nscd-2.31-9.3.2 >  @ aJp9|^wak[Ҙm>7rXk&hi^H+?Kk .h^f x3V|}G9BYu)ҼzA갪f"ҩ!X$= [)uyx| bO>ӌ=y!M-iA+au,$YR'Rk4,J܏S&ĕy²cEMrFzV@5& =R5GW.kSYxFEcf0983ff43247b4b8405d30565aae8b4a87f0350c15db55f872cab4d5b84dbe704656b2ae97620cb5c378faa17b881aafc9f545c,aJp9|+S2N1Ar7jKxX ŚNr60I RbE51sHf.QkAH j-^ EY'>zc3K,'4ͽԾȱ}v7|q\v$ԕvLr) 'ptèuE(F@ uln9P1{ I&o sRK Is Wv?: )"sVMVOڶXBFqdsC/*?p4-,a>pIL?<d   . ?EL ; 8   < K h:T"L"#"(k8t9x: =V>^?f@nBvF|GːHIXY(ZL[P\X]̔^ b~c'dΧeάfίlαuv wxTyӐz8Cnscd2.319.3.2Name Service Caching DaemonNscd caches name service lookups and can dramatically improve performance with NIS, NIS+, and LDAP.aJ8sheep17]]SUSE Linux Enterprise 15SUSE LLC GPL-2.0-or-laterhttps://www.suse.com/System/Daemonshttp://www.gnu.org/software/libc/libc.htmllinuxx86_64getent group nscd >/dev/null || /usr/sbin/groupadd -r nscd getent passwd nscd >/dev/null || /usr/sbin/useradd -r -g nscd -c "User for nscd" -s /sbin/nologin -d /run/nscd nscd if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : for service in nscd.service ; do sysv_service=${service%.*} if [ ! -e /usr/lib/systemd/system/$service ] && [ ! -e /etc/init.d/$sysv_service ]; then mkdir -p /run/systemd/rpm/needs-preset touch /run/systemd/rpm/needs-preset/$service elif [ -e /etc/init.d/$sysv_service ] && [ ! -e /var/lib/systemd/migrated/$sysv_service ]; then /usr/sbin/systemd-sysv-convert --save $sysv_service || : mkdir -p /run/systemd/rpm/needs-sysv-convert touch /run/systemd/rpm/needs-sysv-convert/$service fi done fi if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$YAST_IS_RUNNING" != "instsys" ]; then /usr/bin/systemctl daemon-reload || : fi for service in nscd.service ; do sysv_service=${service%.*} if [ -e /run/systemd/rpm/needs-preset/$service ]; then /usr/bin/systemctl preset $service || : rm "/run/systemd/rpm/needs-preset/$service" || : elif [ -e /run/systemd/rpm/needs-sysv-convert/$service ]; then /usr/sbin/systemd-sysv-convert --apply $sysv_service || : rm "/run/systemd/rpm/needs-sysv-convert/$service" || : touch /var/lib/systemd/migrated/$sysv_service || : fi done fi [ -z "${TRANSACTIONAL_UPDATE}" -a -x /usr/bin/systemd-tmpfiles ] && /usr/bin/systemd-tmpfiles --create /usr/lib/tmpfiles.d/nscd.conf || : # Previously we had nscd.socket, remove it test -x /usr/bin/systemctl && /usr/bin/systemctl stop nscd.socket 2>/dev/null || : test -x /usr/bin/systemctl && /usr/bin/systemctl disable nscd.socket 2>/dev/null || : # Hard removal in case the above did not work rm -f /etc/systemd/system/sockets.target.wants/nscd.socket exit 0 test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -eq 0 -a -x /usr/bin/systemctl ]; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable nscd.service || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_STOP_ON_REMOVAL" && . /etc/sysconfig/services test "$DISABLE_STOP_ON_REMOVAL" = yes -o \ "$DISABLE_STOP_ON_REMOVAL" = 1 && exit 0 /usr/bin/systemctl stop nscd.service ) || : fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ $1 -eq 0 ]; then # Package removal for service in nscd.service ; do sysv_service="${service%.*}" rm "/var/lib/systemd/migrated/$sysv_service" || : done fi if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi if [ "$FIRST_ARG" -ge 1 ]; then # Package upgrade, not uninstall if [ -x /usr/bin/systemctl ]; then ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services test "$DISABLE_RESTART_ON_UPDATE" = yes -o \ "$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0 /usr/bin/systemctl try-restart nscd.service ) || : fi fi exit 0 P A큤A큤A큀aJaJaJ.aJ.aJaJaJaJaJaJaJ.aJ.aJ.aJ.aJ.e2cdfafd373d24fab07018d0e95dd49510ea6c992b7be2b0611ab23bbc2750b579fe74962fbce2fa9b2a4b92f693b2fd42cbc2ed331fae268de7104879a72df879c9cec5dd2414dcb76d11e75903aa6fd9b7785c897cb9f853edcb140a71b779b1c48877d8c1f581a4ddc16d2fe3e1b34fe33d6500dfb2fc9179ccad112aa53a/sbin/service@YYYYYYYrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootglibc-2.31-9.3.2.src.rpmconfig(nscd)glibc:/usr/sbin/nscdnscdnscd(x86-64) @@@@@@@@@@@@@@@@@@@    /bin/sh/bin/sh/bin/sh/bin/shconfig(nscd)glibclibaudit.so.1()(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.10)(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.17)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.2)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.7)(64bit)libc.so.6(GLIBC_2.8)(64bit)libc.so.6(GLIBC_2.9)(64bit)libcap.so.2()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2.5)(64bit)libpthread.so.0(GLIBC_2.3.2)(64bit)libpthread.so.0(GLIBC_2.3.3)(64bit)libselinux.so.1()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)shadowsystemdsystemdsystemdsystemd2.31-9.3.22.313.0.4-14.6.0-14.0-15.2-14.14.3a0`ݮ@`a@`H`H`?z@`@_T__/@_O@^)@^@^{G^g@^`^U @^&^]@]7@]|@]@]:\@\\]@\@\|\~d[[ͻ[$@[t[r@[qr[^[!@[@Z@ZJ@Z2@ZH@ZZ Z}@ZxG@Zp^@Zp^@Ze@ZKt@Z1@Z/Z@Y@Y@YYܶ@YdY@Y@YY@Y@Y@YW@Y@YJYYw2Yp@YJ_YA%@Y.@Y, @Y, @Y$$@Y"XۡX@XWw@W@W@Ws@Wk@Wj}WYZ@WL+@W3W0{WW V@V@V޾Vm@VIV@VŲ@V`VVV@VLh@V.V$@VVZV VUYU|@UAUȒ@UU@UU4@UUv@U%@U/@U:T@TPTgTܕTء@TO@schwab@suse.deschwab@suse.deschwab@suse.derguenther@suse.comrguenther@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dejslaby@suse.comschwab@suse.deschwab@suse.deschwab@suse.deidonmez@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.denormand@linux.vnet.ibm.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.demeissner@suse.comschwab@suse.deschwab@suse.demgorman@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.de- mq-notify-use-after-free.patch: Use __pthread_attr_copy in mq_notify (CVE-2021-33574, bsc#1186489, BZ #27896)- wordexp-param-overflow.patch: wordexp: handle overflow in positional parameter number (CVE-2021-35942, bsc#1187911, BZ #28011)- s390-memmove-ifunc-selector-arch13.patch: S390: Also check vector support in memmove ifunc-selector (bsc#1184035, BZ #27511)- Update glibc-2.31-HTM-vzeroupper.diff with a AVX-SSE transition fix.- Add glibc-2.31-HTM-vzeroupper.diff to avoid VZEROUPPER in the AVX2 accelerated string routines which cause HTM transaction aborts. Instead use EVEX or SSE. (bsc#1181403)- nscd-netgroupcache.patch: nscd: Fix double free in netgroupcache (CVE-2021-27645, bsc#1182733, BZ #27462)- gconv-assertion-iso-2022-jp.patch: gconv: Fix assertion failure in ISO-2022-JP-3 module (CVE-2021-3326, bsc#1181505, BZ #27256)- sysvipc-sem-stat-any.patch: sysvipc: Fix SEM_STAT_ANY kernel argument pass (bsc#1180557, BZ #26637)- aarch64-getauxval.patch: aarch64: Accept PLT calls to __getauxval within libc.so (bsc#1167939) - iconv-redundant-shift.patch: iconv: Accept redundant shift sequences in IBM1364 (CVE-2020-27618, bsc#1178386, BZ #26224) - iconv-ucs4-loop-bounds.patch: iconv: Fix incorrect UCS4 inner loop bounds (CVE-2020-29562, bsc#1179694, BZ #26923) - printf-long-double-non-normal.patch: x86: Harden printf against non-normal long double values (CVE-2020-29573, bsc#1179721, BZ #26649) - get-nprocs-cpu-online-parsing.patch: Fix parsing of /sys/devices/system/cpu/online (bsc#1180038, BZ #25859)- power10-support.patch: Add support for POWER10 (jsc#SLE-13520) - iconv-option-parsing.patch: Rewrite iconv option parsing (CVE-2016-10228, bsc#1027496, BZ #19519)- Update to glibc 2.31 - glibc-2.14-crypt.diff, crypt_blowfish-const.patch, crypt_blowfish-1.2-sha.diff, crypt_blowfish-gensalt.patch, crypt_blowfish-1.2-hack_around_arm.diff, glibc-nodate.patch, powerpc-elision-enable-envvar.patch, s390-elision-enable-envvar.patch, crt-nocompress-debug-sections.patch, resolv-context-leak.patch, dl-runtime-resolve-opt-avx512f.patch, libpthread-compat-wrappers.patch, math-c++-compat.patch, remove-nss-nis-compat.patch, eh-frame-zero-terminator.patch, ld-so-hwcap-x86-64.patch, assert-pedantic.patch, getaddrinfo-errno.patch, resolv-conf-oom.patch, dynarray-allocation.patch, nearbyint-inexact.patch, nss-compat.patch, nscd-libnsl.patch, malloc-tcache-leak.patch, falkor-memcpy-memmove.patch, aarch64-cpu-features.patch, nss-files-large-buffers.patch, sysconf-uio-maxiov.patch, glob-tilde-overflow.patch, dl-runtime-resolve-xsave.patch, spawni-assert.patch, x86-64-dl-platform.patch, glob64-s390.patch, tst-tlsopt-powerpc.patch, powerpc-hwcap-bits.patch, malloc-tcache-check-overflow.patch, dl-init-paths-overflow.patch, fillin-rpath-empty-tokens.patch, getcwd-absolute.patch, memalign-overflow.patch, stack-guard-size-accounting.patch, libgcc-rtld-now.patch, res-send-enomem.patch, glibc-fix-avx512-mempcpy.patch, i386-memmove-sse2-unaligned.patch, realpath-ssize-max-overflow.patch, localtime-2039.patch, math-remove-slow-path.patch, aarch64-hwcap-atomics.patch, glibc-fix-aarch64-build.diff, absolute-symbols.patch, x86-haswell-string-flags.patch, pthread-cond-broadcast-waiters-after-spinning.patch, mman-map-sync.patch, mman-linux-map-shared-validate.patch, nptl-setxid-error.patch, pthread-mutex-trylock-barrier.patch, getaddrinfo-parse-ipv4-address.patch, japanese-era-name-may-2019.patch, force-elision-race.patch, regex-read-overrun.patch, regex-parse-reg-exp.patch, 0001-S390-Add-configure-check-to-detect-z10-as-mininum-ar.patch, 0002-S390-Use-hwcap-instead-of-dl_hwcap-in-ifunc-resolver.patch, 0003-S390-Unify-31-64bit-memcpy.patch, 0004-S390-Refactor-memcpy-mempcpy-ifunc-handling.patch, 0005-S390-Remove-s390-specific-implementation-of-bcopy.patch, 0006-S390-Use-memcpy-for-forward-cases-in-memmove.patch, 0007-S390-Add-configure-check-to-detect-z13-as-mininum-ar.patch, 0008-S390-Add-z13-memmove-ifunc-variant.patch, 0009-S390-Add-z13-strstr-ifunc-variant.patch, 0010-S390-Add-z13-memmem-ifunc-variant.patch, 0011-S390-Cleanup-ifunc-resolve.h.patch, 0012-S390-Mark-vx-and-vxe-as-important-hwcap.patch, 0013-S390-Add-new-hwcap-values-for-new-cpu-architecture-a.patch, 0014-S390-Add-configure-check-to-detect-support-for-arch1.patch, 0015-S390-Add-arch13-memmove-ifunc-variant.patch, 0016-S390-Add-arch13-strstr-ifunc-variant.patch, 0017-S390-Add-arch13-memmem-ifunc-variant.patch, prefer-map-32bit-exec.patch, s390-strstr-page-boundary.patch, ppc-tle-htm-nosc.patch, posix-Add-internal-symbols-for-posix_spawn-interface.patch, glibc-2.29-posix-Use-posix_spawn-on-popen.patch, backtrace-powerpc.patch, pthread-rwlock-pwn.patch, manual-memory-protection.patch, ldbl-96-rem-pio2l.patch, dl-sort-maps.patch, dlopen-filter-object.patch, glob-use-after-free.patch, nptl-setxid-race.patch, nscd-senfile.patch, ldd-system-interp.patch, abort-no-flush.patch, fnmatch-collating-elements.patch, nss-files-long-lines-2.patch, iconv-reset-input-buffer.patch, nscd-prune.patch, syslog-locking.patch: Removed. - long-double-alias.patch, glibc-nsswitch-usr.diff, euc-kr-overrun.patch, riscv-syscall-clobber.patch, nscd-gc-cycle.patch: Added.- nscd-senfile.patch: Fix concurrent changes on nscd aware files (bsc#1171878, BZ #23178) - nscd-prune.patch: nscd: bump GC cycle during cache pruning (bsc#1171878, BZ #26130) - syslog-locking.patch: Correct locking and cancellation cleanup in syslog functions (bsc#1172085, BZ #26100)- nptl-setxid-race.patch: nptl: wait for pending setxid request also in detached thread (bsc#1162930, BZ #25942)- glob-use-after-free.patch: Fix use-after-free in glob when expanding ~user (CVE-2020-1752, bsc#1167631, BZ #25414)- dl-sort-maps.patch, dlopen-filter-object.patch: Allow dlopen of filter object to work (bsc#1166106, BZ #16272)- ldbl-96-rem-pio2l.patch: Avoid ldbl-96 stack corruption from range reduction of pseudo-zero (CVE-2020-10029, bsc#1165784, BZ #25487)- pthread-rwlock-pwn.patch: Fix rwlock stall with PREFER_WRITER_NONRECURSIVE_NP (bsc#1164505, BZ #23861) - manual-memory-protection.patch: manual: Document mprotect and introduce section on memory protection (bsc#1163184)- backtrace-powerpc.patch: Fix array overflow in backtrace on PowerPC (CVE-2020-1751, bsc#1158996, BZ #25423)- posix-Add-internal-symbols-for-posix_spawn-interface.patch, glibc-2.29-posix-Use-posix_spawn-on-popen.patch: Use posix_spawn on popen (bsc#1149332, BZ #22834)- ppc-tle-htm-nosc.patch: powerpc: Fix syscalls during early process initialization (SLE-8348, BZ #22685)- s390-strstr-page-boundary.patch: S390: Fix handling of needles crossing a page in strstr z15 ifunc-variant (bsc#1157893, BZ #25226)- prefer-map-32bit-exec.patch: rtld: Check __libc_enable_secure before honoring LD_PREFER_MAP_32BIT_EXEC (CVE-2019-19126, bsc#1157292, BZ [#25204])- GNU1815 - Hardware support in toolchain (bsc#1151582) 0001-S390-Add-configure-check-to-detect-z10-as-mininum-ar.patch 0002-S390-Use-hwcap-instead-of-dl_hwcap-in-ifunc-resolver.patch 0003-S390-Unify-31-64bit-memcpy.patch 0004-S390-Refactor-memcpy-mempcpy-ifunc-handling.patch 0005-S390-Remove-s390-specific-implementation-of-bcopy.patch 0006-S390-Use-memcpy-for-forward-cases-in-memmove.patch 0007-S390-Add-configure-check-to-detect-z13-as-mininum-ar.patch 0008-S390-Add-z13-memmove-ifunc-variant.patch 0009-S390-Add-z13-strstr-ifunc-variant.patch 0010-S390-Add-z13-memmem-ifunc-variant.patch 0011-S390-Cleanup-ifunc-resolve.h.patch 0012-S390-Mark-vx-and-vxe-as-important-hwcap.patch 0013-S390-Add-new-hwcap-values-for-new-cpu-architecture-a.patch 0014-S390-Add-configure-check-to-detect-support-for-arch1.patch 0015-S390-Add-arch13-memmove-ifunc-variant.patch 0016-S390-Add-arch13-strstr-ifunc-variant.patch 0017-S390-Add-arch13-memmem-ifunc-variant.patch- regex-parse-reg-exp.patch: ERE '0|()0|\1|0' causes regexec undefined behavior (CVE-2009-5155, bsc#1127223, BZ #18986) - regex-read-overrun.patch: regex: fix read overrun (CVE-2019-9169, bsc#1127308, BZ #24114)- crt-nocompress-debug-sections.patch: Don't compress debug sections in crt*.o files (bsc#1123710)- ldconfig-concurrency.patch: Avoid concurrency problem in ldconfig (bsc#1117993, BZ #23973)- force-elision-race.patch: Fix race in pthread_mutex_lock while promoting to PTHREAD_MUTEX_ELISION_NP (bsc#1131330, BZ #23275)- japanese-era-name-may-2019.patch: ja_JP locale: Add entry for the new Japanese era (bsc#1100396, BZ #22964)- pthread-mutex-trylock-barrier.patch: pthread_mutex_trylock does not use the correct order of instructions while maintaining the robust mutex list due to missing compiler barriers (bsc#1130045, BZ #24180) - getaddrinfo-parse-ipv4-address.patch: getaddrinfo: Fully parse IPv4 address strings (CVE-2016-10739, bsc#1122729, BZ #20018)- mman-map-sync.patch: Add MAP_SYNC from Linux 4.15 (bsc#1126590) - mman-linux-map-shared-validate.patch: Add MAP_SHARED_VALIDATE from Linux 4.15 (bsc#1126590) - nptl-setxid-error.patch: nptl: Preserve error in setxid thread broadcast in coredumps (bsc#1063675, BZ #22153)- x86-haswell-string-flags.patch: Fix Haswell CPU string flags (bsc#1114984, BZ #23709) - pthread-cond-broadcast-waiters-after-spinning.patch: Fix waiters-after-spinning case (bsc#1114993, BZ #23538)- absolute-symbols.patch: Don't relocate absolute symbols (bsc#1112570, BZ [#19818])- glibc-fix-aarch64-build.diff: Fix build on aarch64 with binutils newer than 2.30.- Add glibc-locale-base subpackage containing only C, C.UTF-8 and en_US.UTF-8 locales (fate#326551)- aarch64-hwcap-atomics.patch: aarch64: add HWCAP_ATOMICS to HWCAP_IMPORTANT (fate#325962)- math-remove-slow-path.patch: Remove slow paths from math routines (fate#325815, fate#325879, fate#325880, fate#325881, fate#325882)- localtime-2039.patch: Fix year 2039 bug for localtime with 64-bit time_t (bsc#1102526, BZ #22639)- i386-memmove-sse2-unaligned.patch: Fix SSE2 memmove issue when crossing 2GB boundary (CVE-2017-18269, bnc#1094150, BZ #22644) - realpath-ssize-max-overflow.patch: Fix overflow in path length computation (CVE-2018-11236, bsc#1094161, BZ #22786) - glibc-fix-avx512-mempcpy.patch: replace with upstream version- Use %license also for COPYING and COPYING.LIB (bsc#1082318)- Add glibc-fix-avx512-mempcpy.patch as quick fix for mempcpy buffer overwrite in memmove-avx512-no-vzeroupper.S for Knights Landing CPUs (CVE-2018-11237, bnc#1094154, bnc#1092877, BZ #23196)- Readd nis to netgroup and automount nss config (bsc#1088860)- res-send-enomem.patch: Fix crash in resolver on memory allocation failure (bsc#1086690, BZ #23005)- Use %license (bsc#1082318)- stack-guard-size-accounting.patch: Fix stack guard size accounting (bsc#1074208, BZ #22637) - libgcc-rtld-now.patch: Open libgcc.so with RTLD_NOW during pthread_cancel (bsc#1074208, BZ #22636)- Mark source0 as nosource in non-main source rpms- Add systemtap-headers to BuildRequires. - Add --enable-systemtap to configure arguments. (fate#324969, bsc#1073636)- memalign-overflow.patch: Fix integer overflows in internal memalign and malloc functions (CVE-2018-6485, CVE-2018-6551, bsc#1079036, BZ #22343, BZ #22774)- fix-locking-in-_IO_cleanup.patch: Skip locked files during exit (bsc#1070491, BZ #15142)- Avoid duplicate source rpm- getcwd-absolute.patch: make getcwd(3) fail if it cannot obtain an absolute path (CVE-2018-1000001, bsc#1074293, BZ #22679)- dl-init-paths-overflow.patch: Count components of the expanded path in _dl_init_path (CVE-2017-1000408, CVE-2017-1000409, bsc#1071319, BZ [#22607], BZ #22627) - fillin-rpath-empty-tokens.patch: Check for empty tokens before dynamic string token expansion (CVE-2017-16997, bsc#1073231, BZ #22625)- tst-tlsopt-powerpc.patch: fix tst-tlsopt-powerpc (bcn#1070419) - powerpc-hwcap-bits.patch: Update HWCAP for powerpc (bnc#1070420) - malloc-tcache-check-overflow.patch: Fix integer overflow in malloc when tcache is enabled (CVE-2017-17426, bnc#1071479, BZ #22375)- Add _multibuild- glob64-s390.patch: no compat glob64 on s390 - noversion.tar.bz2: remove unused source- x86-64-dl-platform.patch: Don't set GLRO(dl_platform) to NULL (BZ #22299)- spawni-assert.patch: Fix improper assert in Linux posix_spawn (BZ [#22273])- math-c++-compat.patch: Add more C++ compatibility (BZ #22296) - malloc-tcache-leak.patch: Fix tcache leak after thread destruction (BZ [#22111]) - falkor-memcpy-memmove.patch: Optimized implementation of memcpy/memmove for Qualcomm Falkor - aarch64-cpu-features.patch: Fix glibc.tune.cpu tunable handling - nss-files-large-buffers.patch: Avoid large buffers with many host addresses (BZ #22078) - sysconf-uio-maxiov.patch: Fix missing definition of UIO_MAXIOV (BZ [#22321]) - glob-tilde-overflow.patch: Fix buffer overflows with GLOB_TILDE (CVE-2017-15670, CVE-2017-15671, CVE-2017-15804, bsc#1064569. bsc#1064580, bsc#1064583, BZ #22320, BZ #22325, BZ #22332) - dl-runtime-resolve-xsave.patch: Use fxsave/xsave/xsavec in _dl_runtime_resolve (BZ #21265)- nscd-libnsl.patch: Remove reference to libnsl from nscd (bsc#1062244)- Drop glibc-obsolete - glibc-2.3.90-noversion.diff: remove - reinitialize-dl_load_write_lock.patch: remove- nss-compat.patch: Move nss_compat from nis to nss subdir and install it unconditionally - nsswitch.conf: switch back to compat for passwd, group, shadow- assert-pedantic.patch: Suppress pedantic warning caused by statement expression (BZ #21242, BZ #21972) - math-c++-compat.patch: Add more C++ compatibility (BZ #22235) - getaddrinfo-errno.patch: Fix errno and h_errno handling in getaddrinfo (BZ #21915, BZ #21922) - resolv-conf-oom.patch: Fix memory handling in OOM situation during resolv.conf parsing (BZ #22095, BZ #22096) - dynarray-allocation.patch: Fix initial size of dynarray allocation and set errno on overflow error - nearbyint-inexact.patch: Avoid spurious inexact in nearbyint (BZ #22225)- math-c++-compat.patch: add more C++ compatibility (BZ #22146)- Remove rpcsvc/yppasswd.* from glibc-devel - ld-so-hwcap-x86-64.patch: add x86_64 to hwcap (bsc#1056606, BZ #22093)- eh-frame-zero-terminator.patch: Properly terminate .eh_frame (BZ #22051)- Disable obsolete libnsl and NIS support - remove-nss-nis-compat.patch: remove nis and compat from default NSS configs - nsswitch.conf: Likewise- math-c++-compat.patch: Do not use __builtin_types_compatible_p in C++ mode (BZ #21930)- Add iconvconfig to baselibs.conf (bsc#1051042)- resolv-context-leak.patch: Fix leaks of resolver contexts - dl-runtime-resolve-opt-avx512f.patch: Use _dl_runtime_resolve_opt only with AVX512F (BZ #21871) - libpthread-compat-wrappers.patch: Don't use IFUNC resolver for longjmp or system in libpthread (BZ #21041)- Update to glibc 2.26 * A per-thread cache has been added to malloc * Unicode 10.0.0 Support * Improvements to the DNS stub resolver * New function reallocarray, which resizes an allocated block (like realloc) to the product of two sizes, with a guaranteed clean failure upon integer overflow in the multiplication * New wrappers for the Linux-specific system calls preadv2 and pwritev2 * posix_spawnattr_setflags now supports the flag POSIX_SPAWN_SETSID, to create a new session ID for the spawned process * errno.h is now safe to use from C-preprocessed assembly language on all supported operating systems * On ia64, powerpc64le, x86-32, and x86-64, the math library now implements 128-bit floating point as defined by ISO/IEC/IEEE 60559:2011 (IEEE 754-2008) and ISO/IEC TS 18661-3:2015 * The synchronization that pthread_spin_unlock performs has been changed to now be equivalent to a C11 atomic store with release memory order to the spin lock's memory location * The DNS stub resolver no longer performs EDNS fallback * res_mkquery and res_nmkquery no longer support the IQUERY opcode * The _res_opcodes variable has been removed from libresolv * no longer includes inline versions of any string functions, as this kind of optimization is better done by the compiler * The nonstandard header has been removed * The obsolete header has been removed * The obsolete signal constant SIGUNUSED is no longer defined by * The obsolete function cfree has been removed * The stack_t type no longer has the name struct sigaltstack * The ucontext_t type no longer has the name struct ucontext * On S/390 GNU/Linux, the constants defined by have been synced with the kernel * Linux kernel 3.2 or later is required at runtime, on all architectures supported by that kernel * The DNS stub resolver limits the advertised UDP buffer size to 1200 bytes, to avoid fragmentation-based spoofing attacks (CVE-2017-12132) * LD_LIBRARY_PATH is now ignored in binaries running in privileged AT_SECURE mode to guard against local privilege escalation attacks (CVE-2017-1000366) * Avoid printing a backtrace from the __stack_chk_fail function since it is called on a corrupt stack and a backtrace is unreliable on a corrupt stack (CVE-2010-3192) * A use-after-free vulnerability in clntudp_call in the Sun RPC system has been fixed (CVE-2017-12133) * fate#322258, fate#321513, fate#322453 - fts-symbol-redirect.patch, glibc-resolv-reload.diff, glibc-2.2-sunrpc.diff, i686-memchr-sse.patch, ld-hwcap-mask-suid.patch, ld-library-path-suid.patch, sunrpc-use-after-free.patch, test-math-vector-sincos-aliasing.patch, tunables-bigendian.patch: Removed- Fix RPM group- s390-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (fate#322271)- ld-hwcap-mask-suid.patch: Ignore and remove LD_HWCAP_MASK for AT_SECURE programs (BZ #21209) - ld-library-path-suid.patch: Completely ignore LD_LIBRARY_PATH for AT_SECURE=1 programs (CVE-2017-1000366, bsc#1039357, BZ #21624)- Remove glibc-cpusetsize.diff, no longer useful- fts-symbol-redirect.patch: Fix symbol redirect for fts_set (bsc#1041123, BZ #21289)- test-math-vector-sincos-aliasing.patch: Fix test-math-vector-sincos.h aliasing- add-locales.patch: renamed from glibc-2.3.locales.diff.bz2, drop en_BE locales (bsc#1039502)- Remove glibc-testsuite.patch, no longer relevant- Use multibuild feature - Remove obsolete check-build.sh - glibc.rpmlintrc: remove obsolete entries - Use %tmpfiles_create in nscd postin- i686-memchr-sse.patch: Fix i686 memchr overflow calculation (bsc#1031021, BZ #21182) - sunrpc-use-after-free.patch: Avoid use-after-free read access in clntudp_call (BZ #21115) - Build testsuite with gdb and python-pexpect to enable more tests- tunables-bigendian.patch: Fix getting tunable values on big-endian (BZ [#21109])- Update to glibc 2.25 * The feature test macro __STDC_WANT_LIB_EXT2__, from ISO/IEC TR 24731-2:2010, is supported to enable declarations of functions from that TR. * The feature test macro __STDC_WANT_IEC_60559_BFP_EXT__, from ISO/IEC TS 18661-1:2014, is supported to enable declarations of functions and macros from that TS. * The feature test macro __STDC_WANT_IEC_60559_FUNCS_EXT__, from ISO/IEC TS 18661-4:2015, is supported to enable declarations of functions and macros from that TS. * The nonstandard feature selection macros _REENTRANT and _THREAD_SAFE are now treated as compatibility synonyms for _POSIX_C_SOURCE=199506L. * The inclusion of by is deprecated. * New features from TS 18661-1:2014 are added to libm: the fesetexcept, fetestexceptflag, fegetmode and fesetmode functions, the femode_t type and the FE_DFL_MODE and FE_SNANS_ALWAYS_SIGNAL macros. * Integer width macros from TS 18661-1:2014 are added to : CHAR_WIDTH, SCHAR_WIDTH, UCHAR_WIDTH, SHRT_WIDTH, USHRT_WIDTH, INT_WIDTH, UINT_WIDTH, LONG_WIDTH, ULONG_WIDTH, LLONG_WIDTH, ULLONG_WIDTH; and to : INT8_WIDTH, UINT8_WIDTH, INT16_WIDTH, UINT16_WIDTH, INT32_WIDTH, UINT32_WIDTH, INT64_WIDTH, UINT64_WIDTH, INT_LEAST8_WIDTH, UINT_LEAST8_WIDTH, INT_LEAST16_WIDTH, UINT_LEAST16_WIDTH, INT_LEAST32_WIDTH, UINT_LEAST32_WIDTH, INT_LEAST64_WIDTH, UINT_LEAST64_WIDTH, INT_FAST8_WIDTH, UINT_FAST8_WIDTH, INT_FAST16_WIDTH, UINT_FAST16_WIDTH, INT_FAST32_WIDTH, UINT_FAST32_WIDTH, INT_FAST64_WIDTH, UINT_FAST64_WIDTH, INTPTR_WIDTH, UINTPTR_WIDTH, INTMAX_WIDTH, UINTMAX_WIDTH, PTRDIFF_WIDTH, SIG_ATOMIC_WIDTH, SIZE_WIDTH, WCHAR_WIDTH, WINT_WIDTH. * New features are added from TS 18661-1:2014: - Signaling NaN macros: SNANF, SNAN, SNANL. - Nearest integer functions: roundeven, roundevenf, roundevenl, fromfp, fromfpf, fromfpl, ufromfp, ufromfpf, ufromfpl, fromfpx, fromfpxf, fromfpxl, ufromfpx, ufromfpxf, ufromfpxl. - llogb functions: the llogb, llogbf and llogbl functions, and the FP_LLOGB0 and FP_LLOGBNAN macros. - Max-min magnitude functions: fmaxmag, fmaxmagf, fmaxmagl, fminmag, fminmagf, fminmagl. - Comparison macros: iseqsig. - Classification macros: iscanonical, issubnormal, iszero. - Total order functions: totalorder, totalorderf, totalorderl, totalordermag, totalordermagf, totalordermagl. - Canonicalize functions: canonicalize, canonicalizef, canonicalizel. - NaN functions: getpayload, getpayloadf, getpayloadl, setpayload, setpayloadf, setpayloadl, setpayloadsig, setpayloadsigf, setpayloadsigl. * The functions strfromd, strfromf, and strfroml, from ISO/IEC TS 18661-1:2014, are added to libc. * Most of glibc can now be built with the stack smashing protector enabled. * The function explicit_bzero, from OpenBSD, has been added to libc. * On ColdFire, MicroBlaze, Nios II and SH3, the float_t type is now defined to float instead of double. * On x86_64, when compiling with -mfpmath=387 or -mfpmath=sse+387, the float_t and double_t types are now defined to long double instead of float and double. * The getentropy and getrandom functions, and the header file have been added. * The buffer size for byte-oriented stdio streams is now limited to 8192 bytes by default. * The header now includes the header. * The malloc_get_state and malloc_set_state functions have been removed. * The “ip6-dotint” and “no-ip6-dotint” resolver options, and the corresponding RES_NOIP6DOTINT flag from have been removed. * The "ip6-bytestring" resolver option and the corresponding RES_USEBSTRING flag from have been removed. * The flags RES_AAONLY, RES_PRIMARY, RES_NOCHECKNAME, RES_KEEPTSIG, RES_BLAST defined in the header file have been deprecated. * The "inet6" option in /etc/resolv.conf and the RES_USE_INET6 flag for _res.flags are deprecated. * DNSSEC-related declarations and definitions have been removed from the header file, and libresolv will no longer attempt to decode the data part of DNSSEC record types. * The resource record type classification macros ns_t_qt_p, ns_t_mrr_p, ns_t_rr_p, ns_t_udp_p, ns_t_xfr_p have been removed from the header file because the distinction between RR types and meta-RR types is not officially standardized, subject to revision, and thus not suitable for encoding in a macro. * The types res_sendhookact, res_send_qhook, re_send_rhook, and the qhook and rhook members of the res_state type in have been removed. * For multi-arch support it is recommended to use a GCC which has been built with support for GNU indirect functions. * GDB pretty printers have been added for mutex and condition variable structures in POSIX Threads. * Tunables feature added to allow tweaking of the runtime for an application program. * A new version of condition variables functions have been implemented in the NPTL implementation of POSIX Threads to provide stronger ordering guarantees. * A new version of pthread_rwlock functions have been implemented to use a more scalable algorithm primarily through not using a critical section anymore to make state changes. * On ARM EABI (32-bit), generating a backtrace for execution contexts which have been created with makecontext could fail to terminate due to a missing .cantunwind annotation. (CVE-2016-6323) * The DNS stub resolver functions would crash due to a NULL pointer dereference when processing a query with a valid DNS question type which was used internally in the implementation. (CVE-2015-5180) - Enable stack protector if part of %optflags - startcontext-cantunwind.patch: Removed - cpuid-assertion.patch: Removed- cpuid-assertion.patch: Don't assert on older Intel CPUs (BZ #20647)- glibc-2.3.3-nscd-db-path.diff: Move persistent nscd databases to /var/lib/nscd - glibc-2.3.90-langpackdir.diff: simplify- Update to glibc 2.24 * The minimum Linux kernel version that this version of the GNU C Library can be used with is 3.2 * The pap_AN locale has been deleted * The readdir_r and readdir64_r functions have been deprecated * The type `union wait' has been removed * A new NSS action is added to facilitate large distributed system administration * The deprecated __malloc_initialize_hook variable has been removed from the API * The long unused localedef --old-style option has been removed * nextupl, nextup, nextupf, nextdownl, nextdown and nextdownf are added to libm * An unnecessary stack copy in _nss_dns_getnetbyname_r was removed (CVE-2016-3075) * Previously, getaddrinfo copied large amounts of address data to the stack, even after the fix for CVE-2013-4458 has been applied, potentially resulting in a stack overflow. getaddrinfo now uses a heap allocation instead (CVE-2016-3706) * The glob function suffered from a stack-based buffer overflow when it was called with the GLOB_ALTDIRFUNC flag and encountered a long file name (CVE-2016-1234) * The Sun RPC UDP client could exhaust all available stack space when flooded with crafted ICMP and UDP messages (CVE-2016-4429) * The IPv6 name server management code in libresolv could result in a memory leak for each thread which is created, performs a failing naming lookup, and exits (CVE-2016-5417) - startcontext-cantunwind.patch: mark __startcontext as .cantunwind (bsc#974800, BZ #20435) - Removed patches: * 0001-Updated-translations-for-2.23.patch * 0002-Regenerate-libc.pot-for-2.23.patch * 0003-Regenerated-configure-scripts.patch * 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch * 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch * 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch * 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch * 0008-Update-NEWS.patch * 0009-sln-use-stat64.patch * 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch * 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch * 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch * 0013-Mention-BZ-19762-in-NEWS.patch * 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch * 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch * 0016-Fix-resource-leak-in-resolver-bug-19257.patch * 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch * 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch * 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch * 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch * 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch * 0022-configure-fix-test-usage.patch * 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch * 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch * 0025-getnameinfo-Do-not-preserve-errno.patch * 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch * 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch * 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch * 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch * 0030-hesiod-Remove-RCS-keywords.patch * 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch * 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch * 0033-malloc-Remove-NO_THREADS.patch * 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch * 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch * 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch * 0037-malloc-Add-missing-internal_function-attributes-on-f.patch * 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch * 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch * 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch * 0041-nss_dns-Check-address-length-before-creating-addrinf.patch * 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch * 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch * 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch * 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch * 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch * 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch * 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch * 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch * 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch * 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch * 0052-Fix-tst-dlsym-error-build.patch * 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch * 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch * 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch * 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch * clntudp-call-alloca.patch * glibc-memset-nontemporal.diff * nis-initgroups-status.patch * nscd-gc-crash.patch * robust-mutex-deadlock.patch * strncat-avoid-array-bounds-warning.patch- strncat-avoid-array-bounds-warning.patch: Avoid array-bounds warning for stncat on i586 (BZ #20260) - Update glibc.keyring - Unset MALLOC_CHECK_ during testsuite run- nsswitch.conf: Add fallback to files for passwd and group to prepare for libnsl removal.- nis-initgroups-status.patch: Return proper status from _nss_nis_initgroups_dyn (bsc#984269, BZ #20262) - robust-mutex-deadlock.patch: Fix generic __lll_robust_timedlock_wait to check for timeout (bsc#985170, BZ #20263)- nscd-gc-crash.patch: Fix nscd assertion failure in gc (bsc#965699, BZ [#19755])- clntudp-call-alloca.patch: do not use alloca in clntudp_call (CVE-2016-4429, bsc#980854, BZ #20112)- Import patches from 2.23 branch 0001-Updated-translations-for-2.23.patch 0002-Regenerate-libc.pot-for-2.23.patch 0003-Regenerated-configure-scripts.patch 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch 0008-Update-NEWS.patch 0009-sln-use-stat64.patch 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch 0013-Mention-BZ-19762-in-NEWS.patch 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch 0016-Fix-resource-leak-in-resolver-bug-19257.patch 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch 0022-configure-fix-test-usage.patch 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch 0025-getnameinfo-Do-not-preserve-errno.patch 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch 0030-hesiod-Remove-RCS-keywords.patch 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch 0033-malloc-Remove-NO_THREADS.patch 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch 0037-malloc-Add-missing-internal_function-attributes-on-f.patch 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch 0041-nss_dns-Check-address-length-before-creating-addrinf.patch 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch 0052-Fix-tst-dlsym-error-build.patch 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch - CVE-2016-3075 CVE-2016-1234 CVE-2016-3706 bsc#973164 bsc#969727 - resolv-mem-leak.patch: renamed to 0016-Fix-resource-leak-in-resolver-bug-19257.patch - no-long-double.patch: renamed to 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch - glibc-gcc6.patch: renamed to 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch- glibc-c-utf8-locale.patch: fix bad standard in LC_IDENTIFICATION categories - glibc-2.3.locales.diff.bz2: likewise- glibc-gcc6.patch: Suppress GCC 6 warning about ambiguous 'else' with - Wparentheses- Add compatibility symlinks for LSB 3.0 (fate#318933)- powerpc-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (bsc#967594, fate#318236)- ldd-system-interp.patch: Restore warning about execution permission, it is still needed for noexec mounts (bsc#915985)- Add C.UTF-8 locale (see https://sourceware.org/glibc/wiki/Proposals/C.UTF-8) and rh#902094 . Added with glibc-c-utf8-locale.patch. - Add glibc-disable-gettext-for-c-utf8.patch to disable gettext for C.UTF-8 same as C locale.- Move %install_info_delete to %preun - crypt_blowfish-1.3.tar.gz.sign: Remove, the sign key is no longer acceptable- no-long-double.patch: Don't use long double functions if NO_LONG_DOUBLE- Update to glibc 2.23 release. * Unicode 8.0.0 Support * sched_setaffinity, pthread_setaffinity_np no longer attempt to guess the kernel-internal CPU set size * The fts.h header can now be used with -D_FILE_OFFSET_BITS=64 * getaddrinfo now detects certain invalid responses on an internal netlink socket * A defect in the malloc implementation, present since glibc 2.15 (2012) or glibc 2.10 via --enable-experimental-malloc (2009), could result in the unnecessary serialization of memory allocation requests across threads * The obsolete header has been removed * The obsolete functions bdflush, create_module, get_kernel_syms, query_module and uselib are no longer available to newly linked binaries * Optimized string, wcsmbs and memory functions for IBM z13. * Newly linked programs that define a variable called signgam will no longer have it set by the lgamma, lgammaf and lgammal functions - Removed patches: * dont-remove-nodelete-flag.patch * openat64-readd-o-largefile.patch * mntent-blank-line.patch * opendir-o-directory-check.patch * strcoll-remove-strdiff-opt.patch * ld-pointer-guard.patch * tls-dtor-list-mangling.patch * powerpc-lock-elision-race.patch * prelink-elf-rtype-class.patch * vector-finite-math-aliases.patch * powerpc-elision-adapt-param.patch * catopen-unbound-alloca.patch * strftime-range-check.patch * hcreate-overflow-check.patch * errorcheck-mutex-no-elision.patch * refactor-nan-parsing.patch * send-dg-buffer-overflow.patch * isinf-cxx11-conflict.patch * ibm93x-redundant-shift-si.patch * iconv-reset-input-buffer.patch * tzset-tzname.patch * static-dlopen.patch- isinf-cxx11-conflict.patch: Fix isinf/isnan declaration conflict with C++11 (bsc#963700, BZ #19439)- tls-dtor-list-mangling.patch: Harden tls_dtor_list with pointer mangling (BZ #19018) - prelink-elf-rtype-class.patch: Keep only ELF_RTYPE_CLASS_{PLT|COPY} bits for prelink (BZ #19178) - vector-finite-math-aliases.patch: Better workaround for aliases of * _finite symbols in vector math library (BZ# 19058) - powerpc-elision-adapt-param.patch: powerpc: Fix usage of elision transient failure adapt param (BZ #19174) - catopen-unbound-alloca.patch: Fix unbound alloca in catopen (CVE-2015-8779, bsc#962739, BZ #17905) - strftime-range-check.patch: Add range check on time fields (CVE-2015-8776, bsc#962736, BZ #18985) - hcreate-overflow-check.patch: Handle overflow in hcreate (CVE-2015-8778, bsc#962737, BZ #18240) - errorcheck-mutex-no-elision.patch: Don't do lock elision on an error checking mutex (bsc#956716, BZ #17514) - refactor-nan-parsing.patch: Refactor strtod parsing of NaN payloads (CVE-2014-9761, bsc#962738, BZ #16962) - send-dg-buffer-overflow.patch: Fix getaddrinfo stack-based buffer overflow (CVE-2015-7547, bsc#961721, BZ #18665) - powerpc-lock-elision-race.patch: renamed from 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- Add audit-devel and libcap-devel to BuildRequires, for use by nscd- reinitialize-dl_load_write_lock.patch: Reinitialize dl_load_write_lock on fork (bsc#958315, BZ #19282)- resolv-mem-leak.patch: Fix resource leak in resolver (bsc#955647, BZ #19257) - tzset-tzname.patch: Force rereading TZDEFRULES after it was used to set DST rules only (BZ #19253)- glibc-2.3.90-noversion.diff: use stat64- ld-pointer-guard.patch: Always enable pointer guard (CVE-2015-8777, bsc#950944, BZ #18928)- strcoll-remove-strdiff-opt.patch: Remove incorrect STRDIFF-based optimization (BZ #18589)- iconv-reset-input-buffer.patch: Fix iconv buffer handling with IGNORE error handler (BZ #18830)- new patch [BZ #18743] PowerPC: Fix a race condition when eliding a lock 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- nss-files-long-lines-2.patch: Properly reread entry after failure in nss_files getent function (bsc#945779, BZ #18991)- fnmatch-collating-elements.patch: Fix fnmatch handling of collating elements (BZ #17396, BZ #16976)- opendir-o-directory-check.patch: Fix opendir inverted o_directory_works test - static-dlopen.patch: Static dlopen default library search path fix (bsc#937853)- mntent-blank-line.patch: Fix memory corruption w/blank lines- dont-remove-nodelete-flag.patch: Don't remove DF_1_NODELETE flag from all loaded objects on failed dlopen - openat64-readd-o-largefile.patch: Readd O_LARGEFILE flag for openat64- Update to glibc 2.22 release. * Cache information can be queried via sysconf() function on s390 * A buffer overflow in gethostbyname_r and related functions performing DNS requests has been fixed. (CVE-2015-1781) * The time zone file parser has been made more robust against crafted time zone files * A powerpc and powerpc64 optimization for TLS, similar to TLS descriptors for LD and GD on x86 and x86-64, has been implemented. * Character encoding and ctype tables were updated to Unicode 7.0.0 * Added vector math library named libmvec * A new fmemopen implementation has been added with the goal of POSIX compliance. * The header is deprecated, and will be removed in a future release. * bsc#905313 bsc#920338 bsc#927080 bsc#928723 bsc#931480 bsc#939211 bsc#940195 bsc#940332 bsc#944494 bsc#968787 - Patches from upstream removed * htm-tabort.patch * o-tmpfile.patch * memcpy-chk-non-SSE2.patch * pthread-mutexattr-gettype-kind.patch * powerpc-software-sqrt.patch * static-tls-dtv-limit.patch * threaded-trim-threshold.patch * resolv-nameserver-handling.patch * nss-separate-state-getXXent.patch * aarch64-sigstksz.patch * heap-top-corruption.patch * pthread-join-deadlock.patch- pthread-join-deadlock.patch: Use IE model for static variables in libc.so, libpthread.so and rtld (bsc#930015, BZ #18457)- glibc-nodate.patch: fix verification of timestamp- also filter out -fstack-protector-strong- getaddrinfo-ipv6-sanity.diff: Remove. It breaks services that start before IPv6 is up (bsc#931399) - glibc-2.3.locales.diff.bz2: Remove sh_YU locales, fix currency for en_BE.- Add /usr/include/gnu/lib-names-.*.h to baselibs - pthread-join-deadlock.patch: Don't require rtld lock to store static TLS offset in the DTV (bsc#930015, BZ #18457) - heap-top-corruption.patch: Do not corrupt the top of a threaded heap if top chunk is MINSIZE (BZ #18502)- threaded-trim-threshold.patch: Fix regression in threaded application malloc performance (bsc#915955, BZ #17195)- aarch64-sigstksz.patch: Increase MINSIGSTKSZ and SIGSTKSZ (BZ #16850)- powerpc-software-sqrt.patch: Fix powerpc software sqrt (BZ #17964, BZ [#17967]) - nss-separate-state-getXXent.patch: Separate internal state between getXXent and getXXbyYY NSS calls (CVE-2014-8121, bsc#918187, BZ #18007) - static-tls-dtv-limit.patch: Fix DTV race, assert, DTV_SURPLUS Static TLS limit, and nptl_db garbage (bsc#919678, BZ #17090, BZ #17620, BZ #17621, BZ #17628)- resolv-nameserver-handling.patch: Replace with simpler version with more compatibility- memcpy-chk-non-SSE2.patch: Fix __memcpy_chk on non-SSE2 CPUs (bsc#920084)- resolv-nameserver-handling.patch: Rewrite handling of nameserver configuration in resolver- htm-tabort.patch: Fix TABORT encoding for little endian- Update to glibc 2.21 release. * A new semaphore algorithm has been implemented in generic C code for all machines * Added support for TSX lock elision of pthread mutexes on powerpc32, powerpc64 and powerpc64le * Optimized strcpy, stpcpy, strchrnul and strrchr implementations for AArch64 * i386 memcpy functions optimized with SSE2 unaligned load/store * New locales: tu_IN, bh_IN, raj_IN, ce_RU * The obsolete sigvec function has been removed * CVE-2015-1472 CVE-2015-1473 CVE-2012-3406 CVE-2014-9402 CVE-2014-7817 bsc#864081 bsc#906371 bsc#909053 bsc#910599 bsc#916222 - Patches from upstream removed * ifunc-x86-slow-sse4.patch * pthread-mutex-trylock-elision.patch - o-tmpfile.patch: Fix value of O_TMPFILE for architectures with non-default O_DIRECTORY (BZ #17912)- Update to crypt_blowfish 1.3. * Add support for the $2b$ prefix. - ifunc-x86-slow-sse4.patch: Fix misdetected Slow_SSE4_2 cpu feature bit (BZ #17501)/bin/sh/bin/sh/bin/sh/bin/shunscdsheep17 1632243768 2.31-9.3.22.31-9.3.22.31-9.3.2 0.48nscd.confnscdnscd.pidsocketnscd.servicetmpfiles.dnscd.confnscdrcnscdnscdgrouphostsnetgrouppasswdservices/etc//run//run/nscd//usr/lib/systemd/system//usr/lib//usr/lib/tmpfiles.d//usr/sbin//var/lib//var/lib/nscd/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:21234/SUSE_SLE-15-SP3_Update/0a8d5ab0cebd98ac673029614cff39f6-glibc.SUSE_SLE-15-SP3_Updatecpioxz5x86_64-suse-linux ASCII textdirectorycannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.3.2.x86_64/run/nscd/nscd.pid' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.3.2.x86_64/run/nscd/socket' (No such file or directory)ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=0455c7f2b6c4d50e1960befdcbf98ead8f422bfe, for GNU/Linux 3.2.0, strippedcannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.3.2.x86_64/var/lib/nscd/group' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.3.2.x86_64/var/lib/nscd/hosts' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.3.2.x86_64/var/lib/nscd/netgroup' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.3.2.x86_64/var/lib/nscd/passwd' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-9.3.2.x86_64/var/lib/nscd/services' (No such file or directory)RRRR RR RR RR RRRR RRRRRa3YnFB$utf-819301f18f96f88b63a539a59755137e40554eb27e27597c8b622f868d8ff654a?p7zXZ !t/a] crv(vX0^FFfʙ SI,@)˦}P5DYP _"s2L#:bm=~ +Pr8"gTY[u{ԄmrH%Q, TVaV U2yJ›0H 583[3p[[c{ 2E'PRX9DEƤ[KLDs nOnWX9M[3`CT+yg\d9K|@'l&/(VPR",ċ?Ңy)Ä]/*YxyvFt쩎Z"^%CdΉsgJeD=%鴞+M>psNnSۼ!ԺiV0p^QR9LTf$ct-AjIJ4-W-@%&(}PzCpX\4p#uK~ݶJz[f@.W7 YoRZl`mT&ؿ>q^B e `L#{p!ʋ5dӨdʝcgLόw#$v|,/\so:H.!EZ9%h7%D*\H{bga}¬H!<2.n~%QQH{Qcr=p/=8 u7`EU:_3b"].4`q-NA"df-(galelLUh頰ģ$Y*)@I8ad(8n@^_L.w1৥Q vNlEUdl]2|%t\vfu?~wrO"ˍfb+_Jja?Vo.w23?k!.fxil)exOkÃH8-j6~@Es{(#Il6$mHd"ɉj&۹V1POXaa\`ݔKeԱʴ1y=D*^!Q#·^E;gh˯H oJpݹI,QlԬhHNG#Ktx11")|hUbN&Zݣ3o{OH/at\R3^t _KTj ,ǥҩýs)Sg&*"V=ŰvVDZ݉DVRZ{BUE*xQ2Iz d,򛑎s1[jtxLj(jמ~N%!\#sn ;rϓ7.r? Bv/t"ʽSm:bC.?dPː#m8խתݹE2>/ 7lSL #笆װ1/p{s>`h] S+CU@Eo08GT>:@I]-["8_(-6@-X~Ȗk&|$H캸y89RyƚYZ-x`xY6}h*v8; =$&*$6fhMǫݷ!)뾉Rh4653 isG Poe͝]6Qh `"=w'xfF*q?FbG_ kJ~m̮j'ꁸg 7eS A6W w񪻻ťXSPc$.(P>`]M,OqFBnS;tGmɮjTܾ5e5Ih/~r +ׯBXoN0J%rL(jX6TZN!vg*x#)!qLL9]OifNph[Ql.Oi*zV]Xm+OAC㴏5ȓdilEZl -c%{wًFLa/r15? BNN[m%Is-{)1-ݔKse(aж.[H&3?1>&0R6e ɩ;{BBXx٘msq4 [Yc[p@#2J\bCV)6@1QnTAN\Xi4\?d_c}]Ktk忑t/F RY&M>}siQh' {CZo1R֪s+3w%өbRLxV0C LZdph=p(G4p qb've-/ Wq1}Y: LZcf5.MQ yr:}AϚF[Ex2*K!B]"~ȭw.9[y,NVXWV~')Hӗ]^65uAqt v3՜WP*ׂͯ7dYZք9B~ ;~kFQ2ţj%ģ܏@wV UUɗ,yULA0?X Iƙ%(R$m^q_M)!OcGuvñQr+<* z@c*"?t-L}H{/Α֋I6;qv8nDZ8qfn4AW@RNV8Ȗkh'NFuɕ[Yh%(j\dv*3pFdM]^89<įWS~ X- gTWH)Ld)]V7=xg]ltY2btWyCJ^ b/TRKh[:po_]p:9Y0t(% : f||B =l":iZifc!cfy~9PW'*_m1s{qtYD+;U1s߮~>)fSuX,a#8p"Ġ\ML&J6YT5ҘMv6>*OqU_g=8I ]w$#\$[)AoД[y}|\S>(P[³j?Yp@1)^G6DŽʪ@>ְ^.s*~4#% Z,G t7TVtסXs}<٦Oy-b h^к@ vlIEKQ ?0$ ʆ4Y]7']%G_ǜ "i+e#TaIM)qBއ:mGu,.GW Գl \cRc̖nImfOxHi2JWDt%U-.H3Sb:=zQƍouahUMQ튖Bf){"lEO?6)^ܲ_4^KiěhhQ<Z2/imQ;Thoi;=}:WuTO/2Q9GgwuU_:&6:58U$?n_7뙒  F \K,:?}->bT͓gI*>rps0ɳī"x{6N[K_V>7-i"^a1z6*&m揘i^Cw[7vU?;TD2X88sa\M%ƜV?u^iE/BX+>< CJ옺WIha-LV˼)R+ @ u/}+[dԑ@۬ޅP.JMx5IEpF/ee}3ȝkU{cr$qՀQ !)xIh7R B 7[\ dM #m[ZD ۱@5[90# u6Gua"dɆ8-Kzd"SGGL[O8B:S  &oGfŒ,E ځx ׍g XSXXc J7O4|]/vP 輖`KrWL"F<811RYvt"dF1ŞX'[kr=Ro 4W!jXsbF;ܿX[Ԝ7^]vs*JOgdخ>dQZC.]HJ pG drŊTc!"&V2vFP1mzO9G0Ì8 SV*sлќ U;qh )s}ۿ+*X{ 0ld +̗$. 9Y[(e?V$I 7 W"~[Vow_4mq㭖y[H l7d6h ?RoRu[2ʓFBaן 㯻 #xCPՙ 25K 4`0Qts.zno0R ˆdO^+F|* e+g}/wSZUTOu۹2\0ȥC݁o;iGClo8؎nx@S\oęn|`WY֒^AAx(aĖ, 8$Ŗ,-džWC8$Q$kq&_^2omRO6J&@yko(fMޔPtc{Tޫ,t4$nF ZC1L|'V|% 1E_-LQj=;GrNך5Ȅu[>xͱtFf$W}NIOXA| u*/ '^G`e`PW> J1=C'y* )OcG3;`@}=7Js.bk2#o`lh`1(C~ 1}nnw.C̳4]n- &u?5P J~z0y3 mpb eC@Bˁ^S0sb)o$% B];us' \Fk:aTfyZ6Ͼ,!]Y#q^.nAӆ20`GFVz< JP}:nbT|*-ŝQ5D3ce_Tfj7r0v#4Ϭ<->Q3f:>jH#}3g?hr #@q-2Jp9Ceǫoњ*K>K7#}EVkt6lfg%h'[FzLG\!\*bGѸ5@m-"޲;V zm3X5p Q8IU:Fd'{^ycqr,=]X:24~wenM=#tZXZ>γB` 'iF{r91s$^+sԁ`J%sb&lgAT;|$I%PWO!Lߋܼe]JL.&מY7|2F6W38o =qq gzWU'̫ϫw b.@nr䃧t|b"γN ;8^IRG)f3ҕ,Udv`uV:^Ŵb-Ⱥg},UV&j_}ij]s;>]{LP$~\N߱laI+O8cWc׏ԱP<ͤ"S8xq1cFS6#Dl/P/!Du^%76re"<܅%ms-%7{nm5=vI*<8FU.e$9I_/i@xd"J?Ho]͘oRp0ߦh`QtLRh=9n~Dr ,/5ch/OmZh4WarbqApťGy!qPQ9Av@E|)ӷp5PlC:aR$^y,S%NIú׃ 7yFS7L1^{$s&/Ԕ_Xp.d Ԓ)i֜\,UXrV%"cM"ͧ dy9Hx֧Ӟpۃ˅Op^6 a yˡynT@ɰEc\j vSq9ޥ#}ԟ^ݱPߚ0Ik v9 eHpؐ< ͆K#JL(YЛ/WOjdyq;,3ִ-8zyH%HRoxI﵇qXrB X4 L&X<(25"PbbCpr&]EeEGF!# J2fPENRfV (1=/OD]GP~YX~U~/NՎ MnW52+.HE"2/bSGET;$4쭥Ӗi05&u*Jb,J(k.4N=dtn;E;ZN)`>D\9W\Jy W6m?WY5 r{x m )r۾Iih#+с \w>8C Yv@"~=~~^_QcٰS7΃lte9J/Ƶ=N]зE!S+0by,&."::dz@2eY(Ž5jx[ku^Fc44$"q=VtykV~-JdzkI X**%uX3[}_#athnH ]kR06hTE^cPt ``8&Ak~fIF{iz(-mLSڷP8;jn)V`!ET8|6",/cQfNDAG"S,Y8}A?@M8'ppa]zԡ]WJ^aӫ!o[岖 -)3MPWBt7 T=g@YbBomFfv05m=Bg#E 8JB˴tuH>rz¸8Ǣ463OZ~-ӅF:Vt+23׍Qh`:ꉆQrq7WdűYai\ba'0j@JlmA '1?G Y{`W,d%Q3X.tH26s"BE82rѼ 8MJՄߋ俐uM0eCr.3I }cmb;3AE@9P mG ]LA Į#(pepԨA}'w|{8hfM)a~:thMOH(Anz̏G68[NBb!ŖjfOUv8iI9@B,4* %HY9KG~XkgOA>rr[Lba;jL:] =J7[B9KgfDQt: Q&]w1fu% *|E$K r#AS臼4 JLxgjo /VxPNeNvkԑRlb't3o,6!Ȃg3~A$Yq TYj3sWcQjiޢ1*ˊp։O$ܗ#ۡ:bR&`񨫼.oލQ9PU]0Lxp=tw|%^<$ ,8n((jl¬N^pԯ`G)5[X< ޾Ѭy@Lb6àc:;c0w#]HbS MckywˍʆO o*ެGwHe<ăƒ+ .7~a:O.Aᚋ-@F1.3k@&.r+z91cK!{rfQ$Xc_0 4~|hOw?8q^[LWoβfȀ8@x?:pǶLje+>u{@p !zZEBF3[bL) K`Qw6vlNn"}/>(D|K^r ? C~48cѺ^4ߝ<^X9:lԦۯ0-V0. -{ UK9̀/ zx]KН yioAћ\>VmVHro3r{J2Hؾ!@VLΑ2e^kdoT ^Vُ0zbHQZ2x=?€6Wjp*N 3^?"ׄaiYFaWdKJZ .R* kBPv[Pؚl` 8e'„k; J^ P?xN^`ˎ>: q /C)j0P %_Lt>F#>aS Q}ѫ9-Vƌ((O'vYC݌ximǝLB0 [e(8%+$vӊZ3! ger %߉1K".u0 &^L$tЈA&a9xPQzNZS?t W->ŵ"N[G X$NWӶ#8(~4|a'KȗiJTr@svTq#mF$£Q).k8MWl'92Pqժc~gJc**r˗ p?~ kUk>OFɞa8(l 3Gׅ] Ԩ3p]ŁK ) L6r?t`q7Yx^o A iCN~~¯z`Εd": 5ta앀E)>3P3Qx</%ClɕhM_Z(팠)! ކT!rWWuc ݥE+pdv\_@7>-LG{" $-|QyP ^1 }`KgA09ƋbiD9\W7|=?ӗo6B;i|L^DʵڦYqKKN}fpW Git bPEVIxb?xHz $߁jiV+Ͷd=/1nw奮Dx<8IWk֒!U)z"5k$p̟7R.cX6|@z68rV9mR}?iq;#fZaչpQ\~X~/c/G:-8s17SBܸ NeM2呷^Uw|l T94bm8_'ڕ:KR[cer<q>qe&=>{P0p%-+FeP2-.HhUMȌ'hUI"zD @Xq64 qX:"x݀.8:m败.T 1Kٛk `LEk1)8 _5O븣@ݪ!J`DL >\\׶imڍi|ɐz>{|LkfY|DO"sIn` Xc7 x =sE~ڇc<Rmf0;Zې"<(o0@'#6Wۋ"g kVM]P>.d* \60\$kC;>YSsh= z}[xbg͆ټW _lI4BwJLn@HpKw0gesI\[.l=2ŏQg@ʾ9(DiZ'簔|=㖁y<-]2Žʗ`!"^ bxyz(Ph.07/Kj 胱o LZPJ-#fz_$(\T0-0`g1́(7 ѓ=wpn͒f\;=KQpeak=Q'M3x.ݵ0%COk"H6-:.NkF_xu6dS<5kyu# reW7d eC?-INLd o3}Y"rnեžnЂ/ 0XYُ[0f+ z#xmV`4 T:9f5qlXtsnY|-+ù`ӑ}q.5C<'l821a\T nxl'$R },ʔ"P/eV6xImޅbH\g*~ VGETՎYIzO@ ( !k]hj!yP }j{ssiV9լ:) rN}Dƺ  lfC&8@T;ebC{BH_'H+%@7W62QTtOQ@5,dë6z J|JբS.(U{E NC"0c|DV3P $P u1R&1j(gkEL,~ "u'f SΟ,˼,Hv*vqIduy-tjjE9aVxR l.또m͏h %l2k}{*2fȜE9P̻4PoaYyZ@c2vL J+SП@#:Ya{JuʺH)$;%*It}y /ET^;yKGPD+lB9aS󿬴g3˜!tM%M;$QZUL@<=&š܈g>Ns\@{bIc8uY8x'Hz/Q@ӣ@˝gJn&R Q[ 8| v@J%^َg/3 ghZ4"\D9$##ϸV5toNH\_cU%w{*~O)̘N'OoNZq Z.oO+דnz:XoVf_Wfؐi")?0 /[^L5.궊ba-3&|0cбT*CHܢu\n<5xrx]1CJ)!,)lEG7 YXq0聝dC󛦈,1tT/զ$R4"UCJ9/%_ٙOi>U۾<)wXpĜNm+Wf:lܝ.˯4 LrFˍNοde*R%>dy?--:xzS!{viŊiV2d$I_P[%~cѧ"zmn@oa}*[#I^C 8T̳~eޑu7p|? [OL 7㳿Vihe=Wh;-4"@f_i8  )c@:HR"&:ˎb!֠gxG c̐N.c62jT4*Q W||F[-&"Fb, 7Yl-hE-Vpϟ'L8a`١Dbf=^tYZ'|{j(KhNZlRx6/#1j+cdW1?}4? M[|SQp޽FIlIw|8|;R;H [+`\n0dۢRֵ-#;g}S*EyOCNQ\@V*7qds8xmDt#! Z6Cw>)Sy| U?"Ǩ gQZPϊ̸ Zb>m,HlA'o'{)`0 =_]lI]ekᯋIRaXNF}˅[]'̄[UE=xxԭ.M)hJ^ STEt YD&Q0QW}kVFipʩ(r ۛ8Ƈ fM8c&PsI-lQrW ]+2 S +q [GAgGUޡQKU֞m.I"_#W ?h\) %Oψhsv\&j*8)'{թ2nw\&nqx݋7{ ln9 92gX&:b%Yw"N>R @scZB[Bwgk*Zո[cH(("6e8^P3.U S_n;P~5V$e~Ժ0Tw7N-4¸>nu9[P Q)>0@V#7jzZ8&T+C' 3/Z.'쵔G)ҝ0&*Wښrbf VB7S=yz$M˃ 5d'62Pޱ# rƋ?s' 5xԔmmqX U 0LIܮ$E(+̉"&2\?G7$vL@uFP,31ꉽG镲8:l*#8SxTܼV:V%饎-q|4u\$l66eϱ,Lo/lmQd .o2$W ,9VLճruT&r+P^B5˦hXap{lL{+,nuc/, ԍl؁I!˨8Hm?c qPr8đH+Rb:ġI[. >"ӡx/٪'r"` ȷ 7]cy{X:">v~sl$W/{ fBQoHV)K,SvӴ$m3'5{/KHKdg[&R9eۗAG Y ӳHW,>0Y )wZtzs:@%lABrgOi⇥ jI {L>p^\L"82m-|V^WjKF]/$*%C\c u4ȍk|,4wԲ?2_=(5d[U~ihO߃F+Z_uv`u}"^qDoiQVVdxwQN81V~M fm XFeEړcSt}S~Pڔմ;Wtޖ4HgbvϋsUwT.X//ސ#DHfbOȇjFlx1#%]`МSKff2t?6|%򓺾ο|lw';- R:'j@NJɉ7#'΋ŬVx`d Rs߷#t"GSBUp=_sww_J!k {:!@߮~>;Bce[ 6HJVmͼ rcXyC  Oyߊ9]5\>5<,L/,6,\(RBtӢO&y.drfFc\A= 5sE;RqͶd0*FjT9YdⓗVT,L Y̧/V>fefԋH[pDF5AC0>A̩ᇏC3bFäWϟ.;tFO3%LG//6C7bH0_1d{/Ӟos |ea U2A =Φ$")_TPF :x ʚ6^;l YROz1 JyX.6x>6 2d$pTh:]X |Sп0uxw},H.NyF}߰Te8##*$v >'m͎.ob v2k>ՖRmm:eׄMXvD)Hma/˺Dv飘s&f wXյn'Y4NIǨP-P1P.X;Tw+0<o%\Fg"*mML߉AΚ]Ē5$ew}b/iك5T[M=G@?SPi7]zq)#f{bKS~hK Nn%UK!Mys=#DvsE$aJ撆xwi{NY.MҠ`柳\8Gu֚"({%7aKqxPO2.];Jz*pǷn':7:Ќk:Fqzlg Q{)izCv.rN #}f1/ع>| N}ݤřo;-[]ٔya:;~PptE eV AW΢Gh}NTRE~\\@7lN/@;4rG8׀_4̡81EEvb\%T f'QVط\(Y P7>f0&do~[wCW)<Ѥ I0DM7i{o+"v#?N.6ýoguU CL&H8OǑm`f3,E] ԑeZl)n.Gn&cI֤t]*_ܬ$EPZw`*2Hd䌿ѹ>D:F6 {[@ gdn5 .u 3 "r ImqQ!!oByrǼwbҕA'"BjNE42wgPR"Fg)-Hipb]\{8(&so N; D*=e~H~LjGmG-{ xYÏԂoAں&;Enp4'GL_;wA!BeZĚqD4 Xku KK6\M uSn"DWɕ Lp2aΩ[ `6f𲋃h]bc,̶Y- 7O " >OFz[!ߐ/my1G; Ǒ ( nkCKXlX%Wj Äȅ <8=N ,>=DPG0H X䯹?`,!Adl?Wk۳L?=TViK!eZ(_]ZSɣ xG͌Gaigv >YFӶYp ''iL0 c6V7F mh>ϯߒkP-[l=sf_/VIa:oQ툊>݆wSuxbÖ61 f[A?iu2ʝ;@&v:J [JjZNysLzP+śu3Pe9k"iσNzO(Te8ln>;{ՏQ@ c*5˜2O8O0n~K]tJ9q(Vo 4`pA >XlKJbT PHUqҔɴǡ:u0%b)B[vSFT]^tP2Mp~喘ZQ3 fH> UN*]ճb\b:8(+M z'( j];kkr(>b-we[θh bjsc_ߴљ921f˞znA6A|ig>@Ǥ:O2Hܜ$I6cNC깚ó}\V-#Bsd>mi:ZX-ieM?]),$*>Q!ai`T>H%*q\9  ʑ͙9Dog(D)ce3sa.0aCEGt<[9qV0/dq0&G| X !Fm]9p ~NR{#4tg@|z*=Tn2Vr[26s&+E^CW@ne⫚ Dtb. zS]M=;YRJc57z74RmnyGGȨnjK{ w4}1 ar8F 03DlgXa٪a@JLv&B5[ĕIk@wþ9@-b泋~㏀3:*;~=,P% H*|LA,.dXF؞QB?##)Ї6˭M>K>c}Ui5yuKƛjSi<%V~Sq䶋p[ 6+^&›F}y; w@'ZXj!0^4D| )O!XLOC2=3$jph^?Pj8zvᅚ>w}Į` 39{>6dLERgI;G4yt[ރ2Ò?S֧!8!gBd@ ԲQ.ׇfq>斾$WNSN!8Gr<_!xlɓ?:pMrTk\,GsZDĨg(D~яW`ic8vS"/h挥dVomh>H4 pVָ=B,@|7_(œ/m@oׄa41%`/-R*%cSF,>dkb rJ>|$l)"N򣯒O(N+"4yvO'̛@}]EAo4cY]HIJ}3S~uR[Y(i{t.rAbg٩,y{(΁?P?M; VI^5zDU WWW"3NbfedB%~عAM4$3.NOǁyJ{3\ GطPs*ڡ|r-IejZ]qMkͽt9BH} ?JPpHegz?mc^(/)jogJq!yir=Ixwc2 [$HL֟ރĞjsEm X:A}nruUFq )穳J'RD0kN߯GO}$Li/!k sO3M3y$I|u[ӳY6U>FBN!qJS0m jAC;zL1P4TR׿A?&c,ja?4ùGgۡ=g i1[״/֋cz[喪o,!S>[z  0NBșBStRy@}ed]nOb(IѿKo a~ Z0z "#TYd\H;`c~z?O-m}3wIG sv[QzWV=4yR 1}G| $^~<`S/zM2*Wyh,lsH y2!;;Qpn]]$ْnm-NF㔌 ,@|qҳLAƷa@p$]F"mW+Gl*x^8+TcV0 F VثsB?¾6C$eAz Uɳ~&>6$D/|iL? LowZץB"Нhtxsn$'Q$PT fg ?1ߎ[lvB;&9Slm P)H$Zhm9w !qwřd>9I RXKW$c\;XSO 3Ȱ];蝹uJ0 4m'?v.GXxqi?r[^K0?uRH-s7x(u ?KY wWspwzܽ SLXCDLE G?k<2yeCIu[ 0^OОH>Kqa*ɹ3ޜpb&=q ʟ\:B3^NZ׀մݠ{݀Զj_ʋI5C,,bbhA Jk_O~^o) ]Mslٺc/~v~ d_)ힳ uJ"6u7 lGݔT46Ӝ9bW5,9^imn`VG\R\Xai[:h\"e.g97铼.0)H}ddXo 7ߦPCbFa~_? x1Gg6`tseRNwVRI)J1ŭMV`rq07H"> z~h^8~ <-3ѰFgcZ * l~+ Xp]` ҡQCF#V=7r{fd F)dn xeiq[k=>AsHn3:IGq4KF^ݥv@i#HxWN\FRI93b%ro wimtB oєﵷaZAJ 8P0TuF%Q?$s"ge{`u_ԷRS~ڪ|B!=3F;!yO'20,arcpP>eԛD\;SuJK4]S>?>)ڧ, GjHқLvxdv fb"O8:3b<Ppv}[GK~)ɿKfk.a‚0Y^oU9Ddm>#9-{=Am1J[Wmʊ Hmae[e)d4Gs8bؕۇr`z.;RK:Ik)wSXц^ENE IN)X{fG˔r 2(+g~O.VWQn.^ mIR41MrRM,Z?Fv\a/ƦۤE?UhT辡vBc-ȲaมSF(tTᅻ<[)=̤Ms(j4:E'aqo%[hdem:ɄOMVV];1 ~0-LCq3餥&XlvN!smFw-ZmDF) (e-ؒ;Q.Γ}E omeKsHM-[7OM jn9;b^g&SB݄W9몋U`ЭD[c$?x N+ #Vօr e<,JeF ; ,F 4">?)Ždmc"ޝJ.&fM-d1ٹBԝM5%NH)Hbưg1C̼.|/6 s͇~i>-R0geXaT$ߺC&c&XƆ?/P* (,獠_ LhJ.\l<4c%4"w<އTOcRZ?sG3.i30[ګ&~(Q Yw3ooqZDVyk8B]6Q8xh~4U&ƊR _G.!HH&%ΫF}x{=4r A?NJӵ~5z9c\U;H-J^' wcD v䕃rO!PYxy+ `vga,97KX*ofÊ'aRwV21#N$8rrζސJ=C9X &dRpMl psmbBlctZnuLƆy[N {_S]k'j,#rKAzr,cXti %l2cl,[H $݃'=:IUL%Hy60juXd\֬*mQmD&ۃf;pc9IteJ!9(KaޙEO RŽ@:I*d @+l5;3͊'?p"#LgN eVl''8=ul 8wIчJ+㐦(_l̂,̅/Q)yuiKlKqKcp$e#z-\B+ś_^2V=\1C;8ɭN!vzWtJPN u|m`=n\&CW(և"=TPbb'+yR #MbMv.j0 KElSd/T'pdKE+h? IH>I𗀋0)~d嵔];ǐ_Tiž(qro? J:[(&V<Eφ,n6,!҈)"VF͸.,*_b|:@8wc% '5.aU4trDNROP; ?h\$|vv39sM4‹UZG }BK`#C_P;ӭۑO&%1b\ C0M|WOo/u_N3Y68,9n49̈VObcfOIoA;hCEzq3Vk&S"&P.*_rtՈ=" yW6])X1E+iM8TypڅV)M`N,}N )bnAG TKYU{.ǝmVŇ,X D)e)|"C+HՁ 2QCe`i|FhpM{؊lq*x%qnD?2J+sW+!]OVS3ț:1OKQ<1 47)(Z_Gt!C%I~%OD$%l e+@,*~OSS@"]>VFdc)fKdIlر\Z:7h Oɝgݮc3@oz¬,Cd;tlLMK|&=‡VZ}c/P )tη-(m;J*C;I1 3W@v GR*~ߝ䓏vW[4M@<bIB 'CWB9ެ6NIE:,h7jiDqI!~{L6j; 4vD=˪;{ N2q@vI/90.,N'3u 䑴cd4ެa&(n֝J~E|CP ':nDAi1u}G>WƼM~Fh@D~#WH̭Z>m.X3xYhTR)Mjأ%rU83PƂjb7{gq&V3<{Xٰa±_=nIi3ұ{N>?ي]%^_7F Jx5̄KCzdLqӋ>j'3ʂ2/d7\ :lz2En|tg#]zJgcL6G+PQn]Q7ޅ Ғ#^?NbffjJ;MԀW< 0%RsFlwX > eiL+ ^Zx])Gn&%8W_yXh$V#Jw/4q4kV<]/nN0Epלfqbo< <||^Hq B6#ٲz='>VüNn^{ ۷ %<bzzЗдӃuanIYQO3ԉ$:V{;0Gݣ+Jy`^f,5Cs/HTѭ>gAK/FS3><w-R F1ի i=9|o'e@ q6Uf2 ќ/= wݲi_ yրy ̧>HW:1ln ȋX?7#ydRKa X]F!VSeyHHŌxwǿFEO-Un1I;<"0I2R vgM.LOЈFjNÕl¶{`_zV׌zE⚾^Q0՜> V-dwmzRa6 0=?/Ji"l?JV m"GdIAN{#b(ۨb 02w  q}fuy6y W)uF"ivgv~Ha|Xil^Fv͛^_Fg @/&؉)yT)S&qd䰩uUȌ Oe6b4udGA2QyeSٙ+"+Zٙ0˃ r 9 :$ן:xpط+Q5 #ПM*='>`c3wu]]ލޏ9) AIW/CTmwۛ!%b1QjYGbNobŹ3[/*0-/#ZW&un-p}.Fn$S8ֱgrU2cQ#k.`>56@Xh]ʆMD[9x.Ayhj4L'燹Lx\+v!*nK5䶫MFA@q;Jeys%iJ{Oo-5MNi]F:=3ǧP>2xqpa1 9jpDNY>cTϧm/3iMϭa[c0f~H;gZHdzmO;g}ص.n6)NBV?ZΗ?{Cq/EeIɁc$,P}R0_eYS?qPWi&8AðvPfV+Bg (aЂokc 6"-N&Hr\,?(&!ءșs o)XC4%%I1\$8*ôA ɹ<p]C7+_H/ TO.8)BЅyLWcUP!/xE7*q|p ]Sa@0OxC$APd ʪuh1jL٬[i :F|FS&b[ ?QG9W)闁ܙ=Q[ُCܽR(j=.*B;j- &u>h"ONK\{/YsCQ5́آ ܊_z& #=\QL&@YZf.oKgXVwqM`F5h3T=VEH< 7J ͻb.7!/6TA-W{,N^9g 2s[*WĀ ~"P-6<8Ў?siNnci6/'GD>tc?*`1b,HMsT?yP flaNGj]nopÖ|:G8v$G%+|P#3k7ŎG )oVet4ғH3  m-^ ޴"v$ԋb5@B0-MP֗0Wp4@;^~`>:לJ}u4q1Αi!+.(,3nMPsVq)*k/0{p\#o% *IMw]˅ }[m'*8ʒwOX@\F:Y4ٶV%[тgh8~-)5WDXLUOȘԂj: CXÞ}͸f=v[m2~ƃԱ;F"bϞ;\tPov p JK+ K]XD/躸Z[ >Fݢi1/WIW*"6ܽ4-Ug'4=REXY*fec#LK 9na`4;0UCyML̕`f;[ar$ ]PmJNB*b [}冒*Z=V}LuM ^M &Od}m鹡0iJS#[/ D!IvM۴ WsCR{@2{Lz:jԯ>Z]J]fp$)-,}-E>f7ptǘ. CT[Ft ,E/xU0Bi{ o3r0vt { җG=)l(+T})g  42;<DsAm ^U0a4ֳH,"Tzx1۸Şt&ͤ v +Ӡ@#Ozx~y\^Q$A1!ׂwʆ~QudAmvb s.:9:̮f/ a_9^G.*>DQδE\b l?>3|wP˼"gH!O A_ɤ?#I%b 1Tw[ԀVԵNJ ӕ$%㏠+I1le5]l s[^y8AsRffG}ur് }J"p8Jd%AݚPxjn{6"qBd'Ͳ.(aBes:##G"P[nwڡ!v$ Uߏ?ŰlWԈAt5êbyidIzhٍIȄYϙBeǮ!R!O"CP[KImb2l\pܜ3rRZt7%d$W=m0$9RMOW?q&xe6XO9DvbNmE+%͊+3s3n(bLkVAwt} S\; 8x"c?3ZᏓ*;ԭ A;kWR C#&]T*Tu[25ivRncQ=!M,Imndt'ffeDШ k GƑ OBG5k<>c~jFƅb TgL{JDj|Zx8gmx✲g nː£,T%_»h-/t-RUOo;lgZ%!QTke rkkF ADw4IkD4^ATE(W H,`[l Ce>ag}B3.q#lv(:rX0iu'X]Q`c[[l[xı[r\EYS `E#ɋ ۰iWn;l:gpjbl٧Wng'drHVP}4=#5m ,[XR {(AtvJI#N8EnMcn(ǧĢ. <ۋfz)>> b)$KҺeDlT/X֬N meU'XAw(! d$4rV8ŹlZrE@n[d:=!Ӫ+ A$yGuR#.|k53_4n@}M,03,fފx 6EUi ˗lQ{>P˯?N$:a^rgq^ H"uY6/~AfG{_ҏ+A*'o>yu(KT8e5\ ;r" k-XopH]oi V͠:x$Q6CodE~4UЯ!41ΙOJA†6Ubxe+9s̫F!cU]u0tTaX>6UGeeo%Ycv#[l4$~ jx(oMUd 9ex4 W6t  !D]yi^o.G؆m6avGܬ@&$_uĔ9g&w<Ȫ>=ia-þtJ3=Sfh>Jro7䕘@LIPas'OE}.iKI #A0Jd/5nQ䓖@V{u׊9ŒRPKL jN1Z$hEZO-׳>Z=ޚ = ^fttKP+9iJaXw?d?,h]sEta;#J8Kwˁ̑V9\dhphX2"uF03;9ZoUegRRNhdm1\;?(xeYF蹡0tRjK=zD\L"jRTVfjqFu~O'L3|^zZo{Q̵Z# /alw9t)B1@}CVHAߑY6WOjH 6 8פTjh 3bøA\F_!L3[; |60n!KdCqӥ폑QFQV/޼K:-'䤒pQۢ@fHc5ݮ4I sU lڧGjZ/*<1l b=pJH>D(RVEW ?}nbeS]NECb{K9_!)Eg͸n<Z+hev^8U~]Lm*J/L\0֐Vkg(%ۆTfLAGW75=RҿE"4 MN |=h0[mOKM6wOa : F;3׵o+m\3~Ms[M `L[ x#WOrU<{ m[, _!W6 !] 4$3 ^2Eבsۏ-xXJ7r{ 6܉e"$0uAqutڃ֧`{T1cVg4l9Y={̜![|G)HRј}u~𞪣nfvn^ Dޭ`̲Z( (W ĭ=y!߹ͬJ \[8_ӺqfSHv)q* Lv)*'TnjՊ]US=*LC- !7?DkEZi La"Ifїpriw7JlEqPay~vc_ #@xMsQz .gg^܋ ]=XdPj5yVTL ?NXm%E'[۬9Pc|UMk|t%cJư:c̮paQQ kCz#XN)-]eZŅ<8(> fP>HoZN=գ :+Sr\bu(KxTx*J~}Ճ>Žl,]kk_5AD3ЩA*o 1{f)焫ؼ /a=&[v[IJr)M:,ـDNhc<]h, +Y_a9p,NuAh H:?ݩezL@Yv֫UlDDX<<@Cu'cV91V*7ň8c((fy-2-O&}%)DMu9:ѧ:̀Qgz6BXqwèuI+pіoN}Jbq!dUs=~hn]?H0OO$)F%g.(KS:!u[uC,\|S3 Or}O!PW MAr;Ju/RtS:dow(b37MYʃ (*61gCgFq`l}q_d>h-I@g3{$|;wEMD%> `fΫIp[$FmcAJ}H1Cr*ϔ`TؙmGSJF岥놘qNr4;0V0â Y ZT; I FYVH QKO盇4{8=ЉN3 D&A zO~$Oyß\exI|ɂ:3fI :ɥh֋aD\ٶEX}Ekw~ ?gE@pi4  3ۢV^W{e><Q#Ja@-{79i 8,&dnVUz_, e&qT-*:([n8kN <1p#B]?I^2cS=>a0 B 3z#qz5ĄUjhQPMjeH-Kr1:Kg!XJKcvމ\E v^SBԄ,NTE쨻rXx /_EFGk.RDn;qW f:evuFs9%IHxZ 0Vx8 BTy 44Ds#o dQdh(sdF=GOuT?*78Q mP‡?TBt"$=mIT֯=8~Jp8V;[LHk5i1wɩ k ǫ2W5D/-ic(e vxNL*QvrE8u0r gf$cЯڿSW,wR)ܖ\)?ŇjJxn@NEަqS8v{9 n'{t`'pR\26CDiv!1K VTj*H|O%aMM?7ѽxa1GUH8L[ݞU'Ċ {jBTsUP!%b߯^.=|p /9lU\0ٟXJPrV*@CP֡7G>SDS&=pXFt3KK+sr rSd-*7P6f+/74u7'-g;I%;(a+ Pօgj7$@¶j8}D ÅG1^ޝP ̣?Vq8`؜&d`~A &U1oԎ㚋Gs3`(qYVTlwSe Quv%D#}Qq=Q6;ߧZȏcHΉpM =X÷ lL*9ռkҗ!bt 翭L! ц}`d|kždV3S+#Cgx[üh*Urzy0C y7DKsK_pIW/e0#lb MG/2hEIx3vzL򊷏נW &UEh^&N> -,BTP8"<d.T@SU֥!ijg8xi<' rAʝ9RPBӂ:|% m}Jw$V% {n$RP4zbty } M%p2wä2%{'o?lU];UVDY ;3me6)!*}Q`Cr uL>EːxN&ky.KQs选%-vSFi}5z39ľF*s$L=='qYOBbBZ"8| Pjjj@yIMby$̭E=LUm:T4meҸ$Ә՗d$"S&3V4L;OOEB\T Il7;W[Yhp(Ώ 5`)vI%_;Fd4TUdX03x;{P:H ^o!Od% `E+T6F&T@knc |ƒc43)QJ5@\-٢{ʶtS=1^>EΩhz f]5]gwNUj)dODžQIc/}%ba{ -mwB\[G2E%Z ЕJ7~TɊ{`INbjb $ ǫےW.4>bnһ3l갛uFKH0'_%r=+bdZ/c|K$O) ެ("yZ<TbTY ހJ|ZHV+=+Ȟ|c}Wrd_n>J3۩4"/o a/Slɡ16F \CN†+_ XB ŤD$ -n 붪>U!NOA`߳Sk=߲ߝel2RVnm&~_l.mW*2 aoZ$`Y߽wQzWzlR+}l-rJ݂E5niyO7Pqǐ+~v];`OhjhnK9"B}s]E͙Z>4tuNC5?\S?Xy uRy xZύ(GW0B',)A` FaaUeLKS*Lpל*Ȯk8WqTϣyo=u]x>x_QYEM)I4̇q5đ+f4(u}QhXB):18yBЀ!W J)%ەΏ;EG!%OJƧZ RmWܛ 0p/J'3T'wo៟5yk[s-i{$` 8;|h5/mC??dV= ^FU+u\7EpBơ"(U(f||{nv %x}< %ekaFkϐB} =kv>}9lO3= 32OۧЮ;Jc P ^qt'l(!1A.? '-DxI^ݢcVMg"[^\gY{{k85L2Wԅ|xC.cn3aIѻ<$TFP+:0Fu|C'͡fq{QTKUZCWXDQu17.oEݡmh~mlG1x )0udaɘV_ ,sq$YDCa.}}tlH}!>ԧ$rԖZ /q5ӿ,DI8/q/ iPđkJ/>p2t쯽 kBU!Љt:;Ɉ\pw5i?>."} C!Jm:ׂSis(+\wжȧq˰PZ7f11îa LtWnJBؓ^S7LVj!ksx. ׀yQD@`L6ęrk_^hȔp͍ 0p(f!37`mME5b5:=Ts@ZɠͰ^#;`2㜑lko`4v[0y{rLz(h8T9Igen\.(MhC-p3(#4.G}dm1E} Fz;[q\uh"1wku|Wf &E.5AI]::Y>:^k~3exwFZ5uLDf1Unmu.#mbmJ^Wx2=ԗp>UERrlWbu!8L?vm C7X߈-X0$֖>S}QsU(.A|l]3}'"Sޜ!SKiZ7y}ȱ\DZpLϞ̯HrPδhއ [s ˁd%\cg9#\AHk;oc捧Ia`O=nc6 I"._;7W uwB̘ſ޾َK7:z ٻ_^F,n1! VAv!W&Ei$gwyJw1ќu|yrg=d|J^]`f97Jp:C:^õuz{`: 8ƫ*(v1XSE)zTW:z`@欎ʎT}!J0|u$j9dqk[:{=NFK@Lm@ 3ߪBT,ĖeƝ7K*sVU8t7%:GJ_-c"AEZ8D4k0J'C3[/~E~Y5ձ3cT!!J8}UId0+K H{jΞ،iu}T6Ӛ)O?4r=NDw k;y^^oUྷ\Գ`VaDI>SdEι'P F$@ P/@m)de {UfGNjPe/ ^H-3MnYo*fS)h5ǘ+݀!P !&IxKV II7-VB (BR6᪀֞L` R I| j{E6KvEԞo!!t Rᤚ$`u>zojۢQ<R#qԧMD^eZR).a+ZPy6aȾApM-8Sib=j!2QҨMBDaXaA):dSKF ZQy`aIZ.Ze,i֎ls5 ?c;?X8!L\mM$:X ٫% "mts9q0 U.j"A:| X:yJADL!Ň&:aB׋ic b$RM1Qht )xZț4)%sV`L2vJi&` p!L8AJd%Fu'(7}{]," > yd?܅fxtQaHytV} k|B H.ϥz@mMb >m J-8ɡCE8 r\)YpOD6 ~2!i.=Px@6Rը},2ix,בz VҬ Ǚ!FG뀮º2/w* Mh5W { UN]ԓ[&T_ef' ?d g!\nؖ8P3Ҡ/w R*ֵQ}̥5dϸvd#0*O۝!bjN(|hFfKbI\*u$*3sEQU8wP~JP_yGZC"?Z;Փg`Ū2T/!ߕvI`ǿ /K6(Z[<+YҐBSx /\`ef8zlC P%mAzxM|  6X,>Wص[ӆ.tY]7_1]Ǵn ijգ) n DXV6~E!Y*R30tp~5 '-|8KkՎ^3atS>0L&)ghe/鴬b͠]}J`QbV*Ϙ'R5HPP^$@xە/AE,G% ?:w U 2t1Eۉ@.))ȕ&tAYj0u2-(\PucQ΁"ݜFSvM*`жfw*-Gae au+~C<  E} X(z#Nٛ5O; H7bKhա;-y#hߒJޖk >.ꡍ2C~.3lC* آT ne]j>,?Ô`}速4x2?V~1t Q>A.ĠklJh  m}<~?V^`+CI'O o-MDٴ@k <L;QTc|MфmOL ]R՝e6Ik$tAǿXmKKZdǐ$(Ei90e4 z9,/PgBh;Y}ʑL DT 09 k Tϻq-/}@ ; (ϴ$Cag(l%(hz ΋TP?[&ߢMNTwW_ciq/dgԚv3gӏǺѧJ*L٪`0 ƵdchH=XdASk}̍b'3 n:{r !HFD9!<g Kf:({7ڞ[5-CxMPϋ}O{ ]>t2M_gSrg{cJ (ct)ނ[dLA3w kWpF UQV{,DP5a"OfݓsP%En9SExb2ϺF!Q-\S5 |wDs!w^r i=8zy :+t@=0,g8c6u #u)3|n&-R +E]sƯƶI\GQ=/@WV]f*癗T2gH眐Ue*C:l:ʟHƧQPjE9b)\=TK/dk.ۿ׾2ڝ>#ɋB3?VB{[@DZR bV8;3|/MwKOĸB=[W&$jj.g#c\pqeNU*BJ]pQqe1YC $>m=\X 6l4kcX%n:ZyMly2sVg&e\;/C˃ =H+Xc{J*|#^ (|p}sx)1nrsIZl.~*}ZqqU5I_JSNw.cx'tXBG22nA Va7$ )i ,7~S4+`:4,H[tөVIт^O`!x_mT6VB0@r~>i ^!@uOM^@EnbHitf{L*m;TݝB v}#iE T]줔ϹGOK\X Pcs_3Xqt6i}*JLt'Ġ _$g;( kθdը@$lCF]/#{qz8S;wNA'~+o1-ا?@@ IׂyJ[fJQ"ab=JYܔH*S Kj紒6E~~ C`0=u~/:3z- w_A~fNq"LcƷgO>{|x矻V \/r(cH'Vʨuạ >  _o=;x% VAZI7uNd\صj \rO-m6SPM=N2QJ*ƑLyi23z!O и8Jq%ic?-mhJ+WGXq^CػE;Nٞ+mֶpk$ ץB4RWgfskK~)!+`@WxP8'/*h!}>,kdIj PI&=g=o+ `-HhU.T,_-SX\VxɷF3 &&E@sQJ;"-$EMPY\yd]Z6oGmM$Ʃ~@'Ֆm@(A "Q]:`Wn(_#c}'PD;SJw9J1g}v" LZ`[&b6 l|xS<^ge?qvakkÒw>A#\\ fbտ_ -P%FD\P7*g5V}SJ,=HSu}d T %'<"5;&0e}[+F#%ţu|q=Tx;d3PU20yOΑSka#"2~.Ox†zh mRS#yz(_ZU,}>3auQ* rԙi6i«cKEά|5 l)=O{SI2ˠS,ܚ8׈(۵ΐI]C5 !jN^a0%XCn!, <&vM|XBԦzLÍgzL>5Rj\IDW1vZ7<#岋;/܎q=8 t4-F/!"pFBC~` eNcg=3ҧ|t;k!zƒ@+ M?9*SFWEqd5u-$vO_&{M3k*Ny֙ ''}c‹(K^`2+@+ũD9Y❣.RHHCfl- h6x;W~"YZ4g#Ѣ='#5* J<QhlƿiWxll &͆U,wLI>k{`q&+xn4nNx9NV`@9ӲFlVEN(/UK=7[h-O@?W}$KXbHY>tS61|mO_X<ͷoF.> I@i43{~r`E,3OĹA`z*x3R:q Zx`'@[JQC0 F†pf6U˯i$npe`3;հ3i[f-̌5#ȡܲރ?pDyXbr̵"SI32Qk2 vTO?D-?X<&ulئptj|^(H*55{p"ENs6GSʩ3iz+=rmV-;]c}PknopwO$M &`Bʜ'WC[X(Hqe N!.7$VY3:=7 {纭GCZA3I6[a!nYA\<@KK6(R :oW&7S( GN6,Q!?Ỻ%G0kK^DUPoV5tz-85-4O9Nwg|N\uR}#RϋUbS'TA3Dw`l]zS<#-e44"lḌ<n7[\MM\$.gGx񿨫wD݃?^w}@E*bn@ƭ|~C4H2Xv(t3oOݻLipW. h7&wKYQppB"*~Jp͹w1dH/2} %81RE?azLX /O$* }W䰐BDp}ɞ+,+(t x;'JY]jC WEF=Rc&*Hɘ^J 6@ YZ