libsepol-devel-2.5-8.1.el7> H HtxHFZԦi ?*}}B( {QetwZ(oy&ǔ&0a13ff14abd99fc7cdb5e1827b304c3d072c4f3635%̌{x׹kވFZԦi ?*}}GVB,2i~Wq-U9 ӿxV:yd >9X?Hd  `"* ;Q5d5 5 85  5 5 5555(890:;wG5H5It5XY\5]5^ bd.e3f6l8tP5u$5vw5xd5y8DClibsepol-devel2.58.1.el7Header files and libraries used to build policy manipulation toolsThe libsepol-devel package contains the libraries and header files needed for developing applications that manipulate binary policies.Zϒsl7.fnal.govScientific LinuxScientific LinuxLGPLv2+Scientific LinuxDevelopment/Librarieshttps://github.com/SELinuxProject/selinux/wikilinuxx86_64 )sA_sW.h eI  DRuj  V5c!C< AK = cA큤A큤A큤ZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒZϒ21fde75b853193535fdc200f6021c6924ee881d42d66821c08b33e6b4d85b89c3ef167b4bd5294b56a3c2bc1fb4b88abbd9eb85d06d25ea3e787a3e1591f768c9e3eddfb52420630086cdd1ad0f0dec05ef3a9c5fb008b34de68c711f18fbb4a20b2efb1672c0b0dca974f9d70490934d1e6941c70456613ab8a69adf8d8c32ef97fa19ca391987d7103a77fcdd2b522aec537b86989b3a91cd74b0db56176c960fd4582cdf838a6624547097de0d0a1dfd8af1caea28964d95f6b01194eb2738e313cf98a654c25045032ca19f9b67dcc13797d1fd853c8379471d1bbb4fa8f6d3931dae921a657e3c5bb9184ec997fe4958573d95d57079741b6322acfad2d0b541d24a03d0cff264b0790bcfebb67c5392e07bcf249193a674aa798c9307bad0ce6fa42860c56d566b4db3b8876550e2036ebc8f50e133a2e083e48cd07c9b321728402ace1a6d4defd0a1cee5be04df8db36f1274b8e3c264a36a231e5683f0548ccd2b6e8ce8f5c81a6f1f611855711ae8abebb304ba6b29ea83192479b229053ae5928d89251fddd30a2e84d81df34c5f7a601f2a9f854330475f4a4d60e1531b776094d1813c813f175ea01213b6810486cede41bb63fab5a499c24fdb417cdb451b91ff9091e39db039c058af0ccf7a2db3eedf159fdc3c5a84c2b4524e479ff08d978dd507481eaaed362f902daab8ee1813dce7f569848897fae24050e2ef11993c65e8c4048cf07067619e5af1f47552223e4abc297f1c55d9980cc51c656315b2aa1cdcb4930d4db49834ef89dcdc0931a31e1a150a0caf4978834fc676e92e8533de663651937ef61c06f2570e1dd56888d9f5885d496521ddee75fb7b86a483e8fb7091f7af24bfb46dfb89e6a140bb169809672270fd24e2066e856101ba9d12d2873d78ead638c720f8cc6918e4b9051b59ea34727242499236214431a9d695d9a78740c0618a0ddb913b5017e5c1050ea19a596caa34f62b39ba033dc8648b368d3652bb44100694c6162defcb54d357debc5ac4b5c282b781c89012de13a758c9f52152a10fd86b24f4d191ae13437679bfe4c07d7110a7d06fc35a814c349de63e907fcc65f2a4972d74e05361cd491944f2af5753ea834a00b7815585c2ef36a74cd1628492dec7b1f1b483159e24960336a1df80706f768ea4a83d1fa73558f59f38c078eadfff166f1c3be8bddfc5526a9c8febe14640fac1b16088366c812a0fa13c8f98b3e06ad5e727c45bee2071abc4d4ba65ead7bfe7e752d395e986240f608136f6f68ba82656bff2e7ee3300c326dcd33c9da60066e011d5cb7bc194e68aea47c4f518fe6879bed36f6832fd4fbddff1d1b11364795f0474739ecc3756cefb99f9d90a0c71544fb8a755c4839ffebe7f459ddd130c7cd9bcc9039463a0bc00a24ad8d6f31dacd3c7782cb0af36f44df329444ecd8c6c1ee87e550a1cc022f01824e7e145a1bc4cd2f52fc5c11ae364f5cd51be690686d10c6a005b94f08d0b0fc4146546d675178c3cfe985366f29821846b195f3930be9287fd1ad3da0749b65db1bad237f8872f240f8fcc8bfa73d632b4eeab18e8fe5c935f59b24eb5e02aaeb2cff463b56ad95a168d1d1488d9bed2b4574254c6d862efdb1b2d890cec3552488f6373219e445fbc897f12b75ec5d1df430917021c99d2858fe05a542c1502e59792492d52431c0cd8bc4e8e8f7a5d4dd1c1afd7b7a6dfe7f56c237af9abc05acc4961a814c9834335eb936afeca0f95e59e4d72cd4d127458d37c67d88225006699f8bfcd66da51e432ebe3253e3dcbfa8fcde3594677877b55b54d486c8f93a7ff8eca1e52d8065d8c3aad481699c7d2929715a92ef7ca990b9602d61878d8721084f6399978e1b8f7c1195a9af1d7060dcd26e3e369bb54356e144379c12abffabe2fb9897e017fc019f1c0b1313346b2d674409bd782a5dd186584745b5a6ce5c09a87dcb8c340f3688c9a46e82fcd71bc5fe0cab655b1aeffc8661aaab83df52379fa19acc2a523e06ca7e84587c43d179d2996fa5317e5c82908401b38e84270f6893220ca4b28b5f35e7d47b43a1e2480c06ae6a89c6cf449afb1cd9b711165405da4aacdad99487efa4541d61fb1ab4ec53919294f85b98793e42330ad1432b4593eb970fa2d3206785f09848d03a26ee8840f48a917d0482353f8e51ca56913be930a35fc82c113330a89flibsepol.so.1rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootlibsepol-2.5-8.1.el7.src.rpmlibsepol-devellibsepol-devel(x86-64)pkgconfig(libsepol)@@    /usr/bin/pkg-configlibsepol(x86-64)libsepol.so.1()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)2.5-8.1.el73.0.4-14.6.0-14.0-15.2-14.11.3YY@YX@W@W@WWq@W VIRURkQ@QQsP @P@P@P@PYPQPw@P@PO0@OD@O[@OtNON@N@N@Nܲ@NNNw.NqN_sNLN6@N/M@M@MM>M>MMQ0@MK}+Ka|@KJJս@JG@JjJS8III2HHHr@H^>HO@H=I@H1kG@G@GƢ@G@G@G[@G@GZ@G]*@GO@G0W@FIFFFvFɂ@FS@Fzh@F$F Eɿ@EE~El$EH@E>@E4E4E@D@D@D@DD@DB@D@DX@DDD|3Dr@DlaDhm@Dc'@D_2DU@D3@D*vD'D#@DDj@C@CCi@CtCtC@CCC@CCǖ@CáC[C @C @CC,C@CqCC+C@C{@CqCp@CoACiCiCf@CbC_oC^@C\CX@CTCTCTCP@COCJWCJWCFc@CECBnCA@C:C3@C1K@C/C)b@C(C%mC@CC CCB2@BB=B=B@BTB`@Bw@B@B@BۙBSB@B@B@BBB@B@BBn-@BlB^[@BIC@BBB9q@B06B-B$Y@BB@B@B LBX@A@AA3A(A%A$@A A@A @AVit Mojzis - 2.5-8.1Vit Mojzis - 2.5-7Petr Lautrbach 2.5-6Petr Lautrbach 2.5-5Petr Lautrbach 2.5-4Petr Lautrbach - 2.5-3Petr Lautrbach - 2.5-2.1Petr Lautrbach 2.5-1Daniel Mach - 2.1.9-3Daniel Mach - 2.1.9-2Dan Walsh - 2.1.9-1Dan Walsh - 2.1.8-8Dan Walsh - 2.1.8-7Dan Walsh - 2.1.8-6Dan Walsh - 2.1.8-5Dan Walsh - 2.1.8-4Dan Walsh - 2.1.8-3Dan Walsh - 2.1.8-2Dan Walsh - 2.1.8-1Dan Walsh - 2.1.7-4Dan Walsh - 2.1.7-3Fedora Release Engineering - 2.1.7-2Dan Walsh - 2.1.7-1Dan Walsh - 2.1.5-3Dan Walsh - 2.1.5-2Dan Walsh - 2.1.5-1Fedora Release Engineering - 2.1.4-6Dan Walsh - 2.1.4-5Dan Walsh - 2.1.4-4Dan Walsh - 2.1.4-3Dan Walsh - 2.1.4-2Dan Walsh - 2.1.4-1Dan Walsh - 2.1.3-2Dan Walsh - 2.1.3-1Dan Walsh - 2.1.2-3Dan Walsh - 2.1.2-2Dan Walsh - 2.1.2-0Dan Walsh 2.1.1-1Dan Walsh 2.1.0-1Dan Walsh 2.0.45-1Dan Walsh 2.0.44-2Dan Walsh 2.0.44-1Dan Walsh 2.0.43-3Dan Walsh 2.0.43-1Dan Walsh 2.0.42-3Fedora Release Engineering - 2.0.42-2Dan Walsh 2.0.42-1Dan Walsh 2.0.41-3Dan Walsh 2.0.41-2Dan Walsh 2.0.41-1Dan Walsh 2.0.40-1Dan Walsh 2.0.39-1Dan Walsh 2.0.38-1Fedora Release Engineering - 2.0.37-2Dan Walsh 2.0.37-1Dan Walsh 2.0.36-1Dan Walsh 2.0.35-3Fedora Release Engineering - 2.0.35-2Dan Walsh 2.0.34-1Dan Walsh 2.0.33-1Dan Walsh 2.0.32-1Dan Walsh 2.0.31-1Dan Walsh 2.0.30-1Dan Walsh 2.0.29-1Dan Walsh 2.0.28-1Dan Walsh 2.0.26-1Dan Walsh 2.0.25-1Dan Walsh 2.0.23-1Dan Walsh 2.0.21-1Dan Walsh 2.0.20-1Dan Walsh 2.0.19-1Dan Walsh 2.0.18-2Dan Walsh 2.0.18-1Dan Walsh 2.0.16-1Dan Walsh 2.0.15-1Dan Walsh 2.0.14-1Dan Walsh 2.0.11-1Dan Walsh 2.0.10-1Dan Walsh 2.0.9-1Dan Walsh 2.0.7-1Dan Walsh 2.0.6-1Dan Walsh 2.0.5-1Dan Walsh 2.0.4-1Dan Walsh 2.0.3-1Dan Walsh 2.0.2-1Dan Walsh 2.0.1-1Dan Walsh 1.16.0-1Adam Jackson 1.15.3-1Dan Walsh 1.15.3-1Dan Walsh 1.15.2-1Dan Walsh 1.15.1-1Dan Walsh 1.14-1Dan Walsh 1.12.28-1Dan Walsh 1.12.27-1Dan Walsh 1.12.26-1Dan Walsh 1.12.25-3Dan Walsh 1.12.25-2Dan Walsh 1.12.25-1Dan Walsh 1.12.24-1Dan Walsh 1.12.21-1Jesse Keating - 1.12.19-1.1Dan Walsh 1.12.19-1Bill Nottingham 1.12.17-2Dan Walsh 1.12.17-1Dan Walsh 1.12.14-1Dan Walsh 1.12.12-1Dan Walsh 1.12.11-1Dan Walsh 1.12.10-1Steve Grubb 1.12.9Dan Walsh 1.12.9-1Dan Walsh 1.12.6-1Dan Walsh 1.12.5-1Dan Walsh 1.12.4-1Dan Walsh 1.12.3-1Dan Walsh 1.12.2-1Dan Walsh 1.12.1-1Dan Walsh 1.12-2Dan Walsh 1.11.18-2Dan Walsh 1.11.18-1Dan Walsh 1.11.17-1Dan Walsh 1.11.14-2Dan Walsh 1.11.14-1Jesse Keating - 1.11.13-1.1Dan Walsh 1.11.13-1Jesse Keating - 1.11.12-1.1Dan Walsh 1.11.12-1Dan Walsh 1.11.10-1Dan Walsh 1.11.9-1Dan Walsh 1.11.8-1Dan Walsh 1.11.7-1Dan Walsh 1.11.5-1Dan Walsh 1.11.4-1Dan Walsh 1.11.2-2Dan Walsh 1.11.1-2Dan Walsh 1.11.1-1Jesse Keating Dan Walsh 1.10-1Dan Walsh 1.9.42-1Dan Walsh 1.9.41-1Dan Walsh 1.9.40-1Dan Walsh 1.9.39-1Dan Walsh 1.9.38-1Dan Walsh 1.9.37-1Dan Walsh 1.9.36-1Dan Walsh 1.9.35-1Dan Walsh 1.9.34-1Dan Walsh 1.9.33-1Dan Walsh 1.9.32-1Dan Walsh 1.9.30-1Dan Walsh 1.9.26-1Dan Walsh 1.9.25-1Dan Walsh 1.9.23-1Dan Walsh 1.9.21-1Dan Walsh 1.9.19-1Dan Walsh 1.9.18-1Dan Walsh 1.9.17-2Dan Walsh 1.9.17-1Dan Walsh 1.9.14.1-1Dan Walsh 1.9.12-1Dan Walsh 1.9.11-1Dan Walsh 1.9.10-1Dan Walsh 1.9.8-1Dan Walsh 1.9.7-1Dan Walsh 1.9.6-1Dan Walsh 1.9.5-1Dan Walsh 1.9.4-1Dan Walsh 1.9.3-1Dan Walsh 1.9.1-2Dan Walsh 1.9.1-1Dan Walsh 1.7.24-1Dan Walsh 1.7.22-1Dan Walsh 1.7.20-1Dan Walsh 1.7.19-1Dan Walsh 1.7.17-1Dan Walsh 1.7.15-1Dan Walsh 1.7.14-1Dan Walsh 1.7.13-1Dan Walsh 1.7.12-1Dan Walsh 1.7.11-1Dan Walsh 1.7.10-1Dan Walsh 1.7.9-1Dan Walsh 1.7.6-2Dan Walsh 1.7.6-1Dan Walsh 1.7.5-2Dan Walsh 1.7.5-1Dan Walsh 1.7.3-1Dan Walsh 1.7-2Dan Walsh 1.7-1Dan Walsh 1.6-1Dan Walsh 1.5.10-1Dan Walsh 1.5.9-2Dan Walsh 1.5.8-2Dan Walsh 1.5.8-1Dan Walsh 1.5.7-1Dan Walsh 1.5.6-1Dan Walsh 1.5.5-2Dan Walsh 1.5.5-1Dan Walsh 1.5.3-1Dan Walsh 1.5.2-2Dan Walsh 1.5.2-1Dan Walsh 1.4-1Dan Walsh 1.3.8-1Dan Walsh 1.3.7-1Dan Walsh 1.3.6-3Dan Walsh 1.3.6-1Dan Walsh 1.3.5-1Dan Walsh 1.3.2-1Dan Walsh 1.3.1-1Dan Walsh 1.2.1.1-1Dan Walsh 1.2.1-1Dan Walsh 1.1.1-2Dan Walsh 1.1.1-1Colin Walters 1.0-2Colin Walters 1.0-1Dan Walsh 0.4.2-1Bill Nottingham 0.4.1-2Dan Walsh 0.4.1-1Dan Walsh 0.4.1-1Dan Walsh 0.3.1-1- Define nnp_nosuid_transition policy capability (rhbz#1480519) - use IN6ADDR_ANY_INIT to initialize IPv6 addresses - Allow runtime labeling of ibendports (rhbz#1464489) - Allow runtime labeling of Infiniband Pkeys (rhbz#1464489) - Add IB end port handling to CIL (rhbz#1464489) - Add ibendport ocontext handling (rhbz#1464489) - Add support for ibendportcon labels (rhbz#1464489) - Add Infiniband Pkey handling to CIL (rhbz#1464489) - Add ibpkey ocontext handling (rhbz#1464489) - Add support for ibpkeycon labels (rhbz#1464489) - Remove unused attribute on a used argument from avrule_read() (rhbz#1464489) - Add binary module support for xperms - Add support for converting extended permissions to CIL- Define cgroup_seclabel policy capability (rhbz#1493517) - Fix unitialized jmp and invalid dereference- Fix memory leak in expand.c - Fix invalid read when policy file is corrupt - Fix possible use of uninitialized variables- Warn instead of fail if permission is not resolved - Ignore object_r when adding userrole mappings to policydb- Add missing return to sepol_node_query()- Correctly detect unknown classes in sepol_string_to_security_class - Sort object files for deterministic linking order - Fix neverallowxperm checking on attributes - Remove libsepol.map when cleaning - Add high-level language line marking support to CIL - Change logic of bounds checking to match change in kernel - Fix multiple spelling errors - Only apply bounds checking to source types in rules - Fix CIL and not add an attribute as a type in the attr_type_map - Build policy on systems not supporting DCCP protocol - Fix extended permissions neverallow checking - Fix CIL neverallow and bounds checking - Android.mk: Add -D_GNU_SOURCE to common_cflags- Fix bug in CIL when resetting classes - Add support for portcon dccp protocol- Update to upstream release 2016-02-23- Mass rebuild 2014-01-24- Mass rebuild 2013-12-27- Update to upstream * filename_trans: use some better sorting to compare and merge * coverity fixes * implement default type policy syntax * Fix memory leak issues found by Klocwork - Add CONTRAINT_NAMES to the kernel- Update to latest patches from eparis/Upstream- Update to latest patches from eparis/Upstream- Fix libsepol.stack messages in audit2allow/audit2why- Update to latest patches from eparis/Upstream- Update Richard Haines patch to show constraint information- Add sepol_compute_av_reason_buffer patch from Richard Haines- Revert patch that was attempting to expand filetrans attributes, but is breaking filetrans rules- Update to upstream * fix neverallow checking on attributes * Move context_copy() after switch block in ocontext_copy_*(). * check for missing initial SID labeling statement. * Add always_check_network policy capability * role_fix_callback skips out-of-scope roles during expansion.- Try new patches- Revert patches- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Update to upstream * reserve policycapability for redhat testing of ptrace child * cosmetic changes to make the source easier to read * prepend instead of append to filename_trans list * Android/MacOS X build support * allocate enough space to hold filename in trans rules- Fix off by one error that is causing file_name transition rules to be expanded- incorrectly on i686 machines- Add support for ptrace_child- Update to upstream * checkpolicy: implement new default labeling behaviors- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Update to match eparis pool- Additional fix for default transitioning labeling for semodule- Add Eparis patch for handling of default transition labeling- Allow policy to specify the source of target for generating the default user,role - or mls label for a new target.- Update to upstream * regenerate .pc on VERSION change * Move ebitmap_* functions from mcstrans to libsepol * expand: do filename_trans type comparison on mapped representation-The filename_trans code had a bug where duplicate detection was being done between the unmapped type value of a new rule and the type value of rules already in policy. This meant that duplicates were not being silently dropped and were instead outputting a message that there was a problem. It made things hard because the message WAS using the mapped type to convert to the string representation, so it didn't look like a dup!-Update to upstream * Skip writing role attributes for policy.X and * Indicate when boolean is indeed a tunable. * Separate tunable from boolean during compile. * Write and read TUNABLE flags in related * Copy and check the cond_bool_datum_t.flags during link. * Permanently discard disabled branches of tunables in * Skip tunable identifier and cond_node_t in expansion. * Create a new preserve_tunables flag * Preserve tunables when required by semodule program. * setools expects expand_module_avrules to be an exported * tree: default make target to all not- Add patch to handle preserving tunables- export expand_module_avrules- Update to upstream * Only call role_fix_callback for base.p_roles during expansion. * use mapped role number instead of module role number- Update to upstream * Minor fix to reading policy with filename transition rules- Update to upstream * Release, minor version bump- Update to upstream * Warn if filename_trans rules are dropped by Steve Lawrence.- Fixes for new role_transition class field by Eric Paris.-Update to upstream * Fixes for new role_transition class field by Eric Paris. * Add libsepol support for filename_trans rules by Eric Paris.- re-add Erics patch for filename transitions-Update to upstream * Add new class field in role_transition by Harry Ciao.- Apply Eparis Patch This patch add libsepol support for filename_trans rules. These rules allow on to make labeling decisions for new objects based partially on the last path component. They are stored in a list. If we find that the number of rules grows to an significant size I will likely choose to store these in a hash, both in libsepol and in the kernel. But as long as the number of such rules stays small, this should be good.- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Upgrade to latest from NSA * Fix compliation under GCC 4.6 by Justin Mattock- Fix libsepol.pc file- Resolve specfile problems Resolves: #555835- Upgrade to latest from NSA * Fixed typo in error message from Manoj Srivastava.- Upgrade to latest from NSA * Add pkgconfig file from Eamon Walsh.- Upgrade to latest from NSA * Add support for building Xen policies from Paul Nuzzi.- Upgrade to latest from NSA * Check last offset in the module package against the file size. Reported by Manoj Srivastava for bug filed by Max Kellermann.- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- Upgrade to latest from NSA * Add method to check disable dontaudit flag from Christopher Pardy.- Upgrade to latest from NSA * Fix boolean state smashing from Joshua Brindle.- Fix license specification to be LGPL instead of GPL* Wed Feb 18 2009 Dan Walsh 2.0.35-1 - Upgrade to latest from NSA * Fix alias field in module format, caused by boundary format change from Caleb Case.- Upgrade to latest from NSA * Add bounds support from KaiGai Kohei. * Fix invalid aliases bug from Joshua Brindle.- Upgrade to latest from NSA * Revert patch that removed expand_rule.- Upgrade to latest from NSA * Allow require then declare in the source policy from Joshua Brindle.- Upgrade to latest from NSA * Fix mls_semantic_level_expand() to handle a user require w/o MLS information from Stephen Smalley.- Upgrade to latest from NSA * Fix endianness bug in the handling of network node addresses from Stephen Smalley. Only affects big endian platforms. Bug reported by John Weeks of Sun upon policy mismatch between x86 and sparc.- Upgrade to latest from NSA * Merge user and role mapping support from Joshua Brindle.- Upgrade to latest from NSA * Fix mls_level_convert() to gracefully handle an empty user declaration/require from Stephen Smalley. * Belatedly merge test for policy downgrade from Todd Miller.- Upgrade to latest from NSA * Add permissive domain support from Eric Paris.- Upgrade to latest from NSA * Drop unused ->buffer field from struct policy_file. * Add policy_file_init() initalizer for struct policy_file and use it, from Todd C. Miller.- Upgrade to latest from NSA * Accept "Flask" as an alternate identifier string in kernel policies from Stephen Smalley. * Add support for open_perms policy capability from Eric Paris.- Upgrade to latest from NSA * Fix invalid memory allocation in policydb_index_others() from Jason Tang.- Upgrade to latest from NSA * Port of Yuichi Nakamura's tune avtab to reduce memory usage patch from the kernel avtab to libsepol from Stephen Smalley.- Upgrade to latest from NSA * Add support for consuming avrule_blocks during expansion to reduce peak memory usage.- Fixed for spec review- Upgrade to latest from NSA * Added support for policy capabilities from Todd Miller. * Prevent generation of policy.18 with MLS enabled from Todd Miller.- Upgrade to latest from NSA * print module magic number in hex on mismatch, from Todd Miller.- Upgrade to latest from NSA * clarify and reduce neverallow error reporting from Stephen Smalley.- Upgrade to latest from NSA * Reject self aliasing at link time from Stephen Smalley. * Allow handle_unknown in base to be overridden by semanage.conf from Stephen Smalley. * Fixed bug in require checking from Stephen Smalley. * Added user hierarchy checking from Todd Miller.* Pass CFLAGS to CC even on link command, per Dennis Gilmore.- Upgrade to latest from NSA * Merged support for the handle_unknown policydb flag from Eric Paris.- Upgrade to latest from NSA * Moved next_entry and put_entry out-of-line to reduce code size from Ulrich Drepper. * Fixed module_package_read_offsets bug introduced by the prior patch.- Upgrade to latest from NSA * Eliminate unaligned accesses from policy reading code from Stephen Smalley.- Upgrade to latest from NSA * Allow dontaudits to be turned off during policy expansion- Upgrade to latest from NSA * Fix sepol_context_clone to handle a NULL context correctly. This happens for e.g. semanage_fcontext_set_con(sh, fcontext, NULL) to set the file context entry to "<>". - Apply patch from Joshua Brindle to disable dontaudit rules- Upgrade to latest from NSA * Merged error handling patch from Eamon Walsh.- Upgrade to latest from NSA * Merged add boolmap argument to expand_module_avrules() from Chris PeBenito.- Upgrade to latest from NSA * Merged fix from Karl to remap booleans at expand time to avoid holes in the symbol table.- Upgrade to latest from NSA * Merged libsepol segfault fix from Stephen Smalley for when sensitivities are required but not present in the base. * Merged patch to add errcodes.h to libsepol by Karl MacMillan.- Upgrade to latest from NSA * Updated version for stable branch.- Add dist tag and rebuild, fixes 6 to 7 upgrades.- Upgrade to latest from NSA * Merged patch to compile wit -fPIC instead of -fpic from Manoj Srivastava to prevent hitting the global offest table limit. Patch changed to include libselinux and libsemanage in addition to libselinux.- Upgrade to latest from NSA * Merged fix from Karl MacMillan for a segfault when linking non-MLS modules with users in them.- Upgrade to latest from NSA * Merged fix for version comparison that was preventing range transition rules from being written for a version 5 base policy from Darrel Goeddel.- NSA Released version - Same as previous but changed release number- Upgrade to latest from NSA * Build libsepol's static object files with -fpic- Upgrade to latest from NSA * Merged mls user and range_transition support in modules from Darrel Goeddel- Upgrade to latest from NSA * Merged range transition enhancements and user format changes Darrel Goeddel- Fix location of include directory to devel package- Remove invalid Requires- Upgrade to latest from NSA * Merged conditionally expand neverallows patch from Jeremy Mowery. * Merged refactor expander patch from Jeremy Mowery.- Upgrade to latest from NSA * Merged libsepol unit tests from Joshua Brindle. * Merged symtab datum patch from Karl MacMillan. * Merged netfilter contexts support from Chris PeBenito.- Upgrade to latest from NSA * Merged helpful hierarchy check errors patch from Joshua Brindle. * Merged semodule_deps patch from Karl MacMillan. This adds source module names to the avrule decls.- rebuild- Upgrade to latest from NSA * Lindent. * Merged optionals in base take 2 patch set from Joshua Brindle.- bump so it's newer than the FC5 version- Upgrade to latest from NSA * Revert 1.12.16. * Merged cleaner fix for bool_ids overflow from Karl MacMillan, replacing the prior patch. * Merged fixes for several memory leaks in the error paths during policy read from Serge Hallyn.- Upgrade to latest from NSA * Fixed bool_ids overflow bug in cond_node_find and cond_copy_list, based on bug report and suggested fix by Cedric Roux. * Merged sens_copy_callback, check_role_hierarchy_callback, and node_from_record fixes from Serge Hallyn.- Upgrade to latest from NSA * Added sepol_policydb_compat_net() interface for testing whether a policy requires the compatibility support for network checks to be enabled in the kernel.- Upgrade to latest from NSA * Merged patch to initialize sym_val_to_name arrays from Kevin Carr. Reworked to use calloc in the first place, and converted some other malloc/memset pairs to calloc calls.- Upgrade to latest from NSA * Merged patch to revert role/user decl upgrade from Karl MacMillan.- Couple minor spec file clean ups- Upgrade to latest from NSA * Dropped tests from all Makefile target. * Merged fix warnings patch from Karl MacMillan. * Merged libsepol test framework patch from Karl MacMillan.- Upgrade to latest from NSA * Fixed cond_normalize to traverse the entire cond list at link time.- Upgrade to latest from NSA * Merged fix for leak of optional package sections from Ivan Gyurdiev.- Upgrade to latest from NSA * Generalize test for bitmap overflow in ebitmap_set_bit.- Upgrade to latest from NSA * Fixed attr_convert_callback and expand_convert_type_set typemap bug.- Upgrade to latest from NSA * Fixed avrule_block_write num_decls endian bug.- Upgrade to latest from NSA * Fixed sepol_module_package_write buffer overflow bug.- Upgrade to latest from NSA * Updated version for release. * Merged cond_evaluate_expr fix from Serge Hallyn (IBM). * Fixed bug in copy_avrule_list reported by Ivan Gyurdiev. * Merged sepol_policydb_mls_enabled interface and error handling changes from Ivan Gyurdiev.- Rebuild for fc5-head- Upgrade to latest from NSA * Merged node_expand_addr bugfix and node_compare* change from Ivan Gyurdiev.- Upgrade to latest from NSA * Merged nodes, ports: always prepend patch from Ivan Gyurdiev. * Merged bug fix patch from Ivan Gyurdiev. * Added a defined flag to level_datum_t for use by checkpolicy. * Merged nodecon support patch from Ivan Gyurdiev. * Merged cleanups patch from Ivan Gyurdiev.- Fix post install not to fire if /dev/initctr does not exist- Upgrade to latest from NSA * Merged optionals in base patch from Joshua Brindle.- bump again for double-long bug on ppc(64)- Upgrade to latest from NSA * Merged seuser/user_extra support patch from Joshua Brindle. * Merged fix patch from Ivan Gyurdiev.- rebuilt for new gcc4.1 snapshot and glibc changes- Upgrade to latest from NSA * Merged assertion copying bugfix from Joshua Brindle. * Merged sepol_av_to_string patch from Joshua Brindle. * Merged clone record on set_con patch from Ivan Gyurdiev.- Upgrade to latest from NSA * Merged cond_expr mapping and package section count bug fixes from Joshua Brindle. * Merged improve port/fcontext API patch from Ivan Gyurdiev. * Merged fixes for overflow bugs on 64-bit from Ivan Gyurdiev.- Upgrade to latest from NSA * Merged size_t -> unsigned int patch from Ivan Gyurdiev.- Upgrade to latest from NSA * Merged 2nd const in APIs patch from Ivan Gyurdiev.- Upgrade to latest from NSA * Merged const in APIs patch from Ivan Gyurdiev. * Merged compare2 function patch from Ivan Gyurdiev. * Fixed hierarchy checker to only check allow rules.- Upgrade to latest from NSA * Merged further fixes from Russell Coker, specifically: - av_to_string overflow checking - sepol_context_to_string error handling - hierarchy checking memory leak fixes and optimizations - avrule_block_read variable initialization * Marked deprecated code in genbools and genusers.- Upgrade to latest from NSA * Merged bugfix for sepol_port_modify from Russell Coker. * Fixed bug in sepol_iface_modify error path noted by Ivan Gyurdiev. * Merged port ordering patch from Ivan Gyurdiev.- Upgrade to latest from NSA * Merged patch series from Ivan Gyurdiev. This includes patches to: - support ordering of records in compare function - enable port interfaces - add interfaces for context validity and range checks - add include guards- Add Ivans patch to make ports work- Upgrade to latest from NSA * Fixed mls_range_cpy bug.- rebuilt- Upgrade to latest from NSA- Upgrade to latest from NSA * Dropped handle from user_del_role interface.- Upgrade to latest from NSA * Merged remove defrole from sepol patch from Ivan Gyurdiev.- Upgrade to latest from NSA * Merged module function and map file cleanup from Ivan Gyurdiev. * Merged MLS and genusers cleanups from Ivan Gyurdiev.- Upgrade to latest from NSA Prepare for removal of booleans* and *.users files. * Cleaned up sepol_genbools to not regenerate the image if there were no changes in the boolean values, including the degenerate case where there are no booleans or booleans.local files. * Cleaned up sepol_genusers to not warn on missing local.users.- Upgrade to latest from NSA * Removed sepol_port_* from libsepol.map, as the port interfaces are not yet stable.- Upgrade to latest from NSA * Merged context destroy cleanup patch from Ivan Gyurdiev.- Upgrade to latest from NSA * Merged context_to_string interface change patch from Ivan Gyurdiev.- Upgrade to latest from NSA * Added src/dso.h and src/*_internal.h. Added hidden_def for exported symbols used within libsepol. Added hidden for symbols that should not be exported by the wildcards in libsepol.map.- Upgrade to latest from NSA * Merged record interface, record bugfix, and set_roles patches from Ivan Gyurdiev.- Upgrade to latest from NSA * Merged count specification change from Ivan Gyurdiev.- Upgrade to latest from NSA * Added further checking and error reporting to sepol_module_package_read and _info. * Merged sepol handle passing, DEBUG conversion, and memory leak fix patches from Ivan Gyurdiev.- Upgrade to latest from NSA * Removed processing of system.users from sepol_genusers and dropped delusers logic. * Removed policydb_destroy from error path of policydb_read, since create/init/destroy/free of policydb is handled by the caller now. * Fixed sepol_module_package_read to handle a failed policydb_read properly. * Merged query/exists and count patches from Ivan Gyurdiev. * Merged fix for pruned types in expand code from Joshua Brindle. * Merged new module package format code from Joshua Brindle.- Upgrade to latest from NSA * Merged context interface cleanup, record conversion code, key passing, and bug fix patches from Ivan Gyurdiev.- Upgrade to latest from NSA * Merged users cleanup patch from Ivan Gyurdiev. * Merged user record memory leak fix from Ivan Gyurdiev. * Merged reorganize users patch from Ivan Gyurdiev. - Need to check for /sbin/telinit- Upgrade to latest from NSA * Added check flag to expand_module() to control assertion and hierarchy checking on expansion. * Reworked check_assertions() and hierarchy_check_constraints() to take handles and use callback-based error reporting. * Changed expand_module() to call check_assertions() and hierarchy_check_constraints() prior to returning the expanded policy.- Upgrade to latest from NSA * Changed sepol_module_package_set_file_contexts to copy the file contexts data since it is internally managed. * Added sepol_policy_file_set_handle interface to associate a handle with a policy file. * Added handle argument to policydb_from_image/to_image. * Added sepol_module_package_set_file_contexts interface. * Dropped sepol_module_package_create_file interface. * Reworked policydb_read/write, policydb_from_image/to_image, and sepol_module_package_read/write to use callback-based error reporting system rather than DEBUG.- Upgrade to latest from NSA * Reworked link_packages, link_modules, and expand_module to use callback-based error reporting system rather than error buffering.- Upgrade to latest from NSA * Merged conditional expression mapping fix in the module linking code from Joshua Brindle.- Tell init to reexec itself in post script- Upgrade to latest from NSA * Hid sepol_module_package type definition, and added get interfaces. * Merged new callback-based error reporting system from Ivan Gyurdiev. * Merged support for require blocks inside conditionals from Joshua Brindle (Tresys).- Upgrade to latest from NSA * Fixed use of policydb_from_image/to_image to ensure proper init of policydb. * Isolated policydb internal headers under . These headers should only be used by users of the static libsepol. Created new with new public types and interfaces for shared libsepol. Created new with public types and interfaces moved or wrapped from old module.h, link.h, and expand.h, adjusted for new public types for policydb and policy_file. Added public interfaces to libsepol.map. Some implementation changes visible to users of the static libsepol: 1) policydb_read no longer calls policydb_init. Caller must do so first. 2) policydb_init no longer takes policy_type argument. Caller must set policy_type separately. 3) expand_module automatically enables the global branch. Caller no longer needs to do so. 4) policydb_write uses the policy_type and policyvers from the policydb itself, and sepol_set_policyvers() has been removed.- Upgrade to latest from NSA * Merged function renaming and static cleanup from Ivan Gyurdiev.- Upgrade to latest from NSA * Merged bug fix for check_assertions handling of no assertions from Joshua Brindle (Tresys).- Upgrade to latest from NSA * Merged iterate patch from Ivan Gyurdiev. * Merged MLS in modules patch from Joshua Brindle (Tresys).- Upgrade to latest from NSA * Merged pointer typedef elimination patch from Ivan Gyurdiev. * Merged user list function, new mls functions, and bugfix patch from Ivan Gyurdiev.- Upgrade to latest from NSA * Merged sepol_get_num_roles fix from Karl MacMillan (Tresys).- Upgrade to latest from NSA * Merged bug fix patches from Joshua Brindle (Tresys).- Upgrade to latest from NSA * Merged boolean record and memory leak fix patches from Ivan Gyurdiev.- Upgrade to latest from NSA * Merged interface record patch from Ivan Gyurdiev.- Upgrade to latest from NSA * Merged fix for sepol_enable/disable_debug from Ivan Gyurdiev.- Upgrade to latest from NSA * Merged stddef.h patch and debug conversion patch from Ivan Gyurdiev.- Upgrade to latest from NSA * Fixed expand_avtab and expand_cond_av_list to keep separate entries with identical keys but different enabled flags. * Updated version for release.- Upgrade to latest from NSA * Fixed symtab_insert return value for duplicate declarations. * Merged fix for memory error in policy_module_destroy from Jason Tang (Tresys).- Upgrade to latest from NSA * Merged fix for memory leak in sepol_context_to_sid from Jason Tang (Tresys). * Merged fixes for resource leaks on error paths and change to scope_destroy from Joshua Brindle (Tresys).- Upgrade to latest from NSA * Merged more fixes for resource leaks on error paths from Serge Hallyn (IBM). Bugs found by Coverity.- Upgrade to latest from NSA * Changed to treat all type conflicts as fatal errors. * Merged several error handling fixes from Serge Hallyn (IBM). Bugs found by Coverity.- Upgrade to latest from NSA * Fixed several memory leaks found by valgrind.- Upgrade to latest from NSA * Fixed empty list test in cond_write_av_list. Bug found by Coverity, reported by Serge Hallyn (IBM). * Merged patch to policydb_write to check errors when writing the type->attribute reverse map from Serge Hallyn (IBM). Bug found by Coverity. * Fixed policydb_destroy to properly handle NULL type_attr_map or attr_type_map.- Upgrade to latest from NSA * Fixed empty list test in cond_write_av_list. Bug found by Coverity, reported by Serge Hallyn (IBM). * Merged patch to policydb_write to check errors when writing the type->attribute reverse map from Serge Hallyn (IBM). Bug found by Coverity. * Fixed policydb_destroy to properly handle NULL type_attr_map or attr_type_map.- Upgrade to latest from NSA * Improved memory use by SELinux by both reducing the avtab node size and reducing the number of avtab nodes (by not expanding attributes in TE rules when possible). Added expand_avtab and expand_cond_av_list functions for use by assertion checker, hierarchy checker, compatibility code, and dispol. Added new inline ebitmap operators and converted existing users of ebitmaps to the new operators for greater efficiency. Note: The binary policy format version has been incremented to version 20 as a result of these changes.- Upgrade to latest from NSA * Fixed bug in constraint_node_clone handling of name sets.- Upgrade to latest from NSA * Fix range_trans_clone to map the type values properly.- Upgrade to latest from NSA * Merged patch to move module read/write code from libsemanage to libsepol from Jason Tang (Tresys).- Upgrade to latest from NSA * Enabled further compiler warning flags and fixed them. * Merged user, context, port records patch from Ivan Gyurdiev. * Merged key extract function patch from Ivan Gyurdiev. * Merged mls_context_to_sid bugfix from Ivan Gyurdiev.- Fix MLS Free- Upgrade to latest from NSA * Merged context reorganization, memory leak fixes, port and interface loading, replacements for genusers and genbools, debug traceback, and bugfix patches from Ivan Gyurdiev. * Merged uninitialized variable bugfix from Dan Walsh.- Fix unitialized variable problem- Upgrade to latest from NSA * Merged debug support, policydb conversion functions from Ivan Gyurdiev (Red Hat). * Removed genpolbools and genpolusers utilities. * Merged hierarchy check fix from Joshua Brindle (Tresys).- Upgrade to latest from NSA * Merged header file cleanup and memory leak fix from Ivan Gyurdiev (Red Hat). * Merged genbools debugging message cleanup from Red Hat.- Remove genpolbools and genpoluser- Upgrade to latest from NSA * Merged loadable module support from Tresys Technology.- Upgrade to latest from NSA * Updated version for release.- Fix reset booleans warning message - Upgrade to latest from NSA * License changed to LGPL v2.1, see COPYING.- Upgrade to latest from NSA * Added sepol_genbools_policydb and sepol_genusers_policydb for audit2why.- export sepol_context_to_sid- Upgrade to latest from NSA * Added sepol_ prefix to Flask types to avoid namespace collision with libselinux.- Upgrade to latest from NSA * Added sepol_compute_av_reason() for audit2why.- Upgrade to latest from NSA * Fixed bug in role hierarchy checker.- Fixes found via intel compiler- Update from NSA- Update from NSA- Handle booleans.local- Update to latest from NSA * Added man page for sepol_check_context. * Added man page for sepol_genusers function. * Merged man pages for genpolusers and chkcon from Manoj Srivastava.- Update to latest from NSA- Update to latest from NSA * Cleaned up error handling in sepol_genusers and sepol_genbools.- Update to latest from NSA * Merged sepol_debug and fclose patch from Dan Walsh.- Make sure local_files file pointer is closed - Stop outputing error messages- Update to latest from NSA * Changed sepol_genusers to also use getline and correctly handle EOL.- Update to latest from NSA * Merged endianness and compute_av patches from Darrel Goeddel (TCS). * Merged range_transition support from Darrel Goeddel (TCS). * Added sepol_genusers function.- Update to latest from NSA * Changed relabel Makefile target to use restorecon.- Update to latest from NSA * Merged enhanced MLS support from Darrel Goeddel (TCS).- Update to latest from NSA * Merged build fix patch from Manoj Srivastava.- Update to latest from NSA- Add optargs for build- New version from NSA- Apply Stephen's chkcon patch- New upstream version- Newversion from upstream implementing stringcase compare- ldconfig tweaks- Ignore case of true/false- New version from NSA- Initial version - Created by Stephen Smalley   !"#$%&'()*+,-./0123452.5-8.1.el72.5-8.1.el72.5sepolboolean_record.hbooleans.hcilcil.hcontext.hcontext_record.hdebug.herrcodes.hhandle.hibendport_record.hibendports.hibpkey_record.hibpkeys.hiface_record.hinterfaces.hmodule.hmodule_to_cil.hnode_record.hnodes.hpolicydbpolicydb.havrule_block.havtab.hconditional.hconstraint.hcontext.hebitmap.hexpand.hflask.hflask_types.hhashtab.hhierarchy.hlink.hmls_types.hmodule.hpolcaps.hpolicydb.hservices.hsidtab.hsymtab.hutil.hport_record.hports.hroles.hsepol.huser_record.husers.hlibsepol.solibsepol.pcsepol_check_context.3.gzsepol_genbools.3.gzsepol_genusers.3.gz/usr/include//usr/include/sepol//usr/include/sepol/cil//usr/include/sepol/policydb//usr/lib64//usr/lib64/pkgconfig//usr/share/man/man3/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=genericcpioxz9x86_64-redhat-linux-gnudirectoryC source, ASCII textASCII textpkgconfig filetroff or preprocessor input, ASCII text (gzip compressed data, from Unix, max compression)RPR?p7zXZ !X gy] crt:bLLl_&N~T4ĀkwNnkĹb"+qBzXیU5sl瘨k-E7h2bw 12)A?F[IJQ j4{62a8;`iƐ}ˋrk% \! ~X!\3.7Ý YE,;tEHdR;p//â<=W 7aުY "Tvx8ҋR zM>ƻ9Z )C*^EP^U'wvŚN8t)|.Hk]F' Z Ionq7p"K 0;xf]7Yn[2^ۯi0)2wr"ŴpSYB{43uCo˦z-1z~TT]Zr ߒg;XG[pU 70Q䶣'-AZ:'F{ 9f+qT qUQJpX,qk߇.|9\f@0q]/D86v Ҏ31 S߷E=N@c쪻%GMJzÛDb|Ϗǒ%Gtn[ag}}9<{#`|l0dyuk!:ϑCh<; w=ٙ$ dP/`sKv`y ɀ1'&.3ЩUr e+ U-ECzrb򞸊o.*mVnJX}sW2pMvbT%pNkBa`C4ataKDJr-iQdb@e'Ghqw9?r tp~Ub }q7r!uB^kȡz#ٶq싥E(37Hc'_oER-(+ 8a`(Ɩ_P0RP U.'S)WrC7ƶ1ZBڌOT8LU6 Ew}rv$ Ko%W`o2P8ۈrL. [nF?5^j'3%knUt˧ˆ&+ €Ռ߁E7),~$X:^N˅Ri[m_U#m}rR:}B|NN+L{%hxїjg]tL,6Dp%bÐ4QUFvהBWP#Í3D|G6`Ĩh컯uV-jW6wS.p+ԧ9OTN% @[#2-U-IAڬ=I{;$fЗ`](Z5cd<=ttq8} 0hkˉ;ӊJߠcW"Aa}k1'fa 9iϭ6|.ED+x6D`Ӭ`lO.1ӂY6RDx#tsrO5c.]2:]|+qP4F.nљ[*$Lg&d 9-h܀geA,Le8a zLĐps:nef|M ?DvݸN %Z~;A‚Au~4'_cBwg3ʮS | Hx")~8,;<@�^£> Z1S=a9BJ¶Eom`9. <$tjP8JpI'zUjV^v )?ÃTikV˄!ю0;-boSI*BFeJ.c !} B~/D`bd35Ol<6.֤%񈽬#sw JL8kW.&d<ڌe뛜Q%{)?/%?&AVE*64|`Bs y4yOa#pUEh݃_XZe]g98ؖ8.p,0T=D'*+q m'RdFF{T+:x_ꔦ 0\O|*~CJFnq;ċ!AV͇V7 7q /+;o?u8q5~KX(zG39? (movT`p x?ZM"t@L=Lh;25WO9rns2o!m6tK:ҨU#9-#!6iw7˚Kr# ;TXzTW/Kmx0#+ߺR9RfWj?ԗ_Br{F /~mM-r۾ 4P}STYa`wpE=<~a(QG8r:\=e*ɁQn#@1"/aAcx0NW=2U@a2oӚ-pm=$( D~g1,[ .\Id43nN>L۷F6հ/ܧF=1'kZH{"|\BP\&FQ3MkPlQR'jÁd&ZHƩwk5/M@Y_7v6+kE/Eٗ=Y,t:o (Vg S`5j4[~:H+B^] "Kaz,ˀBŒȞgQ D>&iQgGT~lslNpd\=8ೆIG0AS5AI/Et{I:^[Kw7pJZOs~llBV#Z /*\|<oYr+n@5D]U1೒z˕}^K 9v0gP ɸ-NqiyJ{-v8-!7 5+ؐMx}r]8i2@.L5>K1Z#FS{m3?idԳ#j,"w #UPo Ƌ-O?&c mTDHDοE|ZbW4$qs`xEWdUcn6/ʋAPֶu#?W8H[jh8A2xF Qܨ$5T>c]c2!* %Hߘ566e /%a=$AzH stA)GRd uA' A᪋4rԇ]k"JlUTE^my{IJ| P3Sp12d`o쨔|]0t-X9!Ŭd`~+BLκ9\eMq6DD}w.r;;2`0%ctwuYl](}2O7g Hy3PijII@HƋHF'Nғ P;RQ)6CeG` <;e|)aF#^"0 `0 Wn*(T3#]g! 爩"WgfA'U|zFRWhKԏ4YÄlmT> ,`Ȣ1|J:(>[)(PIe sۆI߯HOzqBww#h#+>1<ޓ]Ȥ3;Au7ɔ,c`RzqؙŐk+(ߣ]f.yDB 6Z[>/JQ/՘Z`a#\){kb0Rd#=Ų3?(Lu+\!ySIfv@,?a!HM%_xn_bp3EfA3{-+uoJԀFl%{ C'4"f| Vhhp(Z_;_yUf?`Q'/I- In"F0ڡ^[ l޵sgG%\g3~*PUhP^Xo r3zЗ9+ dfMsG6`9fc=a3l}q;EmJ?C G_hf:],-ϞUKeɗ콼љ^DdžfssCLeJJeL4-tEv=8Fp^L cZ;D{Cz]ToC6zożZ5g.xrQWsQ-E`#P*?, PYoD꾮#erw_*zX0#,aMjC:6hõىСd: ]]]Ƃ+:R5CH+!h\eb<}>e7BSfxJU jJw$ jQ9;J۫*G\n=" r9@<Wh+\}"~J5ޢ3[0y,Q6p[|g 0bHx3T.;cz4B4j}CS6>==@B0+9Pvf8gʪcKD5&oɨ+WP2D&:9ޤT~(9WQ cCdR5ee*ȴ^Tc<7ncD|J4D]qba(]]@Af|X$Nbc;UT2?C[(݊+7Пtu,K8O#sHL:+!N]LW)6{֨<|SYn9;Sy=I̜*NLݗ'mvr'KdѥƎ/E8 = x d}rsv)=OB^-3er|'_OcK* <^]CVEW4V-u坘Cn#AwR"n* N$\% o Eʪ!S,]TxNraKf\#ByHe#ԍ=ާD|Ҹ=< 1HxўT +͇>+җw;ZvlL=O"}<*N#GwIAT ZA^_k;g *eF2cbC߯9 xjCF{Fz\1=(/ b>Cy0\ڔ94W(o50UŠ)忎nr}|JeFdV'RӖK#=o].h@;znW{\U~ #3 |;yzqNE6}+ wnW ɹ&(E.s#kHf9Dp{\=D;*sYLb62Qz&B:y#:{e.$E"N ɡ '=4wt}m=P[azRNmnSԅxH紇w&x *l@ <TXUrsOv2# 4{ǒ.r}',PY~%4I:RuIZ#wJ4Tp*17ݝ."Lbj3zu=A0J_J%)}qQDh."b݈h3Txxo$jUqyHuyՕٵ=DA15{Wb@\\CD(9LQ&Zw"Y~JE_$LVźT(aC:_+ a$aEl+fq\iN\^SH#,7[dlh03é͍*!S \#N]<H<.i*4$1ܝ` wV07߯u*tkgwz cќ, w2SfٿYk)3O"xRbͥ"N⾁2lx xOkK QB~`ِB5,I^=O<-̩q[TGb:@d;I0 m_uGx[JthQiv(8v(qwvxY6=;LV/#.Zj\P<Ыm΋@XPALlvvdޚ;f-"^D='Fخfc#ę0+V#@ZN[腆'vymj"[ܱ{"@W540W~+<Q^+̤eVTJ=Ez a\JYSuBt>,{`>o9  od÷PA&4vJ }9| dcڏk4?JFK!7 D ;=k VQ X=f1@h_s/-6 q@ޜHlǀIahy[7J웦DKv|@klln1ӕ@4moiY H=Qƒ:m2+YָJ]n^mԝsj{ iz;-D ] 80'5ZYx;Nbd f9B.d}~\^[7qS7f:-mbIf)iQ9 }`oB)xR1{6t,x5sboY&Zvf,t`.ܓ3(L1&G$\4x?K93czj=b({~JP~Z,̚\Xuת\##')tVFj,7WLXb>8'ʛط0R#>`$ʵwӵ⾘G"9+[9 t#dօ6V2oM']1rDɔ 0 8ԣ$IB^ϘKne ƥIɁwQ(Wv|]}=be,3ϒ_8RZUEsʇE' GuN D~M[1 @e>ksӧ }PEOE'f%m҈Bj !*W:0fa0 ޶n4z?WO00 &7GI **#ѻYI-ЖN?mYn}ʉpg=rKjaE…;X<8h G&Dzށ(.q%+R}ad.TINo*Cܶs7)f<j(bm邨A9tc%}K`$}1}md\Oυۍ)?pXKף{0{%UdJҐYTxJ'MQ_a4>oN>_?9>J ]xN))nna]Zג%Q^6."GG>$~4l;cC-BDDZ&/5 P KdSh^mdgar5d5 SOn+`C‰a\VZo1_$9A'px_Q}#ۭ #8Z 7kЄ  + 'ryT R#3[>ȈzOgUKW~/ q* X}2 p352GRJ}IuknouƤ<C*ȧdCo!¶Dm/v;96;]<[Rp4h V2K$ Ŭy0A;p?3 Va /ԪXUPTͤ$J59hxWb$Vkn*ps>H3[Cdצ''.a_'QXr J7k3|| iI~⌿~ qk$/o&Ktޕ C])4R'ΐRITOzOgxB[ v3^-<An"Z(8Z*_JOY`HTcvM|¼gUcA3Rrܒ#`8Vt[6Iր/bXKĪh9z{F%ԧSP5vovfݫQ~?@xвK*o@?ZM`R6>xbwwR!I"M s6 ben+TV-wV;)Y mhyH'u%4Wr$#(ZQ{g-Jй“g ǒ/KoY]ZOpEHFټ^ 5@J8*,C4p-fx( `֘Syzj&lmƸKIY.\^X u xݡgj"묟scXF"0<*gǾqQ4$T!=^{AzizD,JhQ'Rkޗ= P`??7Eīel-7?RW,sP*$ںZ%U*plgXBOjHXDE3 Dbc EZ,">G@%ヲySSivr ͆'"xU^lfz/":s>'Pk|hoQ4G2~n$AteAGWn}%Uj9gROf+Ypwk>$ A c;2Sk@2Mb ̻fEH 辪;1ż/]"Z=˚D $z@9س4`G>?maJYtb[~| ^B0e'/ssDG.hݣRcULB‚gYW~6K;&MI7h /V!,Rd_Luj`(nRAEJc F -KܰRE.D~*uE\NwXWec[Ǟ [s00J[0dQYNt)D 4sp"519}WToZL<q80{RU#x(cij[#rήl&;+ʻΛo&ήôӦ.7+)FlaM7g̊Dyx*dI\irT[ZlFCvs3Pi7f!kYڜo"5ThU e`4.(>l*{Ȟqh,ԑP ^jK~>z)x!g}ޡbFŹZ@cm ~m(Yӆx休'%|<D#rmZ➄R\wF lBPi1KQLi9",4 Dɚkqy(<5u{<<'AAJPb ?jz6rr܊" ` [$]2 #$'{ H9$Ip)8!;gZ)"<&\O2y MͷjpDLnxW (jM> !eԔ})ОFX<0w4 ZU~9D?o޹6F0yI-˛ZO6kե{T&_-+ekq`4.*,į.r7'wu 6#8vm{иI1,oy8_irXpiWYʽz Tf):` f"ᅇNy53Ucï#5;zp\Aseq3Uu* ދRL8 N`OdZۼsJ踿n03T&'qc\[Ve&@LLvj;EVcm݅GEU`a돌\M*k0bgEN{ t1@5ʔܤK&XU>Wm-`5pg$ߛ|vWyUَt+i]FUjyg_}ò> kɁ&vWG w1־Ѡ~&38C,#: jm_HBO GqN(y2-ҹr7![ jVB}TeZrOp(gd˜P)JTҙ](</ד̓ 0*IKbC.5Wb`aξݬ$YM6`/C\'S[j1% \ljpKWufPT+ww=L+rjL=E8yks0szX͘3ꞓ.R!uZ0x'*Y/+(w,oޯåVGC?*&-sgQSrK mUSX&2XY̎ĐEy3!!3tbQa贡SBkmFĎ夋XQ%8-wEַ7\_,G$N+GOnףl1vޟ.MUGW!:W#&|U~̆yjd%}k bSkpWipKaz^{:&^ +eqvԍQ07t!FT{u?Z~80&oe5K-囐V>WEßѶʸ(.+V ,os]% .ħw< I,ð'ԇ VG}CQeT -|OO&9.g%B3 t}H,Q., q z/GngGKI]x+vL>8[( b/!;#bU- 'UuK1;B.ӹuI2y K~?u(-=R~1mC`ueP~+Mـ!pے9!GYc-p0N sHa*v6ۂ>tL*jik’V6?wrفN;ӕΡi"Vh`hCBBH0DmzQ6ySvQ94 ~ t[qG f7GRH"E8Ѹ(u zIu0cP;Tџy|x xIjV,ܝi#vym׉ MZ+)늤!rʑJ(/Ebbc'-bQe6Ź6N,f28<${ŏisj踗 TY9㧹zK/mZ@rTn.1%?3?k:CX|zzn FlVd7B_Oà!nQKb 2+cFh/+rˆn9|NXC Ԧ,<3FјJ?}K/ 6ֹ{S,w2SP2 rW$;O-` P F?'9JZO¾Dg-:.:@u M+,qUfTQ{,! z7hH'#W4 ix50Q_~&(=:uADX*JTz?PgfBs:%ojU'&bhZ9wcv݋]v2b2;Y Am D_ȡC,YD*ڧQTP^ghJE[1#gOY +%'Z95zW~,/L^.P>ɍ_T`65cC뤮H euDᒽu!pdUpMԳՠ*j-}>YjY~MBJ5NLpª#V" ZƧi315v(w L_/8^HZ{ d79OҘScD0LSE-Ο:vW,kR2ap(tW\k}Z|P0گ4E}bBr e }R3[kT9Fif ,U aֳ5I PW{UN%,A2Fʟ &h8Rw^4)"ubnP\$(7˷0*>:,غֺNJp4ѳsBY qQFj\#_T/fѝ Ω|e8KtCh@Fh6h[Ÿ,~2|&`c#B>% Й3w (dVj~~)-[]#sF犈}),Z&% k+ɸ=pPjnw]why >i)N whڑ_YxVHH XeyM7ǔdF)<*)f x[ XxAָk۪oX)?+TIQN/1!kY/ $[D|*TQ2uOBq$2V>1Rւ`A @n,7ת ~ 0~ss:@@e2}[tbd8/ p?tbfT}kp\i.i5O.-j j_m7}Ԇj|PZWLw% %ft3b >…*zbȅIj$l0PH[*{g⠕P7pcޘ|iSwy t~)""5#1t(Di7mԙm%qa)hbS\I^*&1)ؐJvC/~V'$k/HNZim\j`ftx]OAN3)b;ѡ, `K?WP'Lz n'L&2T Xvz" S4jitD̟A >Pk/d-3Tem,ԒDu PyLI}eqD%\rqr4V2#~4m-AE_I `akD]Ӆ BS<*yZiˍ80eCU90$yEr)*%n.YTd+>5„ qUy9OU"dvNdgݷ1h' :֜!&4y݉NUr ON?% !$Ϊp:S@a"gڱXד3|/thnl yx~r;ti[62T^u&0٣ɭ%lh{;[Lh}Gh,$ێߠ{퟉P.C4(|19ic64l*+=VM7QSVͳɥD]%o&I:xeRiȩjDg&d_xlh)G6 к+m& і7L8HՁ&$3MUm$D K".Hz1xS&.;%õ̬c(ihivo`j%J2崌ڊn7>q_Os?*Fb;ơ#Hz+PdTfFg.}y]{0 b٠LPnoǭ&zOfճi~DPd՗ߓWczԂxD*<1F]Tv =4v#F&6.Gh`hQ/ ŝ <=+ 0SǬzoG5~.L>[jP$-8fcǩXv wz _6SqJ2 R?](\>GQbr6P6r-K;D]Q6^eAS7(a,X 5*`$ ԯhH(FV۝T;/Qbl0hu}@u}piB/MEK*hcF:,gky- [  Ƴ^LYrͳtaK?s}-|::H5f\8 ylg  ϲ{U5S-^_0Bܾ|I| (PHTVN ꦇE1K/Sℷv" ɋjr"QǦ/F:)fL IwL?ȠHWO./Q5N *' w@J6 cW0HCw$[Ra/ TqWWI&l` c)5{MBl{ut\#JiI#%. Q+3$7HY˽wV2sd&Tm"6j7ܚYnS,wvҁS+RjWrT1ɔ(Ԙ!=K.hRm,P{^ܗGOLr5fDEvl@1l8!mIhHb`F Іm3 Jvfs6/?ayoa2ts *xp4jk6q/Хh.S{n nIEFϼ]Jײu(' AI ڲ x> ?Ml3Y+⋊I"NSMaJWB`+Ve.> Z|?=7<,.ulwcfTdwD5HRHH tT AJ__,=d~ߔqQdM*HbLN7^ݛhx9N65fĠkn~٠ GW脈ƪm_>|l!7@wG<]EbtPE &d^K)lе氶8AYwoL[o#CKW+y:K]-Q}\igaҌK{Ͼ}Ud;#@m m70ƃ_!HAgRr\*$&cѻ-4r\1I*@n Ӂs)pސۉj EwʖQy|xnÔoQVw,na,1Sy'3HBTxwJ+1#vHS49a =Un _dXu_ W*5@0 ?BD= |~ZN4jj>20g. *ЦrO <eּ7 s=1d֒ez <:{[Ht\]&}Ml&:m40 n*hsrXlS& M(B 䂌, A'P*$U@EQ@4X5VzL%Ks2*iIX.H$Q G1wBRC`X }喷.]W :2 >J vNMgNTƗ^g,p Z0b5wvkpoGHVIJmX/ F9cu䨑ңh&5pR+ǡZ[)w'yuR{jK K 7 \0)%\66=\CGt8Îy^$KйtZe+試T]$(p4pW,|fnRWrs40zmμu3uI 5#qRԃ7kY@hbmEfgnZ *O5Ԃq(bl<.bQ|> 5LPѧp~#V^ `SK9?EpAsc/|_ԡd`KbO.|WfUjI/ $K;Ӌ+nٯw>}%4r;Γ#aa;#uWih`-P-2Y[SEFgkbwDii+cUa{*7y`G9}%:+O4$)˗ <ܱ[N>љAt(!{yTfm]O4 JjC79J0"R q$0};{X='OȇȓT BO6I++4O-4 sRbh:ސ8ªU)AVooQm057Xs4,LA \ubT@I(z\2]nW|SfZHo(d7zm$JŕbuS7(cW;b ZPHB'?]M.~C?dcʗKPق "KJAy`iaV@Wčf %"?ƷFmy\l,4H"qs0vr3b2ibjfTRq>Tv5ZzWӤtxKbzayrv?KdŎ=יC3Ǯ)yA%Sy()OFZX Z Zk|#S T& U)xm؋Ɩk>,H}Dnǝ.G Q1ANU?Љ;Gd~슺i^ˁ`ҶG(|^ ؖ"㟡˥gxQ'@ e ~XIYmxʸYPl5,yN 22sUTg&_l[YG GPtSQn3R'+`\-@Mҋ~9$_ gd"ї_a oRfg-XXJ0Z L8?" $<v ~T/~u]β#ņXe M)khћmB G?5NKI%!E'dըfDzҎgsVZ b{` @4^53T }#*`Ou]BY;Fć zJ;u }8ATo%]-72v^0RV3E@/oA8Gs7vf~t >.ʽ2y?sAj ٹ~luO/m*o& {G]^HN>~(;dmm?I} ذ8%3bHm>2n[a$ ZM$auè:d=}<pg{1^Tt>k~cQATg$M˹r0|zE4N^x,vh\wzPd;q:y\(d6ٵ`:*KPw:l SJl%F>+(ε`ռNLrE96aJM^7W-'fD2 p`Mb57d6 P)S{lwֹݵo>|F[?eEIO_aWU;9"k=eZl'I jGe!'κЍgUL3G:LNVT.A=) ț:yѿ꫄}a`*EgrNn^-Yle z. `{0@w{Fg(4[͚M1+wObZTrlj;CY̛ߖTy]Coi3W0Beoe Պ7O^9"kz|[?m,ஃGd% NDAUV7۞mc| I9d(#_ bK%'bX$ #yNOb_*@Ukh2^)-K1Gmt-|$PoxkrGTF LS 1}ڭV|J/?4o}27dOs5bM?1"qH?R0p K|K)^C]#Cɺq0 sHwXU޹#U15\Y/\@?E.ڿ 5N FrlP8PI $1CL>GH+8>:٦0-d]0b4x?!zu<:u-7Uf aw"|D .P2P$SGMYnv{:ֲۦe618*.Aϛ!"(bbXQ0-Y=By֔]g ĝ KU5W ݀"r2n@icne\4vȐbB ងEWiyh~-=fiÞ bԧ#LrEUaxeup>h٬qImbx %T@GXW2%ZhڄvWȏ/ r1HtP R DY,iT:AT+b!g$[b:ݹ~^;o*pgFc`L^ lXT1=Eq5ȸ=A~}"<3JUщI-ڌfi!{*A(m/sk/)BOh pky):|A8RLfWhv`AÎ&5ì>G@F!=TÆ'V0{[YRvbjqx$LOa_.V""vC (Ya!UICkH εA N7–G" QF"[s2Jv! ҢsA%KONF<J6J /l+ǸOn?愉m)E?гlp*;L[DhM5ME) Q.; uBC⡳{_G*U) x]ϼ+StSe" YZ