libxml2-tools-2.9.14-150400.5.13.1 >  A cZnp9|v'j/E7UQF#qYAJ  S-Jq}XRv*D!ŷ}B}\}h9#~IŒ(!5`|t ZZyuҪ_B)H"h #3=4$ÙN›k75XIEŽ»ig)Ե73r9l@,HZ[C-taϡaAqy'lJګe5~+;pp0¿ϡ!os046fe88b154537c39f8f3a3172a6f3de1234c78c8afdfe5e42d252f8d26a5bb23047bf5f14dc59105e480259e78319da07180e06cZnp9|SB͐SGyQne.F1i*G-ZT10 sh=CLfw4 VQIa(,nޭ]2suKؤxo׋rlw JOU; Ei6. gDtL\&LQao\RO(@8UrM4{hؾfFM["t\{>pAf?fd % 8 !(8 @ H X \ `p\A(q8x69P6: w6BaFaGaHaIaXaYaZb [b\b]b(^bXbbwcc dcecfclcucvcwexeyezfdftfxf~fClibxml2-tools2.9.14150400.5.13.1Tools using libxmlThis package contains xmllint, a very useful tool proving libxml's power.cZ1sheep02xYSUSE Linux Enterprise 15SUSE LLC MIThttps://www.suse.com/Unspecifiedhttps://gitlab.gnome.org/GNOME/libxml2linuxx86_64J@ O큤cZcZcZcZ401cc63d448525dd859cd24a55ea64df812000d3fa90ca65b75eae3ea0695edbf5c150bb4ae0952ca031e3a973f3323b3a27f937dd745fdd4e97c69333a37357f37b82271f7f80e11f65c99ed88e5ff50297567dfcf5ddb65ddcaadcb53cca1af5ac9d9ca2c53d99fe5e9f42c9958fd50857464c030f886ba0355685f37a1b95rootrootrootrootrootrootrootrootlibxml2-2.9.14-150400.5.13.1.src.rpmlibxml2libxml2-toolslibxml2-tools(x86-64)@@@@@@@@@@@@@@@@@@@@    libc.so.6()(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.7)(64bit)libreadline.so.7()(64bit)libxml2.so.2()(64bit)libxml2.so.2(LIBXML2_2.4.30)(64bit)libxml2.so.2(LIBXML2_2.5.0)(64bit)libxml2.so.2(LIBXML2_2.5.2)(64bit)libxml2.so.2(LIBXML2_2.5.6)(64bit)libxml2.so.2(LIBXML2_2.5.7)(64bit)libxml2.so.2(LIBXML2_2.5.8)(64bit)libxml2.so.2(LIBXML2_2.6.0)(64bit)libxml2.so.2(LIBXML2_2.6.18)(64bit)libxml2.so.2(LIBXML2_2.6.20)(64bit)libxml2.so.2(LIBXML2_2.6.21)(64bit)libxml2.so.2(LIBXML2_2.6.3)(64bit)libxml2.so.2(LIBXML2_2.6.8)(64bit)libxml2.so.2(LIBXML2_2.9.0)(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.3c_cMCbob4t@b'E@ap`!@`!@`` @`N@`N@`N@`4@_H@_G@__V ^V@^oj@^oj@^l@] @]߶]Γ@]v>]D%]B@]A]@\s\LKZZZ@Z@Y@Y*@YéYéY)@YBvYA%@Y"XWXWH6W>@W(VTQ@TWn@TWn@TSyTAdavid.anes@suse.comdavid.anes@suse.comdavid.anes@suse.comdimstar@opensuse.orgluc14n0@opensuse.orgmcepl@suse.compmonreal@suse.comrpm@fthiessen.depmonreal@suse.compmonreal@suse.compmonreal@suse.compmonreal@suse.compmonreal@suse.comwicked@iki.fipmonreal@suse.compmonreal@suse.comcode@bnavigator.depmonreal@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.comtchvatal@suse.comtchvatal@suse.comstefan.bruens@rwth-aachen.depmonrealgonzalez@suse.compmonrealgonzalez@suse.comtchvatal@suse.comtchvatal@suse.comtchvatal@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.commgorse@suse.comkukuk@suse.detchvatal@suse.comaavindraa@gmail.comaavindraa@gmail.comjmatejek@suse.comjmatejek@suse.comjengelh@inai.detchvatal@suse.comtchvatal@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.comkstreitova@suse.compsimons@suse.comkstreitova@suse.comsflees@suse.derpm@fthiessen.devcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.com- Add W3C conformance tests to the testsuite (bsc#1204585): * Added file xmlts20080827.tar.gz- Security fixes: * [CVE-2022-40303, bsc#1204366] Fix integer overflows with XML_PARSE_HUGE + Added patch libxml2-CVE-2022-40303.patch * [CVE-2022-40304, bsc#1204367] Fix dict corruption caused by entity reference cycles + Added patch libxml2-CVE-2022-40304.patch- Update to 2.9.14: * Security: + [CVE-2022-29824] Integer overflow in xmlBuf and xmlBuffer + Fix potential double-free in xmlXPtrStringRangeFunction + Fix memory leak in xmlFindCharEncodingHandler + Normalize XPath strings in-place + Prevent integer-overflow in htmlSkipBlankChars() and xmlSkipBlankChars() + Fix leak of xmlElementContent * Bug fixes: + Fix parsing of subtracted regex character classes + Fix recursion check in xinclude.c + Reset last error in xmlCleanupGlobals + Fix certain combinations of regex range quantifiers + Fix range quantifier on subregex * Improvements: + Fix recovery from invalid HTML start tags * Build system, portability: + Define LFS macros before including system headers + Initialize XPath floating-point globals + configure: check for icu DEFS + configure.ac: produce tar.xz only (GNOME policy) + CMakeLists.txt: Fix LIBXML_VERSION_NUMBER + Fix build with older Python versions + Fix --without-valid build- Build python bindings in a 2nd run, using multibuild: otherwise, libxml2 requires pkgconfig(libxml-2.0) to build, causing issues to bootstrap.- Update to version 2.9.13: * Security fixes: + [CVE-2022-23308] Use-after-free of ID and IDREF attributes (boo#1196490); + Several memory leaks and another issues. * Many regressions fixes. * Numerous bug fixes, including, among many others: + xmllint's --maxmem option should work as expected now; + xmllint now returns an error if arguments are missing. * Numerous tests and code and fuzzing fixes and improvements. * Updated documentation. - The full Libxml2 2.9.13 NEWS can be found here: https://download.gnome.org/sources/libxml2/2.9/\ libxml2-2.9.13.news. - Replace version-release macros in all 3 Obsoletes tag with plain 2.9.13 to avoid unwanted behaviors in the future. - Remove dropped upstream AUTHORS file from list of files to be installed in the documentation location with 'cp' command. - Update http://xmlsoft.org URL tag to Libxml2's new web home: https://gitlab.gnome.org/GNOME/libxml2. - Update ftp://xmlsoft.org Source tag to Libxml2's new download host: https://download.gnome.org. - Drop deprecated Python-2-related macro definitions/conditional statement from spec file. - Drop merged upstream patches: libxml2-fix-lxml-corrupted-subtree-structures.patch; libxml2-fix-regression-in-xmlNodeDumpOutputInternal.patch. - Drop libxml2.keyring source file as the new download host doesn't offer GPG signatures. - Use ldconfig_scriptlets macro for post(un) handling.- Rewrite package to the single-spec %python_subpackage_only style and eliminate unnecessary multibuild.- Fix python-lxml regression with libxml2 2.9.12: * Work around lxml API abuse: gitlab.gnome.org/GNOME/libxml2/issues/255 - Add upstream patches: * libxml2-fix-lxml-corrupted-subtree-structures.patch * libxml2-fix-regression-in-xmlNodeDumpOutputInternal.patch- Update to version 2.9.12 * Fix CVE-2021-3541, CVE-2021-3537 (bsc#1185698, bsc#1185879), CVE-2021-3518, CVE-2021-3517, CVE-2021-3516, CVE-2020-7595, CVE-2019-20388, CVE-2020-24977, and CVE-2019-19956 (bsc#1159928) * Fix null deref in legacy SAX1 parser * Fix handling of unexpected EOF in xmlParseContent * Fix user-after-free * Validate UTF8 in xmlEncodeEntities * Fix memory leak in xmlParseElementMixedContentDecl * Fix integer overflow in xmlSchemaGetParticleTotalRangeMin * Fix SEGV in xmlSAXParseFileWithData * Don't process siblings of root in xmlXIncludeProcess * Full changes: http://xmlsoft.org/news.html - Drop upstream fixed * libxml2-CVE-2021-3541.patch * libxml2-CVE-2021-3537.patch * libxml2-CVE-2021-3518.patch * libxml2-CVE-2021-3517.patch * libxml2-CVE-2021-3516.patch * libxml2-CVE-2020-7595.patch * libxml2-CVE-2019-20388.patch * libxml2-CVE-2020-24977.patch * libxml2-CVE-2019-19956.patch * libxml2-python39.patch * libxml2-Avoid-quadratic-checking-of-identity-constraints.patch - Drop since 2.9.10 merged libxml2-xmlFreeNodeList-recursive.patch - Drop since 2.8.0 merged fix-perl.diff - Refresh libxml2-make-XPATH_MAX_NODESET_LENGTH-configurable.patch- Security fix: [bsc#1186015, CVE-2021-3541] * Exponential entity expansion attack bypasses all existing protection mechanisms. - Add libxml2-CVE-2021-3541.patch- Security fix: [bsc#1185698, CVE-2021-3537] * NULL pointer dereference in valid.c:xmlValidBuildAContentModel * Add libxml2-CVE-2021-3537.patch- Security fix: [bsc#1185408, CVE-2021-3518] * Fix use-after-free in xinclude.c:xmlXIncludeDoProcess() * Add libxml2-CVE-2021-3518.patch- Security fix: [bsc#1185410, CVE-2021-3517] * Fix heap-based buffer overflow in entities.c:xmlEncodeEntitiesInternal() * Add libxml2-CVE-2021-3517.patch- Security fix: [bsc#1185409, CVE-2021-3516] * Fix use-after-free in entities.c:xmlEncodeEntitiesInternal() * Add libxml2-CVE-2021-3516.patch- Fails to build against Python 3.9: * Add upstream commit that fixes the issue https://github.com/GNOME/libxml2/commit/e4fb36841800038c289997432ca547c9bfef9db1 - Add patch libxml2-python39.patch- Security fix: [bsc#1161521, CVE-2019-20388] * Memory leak in xmlSchemaPreRun in xmlschemas.c - Add libxml2-CVE-2019-20388.patch- Avoid quadratic checking of identity-constraints: [bsc#1178823] * key/unique/keyref schema attributes currently use qudratic loops to check their various constraints (that keys are unique and that keyrefs refer to existing keys). * This fix uses a hash table to avoid the quadratic behaviour. - Add libxml2-Avoid-quadratic-checking-of-identity-constraints.patch- Make python subpackage ready for multiple python3 flavors gh#openSUSE/python-rpm-macros#66- Security fix: [bsc#1176179, CVE-2020-24977] * xmllint: global-buffer-overflow in xmlEncodeEntitiesInternal - Add patch libxml2-CVE-2020-24977.patch- Fix invalid xmlns references since the fix for CVE-2019-19956 [bsc#1172021] - Revert upstream commit 5a02583c7e683896d84878bd90641d8d9b0d0549 * Add patch libxml2-CVE-2019-19956.patch- Security fix: [bsc#1161517, CVE-2020-7595] * xmlStringLenDecodeEntities in parser.c has an infinite loop in a certain end-of-file situation - Add libxml2-CVE-2020-7595.patch- Do not pull in the non-python deps on the python build- Revert the previous change and use multibuild to determine supported flavors. We need to be able to enable/disable pythons in prjconf and multibuild directly clashes with that.- Build python2 and python3 bindings in separate flavors. As python3-libxml2 is a dependency of e.g. itstools and thus many other packages these packages no longer have a build dependency on python2. Breaks a build loop for python2.- Since libxml2-2.9.10 perl-XML-LibXSLT fails to build: [bsc#1157450] * Revert upstream commit to make xmlFreeNodeList non-recursive https://github.com/GNOME/libxml2/commit/0762c9b69ba01628f72eada1c64ff3d361fb5716 - Add patch libxml2-xmlFreeNodeList-recursive.patch- Version update to 2.9.10: * Portability: + Fix exponent digits when running tests under old MSVC + Work around buggy ceil() function on AIX + Don't call printf with NULL string in runtest.c + Switched from unsigned long to ptrdiff_t in parser.c + timsort.h: support older GCCs + Make configure.ac work with older pkg-config * Bug Fixes: + Fix for conditional sections at end of document + Make sure that Python tests exit with error code + Audit memory error handling in xpath.c + Fix error code in xmlTextWriterStartDocument + Fix integer overflow when counting written bytes + Fix uninitialized memory access in HTML parser + Fix memory leak in xmlSchemaValAtomicType + Disallow conditional sections in internal subset + Fix use-after-free in xmlTextReaderFreeNodeList + Fix Regextests + Fix empty branch in regex + Fix integer overflow in entity recursion check + Don't read external entities or XIncludes from stdin + Fix Schema determinism check of ##other namespaces + Fix potential null deref in xmlSchemaIDCFillNodeTables + Fix potential memory leak in xmlBufBackToBuffer + Fix error message when processing XIncludes with fallbacks + Fix memory leak in xmlRegEpxFromParse + 14:00 is a valid timezone for xs:dateTime + Fix memory leak in xmlParseBalancedChunkMemoryRecover + Fix potential null deref in xmlRelaxNGParsePatterns + Misleading error message with xs:{min|max}Inclusive + Fix memory leak in xmlXIncludeLoadTxt + Partial fix for comparison of xs:durations + Fix null deref in xmlreader buffer + Fix unability to RelaxNG-validate grammar with choice-based name class + Fix unability to validate ambiguously constructed interleave for RelaxNG + Fix possible null dereference in xmlXPathIdFunction + fix memory leak in xmlAllocOutputBuffer + Fix unsigned int overflow + dict.h: gcc 2.95 doesn't allow multiple storage classes + Fix another code path in xmlParseQName + Make sure that xmlParseQName returns NULL in error case + Fix build without reader but with pattern + Fix memory leak in xmlAllocOutputBufferInternal error path + Fix unsigned integer overflow + Fix return value of xmlOutputBufferWrite + Fix parser termination from "Double hyphen within comment" error + Fix call stack overflow in xmlFreePattern + Fix null deref in previous commit + Fix memory leaks in xmlXPathParseNameComplex error paths + Check for integer overflow in xmlXPtrEvalChildSeq + Fix xmllint dump of XPath namespace nodes + Fix float casts in xmlXPathSubstringFunction + Fix null deref in xmlregexp error path + Fix null pointer dereference in xmlTextReaderReadOuterXml + Fix memory leaks in xmlParseStartTag2 error paths + Fix memory leak in xmlSAX2StartElement + Fix commit "Memory leak in xmlFreeID (xmlreader.c)" + Fix NULL pointer deref in xmlTextReaderValidateEntity + Memory leak in xmlFreeTextReader + Memory leak in xmlFreeID (xmlreader.c) * Improvements: + Propagate memory errors in valuePush + Propagate memory errors in xmlXPathCompExprAdd + Make xmlFreeDocElementContent non-recursive + Avoid ignored attribute warnings under GCC + Make xmlDumpElementContent non-recursive + Make apibuild.py ignore ATTRIBUTE_NO_SANITIZE + Mark xmlExp* symbols as removed + Make xmlParseConditionalSections non-recursive + Adjust expected error in Python tests + Make xmlTextReaderFreeNodeList non-recursive + Make xmlFreeNodeList non-recursive + Make xmlParseContent and xmlParseElement non-recursive + Remove executable bit from non-executable files + Fix expected output of test/schemas/any4 + Optimize build instructions in README + xml2-config.in: Output CFLAGS and LIBS on the same line + xml2-config: Add a --dynamic switch to print only shared libraries + Annotate functions with __attribute__((no_sanitize)) + Fix warnings when compiling without reader or push parser + Remove unused member `doc` in xmlSaveCtxt + Limit recursion depth in xmlXPathCompOpEvalPredicate + Remove -Wno-array-bounds + Remove unreachable code in xmlXPathCountFunction + Improve XPath predicate and filter evaluation + Limit recursion depth in xmlXPathOptimizeExpression + Disable hash randomization when fuzzing + Optional recursion limit when parsing XPath expressions + Optional recursion limit when evaluating XPath expressions + Use break statements in xmlXPathCompOpEval + Optional XPath operation limit + Fix compilation with --with-minimum + Check XPath stack after calling functions + Remove debug printf in xmlreader.c + Always define LIBXML_THREAD_ENABLED when enabled + Fix unused function warning in testapi.c + Remove unneeded function pointer casts + Fix -Wcast-function-type warnings (GCC 8) + Fix -Wformat-truncation warnings (GCC 8) * Cleanups: + Rebuild docs + Disable xmlExp regex code + Remove redundant code in xmlRelaxNGValidateState + Remove redundant code in xmlXPathCompRelationalExpr - Rebase patch fix-perl.diff- Do not depend on setuptools to keep the depgraph small and avoid build cycles- Use python[23]-libmxl2 as python names not python-libxml2-python which is kinda confusing- Do not ship libtool archive anymore- Enable tests also in the python subpackages- Added a new configurable variable XPATH_DEFAULT_MAX_NODESET_LENGTH to avoid nodeset limit when processing large XML files [bsc#1135123] * Added libxml2-make-XPATH_MAX_NODESET_LENGTH-configurable.patch- Merge python-libxml2-python spec and changes files into the libxml2 ones using _multibuild [bsc#1126499, bsc#1123919]- Version update to 2.9.9: * Security: + CVE-2018-9251 CVE-2018-14567 Fix infinite loop in LZMA decompression (boo#1088279 boo#1105166). + CVE-2018-14404 Fix nullptr deref with XPath logic ops (boo#1102046). * Bug fixes: + Fix building relative URIs + Problem with data in interleave in RelaxNG validation + Fix memory leak in xmlSwitchInputEncodingInt error path + Set doc on element obtained from freeElems + Fix HTML serialization with UTF-8 encoding + Use actual doc in xmlTextReaderRead*Xml + Unlink node before freeing it in xmlSAX2StartElement + Check return value of nodePush in xmlSAX2StartElement + Free input buffer in xmlHaltParser + Reset HTML parser input pointers on encoding failure + Fix xmlSchemaValidCtxtPtr reuse memory leak + Fix xmlTextReaderNext with preparsed document + HTML noscript should not close p + Don't change context node in xmlXPathRoot * Improvements: + Remove redefined starts and defines inside include elements + Allow choice within choice in nameClass in RELAX NG + Look inside divs for starts and defines inside include + Add newlines to 'xmllint --xpath' output + Don't include SAX.h from globals.h + Support xmlTextReaderNextSibling w/o preparsed doc + Improve restoring of context size and position + Simplify and harden nodeset filtering + Avoid unnecessary backups of the context node + Fix inconsistency in xmlXPathIsInf - Add libxml2-python3-string-null-check.patch: fix NULL pointer dereference when parsing invalid data (bsc#1065270 glgo#libxml2!15).).- Use %license instead of %doc [bsc#1082318]- Version update to 2.9.8: * Various -Werror fixes and compilation updates as travis is now used by upstream * Few additional tests added for ICU operations - Drop patch python3.6-verify_fd.patch merged upstream- Version update to 2.9.7 release: * Bug Fixes: + xmlcatalog: restore ability to query system catalog easily + Fix comparison of nodesets to strings * Improvements: + Add Makefile rules to rebuild HTML man pages + Remove generated file python/setup.py from version control + Fix mixed decls and code in timsort.h + Rework handling of return values in thread tests + Fix unused variable warnings in testrecurse + Fix -Wimplicit-fallthrough warnings + Upgrade timsort.h to latest revision + Fix a couple of warnings in dict.c and threads.c + Fix unused variable warnings in nanohttp.c + Don't include winsock2.h in xmllint.c + Use __linux__ macro in generated code * Portability: + Add declaration for DllMain + Fix preprocessor conditional in threads.h + Fix macro redefinition warning + many Windows specific improvements * Documentation: + xmlcatalog: refresh man page wrt. quering system catalog easily - Includes bug fixes from 2.9.6: * Fix XPath stack frame logic * Report undefined XPath variable error message * Fix regression with librsvg * Handle more invalid entity values in recovery mode * Fix structured validation errors * Fix memory leak in LZMA decompressor * Set memory limit for LZMA decompression * Handle illegal entity values in recovery mode * Fix debug dump of streaming XPath expressions * Fix memory leak in nanoftp * Fix memory leaks in SAX1 parser - Drop libxml2-bug787941.patch * upstreamed in 3157cf4e53c03bc3da604472c015c63141907db8- clean with spec-cleaner- libxml2-python3-unicode-errors.patch: work around an issue with libxml2 supplied error strings being undecodable UTF-8 (bsc#1065270)- convert to singlespec, build a python 3 version - change build instructions to use setup.py (and %python_build macros) instead of makefile-based approach - add python3.6-verify_fd.patch that fixes libxml2 on python 3.6 - rename to python-libxml2-python to conform to package naming policy (PyPI name is "libxml2-python")- Update package summaries and RPM groups. Trim descriptions for size on secondary subpackages. Replace install call by a commonly-used macro.- Add patch to fix TW integration: * libxml2-bug787941.patch- Version update to 2.9.5 release: * Merged all the previous cve fixes that were patched in * Few small tweaks - Remove merged patches: * libxml2-CVE-2016-4658.patch * libxml2-CVE-2017-0663.patch * libxml2-CVE-2017-5969.patch * libxml2-CVE-2017-9047.patch * libxml2-CVE-2017-9048.patch * libxml2-CVE-2017-9049.patch * libxml2-2.9.4-fix_attribute_decoding.patch- Security fix: * libxml2-CVE-2017-0663.patch [bsc#1044337, CVE-2017-0663] * Fix Heap buffer overflow in xmlAddID- Security fix: * libxml2-CVE-2017-5969.patch [bsc#1024989, CVE-2017-5969] * Fix NULL pointer deref in xmlDumpElementContent- Security fixes: * libxml2-CVE-2017-9049.patch [bsc#1039066] * heap-based buffer overflow (xmlDictComputeFastKey func) * libxml2-CVE-2017-9048.patch [bsc#1039063] * stack overflow vulnerability (xmlSnprintfElementContent func) * libxml2-CVE-2017-9047.patch [bsc#1039064] * stack overflow vulnerability (xmlSnprintfElementContent func)- Added libxml2-CVE-2016-4658.patch: Disallow namespace nodes in XPointer ranges. Namespace nodes must be copied to avoid use-after-free errors. But they don't necessarily have a physical representation in a document, so simply disallow them in XPointer ranges [bsc#1005544] [CVE-2016-4658]- add libxml2-2.9.4-fix_attribute_decoding.patch to fix attribute decoding during XML schema validation [bnc#983288]- Update libxml2 to version libxml2-2.9.4. The new version is resistant against CVE-2016-3627, CVE-2016-1833, CVE-2016-1835, CVE-2016-1837, CVE-2016-1836, CVE-2016-1839, CVE-2016-1838, CVE-2016-1840, CVE-2016-4483, CVE-2016-1834, CVE-2016-3705, and CVE-2016-1762. - Remove obsolete patches libxml2-2.9.1-CVE-2016-3627.patch, 0001-Add-missing-increments-of-recursion-depth-counter-to.patch, and libxml2-2.9.3-bogus_UTF-8_encoding_error.patch.- add libxml2-2.9.3-bogus_UTF-8_encoding_error.patch to fix XML push parser that fails with bogus UTF-8 encoding error when multi-byte character in large CDATA section is split across buffer [bnc#962796]- Add libxml2-2.9.1-CVE-2016-3627.patch to fix stack exhaustion while parsing certain XML files in recovery mode (CVE-2016-3627, bnc#972335). - Add 0001-Add-missing-increments-of-recursion-depth-counter-to.patch to improve protection against Billion Laughs Attack (bnc#975947).- Update to new upstream release 2.9.3 (bsc#954429): * Fixes for CVE-2015-8035, CVE-2015-7942, CVE-2015-7941, CVE-2015-1819, CVE-2015-7497, CVE-2015-7498, CVE-2015-5312, CVE-2015-7499, CVE-2015-7500 and CVE-2015-8242 * And other bugfixes - Removed upstream fixed patches: * libxml2-dont_initialize_catalog.patch * 0001-Fix-missing-entities-after-CVE-2014-3660-fix.patch * 0002-Adding-example-from-bugs-738805-to-regression-tests.patch- fix a missing entities after CVE-2014-3660 fix (https://bugzilla.gnome.org/show_bug.cgi?id=738805) * added patches: 0001-Fix-missing-entities-after-CVE-2014-3660-fix.patch 0002-Adding-example-from-bugs-738805-to-regression-tests.patch- fix a regression in libxml2 2.9.2 * https://bugzilla.redhat.com/show_bug.cgi?id=1153753 - add libxml2-dont_initialize_catalog.patch- update to 2.9.2 * drop libxml2-CVE-2014-3660.patch (upstream) * add keyring to verify tarball Security: Fix for CVE-2014-3660 billion laugh variant CVE-2014-0191 Do not fetch external parameter entities Improvements: win32/libxml2.def.src after rebuild in doc elfgcchack.h: more legacy needs xmlSAX2StartElement() and xmlSAX2EndElement() elfgcchack.h: add xmlXPathNodeEval and xmlXPathSetContextNode Provide cmake module Fix a couple of issues raised by make dist Fix and add const qualifiers Preparing for upcoming release of 2.9.2 Fix zlib and lzma libraries check via command line wrong error column in structured error when parsing end tag doc/news.html: small update to avoid line join while generating NEWS. Add methods for python3 iterator Support element node traversal in document fragments xmlNodeSetName: Allow setting the name to a substring of the currently set name Added macros for argument casts adding init calls to xml and html Read parsing entry points Get rid of 'REPLACEMENT CHARACTER' Unicode chars in xmlschemas.c Implement choice for name classes on attributes Two small namespace tweaks xmllint --memory should fail on empty files Cast encoding name to char pointer to match arg type- fix for CVE-2014-3660 (bnc#901546) * denial of service via recursive entity expansion (related to billion laughs) * added libxml2-CVE-2014-3660.patchlibxml2sheep02 16698803692.9.14-150400.5.13.12.9.14-150400.5.13.12.9.14-150400.5.13.12.9.13xmlcatalogxmllintxmlcatalog.1.gzxmllint.1.gz/usr/bin//usr/share/man/man1/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:27010/SUSE_SLE-15-SP4_Update/5b5ad08c8355ff8c969b380ae5378897-libxml2.SUSE_SLE-15-SP4_Updatecpioxz5x86_64-suse-linuxELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=f526dbdac2da8fc5f59ca80821f0cfe24a09c260, for GNU/Linux 3.2.0, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=25c07b8266fb77df75d6b09f256a21bf19c29c85, for GNU/Linux 3.2.0, strippedtroff or preprocessor input, ASCII text, with very long lines (gzip compressed data, max compression, from Unix)RRRRRRRRRRRRR RRRR RRRR R R RRRRm!Wߌ utf-8bb31f5358b9460b6bf55985aba53689ff74a35e1ef4ffa47582f322ce47091ae?7zXZ !t/z] crv9w t\3o#|ʩGQC-YpSwuʮ &):nq3 "`>HOJJcB je4Ҟ"|x零U9]T+d3rAoK;8Vw1?3;vҹ` R7, ao:IL:"-x`SB^%?[7`<')^Ge tHn$}ϻV27t4!Hƥp-I0 7s,O_9,',:Tq/ѐr I;2Tz]<ky`K)5Ml%:MuLh?]-MXNpVYL"+}`4x:r?n}R K.1וB"C0 FN^BwqGk''nٶQgWHq oIKǡ̖]TJ} OڈLb<`7(q5ǨVV@MwAKodKgl 'wyXK}U9f^;Pj pBf_5>:d4~}Z@]b5vs'=3^~-*й\a&FEG5Ikؑ&uݼ4˅jPe=|YeI#1C{pǸ9ΪoTcL>Q?("6<6,Dp1kKza=pח>j5fz% _B+^Y6JWu=<༵Ezg *K XV֢TU;J0xN /zz֮h}n|)zS`ۚmiԱ[44y&_ hxc&7ųr`*1Y"{hjz2Ro]}O^bvpAJzbC6A[{̣X|xr#ӁJ$.I0Nқ?eMP}eb7zGjL+x]>:qDܬ)Qӻڽ>BAc> LVř~Ùe}iA/+- \[x# E2 f;Ǎ-p`"㿾1\SM=~@2ivbG ͓%yk4NFIx]^߿ bxc7oI[!^)0{u.Ӽ,o"r EtlkK—LjaKgCk)ƣ ;ٜMVM:|$Qu0}:vj~ YTy3W|1@Ʊ*7bHUt`GT0,KS ()t74F گc0n]'NBkRg;ӬXvϰД2|-() ,L\[=[wc!*Zl5h]荔vH|8xBK2ki.ko<ԋqy%QBaB- )Yc!_klKm怭pboq7;2PC_Lo;_-,;E8t^m1B,T-y x>5 o 8 T' э&0Wu)EHlp ̒k̬pϠgo,tV\>==M\5O^!ʄׯ[9*H#hboj" )N`ruChҹ'}Lq}K1}\nE%SSإ%fnQ );Z>>^0@ϛmV}yw݁Z8Xlh42Sɥ`^ZthpP5 ce;ze<ܸ(]?F᥶MxԮ춡&"bÅZDIĂ#p• Ӽ%spWZ<0yZ4m/;Ӈ]٪ZUĒFҥuC?vk!*HkZW)#Rc <~1 6jE4hm|Z3l? Tjڢ$MeNY_k ^=6M"I+i!epf޳W #U4D;*e#clͬKn7l@ HOMEV݃F^߸ W5,(;¼W{)MQ14'|m4WΫT*hGF6C3\ؐ'8G0ч^zL)3Bw9,G T'0UfW ƥsyd3 4C(Y]׌jQ_(K}i=l80S6#9X({+2r ϲr|VeQr -7U|x9wL@?V`R}.7>[ǿH>"_CJ=:+|""wrzW>zBAwsbQqQ6l":}c *#k NtK?v5UuY)-<׬EҧVQȫ'S{r} rxϬf"{бRDԜ(,W+?!%^Gm>d)Z'An/;w,Uy #vbZ!^CXob14*O ҭQv+o_vʍ#o)X@C,z=g8 3vpV/B8bXmC˩_ǐ_g dǺ*1yD _UcQ^>)S.˳H<UX?#X14M I%+b=;mʒ$,"O}lZCì#(=QdTNٷb<}7\?+{.~D.!"+*t.ꯁ^Bʃ=9R_CC.螗?1J$UTOOƭ/#^inG$UQy >u򎰪(7v yBbVnV\|눿*˻BMkf;tg>ZkRభg~qtG2Y.˜CsO~HY |pEv/]p@-~zqB&v>6MzyڿuC։ VDu~1+ wp p7uO8̎CJ@N)ΓQ^Y]u:k$ %y݊1F\eawxi!tOIAki$-#4+qM˰Q"F+̉`e6 =Ѵo%LguD9eXy6gblc'G}5ɣ0?o񺴤ai'o#{ZI;lh.].#gqzʙ~m{a9)?!uf)2&.=6[7`C}o$/tS<9 @ ATݵ8aGڠTm҃HG1,DkZ p9&_,:r/8 ۑ҉WsK:0>ub#dWs! ݼod$#9)%OJ O}_W#̹NUY(h́RAX9waukv̌ PoWɦ@l 6OqrteZxq:2/^kQb#&\v/W*uT!m`Óܙ`}Ǯ ea[|poF8h_"z!LH{*g*k.5ǯ8E?M )40>v`&; ޞR JԧwX@`zьFa]քBU_T"uA|GHi='IƪqSF`O~"kV7;tS.wcG ōnatZ yq[Z3R@z%"QRvRH  |G񠧤_ }; i_m/E |&HuE`zH 5h36?f>7-pS[ /*8.HN`(@JU }uAdͰ&>#jy9.7c:̾J:?^X@*~mdmSԌ ],0k;[F*0!FX;J5giV:VeϿUN=]j`ʋ])PV!H$U\ck؊_n79|Njk4N+gPޯ弌2E;5c;֜Dzw+.T\Wq%fOZH--|С^h_ňs81|*MR"V$SpӮC,N0=]'{3suK)K̶ku95d6 %⹔aovWъxuUlWmAHjQ;)Hf]E(\w>f)uzD*S̹sL>n.*D>JKזʢE{.q Ϡ)Q9rq兼{"a8j!Oޛ!m* wZi|u#O`A 9,{]ɚ?(\XaZޮ`h>T+Tg0?sbgv%~?oٚ%TUo 1+#exI92Q?ɇ֝}a#$`w*nUS_:꺷'J{}enkzn%'XC3K|j;hɽ'՟;NUomLTTnqӘ^7`D}Dv- @ /q CZ=k֯C/}Y%Dd}3]N"ΆA1-lŧV[2;z,kr#gW@[^ _-%oSWMiuPyMt;.){) ɥ5ٜv͔P~cҤx͇LĄtܸ#U1ܣ0:*6h0 fmcEXϛ'3tA=gۯЂB(Am=V؅T9 t).Cv]%2A,@lDRo!%̩ 1zpS%jnN܄ܣ DZN53`[%hXV`V;t)IjͳÒ(l? [[n< 4两t~5*Bϝp]Kcѱ_?맵ZɊh<$ =+MbCb5?gWޱΊ iQ_nZ MԤ0*Aփ@IY_qfYկ (;s"e'/9' nlynŘd 闷b4r^~j@v|b;޾6$rW!Wv:)a#E$~S_)G fAƉD` SRR\BtLqz#7G -yEكKmmD;-V91ɑt/P9pؠ)rQlfA!DϹ,NtK|t`:y? VLH/ţho|SOk 9ںp %ΐ?q"l.cv֙ /@iT:tZJK3r X$Bkm͚Rj-x_zMa2mƛAl7Ol?]%vru . *Py~{ļioyF _ Hgn55fy T VzWGUljEU F&9EelRb8d BBBC nI1t>绑gp6\2|2f@ob}pQ g+QĩA{/뺳iX)m޹p7d" 0:Z\hIWv3A ~ɭ+I(":5/M0 z|?4[L\^;KGK T^ б.tXq^2l'c}H+pq 6pncDR+ H[K T6ZN`p.a< D /+\c"E3KjyEFYu3zZe^<@[En1` P1o0̀qK;x %)65.[Ue==T|Gٱ (@p) KɥFUWp޼;.)'9LVBh0W.ݱ/M_xh>Pi[Nݹ?!o[imw~:f"R z, 8el2&ҡ|?ŽGM&LWC:\4p!shv"Ւ魁*%Lk=m7r4B~7@MᄦhNҞ]Q["oY~0=y*Ҡ~7 sb/h '9vS?bnWK M;>-A FE0^dq}/fxwt"xm/QԺy(#$'KzY{7V }@~i?Rqf)PJZ UwJ3N(lbhT]~!w#?0 ɇAvzEmB( CpykCm^?'nyl:5"c::g,/?P(DʵT1LJn* 1/qonb RWgSbZlnooNu@h7H J\TNjG&Kno̥ё,ӾʭBv|mf&*zXFg㈲c^ˉ!X[mAȴݡտ`cPM$^I~׳z(k-(&tGcP#b`fPiB!9 n#M7ڱ1:0&Z%'=A˷2y-GKW/̄ћXoh6)tK[KHlG *J Rx5 zHo"}}E HJ/WorL/B+xb]5@y[.s;9SpeY,GM#ڤz}Xt3&fx2qf쬚ČF=Lhtp&[ɮWFZ7J]T#-pmrvE<sGj8whDgк Vձ^L2LKy1mG$Z'u앷ͪL! \ƛl挷Khm;ړe̘E=#c/FnO3ro'< Eϯ鴄yETB%^'eBnv}u&I^Iqn4)Q>,/P<W$e/0܌ Vb4nrЯ@HqE @EjKS8{%vY`P`:|co9\w'_G]HC.TpL}B}qtk#r"Cw쎯J^VdvneX΍kY8:*u<ȯ}Q/Ug}u,X|l/gj8FUk|1JN=/a݃@j2݂(a 0V)/Y*w|iypc[H˟*+2mFܰōUH 2LT&6HYQ0]NL.RW2jtqtޤ G9ے8CgPIcow 3{Bڗ\ @p|^9 yL0}T蓿O𛠣R{PD0E*wT)V0g[wPX'[ KwF3[D/ÖCR-{'$9g%Dvf!ε3)WpX(~~G $rN˛*VH@?c |n9?$[(Ƹ:ZrreXWY"m^{otMOx G G+E{4Šg"0tQ"ea'"ǰ!0GFGҡ:ς[ɣE'th,]ÞKN\9q/bteae?߀ryy "~6Z|A"Kn} #Bu/D/IGl#,=1ן9L P-u(9ۈ`M qEG Clb3/Jid%6FAj̴O)jJ20VYF3:e/6#.tbdBzg!׌`0=# "،.\hؽH݇Y) i1}],vNYq3:i-4f!z/۹SyV9t0]g)!k{@WT,P /ħH{XK]33_PC>Ŝ؀H g|2C̽*8+Yj[ᣫn3ş) g*sM}yE&vQqQu);'A tߕ9rVTƪnդ>Ȏ_hdG SSwj$4%=ΉzbXO2R4(=rqx|0X a9\+'/Z݅hٱ~2hr$/i 5[v=?Mf @з6' pȩ2M3əaSY O7jEr?`Q{ [>S4b%yQ=4җVoh3/{JhC|QGgulUx87OO= f.rWwդTXk&4~'0bxMdPs^j]3PA< oCG=ˉ dBGf3>g8=²H٨`$$.)}:KQf wĊ[&L /A׸8g.⿇&#SmR&]$r/OO^#Mg=< 6  "i:ZIs6ܶZtdx(B+35Z_M: zH78(D+¹Izt)zӻK>{dʎgJ:q5t+|Xe CAy(j3Bo<~xŻ[wFwm-zs.b(գQi?ÚD4r]G mOR=ZW%RdVF}ް૦z:[lp^1I{݈ӇvB~r!hYY;Cξ<Pscp[ʍ|ZnE*ʚV$Hoa ՞Og xQa {,KUI8e}L&_L9”%o&%fT~xk ~ NUšڂIthb  [ d{$M L$um2 Rp`'y>m)﯊m"I34Z~zљ 4a,Sv= :Ly~R{ذkOq@j(ʠٵ/#ol}:NU^ްUKxm1"XْeDRК1 + ({.%hW93/p)1 4>Z >d7?ݱlf:mla0PY*P7;C_YUrҩ:P4<9c~Ni~9f}$Im-o:~w4߂#H NZթ˔YԱM QD)`d\SВR[4Q?9^s9@*1vX<t*Ӵv^}uVUtR|vLA.ƶȶ8.%2 f<o^lq_ ߊuf׫ӷ[V~߷٦IL%Y7OJD8B:n[3;SNJ%\6֜E,|ȇ}Wd9d܏H}Ef2].6 /:yS>yBC$agϷTgrXYN޻{$5I 4s1E 16ECs|¦EѾ%HdnGn uLqJlB^nI(G`@伄% l?Xȁw]<|3h^&y3s+N;1WԂLQngΡxJіE5垏jh,_SWzE&!+3x5Ubjl__%:a$s&7=SP y x>VI~|JXwL>v\J= V@C H8tyoAr5{-E072m^ zBy) 5^zdpoӃ8dG7eB..cK?zjuܘw5qIi,Ũ` 1:7 m Sj['TCvrμ zMK ¦Iv{ҍ32 cy׷=CTV@#kE)/& *`HJ;zV"G5s,Dgm-#Ou[#fNiӟuOK6=lհF:K4K4nC} 3T᷵-|5:0OV?1O˔w%}{azd u {p/dRftdE8a]F^uMۨI P?;p1U2f cQONKļgV(qq|X[5RKV1o4e1Iʙe@4w*YHpcgznq>@Y,>-Cq7LVG &GCYuyJ@!: qUSCvy 8ǜRP#\e Bd ȴ%9'ɲJ+D6~mSQ>3cFU^~\O90vaPM뽥CО!59|_ưg]GY7ӳ{k9/=##rzb$d Uw+?ئ!ltg $#tRQzڢ=gs).CRgtQ_!#pX░aR0(-O@-DTal 9y,}:w"p:}"z&NzuO2Ph@FvC*\(YYX3hkk7A/xd ;2cF/ f҂7@=`R76_k,p{|E"A=L3'v9I(]A $:@*Cei[w{ݪȤI?`>5y6i6N<[5vGfГS~[Ezx2KM[y\7 {r[|5QukIL'@ kڂQokp C1ҋQxz)v#:nƌ^޹׬VHfS'=FL/uv)No|D\nP+#i2(wu27~?n]![e"ֺDaF6%N1 !aº3ovLbpvWAJ(ﻏvΔ`y7vV ("ݾ''MVHMUC$ I`n?ªgviWaϯT_3'B!_t~9?P?ְOa  rud:qָsd֒߮`,;TG w8[tbEKrqD /!=^h)jYj~S@=*A(/td;ĩb wD=kss5ݔĝl~۫e,/+ΡmiuGMESq܄[;7=sxu)'3='QCV ݼ{ojj~H ʞusN-(ޠBWkv`bb8b8e-uȨWW]h9wZ gtutÜP@9"(cF wxفJ0J%򒫂18%, M,JZK:jha줅:/] eeW,MC;֞EsR 7`%hK{ôJU g m+m|>3Pj|3rV?,]O(f9NWH 42 1 [uW8pJК҆kn*.`iڪۈ2;3[51){5V\VBP=wGl6&^fj+ 0|**XU@%*y *HۢIç~Wk``i~իH<_},bZ knN385NloM܏Ϡ 2/ ̄ƢO76IHkT 961K&N뺬! _JZdD(CwO`%&38 @p6RTv^=H8VKnrdLև{HZ(`?;x6{0* 13J˱y9;UB3v.4U9)PQb?HJ1F"]`%>o1`5;Qb9L aPz}ejmmTQ^P}b #Ib3DkF$-ֽD񾳏 q=QIW}fyY=a y0eN')dUw)pG׎%vd~U#H̦H#f !eCj8s3R-}}P* Ii dR7o~=׋ g~!' |S0.V5nNX\ H"sWdC$u9P;7Cpbz9똽zްO\^}VӶ SZ },L >ʘ>&XvZ0\mX=i=ya 6Tm"BZ2g*%D䟀T .J[v%.a໗k5IVV']I- "J6#'~^hO;~9:MV,k(L,䡓El<:eKov?:iMZc8Js R&\HQ.>4Dpjef=`J`n(fo3=7Rqh_ X*^kNq0Ҽm)^A( 7z@:D0pxlx>dM,+͏? IaÍ(}TE|ρ6蕞OJZo[t ~<6P6xԅڨ/TL_MRЙP!in;2f>"]|M?Zi^3N4<+ݾWs3*"fVMk *8;<\U9!/SwNޯ'f#f_DVXFv09.q(~uhtBIŃ'g(+ElX|5B!K̙܂䙰%k\uƹ/M#uCNPzF\)NmaP?4!җ3I<% }$K|،Z+! *}HExf]CG  V~4xJ>T&ͥ1RKy]чK\L 6 xbL+u(܍mhF!\B:f`OH*Qa9mJL[>6lW Z 8ry&萝HFѻ;N\#od 2QL}*I(7 \,16Tiڻu_xwŋU0WOl3-mz-~pG9UM6@;-Gl $*Ֆ putxzW1k?±=+b $e)+-ZubY}#b8@lM= SߌA%O40Ps{;#z"oDg_Rjg`7Jb_rzLA@Mq[.7` cMI'0ȂxR!40UQ`g`ȁrUN5XC޾G=fB. I9k)P ;X&R9:wc+EJ d+|dQpYEY&Jj`D:cףQ& hV!Ѕ5!8nUMVaQhث> ðVRy\#^%C-ny^yIkXcq'ĩ1Vz)ZIIcl[mM^ B1o5`,0}\ ֌N̐$V@Xr!p+FcT]#]8u=Z"h{U[5  D i-*~AL1AԪD UwBD`&K< l(, {%eޤhhM FC+~=Scu4pDrz\N&bW >OVDӎ&@n/0.@XÆ +h. c[p (S3 @oaq.p1P v4e3+L#B>"OAq&تӹoh!| Ԙo7ˤ\I/w(uUx8ν;tMnJ@,KQ S" !'dٚ<˰8 9 OPY96 Y8A"l`_l?0.e|9R'?P!GJ\/m[M񆛉 ab=?WyQ-!D^s U 8,yWK_ ,jL"/ǼJYqq mm }ΦA罧ibr :nH@lmC+ Y7QOu ?N5$#)Ht/\ pDb?ȓ7K2vB8AZ]2)ZY oȺ +J؊Z4\B|.|B/G;qdȹrf;` Ԥ,ၰ?$.m,rcY뢕NbRb'COQtq]~`)"#m312cr GJ 0uL?Z@7yT[HI÷MVN^%/~+/*hI>c6\|-mFwIҘKEHCqבyB}4mh$iܵVLhu۞ngKZOA{߷MY:&p$5iK㲈oW,stN4%R@hCn[B-qlS? $% J{ ojt_g}| ң ?:ʜb1b7'ҋ欠_BoNrʜKȄdQ^W4.nѫ 1-=nš>M?@?kMpGyS_Ɠs4@$ ,]x`[Dj:MYEs ˆRMwlyrj*KF@N5Y^n.!eSTvU#-jkԒ{ީ$ޅߤ@F[Gzw!mt2tn2&4]d5MKLJJam-nyB%%YE Φ5+2Q"CEѴiA+]Q친ھX]uߏ;d7Y&ocu 񿜣P$rƫl䟵z #oGNDtw|e~MDN1{5k>[ vHpAĥ"%ta-l%{ʽ?vZ7$_%&S嬁@];ON4XlH}NLP+)DD(k2αJ`|J:H0$rV GO|BHI2"wͷ-̘"o> 4Br +9j6"VDAHe+#T7G%teu zsnQ*<'#c2uOh}|]c/X@['j?>sSrX.;:bl{VH~P8Ԛ]1$6O;#O1Ys e^Җ1<|zrENV!A!e*r4vLF 26bh*;:e\&ڃO$Ӯ?(.&lSJ]Kb*teUjsRڍS4K#0'\M^7Hj+w;uP!C""!$=ܫny:%Y E򿧱c4!ѐ *ۭmᣆ%'FNzdSnŎT.KA0Nqé)XJ[TMv4l_J7#2A֔7sZz}X;~5 ?0?=Henk|lQܮ@s,kO+8֌HZwߖ&ġDQ`FmC${ɒ\zзD҄X퇰U3TvPhVQXlGtjIv,񼕾:8e]w-cS*'0D)\jpAvL"3Rj5%?!y˃# bEG`Kس.mp$ Q5bMrX''a6.4GdSHApy7:•(z8ϡ6Rn֌~-8?W&Mt q #^xA>n m!sx !D%6 J(z;b[O[{F4^dky:u8 !9 f"WDMwM&7v;=S_+nO?ş^{iޖ{KMy E Zb=Pg<Hjuw15JRH#K㔦Ds4NwaKXօ\R=@?16*NfJvG.[g&s(@Yl$VaQ;/GzkOͩf#Ti{!U4pp4vttK)%\FNȫTiۃoV*0EW;]/Ù\ߏ% 6;ʆOO@=`x=o>֪Zh3Tv-' =x58qjk+[Dqʛ⁋G賚撢>=c)^k5 }Ls/ݒ pnr G ,kܫ*~(7SP/c+ĔxKWF!YݓJGƀE:7=Pb.,~~ :^_!(?Xi1&tu*OjKFߝ;r,a*Vs0]CR'|voOߩ[D@iӎw^q{Zi#hJ*H\Qk_\pRT&!wTX {@e@Ҍ8Yte]WXѕT8aym$Ч|.ޭ9g;E&B Ici#4h7z| ^Rwɬg׼F&GH6U5.k['-9v9#dθؑ}NqMXss|pQu{{->v/{a [^gl]sKULQKKs `əD2!+~rƝ"@d>Du_AMyEK̈ a/tk F8ik+; _$D([*M4o.n"mv&ᎄ#`P4|^jC9\v֑~8O +]S=;޼m{!9Z7^<]$j@u[M|"^Ιcm.gc͎WKύѻJ[E}notX$Z24Fڳ^ D5C`T8߄.|ߺ8Xg隇g."@BTm[}w103RO  h{/іtA.#Rd}3K4!+S2ԬqڢY9$Y^>&7jJe `G+` WbY`:&׬  Y${$84rh.2tG_K) j 66i%M9/bIPS9ȹ^_8j LL!Ξi#\$F?&,c(*Ku ,@<}qWn?J=jV 1n/+4`P4s$ƒJ1:ǽRBdUNӭNAWҧ ;06:´;u /~QZb{M]?e]%`A(m}qLQB ̔#'+ӗsW-RD8ݒ*bE;1ngiwV_$17Hoт$j'S,8?_ $I8ZcѴFwwhLoP"[e`-&p \F2 wn>ۺ #GPUBWč ~uТƩ0:A@1 Z<{aG089(og;Gsߏ =z,k:IӇ;.H3/+d $c3 1ǜ%N7J0G0iBRR"͐=fa4LlѺDBjH2i`l+DaVkstgl9i'%%Vqms/̸/h/];V \!JgpRk(myWF*7]>Fl;W\NA>Sg( I\f%5G k0S" opiir_<*M<@>*bAEhIezWG`LhF]ϑOWwM ijtag^4A~Cya^;N]p^s\zDE4 8'62\Y:kavccdCKʒ8顯;*r Lwh ~1ʕ vUn_T)j @f:YRᅡ&,qjOT3!$!X_=W Iôu^K|w+i_EFV6(0P:E09AP4™0iOG_mkgr{{> ӛf= (*lX/}wP0k3\_ﷄh}'^0Br)U7VG?>,l h,Ae 9j'eh9ySGqb+'ujN6fOXжR 5;8A /Ry#T _W--{J8 њ5}D)_"ݡ\]r&M| $-/"8ːyɗB!3Hgj8h'?ڞy:d@S:~Xɶ{>yG-^D6 C9핉F-tF w{]B0 YYQfD&Ls`]=jM%Zb #D0x٭NᜍG~E?? ]ilu<䯤LfvB_Mlb,<۹>Rg` l3aos懸^yƈ+GWv&adz9($/rXxVF^^* ׺i^Z޵}nZn<||aONUM q;I/dZ h32F()I9!}[5&6??#O̦|RI*HcO8  f[ďU M2 2' |@LECQ-BȜH3&"ZHmݴnրj1Ax~ Ii.߇ɞaM*en ֞BE?ztΠ۴WAcŽlkUv*Y U,ZEQCU8Z|9L3tlS@ uv.c_@8%t%5+ËA=6iŠq> Lۂsi|%>+F>Y\?l=5#y<NG ~1%:):5#FJX \_N; ݯR? @cX!4˞*-bͿ='^hjkvaNmT @B,JHfQȷJ|ektH1m{cD! Zh<0=Kk<00ީ{P47a454{WsJyj# G*`Vi|i_%};HNs7Otce:&84˂_v]>f+rف~ 3J3xÄ\tB{ύ8;'kri nh,+r(p\@nv{}=;K~JZ֞1ynzS: ĮT3{7kp/p2o6m^|cN:nP80Oy&-@ymc)\1km%8Cz+ .84Tq:Vvu"LXUcixC??8/uWPDWRa*IN&#`EfQ6#wMm@f (F+_{9*a=zUTd6<]2 HxE:{_wjGay[E߉Ny-Àqa_*˾Ӎ\03/]o2qDf|E]xf2yi(1aIݛ/4D`f%Yl\DNɄNn xtp3h%npxPO~@&F`c-ɰ3tn>*Szx# Cgώa8pOMHM3( ENYsc͡*W0,:+NKnES;P`աXoNm1i`:[1

vr3_C (iƧ`l8R&^vHd153Axx4x㫷L)_ƼyɗTLewM mZ0T46g`dY#O}r#倡b]:,ʳk"p))0%M$Va2\4Ma اҫ}~UܿF#;*&gv0 É~RL;ܴ>\:jgyF;a1uoaky/\Å'j;`}<3٫o1Du!C'-P١׃' r5g?!=/395eÛ4@ ^k`ރ'.V)$@=>5Ŝ"k3U0YY m#xRPhGЄ.$/a1[!ڒXBi ez2gH]&Ȇga*5FPt(ӆoXEWGP .USzyPݨKD cԽ̚*y;_h;dUf=&ZAKCP_\^KDe(HDR|VɒV^C 2m S#&jnhX80p>[ &NHŰz/H铑i^]_y'\ա/uo P{v[k+(^BBy -וܚYRSoEB9J`ǥ-'w+mZvCǵF_DZ^-"Cϒ TEuk_ a A#ۓ>XV%҃њkYM#l+gxwF:=Z%LvARWp"I4#M"҄42׹ N/-yA롩8:-˝^I3?1^ک,dFP(ү[2hp*Gb76,A..vCl1C$Jo%84?[Rl?» #(u#Ӵ!xP_Mke)w`+͝*:Pf ucVry5(W¥l(p?sJ?@u~c_ PߘhX:H׆`9'J)A lvo ޏ ` -+=rrFDg&!4F]lӴ[H@3>WYfBd:3HK67tJL:'C%b裂`aޢncUa+_%oaPP!Ƈe?e&푥tv ~Qk{6IV?/HeB7V"/E$7o*QSjрj\T| ?k*p;TEv0aMut;lSo N5K%^#Ќd"Eh% rkRZgE;$3ף2v` $EsEEIyIEGGF_@sAbjJi*r!yU >qu \O~hnjh?r?W*ۙ'@3y>VTW\U%Lo`c}vǧWΐErcMrRk;7qY >1SN@4:5̓~UYK7Kc+<\Y| nS.ie%?0`Ñ $;PP/q`+;CY|U|G:C h!Ӏү/b $gѡZ@k8 NyF[i[r+Zo1Q Ots\z᳿ e|)D- 7=\[G*v_vS7m`;+8icOaPAJ17ðKxW҉3_r^'Ioh"e:Aq́Zc/ ʾ? %ICAXn5gtFnqlZV3+sEn" 祍0). ݋|TI֙D1M 9=x=폴5F",/ C텭,ʜcP>b^EX 8M/ Ns1,?pR^oweM2-2IGpU؝8KKrʆ;oH谦ߟSNrP̨qq)]Fy%3q+|(i('/6p[7Ɨ "B#o%#%QJFy)Q֛ ]FF)-so1VCn Z{76ec,5ۘsO ɎW5qˤu< اi`ǴRzt8 Dz1➼$2HmEꭸ><' QhEZ\hdʼngbl6uM5j6-քXS$4<-N[ma!| ]2*Ev >V H%Y]#QbSTG=eyRF TVC[ F;_!~xrVq>?E7B@x['o)N*3FCXr`Q7VC ;Y vJy&nzCZ!x7W.kpRokJ5S%AU$ &o֬MT\gi;FN^ĢY-[3%E`^,Tj%5艘W<0{46 %a1nw.ZFB};͏LZ{"[a 6zƬƣD¢ ε"J-MZrKuKYv,,JR]鏍l`ɄuMTh_X$m|?,ǟw/.2ćӲ]0VnrwH6Eeoآ [_ᚢ3E+U?x<$MHd^eSNi|iy֥wy_1zASp@m/g{&dwtXJ`І\s2BCP9[6s2q<~D&u=-p51f\5p!cKde7ʞs]~/V*l-߀0{xO NJy)i'{ӹJq*J79ަZ/T7'K_a? b7x)ј6vIGq>2818D9&ieoOc? \䄌MgݟJ\vw'ڙ ai1# E7jS@3Q=0y"P 8Ö]7?iQmk.$yWxj5bY1j ~g]X3;ZDDVp$Gۮڏ9tZ7pg䨩Jmo}ְ΀ $'baͲiPftcڡ!e-sMkq[*B z {5;uke ^u[gTpr#lTx1.=@7Z F<=ELt Yy]Tu]KYm%pz(p'pʖ`5m8>). l~H\tK='&"ECEmIuC&99| 7b^Pq, y3=qTب_gd=Kfoϭ]'&_0[ R7)XeHّKz~.uՕ+&[ܸ˛ejͦkd 8j7E%|XWc*-\˧/=PM Z=K 5 l^m-%->1ݶg;I rqe@t9\DU?CmI!`g<Yb1Ň>hv Q@8O͋2 zmznˏc q<#_<~Tt_f3ϸ\]d{W*6.م٢OT^*CU9Q_-30daq0;ٜH~'F#G^ڛ:FnBn1)Rq1o I+ .hlg8%dP *b`Wb;w2[#SI_zF%aHk\rWv8HTC^ GMFap~QLS Yvs4aAI}=TݜE13#,9lX+(v46KKLo`Jc8i '<~nk^r;R:GmC$1;nƱp[8m,t.bY=% 07HօD4܌SKZd%Tj+( t3gF'CT} C0֯CMYNFg2}?B` 2H q4 +^[nB̄+ϸ4^XeӒ6oBZ_'܃%)-pZEi?djUuwEHՈ%7drۺS*ÈguocQGxpc[hP~@B_j+A7Afc]yܚ/]: jթYE!duiBNC'Y3\諯}5BrY7&,*{G<#]"zxk-/qcQ\_` 52XU/#Ilju ˼eSѾ pbkn5 3N%A$ -bAzRr[#fox;HoHm;Yrn>jr",wܵm]  U=fnp[bg|`"'CvV }fbo6=B@sQ/Ú(.eg|RFj%nn "H-b;VFPFJ.$*S}ߒԍ)Gzū;3M@vmXc QMjkU||