freerdp-proxy-2.4.0-150400.3.9.1 >  A cNp9| U:08HNՕD<ip83E$->2q'w3 @š\Ck^=JAd+!GNLԉ=_By9ˀ(3{٢)dz座BhDXNPp okmg?y]-U%af+{*$[cyǴ򸤱J$-gS-}6ۚj: q4fhSW'yo:K k60a6ddb57c1bc17abbb323c27a66041df19960afca6663fc3e8ee994660d29ec36e1bf05894e117bd760c38d365ae987790f1306cNp9| 𐳿n& RyQK>0'ʞ1(ӏŒs^Ӈ@9-!SɡX/MXŜodeT/Qy8/ɳCVx0@àNR6 ,?}w,#&NzfJ3O1xFjeBn^DUݬo_)'ߞ10UCnĘX[nPjMkN{RFhFuײ({4 unM$c#( x>p>b0?b d # V1R] s      <@h   (8.9.:.F_G_0H_4I_8X_<Y_D\_l]_p^_~b_c`1d`e`f`l`u`v`waxayazaaaabCfreerdp-proxy2.4.0150400.3.9.1Remote Desktop Security and Monitorig Proxy ServerThis package contains a proxy that allows to select specific features and channels allowed for all connections passing through. It allows monitoring of the running sessions.cNs390zp33SUSE Linux Enterprise 15SUSE LLC Apache-2.0https://www.suse.com/Productivity/Networking/Otherhttps://www.freerdp.com/linuxs390xcNf12a31623d5877cecb2daa3ee9c2a830dafde747cd7ac757da119317dab22e45rootrootfreerdp-2.4.0-150400.3.9.1.src.rpmfreerdp-proxyfreerdp-proxy(s390-64)@@@@@@@@    libc.so.6()(64bit)libc.so.6(GLIBC_2.2)(64bit)libc.so.6(GLIBC_2.4)(64bit)libfreerdp-client2.so.2()(64bit)libfreerdp-server2.so.2()(64bit)libfreerdp2.so.2()(64bit)librdpgfx-client.so()(64bit)libwinpr2.so.2()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.3cN@bL@b@a^@a]aEaD@aD@aA@a@a`OL@`<@`7@_@_^@^@^^^I^@^@^T@^^t@]@\@[@[j@Zz@Z@Z`@ZkZWQZY@@YKYKY=0Y;@X~@XW local * #gh:FreeRDP/FreeRDP#6985: Support newer FFMPEG builds * #gh:FreeRDP/FreeRDP#6989: Use OpenSSL default certificate store settings * #gh:FreeRDP/FreeRDP#7073: Planar alignment fixes- Updated to release 2.3.2 Noteworthy changes: * Fixed autoreconnect printer backend loading * Fixed compilation on older mac os versions < 10.14 * Fixed mouse pointer move with smart-sizing * Added command line option to disable websocket gateway support * Fixed drive hotplugging issues with windows * Fixed smartcard issues on mac Fixed issues: * #gh:FreeRDP/FreeRDP#6900: Transparency issues with aFreeRDP * #gh:FreeRDP/FreeRDP#6848: Invalid format string in smartcard trace * #gh:FreeRDP/FreeRDP#6846: Fixed static builds * #gh:FreeRDP/FreeRDP#6888: Crash due to missing bounds checks * #gh:FreeRDP/FreeRDP#6882: Use default sound device on mac- Updated to release 2.3.1 Noteworthy changes: * This is a compatibility bugfix release readding some (deprecated) symbols/defines * Also add some more EXPERIMENTAL warnings to CMake flags as some were not clear enough. * Fixed a memory leak in xfreerdp (mouse pointer updates) * No longer activating some compile time debug options with - DWITH_DEBUG_ALL=ON which might leak sensitive information. * Added -DDEFINE_NO_DEPRECATED for developers to detect use of deprecated symbols- Updated to release 2.3.0 Noteworthy changes: * Websocket support for proxy connections * Progressive codec improvements. Reduces graphical glitches against windows and ogon servers * Fixed +glyph-cache, now working properly without disconnects * Huge file support in clipboard * XWayland support for xfreerdp (keyboard grabbing) * Improved wlfreerdp (wayland client) * Option to allow keyboard scancodes to be remapped manually * Improved mouse wheel behaviour when scrolling * Improved dynamic channel behaviour, more stable event detection * New connection state PubSub notification: Clients can now monitor current connection state Fixes: * gh#FreeRDP/FreeRDP/6626: Fixed parsing of FastGlyph order. gh#FreeRDP/FreeRDP/6624: Added support for xwayland keyboard grab gh#FreeRDP/FreeRDP/6492: Added clipboard CB_HUGE_FILE_SUPPORT_ENABLED flag gh#FreeRDP/FreeRDP/6428: Improve NLA error code logging. gh#FreeRDP/FreeRDP/6416: Http gateway message support gh#FreeRDP/FreeRDP/6753: List of pull requests to backport for stable-next - Added freerdp-rpmlintrc to supress a false positive as gethostbyname() is a windows-function call not a unix one.- Updated to release 2.2.0 (boo#1174321, gh#FreeRDP/FreeRDP#6381) * SECURITY: CVE-2020-15103 - Integer overflow due to missing input sanitation in rdpegfx channel * Sound & mic - filter GSM codec for microphone redirection (gh#FreeRDP/FreeRDP#6263) * windows client title length (gh#FreeRDP/FreeRDP#6335) * "Alternate Secondary Drawing Order UNKNOWN" (gh#FreeRDP/FreeRDP#6370) * remoteapp with dialog is disconnecting when it loses focus (gh#FreeRDP/FreeRDP#6298) * v2.1.2: Can't connect to Windows7 (gh#FreeRDP/FreeRDP#6299) * fix: memory leak in nsc * urbdrc: some fixes and improvements * build: use cmake to detect getlogin_r, improve asan checks/detection * server/proxy: - new: support for heartbeats - new: support for rail handshake ex flags - fix: possible race condition with redirects * Drop upstream fixed patch: freerdp-CVE-2020-15103.patch - Removed freerdp_Mask_CACHED_BRUSH_when_checking_brush_style.patch- Drop BuildRequires of libavcodec for Leap/SLE (bsc#1174200)- Added freerdp_Mask_CACHED_BRUSH_when_checking_brush_style.patch which fixed frequent crashes described in boo#1173605 and gh#FreeRDP/FreeRDP#6298- Updated to release 2.1.2 (boo#1173247) * CVE-2020-4033 Out of bound read in RLEDECOMPRESS * CVE-2020-4031 Use-After-Free in gdi_SelectObject * CVE-2020-4032 Integer casting vulnerability in `update_recv_secondary_order` * CVE-2020-4030 OOB read in `TrioParse` * CVE-2020-11099 OOB Read in license_read_new_or_upgrade_license_packet * CVE-2020-11098 Out-of-bound read in glyph_cache_put * CVE-2020-11097 OOB read in ntlm_av_pair_get * CVE-2020-11095 Global OOB read in update_recv_primary_order * CVE-2020-11096 Global OOB read in update_read_cache_bitmap_v3_order * Gateway RPC fixes for windows * Fixed resource fee race resulting in double free in USB redirection * Fixed wayland client crashes * Fixed X11 client mouse mapping issues (X11 mapping on/off) * Some proxy related improvements (capture module) * Code cleanup (use getlogin_r, ...) - Removed obsolete upstream patch freerdp-bug-6205.patch- Updated to release 2.1.1 (boo#1171441) * CVE-2020-13396: GHSL-2020-100 OOB Read in ntlm_read_ChallengeMessage * CVE-2020-13397: GHSL-2020-101 OOB Read in security_fips_decrypt due to uninitialized value * CVE-2020-13398: GHSL-2020-102 OOB Write in crypto_rsa_common * Enforce synchronous legacy RDP encryption count (#6156) * Fixed some leaks and crashes missed in 2.1.0 * Removed dynamic channel listener limits * Lots of resource cleanup fixes (clang sanitizers) * A couple of performance improvements * Various small annoyances eliminated (typos, prefilled username for windows client, ...) - Removed freerdp-bug-6175.patch and freerdp-bug-6207.patch because included in upstream- Added freerdp-bug-6205.patch to fix reading newline on certificate accept gh#FreeRDP/FreeRDP#6205 - Added freerdp-bug-6175.patch to fix Certificate Checking Recently Broke gh#FreeRDP/FreeRDP#6148 - Added freerdp-bug-6207.patch to fix Abort on first possible certificate validation error gh#FreeRDP/FreeRDP#6207- Updated to release 2.1.0 (boo#1171441) * Fixed CVEs: - CVE-2020-11039 - CVE-2020-11038 - CVE-2020-11043 - CVE-2020-11040 - CVE-2020-11041 - CVE-2020-11019 - CVE-2020-11017 - CVE-2020-11018 * Fixed leak and crashing issues: - gh#FreeRDP/FreeRDP#6129 - gh#FreeRDP/FreeRDP#6128 - gh#FreeRDP/FreeRDP#6127 - gh#FreeRDP/FreeRDP#6110 - gh#FreeRDP/FreeRDP#6081 - gh#FreeRDP/FreeRDP#6077 * Noteworthy features and improvements: - Fixed sound issues (gh#FreeRDP/FreeRDP#6043) - New expert command line options /tune and /tune-list to modify all client settings in a generic way. - Fixes for smartcard cache, this improves compatibility of smartcard devices with newer smartcard channel. - Shadow server can now be instructed to listen to multiple interfaces. - Improved server certificate support (gh#FreeRDP/FreeRDP#6052) - Various fixes for wayland client (fullscreen, mouse wheel, ...) - Fixed large mouse pointer support, now mouse pointers > 96x96 pixel are visible. - USB redirection command line improvements (filter options) - Various translation improvements for android and ios clients - Removed upstream patches fix-freerdp-2.0.0-usbdk-build.patch and fix-URBDRC_DEVICE_ADD_FLAG-definitions.patch- Updated and reviewed make command and added fix-freerdp-2.0.0-usbdk-build.patch to fix boo#1169679 and make USB working again - Fixed build for SLE_12 - Cleaned up spec file- Add fix-URBDRC_DEVICE_ADD_FLAG-definitions.patch in order to fix boo#1169748.- Added cairo support for scaling - Cleaned up spec- Removed patch freerdp-Fix-realloc-return-handling.patch - Added pkgconfig(libusb-1.0) for building - Added new package for freerdp-proxy - Cleaned up spec file - Updated to release 2.0.0 * Fixed CVEs: - CVE-2020-11521 - CVE-2020-11522 - CVE-2020-11523 - CVE-2020-11524 - CVE-2020-11525 - CVE-2020-11526 * Fixed security related issues: - gh#FreeRDP/FreeRDP#6005 - gh#FreeRDP/FreeRDP#6006 - gh#FreeRDP/FreeRDP#6007 - gh#FreeRDP/FreeRDP#6008 - gh#FreeRDP/FreeRDP#6009 - gh#FreeRDP/FreeRDP#6010 - gh#FreeRDP/FreeRDP#6011 - gh#FreeRDP/FreeRDP#6012 - gh#FreeRDP/FreeRDP#6013 * sha256 is now used instead of sha1 to fingerprint certificates. This will invalidate all hosts in FreeRDP known_hosts2 file and causes a prompt if a new connection is established after the update * First version of the RDP proxy was added (gh#FreeRDP/FreeRDP#5372) thanks to @kubistika * Smartcard received some refactoring. Missing functions were added and input validation was improved (gh#FreeRDP/FreeRDP#5884) * A new option /cert that unifies all certificate related options (gh#FreeRDP/FreeRDP#5880) The old options (cert-ignore, cert-deny, cert-name, cert-tofu) are still available but marked as deprecated * Support for Remote Assistance Protocol Version 2 [MS-RA] * The DirectFB client was removed because it was unmaintained * Unified initialization of OrderSupport * Fix for licensing against Windows Server 2003 * Font smoothing is now enabled per default * Smart scaling for Wayland using libcairo was added (gh#FreeRDP/FreeRDP#5215) * Unified update->BeginPaint and update->EndPaint * An image scaling API for software drawing was added * Rail was updated to the latest spec version 28.0 * Support for H.264 in the shadow server is now detected at runtime * Add mask= option for /gfx and /gfx-h264 (gh#FreeRDP/FreeRDP#5771) * A new option /timeout was added to adjust the TCP ACK timeout (gh#FreeRDP/FreeRDP#5987)- Disable LTO on aarch64 and %arm to fix build- Add freerdp-Fix-realloc-return-handling.patch: Fix realloc return handling that results in memory leaks (boo#1153163, boo#1153164, gh#FreeRDP/FreeRDP#5645, CVE-2019-17177, CVE-2019-17178)- Add Requires: lib%{name}%{major_version} = %{version}-%{release}: freerdp should depend on the same release of libfreerdp2 (boo#1129193)- upgrade to version 2.0.0-rc4 (FATE#326739) * Fix the following issues: - CVE-2018-8784, boo#1116708 - CVE-2018-8785, boo#1117967 - CVE-2018-8786, boo#1117966 - CVE-2018-8787, boo#1117964 - CVE-2018-8788, boo#1117963 - CVE-2018-8789, boo#1117965 - CVE-2018-1000852, boo#1120507 * Security and stability improvements, including boo#1103557 and boo#1112028 * Refactored ntlm_av_pairs API * gateway: multiple fixes and improvements * client/X11: support for rail (remote app) icons was added * the licensing code was re-worked: Per-device licenses are now saved on the client and used on re-connect: WARNING: this is a change in FreeRDP behavior regarding licensing WARNING: this is a change in FreeRDP behavior regarding licensing. If the old behavior is required, or no licenses should be saved use the new command line option +old-license (gh#/FreeRDP/FreeRDP#4979) * improve order handling - only orders that were enabled during capability exchange are accepted. WARNING and NOTE: some servers do improperly send orders that weren't negotiated, for such cases the new command line option /relax-order-checks was added to disable the strict order checking. If connecting to xrdp the options /relax-order-checks *and* +glyph-cache are required. (gh#/FreeRDP/FreeRDP#4926) * /smartcard has now support for substring filters (gh#/FreeRDP/FreeRDP#4840) for details see https://github.com/FreeRDP/FreeRDP/wiki/smartcard-logon * add new command line option /smartcard-logon to allow smartcard login (currently only with RDP security) * add support to set tls security level (for openssl >= 1.1.0) - default level is set to 1 - the new command line option /tls-seclevel:[LEVEL] allows to set a different level if required * new command line option: /window-position to allow positioning the window on startup * client/X11: set window title before mapping * rdpsnd/audin (mostly server side) add support for audio re-sampling using soxr or ffmpeg- upgrade to version 2.0.0-rc3 See: https://github.com/FreeRDP/FreeRDP/milestone/9?closed=1 * Improved and cleaned up the command line interface * Fixed automount issues * Fixed several audio and microphone related issues * Implemented AAC and MP3 codecs * Added Wave2 support * Addedd dynamic resolution with full screen toggle support * Improved redirection handling and certificate issues * Improved automatic reconnects * Improced connection error handling * Fixed invalid pointer, double-free, integer underflow, buffer overflows issues as well as other memory leaks * fixed X11 Right-Ctrl ungrab feature * winpr: Updates time zone data to April 2018 * added libressl compatibility- removed SLE11 condition - removed no_connection_to_windows_10_17101.patch - removed -DBUILTIN_CHANNELS=OFF switch - explicitly set -DCHANNEL_GEOMETRY=ON - Disable the new X264 and OPENH264 codecs because openSUSE does not provide them - upgrade to version 2.0.0-rc2 See: https://github.com/FreeRDP/FreeRDP/milestone/8 Noteworthy features and improvements: * IMPORTANT: add support CredSSP v6 - this fixes KB4088776 see #4449, #4488 * basic support for the "Video Optimized Remoting Virtual Channel Extension" (MS-RDPEVOR) was added * many smart card related fixes and cleanups #4312 * fix ccache support * add support for memory and thread sanitizer * support for dynamic resloution changes was added in xfreerdp #4313 * support for gateway access token (command line option /gat) was added * initial support for travis-ci.org was added * SSE optimization version of RGB to AVC444 frame split was added * build: -msse2/-msse3 are not enabled globally anymore Fixed github issues (excerpt): * #4227 Convert settings->Password to binary blob * #4231 freerdp-2.0.0_rc0: 5 tests failed out of 184 on ppc * #4276 Big endian fixes * #4291 xfreerdp “Segmentation fault” when connecting to freerdp-shadow-cli * #4293 [X11] shadow server memory corruption with /monitors:2 #4293 * #4296 drive redirection - raise an error if the directory can't be found * #4306 Cannot connect to shadow server with NLA auth: SEC_E_OUT_OF_SEQUENCE (boo#1085416, boo#1087240, boo#1104918, CVE-2018-0886) * #4457 Fix /size: /w: /h: with /monitors: (Fix custom sizes) * #4527 pre-connection blob (pcb) support in .rdp files * #4552 Fix Windows 10 cursors drawing as black * smartcard related: #3521, #3431, #3474, #3488, #775, #1424- Fix boo#1090677 activate pulse optional component- Added no_connection_to_windows_10_17101.patch to fix Windows-connection-problem after Windows march 2018 updates. This fix is related to boo#1085416- Do not use xorg-x11-devel, instead buildrequire individual x components. - Only attempt to ge rid of __DATE__ and __TIME__ if SOURCE_DATE_EPOCH is not set.- Users can connect only once wo windows sessions due to [#]gh/FreeRDP/FreeRDP/4348 Therefore WITH_GSSAPI has been disabled until that issue has been solved- Updated to 2.0.0-rc1 Noteworthy features and improvements: * support for FIPS mode was added (option +fipsmode) * initial client side kerberos support (run cmake with WITH_GSSAPI) * support for ssh-agent redirection (as rdp channel) * the man page(s) and /help were updated an improved * add support for ICU for unicode conversion (-DWITH_ICU=ON) * client add option to force password prompt before connection (/from-stdin[:force]) * extend /size to allow width or height percentages (#gh/FreeRDP/FreeRDP/4146) * add support for "password is pin" * clipboard is now enabled per default (use -clipboard to disable) Fixed github issues (excerpt): * #gh/FreeRDP/FreeRDP/4281: Added option to prefer IPv6 over IPv4 * #gh/FreeRDP/FreeRDP/3890: Point to OpenSSL doc for private CA * #gh/FreeRDP/FreeRDP/3378: support 31 static channels as described in the spec * #gh/FreeRDP/FreeRDP/4253: Rfx decode tile width. * #gh/FreeRDP/FreeRDP/3267: fix parsing of drivestoredirect * #gh/FreeRDP/FreeRDP/4257: Proper error checks for /kbd argument * #gh/FreeRDP/FreeRDP/4249: Corruption due to recursive parser * #gh/FreeRDP/FreeRDP/4111: 15bpp color handling for brush. * #gh/FreeRDP/FreeRDP/3509: Added Ctrl+Alt+Enter description * #gh/FreeRDP/FreeRDP/3211: Return freerdp error from main. * #gh/FreeRDP/FreeRDP/3513: add better description for drive redirection * #gh/FreeRDP/FreeRDP/4199: ConvertFindDataAToW string length * #gh/FreeRDP/FreeRDP/4135: client/x11: fix colors on big endian * #gh/FreeRDP/FreeRDP/4089: fix h264 context leak when DeleteSurface * #gh/FreeRDP/FreeRDP/4117: possible segfault * #gh/FreeRDP/FreeRDP/4091: fix a regression with remote program- Remove extraneous Obsoletes for packages that never existed in openSUSE:Factory or X11:RemoteDesktop. - Rename libuwac0-devel to uwac0-devel and libwinpr-devel to winpr-devel, as that seems to be their upstream name which packages are encouraged to stick to. - Remove duplicated pkgconfig requires (these are autodetected).- Fixed download location- Switched to official RC0 - Create wayland client package and libuwac0 package - Create separate libwinpr2 to be used in other packages - enabled gstreamer (currently disabled for tumbleweed) - enabled kerberos authentication - Update to official RC0 Fix the following issues identified by the CISCO TALOS project: * TALOS-2017-0336 CVE-2017-2834 boo#1050714 * TALOS-2017-0337 CVE-2017-2835 boo#1050712 * TALOS-2017-0338 CVE-2017-2836 boo#1050699 * TALOS-2017-0339 CVE-2017-2837 boo#1050704 * TALOS-2017-0340 CVE-2017-2838 boo#1050708 * TALOS-2017-0341 CVE-2017-2839 boo#1050711- Redo history by using changelog url - Update to version 2.0.0~git.1497095982.1dbd2d28d: See https://github.com/freerdp/freeRDP/compare/043243f...1dbd2d28d for full details. - Packaging : + Move to xz tarball in _service + Remove 3472.patch merged upstream - Update to version 2.0.0~git.1496304402.c42ccb508: See https://github.com/freerdp/freeRDP/compare/043243f...c42ccb508 for changes.- Forcefully enable PIE in CFLAGS as the automatism did not work.- Add 3472.patch until upstream #3472 isssue is fixed and PR merged this fix boo#1004108- Update to version 2.0.0~git.1477034991.043243f: * fixed kerberos authentication * shadow/rdpsnd: Fix race condition in rdpsnd channel server. The output buffer and format parameters are not protected. * wfreerdp: fix invalid VerifyCertificate callback * rdpsnd/server: decrease audio latency and make it configurable. * Add an environment variables section to the man * protocol violation: rdp_read_extended_info_packet * Added support for OpenH264 1.6 * freerdp: fix sending of TLS alert on NLA failure, add better handling of server-side NLA in shadow server * freerdp: add configurable NTLM SAM file option for server-side NLA * freerdp: make modifications to NLA server-side fixes according to PR comments * Fixed a windows 8.1 issue.- Kill off __DATE__ from built sources.- Update to GNOME 3.20.2 FATE#318572 - Add obs git integration. - Update to version 2.0.0git.1463131968.4e66df7: + Fixed memory leaks. + wfreerdp: fix name build without client interface + libfreerdp-codec: fix xcrush decompression, revert remote control fix + KB3153731: May 2016 DST update for Azerbaijan, Chile, Haiti and Morocco + libfreerdp-codec: make proper xcrush context reset fix- Update to version 2.0.0, git master branch id a7ca42e (FATE#319661), no upstream changelog available. * Warning: This is a git snapshot regarded as technical preview by upstream. * Warning: For xfreerdp, new /long-option commandline interfaces have replaced the old --long-option interfaces. Existing user scripts need to migrate to the new interfaces to avoid breakages. For more details, see: https://github.com/FreeRDP/FreeRDP/wiki/CommandLineInterface * Add Network Level Ahthentication support. * Add Windows Portable Runtime. For more details, see: http://www.freerdp.com/2012/05/24/winpr-windows-portable-runtime * Obsolete libfreerdp-1_0-plugins. - Drop FindALSA.cmake: deprecated - Drop freerdp_branch-1.0.x_fix-kpdivide-issue831.patch: fixed upstream, implemention now in include/freerdp/scancode.h. - Drop freerdp-CVE-2014-0250.patch (bnc#880317): fixed upstream 532c420. - Drop freerdp-CVE-2014-0791.patch (bnc#857491): fixed upstream f1d6afc. - Drop freerdp-fix-FindPCSC-macro.patch: fixed upstream 9148af3. - Drop freerdp-handle-null-device-name.patch (bnc#785437): deprecated, related implementation dropped. was: freerdp-fix-pulse-no-device-name.patchs390zp33 16660917522.4.0-150400.3.9.12.4.0-150400.3.9.1freerdp-proxy/usr/bin/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:26462/SUSE_SLE-15-SP4_Update/bfe7fb293e0a32b5fb5d57e58c1bc12e-freerdp.SUSE_SLE-15-SP4_Updatecpioxz5s390x-suse-linuxELF 64-bit MSB shared object, IBM S/390, version 1 (SYSV), dynamically linked, interpreter /lib/ld64.so.1, BuildID[sha1]=ccc8459ca1ae5235d1db8261775910f645ba47ef, for GNU/Linux 3.2.0, strippedRRRRRRRR-k|-mw/ utf-8bc5f33e34a04509925dacbc7498371d7ffdb3b9854167bd4269c7e6b0c543524? 7zXZ !t/ṋjz] crv9wE@e~G1]TϒGj SS ]{Ij"iJ]crܝ&~kqj^FWCi<4*MZ Z nmT'+8{uD'ōFN, pK7\'j.m.(ݯsq%^YmWǸirPNsm6h&}yV@o,bɶ${B~g24&XtqsmG QrSlOl5!-g 3qHj( A)o17 RZw@b/mB,pvS{c:l{1,~$!ΰH>cb&Za]6ѥAЕfbf1| GlLcBtcmzǂ|m!a5K:嶺 `_'5D?O94 cpJQ.+BDŽ-htBݍ'MӒ jE󶪑F[XGz U,4BM7=ڷ G*쾠 X$rNf(^RyIuպb,zx-S|Y. d%w/Y;;/*Y+?|BLԻpƴ 7Re׃)=ymp6B߽ɓjKQ(,W7]+%,r #~6IQyt(@3Fm>: /0aMG?L}`6n:5+*e~SQQ}Z /L>LorNLn--iQ 륮z0z,'_;>6,/YYOwl>dm S%;K-giB^\-RxHE=,fǐ J@OSd(*Y伿 /`WmVcC$XXprW"î|ƻ] *'`\`AnA9|أy5c79vfnwt?`ːx횾`y)%ޜJeA0KVg҃È6'!Q·Hd {MF&>^}(a hv@s"1tt H <%dF >*8ڡQbа^ 88puC21{[LTEJvˊ>؍E!)4X{C]/\ɢv}oiN6dQ$NB>=EciO)T׆ژT39HI[›t+D Q؝W{H,bfT E<3* 䗜̮[iŤpb$& lUI}~nDU$-Nb,6py7?K=T[ʅ(PYݘ@跇iEvW.L iNIdggGШ1a7 Zn9Y M0&X `ID3!Kr5j^N[TfHF[^d$\vo 6wTt=rO5!Vˌj=՘Ym螀n%ìfjEպs)j"0ݫBS m %)BBXy37{^o`͎ekL[!!N!z>$B-KazE4Һ^=̝,u{h|A8,PHLDv뼥4(XeMot64KzR&R_z?>2)( {ֈiLZ*((IbH?TL8<=K A5jP-w;U'`ahڧRiJkTSaؓ@ĭ|S͗0|NM-*,,3n]|zŨ}iZTXfC _a0%ýM@i8HH(0^%CeJnYG򬢔 ʩџ&,Rԙ0*Qn9F&͍w#:oͤn*]J٣LPљ!ߪӴAB:߈IPE1CӊI՚8:v&IX}fKcGYdh:zގPq.'}r/dMm`ݘYpUnjwAx r`7n59M9.tV+C++}~0z޻iX<&.F]hPP3f) Ǧqw:C O'ܻQZFC=E<| ̿LB8x(/_]:, ^żv%gsKM+oLQ;O_>̷:T\{EJcŸywySj.` W=611 mz*tYV[ ̚:-Jǩ2(76/VOF -:.?wϓ\rbDHh*ފi׿9Nu .)$- q;Ca#©d Uf6WI\Ta!@]_~\]vH/?þKR-j< >ں >$*}oWn$k{uIxZ響s$8|-zNiz5P"E Xh1p r]L|ȵAӖx.2~qv=ľ7=x1u&2w䨎жyԍpfWE2/bb*7ٿŽQЗ/Sw &Ă3@%"AC.zEE蚏_.a|/ߔf%QWhcvv:Kz'Ar[/Ȼyk85ɹU KADˡh (PC%Qk7k KVY֐g@`ΩVN&vD{.=KZQNڼ0 aϘs&uu1eS4= mH$dWVShc-ڶOWG%3JcMWI-&6}T60&k27A4\Q[M(llVad6 9(4GYY-Xm?މӐת$mTMwRW&Mt.FOZ),?1+d.9g? G8oY)0GPveyپ2Gv?=6ӎvC!6 ESdci)z:rs> 0}K˒uAa5or\@ 妜'-;+K+IyCn0O_40hf{_knc[^[:m;疴#fi`  <6P=<6"{̆,ǖIQ2p4)9Tfb7_@hJ{ îOzkH/DrCkO$\_vQw4άuEh,.# WB2dOyAz옳0cӰ׈r^BE녽[4Ӿ1-Oc=Z]SE)uyV|QmL$A;cM܈~U 'NM[H0Q8ކ>r̥T( }fRH{w)k2љ6-* <㶳L+r]3 أZ,))Wʶ*[B/:I8`/^独!Y/ e.cgJ! g)cxؠ@kk.c}U(o@_$H3 ģ44 /3b[ FQ'x$9Si,VRyG8/J(JSBm%hl7sIbAN4Zgo5I*s ;m=;5>C!:>)l`Uk$:>.4knj'BL;IFW.˛!zr0Q,N 􈅬zdyѨ{H`qF'- ݽ}\؉4yM!m{&X a]0§dtNU\>~QCXۖ?+.@!"Imٿ>\4!;_SNV7^883pih ڋA}y_1g jmMQP|r9u=n_Q/|>U]niuUO{HC7~;'#ncm!j  =m'=L4_:I `t p*ܞGaM@ƨ^??!lRxk_&0ol.s_\Й;hz;]Ca[:Ϧ7/ @9'50Xe_sAKݐ=U{57L7,Uh6 R'vXo&~6n- , LBbPLTXF?KBv+OKRH׸ !w_|c=Zt*تQau!BVz6mY zRØ~9*'I G>ـ%4}F<29aO͐ޜt .k;<ᆔP(IΉeHʓ2aK\ b#z0p&Y+ *@,sBmoX-,MVWw|ωAUTJ S|b YA>'`Esí8뷸T_kCmo&^Jr5 gXL'b7;\;F`xgvQ6X98W0ɽSg81U.ǖ=arbewӏ,3ȓv=NdE? '{MNC8%߳fV@̺6B=?Q+Բr6 nLeQ|5ur NޑS95WxՐ(GLVYhV\@ i9Z稤^cM@M4/4w[e!SJBSoѦ?]`⤪z‰Syێ|ˑ= t̽9bjK@¨F8Ip[AӎD.{$t))^w{LF|FG41~Ϛz_(%gy1/e IYQkCEߺCZ4Xul- 7)A˛# RS޼)B 9kaf}F'@sGV GWt C*Dn#0^kx'H;H"|o_Ư"YeرiDMo/K,)2uDa6I!O~ZB {N\YO,Lcη5v][NX[-Xv6__Ht1KwU *kճ&&酹Rn>p]- ԫl(|窳S\_g7/媳s`ȏc-Ҍ&"{9Փz4Epe7&e u@2AG/8>@DR5Uzх~BH Έ>5%ȧUCUgYUk@ϱ ,h) a* В"[vTyB*D"d,֖HB# _FM V]۹~2L! U֮)+4:~50Zs=Obsu<Ӳbqo4U %}S+t7TGT wwpVC ŒS]|!-ql b@TR0]، UD_0&=eP mP9v _4gcӜ -(EմkM7]ݑM| _= ;<ʼ-%$':03lNX>Qzi]%Ǣ/ \~ap0S;>[mS򂵇 }K1vɛ4UӗIY"s)>eoԪuՁ҈4O wj@-.Д!˰X ṪĤSCo YՏKưg\\bAfNm~鮯SC\aT tfIݏ'%nlE5 kAܡuY1!qXΘ}@u$FrFMEȖ # #k#풶W&ӍX 7M \SeFaN pڅLC0#䱅*.*$>\: 8zTR K|?f;ވn473cnBȿ[]̒SXE4Lw';]3(L4l{LF[^'[MLͩt}TcpT~jDU  3-8%=R^p##0neUF-bməmǤ[fOnEg)Uih&5a I؜HmGr֕ GV Y)Qt%{Cu8_Exp{vOsqgP 5|L.,oQT"^Хեv+,##Rǜ84+Xkyr/}AklLʃ':ΉhɱZzr023{~RG:IllMgU%lArr g2vʃ/Pf[]+Ka_lΏR_6M~1ܲ8CVgC+ɍ'@ 9W* \\Ugf?+(X_ćˢ#W;gݥ[xMhGnok缔T7G`;?ϵ~?2nrhLZ0uWCTl#>4$ 6ODŜxaC+(/ҎvBM#x{ gZ/߹5Q?cw,ۧc ncB(GiYs. ΄6rK;zl6ͤx@ n&Og>GwnxXvzމs9SbzEKם':qVe!_$Zl"1 r[Iu./-j%g=M%LΧ=g~nh 3\[7_p>T?P:'22n_PFsNZAs Cǒr{oȻԈ mk1VaD*]h Kj EЫ^ׂ ?e7'`w5G=$2+8<9*"wKdl !6ŷ?,Ljw?0ԩ$Zͫ8KjVb{81f90a/KPu@)seC)u/p/4Ԣb԰wAm\):K:- E'm6O]F;3 ע<}.*O0>0X˃ES@`.R%9+1)U罢w:_Lr jpdPƟayK'7'@xz$w,S}fmmA=d3|+ K:!=s4;Cf'U-<><~/-/7H~2Hxx&+{E{Y&U, 1 pyR&U-C:7_:VwH̬~\K(iZ7Bon o*(s8ޥ .WvZSja "ϥV~Cj~M"cU_cRxlfo$w˝%en{Ň;{>VnU%Rw nlF MЉ7kP ~6Ē0 kof7DII te:Wrep@K=7~}nZe}])h)9uxS ylѮVdtNӛ*i*7D~c-EVKe0E$͜+ifaa*'=lHA1\ubKue,!bN;[Gts05p&e]r Cn<~D&{b b 㨹o')xMLp~Y{Co;jB[=eLX)Z 6 /uI- 򰷞2jUṮ6qGߐ_\I=P,g)@7 5r& ,09riL9\6n{r(؎1Mὖ奜՛UkrKH-Qܚ,qCכRcro\1./Y!e I/ ?J4V~Z׻̰uEj_5~ eG!O փ$׶w9 rC]m'P Al+S5 /#7El)Zv.evi|C!puF 4#c&H@V.jjG?'5]~1ޚrϥXOмκQ~Vҗ$kĐ3nKbst.>u<ϱef%78=qRI9<[|x'8fnn՝a("jkYg츙u>1ՅiVlK'Re?;ga_l"ԠG{p*L]H ~XaS'K~njux&SNE ʮ7wRUCB3*w!:W(dݐE1de1ƃG, 峾׺o/Sٚ.6Kz蛽*lGg/fHh9"j-Fs J+ZCgMY\'vEk6>Ÿ0ks&GA6d Ug ^0x)uWim$e{:7V:h* >0FhO/ًZUq:GuyN6 =!g ,hR_qNi4c[Y8/<07<+C'CAλnh7j' YA&ו7S6%}ڢ]:Q?Öf䗝sm{Ssjg9mPSU~]wKU`?!c6?׆ܵ !Xx<yP{{`bvmx Ϭe#~v.DixUz0"D9CCdlɍpa+S (8ʮ#o~+#T?K41D/&~:'S&K` |@aʣDčOŊҿFԍ\[0tsG_i8k``i(2@Ƕr9\ںnRZ{Ku3fI`ǐVRNng_ OHDbgRP.A|BMOYӆ~K[!މ @[.?ȫ؃}E?jNUV{ேU[/Y:qneVȭ^M+՜ ;f\Bzdbrmm) g< ott4 ^ I#;k*WgN^+7"ua~SٯIeD"x[xl֠8Wȹ`5k]sDB*kIys2#bcYJD{NX8jatr~\KI&4_1:p AGzU;p]^6.n7J Cj#PfaWa7dH"EEyf{hB8ֲ`s-'tߨ3&Ȩz@|)5V p?FK?5@ XYKbRtS`4ߝ id1[Sz<뛑-e g䩰(^?9( wuAs0GV)@o$[,]^RP`k\%HYo$u סfN.suMl0zQ7%T{V.'޾KHc!tpn˵;.~(o{n T|ψc,uW 7$R@USciqf̱mX_r@g^QI,MRT$oCxN &AF<)\uΓgb!t~kuH bx7_;ptpp'ݧ|$i`&;O'v@fTj 2=xk%KCᥖUu2ۂF>ޢu֪rBqu0gN?w=k*+nuѽ4moo!c8]%l8|̨Jm` !x׌]V52=H*U5'.Vue[E?/dHկXѲ 9 )36L2O9etb;AORko{_A#h<%Qorʘ^+h=.0zef=x %md/pX@5CnNkɠv7^΋D:JĩcC̄0==SgQ+oˌa~c۽/HM6JEXl]W!@.8qY hcYCv[%~>r,ָ+C1@ʼ\әc!PS|홖;3srۛ{$6T5ƌn6pPu۞/M*t"3 V׊\Mg^::k#5i58:vt'.+RDq_v my8&=b-6o1 Guqˑt--WbYGh|9U^88T3,vjs:qM`z A_UxZB__4ܥ񢞼,Ζ={ ZõVK nӯh`|; 3UOaͳӇ!Wo4)i/>+du:"Lfq )#6B{UoTIi}&yZx/3atr-B1w$9N坟0w ])y3Dtei^`G5_Y%ֶٗH̫&'vAoKBQY̪=s!G%E4)1/2 &b$-zI>QEBlr<Ǿ{ @w8?>tE>MS  b&sGܨ ZC]HE"!mWm#9Wۮ?=tոC{JbEWDQnSiaV/Mbzn wYi>C JLj܅j2q]uybQN?6o#%<-Qed՟`HgSZ1 Z~!%:w%q̽es05yl\݄wh"iyc#t %͜Ǻp;JלuVժ; tUEgoWqSU/ bK _Xc딳xTŴRYhJ%̫dI$cKLM:TE&.IcL6Fq#۞j8X ^RrxuoH'IV.f)Hf_C>r砙UYfm{DpCȥAyɝD5Yk6gi#(i#c<z 2o\auO^V}b.@/e\[8_3+,v"#/M̗tOr7PYŝUUŅT':3GKB\TPmt,"̣;i@әΕp^l_%g Psاhzd"[N،X#P9:.B2!@ێWaWېi `)C(ۤؽKZZdb߳b1VV{osKxSbLǹЎs[Ms' |K 564)i+pBweƀJS shJK^]p9ӉTmWEEC$"xAܒ1943Id)\ oȍ^]h|9PwERFR|[Gi8#{:Y99>u;򣨰Wu /HnW&\^+y=XQ|ͷ yO܈PJ@>%atn.@r$R[~.};K G*n)1b)`0E{W)<_Js'}XQ&d+#J6To4kKٷwJL5hrT¸Cﭭ?~AVp ċ+""lbޝ w N"I7{nFFGN }IN%9KĪ ל~f{*!dȒƕYepѳe'(.aة)=ʂ`֎kr&|&0b0!H4w# `F=ze=(_~8GAQ68b*@z <OIp΄Vr .E";doxXqZdI+ jڙsȺ䝶qp}|1=ME*eO{АlX4ʺ$ Y&PDvy4553Y6'NL-e K?%ۓ՗U_{˝]wW 3.-2N%Ȃ,h/=G+m zAol$#X<1DE(x_.!4']C͔R$oFYiA5t%#_̒qAY"GT-G $[$[.Oy252xUگ'# |0//`?Z}wA?m 9 g̰/ C- (PŪ_LMVP'wϐ?LTZҌ?̟BЋ7aE/Lz͑dlߴ9ʧn`qM*Tz20LRl`W1 }y (7d1:T8\u~6$6H׍TgN'bA!;]g,wUrf歚ȡ 5Z¤TXcE?` \ԙ,GOPF&`#}d;: 3Z0</3~jf2aeE?3xLFk H-\?X'lޏ\ΰC ^9Bz lRC]ûl#t6G/yTC NUِ$HwAZSq{qnOau.RtH[MsJo`O[w*u(:tZ7o'C]t~syCA&e68 (@ LUv6!ӡCY+V meK W-IƯU&7S8m\<B1,36(tTWAG0ӻ6M 8@+Fb`P 8.n__B0fB$7VOZnϱaM:,{W>^3ܻy˘`[IuvbhHx l'#-3HͩH2ICO)Om Cs5( :/-אkepA 7{؃-E[^&Ck% D_zЂ[oUwK7{8mpY;vFΏVPՉ!{%$U`QGgt@#ʊ@N+34%6[y{b#&R O=WUށ8I%( =Qax%:Lko|~ͱϠAfbKuA?փ]6h^}8 `'M[Wozqo)ZBJ]6:6ƎyT ~OCSp?q >!(AkA]UǐS4][^&7SB{qr;q0yx<,Bm mh>t!^cm=Xg(H4/x5άK6,b"@ɂj1:gZcYf3V^0jzLf1S*Z`ōPqH;1_o?2OMڸy'1B.G te' vH}KYb8oK K7_L vnۙ nmq(,"B,PDwk(i^(z2g3-w(I "smqT"T7S A.;K#](> ȝG)Dʅ9$(+v1QE\Ǟ@,.*|p^ #3D$y$莝{DOXfڄeћ95e}YDl}Yc= 6R%c9 f J5g1CͯG(t>`-B&uBwb(@H{q~=0?(44Tdts50ӏ 6GҌhz@n@R֍z9eeϧoi8\2u<ɵ "`3d Gqxp4_߸CF<JϮY=b(VL4uDѸ.絍paSZĭP'ێW{gC{(O kڴ/D-IO~\b 8NxIo_u-A<)1&9_߀>FZS(=؄hjScod3O&J{Y^ཎ . ߡ9Ta ɇ}ŸA~'wuv`IQ+4pDp[P{͐*DuY=[,Bb|s̩5_VSr?Љ2N! pNT_s"(zW6{+qk!BP ƻu\sۃ^oMAY=kV]`ۙnOx : IEO+?\ |`y~{nYQKj%E+*g^nuu\j87lͯwp艇= M 5AlD #E ɚ3oA^d AW4:SgV]Ω9ƂdwGXuc-6¯hIUR~gtZwW֪j:D8McIX\j»4(YnP,6@l\ђ 2Od&C'kZ-HOL#rGH7e~#|gj~Gܺ rA 6Ⅳ?0K#>#&?{F^;Ѻv\ { ;#Ҭc%"M]!J+V~KWm%?1kHP M(AJVO&C; ^e3 tvjrX_µ>vU ^/c|:Jل 75nU?9_ g,d__VY3}CQ-`I5k=# V]Ӟ)%_=!K"1CZ 805(Z1W Op[_ }n DRF;e3B:b=n[.9\IBաKB N24#[ \0ݣDnA12^{={ny S aeY%347l jLJ=(&(%X8! "%>a*DGd 1sK; ]Ҿ2-3*'_zM~ !j16ƇB#o B+QQC׽C޿v$)j77V2Da랃?΢gbr L?Au!Y}( ZcNhV_Ô%1;y_f5LRIèC]6h="hh-(=t+U$q"((xʍFsj]pR2;W2wILkV2VlgօL;&jJss$0#d |{sĵ?*{zMt,bh0WC8DuٯjV' ?4׀E.He0e&8hq'jBVOJAMs9b,ĺ_la w =ҎffF}dY}Y{/'HkD>A&&1yh3)pQ~N]I\P'ٽW$7]yշ~"`!y>IrbֵIžZHZ=,*JǜP% 4 .TsQKnHF`$A2Mhen3Fx/lO 2PR7DR[jz Yd\ %JkpOhø9:1UI{, 0Wl'Oss~EP檟}m}^  TdY ]20Tإw{…Ne#tu7k+x"y!Hd9*{CdV.iץ k} \7S+t]|D|Jb* ck:X"zM{jŹr}H!SZG?g}Ւc)/ѨjPuωX6m^`)SrCٸa.yt9ltz0FwxBr۪!&!ޣUh)N`_ڸ3h?VY.n]3_7?EqQYJ^@A%ZT# L9EgDЗ{gvיF䄶zn/sQպ}Lל[ T{#yz7M7-Iszڰzk)7lV=4-O砢tDwPQzxegT Ŧu/AUQk|r.qD'M WV j^n=<`B;Ƴ<WڥQr%0>νP|(C+PqK !NF:鯅-y} 7(xZ&EѳW?Eb?Ņ*;s̽Jޮm~נ\W}7E7es1L0M5V8ܯR ~3sIoݰi[YY . RfG7%-rLx{倥DV"+ޭDoj|Wxl}N[x 6Q>X*+N88B~pWr%QaɣOHYTIB9!VvݼvCudlŘsɏsYCLkY?x֏ɁRHQCJKR]~5Y)"'4+bwdv,7T=#q6fY*l_usm¯S@I1',?as8B5+0׫5DK:Q5GEec>8= 5Ÿ&&m>"xm.YcM5 ]~y;{ qןXQauʙ7LM/B@ qgIoT|gpE-ρ–MN= AcjgQ [;ϕTcɍqU,!62*8c9OG#6_,?A <ݓ᪜sJoDVoS;.M6I|g ).7 D2|nSqe؃QZBI!vwa$phlu*[׏ڐ9~wfZF5#d2E-Ҡ_8 #,4œ:f<ҁ-%zxC893fO-"ȝd @ T9f35)^I>RzYLP2/gK 8RJqw^oz{0!m2)RڙENQOl&tj?8l+;Q̇I=!F!F&_c}q?^kqLH9. ?VɃ_3`EnOfMv+qU`)"TeW;ehl칝 gRJ yt}Pj\7ٶmpWbs|t8^(Pk)PD p.G(_=4ھSTܪ^X[UjVϮWMtxmpRZ&} #uxb" !?ox*$gqg[=uj|*'yuGK3"Xʩb6Y{A'# e>_xh<{jqR9~ZWk@̕*[Q_҂(  }nʟlݵ]$5?{o|R̭&A[pk)Ƅ_(P F<阀k 0nY{ §~OƖhˆCTFlFֿeM=`G9{*Yպ7s˕K}C/-#.]Z._s}29FS8X=ojbb_gtĴꗵf;&f|\/950r?h#Z=p(SisErJk6.Y9˄)W£I<եЖgΥ\;=2sϹl=s׶ i[*^ FdM$-BxX`U~>@B-i'=]ϗ5ޞU8b&PXs!Ъ 8\NUi> rȣ''r> RHz7 8u ՕC:z]5!CzY3j6;5ScvU(Fp y6cYJxh;ᖄeAiIi~8^^ 7,ٯ"L)vٶn10c }+ *"$7ykSHp๝X& oJƎof/Zi]yny(N, OZ]qa.]gp-"%T:(7ggK^eJ;vN|܀T/{> j %ZP)&>Q0WMgGj7dEzibR_6`K3#Q̵*B݆i6_峽12,!\f5 )[0?EPO3dfMK\ o ݟaΰ/[5[v7Xu/<X25( uB_U~î[ˊ6WT ޵݅8>gLC/Q V - l0V?ɔ}7' YZ