch: Static dlopen default library search path fix (bsc#937853)- mntent-blank-line.patch: Fix memory corruption w/blank lines- dont-remove-nodelete-flag.patch: Don't remove DF_1_NODELETE flag from all loaded objects on failed dlopen - openat64-readd-o-largefile.patch: Readd O_LARGEFILE flag for openat64- Update to glibc 2.22 release. * Cache information can be queried via sysconf() function on s390 * A buffer overflow in gethostbyname_r and related functions performing DNS requests has been fixed. (CVE-2015-1781) * The time zone file parser has been made more robust against crafted time zone files * A powerpc and powerpc64 optimization for TLS, similar to TLS descriptors for LD and GD on x86 and x86-64, has been implemented. * Character encoding and ctype tables were updated to Unicode 7.0.0 * Added vector math library named libmvec * A new fmemopen implementation has been added with the goal of POSIX compliance. * The header is deprecated, and will be removed in a future release. * bsc#905313 bsc#920338 bsc#927080 bsc#928723 bsc#931480 bsc#939211 bsc#940195 bsc#940332 bsc#944494 bsc#968787 - Patches from upstream removed * htm-tabort.patch * o-tmpfile.patch * memcpy-chk-non-SSE2.patch * pthread-mutexattr-gettype-kind.patch * powerpc-software-sqrt.patch * static-tls-dtv-limit.patch * threaded-trim-threshold.patch * resolv-nameserver-handling.patch * nss-separate-state-getXXent.patch * aarch64-sigstksz.patch * heap-top-corruption.patch * pthread-join-deadlock.patch- pthread-join-deadlock.patch: Use IE model for static variables in libc.so, libpthread.so and rtld (bsc#930015, BZ #18457)- glibc-nodate.patch: fix verification of timestamp- also filter out -fstack-protector-strong- getaddrinfo-ipv6-sanity.diff: Remove. It breaks services that start before IPv6 is up (bsc#931399) - glibc-2.3.locales.diff.bz2: Remove sh_YU locales, fix currency for en_BE.- Add /usr/include/gnu/lib-names-.*.h to baselibs - pthread-join-deadlock.patch: Don't require rtld lock to store static TLS offset in the DTV (bsc#930015, BZ #18457) - heap-top-corruption.patch: Do not corrupt the top of a threaded heap if top chunk is MINSIZE (BZ #18502)- threaded-trim-threshold.patch: Fix regression in threaded application malloc performance (bsc#915955, BZ #17195)- aarch64-sigstksz.patch: Increase MINSIGSTKSZ and SIGSTKSZ (BZ #16850)- powerpc-software-sqrt.patch: Fix powerpc software sqrt (BZ #17964, BZ [#17967]) - nss-separate-state-getXXent.patch: Separate internal state between getXXent and getXXbyYY NSS calls (CVE-2014-8121, bsc#918187, BZ #18007) - static-tls-dtv-limit.patch: Fix DTV race, assert, DTV_SURPLUS Static TLS limit, and nptl_db garbage (bsc#919678, BZ #17090, BZ #17620, BZ #17621, BZ #17628)- resolv-nameserver-handling.patch: Replace with simpler version with more compatibility- memcpy-chk-non-SSE2.patch: Fix __memcpy_chk on non-SSE2 CPUs (bsc#920084)- resolv-nameserver-handling.patch: Rewrite handling of nameserver configuration in resolver- htm-tabort.patch: Fix TABORT encoding for little endian- Update to glibc 2.21 release. * A new semaphore algorithm has been implemented in generic C code for all machines * Added support for TSX lock elision of pthread mutexes on powerpc32, powerpc64 and powerpc64le * Optimized strcpy, stpcpy, strchrnul and strrchr implementations for AArch64 * i386 memcpy functions optimized with SSE2 unaligned load/store * New locales: tu_IN, bh_IN, raj_IN, ce_RU * The obsolete sigvec function has been removed * CVE-2015-1472 CVE-2015-1473 CVE-2012-3406 CVE-2014-9402 CVE-2014-7817 bsc#864081 bsc#906371 bsc#909053 bsc#910599 bsc#916222 - Patches from upstream removed * ifunc-x86-slow-sse4.patch * pthread-mutex-trylock-elision.patch - o-tmpfile.patch: Fix value of O_TMPFILE for architectures with non-default O_DIRECTORY (BZ #17912)- Update to crypt_blowfish 1.3. * Add support for the $2b$ prefix. - ifunc-x86-slow-sse4.patch: Fix misdetected Slow_SSE4_2 cpu feature bit (BZ #17501)/bin/sh/bin/sh/bin/sh/bin/shunscds390zp31 1632243954 2.31-9.3.22.31-9.3.22.31-9.3.2 0.48nscd.confnscdnscd.pidsocketnscd.servicetmpfiles.dnscd.confnscdrcnscdnscdgrouphostsnetgrouppasswdservices/etc//run//run/nscd//usr/lib/systemd/system//usr/lib//usr/lib/tmpfiles.d//usr/sbin//var/lib//var/lib/nscd/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:21234/SUSE_SLE-15-SP3_Update/0a8d5ab0cebd98ac673029614cff39f6-glibc.SUSE_SLE-15-SP3_Updatecpioxz5s390x-suse-linux ASCII textdirectorycannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.3.2.s390x/run/nscd/nscd.pid' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.3.2.s390x/run/nscd/socket' (No such file or directory)ELF 64-bit MSB shared object, IBM S/390, version 1 (SYSV), dynamically linked, interpreter /lib/ld64.so.1, BuildID[sha1]=318d5b796e1940de17b94ac082e4c867d9f70222, for GNU/Linux 3.2.0, strippedcannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.3.2.s390x/var/lib/nscd/group' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.3.2.s390x/var/lib/nscd/hosts' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.3.2.s390x/var/lib/nscd/netgroup' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.3.2.s390x/var/lib/nscd/passwd' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.3.2.s390x/var/lib/nscd/services' (No such file or directory)R RR RRRRR R RRR RRRRRRRR{/v^MTƻ;#H~utf-87d76e0126b5f9b144f971996ffc5a26ead82bbe98df9e26d3f912fe76c225ac8?p7zXZ !t/;ܜ] crv(vX0͖ȱqڹ_ZΡl9y}k?)\ڊ٦js>hZY;?0D ;aqK ;OvܡWN9'ĴS(VɍF"S/r,r3xە c#-aҽѓTf| t^gpSk9xOXAjII+ -=9e1-Q .XfUU="Kz܋K)e[&ƅ C;t[1Y߿CCAj~~=}YꓴJXET^n3JȦJSfX,(PLk]YɤgHz?G4GC={zUVDeq B;</ĥ )G|SL)Lr>Qг,|y =p"7j v[ɕPFozp,[<5.؄O[q`3P" co3Ɔl'wX90H#fѮk$:r?/Er`VQUX=<=6&>l\ (/P]'WMw }Tq5qU>S)uP,VK*O!i3ϋ(k~e94V]I,!6f4wm'S ~!졾$TqHmM.цc-J4WOfҙwA\:U40 /\-bS4UH֋Jg-4P8sN$Dg2h\rmDŽvkG!|9& W!>+}K{f0NwQN"cהCk3lZ'BHHI%4ZoyxdeG*7sYQEWLEpT<>8AaGŜ~hafy1FI=쇒-o|)z4mov8뭖@`/pz鱔4}HӥT:ZYg-2$y'`* u!ѳ!e{`+S?sB?xJC7څ|_Vqeӷ ILU7ݲ@{'f i҉lw\HjPML]A?1 '>eWki/5`YU*S{hWJl+XٝWj۪;pF$]|q- CPfCưJTU` V1%ޖO ,ĝm +awVC1,L0k6. eE4CZ.XFV! -U΢&h46&LZac8|YQ!>gNpz#Vy.00F&>E#nI^J3$U1Š>[bǚCOC1(* 4lWlP[ z&MM;_QeN<= ouBh)3w1]-!a  b_ٛp%S08QQuv/ % `)UG w}F0)TX˟ߍ)TPdFl@'f'Ns k>)eRgj ݭHե]+85[lE#{`F( ?xwDLn"ĎsEjt=h`4O{/y/':rmy˽(Zj4'!3Ӹ8nmgE6^FC'_FZX'#Ӂ2w}HS{g~gbsD ϜG7Eۘ9yCKvX^V`k O3ٶL>#>> 1IS㠞2ܭi$hv2Hݩdw˔"v/\[=h<;mr[gyh^j"վؒ #Li AQ*FEfO |~Y2˷\~6II$= jNdkiA#|mA`BÝn|5eNȚx$=zA:$f w@@C&APAnL'Cy4ՌE:"Ⱦ)cC#FV4>91nJTŲ8Cp/悈@ ւ;ʮ5W:D$qF14b;qg[Kod'Gd&`/zA'YTo?لAӳk%R7^N.[;q|aޮGuAs܁Cw%G,],zO Y.i3#4H|,tUv)Hh$M 2S{:2#!'(#V['x Ay9+`ɠߜb1on?g[TaB)33!ZAr9@c"ifR%8,Sܸ>e5m$kGPYIg|-6Y4ǒbbb1{tWӰ&0 ~Z[U_>hscƱ*;9Q="m.3Bʖ|7 ya>=AȒ.f[7J YG=lAhpyaiA nZH<9- C7v2N "y=,\_|kB() 5j!~t$T`ߔF<|{:0T\@ޱE=1z%"nVgJ`ah DKLx2yrMZ(fQ; ?!-oܢ_srusc,&`VEb$yA$ 68Q]G#Gg<hn?~Ž~(pݎO Fl%GŃh$SXFAn殫W` i &saΤ8̎^FLuED!\zH3.sώ8_(W\~6vݦ@֎1EJI$6flpʆ]ěW"5űs }eɻl5;fDNJH7R[7mMFm'}*c,s~kl3 |2v6蘒@UD,m!\`we6a t\"iTWsy0d?bdIh.!$:(ҵ[ ُ=`'J`ǘXƋTDWC(|P_pWxdeY%y&n.1q!Wh**i!ؗBa'W 91$[,LTXٌ5C}&g\M5RZ0錺 7cWB׀@ V}2:kjG>./#I`$$KRb{'E^ET.܁ڢ>W?ʹ`OuCD!e8saQ%RE`B0 _i٪ 'kfu]]Mo:񅉫ivPbi~/:j57&mɔ3Yd yIA 덏`[:bA;~V4սqԽ<7q^D;9@TF(j;=aLHIR8s91g_N/nuWYwyr4G%܂G%np:;<@z bd"Krn]+"#Ѵ;0݋y2R $UxDhYy)W"Nɷi\~ @2c Ho*^K"n@V(oKY*ӍLMJ!/a-K;c3-}#5-NX.e:Tq-0,}0(u 2Pwyɗ`_xmTUܫ ֕V+; 6;9tieL;ntUg}DM<$G*{rJ5=5bx%ŋP!Z͏," ^{, o4!Hf64SMJ7<Ť 1CakkCvS! ǂH8P$9Њyl|#XE$I pi}d(b$rLJ dViy $^mi|Ls6Vb_JC{\zcY5YǠӎFΝgiK-. ρSޯ9A셬w]qŀC aϗ>v pK4r,]SY%b6 gTAN ߲<)$}m _ +J &E!5ۥ% J\2X2=iӘ t֐M5]0*Pܕ Kim0_{-*2LPYdۛl< d@读[x&M(RW( c BhQ3v {DF[ !{nYo^7jH!~,dzIuM(Thˬ%"|,HE"C#;rWRW/C!Jg7{TaCwZ}y@sXv~կD娩za2<#13koow>U!sϥ_R2͇V:`i<]؍fӎ2ƺ jN%PtwT2'mVWG.)cqyrnT* <ۊ/>h1_{CMMoX%H8g3sW`1}\V<ばoB@zp|ݑam%}>55K.( P{D5[~I&BMqoPO'zyCLn4q)p֏@^H?7&Raf(T%{oJXy7nNUS"Kc`M??& 85?"%'8,XǕԊN9E9)TmҨ Bt4C<|3㩰_{?4dG X zCg>jrH{ :;c= #%z6acX-n\rZ,nr{k* ߌduh̐?iS㠁dؼUk0F!]S%})XM_!:MRAwt z Ԁy04=a8$x{_r$hP'y 4r?Î&m{l{/^Km3pYiדf;(94 Hl2rcd9 km9 JO8唚d "( mDgLa.9a/(BX]{ Myj<>&$@qo $HH|SEeSLįL/K9,2_O!\qc1~}DF jJgB6ZP7HR9;NUl/2=(]bq5[Ͻvl8OA\!Ҕ+R2qY3 \@K }H4P"<F(Y/8@t{ XCNz癓:McV(`,AJۥ- )_VQ:5tԍ,6_NW/--)xG*LꝩD*~)4yD-Kw{4`ތ Nj_ٗGmq ].E!.Ȣ6\h|AɍR9LmS'#ib\ĝЊ- HnGɦ|U[_B{q _X堹٥.R7U[FZvS^)kϽCuTLiڰF6 sgў ky,؝=۸uf/qd^.07݋z6ħ"8:7aJF.$$V_fϹޏqsݨ*P?9剸BئR"؄۞q{e6IeƢn'$fJk;\Ż>D/c9GA>ULyz RT@D~V ,>wIgI<n#.x/{HEF CȐ $nn h'g<,+ENa\'-L3\h^LOcI\2tɀTU;9I`ݢd|my1z2.|U2I7/:IImri nV7=fCp ,m6U׃-52%uo[dPXۭ~T%I Tm-rB] u>XF&܅Q]j7)>S]nPV|`*NH iy@4uuˠ--'G`LÖTΌo/FWKȅWKsvUǞxqiq5P:X \r1lFJWPe4cl#\tNq#i"FT˒Ta..BA_+Zz//^{(s#X) zkB9'ؑ~2ي W9\z ;%bZOE/w$EL em³Rח^ {< R)FjXY ,9< '4Æ4OY⹶;}!-EVtd ɼAH&q".<ࣥ r'GFm&{zU  C%wV hKݥp9ZhRse/쎒)k5 ULǍ%DCbD4 z!ge uOr:iZ8E ՉEh_r L<mgVG%T0W۠~&Y`+Ε A87`cՋkc.}uBDzsh4?R2AzIQHh]ܲ'8EPh`ݶinQ``HYtzQ4sA5F%,G_kJ"6< K܁/d, ?I KM @DrI2;Cd }s*㾩OX<!&OIUt1jQ 3wkFc*~@DP"r|OLڡqP_0^e3domOa2s.ߺ㠚B^Ѣ$҉Pw# !Sܮ_VK#5;^TiJ‘@# Z},*|q1{X!_h,^2vn*j]cSIet:fWk*RYYK SN\# $¨-sbz>f-)d|% -G*ȉQZ|UK>>r/f -j+D%0SB,}}-*s_86^aNCX1 Q=&̨V6$O}?2humgVa=0~!}krhQ3Dގh& mz!!Np@<4m.'oK*`,+F$FLS̪f"#{ĺ]b8-~sfM!O[N'm:zgjɠp 8cƌB5 Qu墙x+}zWQ6i4.=ܷme+ZQ "{gq?zn(H9幇:Gr3У8QzaU)wFb6WTbD*}VTqt+TFDbOFhNMzq]WDjo)0SɋhˎbY*jU|}v (fݍ0EM)_K Фˈw!!9e%:̝4fq)GrS;@A.UYcp>sZ`uZۚv\T'ED:!| ɉ@z ,L U\ @Гh]Oz©qh)jt(|(<~*+eh_J' $,HX_j)y[]\*Ý>짬B񤏌 C9V4}G\p׾Fe[#dBlT栙`ޒ":SZF*h!F /\Q=D3$1[sm+Ovk\xY{\ۦ) ;@tMNW[J91NEbz͗yYb\]_+5y`/{ʥ3Ak7⬷;H(}6=DO|J1n_9s/Dezkg.}#$E?$C#o+%Α C3!~hw5A6:-|cSY+UXf\BkfՆ%3Ѵ~6=FZ;|H]{W{)z"J6?tb-U]5ɆK#PS"3{.ÛOd!K:CN#'8[dF&ë vF%b b#an/vsyN++-v;b6ri;2Z_ E2kTų-LWeRC G(. G@E[}*M Sp*jF]3نEqo9)x3.I\ʿ8ZU::RtM xn$a{{ JS?I' 6z4,+H {y0Z6,5?QAO?ԣ ZOa1tR˿{5VL,u}G62>pL43X p5ıVC$A''7'{K^;Q]'P륵sO8ּ!߰خذB62M nL-S 92ח6=,Dvj?CCiz]dp$az!teE ;>Oݏ]/U 1k[V6w>tlowG!4K?Zg:$SνxR f1~ux{(暞.ӗݽer9خM?CnDy"Gto *bnx6Jr7Zg=b|}<M~QzY4IѸAc*̶qM?e=:뛮 EuwGDgI9jem,ܭ2,ݗeLb Ѣ5BgKպ+Thҙl zNu23)5tCKCiBfCkܳ2^ثrN_ZT4'8d2upJyC[Olk>G`^ [%be;~Dq)}:x@iЛ])\GLs"@>ő 63=;IlxJ=Nߺ 8 P|}m)$UzTWjTWZ~Zk9yҍGk'B5 /U,Y[ʬ*!*w Ԁw[!M_i䚕r̂?`&ժ##[+oK=\ IJ O MPh}(VzpNmY~L8w@ONkNl8fCu WֽaSt $)lD-A|zfzNo목"30va(B;Q3 \Ѹe g$}T #4c>,;^kvqoɻse؉HaAЄ6vs[K|MG> )(A؜Lƹ: d uDŖaћr~: EvMg{#a6*lP湇bk38S4g>׭ Ñ;@YXF(ZzMGt?\)9&~,p ^dWPn- ҨGJFF a5/Q,[|s2XrYZ?ߔ Z +jlzFwl:"1d{8ԕyR[6v<GkHDZʷLgIhӧZ6X^nwnߔ)Ad vr-CK U_ER~roVLSH΋Y1Zde_Aܮzе3+D"nO*&`j6\«M@Jv%j$]9t96(1D 5g;ެbDMcBY&įVe~p0};>Zdln%ڑ[]39v#rPO֏:c``7lq_OntfX0}p\T%OZhKI{PJv/h3ՙO SqFG_/C ctqDCm FzkIZGFʌ&=s!ut>1X2Z7~74*x3=%DZB=dηgiK7Y]Eyr?IA؋&I]=cG#~Uobh<|'ҾX 6.l|"?aZ5֛ \U}E5#nț#lJZPLs& CzU*0ʁCv.Aֶ{kHZ+XEAz:% r&%R&>nYs. EXqJ2PRSeH d3,Oj`[ķwdxX}}x`>Qf@C$=mɬeP** <^J$6)߾ ć1=}L (:8oG]Mnmwt?t7] a=)x˕5?/pD̉`o.̀l\ڎ$$4~wo!|o;kNtd෌ijA''a|4 hUSi>k1@rA si BhWSHQNїP40}c/ɪ鷧j9 =}a3~W[0XOb$ ܗݝL'5\5:Ĵ%gY'\Z<"TnnBzSR^k%禖7.wٕKg=4n+'[ylPL(13]c!rv:xG{qG ^ظL-Jy5<O"Q AH!S'OQC+4n0HXD8Xʂ: o>c=s cn\#jkw|fG;h_2'4Aڅx7}cnZ;f`Oα/BNzkem&DOrw ҸJ끩~O]TPl * d[~b~H똕 x6H.S+288 + ӑU"˱Ƥ|*e%&fy(կJjklƲ rW5"aZ{ AHp̳꣮g^ڿ!r{:bIHW]TFgwzyFl`I=qk&H>͂}%YC>w¤wkjy㼆$ߞhcl!<D"م[5AD/)|gGWT9Vv&.6No2ƍCUP bwi2KZVT) t%\U+_vB/ru r!m%;~!lf4wAr8Qim(XKz`/;f.*X ˀY,YE?+8f*d JƂQږAխbZwW1-Q+ 5|!K/I ޙث/Z$w> Dȱ,`O99u} +hv`8Q  >Ca WAe1ڔvS߳F%I? Wg'S2%U$pVis]y#0fGoZ$sh?p[20Q!44{m>7Ld*ه5ЦO-eKK)fP9RpcԭfAmw$_,)sDČ|dMe ! ?~X@*>}ic'2˰ T/%$~T$oXf8Usx_e"4P:Ӕb n ph8]z~tJ\9_A뜆St@ѪHO9p" KB;IDعD8Hu E}Vgp 蘍Z==rXG|?i$(Wd̲)Tq;X9b> EwzdF"\'vN"`p$D"& p9rObB[HFab>Ooy"9KϏz_<+~nXeXR'/dVsL^WQb4HoN8 fQ sݖ6$*ɋB?h2/L2P77=T.{U \LZڞ8f-)ɤYzG|x]5J\ev"}P򄘿IHu[!i'Cpl+%.g1:zo\TCrl7]I>ǔmwQJYHw{`'h Uq'CĤ \6ECg>6^(XWGr}Į_ xa`r{6ecH̯$< /kBx `GNrK2K6"gI4C[ ꄌT%AŖ Do€ E W, ïkF@1n1L3=[ƌW{R6i}y+^uH/XʡAq,"E緲BOv/twmd+2&B.?9b =(ۺoԹf"JWQrI'Xt o >'N }F%0PɕU[YEQSĕ'6$7V#ESUow_X0(O߆=,hENѣ+dh$4bl_H#&3ԽhBsӍf$LV_΍;vˆբ7Z@gU}2p0RL{3dHS)?-zZ[WE[J#;TF! !cS]z_2]3hV,i[Y'5Y&*]-C絢"m\ձo(+8ёQ.bF;ѫ^@au6y`6@d4\QE π<|X7)s8'N켛3`5"í SDt\EUz"L,Eb०! ʮmDa&% Wl(KzΣl82ϥkMgp#FU UΏ5ɰvߞŌ 0|/)2Nk,6iݩv8"<1Wl{!s $,m/&^(FիSX21v;oHmuSFV__T>K_0UXIn+ZMOKB»u ܤ p}gy0Z nҸç.r4ֻ2 fh&urʴr$FEjR_wtdoJ$)tff9 8 z? Nd{XD>kd'Y,Ӌk?OU!0dqwTg[KJj1"ԡµIm9!f5D8J`a@`OzAT0rtO̾g( t?K.qmk+O !hGJ2dW\(y"Q{aĢTXn~[`zLˆ?_3Ѡ}_y^DEwQ; t/._P g+GfH'AM7s;ȗfC ؞b3R)usmh eq3iRhA|UZN|8&5(Eƌ9Q eW7 S"~؀M+a6W -gMF9Ն3>hϢ?Z @9ON>6f.&BOj2Kjbm/~'DOi G )|c $YzLu-)7қDzک#;t侑hCda.f N[b d$RC$u17DCQkJ웑ɽ (Ih Lv(X#^H $z£dUI71?ƹ],{,a2DT? ^%=֍66-(͓ pKn,aiPc䴀Q=Q5V7eu-/6/ſ<:gw}3J9٪=+ƒ}O852 \Gjg욛C%ÐًX5BU}CTTWqƬC)Buy]BL5BL4ѥBB"j_u f=݈xREbBwX $/KW^k2Ҥ:&&LRtkpؓkiP#OҎS×GӖTg/2O{W1LGj%եYV9 fNFq4B=%E97H+`)C:9qVbMN^.=k뼛'mB>]͐J] M9Eafn{ ,IG<gZL *\cuakc*ڄ<)Mgcw{YÐCd+:0^ ꬉ9cV$<Ҡ7ŵJWV[~E݅;V [JJ?2G6"&nѻ]%8Ǫbԙ*A6{8|տh#k[IxW y$0ix!筻epTŢ * lå.#L3:dtT%W/M;-2\#X`:=;eg\ j*$=5-6|&/:>($3#Ժi-)I C sbطz 亱lma}0g֫}SM7UXqR2]er:-X67~R 8i˒,l`!)gw5y S :V=F"5Yw*ԗlu#Yͭ۴SI!Qg.]X_)MŁ$>4_NIz:SW Qv/[XPozs^`3u{xr:>4&c>9\:#ѡ'B%ə^b}:mQء͉"[\1Ta^;OVy<kبiڜNRa,}H%AJB~i31);pOwf;hgJaMѢ|0"rzSh8[u4~LɁ1#߃8kGkXB``x):=b5I^[އIVRN(2 YJ`rcQR>U:1,.V{~$l>8 f6hBS zOWlg|'<2ACc绉vM- h$bg%g.ZĖR$.߯1e"my/_`zN4XCf]\8_(ߒQHSmjp9  ywKTX8C1[{CZy0ۓ'.0#JДe~إ#v(m%/0k NoE1Jw~WTWB ٔeCX4P5̬z^{kP07lҳDyX\֗eɥ/B8׏$W/j:_I*T~^%ax?Mzfo$ÁEo @FA6&OR#93'xaC]}hB=(>tT߭qZϰJY[ Ys LHv gVT%6#E2J ]O9Z0C(pڬU*)ɡPK%;gn&wTaZqauC5WG2A7B^Ɯ|J.ꇩU|P+ŀPt K tD$wI_xqՍ=m:3nޚs6 ~@Yz#vo2a)s@PL*UbvA}3:@*b9PhoKHGE˥XV1}5a2Bb:d{yȂF8ݖRPi (n,vNT ePvEKܽvNIwuZD&^ >`Un滞c{—7%K'0la[_ĦCH*:K.P;,- fmY*}`'19STՇļIJU"DV:o~ZVscmt Ҡ@GM+Pusoqǯ%鋗\^N$rDZQZmN(›w\q(z C=Aj վTa "~妀iQ?N `3 e-T|k956gOo=؁04J_e*6Bdxas9:NؼBU?JGicX{Nwo&ew/X8iX )nv8>w"nH_cH?lm7mp@_4>}H\XU/Ad#ɂ0`!8EAe&Y; QE+*Vh &ԝTpQ,.GI"ZRXRi <7i%gŭu@lf͋~c Lbp|eT;^P_Cb8O@=ˡZMqetGKvA}3.I6GUK яIc߇9/ = RWC bkYTx@]<2ZBncsӦE NB?3H<Ƣz "݃x%6vk "=CEw\=yXJLE]s/#| )U˛p UfViYHt9Gz+cd)/lڠ}^ԎDf8YWkr<h.!q>>B)Y2[RU9zߜ/c@}g`tr/׍M3,2Dt6a,BWhI(yx̖ɰ46u!]FVBQ7LJew708c".9ڬJ/-w@Ì*;'^=V8M}@5gEbߴMuyTU œOICaV]o7@F> }(hD-~~Q0bZmQ>uc%S#BTN&f"okDOa [yx쮁(=b  }р8s,KLKw]cȭI(<*%hUN\)7.3OK%Ӌ'kCҵ@Զs- =GKwgF"`SY_nP̳3bP9qaٸ2s# O `S]N/$L]_sG-5kNt; 3WG]@ү++QA,zH媴P&2&ZH LhyXUe3?U'fĕmX&n qO㋏/h1uk3IKwu/A.%&qBܠoNMSԆf'=OvyWJ#e k$ W@ѕ `v2Fh.5fyAȠ†Ԝhj/X)x\r&\]'0{AS+c0^j%B+%1 ֔nbW.:|UQߞ?sH4S3 dH3pãkB}.nP -MРȲ1P@o}uY)UcAo.#BdʔjJ%l `yhJwuZ 5.`4c괗nDҩwT?3jUq^6cIk^ Zcig< wSUBn |kq~#n۹6VG%VгDT&h^&L8.*@R|MT$' xg8J-a01f67hީ ?N;> K=̗]5`ǓBV[gǚby*\C0Y8tK9?2O{m}s)Ѧ@T !5%I-`;°H(D_ eVo$bg=gIG]5hzBSX7WB U 36 `]̅*l-YaRWTEΠf#n`Cᦞh pZK8^fQ8'M*%ɖ+tM#4ޤoF! X )x\np̀0 %Jr-pw,V;ms] ?_N&DT%nF* Tuw/]V"c @$)f #&'+6 Y_՚}$M6cHbPBmRIҽK( /f 0o_HfxHCJ /[PƚRs-hm0&tK0-Z2fQ/>B.Jk^-a*h@"{|%rl+ܲVUU.ş_bK^m]])Ógz}3A240SZnc޲ʐ/!yxU|ݻz,[w@p-qL=E1H:dj6IKotgcxln\yPvh&->Oow$^ >,a9u'j*-]0@S=z]FeêB<bq?$:7~iқvV[e\Z!8vl[n5-h^PT5^[5VbU:X³Ƚ8$Kr>1#M 8r=3`E @VBˬ?$$Fk7m"~1*ºGohϞ7hzϜQGv!.k]HhD>Aj J~+f8~ kWu Wdk_9Ux Cnz)so\Xb>K焸>?HzL0;S ĝ/,RJw=<1E=ݚ Gu6|azy*8>IF;BIVѼ*f& r6 0)?#!rT_;:jS(2G%)jQ.H4+s|ֈq{m^_ǁjχ*70OC}G +QvzzdZ wj 鬥Mj*;\T3fb[=bWڪ<vV WJ[-c-fs-%v tuۀNFT  xQcN?5-};*)I}{T+ 3W.<TX觻 өٚ8Ui^qq(KerRl;[/Ԑ #-=qM~JMh&Tk6{18FU_hy? vP)lJ2!^e5cb Ӕ+6y=j 'ʘz LqF\dup(u6v#c߆qH窏;#@ `8d L-R&N`bx'{칼:E\%"$'iP]U͝ng}{L`t8z;'MN9E Ed p.8go:(q rE;׆~g̊G|~ -,uaFVr)Vy|enXtF4rXԤ. +YYteQ_T.*[ uj󚧮Z~ פeRo:E*K>iC.δ{J1Jd3+تr)5Kr n}\^jdlԷP,u8R[MZzRW1e⺭ЙfOZRbBlT,ZTX@兽D*OWo#"37} ȪX?f#Y߻$"q,G{س,B+Xۂ|}DVI=~~)1E,oj-c]~N;d@^g-tᄛV91b3bR*A nKͣ*ew+w& A8bo2Jhɮgܗq?->AUޡnϮU/U13\K"*^SN3|)Pl$(7`Kv3L}O7j hm Nj1KFp6~ݼi`5xݍGІ>%S~Wc_6rdݚ->[tR-Ď0}dc$R{H8Wl<姤1hٔA1Z˅Z/eŮdSDe)[~2謵Au@r H./J7ݟӎ޽eG 3 ώ"p^%wsN䭄@<|z 1  Ǣ/ȡ%pK)?ڹϠEU!DUX8ރYK&dQsxp> 2 3^ƿ:=Zns2e|yw16 I4jx#֯6P}mUqJ_ypsA:sI Gۗ=Z >o+[&3 Y(xyڽav 5?O#Ȅđ{/PAg 6:5aZn/|fcPˢ.o]9 :>Է ':ë;ñr% ᅤ8(hr#v1 M6P$+6w~;JI[v(Ƭ69n8qG@qՉh=Uzzucu/zCxKKxjc"ZRS.`{6[%"r2,N6*XS DsE܉B)`qw '/w@^J*FL`7%HR]E\ P[e~Ɍl5YspE8AG~kr* & Tk/O"BCxΌ/+*]Q@:aD޺XcV+k82OЀk7/4q%7H6sfɄ& x?YxKrF4+j{ON .3/:MY5]8~qRwդĽy(('Pz;,zi۽rng[/2CDt3Ia+J-Ӯ]uԕ_צ`큘:5 S:s}胎l'hXPcL7NeCnS)S]g ,z~ij$K7ˁK` `b֖ivOʒr3A>(W=61SERX,x 7%.sCZsWtҔ*(D6ݕf:&KnipJ@@nEMDD㐓"i'#.j1v]$I^|-\*c;irQk ٍ6c*ZBF zςR֍y! $;NA voZbQpp*\w ,W@U1R7cGvD.Y)mzd%4?qj|ݫt r jDŽnUCREidbV]<~\1)Vk$>by&A vlSnn\eP~< =0/?.ęSD]ޖ2mCq`1k vY)lB/ ^us] 0'>+:O7PWoDD8}2#jH 7.dZdm,p:x4^;ˬͭHyn>wG)1oh®*iTEl ;g4e0e:&RJxUa_h SjIf0ܞP|V)(\ft>zf^_Z&I,+_.v3{;L=mIYPRTJ"O1̄|ϯ;y$ʿ)αgžQk)jW)wOXL)"u4gu{)dT5ق 5\:Ǣ-|AL\R?r:VS]tx31k}Xpuu[ _'T[52/㫮Wߦ4;{%m\'E09v㛩m~IUqB6&wsa!ΎuTOFkLR&`G|Ĺ4jN kCDa4ɻWl1([U[;KjJ=QR`lTMf׷;P.+nA6tmbu2(4e>ubW@gG@Xq6K7JGce@eWq 5rԉԆ gu:xWw1 RK_o^"}v~&^1}n <"h/*TpU븬^|sjT}N" VbkzhS:SQj&"VDCu!+uď.xNcZ?fҜ+RA!8x$g}EHūB\'١@$ azTQ'YO$ZZȏ,Z6܈M^Hʊs rҝ]=G՚ECl݋]bih aAi7s 4>WQJ: Tv@ǐD^7F#LUפۣ! 7xXA|T 1 {j/IckHd d (Ztkyʑ;o\S 4ߖaycD$)W#zO؂X֏5iS9ֲKZD̸4To?\Q͕vO?T1r|[R(^= ɶ\|jӽG 3ُ6Ӊs;=!ocEqT\#DHm1!QP2W|ZWw**4c.NdMӚ7,Q\YZG/,W7t'B`ZVGib'Yo5ܡRJI4IQ8;P:R5"VtcƗE"|^vx tTJyVg RlDphGve,|33b|(W[)1jQ0qT!lPOtT%բ|t]K;SK#p?t>gB +Kha@*@tN(v4&1pF|b?B8j`ŸA}ϟ4+~lY` Z.7 k/:C~2D uCؔiZɑ;C;#-G =77h kG׾qN*tX{Б.s[yi#T?1TüFy OT&ڮGD!:*2B5sPȦ[?$X(ҷt'=9io?.XVcZAXu"e>q}bCZAm^t.HT_d{ AXv^2R+KgbYQ'ǙvX2==F,sM gjh\`ϸH{sB1:]FezKɥ#*r³Kk7tTDZ'C5XJ7q3)?S rEO)eVr77Z_QImS ά=/Lo/HϠxf9Cm=p}["'"lU{|9n92U-ׄL"EeCΚ_*l_nŴn`~Otߵ-L)X-#К71@A\H礀0DTQ*x[xj;ߦ/&U͔m+[CBZ= `4B7>=%b1TDr?}Hrq-3%ub^/ucKߎ|D`UU\չ =([ XF'= ]DׇK=) :sϜaaGr0]nU86 %CS_?nPvq(HY*j2g+u =tso Y ;Aib/hr^rA\glt M/XvE:Ow4_d2R2\}vL,-j} o@`f)V{-ĽJgKb=VN^_wgiۼ 7;(-"e{F/YB+W]9#G3LŠ^UiXf.uR3$ |JgCJ92_) ?0Kֱјv m_Pm"{vSRsT?:-5:x7CVmKZ FR{4{$Vï'WUNVT Aqen%,4=sњT+~ Y@AӒRJD@\_djnXq;k:$ 4q>0vfs$GSz$.P}~BlJeHϱj҅.J V ށ۠KQUby]{f S@IטKྈVi9Ԙ}-?J7pKk%Bq"iV0b=Z͔sIas2ҋ<'^Kv ,~āmOś?HD ,BF(FM57P 71%6 0T3f&#F<.9e=*NP|S;D#^7(::Ž~Q6r2|vԖY%'ѶaW5)zPBqaf@&x D*T .i? J' H,ö$҇$w1knRBFvH .!w= $s͝^๽7Gs|`i6Hk~7 M%w@+KtU>( un @aCn gWIBO$nI^FO92Zh'.A`a'Ddfٯ`uޏ=ܖkPM4w!?_&%Q?i (GwAY ;M* $G[|QVVѤyޡj Kr惶Z5 G]jB(aiK֪W:HqAIb3)q` sZT-yvH (hm pXg:Dfѻҟ"eiY+k'Cb\?]#b-B%"W=Uqd'>$q-1i·c z۔׎'0֔P1?IwhS<$ryO+ך@?榙DO8ݟٔ`=] n&zUy@~hb[딌΅`T?&tzy>g!%dŖo*]K|qOXYh竊+j7Nz/t3^[ٙwUug0G%c1xB_2.n*-m}+aYR4g0B9ao*0*/M:YxO M0Z EM .Moc1f<}J+h7J HVʂL;-lT|xł$dao:.5Wv #Dl3O}CCYrqɧbKDմ7^E *洩Όj(55VHz.N KG_M!)EbŸ|g.\8{ `UHO)ݍGN$ druO&𑊁Qf'ZT2Ys "r1r )%qJJcvRO MbO=mmicf)_T׶Es~(Ǿ8Ni0*JWPFB=& SI9vsFibs[K+2N\=>2:TIqdJHH\  7Hw1|7{!T8ӻjH$aF &ߺwveS{Nc nȴ)^o*%¨<ht@:Osm3wbZ6*Roe~5_r.e؃q/i^P/LJ4/~w{&zq_r=*"*'ψ˿ͯ3NR'#r{YRK\S޹p}w!BܚfD{a-Usp"d9KT㞂T4c rs3OmXš' R1;%6]*6*/z˯nrBkRˋz5D{MZ\SEn]ww!2EU[q`O8귫p}\oHz[w] ܎fHԐZe4w`qWy}cs%ky#?6oH)l/?2{PE6259NjVB@T*}em{sK!~ҒA0?OՂUʲV6md*ild4"K|"hBiqpz⠁+_.i[SLơu\Z.5S*9c+s0MeBxs7_)dsn9n!p|5B5~dz&AMz^SsJ7F]Fk:x0ckf*XHE(k|#Q^ Y> Ro<4]$fz )9:@yl?xթxq &G њυZE'W*Vad~OW 0AxK+Z,z ᖙj͆na.2!s펑nQN\滢KQH]{Z[Ӳ<=нվTI[}n|S.0k?K(aE[ c@ xv ҅v=:BrD Jxyae%!TvV{ffX8Fۑiz9Rt BA-_Sj9dgw[%IqE*b'/^dFuyS|jBs2#mE!YɰqOrYX)W 0ͅg#G)-yAFDXp٬ ˂r_)Г 8j`- Y53HЗLo@ȉ /.ŸtTU$ɩn=)yVyZnp4\8YF3K"[b[ډ?Ue3Qh[A\&Fx#c=f5?ov-+>;ҡe =v[%&syUB.LcN**NdȷI̽D![^T@0 ,ocT'*d.C732YTJwn]푂W!&a]G3I9^tTRь.'C=v+ɘ~chu[\tјXd< :#7t,Ί|uZF "\4yi;"%0RpK'LT055n yd Q{%!JuxmhPɲ9Jcy1dxv`˪:8CU}"RWXgk_} hlA$ڦU3u,'Ut. =޷}e8 /!N& SsB]PN "x"0~L!8Z'dג@'&Q B|Wʇ᫵ 9՞&{?h+9x;]e^ov]:P ìN-"VuAԸ*<¿J{1G4chsD(n_h]/rmmkҒKLKtU/q̀.q\2InT|/b7@3,oKDzẐR[tʬ G _k.XX+10$OaS"mv?b4|: ˩7) dT'JEui$Q$:BD\Qԋxv(X[=˽)p~߻0l]@?jJ,rr #@}i5]F.ѡca靏V@ev2hH*dٞ/6V$heZ sKeM09k^W ڔ(DIq<Ƙ  ! ]hH@SWj5ED a,Tu$[Xo^x}"l\u|^ui=?Ǒ N 9IHB!^*PPKbwm4mv`9Zl$7E2X9sP&!Ybir'o>%zoWuy.D,Pk"!g`4#7 ::$r:HS#p.e܉q+ ,*gM2a2]Xg袬\[JG?`1C*n/n\'g'J@ ?5)(f Kl4=i6|܂xQ3`DJQu8.SL+z[#ar_\ p5QV&(xAj'.G_q@Y쾊ߵIfo [<ɞ7HgFSէс0#pBք>]}?ɵw豞:,)09bpCƌ@xɍ XMϙ:OQ,lg˙0B+ͺxZ쾳Pٲ!GJ7j;raC.jqhg`x |5ezGUhϟ2@fPRCBMNSx)7%AtOzEm݅_+(Lˀ vnVbSQн `uT W`,:{^2{={f(|Ǻ>rkBai ߁ ݻΒ(ylV>F,) lsU%)GWL(h}0>PdGa#rVgVAe.&=(v{{GCX #?8…rN7ό1j)DF>?A@>=C4qzXP z3^}E*skYpK]k,qx5Puߖkw7 Ų,:$G)2ˍJid1i@0Phbᶋ hTgǻl塚e'`w`iMF{Y س Sfs eeWmă쇗"Us6E*"Ы"/)B"ɣK:#oڪ?8P uh3)M^iշ6T#=*L6"#QNk[R|ufQ7rQǧ5D/"5] qe`q<^52 5T/v ˼Ω&N=z) 7\ITk]#M?!n5JT)ˆ.?8T=+)eut)dBԠd@{#EA攁D4H䆰ۈd_toհ?M63H5^NߎDhQ yS O+8IܽvGQnqCꆠ!~ /s;.OVFx3cdz<8UԄL-Ib;"c%)dJZF(%ޚ}I=nh]S^ d>u rOJh҄^"\mgS3v)rF{yT}9 2!H0)MڍI~'uxu oI HoQ\rIPQ,ڦcJ$ØJ ThB8w&U[s9JYvP'nfH}LYxc?F+\6FfA*:j"p}ϫ6tN,T|H#$ >izbY,}Od&pW^j]tH0_ًP,Prm/|`~ױ%ذIW‰BC/5Fd7|жmW3ghv$ YBBfZKcmiAq~JxVlS&fF[_V琷Pmr=,<4h"&gtcjE?֊Qa_0E>8 c]ݠ K"9k+.) yRӭR*T?ipzG7+DU RpڍuHbs:tua$:\a*j ZTšrQXU>lZ~ UXm=qV+tϵ6]>%әD]91 y~;Tm80~rAW 7 n@+Gɩ3R ͘yuN$`[8K=&.61lgEo1_l\}~{bY2aR*ף9 T/9q9f&ξ:Өb&ȷuw@O0f.;j)p7EFe` +o!p}|1 "F7Nш&ɟ<Ӕ_1") U"ጄreݶqcN@%RMNXŪc:.c.N/~mv?H@gЫVJ)LT n%%&kwc$TBċ=zR /l4F6i!˻'?[k搴IULIP}+WjUڪ:8FXiEQƢ =mre.)nyS.!d9Tkrixpk=^o ?Fv=,BCYMMWbk(i!c fqyУ&]x!5w+ цUϙ%U.YqHkq4[RPt iI uf>}P8H|p6F2tnLA=( htݶ% 7IϴIrTߋ@K JXd|Mn2i*CpzQ츿FjɇM(rxeE/h(`1 NFX9(%rFi5CF_v,|{+b}I%˿;8yPG 51r-T>k]9ҵ_JmR1W8^_8+ts6#oa#HS6_wVŪk"ة% -kwLrX| H95f$[[1f_Ie Q~=ªV3NbO.xMi(hLK)`=_|Z8x}RoӦ͵<9ܒ8犬h8!+^ յ짘BϻO\6㿀rGwIF ~%K%fP2j ·:_ aܾc7珒m.j nW/UPk L)z &< #{ G]t4U4Zf̓ʨ Qy.F|0}: jM^' @"lS!wؑ&ʬNU3 h4ФKI[_#>mYYXH.t&%:[vJk"UȜ>O] ~'J_ )uo&@?KIN,z+nA7>_XxTlq2zH S֫GNtV!(Y#S ϭH5VC@rO Q1#CRD D5e']n=7mv.jzLh>)vE_okq_>t?Xqާq3j]{|`s gwPVTlRŦXqDG ue2pyL|;4$K^ qDPI b^(p1ӿᴂVz9̇qb TYݳTgg5н(๬FCe .C/_ &ZzYR&,[d *hcUٴRc'I sr8/J &|: cHuT,3,GNkyA&Aj> :w`rBJ:ި+Cuɪ(b d{ ˭r_MI Iۂ9Zsgq0G6:ȐM†VeK6c:G,R݊8oUwSbfGgl j1/V{FMռ7<x)xBF^2χ_246s d909r3ࡥ;zbRRRxyjg)W_IGghy7 r˹4.hRӜ;`CA~ G#a77xBn_L`T]iYg~_x7ϽM;[1Q>V:2]U}g#$R61CKC_D8OZmz 3Ҧkz_[b0MR 1Ȍշ͢ۓavD [ `[ W Fmb5$ =Q9!T~:d.)0Й&'AkX]Z^؞' )_sR zv۴$U ^i9]C!V&T}Xɾ c~@al074Wx 6q]š3wrHR;X ಀjŭ6>Sx)碉y+ XQqp4V;M|=n2۵_V@pwX?B/O5ΞVfUQ(-2%nde p$_'4جD<ХVhzer/%]]aSd 7zQ 9cV_T9uWVI `CzHyNv?Yytìh$F#>SBLYBO_)q qΉ&} g%E ;6B:PD[vQ\$W0)ޑS wBZ~kxKt.A1:_Ы"7-nG;pWkjȦt 7OSl[,6 S9[8 Io ]sCuj; Nw! 5|Ya4~EGe6H@/YFL2U S_0GҏK@8`OW@*ܨQj'~.ȶݫcX`af/7HZ!Cۭ"\y m,߱eMG|v-xquKNBii8> .ѼW5a`oZ$HuzS;3bR@Dyi}EG_Z7q%!0m>fD+VwkB3+[ ml{^{g Ĵ,cdٷ"Pj1.\?GO+sNpH]F1:2#+z*sb {ئg!ԂuݯMorb[pOIm2r]m85C`߮/pIˡA[0@F-Xv)k,X!lǓae1U+m؟H0*al;r6Xgԁ8 IYZ 7*0=.*|ݱ1[D%cs.h`|c= G!ߜTt?\-ND:EGuOj3Kr5S g2|Dgu5% B*- Wi)ay {{ӫ03P/ Q8a)ְUJ&\RkBoIM=BL%rrᒩMwPv+$ITMdƷexV!q(iavW'MUWf'Z\0$cXğ(zkĔǐ5ȫ߷=R%4pu_ 7i?/n%c^3EG-Ȕ{n[E# tY"7J\]oBP_9+c%TꞀȔo'Ft.[+ZC, pSe=pƍ͚y{ϙ**Gc7 {4Ke#L[@-?MLGѳPeX)σYBgd7>hiSM>M3L.,.y$ {DF\\i6MWL-b@ANxʲX9`Ks]֣q _\ Gc9$V&IDMcfYh>&h8_m5#z]L PYn rfT L[RUeJ,{'X <Y tN7Olt!?7 Y_]U{bb,&&_$\grTc]cA'+⟌F SGJˎRoKTf.NQFHW%vـH|ES_Wt7G1%tgXֱ\+C8.ky#sa2u-P]eE|b1/ 'ҭrQ6ԯ ۖԊwRU)Fvߩ1&:8{Nu#lWDof i i><ҁ)8Ejp,H!%3y3 _G2u]9I`WS#W4]X]\t\"OK=B,G2:V+ֱ)# V|~4-&:ȗq4uZVg,H <Ģ-234.FSEvD5R{ɻ0LѦ>r&󉷜b3UB)kߡH n5&%oBQ[Hʁ)  ʂJL RP {,~U BXJ餭?xaɹ*$vCeř/ dx5) \88e=rRϕ Zκ_JZz+r!w7*ib,CЄ?J".Ϧkh,JsUOqx"RI1l㓬9Rx0W<2~XW#Qr!?;fh‹%7:緬5feP:97HP'l,,c["ѩ%e0iWe5am?&(0c dہlO9#@=uT6 j&jZg[ 10N{Vى]Yȼv \hԙξ,KERM? X@z<6I`6QM8 hٗp  !O*v@DMsph2~“DqzM "#5@uX\t9b; Y8#~mүw:U>CKLϤ;", |<86+Axo`X"y_9' hiq obm&=h9bn D>6Yb\Do6`RL9=IRJZ^ad'? LeM$FZ{kһM=VOτmEw-jASsx+uG`P4,m;xUSz T[q[bMIV s(t0d%(Xd7*6h;/o CyАAbn"Vp}n