freerdp-proxy-2.4.0-150400.3.23.1 >  A eW p9|ɾ4vnz 0x{ĺiM-rC1~w3-}3)CHҝ֛,P˱׉he_i N{-' A,c Zp>h ?hd $ W 5Va w       @Dh   ( 8(292: 2FdGeHeIeXe Ye(\eP]eT^ebbelcfdfeffflfufvfwgxgyg zggggh Cfreerdp-proxy2.4.0150400.3.23.1Remote Desktop Security and Monitorig Proxy ServerThis package contains a proxy that allows to select specific features and channels allowed for all connections passing through. It allows monitoring of the running sessions.eWh01-ch4aHSUSE Linux Enterprise 15SUSE LLC Apache-2.0https://www.suse.com/Productivity/Networking/Otherhttps://www.freerdp.com/linuxx86_64HeW20ed00326f439d2a29e12913a1eb4be08e80bb51b9c10fa595b552c877d4d0e7rootrootfreerdp-2.4.0-150400.3.23.1.src.rpmfreerdp-proxyfreerdp-proxy(x86-64)@@@@@@@@@    libc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libfreerdp-client2.so.2()(64bit)libfreerdp-server2.so.2()(64bit)libfreerdp2.so.2()(64bit)libwinpr2.so.2()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.3eV@c=@cEc\cN@bL@b@a^@a]aEaD@aD@aA@a@a`OL@`<@`7@_@_^@^@^^^I^@^@^T@^^t@]@\@[@[j@Zz@Z@Z`@ZkZWQZY@@YKYKY=0Y;@X~@XW local * #gh:FreeRDP/FreeRDP#6985: Support newer FFMPEG builds * #gh:FreeRDP/FreeRDP#6989: Use OpenSSL default certificate store settings * #gh:FreeRDP/FreeRDP#7073: Planar alignment fixes- Updated to release 2.3.2 Noteworthy changes: * Fixed autoreconnect printer backend loading * Fixed compilation on older mac os versions < 10.14 * Fixed mouse pointer move with smart-sizing * Added command line option to disable websocket gateway support * Fixed drive hotplugging issues with windows * Fixed smartcard issues on mac Fixed issues: * #gh:FreeRDP/FreeRDP#6900: Transparency issues with aFreeRDP * #gh:FreeRDP/FreeRDP#6848: Invalid format string in smartcard trace * #gh:FreeRDP/FreeRDP#6846: Fixed static builds * #gh:FreeRDP/FreeRDP#6888: Crash due to missing bounds checks * #gh:FreeRDP/FreeRDP#6882: Use default sound device on mac- Updated to release 2.3.1 Noteworthy changes: * This is a compatibility bugfix release readding some (deprecated) symbols/defines * Also add some more EXPERIMENTAL warnings to CMake flags as some were not clear enough. * Fixed a memory leak in xfreerdp (mouse pointer updates) * No longer activating some compile time debug options with - DWITH_DEBUG_ALL=ON which might leak sensitive information. * Added -DDEFINE_NO_DEPRECATED for developers to detect use of deprecated symbols- Updated to release 2.3.0 Noteworthy changes: * Websocket support for proxy connections * Progressive codec improvements. Reduces graphical glitches against windows and ogon servers * Fixed +glyph-cache, now working properly without disconnects * Huge file support in clipboard * XWayland support for xfreerdp (keyboard grabbing) * Improved wlfreerdp (wayland client) * Option to allow keyboard scancodes to be remapped manually * Improved mouse wheel behaviour when scrolling * Improved dynamic channel behaviour, more stable event detection * New connection state PubSub notification: Clients can now monitor current connection state Fixes: * gh#FreeRDP/FreeRDP/6626: Fixed parsing of FastGlyph order. gh#FreeRDP/FreeRDP/6624: Added support for xwayland keyboard grab gh#FreeRDP/FreeRDP/6492: Added clipboard CB_HUGE_FILE_SUPPORT_ENABLED flag gh#FreeRDP/FreeRDP/6428: Improve NLA error code logging. gh#FreeRDP/FreeRDP/6416: Http gateway message support gh#FreeRDP/FreeRDP/6753: List of pull requests to backport for stable-next - Added freerdp-rpmlintrc to supress a false positive as gethostbyname() is a windows-function call not a unix one.- Updated to release 2.2.0 (boo#1174321, gh#FreeRDP/FreeRDP#6381) * SECURITY: CVE-2020-15103 - Integer overflow due to missing input sanitation in rdpegfx channel * Sound & mic - filter GSM codec for microphone redirection (gh#FreeRDP/FreeRDP#6263) * windows client title length (gh#FreeRDP/FreeRDP#6335) * "Alternate Secondary Drawing Order UNKNOWN" (gh#FreeRDP/FreeRDP#6370) * remoteapp with dialog is disconnecting when it loses focus (gh#FreeRDP/FreeRDP#6298) * v2.1.2: Can't connect to Windows7 (gh#FreeRDP/FreeRDP#6299) * fix: memory leak in nsc * urbdrc: some fixes and improvements * build: use cmake to detect getlogin_r, improve asan checks/detection * server/proxy: - new: support for heartbeats - new: support for rail handshake ex flags - fix: possible race condition with redirects * Drop upstream fixed patch: freerdp-CVE-2020-15103.patch - Removed freerdp_Mask_CACHED_BRUSH_when_checking_brush_style.patch- Drop BuildRequires of libavcodec for Leap/SLE (bsc#1174200)- Added freerdp_Mask_CACHED_BRUSH_when_checking_brush_style.patch which fixed frequent crashes described in boo#1173605 and gh#FreeRDP/FreeRDP#6298- Updated to release 2.1.2 (boo#1173247) * CVE-2020-4033 Out of bound read in RLEDECOMPRESS * CVE-2020-4031 Use-After-Free in gdi_SelectObject * CVE-2020-4032 Integer casting vulnerability in `update_recv_secondary_order` * CVE-2020-4030 OOB read in `TrioParse` * CVE-2020-11099 OOB Read in license_read_new_or_upgrade_license_packet * CVE-2020-11098 Out-of-bound read in glyph_cache_put * CVE-2020-11097 OOB read in ntlm_av_pair_get * CVE-2020-11095 Global OOB read in update_recv_primary_order * CVE-2020-11096 Global OOB read in update_read_cache_bitmap_v3_order * Gateway RPC fixes for windows * Fixed resource fee race resulting in double free in USB redirection * Fixed wayland client crashes * Fixed X11 client mouse mapping issues (X11 mapping on/off) * Some proxy related improvements (capture module) * Code cleanup (use getlogin_r, ...) - Removed obsolete upstream patch freerdp-bug-6205.patch- Updated to release 2.1.1 (boo#1171441) * CVE-2020-13396: GHSL-2020-100 OOB Read in ntlm_read_ChallengeMessage * CVE-2020-13397: GHSL-2020-101 OOB Read in security_fips_decrypt due to uninitialized value * CVE-2020-13398: GHSL-2020-102 OOB Write in crypto_rsa_common * Enforce synchronous legacy RDP encryption count (#6156) * Fixed some leaks and crashes missed in 2.1.0 * Removed dynamic channel listener limits * Lots of resource cleanup fixes (clang sanitizers) * A couple of performance improvements * Various small annoyances eliminated (typos, prefilled username for windows client, ...) - Removed freerdp-bug-6175.patch and freerdp-bug-6207.patch because included in upstream- Added freerdp-bug-6205.patch to fix reading newline on certificate accept gh#FreeRDP/FreeRDP#6205 - Added freerdp-bug-6175.patch to fix Certificate Checking Recently Broke gh#FreeRDP/FreeRDP#6148 - Added freerdp-bug-6207.patch to fix Abort on first possible certificate validation error gh#FreeRDP/FreeRDP#6207- Updated to release 2.1.0 (boo#1171441) * Fixed CVEs: - CVE-2020-11039 - CVE-2020-11038 - CVE-2020-11043 - CVE-2020-11040 - CVE-2020-11041 - CVE-2020-11019 - CVE-2020-11017 - CVE-2020-11018 * Fixed leak and crashing issues: - gh#FreeRDP/FreeRDP#6129 - gh#FreeRDP/FreeRDP#6128 - gh#FreeRDP/FreeRDP#6127 - gh#FreeRDP/FreeRDP#6110 - gh#FreeRDP/FreeRDP#6081 - gh#FreeRDP/FreeRDP#6077 * Noteworthy features and improvements: - Fixed sound issues (gh#FreeRDP/FreeRDP#6043) - New expert command line options /tune and /tune-list to modify all client settings in a generic way. - Fixes for smartcard cache, this improves compatibility of smartcard devices with newer smartcard channel. - Shadow server can now be instructed to listen to multiple interfaces. - Improved server certificate support (gh#FreeRDP/FreeRDP#6052) - Various fixes for wayland client (fullscreen, mouse wheel, ...) - Fixed large mouse pointer support, now mouse pointers > 96x96 pixel are visible. - USB redirection command line improvements (filter options) - Various translation improvements for android and ios clients - Removed upstream patches fix-freerdp-2.0.0-usbdk-build.patch and fix-URBDRC_DEVICE_ADD_FLAG-definitions.patch- Updated and reviewed make command and added fix-freerdp-2.0.0-usbdk-build.patch to fix boo#1169679 and make USB working again - Fixed build for SLE_12 - Cleaned up spec file- Add fix-URBDRC_DEVICE_ADD_FLAG-definitions.patch in order to fix boo#1169748.- Added cairo support for scaling - Cleaned up spec- Removed patch freerdp-Fix-realloc-return-handling.patch - Added pkgconfig(libusb-1.0) for building - Added new package for freerdp-proxy - Cleaned up spec file - Updated to release 2.0.0 * Fixed CVEs: - CVE-2020-11521 - CVE-2020-11522 - CVE-2020-11523 - CVE-2020-11524 - CVE-2020-11525 - CVE-2020-11526 * Fixed security related issues: - gh#FreeRDP/FreeRDP#6005 - gh#FreeRDP/FreeRDP#6006 - gh#FreeRDP/FreeRDP#6007 - gh#FreeRDP/FreeRDP#6008 - gh#FreeRDP/FreeRDP#6009 - gh#FreeRDP/FreeRDP#6010 - gh#FreeRDP/FreeRDP#6011 - gh#FreeRDP/FreeRDP#6012 - gh#FreeRDP/FreeRDP#6013 * sha256 is now used instead of sha1 to fingerprint certificates. This will invalidate all hosts in FreeRDP known_hosts2 file and causes a prompt if a new connection is established after the update * First version of the RDP proxy was added (gh#FreeRDP/FreeRDP#5372) thanks to @kubistika * Smartcard received some refactoring. Missing functions were added and input validation was improved (gh#FreeRDP/FreeRDP#5884) * A new option /cert that unifies all certificate related options (gh#FreeRDP/FreeRDP#5880) The old options (cert-ignore, cert-deny, cert-name, cert-tofu) are still available but marked as deprecated * Support for Remote Assistance Protocol Version 2 [MS-RA] * The DirectFB client was removed because it was unmaintained * Unified initialization of OrderSupport * Fix for licensing against Windows Server 2003 * Font smoothing is now enabled per default * Smart scaling for Wayland using libcairo was added (gh#FreeRDP/FreeRDP#5215) * Unified update->BeginPaint and update->EndPaint * An image scaling API for software drawing was added * Rail was updated to the latest spec version 28.0 * Support for H.264 in the shadow server is now detected at runtime * Add mask= option for /gfx and /gfx-h264 (gh#FreeRDP/FreeRDP#5771) * A new option /timeout was added to adjust the TCP ACK timeout (gh#FreeRDP/FreeRDP#5987)- Disable LTO on aarch64 and %arm to fix build- Add freerdp-Fix-realloc-return-handling.patch: Fix realloc return handling that results in memory leaks (boo#1153163, boo#1153164, gh#FreeRDP/FreeRDP#5645, CVE-2019-17177, CVE-2019-17178)- Add Requires: lib%{name}%{major_version} = %{version}-%{release}: freerdp should depend on the same release of libfreerdp2 (boo#1129193)- upgrade to version 2.0.0-rc4 (FATE#326739) * Fix the following issues: - CVE-2018-8784, boo#1116708 - CVE-2018-8785, boo#1117967 - CVE-2018-8786, boo#1117966 - CVE-2018-8787, boo#1117964 - CVE-2018-8788, boo#1117963 - CVE-2018-8789, boo#1117965 - CVE-2018-1000852, boo#1120507 * Security and stability improvements, including boo#1103557 and boo#1112028 * Refactored ntlm_av_pairs API * gateway: multiple fixes and improvements * client/X11: support for rail (remote app) icons was added * the licensing code was re-worked: Per-device licenses are now saved on the client and used on re-connect: WARNING: this is a change in FreeRDP behavior regarding licensing WARNING: this is a change in FreeRDP behavior regarding licensing. If the old behavior is required, or no licenses should be saved use the new command line option +old-license (gh#/FreeRDP/FreeRDP#4979) * improve order handling - only orders that were enabled during capability exchange are accepted. WARNING and NOTE: some servers do improperly send orders that weren't negotiated, for such cases the new command line option /relax-order-checks was added to disable the strict order checking. If connecting to xrdp the options /relax-order-checks *and* +glyph-cache are required. (gh#/FreeRDP/FreeRDP#4926) * /smartcard has now support for substring filters (gh#/FreeRDP/FreeRDP#4840) for details see https://github.com/FreeRDP/FreeRDP/wiki/smartcard-logon * add new command line option /smartcard-logon to allow smartcard login (currently only with RDP security) * add support to set tls security level (for openssl >= 1.1.0) - default level is set to 1 - the new command line option /tls-seclevel:[LEVEL] allows to set a different level if required * new command line option: /window-position to allow positioning the window on startup * client/X11: set window title before mapping * rdpsnd/audin (mostly server side) add support for audio re-sampling using soxr or ffmpeg- upgrade to version 2.0.0-rc3 See: https://github.com/FreeRDP/FreeRDP/milestone/9?closed=1 * Improved and cleaned up the command line interface * Fixed automount issues * Fixed several audio and microphone related issues * Implemented AAC and MP3 codecs * Added Wave2 support * Addedd dynamic resolution with full screen toggle support * Improved redirection handling and certificate issues * Improved automatic reconnects * Improced connection error handling * Fixed invalid pointer, double-free, integer underflow, buffer overflows issues as well as other memory leaks * fixed X11 Right-Ctrl ungrab feature * winpr: Updates time zone data to April 2018 * added libressl compatibility- removed SLE11 condition - removed no_connection_to_windows_10_17101.patch - removed -DBUILTIN_CHANNELS=OFF switch - explicitly set -DCHANNEL_GEOMETRY=ON - Disable the new X264 and OPENH264 codecs because openSUSE does not provide them - upgrade to version 2.0.0-rc2 See: https://github.com/FreeRDP/FreeRDP/milestone/8 Noteworthy features and improvements: * IMPORTANT: add support CredSSP v6 - this fixes KB4088776 see #4449, #4488 * basic support for the "Video Optimized Remoting Virtual Channel Extension" (MS-RDPEVOR) was added * many smart card related fixes and cleanups #4312 * fix ccache support * add support for memory and thread sanitizer * support for dynamic resloution changes was added in xfreerdp #4313 * support for gateway access token (command line option /gat) was added * initial support for travis-ci.org was added * SSE optimization version of RGB to AVC444 frame split was added * build: -msse2/-msse3 are not enabled globally anymore Fixed github issues (excerpt): * #4227 Convert settings->Password to binary blob * #4231 freerdp-2.0.0_rc0: 5 tests failed out of 184 on ppc * #4276 Big endian fixes * #4291 xfreerdp “Segmentation fault” when connecting to freerdp-shadow-cli * #4293 [X11] shadow server memory corruption with /monitors:2 #4293 * #4296 drive redirection - raise an error if the directory can't be found * #4306 Cannot connect to shadow server with NLA auth: SEC_E_OUT_OF_SEQUENCE (boo#1085416, boo#1087240, boo#1104918, CVE-2018-0886) * #4457 Fix /size: /w: /h: with /monitors: (Fix custom sizes) * #4527 pre-connection blob (pcb) support in .rdp files * #4552 Fix Windows 10 cursors drawing as black * smartcard related: #3521, #3431, #3474, #3488, #775, #1424- Fix boo#1090677 activate pulse optional component- Added no_connection_to_windows_10_17101.patch to fix Windows-connection-problem after Windows march 2018 updates. This fix is related to boo#1085416- Do not use xorg-x11-devel, instead buildrequire individual x components. - Only attempt to ge rid of __DATE__ and __TIME__ if SOURCE_DATE_EPOCH is not set.- Users can connect only once wo windows sessions due to [#]gh/FreeRDP/FreeRDP/4348 Therefore WITH_GSSAPI has been disabled until that issue has been solved- Updated to 2.0.0-rc1 Noteworthy features and improvements: * support for FIPS mode was added (option +fipsmode) * initial client side kerberos support (run cmake with WITH_GSSAPI) * support for ssh-agent redirection (as rdp channel) * the man page(s) and /help were updated an improved * add support for ICU for unicode conversion (-DWITH_ICU=ON) * client add option to force password prompt before connection (/from-stdin[:force]) * extend /size to allow width or height percentages (#gh/FreeRDP/FreeRDP/4146) * add support for "password is pin" * clipboard is now enabled per default (use -clipboard to disable) Fixed github issues (excerpt): * #gh/FreeRDP/FreeRDP/4281: Added option to prefer IPv6 over IPv4 * #gh/FreeRDP/FreeRDP/3890: Point to OpenSSL doc for private CA * #gh/FreeRDP/FreeRDP/3378: support 31 static channels as described in the spec * #gh/FreeRDP/FreeRDP/4253: Rfx decode tile width. * #gh/FreeRDP/FreeRDP/3267: fix parsing of drivestoredirect * #gh/FreeRDP/FreeRDP/4257: Proper error checks for /kbd argument * #gh/FreeRDP/FreeRDP/4249: Corruption due to recursive parser * #gh/FreeRDP/FreeRDP/4111: 15bpp color handling for brush. * #gh/FreeRDP/FreeRDP/3509: Added Ctrl+Alt+Enter description * #gh/FreeRDP/FreeRDP/3211: Return freerdp error from main. * #gh/FreeRDP/FreeRDP/3513: add better description for drive redirection * #gh/FreeRDP/FreeRDP/4199: ConvertFindDataAToW string length * #gh/FreeRDP/FreeRDP/4135: client/x11: fix colors on big endian * #gh/FreeRDP/FreeRDP/4089: fix h264 context leak when DeleteSurface * #gh/FreeRDP/FreeRDP/4117: possible segfault * #gh/FreeRDP/FreeRDP/4091: fix a regression with remote program- Remove extraneous Obsoletes for packages that never existed in openSUSE:Factory or X11:RemoteDesktop. - Rename libuwac0-devel to uwac0-devel and libwinpr-devel to winpr-devel, as that seems to be their upstream name which packages are encouraged to stick to. - Remove duplicated pkgconfig requires (these are autodetected).- Fixed download location- Switched to official RC0 - Create wayland client package and libuwac0 package - Create separate libwinpr2 to be used in other packages - enabled gstreamer (currently disabled for tumbleweed) - enabled kerberos authentication - Update to official RC0 Fix the following issues identified by the CISCO TALOS project: * TALOS-2017-0336 CVE-2017-2834 boo#1050714 * TALOS-2017-0337 CVE-2017-2835 boo#1050712 * TALOS-2017-0338 CVE-2017-2836 boo#1050699 * TALOS-2017-0339 CVE-2017-2837 boo#1050704 * TALOS-2017-0340 CVE-2017-2838 boo#1050708 * TALOS-2017-0341 CVE-2017-2839 boo#1050711- Redo history by using changelog url - Update to version 2.0.0~git.1497095982.1dbd2d28d: See https://github.com/freerdp/freeRDP/compare/043243f...1dbd2d28d for full details. - Packaging : + Move to xz tarball in _service + Remove 3472.patch merged upstream - Update to version 2.0.0~git.1496304402.c42ccb508: See https://github.com/freerdp/freeRDP/compare/043243f...c42ccb508 for changes.- Forcefully enable PIE in CFLAGS as the automatism did not work.- Add 3472.patch until upstream #3472 isssue is fixed and PR merged this fix boo#1004108- Update to version 2.0.0~git.1477034991.043243f: * fixed kerberos authentication * shadow/rdpsnd: Fix race condition in rdpsnd channel server. The output buffer and format parameters are not protected. * wfreerdp: fix invalid VerifyCertificate callback * rdpsnd/server: decrease audio latency and make it configurable. * Add an environment variables section to the man * protocol violation: rdp_read_extended_info_packet * Added support for OpenH264 1.6 * freerdp: fix sending of TLS alert on NLA failure, add better handling of server-side NLA in shadow server * freerdp: add configurable NTLM SAM file option for server-side NLA * freerdp: make modifications to NLA server-side fixes according to PR comments * Fixed a windows 8.1 issue.- Kill off __DATE__ from built sources.- Update to GNOME 3.20.2 FATE#318572 - Add obs git integration. - Update to version 2.0.0git.1463131968.4e66df7: + Fixed memory leaks. + wfreerdp: fix name build without client interface + libfreerdp-codec: fix xcrush decompression, revert remote control fix + KB3153731: May 2016 DST update for Azerbaijan, Chile, Haiti and Morocco + libfreerdp-codec: make proper xcrush context reset fix- Update to version 2.0.0, git master branch id a7ca42e (FATE#319661), no upstream changelog available. * Warning: This is a git snapshot regarded as technical preview by upstream. * Warning: For xfreerdp, new /long-option commandline interfaces have replaced the old --long-option interfaces. Existing user scripts need to migrate to the new interfaces to avoid breakages. For more details, see: https://github.com/FreeRDP/FreeRDP/wiki/CommandLineInterface * Add Network Level Ahthentication support. * Add Windows Portable Runtime. For more details, see: http://www.freerdp.com/2012/05/24/winpr-windows-portable-runtime * Obsolete libfreerdp-1_0-plugins. - Drop FindALSA.cmake: deprecated - Drop freerdp_branch-1.0.x_fix-kpdivide-issue831.patch: fixed upstream, implemention now in include/freerdp/scancode.h. - Drop freerdp-CVE-2014-0250.patch (bnc#880317): fixed upstream 532c420. - Drop freerdp-CVE-2014-0791.patch (bnc#857491): fixed upstream f1d6afc. - Drop freerdp-fix-FindPCSC-macro.patch: fixed upstream 9148af3. - Drop freerdp-handle-null-device-name.patch (bnc#785437): deprecated, related implementation dropped. was: freerdp-fix-pulse-no-device-name.patchh01-ch4a 17002076132.4.0-150400.3.23.12.4.0-150400.3.23.1freerdp-proxy/usr/bin/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:31491/SUSE_SLE-15-SP4_Update/82d127c445f1a5c775463c4f5fc02142-freerdp.SUSE_SLE-15-SP4_Updatecpioxz5x86_64-suse-linuxELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=66b41f6ec1dd6e1a89ded652c09c75f91698d726, for GNU/Linux 3.2.0, stripped RRRRRRRRREۧBjv{!utf-868d21e449f9f89a20032565087681815ff7943901face6ec684004d9840d49c4? 7zXZ !t/Kw] crv9wi`%aR)!Fu~30e:tf;MEf4 D(9j8)&DS矗bl~T/@|BlL=/;Ȯ5000.g clT$WSr_5Vq` j(э8$|Q2ΥxcJVk_6K$`S6ۦWSWv7:c@2:* 9Wqxy tҾaQ`G=i:w|I|jlE$=Y+aK#j5"Օܠ̌V.Wq_)e-+,[]Ww@Nd#X0}F wh̏uEq4ڽE7kh.Qc1T~܀skj~+GؒAճk ̹KveaFqJNΕh'SX|6?a@(,NbX?EYctRx5"~?\3(MJIquDY*KEbcjMbA)&3)^yq KNy30 Αp;%4Asv8smup.xx"EP2ᨼ;y XQ-y-PԽ!.GK̳ 1zm6/O[ '-jdcJE+C{TfUafTU%~/ r &BهaBn#F^H/f/A~Q= T!:KUXIa{Jl]t2f3]$ ȊYPczFqŸbFG܏oMnzE8yBF 6#?vX8Zوdd̰ үZ1f(4?`Vui0$|>MUJCnn]ɥbJ69zZ%#$Rʱb>nxHXwV]f"5Xظ:MvV{MުQᮧ!,F:d3/uw_J P)iO?2FXB)GO=YV:uj5 5%j9°&3fJGpLDeeq"$vJy/ zđqn*W_wU$Oa>"lН 6)~ MK7G$AG@#yU*fKS+צk +Y|,bUs__sUJIÙܑܽ 1{dlXptʚ&TH5.#D1hD .xT8qZY-/_d58~NT;3:5Q cVd6wZw'UmqΙ/z2T#UKFn4 iu2AQ|]/1kᤉ}=9NɏwXKb`o+f^+ӀɊA^#YGhUO_B)A}9@rUd-;.MZب36vڤsT$0&!4d% [W!e5?hF8h:ٟ^PQr:;C[Gz}0 RyowUvo y[AƸ^;{Ϩ.Znd](#RkSF"'/BnCϚ"?F' .A|um |McW69F:`w #GԠ\Ipo?5yYw0R|̦#a jFVXj IueG%)թ$$)r` $80u! `AT˻/I)p)tQs;RYv@ *;*\tvmQFk@6ڳE> vho(s3R]ʢXR#jdg İI)iD@@VTMnfgfd۟6" yzH) w@,A{9(|+ m} &b6KŌHo䟟 'Ta~Mqx{U]Y --z4 "M dU ZPI_ːPBi}с䣇>5ZK%3FVI'E=-˅ Xzm#0y6l$0.b WIwxz|cpvǠv ge ;%{$ڑJqe{mW05[ GZ:Ms_魿-́f-$T7\PF g\" ~ |RcdtYVpz~E4o+ai120FgPe9"vSk1x;_2%@vjK/J_!1:M6T=z`Z ɨoP|URϝ^4EM!T`F#>Y8!7 zQday%?M>Ge\O\;eA= F#Vy؋(=_@oZҳȢrV?f0%OU)`k+nA\dްp^Z7J<ʾwЇ8֟b :6~xa9db,&*^@Ԕ;ST19YPȟ}s6,6bU\\n}~&ydK"R?"IӍoU0nsOA'nTe3!BVkf z$Z&/qL)dǰ{5eC,h0mXZF6-" vP@.9@+C:BH9T~bhA$i|R8|`z%/HF BmOW@(ۡ;EPO飮P@.#Epʊe_[p3LѢoMJ_:ߩJ(/^,=^:7ߘ9d/P $gdH]wʜG^^fttW IIag ED-=H{915:7MLx2(7^޾U#qS̃WFkrd*%#h$kHg1QIbͰ$o`jr`oN%XW/ׅXfP!~:Vwܺyz"p[OsZ|Q&?A֋θK?ـGݭ"Y)/WUHC4dsqbbSi7#a Gu᪖q\WM4j+5Ѵc/ Nk[RQAc`5#Βՠy ۣ·))mZD \ňDn4]vۿXp8lR]P%F¾J{qhǴl2SQce3O"LPK._͉'N4J=Li;"@b}=o~"k T}-, azGr$dJE`#i )mĔ z,m#WsRA$kz١D<}L.L_WS(SY.!ͬ=u?o蕻F (ԇvQ@HguJQp܄Ú,-s/ <9A,qlMAU^  jSZu~:"!}aJ{;y״,4c(ZR9BNIJuuOD,\@^'i|꿥'+9R٤ZBNFFK9Bc"88n4GKd}).]+pdg5:g=$OҶ(vrA0gXx {߄uypG# @QTD}9"0Zd ;rfW=m+rt30` 5x^`쿹?m,C 7 '|޿/Ch{0ɝo8\SiEksN)kTRJΉ-,.IQ~ u돞e8Q_dGV}ƶtA>.{\jC|1y-bBK?I`uI}z x qweGhOv]@Kd]szGSW Dy(y3VX:%]SƖ׭?/+ے#R[sQne`Y!-ƀK;|9Ɉp!\k&l5=L@iw!rE Q>y~ķa'l_{]`gsh|} q^p jTca0#$.$ڵp\w|;-S:_C_zAƂ޻_W%ӟ٠og rYlS/]rw:Lm#_&ĝXrE⻮SZ|kq(-$&8;]vU^}EM3 ˆ{xy8mxqfCBhh,?n%p}?˚n%e~f mԚFI/~K'Oxv)pA|d-s>fIToo {򜻘ʾh"ڧ40`b_#vO* m{u=bDB.fbvubn>l~{]o0O|8jFv=;nki68T= 1pq-@7-ݏ E?;1^:au5زHg7)߶,A=U-/z?Ek7ŗm; 9"F2 9"0zJ!\23 mILPjA1H`.ɥZ_`&$gsgbKش;&[Ln~ۢ|HpyqPu3a}4?_)Rϰ,R ڜ$+DZno&.iÓUB!N./5K3_g.9Ex|xÙc>Yp6`\J X=1%]>Pf!L(ǭ%,&Vǎ W4oK:Sx̞ KPǦԈᮄNg &&/vA-Z ;|ʴ,ؓPuhd 2ʀ53ҟ,XLsk-OW\"I{1]lPRy=% 4A{՘gJ =X۬ $Kzfۡ}%d5c *lV̫StC ȜWx2@a Mqg}8`6_h8^咠+e χڲdgkS(,iO YA`OF@J05wCئHDfiqʲ@^a])3]n5nAdp<&#cv9FG¯q%9B5 l=H' ~r@*ܮH vqqDgZZe^!qxi%ת65jRԵ%`&lO,A$ϮWkA<|ȇww֢"nu$Ho?rlK ^omXy!4>P}-YV1¹HLT hc?Nh9Vi)(aA_= KN3]ɜ_8|hOtHo$|U˜ !yѴz4Y'?0-|*KxuL/qkxw:S,j2"+*~#II_&<+7h Ƣ"}K#(2B׫xmjbZ ~֒iŢKtE\W ,*ptz֗*AֿEwy,U994s,w`Ix.&.7Z ,I@|p=o_\^'6HpkoLGWŭ>ҹ07xKȕאQt;yMJ[JuJLI)kj)W$M A5bvYsa>PX ޼)β 0鞲>ǿ' JFX[Sb{RKS騁R'/OgfAwq8\Cg [_֦aFaXj*V2$U`ŌKCjY:'(h.)K'>.R9[r~g\W7a=Ldh~6wM6!̮X-#RE+"A4_'??PTC؂(nBWLUN§iF3A ,<ήh5٢waZ-C)W$KTf<oa J(?+DwanXPAOl!iRwLR5VY\YvBո2Ld`D{Xv7 LVӅž+,ZxMԂF*N~):@z? O ]oU^YëPo?+MIgٓr%YE?߉YpzH{H'b/ߔ0&|I4Zmyknec[Dd,j;kON[9VS]q sҮLN'S !W bna?zyA~: BG<]7%M;FR7w0kiǬ:2T,`{ui@?&)*npӬڄVfb -Ҋ Bp&EyF׈;2dMSwHdO?FKL64Pх$_;Md!աEMNmS>ý,S )9휉D] uxh\[S5 !< .YwR5^o<:LMxXXJm*2h-\;t |0-3@a^UR-=a+ n"pt0bBe&4[F@Ru>[V6[TdxP #uHGC½z yr:zw}sŲGgnȈ0X٬a#=٫?W'[_9٘L7'x$0XqfM4[S|^\,Le`7kAֶsxCDr?-|qD!nߙ~iliuDϨ ),W`,{}wiR#;͜ DJ7`w =Gn%1>AFJa@a]q6R&("?_Xn= ˯lsx#{'X Z`oRsV'82̴"J]ցۜNFdؽ+S -k6 ͳٴ gOMGBjy1uHp+/f2'TmɍHY샕Rsfq+*!FLjA ˀGg0@&'Ѕ}ufUph݂^u /'[ QWh͟3bjNߐl7be58@ Z =EuX[>*xvzA3)6$`"ޜ?2GY^]/!. 0n:_XP4L<]ҤgQ`|HZ@&0Is;'MlFY~ɣ-"`a_r~pUӑހ?  ;CNPD_;(TUdcCTd2Mj,T3i豾iy"fbԪBFs?ռN{2 YcY3ǦWt  ;VЃEˈ$9t9X}}ͤtQSS'-VtǃtRҀl"˸L5dL²bÖ2bT$2^)BN'0HD)iZVi|9ݳ65@RI@3I|a@0Y\L/P5K':Nl9߅fX0c:-cBcߕ i|ȧ1\H¨BBm˅tK]Vk$)&G8&G:HМxIRshSyByBxM]pxz4q+,4A:mͅd0fs5ܗVgv Z/|К"?W񋑅*J[Lk4_g0AUA v~5_?r.vHn|_XnLIT6"xB&ETN;Au|mcođe2m* :>I'Arr"N@(UKw53,e\ Cq}>o魻wsDpE G/ZݱrEq cJؿϱ3D:眞OWHcpIUƿ5/fr@CiRׂtwIT3ucJ + Cc;O 0SCF`Ҕ QxbE.;'ΊfBO:_>6\I 8kqۺGQZu^>Kɀp>\r "L?ޟ0~J }6["">RSJo jlou/*9w4|!v/jͷ}Fi`%Xx@ ';Y.yZqx;1asY7tE(F6EXp>=&,VfXcQxL5PU'>$W"I.`6b :31KÝ40D8P9w.| ss((PWN;g)B||vCjK9#Lb`ksON@$7G0G}v<\f`B-XhyG_*#̆M(I`bs%)y\}.ZPl\4Be/E,9]vǛ;TNi>@nuz؇xLpEÿ>qK[`6m̍[4n"[)ָG4ƅjSI'` QJ M$\Diltf\ aDק:9/\z|cDPx ޛxh&|.\w+qLIoR;TZ0 =,^w@95(5CY4J@^ULj{|NJ8UYC?&h˙Vpc/O8@Z Y- daMwQ! 3rr)6Z3Y- `ľRW=htCo/劷DlAp6B&5xd$]sk!gқ f 2TP Oz*ZEeS+{)~ !YIN!J;^CJ–Cc4PўFπぃ'D:)}X$H/y}K!y\* aٔ^^[F:kPK6Gyᅮ ddDD4f/OAT?i[o-Оh^GbZzn nDWpeyy,` NKlD+'\Jj&ޔ\w@nKhK 5te3$ P+~i+,͂hss@Ϝ,oG1LŔe4ZJQ~Mt©_fgNiYiBo-;<.@kT d43FOboWR-^v xq5"2s씑il/5*E?##ǹ ~* $#ꐳt<-f}EAeF''|tC7usd C)#4|tF<=d>ZFV hZ$]LyPcH_i߀K}c&~*p͜Ik/'.,c dN~~.9:=Rpd-Rb1Iz8Ugm7u\UH/w*fn- @(DfZK%^1V /MWWqECc 9 Tziigo1JU6E}ֵ't\-LMFIotxϑkA>"L`=SOtL}׹2e<~; =f*ݩ aL(D1?j ``uqZ&@mXѿl)*_c)W4mhme\br+ϡtb$ '1j~3mqW) P LojtV~@` ^/6Z#CG+0kp[\Yc6Ѻb[*$EA?8{"O>=0۔ѯXA:CJ=Y9``V $hkbD0 =(#1$6Ȋ= sbNCMn\k脋$Sa'!p=\ zrA|)yw?JhWh:c40LҕT=cN2G]wfw6^f{97E ˖W~pDK͛kv!,|&(k}mzv\_®FTi8q W*ja sNEg~%so1 dgU"-Ŕhc_=1}$Nu\cgFZZWw櫌q_fx%~ ^t)2ġ'f <5#cD u\o0xtVYmqI%$u@nb_ee Qh:abV~83ܴ.Vogy"q <!Y^/}8I]&ԊS4?4 VD>$ơE)>pW[ ymeE"ˡר/t(?FHfU5Mضw(b֊VGt쇜 ̒4C0{5b08b SXV4{QYU,$eZ)K9svDSq^EnV6>հ̛g-}}! D> z;^qR.mQ r>Bj.q|WR T˹hAw4ym@7#}SSS~GXۣ׻Pp j!,vkE}cL$_m.DejHn?˷WxюgǗ- JYx[aG RSܡ->ȉ_߷NɎz;EI'ſ8|Ra%짼$ӶE/m<$ȂNz[o#@WKqй6kST +}%Jɹ>g'ni?4DGdJjSy()*BPP?*,m?a][UB) m6\zB&bШY|N|c΅"aЮ1JI8NʉW['*2Jpeqr1͆12G 1N[G<0٬z=e^V󜖑xzsvA!W^Ժ`+r3Bs)ѡ;J;NOYwy˧d'3D]Xpێn`ccN&/‰ϩqpxI/*pw5gE )ȑC]q+g- BZ_x DhLB(ظBE~~~hlcd{`<̚xeފps|2C`8$;Yo`: LF++y:%u}GYS (t 2e}:NP^v2@7)Vr@֋$ ؔrn\ zBŬDDTXY6$Hw\Z{XYk_^ޜ,>Ǐ؀m'j ֋i(?*Js 6/x™DGHşX-OS0Pe4y,d~ WPWHƕFN}rfɷI[w3q]OGO%ݚQ0 kgZl;3߶r!gkyZ =.Z>ޜ3ސ;'nGY(@&ݫLY0 .E6io+:Cԡd\GߝXi ibFYrGeE%kD |]xy*Ha5/ַ퀂'yˆ#@8Ԅ˧ۦ…!?@ETA҉B~Cӄb.h&mpyW<6Kb%_W1+oƤ󞸕710jã3 gxMk@( S~wqѼhh]fjqrz:;aiBN`7+ ~_՗C"ݣ./c.@燦k& ɩ&= WܶxkK͔̑$iu.F>!D6-qvH~L|[POyAE-X+jY遥eWvz $(đFJ1-P2*\+B#&j~v<4irJ/I/.1b!BXɕ-Ij@jDB~6[ӑ&#ddf(I. g`<ږrZkl,Lf!;~mUKZ&ް((EbɪOd^6+-I,|sec!ǾW/1|51[qg$Cj"j͒wLbpk_M͌L.-Zw5=?+ LR9ơHI7ebXOikݜ77zuCL) !ֹ:-I3`P)ʒ$)Iw0#1^\A@H:KRsZoXC)CEI4 T<ݱw)#Ns%1\V<;mO[mP@1Wv(,RHg5f{s@վL1U@E?UJ =-TvFt?i(7"NVE`|d ;w֢3%):yD4~u?׿\"d)E~*c.չxꢚsw;ORmюq  aO@]M/llºXFTh`(Kɣ c5J}hFطk(E/wF$=P;"7B}^¤>=F;ϒ;C4Qr5ipu>r@ʕiuWb=\tآr@#=>?.zUyPl9ЁCTӾ]d jU:C N6yhNɈ8ID,eyey&@YzK/![b4xC'2K'GQNښt];V[8o <nԤ淠8^U?ЛGڳӣؼ7 2x fK0ơch,M=2d 8t-ùͶ0׺Or{r"m{A?˨xpS:񄉎C;3G$57B+C0+O})=ƒ% Y[髳pFHpJu0ޚKL1S8i py#2(vYX;lwɞEWx2 .~{:*嶨Dm`ATaUmX;%t/IVjTo„|N$J l0oǙW@B]EexXP Lld 91b&UĆ_Q\ ef+냸q剢8P;hgRK3EPg5\mgY_U}R 7!cAf8i62"eIVR.F<>gT=,, t5"-v藎7_L?\L_gy潪#챲 SYNRm]);?:󦃂A6DPz5SdhgkR pk;n L( 0ɳZQv.5a0[ҕj-p" S/=?FA{~pq=scQj߀G+8Mz?Iƈ{u6fC8Uh7%w-ό[%-:I@˫%>%UcLz_h8ÓW U6}9o|a`3F<˴tRKH:E=h*~ 2֖ѺZȓVD0%Oy $B T.X `L:%RNųe^H?iN1%$WUKd22<ՙЂ50St=xJӓw1cpns>qGfK }=:3A Wcgծ/Vb~ =#msP#J"Dv#0t"mn0onVN71~P/yPS QId7X$4Cj^؍ĉϋR5s%i*|@T@(DwCdg:"C*ֆ$ nWwmN;8Ծt>=}-G/Hl3&Zzg%{Ztiߴ!N0x2CqF0F8̴,PvGq7~'2RY JF6't׺̜~ИǑ.bTIȁ V B`^OQwc2:84=KY(dUfQ!`xQͳ@Q~&s[# "xMvryX%(V'e'*DD;ww\m cH@qwzLsAH'J]+Kz,b3_ eq(_߁jlv嚾La5ůQWxr7cV_Q {Z| Cڱs vų*2Ƃs"2t:?Hsl(Ӹ!s+Y=XڎOT+CKdϋ@ިXkm joȩ &8Ӛ# 6“>jpq&i3K. 9#6C+ne..XUTEp[a iU@]_+}k@HYvS17( wȪҼꋌ,K-RPQrIo*-~|B Y)B¼r#tv`ٵvO EmWTWWj3H9W|;}GއJ@]:q7t)ފK)`/7K4!WWaL '_u9@g릷(]#!5j]癗Y'RΒr vd>"q4O"/ގ;DECitrɛ8+?.ql 뚝^nVgIwaq3{aN N8o(>KEtU00@m +b<~ϬCͮͶ IO!F2Ɯ8.y?0yRe&t<.[pd4iU+B† 0IfO/9 y10jdIM\ԛ(O?yyiN5#xJ"V1JЫpOC8ED˸T<4JS#lH%-B, $mx=W*W[ҍSRoּE$/-e3YϪX Ħ*-ۜ()s-Z[ظ3DfeszFXZ[%\ކ+S׹γ<(>~,ceG30~5jkAYϜ45 }QJNKjx 08NoSK)3SJn5#*qj;)K&QD\q2Gz:*[)>qhǦWt.뤹d4Zs~qE$~[YfyO]܇ mu@qŪZ Z7?A {z Vn>t,tSM&vex nEQR3g1;kgkQodӼ؁=TJpr6C0|ªva ;4dwPnҤSf:/m: xFXZ+3 P_jCu'\2Ih:B[lP3\+0@M0DTŻn_պ;&M`e&u+? ]g]>Lxib'@庻Cg4A=]Z:#fu(Mq)@)^EGhSTaf wyf> bb0p2.7i.ZV8࿶!) }odJ6'5uezA'%Yװh2ù)&MF[s-P'ag%̓bO,^tdlئPZ/iDDC> d\+X^*4q#%o Gʚ2?yzz~j1.҅vS4";87^z^1?SK"썽@ '~K2㉹D*̪:Jj#&dӑ($8h"/0s>RH%BDK|qpzոz! lA,aQjiĞZ;'o*O)"ۣ4j?}L)$i!fW=(mS Oo|j N^L{3gCse5O@: Ҩ>) SC$`HESBFf lj:׮ҡc)HkOhiSI=\͗.+)$16 uvjM3؂h/&z${6 w,8!IT.G|5dZٿE-܏{4gC9YY~kQNSF+jZ8G@Rn4G!IA.:'0ZXGCO? kQE_׎_sStI||P Чz,/5si.[ގ;^߉5#,=|ļ ej/D{K6U-)Hu'&A#m֩]0YOo{[cbLy<*&/4}P[]UݸP {k('RאP17V$2k:|5kzlͤC]1\Yї@G4Y@.^%4Ր f c'l>!p,~2=,h![ ѷn> jؚG"Tqp9X'83mm}}h̶FTe4"!~LVgi6 kVɀ G`%]P( cEm$X헆O)ݽ$J$6w'Q|]hEP>Qz@{4Ϊy],ltg&dJ,Tls6y:K$ 5hka髷[#i@)\).*-~aY@;%="Art`HAP t͡}vuIkna[ԗ3(?(yh'_5 Pof<%`;uON\%'$C1*ݾ: f@CMe$?ʜv?ackxv m!XS HK dʹϑP ꓆ ~yh .;]ТXĂ{/kv{"[mٝ]l>#_hbTN~k=@ku-fu9D>"j!fNnӇ.>Mуn ^O'RSUn&zz/Y[/X8 ¯Z~'0bHb$g{y$6Gv۔;e 9 E!(3Ȍ7&Z >P!eڍ}J?){d|Dbׄ~jk1T]K9֯.-&?r[]֥/y,'mB"xk?| (ă%i j7S uFmKbvEZ ,Lv# !ȺPY\ȇg¨ Mzmh%vڣ\Y<*iםn4CfNr,oh/)zKf 鑼rMN!h[EXzڥolzO\*8T2ɗ 4Ѝa~N:ƩyK&MCx<ƳTg ݘ[GMjU M*ݼ<'K8ø3X8EhJ_,< .5Seyg~@@dX~u`Fo>/iIɅrYaMMwj5!Y@'KxR>1vZA ̭U.Vtޮ1v-%/% .IlNY!"ṮwuIToe0;;a=řZ0^K}<rnOCYgy_qR#RŨkQ>">U؆v|f @:I*{4qhL K" _(P>E!+Zs TnQ,F :Ё3$]Lf npy蒝Cv(N5i@c>3{tyɱS zaFyRP@^iYsIaw m-xhax tc+x,vTV'IM\L5MpzgOU,. 8 X%.ܡd.cōn0;UPck#/AgMNC=BAMɣv)7EP0 -vfU&WSmGW`Ba \Uz֫ &>`@~tuRSPOM V[3O!Ͼ0'ރ˃aJw;0`?\'o q8)Ødׅaji/ߨ{KR&!g |̴7a YZ