nscd-2.31-150300.20.7 >  A b+Zp9|$~=WF+|9M5 9}jl^s?T7 %6;IEFPk{W;.DB}߮6N ?GLVh%l%?NgӠVlq_jK"yoooKd/9؜qDO_oZ:gs&ð? q&ʭmj \ Doɡ~w ,#3mBK.}"5<`=ӡ61gfde9db8f2e2eacc8978d58668f63ca62432e1c40d18f2b53528a7fd37bf1ea664b22702b69bc09925400345037a9efdb7b0eb2d0bԉb+Zp9|i/kUŲO]*M!/iHC8$tG pO wqd()0~mۚ# ؛R^\:@YeTtޤh#%7:Fqu~JqߡL"2xۙ$E1T.jpf[F:ebaϟ!!~JҶ=!TT~ af۔DPЄ?U>03.Oj#->;gჁ5W54 NcOI"ޠaɐF10APOX {<>pI?d   4  CIP ? <   @ O l>`"X"/"(}89: =>?@BFGH<IxXӈYӘZ[\]^ԋ bcէd'e,f/l1uDvր wxy<zۈۘۜۢCnscd2.31150300.20.7Name Service Caching DaemonNscd caches name service lookups and can dramatically improve performance with NIS, NIS+, and LDAP.b+sheep93SUSE Linux Enterprise 15SUSE LLC GPL-2.0-or-laterhttps://www.suse.com/System/Daemonshttp://www.gnu.org/software/libc/libc.htmllinuxx86_64getent group nscd >/dev/null || /usr/sbin/groupadd -r nscd getent passwd nscd >/dev/null || /usr/sbin/useradd -r -g nscd -c "User for nscd" -s /sbin/nologin -d /run/nscd nscd if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : for service in nscd.service ; do sysv_service=${service%.*} if [ ! -e /usr/lib/systemd/system/$service ] && [ ! -e /etc/init.d/$sysv_service ]; then mkdir -p /run/systemd/rpm/needs-preset touch /run/systemd/rpm/needs-preset/$service elif [ -e /etc/init.d/$sysv_service ] && [ ! -e /var/lib/systemd/migrated/$sysv_service ]; then /usr/sbin/systemd-sysv-convert --save $sysv_service || : mkdir -p /run/systemd/rpm/needs-sysv-convert touch /run/systemd/rpm/needs-sysv-convert/$service fi done fi if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$YAST_IS_RUNNING" != "instsys" ]; then /usr/bin/systemctl daemon-reload || : fi for service in nscd.service ; do sysv_service=${service%.*} if [ -e /run/systemd/rpm/needs-preset/$service ]; then /usr/bin/systemctl preset $service || : rm "/run/systemd/rpm/needs-preset/$service" || : elif [ -e /run/systemd/rpm/needs-sysv-convert/$service ]; then /usr/sbin/systemd-sysv-convert --apply $sysv_service || : rm "/run/systemd/rpm/needs-sysv-convert/$service" || : touch /var/lib/systemd/migrated/$sysv_service || : fi done fi [ -z "${TRANSACTIONAL_UPDATE}" -a -x /usr/bin/systemd-tmpfiles ] && /usr/bin/systemd-tmpfiles --create /usr/lib/tmpfiles.d/nscd.conf || : # Previously we had nscd.socket, remove it test -x /usr/bin/systemctl && /usr/bin/systemctl stop nscd.socket 2>/dev/null || : test -x /usr/bin/systemctl && /usr/bin/systemctl disable nscd.socket 2>/dev/null || : # Hard removal in case the above did not work rm -f /etc/systemd/system/sockets.target.wants/nscd.socket exit 0 test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -eq 0 -a -x /usr/bin/systemctl ]; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable nscd.service || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_STOP_ON_REMOVAL" && . /etc/sysconfig/services test "$DISABLE_STOP_ON_REMOVAL" = yes -o \ "$DISABLE_STOP_ON_REMOVAL" = 1 && exit 0 /usr/bin/systemctl stop nscd.service ) || : fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ $1 -eq 0 ]; then # Package removal for service in nscd.service ; do sysv_service="${service%.*}" rm "/var/lib/systemd/migrated/$sysv_service" || : done fi if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi if [ "$FIRST_ARG" -ge 1 ]; then # Package upgrade, not uninstall if [ -x /usr/bin/systemctl ]; then ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services test "$DISABLE_RESTART_ON_UPDATE" = yes -o \ "$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0 /usr/bin/systemctl try-restart nscd.service ) || : fi fi exit 0 uX A큤A큤A큀b+b+b+b+b+b+b+b+b+b+b+b+b+b+b+e2cdfafd373d24fab07018d0e95dd49510ea6c992b7be2b0611ab23bbc2750b579fe74962fbce2fa9b2a4b92f693b2fd42cbc2ed331fae268de7104879a72df879c9cec5dd2414dcb76d11e75903aa6fd9b7785c897cb9f853edcb140a71b7796bcbbda639ce7905a475b0482c5517876ff9cb1e77d8d4eda5b6f9e65ec65ff5/sbin/service@YYYYYYYrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootglibc-2.31-150300.20.7.src.rpmconfig(nscd)glibc:/usr/sbin/nscdnscdnscd(x86-64) @@@@@@@@@@@@@@@@@@@    /bin/sh/bin/sh/bin/sh/bin/shconfig(nscd)glibclibaudit.so.1()(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.10)(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.17)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.2)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.7)(64bit)libc.so.6(GLIBC_2.8)(64bit)libc.so.6(GLIBC_2.9)(64bit)libcap.so.2()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2.5)(64bit)libpthread.so.0(GLIBC_2.3.2)(64bit)libpthread.so.0(GLIBC_2.3.3)(64bit)libselinux.so.1()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)shadowsystemdsystemdsystemdsystemd2.31-150300.20.72.313.0.4-14.6.0-14.0-15.2-14.14.3aa@aZ@a@a@a0`ݮ@`a@`H`H`?z@`@_T__/@_O@^)@^@^{G^g@^`^U @^&^]@]7@]|@]@]:\@\\]@\@\|\~d[[ͻ[$@[t[r@[qr[^[!@[@Z@ZJ@Z2@ZH@ZZ Z}@ZxG@Zp^@Zp^@Ze@ZKt@Z1@Z/Z@Y@Y@YYܶ@YdY@Y@YY@Y@Y@YW@Y@YJYYw2Yp@YJ_YA%@Y.@Y, @Y, @Y$$@Y"XۡX@XWw@W@W@Ws@Wk@Wj}WYZ@WL+@W3W0{WW V@V@V޾Vm@VIV@VŲ@V`VVV@VLh@V.V$@VVZV VUYU|@UAUȒ@UU@UU4@UUv@U%@U/@U:T@TPTgTܕTء@TO@schwab@suse.deschwab@suse.deschwab@suse.degiuliano.belinassi@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.derguenther@suse.comrguenther@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dejslaby@suse.comschwab@suse.deschwab@suse.deschwab@suse.deidonmez@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.denormand@linux.vnet.ibm.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.demeissner@suse.comschwab@suse.deschwab@suse.demgorman@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.de- getcwd-erange.patch: getcwd: Set errno to ERANGE for size == 1 (CVE-2021-3999, bsc#1194640, BZ #28769)- 0001-powerpc-Optimized-strcpy-for-POWER9.patch, 0002-powerpc-Optimized-stpcpy-for-POWER9.patch, 0003-powerpc-Optimized-rawmemchr-for-POWER9.patch, 0004-powerpc64le-add-optimized-strlen-for-P9.patch, 0005-powerpc-fix-ifunc-implementation-list-for-POWER9-str.patch, 0006-powerpc-Add-optimized-strncpy-for-POWER9.patch, 0007-powerpc-Add-optimized-stpncpy-for-POWER9.patch, 0008-powerpc-Add-optimized-ilogb-for-POWER9.patch, 0009-powerpc-Add-optimized-llogb-for-POWER9.patch, 0010-powerpc-Add-optimized-strlen-for-POWER10.patch, 0011-powerpc64le-Optimized-memmove-for-POWER10.patch, 0012-powerpc64le-Optimize-memcpy-for-POWER10.patch, 0013-powerpc64le-Optimize-memset-for-POWER10.patch, 0014-powerpc64le-Fix-ifunc-selection-for-memset-memmove-b.patch, 0015-powerpc-Add-optimized-rawmemchr-for-POWER10.patch: ppc64le ifunc improvements (bsc#1194785, jsc#SLE-18195)- clnt-create-unix-overflow.patch: Buffer overflow in sunrpc clnt_create for "unix" (CVE-2022-23219, bsc#1194768, BZ #22542) - svcunix-create-overflow.patch: Buffer overflow in sunrpc svcunix_create (CVE-2022-23218, bsc#1194770, BZ #28768)- Add support for livepatches (jsc#SLE-20049). - Enable livepatching on x86_64. - Generate ipa-clones tarball artifact when livepatching is enabled.- 0001-s390x-Align-child-stack-while-clone.-BZ-27968.patch, 0002-S390-Optimize-__memcpy_z196.patch, 0003-S390-Optimize-__memset_z196.patch, 0004-S390-Sync-HWCAP-names-with-kernel-by-adding-aliases-.patch, 0005-S390-Add-new-hwcap-values.patch, 0006-S390-Add-PCI_MIO-and-SIE-HWCAPs.patch: [15sp4 FEAT] GNU2007 - GLIBC: Support for new IBM Z Hardware (bsc#1191592, jsc#IBM-869)- mq-notify-use-after-free.patch: Use __pthread_attr_copy in mq_notify (CVE-2021-33574, bsc#1186489, BZ #27896)- wordexp-param-overflow.patch: wordexp: handle overflow in positional parameter number (CVE-2021-35942, bsc#1187911, BZ #28011)- s390-memmove-ifunc-selector-arch13.patch: S390: Also check vector support in memmove ifunc-selector (bsc#1184035, BZ #27511)- Update glibc-2.31-HTM-vzeroupper.diff with a AVX-SSE transition fix.- Add glibc-2.31-HTM-vzeroupper.diff to avoid VZEROUPPER in the AVX2 accelerated string routines which cause HTM transaction aborts. Instead use EVEX or SSE. (bsc#1181403)- nscd-netgroupcache.patch: nscd: Fix double free in netgroupcache (CVE-2021-27645, bsc#1182733, BZ #27462)- gconv-assertion-iso-2022-jp.patch: gconv: Fix assertion failure in ISO-2022-JP-3 module (CVE-2021-3326, bsc#1181505, BZ #27256)- sysvipc-sem-stat-any.patch: sysvipc: Fix SEM_STAT_ANY kernel argument pass (bsc#1180557, BZ #26637)- aarch64-getauxval.patch: aarch64: Accept PLT calls to __getauxval within libc.so (bsc#1167939) - iconv-redundant-shift.patch: iconv: Accept redundant shift sequences in IBM1364 (CVE-2020-27618, bsc#1178386, BZ #26224) - iconv-ucs4-loop-bounds.patch: iconv: Fix incorrect UCS4 inner loop bounds (CVE-2020-29562, bsc#1179694, BZ #26923) - printf-long-double-non-normal.patch: x86: Harden printf against non-normal long double values (CVE-2020-29573, bsc#1179721, BZ #26649) - get-nprocs-cpu-online-parsing.patch: Fix parsing of /sys/devices/system/cpu/online (bsc#1180038, BZ #25859)- power10-support.patch: Add support for POWER10 (jsc#SLE-13520) - iconv-option-parsing.patch: Rewrite iconv option parsing (CVE-2016-10228, bsc#1027496, BZ #19519)- Update to glibc 2.31 - glibc-2.14-crypt.diff, crypt_blowfish-const.patch, crypt_blowfish-1.2-sha.diff, crypt_blowfish-gensalt.patch, crypt_blowfish-1.2-hack_around_arm.diff, glibc-nodate.patch, powerpc-elision-enable-envvar.patch, s390-elision-enable-envvar.patch, crt-nocompress-debug-sections.patch, resolv-context-leak.patch, dl-runtime-resolve-opt-avx512f.patch, libpthread-compat-wrappers.patch, math-c++-compat.patch, remove-nss-nis-compat.patch, eh-frame-zero-terminator.patch, ld-so-hwcap-x86-64.patch, assert-pedantic.patch, getaddrinfo-errno.patch, resolv-conf-oom.patch, dynarray-allocation.patch, nearbyint-inexact.patch, nss-compat.patch, nscd-libnsl.patch, malloc-tcache-leak.patch, falkor-memcpy-memmove.patch, aarch64-cpu-features.patch, nss-files-large-buffers.patch, sysconf-uio-maxiov.patch, glob-tilde-overflow.patch, dl-runtime-resolve-xsave.patch, spawni-assert.patch, x86-64-dl-platform.patch, glob64-s390.patch, tst-tlsopt-powerpc.patch, powerpc-hwcap-bits.patch, malloc-tcache-check-overflow.patch, dl-init-paths-overflow.patch, fillin-rpath-empty-tokens.patch, getcwd-absolute.patch, memalign-overflow.patch, stack-guard-size-accounting.patch, libgcc-rtld-now.patch, res-send-enomem.patch, glibc-fix-avx512-mempcpy.patch, i386-memmove-sse2-unaligned.patch, realpath-ssize-max-overflow.patch, localtime-2039.patch, math-remove-slow-path.patch, aarch64-hwcap-atomics.patch, glibc-fix-aarch64-build.diff, absolute-symbols.patch, x86-haswell-string-flags.patch, pthread-cond-broadcast-waiters-after-spinning.patch, mman-map-sync.patch, mman-linux-map-shared-validate.patch, nptl-setxid-error.patch, pthread-mutex-trylock-barrier.patch, getaddrinfo-parse-ipv4-address.patch, japanese-era-name-may-2019.patch, force-elision-race.patch, regex-read-overrun.patch, regex-parse-reg-exp.patch, 0001-S390-Add-configure-check-to-detect-z10-as-mininum-ar.patch, 0002-S390-Use-hwcap-instead-of-dl_hwcap-in-ifunc-resolver.patch, 0003-S390-Unify-31-64bit-memcpy.patch, 0004-S390-Refactor-memcpy-mempcpy-ifunc-handling.patch, 0005-S390-Remove-s390-specific-implementation-of-bcopy.patch, 0006-S390-Use-memcpy-for-forward-cases-in-memmove.patch, 0007-S390-Add-configure-check-to-detect-z13-as-mininum-ar.patch, 0008-S390-Add-z13-memmove-ifunc-variant.patch, 0009-S390-Add-z13-strstr-ifunc-variant.patch, 0010-S390-Add-z13-memmem-ifunc-variant.patch, 0011-S390-Cleanup-ifunc-resolve.h.patch, 0012-S390-Mark-vx-and-vxe-as-important-hwcap.patch, 0013-S390-Add-new-hwcap-values-for-new-cpu-architecture-a.patch, 0014-S390-Add-configure-check-to-detect-support-for-arch1.patch, 0015-S390-Add-arch13-memmove-ifunc-variant.patch, 0016-S390-Add-arch13-strstr-ifunc-variant.patch, 0017-S390-Add-arch13-memmem-ifunc-variant.patch, prefer-map-32bit-exec.patch, s390-strstr-page-boundary.patch, ppc-tle-htm-nosc.patch, posix-Add-internal-symbols-for-posix_spawn-interface.patch, glibc-2.29-posix-Use-posix_spawn-on-popen.patch, backtrace-powerpc.patch, pthread-rwlock-pwn.patch, manual-memory-protection.patch, ldbl-96-rem-pio2l.patch, dl-sort-maps.patch, dlopen-filter-object.patch, glob-use-after-free.patch, nptl-setxid-race.patch, nscd-senfile.patch, ldd-system-interp.patch, abort-no-flush.patch, fnmatch-collating-elements.patch, nss-files-long-lines-2.patch, iconv-reset-input-buffer.patch, nscd-prune.patch, syslog-locking.patch: Removed. - long-double-alias.patch, glibc-nsswitch-usr.diff, euc-kr-overrun.patch, riscv-syscall-clobber.patch, nscd-gc-cycle.patch: Added.- nscd-senfile.patch: Fix concurrent changes on nscd aware files (bsc#1171878, BZ #23178) - nscd-prune.patch: nscd: bump GC cycle during cache pruning (bsc#1171878, BZ #26130) - syslog-locking.patch: Correct locking and cancellation cleanup in syslog functions (bsc#1172085, BZ #26100)- nptl-setxid-race.patch: nptl: wait for pending setxid request also in detached thread (bsc#1162930, BZ #25942)- glob-use-after-free.patch: Fix use-after-free in glob when expanding ~user (CVE-2020-1752, bsc#1167631, BZ #25414)- dl-sort-maps.patch, dlopen-filter-object.patch: Allow dlopen of filter object to work (bsc#1166106, BZ #16272)- ldbl-96-rem-pio2l.patch: Avoid ldbl-96 stack corruption from range reduction of pseudo-zero (CVE-2020-10029, bsc#1165784, BZ #25487)- pthread-rwlock-pwn.patch: Fix rwlock stall with PREFER_WRITER_NONRECURSIVE_NP (bsc#1164505, BZ #23861) - manual-memory-protection.patch: manual: Document mprotect and introduce section on memory protection (bsc#1163184)- backtrace-powerpc.patch: Fix array overflow in backtrace on PowerPC (CVE-2020-1751, bsc#1158996, BZ #25423)- posix-Add-internal-symbols-for-posix_spawn-interface.patch, glibc-2.29-posix-Use-posix_spawn-on-popen.patch: Use posix_spawn on popen (bsc#1149332, BZ #22834)- ppc-tle-htm-nosc.patch: powerpc: Fix syscalls during early process initialization (SLE-8348, BZ #22685)- s390-strstr-page-boundary.patch: S390: Fix handling of needles crossing a page in strstr z15 ifunc-variant (bsc#1157893, BZ #25226)- prefer-map-32bit-exec.patch: rtld: Check __libc_enable_secure before honoring LD_PREFER_MAP_32BIT_EXEC (CVE-2019-19126, bsc#1157292, BZ [#25204])- GNU1815 - Hardware support in toolchain (bsc#1151582) 0001-S390-Add-configure-check-to-detect-z10-as-mininum-ar.patch 0002-S390-Use-hwcap-instead-of-dl_hwcap-in-ifunc-resolver.patch 0003-S390-Unify-31-64bit-memcpy.patch 0004-S390-Refactor-memcpy-mempcpy-ifunc-handling.patch 0005-S390-Remove-s390-specific-implementation-of-bcopy.patch 0006-S390-Use-memcpy-for-forward-cases-in-memmove.patch 0007-S390-Add-configure-check-to-detect-z13-as-mininum-ar.patch 0008-S390-Add-z13-memmove-ifunc-variant.patch 0009-S390-Add-z13-strstr-ifunc-variant.patch 0010-S390-Add-z13-memmem-ifunc-variant.patch 0011-S390-Cleanup-ifunc-resolve.h.patch 0012-S390-Mark-vx-and-vxe-as-important-hwcap.patch 0013-S390-Add-new-hwcap-values-for-new-cpu-architecture-a.patch 0014-S390-Add-configure-check-to-detect-support-for-arch1.patch 0015-S390-Add-arch13-memmove-ifunc-variant.patch 0016-S390-Add-arch13-strstr-ifunc-variant.patch 0017-S390-Add-arch13-memmem-ifunc-variant.patch- regex-parse-reg-exp.patch: ERE '0|()0|\1|0' causes regexec undefined behavior (CVE-2009-5155, bsc#1127223, BZ #18986) - regex-read-overrun.patch: regex: fix read overrun (CVE-2019-9169, bsc#1127308, BZ #24114)- crt-nocompress-debug-sections.patch: Don't compress debug sections in crt*.o files (bsc#1123710)- ldconfig-concurrency.patch: Avoid concurrency problem in ldconfig (bsc#1117993, BZ #23973)- force-elision-race.patch: Fix race in pthread_mutex_lock while promoting to PTHREAD_MUTEX_ELISION_NP (bsc#1131330, BZ #23275)- japanese-era-name-may-2019.patch: ja_JP locale: Add entry for the new Japanese era (bsc#1100396, BZ #22964)- pthread-mutex-trylock-barrier.patch: pthread_mutex_trylock does not use the correct order of instructions while maintaining the robust mutex list due to missing compiler barriers (bsc#1130045, BZ #24180) - getaddrinfo-parse-ipv4-address.patch: getaddrinfo: Fully parse IPv4 address strings (CVE-2016-10739, bsc#1122729, BZ #20018)- mman-map-sync.patch: Add MAP_SYNC from Linux 4.15 (bsc#1126590) - mman-linux-map-shared-validate.patch: Add MAP_SHARED_VALIDATE from Linux 4.15 (bsc#1126590) - nptl-setxid-error.patch: nptl: Preserve error in setxid thread broadcast in coredumps (bsc#1063675, BZ #22153)- x86-haswell-string-flags.patch: Fix Haswell CPU string flags (bsc#1114984, BZ #23709) - pthread-cond-broadcast-waiters-after-spinning.patch: Fix waiters-after-spinning case (bsc#1114993, BZ #23538)- absolute-symbols.patch: Don't relocate absolute symbols (bsc#1112570, BZ [#19818])- glibc-fix-aarch64-build.diff: Fix build on aarch64 with binutils newer than 2.30.- Add glibc-locale-base subpackage containing only C, C.UTF-8 and en_US.UTF-8 locales (fate#326551)- aarch64-hwcap-atomics.patch: aarch64: add HWCAP_ATOMICS to HWCAP_IMPORTANT (fate#325962)- math-remove-slow-path.patch: Remove slow paths from math routines (fate#325815, fate#325879, fate#325880, fate#325881, fate#325882)- localtime-2039.patch: Fix year 2039 bug for localtime with 64-bit time_t (bsc#1102526, BZ #22639)- i386-memmove-sse2-unaligned.patch: Fix SSE2 memmove issue when crossing 2GB boundary (CVE-2017-18269, bnc#1094150, BZ #22644) - realpath-ssize-max-overflow.patch: Fix overflow in path length computation (CVE-2018-11236, bsc#1094161, BZ #22786) - glibc-fix-avx512-mempcpy.patch: replace with upstream version- Use %license also for COPYING and COPYING.LIB (bsc#1082318)- Add glibc-fix-avx512-mempcpy.patch as quick fix for mempcpy buffer overwrite in memmove-avx512-no-vzeroupper.S for Knights Landing CPUs (CVE-2018-11237, bnc#1094154, bnc#1092877, BZ #23196)- Readd nis to netgroup and automount nss config (bsc#1088860)- res-send-enomem.patch: Fix crash in resolver on memory allocation failure (bsc#1086690, BZ #23005)- Use %license (bsc#1082318)- stack-guard-size-accounting.patch: Fix stack guard size accounting (bsc#1074208, BZ #22637) - libgcc-rtld-now.patch: Open libgcc.so with RTLD_NOW during pthread_cancel (bsc#1074208, BZ #22636)- Mark source0 as nosource in non-main source rpms- Add systemtap-headers to BuildRequires. - Add --enable-systemtap to configure arguments. (fate#324969, bsc#1073636)- memalign-overflow.patch: Fix integer overflows in internal memalign and malloc functions (CVE-2018-6485, CVE-2018-6551, bsc#1079036, BZ #22343, BZ #22774)- fix-locking-in-_IO_cleanup.patch: Skip locked files during exit (bsc#1070491, BZ #15142)- Avoid duplicate source rpm- getcwd-absolute.patch: make getcwd(3) fail if it cannot obtain an absolute path (CVE-2018-1000001, bsc#1074293, BZ #22679)- dl-init-paths-overflow.patch: Count components of the expanded path in _dl_init_path (CVE-2017-1000408, CVE-2017-1000409, bsc#1071319, BZ [#22607], BZ #22627) - fillin-rpath-empty-tokens.patch: Check for empty tokens before dynamic string token expansion (CVE-2017-16997, bsc#1073231, BZ #22625)- tst-tlsopt-powerpc.patch: fix tst-tlsopt-powerpc (bcn#1070419) - powerpc-hwcap-bits.patch: Update HWCAP for powerpc (bnc#1070420) - malloc-tcache-check-overflow.patch: Fix integer overflow in malloc when tcache is enabled (CVE-2017-17426, bnc#1071479, BZ #22375)- Add _multibuild- glob64-s390.patch: no compat glob64 on s390 - noversion.tar.bz2: remove unused source- x86-64-dl-platform.patch: Don't set GLRO(dl_platform) to NULL (BZ #22299)- spawni-assert.patch: Fix improper assert in Linux posix_spawn (BZ [#22273])- math-c++-compat.patch: Add more C++ compatibility (BZ #22296) - malloc-tcache-leak.patch: Fix tcache leak after thread destruction (BZ [#22111]) - falkor-memcpy-memmove.patch: Optimized implementation of memcpy/memmove for Qualcomm Falkor - aarch64-cpu-features.patch: Fix glibc.tune.cpu tunable handling - nss-files-large-buffers.patch: Avoid large buffers with many host addresses (BZ #22078) - sysconf-uio-maxiov.patch: Fix missing definition of UIO_MAXIOV (BZ [#22321]) - glob-tilde-overflow.patch: Fix buffer overflows with GLOB_TILDE (CVE-2017-15670, CVE-2017-15671, CVE-2017-15804, bsc#1064569. bsc#1064580, bsc#1064583, BZ #22320, BZ #22325, BZ #22332) - dl-runtime-resolve-xsave.patch: Use fxsave/xsave/xsavec in _dl_runtime_resolve (BZ #21265)- nscd-libnsl.patch: Remove reference to libnsl from nscd (bsc#1062244)- Drop glibc-obsolete - glibc-2.3.90-noversion.diff: remove - reinitialize-dl_load_write_lock.patch: remove- nss-compat.patch: Move nss_compat from nis to nss subdir and install it unconditionally - nsswitch.conf: switch back to compat for passwd, group, shadow- assert-pedantic.patch: Suppress pedantic warning caused by statement expression (BZ #21242, BZ #21972) - math-c++-compat.patch: Add more C++ compatibility (BZ #22235) - getaddrinfo-errno.patch: Fix errno and h_errno handling in getaddrinfo (BZ #21915, BZ #21922) - resolv-conf-oom.patch: Fix memory handling in OOM situation during resolv.conf parsing (BZ #22095, BZ #22096) - dynarray-allocation.patch: Fix initial size of dynarray allocation and set errno on overflow error - nearbyint-inexact.patch: Avoid spurious inexact in nearbyint (BZ #22225)- math-c++-compat.patch: add more C++ compatibility (BZ #22146)- Remove rpcsvc/yppasswd.* from glibc-devel - ld-so-hwcap-x86-64.patch: add x86_64 to hwcap (bsc#1056606, BZ #22093)- eh-frame-zero-terminator.patch: Properly terminate .eh_frame (BZ #22051)- Disable obsolete libnsl and NIS support - remove-nss-nis-compat.patch: remove nis and compat from default NSS configs - nsswitch.conf: Likewise- math-c++-compat.patch: Do not use __builtin_types_compatible_p in C++ mode (BZ #21930)- Add iconvconfig to baselibs.conf (bsc#1051042)- resolv-context-leak.patch: Fix leaks of resolver contexts - dl-runtime-resolve-opt-avx512f.patch: Use _dl_runtime_resolve_opt only with AVX512F (BZ #21871) - libpthread-compat-wrappers.patch: Don't use IFUNC resolver for longjmp or system in libpthread (BZ #21041)- Update to glibc 2.26 * A per-thread cache has been added to malloc * Unicode 10.0.0 Support * Improvements to the DNS stub resolver * New function reallocarray, which resizes an allocated block (like realloc) to the product of two sizes, with a guaranteed clean failure upon integer overflow in the multiplication * New wrappers for the Linux-specific system calls preadv2 and pwritev2 * posix_spawnattr_setflags now supports the flag POSIX_SPAWN_SETSID, to create a new session ID for the spawned process * errno.h is now safe to use from C-preprocessed assembly language on all supported operating systems * On ia64, powerpc64le, x86-32, and x86-64, the math library now implements 128-bit floating point as defined by ISO/IEC/IEEE 60559:2011 (IEEE 754-2008) and ISO/IEC TS 18661-3:2015 * The synchronization that pthread_spin_unlock performs has been changed to now be equivalent to a C11 atomic store with release memory order to the spin lock's memory location * The DNS stub resolver no longer performs EDNS fallback * res_mkquery and res_nmkquery no longer support the IQUERY opcode * The _res_opcodes variable has been removed from libresolv * no longer includes inline versions of any string functions, as this kind of optimization is better done by the compiler * The nonstandard header has been removed * The obsolete header has been removed * The obsolete signal constant SIGUNUSED is no longer defined by * The obsolete function cfree has been removed * The stack_t type no longer has the name struct sigaltstack * The ucontext_t type no longer has the name struct ucontext * On S/390 GNU/Linux, the constants defined by have been synced with the kernel * Linux kernel 3.2 or later is required at runtime, on all architectures supported by that kernel * The DNS stub resolver limits the advertised UDP buffer size to 1200 bytes, to avoid fragmentation-based spoofing attacks (CVE-2017-12132) * LD_LIBRARY_PATH is now ignored in binaries running in privileged AT_SECURE mode to guard against local privilege escalation attacks (CVE-2017-1000366) * Avoid printing a backtrace from the __stack_chk_fail function since it is called on a corrupt stack and a backtrace is unreliable on a corrupt stack (CVE-2010-3192) * A use-after-free vulnerability in clntudp_call in the Sun RPC system has been fixed (CVE-2017-12133) * fate#322258, fate#321513, fate#322453 - fts-symbol-redirect.patch, glibc-resolv-reload.diff, glibc-2.2-sunrpc.diff, i686-memchr-sse.patch, ld-hwcap-mask-suid.patch, ld-library-path-suid.patch, sunrpc-use-after-free.patch, test-math-vector-sincos-aliasing.patch, tunables-bigendian.patch: Removed- Fix RPM group- s390-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (fate#322271)- ld-hwcap-mask-suid.patch: Ignore and remove LD_HWCAP_MASK for AT_SECURE programs (BZ #21209) - ld-library-path-suid.patch: Completely ignore LD_LIBRARY_PATH for AT_SECURE=1 programs (CVE-2017-1000366, bsc#1039357, BZ #21624)- Remove glibc-cpusetsize.diff, no longer useful- fts-symbol-redirect.patch: Fix symbol redirect for fts_set (bsc#1041123, BZ #21289)- test-math-vector-sincos-aliasing.patch: Fix test-math-vector-sincos.h aliasing- add-locales.patch: renamed from glibc-2.3.locales.diff.bz2, drop en_BE locales (bsc#1039502)- Remove glibc-testsuite.patch, no longer relevant- Use multibuild feature - Remove obsolete check-build.sh - glibc.rpmlintrc: remove obsolete entries - Use %tmpfiles_create in nscd postin- i686-memchr-sse.patch: Fix i686 memchr overflow calculation (bsc#1031021, BZ #21182) - sunrpc-use-after-free.patch: Avoid use-after-free read access in clntudp_call (BZ #21115) - Build testsuite with gdb and python-pexpect to enable more tests- tunables-bigendian.patch: Fix getting tunable values on big-endian (BZ [#21109])- Update to glibc 2.25 * The feature test macro __STDC_WANT_LIB_EXT2__, from ISO/IEC TR 24731-2:2010, is supported to enable declarations of functions from that TR. * The feature test macro __STDC_WANT_IEC_60559_BFP_EXT__, from ISO/IEC TS 18661-1:2014, is supported to enable declarations of functions and macros from that TS. * The feature test macro __STDC_WANT_IEC_60559_FUNCS_EXT__, from ISO/IEC TS 18661-4:2015, is supported to enable declarations of functions and macros from that TS. * The nonstandard feature selection macros _REENTRANT and _THREAD_SAFE are now treated as compatibility synonyms for _POSIX_C_SOURCE=199506L. * The inclusion of by is deprecated. * New features from TS 18661-1:2014 are added to libm: the fesetexcept, fetestexceptflag, fegetmode and fesetmode functions, the femode_t type and the FE_DFL_MODE and FE_SNANS_ALWAYS_SIGNAL macros. * Integer width macros from TS 18661-1:2014 are added to : CHAR_WIDTH, SCHAR_WIDTH, UCHAR_WIDTH, SHRT_WIDTH, USHRT_WIDTH, INT_WIDTH, UINT_WIDTH, LONG_WIDTH, ULONG_WIDTH, LLONG_WIDTH, ULLONG_WIDTH; and to : INT8_WIDTH, UINT8_WIDTH, INT16_WIDTH, UINT16_WIDTH, INT32_WIDTH, UINT32_WIDTH, INT64_WIDTH, UINT64_WIDTH, INT_LEAST8_WIDTH, UINT_LEAST8_WIDTH, INT_LEAST16_WIDTH, UINT_LEAST16_WIDTH, INT_LEAST32_WIDTH, UINT_LEAST32_WIDTH, INT_LEAST64_WIDTH, UINT_LEAST64_WIDTH, INT_FAST8_WIDTH, UINT_FAST8_WIDTH, INT_FAST16_WIDTH, UINT_FAST16_WIDTH, INT_FAST32_WIDTH, UINT_FAST32_WIDTH, INT_FAST64_WIDTH, UINT_FAST64_WIDTH, INTPTR_WIDTH, UINTPTR_WIDTH, INTMAX_WIDTH, UINTMAX_WIDTH, PTRDIFF_WIDTH, SIG_ATOMIC_WIDTH, SIZE_WIDTH, WCHAR_WIDTH, WINT_WIDTH. * New features are added from TS 18661-1:2014: - Signaling NaN macros: SNANF, SNAN, SNANL. - Nearest integer functions: roundeven, roundevenf, roundevenl, fromfp, fromfpf, fromfpl, ufromfp, ufromfpf, ufromfpl, fromfpx, fromfpxf, fromfpxl, ufromfpx, ufromfpxf, ufromfpxl. - llogb functions: the llogb, llogbf and llogbl functions, and the FP_LLOGB0 and FP_LLOGBNAN macros. - Max-min magnitude functions: fmaxmag, fmaxmagf, fmaxmagl, fminmag, fminmagf, fminmagl. - Comparison macros: iseqsig. - Classification macros: iscanonical, issubnormal, iszero. - Total order functions: totalorder, totalorderf, totalorderl, totalordermag, totalordermagf, totalordermagl. - Canonicalize functions: canonicalize, canonicalizef, canonicalizel. - NaN functions: getpayload, getpayloadf, getpayloadl, setpayload, setpayloadf, setpayloadl, setpayloadsig, setpayloadsigf, setpayloadsigl. * The functions strfromd, strfromf, and strfroml, from ISO/IEC TS 18661-1:2014, are added to libc. * Most of glibc can now be built with the stack smashing protector enabled. * The function explicit_bzero, from OpenBSD, has been added to libc. * On ColdFire, MicroBlaze, Nios II and SH3, the float_t type is now defined to float instead of double. * On x86_64, when compiling with -mfpmath=387 or -mfpmath=sse+387, the float_t and double_t types are now defined to long double instead of float and double. * The getentropy and getrandom functions, and the header file have been added. * The buffer size for byte-oriented stdio streams is now limited to 8192 bytes by default. * The header now includes the header. * The malloc_get_state and malloc_set_state functions have been removed. * The “ip6-dotint” and “no-ip6-dotint” resolver options, and the corresponding RES_NOIP6DOTINT flag from have been removed. * The "ip6-bytestring" resolver option and the corresponding RES_USEBSTRING flag from have been removed. * The flags RES_AAONLY, RES_PRIMARY, RES_NOCHECKNAME, RES_KEEPTSIG, RES_BLAST defined in the header file have been deprecated. * The "inet6" option in /etc/resolv.conf and the RES_USE_INET6 flag for _res.flags are deprecated. * DNSSEC-related declarations and definitions have been removed from the header file, and libresolv will no longer attempt to decode the data part of DNSSEC record types. * The resource record type classification macros ns_t_qt_p, ns_t_mrr_p, ns_t_rr_p, ns_t_udp_p, ns_t_xfr_p have been removed from the header file because the distinction between RR types and meta-RR types is not officially standardized, subject to revision, and thus not suitable for encoding in a macro. * The types res_sendhookact, res_send_qhook, re_send_rhook, and the qhook and rhook members of the res_state type in have been removed. * For multi-arch support it is recommended to use a GCC which has been built with support for GNU indirect functions. * GDB pretty printers have been added for mutex and condition variable structures in POSIX Threads. * Tunables feature added to allow tweaking of the runtime for an application program. * A new version of condition variables functions have been implemented in the NPTL implementation of POSIX Threads to provide stronger ordering guarantees. * A new version of pthread_rwlock functions have been implemented to use a more scalable algorithm primarily through not using a critical section anymore to make state changes. * On ARM EABI (32-bit), generating a backtrace for execution contexts which have been created with makecontext could fail to terminate due to a missing .cantunwind annotation. (CVE-2016-6323) * The DNS stub resolver functions would crash due to a NULL pointer dereference when processing a query with a valid DNS question type which was used internally in the implementation. (CVE-2015-5180) - Enable stack protector if part of %optflags - startcontext-cantunwind.patch: Removed - cpuid-assertion.patch: Removed- cpuid-assertion.patch: Don't assert on older Intel CPUs (BZ #20647)- glibc-2.3.3-nscd-db-path.diff: Move persistent nscd databases to /var/lib/nscd - glibc-2.3.90-langpackdir.diff: simplify- Update to glibc 2.24 * The minimum Linux kernel version that this version of the GNU C Library can be used with is 3.2 * The pap_AN locale has been deleted * The readdir_r and readdir64_r functions have been deprecated * The type `union wait' has been removed * A new NSS action is added to facilitate large distributed system administration * The deprecated __malloc_initialize_hook variable has been removed from the API * The long unused localedef --old-style option has been removed * nextupl, nextup, nextupf, nextdownl, nextdown and nextdownf are added to libm * An unnecessary stack copy in _nss_dns_getnetbyname_r was removed (CVE-2016-3075) * Previously, getaddrinfo copied large amounts of address data to the stack, even after the fix for CVE-2013-4458 has been applied, potentially resulting in a stack overflow. getaddrinfo now uses a heap allocation instead (CVE-2016-3706) * The glob function suffered from a stack-based buffer overflow when it was called with the GLOB_ALTDIRFUNC flag and encountered a long file name (CVE-2016-1234) * The Sun RPC UDP client could exhaust all available stack space when flooded with crafted ICMP and UDP messages (CVE-2016-4429) * The IPv6 name server management code in libresolv could result in a memory leak for each thread which is created, performs a failing naming lookup, and exits (CVE-2016-5417) - startcontext-cantunwind.patch: mark __startcontext as .cantunwind (bsc#974800, BZ #20435) - Removed patches: * 0001-Updated-translations-for-2.23.patch * 0002-Regenerate-libc.pot-for-2.23.patch * 0003-Regenerated-configure-scripts.patch * 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch * 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch * 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch * 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch * 0008-Update-NEWS.patch * 0009-sln-use-stat64.patch * 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch * 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch * 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch * 0013-Mention-BZ-19762-in-NEWS.patch * 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch * 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch * 0016-Fix-resource-leak-in-resolver-bug-19257.patch * 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch * 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch * 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch * 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch * 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch * 0022-configure-fix-test-usage.patch * 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch * 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch * 0025-getnameinfo-Do-not-preserve-errno.patch * 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch * 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch * 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch * 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch * 0030-hesiod-Remove-RCS-keywords.patch * 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch * 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch * 0033-malloc-Remove-NO_THREADS.patch * 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch * 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch * 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch * 0037-malloc-Add-missing-internal_function-attributes-on-f.patch * 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch * 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch * 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch * 0041-nss_dns-Check-address-length-before-creating-addrinf.patch * 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch * 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch * 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch * 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch * 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch * 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch * 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch * 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch * 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch * 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch * 0052-Fix-tst-dlsym-error-build.patch * 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch * 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch * 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch * 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch * clntudp-call-alloca.patch * glibc-memset-nontemporal.diff * nis-initgroups-status.patch * nscd-gc-crash.patch * robust-mutex-deadlock.patch * strncat-avoid-array-bounds-warning.patch- strncat-avoid-array-bounds-warning.patch: Avoid array-bounds warning for stncat on i586 (BZ #20260) - Update glibc.keyring - Unset MALLOC_CHECK_ during testsuite run- nsswitch.conf: Add fallback to files for passwd and group to prepare for libnsl removal.- nis-initgroups-status.patch: Return proper status from _nss_nis_initgroups_dyn (bsc#984269, BZ #20262) - robust-mutex-deadlock.patch: Fix generic __lll_robust_timedlock_wait to check for timeout (bsc#985170, BZ #20263)- nscd-gc-crash.patch: Fix nscd assertion failure in gc (bsc#965699, BZ [#19755])- clntudp-call-alloca.patch: do not use alloca in clntudp_call (CVE-2016-4429, bsc#980854, BZ #20112)- Import patches from 2.23 branch 0001-Updated-translations-for-2.23.patch 0002-Regenerate-libc.pot-for-2.23.patch 0003-Regenerated-configure-scripts.patch 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch 0008-Update-NEWS.patch 0009-sln-use-stat64.patch 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch 0013-Mention-BZ-19762-in-NEWS.patch 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch 0016-Fix-resource-leak-in-resolver-bug-19257.patch 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch 0022-configure-fix-test-usage.patch 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch 0025-getnameinfo-Do-not-preserve-errno.patch 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch 0030-hesiod-Remove-RCS-keywords.patch 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch 0033-malloc-Remove-NO_THREADS.patch 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch 0037-malloc-Add-missing-internal_function-attributes-on-f.patch 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch 0041-nss_dns-Check-address-length-before-creating-addrinf.patch 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch 0052-Fix-tst-dlsym-error-build.patch 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch - CVE-2016-3075 CVE-2016-1234 CVE-2016-3706 bsc#973164 bsc#969727 - resolv-mem-leak.patch: renamed to 0016-Fix-resource-leak-in-resolver-bug-19257.patch - no-long-double.patch: renamed to 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch - glibc-gcc6.patch: renamed to 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch- glibc-c-utf8-locale.patch: fix bad standard in LC_IDENTIFICATION categories - glibc-2.3.locales.diff.bz2: likewise- glibc-gcc6.patch: Suppress GCC 6 warning about ambiguous 'else' with - Wparentheses- Add compatibility symlinks for LSB 3.0 (fate#318933)- powerpc-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (bsc#967594, fate#318236)- ldd-system-interp.patch: Restore warning about execution permission, it is still needed for noexec mounts (bsc#915985)- Add C.UTF-8 locale (see https://sourceware.org/glibc/wiki/Proposals/C.UTF-8) and rh#902094 . Added with glibc-c-utf8-locale.patch. - Add glibc-disable-gettext-for-c-utf8.patch to disable gettext for C.UTF-8 same as C locale.- Move %install_info_delete to %preun - crypt_blowfish-1.3.tar.gz.sign: Remove, the sign key is no longer acceptable- no-long-double.patch: Don't use long double functions if NO_LONG_DOUBLE- Update to glibc 2.23 release. * Unicode 8.0.0 Support * sched_setaffinity, pthread_setaffinity_np no longer attempt to guess the kernel-internal CPU set size * The fts.h header can now be used with -D_FILE_OFFSET_BITS=64 * getaddrinfo now detects certain invalid responses on an internal netlink socket * A defect in the malloc implementation, present since glibc 2.15 (2012) or glibc 2.10 via --enable-experimental-malloc (2009), could result in the unnecessary serialization of memory allocation requests across threads * The obsolete header has been removed * The obsolete functions bdflush, create_module, get_kernel_syms, query_module and uselib are no longer available to newly linked binaries * Optimized string, wcsmbs and memory functions for IBM z13. * Newly linked programs that define a variable called signgam will no longer have it set by the lgamma, lgammaf and lgammal functions - Removed patches: * dont-remove-nodelete-flag.patch * openat64-readd-o-largefile.patch * mntent-blank-line.patch * opendir-o-directory-check.patch * strcoll-remove-strdiff-opt.patch * ld-pointer-guard.patch * tls-dtor-list-mangling.patch * powerpc-lock-elision-race.patch * prelink-elf-rtype-class.patch * vector-finite-math-aliases.patch * powerpc-elision-adapt-param.patch * catopen-unbound-alloca.patch * strftime-range-check.patch * hcreate-overflow-check.patch * errorcheck-mutex-no-elision.patch * refactor-nan-parsing.patch * send-dg-buffer-overflow.patch * isinf-cxx11-conflict.patch * ibm93x-redundant-shift-si.patch * iconv-reset-input-buffer.patch * tzset-tzname.patch * static-dlopen.patch- isinf-cxx11-conflict.patch: Fix isinf/isnan declaration conflict with C++11 (bsc#963700, BZ #19439)- tls-dtor-list-mangling.patch: Harden tls_dtor_list with pointer mangling (BZ #19018) - prelink-elf-rtype-class.patch: Keep only ELF_RTYPE_CLASS_{PLT|COPY} bits for prelink (BZ #19178) - vector-finite-math-aliases.patch: Better workaround for aliases of * _finite symbols in vector math library (BZ# 19058) - powerpc-elision-adapt-param.patch: powerpc: Fix usage of elision transient failure adapt param (BZ #19174) - catopen-unbound-alloca.patch: Fix unbound alloca in catopen (CVE-2015-8779, bsc#962739, BZ #17905) - strftime-range-check.patch: Add range check on time fields (CVE-2015-8776, bsc#962736, BZ #18985) - hcreate-overflow-check.patch: Handle overflow in hcreate (CVE-2015-8778, bsc#962737, BZ #18240) - errorcheck-mutex-no-elision.patch: Don't do lock elision on an error checking mutex (bsc#956716, BZ #17514) - refactor-nan-parsing.patch: Refactor strtod parsing of NaN payloads (CVE-2014-9761, bsc#962738, BZ #16962) - send-dg-buffer-overflow.patch: Fix getaddrinfo stack-based buffer overflow (CVE-2015-7547, bsc#961721, BZ #18665) - powerpc-lock-elision-race.patch: renamed from 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- Add audit-devel and libcap-devel to BuildRequires, for use by nscd- reinitialize-dl_load_write_lock.patch: Reinitialize dl_load_write_lock on fork (bsc#958315, BZ #19282)- resolv-mem-leak.patch: Fix resource leak in resolver (bsc#955647, BZ #19257) - tzset-tzname.patch: Force rereading TZDEFRULES after it was used to set DST rules only (BZ #19253)- glibc-2.3.90-noversion.diff: use stat64- ld-pointer-guard.patch: Always enable pointer guard (CVE-2015-8777, bsc#950944, BZ #18928)- strcoll-remove-strdiff-opt.patch: Remove incorrect STRDIFF-based optimization (BZ #18589)- iconv-reset-input-buffer.patch: Fix iconv buffer handling with IGNORE error handler (BZ #18830)- new patch [BZ #18743] PowerPC: Fix a race condition when eliding a lock 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- nss-files-long-lines-2.patch: Properly reread entry after failure in nss_files getent function (bsc#945779, BZ #18991)- fnmatch-collating-elements.patch: Fix fnmatch handling of collating elements (BZ #17396, BZ #16976)- opendir-o-directory-check.patch: Fix opendir inverted o_directory_works test - static-dlopen.patch: Static dlopen default library search path fix (bsc#937853)- mntent-blank-line.patch: Fix memory corruption w/blank lines- dont-remove-nodelete-flag.patch: Don't remove DF_1_NODELETE flag from all loaded objects on failed dlopen - openat64-readd-o-largefile.patch: Readd O_LARGEFILE flag for openat64- Update to glibc 2.22 release. * Cache information can be queried via sysconf() function on s390 * A buffer overflow in gethostbyname_r and related functions performing DNS requests has been fixed. (CVE-2015-1781) * The time zone file parser has been made more robust against crafted time zone files * A powerpc and powerpc64 optimization for TLS, similar to TLS descriptors for LD and GD on x86 and x86-64, has been implemented. * Character encoding and ctype tables were updated to Unicode 7.0.0 * Added vector math library named libmvec * A new fmemopen implementation has been added with the goal of POSIX compliance. * The header is deprecated, and will be removed in a future release. * bsc#905313 bsc#920338 bsc#927080 bsc#928723 bsc#931480 bsc#939211 bsc#940195 bsc#940332 bsc#944494 bsc#968787 - Patches from upstream removed * htm-tabort.patch * o-tmpfile.patch * memcpy-chk-non-SSE2.patch * pthread-mutexattr-gettype-kind.patch * powerpc-software-sqrt.patch * static-tls-dtv-limit.patch * threaded-trim-threshold.patch * resolv-nameserver-handling.patch * nss-separate-state-getXXent.patch * aarch64-sigstksz.patch * heap-top-corruption.patch * pthread-join-deadlock.patch- pthread-join-deadlock.patch: Use IE model for static variables in libc.so, libpthread.so and rtld (bsc#930015, BZ #18457)- glibc-nodate.patch: fix verification of timestamp- also filter out -fstack-protector-strong- getaddrinfo-ipv6-sanity.diff: Remove. It breaks services that start before IPv6 is up (bsc#931399) - glibc-2.3.locales.diff.bz2: Remove sh_YU locales, fix currency for en_BE.- Add /usr/include/gnu/lib-names-.*.h to baselibs - pthread-join-deadlock.patch: Don't require rtld lock to store static TLS offset in the DTV (bsc#930015, BZ #18457) - heap-top-corruption.patch: Do not corrupt the top of a threaded heap if top chunk is MINSIZE (BZ #18502)- threaded-trim-threshold.patch: Fix regression in threaded application malloc performance (bsc#915955, BZ #17195)- aarch64-sigstksz.patch: Increase MINSIGSTKSZ and SIGSTKSZ (BZ #16850)- powerpc-software-sqrt.patch: Fix powerpc software sqrt (BZ #17964, BZ [#17967]) - nss-separate-state-getXXent.patch: Separate internal state between getXXent and getXXbyYY NSS calls (CVE-2014-8121, bsc#918187, BZ #18007) - static-tls-dtv-limit.patch: Fix DTV race, assert, DTV_SURPLUS Static TLS limit, and nptl_db garbage (bsc#919678, BZ #17090, BZ #17620, BZ #17621, BZ #17628)- resolv-nameserver-handling.patch: Replace with simpler version with more compatibility- memcpy-chk-non-SSE2.patch: Fix __memcpy_chk on non-SSE2 CPUs (bsc#920084)- resolv-nameserver-handling.patch: Rewrite handling of nameserver configuration in resolver- htm-tabort.patch: Fix TABORT encoding for little endian- Update to glibc 2.21 release. * A new semaphore algorithm has been implemented in generic C code for all machines * Added support for TSX lock elision of pthread mutexes on powerpc32, powerpc64 and powerpc64le * Optimized strcpy, stpcpy, strchrnul and strrchr implementations for AArch64 * i386 memcpy functions optimized with SSE2 unaligned load/store * New locales: tu_IN, bh_IN, raj_IN, ce_RU * The obsolete sigvec function has been removed * CVE-2015-1472 CVE-2015-1473 CVE-2012-3406 CVE-2014-9402 CVE-2014-7817 bsc#864081 bsc#906371 bsc#909053 bsc#910599 bsc#916222 - Patches from upstream removed * ifunc-x86-slow-sse4.patch * pthread-mutex-trylock-elision.patch - o-tmpfile.patch: Fix value of O_TMPFILE for architectures with non-default O_DIRECTORY (BZ #17912)- Update to crypt_blowfish 1.3. * Add support for the $2b$ prefix. - ifunc-x86-slow-sse4.patch: Fix misdetected Slow_SSE4_2 cpu feature bit (BZ #17501)/bin/sh/bin/sh/bin/sh/bin/shunscdsheep93 1646990843 2.31-150300.20.72.31-150300.20.72.31-150300.20.7 0.48nscd.confnscdnscd.pidsocketnscd.servicetmpfiles.dnscd.confnscdrcnscdnscdgrouphostsnetgrouppasswdservices/etc//run//run/nscd//usr/lib/systemd/system//usr/lib//usr/lib/tmpfiles.d//usr/sbin//var/lib//var/lib/nscd/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:23165/SUSE_SLE-15-SP3_Update/abcdb2b52b9e2c5dca0320527f5f154a-glibc.SUSE_SLE-15-SP3_Updatecpioxz5x86_64-suse-linux ASCII textdirectorycannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-150300.20.7.x86_64/run/nscd/nscd.pid' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-150300.20.7.x86_64/run/nscd/socket' (No such file or directory)ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=a8c739dc2e3e37e10a0cc9b11bc4cc50dfcc1f52, for GNU/Linux 3.2.0, strippedcannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-150300.20.7.x86_64/var/lib/nscd/group' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-150300.20.7.x86_64/var/lib/nscd/hosts' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-150300.20.7.x86_64/var/lib/nscd/netgroup' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-150300.20.7.x86_64/var/lib/nscd/passwd' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-150300.20.7.x86_64/var/lib/nscd/services' (No such file or directory)RRRR RR RR RR RRRR RRRRRgLiBdٛutf-85136fc753fa790887aec7b06b351c9fc118c3d07d525a0cafa1baae97fe2f5a0?p7zXZ !t/|] crv(vX0 8=) 2;g &%TUݢ8f8}C~10KCvr(zᨈ1SsWSix)ݮC!21ڬ6̟S&Ӣkbj>>M6Tj/=#6of':EQj=yPo:ֹ"2E |t}8H`x1`[tWIBV"#"YuЛ1ίjglVO ?ѻ ԨQo+gARv3<2Jy8R#C"M~VdCZ U. l4omn !yPPө#sZfL5~۵eph>K܁[d%0Xbo'8s>N+ũ8ˮ\W}v oBq?leLPaM 6y? ̈i`BzFi|y`NpM~ .o6>ܚ-;*lnJY6QʀfI6v]Wn곜Rxea2a/E(WGƺӎcj( |GiC[@*5Ykq ^5.qXF] geDI61b|N96 ݐѿEo]/-cn lOcV`<~UZs.`a0Z} .=tN24I|瑷-Ut܊T1m@)ӛ]}qh`[bmFᅨ;%GaS٣ґV~>փg *K~ߑq(-]SWȔaĂd1H ({B6: MkHV`d2m;@ݗUbD([pIG'H ka\.ޭȜ@~5UA%~HYxY`GsOQ'ަ[hQd^c)ܮp O@D'p=c%2Q\cAVE3dCu]Y[|eH'* 渻!p {״&T߽_YDKt`Os]B1"O9K'PrId&8p3LޟHi;KM Eڇ\/Ȓ4u 3u"ǩeюd}%+$3%)k%uSe '}*s[_I*UPO[a ‘M#R^="cm\JƵo}ɉ 𫃗aMB|R:*w=mjT"E'Gp 9&\M $jI勾/ٞwF#&Xru$\",5ik";!8YE>'f,1RpZkWWHώ)n G=i^Ѩ*;¢1V|tQaH'{MA~tFD MJN]J $F4H{=c\p^Ԇf0=t&,nxـ Ѝ}˘`&3ʶLdiѻ{EjT9!ս'xLIAB2A#3e,Nqŭ/m:F|![/R M5Gn?+ rm|=x7g8[dץ?!呵%2'd,5|HqXtF' ~ԓƻ -$ \@%ޓŇcN-O )}9kha y~Ұ0pk{$ȏj3&?9**a};JuNbj8e[UC %F$U"I1Lk>O ΖiI-'<˗(P{Cot И5' **b ڔ> DasvY;ng.n cd_ 3[4*{xSY'C3/" u"}iMSN+JqLYij(ӒqVJȜR Y!DЉH]IIr*6,J5CSi\qP"_q{es'sMZͤӋD ]K=HRk泶8!^͡~A*p@ۅ.Mwbʻx e&NGfhUne{8>M6 @dhOXA W<h5cvU 1/uj {+&qcYweM%k]Cm]FARIՑ~!0^Vnj;I EA.fӎ!=G[ស?x{4$i~uHZ'Vܓ)^}YIF逕,怀!&vg[-e_ D53rlydn-¿jFgo7 !xݺsdX;mIz^3wH/?N"4Q23ttG|beլL{cw5DN2< cV1M+(2wS!naua݆3w|K]ZnxG~HT6J9z40Ť)] RB0L\fyq-$(Oj716m/DhhM-."h7zS ̙#W(L<m 1{dro̫~\ghu`s<}gmȶĶ|ϐü?;t7Z/ߟP9L sl}91M4î3@iwPZ #~zlckM~H/ɿ i((b񅥳t')y%js#GAnq]@s3B9 x#B st54 O^ jy$V^a<.{cRc@K5&3WZg/w"zkl407h{":2[B @&.?z~%ܨ)3?=pk_U7'#!0j1 㕡3~( ]={FMpنWrӿnjN#1ݍu/.nf2[Nr#G^Ag\5HA4>ge" ùiD>&)eCD)'Dg Gl[篽:?T>60V-hMYD-9zFtV> -KP߁/"\߬ZH`2ݿT5(?^o|X=R Ax`D rYn|,낾uIOGp"n5gWU1nܙd9I?.b0`UQ<`KQ6u0Z7eժr貑I):iaܩ5W[0t@:ǖaUlZ ݴo*,vO-PQa )Q/J+SW"!ˬ9!``]>r9Jo}ʚu*B窽8H:V އq hBq /i{ұǪv{pEC+1Ⱦc{X:lzd(^?EeدbVSqi2,{5)LTn|`ڐ4Ru{.?j]Tݕ^]-߅z6Y`M}Sc>^ >Mp̦Nɩe.In~lްJ&EQ/d;'u=Ǔf٘Z.ؓ53$FN%"~^9H^8;C;)RGNb`>h`( WQ 5Wgk'zT,b~?Od[û>eK=#K=AIZl1&vͲh$eg ;f03B{ MA3j}^ ?`Ǽ_;7ۧXy߄Ph)V*"ZŬsߎ?mD4 ~8O8[QuѼ#4B{`pY 0_,b;\c67 "`~QQJxCkVN,o$FSZE`eZ:oU/i?]ODeGEr(Χٓ!sH1FQ5d"shxO ~ ج=(۰HGGNw|M!+[>dL+ #]b'f^7Ƚf"233xS[.qsD p @3j+EX@rRyc7u\>=/%٤ނ%/.3?htCY5s6e'rjqrk%!)WgAxv+̺Wee\98"qa{2?]Ҩ,ڽQ͚ɏ7wBE/aXl98yY&TBDx%909ʅ}+hs<HJ/ҳ钵0 = | XȮEJ@'RN(^y-7UܕR="-1R IsEh_P dCr_Y)߶vƲmrʳ`.q|q+h?0쨄(EOƏ@|VPYzO}lQV}n/e9m|1 7Է5KmoFryk*Tȓ, "ob$N QZiaz~F,4 Jrf+x4\7șJ +8Xt$tKAF Zk"X_atw)J]`+u B`ؒl}x?2re{֊gI͝yg@8B{1#Xqjʯ^ [}&48j]=Y-ƿpX.p6Z;&NYzxEIrħ%MMz&J*\:W 2Iu䫐Js )7HLD0sYzC:gy0`K n=BI}jxP}3 m'ByS.0轻sM֘'ضSxcu[̐*cjO*0[p5@= qqO P0qݗ+I`0D5v,gGY ]PfڜKS&r:R`@~Ý44zsMOk]>hYns-,;I(iL;$jI#oꈘFe4`=,:=G$?$Lp CׯʹEJ+v lTX>xfozZ7_+w(̏ *fm6dk;_o>GI/#<[gҧ>_)jز[M$%N0@m!_ (GD|K,)?0Q\o Rۃ%RU'ͣH|tB=,p4|# 1{c[CZe5S[}:g_ŬD4’/ (lj*l$k!c'X@b8Yw0xr=3Έt'bTaA(SBo_LMĕeKb޲U-͂H@$n>7ψF3MEQ /-)ӡU{ QäMM*XT8(9F9sTϮ0RM_C]k ~u_9J+(xz;S3rjTH#;'po<) 4!|?H _TU5ee$| (zmWsdw~JuD1gi_z.R_8.G:fudT U>u2>󱸐|7 MYoYa1i=i3nȚaj#TZQ u׼]?;OW8[VOGQƑ@v4=-lɠfg+pHo!7yDT :@#:zp[_?I7ͱ@eӅF5$ Kyl(ځNnE%'E"DDE JM\,([5"m)b'e>tw㟵=k5 ZzfL*`?#-GhQk46h-*g=ߛtL̃E<0Fτܿl|^Z1Ur lHp+~V|LpH#lsSnxq]єd?LԜcb7_5\{- (R)t e(n %?`:*Jlxr؈vGsEuk/`d,r_.[@b* ٿ2u  z-ĕnm(o6d #HIn0GSCs~Jek wtW{B%:ą6z?w3:ܡ\ 4@2^iD(c( \|'-a"rqX|ߺ N%p$RIIƬ?M<8l*&Sa.9L 5?G R`e߈s/dySJqz]"['7ã QmhOy7ۼԆ?|H&۸ctՋW( *Ő9?/ 3Hdנ@KH Y6=D%.1hGP!$zJttw8iN4iSc|y?vV΂6 --Yo(OHTn&ZTTT,U>Y͵U6)5vM z"Hg^,ˢmמ[Nv䛋)=[DY&: >Biz-ɈIw_:E=P0'm6wTGЅ0.P$`>Tl(uuѬq/@tևqnUn7&227m(( /v(RȺīwN̵Yn"XW꣟O1 tw\w}ԖQ\F#<J< ?آKom)r]"{'|??$f!irTڒg!h(Bt1XݰxE}JsHw4jٌnnej$Uh n(|)JL7?\fp\r 9QlQh(a$O܀*Dޠ! 5$Ȭ vzQN)sO(y?eh уMj*4xcJg$3/4xYkITdv-{VRdpg3GR3 M\5)F^k}13E8̄OJU͋ hHni tI{H<˒b gPCxKeL9e`t2zQ%\0 tQ.3g$scLKy?Ÿ'}>}/RF4 ךd$ +> qjyuʬ?1sF/n *6|0?U6b;!LZ@D;6KdJl%I9'>$+^{MSĥJϵ=CW ʭg?M\ž4f;|dRy0:k* B)rTiس)WџL<1rsA 8RDS.il^:qM1E`I^JYQf2);6;hEAt/p֪Ђ,5# Q%HcKGe2V=笹1@5t18HM#HSjpKgSJ7qWtnCHrw*O2mXY!AwJ5@L= *OO5.C۟w? jdCӉ54"8$j^[Cts~ډr|JÚۙV"h;I,,;1؜r3K9Scdecp7Q!}!"{5};z,Vm;3u ?{BF7-k9lO:>o&)/`F;YU &xWA mÐZ` 9@S)҉De<)I] Z[ %,FoWP`%P͒.x~_sT$='纾 Г3&I*$\# =f]!50+*w<۬U3陵8<՞vW6%å)RHV"\6sp4|e.%==k-6nkWoJNm2<`KG1[JTFL> ,j]#Mhr?r훛Hhֱw;Sk [&C =GZ'_uazҞ! ۾2OD+s|z}?Áfhɉ1 7Hr;ۭ j `?}% Px2vКy7Z+e`/=$td!O"aX İK酉5l=^{GBsKym"?n{fkQ\KOK^LG0*AEՔ6IZx cJ]^1d B4 ;>݈XiTr*S.gv< / kvmtmOlIםN~|`u 8 IUL湮ײu{G#/MXJJsDsI:&'U1;}eo(F;vK=?[N3jLĂ$+fG<x },|&,ۦ?ϳ4sHtK`5*::ZؐҹVJ|=O`/n%ИajA{oyu^5Anh6-^I>Ǫ5%r)V> Mn,aHU2b3~C K~{R30xC$Un|m <xqmN8;WA!I|{ÙAlDEf{该+$'N-+.˔> !S#@ZJm/s(cʠ8(F &+_~bfN*I(X5s 89ɪ),y@;gq @ҰC`2-0'C~CdNִ-GY2|D7+-j6!uίi m8jz%s݌ѻ$rQX3d然ϝd[X ;FR_(zOƮI=t4-,jAH~ד{0i.nTL۱ȥ+1z+k/n4EhUii@帥b .$/|}J߇bW|{ -|mYuebq\Z_P۱Lx GIAhHCQR 5"gf$nMuߜ+8wΔaFeehs|[Ӡsa[#b)(ߦ]X4 tZˇ=jp{8W0a;=! 6iI.AɄ PW^XJ\0 SZʁjK \NhN(vt:ܸYؚe)'ҒLז wx[뜈zfc][}'ҜFIz|頂dC#~?% s=qY|-pR4!MmFwŞ!.0Dw{3(OB'Fc[] X6{/{'MibM!/'*]g0oH)A&MLg"{\ygHnd}EIF'Е jF?xH;~nQ5j^|Gz$]71d^"QI1v ; tVCȯd| Lo63p!as2Ջa| i@}/me B lց|K9͖yU93ENIDo6.|:~#ן9fmz'/A`u>QI?)ۖfQ \R˦ US!9MD܅ң2g9Όd %Ҏ }Λ%m@k?Ku#JکM]ƫh"y(0paכ)jo&Bؤn cq h`Ne/{r(az* vT}~ʡϊg-NnĶs#OO^6B%7ݶ`Lb};%tF2߆ kjtTJUWynoƢJ z8w]]E?9$E@UC`=gĞ.+XR(>z0Gi(p0\N:ƤLʡ~E4) R RP0x*4AfojS|n- .({\qzj.#L+,V}v-Wڳ پfV?_1r|L!j0yr2]D!H$tk?j)uld\m\ PL`$ޖ>TRÔ-I8Ϗ|XRRw];죟\Q.g=hՓm|_T6 pnO&ٯyBm'釭vZ)Mա#'bhczh6;чp$AıCHiI[ v6?蕰 T.Xc]ep=g&XϒӖs Akhi2i]P|sCѺ3G6\ѴWrf d~( ۩?KFZ$#Fl&"ncK44)5bdBa(|2eՂ>R[騾~ sBJiKm"fNW|fL+#\14p$[\?Qr{$^BFHt\r0" ҷsJLd|.TBx<޴,љj ֤ݷ1Nm]Qz~^y %T(l_1 |BPps*0Wӻ21E11~6O"9(¼q|Ǝ·.4GZ5-XX2;`*JB/ L<`k:boV0="Ӳ9e ( qD񣮜K {Ŧ6RTc/,u?Qi4eaT/.6q&&A>%+j|jw;%%B:/M ^ .Yu³G} 5S=Ṭu֪-݃އ^HlH.^M0>(ԴŎPe4(o@q"qy&ZnQ >Wϊb;!Xk4|7)~Zr//^c1a,~Э"REVA@Mû ޲ /Io812l$Q`}$99ȶ#Ck-ߛnQL[DLITóhsk#끭l# 7QcVf 2ݕzwνg%x"dd-E#io֬ q:[,: )kug^HZ"r ׾'?LVxM1k[FnSlTU|zT:"z$xqvCNM¶teP2EAX 6ʱh{`''v(we}tD2ӈQ.AmkMeSm^_0*|6ߐ@aSiUV!m&' x%Ejk$P0SxhBӴ l敒+oNlḂ[\[LF@~K'pl܀@%G; |GWP70u]dG OI06ZH}htLY3emľk:T/9 oT~^)ziW%üd椤Qޏ.v5wnthg_"Ia|<C|JU8Dا a&FS5?ʞUŏ53qYiM>ݘ1ɋ&4I+fʘblY(`?GP֦[-[`җaN$=wB ߱^h6#vXpMy"2'Ni[4.0Kj?X.3v/^iӧwZSSD@mҶ} ⥤,gB '0?R<%Zqy*& #Wf#r!gH<9lX́%wGDɨJ*m=Nԕ\ x9V~0$\p{p-ҌUIuU# B"S .zJCMlA!_H~ I6_1ڜ/4M|ݮ=I2DR>(KWyEJѡ>TKa9 SmSiAZb vl~Zo'2$^S5}]V_X^~.h_u "Ռm.qNBt g{Cy]~o^ߟ]+Z~#aT& x-f.A?Ok~\+RN>SaOeo4~ QHt_ 9[R:T[uZ<|֯m p"K uO9Jt0Oh"ZWoY ,珯4(u2|H8Sp'Z>0,OO4Ķ & :¹C |ǰ4p~H"()_3N R"ҿ<ʻ0gFNl_OB֤t& pa|ς"EHsoVUwxf̵ 6,ʙ|l 3BtRrL#f4c7d0\F3,5ZLE"-Na<s@?B3z&+$0]eEPRc#E2Oɝ~ ũJMzT8ud8=M4ϻj V/u @ڤjE:=uۓ]4]Ūxq)h'(O(L^Śocy&&X{,d(#\bӁ8]=Hq]aDej';rqKPPV QH^dG40߬5}5x>Inv$q>Cw_Y:ɷS㋢8?FrۛK)7 _*pq٧԰-Qpd;J^-=$]ᛊ(˻)KdǏw 9{G؎D("#+LJNU8]MqF4;ֆM9߱##FNQ8Onjg8&cIeÙyֳs#p)!\O@+LAh>Lpn ro$Lhq.V!&pz\/[[O~Zt/(&"M~>+3+4=yBϠFʨY+V-{7Wpt0O vW\LpW$FM10n??H={{EɎ]֗-B>$. ".`jD'Ʈ=#yZ]>t@xo%JpXQ D}r$3^Δ^\GP騗P1Z .TK'sLM\^hu]Ug4SܧBQ.|gFJ27+$ NsJii $JS~߆v }K-R*$ϖ Hm^Zre7 A1,rTip)fm:6řBŴ5NTfCuF(Y@7itaTvbd'ҵ! جzX{=4b`Jw?b %P C, oV$SB *Ne1C}O+8ԱF~iamm񾿔CT' wr/@MaeGqn>L0IdN o!/Y>cbiF 7("|"\HW͂ıKy(?0u8"n;Wp]QV-iv5/vbrλ1H_ZHns\Dc0nd>aZ‰)XCYȓ?=Cd$@d7ح akCђ!b#gXLdmff+*QK~ p[+>P-OL{ q@#]Sꏷe4#L7aV9Lޒfcds|#d5{Y,sv.:GvwYpo/to~tqLٝCXKpE[{+ôJ+^Eomjj~ hN*Fl,_)Lá gсf;(p(zH5/U0-e6G@.椖^4./99BSySEs;2vES;oHzy$ygM5H ϸ[kXzF|A ɀk42z6oF' Ͱm(10cz/L2JV":~Be _7iYeX"l:v j䡣+t#ઉ2hoVCu3XY{\&F4#b WqdJB(_``c4;_u.NVaxOՒ~x+ vZ̛lA||&7ȿ _jEy+cL\ՌBب]yj"5gv|@͌ԂT_75;20?5d; h,okS6O׊S" TF tx+a+.*d0M['y+ȧ',`pn= 2rr&R$H6eMM(_Joߌ '%U^T)[K4DoX_#|DFWB&0-uߙ+>7TxჍaOp(zcu\[ g?~ 6WOZ Zյigjрu6e9vQFwJJT<sLf]ik$TPѼQ"xM`}Q ֳDb /YO(ս'wyU"RN]\,ma_ k뺐i dd!b WS,`~/G([G&ǚ$t-<86!34!=9ԊzMŀwBbzVALӥ{-BщI 5szůB-X3OەO]eK *\aQdFSc7!`sb@6f.MWn*O(`Upxi>*; =L ܷ8 ?G$5ͅF(퀩6nIu7`cfJyrrӍbW-.g~3:jRVUM%|ϳ0Z"C( /۹4jC R %T1'̣a$hө篛tUi*r9Tčے=3"1nFvzM, %f<8輓cN\O")fjԺxxf7yOʰ*ζaCHlQGs3kk)mjW]KYO,Ly%0Z] fuwTʘI^V_"o;zs)Vt2!L3"aA?TcM% 9)_ZeOe|;oY^Y_U݀4!ׂ`1-ܑ.g J*1~_ `aI`͈:ܭ)i eG,~ j3N6̙M_lL)9?4؁q:~´V8&C-!6oWSh$+Ips/U&~ıns<伞y*(++X efJr)Hi8q8g.ܖo35LJćJNl[>"@n@B$0l68*{XoVtAHLJ{݊ 54# =QRcb>wiBo $˷QA)AϘO|@ F.b Q0#I*`7R3|:cm+zװ@tbǿkTp>"PqaǑ(J[u EP QVK6'e`J%P.؏/v0Qk\xFELHyը2Н'>SlMv#aqX=ɦG-?*;IZuf!@r r`6شFS:i Ā! /r#TNal)4<}U:OC{YHVtPdC5NÖDeخaֵDG܁Z7eDߔP{KHf=IuE 3僺ZYp+8Y/[6.>LolEFnƾ^#Gf":qfwz8,jڄG ]͸_[(75o`3h0_|DS&푯ئ8C@iQi A?1ce`+4T^,*? ~%_)xn垊&7gw\Rwf7l{㖝zalX*$k=(4ixN %p\M] (_pꒌWտ|}ɸ\34|]<3'o2~wrwqu[ O%4X HyWH"A3(}2<9v*2ŕt8N0YY9@H\J | rP0p9vsrwhaNc|Ií>wpY/CY.FÇ,FVs5^5eUM@?ɾq L4`n1DͶ-/v-VW#8-l/xӳT|\LnsN!iReNp!Co 5hvpØQ(_">7M./rL>5~hxW1gUʾ e]XiWӑbBbA*ǐ?.::X~>~d|5gm,Lq#\1/E~Y _9A&"ueJU2?Sp[2p*l3TjoZhh JOL,>g_AU#y_䖈 2H?>b HG=RA(z;ߤ"W:Az!@!|jE YH6(|_ݯڞ7x@UFo\0/*gۊɐrNѪ梺Lu.޻Me&}քTOT9Q5 [a~:'A)Zߡ+ ț 9OGFw?9:  Ov&,T֤& 4*,=$žB9P%Q/͝(G߉c}C4`Hr:5]ZN(gyJ7d1~ `$128xʹ#q6lk8I}h]Ty?L`*=i)b8a{Ҁų;v1"~<' g&gao@TV 9q8[!LT<+̑Nbq*{;%RKxaEeu8wufB qS7 .vKuf JcvE=3t{2@О؋,c5@&ߦ1df'iN `, vNjװ1/|V2;P7륔=w7yXy.=v,hL%)\vxm'%vhgbΈ}X!<" G84e43 ;BU f#Ó擔5=v cJC8~CxLU-AGK&6[[Vj," gyt4"Mṃ!tf5toaFXv8s;+!gwI0@u/SB~i4N7lwşW;&?F T^(ZK<#輥ofK FK ӎ鮙)\Fi^/sd~_LO4@\VB g iYBXIeSsB vQpąpIHe|VPŒ]/T)qVPﲤ2].ƿ.h "t:A@=<Ǿ6^gqhd)(ɣ$?27Dջ-7 ENf~ V\kg46H*T5r]"WSY]=Rn'@, hQkIKd?`jRDAz%>G\V tf]\B dU*z/b80Xy,hSnSȘqsZZ!} yUlXZn4*6j-)Q,c;]M2r9.>ԺW[&$ r.8+ SQ޴q:B԰u= N *'pg2 -*̒\c C[i>MxOWR|wyn5D: )[{YP>vto5b-XM$1- GM 0|KYd_x5uOz Bꛝ\gQΊHdK mB;3rNeN &)+Ҍ ^,P0Z'g7[/8|t[e!Nw-ulN)_{73{U%agT/] q~~ qP#B")yԇ 8qv6 A٦|unӰxڨuos֒2)d& 0ئܾei[äqf&iapAR%qM|4N6RK5j7҃)g~&*=].6oGĥϞ#pv${SH(}w|/ Y?-5!翷y!JTЮ=v5n-MlYG w&O0;r=CJsj|z v[={'sWY`A5&yƬےZorm>W16 q'F6*_y93ƹVV@lWҕ^9;-oi1eQLCl mwGc6%k+?QL{7ndqЂE%@K3_|Ư`AOJ~*<'o(b "g@~ kG#Yw:RW /ki]JfMNzZ~n뇂N)UeL?W[av@Y,QvBt qH/ y'- Zmj)97!A<3Y /LEa-a$( ҫ1be\e$;]OK(L:ދivI we' BV׏ H3(|aQGPZzZ/"̉=jUׂ ˓Ј ZX7;̐'$‚QE]]玍DbHłߦloXRVi-R La5shp<@&ep$H<,>sZNf2A7C3_fۆR#0r@e Lyo`o%^F8k?lel]Jq/LZ!߫ʤ6[l҆ l rūߪƘGGT Zwkpcy'nFr^U+؀PsnB5eXd·.mLoO{W '߽I0D#`w^J%h2vkL̲L_Itini.Q U6c=+ SVI<e|; xp|PşslZ+z A#N[[͖@m fC8U"0~ҬV `Znm?u %x19bH˓nv@t#bjܫː6PmI56ڛ'z,ucIjsGz~gNnSU5pYy+El5sQ*.""~I?"|OR7׼pOdElӭ+E[(6h OfA8WE7 Ƨ}k,6_9D1O l1(+rt04a/ >6/ : [ GiX܆Lc嫵`v[OmzJ|K+H8Ss4ofUE2J' (|2ra\zEoaSxbC]P{tQS|#D/J*ӹgcώhejaڹ٪MIu]LYbǙq1^ ~%{Ӫ .P"UF'? 9W3q~D‹St_2sD^=G2##4L<v??SdOqkl*bB(.^b4R u6it,CL>,եseGi!ot=kvu,6#v U4Da!iƙ`N"cZ7 ub;R%A <daŸőK걄U:Mݜ6j뱈Y|L LFPe CV5J7IjEo1hk7ϼG5\TY*KIR9flڿ1Wl7W'8?02N ցQ,Pcir)a\L7{Gqg8|'Apz9R`biNSAb^|V76%O}{p Qq70l.W˳鳊XLnv 1娀ypcsR :PgiTҀ]g$nqU y U~iT=Y'Iu}IkCrz/Hcԫc!Y@(k+YlmBUߖe6[Z؇3!ҋ-ԁIϗPَ k/1e0.C;H& }ˆ&[Dnt ?Az:^6R{p,@`$!ی16ˍ} p[TFWU7"YA28KwMr= 'jVtT)T$4Vݜ#KH2Zc 9dΔf4uN/,E'~5uz D6"h1۠rO#}k: c4UMCl*g?C z2c(>ZOGC9 -$ 2 fq (it.?!|#ok-D#x ^ŎѮ'*wރ,d_#< E"WH 薭i!a\FVE0@x\Xp[ɵrf0GtY&Ωڈ㲟aaF+HAC fP~2tc|9hh;9RnJ.Qm&DxDiՠ@V:Y|?ńe;Tٜi~)sc:zt^dG$k(-92iリz| ;.@?l/YE= 6;`.c^~BڽFZьrRȚ- "ߢ2=QN!6B&aقiָ"6(k&  ߲cW>]iaX &1{Lg;`1;mֱGz*rp2h&-5PعƩqۡ3A(REbsi -@yTMQnD6f" = X|9NFdR;uo{au0z1Un8M١u0-!_v/"mPύբ+̘!xɆxeb=7R[[MqeҦO5 ̭n\W3EhLCL40p G\ʎ[` I,uSЗrSu z[3LX4wIPֈΎby8B?O7%xu\Q ]&Mr$xFd`* `(\LC#NeI߫QETqCy/=Sx_dBX^Dd709ˉS[-zÄbk;3?|s~~KmU4wNz ~ͭ6tZ*c9[=o\$>H[eJ0Z!gɹƆͻ$mO^I( 3LSZA߲@zbϷ UxPL߬D>%LR[Zwsv$j~X {s(⹬hӃHS } QRhG)Y x7d#p! euT5?'Rs r 9KqC[1dI\7{JDϤD\@Vpĭ/N|Iyꊿdl""GB`1ZyEҸ[ x{ DNᨽB[f6oEë^%[=6Xy^oRf֨ j $+\lU*u{tr:LZcx(QX5J _42E(L%')&y1S#$Iī}#V8ChT]:aI!j‰SnσƝG~9@Y~ vƊ#70TRK[LA}#R~ro0<℥VʪaTbAG{<Ǵ:Gj.^]tȆ="XH kB#ʹNH屯ﵯU*Z%͵ wæu/2/\f4GZ.]3na8۸ 1:B[:߱pYW,G:d9 Ӹcco9`Et'B9IYŸtߧ;AzװH :xp}( p qHVSb.<ЁY8RL@ٙjХ>7K j峷K@+ؘhf>O8`F1"ܑ;wZtU4bWoдWD‚@8} ?^2]R:\P'y)u*KS4!(X8ɖcsO= WDU/NM[v6kEi"q210X2+~q䔇3iʧOR"缉o769 &GNBwjظ).Nf7SdrIAfvV3~Eq/4!BwRL[,8ռ#ge s/tHuvMNU$*(n-E#3;͊{f WJ? ޽.(+6¨yEx+ƵqK[4P`Tޔ(ɡ5'J}UhX6`b Ž&*',-|]x,d~N1P}d8|ju ~]A8H,܍/.1,r61l]^Գ"%+֗pÄ~am7Ur݊e`ިɬak< Π*.xHBuy+ׂGAH#&mT|2 p !*i>&K `^ a #ŗUSE4gMsJq4Z[ ֨e C-[bĪoDj!Ԁ׫_u$Dg,.-ATǝ5K$hć* @9*C&LM2hoޒa`\*qjr ۮ_$9̄Vӭ65UfH4ʇ gz*zEǎqgV[҄v \t^0DM@&'n<Ŋ.{/29e'v.x}bH%+0 ^,LIv1k%W" ,me.Wϲ_#_zmuGpqF1Ee@DXlϦ Szfw/HaT6A: >ߛ@jPg@kվ_nNbaI 0쯖@2Gwcd[La7:ѡGڰBB@1J o/mE]Э36:nzJN (#N=(/ZaNz2Ynm6SkfkQE0E˓|bi+Rݲ(f?+txF6jy[$3o]Ym{ 9܋eVQN9:8D.LL?~!(l W$Oy0!13f@䅚Ys{R뙥Cbd_XTO; [gP.B d nr l]ĿaZ RS]y=}7@QAl Kgj]^iV'ѷfJW{o_hB!!q ̮&"v!kMXrq=&-[tWtxJ$s eo:P%.Ə8Y1GFhy f c-õsM@?u2C C^qQY;X&-m w'B W2|X :scM8DV.͍ؐ|Tip.~bbANRh /o|/N,qEʄ-1 Z.̂'PJ _Z)=0Piи ws%B.lMu rʴ{z TpN -ktUDp_8a9iT$$&mq2i<RM:TB^W< - TIg94?D*5 m=[q U[V71PkJ~P=nsVW{^+o쳠Ϳ+Ǣ73\!paN؄eJ5mwoTTdFݳ/VU9o:7 ן>0=kW1mookzTBt41@m)}%J rDo@&Kc T{&=zd-TPT>c7Yz6ٶ%S DڀY٫! ZؙmFmWT*Ǘ\PDABVOu?kP4ѡ[ >$at>Fz !BĈW܆,gpDٖ7h$2F ;L$rJKd%!pE|'Ǿ4UKUOm?zD&e|DSJ3mrd|ɇPT1Wu qOdkZYcRwT7r HD=xg"sj.T})Yr5U^c1A<`'.jN qe_4˺^p{V֐ q]"E=I+ 7^ѾgR~ հ;9BgNUh{3rjE 2~ީ3ܣ-ȯui 䚅"5a*,J7+&$uJubapӾBgdFV 4K선qFY Q[_㵤U/e~k*ӾGaU,]PVs$U_u \Bpzoz)یH9=£]}x򧣘|<x[>[E=7y gZmT*I2^l4Ϳ%j>X7Jܭ_RcVތS6t4ckb&O`1MAUG|Of2^-C?,}׶YD#J (DHV6Vna iǕh17TK:H:Ҍ9%|qw!D0Ȧ>CJBlhҀ^6v_ & *o@Q>m@)1AԴݕ&N#'rbM"ؒ9 P \_6ʩc+V,$èGD;/+ Nk& (i;GY8l6}W ):O)Klz 98kUBXdիtJs>Bh;Z3Vש>>mؓXΩ@O)n͚D 4G#g0HFJ8q'&n!Fpom|J1Q彈,T;Ou܈mSm!]- OvJTQd.@ %5IP*"`xw9,%PGiBUgW boEUZ=#}[.sOR O$I3hFUrX6)ku, !Jd85[a{$ rv",pWiY0a~ v?poΥ.,:y# _Fi 8⫀7PxWר("8yV%_(%f7R¼Cmc/z"M@CD-_7LGtLS̓3tx [lZ2Z@mMBZ@k i U³4j>R6=ɸe~C r}G 2u3]J%L\*귐e!jOAח؞ TxHv o$_ /_n/X?ԝ2*aRs)IlgG"+T3 !.(mփ_^ŃYSxYDv &7JAl>W(YKa4-E并 3:\NޞhKZ{΋V`DbH;uaW=fbWWEm ` KĢ*_ 8)ڸ$qgfa|φ|ih,";L ZQ`Nг4t싶zz.nl9? \RnЍ]_=aS~lmh $oqT"5sMէL`FՖ{W|FTX[ѳ7KO҇b ݿL&e\6 &Bś[1WJ *5+}'fmuo\!Q=q.#M{-ȕ߈y>JזF(4F[`4>R/+դx6[* W`/aʝqxCݓvX@jcaў,s\MJ 2AՎ!?k<K4/v$%58`slmp>fGb c!wN(FBD0QQ4RיRm%~Y+PH9 rn4{MUsolg3gTf1sd~n+(݇_ [^gx:ưZ^c$d8+˜F·q\A`@MO4nqDQOs>QsrX{+%eK0;1uSat(j{8UNKKj; MHS*id,6*1Al-~=jB7mxȺTI <|as1¾ Bƈ*Ӡ~Ӯ3..nni<62ro6&vl`un`}l&M'q{8+RjE³HO0ME=l*dd$2.ٴBe@%KPm[JF¸9{,uq@^oņqnL;gwJlW0L"p ۬I3&m,)n3wcQ7Ӕ&պ0_)n{7ꛁK1 BitҤ"ei8Lz5xhW(,*men19%[qES*^ؽZal{*٫XP((nÛV[v '7IV1\ yU;:"@~ y]&R|\_Nr*'+7˵)`ANvx npKJ ޓ|WE5R]BU}L/]ș*wc`|pkT!1# krJD_b$-v8q`^w zF$  f.TKh%4-5aK3 DUX.~ Ýl&1aƣ7dZ90\cej-G?>R*̋}gH"T.Gk3S M`:v+̸lr}z_1P8ȫ<O6>${~fQŌ8JG͗T~*Vs1ߝj(~"\V+k)d JCJ}ڕPHESAc v]ԗ񽿋o'%[18؈ȷDqi<Ľۈo31Kz;#s[=ۀr[~Ҋ 3nA92(V'eiùŢW l,vtVC_ {EuWei,9L`v,+\7R[]dOS/Më{C kMTI*ڮ!'n4Kg3 Yp$͝#孺5 HE[Tk1!+s>4?ffO;q77+H{(U9+QFϦtN B0 nġ"6ZmCR#*›Ԯ7 YCc,/ذs1i@5[ p"@ ~5D_RU32jW+8oUjXgS=@ŽE:ǐ %tN q|XRd tO1ycs# D#rxt!ةKTa 24{G!VeYqSwZ\i<[sp3, 3#faW Vi&;Ѻ%zNOQI7 hLYld7W2k2Y0o#VA~ɚafLE0wu6tۇ}5wK)NUMQ}BsN(2Uu7qs)'8HLBk8})L+fܛvL\>#2"˟ cAi8>%[ևBI)K6v@|&$rЦ*M c!9惐a_)W|ODNX?80 dw~E ~bTGAAx쒡3xɒ@]W2p]+G `/kzxw^k4 LY@\@ѿ4heK1$G;H3GTkD"Z^.MQ )U[DOBZ0vm*FFfKQ;pRm]_f:HE3 M]c(U&kuBJ Nڵ"Kʐ[t-%:m"Ʋ߁`MQBljU}`t^`E3h2 +6y?w7>3 E `0iƕN{n{. p FMBn}=Қ?'%}%~"Tݽ\Rv9DȘ :*$eͩzƻA:2^9$8՞Ъgkl~la)Qd)8Y#([\`=b0\./c!*T$([+$㦖=AI6${hȗ4jW@pj "/]\L !!ɍ=vE.LS'A-r 83=o{a"g\ҼLHRN Kpf^꧝ʗQI3årjݎ]: ٺ&f/%_xRp"p3KXeA #:d qWUUM0V`(e8NgU&w`b]DF7+`΄*H=bʨOXUCH4 z9{ { Pb4ɥ[aw;Vͱ5NLȀ{/Zx4x Hu:v²?鲣;ics;m|K&TX):Z&Y^0~lI{Pfs6W2wL%p )9` O eKgJAojqM wtE7GQzk7~'{<7=L>r`}x3 Fq7^88Kv At簟rXȋbb3tJ.)}|@genUyfn:U@ssX:=vI^o #n).pm)+,A7k&F+`*_d8C&:Avy0]ǩ21xCj֤Ռ&_8췐sHy*1]DDEe3uJAUMuEd끬#t!t?y~(X3׭28ez͜t``s4IiDN Qof_~U.ՎmzCHN!"kX7 %.rMp7Yčwohq3݊~V 7҆W>ڨk,?\;ZA ȿ|, :7qr$@>_!!w0=*&ð.bvܻ!HHh 7sQZ([KI0V{ݶUZs4Bv9s8êp{I?OI44ie JůTD3ۀOfovĽIhZ,^(4ФS|鹄eY1XQޙ%(}QatP\`^ANt `L5PD{uAE'ẁ ;?EQ"XS;^j ]]7*2݄Fd%ўt\A2|݈[2'Pj@20>;9޿㐠޸϶җ0)0D2(>|'V͎VΙ/Ű^[ C&Q ~ 6/'\OMm=A`SҶp""}H .Z,C]֋&Q_&@na坋ąz#gMyGe[mbaM^#43gT vF(v^Vm7ToV䵘n@|Wק _>T r8\즑FIXJN* )ro.hJlY GJ箺QwL%Z!7Ay8Pa/JMG(A5Nk*HQ:.5kfH/́FIM?3:qH[;ycm%3cgVPuˆWBԡA L-F5@q st'}1[ߞ8tܳ͟,)XDVg4QAb9H3),$XVnȐN'_.5B\e:E{QA_UƮnZiE!Ҟ5/zG;6h-5>[Scgr/Kܾ)ڽ܂l9-**O'y@up4Uѷ"}q0*;aYDAC(7`b6CHNxom|Pķ#F-z+ۊ"@Zh|7>IfEo R 7@׵1uYIDpF7W$/[ƬvtDM-8!|dD K$ik g7x׳V" Fjb3EG۔x{ o E|`wi#(U7JOn>ҶiVGW`'GBGK.I܃(lf kɖ4ěHpG]!39>$s(G$Ph x0((Enhvo^ ,^KQ,籯Bsʖ`߯V +?})#VxfO7'׈p`@Iws;adT^Z3&iϕpV^a!@7N`/m= ;CTwwq 8XUumM̦ML߻.('JXWQW \Y 5j%z(ϝZ+z%̘q #jq +`Ra>9ɾ'@/] 'i"NʏISPz]X90|n;$!II-{sHѷP|U*_n470_k̞C5 ?]*D?vt%bԝptVQvEƬosei5v)iӺ@/hJĜ+4-D~ɓ "4u7k$+4ƮU 1B&C -GULNcl=Agu!@hn$%`ɂs|`zot#){>e#w']9c0"֝G}m9whL]wtR;B2P,IZ4qm$>q˄CLƃJ9'e41ldv=\i%Ha~ 0M|LIil&K9`6 $T9k@#G^Hw"rV Yl@.w0+Y|D:=ϾhH;Gu  Cυ%;۳D\cLV{ 2Ympn;' k׼ 81ArK0x(J9JKbP0 1V:qnq1Z|vlQ|T&[S/^c[-7K8zK;f/v)M\!4`#=3N(2_sbPvL# >`)>NC9INB26VfXZ\XchlaF;Km<_d?3\n@(AL%'xY_82E:c8lqM%B'b.+Y}$'ZPaOD$9k)}ih>z6 ]CG0 ߥrJ5_ҷ1 oH²ZI*j5^G<0xM)?\ c"Ѵ) 'fRg`wEqKM/J=uK~iQʖ Cpn@Aqo:gw7ԫ֕v0vi_al}ͮ"/&_T gd}q/4BXNjy]:v["y`Nwdte8VV% V)R>M6؊<@r\F c>hϭ֖TU氁Ď!,|vָ/-vqSV[ 6|͉#$9N;0.D´ǧ$ҔgR@k}EwPi 4,,cӧ.EYxY .w@n?;Sos|O2/pŗ[Zs+"-#v_|nzs!>]h&ؿMLX\%/CCYc e+22b_pOhl=LYN>UC1}kDWV {(\5+Z 7‚w-V0].LmfYVe)#vU=3!U9v/ ▜QDXS\ͣ OZK(hd\mے[\s՜#1'Zy?tP_-*-X3ͲRɿ0c-vgOBX TBOwvHܟ.}QoĵT .ɭЇ[a I\6UM8`-/59NZF~g93k(Ngž 6 ۲wMxn}D%k% 9eSWB\c'Jj|Itn DC>ĸ-x0%gmcoLr%=V~ F^A񲡒jC:{ ap. 3n?, #x32tnu&ț8+nFzh7|x|52("; !\A5&݆q]2pzI ܔU䛧H8wZ`Y daI⹞Ŝ8ՍH˖wKc+?W\+{ YF/^NNHkGC;-i_SKHlUjqCl#~+?X\f7tLIx iyZZ6I3>WC! O[SŵȼUs.,c<<춑f0{_p@N񣨮FԹn}9 [}JscEaD.[u(PhAPA{:c!$ߢ_E`ݴ^oS1GCJcHDl$+,&e5x0l6w9;;|C3}{.95򓅜 PXyF?riKQQ <$̯gM_@Ax[t}qvxڌTRcBǧ_ʼn4%26 a/l%>!p\Y3ҽgO|Ь/.ܟ][b<)d23!Cy zZh_Kr=A\v{q⁷ $qX0. 6KP5|sS)[Rd/۷D7E-2NmZ4(Su?y;D,wڗ+eI]>4ap8?߭JWx#ZA:ߓ& ר qz瀊c.qj_ALuЌA/WV1tѫ9"OLk#=2b-5XOZsR"#%?o xIz[w 6ACE5Q)ZN]3DLRcI>q5F |ؙ| PEfGDj2-dcV?Bdx( #`JsΩ #yGގ@5҅-lV<᯵ ML>r^5,<1`{ <^@3.*bSw=kxtXPUe`wnȞJQOSTy iR >_}DU$kd8yX;$N#N;i}%COd?#p3ugT8Q h'fbx/y@HE)Vq, JcEt;Pp%c~AklI ȑӷ | gF7O VjBctc@ӽ sk5{AndsZ5-Z GIKGvK'TNNBJs -Dz3íL sEl-z/LoG G[Ȳ={Jʭ8ﬨtn{H.!Ut|u0,LUh!Lrn/=4O;$ ; l P/-_0L ?p2TZ}u4:u :N!֑d?Aj]:0kt.*?mbU[蓄I@4_XlhT$$eS?KpTkgs j|{Be*C9w5u@+(KokL9aE􆱞gE+E䥜^7xTa>{L?^4XB'iV)lmVpg^|ivA;an.A爅KRAT!BqZz1AtofI{2Ҷn6<,wVR' 8j;2"9U20Ws2F^fy:ZPtbJ0¾HnL<ƾe_?'D岶H/=}zmJ8HF!o^FabOc,&s8=_pIG=,/,4DĽ̲u/Oor*ꉜJqa`_qZxV2g}|m@r1}^ u|4!q{DڎLɹ;W%qGԶ,#N2jǡdAp돤rQe FlkHǚ}zXlY0VVF){ 椖1g`{N]^/hͳ-^{mc^S۲a7vo[R6 OBe]9_'F6fٯI=2"r/l@ł}$7l+Ÿ 9bžw8VӐ=ْ6K`ORK;GPSFsXxߩy&h+csqW`RV۫ZC%HiY\7t#;xW~LѮ>i Ɍm8lЀH1#PѶѷHME ے2!8)̐H \N)lZ"}>j5ԬC&+oI}h^MlE*[Aڷ\0LhR32b. KYjj1PF ǩ vm֟)߹V&-nAɕ3'"VFZtl3.Zcx@%Z*V< kf|ޏchpXv>tl]cq `5q|[lc_oq1"S.t>< T=ߴײW_P0Ëuԁ57\72SKW*]#-a bkr$ɝgxG9ݙ6Hġ7=@u/ CՓ!"fCn|)s&{Nُ0w{9 tCJ# cQ >0)~m 3&REĄd#28~$|®)GjW4\ g.!aEb~,Jѻ&~ )@ә_DH tCӇDSr(~_,\"@G–ן,o kޟu-.WRq\>/ac=;Px6u_͢M۔mwjF/}~QJ]Zd>%J& +ӿ0[fuM@!|V` [UާhYAU#Laˆ?M-qƍ̣~k'n"]NnDΔ\ċGfվ]Duzr򄎝ø^d-q ֬k Tzi~^ڥ6H v@)Wkpcy-+\hW4I5e~bpn# /(]DbX›JqU피N$3yk=0UrP|E]wM,TUQ ˰"a,iƝz ^{#Zdasq}UiĂ=Sn<>: }".ZIa  |h%1%%4sNxN $I[.yxs ݕZZ\+6wj z峾Mfx%VJ [pV07ϊcр 5AGDh ?tNF` 8rSOZN}?p=5u^pƧ¦@Q̅%  nԕ:їzQe/>p4V>G'=>4ۑL&)rJQӝ{\!"paN+B/)Q6l).P1gYC]'v\1 j9uRսTHٳUbO '?8uYT y1ֆFfZdq$:WR܅ft(yW?̤pRcub@YoӉrlV\B=Cg⢗JGfNZ S~|U@X^b6ާA lb#9l_G̍<h(q@$na@b}C;0 )]ümЭ[oy%HXg5k1 7_[O3g4)mj<&N|"hc@>z&# 0mڑWXgqW"-9gܸeSXDIc}eC'O9_6(Ϸ@_Ey(-s# 2EeIGNȝl9\@$ ɶOI?JHO}&8&*62q\Dx|YEKe MD4Rv+\њYO/wx'=Qx'ޯqmCןZ9\B+?(^pusbA4FBL3g!Pk}yaܗSo, I[1VԌA{PKE ߒ4\a=ʻ&/rQp%RKߌoAѭ$PU^ |[|(ŌۖtkAJ_#&8.p\k~rDHPbdI4E ;lFvxC_7Je(<jȼ߹xWbvgѲ=s7 5ݼ! ȈixPm;\k_5cCOм._;̫Z *zڑ8\̷H  *>:;&8ObIv @Pswj U$KKwg%{ǘf}tڌǭ5<+/;v `Nt朧RKÕ};1K# Y駢Lv:W^]8weOI@%*E uQF\8qO~ih_PA)Q#Aco6q4z_u5F'7f] vX&6 N8]8X{ S6(>`6 eƄo~1S|$̫Ew'Fw]ٷuUuFYYV8e8+tA^,(?rQ1SƝy |7Do{F;Ӑ+;? D]>na@CB` R .V108jK8lvhr=<$J" o*| |yo:4Н&QY)ąeN~ ?:0UDlՏ V[/oc0[2ٹ5۰~͙(%%Xg)6ȧn->>[G)Rax ^ʈ!U5;0͏P' (AܗҴA@X*t}?X6`/xPƠDvܨ7hFqj# ȩ>@V3bOif q9Bm]3L ^6 VgB ԋ: _?s%=[JaQq]rsd(60{ېq^`BOǒ`N* {V,jv9_Wx#,۬ /Ka ,DTgVIX\0ptf !쓕v }LH:0\UBLNNjS$y#: LFlgvmg65x&d%Wp{ygzf2^SOMCՁ2,/S x6[_k#+]]+,b;4ڵxOj {\4WbI;%w$92X3KQpDZoiI#v@`L} qW=|P| T$n! 3䠜Ak͜ ]0^l{Qr2Dv߳;,$h lznu0>g$S*;RF7p<s _,| YZ