nscd-2.31-150300.26.5 >  A bXvp9|E>;%tEfG]&+'B[ֻGڻ+ҙ:O'x3A0$T9M:l b}O/&=/dSD8 XUFߙ/7c3Df$>=QOy(ԣP=C Wz!؀~b>Zm.0s~GMm!"!#0^'8l ԟD #_Ϊ|~4޶P <zMoPlqc0v '䘠L#G9l 0VOVIF3`: uĠ>W8mC˷yzŇn8ߌ,k \O;Eer%& 91% KfD>pIP?@d   4  GMS  B ?   D S pBd#d#V#(89: =->5?=@EBMFSGhHӤIXYZ4[8\@]|^ bfcd֏e֔f֗l֙u֬v wxTyېz<Cnscd2.31150300.26.5Name Service Caching DaemonNscd caches name service lookups and can dramatically improve performance with NIS, NIS+, and LDAP.bTXs390zl37 SUSE Linux Enterprise 15SUSE LLC GPL-2.0-or-laterhttps://www.suse.com/System/Daemonshttp://www.gnu.org/software/libc/libc.htmllinuxs390xgetent group nscd >/dev/null || /usr/sbin/groupadd -r nscd getent passwd nscd >/dev/null || /usr/sbin/useradd -r -g nscd -c "User for nscd" -s /sbin/nologin -d /run/nscd nscd if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : for service in nscd.service ; do sysv_service=${service%.*} if [ ! -e /usr/lib/systemd/system/$service ] && [ ! -e /etc/init.d/$sysv_service ]; then mkdir -p /run/systemd/rpm/needs-preset touch /run/systemd/rpm/needs-preset/$service elif [ -e /etc/init.d/$sysv_service ] && [ ! -e /var/lib/systemd/migrated/$sysv_service ]; then /usr/sbin/systemd-sysv-convert --save $sysv_service || : mkdir -p /run/systemd/rpm/needs-sysv-convert touch /run/systemd/rpm/needs-sysv-convert/$service fi done fi if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$YAST_IS_RUNNING" != "instsys" ]; then /usr/bin/systemctl daemon-reload || : fi for service in nscd.service ; do sysv_service=${service%.*} if [ -e /run/systemd/rpm/needs-preset/$service ]; then /usr/bin/systemctl preset $service || : rm "/run/systemd/rpm/needs-preset/$service" || : elif [ -e /run/systemd/rpm/needs-sysv-convert/$service ]; then /usr/sbin/systemd-sysv-convert --apply $sysv_service || : rm "/run/systemd/rpm/needs-sysv-convert/$service" || : touch /var/lib/systemd/migrated/$sysv_service || : fi done fi [ -z "${TRANSACTIONAL_UPDATE}" -a -x /usr/bin/systemd-tmpfiles ] && /usr/bin/systemd-tmpfiles --create /usr/lib/tmpfiles.d/nscd.conf || : # Previously we had nscd.socket, remove it test -x /usr/bin/systemctl && /usr/bin/systemctl stop nscd.socket 2>/dev/null || : test -x /usr/bin/systemctl && /usr/bin/systemctl disable nscd.socket 2>/dev/null || : # Hard removal in case the above did not work rm -f /etc/systemd/system/sockets.target.wants/nscd.socket exit 0 test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -eq 0 -a -x /usr/bin/systemctl ]; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable nscd.service || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_STOP_ON_REMOVAL" && . /etc/sysconfig/services test "$DISABLE_STOP_ON_REMOVAL" = yes -o \ "$DISABLE_STOP_ON_REMOVAL" = 1 && exit 0 /usr/bin/systemctl stop nscd.service ) || : fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ $1 -eq 0 ]; then # Package removal for service in nscd.service ; do sysv_service="${service%.*}" rm "/var/lib/systemd/migrated/$sysv_service" || : done fi if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi if [ "$FIRST_ARG" -ge 1 ]; then # Package upgrade, not uninstall if [ -x /usr/bin/systemctl ]; then ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services test "$DISABLE_RESTART_ON_UPDATE" = yes -o \ "$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0 /usr/bin/systemctl try-restart nscd.service ) || : fi fi exit 0 ` A큤A큤A큀bSbSbTKbTKbSbSbSbSbSbSbTKbTKbTKbTKbTKe2cdfafd373d24fab07018d0e95dd49510ea6c992b7be2b0611ab23bbc2750b579fe74962fbce2fa9b2a4b92f693b2fd42cbc2ed331fae268de7104879a72df879c9cec5dd2414dcb76d11e75903aa6fd9b7785c897cb9f853edcb140a71b7799ce7f71784721f472eec98d7be9f0b96fd57698949792a1676fc6540b909c94e/sbin/service@YYYYYYYrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootglibc-2.31-150300.26.5.src.rpmconfig(nscd)glibc:/usr/sbin/nscdnscdnscd(s390-64) @@@@@@@@@@@@@@@@@@@@    /bin/sh/bin/sh/bin/sh/bin/shconfig(nscd)glibclibaudit.so.1()(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.10)(64bit)libc.so.6(GLIBC_2.17)(64bit)libc.so.6(GLIBC_2.2)(64bit)libc.so.6(GLIBC_2.2.2)(64bit)libc.so.6(GLIBC_2.2.4)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.2)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.7)(64bit)libc.so.6(GLIBC_2.8)(64bit)libc.so.6(GLIBC_2.9)(64bit)libcap.so.2()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2)(64bit)libpthread.so.0(GLIBC_2.3.2)(64bit)libpthread.so.0(GLIBC_2.3.3)(64bit)libselinux.so.1()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)shadowsystemdsystemdsystemdsystemd2.31-150300.26.52.313.0.4-14.6.0-14.0-15.2-14.14.3bf@aa@aZ@a@a@a0`ݮ@`a@`H`H`?z@`@_T__/@_O@^)@^@^{G^g@^`^U @^&^]@]7@]|@]@]:\@\\]@\@\|\~d[[ͻ[$@[t[r@[qr[^[!@[@Z@ZJ@Z2@ZH@ZZ Z}@ZxG@Zp^@Zp^@Ze@ZKt@Z1@Z/Z@Y@Y@YYܶ@YdY@Y@YY@Y@Y@YW@Y@YJYYw2Yp@YJ_YA%@Y.@Y, @Y, @Y$$@Y"XۡX@XWw@W@W@Ws@Wk@Wj}WYZ@WL+@W3W0{WW V@V@V޾Vm@VIV@VŲ@V`VVV@VLh@V.V$@VVZV VUYU|@UAUȒ@UU@UU4@UUv@U%@U/@U:T@TPTgTܕTء@TO@matz@suse.comschwab@suse.deschwab@suse.deschwab@suse.degiuliano.belinassi@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.derguenther@suse.comrguenther@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dejslaby@suse.comschwab@suse.deschwab@suse.deschwab@suse.deidonmez@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.denormand@linux.vnet.ibm.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.demeissner@suse.comschwab@suse.deschwab@suse.demgorman@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.de- Add s390-add-z16-name.diff for bsc#1198751.- getcwd-erange.patch: getcwd: Set errno to ERANGE for size == 1 (CVE-2021-3999, bsc#1194640, BZ #28769)- 0001-powerpc-Optimized-strcpy-for-POWER9.patch, 0002-powerpc-Optimized-stpcpy-for-POWER9.patch, 0003-powerpc-Optimized-rawmemchr-for-POWER9.patch, 0004-powerpc64le-add-optimized-strlen-for-P9.patch, 0005-powerpc-fix-ifunc-implementation-list-for-POWER9-str.patch, 0006-powerpc-Add-optimized-strncpy-for-POWER9.patch, 0007-powerpc-Add-optimized-stpncpy-for-POWER9.patch, 0008-powerpc-Add-optimized-ilogb-for-POWER9.patch, 0009-powerpc-Add-optimized-llogb-for-POWER9.patch, 0010-powerpc-Add-optimized-strlen-for-POWER10.patch, 0011-powerpc64le-Optimized-memmove-for-POWER10.patch, 0012-powerpc64le-Optimize-memcpy-for-POWER10.patch, 0013-powerpc64le-Optimize-memset-for-POWER10.patch, 0014-powerpc64le-Fix-ifunc-selection-for-memset-memmove-b.patch, 0015-powerpc-Add-optimized-rawmemchr-for-POWER10.patch: ppc64le ifunc improvements (bsc#1194785, jsc#SLE-18195)- clnt-create-unix-overflow.patch: Buffer overflow in sunrpc clnt_create for "unix" (CVE-2022-23219, bsc#1194768, BZ #22542) - svcunix-create-overflow.patch: Buffer overflow in sunrpc svcunix_create (CVE-2022-23218, bsc#1194770, BZ #28768)- Add support for livepatches (jsc#SLE-20049). - Enable livepatching on x86_64. - Generate ipa-clones tarball artifact when livepatching is enabled.- 0001-s390x-Align-child-stack-while-clone.-BZ-27968.patch, 0002-S390-Optimize-__memcpy_z196.patch, 0003-S390-Optimize-__memset_z196.patch, 0004-S390-Sync-HWCAP-names-with-kernel-by-adding-aliases-.patch, 0005-S390-Add-new-hwcap-values.patch, 0006-S390-Add-PCI_MIO-and-SIE-HWCAPs.patch: [15sp4 FEAT] GNU2007 - GLIBC: Support for new IBM Z Hardware (bsc#1191592, jsc#IBM-869)- mq-notify-use-after-free.patch: Use __pthread_attr_copy in mq_notify (CVE-2021-33574, bsc#1186489, BZ #27896)- wordexp-param-overflow.patch: wordexp: handle overflow in positional parameter number (CVE-2021-35942, bsc#1187911, BZ #28011)- s390-memmove-ifunc-selector-arch13.patch: S390: Also check vector support in memmove ifunc-selector (bsc#1184035, BZ #27511)- Update glibc-2.31-HTM-vzeroupper.diff with a AVX-SSE transition fix.- Add glibc-2.31-HTM-vzeroupper.diff to avoid VZEROUPPER in the AVX2 accelerated string routines which cause HTM transaction aborts. Instead use EVEX or SSE. (bsc#1181403)- nscd-netgroupcache.patch: nscd: Fix double free in netgroupcache (CVE-2021-27645, bsc#1182733, BZ #27462)- gconv-assertion-iso-2022-jp.patch: gconv: Fix assertion failure in ISO-2022-JP-3 module (CVE-2021-3326, bsc#1181505, BZ #27256)- sysvipc-sem-stat-any.patch: sysvipc: Fix SEM_STAT_ANY kernel argument pass (bsc#1180557, BZ #26637)- aarch64-getauxval.patch: aarch64: Accept PLT calls to __getauxval within libc.so (bsc#1167939) - iconv-redundant-shift.patch: iconv: Accept redundant shift sequences in IBM1364 (CVE-2020-27618, bsc#1178386, BZ #26224) - iconv-ucs4-loop-bounds.patch: iconv: Fix incorrect UCS4 inner loop bounds (CVE-2020-29562, bsc#1179694, BZ #26923) - printf-long-double-non-normal.patch: x86: Harden printf against non-normal long double values (CVE-2020-29573, bsc#1179721, BZ #26649) - get-nprocs-cpu-online-parsing.patch: Fix parsing of /sys/devices/system/cpu/online (bsc#1180038, BZ #25859)- power10-support.patch: Add support for POWER10 (jsc#SLE-13520) - iconv-option-parsing.patch: Rewrite iconv option parsing (CVE-2016-10228, bsc#1027496, BZ #19519)- Update to glibc 2.31 - glibc-2.14-crypt.diff, crypt_blowfish-const.patch, crypt_blowfish-1.2-sha.diff, crypt_blowfish-gensalt.patch, crypt_blowfish-1.2-hack_around_arm.diff, glibc-nodate.patch, powerpc-elision-enable-envvar.patch, s390-elision-enable-envvar.patch, crt-nocompress-debug-sections.patch, resolv-context-leak.patch, dl-runtime-resolve-opt-avx512f.patch, libpthread-compat-wrappers.patch, math-c++-compat.patch, remove-nss-nis-compat.patch, eh-frame-zero-terminator.patch, ld-so-hwcap-x86-64.patch, assert-pedantic.patch, getaddrinfo-errno.patch, resolv-conf-oom.patch, dynarray-allocation.patch, nearbyint-inexact.patch, nss-compat.patch, nscd-libnsl.patch, malloc-tcache-leak.patch, falkor-memcpy-memmove.patch, aarch64-cpu-features.patch, nss-files-large-buffers.patch, sysconf-uio-maxiov.patch, glob-tilde-overflow.patch, dl-runtime-resolve-xsave.patch, spawni-assert.patch, x86-64-dl-platform.patch, glob64-s390.patch, tst-tlsopt-powerpc.patch, powerpc-hwcap-bits.patch, malloc-tcache-check-overflow.patch, dl-init-paths-overflow.patch, fillin-rpath-empty-tokens.patch, getcwd-absolute.patch, memalign-overflow.patch, stack-guard-size-accounting.patch, libgcc-rtld-now.patch, res-send-enomem.patch, glibc-fix-avx512-mempcpy.patch, i386-memmove-sse2-unaligned.patch, realpath-ssize-max-overflow.patch, localtime-2039.patch, math-remove-slow-path.patch, aarch64-hwcap-atomics.patch, glibc-fix-aarch64-build.diff, absolute-symbols.patch, x86-haswell-string-flags.patch, pthread-cond-broadcast-waiters-after-spinning.patch, mman-map-sync.patch, mman-linux-map-shared-validate.patch, nptl-setxid-error.patch, pthread-mutex-trylock-barrier.patch, getaddrinfo-parse-ipv4-address.patch, japanese-era-name-may-2019.patch, force-elision-race.patch, regex-read-overrun.patch, regex-parse-reg-exp.patch, 0001-S390-Add-configure-check-to-detect-z10-as-mininum-ar.patch, 0002-S390-Use-hwcap-instead-of-dl_hwcap-in-ifunc-resolver.patch, 0003-S390-Unify-31-64bit-memcpy.patch, 0004-S390-Refactor-memcpy-mempcpy-ifunc-handling.patch, 0005-S390-Remove-s390-specific-implementation-of-bcopy.patch, 0006-S390-Use-memcpy-for-forward-cases-in-memmove.patch, 0007-S390-Add-configure-check-to-detect-z13-as-mininum-ar.patch, 0008-S390-Add-z13-memmove-ifunc-variant.patch, 0009-S390-Add-z13-strstr-ifunc-variant.patch, 0010-S390-Add-z13-memmem-ifunc-variant.patch, 0011-S390-Cleanup-ifunc-resolve.h.patch, 0012-S390-Mark-vx-and-vxe-as-important-hwcap.patch, 0013-S390-Add-new-hwcap-values-for-new-cpu-architecture-a.patch, 0014-S390-Add-configure-check-to-detect-support-for-arch1.patch, 0015-S390-Add-arch13-memmove-ifunc-variant.patch, 0016-S390-Add-arch13-strstr-ifunc-variant.patch, 0017-S390-Add-arch13-memmem-ifunc-variant.patch, prefer-map-32bit-exec.patch, s390-strstr-page-boundary.patch, ppc-tle-htm-nosc.patch, posix-Add-internal-symbols-for-posix_spawn-interface.patch, glibc-2.29-posix-Use-posix_spawn-on-popen.patch, backtrace-powerpc.patch, pthread-rwlock-pwn.patch, manual-memory-protection.patch, ldbl-96-rem-pio2l.patch, dl-sort-maps.patch, dlopen-filter-object.patch, glob-use-after-free.patch, nptl-setxid-race.patch, nscd-senfile.patch, ldd-system-interp.patch, abort-no-flush.patch, fnmatch-collating-elements.patch, nss-files-long-lines-2.patch, iconv-reset-input-buffer.patch, nscd-prune.patch, syslog-locking.patch: Removed. - long-double-alias.patch, glibc-nsswitch-usr.diff, euc-kr-overrun.patch, riscv-syscall-clobber.patch, nscd-gc-cycle.patch: Added.- nscd-senfile.patch: Fix concurrent changes on nscd aware files (bsc#1171878, BZ #23178) - nscd-prune.patch: nscd: bump GC cycle during cache pruning (bsc#1171878, BZ #26130) - syslog-locking.patch: Correct locking and cancellation cleanup in syslog functions (bsc#1172085, BZ #26100)- nptl-setxid-race.patch: nptl: wait for pending setxid request also in detached thread (bsc#1162930, BZ #25942)- glob-use-after-free.patch: Fix use-after-free in glob when expanding ~user (CVE-2020-1752, bsc#1167631, BZ #25414)- dl-sort-maps.patch, dlopen-filter-object.patch: Allow dlopen of filter object to work (bsc#1166106, BZ #16272)- ldbl-96-rem-pio2l.patch: Avoid ldbl-96 stack corruption from range reduction of pseudo-zero (CVE-2020-10029, bsc#1165784, BZ #25487)- pthread-rwlock-pwn.patch: Fix rwlock stall with PREFER_WRITER_NONRECURSIVE_NP (bsc#1164505, BZ #23861) - manual-memory-protection.patch: manual: Document mprotect and introduce section on memory protection (bsc#1163184)- backtrace-powerpc.patch: Fix array overflow in backtrace on PowerPC (CVE-2020-1751, bsc#1158996, BZ #25423)- posix-Add-internal-symbols-for-posix_spawn-interface.patch, glibc-2.29-posix-Use-posix_spawn-on-popen.patch: Use posix_spawn on popen (bsc#1149332, BZ #22834)- ppc-tle-htm-nosc.patch: powerpc: Fix syscalls during early process initialization (SLE-8348, BZ #22685)- s390-strstr-page-boundary.patch: S390: Fix handling of needles crossing a page in strstr z15 ifunc-variant (bsc#1157893, BZ #25226)- prefer-map-32bit-exec.patch: rtld: Check __libc_enable_secure before honoring LD_PREFER_MAP_32BIT_EXEC (CVE-2019-19126, bsc#1157292, BZ [#25204])- GNU1815 - Hardware support in toolchain (bsc#1151582) 0001-S390-Add-configure-check-to-detect-z10-as-mininum-ar.patch 0002-S390-Use-hwcap-instead-of-dl_hwcap-in-ifunc-resolver.patch 0003-S390-Unify-31-64bit-memcpy.patch 0004-S390-Refactor-memcpy-mempcpy-ifunc-handling.patch 0005-S390-Remove-s390-specific-implementation-of-bcopy.patch 0006-S390-Use-memcpy-for-forward-cases-in-memmove.patch 0007-S390-Add-configure-check-to-detect-z13-as-mininum-ar.patch 0008-S390-Add-z13-memmove-ifunc-variant.patch 0009-S390-Add-z13-strstr-ifunc-variant.patch 0010-S390-Add-z13-memmem-ifunc-variant.patch 0011-S390-Cleanup-ifunc-resolve.h.patch 0012-S390-Mark-vx-and-vxe-as-important-hwcap.patch 0013-S390-Add-new-hwcap-values-for-new-cpu-architecture-a.patch 0014-S390-Add-configure-check-to-detect-support-for-arch1.patch 0015-S390-Add-arch13-memmove-ifunc-variant.patch 0016-S390-Add-arch13-strstr-ifunc-variant.patch 0017-S390-Add-arch13-memmem-ifunc-variant.patch- regex-parse-reg-exp.patch: ERE '0|()0|\1|0' causes regexec undefined behavior (CVE-2009-5155, bsc#1127223, BZ #18986) - regex-read-overrun.patch: regex: fix read overrun (CVE-2019-9169, bsc#1127308, BZ #24114)- crt-nocompress-debug-sections.patch: Don't compress debug sections in crt*.o files (bsc#1123710)- ldconfig-concurrency.patch: Avoid concurrency problem in ldconfig (bsc#1117993, BZ #23973)- force-elision-race.patch: Fix race in pthread_mutex_lock while promoting to PTHREAD_MUTEX_ELISION_NP (bsc#1131330, BZ #23275)- japanese-era-name-may-2019.patch: ja_JP locale: Add entry for the new Japanese era (bsc#1100396, BZ #22964)- pthread-mutex-trylock-barrier.patch: pthread_mutex_trylock does not use the correct order of instructions while maintaining the robust mutex list due to missing compiler barriers (bsc#1130045, BZ #24180) - getaddrinfo-parse-ipv4-address.patch: getaddrinfo: Fully parse IPv4 address strings (CVE-2016-10739, bsc#1122729, BZ #20018)- mman-map-sync.patch: Add MAP_SYNC from Linux 4.15 (bsc#1126590) - mman-linux-map-shared-validate.patch: Add MAP_SHARED_VALIDATE from Linux 4.15 (bsc#1126590) - nptl-setxid-error.patch: nptl: Preserve error in setxid thread broadcast in coredumps (bsc#1063675, BZ #22153)- x86-haswell-string-flags.patch: Fix Haswell CPU string flags (bsc#1114984, BZ #23709) - pthread-cond-broadcast-waiters-after-spinning.patch: Fix waiters-after-spinning case (bsc#1114993, BZ #23538)- absolute-symbols.patch: Don't relocate absolute symbols (bsc#1112570, BZ [#19818])- glibc-fix-aarch64-build.diff: Fix build on aarch64 with binutils newer than 2.30.- Add glibc-locale-base subpackage containing only C, C.UTF-8 and en_US.UTF-8 locales (fate#326551)- aarch64-hwcap-atomics.patch: aarch64: add HWCAP_ATOMICS to HWCAP_IMPORTANT (fate#325962)- math-remove-slow-path.patch: Remove slow paths from math routines (fate#325815, fate#325879, fate#325880, fate#325881, fate#325882)- localtime-2039.patch: Fix year 2039 bug for localtime with 64-bit time_t (bsc#1102526, BZ #22639)- i386-memmove-sse2-unaligned.patch: Fix SSE2 memmove issue when crossing 2GB boundary (CVE-2017-18269, bnc#1094150, BZ #22644) - realpath-ssize-max-overflow.patch: Fix overflow in path length computation (CVE-2018-11236, bsc#1094161, BZ #22786) - glibc-fix-avx512-mempcpy.patch: replace with upstream version- Use %license also for COPYING and COPYING.LIB (bsc#1082318)- Add glibc-fix-avx512-mempcpy.patch as quick fix for mempcpy buffer overwrite in memmove-avx512-no-vzeroupper.S for Knights Landing CPUs (CVE-2018-11237, bnc#1094154, bnc#1092877, BZ #23196)- Readd nis to netgroup and automount nss config (bsc#1088860)- res-send-enomem.patch: Fix crash in resolver on memory allocation failure (bsc#1086690, BZ #23005)- Use %license (bsc#1082318)- stack-guard-size-accounting.patch: Fix stack guard size accounting (bsc#1074208, BZ #22637) - libgcc-rtld-now.patch: Open libgcc.so with RTLD_NOW during pthread_cancel (bsc#1074208, BZ #22636)- Mark source0 as nosource in non-main source rpms- Add systemtap-headers to BuildRequires. - Add --enable-systemtap to configure arguments. (fate#324969, bsc#1073636)- memalign-overflow.patch: Fix integer overflows in internal memalign and malloc functions (CVE-2018-6485, CVE-2018-6551, bsc#1079036, BZ #22343, BZ #22774)- fix-locking-in-_IO_cleanup.patch: Skip locked files during exit (bsc#1070491, BZ #15142)- Avoid duplicate source rpm- getcwd-absolute.patch: make getcwd(3) fail if it cannot obtain an absolute path (CVE-2018-1000001, bsc#1074293, BZ #22679)- dl-init-paths-overflow.patch: Count components of the expanded path in _dl_init_path (CVE-2017-1000408, CVE-2017-1000409, bsc#1071319, BZ [#22607], BZ #22627) - fillin-rpath-empty-tokens.patch: Check for empty tokens before dynamic string token expansion (CVE-2017-16997, bsc#1073231, BZ #22625)- tst-tlsopt-powerpc.patch: fix tst-tlsopt-powerpc (bcn#1070419) - powerpc-hwcap-bits.patch: Update HWCAP for powerpc (bnc#1070420) - malloc-tcache-check-overflow.patch: Fix integer overflow in malloc when tcache is enabled (CVE-2017-17426, bnc#1071479, BZ #22375)- Add _multibuild- glob64-s390.patch: no compat glob64 on s390 - noversion.tar.bz2: remove unused source- x86-64-dl-platform.patch: Don't set GLRO(dl_platform) to NULL (BZ #22299)- spawni-assert.patch: Fix improper assert in Linux posix_spawn (BZ [#22273])- math-c++-compat.patch: Add more C++ compatibility (BZ #22296) - malloc-tcache-leak.patch: Fix tcache leak after thread destruction (BZ [#22111]) - falkor-memcpy-memmove.patch: Optimized implementation of memcpy/memmove for Qualcomm Falkor - aarch64-cpu-features.patch: Fix glibc.tune.cpu tunable handling - nss-files-large-buffers.patch: Avoid large buffers with many host addresses (BZ #22078) - sysconf-uio-maxiov.patch: Fix missing definition of UIO_MAXIOV (BZ [#22321]) - glob-tilde-overflow.patch: Fix buffer overflows with GLOB_TILDE (CVE-2017-15670, CVE-2017-15671, CVE-2017-15804, bsc#1064569. bsc#1064580, bsc#1064583, BZ #22320, BZ #22325, BZ #22332) - dl-runtime-resolve-xsave.patch: Use fxsave/xsave/xsavec in _dl_runtime_resolve (BZ #21265)- nscd-libnsl.patch: Remove reference to libnsl from nscd (bsc#1062244)- Drop glibc-obsolete - glibc-2.3.90-noversion.diff: remove - reinitialize-dl_load_write_lock.patch: remove- nss-compat.patch: Move nss_compat from nis to nss subdir and install it unconditionally - nsswitch.conf: switch back to compat for passwd, group, shadow- assert-pedantic.patch: Suppress pedantic warning caused by statement expression (BZ #21242, BZ #21972) - math-c++-compat.patch: Add more C++ compatibility (BZ #22235) - getaddrinfo-errno.patch: Fix errno and h_errno handling in getaddrinfo (BZ #21915, BZ #21922) - resolv-conf-oom.patch: Fix memory handling in OOM situation during resolv.conf parsing (BZ #22095, BZ #22096) - dynarray-allocation.patch: Fix initial size of dynarray allocation and set errno on overflow error - nearbyint-inexact.patch: Avoid spurious inexact in nearbyint (BZ #22225)- math-c++-compat.patch: add more C++ compatibility (BZ #22146)- Remove rpcsvc/yppasswd.* from glibc-devel - ld-so-hwcap-x86-64.patch: add x86_64 to hwcap (bsc#1056606, BZ #22093)- eh-frame-zero-terminator.patch: Properly terminate .eh_frame (BZ #22051)- Disable obsolete libnsl and NIS support - remove-nss-nis-compat.patch: remove nis and compat from default NSS configs - nsswitch.conf: Likewise- math-c++-compat.patch: Do not use __builtin_types_compatible_p in C++ mode (BZ #21930)- Add iconvconfig to baselibs.conf (bsc#1051042)- resolv-context-leak.patch: Fix leaks of resolver contexts - dl-runtime-resolve-opt-avx512f.patch: Use _dl_runtime_resolve_opt only with AVX512F (BZ #21871) - libpthread-compat-wrappers.patch: Don't use IFUNC resolver for longjmp or system in libpthread (BZ #21041)- Update to glibc 2.26 * A per-thread cache has been added to malloc * Unicode 10.0.0 Support * Improvements to the DNS stub resolver * New function reallocarray, which resizes an allocated block (like realloc) to the product of two sizes, with a guaranteed clean failure upon integer overflow in the multiplication * New wrappers for the Linux-specific system calls preadv2 and pwritev2 * posix_spawnattr_setflags now supports the flag POSIX_SPAWN_SETSID, to create a new session ID for the spawned process * errno.h is now safe to use from C-preprocessed assembly language on all supported operating systems * On ia64, powerpc64le, x86-32, and x86-64, the math library now implements 128-bit floating point as defined by ISO/IEC/IEEE 60559:2011 (IEEE 754-2008) and ISO/IEC TS 18661-3:2015 * The synchronization that pthread_spin_unlock performs has been changed to now be equivalent to a C11 atomic store with release memory order to the spin lock's memory location * The DNS stub resolver no longer performs EDNS fallback * res_mkquery and res_nmkquery no longer support the IQUERY opcode * The _res_opcodes variable has been removed from libresolv * no longer includes inline versions of any string functions, as this kind of optimization is better done by the compiler * The nonstandard header has been removed * The obsolete header has been removed * The obsolete signal constant SIGUNUSED is no longer defined by * The obsolete function cfree has been removed * The stack_t type no longer has the name struct sigaltstack * The ucontext_t type no longer has the name struct ucontext * On S/390 GNU/Linux, the constants defined by have been synced with the kernel * Linux kernel 3.2 or later is required at runtime, on all architectures supported by that kernel * The DNS stub resolver limits the advertised UDP buffer size to 1200 bytes, to avoid fragmentation-based spoofing attacks (CVE-2017-12132) * LD_LIBRARY_PATH is now ignored in binaries running in privileged AT_SECURE mode to guard against local privilege escalation attacks (CVE-2017-1000366) * Avoid printing a backtrace from the __stack_chk_fail function since it is called on a corrupt stack and a backtrace is unreliable on a corrupt stack (CVE-2010-3192) * A use-after-free vulnerability in clntudp_call in the Sun RPC system has been fixed (CVE-2017-12133) * fate#322258, fate#321513, fate#322453 - fts-symbol-redirect.patch, glibc-resolv-reload.diff, glibc-2.2-sunrpc.diff, i686-memchr-sse.patch, ld-hwcap-mask-suid.patch, ld-library-path-suid.patch, sunrpc-use-after-free.patch, test-math-vector-sincos-aliasing.patch, tunables-bigendian.patch: Removed- Fix RPM group- s390-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (fate#322271)- ld-hwcap-mask-suid.patch: Ignore and remove LD_HWCAP_MASK for AT_SECURE programs (BZ #21209) - ld-library-path-suid.patch: Completely ignore LD_LIBRARY_PATH for AT_SECURE=1 programs (CVE-2017-1000366, bsc#1039357, BZ #21624)- Remove glibc-cpusetsize.diff, no longer useful- fts-symbol-redirect.patch: Fix symbol redirect for fts_set (bsc#1041123, BZ #21289)- test-math-vector-sincos-aliasing.patch: Fix test-math-vector-sincos.h aliasing- add-locales.patch: renamed from glibc-2.3.locales.diff.bz2, drop en_BE locales (bsc#1039502)- Remove glibc-testsuite.patch, no longer relevant- Use multibuild feature - Remove obsolete check-build.sh - glibc.rpmlintrc: remove obsolete entries - Use %tmpfiles_create in nscd postin- i686-memchr-sse.patch: Fix i686 memchr overflow calculation (bsc#1031021, BZ #21182) - sunrpc-use-after-free.patch: Avoid use-after-free read access in clntudp_call (BZ #21115) - Build testsuite with gdb and python-pexpect to enable more tests- tunables-bigendian.patch: Fix getting tunable values on big-endian (BZ [#21109])- Update to glibc 2.25 * The feature test macro __STDC_WANT_LIB_EXT2__, from ISO/IEC TR 24731-2:2010, is supported to enable declarations of functions from that TR. * The feature test macro __STDC_WANT_IEC_60559_BFP_EXT__, from ISO/IEC TS 18661-1:2014, is supported to enable declarations of functions and macros from that TS. * The feature test macro __STDC_WANT_IEC_60559_FUNCS_EXT__, from ISO/IEC TS 18661-4:2015, is supported to enable declarations of functions and macros from that TS. * The nonstandard feature selection macros _REENTRANT and _THREAD_SAFE are now treated as compatibility synonyms for _POSIX_C_SOURCE=199506L. * The inclusion of by is deprecated. * New features from TS 18661-1:2014 are added to libm: the fesetexcept, fetestexceptflag, fegetmode and fesetmode functions, the femode_t type and the FE_DFL_MODE and FE_SNANS_ALWAYS_SIGNAL macros. * Integer width macros from TS 18661-1:2014 are added to : CHAR_WIDTH, SCHAR_WIDTH, UCHAR_WIDTH, SHRT_WIDTH, USHRT_WIDTH, INT_WIDTH, UINT_WIDTH, LONG_WIDTH, ULONG_WIDTH, LLONG_WIDTH, ULLONG_WIDTH; and to : INT8_WIDTH, UINT8_WIDTH, INT16_WIDTH, UINT16_WIDTH, INT32_WIDTH, UINT32_WIDTH, INT64_WIDTH, UINT64_WIDTH, INT_LEAST8_WIDTH, UINT_LEAST8_WIDTH, INT_LEAST16_WIDTH, UINT_LEAST16_WIDTH, INT_LEAST32_WIDTH, UINT_LEAST32_WIDTH, INT_LEAST64_WIDTH, UINT_LEAST64_WIDTH, INT_FAST8_WIDTH, UINT_FAST8_WIDTH, INT_FAST16_WIDTH, UINT_FAST16_WIDTH, INT_FAST32_WIDTH, UINT_FAST32_WIDTH, INT_FAST64_WIDTH, UINT_FAST64_WIDTH, INTPTR_WIDTH, UINTPTR_WIDTH, INTMAX_WIDTH, UINTMAX_WIDTH, PTRDIFF_WIDTH, SIG_ATOMIC_WIDTH, SIZE_WIDTH, WCHAR_WIDTH, WINT_WIDTH. * New features are added from TS 18661-1:2014: - Signaling NaN macros: SNANF, SNAN, SNANL. - Nearest integer functions: roundeven, roundevenf, roundevenl, fromfp, fromfpf, fromfpl, ufromfp, ufromfpf, ufromfpl, fromfpx, fromfpxf, fromfpxl, ufromfpx, ufromfpxf, ufromfpxl. - llogb functions: the llogb, llogbf and llogbl functions, and the FP_LLOGB0 and FP_LLOGBNAN macros. - Max-min magnitude functions: fmaxmag, fmaxmagf, fmaxmagl, fminmag, fminmagf, fminmagl. - Comparison macros: iseqsig. - Classification macros: iscanonical, issubnormal, iszero. - Total order functions: totalorder, totalorderf, totalorderl, totalordermag, totalordermagf, totalordermagl. - Canonicalize functions: canonicalize, canonicalizef, canonicalizel. - NaN functions: getpayload, getpayloadf, getpayloadl, setpayload, setpayloadf, setpayloadl, setpayloadsig, setpayloadsigf, setpayloadsigl. * The functions strfromd, strfromf, and strfroml, from ISO/IEC TS 18661-1:2014, are added to libc. * Most of glibc can now be built with the stack smashing protector enabled. * The function explicit_bzero, from OpenBSD, has been added to libc. * On ColdFire, MicroBlaze, Nios II and SH3, the float_t type is now defined to float instead of double. * On x86_64, when compiling with -mfpmath=387 or -mfpmath=sse+387, the float_t and double_t types are now defined to long double instead of float and double. * The getentropy and getrandom functions, and the header file have been added. * The buffer size for byte-oriented stdio streams is now limited to 8192 bytes by default. * The header now includes the header. * The malloc_get_state and malloc_set_state functions have been removed. * The “ip6-dotint” and “no-ip6-dotint” resolver options, and the corresponding RES_NOIP6DOTINT flag from have been removed. * The "ip6-bytestring" resolver option and the corresponding RES_USEBSTRING flag from have been removed. * The flags RES_AAONLY, RES_PRIMARY, RES_NOCHECKNAME, RES_KEEPTSIG, RES_BLAST defined in the header file have been deprecated. * The "inet6" option in /etc/resolv.conf and the RES_USE_INET6 flag for _res.flags are deprecated. * DNSSEC-related declarations and definitions have been removed from the header file, and libresolv will no longer attempt to decode the data part of DNSSEC record types. * The resource record type classification macros ns_t_qt_p, ns_t_mrr_p, ns_t_rr_p, ns_t_udp_p, ns_t_xfr_p have been removed from the header file because the distinction between RR types and meta-RR types is not officially standardized, subject to revision, and thus not suitable for encoding in a macro. * The types res_sendhookact, res_send_qhook, re_send_rhook, and the qhook and rhook members of the res_state type in have been removed. * For multi-arch support it is recommended to use a GCC which has been built with support for GNU indirect functions. * GDB pretty printers have been added for mutex and condition variable structures in POSIX Threads. * Tunables feature added to allow tweaking of the runtime for an application program. * A new version of condition variables functions have been implemented in the NPTL implementation of POSIX Threads to provide stronger ordering guarantees. * A new version of pthread_rwlock functions have been implemented to use a more scalable algorithm primarily through not using a critical section anymore to make state changes. * On ARM EABI (32-bit), generating a backtrace for execution contexts which have been created with makecontext could fail to terminate due to a missing .cantunwind annotation. (CVE-2016-6323) * The DNS stub resolver functions would crash due to a NULL pointer dereference when processing a query with a valid DNS question type which was used internally in the implementation. (CVE-2015-5180) - Enable stack protector if part of %optflags - startcontext-cantunwind.patch: Removed - cpuid-assertion.patch: Removed- cpuid-assertion.patch: Don't assert on older Intel CPUs (BZ #20647)- glibc-2.3.3-nscd-db-path.diff: Move persistent nscd databases to /var/lib/nscd - glibc-2.3.90-langpackdir.diff: simplify- Update to glibc 2.24 * The minimum Linux kernel version that this version of the GNU C Library can be used with is 3.2 * The pap_AN locale has been deleted * The readdir_r and readdir64_r functions have been deprecated * The type `union wait' has been removed * A new NSS action is added to facilitate large distributed system administration * The deprecated __malloc_initialize_hook variable has been removed from the API * The long unused localedef --old-style option has been removed * nextupl, nextup, nextupf, nextdownl, nextdown and nextdownf are added to libm * An unnecessary stack copy in _nss_dns_getnetbyname_r was removed (CVE-2016-3075) * Previously, getaddrinfo copied large amounts of address data to the stack, even after the fix for CVE-2013-4458 has been applied, potentially resulting in a stack overflow. getaddrinfo now uses a heap allocation instead (CVE-2016-3706) * The glob function suffered from a stack-based buffer overflow when it was called with the GLOB_ALTDIRFUNC flag and encountered a long file name (CVE-2016-1234) * The Sun RPC UDP client could exhaust all available stack space when flooded with crafted ICMP and UDP messages (CVE-2016-4429) * The IPv6 name server management code in libresolv could result in a memory leak for each thread which is created, performs a failing naming lookup, and exits (CVE-2016-5417) - startcontext-cantunwind.patch: mark __startcontext as .cantunwind (bsc#974800, BZ #20435) - Removed patches: * 0001-Updated-translations-for-2.23.patch * 0002-Regenerate-libc.pot-for-2.23.patch * 0003-Regenerated-configure-scripts.patch * 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch * 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch * 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch * 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch * 0008-Update-NEWS.patch * 0009-sln-use-stat64.patch * 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch * 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch * 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch * 0013-Mention-BZ-19762-in-NEWS.patch * 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch * 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch * 0016-Fix-resource-leak-in-resolver-bug-19257.patch * 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch * 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch * 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch * 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch * 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch * 0022-configure-fix-test-usage.patch * 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch * 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch * 0025-getnameinfo-Do-not-preserve-errno.patch * 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch * 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch * 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch * 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch * 0030-hesiod-Remove-RCS-keywords.patch * 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch * 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch * 0033-malloc-Remove-NO_THREADS.patch * 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch * 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch * 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch * 0037-malloc-Add-missing-internal_function-attributes-on-f.patch * 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch * 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch * 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch * 0041-nss_dns-Check-address-length-before-creating-addrinf.patch * 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch * 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch * 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch * 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch * 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch * 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch * 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch * 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch * 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch * 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch * 0052-Fix-tst-dlsym-error-build.patch * 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch * 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch * 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch * 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch * clntudp-call-alloca.patch * glibc-memset-nontemporal.diff * nis-initgroups-status.patch * nscd-gc-crash.patch * robust-mutex-deadlock.patch * strncat-avoid-array-bounds-warning.patch- strncat-avoid-array-bounds-warning.patch: Avoid array-bounds warning for stncat on i586 (BZ #20260) - Update glibc.keyring - Unset MALLOC_CHECK_ during testsuite run- nsswitch.conf: Add fallback to files for passwd and group to prepare for libnsl removal.- nis-initgroups-status.patch: Return proper status from _nss_nis_initgroups_dyn (bsc#984269, BZ #20262) - robust-mutex-deadlock.patch: Fix generic __lll_robust_timedlock_wait to check for timeout (bsc#985170, BZ #20263)- nscd-gc-crash.patch: Fix nscd assertion failure in gc (bsc#965699, BZ [#19755])- clntudp-call-alloca.patch: do not use alloca in clntudp_call (CVE-2016-4429, bsc#980854, BZ #20112)- Import patches from 2.23 branch 0001-Updated-translations-for-2.23.patch 0002-Regenerate-libc.pot-for-2.23.patch 0003-Regenerated-configure-scripts.patch 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch 0008-Update-NEWS.patch 0009-sln-use-stat64.patch 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch 0013-Mention-BZ-19762-in-NEWS.patch 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch 0016-Fix-resource-leak-in-resolver-bug-19257.patch 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch 0022-configure-fix-test-usage.patch 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch 0025-getnameinfo-Do-not-preserve-errno.patch 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch 0030-hesiod-Remove-RCS-keywords.patch 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch 0033-malloc-Remove-NO_THREADS.patch 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch 0037-malloc-Add-missing-internal_function-attributes-on-f.patch 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch 0041-nss_dns-Check-address-length-before-creating-addrinf.patch 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch 0052-Fix-tst-dlsym-error-build.patch 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch - CVE-2016-3075 CVE-2016-1234 CVE-2016-3706 bsc#973164 bsc#969727 - resolv-mem-leak.patch: renamed to 0016-Fix-resource-leak-in-resolver-bug-19257.patch - no-long-double.patch: renamed to 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch - glibc-gcc6.patch: renamed to 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch- glibc-c-utf8-locale.patch: fix bad standard in LC_IDENTIFICATION categories - glibc-2.3.locales.diff.bz2: likewise- glibc-gcc6.patch: Suppress GCC 6 warning about ambiguous 'else' with - Wparentheses- Add compatibility symlinks for LSB 3.0 (fate#318933)- powerpc-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (bsc#967594, fate#318236)- ldd-system-interp.patch: Restore warning about execution permission, it is still needed for noexec mounts (bsc#915985)- Add C.UTF-8 locale (see https://sourceware.org/glibc/wiki/Proposals/C.UTF-8) and rh#902094 . Added with glibc-c-utf8-locale.patch. - Add glibc-disable-gettext-for-c-utf8.patch to disable gettext for C.UTF-8 same as C locale.- Move %install_info_delete to %preun - crypt_blowfish-1.3.tar.gz.sign: Remove, the sign key is no longer acceptable- no-long-double.patch: Don't use long double functions if NO_LONG_DOUBLE- Update to glibc 2.23 release. * Unicode 8.0.0 Support * sched_setaffinity, pthread_setaffinity_np no longer attempt to guess the kernel-internal CPU set size * The fts.h header can now be used with -D_FILE_OFFSET_BITS=64 * getaddrinfo now detects certain invalid responses on an internal netlink socket * A defect in the malloc implementation, present since glibc 2.15 (2012) or glibc 2.10 via --enable-experimental-malloc (2009), could result in the unnecessary serialization of memory allocation requests across threads * The obsolete header has been removed * The obsolete functions bdflush, create_module, get_kernel_syms, query_module and uselib are no longer available to newly linked binaries * Optimized string, wcsmbs and memory functions for IBM z13. * Newly linked programs that define a variable called signgam will no longer have it set by the lgamma, lgammaf and lgammal functions - Removed patches: * dont-remove-nodelete-flag.patch * openat64-readd-o-largefile.patch * mntent-blank-line.patch * opendir-o-directory-check.patch * strcoll-remove-strdiff-opt.patch * ld-pointer-guard.patch * tls-dtor-list-mangling.patch * powerpc-lock-elision-race.patch * prelink-elf-rtype-class.patch * vector-finite-math-aliases.patch * powerpc-elision-adapt-param.patch * catopen-unbound-alloca.patch * strftime-range-check.patch * hcreate-overflow-check.patch * errorcheck-mutex-no-elision.patch * refactor-nan-parsing.patch * send-dg-buffer-overflow.patch * isinf-cxx11-conflict.patch * ibm93x-redundant-shift-si.patch * iconv-reset-input-buffer.patch * tzset-tzname.patch * static-dlopen.patch- isinf-cxx11-conflict.patch: Fix isinf/isnan declaration conflict with C++11 (bsc#963700, BZ #19439)- tls-dtor-list-mangling.patch: Harden tls_dtor_list with pointer mangling (BZ #19018) - prelink-elf-rtype-class.patch: Keep only ELF_RTYPE_CLASS_{PLT|COPY} bits for prelink (BZ #19178) - vector-finite-math-aliases.patch: Better workaround for aliases of * _finite symbols in vector math library (BZ# 19058) - powerpc-elision-adapt-param.patch: powerpc: Fix usage of elision transient failure adapt param (BZ #19174) - catopen-unbound-alloca.patch: Fix unbound alloca in catopen (CVE-2015-8779, bsc#962739, BZ #17905) - strftime-range-check.patch: Add range check on time fields (CVE-2015-8776, bsc#962736, BZ #18985) - hcreate-overflow-check.patch: Handle overflow in hcreate (CVE-2015-8778, bsc#962737, BZ #18240) - errorcheck-mutex-no-elision.patch: Don't do lock elision on an error checking mutex (bsc#956716, BZ #17514) - refactor-nan-parsing.patch: Refactor strtod parsing of NaN payloads (CVE-2014-9761, bsc#962738, BZ #16962) - send-dg-buffer-overflow.patch: Fix getaddrinfo stack-based buffer overflow (CVE-2015-7547, bsc#961721, BZ #18665) - powerpc-lock-elision-race.patch: renamed from 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- Add audit-devel and libcap-devel to BuildRequires, for use by nscd- reinitialize-dl_load_write_lock.patch: Reinitialize dl_load_write_lock on fork (bsc#958315, BZ #19282)- resolv-mem-leak.patch: Fix resource leak in resolver (bsc#955647, BZ #19257) - tzset-tzname.patch: Force rereading TZDEFRULES after it was used to set DST rules only (BZ #19253)- glibc-2.3.90-noversion.diff: use stat64- ld-pointer-guard.patch: Always enable pointer guard (CVE-2015-8777, bsc#950944, BZ #18928)- strcoll-remove-strdiff-opt.patch: Remove incorrect STRDIFF-based optimization (BZ #18589)- iconv-reset-input-buffer.patch: Fix iconv buffer handling with IGNORE error handler (BZ #18830)- new patch [BZ #18743] PowerPC: Fix a race condition when eliding a lock 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- nss-files-long-lines-2.patch: Properly reread entry after failure in nss_files getent function (bsc#945779, BZ #18991)- fnmatch-collating-elements.patch: Fix fnmatch handling of collating elements (BZ #17396, BZ #16976)- opendir-o-directory-check.patch: Fix opendir inverted o_directory_works test - static-dlopen.patch: Static dlopen default library search path fix (bsc#937853)- mntent-blank-line.patch: Fix memory corruption w/blank lines- dont-remove-nodelete-flag.patch: Don't remove DF_1_NODELETE flag from all loaded objects on failed dlopen - openat64-readd-o-largefile.patch: Readd O_LARGEFILE flag for openat64- Update to glibc 2.22 release. * Cache information can be queried via sysconf() function on s390 * A buffer overflow in gethostbyname_r and related functions performing DNS requests has been fixed. (CVE-2015-1781) * The time zone file parser has been made more robust against crafted time zone files * A powerpc and powerpc64 optimization for TLS, similar to TLS descriptors for LD and GD on x86 and x86-64, has been implemented. * Character encoding and ctype tables were updated to Unicode 7.0.0 * Added vector math library named libmvec * A new fmemopen implementation has been added with the goal of POSIX compliance. * The header is deprecated, and will be removed in a future release. * bsc#905313 bsc#920338 bsc#927080 bsc#928723 bsc#931480 bsc#939211 bsc#940195 bsc#940332 bsc#944494 bsc#968787 - Patches from upstream removed * htm-tabort.patch * o-tmpfile.patch * memcpy-chk-non-SSE2.patch * pthread-mutexattr-gettype-kind.patch * powerpc-software-sqrt.patch * static-tls-dtv-limit.patch * threaded-trim-threshold.patch * resolv-nameserver-handling.patch * nss-separate-state-getXXent.patch * aarch64-sigstksz.patch * heap-top-corruption.patch * pthread-join-deadlock.patch- pthread-join-deadlock.patch: Use IE model for static variables in libc.so, libpthread.so and rtld (bsc#930015, BZ #18457)- glibc-nodate.patch: fix verification of timestamp- also filter out -fstack-protector-strong- getaddrinfo-ipv6-sanity.diff: Remove. It breaks services that start before IPv6 is up (bsc#931399) - glibc-2.3.locales.diff.bz2: Remove sh_YU locales, fix currency for en_BE.- Add /usr/include/gnu/lib-names-.*.h to baselibs - pthread-join-deadlock.patch: Don't require rtld lock to store static TLS offset in the DTV (bsc#930015, BZ #18457) - heap-top-corruption.patch: Do not corrupt the top of a threaded heap if top chunk is MINSIZE (BZ #18502)- threaded-trim-threshold.patch: Fix regression in threaded application malloc performance (bsc#915955, BZ #17195)- aarch64-sigstksz.patch: Increase MINSIGSTKSZ and SIGSTKSZ (BZ #16850)- powerpc-software-sqrt.patch: Fix powerpc software sqrt (BZ #17964, BZ [#17967]) - nss-separate-state-getXXent.patch: Separate internal state between getXXent and getXXbyYY NSS calls (CVE-2014-8121, bsc#918187, BZ #18007) - static-tls-dtv-limit.patch: Fix DTV race, assert, DTV_SURPLUS Static TLS limit, and nptl_db garbage (bsc#919678, BZ #17090, BZ #17620, BZ #17621, BZ #17628)- resolv-nameserver-handling.patch: Replace with simpler version with more compatibility- memcpy-chk-non-SSE2.patch: Fix __memcpy_chk on non-SSE2 CPUs (bsc#920084)- resolv-nameserver-handling.patch: Rewrite handling of nameserver configuration in resolver- htm-tabort.patch: Fix TABORT encoding for little endian- Update to glibc 2.21 release. * A new semaphore algorithm has been implemented in generic C code for all machines * Added support for TSX lock elision of pthread mutexes on powerpc32, powerpc64 and powerpc64le * Optimized strcpy, stpcpy, strchrnul and strrchr implementations for AArch64 * i386 memcpy functions optimized with SSE2 unaligned load/store * New locales: tu_IN, bh_IN, raj_IN, ce_RU * The obsolete sigvec function has been removed * CVE-2015-1472 CVE-2015-1473 CVE-2012-3406 CVE-2014-9402 CVE-2014-7817 bsc#864081 bsc#906371 bsc#909053 bsc#910599 bsc#916222 - Patches from upstream removed * ifunc-x86-slow-sse4.patch * pthread-mutex-trylock-elision.patch - o-tmpfile.patch: Fix value of O_TMPFILE for architectures with non-default O_DIRECTORY (BZ #17912)- Update to crypt_blowfish 1.3. * Add support for the $2b$ prefix. - ifunc-x86-slow-sse4.patch: Fix misdetected Slow_SSE4_2 cpu feature bit (BZ #17501)/bin/sh/bin/sh/bin/sh/bin/shunscds390zl37 1652708440 2.31-150300.26.52.31-150300.26.52.31-150300.26.5 0.48nscd.confnscdnscd.pidsocketnscd.servicetmpfiles.dnscd.confnscdrcnscdnscdgrouphostsnetgrouppasswdservices/etc//run//run/nscd//usr/lib/systemd/system//usr/lib//usr/lib/tmpfiles.d//usr/sbin//var/lib//var/lib/nscd/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:24065/SUSE_SLE-15-SP3_Update/6dcd82b8cc2d0ba3ea2646a855dd9ab0-glibc.SUSE_SLE-15-SP3_Updatecpioxz5s390x-suse-linux ASCII textdirectorycannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-150300.26.5.s390x/run/nscd/nscd.pid' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-150300.26.5.s390x/run/nscd/socket' (No such file or directory)ELF 64-bit MSB shared object, IBM S/390, version 1 (SYSV), dynamically linked, interpreter /lib/ld64.so.1, BuildID[sha1]=16571a5c4cfd00e65d262101282ffa11b4a76a41, for GNU/Linux 3.2.0, strippedcannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-150300.26.5.s390x/var/lib/nscd/group' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-150300.26.5.s390x/var/lib/nscd/hosts' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-150300.26.5.s390x/var/lib/nscd/netgroup' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-150300.26.5.s390x/var/lib/nscd/passwd' (No such file or directory)cannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.31-150300.26.5.s390x/var/lib/nscd/services' (No such file or directory)R RR RRRRR R RRR RRRRRRRR3Bv6f+@utf-850f1c4d1d9a13c3dbcbcd04f218c0fb6aa42ec052c8ca794bf8c208d0eb5e176?p7zXZ !t/Cܣ] crv(vX0|oi( loV/rNpx]vo3L+X(T|1ڪ ~w~Kp_]`dD*eŗ*b<|F&<4u'A"e 5(-šQy4.RT,9g(9}c%g)}urYy`U}AFv5Qǃg:FZ Wvӡt/J5հӥ]ufN۔7"[z蚐c4% i]%f\k3 J@D%|I",瓷ߵE(X ̅v9Kc1|ՑH"qX!\?|=+iKb & ]4GC& P*QaΎsAYnoh5>rR"$Rm33bkmu}m>mOH3xa~*ze)HUuM" !L`[@J2CLoqHbCŽWE^)jSdnVuqKs.Vܰ)IRɺVE&_ i^CS23БL2~YSyKj~%-aȟ~[.$~x>aAFܻ爷uzftпCLϭPMM2xZj5*k5 j35o,i1&^cmjfG空nKzo>~Ig(a(TmzmDe;=)첶l?w_Wq ƜQ'Ep$-vq[SG@Uڨ؜W^UH#XUʱhJ 0q2ù.HxS&6OW9éS$^K'"K J `^n`]?ʵ qţmS6ak/% !/dhVpE6x_cILy1{@!˱b<șzs>2#vko4 UN^:V,; B? ffet<Ƀui [{{Qv E^=b{`a񧵪l%tV֤Tv!ȑ;)請g{sN~B+.H4$0iHH3ğk!u A\g(0N̚ƥz%p ('u'=Ro~&`&f. ;pDN2ғH/=L&)A`V^RLBdv.{9A'Z8. t&/e5rREPϼy^%2얂b!_US-K,E{tn֩eҧnߏoC͒ա"D߸gVhMu}2@qD$#$*؞R]O nBY?HD"yqiSAn˭6V<Y;5ӡF|bZtZ/C||O K 9Z?dyȰ|VRs} Z`x`gOdfaN]XLz:P.oO_DohףоP%9dD)S칱E(_hz<ӑe3Γ|U $%W dN#`ղr2yڈ:ZVnK J\nn|v)$&d:ƯR#y=*e҃"ڧSŝ:"I(uW&73ލcHGiU].vVy uٰKZF>!{a=bBڦHRhX3ݱR)f45 \ȂTZJ0ℽvqTX~S՟q*2V&+&cKi p;=IhB2g_iԑޱF 'x oS@l>GoxNBhmp4c\"K45^ǽȼ L jTϣtdO?C" /t?Cv'XZ8nsOfopY Bkc|Ka|8؈}tzWJ|]XT`(tV[4fҹ(h啕xSuY}; !?U4͙癵V_޽TQ hM1]^/_ Nz<` yzhM Sbg^Zo sCkĨlvzXYMtr5oSND U7誨Ms#j*88&o#[šA_ vG r 1ȉ0%0 A(ԻH % rX{G/D1A|ER56mHd@mZ^0L䚗Tߩcî=$NX9ñ,i|HED.XǠҭa|Cr @zJz˄!F,{ҍ?Vu`Qs Zu^V̦dγ")A 1Kgzs*Ova IsE?"{@Px=ju{J` qh4=_\qW2{<.a-![+=Ud&#TMj];e! Ulɀc:p;] X5s^z :dP*/7m'EC&AMA?74:9ι7BTtapeKܶ_<$!@g5!NR^%^'ol! lO-mkjg%U?HɂC+ ݁(V$ԺSF+gE]F#X)/JN_$IPYw4)DYf:!n7cz!ȹH#= yX u+xjR @m I2;VJqX?'].2r^,PΔ@Vk%vԿNch0d'PWBe+faK_t"槗):ADߴnؑVOH;EŞl'to芷JF W= n;7Rǿ,sg5ޤĖ@q/&k_zCerT! i~Ϝllq ~.XUvc-8A?O^%ьso TЌeX+{c*1^6VG EC}ɨ:0 * 1E^\ =+In:?tovm.9+Eƽ/p4(Fu+LH \hY8KрM| GbSxTln";G}]t&LcgMug bq,fz9X"<ˌa=nU$XE# T!pk%|@#Oڔ[E{$%ɷۗ=&u1WK6ޑ3a\'&s'v|+7O-x O~nwd_VS躠iW#Ws_,صxU^i .)G #02BXncyЧA R! ^Z7# vqk4f3 ueIW HY|=Ȁx:&a( 1^(NNQ݉FUx>v zݱm?7\M\ugO<ܡXTT|¸|/}U.t9B& 2mtpdiz[PR&RE/P!`̊vBso59+vQq-72 }8%CNiC*6zA5[Ehɶ~v5шsf4sҏ-/'L U(R +RՈp+_~M}z2uf28N ?i+J-w lV]< ZN PwDq ~&9BZ<,%:e. /b{:m=4=M[ ?>.NE>6M7|eIbY&Sf싊 Y䝊nPYق)o[~\<-?boNΨǼ`д% \<7!}e{ sTNEWWԯ E.Ez&Qq{'U[ZB|.f)I Gd͌&2,.snq;Ž];L ~*5ǫpP؀silLm~&'T}ų=X3Nߨu!|P]GJ ;7njY<dMsM ĆҸSĊcpwU?S(/f.v wiZ3$%7V1:v:jh?!' Db:9MX/{(;'J\0[;kyR,Hp79/]}wقK*~\O8B^(nF7 7|(H c@"}ӓut?|+rB1FwԿ ztooxb^`rr 8[1lVFAeuge #=X[(" 0bm\xhcН$K*o\lm?;3u[gS%9!"vTjKI*'YA# jI-gi<p}m؂vszPx[f2`W!ݠ{;П&x{WnE.׎_5? / sq=nao}y]{㤥4hmBegW:.MZԜxY'o_r@źAX y" 5ԗ ەl!U[;ô<]5GKĐ˴yFx#b)Hݕe5#a]޿YkVP[@xG? /u7Q/Gs2]vAsG\$`׭͊)JQSN5QЯsG )!2)ei|a衸'SA Ū $1m͙ )$̮/{3BX0SmDm ?G v5l$\h@4y C{tSC4}*?(jZ2NKKM93YUtBfK@sK ,`% 8iI< (zBK{szT'|Hۆ '0UbH:\wF8BfCP;OG4Ne0)tBm3-Qa.1p@Z? g`!q0{ ys+2q >oK{4fyR) Q|9;7"f(5_$͵T³&3",GN<+X|R =4?ʠsGTNQ!2(8FD$2u_H-^tOQ3\xI@$ܘM-#1gԉŹTYP~9rs Kn*?DjF3ϋU^Wl4JWo\pT)D0Ykg4ە2p^[ #w}':RR{*o(JZY i^t%l,9Ɏ쟣6|'#mtbHaUu@pz!dg:G<K/6fG^^2HDdU5%#M2jr ]#-H[<+絓:,n?R_tQ>Ƒw1j61xFϺ/ֵeQIfnp8AqɢM@s&m1;m\W.7exK_{ \ gHJX0#(:vSw]>tq3@׍"lr(fqciX&?MEZ,F"Z  3y=+/qk0TJ| %2? :\k(Ƣ:TTCXmkJ9q<$F/B [I0QaF 5{+%[ϒmNVIm[܀fU"r Bb[W4=$u v XW#;ޭ2 (]R w}< F'`z'׻U.(/bAI)\ VĴ Ϟ' slB{eԋ!0=лdm7(¡JefO/nAô0St[V.a_ F~SP|SPRڎoN~vM9#.'J|W|aFW-hht6cB39Ex得c=3GYTcLj&aEQnj|Uka* 5yW_1+oc`* u$r+ x4j8WLHܵvCm: I$~1sHyVh(9X$\(|?PE9#vx Pϔ7m.h!e5G,B|#ƅfLg̈ ՈTzPZŴ,[r9nr?x|[RF[ƋJzK.d`ĐC/'c.%IY%cImRf}iLfVBPpqs|?!N/Re4 6f89pטt;8tܱK: |b qcbrgu>\uEo^wOiU34.&a]*μFo~3˥-pUPrBhOk_D4AifX3dk$n9TwA6&u;^۳*PK'E2hM<$_L\f$J: ݳ8o<= -?тe,G e\y9ߒ08Ƶ9ҵZՒa)^;Wi{# "ۻu0{.LTzkV޲, 9bnnTAF, 2 n*,iE51i%nG3UtK~](i~ݱvŢ1Q)zs IX8SF,l>9,(@~wWa٧AT3 'e,}E+~(I=DSۭĶv .s++؁@N5!^N|\Ψ'g%A/;9 wNtIfU=,5гqBH ճ5(^k9Ќ5 rٞPȱcte0 S7sCa>zE;5wlv9o3l'7~r-J 2q1LRK藷~4-/+ j\V{ 㼎]6ӳ#?~^+/Hb o>]: kf{H*{ɟ]IoIG]2sO.S>Yfx$&܇}e3+p<쌏Ww.ٞ!-_(m֦q8a^)>=d"fwkצxэ oCZxdW{ރҽsjH884X[C; !+ٜ5#B@,nyD&T5A%UOF˂F25' $GWKѳ,#=SMԆ8Q9 [joq s9b@iRw caGގhaY@MfP@Uy@"-$ rerXZCgyMK19eKOpyǧ[W'#3J`+T@C,GkbfeSWֺ6֯)i S^m*= Oq/s!֤W93':̅(¢|}!:N|7M? ^,Q>LD@f4?\i>up5O9_xfLN5ƍ15Ҟ>Dy^UD|)UdRBR}LݴCx5!o 7d{zտR,<H]xe"j\+:*&3-2f\wJcaF@BuJԥM/YxW^]FN |On;.~rp,kpH= e4:vel8ikaOG.d|RLl\[&8pͽPUs*ӔFIOOc>MҖ)76{ý <ߝ,G`?7hfFg_"zx~߫]0h+꜁?[VkFp~LZ 4r6:;hi!cLk$?ŝͺtX;S[XezuJpJ|.@׹.cVo{pnn ~݉MO.M%d -@d$J^0 d,B@r~`=(N=jYK Wx',MA!#|sg06VqJu⣸1r?<-$6wWW0pxɶwwBRg}Uaq@9 ;PS;B g{ݵe[V[%|@ųx0Bl|dBEF{Pr3<gTR8!gܳȼ4Υbedmp@Y7|o\ UMe6J^?czC]BٟjMp޾C%>nedDReD2{@2;"tSiy*?ȖkȒ.GHcIY+拥^w{"&Z۶Z%)cN)؞NHk(⿛< 'ʚyKXvn j/NaWi~38gVߖ-.ga)M;}f~.;gUTQObC~W0 H y3k1pj#ՊmYC!ɴ.HuI_W۶af r]sg.0XnܥM5x_$.e搚ZJ,{aeV"oeTJ]n&J;WLjek=w6-v:6ͨܘ!l&"s[@,fZōCW"ٱ*[~K-ЀsoN-ꄡ#-7 gоތϤINǃ*>Y̍BP<07&Qߪ4$tLJogV{oq B\y_̺yh\FM}MkuD@$|y4wcYqSj^NWu(%C@h͞^ŽW'땓 ަt"TzEbd.sFySe~AW>dM5~ؽЩf*qfӔB)'/ueA:DLiO%<пz+/#,=3bBP.L{=W}_wD[_4Ȣ϶VܿQ]&᪫UPL;uLW3dD3{uPHU~ ͌Be~PR"w1K^/nz]k죢ܛA,~KNd{(#a=ﹶ%ӈja҆kDDPIcmE4Ǻa&X{~hȢO r!ں?K h].m`\)=S<ڒI=\PoN'|]U,7SYܖNe@L^{d"SaY8v Rlߎ><OL)X*"5K(ѓWҊ4EeU"ۧqԤ83y,<$T iK[낵 E!j@-@qR ,8{JOw&JF:lu6y:,I`N٦Iap^M^G2LW eG %Xf[JXPL(ߓ-%,H9XRC0- . =`]m>vћ J`0gJA c.cpx$havZA`w;8<ːv݈YFqd̴-<пQ 3avm#9%Nsl<㞬AWo >N/(YF0Lb}OQ2(NssQA?4%n."7k|kob1Dr?|lU +$(oSKL$UbћtU]*Ū&1틞Gjl̤AqX͝d]^K$-ryx<]t_)R؃D bpV54YIu !3~=H߬VTA-.TB&u8I9LZ&ܣ+s7;DpN@sEO$ }GyjJ+=a)`5}m~)aHP+0. {/e5i+f 0j=ʮO>T޳?xNaC eG?bw@شK&p3DfRnKtB*OLNJ#N,z!Ųu+d#+ao6z|ߕ s942@/ !qKQV.<jFr8 O9ґGZ8ZPһhIf@VaZSl27@-Z `VUh#CQ6MFĮ矉( \>:9H!L Z&./IS-Of#3d(pʎp J>6cn =&SkT FsXW7;X#qzfM5JO"nCuʛ{? h=䣂%Í-\/STVU5uQ1l1-c`X&_~dGpHڻ*IGey+B+2dyB>:Rl?j5bn/^~XP06$v;4&KN߲ Y'U;i8jƛWOc=@ƞUHr_ᣝ!-V&xuM$w1`r_ ]l&Qck8Kc~q_Y%N1 ƻf>v~c$q${>"xhwMRܝsYҿ߱{Wh( ̓*q 8N[OjH^Ebrz& B%BOu>\-$lq$@/kx~&!ޞOpP}#a[7K^qӿ)7jo=r%^znݖ(%#ԛOudNSTtN&yWk@fnԞ=nt4(cK}7OЇa9HaixtJ G^-~"{L~9'([~/D [Ɵ7!of4J2)({4--J7y{C:[FsTINTxAu1%ZtPi6ת dR 1.`Wt(~?( ^_ 14aMXbO!_v\z'嚙s! pJLyWŌR+RFoDWDѐxM>_!o"6/+cV|Ɨ?$]qԀ|^ >*ZUXM'`s5&p`S OĩxP2~$1'ڴzRЗ]zkK0wQ)d26>I۳ AG } 0.E^3-r,z`A:)#m>Iod%`c* 7HA412kOnį{5TgD}oGOb/p&{[42&o5?߀6VA1R?0 S02$(oj4F De-IP>1/haPG /✤B3(~H'MyܖdPS ڒ̍ǁ7A%>bafD(!UӑZîT'$CAO;RQ77hqt˧xUhZ}`yUD@m@~7rR2HAj#l|\}OD2 !m/<,3>NQy@UEy; 88Gԣ@֕ߗsY3L甒\u76,@3>Bb'Jh ?+h;_/I*ā '[ڃy<T1bJA^Hr7lMq L[47E)]23Jg @ʈM\&`PZ: h3??>۳C %&vAAk\ᆵ.IpDJ+%73rG*&/߰Q®E7C̋8]0XXP@SNRǀ%#|(B)M 5Mt_- j}QIClůN՛->f _dPv?etH,NjqZyd1+&E6sSJ~]@W 8-9+2eFLyzȌ@h䔏"Rkai[p_FAiiKw3y y׉}9~&p]ef50O29UqHSzϘkuY^^N`qfZ/K#?LeS_9S 2wRKki8:UJ’cbƒ|+PU$K)_'^jC㱡f!O,$1N}4E@2~n{rj !}{\q 0J.XpgHB׈NOD[)}EQ\@r A]{`ゥsm2#L-~y' ZڂN #Ѷ˾C:-M9PlE*a]4Ew1vt! VvGt S9@;T\z)72?nCGa5f`4ϧ|ίG.֕ p_ؤYQU^`J H0Z}{[!Z7ayM^ēQw%.B4[I&؉a 6X@^:F8JmlsRүMp,M尥x&ntW9~DAvxGgő $!z#K9Y]j_m~+ӞbKsb[LT n˶o2qm*$+ה٪_,Uf@;Bl(.( 5Г<E&?4:?v MT @@@1QmƵ.2ykq>tVqW'K8$]n Jgx?pЌZhA;}W£v,d;/%^#X^ӌURې8痘 цp4`eyIԣ]KL#-.B͋rS.؛bYbe(,pV7)qxs҃I>+W: ۅ?.Nfl yp"\tY%#r 鯓x93nueٲc-̻ O9X&E@"к[q#X?":]ϸ{K+Nn5)0du-#x_ *"jӤȤ̲ܘ8Pʊ#RNdٰ5`Oqw~ZM 4SO%"Gd @ˠ-ֹHԵR&0EP0:Gs447cޚ;Ǒ-#)U: Bݵ$ǡxN|gO -=a,3hD%>./#=oXŮШ?!IH 'bb[/7iۿ>ӵlH5?#hA!vj;p_Nsp_F 3eMΡu?ڣ 8!_ޱSW9cd:gsgr+vꔾW/ Cm^J9WN3ќzaki+\̯ 37/x%S"?p)~ fq%6 }'x_<> ) G Qb[:4eP辰S.0 PTTr@Kg-*KGdR`]sݧQVcl%~i|N%iH}te]cѹ&ݷq%yVm+sk A.2V'CZ_B|$:@dv}F7$?-]ix-ezGBeuW׃e^㲭AƐ]צwjm< 7޳S.Vҽl&uFX߷РC*bh_e T$s:: \^*tRw]?m_* 9\NQcVLz7v+YA_I{C^H1+YKfWUzKG%:c9׷L-qh~)5 4iz9&iȋ`/q]z3/8 3)$~@zL(ӳ-dWzڋItbzEAWG0D-`^ku:S|l0h1뢷(n. v&EBf} UE C7@czeuP21:hjoZ3a:=sY DCSQ'aזk$M w2I/egJf"=4(4BIDgLdI躠j5ӵTc=Lgke,<=] ]So MGE/SQ͌]f6&5 &θ^R7-LH\e} #i[%(b'OsV笃 Vrp1e5|Gzo@ձ<DeDO$V}CW t~J"Cݰ [GzT9 Y\> Q=ŝFL ]ƅKiBBSuYױT1ONMw28PĖdBī񟁊hP/ #oK~29He)2M%]sEˌe|Fڪ&S6]tiReGjvK)k-xˊIrV-Odk 9L#0:3D̰5 @mi"i Z5_-r:lS LӏzV$.0vH%*#gxꖡ8Y=twW3cp:(FY7@@ 6QU 2[Zgv|:Oq{yT<)Df=W> z-sCox.Qt=]]tIoJeF1o­Ve[.#ܟnROU}XByPYg~Ec+0]Lف'*e{3ћaW^UoWo#]`m`H?IJx<#ڂEATBWF&15T(ήy?9m#l$1KoՍŤ7`̈= //J5W5Q͐1kV,@`x»qdbs t]cW>[l=na-c\gǫ{ drVꨯR /ʷ} ^r J0KҞ` ̈́88JY %~IT*YWa$YպM}%UXWHa JydcRiI>}9sE|7Wƶ&Xe$U5'VeYһsH$NĖr=$i"0yg8h9'IX`9V\ BL=/SO6ߞDwd-qyb*/ brV7F:|.4\vʰ&;NKv1j3f̥Gɼ EFng:޲Ēa"-J )m 8.Lz|jESxоre~?Aʗ:1_"jixU<{N[hi/aLctA^P3IbOґ cFj4zB蘆wɊ'SZouVӹ8#kЫLA2H*ݫ~B; wdw4 ˙L-r$ <[.^\_l[U?7Z4A<$O!Tkf>&Z}ܡTCeE{%jԣګL'߼Ļ\=f&~Wո6&[yV|/f~#n)xI +$bQ%7sҸ59kBz<ė'wGg,ff vc6JNzvb'P CW$x<{Ģq⋡( '>/#>wQWEI=5^opz~vNo)}n.Z#骐ٮEUWZ+s_~.\;OP]J$ձ@ܭiiLݰeF\5.!$$g4Lw5R2sМ,wBUbrֲɱZ%O6e\%k[is_;vMa1}=*sdE\ :zQR oc{JOQVZqTvp8#Gx/XMk<@݈;3 xә^3Cz YUx1o=%4' Mzp 874Rt_5Nd9pckUy7 rִ)O?̦C+#ߊQ|$qvc{>$=';gQwukb B;*qWc_\< uo#HM^mbVjM@x ;\kD/buFA$6_Cv-:d$V* _.]f*}iȮ7_)t$k3*8ռ ez>\Kh \yIC]q 8|ެ%cz"Irqb 'L"$pF"o!m}>'6M>AnVI plSͷ$OVnNG xդgIT4L`4e=ǘye7֗f|6QXc,`3S%~3̸_r>;?'cn;QCpc%fBV5rYδl7=Ua.ZPKE ^2>nn꺻y3Wg! W WMҭ' %ε<;nu)1zmH8œ4|`4y.#oE%'B<#A\r2ro53&~Y…e7Y`X͚>Je,`6ѱ^oqXc{Ԍ@ų|㲔l#ʖlxٓr4v=}@@NOPSlM|+qi#v34K"3@%W[Ҩ$iȸˋl^3"YKm)2N rc ՅAa퓚# zQܵh?fL;ʼR'ᨥ-dU!?88TmEÛfybAݣ||2+XF&]/ֳZI].3?fh{sDFH6U~5B )M %]34^ȗ{So+#n\#&1;}2y hg^W"sgo/R6N'ݪkG &lܧiz@ύՀPšAp틾SbG ;MqzXj T$2 gþAOQ4NM+@]2l%ం Z 9Kz|WLǸDz$Br1%s(m7W"ppI@Rc4J n. Y 4LZ>TR}wbnjȞC4n S(SWkNEu"sP3%|,ʳ0ѲV*Ų3dj7/6.l0k:&` ?d<|DJfWˈfP+Z9]fu֑ccE?zwleau~1kMEpT%#hrQ?히_X+|!nM{p1۵̰2|͗:ʜK!'0vv]=S"dז@ ?JiY rp ͑)83#C(0:]',jb{2(a1n&O-9>5kDtb+ܦ"Z&GFMϕ8QMVږ5*kwWP~@cө{Y5Tt Ip 64|ҁd>H-dyݥ3Waϭ|8,~܉fT\5_t _(܎L$^wڢR.z WL2e@3re}Љ68N&V61q;W}{=}"$sиc@ ;^7\yAQѱ6Pmn;umWpB綃ϩQȾ:?x{>2-?3L.\iGh0DNn̂YS>;Fj։ SFsa|Ne)Zfgü.nG:y0& ]6T9·.! RW}n'Kzh!J!BjZ(N|)tR>8;G@ً{$TiY !9mla#U~$w&%2r2rGRJIQo(H/YFWQRVދ=<ۊy# MMO b.{T?Bgw"tNp}("d nBsAt*"ƕ?-l{2b8HdhmS:+1r-MA~_PH.-3A$F/-5㖡4ɑհ?EϫV׏z4~v/8(JM0F/'=u+n6]DN훾e6HJ1; Y4 ]8 b]1}EQm<#nk|~u~w: l[ )XQgTY\+ɊF]dN^ lTh-KW֩}jZԙhp76TD+vJa|Yٝ_??Y*u#I]iisӝ,RƟf\#-,@+〾zPD+V+[ Bނq~iGg"ڂL)X ۹$#&Wi00nRz9R5mzYRqz5Lnj\ѐ:0m#Sc(~L("xfBUcP? Ve[K[;jB'*[B[| x&qdؕ%ZQ cMsrIUb1=50C׼ Ϣ0;W+F5z;PFc'ڟWtCErwU QLޙ' ]Eթ6lIV4 o2E7®w,ůor=8i>7{§l^~S!UTVb#`~fPiJhd/)U#ݫĥ#+"o|>3t*=m81'Z]zUUCnq~OÚ5utfyaI &##'uf8wp`Mbfq UWonp\6EP#yƶmHKEcބ$:Zh'4ck*>[-kk Ɣbh H-b)Wu>6G˜yvs#K+~I*i. Q^ mҐ ֳ1 $tjL)/J l4N߉^N5gMBhި&{X)=egP6;@ejzJG {hgsJai: ՒB?Oq)9#wSy~Vn? f2M>15s8$Œ` pg^Ȗ`>uUB;kzܩqaX-]FTcψ圗^QE !fHiֱ#äF"Y$QJJMU BO.O^<$G2Of{K/ƨ3`;aO?1jv"]/}jǓF܌Ohs16gU&diEB!_'up 8 1IA8ef!uq #[IGa_:78= vfoI ZMT;%-L%V Z79pRv~ HL"cSX/@NL cc.ǻ>4bf] Aù OJ3 0A Iݵgh9Rf/rL0̨@˦QFI "W#_)Vɖ8ze,1= Iϐk_)O[4vvӥu2MucaO +iwZ.&4eڼ[nQEci6J΃ 5#_ܿPM9y'@dwwȟLM7/{Z3j݉tHAFy. Ԅoi ';ݸŲY8}+F]|C]G0v B.ܔIP $uV{0­V9@ڪT&KMKߜV,Zu:յZڈ #ѝ/;1"A}]$嗢Y&{,Fs-_P2yOQk\AlV3HJ`E nIzXRI%!Ъ\FX c̞*R!0X3yԿywZf]m3){>v 18Q\mO 􂰁g a)>o){ ;k%Ԯ֭}A KB)mU+DC^eJEq~ 3QIܕYL[^R\{9[Z-ua݈1AfMz(E]A_tdKqh7uѡj\<>yK ;0S܊,0o_8i&=Ҝҷbs afz w3 RArc^F /`.dgiL> $IOɷRs"7)`"6(R^kl̰e/mo2LO^4U΅`EP|Mj<222MWF8ֵkIKypV$ K$+)|/ZfPamQY, QNHN#;2uߩc ŭpeJV9n.Ѵ>xE7_*B $YnX ;'6nXE5Ŗ9"ۼM4oS0M`'.LDYjnT[Z_+/%Dgmƾ bIIJS zO\p@j͢ƞg?@Vx}ٵטl{jq!:^?Zũ M*&}|оoUe#N+_/X:I~C q7VEPðV*ݜrT_PLA'8Tx,. sO#R`: jJvܬ r,W mm:yoXXhPeoqt`G8z]3 7 hWPe4G.uoMy~&h#2c2&(`SU&V}VJ66@ R8l~/!awDN֒?eJ!X@f'zIP ?W퐩xTggzl-+mLGڥb6ǵT?U LQaYNe_!ru8?R욙8v@fV&-(n(9~Nax YTdi6 2ĨY< #GzZ}.HAޯ+  +<݂\!B&FЎKQ49mM~y 1+SoDSIU& ] @V~ >RKjtE-sy^rfXm3~Hݼ]!|+p < uDBv%D! xz.C9BX|EƊeӫ;:q-01F445@"ŢjYO.@T[Kw=0Qk:&OBȷ89X.h:J;լx{ςxr8KsdwMU$_K#eYxUXLL$~䘡($ɻdj% V@c6軄 /4I̲sTN/0`=fJDow$ 6hx@gVtY * \PUgIN~sp 7@`m˽B 'O&`~~álT9|V,ٔz-JP{@>]Ru<AH[C4 GB㠟3[fEןм'kp_n&Xy#Gq62ܭ#$h|MxkAѺɅ:&W@d )3f8=`|}rKC#Xf]wx8)5(٢Hȭ-/PĖY}O=P9+gAxc]0g,EHvk n.&,JZSVrVrcvk!/Hp1ä#ߎ$ :|FSuDsRɦA{P{3l(>Ԛ{:T̉.g[(ŕY6J/{ omog$Uk~iB)޲wBڛ}5B|Ek T!R_[b{2,%дJc3cunM`⇤G?΀Y(:՛~Y? )'a1q|pK@b،oqj*ppLn;g`dp8h E|EPvd(/j'lM  斃{TMv2F@z zf$_fRS> TRpB`˘5҅f;XcetPc%o8,#iҬ:(JaŗA98jR66{.DMW^ M.2vsp㰸LsEG^㖂u,}D93h,n6zKKrTA"􀠌=`g7(5Wx+)evxQe<4wi %c[, fS jSj6Dms,"Ĩp[DzG)mD ybj-QKxGO84J@"2%Vfkxf8ild=_NkW tɧ4yzD YD))%3U=_S Z_ruS^u*UѬnD~2;QTRg'6+{H _EIY/pajo3"9`~QhD _ei,(>ǂK UH)GK2:LiٴTit ;9 fȽ;#>_p8aiHq+/.k4$ T r l{L2:FJ$w# s7ձkp?'|O45DR-0 "_Xj~}|$U.7C} Yzklx8n/m AI2&ҍ>mT3l*Uu}92 %ѶO $"hw=<$ق}K*>I"d#k Rdv/ml&upsOFr"60d)p[&Y2;/Zg{tƾRq*QصZQC*SUT;Aպkу;km"$o FN.HpoPt"bDu}f޴5R ҷ3i?GѾX]`Ƃ_kR^F2w},eHC"' z#ZNaH`9-BZL ZN.~w1Lŷ-I6Μ[(nۗ@stXG=nھ/,0_wlK\pF%w<7AF +2gX3NMKU`>&v_m9:@:`ζ Ma菛\R5b߫mQl^+/71Nջ9)ػiDVs?J'VNcT@9Î ^̼|- |g3v-5o`vg[8N,ƒШۂt0VncD"H˂p T\Ju$b*xh'k=M4`(v@MˁF^ 6|dEJr+>kt g n駀* o-Xd$JpK@G`R+hV/̷nƈgIH P}E390QEOB7QȤ3d)=#ׇTk趎{ ]3]:+7eyrYm(Ɏ5֫aJU ד݀M%S#%G E+n׀F +ȋp@L\6;RB"݁$ SHifC4_HD UN-L:"'ˋwyśjM>yA@(sm0)ekO~P/G63yϭ_=E1<`xIO>Ft H,;,HA^G2M p狌A>hE4 :u " z}W0mAtMdJřJ-IKcM?߱+a SK{fRi51FT^=yj&s\X{6^ޏ(tźPd¥[z]Y`#nBKv=Kv[& s> mOQcgFKi0P&Ram'1lV\2 fLy`.?:zK,~(x |/g9&+rE#*J;!wFhE(*pvi:Dż_K]X$iSp*/'&bQspfq-F@G2,Dp5vLSiUΑv"HHEd-9P,RMHwG.{-@S$(O! >5nnSO%ҔnF8Ua(}y0 ".Fg^]P4'kr#ij7PX9Wu^Y|[${8䟚b?eJVk|y9]ԍ̊l9ζѮcا8A9W<'UXpŲ,p zHRWqEKcrc㻳єnq~kkn~t(Ps}s'z_TJҧH*vIbh~]7䓠de11s&}7aJkKo+ҞtloEhU6y-)>4%\YX~罃ScU ^q!ȈMӻvO!#}hP=?@{- O4? `[ 9̠W k?I]oGc.Ls!6ͲOc=i^ޣLZDPaYJ0RRw .iZ-A}Lx7ΚnzF*xڬ>bCr5 Ż}$1ڹ;e2Mn+Ѿ=v!TTNs)?(/iMFks9zPpX[ 77wH3g3*zT]}ִoKͺQ5H5*I uai?H̘VgD_b|2JG`N ٘i;gE~1 W+>& Jm T˲,݌Pr\Ļm=ҸȣQ_b q_#h*OEz }vX3 )jb`{'G:-=*,|v{NhtYJ-rGcceUN2aP8HMEOsP{AªMP\>v=_"}9lVf!KOxs JT>[^ux:gYIH"6,LaQӬ B:ӕA E1QN|\+Ji@\ַ7`Вv9L.](wdS ; 7-"8k-/M$-%wUiӅ }f^kh[ٜP&ꗛio  HA2{Q!;b3X3ap:MRA!i)VNM_cM e'4bd!/\Ic,-jTR/Ơr:U'I4C˦k5J(ےxAJ\XޜJ󳰆PDå;u 'P#Hx.;de9>6@8qJlD?RYKB&_RMy /'(2tU<;d84nh)ul6_/,%$r"=f-;= msRgԨ p"AjE(]V3kBmEmy{e_KæT8SVjAx,ԑ%3I5~`;q7+\.J-aoM6áy3V3c-cҧ6+%\#wc"|Tӿ3Ս{޸57>5?ROa|.XR8* cj]Ao3בx<.UjASR 9X|1~"]h$I½' VbF%P(7c*oG) q>Qꚼ]a': b歉{\ͥو"c;#fmӓm# O˨M{YS*uXrEogǛQ[!c]t.6TBTհr= SjQV' a(X{$n(\^$GE Qz>־=d\qWD;mA$fz=!E r )W&yA,y"fF3Ī6F*35"t¸DˀUHMi uߤ-d蹋!) [ex(̂eyfCMؕ elM Z؇Z',H9H*X^Y&[ܕ_b]{ZP6Yec'ZA`tTkRjψb[pP805"9E)ɦ.+bgګwˆCF!}O bH_0VqFsdȘ_~llJym_Y~B_ttKs(JkGvwg/=:p#:1S-ݼ"1ưP79C<.%W{ڧsS?alD ǣ8jEJe|[R Ml=8cf]3/:8۳9WrR92OYn|9'!v⧝Ԫi\LA]`T2G11thH^j?C ɴ=vpEreDɡk`Z{LXdIZˑVYAz4&I~ 2%Ajwogz&V<;<2`][QJ)8J̮٥khOV\z̭2Ԟx0G޹R2ei;V `!'[ѹWH$u؀7E(C2$ tBe- @Еyhs lo17NWib̒|&}@>)n/w{\j*=,@Zt9G|y.iUi|],< I:=% ŅH*ܼƄN?O)bl;f'n{-\0Sh]* 6h7bdޅ._|ǧW@\S:]Hm@0lDӝ\36}p?)ܮћG9l9v8q0ip{|ső8bh rH¾}π}UҌz{kpi*"?6\ךL* {j.jڠ!~^?M=WA\A|q~ˁa-F)ɇC0$B>x )aق(MW%ٗ-J5rK@MWѢe=lwX7uRJ>Vxp+PwխmDUIcIcNd19g)3(]Cψ !b+%+:RWj; kDvR4ضҍ }ߖSTx߼.A~ե\PZ:gu"KU~˺U_Rp'wf4opc[z*c]dUk2|O[Os1;ݐ#hd^ Ms0^["r[Z\={.nlʲ|dH<U=iBR& hU( ͂pXԽKNmD3Kcgض#ByQ~x;Y^cX [iUZx"Vcߑ%KPn#-%ly ,2,uEBʰf e[c/_[G䟈M` ^OS?u}!gڑ̤%)[$]&{Sg\y4*N6tL>'?!u6t(I@qѰ5CMkfE|qIM]c44`1B,j?nsH*ا&6epᗃj1 (2TL0߶- Š2煛LDrG${r4F U @ J6I#7]*JCr?Z("or@T]@@`ze<v/x,3Oǂ@)DVSWŽu4]Ȭ<pnV0ᠠA,@Y]"̫˟0 4q <`p8C0UwwcdŻ]nHUqW&cLiwm]jbrp<9g /(Otd٧%Oni$W"qe,B*9Og||@!14x /'=Qh]Pp*ms(nF1~^ԥ:X-Hջd>cYO ZTz8<zBJɄOLe,\1;6K%5o`UP$veL`8՘dS>[DBأ|. X}E Cah C=.0f*>i":[Eҁ9KųKhIpPr^lr ϒc0VePI$BEL&3bV5s:De ;-R :}>p";_է\~Q>˄j1F ( b qDLh?ZxZf]NB[mQkO=ۂ/:[nczg-bmֈO;,Q攕 "pJ C{ۀ)vX:@V w66pb!ȅ:tàX!.8%g6Uص#`1#`%VKD>ބD`Ot]_e-a|RGfwr- K͋ t5ٙǏ6BWH!JE2@^/1`% G{Ăz/I!C-KK M%}mH 8WK2DO-^Zܯ2XଵzUON $oGI3q"^WFvgLsC2:3K~eu m1Xb$X1qʢLӬr*)}T}on0.{${Ny=qam TSׅ51{%kj$2gAhoˌe䢘$"n}ԭڸ6t mJWmܜay5`2j'y{R-h<)ŧX:D4B]Kn`c7tKZC $R%{rEiVZ{XEIe\#T!j`k: ]l͔E76b3"y{<=z{7cٺ2b`ۼYl չ9J?zi n&* z^ [Zn` F0 OqC4Lg6Y$]FY,hѼnPق&ÄZ#2Hm%B j*"((MU)eKUr`mr=GbmTWX4nr."ehVTRY&H uGo;* h7Z>[g%I*:=@OBzJFcԧf&ƕ~8{s~ tjl GWt}fBh@fo10I)4ph,BFvBj "G@P7z_3?>'wPep6CUE'CNڐvx|)[TW5\@~OVh3c6>~ ݊ VO2#)DIQߦP6^AKglKaˇ@sȜ~=TuͲ~D1F7ڍIJk㩓9Jg)1H9NXYW~hN.AMJ0t;&^w-̃#3d!qγNnr{EMWMYo'dd$rƛf4G2͖KW="wDh-z^D6lk0޷T(:gD368rm^t-﹯J ?vx}M \e7Z%ٌ/E\A"ёy޾Lz#L~ 8#Z^2HBm%KlF#16f7* 1"c0.d6w8#(фY@(]09@Q<.5M; 0"TCц$6erϹW#%wwA6{뜀z5r8|(@S\p[Y%Ƴ.a> GB98(f wo%$lz{mڃ2P9<O77Oϝ/ vb8αv b P,p/k\ 3ڦᣋ'l^3}Q^m0[yz> fypp:he0a^-uά&S'F \fK=T#ۑ8ЀbC08"XC,`[ȾIܹt~V\QDp9&s/șpl\L`7%xJʱt2KeweXAT1YVB߰!D(8ւU{ӫBmb};qS'WUHh \-l/wBDV>]BWu;tX?rv>(n+Do+!VypAͶ.sܮ؁t8l2x@H- MƂ-F(3ɪ_OU৴Oa5qPXJA=  m-eoqٖߧqB SoLقNi,ayOlv mŮl'KHdgt} oWtf$]#ߣvBQ/Kh(i $t R#mb[?>Qt3 HnxkCɿ3hԨ =t \`T{Zafv\4gvmf5Nv_^6Wg"HG4(ci7xAj,^i9T'mm%G.Q>i?F"}[At<ڈQAB $Y}D6xԈktoa f7gk$lғ.q A\.oւjO X2@Mʎ<Uw)   9!Xg s-O0{l7kNhfdz)a U. F,/R&?IqUrMr W ^bB ~H_YoL[u;J:adq$R n͗!>~v1.͌XĨ|Ë5#c-@LC4vHeOeL~5UЯ,0cS.%Hqݮ/&,N rTu59iȆ*^tlZ /Q7DHuBGR,=q=ِ>LsP6-X44 BGg5t%f'fſ^0oV6N)R۶‹s$/})ߑmߋގg;>l>8§6w:i "Kʫ8<ٯ!E$8{ EЅ.2y4q9{JXbbGhˆDh)kp7^nA߹<, #e9R,#`mxź#plmJe1c#i'6_N[4#*(d 74=J#@ѻTʬjԇԷqdX9j4%K`!qKǟ|~:k\.a"s/a%(u(kq\ C0hyo*q8 -8kYՕɪ,gfӠra<# sh6pq՘ƒgnUǟzJ]}N;;h8dd\51n‚o/~^aD2AT@dK۸pkR=k0^=Z=՘HՊSK)R`-*襷jly;OLrQUQ"KP3lޫqO.E60cQn's{Tc9O28L.*STk^yd1PYlZ5H'Cye6JaC*zr |B`SbVMSVº?|>b&B[僀j,%բO\:Wݯip#wr#i4IE9ƹBknɜ9n lŐlٱNS;olIȅ'f6f G;+>UGȍݷS \ULJ`؊\\1I dz$蟮T=\ZuK͇79yO\zA(3M[p`xqN0K)FRRiߒwK;u\t+x3>[肷F'%e/:IPf̠qqePߖ{~e3\:~W2;I Օ\@-)|5/lJ=( F&ƌ eE&w }5Ŭ%Z«#C{ܑAQ) 3}AS ʋBD {qu SDX<޳i]>akAȩi?^R7W]>V ==GhDRȑ9$N1h\˪SNOeq_ɲg-#FG}kˆP6A0*uˢ3?a| 2CPiG r1pD`H$K^T?_B 36*o-jc׷q*s:A Ԁx 1(6I- a4MVbqϩt(l8pU5,Ja+)1e,r1#\oj< ㇟`0oAT˵OE|{w}W;2xM\$B<{ }He}EfCdL\{gW&-WO榚a!UL?ܬp,|oz"GM)OahdEX5 LLY0}I>uשk 1 Ð i:$!쐽7u܇<r0 @ m}Ldž*M($̝񢙝D;@)}:)/jEθj&%b+<բ(ehnяڏY+y^c$r߬X[ȽqL>I៿w+%>=LQվGĈ˼Ł"5jPЈn`a@lQzB, z[Pq,(EP0)ks_Г9/A+3vI\W;iw#P9oHd;ts5S╺tkĹrxz,;RT.Hͻ/sAOwc Ϲmp)07K,tN _O,,0k<30зeJt7. r,0x"5ᛚPBRc(V=@׍&LR;e&VHK%u˞ܾeT(0rbd@uLh6E>lfbNGmJHu**YqeFO W^(:5bCɘ"DE^$Q?)LZIW#SK5(1 ڗ׶T^qDt@ I*Sy}ʘ~ @J6p r`Pi|'!HhFRa~@B'D&6XKW7`|o`fhGސ:^5zOA!_̄!=ҖuT6WonW3./w]ؠOo'4J'Q j\Np_,HkumX5hjzw*hi _M4B@ɲ~ք 9-\}{|ʥWA Kà˄aE6wBIcFiLԿ~<%;V5fؗ|Ӊk,E?ey1fuGK%Z%؉gg iR]`<t <n p l9 qK<9hgCDPX}>\ӏ6` {ſG XC:c9\f^D,?v `L,+t𐉖t =|R%`7*upcr^74J(N>lsա[|gż:LLLϫE/ FO݃iJ 0kawnAj'ݲ]Iiӑp>K@!mȦO]3s,ϳՕ)`yD ;ar ө @ǜ:|I,x*AXC=hF6Pb$s'g\baFd6/m&᳏!GTDQMM s̈́C{="Q܉\ufC*|s'd7vI-6GRF*~+@Բ ɢt~ͷV7] Wnsq`*%*dV&1V2k}Xy*" R%+F,]gK1c@ BVS>Z*l~czYm٭@y&iw-^T‹i17=$| 8/9# s\EmoM Lb"*vc`,g,(OtAښ@rÃ^R _WpE³g?',,>CzȮsW|kb3+F{}֝k#knR cH/KIiK`' 7 nQ/JS3^_S{ɥ΃e[69j3@޸#R7xRQ [U[okjWAdAmkQ9Vy8-5Mܓ^`Mvu+"Xn}>Y(*sƠېEv4 "kL T~>bCLWSwz\_nuWёa'B d=UF>ҊM>M!CmZCBh3E;ϲKM۟3kRm"u?j{;&H+Dwǵ5 ɧ zL{LCg{Er  =Q<%`Ryp u#lU0ò7h,# -gY왆oMuT8w˟ɬp^(ウ#gBeUĝ+:/Lb1MPXNn'Lw͉fq>tP=`7"qu[+ChbXh3# jLYyJ]w9YWOQv^cۋ߸6ƒeoڃA>cm1a隕 *ZA鸮C;,^:xY-y(+7 EyLz_gpD'hMpءРrDi21«mIe+H$>a[tGҞ=CvL3Lki5OpYh*sI֏[G3LJʹ'-' iK-*8T30%4BK;᪡9cfxbU~+{+On)l[Z0W.?LSPM}3گ7qd[ˆQ::^'6nmO"{lLӨ~+ą7x[opkAը uI`!Gh{=Vr9?j=ġǓ86KؙheJ$HLZ]LPܴNlϾ`Ϥ ZϾgPn727FQ*`&j[W@Qfw$ጫ SY'烬hFl8=5 .EiH ģ bY8m"nRcLÒl&,6'UWW4"N~w\=Iw +T*.Il,R{T tXQl:el8hZ7LVsopuWIsxma7oN.P1QYXS0gU_sh۩k '+FgoYZF-F c}%<=^c#ٵg`?{C7:nZ6HZ[wx15cD}0dbR7ʅn|3Ն0Va&/}XPyDi(2t8z"0"}f6~, T$\v;Mª@fnHp>z>C AXVk#n!Iok>6>qJKךgZ~U^* <m=A_;k8 oj_k;elWZ ԲZ=jrB~!#(Vީ`KJ?/rO<Rʲ|8ԋ|#>0̢YĦZ jS<-\CpX5HgMG29qRD6\2GGR9zS!ߟZu~Wb+e &s4ĩv?9?XXdBxoB2Q5لm͂+LOj(4ӵk7( P N"*Q %*Սwt !>R3]S;DMX q^"/f3O`萶_sEB)QDMUXP.;gy[6ԑd+Od_mnW#UKƆS0uJjv 8oJ_ČB:`Wȓ;:o*ِ#L{WQG!\l.w6 }8rĺk΂fp n<} R9 _ N:e"i]ٰCl<\k^(f#FLNHqy(%C LH0!FJpc{:Ly@p$mEM 9*(Zj-`恵`+P)Ch:c+#1D;\yLҦws.$ zoCאsBᴸ[60cҺ}~Zթ(v+q?!(` 8<'W[oMl"qc7CI9,j; N&6PL(*o 8k*&$8WEz-17HurŸ9/|ts[Y}p NY# ^}?P!r&#g]!]EVEo歃5p4΋6Z=ddՙwE&V@fN:i^Vޞ[Wk0Y,@^֌( ]ۺ*15p[2A$uí !‰s!gj],DǹTf6:Vr!X<f>ugj:M1ޠ^*Ix@t\wEsػNbQ۳iHLo[;tn>p;CM]}2Y wi^AڞߡI/c| :냅;RR:gȌRy9kM>OoUd˾⃨${8X*'Ưud܈U,&ԫS0m)$nXi1# Lt*D<#5VԴ?"7vve:)1=V›<{xP,ΕYDvь>F@sa}؀o`a أw*Ň{cQ)}OLhA+FOFre jz\Rv6 O Cgpч5mD}R&,@p]A׹Ģ (4N) YZ