nscd-2.31-9.9.1 >  A a݆p9|4\8,I w{jlJH\f$CZĤl&/uE f 8.Ǐ-cF "{cj`,G ~ _T ʈVцꂄʕPm9|·ƀ\1D;.>B;:w.AUV_Q]DZ(dpx4rC6({NT/rn: nAOMK岻7 ]qc$jc954f6f6a04483d24e578f672f9247a404023502ef48dae3d7cbf83a8d201798a54fc902487c790c82f8de85caf9e7dbe7476d1552a݆p9|2S0 -hG~Av9H*fTVY9W6>X$")'@$ԓJ$$Ρ #Ԋc9=Ƒ /T )cQPx8>Q( zɲh ϓݐz 9{g-k/[x,OOCdDxs( u@#*,1 ެ V(+)ڿ*3)BFz2LVQU`P7,s-.UG}9tY~jI<>pIִ?֤d   .  CIO > ;   @ O l>X#X#J#(89: z=>?@BFGH@I|XΌYΜZ[\]^ bcЛde f#l%u8vt w|xոyzDTX^֠Cnscd2.319.9.1Name Service Caching DaemonNscd caches name service lookups and can dramatically improve performance with NIS, NIS+, and LDAP.a݁s390zp36SUSE Linux Enterprise 15SUSE LLC GPL-2.0-or-laterhttps://www.suse.com/System/Daemonshttp://www.gnu.org/software/libc/libc.htmllinuxs390xgetent group nscd >/dev/null || /usr/sbin/groupadd -r nscd getent passwd nscd >/dev/null || /usr/sbin/useradd -r -g nscd -c "User for nscd" -s /sbin/nologin -d /run/nscd nscd if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : for service in nscd.service ; do sysv_service=${service%.*} if [ ! -e /usr/lib/systemd/system/$service ] && [ ! -e /etc/init.d/$sysv_service ]; then mkdir -p /run/systemd/rpm/needs-preset touch /run/systemd/rpm/needs-preset/$service elif [ -e /etc/init.d/$sysv_service ] && [ ! -e /var/lib/systemd/migrated/$sysv_service ]; then /usr/sbin/systemd-sysv-convert --save $sysv_service || : mkdir -p /run/systemd/rpm/needs-sysv-convert touch /run/systemd/rpm/needs-sysv-convert/$service fi done fi if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$YAST_IS_RUNNING" != "instsys" ]; then /usr/bin/systemctl daemon-reload || : fi for service in nscd.service ; do sysv_service=${service%.*} if [ -e /run/systemd/rpm/needs-preset/$service ]; then /usr/bin/systemctl preset $service || : rm "/run/systemd/rpm/needs-preset/$service" || : elif [ -e /run/systemd/rpm/needs-sysv-convert/$service ]; then /usr/sbin/systemd-sysv-convert --apply $sysv_service || : rm "/run/systemd/rpm/needs-sysv-convert/$service" || : touch /var/lib/systemd/migrated/$sysv_service || : fi done fi [ -z "${TRANSACTIONAL_UPDATE}" -a -x /usr/bin/systemd-tmpfiles ] && /usr/bin/systemd-tmpfiles --create /usr/lib/tmpfiles.d/nscd.conf || : # Previously we had nscd.socket, remove it test -x /usr/bin/systemctl && /usr/bin/systemctl stop nscd.socket 2>/dev/null || : test -x /usr/bin/systemctl && /usr/bin/systemctl disable nscd.socket 2>/dev/null || : # Hard removal in case the above did not work rm -f /etc/systemd/system/sockets.target.wants/nscd.socket exit 0 test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -eq 0 -a -x /usr/bin/systemctl ]; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable nscd.service || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_STOP_ON_REMOVAL" && . /etc/sysconfig/services test "$DISABLE_STOP_ON_REMOVAL" = yes -o \ "$DISABLE_STOP_ON_REMOVAL" = 1 && exit 0 /usr/bin/systemctl stop nscd.service ) || : fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ $1 -eq 0 ]; then # Package removal for service in nscd.service ; do sysv_service="${service%.*}" rm "/var/lib/systemd/migrated/$sysv_service" || : done fi if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi if [ "$FIRST_ARG" -ge 1 ]; then # Package upgrade, not uninstall if [ -x /usr/bin/systemctl ]; then ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services test "$DISABLE_RESTART_ON_UPDATE" = yes -o \ "$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0 /usr/bin/systemctl try-restart nscd.service ) || : fi fi exit 0 X A큤A큤A큀a݁a݁a݁a݁a݁a݁a݁a݁a݁a݁a݁a݁a݁a݁a݁e2cdfafd373d24fab07018d0e95dd49510ea6c992b7be2b0611ab23bbc2750b579fe74962fbce2fa9b2a4b92f693b2fd42cbc2ed331fae268de7104879a72df879c9cec5dd2414dcb76d11e75903aa6fd9b7785c897cb9f853edcb140a71b779afed93167bb128b7c02726fa1f05e2f7deae9cdb8fc25b30ac201acfc4f034ed/sbin/service@YYYYYYYrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootglibc-2.31-9.9.1.src.rpmconfig(nscd)glibc:/usr/sbin/nscdnscdnscd(s390-64) @@@@@@@@@@@@@@@@@@@@    /bin/sh/bin/sh/bin/sh/bin/shconfig(nscd)glibclibaudit.so.1()(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.10)(64bit)libc.so.6(GLIBC_2.17)(64bit)libc.so.6(GLIBC_2.2)(64bit)libc.so.6(GLIBC_2.2.2)(64bit)libc.so.6(GLIBC_2.2.4)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.2)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.7)(64bit)libc.so.6(GLIBC_2.8)(64bit)libc.so.6(GLIBC_2.9)(64bit)libcap.so.2()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2)(64bit)libpthread.so.0(GLIBC_2.3.2)(64bit)libpthread.so.0(GLIBC_2.3.3)(64bit)libselinux.so.1()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)shadowsystemdsystemdsystemdsystemd2.31-9.9.12.313.0.4-14.6.0-14.0-15.2-14.14.3a@a@a0`ݮ@`a@`H`H`?z@`@_T__/@_O@^)@^@^{G^g@^`^U @^&^]@]7@]|@]@]:\@\\]@\@\|\~d[[ͻ[$@[t[r@[qr[^[!@[@Z@ZJ@Z2@ZH@ZZ Z}@ZxG@Zp^@Zp^@Ze@ZKt@Z1@Z/Z@Y@Y@YYܶ@YdY@Y@YY@Y@Y@YW@Y@YJYYw2Yp@YJ_YA%@Y.@Y, @Y, @Y$$@Y"XۡX@XWw@W@W@Ws@Wk@Wj}WYZ@WL+@W3W0{WW V@V@V޾Vm@VIV@VŲ@V`VVV@VLh@V.V$@VVZV VUYU|@UAUȒ@UU@UU4@UUv@U%@U/@U:T@TPTgTܕTء@TO@giuliano.belinassi@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.derguenther@suse.comrguenther@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dejslaby@suse.comschwab@suse.deschwab@suse.deschwab@suse.deidonmez@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.denormand@linux.vnet.ibm.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.demeissner@suse.comschwab@suse.deschwab@suse.demgorman@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.de- Add support for livepatches (jsc#SLE-20049). - Enable livepatching on x86_64. - Generate ipa-clones tarball artifact when livepatching is enabled.- 0001-s390x-Align-child-stack-while-clone.-BZ-27968.patch, 0002-S390-Optimize-__memcpy_z196.patch, 0003-S390-Optimize-__memset_z196.patch, 0004-S390-Sync-HWCAP-names-with-kernel-by-adding-aliases-.patch, 0005-S390-Add-new-hwcap-values.patch, 0006-S390-Add-PCI_MIO-and-SIE-HWCAPs.patch: [15sp4 FEAT] GNU2007 - GLIBC: Support for new IBM Z Hardware (bsc#1191592, jsc#IBM-869)- mq-notify-use-after-free.patch: Use __pthread_attr_copy in mq_notify (CVE-2021-33574, bsc#1186489, BZ #27896)- wordexp-param-overflow.patch: wordexp: handle overflow in positional parameter number (CVE-2021-35942, bsc#1187911, BZ #28011)- s390-memmove-ifunc-selector-arch13.patch: S390: Also check vector support in memmove ifunc-selector (bsc#1184035, BZ #27511)- Update glibc-2.31-HTM-vzeroupper.diff with a AVX-SSE transition fix.- Add glibc-2.31-HTM-vzeroupper.diff to avoid VZEROUPPER in the AVX2 accelerated string routines which cause HTM transaction aborts. Instead use EVEX or SSE. (bsc#1181403)- nscd-netgroupcache.patch: nscd: Fix double free in netgroupcache (CVE-2021-27645, bsc#1182733, BZ #27462)- gconv-assertion-iso-2022-jp.patch: gconv: Fix assertion failure in ISO-2022-JP-3 module (CVE-2021-3326, bsc#1181505, BZ #27256)- sysvipc-sem-stat-any.patch: sysvipc: Fix SEM_STAT_ANY kernel argument pass (bsc#1180557, BZ #26637)- aarch64-getauxval.patch: aarch64: Accept PLT calls to __getauxval within libc.so (bsc#1167939) - iconv-redundant-shift.patch: iconv: Accept redundant shift sequences in IBM1364 (CVE-2020-27618, bsc#1178386, BZ #26224) - iconv-ucs4-loop-bounds.patch: iconv: Fix incorrect UCS4 inner loop bounds (CVE-2020-29562, bsc#1179694, BZ #26923) - printf-long-double-non-normal.patch: x86: Harden printf against non-normal long double values (CVE-2020-29573, bsc#1179721, BZ #26649) - get-nprocs-cpu-online-parsing.patch: Fix parsing of /sys/devices/system/cpu/online (bsc#1180038, BZ #25859)- power10-support.patch: Add support for POWER10 (jsc#SLE-13520) - iconv-option-parsing.patch: Rewrite iconv option parsing (CVE-2016-10228, bsc#1027496, BZ #19519)- Update to glibc 2.31 - glibc-2.14-crypt.diff, crypt_blowfish-const.patch, crypt_blowfish-1.2-sha.diff, crypt_blowfish-gensalt.patch, crypt_blowfish-1.2-hack_around_arm.diff, glibc-nodate.patch, powerpc-elision-enable-envvar.patch, s390-elision-enable-envvar.patch, crt-nocompress-debug-sections.patch, resolv-context-leak.patch, dl-runtime-resolve-opt-avx512f.patch, libpthread-compat-wrappers.patch, math-c++-compat.patch, remove-nss-nis-compat.patch, eh-frame-zero-terminator.patch, ld-so-hwcap-x86-64.patch, assert-pedantic.patch, getaddrinfo-errno.patch, resolv-conf-oom.patch, dynarray-allocation.patch, nearbyint-inexact.patch, nss-compat.patch, nscd-libnsl.patch, malloc-tcache-leak.patch, falkor-memcpy-memmove.patch, aarch64-cpu-features.patch, nss-files-large-buffers.patch, sysconf-uio-maxiov.patch, glob-tilde-overflow.patch, dl-runtime-resolve-xsave.patch, spawni-assert.patch, x86-64-dl-platform.patch, glob64-s390.patch, tst-tlsopt-powerpc.patch, powerpc-hwcap-bits.patch, malloc-tcache-check-overflow.patch, dl-init-paths-overflow.patch, fillin-rpath-empty-tokens.patch, getcwd-absolute.patch, memalign-overflow.patch, stack-guard-size-accounting.patch, libgcc-rtld-now.patch, res-send-enomem.patch, glibc-fix-avx512-mempcpy.patch, i386-memmove-sse2-unaligned.patch, realpath-ssize-max-overflow.patch, localtime-2039.patch, math-remove-slow-path.patch, aarch64-hwcap-atomics.patch, glibc-fix-aarch64-build.diff, absolute-symbols.patch, x86-haswell-string-flags.patch, pthread-cond-broadcast-waiters-after-spinning.patch, mman-map-sync.patch, mman-linux-map-shared-validate.patch, nptl-setxid-error.patch, pthread-mutex-trylock-barrier.patch, getaddrinfo-parse-ipv4-address.patch, japanese-era-name-may-2019.patch, force-elision-race.patch, regex-read-overrun.patch, regex-parse-reg-exp.patch, 0001-S390-Add-configure-check-to-detect-z10-as-mininum-ar.patch, 0002-S390-Use-hwcap-instead-of-dl_hwcap-in-ifunc-resolver.patch, 0003-S390-Unify-31-64bit-memcpy.patch, 0004-S390-Refactor-memcpy-mempcpy-ifunc-handling.patch, 0005-S390-Remove-s390-specific-implementation-of-bcopy.patch, 0006-S390-Use-memcpy-for-forward-cases-in-memmove.patch, 0007-S390-Add-configure-check-to-detect-z13-as-mininum-ar.patch, 0008-S390-Add-z13-memmove-ifunc-variant.patch, 0009-S390-Add-z13-strstr-ifunc-variant.patch, 0010-S390-Add-z13-memmem-ifunc-variant.patch, 0011-S390-Cleanup-ifunc-resolve.h.patch, 0012-S390-Mark-vx-and-vxe-as-important-hwcap.patch, 0013-S390-Add-new-hwcap-values-for-new-cpu-architecture-a.patch, 0014-S390-Add-configure-check-to-detect-support-for-arch1.patch, 0015-S390-Add-arch13-memmove-ifunc-variant.patch, 0016-S390-Add-arch13-strstr-ifunc-variant.patch, 0017-S390-Add-arch13-memmem-ifunc-variant.patch, prefer-map-32bit-exec.patch, s390-strstr-page-boundary.patch, ppc-tle-htm-nosc.patch, posix-Add-internal-symbols-for-posix_spawn-interface.patch, glibc-2.29-posix-Use-posix_spawn-on-popen.patch, backtrace-powerpc.patch, pthread-rwlock-pwn.patch, manual-memory-protection.patch, ldbl-96-rem-pio2l.patch, dl-sort-maps.patch, dlopen-filter-object.patch, glob-use-after-free.patch, nptl-setxid-race.patch, nscd-senfile.patch, ldd-system-interp.patch, abort-no-flush.patch, fnmatch-collating-elements.patch, nss-files-long-lines-2.patch, iconv-reset-input-buffer.patch, nscd-prune.patch, syslog-locking.patch: Removed. - long-double-alias.patch, glibc-nsswitch-usr.diff, euc-kr-overrun.patch, riscv-syscall-clobber.patch, nscd-gc-cycle.patch: Added.- nscd-senfile.patch: Fix concurrent changes on nscd aware files (bsc#1171878, BZ #23178) - nscd-prune.patch: nscd: bump GC cycle during cache pruning (bsc#1171878, BZ #26130) - syslog-locking.patch: Correct locking and cancellation cleanup in syslog functions (bsc#1172085, BZ #26100)- nptl-setxid-race.patch: nptl: wait for pending setxid request also in detached thread (bsc#1162930, BZ #25942)- glob-use-after-free.patch: Fix use-after-free in glob when expanding ~user (CVE-2020-1752, bsc#1167631, BZ #25414)- dl-sort-maps.patch, dlopen-filter-object.patch: Allow dlopen of filter object to work (bsc#1166106, BZ #16272)- ldbl-96-rem-pio2l.patch: Avoid ldbl-96 stack corruption from range reduction of pseudo-zero (CVE-2020-10029, bsc#1165784, BZ #25487)- pthread-rwlock-pwn.patch: Fix rwlock stall with PREFER_WRITER_NONRECURSIVE_NP (bsc#1164505, BZ #23861) - manual-memory-protection.patch: manual: Document mprotect and introduce section on memory protection (bsc#1163184)- backtrace-powerpc.patch: Fix array overflow in backtrace on PowerPC (CVE-2020-1751, bsc#1158996, BZ #25423)- posix-Add-internal-symbols-for-posix_spawn-interface.patch, glibc-2.29-posix-Use-posix_spawn-on-popen.patch: Use posix_spawn on popen (bsc#1149332, BZ #22834)- ppc-tle-htm-nosc.patch: powerpc: Fix syscalls during early process initialization (SLE-8348, BZ #22685)- s390-strstr-page-boundary.patch: S390: Fix handling of needles crossing a page in strstr z15 ifunc-variant (bsc#1157893, BZ #25226)- prefer-map-32bit-exec.patch: rtld: Check __libc_enable_secure before honoring LD_PREFER_MAP_32BIT_EXEC (CVE-2019-19126, bsc#1157292, BZ [#25204])- GNU1815 - Hardware support in toolchain (bsc#1151582) 0001-S390-Add-configure-check-to-detect-z10-as-mininum-ar.patch 0002-S390-Use-hwcap-instead-of-dl_hwcap-in-ifunc-resolver.patch 0003-S390-Unify-31-64bit-memcpy.patch 0004-S390-Refactor-memcpy-mempcpy-ifunc-handling.patch 0005-S390-Remove-s390-specific-implementation-of-bcopy.patch 0006-S390-Use-memcpy-for-forward-cases-in-memmove.patch 0007-S390-Add-configure-check-to-detect-z13-as-mininum-ar.patch 0008-S390-Add-z13-memmove-ifunc-variant.patch 0009-S390-Add-z13-strstr-ifunc-variant.patch 0010-S390-Add-z13-memmem-ifunc-variant.patch 0011-S390-Cleanup-ifunc-resolve.h.patch 0012-S390-Mark-vx-and-vxe-as-important-hwcap.patch 0013-S390-Add-new-hwcap-values-for-new-cpu-architecture-a.patch 0014-S390-Add-configure-check-to-detect-support-for-arch1.patch 0015-S390-Add-arch13-memmove-ifunc-variant.patch 0016-S390-Add-arch13-strstr-ifunc-variant.patch 0017-S390-Add-arch13-memmem-ifunc-variant.patch- regex-parse-reg-exp.patch: ERE '0|()0|\1|0' causes regexec undefined behavior (CVE-2009-5155, bsc#1127223, BZ #18986) - regex-read-overrun.patch: regex: fix read overrun (CVE-2019-9169, bsc#1127308, BZ #24114)- crt-nocompress-debug-sections.patch: Don't compress debug sections in crt*.o files (bsc#1123710)- ldconfig-concurrency.patch: Avoid concurrency problem in ldconfig (bsc#1117993, BZ #23973)- force-elision-race.patch: Fix race in pthread_mutex_lock while promoting to PTHREAD_MUTEX_ELISION_NP (bsc#1131330, BZ #23275)- japanese-era-name-may-2019.patch: ja_JP locale: Add entry for the new Japanese era (bsc#1100396, BZ #22964)- pthread-mutex-trylock-barrier.patch: pthread_mutex_trylock does not use the correct order of instructions while maintaining the robust mutex list due to missing compiler barriers (bsc#1130045, BZ #24180) - getaddrinfo-parse-ipv4-address.patch: getaddrinfo: Fully parse IPv4 address strings (CVE-2016-10739, bsc#1122729, BZ #20018)- mman-map-sync.patch: Add MAP_SYNC from Linux 4.15 (bsc#1126590) - mman-linux-map-shared-validate.patch: Add MAP_SHARED_VALIDATE from Linux 4.15 (bsc#1126590) - nptl-setxid-error.patch: nptl: Preserve error in setxid thread broadcast in coredumps (bsc#1063675, BZ #22153)- x86-haswell-string-flags.patch: Fix Haswell CPU string flags (bsc#1114984, BZ #23709) - pthread-cond-broadcast-waiters-after-spinning.patch: Fix waiters-after-spinning case (bsc#1114993, BZ #23538)- absolute-symbols.patch: Don't relocate absolute symbols (bsc#1112570, BZ [#19818])- glibc-fix-aarch64-build.diff: Fix build on aarch64 with binutils newer than 2.30.- Add glibc-locale-base subpackage containing only C, C.UTF-8 and en_US.UTF-8 locales (fate#326551)- aarch64-hwcap-atomics.patch: aarch64: add HWCAP_ATOMICS to HWCAP_IMPORTANT (fate#325962)- math-remove-slow-path.patch: Remove slow paths from math routines (fate#325815, fate#325879, fate#325880, fate#325881, fate#325882)- localtime-2039.patch: Fix year 2039 bug for localtime with 64-bit time_t (bsc#1102526, BZ #22639)- i386-memmove-sse2-unaligned.patch: Fix SSE2 memmove issue when crossing 2GB boundary (CVE-2017-18269, bnc#1094150, BZ #22644) - realpath-ssize-max-overflow.patch: Fix overflow in path length computation (CVE-2018-11236, bsc#1094161, BZ #22786) - glibc-fix-avx512-mempcpy.patch: replace with upstream version- Use %license also for COPYING and COPYING.LIB (bsc#1082318)- Add glibc-fix-avx512-mempcpy.patch as quick fix for mempcpy buffer overwrite in memmove-avx512-no-vzeroupper.S for Knights Landing CPUs (CVE-2018-11237, bnc#1094154, bnc#1092877, BZ #23196)- Readd nis to netgroup and automount nss config (bsc#1088860)- res-send-enomem.patch: Fix crash in resolver on memory allocation failure (bsc#1086690, BZ #23005)- Use %license (bsc#1082318)- stack-guard-size-accounting.patch: Fix stack guard size accounting (bsc#1074208, BZ #22637) - libgcc-rtld-now.patch: Open libgcc.so with RTLD_NOW during pthread_cancel (bsc#1074208, BZ #22636)- Mark source0 as nosource in non-main source rpms- Add systemtap-headers to BuildRequires. - Add --enable-systemtap to configure arguments. (fate#324969, bsc#1073636)- memalign-overflow.patch: Fix integer overflows in internal memalign and malloc functions (CVE-2018-6485, CVE-2018-6551, bsc#1079036, BZ #22343, BZ #22774)- fix-locking-in-_IO_cleanup.patch: Skip locked files during exit (bsc#1070491, BZ #15142)- Avoid duplicate source rpm- getcwd-absolute.patch: make getcwd(3) fail if it cannot obtain an absolute path (CVE-2018-1000001, bsc#1074293, BZ #22679)- dl-init-paths-overflow.patch: Count components of the expanded path in _dl_init_path (CVE-2017-1000408, CVE-2017-1000409, bsc#1071319, BZ [#22607], BZ #22627) - fillin-rpath-empty-tokens.patch: Check for empty tokens before dynamic string token expansion (CVE-2017-16997, bsc#1073231, BZ #22625)- tst-tlsopt-powerpc.patch: fix tst-tlsopt-powerpc (bcn#1070419) - powerpc-hwcap-bits.patch: Update HWCAP for powerpc (bnc#1070420) - malloc-tcache-check-overflow.patch: Fix integer overflow in malloc when tcache is enabled (CVE-2017-17426, bnc#1071479, BZ #22375)- Add _multibuild- glob64-s390.patch: no compat glob64 on s390 - noversion.tar.bz2: remove unused source- x86-64-dl-platform.patch: Don't set GLRO(dl_platform) to NULL (BZ #22299)- spawni-assert.patch: Fix improper assert in Linux posix_spawn (BZ [#22273])- math-c++-compat.patch: Add more C++ compatibility (BZ #22296) - malloc-tcache-leak.patch: Fix tcache leak after thread destruction (BZ [#22111]) - falkor-memcpy-memmove.patch: Optimized implementation of memcpy/memmove for Qualcomm Falkor - aarch64-cpu-features.patch: Fix glibc.tune.cpu tunable handling - nss-files-large-buffers.patch: Avoid large buffers with many host addresses (BZ #22078) - sysconf-uio-maxiov.patch: Fix missing definition of UIO_MAXIOV (BZ [#22321]) - glob-tilde-overflow.patch: Fix buffer overflows with GLOB_TILDE (CVE-2017-15670, CVE-2017-15671, CVE-2017-15804, bsc#1064569. bsc#1064580, bsc#1064583, BZ #22320, BZ #22325, BZ #22332) - dl-runtime-resolve-xsave.patch: Use fxsave/xsave/xsavec in _dl_runtime_resolve (BZ #21265)- nscd-libnsl.patch: Remove reference to libnsl from nscd (bsc#1062244)- Drop glibc-obsolete - glibc-2.3.90-noversion.diff: remove - reinitialize-dl_load_write_lock.patch: remove- nss-compat.patch: Move nss_compat from nis to nss subdir and install it unconditionally - nsswitch.conf: switch back to compat for passwd, group, shadow- assert-pedantic.patch: Suppress pedantic warning caused by statement expression (BZ #21242, BZ #21972) - math-c++-compat.patch: Add more C++ compatibility (BZ #22235) - getaddrinfo-errno.patch: Fix errno and h_errno handling in getaddrinfo (BZ #21915, BZ #21922) - resolv-conf-oom.patch: Fix memory handling in OOM situation during resolv.conf parsing (BZ #22095, BZ #22096) - dynarray-allocation.patch: Fix initial size of dynarray allocation and set errno on overflow error - nearbyint-inexact.patch: Avoid spurious inexact in nearbyint (BZ #22225)- math-c++-compat.patch: add more C++ compatibility (BZ #22146)- Remove rpcsvc/yppasswd.* from glibc-devel - ld-so-hwcap-x86-64.patch: add x86_64 to hwcap (bsc#1056606, BZ #22093)- eh-frame-zero-terminator.patch: Properly terminate .eh_frame (BZ #22051)- Disable obsolete libnsl and NIS support - remove-nss-nis-compat.patch: remove nis and compat from default NSS configs - nsswitch.conf: Likewise- math-c++-compat.patch: Do not use __builtin_types_compatible_p in C++ mode (BZ #21930)- Add iconvconfig to baselibs.conf (bsc#1051042)- resolv-context-leak.patch: Fix leaks of resolver contexts - dl-runtime-resolve-opt-avx512f.patch: Use _dl_runtime_resolve_opt only with AVX512F (BZ #21871) - libpthread-compat-wrappers.patch: Don't use IFUNC resolver for longjmp or system in libpthread (BZ #21041)- Update to glibc 2.26 * A per-thread cache has been added to malloc * Unicode 10.0.0 Support * Improvements to the DNS stub resolver * New function reallocarray, which resizes an allocated block (like realloc) to the product of two sizes, with a guaranteed clean failure upon integer overflow in the multiplication * New wrappers for the Linux-specific system calls preadv2 and pwritev2 * posix_spawnattr_setflags now supports the flag POSIX_SPAWN_SETSID, to create a new session ID for the spawned process * errno.h is now safe to use from C-preprocessed assembly language on all supported operating systems * On ia64, powerpc64le, x86-32, and x86-64, the math library now implements 128-bit floating point as defined by ISO/IEC/IEEE 60559:2011 (IEEE 754-2008) and ISO/IEC TS 18661-3:2015 * The synchronization that pthread_spin_unlock performs has been changed to now be equivalent to a C11 atomic store with release memory order to the spin lock's memory location * The DNS stub resolver no longer performs EDNS fallback * res_mkquery and res_nmkquery no longer support the IQUERY opcode * The _res_opcodes variable has been removed from libresolv * no longer includes inline versions of any string functions, as this kind of optimization is better done by the compiler * The nonstandard header has been removed * The obsolete header has been removed * The obsolete signal constant SIGUNUSED is no longer defined by * The obsolete function cfree has been removed * The stack_t type no longer has the name struct sigaltstack * The ucontext_t type no longer has the name struct ucontext * On S/390 GNU/Linux, the constants defined by have been synced with the kernel * Linux kernel 3.2 or later is required at runtime, on all architectures supported by that kernel * The DNS stub resolver limits the advertised UDP buffer size to 1200 bytes, to avoid fragmentation-based spoofing attacks (CVE-2017-12132) * LD_LIBRARY_PATH is now ignored in binaries running in privileged AT_SECURE mode to guard against local privilege escalation attacks (CVE-2017-1000366) * Avoid printing a backtrace from the __stack_chk_fail function since it is called on a corrupt stack and a backtrace is unreliable on a corrupt stack (CVE-2010-3192) * A use-after-free vulnerability in clntudp_call in the Sun RPC system has been fixed (CVE-2017-12133) * fate#322258, fate#321513, fate#322453 - fts-symbol-redirect.patch, glibc-resolv-reload.diff, glibc-2.2-sunrpc.diff, i686-memchr-sse.patch, ld-hwcap-mask-suid.patch, ld-library-path-suid.patch, sunrpc-use-after-free.patch, test-math-vector-sincos-aliasing.patch, tunables-bigendian.patch: Removed- Fix RPM group- s390-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (fate#322271)- ld-hwcap-mask-suid.patch: Ignore and remove LD_HWCAP_MASK for AT_SECURE programs (BZ #21209) - ld-library-path-suid.patch: Completely ignore LD_LIBRARY_PATH for AT_SECURE=1 programs (CVE-2017-1000366, bsc#1039357, BZ #21624)- Remove glibc-cpusetsize.diff, no longer useful- fts-symbol-redirect.patch: Fix symbol redirect for fts_set (bsc#1041123, BZ #21289)- test-math-vector-sincos-aliasing.patch: Fix test-math-vector-sincos.h aliasing- add-locales.patch: renamed from glibc-2.3.locales.diff.bz2, drop en_BE locales (bsc#1039502)- Remove glibc-testsuite.patch, no longer relevant- Use multibuild feature - Remove obsolete check-build.sh - glibc.rpmlintrc: remove obsolete entries - Use %tmpfiles_create in nscd postin- i686-memchr-sse.patch: Fix i686 memchr overflow calculation (bsc#1031021, BZ #21182) - sunrpc-use-after-free.patch: Avoid use-after-free read access in clntudp_call (BZ #21115) - Build testsuite with gdb and python-pexpect to enable more tests- tunables-bigendian.patch: Fix getting tunable values on big-endian (BZ [#21109])- Update to glibc 2.25 * The feature test macro __STDC_WANT_LIB_EXT2__, from ISO/IEC TR 24731-2:2010, is supported to enable declarations of functions from that TR. * The feature test macro __STDC_WANT_IEC_60559_BFP_EXT__, from ISO/IEC TS 18661-1:2014, is supported to enable declarations of functions and macros from that TS. * The feature test macro __STDC_WANT_IEC_60559_FUNCS_EXT__, from ISO/IEC TS 18661-4:2015, is supported to enable declarations of functions and macros from that TS. * The nonstandard feature selection macros _REENTRANT and _THREAD_SAFE are now treated as compatibility synonyms for _POSIX_C_SOURCE=199506L. * The inclusion of by is deprecated. * New features from TS 18661-1:2014 are added to libm: the fesetexcept, fetestexceptflag, fegetmode and fesetmode functions, the femode_t type and the FE_DFL_MODE and FE_SNANS_ALWAYS_SIGNAL macros. * Integer width macros from TS 18661-1:2014 are added to : CHAR_WIDTH, SCHAR_WIDTH, UCHAR_WIDTH, SHRT_WIDTH, USHRT_WIDTH, INT_WIDTH, UINT_WIDTH, LONG_WIDTH, ULONG_WIDTH, LLONG_WIDTH, ULLONG_WIDTH; and to : INT8_WIDTH, UINT8_WIDTH, INT16_WIDTH, UINT16_WIDTH, INT32_WIDTH, UINT32_WIDTH, INT64_WIDTH, UINT64_WIDTH, INT_LEAST8_WIDTH, UINT_LEAST8_WIDTH, INT_LEAST16_WIDTH, UINT_LEAST16_WIDTH, INT_LEAST32_WIDTH, UINT_LEAST32_WIDTH, INT_LEAST64_WIDTH, UINT_LEAST64_WIDTH, INT_FAST8_WIDTH, UINT_FAST8_WIDTH, INT_FAST16_WIDTH, UINT_FAST16_WIDTH, INT_FAST32_WIDTH, UINT_FAST32_WIDTH, INT_FAST64_WIDTH, UINT_FAST64_WIDTH, INTPTR_WIDTH, UINTPTR_WIDTH, INTMAX_WIDTH, UINTMAX_WIDTH, PTRDIFF_WIDTH, SIG_ATOMIC_WIDTH, SIZE_WIDTH, WCHAR_WIDTH, WINT_WIDTH. * New features are added from TS 18661-1:2014: - Signaling NaN macros: SNANF, SNAN, SNANL. - Nearest integer functions: roundeven, roundevenf, roundevenl, fromfp, fromfpf, fromfpl, ufromfp, ufromfpf, ufromfpl, fromfpx, fromfpxf, fromfpxl, ufromfpx, ufromfpxf, ufromfpxl. - llogb functions: the llogb, llogbf and llogbl functions, and the FP_LLOGB0 and FP_LLOGBNAN macros. - Max-min magnitude functions: fmaxmag, fmaxmagf, fmaxmagl, fminmag, fminmagf, fminmagl. - Comparison macros: iseqsig. - Classification macros: iscanonical, issubnormal, iszero. - Total order functions: totalorder, totalorderf, totalorderl, totalordermag, totalordermagf, totalordermagl. - Canonicalize functions: canonicalize, canonicalizef, canonicalizel. - NaN functions: getpayload, getpayloadf, getpayloadl, setpayload, setpayloadf, setpayloadl, setpayloadsig, setpayloadsigf, setpayloadsigl. * The functions strfromd, strfromf, and strfroml, from ISO/IEC TS 18661-1:2014, are added to libc. * Most of glibc can now be built with the stack smashing protector enabled. * The function explicit_bzero, from OpenBSD, has been added to libc. * On ColdFire, MicroBlaze, Nios II and SH3, the float_t type is now defined to float instead of double. * On x86_64, when compiling with -mfpmath=387 or -mfpmath=sse+387, the float_t and double_t types are now defined to long double instead of float and double. * The getentropy and getrandom functions, and the header file have been added. * The buffer size for byte-oriented stdio streams is now limited to 8192 bytes by default. * The header now includes the header. * The malloc_get_state and malloc_set_state functions have been removed. * The “ip6-dotint” and “no-ip6-dotint” resolver options, and the corresponding RES_NOIP6DOTINT flag from have been removed. * The "ip6-bytestring" resolver option and the corresponding RES_USEBSTRING flag from have been removed. * The flags RES_AAONLY, RES_PRIMARY, RES_NOCHECKNAME, RES_KEEPTSIG, RES_BLAST defined in the header file have been deprecated. * The "inet6" option in /etc/resolv.conf and the RES_USE_INET6 flag for _res.flags are deprecated. * DNSSEC-related declarations and definitions have been removed from the header file, and libresolv will no longer attempt to decode the data part of DNSSEC record types. * The resource record type classification macros ns_t_qt_p, ns_t_mrr_p, ns_t_rr_p, ns_t_udp_p, ns_t_xfr_p have been removed from the header file because the distinction between RR types and meta-RR types is not officially standardized, subject to revision, and thus not suitable for encoding in a macro. * The types res_sendhookact, res_send_qhook, re_send_rhook, and the qhook and rhook members of the res_state type in have been removed. * For multi-arch support it is recommended to use a GCC which has been built with support for GNU indirect functions. * GDB pretty printers have been added for mutex and condition variable structures in POSIX Threads. * Tunables feature added to allow tweaking of the runtime for an application program. * A new version of condition variables functions have been implemented in the NPTL implementation of POSIX Threads to provide stronger ordering guarantees. * A new version of pthread_rwlock functions have been implemented to use a more scalable algorithm primarily through not using a critical section anymore to make state changes. * On ARM EABI (32-bit), generating a backtrace for execution contexts which have been created with makecontext could fail to terminate due to a missing .cantunwind annotation. (CVE-2016-6323) * The DNS stub resolver functions would crash due to a NULL pointer dereference when processing a query with a valid DNS question type which was used internally in the implementation. (CVE-2015-5180) - Enable stack protector if part of %optflags - startcontext-cantunwind.patch: Removed - cpuid-assertion.patch: Removed- cpuid-assertion.patch: Don't assert on older Intel CPUs (BZ #20647)- glibc-2.3.3-nscd-db-path.diff: Move persistent nscd databases to /var/lib/nscd - glibc-2.3.90-langpackdir.diff: simplify- Update to glibc 2.24 * The minimum Linux kernel version that this version of the GNU C Library can be used with is 3.2 * The pap_AN locale has been deleted * The readdir_r and readdir64_r functions have been deprecated * The type `union wait' has been removed * A new NSS action is added to facilitate large distributed system administration * The deprecated __malloc_initialize_hook variable has been removed from the API * The long unused localedef --old-style option has been removed * nextupl, nextup, nextupf, nextdownl, nextdown and nextdownf are added to libm * An unnecessary stack copy in _nss_dns_getnetbyname_r was removed (CVE-2016-3075) * Previously, getaddrinfo copied large amounts of address data to the stack, even after the fix for CVE-2013-4458 has been applied, potentially resulting in a stack overflow. getaddrinfo now uses a heap allocation instead (CVE-2016-3706) * The glob function suffered from a stack-based buffer overflow when it was called with the GLOB_ALTDIRFUNC flag and encountered a long file name (CVE-2016-1234) * The Sun RPC UDP client could exhaust all available stack space when flooded with crafted ICMP and UDP messages (CVE-2016-4429) * The IPv6 name server management code in libresolv could result in a memory leak for each thread which is created, performs a failing naming lookup, and exits (CVE-2016-5417) - startcontext-cantunwind.patch: mark __startcontext as .cantunwind (bsc#974800, BZ #20435) - Removed patches: * 0001-Updated-translations-for-2.23.patch * 0002-Regenerate-libc.pot-for-2.23.patch * 0003-Regenerated-configure-scripts.patch * 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch * 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch * 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch * 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch * 0008-Update-NEWS.patch * 0009-sln-use-stat64.patch * 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch * 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch * 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch * 0013-Mention-BZ-19762-in-NEWS.patch * 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch * 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch * 0016-Fix-resource-leak-in-resolver-bug-19257.patch * 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch * 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch * 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch * 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch * 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch * 0022-configure-fix-test-usage.patch * 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch * 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch * 0025-getnameinfo-Do-not-preserve-errno.patch * 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch * 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch * 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch * 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch * 0030-hesiod-Remove-RCS-keywords.patch * 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch * 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch * 0033-malloc-Remove-NO_THREADS.patch * 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch * 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch * 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch * 0037-malloc-Add-missing-internal_function-attributes-on-f.patch * 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch * 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch * 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch * 0041-nss_dns-Check-address-length-before-creating-addrinf.patch * 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch * 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch * 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch * 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch * 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch * 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch * 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch * 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch * 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch * 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch * 0052-Fix-tst-dlsym-error-build.patch * 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch * 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch * 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch * 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch * clntudp-call-alloca.patch * glibc-memset-nontemporal.diff * nis-initgroups-status.patch * nscd-gc-crash.patch * robust-mutex-deadlock.patch * strncat-avoid-array-bounds-warning.patch- strncat-avoid-array-bounds-warning.patch: Avoid array-bounds warning for stncat on i586 (BZ #20260) - Update glibc.keyring - Unset MALLOC_CHECK_ during testsuite run- nsswitch.conf: Add fallback to files for passwd and group to prepare for libnsl removal.- nis-initgroups-status.patch: Return proper status from _nss_nis_initgroups_dyn (bsc#984269, BZ #20262) - robust-mutex-deadlock.patch: Fix generic __lll_robust_timedlock_wait to check for timeout (bsc#985170, BZ #20263)- nscd-gc-crash.patch: Fix nscd assertion failure in gc (bsc#965699, BZ [#19755])- clntudp-call-alloca.patch: do not use alloca in clntudp_call (CVE-2016-4429, bsc#980854, BZ #20112)- Import patches from 2.23 branch 0001-Updated-translations-for-2.23.patch 0002-Regenerate-libc.pot-for-2.23.patch 0003-Regenerated-configure-scripts.patch 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch 0008-Update-NEWS.patch 0009-sln-use-stat64.patch 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch 0013-Mention-BZ-19762-in-NEWS.patch 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch 0016-Fix-resource-leak-in-resolver-bug-19257.patch 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch 0022-configure-fix-test-usage.patch 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch 0025-getnameinfo-Do-not-preserve-errno.patch 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch 0030-hesiod-Remove-RCS-keywords.patch 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch 0033-malloc-Remove-NO_THREADS.patch 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch 0037-malloc-Add-missing-internal_function-attributes-on-f.patch 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch 0041-nss_dns-Check-address-length-before-creating-addrinf.patch 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch 0052-Fix-tst-dlsym-error-build.patch 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch - CVE-2016-3075 CVE-2016-1234 CVE-2016-3706 bsc#973164 bsc#969727 - resolv-mem-leak.patch: renamed to 0016-Fix-resource-leak-in-resolver-bug-19257.patch - no-long-double.patch: renamed to 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch - glibc-gcc6.patch: renamed to 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch- glibc-c-utf8-locale.patch: fix bad standard in LC_IDENTIFICATION categories - glibc-2.3.locales.diff.bz2: likewise- glibc-gcc6.patch: Suppress GCC 6 warning about ambiguous 'else' with - Wparentheses- Add compatibility symlinks for LSB 3.0 (fate#318933)- powerpc-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (bsc#967594, fate#318236)- ldd-system-interp.patch: Restore warning about execution permission, it is still needed for noexec mounts (bsc#915985)- Add C.UTF-8 locale (see https://sourceware.org/glibc/wiki/Proposals/C.UTF-8) and rh#902094 . Added with glibc-c-utf8-locale.patch. - Add glibc-disable-gettext-for-c-utf8.patch to disable gettext for C.UTF-8 same as C locale.- Move %install_info_delete to %preun - crypt_blowfish-1.3.tar.gz.sign: Remove, the sign key is no longer acceptable- no-long-double.patch: Don't use long double functions if NO_LONG_DOUBLE- Update to glibc 2.23 release. * Unicode 8.0.0 Support * sched_setaffinity, pthread_setaffinity_np no longer attempt to guess the kernel-internal CPU set size * The fts.h header can now be used with -D_FILE_OFFSET_BITS=64 * getaddrinfo now detects certain invalid responses on an internal netlink socket * A defect in the malloc implementation, present since glibc 2.15 (2012) or glibc 2.10 via --enable-experimental-malloc (2009), could result in the unnecessary serialization of memory allocation requests across threads * The obsolete header has been removed * The obsolete functions bdflush, create_module, get_kernel_syms, query_module and uselib are no longer available to newly linked binaries * Optimized string, wcsmbs and memory functions for IBM z13. * Newly linked programs that define a variable called signgam will no longer have it set by the lgamma, lgammaf and lgammal functions - Removed patches: * dont-remove-nodelete-flag.patch * openat64-readd-o-largefile.patch * mntent-blank-line.patch * opendir-o-directory-check.patch * strcoll-remove-strdiff-opt.patch * ld-pointer-guard.patch * tls-dtor-list-mangling.patch * powerpc-lock-elision-race.patch * prelink-elf-rtype-class.patch * vector-finite-math-aliases.patch * powerpc-elision-adapt-param.patch * catopen-unbound-alloca.patch * strftime-range-check.patch * hcreate-overflow-check.patch * errorcheck-mutex-no-elision.patch * refactor-nan-parsing.patch * send-dg-buffer-overflow.patch * isinf-cxx11-conflict.patch * ibm93x-redundant-shift-si.patch * iconv-reset-input-buffer.patch * tzset-tzname.patch * static-dlopen.patch- isinf-cxx11-conflict.patch: Fix isinf/isnan declaration conflict with C++11 (bsc#963700, BZ #19439)- tls-dtor-list-mangling.patch: Harden tls_dtor_list with pointer mangling (BZ #19018) - prelink-elf-rtype-class.patch: Keep only ELF_RTYPE_CLASS_{PLT|COPY} bits for prelink (BZ #19178) - vector-finite-math-aliases.patch: Better workaround for aliases of * _finite symbols in vector math library (BZ# 19058) - powerpc-elision-adapt-param.patch: powerpc: Fix usage of elision transient failure adapt param (BZ #19174) - catopen-unbound-alloca.patch: Fix unbound alloca in catopen (CVE-2015-8779, bsc#962739, BZ #17905) - strftime-range-check.patch: Add range check on time fields (CVE-2015-8776, bsc#962736, BZ #18985) - hcreate-overflow-check.patch: Handle overflow in hcreate (CVE-2015-8778, bsc#962737, BZ #18240) - errorcheck-mutex-no-elision.patch: Don't do lock elision on an error checking mutex (bsc#956716, BZ #17514) - refactor-nan-parsing.patch: Refactor strtod parsing of NaN payloads (CVE-2014-9761, bsc#962738, BZ #16962) - send-dg-buffer-overflow.patch: Fix getaddrinfo stack-based buffer overflow (CVE-2015-7547, bsc#961721, BZ #18665) - powerpc-lock-elision-race.patch: renamed from 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- Add audit-devel and libcap-devel to BuildRequires, for use by nscd- reinitialize-dl_load_write_lock.patch: Reinitialize dl_load_write_lock on fork (bsc#958315, BZ #19282)- resolv-mem-leak.patch: Fix resource leak in resolver (bsc#955647, BZ #19257) - tzset-tzname.patch: Force rereading TZDEFRULES after it was used to set DST rules only (BZ #19253)- glibc-2.3.90-noversion.diff: use stat64- ld-pointer-guard.patch: Always enable pointer guard (CVE-2015-8777, bsc#950944, BZ #18928)- strcoll-remove-strdiff-opt.patch: Remove incorrect STRDIFF-based optimization (BZ #18589)- iconv-reset-input-buffer.patch: Fix iconv buffer handling with IGNORE error handler (BZ #18830)- new patch [BZ #18743] PowerPC: Fix a race condition when eliding a lock 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- nss-files-long-lines-2.patch: Properly reread entry after failure in nss_files getent function (bsc#945779, BZ #18991)- fnmatch-collating-elements.patch: Fix fnmatch handling of collating elements (BZ #17396, BZ #16976)- opendir-o-directory-check.patch: Fix opendir inverted o_directory_works test - static-dlopen.patch: Static dlopen default library search path fix (bsc#937853)- mntent-blank-line.patch: Fix memory corruption w/blank lines- dont-remove-nodelete-flag.patch: Don't remove DF_1_NODELETE flag from all loaded objects on failed dlopen - openat64-readd-o-largefile.patch: Readd O_LARGEFILE flag for openat64- Update to glibc 2.22 release. * Cache information can be queried via sysconf() function on s390 * A buffer overflow in gethostbyname_r and related functions performing DNS requests has been fixed. (CVE-2015-1781) * The time zone file parser has been made more robust against crafted time zone files * A powerpc and powerpc64 optimization for TLS, similar to TLS descriptors for LD and GD on x86 and x86-64, has been implemented. * Character encoding and ctype tables were updated to Unicode 7.0.0 * Added vector math library named libmvec * A new fmemopen implementation has been added with the goal of POSIX compliance. * The header is deprecated, and will be removed in a future release. * bsc#905313 bsc#920338 bsc#927080 bsc#928723 bsc#931480 bsc#939211 bsc#940195 bsc#940332 bsc#944494 bsc#968787 - Patches from upstream removed * htm-tabort.patch * o-tmpfile.patch * memcpy-chk-non-SSE2.patch * pthread-mutexattr-gettype-kind.patch * powerpc-software-sqrt.patch * static-tls-dtv-limit.patch * threaded-trim-threshold.patch * resolv-nameserver-handling.patch * nss-separate-state-getXXent.patch * aarch64-sigstksz.patch * heap-top-corruption.patch * pthread-join-deadlock.patch- pthread-join-deadlock.patch: Use IE model for static variables in libc.so, libpthread.so and rtld (bsc#930015, BZ #18457)- glibc-nodate.patch: fix verification of timestamp- also filter out -fstack-protector-strong- getaddrinfo-ipv6-sanity.diff: Remove. It breaks services that start before IPv6 is up (bsc#931399) - glibc-2.3.locales.diff.bz2: Remove sh_YU locales, fix currency for en_BE.- Add /usr/include/gnu/lib-names-.*.h to baselibs - pthread-join-deadlock.patch: Don't require rtld lock to store static TLS offset in the DTV (bsc#930015, BZ #18457) - heap-top-corruption.patch: Do not corrupt the top of a threaded heap if top chunk is MINSIZE (BZ #18502)- threaded-trim-threshold.patch: Fix regression in threaded application malloc performance (bsc#915955, BZ #17195)- aarch64-sigstksz.patch: Increase MINSIGSTKSZ and SIGSTKSZ (BZ #16850)- powerpc-software-sqrt.patch: Fix powerpc software sqrt (BZ #17964, BZ [#17967]) - nss-separate-state-getXXent.patch: Separate internal state between getXXent and getXXbyYY NSS calls (CVE-2014-8121, bsc#918187, BZ #18007) - static-tls-dtv-limit.patch: Fix DTV race, assert, DTV_SURPLUS Static TLS limit, and nptl_db garbage (bsc#919678, BZ #17090, BZ #17620, BZ #17621, BZ #17628)- resolv-nameserver-handling.patch: Replace with simpler version with more compatibility- memcpy-chk-non-SSE2.patch: Fix __memcpy_chk on non-SSE2 CPUs (bsc#920084)- resolv-nameserver-handling.patch: Rewrite handling of nameserver configuration in resolver- htm-tabort.patch: Fix TABORT encoding for little endian- Update to glibc 2.21 release. * A new semaphore algorithm has been implemented in generic C code for all machines * Added support for TSX lock elision of pthread mutexes on powerpc32, powerpc64 and powerpc64le * Optimized strcpy, stpcpy, strchrnul and strrchr implementations for AArch64 * i386 memcpy functions optimized with SSE2 unaligned load/store * New locales: tu_IN, bh_IN, raj_IN, ce_RU * The obsolete sigvec function has been removed * CVE-2015-1472 CVE-2015-1473 CVE-2012-3406 CVE-2014-9402 CVE-2014-7817 bsc#864081 bsc#906371 bsc#909053 bsc#910599 bsc#916222 - Patches from upstream removed * ifunc-x86-slow-sse4.patch * pthread-mutex-trylock-elision.patch - o-tmpfile.patch: Fix value of O_TMPFILE for architectures with non-default O_DIRECTORY (BZ #17912)- Update to crypt_blowfish 1.3. * Add support for the $2b$ prefix. - ifunc-x86-slow-sse4.patch: Fix misdetected Slow_SSE4_2 cpu feature bit (BZ #17501)/bin/sh/bin/sh/bin/sh/bin/shunscds390zp36 1641906649 2.31-9.9.12.31-9.9.12.31-9.9.1 0.48nscd.confnscdnscd.pidsocketnscd.servicetmpfiles.dnscd.confnscdrcnscdnscdgrouphostsnetgrouppasswdservices/etc//run//run/nscd//usr/lib/systemd/system//usr/lib//usr/lib/tmpfiles.d//usr/sbin//var/lib//var/lib/nscd/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:22352/SUSE_SLE-15-SP3_Update/6d0ba0570fc507ac3b10ac375b133b0b-glibc.SUSE_SLE-15-SP3_Updatecpioxz5s390x-suse-linux ASCII textdirectorycannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.9.1.s390x/run/nscd/nscd.pid' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.9.1.s390x/run/nscd/socket' (No such file or directory)ELF 64-bit MSB shared object, IBM S/390, version 1 (SYSV), dynamically linked, interpreter /lib/ld64.so.1, BuildID[sha1]=69ac469b0163a40ada3216e347a90b6dd6ae4ea2, for GNU/Linux 3.2.0, strippedcannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.9.1.s390x/var/lib/nscd/group' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.9.1.s390x/var/lib/nscd/hosts' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.9.1.s390x/var/lib/nscd/netgroup' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.9.1.s390x/var/lib/nscd/passwd' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.9.1.s390x/var/lib/nscd/services' (No such file or directory)R RR RRRRR R RRR RRRRRRRRSszH]qutf-8f53503adfcee76263545cee170e9c836a310446fee40f8018bda92de9f194226?p7zXZ !t/;3] crv(vX04N @57$(s\fZIsT 2e.?Q?9zu}?x]m1@ܸ-%w_I+/U9)G/w(hz{X۲#\S^iP(mw.Gca?ԉC]UX\rY镕K!fe&kVطluTH9׫V)nܓ7;ͻ9SPҵ8nڍx&u-҄LI|繟{\6 ǨnZ6Na`/ \D 2q ZhzmCdC0M`y]Oe'nPY _仞T&5bDv,F#-k,WJ07ӽ;/C?T.ÀiU q?@kKIl0@CTZ8D&JiQ9xYlMG|$ɽKn@99,;oi:ןM{nz0ǵWKCQKMߑh~E^.Pە15cFgRn:i 15s^䖥g>#MumK(pXGvw}jB(ث?pMVw5Uo/\-Y~&{ɶ*BezQ`tK3) LR2RuJ5wTI lY1[µwLjUM `f>~O|>X+`JE~CvĞ{x:ۧ8zN,2(*"S\aZ'Q6Qhx`löw(v|g wZd Gb\V5rXD_K3Fq8.^Ђݯ R xT \,-jtf0b3$D$0,"Lրߝ D55{w)uEtBO{t9izs|Փgl]ȱ]Bf<&)SVL: lQ< Zs!Ag3Οf4¬TGLU {*a*g"L8r-;~3me -6=T6 ٞ ʿ8{7'-tj[_ɖ $|ehQϢYzCʂp2m\!GC)RXiU ^6Nv}kŲfr\¦?>|1\؇NB 'z ,')^ǂVv~✪O'pdq#)d0ݵk7D~xK 52I S{âxp,,MvVͺW}אe(KsKln1_ %쯏0ހW WLa}<q.E? ;^Y=j빵TI}yrSs]뜚y]1dblkLyir(#}rP'&)4m˯cqJ(Sj(JA$r&wVL[gN.~}8Z1fB< 1}'.bwh-KHS~0ƝB(Cb^zT* ^к(PƑ|m@co|o+?m&jz?5r(FA%[mML-v2X(S,so.ei^ j_dsT;3]bU4(r OPBg5)R8$Ú6ZEKYеXiN'^z]PS|nwD3Fzl]$]"!Ug)>Dya;meB8~L90fߵ 0ٜ$a3J{Gdrdb`m"C g糋2E;1>+t u1D__Is>[eN&TryTP/AeQU۵nto3N\Qգ5EfsOeFYW4|I?;*cpi:6u)j BFmx))i ߗ`aš7Ӵ}3Q#7k,:0ܴ((ql(0 )Udzġ+ܦr2[p = jzcn=r7j3eQu!vD01֑ 5ap|v֔ƛ2{P솗"Ђ0Y•Ay^ 'M*c}Q%9TqGoDm8z|3,:kXQhlo3ǔAAC޴"NJ6Rj 37 6͓>VbGR}/ap@蓨0;)22k=?GcWG=Iy&πO3HΖD]>nY9Fm (Q)*F"C$H]$:lR3!)yIu) C8AJ۴D62c~jRhhL=LjG!TYRaǵ),&Y-cH69tym~ OƣّtC .s iOWfNwfE-EEw7Rgpž[MхLP^'a x%͛xe2ېFYTd^rTJIoGQB6)!тQ <-|vܧPǝ4ʡ`8H_Vkh%^ע{r~C-l ?Xؐ *' *.V G/c6%fA V–Q6R.*oTiCddrVg$;,<z fSZ֑N ,`:xRb'*/Lة8p#=ϾXӺ>=cE%8fy^EjeDV+K8+sQ 6;.Y/| Zڞnw7i (2E5W|Srn_‹;&|QLsg[9.^<ޏ#oI:EpbaT _oD []9ȶ7Q2L&I-xë)+߸|dlD1D֮w뢇,c EǦ-ןA˞`&mwjn ?Vwqڷ¨bZ ߞ!F%jnEhJ1 ɾ5rIQk찑K2ї)`^ʍ%JјIG?Vr/kH |P[D?ԃ-}vgA2jby9#2w= }ܬĶ-_ڲ05US"n8N '%(O wGd@SghXcrG1p+ QDZkR^eD- 9`2 63FD1HG$S4<Ƶ`nyegX#R6k #g쇢$Z]*zv6%VB4+=HxwvIB`\')|g@'^x9zdYFDR-[IѰݠKh?F,sOh{M fkx'gpvcߩf*CT ^:O{)? z H-Fm']rfVUxBYwr[s? aGPSPq>.^'>2 lJ)2پX*J*~$55YKs2Yy>vxHԡ¢ ̪J52 5IYEe+,NGI-3,Sca}h*~2mdxzHI,V||}hwKE7>fk5 3jm^^q1|_7n6?ς.)/ y4vYG`yN1l\q yHju9"Ϻoe!].K2Ǿ_zfTvް0vT&@,U6DsT& *&Q*^ِ[/js=TJCG TjI\Zy!~YKH %*6EI?W9/'=.!g]4e6b+:mS B8+.!fR-:~5J=+mGspUM^0fĠ: Nvm%izpw(В!2"{a)np ̽F>WL F J|8.'Y:ZK,V I<@GJ䬍1bOg)i<ǫy8 K.jP]j|bpK-91pgg];^(Qஆ" d6ބUDHtM>7Ηa@G)]ߢU:Q/˩5m n&Dl_JMv.]^O**̮x=}>Lw歹479C$_9&da'POUuYp o(._uO|~^q/|o3b˾;~E_.oGΡNA0_ Ut) q+jm $<^Ph$aBaJs)kE/7b`Έy79vi7 9R] B*#jދ>[fX6'7F5H"'sپ%CMP  A Z3` YB+.`v6&[uC\ TC$¯Ч36m[CjXqbctU%2+ς#kК*`.r) 1N$"c< 쏎$xI2 h RYIh_N8wR,zo ~*ݞg.h ~2A1C?a&կΧϳ^54ip.%[=d|{jC)\1n"TJC ?UQi}(m˄Q J&̛KB毘;sy6j ŏܫsQšmE*$inwܓ9 2뿺j5Dea8G'#cH7(n/'L%jÛ"7qxc}:e#B;#xnT D7Clb~,p@qJ4PTAoY=:1x4u16)L8Dé|NaI-Ze1х\ڊ)duߒ00?JWoce1As|7\τϺ,4r\ܠ(-M3"~mo.0"ã@ s9K&"%6roT6-(3y[.̴ZF/}5:*RZJWѪ#(J'HGHZ;W:|t2[/Mmjj5*$I G{9iG[@ .2Վ8%}k:NuƤ1X;T Oދ3S G`?㯠RQ~Q_Wƪ301h3LJ l$VX@N9 /OWf\wn ДBe&_::x^3eꢶ}*/m C7Yc[nGSHY;K^[dS`=+ĺ*T3]%#24M~f#P Qۛ*Y㚬giǁٰ*`!CA{-i$_WbNI*=|*tOAu2QxGIJ9"«X}ѺɖqGM@`PDu}7F$.^fssċ B}ى}Jkf@7VDPO`SyQJrjwO O<)x8~ѯ2Vn#JSIͪ 7E떛S n O?h_>Yāp4R6OIK+SH-A]\ŏa`4 78Kt#>6ŰӚdQ *0RƿvZ "o\c7 8;鏺c=8."M\MI?aiN6W'/c D} `ne<}cPma M b֞O\UO,Ȍe/<^KT\"41wA-Qjh&Y]HO (=ApQݤCxbqcG]Ij2ME9E`ld}_r1 KI[s @"ݞ۪{_sȓ.7gͧ0eYhEsnt^x })I#=gqQP\$[Ay sUu.1:Dsy'fv ڋؔJ>1E6͝ xO i!}4Z\ɩ 6+:Rd8cC@=Sn]ip& 東ЌE38Io-(e1 -yIz?eiɣ0iDJ;WyclK6{VDR@RTn$tNViD_M;ЬEg Fm@7f)S [΂ ,w+L.Sd .<ɇ%* ˾)"% qƨLNιmrp?ÉGC ѨlU+17L7EU\D8Gxk GW նe0R vDl֍=_|bfTQ"\ Usk1Āyv].|TN'wnT9b8JiEvNv%OΰɁ"gď^8] 4 %O̠+5d~*&ժ e`^m K u45;j3 ʰM64A;qY~9J͖@"mq$Ճ 억$N>h3Z0D$Z y:ivah}D˭Y=,CJ9_lle rU!o'αC6D5`PiN3>@dkLgm<7j`T m0⻪kv,@kz^J=3pѕӘ# 4yCU& i|R0W͎—G/ƃ&~ި M-ٲ_}BbFH: [:qah|LnM;5HjCƴ'nƅB5s*Z>(k,׽J !l,b #z t)uz vzk4E7ԕi_r;hFO ITM{fش%9U R'0)mU=p]8p٩;IwЦxVdxkQ :sA6߿GIA<!i!n,L6)X7>Hhe%b)àk i_ ߽SXx<+lSp@`gIp +0وN$!?H%G`% F?o\v! FgZrTeZ9E_x vG7 6M{8ֽ@yT]"鈯C h/cգ"D !i ("'wI2v(F DYaQjpch/?brtfh.cr4}Ry7F(ݓhK =2{Z͒M4 |lo,`ڄ^hvČ /nRuXeorIV84jJ;ޢWd:]NjTTf50*iNW}*>>&ڷTfAƸ) #~+l?,^DUuR@9˜x2mFHoalc!؊d,戋~rZ~ Zxࢾrv,u)qܦ'326(,,zv0vZw0^ϔp5٫rn%Xr&GaG/k3&q`1Z?L!: 3֐(L^jy6*b/Ǫ :Tvw8ϸ١GyKAgsIY:t ^%xLƬ`w BPկ("ACNS',ƤiG"kײLS _ʫlkt MLƏgŁ삚o@mD@$MX*^ΧߔK8bgM:nA8,SD7pEb&>##4!zduiЗ@K& z zBg8隣*<(Ȼ_QxiEh@m 1v5 pcw+Sw62ߐ]ġV%b[ eL"8 P&L(Fv:RHIaKL,A2i0UbWPȀ^^,]7nD ~g'BjF˩5?tb:neGa +V!wMP_S#x88FX^:"҃}l3|U^R3~˶K_6 $oXf'>ʩ -?•BGֿU+=ٛ(2~$ޙUa͈!Rl*G/i=7\%. r67-f{,C0Gn,\;C6a(d(HNk!?]94Xw( MvB5?X>HzL㒟3M<&nOiIv\;YJ8B0fsC<٩v?>m=kh#ۤSWYv.]DsHlryj)+R Zung_0K:|J^  8->e~mDg[@ '@jhxi:DJDt z;+*[giQ{ N0q27E)| *'0*9h^g[Aa-=LQĜHA2dXyO[9l>o{+UIMQ#GVjЅ.Ӹqvi^A'2'htꛌ(XkT:j{)%L*]v5,:#Pd m '0ŋx81$Z& `Q0!a'KX'혆c&1k58j/BF[Ye4Ea Qrs]83"|ࠫIM8GWTR:}: mrĞ^R?:sEϤ3XW[oψl| V<{-E^E12iexИ¥k gͬ,?AVS6kVjT؋|fs{?^*ws&#/yqy.Bsz-H KԖbj}=%pV>}hIՑ^WoZt(Ay|0QUmiR#&ZVY XzlSy `a76 1$ (Q@dƝzi/t ̰MDz^wjP~fsWe38ZFxOa$'[QLWZ 5<קzZ #p4BBJ7cs{-kwva<+)@0_RD5D7cR Rlժ)SZ Ӫ0LMIcP}f@tMi>.Zi:#cp&4=ȧ}~R{IlBrrɪRGGl>^%P,2GAQ!$>ю),X+8jF\R,o}YD5{s!Gz/G"JH1GQΆ~;hH # xiu H7+>ۂA&\SCti.%3om9掀V2=^u_#NS IG-DaN$JE.j=CV`M tD8o34Ll׵nsT4z|lo7I]lHO}&L^ G:7@&[̓H)),fr#R h>O pgzgpvoQ.tJk={{m y>?vV1vImp.I\~\5 Uނ%Ե0!D N, 6 YֽhX3 U@W-)*I1C*UVx= zDH~j|PP>v\}hœI#|( ?9d@?FouH7xȚNvN`MepH1Y<J q \K6TELX?*͌"| .Z1k[&>yE lWL_e7Vl,|o7cZ/m `-2sۍjckbca*awtIM'c8nF&;0!| ګƒ!n<7]5?#pvHm8 n0Z_4 ap͞+dG,HIr=˼3"9m59.QWNh.:!yz3_5󌊨.abk)Cy[Ho^VBngeu|GO`w+AGS/űUi'[a)ʄ3ҵIW/SWƭKx,-ߌBWW+`01؟ 5鲏+%d!W_r@Qd]i5/M:LIr'kfTcL}"ފۑм$Ϫl:3T+z3˘Rv-}ί no\s+xKn.⾍yfy_ zyM#HWkoe c pnjY9|#ޕuC1=a=b8:_.Za0kS\E~OOSߓ; E YHe^_IíſHȤX;4X#P s#c|>:ĺß%ےME{=UX l~C Q;T8[/TYˏd^B⧂*GG&w4yr'3 Mi{ԣHo Jf<긱{m1$] SatZQևH^A9g]KuBa-֛c4om#"tB6\|mG;܈Rn գ~@#žU!+i GP [G{-_@"0 gǤrﰦU^>˼/-#5#Vɚwi^A[k!bV!)ɛ6HʷB3W⑦w>Nǁq?']#k", 2wZX~%P8%HqZTV܂.T#ed-u oSS/Dq%`_龫kgB;¶+Tw U | ú)!q_/:O 0-s>uk;}YFEbϚj&H1ޖg\+؅vTRtJ ;/h`Jp&\TE \AdK,ؒ̂p`:|bakhG=;_B-U|~ZW~HA&rKJQ*1~mBhW *=i-M2!ZA涇@wKgTfs) =am<D~ <Q7o#^Q /K&6@M'Ӫ'᪊:R^hhvdf+D[zɎѯLfe%XSni V! "^^p?Չ VwhC7dE5 ?Y['g P˵ s _B2O,52Oh5at<z<xF 2Cl)D9GoIf<[Fe_gP} Qa(Z6_;yw-mlQvi<#9 MnS?BCv ²M_ PYpcNc;~%)BtVGr:DLEbYT Hԥ*fdNeR^JDZ/1?v$*\Kd!3tKoz'OR ctAR`069zw݊ne^ /wscr?Fq+@X(O! m.->Ct\Exuʛ7Zt_`]i#vJMq4>D#މ%3nH#' pe$&8ݩ M!#:)BMw!9Or-!;"غ  hɎ^/7cϱmh0aez]6Wov/kFnP%v8h/"ofV/p)\%̱2nOs:"y41С%ϓ̽3f 5~Z{ 8{xfO|8 S7ա]\XvZGΐ8 foxfyݏ}TR#)rqL0ENVz jijq`a\ v 7~'{\Hi. yv̺Ȥ*AqǼ_jDuG@@t֗Sͭ:#-zs xI4 Әa/mk/֗RteK)cwhlAbHI_LłN*2ٟpSf jl; >K M6ߴQ] zpRԑ*I5D%]cn"ZOG'i yN^`Ss_%!~)gvdnHY- \3hvzRªd-X\:Ag `+،K_eRvnmGB&+Nϛ̿X"gx=1?'v}Ufoyĸ>j.HjPE+r#3r`Ho kX w0Y50̑ka +L眓HuwHsN Z%)d2؈~GOB9~pE~ 1 )Rߒ+s2\1=> z$ ~Ar;N{f1ܾi~˂f _uw7:G>ʪ;TxD]5faiEWBm/92|ggHӼΌyHJ6rPI[_˪=C]Rga&t _(SXo^Cga}AR/2\:ƌ Y>ztSR+_RIVdA U9qh2;LbJn2ddi?`{Jr-vc-%ɐ"E{0 4_ (^S!O!Wlckз俔*Q{Ju׋ỶH 'Ze4Q.%eEF%-ŖyVr$PuvIO?In &^۫72LPq4[kY:- k>\0Hjښ\Ӯ o7BCԴ?OpT>WN ZŷFzM]HFkv7+ƊD ̎"l9w >/y)!F5}^+wqd<؇+ ~1X0(`NU8,9!pKyH FNkB M[2*n;MZq|SLcا P3}a#4POb?ʫ AZpcZS&^qN axdv( ʸ+NȀt^GlٸWКT6[[y~ ;#XBk\ܳU8D;gP#GOV;m(RKߍ,T\8LJd$qDkv~Yŵ۫B%}S<71OK e]o6C=)m&Vb'F$%,Pvm ڳ87rtYs7mn95`y?+z:I6RN}H1k:m. ϰaQ CG[9eC||>҆/#đ"SfW C|:Li%˶93\hruKX߻ڷnb[8g~8;~Љё^FT||vu׼Kp1| (\8w(*֛NdάC ]Pr斏vXm q.47Xz3Xu D>f(O$ƢE&<6 ن@OEqePz}w0焢\BG7PT!2~ bguY=83@p +Nt]%v~񑽪c_)I\׼2\gЬ(!uPK ]4<|IBQH)28L@zfAHM[6ۦO.tSxNFlH|w~4ܳLp'6'fJcƍ-.d[B3A*x")"?O7C2~XESD^5dVi?6u6vz)E[U^s!J1b [d,PJ_,!5}IN\~"LdQm,gAnLIB 䤾7ZOBesXfgR L^OwYNdZ0\N ~3Ek/bM)ZR{ʷa ڡyD$$Ƈ(j~{|h)ADua%v 2bGB-r)Ӑ;g:`>gF> hI}dxݐft t%WUDdO qMggiLg*:ph.. 囨AZYU__^9 =p KA2Mwolp΃~fN|VE!}o0ɽ\.?c.k?X~im۪>b74 S& EA[nQUVcjNkGlҩ"iS0iVL2;c!t[`yWO7fH  ncQl4fs'"idz:`}%=haŵ,yoY ڙ/Š}F(^R-TȋyKt+gx-*AOzq7?~6>vz;| 20^ IHQ( Te:/v@'[K;tOknߙpeWBVgqԮS7S2E(,A4=m~qqO ;5NR*(FyK !zik\h6e  FIf+Zk}gV53䥼%&2$@ܹgxs;z0舯=9噧j>򄳱;(<'yS@b-rlj>u{RqVN5qتi՘QR? "S<#RBOldcY|$>;69l˥p8Tr[-SRn;WJ5LccMSMPYDrWi*nD/L<חF5@(e6A#0-jQ\N: W0LQYD䚊;{?.H6HlK/]N,$+i3ץmjߡ*;W,sa>|yB&nx-٫w [sGA ̎$iDcGh0ieI3ʹ}dvBZz ѿ9Yŗ]MWL5YNJK?ϺNtЁC^8!^N>9 h\Ҩ;J' iCs[Z\ m> Q2N̼ Z敳--X(L W+ eMR ω&`&v1HRGrhF3i< Rm-rr)5lZ03khšsRݱ`& =y+hމ.\p}a}N~B9)#vV=7'>f(?Jn!5fLaLdÝ1>oa2e-㹋BR],E* c QU*$803;:)a|J0/ eS?DqteZQR+~תޏN<@TD6kcžӳ+BkOҾZ SF+ Gu)Ua9ö\x=O\ Ez%Ŵj8e4jj0+$Ue drTڜ*uDZ;`΃`b@;"DLQxeTyW.=n3*nwUhD6Ft.,᱐ K'b "mC e-; "-}4"d@`%>,}bΎ'u^ WX8ZW kFFbL3XXDA;|1Ƽkp+6b~^_$X=W\ۙ+ 8{nV%pWh@ D7(MFI]=U!8I3Fm/PDuǟajTi\cY3F_bh|&tcG@';2򶹓:mOI!EQu Î9".Ny?s[ŎB6D`@ΥDaû$dg9+b75[ oe؋зpiӶ2%-eV+G3fNmb[%nQ%哣h'0QwZz7j@$yIj lJ 81oJI,aM]%y[\T-'] Ю9E$X,* ڼ|iR1v%`b.4j%L(m_D /x5W_ opccg5=lgSҿC%лk:8xO۝G a / G ijJ'~ #0u2ex3mr V;gǼ:3q?>(UbI&x7uaA$GGZ[` ̵Y&n;Jw2Rb 6ZK+Vbh-AB6/6{".5R#sGPg\.$vS )Jtk%S-b*ޤ HQuЋ gnϜwYػ4 oq `'ꬮQX7ZTT.ֿ-^ >f50[}e7VƺTpo.-PܘŻY4ϴY ,=oՎ O[)B5fsa};mutiϳd05^LnϾ\ikCrqJ)l@&3 Dhki`3=$X(CDH0waQ~|۬so hWI AQ:K> izVJ9P,M3""P4')ү@'˗"LҨWCƻJcTBV #׿XW@ktU/!׀YĠP7LiNY^|>GLIc\’`=#4q ,S hj,>- V!%aan@~@WdzWy(ߪ* A-G]ؤ;W6j\+ށ x TJib7+`6͟k-::a,S˕̹G5u# pD/V^m47ZW}rB}XMG׎bZX\WyշiZzm46X8}Q L+ǧ7+G1?͙kp!/Md؞6]TaakarlqD' \/襤|^mdKvsq0->J #獳MfiY]k%S^C_7aٶGl籍{y$I* VxR<>jZ蟇EPίo7}+1{@#F(#ILE%">h <힚ru}YȺ7`şbwn6faHE_mW *>Yr9%>WcJUQj֨F3b񤑟fRgoS = P _~P޹:7=WDRjonp]냝`H^q 3 yl6M r cǚ 8RNa+~OH1,)3oh i1Wː$<+͆RxKSU~ޒGQÖPYX㞴H6 Yy&y{7͍E߷hCX )sUً[kFTx;EޙVm*ђmuuů>*x+KI~K ~SV+-#tRTa>n)|, ΔpO> 3@5f߫guJq\}$ $Vϐ]ޕ!YS@_ )砏2j5e/z:|:L~;y-l^]T(ªa:KoN.\qZlT۔w/ZX'&Ș+ EYYu7N֗C}iU;.fR&L#JqךsyTe Slu~upγK%߉d CwEn)USfMCd{z)+j9yFORdDAsE][鞨{;PxzD< I; 8>7"{f6@xMƓFhzL~elH0eHڇY8ێ Sv+_>9DKHLWjf43Q' &\xnOlOt+ilK+S($'ZP{c/El2YfFQcYr"E~%,v3Q/;~#Ip(]zXzz;>Mz`dce%E5r8M̬Ze]J81E9_9F'˝=אq3<EL_ etP CI1 cM߻`@tҦq7dZ:ou%ـJh#[`QwPx=tN:ZJʺ vһurm1vKωPCj7N "9їp_qu\ a6-;*X">OO3l,_5zHW@ݔ}vH)ލ1+:PZ껤랱'k5GsjT0wD#j66 ;$`2A*FǷm<ϰfˆE<ΔR9뿪cJӛ[2r!2k[#^7CA c+4',Y 꺖"FaG)k^؝njN[KdԷ) 8U*trܘ.+2 Lny'RU eqqh0>=Ǚ mm nq;:^15y}Sƕ >olUrksu.{.# m*D@O3.-Ox׿bK:˲nź|ΥM"A2](?ղWz7J8ǝUKDQ)/;d_4 SzZIJ35ēt _0߱6Dd4FbqƝ$}UQH/<{3AU*L).֗D#imA֣4 pMbˆ|6p MlY؀E B );?ZgQۄ0epIj7qꡭBJ&z&b"I6k:y!3=rq"`GJZse u]*{gwHέ@:Hjp0"&MR,g-JZCF.)`JXAxbEkQ; 7od 玮e2 ~ #Hoqe mByj!<=軝񕳌/6HAHC6:?0!3dBUU$wa5`Ex5hY@{=[wp @+ {0cvQR'[/V0mpl9ly Aw֚cԭ; ~}fS<ȓHUў|ǂ1e+ ?a_xC R/a'?rvI;_!+ oEƳ62_G۝漥x*5R CQM]d?C1S/DG ߩϻ5;8]dy@f]-M^WབP(ME}?CEF S E9NB Ϲ@֦_QڪMP;CYI"'QL?}i!;dObT-Wnh0pYHVR GsӴNsk dc$;mDw1XIMdp6FGڜKZy- 2U{}4ָYxiܕW<c qКg_[wT{A^?aDu0[k8tˤe;`b7\u=ȞX`xhU0}$;xE2_u!2@8[oTVPH`'SL5Y6Nh&Xz5 W9xVX2/YsXsq|YD(G%!'w(H|h\`M= y51SVwi(DX~ 04F `߰~ڙ?`pL*gY{+ P.*yFF8Ư =B׆AKEcJS!1`6Q5 TH%V=͡8rMۧ_^2rMҠ?Xbwqk:'-ZLd0Q,nuԅ(TAjsr@.vV)ΰγf!e^zGHuMvr+0 N~*zT`2~+ ]|>m_13&S"|*r*D2}H؞9VX~KUu7!\60~+C90Ybb(>$͸G~T]?z֘'@6P{x7sݐևTLr@ҰOzk]yrK9OqoO`qqO,Svr4S^?v@%mгJ#-2X-G4T{h ;^b׻k `W$ W{oȟiP[4@LYuQ[݊PHC(w?Ga2b`Zm$hfm`x^PtwF+/Y3OE= snU!ch x@w PIUm*:犃E<%in/t'KRwS:(!ǛIә "1ʈCJ ʋhطidI9Dw'RZiW* [(ORy5ics(#"=ko/Ξ7H56ǖr>sc vnw1vܻaAԨ $mzС)w.N !W7c-v86wF&[IY>۞1oV 1j]`6(62pP\&Ƀwvc-Y:Ql:jJM_f1pҹEmFPĭgyrk7u^"yդȭR΋ q 2Nd ~iQxH6ށo ֗\TDgyoE@no'ub:9>aOÊMځL4~m|;_jzL(regiOt.c DgnKx9/ELRL-5ӝcꅬC9uͼ4cd<4N#յWE]%Q7 Rs /.O\ok> jӞꛁp']OC01rZYBqx̻]ߣeoLD"$y͕?(7׋=5\jIO8އX ^"BJSc``^O+Px3LoLHk^9삇'gX8^_+R +s^zm 鰯 ߾Nj[]ȪP{e6YrCw*QO%;&KflWj埬~L7H)O.~N>NN|5RnQi2n v12XY3ko"uf9&҄=5i:VgdHUS2e)l!ua/-y)Gc1[¡Rbe UV=f%w{"Ylr1O\99κUΙ` ef>bB|§[r͉U-A_@43"(&L,MKcY&#])J|g mt7D6/GreZr3v%[{}Jm.3GA=G6&8/fy -Vh4WPcmAģyW[U1ϧ?H >< D>x CEo5*`VC윐28 *'++;ړ@~GJ4k3?&[1wU ' `۸} N)ʘQ#]kGR*w^7.u4Z6w;|5%,زZwK+GMt z&BMӞ~.aW;8&PZ{5@}&gE5&X kr}=y~Үz?կ EZ'B|DŽ)cC/4S%j*g:C,U n}~7\i>BKHH-j|YoWY,& bsh`8e9**jbחn&֠ &MOK` 8JYatD^ =~}I~Dt /yX.Nx_Z<*|ךb#3K8k @H*? wٙ}L͚$ Ȕ:J?=4g.;2ai||\^ f@J@*46la}9 6D NEwɒE3Β t`m\6"/6Tk d;`')>uN\*Ug QtYcf3zO <`,aW_vB_̩E>uUobpglLz@b1\_BР^!6Z]}˧μpGY%^@7/4gUFIb߷ce|A[5ߺ:ղUJe痠~6 P<;l&cJ.l-ȏ>c-CxmE٪,~9kKKLB=4/C3廏G!2fy\oU3霘4)]e騔@XlX\G F5__/kх|I_*DmoéHwA $o덭 n,ye8,E&"ó'<vjg7:xJ4/p~٘YLl]L=i s{̖e/}[xGԆ8RWa.y2tNx,Yϑf f3Ml."+}| +$?!tmt W45qq`:S(͋Hנe*oP莨o+syc3-";Vxs.<΃yrG;8L^Lld^tԀ3Wdݐ9fgNలV"TϧsMM>8lKҟ2T}@o" W!.ŤBᄽ|)16)C:=HoNiW(Tx`N ~. 2ry{xZ(kbXȝy$!-+jJ }?^ g]u32tN^ӥ9ž=z/%2އv:cz?Wåwt؁)Pδj-]lqnTiD;e+ۡqs~ "7eo[j~O+ f_Ѯ:t+~sƽ #yEm>egJ1? >YŸ ƵzQ E ^Q+*>Ԧ\g_Hſmsqz\pK&9.T7w#AAtX '-\4W׃;+ E= ~~L5~ F{1&; F}eTP&:nlA =rg]J YpD]xVb^o8lŠurA_CXqEH(I02^hCAX68ÚPi5Txr@Q 7&\Q&ս [ȷ&Hihqfb@?+mZ%[>#n4Pʵ>G{/: ifuAnEgEw"$mSs SK+[S.Mcp ܭ e|*5&p%mZf̺=^fmg+gTa֓lw8cRٖ-{WhMTmcA_ޣ pTU2}$ٿׅ{K45U'#rMW+!RJldzgW 4hCR i.FaIHRwc齝Rq1$oA&iF;ixIX0K̞_-ƽ ig 8YetxYFKdDp -* ɓKVgCf'LpQB*ЪX}N5g8U'a4 f[LnR<Ӷ!5wPf̛YN d 6HT#p^}Y oް}{:rVj@[1<Ƣ&BRʹխS~Qӗjot~b[OYY͓Ϫ]oF126)ІDl XY,f:p(7{m;LtTLZ!7h|VIf|ceZm[2 n|A`Rr /r, T %.#|<7YBL>SS<Ąǻh8ŗ!wPMyGr<:8|#Ez)[Fu/A4қmQ#ܽ9W\Mty6N!x(+ƶo0zVq) qe6ZGS(J\TLvvGҩh(B8HWZ+NɬftasUGM?4yW3O׻-6!ƹ1=__Mrx%kI'q˒`KGM)0cf|#/  iz3C"{=ěx#n Z299V*8 hz.#PKɫ_0~ͷ^Q^Fp_CoEˁ^&Sul*vJ` ݎX|FO (L'z]s:MET4تi睋d(2S[ I-3jُ-0rջg~0ڢt92&2qv#_=keYHhTT1yf#2[g(H;fESTRQE#"~7j5 ڸ&W$8݊u-{SxkYV#cDž.G+i&nу*Jj,ږt sӗW+c}ꘊԶdATR 4XeAHȰpR(z4Jrtt9ڙAXc6E4} ^H$<]p%eo |/$=č}Gʁ qO²*( ᾘejKc9YK|, 3[R,u5٦= S*mT7-7 ;d܁sx(#_t*.3a=y #&%ַ[ܿMQrAdc\l{AM Z\xwأuU3щ5?Q Ӳ%-t،J^3?. ,hZ~V^sHwi;_5n1 ~Ûzs{ 8ͻ1jRR\+A:ڹ]% (pK%AhpzT8Fm9:dAeTa3rc9R Ee[FyXeYI/{JZ1kC#cn*Au~0h\'r|ܛuQw35E3O}.o5 j]IfL]ƌEy:Mޞ4J_]7U'|1ۼ0 Df-=V'rsN6%8ŃCZf82}Xr2b8VҬ@mg J;a%c0RZj$GBDlGfOʾ|3a@3BBC)KN#nQ#Na3C1mKG]6gg<ѾmCZS%ʽXb^,8 QFc=cP[CrilЗZۊE AF30g"]9s_hw8M1 Xdɼv/)n}Eȫp|,*[qE'ޕ)eap%bu0EOdʆ*s_8wISILjNg5(Q9_fLjukmA l{AJ]IcPkHS^g.ws[uVSDɻX9i>e%VFpj\% m>L,tGaIe DeLMzۥL@3"];x5Wĭj招".:h"{57`- {5I}H9yEB̡ej͒G8TL )SWWD S vr(>`u&FbjȌͧ6ZAi308QOz^] KtNgLiGYORUu"Uk.=4Fy5e+Eb`c`k7T8]/gli(s|\eإzB\FAKy:WR:BM&Fz. ]>9J8QLcnݬ T\&;A_Jʜp[y8ÝF"4cq=3G:7Fm\K5 _܂bNE󁙽c[!M˔|⃯ *]%tG $c:"4;"EDZ8\SַqOO.*BM% mn@. VOU0a3x:h=AX}MH=I z妻.u`?W,7w,%$qܪe䯕^mA45 dpy',5xKv4: 0'PR-@2TH`uS `>I3((l54MC0EM,!ݞ(01k.̌qwl0'<1Z(H]fW{]+%לl* 3Ha֝Xoĥ @mAu?KK9)Afz2@E Zpe6}[ 02g)Xbvˍށf'+N ba Ǔ4˱=VdN9s $ڻ+pڪ;jsKLHY) -5-J_{v-tbEPMgO&eFL/C#0bXɋ~˱mxtߟmJ8@f\p0a LZ]7R*݉t!R$OoE\GB; NTyk~$WGfT-rϱ*@sİ9+G1lCe,}M9uh7Z0&/MXʮND$=)Jd,īY\aL7`Ψ/8JG'&OEƯ[ϔ(_iM@d<-~;-^hC9S]UO" ]^pA|:%'1=@U%3A P`$Gm.FE"r%袬}zպndW6kA{d8&n@,?O Ѵ.Gݙc~ƶ)8o||!rͻh蠼/}$>o̔;%:@&C`%cd04grUOtb9);5Oױf+Z"iXEGUFmQ A2%ucjxQe}(/Q% D&6 4dԯ&S)-P./EP$fh(׌Nlzbo3) G"d#RvR jw~IxQ6DÅ*pl4!i[WB[e)wV@ 0.H2,cݺ{ZFoZ 8!~j }zSߨqt8p鮙Zf=L p=jWA " BO7*BusZe# 3yl66!GѾ"bUMile']{bh[o*$gΉ㙉jvXGx!whE'AןɶI/JQUO/mmX4m{^*u4e͓ys3,"9ai%}[ޝH)YW8^ˌqE X z=+tkd,${]6/(@/KV/rBBOqrpZ%U5}Mt{wwV,R --mZgo; V]~2ϡh$&[k$ Ty8-̻rE|UT*>GH~BeKN78xO1d9 : J0dZ݈[ANP; 2ȳ@yz`,SAnFH)B>Sp0cUBF# ~pt ZHVm"c;&.vg dӫY1N]i\7ܑ)m^G JmeJokXEZĆ>U<*vS$lVȨيz㛜BA1Ys@,}P3Rt,w3`W> 2XXF2ެ׆櫗̋MHꃼU3; MV:q%^4?aW*^Xw{ Κ0uvKhv#^XEqi1Qx!(VM_*Q~ h@\jHVN48l~(l*m8aQ $3+^;aj@LbB! %Aq]]oaMgU|h|"P %#i-@a[=PmH*!m'ԙgn'841Ӗc:ǻ'73oqȲXI~\lGӨ@4&odU:DE?;sa7$BE#0xw҂ŀY̖0>+HgvL<<1XX8"H9g!QWûL3va33CmīmYBC)F? /OafIG:߇r.k-)n48w8 6o";*PhS{ ڥt/7U'Yd۬.95h28\L>prьD>8xhFo))<;(RCm~R%<</y[A4]qF O}Q{{ ^ۡWM P e̫N܋:k$ÌCe܊kD32{hkOmg?Ln3@a`/"{TdÅq(xA[@GJAwD8.+Yҍ_XԢu㻿1ЉgӼeWė}nB2["|bpuN٥Em$͏\M\Ӕt{tF#|Nqo3ȣ}2H5̬vsMtG iTNh4OTJV;Xa&0_:F?{/8 &+Zio}ז{6\n^ЃS@%7xeam9-r*Sw q1ZNnǟ=n!Q\(EHS BI{5 t&o2& 'hxA,?Pxe\ZEwȟ(2SMnļSª-v`;g|C K8`5bZ{%CRέ/T ׀J a4'e[s6@̪]@ݵ.%_Yl(eDZ0q/K5{̖ɥH?oA&:С[bΆGǻs dgy\4r$X\6v@F>%|`pJ 񒎥epiv6hdAK(#INPO8vBFVEV8emt|>XD\.kfO oFq3;3tL_9WޖrYq =9uʟڷtgj۸JGr}J>Z m?fqzS^ܙ z/2Jyqn/BC(mx}ĺiUy-v!sT<4',n~6j6M.ewxp eF!ݩ~MX4FI(H̪%ױS'Q Z?WD:~*!gN/cSL)2ڙW?Zq\1oŤym^Hb?Bױ"L]BVu#=b&?]3iI Y:b{C$dKVII\ ˶iKa=Q>7o$TƅԻs祽MP^;>TM\ANꨴnb<ܦ I3O*2»)1+dN BL~6t%bλSo8rE߈cӍR t l[e'N/ јo!EZ 9 <^@ȓ ,p1^FuquD!mиX=v t_(#GLS\ '3%s rQdӦ05Y|2dqyg'陱kAeEr6nv酔"Qx3 'H~Mm}P~iφ7bSM,W۾b/,)فbGORfhIf4 ǢP?[GVU>6% <I\}L&th"NG&VzB/ћbp zB1*&m^VB,F,C.n^iWE@yKY5]&[kXln䎦q*=bfy^s,ߟsv48_ҽP'M.R%mƺWt+Zֱ'B >ƎSZ.hr ւcKa,/!MCxPeJ%qags&_"lQ|5e\xTwI*nyz7T?OA/@0܊$;eƠ=xܷ>SD9dy+g*;ve2ta%y9#*K'KB_-h[/:ˊlwR&t u`xl])FCa+_%}Gzf!tկdwٛ{Ӡ'\E~wDm羋qIRk1$SQ`u1]p\&`݄͊%Hc+4ƸA*wL D*Z"3(q.SsG㐡>\bⲾ2>ġ^4$7a\L&U4&poplބ}FXE4O̢^U.6xjnvUkQǐ*Nz5yဓoM ہx bOQ;3̃b_L2b"5JV7W swfM}nnh*k%[X[OxⅬX&BH R<ͧ!Z@r4A6!ۭ Yi=!kQ& L$˵&IfVȪmNh1ڸQyKt!~|vi3 :.])~@ܝkIt8B9u8k OG#2L[  {6IA<ʭπ'*8^Q=q죀:R?pNӑFon%ŸҤR 4WzDaW \@?cdp>MOE5zi23INm吵@ r<CVCpxw+`ME;צEyOؤcθ-$q3lⴚ- RyjF$#o]!:X_S<94k+.N]gRBIx/ovNk6{sdJwR>MuE $m_OI0eANj 9D@;=C *!cEg>/*^WLn\"a69s^1>}jJk7bU}i*9u~y[t@Y&@ cH{c.P:P\|>sh 0]k"_˘)B}gou҅k5uƗ֤4ӵ\d7XdLIk bG tf#.-{v.O~g\WإR 9b;QVa.9x՝ <dKä($EGB]sɠ/I/Ֆ9j9,Nv `fzG*՛NifV$`@C'E,W&w"F=D|}o "qΞ/Y6m$p6 (˗Ԫ?x, |af, t{И?W,,:kkd M@IP(?$R FF  dXIaQlw}#ux?~M](vygiSlo>?ZۄڳӾ4 ι|F w#5[KeW+$jm ~|chPH 0žYw}LMa{<٨ʈ&@cQ\"Zw0Mt`>h߾ȏ#c_-c.{\Y"z]'ޢW&j/7QaZ`Qonz(v>h|J:']:P;7Bػ04i.3"6aA^S6RaJ_`9IŸMP|w|zӵW[kPZiB5~'d8.) L4 +j={3!s+ߊkb7P.<CiW  5k=HfVwvg3ؕᴱAh}u0g~XP.o8;]PY"EAfeq=-3R0A#jDR'[Eg䪍:O7;\ 6TruJ>#U*wwC&Qrp{-~Y'K,s"k#?-[# ِF YD3՘v`4nEwACIM"L{Nq#|Yzio/+cގ_<5kk*4O*]m(GwwT㐯rGccI?jWg~=Ώg,!{SyPllάF@z8eJ-WaBR}Sbzc#g[R/̀mSq 0@[q:1p eG/dw4H OaT.5::'sxt0QApYx9 >i`=L_*rq)E ϨZK70e-I߭J᝼*`3G薄6*:Wrm1yϹ|M\#CutoGs2fwv~J{S1*_ E? b &e "|l`%ka X|b7 /r#W( G-#"O+Z U*pr6Y^o/)~`umW-E8RM͏䢐{j @oN3Lח3l"V0Y?<5( sۄ[O?V\a"{axv]:S;4O(%t ])^fGsl].z{ힲ4'`/j,HrԪ,LhPfB>N2-XlI$}q"t!t~&({T-BO16lNxQ6]䑗v1WϒeSd|qG ~錃e!{C2Kٲ1MB6j,vt G."K=XSNJ4<=;W>19wZg~kǁ׬L&ɍEoDqƺdg@+&} ͅjxU<@CpZGgt?)G>DzXFIFeݧ] 2:wrPj&釔SҐa)g. BΝ0Res44'*Ǯ<$)jH~$lE C4F.I OrOE*d3%,{g&n7qzl)\"/* 7?; 撙-޹]Eo<f#]Vt)|velm;AShe~!`Ij{OPQ4dOwbܧ M2xɯ{9bR/0kG2B$ЯA[j)&V(1($n sRHPE3]ႽuGWngv S?{/RSm~״==9]QZ)R v_|ifΗ&81@іVEIR[|S4ఇJ=b6.c1~P#BD}4rlw~I0]%oR".0%0bu^.]nU2~rH4s;Ab> L|z?Y x ¿I9J -0ǖ::Q~4+ꎍGy[Jc){<|ǀFB:l0p>^?c{&PXjRUۤ~h> "K%%6 cyM 3{Jڃl48޵ Uy9ю wƚb{;/ީ%:QA;Q$P (_;N^^.'!"{KTcWOJe2`O 8nIwŒx6ˍ SNG#lf:VK/=Mlċ24Rם)wKji%k{@J/bzC^vl[m2՝k|Š2ˋ{I[dW B%.p1j] ̼=#SOkόqV{7~|ظ +RWjE钴ܽ՟- i0O?g%SS\?~2NXdnQ~Rt?:(T<'mF6!'t5EvZe鏯Õ8hk7 CwD}(Srgp]oی՚Ϛ62BUmfM6<0|2 J_rn@\! ]F "yq9!s/}: VYPHG+u%a*>/5 nC׍iA8z")M$O-`0=fT!>4buUbbopW|ȌlJF]5,{B)0x>,G $ӷ}ݓOZeM9e^p*N;ԸZm vCvq*r:Pu~eneo^j ªЮf%GB<ҪßVaM>=WϬ"i>,slh@ #?DgMF{ZxDQePCggXܲk"?K¡)ybyJ;ȴ-HM)MRUC"eYR3kG!Q %GExle h Le|R*/پvt0k:bi!<,q~[Cӷ%fe ^;>oހKL%U;?RxK٦k1M8V)Z {PVpM)3N{'$0}SU }ƊBF/P 9Q睠{RrM.aeRIxJ:##\Ĕչ$Zj$d꯰]i+ack+e ɦlMzHJv^RYwيAdR$wK65)u ̦CZxm  sCnEYp;uS [jtDtt' 5 hGMJ(pEab"W3 #J YZ