tomcat-9.0.82-150200.46.1 >  A e,p9|C<K#vʨ)&r#ldFyh|'u11n/AyJe'0dyY; pΣ+ҥZIŘ>{/&]Gb 鹿+VɣKM+CP+I*WALD’0|Xy6&4}'Kchzbt=;_%hi?kŽ4溣҆|薰:J+A0ebF5xp 6Ɛ5767e9e7268f0c75d4f7a6315633f8f1f81658f8e0509fbc1784bd72d1d3040a2369ec052954c7b64260a6f7ffa7f12acd5183fbde,p9|`A/sdbf,çGI5`paH Rڡ+ 3apBYo<#ǮSҙ&Ʌ%hұ^Id7ıJIRrk#9,5|aeF駳}~^B_S )*PTKmqZ"%&uG2h&O5A?㢺)"Ds 0l9S6N:V\&+Qȭvx+5I-~1TG:nKgtAGEJv!>pKp?`d   ` 9?FJ (33 Z3 3 3 3 3\3_33   "!("v8"e9$e:+^e=>?@FG3H3Ix3XY\3]3^b@cdjeofrltu3vT w3x3y|z \Ctomcat9.0.82150200.46.1Apache Servlet/JSP/EL Engine, RI for Servlet 4.0/JSP 2.3/EL 3.0 APITomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. ATTENTION: This tomcat is built with java 1.8.0.e,9h04-ch1bSUSE Linux Enterprise 15SUSE LLC Apache-2.0https://www.suse.com/Productivity/Networking/Web/Servershttps://tomcat.apache.orglinuxnoarch# add the tomcat user and group getent group tomcat >/dev/null || /usr/sbin/groupadd -r tomcat getent passwd tomcat >/dev/null || /usr/sbin/useradd -c "Apache Tomcat" \ -g tomcat -s /sbin/nologin -r -d /usr/share/tomcat tomcat if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : for service in tomcat.service ; do sysv_service=${service%.*} if [ ! -e /usr/lib/systemd/system/$service ] && [ ! -e /etc/init.d/$sysv_service ]; then mkdir -p /run/systemd/rpm/needs-preset touch /run/systemd/rpm/needs-preset/$service elif [ -e /etc/init.d/$sysv_service ] && [ ! -e /var/lib/systemd/migrated/$sysv_service ]; then /usr/sbin/systemd-sysv-convert --save $sysv_service || : mkdir -p /run/systemd/rpm/needs-sysv-convert touch /run/systemd/rpm/needs-sysv-convert/$service fi done fi if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$YAST_IS_RUNNING" != "instsys" ]; then /usr/bin/systemctl daemon-reload || : fi for service in tomcat.service ; do sysv_service=${service%.*} if [ -e /run/systemd/rpm/needs-preset/$service ]; then /usr/bin/systemctl preset $service || : rm "/run/systemd/rpm/needs-preset/$service" || : elif [ -e /run/systemd/rpm/needs-sysv-convert/$service ]; then /usr/sbin/systemd-sysv-convert --apply $sysv_service || : rm "/run/systemd/rpm/needs-sysv-convert/$service" || : touch /var/lib/systemd/migrated/$sysv_service || : fi done fi PNAME=tomcat SUBPNAME= SYSC_TEMPLATE=/usr/share/fillup-templates/sysconfig.$PNAME$SUBPNAME # If template not in new /usr/share/fillup-templates, fallback to old TEMPLATE_DIR if [ ! -f $SYSC_TEMPLATE ] ; then TEMPLATE_DIR=/var/adm/fillup-templates SYSC_TEMPLATE=$TEMPLATE_DIR/sysconfig.$PNAME$SUBPNAME fi SD_NAME="" if [ -x /bin/fillup ] ; then if [ -f $SYSC_TEMPLATE ] ; then echo "Updating /etc/sysconfig/$SD_NAME$PNAME ..." mkdir -p /etc/sysconfig/$SD_NAME touch /etc/sysconfig/$SD_NAME$PNAME /bin/fillup -q /etc/sysconfig/$SD_NAME$PNAME $SYSC_TEMPLATE fi else echo "ERROR: fillup not found. This should not happen. Please compare" echo "/etc/sysconfig/$PNAME and $TEMPLATE_DIR/sysconfig.$PNAME and" echo "update by hand." fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -eq 0 -a -x /usr/bin/systemctl ]; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable tomcat.service || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_STOP_ON_REMOVAL" && . /etc/sysconfig/services test "$DISABLE_STOP_ON_REMOVAL" = yes -o \ "$DISABLE_STOP_ON_REMOVAL" = 1 && exit 0 /usr/bin/systemctl stop tomcat.service ) || : fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ $1 -eq 0 ]; then # Package removal for service in tomcat.service ; do sysv_service="${service%.*}" rm -f "/var/lib/systemd/migrated/$sysv_service" || : done fi if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi if [ "$FIRST_ARG" -ge 1 ]; then # Package upgrade, not uninstall if [ -x /usr/bin/systemctl ]; then ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services test "$DISABLE_RESTART_ON_UPDATE" = yes -o \ "$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0 /usr/bin/systemctl try-restart tomcat.service ) || : fi fi+4Cx}b %!BT. =0 Rw AA큤AA큤A큤A큤A큤AAAAAAAe,'e,)e,)e, e, e,'e,'e, e, e, e, e, e,'e, e,'e,'e,'e,'e,'e,'e,)e,'e,'e,'e,)e,)e,)e,'e,)e&e&e&e,'e,)e,e, e,)e,'e,)e,'e,'e,'e,'e,'e,'e,'e,'e,'e,'e,'e,'2109cb8b9303c3fe164d4015de2c453f235f30b36ed5a07acce1e62d4773aab93ccf5980597e2f8f07a7faa7b46ee7284c083c33c902a38afb673d417a5986f66622f2e1272f7b7c5cfe6ac2c0244af459278c3291d928128fd74089cf96d9675bc7c68fdf8fdf83ef12d6b001d161c43a5198e0ba69e835cfe7a1841ac5110d7dbc055fcdbf4a58792fccfb3e4d2ae55d2139148a0a0f388718c82c86a405d251f468e75c64c22cc81069011ec2d8d93669bafda917ca1c7504a0974dab9b0065f3a728b9abc6696f7e14d5e40c6085c038a170e1507489ce8a9866cb1984aa9849b6d8921c3f93353da7dff48e266292fe5c8da026077a2e3d5303eac304f028b2277ab99412c8b942f362f3fdb11c3d905c183bd87f73a79ce95c51effeae6a7ed8507189e0a0d5e52e4ba397f033607b4812a0dbdca3545f69317038ed2daf72c5a978c42c61660d32ad45994b5c9384f3279ff5443c093a863d54487bcbdf78683eaafe55e62739203f09fbdb750f3f580a0e67ee79528300e86661139d016fccb7eb7c2f050efc59d9dadb31b435addd95bdda39d65d4d9976ccd3b24fcd04dadc737adf3e6bfa104dc4f3a433c4ca8746b5d6af9c1784508bd9977847d29de48498e6d910f5a14655acb9046dd4c5347c1d0489af40c2d85e0e320370a7d143e7f746e4e7de99060cd071094a90282b8fa0896c5bf47f9c504c43a525ab1f4d8ef9961d5e5715657b7bf312f53028e36daf2f680f158ea275e6c4a49d36f7dd74d977cbb9013544ae81880772d28ae15c225521ae4c49333245e00f0c6e7daa93e810639597d20dd81c5caa27e01a66891c4c7dc2375db095b3c65735f21c0e81e2eada850b9b3199636dae2ec92bd10e14523c9aef0d4ba4190ea5187a24ce593eb8eb24909f0180445042c0d0deb4566623fbeb076b98f72a2a2a1b6f939fc48667e2ddb1ed62e9902ff4e6780b1c4d72543b9175d22609484a88add9c9226b3a7ea9fb0fe2b0c574fbf75087668399a6ecc65eae222c0780878007baf3532d18bbfb3803a5ecbcbad175b1f1beffdb84161565d42120e383b04704e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b85592910e25cac0dbae06cf06cb12bd6360e3d69f2a348e09f0c57588bb342922230ac2415fb82af49cec5b30392377e590b3c139c5668bb36b6133319977a8507f38c68f41ad7957393ceb89e327a232eff9e5db60e24d159a46952243eee0114e/var/cache/tomcat/Catalinaservice../../../sbin/tomcat/etc/tomcat../java/tomcat/var/log/tomcat/var/cache/tomcat/temp/srv/tomcat/webapps/var/cache/tomcat/workrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootroottomcattomcatroottomcatroottomcattomcattomcattomcattomcattomcattomcattomcattomcattomcattomcattomcattomcatrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootroottomcattomcattomcattomcatrootrootrootrootroottomcatrootroottomcattomcattomcattomcatroottomcattomcattomcat-9.0.82-150200.46.1.src.rpmconfig(tomcat)tomcat@       /bin/bash/bin/sh/bin/sh/bin/sh/bin/sh/bin/shapache-commons-daemonapache-commons-dbcpapache-commons-loggingapache-commons-pool2config(tomcat)coreutilsdiffutilsfillupgrepjavarpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)shadowtomcat-lib9.0.82-150200.46.11.83.0.4-14.6.0-14.0-15.2-19.0.82-150200.46.14.14.1e)1@e 0@e 0@e;eRdld0d?@cc@c@c{h@cQ8@bγbbN@b!b@aaaA@a@a{@azamaamaama`X`Q@`OL@`OL@`3__F@_@___FN_!d^@^^_^@^Y^U @^1s^%@^!^@]҇]Γ@]4@]?]V]@\\\r@\k\j@\Yz\X)@\LK\?\8@\'a\[v[u[@[@[ug@ZZ_:Z!D@Z@YYYY:Y@Y@XZnW@WiW|W'A@WWKV@V2V`VA@UlI@UlI@UlI@UQU hU hTTи@fstrba@suse.comfstrba@suse.commichele.bussolotto@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.comfstrba@suse.comfstrba@suse.commichele.bussolotto@suse.comfstrba@suse.comfstrba@suse.commichele.bussolotto@suse.comolaf@aepfle.demichele.bussolotto@suse.comfstrba@suse.commichele.bussolotto@suse.commichele.bussolotto@suse.comwittemar@googlemail.comwittemar@googlemail.comwittemar@googlemail.comamehmood@suse.comamehmood@suse.comwittemar@googlemail.comwittemar@googlemail.comwittemar@googlemail.comamehmood@suse.commalbu@suse.commalbu@suse.commalbu@suse.comjengelh@inai.defstrba@suse.commalbu@suse.comfstrba@suse.commalbu@suse.comjavier@opensuse.orgmalbu@suse.commalbu@suse.comfstrba@suse.commalbu@suse.comfstrba@suse.commalbu@suse.commalbu@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comdimstar@opensuse.orgmalbu@suse.commalbu@suse.comfstrba@suse.commalbu@suse.commalbu@suse.commalbu@suse.commalbu@suse.comfstrba@suse.commalbu@suse.commalbu@suse.comecsos@opensuse.orgfstrba@suse.comsean@suspend.netmalbu@suse.comecsos@opensuse.orgmalbu@suse.commalbu@suse.commalbu@suse.defstrba@suse.commalbu@suse.comrbrown@suse.commalbu@suse.comecsos@opensuse.orgfstrba@suse.comecsos@opensuse.orgdziolkowski@suse.commalbu@suse.comastieger@suse.comtchvatal@suse.commalbu@suse.commalbu@suse.comdmacvicar@suse.dejcnengel@gmail.comtchvatal@suse.comdmacvicar@suse.dedmacvicar@suse.detchvatal@suse.comdmacvicar@suse.detchvatal@suse.comtchvatal@suse.comtchvatal@suse.comtchvatal@suse.comtchvatal@suse.comtchvatal@suse.comwittemar@googlemail.combmaryniuk@suse.com- Update to Tomcat 9.0.82 * Catalina + Add: 65770: Provide a lifecycle listener that will automatically reload TLS configurations a set time before the certificate is due to expire. This is intended to be used with third-party tools that regularly renew TLS certificates. + Fix: Fix handling of an error reading a context descriptor on deployment. + Fix: Fix rewrite rule qsd (query string discard) being ignored if qsa was also use, while it should instead take precedence. + Fix: 67472: Send fewer CORS-related headers when CORS is not actually being engaged. + Add: Improve handling of failures within recycle() methods. * Coyote + Fix: 67670: Fix regression with HTTP compression after code refactoring. + Fix: 67198: Ensure that the AJP connector attribute tomcatAuthorization takes precedence over the tomcatAuthentication attribute when processing an auth_type attribute received from a proxy server. + Fix: 67235: Fix a NullPointerException when an AsyncListener handles an error with a dispatch rather than a complete. + Fix: When an error occurs during asynchronous processing, ensure that the error handling process is only triggered once per asynchronous cycle. + Fix: Fix logic issue trying to match no argument method in IntropectionUtil. + Fix: Improve thread safety around readNotify and writeNotify in the NIO2 endpoint. + Fix: Avoid rare thread safety issue accessing message digest map. + Fix: Improve statistics collection for upgraded connections under load. + Fix: Align validation of HTTP trailer fields with standard fields. + Fix: Improvements to HTTP/2 overhead protection (bsc#1216182, CVE-2023-44487) * jdbc-pool + Fix: 67664: Correct a regression in the clean-up of unnecessary use of fully qualified class names in 9.0.81 that broke the jdbc-pool. * Jasper + Fix: 67080: Improve performance of EL expressions in JSPs that use implicit objects- Update to Tomcat 9.0.80 * Catalina + Add RateLimitFilter which can be used to mitigate DoS and Brute Force attacks + Move the management of the utility executor from the init()/destroy() methods of components to the start()/stop() methods. + Add org.apache.catalina.core.StandardVirtualThreadExecutor, a virtual thread based executor that may be used with one or more Connectors to process requests received by those Connectors using virtual threads. This Executor requires a minimum Java version of Java 21. + 66513: Add a per session Semaphore to the PersistentValve that ensures that, within a single Tomcat instance, there is no more than one concurrent request per session. Also expand the debug logging to include whether a request bypasses the Valve and the reason if a request fails to obtain the per session Semaphore. + 66609: Ensure that the default servlet correctly escapes file names in directory listings when using XML output. + 66618: Add a numeric last modified field to the XML directory listings produced by the default servlet to enable sorting in the XSLT. + 66621: Attempts to lock a collection with WebDAV may incorrectly fail if a child collection has an expired lock. + 66622: Deprecate the xssProtectionEnabled setting from the HttpHeaderSecurityFilter and change the default value to false as support for the associated HTTP header has been removed from all major browsers. + 59232: Add org.apache.catalina.core.ContextNamingInfoListener, a listener which creates context naming information environment entries. + 66665: Add org.apache.catalina.core.PropertiesRoleMappingListener, a listener which populates the context's role mapping from a properties file. + Fix an edge case where intra-web application symlinks would be followed if the web applications were deliberately crafted to allow it even when allowLinking was set to false. + Add utility config file resource lookup on Context to allow looking up resources from the webapp (prefixed with webapp:) and make the resource lookup API more visible. + Fix potential database connection leaks in DataSourceUserDatabase identified by Coverity Scan. + Make parsing of ExtendedAccessLogValve patterns more robust. + Fix failure trying to persist configuration for an internal credential handler. + 66680: When serializing a session during the session presistence process, do not log a warning that null Principals are not serializable. + Catch NamingException in JNDIRealm#getPrincipal. It is used in Java up to 17 to signal closed connections. + 66822: Use the same naming format in log messages for Connector instances as the associated ProtocolHandler instance. + The parts count should also lower the actual maxParameterCount used for parsing parameters if parts are parsed first. + If an application or library sets both a non-500 error code and the javax.servlet.error.exception request attribute, use the provided error code during error page processing rather than assuming an error code of 500. + Update code comments and Tomcat output to use MiB for 1024 * 1024 bytes and KiB for 1024 bytes rather than MB and kB. + Avoid protocol relative redirects in FORM authentication (CVE-2023-41080, bsc#1214666). * Coyote + Update the HTTP/2 implementation to use the prioritization scheme defined in RFC 9218 rather than the one defined in RFC 7540. + 66602: not sending WINDOW_UPDATE when dataLength is ZERO on call SwallowedDataFramePayload. + 66627: Restore the documented behaviour of MessageBytes.getType() that it returns the type of the original content rather than reflecting the most recent conversion. + 66635: Correct certificate logging on start-up so it differentiates between keystore based keys/certificates and PEM file based keys/certificates and logs the relevant information for each. + Refactor blocking reads and writes for the NIO connector to remove code paths that could allow a notification from the Poller to be missed resuting in a timeout rather than the expected read or write. + Refactor waiting for an HTTP/2 stream or connection window update to handle spurious wake-ups during the wait. + Correct a regression introduced in 9.0.78 and use the correct constant when constructing the default value for the certificateKeystoreFile attribute of an SSLHostConfigCertificate instance. + Refactor HTTP/2 implementation to reduce pinning when using virtual threads. + Pass through ciphers referring to an OpenSSL profile, such as PROFILE=SYSTEM instead of producing an error trying to parse it. + 66841: Ensure that AsyncListener.onError() is called after an error during asynchronous processing with HTTP/2. + 66842: When using asynchronous I/O (the default for NIO and NIO2), include DATA frames when calculating the HTTP/2 overhead count to ensure that connections are not prematurely terminated. + Correct a race condition that could cause spurious RST messages to be sent after the response had been written to an HTTP/2 stream. * WebSocket + 66548: Expand the validation of the value of the Sec-Websocket-Key header in the HTTP upgrade request that initiates a WebSocket connection. The value is not decoded but it is checked for the correct length and that only valid characters from the base64 alphabet are used. + Improve handling of error conditions for the WebSocket server, particularly during Tomcat shutdown. + Correct a regression in the fix for 66574 that meant the WebSocket session could return false for onOpen() before the onClose() event had been completed. + 66681: Fix a NullPointerException when flushing batched messages with compression enabled using permessage-deflate. * Web applications + Documentation. Expand the security guidance to cover the embedded use case and add notes on the uses made of the java.io.tmpdir system property. + 66662: Documentation. Fix a typo in the name of the algorithms attribute in the configuration section for the Digest authentication value. + Documentation. Update documentation to use MiB for 1024 * 1024 bytes and KiB for 1024 bytes rather than MB and kB. * jdbc-pool + Fix the releaseIdleCounter does not increment when testAllIdle releases them. + Fix the ConnectionState state will be inconsistent with actual state on the connection when an exception occurs while writing. * Other + Update to Commons Daemon 1.3.4. + Improvements to French translations. + Update Checkstyle to 10.12.0. + Update the packaged version of the Apache Tomcat Native Library to 1.2.37 to pick up the Windows binaries built with with OpenSSL 1.1.1u. + Include the Windows specific binary distributions in the files uploaded to Maven Central. + Improvements to French translations. + Improvements to Japanese translations. + Update UnboundID to 6.0.9. + Update Checkstyle to 10.12.1. + Update BND to 6.4.1. + Update JSign to 5.0. + Correct properties for JSign dependency. + Align documentation for maxParameterCount to match hard-coded defaults. + Update NSIS to 3.0.9. + Update Checkstyle to 10.12.2. + Improvements to French translations. + Improvements to Japanese translations. + 66829: Fix quoting so users can use the _RUNJAVA environment variable as intended on Windows when the path to the Java executable contains spaces. + Update Tomcat Native to 1.2.38 to pick up Windows binaries built with OpenSSL 1.1.1v. + Improvements to Chinese translations. + Improvements to French translations. + Improvements to Japanese translations - Removed patch: * tomcat-9.0.75-CVE-2023-41080.patch + integrated in this version- Fixed CVEs: * CVE-2023-41080: Avoid protocol relative redirects in FORM authentication. (bsc#1214666) - Added patches: * tomcat-9.0.75-CVE-2023-41080.patch- Modified patch: * tomcat-9.0-osgi-build.patch + make it more robust to change in number of artifacts in bnd + do not enumerate jars, just take all jars from the aqute-bnd directory into the classpath- Require(pre) shadow because groupadd is needed early- Update to Tomcat 9.0.75. * See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.75_(markt) * Fixes: + bsc#1211608, CVE-2023-28709 + bsc#1208513, CVE-2023-24998 (previous incomplete fix) - Remove patches: * tomcat-9.0-CVE-2021-30640.patch * tomcat-9.0-CVE-2021-33037.patch * tomcat-9.0-CVE-2021-41079.patch * tomcat-9.0-CVE-2022-23181.patch * tomcat-9.0-NPE-JNDIRealm.patch * tomcat-9.0-hardening_getResources.patch * tomcat-9.0.43-CVE-2021-43980.patch * tomcat-9.0.43-CVE-2022-42252.patch * tomcat-9.0.43-CVE-2022-45143.patch * tomcat-9.0.43-CVE-2023-24998.patch * tomcat-9.0.43-CVE-2023-28708.patch + integrated in this version * tomcat-9.0.43-java8compat.patch + problem with Java 8 compatibility solved in this version - Modified patch: * tomcat-9.0.31-secretRequired-default.patch - > tomcat-9.0.75-secretRequired-default.patch + rediffed to changed context * tomcat-9.0-javadoc.patch + drop integrated hunks * tomcat-9.0-osgi-build.patch + fix to work with current version - Added patch: * tomcat-9.0-jdt.patch + fix build against our ecj- Fixed CVEs: * CVE-2022-45143: JsonErrorReportValve: add escape for type, message or description (bsc#1206840) - Added patches: * tomcat-9.0.43-CVE-2022-45143.patch- Fixed CVEs: * CVE-2023-28708: tomcat: not including the secure attribute causes information disclosure (bsc#1209622) - Added patches: * tomcat-9.0.43-CVE-2023-28708.patch- Fixed CVEs: * CVE-2023-24998: tomcat,tomcat6: FileUpload DoS with excessive parts (bsc#1208513) - Added patches: * tomcat-9.0.43-CVE-2023-24998.patch- set logrotate for localhost.log, manager.log, host-manager.log and localhost_access_log.txt - use logrotate for catalina.out * update tomcat-serverxml-tool and spec to configure server.xml - Added patch: * tomcat-9.0-logrotate_everything.patch * tomcat-serverxml-tool.tar.gz - Removed: * tomcat-serverxml-tool-1.0.tar.gz- Use catalina.out for logging (bsc#1205647) - Added patches: * tomcat-9.0-fix_catalina.patch- Fixed CVEs: * CVE-2022-42252: reject invalid content-length requests. (bsc#1204918) - Added patches: * tomcat-9.0.43-CVE-2022-42252.patch- Fixed CVEs: * CVE-2021-43980: Improve the recycling of Processor objects to make it more robust. (bsc#1203868) - Added patches: * tomcat-9.0.43-CVE-2021-43980.patch- Do not hardcode /usr/libexec but use %%_libexecdir during the build * Fixes for platforms, where /usr/libexec and %%_libexecdir are different- Fix bsc#1201081 by building with release=8 all files that can be built this way. The one file remaining, build it with source=8 and target=8 - Modified patch: * tomcat-9.0.43-java8compat.patch + Do not cast ByteBuffer to Buffer to call the Java 8 compatible methods. Build with release=8 instead- Security hardening. Deprecate getResources() and always return null. (bsc#1198136) - Added patch: tomcat-9.0-hardening_getResources.patch- Remove dependency on log4j/reload4j completely (bsc#1196137)- Do not build against the log4j12 packages, use the new reload4j- Fixed CVEs: * CVE-2022-23181: Make calculation of session storage location more robust (bsc#1195255) - Added patches: * tomcat-9.0-CVE-2022-23181.patch- remove instance units from post scripts, they can not be reloaded- Fix NPE in JNDIRealm, when userRoleAttribute is not set (bsc#1193569) - Added patch: * tomcat-9.0-NPE-JNDIRealm.patch- Modified patch: * tomcat-9.0-osgi-build.patch + account for biz.aQute.bnd.ant artifact in aqute-bnd >= 5.2.0- Fixed CVEs: * CVE-2021-30640: Escape parameters in JNDI Realm queries (bsc#1188279) * CVE-2021-33037: Process T-E header from both HTTP 1.0 and HTTP 1.1. clients (bsc#1188278) - Added patches: * tomcat-9.0-CVE-2021-30640.patch * tomcat-9.0-CVE-2021-33037.patch- Fixed CVEs: * CVE-2021-41079: Validate incoming TLS packet (bsc#1190558) - Added patches: * tomcat-9.0-CVE-2021-41079.patch- Update to Tomcat 9.0.43. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.43_(markt) - Removed Patches because fixed upstream now: * tomcat-9.0-CVE-2021-25122.patch * tomcat-9.0-CVE-2021-25329.patch - Rebased patch: tomcat-9.0.39-java8compat.patch -> tomcat-9.0.43-java8compat.patch- Update to Tomcat 9.0.41. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.41_(markt)- Update to Tomcat 9.0.40. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.40_(markt) - Removed Patches because fixed upstream now: * tomcat-9.0-CVE-2020-17527.patch * tomcat-9.0-CVE-2021-24122.patch- Fixed CVEs: * CVE-2021-25122: Apache Tomcat h2c request mix-up (bsc#1182912) * CVE-2021-25329: Complete fix for CVE-2020-9484 (bsc#1182909) - Added patches: * tomcat-9.0-CVE-2021-25122.patch * tomcat-9.0-CVE-2021-25329.patch- Log if file access is blocked due to symlinks: CVE-2021-24122 (bsc#1180947) - Added patch: * tomcat-9.0-CVE-2021-24122.patch- Update to Tomcat 9.0.39. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.39_(markt) - Rebased patches: * tomcat-9.0.38-java8compat.patch -> tomcat-9.0.39-java8compat.patch- Update to Tomcat 9.0.38. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.38_(markt) - Rebased patches: * tomcat-9.0.37-java8compat.patch -> tomcat-9.0.38-java8compat.patch - Removed tomcat-9.0-CVE-2020-13943.patch because that fix is upstream now- Update to Tomcat 9.0.37. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.37_(markt) - Fixed CVEs: * CVE-2020-13934 (bsc#1174121) * CVE-2020-13935 (bsc#1174117) - Rebased patches: * tomcat-9.0-osgi-build.patch * tomcat-9.0.31-java8compat.patch -> tomcat-9.0.37-java8compat.patch- Fix HTTP/2 request header mix-up: CVE-2020-17527 (bsc#1179602) - Added patch: * tomcat-9.0-CVE-2020-17527.patch- Add source url for tomcat-serverxml-tool - Fix typo in tomcat-webapps %postun that caused /examples context to remain in server.xml when package was removed - Remove tomcat-9.0.init and /usr/lib/tmpfiles.d/tomcat.conf from package. They're not used anymore becuse of systemd (bsc#1178396)- Fix tomcat-servlet-4_0-api package alternatives to use /usr/share/java/servlet.jar instead of /usr/share/java/tomcat-servlet.jar. Keep /usr/share/java/tomcat-servlet.jar symlink for compatibility. (bsc#1092163) - Change default file ownership in tomcat-webapps from tomcat:tomcat to root:tomcat- Fix CVE-2020-13943 (bsc#1177582) - Added patch: * tomcat-9.0-CVE-2020-13943.patch - Change /usr/lib/tomcat to /usr/libexec/tomcat in startup scripts (bsc#1177601)- Replace old specfile constructs. Remove support for SUSE 11.x. - Drop %systemd_requires, which is considered a no-op. - Trim redundant license mention from description. - Make documentation noarch. - Do not suppress errors from useradd.- Avoid hardcoding /usr/lib as libexecdir- Don't give write permissions for the tomcat group on files and directories where it's not needed (bsc#1172562) - Change tomcat.pid location from /var/run to /run (bsc#1173103) - Use the /sbin/nologin shell when creating the tomcat user - Use %tmpfiles_create macro in %post instead of calling systemd-tmpfiles directly- Update to Tomcat 9.0.36. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.36_(markt) - Fixed CVEs: CVE-2020-11996 (bsc#1173389)- Update to Tomcat 9.0.35. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.35_(markt) - Fixed CVEs: - CVE-2020-9484 (bsc#1171928) - Rebased patches: * tomcat-9.0-javadoc.patch * tomcat-9.0-osgi-build.patch * tomcat-9.0.31-java8compat.patch- Update to Tomcat 9.0.34. See changelog at https://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.34_(markt) - Notable changes: * Add support for default values when using ${...} property replacement in configuration files. Based on a pull request provided by Bernd Bohmann. * When configuring an HTTP Connector, warn if the encoding specified for URIEncoding is not a superset of US-ASCII as required by RFC 7230. * Replace the system property org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH with the Connector attribute encodedSolidusHandling that adds an additional option to pass the %2f sequence through to the application without decoding it in addition to rejecting such sequences and decoding such sequences.- Update to Tomcat 9.0.33. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.33_(markt) - Notable fix: corrected a regression in the improvements to HTTP header parsing (bsc#1167438) - Rebased patches: * tomcat-9.0-javadoc.patch * tomcat-9.0-osgi-build.patch * tomcat-9.0.31-java8compat.patch- Change default value of AJP connector secretRequired to false - Added patch: * tomcat-9.0.31-secretRequired-default.patch- Update to Tomcat 9.0.31. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.30_(markt) - Fixed CVEs: * CVE-2019-17569 (bsc#1164825) * CVE-2020-1935 (bsc#1164860) * CVE-2020-1938 (bsc#1164692) - Modified patch * tomcat-9.0.30-java8compat.patch - > tomcat-9.0.31-java8compat.patch + Adapt to changed context- Modified patch: * tomcat-9.0.30-java8compat.patch + add missing casts (bsc#1162081)- Change back the build to build with any Java >= 1.8 - Added patch: * tomcat-9.0.30-java8compat.patch + Cast java.nio.ByteBuffer and java.nio.CharBuffer to java.nio.Buffer in order to avoid calling Java 9+ APIs (functions with co-variant return types) - Renamed patch: * tomcat-9.0-disable-osgi-build.patch - > tomcat-9.0-osgi-build.patch + Do not disable, but fix OSGi build since we have now aqute-bnd- Change build to always use Java 1.8 (bsc#1161025).- Update to Tomcat 9.0.30. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.30_(markt) - Fixed CVEs: - CVE-2019-0221 (bsc#1136085) - CVE-2019-10072 (bsc#1139924) - CVE-2019-12418 (bsc#1159723) - CVE-2019-17563 (bsc#1159729) - Removed patch: * tomcat-9.0-JDTCompiler-java.patch + It was not applied- Update to Tomcat 9.0.27. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.27_(markt) - Uset aqute-bnd to generate OSGi manifest, since we have that package now in openSUSE:Factory - Removed patch: * tomcat-9.0-disable-osgi-build.patch + not needed- Add maven pom files for tomcat-jni and tomcat-jaspic-api- Distribute the pom file also for tomcat-util-scan artifact- Build against compatibility log4j12 package- Adapt to the new ecj directory layout- BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to shortcut the build queues by allowing usage of systemd-mini- Update to Tomcat 9.0.20. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.20_(markt) - increase maximum number of threads and open files for tomcat (bsc#1111966)- Update to Tomcat 9.0.19. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.19_(markt) Notable packaging changes: - File /usr/share/java/tomcat/catalina-jmx-remote.jar was removed. The classes contained in this jar were merged into /usr/share/java/tomcat/catalina.jar. - Fixed CVEs: - CVE-2019-0199 (bsc#1131055) - Rebased patch: - tomcat-9.0-JDTCompiler-java.patch - tomcat-9.0-javadoc.patch- Build classpath directly with the geronimo jars instead of with symlinks to them- Don't overwrite changes made to server.xml contexts when updating bundled webapps.- Set javac target to 1.8 when building docs samples and serverxmltool- Move webapps bundled with Tomcat to /usr/share/tomcat/tomcat-webapps (bsc#1092341). Affected packages: - tomcat-webapps - tomcat-admin-webapps - tomcat-docs-webapp - Remove %doc directive from tomcat-docs-webapps files section so that zypper installs files even if rpm.install.excludedocs is set to yes.- Require Java 1.8 or later (bsc#1123407)- Clean up OSGi manifest injection - Put embed maven metadata into embed subpackage - Use the .mfiles* lists generated by %%add_maven_depmap macro- Fix tomcat-tool-wrapper classpath error (bsc#1120745)- Fix tomcat-digest classpath error (bsc#1120745)- Update to Tomcat 9.0.14. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.14_(markt)- Add pom files for tomcat-jdbc and tomcat-dbcp - Add org.eclipse.jetty.orbit* aliases to correspondant artifacts- Update to Tomcat 9.0.13. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.13_(markt)- Update to Tomcat 9.0.12. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.12_(markt) - Fixed CVEs: - CVE-2018-11784 (bsc#1110850) - Rebased patches: - tomcat-9.0-disable-osgi-build.patch - tomcat-9.0-javadoc.patch - tomcat-9.0-sle.catalina.policy.patch - tomcat-9.0-tomcat-users-webapp.patch- Declare following files to config(noreplace) to prevent override access rights: - host-manager/META-INF/context.xml - manager/META-INF/context.xml- Empty tomcat-9.0.sysconfig to avoid overwriting of customer's configuration during update (bsc#1067720)- Update to Tomcat 9.0.10. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.10_(markt) - Fixed CVEs: - CVE-2018-1336 (bsc#1102400) - CVE-2018-8014 (bsc#1093697) - CVE-2018-8034 (bsc#1102379) - CVE-2018-8037 (bsc#1102410) - Rebased patch tomcat-9.0-JDTCompiler-java.patch - Added patch tomcat-9.0-disable-osgi-build.patch to disable adding OSGi metadata to JAR files- Update to Tomcat 9.0.5. See changelog at http://tomcat.apache.org/tomcat-9.0-doc/changelog.html#Tomcat_9.0.5_(markt)- Modified patch: * tomcat-9.0-javadoc.patch + Don't append to javadoc --add-modules since we are building with source=8 + Avoid accessing Internet URLs from build environment- Update to Tomcat 9.0.2: * Major update for tomcat8 from tomcat9 * For full changelog please read upstream changes at: + http://tomcat.apache.org/tomcat-9.0-doc/changelog.html * Rename all tomcat-8.0-* files to tomcat-9.0-* - Changed patches: * Deleted: tomcat-8.0-bootstrap-MANIFEST.MF.patch * Deleted: tomcat-8.0-sle.catalina.policy.patch * Deleted: tomcat-8.0-tomcat-users-webapp.patch * Deleted: tomcat-8.0.33-JDTCompiler-java.patch * Deleted: tomcat-8.0.44-javadoc.patch * Deleted: tomcat-8.0.9-property-build.windows.patch * Added: tomcat-9.0-JDTCompiler-java.patch * Added: tomcat-9.0-bootstrap-MANIFEST.MF.patch * Added: tomcat-9.0-javadoc.patch * Added: tomcat-9.0-sle.catalina.policy.patch * Added: tomcat-9.0-tomcat-users-webapp.patch - Renamed subpackage tomcat-3_1-api to tomcat-4_0-api to reflect the new Servlet API version. - Commented out JAVA_HOME in /etc/tomcat/tomcat.conf - Added "tomcat-" prefix to lib symlinks under /usr/share/java to avoid file conflicts with servletapi5 and geronimo-specs - Fixed wrong %ghost file paths for alternatives symlinks- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- Build with JDK 8 to fix runtime errors when running with JDK 7 and 8 - Fix tomcat-digest classpath error (bsc#977410) - Fix packaged /etc/alternatives symlinks for api libs that caused rpm -V to report link mismatch (bsc#1019016)- update to 8.0.47 http://tomcat.apache.org/tomcat-8.0-doc/changelog.html * Fixed CVE: - CVE-2017-12617 - rebase tomcat-8.0-sle.catalina.policy.patch- Added patch: * tomcat-8.0.44-javadoc.patch - generate documentation with the same source level as class files - fixes build with jdk9- Version update to 8.0.44: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html * Fixed CVE: - CVE-2017-5664 (bsc#1042910)- New build dependency: javapackages-local- Version update to 8.0.43: * Another bugfix release, for full details see: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html * Fixed CVEs: - CVE-2017-5647 (bnc#1033448) - CVE-2017-5648 (bnc#1033447) - CVE-2016-8745 - Renamed and rebased patches: * tomcat-7.0-sle.catalina.policy.patch -> tomcat-8.0-sle.catalina.policy.patch - Enable optional setenv.sh script. See section "(3.4) Using the "setenv" script (optional, recommended)" in http://tomcat.apache.org/tomcat-8.0-doc/RUNNING.txt (bnc#1002662) - Fix file conflicts when upgrading from SLES 12 to SLES 12 SP1 (bnc#1023412). Added explicit obsoletes for tomcat-el-2_2-api, tomcat-jsp-2_2-api, tomcat-servlet-3_0-api- update to 8.0.39: (boo#1003911) * Improve handling of I/O errors with async processing * Fail earlier on invalid HTTP request - includes changes from 8.0.38: * Refactoring the non-container thread Async complete()/dispatch() handling to remove the possibility of deadlock * Improved UTF-8 handling for the RewriteValve - includes changes from 8.0.37: * Treat paths used to obtain a request dispatcher as encoded (configurable) * Various jdbc-pool fixes - drop tomcat-8.0.36-jar-scanner-loop.patch, upstream- Switch to commons-dbcp2 fate#321029- Backport fix for inifinite loop in the jar scanner for 8.0.36. (bnc#993862) Added: tomcat-8.0.36-jar-scanner-loop.patch- Version update to 8.0.36: * Another bugfix release for the 8.0 series. Full details: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.36_(markt) - CVE fixed by the version update: - CVE-2016-3092 (bnc#986359) - Fixed a deployment error in the examples webapp by changing the context.xml format to the new one introduced by Tomcat 8. See http://tomcat.apache.org/migration-8.html#Web_application_resources- fix maven fragments paths to build in multiple distribution versions- Version update to 8.0.33: * Another bugfix release for 8.0 series, full details: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.33_(markt) - Rebase tomcat-8.0-tomcat-users-webapp.patch - Rebase tomcat-7.0.53-JDTCompiler-java.patch to tomcat-8.0.33-JDTCompiler-java.patch- Fix fixme for the prereq preamble value - It seems systemd prints error on adding the @ services to macros so do not do that- package was partly merged with the scripts used in the Fedora distribution - support running multiple tomcat instances on the same server (fate#317783) - add catalina-jmx-remote.jar (fate#318403) - remove sysvinit support: systemd is required- update changes file for CVE information - Fixed CVEs: - CVE-2015-5346 (bnc#967814) in 8.0.32 - CVE-2015-5351 (bnc#967812) in 8.0.32 - CVE-2016-0706 (bnc#967815) in 8.0.32 - CVE-2016-0714 (bnc#967964) in 8.0.32 - CVE-2016-0763 (bnc#967966) in 8.0.32 - CVE-2015-5345 (bnc#967965) in 8.0.30 - CVE-2015-5174 (bnc#967967) in 8.0.27- Version update to 8.0.32: * Another bugfix release for 8.0 series, full details: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.32_(markt) - Rebase patch: * tomcat-8.0.9-property-build.windows.patch- update to Tomcat 8.0.28 * Multiple fixes, read upstream changelog at: https://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.28_(markt)- Some whitespace cleanups- Remove pointless conflicts on provide/obsolete symbols- Version bump to 8.0.23 fate#318913: * Multiple testfixes all around, read upstream changelog at: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html#Tomcat_8.0.23_(markt)- Fix previous commit. Fix one rpmlint warning- Drop gpg verification from spec, it is done by obs- Fix build with new jpackage-tools- update to Tomcat 8.0.18: * Major update for tomcat8 from tomcat7 * For full changelog please read upstream changes at: + http://tomcat.apache.org/tomcat-8.0-doc/changelog.html * Rename all tomcat-7.0-* files to tomcat-8.0-* * Update keyring file - Update windows patch to apply again: * Deleted: tomcat-7.0.52-property-build.windows.patch * Added: tomcat-8.0.9-property-build.windows.patch * Added:tomcat-8.0-tomcat-users-webapp.patch * Deleted: tomcat-7.0-tomcat-users-webapp.patch * Added: tomcat-8.0-bootstrap-MANIFEST.MF.patch * Deleted: tomcat-7.0-bootstrap-MANIFEST.MF.patch- Version 1.1.30 or higher is required for APR listener (bnc#914725)/bin/sh/bin/sh/bin/sh/bin/shh04-ch1b 1697445433  !"#$%&'()*+,-./01239.0.82-150200.46.19.0.82-150200.46.1 tomcattomcatCatalinacatalina.policycatalina.propertiesconf.dREADMEcontext.xmljaspic-providers.xmllogging.propertiesserver.xmltomcat-users.xmltomcat.confweb.xmltomcatwebappstomcat-digesttomcat-tool-wrappertomcat.servicetomcat@.servicetomcatfunctionspreambleserverserverxml-tool.shserverxmltool.jarrctomcattomcattomcatLICENSENOTICERELEASE-NOTESsysconfig.tomcattomcatbootstrap.jarcatalina-tasks.xmlcatalina.shconfliblogstemptomcat-webappswebappsworktomcatCatalinatempworktomcatstomcatcatalina.out/etc/logrotate.d//etc//etc/tomcat//etc/tomcat/conf.d//srv//srv/tomcat//usr/bin//usr/lib/systemd/system//usr/lib//usr/lib/tomcat//usr/sbin//usr/share/doc/packages//usr/share/doc/packages/tomcat//usr/share/fillup-templates//usr/share//usr/share/tomcat/bin//usr/share/tomcat//usr/share/tomcat//var/cache//var/cache/tomcat//var/lib//var/log//var/log/tomcat/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:30729/SUSE_SLE-15-SP2_Update/1f5b6e9de4003dbcae3fc0bc675fba51-tomcat.SUSE_SLE-15-SP2_Updatecpioxz5noarch-suse-linuxASCII textdirectoryXML 1.0 document, ASCII textPOSIX shell script, ASCII text executableBourne-Again shell script, ASCII text executablegzip ERROR: Stdin has more than one entry--rest ignored (Zip archive data, at least v2.0 to extract Java archive data (JAR))emptygzip ERROR: Stdin has more than one entry--rest ignored (Zip archive data, at least v1.0 to extract Java archive data (JAR))RRRphX kc7Gbwq'rvUQI6}8`r!-ШIC{Lyb ە|+̎ӌ41efuLLLdϯyӣJ3dUrP1L.hۨU-/Vgv{z8{#ɬYL +}[0Z|r!(0iIL/9'NVtDҨWyR7F)_> S ou!Lձ(0lucۀrCEfi7́>F YL0,PVGSrJ7yOJ{D^ЍGf)Q Rjt{*60n%t_g40'9fm-#k{|#pa؞X׀Xgeb8و4Gӽ7$%!\3stHP]Fkg I&QBfLr]|&#G q+ - a7AIZ) Q%Jߪk Ml8}D S[֭"nO4ppD598.:w;@&cq s1b)ǞS|Y]%DΕHk0[֞^W_\3b{ >K@A}>̷h[Ϳ{P}7GDZ:O=4x8Rl&HLCl-zhqrvc%q©4yكR&Tx01 + 3]C3b%1m:)_$R=$cxLsIQϹ9w3. M ] Բgr;1!Ώ"LǦ 9Z,9K&v(wjZYun2N}4 uf%s/[`)lV^IJ:Mm\zon~6Rjv=+6lֽ!>{@O89B~OVg[hAO6lR4#_{}eLs1NR DZQW[F{{"4?.1_L|rmgYȯ^kMZ!FJc"_*պ4J8ƾ61v&Vv6`N#yϥF+a3;RߐlJGhzޛ?~D`6"Zb|Tlf^gCs_U%Kc(5(#tx?M\!Re>ʛ$yA29&-yOy!t;ty}CG|VQ[)0Ď*GWt9HZ့~;mS<ܬ&=Fso3fdUxcN.'}Ryv“d:x.k֊dfS#~%T^u-b|n5[ veMbO ƏO%'۷|]RDGYSnCMoɘJr#;pqi.cIs?}Jx ;mw܇PQOڮ:p 7ubuo](|a{?-@d0BgJYJu5'"ش&W9@^ 9;ZlT#x0޲K|ub^rR}S`lJ(Po>~#XAw(%@T:]Iƈҿץ M/(oW8?QRA^䯹~0ƅ8!ϺրL,aR EbK'B2cƋ|H?]ˀ*wTz@cADSwoUx/4Th.kj8(4C 7uhQS"Kri5;rfUA2(mQB98?_N2gLe!fbLB`z DpVCѡy3FZ"´dA_D_2V@T]%G^q]/:@mۣv>c?"i8Qdȧt' v t̄>ΐ ޼,Oqzk! AVHR |do`ĎXCQLrD iS&MR( #U庲0+?_. yx2W~<` ˚lm{&osctB:ij.1(q$- ,6{."u74` Sq\$t' bd1[.ʵeU&;\Z鲖(Lj@T'iJZ>9P_z I9Ɠ7&Ov"m]nKǝeKkfa4a V.W0zLi$^^ ^Ol T]P!$#A["wt F %5Jyrَo<:"?i{R~aab{U h02kg-PM6#(luO^ TΟ}0-Nϴ9> Muz {’9J.% e땩Y]$ xSjH&"<%rP#Bcs1Â'\ Zr; ŷUB4Oh@OW7ӟ$,aw'p_:o~ȭ7ns-+?vhK\os !X9VQ2e=Sq/ L^N=+rmREvRsa ZGƃ̾9?]Xeiz<8xťNuVB+1?5)r:{&ŒYj=uoЫS]]x=MsպFݒ\`s?[n$OC9ZpW?oEMCjvUOxYZ4;[oTjz`Qg,`4ZQs 6 km|ޝGpwɑ98.\+~C_*.'%  ^\>F=JR<˱]M'Q#omn++ض 92\JQw{M`MGY*Je7ܧf7kSt٥(d?>J ώ)D] s@.\uԹX)z}3ȿχfߦI"%0笓{yF$78=.iYc!}fi~.xB*T\F0!-uF)~2>t0x5M iSK?9$O3 M zT/vZ}k;JI}$-v&I$w$Ma1c`#0OK. $^D9t3#plJkc;(6# Em,V7WUi boG>(A=(&YS OF+l_]j>,i{/ d<*8:#q۳Xxg)H]զ >2ְ(W/Qknr48pKQsnh}ȩq_9eVl Cfqj0}Af;H¤lm!MMOq#%aQZLys;_GKHYE}~tfz82ui[ ,D't 6oqr?r GƏgyC)_P97rNO!+ב anu4us ( $Hת`>bg'2m$,ǪpGfO!b|u~&J$T4,p܁[^7s1k`Dm&JhXI, 0A^"]EFdf, +m\Hw ھp%ʭ+ ejK6! V=zZcT,fiI:Y`ux<*Qڡj?`H;9%6R&a2Ìyj}DFQ3hFaޭz%6))Gq 1"i^Ea=!!;QyK@>9rf V.u1Kw6{gT<_֜{a*B}k)}a'/ak 6}cVH k.Cu@ҩGS B52yH1ݲSu~,=Ȥ}y~+ x6hL|4'y y!rPIe n0< 'C~k/Wk]([Έ2 z ) h//5]ggTfgwdbkc6䠳R\zniq6,"fk0SX=`]LEb6zTB[X(>g)M'D!Љwi-@\YO;tˀvaRA;|.7 5-8؍&KdY(=B4)B7t"2CI0nB^OtR/{O7qJwwZ.ugZ#nʛJQ/MLZ.s췡mAaA4gEP0S$==n!fΡ>E'K孂FA GPr|?>&tiSZ[2] ]#w|u|dwZlk{M_&U眻gߨh[S;B4 CNRfTDy +BH?{-wz ga҉)Buy\5NZ1> WT}woh.>M Y'Xq΂F7f0B` 4oPKrf zy,#F86w*R gAٞ<p"-}`4 >M P%͉'2 MH9Yȹ"0e̹K.PZNGzB}q@tp5nOۣCC4Cq;J~L ^Vlk^Raa;pT)Z "39?u*aB2Քv{%3AlD7W:~{܍Z }>31!{WdD=AnD*Mc=",lb{`QOindx;6Ot $S.)fjEiIYBܟ]+oYι 2yHǕ@||9,]97ѢY <:yvs])U{? Bt! D|,s*rTl}+tFv'q@[Su|QʅǠ-e>Hl$)QX:XEbۄȹFnWdle5fS-la&k܇mr;֖Y%Q Ho# 0qP=)1n,7-Qz+%l[#z;#.7LMcba3:z gF2BdjfQ>no}mjܤq赚` >χ: *TVE,A}t>K!-mIE ^[p0y3R0f7 (v"m! JF2XJ/|K6 7lBRgaojKlL(]O:1Q b2`|?kS=;RT^/W1j͕WF|qAe'J(B&$ywlޝǜYdd"BHݗj42,3-\$6Z A9G ~i}( כ|:X+3!((H8z=0a7n$D!RC\=tQkU/`E. v% TѪȴ4ӎx-(!Ī0U;fD2k棻sBk%JPh^ 1tZHybjM~F.'ш[ǥ3{|b4?j(!eKtn*e[(+x,AqY(-#arc/y뿩r26-Aj4b ∟}Nuǵ$w_]kz4; GQnn)<?D\ #yIY%lțb $Q`'"O}x`v0G8S]qMy"1B;.Z%+D{__рQy TXO) 5JE'Pn77y3șX P $0eW 0kCV=~Kf.0 裿%m[HF&f͍~WQ'鴻rU/iC'BCr}UzOKt S!G} "c`3*"1Z>8` a`GHp!å3Wim01޸3ӽ{ ƛ6!2p[z^Ta ~釄$?Vw4zyoqx;R`X)uRet!!uSZF0?`:`=5`ܔ]#ĉ|6)7>ۥ&C[IZ1$/Ř/`y 'X E8ںXQ?g?Te<ЂZ.!ܲ)ghnT dۛB`X{Y ̸D"*,X筧8~ ~yEb5X#~=ar?6I,Y1w;Mb dT+p?ݜuw}Xa:R&1df单bc%Gb+JG3ÌIA ".ϼPRrՊY~$24 ۷QZϣl}q0\I޷GD'fzGwd`oی3Z4;^뙜^~ YkbRv$mzj μ⛟~䢯bIx1MO%& Rq;c\~K"߼qg {pC9'c6R( $eV?&[_P#脣o%TF2z7/œ48:*e9g7>mƧbϺ܋5y!_0SxpY(k: i)_6Y0-HKӻbޫm DygFqn((ݴ0~J[ ow꒐?+RE#)?TWJa8j;Y#Em2Bt8i|`|I?͕T85جj[B{.RF@hDZ9fH{ly<¿\k6; 7x oGĽr˫̵ެ ccnb\8yTgTE5ZHQ"ZlWCśT>h{#冸vL1qx]Qsah<;9DfiqQW|7:8DTUEmJ֍c?(>-}&8qg=xpYI E)EQB²x}6'| G ų,Q²,YHߺ 2U  *\c."~^Hp nbtEY/ьERX\(KIG*˖7a[T4nNyx冮9?4Ubd$VZj|*[}mf* ?H׆Jȳi2\TUaF$XtEg:pD[(ԍ;brB 9H r JW76ُ 2+O蔔WNh2_z=#rVsBo[icښpU5rǨw -1̹炋IkڣuXܔǒj{M{`>=N57rXբ)UHe7EHdlZt:k\*[wᝆԉ )#lb"ye= δ}۶5!tQjx|?7bp85u@v>lAZ9s7Synx}bJ}Ќ2IۀW^b G<1bCX{xXeHȅE",Yd,'dofV !8iD>4{罦9h 酿B-\Ɏ<X+ }rOZ4s.[RPANUg}Ȝ'(ʄKlQZ"Uy7WfwH=GwĴpSz7L Mb0f_:heuZ(?=O5q|/K_^oD62as&<)8B^ЩCΞYH]ٟ,4QD2E0Vx~frZuniܚ~#EE &u[UE)óXZ]Ma@3/u?s**4FIu{v1fT]_GCw{?l>}5Q=C[LItY` X24 NnPXU?' Y*Q6 X.~kLY`K:I*^zgy%,vw5\ 0B3mBMpY*y QѽtՌ}#1ǹ\*ZCaE" ِő<5YnhjfʠWώ*W^X;-J̋7q~s%ⓙ~\KRFz ln]yI,zX݆;\_Z2&fHOݿX}zde-X})Ab|X @s\R4B'EH.<0MrM ;&Q%Tm(K[Dվ{;;dC _ LEJ>Fu cnm'eվ*lR/1E4om!APzLBw0D5{=wP"VSZ/v+sA c?Y}+5+zo`\޷2pMsB0pl2~1= JpA \c8 lGh%宭W k%t+!6|"dBNY*1 ,#ېN*TD)ﳖY,CFLZZMu 4 #V 5RIȆ'>է1i۾'+Q96cb$Ŀ,.\OxxC9YY o Y8WQcšTJJ %FF*suK6fb&RPM{;};D0ЈDC ^(FivkGj Gg@xUq'LQIN{ 6\Sߜx+Y@4yQa񍌋̼ G,ջ4i(]J{݁._s@iZ1Pݮv+[@$^SVY =o =ih\9y;.K63QxQ'"U.7JLIUٵjF]cٲ3D4Ct6 nzc!iB) tC^v뷏C`ktHw~k$koIĿZ3<3Bx;T=ؙwҬȓUbuaʮ=@ϭSD0+!6g: ACTVIE~5%qR˧c)l#5:-8R3 /z,/+Q:DN2Mr\S-64_N*܀5; B ~1Q|] EjNSO-LL7ݎr3=@e*R [{|9ke0E4#oh.CWr  qT#QοB衁9l۬sweؙ]J ҃M!3UFE C͖Ouκ1Ǣs^@hx/a a}zu`偾HdE4M5&m^1B65g6{,pgRQkZ;9;"MME qr2[y<#]؟xov%O-/&*qD1nV MV:-KBda X+F?h4410!Յa;Aa5WFfGNuia pu6R:҆hecR(}xhn}vIGs3"p4Q 7(=/g`qAk`Ж 6btn(b"gp*$1jrJWq_uSЧ(W@ַ<>li_"P m,8H('\|p=zƲ`ȘhP+|/їN':r;u[0TBY,O Uoneh??W G!m$hK+uY@:|`àG7%vK!(i(j)8bdDQXtt`L-JngWx\eD.0~F:=O\Ût =ƒHXn ZvhCY9js8|Se@3Kj{19 e;VRZS{Ũ^>8 쨜{lPAdr>_kN?_?L蘲]:ݢB@N)C:'v;/|8u=IzHB2 J HrR?_4/ׇ x1T6Fct# e-b{ecFqԳ@6͉Vm3-Hx<6䙘/Oidu{mIȱ]ĭH%m;͓G˹xq]bSx{J e9NQbpuLB p.Lp3fO'K OTwuR?؀(-Ŝ(1%`gAs;)I;lK"^"Z럀SK7d. +Na0uvC 6s>A=[װxɘ< qsB!S-/\~+/~FU''YiCǴy`E+U]ͱ-Iqj˜?GT)Ĵep-3YγyޯDr91S(x#}Ut2:hQP|L$P$s\p"d:z2%}'{;rXNOG1ξP5y`gG ZrF13O->i]:/TjaSM5yCfo6=z c5=Z-8i-R-7DNW")\^YVz"Yw;R%Ua/SGchUWVtqU L0rSf mH+K U*`&l2S p0Ak>m,ż Uf0ITyvMREQVʢhGl }Uto֖{4DZտQ c y{۶_tN4_\aJ쎇ͦbC9gCuVuFi}")4[l5JրWԱ~Vʗ&ewB>$}gx :śK_/w /C 袜۫^aZg3q0;jۓQr}d?aMӟiX¥.BeS6=ر^ZU]ohũ\/PykQ~IDgtw>NZbz]xTzmBܴڬoHa0O(`w"]_mWYR@sE3`rAcΧ^s$\<73SB\H1IZ4[ ~ZO){sֽ’. 3:m{V}$;Lv '&~w-)&QP֒P[u_٠6/|Xd!RYQr}tQM+腯$l[}[tgf]ZV_TqN|8%)'#~B-;o۰ZS_qu~VCb&[Um>| }=l=Hzg$J0?ICGrȟ$%=O?~__w4Bգ&tzE[jNc'I%ejFF '7_0j,@{|(F'3ٶ(boAb-3j9Z>-DvMP},\(AS 3G f•C,*b&QNt-Pցg>].UplL_pedm,?Yc5ї8U٘r!75T]i1_ @f ك~ϕzM<8JjȬj]E&_^Q/XI|IBTzINBQ}4xƾpsu>JD*]{b;KӰ61P{nuiƣ*tIX9Y';bɻHS'M_R*Έ^a~|pRtGtβ!@6’pJx5o={*MLÿ.1 ou=tf]@RˎnAU#}z琍+x&xA*;4SkpM҉'_ crCx<5\:`;#gqKqF22k\kڦ!q{PjHl ZWi PD؇\OT=7ȱ~ޤh!7|Mf`J ,G|#M=Ŷ䘱$z<H׳ *%IMJ^q#EqIGciFl 3H {9$nDS8@ K_TvsXb4{9tc44&T2`/ v&­Y?[_.fYZtўMgך$Oh7`b `e; l8LϽ:3 5e 2L9j Mۭ66ͨf!+[׽HUI$^3עUwFq@_ l^ԥԧMkƎ!+ͷơȠxa,:)^"CB(qLπ$d089O}zGfD{OJiij%N0TKԕ+'u :u9TJ-czL ۊ) L*kaG&̒,E%zo| ]M œuOTVVEW1cq H6&XDKH:2C@^NXrax䋿SqZGUޏǎ aR E f )^ 1MNjE[vG(U;6F6toقh(X0pN841\ bS =d.Ȱ`Z|j{?ۊ" -_>"xR2:U9B y4 6!:iwNG3ȴ5(mqfINqF_ V{^81;ORapуfqW*e=c0*Ci= OAOOX(t`IfXqcA0hG9#W][0GI62gLDl͌B!WVf1 >7}m`ŽUrt} Kj{E0r<չ;if܉_#O{ ~{V|1,Pd/['BcPAa圀*a˂8n|pc H,k׿ -شGZ4..rT~32j0_eQ)cO] g1WU{(nQ WGQqDBM^}mS2R1N =)thy!P2~GYaG=;'1.3Α?NL&0᫏}@m[ui } A-JZT\Liv:9MC.(< ar%saBmOmt8hiqVI3E؂ܣI`=iێָC>ǜ$"P?5 Xӏ_9F$MNI] G JZlF6d#5z3li -SكmoK#u Y۳+|ƞ &v tS^C8ZK@̃@=Ly!#5Th IdA7%0tJT#B$Q8 qF(DG <=N$ȋB!l|4'C:G2Ygg*ت\4ХA(yI[[loAobQJ42!A`J!^ ~DOu:E€5nfk((0>`9(Y|Tڛ*>SI/}4އK 6M_Py)Z)+Id/EҮe Ka] VQLˆ1C*r1~FC*mDj9M5<3mɇ3k/\FڟST8= OڂS :h{$4w_aFM䗑@T;:~(Bdnqew PA']WC5$a|=Is^ U1:ć/qZ۽SaxGDO~$[qDn%ʥe˃G}gOr/dkoӇԟ1}S޴ m9UCW8j0tX jLmII{="o 6WD`,Yؿp8%Dg rwjBy$dh,Wv)XCUxaLMz?Ϝscv.-5h(T>>r;VQDdrnC!Y3![mn ?=fz1#M:  ]qV _p693.B%($hX(rɣ:drYaB|h="b~2WIj(l Zg(Z x0/_b#E:NL"E 7ꜛlP1 D OE=|-;2[c '},)Vb*p>&uq3YL ԍǫ[oZ [mZJL-"(UE;9b-/ )a("!KV7R'% ,S_6< Mo]_\{+ ;p#mC7 qXKԢ#!FE.>ET\Sb>\I8$;.&5ElQbC-b˶a}SZy`VWL%|hL:λ68WIυGdM񰁸:7pE';a tOV Лd u ނdꬱ׈o6[MϬ$6OoM[ȋP{5wHS}[Sv-"u|SCO@O9AASXu%K5Ը!KQ̑EݱnjxvS"M0 ~HR~е峻)MCE/YYF/'n.!Y'~|n!g!d)ޤ^n%K0i {p'*>J3vY]+,wfӍ`c`x|Ą>-JLw\؏C{Ƕ¢xPd~I>ݔ6PFM2,>DչÔ;\]%a=pC7"$G5CN$|`#5^=gocK:Ml:T%¡Dq'qԣ]{:--Tf>Q#dZXJ [RUUk(wx4 imPB!8܀`&[,SᙓL}.H8+>c`- =q&H DK$KB6:˦#_po >lZ/~H/L݃yVT)qܩ.o% }3Dg ʾ2Uh\Ẹ~25eQ4',{h~>Mtl9Y :gc>B VZ>b U|㝁[ jã#w ZUrOE27_^-epb%mvPNr%5]I 6-Wr7 @4/hs=';S- )&O?;l~ȞLa$UxWߐ›|NUv'5?/m? IڧOC! _@Ľq`DaaubK$]Sװ,Ȥ<^"<\ &TWy?XBF^ Wrdɤ$a]/(vl%G KVx /+;`r/ع^%阫C],m,l 3 쳱|,5u!&Ŋ>ڬa8~30tv+{GH>1>ė*d溴59 ݝO@%o$WP`Zzsb VI S@s/WLd-'m& PgC4SH G)ChH:m0,/GfwƍD7vEIJb|)\T֞5G5Q'2eAbL!\RBqPNH|H|5SBFs/)Xy̨xM)_ /?#@cjzJR H咚{U?,Ҿ͢[|w2SKf53)-ۺmi%!nbwb^rZ2]|ړlp.&PW2 G\М]=-6b4[4X`9]qT4"#/V^{KCCת[nc(=&O&h>ؽc/& yM%~n~As m$,>)KɌK]z GTV RH$|3K-ѨX^K^]BΊ[B+˨Ȍq2D$j|W8C5dr1`CP+'6d.kɵȓ;%TN[c:|䠙G US'79Oi{iFW4ꗛ *(_JMNU!gY*f|C#u޼›fS$wbui)hROݼ HHu| rYu,jC$ֽ m!w o44mR@S r~zxzX((ߙrzty (SWX2 8o " +ڡa {Y*xR_qѪ`cyg}+AlKo :Z[Va& ;sZ1)noܳ$6bd} ?olw׸ BJ4T3Κ ~/d\-mvk/97aXTK.)޷pywo{>9WmNF7/zD7ѦTc ?&%%*#QNl:,0K3 qQAJ;(11#O2e+S'zX|87s\ѲM VE@!/sKtce3^G "幜z NëW= M-Ⱦ,de[J5ϗS2'o_p8W:I/՛_2?7r;aMdBIV^z5䄒',Ψ臙u{a. q\{x_FxhmJHH3~ iH-8_=lk%[H(D(Mb#)dpӕX#V{Gz/$:ZɐfD$N6b4iE045zU>$*,yF QJϏ^2Ss$wyR'lh/~[%1~f/Yd^*q1C,TbkODZ\Al U+\# -t}_)/]+)/lĒщ/3[_$Š9ԒwihD(yod}_8LmސL߇]ߤr=+BH;!Ɓ'Cth{>2)n\L%Be;3&#2OyۆֵQlFxyWbY{So+@M{^Hb#./ d}ʴBQ x ϣ#w L52M48 ;h*6vu2uLLܶ܁+  멨&ah$7ǔ$rω_"(;|Ét1AХHLwU6rbTJE\эGϰO ťSns=dC.=Cq`j@nŅZ9 = BrӲ><ѭk,9^__]-|?|S)w;TKgÙ)<'VZۯ0eE[SP @X_^qeE^8A`{*J7|ZaƀU!>(; 00H$$u}9RrR.СL|;NMg85?M)?w2Ӣ -jV1Ua;T{;*jp./E Y׫Rl_ Y6?eȡa@$2G #Z3 |[7*Pe)T(\YZtюG'|s;<]~L-C49la8@u}?5\ܬN2%amXۣ+$zJv9@xP xs~l$A< "&;ria/~Y)W)mdDɀXloKOc&Yw)WI)NtCڶ1>gb!Ab aVMg$}K@p-h.gj[MYZZ{xV}qۊvOJ\ 0G4"c+aLYŬR(W1F8fY=/[ύ@ō.$)2lG̡˅}M ar4^yfQ¿H[\X&+JXE+!gH~q7pWn[@7Sd:(Kąb *oC*/n`9&izșw `x&l+蒣.*_ȸCquyǛ~4fFhŵ<Y&C&n7bhey)keV 67>K;6ÒC&)H+ڈ]Xp -Iv-(ĹI[|̮/VYmf6\Gt-z_Y!{"GX9qBRC@#r\5N; zH/h՘:ݯy&0?ЫX/+;'3a/-|{$*K|ujXx$QnVi{rhY9@9ձCV'Ң hKMbcy}\C kO1m8Xkdx Q9S&wyy8 B2.C9]5-MID> $H[B㜚uz=2a<0R`?rSk_Nꔪ\q@IC @Sw%\uO0[՝`j.f?f''JspϘVkQ[#R"iM/)Z mu<L۠9X#F% ׬TRS'{76|K~]LĈaf:26R?>0~+k+#1 % ۋwŞK=$}W"9 (+dtE>c]X;\םmw(%(A7۸^p)8&_a!jbG54ZeeX)ث*gV{i{CePG+ҟ4e7nZR= 4>!8)ڌPdx?bကUDދe|% (l/X D?˖"3ۇ `lDoY~7jg65VX?"5z,7 @q8~Bzhan ME19n x3GU Ǣ]M١3/̩:wSVR!ö'1$1AJo{)1|gQU=KŎ;StRJnr"5X*%r>#|iizwq.mp<'bq7TC8+k[WCeRo.:SU.25g#ɛ].+DWS[ 8)C-Ч'Gַ-(R$C"LY|oоP*Ruڐb,jizfu0 N-`k1aPлԙsh0dND}b{zuo\ԩ4ڂZUY^lxɲof/ (;ԅKM^#U2u9"Q5㺖_0?{Z`~IP ]$nKG*Wz'08 7rg'FeS=H7DׅD> >?+ OZ4j!p]ߎb-8lGq6rF.rVF>7[n:SP71f;MDjJGB2jliZ19(n$*_m|ɻ !YGg; ޟШȢ=X7|2=kƞo7e'n:ZGˠ)G؍h|NYQE8;0Jh3CVV?Ps2ix xᎄ2'gO%i^;G2LF[hX}2N o M\f(ڧQ%BV_,.@=K|%셝d9"ݹtIed#RY]!9ρV{j^Q7nsѣvUiyUq6i rG2o^zQ.k00c[&qhP`@*Dށ| ȼhOB Df5 BnC:`UP&",@rxaZeJ$q2y } V## \:3ޔ1Hx H0tNfD~aѤ,$ Rv0x%rJJ+0_UnIa76 `~zSȍԘ #8uzkNS0W}t.L-3KR@Æigԇ'2s 4d1'jE-9l@ ߄>.qx-0=c7{#Xeru/ș($/AW1XAрdJ7H:D5(eI u%⫼{ۚ!ןr0_ݤB`3hHMkW5ZInI'/iW IA?]ȵ"\/6yx5|?7DhOmUO-MuW4aX XIᵠ)#Ȁg5 :tYmVO]""oj!ϪJg߲~Ey /eV];*{r nZꢥΖ.h$Md ^Z\'ގyѱ/%ǿ"4ABQ C|'j 7k,>?IiQVsjzz/i8U\V+Έ aF}q2W&_@SzOQ/mP~Ch*_a%*mY454'k3~p C;^+ 4k/R{p\B"\k8B.,4z#K諺sK vիkBApkBN48OzO8 MPj/vtEuK*%W#lvAzHbl߳C.;%b&=& 0@+_&N0)N 9Q[GP_ c2{N7P~ ׀V,ͥ+CN~4:BP]2K6KkmnG 5] A`]:ڰ Wόlz`a Q38'2NA/ؾ4Vչ_;ޡl5>.J7v䙼>Jx~԰+o<:Ao ¶Ksě/4 $ܐ;jw?h:^&oDEk9͌ϳ+.9cO54"¬}60.DM`dڟMɋʪ0xWYiy'! n? f~_+z]dv\?k$??/~vNzA\]-"4܉ x3b)Ft؆%x\$se{i"@5&L=6$ޢw/ug=|TkvEȯо#m$CߚBJFUgL'lGT{.^Fb Z'# )$S FֽmC t`U-yGWqw$'fo#"tniхabHa&Kz>g0P㮅o~7N;O]B#(6{T UzP蘎ȥq](`92 &+5cRU{59khMKg%X:0ș( 8!U& &Uγ&k}g/├G[4ɯim*;G=˙S"{N>b+ˤyhs^d: t`2uuupb-e<7*@ ?43{p8Mq!U Ӯ_pjgoX)T[ϼA,J@@XI؉}4V3)i0GpTl6W檥//.Vşx9%)OiHL6аvSmL6k]c8x߉R{Zpv)JۆU1PGKhk6tTIm i+*6 A@aB Is5XEq@kR֏y/{xju4n$ԲubIHaLh1 EqxYm3mCtwt.,(St 0{̵P&‚J5A6MPU>rZm,99ۯO)̓D#yyٔ*5 omitH =9){0 +AN`$ _Z+ƣkmmeٙ_oOChd|K_N{ :Cʊy6 Wp+a,h~Ϯ)T&@ʭ-F&F fg ;sI)H]K~hF5 %MsMe&lo$_Yeo> $dJS}ف@vGV@eʏQbjoMqW[0}a&Xdo9T{8h] 7 +ء&0i JնW@RȤ?">2%P3TN;q ig~vֆ?U oRuN"SSdY_F`V# (ɺOB2>}Uc6{l6/}܉b3x^Ktדb C[œA"S`{Fh:-Rʬ\<'| I9 a~߲?$듘eEeծ˔gR(u0 -"p(5KFi'WX?g`^R>L ln%c͇[%1 6Yu#Z:C -e^S.~J'4 V ^ ui1Q_JrD';{a}ѕ'P=/7ahPuT.С@ `af<1S;A@NG *Z"Gw<:&φ?G"#mG,DZ@'rHwNLPpCZoL2jD!͠Ҫh:`o{+iqɾ=3 :4Gy?wY<>Ul劭|V͡v!% Xcb8* m{x^}*8ɸ/O*vk_Rx>Da?^T/߽HÙ S's\ 2{ ]dD/ia{~KkGj+8Rz?ێXŒ| T/s\~EXn%=dz"n(Q z|l G)ZKcs.w-Vz#Db7G ZmSօ⣾Xnb΍q^@{w7-Gz(Ō-,W;Aqs!2 =M{ U,X$"N2/4CԠX…GnH B w61)ϑk(5BC/tqG^I )iƘSlE@>U\?W"nl_DHL9äZrK҇Go􈂀FGXɑ?^gPymr#O:ir6RH%8 RulHs%~Ն%`p)2Ȟxb˕q089ˏ IrI;^^ޫ.pm`:K+rO$F,V چbE98Qf@Z&.3qL.VBc|;jhe%.m(%®gSRsT,Es>r?a=T0+_}Bn"X578} (5K0 L/L4`[A(KwX(Oݏu44Tu[K zGʍpZ*~9 pC~~5\c =A^VԒ@ҨU o92d=B6< ,Q1J$[O s]Ty{JA4ʂC~y%WxjC EY>JCk[DvĚHʝl -8K/Dc'-99dz{8vӛ[G5xp.%*nwacjH鞦cl͎|hOMU䪦W=b *9 $.>ߴ1jb u[{2t~i':!ONMo%p"·NESCXdh^Ғ_2?̢כ//(ԣovs=ѵq 6,IT}/z12%m7xfݏmnB yYѕi挩ų(A3$L`U뇕ƲԐ){0(#! `Ӄ>$ Ы5"wц@]^Qzd*7=qܰpl0A&nGD(9r,6h{B9eɿaB\EݥUFvT۔3<YQ5WәjCPTm{|8[8>;Z[OV)@.PY0]}مTc'ƺ>3Q_x0ÄXnnFǼ7iIP0 _g'VL1|;hԾ=4UA`.3 hf4T @gR_ a[- !='87.4qTB<۩8~wsԽ[MI030Jj^}Ӊ {ᨂP6mM'P~`b///;7\\ ^T2,<[חn?UT8$"6޸*0Ǵ,&S"JV0L QʖTx-m\B~ pE߾d\0rEfA( CAU#/x;xYm4W=k}cy*[0=#>5}k*c&!uChv78AQE2j[`uβf u t8$YM^Q }g6B)4H,!$CBCpg L]v=\OW16stcƦQ!A-x  9QJej:.#%W 8k?Lj3P.o 9143u`ōM\"QOoQ4kRM lyi@\#2i7!C~d*T 5/f!@lW_y:3Z<4@AyxUVSff;ʞ\"^@$&yl\ m~֯ߺ÷L}^X)fO$۝ߵ4މx`35 R8}}MEn/j!{agtTo8?'n,t Q yRGlo__uch}u휈;,qKg1/.B@ԻOp"\˔+#}acH.W p| RswOBY+גG|>Lz(y$i&y[Y׊6; A_(⣭ќC_]đ+ Gģo"!ELH9xi}yʵm;1ԵE,-Jhu1\De,#(NQ/q@{_`h}̭vg` LoQt0y#JղݮDJx>7vB|=[!1rï)N)1 :G=a搊ܻ3H9[eJCC1 totgiǢL&qS022aOמDb*2vnIj]VA6m4#szO?d65T JyG"0_hmXS&} EV> `ꇚ͝vg۩y=L$%xnz3+QQAD{((ΑsBpO5`/߻k0\3= V@RZᄂxNF_NcpzxmcK kcu+弧-C 2䒙6S\I T%w`Z`ѹvn+zV3"8~CF +Qea+-RY*d7؛p_f3pV+Bf5[`!4':>H@]_HƟ4)F E" ys&<-F ^k^إ^抑NdQv̋cLZA3R;[^rԜ6_g&c\҉JPpXF-)*01sId",8KAE8'[?@_H7#`_etbÀ&f5ңQbB#jµX҄>a[bռb*e5U:ɒ䘩SxּPl*R΁/NL'8FU *%L})%Xկ /#zAj%%4XE&F @TA ;;0DGDH>vڟԙ.kЉCEMz%̈́"#i2^ 5 uL7ѫ Jt@s<}MQft5S) 6MJomnH+yKZ ޯWc?*" w0$\=~7E̶ `jw[~zQ}Jl~.KFOuO(fbk2U:yHFhqY0=n|wv5vS(.-TPD7_owi(\@^p6k^_mPOKg6+vb 9"S0үKzZadCA:DїGqLt\)yd-igC:ŪA^%94?+dB],*`7h/]?n $*iQ|vPo.7o= Y5`ÊXweY~/4HeJ'FFDRNpDE8/r$|~n{K/9)rݨ^ogǀL %X:qE440rO"Ms/ftؔqݽ  BZɓ:_L)+d7J.g&z<#,thxog|%piՆ']x`$D-$*v*2ux xs[)*v/1D&nr cBQZw?jjw&jY~ˬG7RWszdkzgD`D^֍GV@bJYm.c%KM{b\{5qڛ%-A:퀾7I3uZP/YZl&ɩCc,ɚc8_̒K@k3Z^v10xOlk5Bt?0U pvfి`5ۮVg s;ƉV_aar\`Ue3e_#qx$zl , ߄ lL&.?x^&V"·(*QaȦUr'K<.&~՞G+üz6l Xg%#4 Q5qLl {}2%M孉&5-Lhծ9A im, )pz}g!Xu|D"|3؀z[r~N9zt)/S[f˲V;\ZoYh;qkoPt0?Bir-V߾ %1,l*Xd PZY7 [C.yˁdfeD`WЦBFꎿRtWg5Bѧ Mq*b?D&dzt,վwt&#a'nP?.;1d? Q_Y]l z`g dN½2h܌ZOMU?!YQ@8IVwjzg*.a-^(k2%J7Sj\%#6RLxψ9B|`VFB3D=~PFKѪϬ;Tfo5S}$r*k8*Cu=NAzwTt1'EI߂tZYbi Zxaa&_ȜP|"6[|ʃ+%ke9m[ 7N hNa 5zGV^qԜCDQ]/IoͿ<\0k; 4\0=+ ɍ"A$JE\ܮ+"[uG2:R2ECUtZ"[qy|UQNE+E}q駑 }w~.(,b'9%Xk"Li n)< ]7,`B]9{F :sUܶWXΈRc*9$lA&ә&%oo V}{%{O߃%3v UukLH7QMf&qnv3v|,';O:>1MOirW ͢ۍQ脳w$d>f$3S@ 5ہC3{sfB!h%ȍM߸&9ehl9E513&7xK#pys\>a٧3Py%%:L9b, `Q#9LG4C>UcMym/-yOnƧy {bQL9Cwʏ.Sr0^_Q ص/ܨy1tTi@ЃAXT,<$e!ָ9>SُFJ;uYQÆ[pzEpʊK sGN ݅!I%|Evك;ǩ夼{^IIN6S_'td\_Bj2J\~O-z?Y2_Rr/d "F&Lok%,b%V; dΗYW)2A-(s+};7=Qsf M,96QT:N¿6sO$݊2^IF#yC;׆aʚ^rW]+?[&@nՙ2,/:s;l- $)L_Vs{ٌ۷UD~ y&/q|pZߏ^dlE;|w\'c9R3d2s+:fxdB9SƙB#~`|TٵȸLƘYj^*u1Z/Lm߃gΉ^PV6w٪֘1i{\A 5ԑPn\ɣ rb#RDދ3HTkKi||Xܕsl580(z}ZUMpxBE=+邼Ĝ[ %R*މoņ} lq"?5q5s~̾u~p7B|Q ٥ }QClm,()o @`v R-h|Rz #ЕzS։ ތcȠSO_Vddnl$sѵ1UōNAX%Wr:_78Ҝ荅{kD`zh'`Ԧy6cct衖J?xPOTJ1@I mWN7cݬM%(+~HZsc?M"gB9Og:ɨNVJGүR(Ⱦ q/5y\}+݁a5iژ$^'2LXe.T/HjCM+tl7W+T8#Z-1,; c)P("e4 UQ •?a2 h#Fc4iы`o[c*58GJ6N[y{=^D%-?.mw[?+wD5Ӂ1K+1,H*5_UHM7k<> p'w(8W.Q>NQAgM⃿ 2 'buˮC}(΀k ("i&ijS8(»<j)H=* BP(~NDVΣ=B6ec0 vũć*LPjR<#16VFepRkޥN4BuFLxIKq suQY9o{NOG;&M Q;r+WHa/R;٤I B ű^= CL)*2Voӫ:I= eOe?^׾}ԣP>F['\̆I_*I 38˜Y9_mvMu[Jp DK&}#[\ax XmШN.7fhQiCSY{г~μwz*6}iQLX8$ zq:  .eh9Xvy6c}pLșw\K .@QgLg!U[9PDXވu~;&7?'FziRD6烏r|1uZMiu7řÀt ]Z0$]?b}]uikfe?b‘NcCNH4XӫWP@ĩM,uWE tq?S{ dəo2ˇc?ϧs; '#6L76g{Գ w\g?-wU Е,f'k\P׉%f= 6VJSھ_I]ܧ+`*`Jݚ,=p&.sdW?T )0߽Dϛx ~V4gfW-Ùɓ>6T!|>O\f*4pbVQ)up*JnKmԅ' ՝8%0WhF>j8@m (923NF;bj39{,HQ6BkyM++yBkf}C&4t~u]\\{ >d}Fm'u;aKՑ8JI;]laAfgRcg@GXk8h_  CJ%J̽v x+9|N1(SJ1[nxĻk+:6q™'zZ`K`I6Uӹ)u@fcmmnHXMb;<89Ac#[ *(]u ho`&Dۛn;dģ/ 33L0xi-*r,DoU/Vz YWEB36pe+-0g"d͎߱<ȁ8|X{n[F &E ȋ 5wv3 p=6n1mʟ" hy!ki5aoS`ϴG$$}j_G&dGgt/XI#M;VsP z-ppwIsX:$3g' JбvfiݸYމxrUCy`]FLiLdOZF\U\ᣍ3kaQgj.Iut%S]޾@h)6(ÁP>Sida!`Ϙ͠UЃ#)@SHג^Kee xJ/+Vs[00hj}#Uz5?Yh ETcqe>=h/OA'Nx ij/?Sr[-F<3Yi 8/'9Be:ڌp0A!D.XWgVn}_^'uIȳOSo6U~!@klvD#]îr)LH 1>P&Bk~wCakRa,4QfoyHlog߰@r=zqB'sy$Dob-s`0nPN(Gy. .=nٟCdh[#Y kd[Ɖpz5ŏZ /-A߰OlrU!$axP8aCD>~kF[yA4i)[ Xѕ|8Ī+ vH{AhO%.@ܐ, ?6* xj B`ұ 5b=VqdSp vPG7cp U't9!*L Mٲy;:02hT.KdJA쪪EQ2dP*#t_xvFyYl/ݛvLoþ)47jNI䘫4S G6-߶B^70Hgo4Z`+ .ۄ1w1}GR`rkudɒWc\nP?:/0X[yN"(.|Ԓ›H6]d-](.ڢJg6K*.``m$٢Mx׏蚿\`-30ElmAO8A&X#.N:UNbT\LE`5Ts0NUWѳjbXyFF!h[l HfUzJ]" + )itB9@[]d4Ši* u*5G\u-Y O{gSʻcZGKי3?_RǃAR]*b PiOOvgB'\ OaϘ.z5inX(59]Zd.R6Gr &N%6xunh]Հx GʦLTvQ9yy覅 ‚+zF=;ZH1-G5 =,x+ *p-8b,~m=|\wAuBtImܿcvSszAG& .=; Vl{<#))k+HuLs 2]UHU6x2:¯q=09n `+ynO[1*ł9ktn|KgϴɜfBWo;w`JK|"rhG>u2{g dž[yԂ@DW<Fޛ|J~ʚ%@,!5>ҧH9yfC"Q? }X}pnvҷF8DE_~~! BbrIRQ0PQ `X2਀pI3t9!ES' L9eO\0KvjNƵ(^h` 9^C;n!Jع|s \v% $[ ?ćgsFyЭ(5`2}ǖ!5+UѩWeV>R'vCuA*SM z'?O־ʊZdycTwutV\ҰFy#;oe@l@C7]z|sjf0!ů<N&pjXK^0ŰU'&;ai,P/N&LW}(~cT܌i7O 7ʌͧE/2םP~E}dP EPbVqG bGg:90*)qAC!I4X )8Ȁ1i=Z"qPjV"$XjIdz-:$FxGEH4c;46u/Hɟ+tE؉yx{} ll`c^AgfFAjvu&doSTR-ݹW^3WWUfph)In,4x?;Ǣ(969ȣV4q;XܐIx{Y30NLreUL&I1gbզFe֕JI7igz@S>PvLJ#-ϼtd==#cK0Iͧw9clha&QO +ʦD/S:74]X ?ެ1nOWww݅.(ʤ 򫅖z|X֚i '>E&rNQ1۪}WsIkPs pNe]mP%k c֢?7Ib=ÿ`m,8y;+i &9&V/~>}ۥ,EߡR6鮸鍴}qr<#eBX6[v$a"`znjPB]P^K,L˅@B*C֣gV`؄b(+Ȝ)h5W24ВPM(9~6vD8tZ.A9:|\&>vg ti<ǀ5yuSGeڳDO@Vx6 4sU[jٻJn1cLVQq~ڡ޴7tBO,&V{ˮ .y&0Gr x.>SP:{!s jI˯h'۸a8@wº6]_8xURKkޛ) r?~l_"E{6lb ϗ<1%R3ɿ*jƺB(=TxQ yӨH$}3 n@"=ͧfК ꯇ{֓S&򏴑Qh"(sP+? "N9P :(Msk":w& cY -DX;Tf _۲d[zG垎E!nn,0øW[il)^,Bw=$Ƽ[gM0HSb:e{/&r~kg0Wʫn\/MJ2#5JieMk5⨢?h qm١ySv\'0W0UudV]{K8Bؽ2˦[[(H5WAȆn;!\LЌ2#R|%~"6ԕڷ'u:vQR)jcEr[VK8(чY>xzF62:k~w 9RP"B|caP,cnqiXD<(?OԘe3URd 1NVQұ*U{{UκLa-kRVT2vg{U⺣pGF{e8.ѰP>/Xk(BEdeEؕϞ2v'lCl ^ ZbHآ#TC^C%&|M]Gymѱ*p$+Sc(2!T˾r'ϗ^a'h%5٭B}hC4GH͞pR&"DKu] #6) ՕԤ[N [91I3LzPH JҀGtXPYN-Ά\RC%|г!eww Mig#s]LTL=ńkc3g*{-bsb88Ael%$E܉d6xfJg ccK?)g9K' G0o<.ZH"` P/dc;x0Tld`BQb5$ PEIkC_I!9h0L`)}I6: 3iw4Vg)GD'3go>eC)S'łybV- B1vJ _i Ϩt#D&[,, 1B/$Id 1 Ft)PS~MpjNߌ/]yjs&'L} /sX1ATc=-G&J ״wio&>FΟ'df}ENGSWs5q;U'x7wguA,dsjlY9eojT4k5G:&y``Siq֋T=ZV̑'Ja_Z発8zZ&~6FP;M`J3- {ǖm8q6wP#c|k5N$D|o"'Ab'bg"ʣwt2&ͣ$}Н'PlV%2`n )aVR[K S㵨5\!em:fcBZȣfjj%|Zp {;X&+zbeC%N@ǯY]"kOF,`%صh8â uA,K*HZ:F_ yiШٳU ͮA=~|l.a8VAXKz Ѽ$4 M&ƼRver|* u*) ;3#jf 3B"ꤍ;|3RAO`R8t2@Gi]@g:\7}~9KsAƄP E~C[MyyV?4v S9>W-)䁪#e wQRgY{;bY9s ϗ6z3EsÕ*&P 1+x,~\ʑ1Awt[zioK An)iC%Ue{"yEdEgLs8a u=ڹji=SޓU؈NIgo '|t)սG[FVK&G R4v>\H}yN`HTR$,%FW¥a/<Ҿ~ס F*^k Orƛ.^uxpwY(|HoH3H?=:dZG<{<2:TĦiѓx.WL|$fLa|KgɦY=&9)D3˨,*&q# $vFV)&tf@p\Z,̏K;J&& ##˷U?_=;jIBS v94q;hߐ#U sq!˄{55[6leR谯o X3 _!wްr) I>;INzL :jI.K$爛0 +dK/4O(8q V粝n{e1KDMA?qc.Bte@(%8z N]OP[isӒ` .ou[h{5bGeIY(焗%݉e'pZj^v$1vړv%G6b/I#N1i_I-#5iWm3dAH-GZF%a`H8tesf0 28KስcihpJE->5B] _LkAARSAG]5wہ_Hfm{Y;?̓P/ o %obȃiوT~ȿaNb 7jVsaseɁfh{RG1H' G]yt Roܥu=ƁjZ*e-B%~=!uڶ^@SPllIpngNO}Bral0*.at[v  G5u6᧞Hj~iDDzEgj+:Dsp1ߦvBjQ56ղѷ^fas9̲gidh#sTr=3@4[l4mY" 0ȠZt 1.Q[gaj`I%F7O.N >ڟ@KN(>D˜JO Onv*щ%wde +j]oa'ixE$bVHGr5&:){@:qYd u ۂj+KtzZӧJvn5=XM=pk".6ԟ%DՎ,ES WJШ?S_uE.+Q:#Y7ɩBW.l9$k~Oixz_*+ 纝(_&'DuT9/ٌbTi.Ւnּh;h'|~}WH{澱?tԸwDC{ *]ʶޢz6d?)JX>F.KpKx;):zXlgtZ{t=uUTr-$j:Lf w։E{+7a!qVixuөkq[iU=^3yFu-Ivr2ę[.KrXך<~K~cm2m"3$>#- JM]@\:"ptԹ4* d4|en3@<]*ES>o cvx3{>\U&Dɹh>]0}֣C'#,{f҄y\gZsnC}@:Z}]w60KH}_ so'^UudOD~Ho)}i|xv= c6IQ ]E-?'<臸[Cb`Do#A=ɹ(~S(j%H2ɫVRJީid0x#)u9&Mf%Cq/l/H!>)yc̒y N 1$gET*H#cj.ȞtoZiLar 4 uK..T>sҲ&|3nͭ};)PkvHS2e\ԝd2 C S}i$q|ɷwL5!aCHsm2*^Qéѯ1Jql8j\0X'Yna|6W@ъ(8%PD,p[>2lxަv_  (ͻ57ϥ]`5,N8RT˿7&r|KU'wTƿ 6o Ek$t>ce H'ώ;^Pj|B?+>  iӎf#Y'Yv׻$]2YA6x #k9}{aPYd)(ۇ۷TTeLϞe3vՂLܹNeYc%xλrb8ʗT# vn6cخzi50tj-si}+Mr9·}HbXw<*m~k}ET=}[zI,#VpMw,PeY}]z~x Cs+Og~6a|ɽg]64qt1 V}D3=; C0e5*QUB *_~n)}/ޥ)6<{_SG 8g`gv  &qDبɁz3RvQl +M@ W3ƺGd,EL+=Yw=egƞ r2')u$qx~6(> /d< ݵhuh'2ES HͿ``grЌ]nvnY鱊_JuTj'< UEee %yr 2e"1Sn'Hnx ip4!J]R'tHuT% F\"q)sc+mzNdhmg$Iu;>*edx=/= f=: ~d=BӚh Xawɀi N7j⹆&kZjiRE9uoG0KmE-x;Us*6,N!DV}U>"fn˕AbM#3ݶ샥l'Fw&$մJt &q~c#^ !\/إoN7`n՛CeTݑϊSY,q{J6M%VWY {]f?/:u_Ny_+%p+G+({ՅŦb149d}Jއa.̇pE͋nҧ,ZKq @e,wWuJNJ3G IMgݎYV[a)Q>ޙiڕɹx,`1eZu(qfۗ1\:i^PoxˋlVծI0 EhFCp7ǝ7Ģ8YΛGQOiN[G]<+5 ѶO1$Fq &ygr/zXL^}5rDw>q=;pL[ėr))e+|gDYvr}ݱà uS'{bq*jePPZ ?-bbK Yo4B/3b&0)^hu^cz/-N$]tA}RP3#*y%GvWd,VySii7Z0|J3fG\kV#-WϪh*]pLlQSϊ@uZL(oKݮN,jm9w'dVG}FSw7 -XYpp9n/[FXqZFaGi}ryҨ>8)l_P\ERܹC==O^mFoB-<ú([-X!D@+ ڵi#^~Ehf+㙔$o[3fDrfkHԟ_5&-LN^zG&tHwTo=EiLy΍\yv&q J#A6n38"8ǀN& 1ȯK@EN1Z>犮!lY myrș^uBe(X<_ ̥5-g)=~/db5 XMW=+~E+gW};Uw)&7wX5˯NYm!RwJd*9\u^h<G— H'WbRQnJo5T:4|̈ʹTڶ=dź6'vLwdeKҡHf)1-| rcaűgDW,Tm<%4%aMlr8Ѱ;x:v>ebJd!j g,BL714C7 ۗccT:~cx{"lSL$͞j}^ ezwr+/sk!X1gyf]uk2 Xxoa9f+_$d1ΐ_\S1՛ՙNc3 (Em1~ Jф,-ҲV1r0F┫h v7d*MAVlx9FUohqQ쌘KJLQZpgl< 8Bemsó/?jiL9P~z)@zOg\4fyJ㭶K]:lu VGw~p!YxB$o^GnD 8LL?}u Ś;pSc{G\ZHܥԎ%޸;!@5V UKW§(akY =qڣn.fX#"'֝g&ռRaz}dӒh2(BqeyDr^ {/Y0)_Ux u&Kԗƀh #.ۗ 6dhH -ȫ.(Q6K)X끇hnᳱRZ5{:,=ESJ}J"`[瘄k+gR'V񽩬`x|.c9N{`X!?M1Ko~役Kv0D- -g zS*66֌2~h{.{S3*ls#)1 cLjBWPĦyys:qɎk]]Gjnjl*C$` Z;*,eT4Oi/?XYVw3ot2;b(>҆ooAdLlJ-ˋSg33A&f~XP` #(fmbŀ9&pZLoFa%G._!@#zM4SekD+ Ce?Y\ Ȯ)3))F9IWLGPA9YJ*(7 gkSƒwglvXykMs(EJbZWɄ!_7ewY(-}=wK?R~7U.&r؎@PZMCE}K#q.\[q*CZAYvam%V$W,ܰHg47=*wdpog Nz"#4s e<[ٌ5|9,W#|WK\S\ “N )Ϭ_?d G;Yo:lKO},) :oZ"=m-{~өD/ILC_W "!7T. *g>>4®[scì|C{I ~zg9T;_NΑ=}q,3=O^˗TEQ  ! MG=^AOY }+{k܄vJN!<ؠaK#SN YT8 Q5SE*y6}_ANq1zI/$ *Xw *1:#)TfaarXw\Ab!PH{5\䱂CkGLXvH'h*{4P"ҮNDZZ$+&>|VIUC@ò'Xp[7[qALHۚM{IQZ(ݺ+a@!?<Ԯ{LtHBȿ$.r\$ XAfl-tWkQh!5֡ʃu;F'ӐSD$^.$ 'ap,wU?C{"xl^ȁ@N;P-}Yc<-E(/ьˬ+s\99Rpr80/X~6#ܕZ5C ԏeJav+GޠE%sNXb&a:w)ִu`~LQ5`F@5 ~yC(8%]z'q貙WjH9΃l\9qr|$`R&V71]Ob![%a|{йvlVoG3Em0`>yWx"2^HEgP՛#ݏ|R-=dMߥ;< fT< a"ٓY hQC|_׮(ꯧS(襐ԎMIDIN+tPuKI'! vΚp Ӣ=t' 9sݱY=tr䃖fxLݧaD=Q.kR1FU*"RhYz@&'o8[~?2hQ1xPc>;F} P{ʺjKh1im56] o~bĕdu N58[^opB]=}0tI{v*? tn$M'Cꣴ#%h?"q57F> I,~y*Dr# #{!+b ;i +3eAnh$[ oPWYAkJEVvJ~W4 qv@A^jRV^ۈV~^r}UGtv=*$Wɼ^;8e庰xLjYV[oo=Ǻ['>ɓl)GJ:ҐMcǙi&e KD{/p7AP NFo>Nm)\z]dV^Hƪ(<|i-nWAkn.XE\D`rtζ`jc .܉E DJKFlfeY̜cr3_n G,7D9}BpmiK'2Le/R3 S‹VD}\6 C._Yqs>cj ɪ@}ql&K ](IqGQlv{77d"c2 ->|gD7b)ai(@xJcI [2gBFpB15I) ORj`<ܔԞS)GUƨՏXիZAH)P "i{ULAcɷH2 O]jUGMТ8E_$/Ξ\IkP?{'۟>ȻJPzT""OEC+Ld, _eI1yYlѵrH<3 vB@j͞զj/\Ϻ宠.H&$!8<U4TBٕv.b^(0\Ψ!C6 4$݁6%.,稛kA~nZrMLm*5:R)DOk[.z^;n)Y2T %8"#+mЕ~^[-QZ=u. Dx\z"3I iwP~ޠPS#oH'h(Olz$W;Nb-q gBe+QȄK1)Қ&pI8nwwbuܱ KEϖ']E2Pэ=J2(P>lV 6GY w;ɰXlP,u @# I>L`z)< ~c 7!k" ^A&Z6//60dʁ$i$Wxjq4P<2LT5mgڴD:;"dM%SocMNJlY?7B0*SŠ-Cȷs"9JI_Vqy! Z[1VOdZ)݌xͪD`Sm˽|9ה$Vfz+$0W [rM`֮'W^oJ̉S!tl^9Y5l 1Ϛr\$7 E"pXxhqS<(3ymyf]4~%0:TνsKxdQ|~rD{H"kPL8kTɭorNFGʂ}r؜ܜ5gu@v:00)ѳG:6ekV>,nW׊ezM_gp oI[tIoy~+WDќd_W&H z>3Sr_R +kvUIa;8P-̟Ur`sehm qB˂0) ,~$*ZڢޒG+݌=,J}BcGz}ִ:esu@m% Qui?|Ó+tV@Jzhpl0eٛ{jj}p3U\(0*~@!E҅t箫İ\Xcb I/ o/9 )AXaV@2 փyW~\h1yG.M ݂eϖ2# *b=yv] ÏZ4sN{%a/T2]\\9apC%lE[-eĴaԚ X3+dޭfCX"qBqvru%yVzc:f]# l/5[sVCUЯ&AZЭzS&x;?^3nޏos/*iHՉc7-{5iQ2j G<{5Ǧ|5vb`7[M)f3?iTXIfW1mr 7 {pqKDC_DQ<95dCo{G6ݣ24vxi#۹cɝ^:rGꮕuxwH; `mK;M 5H=FAԱ`ߒ6iQIl*%]Zٖ9DP/b<'抶[L+w)=!nFU➀f؉Ed 5|1rO,_,Qsp퇽- `oؕ~mKqp8j,?Ln)j1 ([%.\d"$kWb.;/d O44Y 7N>S,u.vT iV`86 կPkV?ݒN[]ヌ7l_HE>s?,D=(xTSD&>)wMSlFLk~P1 j3.Q}`z6(Х](QC>vֽy(sTNۘ+f:dg*,wF[XfW F}u _=?ފ72rB!{mqSS槷XoMVv ˅y}q% 4{(V]Baf7川{J5K a]5ČF IX/T7i]֑NMg:eY^ [ǖق}JM3k,=Aߏ0B,좫dl 1\AJ^ox%KhmD^MY := o+16xrwW7飼rFQ&|*W!Zؙ$A9p+>qTNehm4qSk.~Ff1#ȒsG%7CݦM8T\6fBdW5wQG۾2.!gzZHc,V5loM5J?_[^Ԏ]>VY"?j6c>N~^aaM՚/)BD%NW#[EX`v'iآY_yz>I?5fW,Kpk`ݖñ?Tj4t5:w?xUs3}$ josLKEo67ЙK)"+z`rZYb!u[qNjLݖpSK<_ ,Jc댑 h24yټtÈ44ʪ^`8e?H *|-hcMʴivJIa0va1tX=ڌ<9E;_dh5J&|>J3h}$VhUA*4}T1=RbQBxoo ۧ]K8t$\OFGw~zzQ]gH'jϏ5Nne>1=ޅA a5v oSX.Ⱥ˛V7 .[x4˼SQ-!w( ʖ1!.9R-! 4^ Lø+e Q0 *ҼVKGJ&Ǡ 8i13wD]A=˞p5 %C $;WhB'wdH IaĀ>k=$ `N=rmM:omM2q@UkI^԰lE ܟjh:s* r-ZHC}p!sY3Lȧ4]0f奄;];mNJ"ܛyd'Y=j{w!1!F ^z&餵lS}QrmU5D+%? {9 J!::}>{MӠ* ]40D]Xc{OHD0x*&.GQad9'r?ev#g` 2k$Gy9Ϙ?-W ,Cct1 TfZ87]]xFچl⺗7LhHGֳf"oд8 *4A%"3!x ʰGj'lQë8bHfVMN 2 )dvN73}}5[̾(ME?ݫ3\JLUķ?0m _*ҝQEe%B 8.b6br3v(l$)؉mXWddA3Epń9:b):zr-ʏC8t$8[(tqb4W$=)4sЀ>"q S7&eFRLQ_E(~-}aq5߆* T IaߩZJa@ӆ8CR}\nC> ޒ[QPST ̻RԌnhmKܶIngn1DP~1 y\6rȮFW}kînBt* KE%Ua5P}9@J%\( *ck޳o MDZ"T]OoZӹvxד_N)}߄cKRX%earY5Z)C~[]#W<^]f%JI'Znfaz4!$x1khf~(w^=܃%ퟐ$qי?!lD_'QI >I괏2F|Q ُE嗍Cȵz4EV%]yl&aC3V1kLY06.Y}x}[]^gz A@𵃛CGvQ!oNDNtbZ5G =?ͅs6# b3e,1brYf8ܲBz `Ul ֧ 9ȡ\H}OO"&I)9oCNҜk D{+F"y%RN> *#@q3F  4zتn |X:t6Fw@n?q4m]IHcz_NA"QC4GģYy2Gƃ6!Hq CL*dl;NW&}zG˞Ae)wm玲`{:5?O4YZEVAAA8['&yYCBۭE|CI/e&r^U7(PSoUU=edʼi% 59;NA7 ̡EFÚ9 ofA?0oE}y OZ~ :\Z:`=ט,S&n+?GW+=2?'T]MHqU3Ԗi@ZrV1y m}qUO"^DOSCc sM=nTY~T_V 8>> dˋRp}9hpˤ\c|9LGeI&ԧC2c<\d5D&8r7@[RUhc _( Ƹ<8c7% LUՍ,û,  ɾzR ˳ b+dGIحkx b I'a `JXI @6_!q%\Q3s"b'mp@a`Fgy@? &#vx|xKQ鰚\ >m}/\$1A\0ԭe!WQпP>\ɶ厽5Vy3Ӣ\8Z(BJh1:J6UFG;ћ"|k)Xug7CXNj9HOA.Ty2߫FZϗ7 -hшsƬ],lc(TUQӷ̊2lැˉ;O1C|\= @b JC^׉xIzׄ*L eʔ`gYA(c@(qNœDאEZ҉朱<۹ʜ#uH~F8~܎0=@S($d\&>m" _m<-apawد# &D: &[vrcN`5{vjwEήR1RaɈ@ũ`sx`gOG<-ye`'-PG^?(ȱxgs3Kdp2A $Dh9~0\0jQj! &T~hbh$^9,"fTX ;@͹tRf@#F aF>2D@OW3ͷR*iYud:Gkn/=^A4';Vۘ;!vG^ RYnO.i"P3ÝJA@`Q;E>shhEX O.,tݲ/ 3=Hb/d+x r& egTƛ|p|YjzH/yD+9[%\)|Ef+kPTt9JB"C1nTbVw/p2: Tt$`o:O4L(^O'|s+ : %W\hr~֥ATA8ۇ*>b+ ]qfM XXO]`/G6+?QmvWi^PFIȆ*LK Zq\(ҔAK),/N 6Hr&KefoU]L~Wic3.$m8ֺaD^3=3KvBe*'tXYokCB(/NF_OϐOt"BVl} f.̚d&Y嘄#߲:ު~'igU5uSHvM4bW]KisJBl\|PKYKVgW1⼁x^~b] C83Y[%H4f+Ն|ezEƐ'yxE^7GG*fnaM.,>ĬW~B:v_`gԓ؟AaNuxGMkyL=8J|LS%ƉRy4@ѿYX~ȝ3ٸF!.NRYƯ- }hsK6k*f, ݕ%Nm3i]F 2s̔7ݛk ]Tv٨1B 3p#fagў1!P Q5S\+{GxAVT[I>xa n$1\s~kM-P='_v$oWEP{_Ђ8bE̩E.[pF70v/8ИTup{>N¤}4OlpjzO˳YE<ͧ!pFlri(5FU Fٮg0bbUW箳{I;xp,W B t1񢣃G]$}edZEґ_nbE!Wi)H&{W}A\# bWSdC=n%AֽӡetA{?2e1n7O#)ƷUA8Gu<=RU;'B^Ba-T$6Nô<άtqu=c,#2"rU]A)N:B3zM| ض