nss-pkcs11-devel-3.36.0-7.el7_5> H HtxHF[ ?*}})h1U"%E/mq=Qt4y,)P;;D#c3083bb70de875750dd1ffd888aea0d9da10edc2UJCѝȈF[ ?*}}J@߆1zoٝTtnuhn{gyo>T>8?d " Z GMT         =  L    T6(h8pd9 d:NdG0 Hd IԘ XԨYԴ\ ] ^ՠbd֩e֮fֱlֳt u v4w\ xא Cnss-pkcs11-devel3.36.07.el7_5Development libraries for PKCS #11 (Cryptoki) using NSSLibrary files for developing PKCS #11 modules using basic NSS low level services.[sl7.fnal.govScientific LinuxScientific LinuxMPLv2.0Scientific LinuxDevelopment/Librarieshttp://www.mozilla.org/projects/security/pki/nss/linuxi686 n@GCB:n Zi(Zi(Zi(Zi(Zi(Zi(Zi(Zi(Zi(Zi([[[a35ece673d12028eb93987be84491b4a5978b26acbed9391ea7c623d892114892314809e560ccd8db3aa7c73a76761c6dfdc9970766418eda2ccf5d82d7c8c87d17c98658d22e1d43bebb72e5c2fa70d38b4813cc365664cb7e012c1c205945a44468d9015bc778365581b64aa8389d29b1253027c339f0db50c4fa4041b182610323e003c49ea719ba9d58bcc8cd25e0cb04b9ef477e86532dd49ce5aab7de426ea03608b467e5d895ef62414d18e48c7eef62075092710067aa35ab7da79c77a0eecf6f3406b0ac94bde7ea8963f1ed4bdc05c48bade64adbbe3f942607a58424de03c781dc5f6985867d3c8905ef675f7f2bef4bc52abc6e523484afb4882dc8e6a0a79dc11903d89226d4fd9a1a2e6d15433c2f77b7176b727c3d2980b1b616dd39c3520cedf4a0b72c67baa0de3103d894baa8631e24020c157d21a2473f5ee187ae698bfebcb2b4df6e21edbc3d95b5ec709756e1cd6a1c3d83fca1c44a93877d3a5093d8a858233e78ca3a9a2784d440c4e7e5e721dd7217f9191fb27c0024b61ee9fbb1316ac69dc45d8b4456d579b7d6d4e445c286ba915114ff170rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootnss-3.36.0-7.el7_5.src.rpmnss-pkcs11-develnss-pkcs11-devel(x86-32)nss-pkcs11-devel-static     nss-develnss-softokn-freebl-develrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.36.0-7.el7_53.36.03.0.4-14.6.0-14.0-15.2-14.11.3[Z؄Z3@ZЛZ2@ZkZw@Z\ZOhZN@Z Y@Y|YB@Y@Y@Y@Y@YJYg`Y1S@Y i@Y i@Y @Y.Y@YXX~@X•@XO@XO@XBX@XX@XWu WrfWc@Wc@WBWo@Wo@Wo@WW WW@Vn@V@V>@V`VpV'~@U6@U6@UAU@UUUݪ@UUȒ@UU@U'U3@UUx&Ux&Uq@U?v@U8U0U-@U'@U:TTq@TTto@Td@T)IS@S@Sہ@S@SnS@RJ@RRUR۾@R۾@R@R@Rx@RΏ@RkR@R;RiR@Rz/@Rv:Rt@RrF@Ro@Ro@RnQRe@RW@RSR@QQQ@QKQ@QQW@Q'@Qq1QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.36.0-7Daiki Ueno - 3.36.0-6Daiki Ueno - 3.36.0-5Daiki Ueno - 3.36.0-4Daiki Ueno - 3.36.0-3Daiki Ueno - 3.36.0-2Daiki Ueno - 3.36.0-1Daiki Ueno - 3.34.0-4Daiki Ueno - 3.34.0-3Daiki Ueno - 3.34.0-2Daiki Ueno - 3.34.0-1Daiki Ueno - 3.34.0-0.1.beta1Daiki Ueno - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.33.0-1Daiki Ueno - 3.28.4-14Daiki Ueno - 3.28.4-13Daiki Ueno - 3.28.4-12Daiki Ueno - 3.28.4-11Daiki Ueno - 3.28.4-10Daiki Ueno - 3.28.4-9Kai Engert - 3.28.4-8Daiki Ueno - 3.28.4-7Daiki Ueno - 3.28.4-6Daiki Ueno - 3.28.4-5Daiki Ueno - 3.28.4-4Daiki Ueno - 3.28.4-3Daiki Ueno - 3.28.4-2Daiki Ueno - 3.28.3-5Daiki Ueno - 3.28.3-4Daiki Ueno - 3.28.3-3Daiki Ueno - 3.28.3-2Daiki Ueno - 3.28.2-3Daiki Ueno - 3.28.2-2Daiki Ueno - 3.28.2-1.1Daiki Ueno - 3.28.2-1.0Daiki Ueno - 3.21.3-1Kai Engert - 3.21.0-17Kai Engert - 3.21.0-16Kai Engert - 3.21.0-15Kai Engert - 3.21.0-14Elio Maldonado - 3.21.0-13Elio Maldonado - 3.21.0-12Elio Maldonado - 3.21.0-11Elio Maldonado - 3.21.0-10Kai Engert - 3.21.0-9Kai Engert - 3.21.0-8Elio Maldonado - 3.21.0-7Kai Engert - 3.21.0-6Kai Engert - 3.21.0-5Elio Maldonado - 3.21.0-2Elio Maldonado - 3.21.0-1Elio Maldonado - 3.19.1-19Kai Engert - 3.19.1-18Elio Maldonado - 3.19.1-17Elio Maldonado - 3.19.1-16Elio Maldonado - 3.19.1-15Elio Maldonado - 3.19.1-14Elio Maldonado - 3.19.1-13Elio Maldonado - 3.19.1-12Elio Maldonado - 3.19.1-11Elio Maldonado - 3.19.1-10Elio Maldonado - 3.19.1-9Elio Maldonado - 3.19.1-8Elio Maldonado - 3.19.1-7Elio Maldonado - 3.19.1-6Kai Engert - 3.19.1-5Elio Maldonado - 3.19.1-4Elio Maldonado - 3.19.1-3Elio Maldonado - 3.19.1-2Elio Maldonado - 3.19.1-1Kai Engert - 3.18.0-6Kai Engert - 3.18.0-5Elio Maldonado - 3.18.0-4Elio Maldonado - 3.18.0-3Elio Maldonado - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.16.2.3-5Elio Maldonado - 3.16.2.3-4Elio Maldonado - 3.16.2.3-3Elio Maldonado - 3.16.2.3-2Elio Maldonado - 3.16.2-10Elio Maldonado - 3.16.2-9Elio Maldonado - 3.16.2-4Elio Maldonado 3.16.2-3Elio Maldonado - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.15.4-6Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Daniel Mach - 3.15.4-2Elio Maldonado - 3.15.3-9Elio Maldonado - 3.15.3-8Elio Maldonado - 3.15.3-7Elio Maldonado - 3.15.3-6Elio Maldonado - 3.15.3-5Elio Maldonado - 3.15.3-4Daniel Mach - 3.15.3-3Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-10Elio Maldonado - 3.15.2-9Elio Maldonado - 3.15.2-8Elio Maldonado - 3.15.2-7Elio Maldonado - 3.15.2-6Elio Maldonado - 3.15.2-5Elio Maldonado - 3.15.2-4Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15-6Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.14.3-13.0Kai Engert - 3.14.3-12.0Kai Engert - 3.14.3-11Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- Backport upstream fix for CVE-2018-12384 - Remove nss-lockcert-api-change.patch, which turned out to be a mistake (the symbol was not exported from libnss)- Exercise SSL tests which only run under non-FIPS setting- Restore CERT_LockCertTrust and CERT_UnlockCertTrust back in cert.h- Work around modutil -changepw error if the old and new passwords are both empty in FIPS mode- Decrease the iteration count of PKCS#12 for compatibility with Windows - Fix deadlock when a token is re-inserted while a client process is running- Set NSS_FORCE_FIPS=1 in %build - Revert the changes to tests assuming the default DB type- Rebase to NSS 3.36- Re-enable nss-is-token-present-race.patch- Temporarily disable nss-is-token-present-race.patch- Backport necessary changes from 3.35- Rebase to NSS 3.34- Rebase to NSS 3.34.BETA1- Disable TLS 1.3- Enable TLS 1.3- Rebase to NSS 3.33 - Disable TLS 1.3, temporarily disable failing gtests (Skip13Variants) - Temporarily disable race.patch and nss-3.16-token-init-race.patch, which causes a deadlock in newly added test cases - Remove upstreamed patches: moz-1320932.patch, nss-tstclnt-optspec.patch, nss-1334976-1336487-1345083-ca-2.14.patch, nss-alert-handler.patch, nss-tools-sha256-default.patch, nss-is-token-present-race.patch, nss-pk12util.patch, nss-ssl3gthr.patch, and nss-transcript.patch- Add backward compatibility to pk12util regarding faulty PBES2 AES encryption- Update iquote.patch to prefer nss.h from the source- Add backward compatibility to pk12util regarding password encoding- Backport patch to simplify transcript calculation for CertificateVerify - Enable TLS 1.3 and RSA-PSS - Disable some upstream tests failing due to downstream ciphersuites changes- Work around yum crash due to new NSPR symbol being used in nss-sysinit, patch by Kai Engert- Fix typo in nss-sni-c-v-fix.patch- Include CKBI 2.14 and updated CA constraints from NSS 3.28.5- Update nss-pk12util.patch to include fix from mozbz#1353724.- Update nss-alert-handler.patch with the upstream fix from mozbz#1360207.- Fix zero-length record treatment for stream ciphers and SSLv2- Correctly set policy file location when building- Reorder ChaCha20-Poly1305 cipher suites, as suggested in: https://bugzilla.redhat.com/show_bug.cgi?id=1373158#c9- Rebase to NSS 3.28.4 - Update nss-pk12util.patch with backport of mozbz#1353325- Switch default hash algorithm used by tools from SHA-1 to SHA-256 - Avoid race condition in nssSlot_IsTokenPresent() - Enable SHA-2 and AES in pk12util - Disable RSA-PSS for now- Utilize CKA_NSS_MOZILLA_CA_POLICY attribute, patch by Kai Engert - Backport changes adding SSL alert callbacks from upstream - Add nss-check-policy-file.patch from Fedora - Install policy config in /etc/pki/nss-legacy/nss-rhel7.config- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka - Enable new algorithms supported by the new nss-softokn- Rebase to NSS 3.28.3 - Bump required version of nss-softokn- Remove %nss_cycles setting, which was also mistakenly added - Re-enable BUILD_OPT, mistakenly disabled in the previous build - Prevent ABI incompatibilty of SECKEYECPublicKey - Disable TLS_ECDHE_{RSA,ECDSA}_WITH_AES_128_CBC_SHA256 by default - Enable 4 AES_256_GCM_SHA384 ciphersuites, enabled by the downstream patch in the previous release - Fix crash with tstclnt -W - Always enable gtests for supported features - Add patch to fix bash syntax error in tests/ssl.sh - Build with support for SSLKEYLOGFILE - Disable the use of RSA-PSS with SSL/TLS- Decouple nss-pem from the nss package - Resolves: #1316546- Remove mistakenly added R: nss-pem- Rebase to NSS 3.28.2 - Remove NSS_ENABLE_ECC and NSS_ECC_MORE_THAN_SUITE_B setting, which is no-op now - Enable gtests when requested - Remove nss-646045.patch and fix-nss-test-filtering.patch, which are not necessary - Remove sslauth-no-v2.patch and nss-sslstress-txt-ssl3-lower-value-in-range.patch, as SSLv2 is already disabled in upstream - Remove ssl-server-min-key-sizes.patch, as we decided to support DH key size greater than 1023 bits - Remove local patches for SHA384 cipher suites (now supported in upstream): dhe-sha384-dss-support.patch, client_auth_for_sha384_prf_support.patch, nss-fix-client-auth-init-hashes.patch, nss-map-oid-to-hashalg.patch, nss-enable-384-cipher-tests.patch, nss-fix-signature-and-hash.patch, fix-allowed-sig-alg.patch, tests-extra.patch - Remove upstreamed patches: rh1238290.patch, fix-reuse-of-session-cache-entry.patch, flexible-certverify.patch, call-restartmodules-in-nssinit.patch- Rebase to NSS 3.21.3 - Resolves: #1383887- remove additional false duplicates from sha384 downstream patches- enable ssl_gtests (without extended master secret tests), Bug 1298692 - call SECMOD_RestartModules in nss_Init, Bug 1317691- escape all percent characters in all changelog comments- Support TLS 1.2 certificate_verify hashes other than PRF, backported fix from NSS 3.25 (upstream bug 1179338).- Fix reuse of session cache entry - Resolves: Bug 1241172 - Certificate verification fails with multiple https urls- Fix a flaw in %check for nss not building on arm - Resolves: Bug 1200856- Cleanup: Remove unnecessary %posttrans script from nss.spec - Resolves: Bug 1174201- Merge fixes from the rhel-7.2 branch - Fix a bogus %changelog entry - Resolves: Bug 1297941- Rebuild to require the latest nss-util build and nss-softokn build.- Update the minimum nss-softokn build required at runtime.- Delete duplicates from one table- Fix missing support for sha384/dsa in certificate_request- Merge fixes from the rhel-7.2 branch - Fix the SigAlgs sent in certificate_request - Ensure all ssl.sh tests are executed - Update sslauth test patch to run additional tests- Fix sha384 support and testing patches- Rebase to NSS-3.21- Prevent TLS 1.2 Transcript Collision attacks against MD5 in key exchange protocol - Fix a mockbuild reported bad %if condition when using the __isa_bits macro instead of list of 64-bit architectures - Change the test to %if 0%{__isa_bits} == 64 as required for building the srpm which is noarch - Resolves: Bug 1289884- Rebuild against updated NSPR- Change the required_softokn_build_version back to -13 - Ensure we use nss-softokn-3.16.2.3-13.el7_1- Fix check for public key size of DSA certificates - Use size of prime P not the size of dsa.publicValue- Reorder the cipher suites and enable two more by default- Update the required_softokn_build_version to -14 - Add references to bugs filed upstream for new patches - Merge ocsp stapling and sslauth sni tests patches into one- Reorder the cipher suites and enable two more by default - Fix some of the ssauth sni and ocsp stapling tests- Support TLS > 1.0 by support while still allowing to connect to SSL3 only servers - Enable ECDSA cipher suites by default, a subset of the ones requested- Support TLS > 1.0 by support while still allowing to connect to SSL3 only servers- Fix to correctly report integrity mechanism for TLS_RSA_WITH_AES_256_GCM_SHA384- Fix checks to skip ssl2/export cipher suites tests to not skip needed tests - Fix libssl ssl2/export disabling patch to handle NULL cipher cases - Enable additional cipher suites by default- Add links to filed upstream bugs to better track patches in spec file- Package listsuites as part of the unsupported tools- Bump the release tag- Incremental patches to fix SSL/TLS test suite execution, fix the earlier SHA384 patch, and inform clients to use SHA384 with certificate_verify if required by NSS.- Add support for sha384 tls cipher suites - Add support for server-side hde key exchange - Add support for DSS+SHA256 ciphersuites- Reenable a patch that had been mistakenly disabled- Build against nss-softokn-3.16.2.3-9- Rebase to nss-3.19.1 - Resolves: Bug 1228913 - Rebase to nss-3.19.1 for CVE-2015-4000 [RHEL-7.1]- Backport mozbz#1155922 to support SHA512 signatures with TLS 1.2- Update to CKBI 2.4 from NSS 3.18.1 (the only change in NSS 3.18.1)- Update and reeneable nss-646045.patch on account of the rebase - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Fix shell syntax error on nss/tests/all.sh - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Replace expired PayPal test certificate that breaks the build - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Reverse the sense of a test in patch to fix pk12util segfault - Resolves: Bug 1174527 - Segfault in pk12util when using -l option with certain .p12 files- Fix race condition - Resolves: Bug 1094468 - 389-ds-base server reported crash in stan_GetCERTCertificate - under the replication replay failure condition- Resolves: Bug 1174527 - Segfault in pk12util when using -l option with certain .p12 files- Restore patch for certutil man page - supply missing options descriptions - Resolves: Bug 1158161 - Upgrade to NSS 3.16.2.3 for Firefox 31.3- Resolves: Bug 1158161 - Upgrade to NSS 3.16.2.3 for Firefox 31.3 - Support TLS_FALLBACK_SCSV in tstclnt and ssltap- Resolves: Bug 1145434 - CVE-2014-1568 - Using a release number higher than on rhel-7.0 branch- Fix crash in stan_GetCERTCertificate - Resolves: Bug 1094468- Generic 32/64 bit platform detection (fix ppc64le build) - Resolves: Bug 1125619 - nss fails to build on arch: ppc64le (missing dependencies) - Fix contributed by Peter Robinson - Fix libssl and test patches that disable ssl2 support - Resolves: Bug 1123435 - Replace expired PayPal test certificate with current one- Rebase to nss-3.16.2 - Resolves: Bug 1103252 - Rebase RHEL 7.1 to at least NSS 3.16.1 (FF 31) - Fix test failure detection in the %check section - Move removal of unwanted source directories to the end of the %prep section - Update various patches on account of the rebase - Remove unused patches rendered obsolete by the rebase- Disallow disabling the internal module - Resolves: Bug 1056036 - nss segfaults with opencryptoki module- Pick up a fix from rhel-6 and fix an rpm conflict - Don't hold issuer cert handles in crl cache - Resolves: Bug 1034409 - deadlock in trust domain and object lock - Move nss shared db files to the main package - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Update pem sources to latest from nss-pem upstream - Pick up pem module fixes verified on RHEL and applied upstream - Remove no loger needed pem patches on acccount on this update - Add comments documenting the iquote.patch - Resolves: Bug 1054457 - CVE-2013-1740- Remove spurious man5 wildcard entry as all manpages are listed by name - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Mass rebuild 2014-01-24- Rebase to nss-3.15.4 - Resolves: Bug 1054457 - CVE-2013-1740 nss: false start PR_Recv information disclosure security issue - Remove no longer needed patches for manpages that were applied upstream - Remove no longer needed patch to disable ocsp stapling tests - Update iquote.patch on account of upstream changes - Update and rename patch to pem/rsawrapr.c on account of upstream changes - Use the pristine upstream sources for nss without repackaging - Avoid unneeded manual step which may introduce errors- Fix the spec file to apply the nss ecc list patch for bug 752980 - Resolves: Bug 752980 - Support ECDSA algorithm in the nss package via puggable ecc- Move several nss-sysinit manpages tar archives to the %files - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Fix a coverity scan compile time warning for the pem module - Resolves: Bug 1002271 - NSS pem module should not require unique base file names- Resolves: Bug 1002271 - NSS pem module should not require unique base file names- Improve pluggable ECC support for ECDSA - Resolves: Bug 752980 - [7.0 FEAT] Support ECDSA algorithm in the nss package- Mass rebuild 2013-12-27- Revoke trust in one mis-issued anssi certificate - Resolves: Bug 1040284 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) [rhel-7.0]- Update to NSS_3_15_3_RTM - Resolves: Bug 1031463 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741- Fix path to script and remove -- from some options in nss-sysinit man page - Resolves: rhbz#982723 - man page of nss-sysinit worong path and other flaws- Fix certutil man page options names to be consistent with help - Resolves: rhbz#948495 - man page scan results for nss - Remove incorrect count argument in status description in nss-sysinit man page - Resolves: rhbz#982723 - man page of nss-sysinit incorrect option descriptions- Fix patch for disabling ssl2 in ssl to correctly set error code - Fix syntax error reported in the build.log even tough it succeeds - Add patch top ignore setpolicy result - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites - Resolves: rhbz#1026677 - Attempt to run ipa-client-install fails- Fix bash syntax error in patch for disabling ssl2 tests - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Fix errors in ssl disabling patches for both library and tests - Add s390x to the multilib_arches definition used for alt_ckbi - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Fix errors in nss-sysinit manpage options descriptions - Resolves: rhbz#982723- Enable fips when system is in fips mode - Resolves: rhbz#852023 - FIPS mode detection does not work- Remove unused and obsoleted patches - Related: rhbz#1012656- Add description of the certutil's --email option to it's manpage - Resolves: rhbz#Bug 948495 - Man page scan results for nss- Rebase to nss-3.15.2 - Resolves: rhbz#1012656 - pick up NSS 3.15.2 to fix CVE-2013-1739 and disable MD5 in OCSP/CRL- Install symlink to nss-sysinit.sh without the .sh suffix - Resolves: rhbz#982723 - nss-sysinit man page has wrong path for the script- Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Add upstream bug URL for a patch subitted upstream and remove obsolete script- Update to NSS_3_15_1_RTM - Apply various fixes to the man pages and add new ones - Enable the iquote.patch to access newly introduced types - Add man page for pkcs11.txt configuration file and cert and key databases - Add missing option descriptions for {cert|cms|crl}util - Resolves: rhbz#948495 - Man page scan results for nss - Resolves: rhbz#982723 - Fix path to script in man page for nss-sysinit- Use the unstripped source tar ball- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Reactivate nss-ssl-cbc-random-iv-off-by-default.patch- Add upstream patch to fix rhbz#872761- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build 3.36.0-7.el7_53.36.0-7.el7_53.36.0-7.el7_5nssbase.hnssbaset.hnssckepv.hnssckft.hnssckfw.hnssckfwc.hnssckfwt.hnssckg.hnssckmdt.hnssckt.hnssck.apilibnssb.alibnssckfw.a/usr/include/nss3//usr/include/nss3/templates//usr/lib/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m32 -march=x86-64 -mtune=generic -mfpmath=sse -fasynchronous-unwind-tablescpioxz9i686-redhat-linux-gnuC source, ASCII textcurrent ar archive?7zXZ !XS(] crv(vX0zeRvFO-c%_@Ѫxg-B~Z f(w`R=a\>VfP[Z<>$*+)yO4|hg*e 8fHU6~0}co!a˽zSW_܂\?|Yט _dDw I$^yN`|5JY'u^ceD=r ax’=-J =Z[\2tʊ?:+# ׆ 5 GQYHqB:X#et@`2xd$ {hI7Zgɺp̒ xQJ6k+~*!?'Yab2ZfZKK k#dUUI@mU`"H*Ld%f6"Y~_TxvJ=;FZ\ 9"{dj +'$ZlwxթO_Cfڍw>oGc7}P[\nD~M|&v x !KQ6Wgz "С Dg!"~CJ{ų ܜ kOp|\X!ϤXm眿;E KWZRl{uM^C_l4ޮo /ȑ1DeDu/!DB- vH3uݨޜYଦw3|-T&OFKD>N)8|sd`s)ϣ|/&+$yQAຆ#Z0ZRW1Fzޭ_^̌SHv28 b׬0Ԁlt 92%"skBUj՝ b: 27il0Zcvr]&fА<,g'!!fLi#n EypޟN\prnw aL)UCF̅x ;yE8FDR[kA/Cp O,<:|=b? S Ϭwap邠$Qwg҉I9`bDpfx&O V^̶ ufOEV`6^Y&gjca+Q\ [L$xxkl1%kTvWyVmȥ :R`2?}#P1WjV|/qy BővGYuFx3xٗNc۶%^EGU;|o^-+Qg֡.y 5=k]!)AܨC5#IqT\%Б/= ={wcBW[* /k&ZVrPW Kʟ{8񞅖~UD#ܹWXIƐ< d 6E\RF!1F%X)0wZ|10!sgg (`E3 ojo @{*՘l#_S0]ڛ\ EM0n-2%XiuΓ.Ǝ c܈1I?~PJڊՂh,NC`k{KR~8tm>=]KYNt@X-RǑ;ZӸsy7|}+{;RrO"BRj6+w*f,nyoB'e-Xp/&= "9$2[cXH9 !R1qwA>̵~/Z]YMAh5^-]lB|ooAODoߪjƜw(.u0I`ǫ idolm(`uTTj:%GP5et;Iӊ\o5j4 r䳭 c>74zwZ؉KVMv&RwB{eՎjY.H}(VT:&I~3+0} #`=QKu\ICmR2m" OI^Ouq\3PBφ}g?م1z{')Yp*IvъQ!x1\>2kfɈG%Wp\X`ީ؆_~ciLE, M0m\K I=TLK5Ⱦ:ﳻ<l]}pd}O6^!HY 'YL@ud]SC60H\w=N2z8ܧul@D\;' ;a{ϟK|?DbZF)\5oPSzL7]23^#:A[醌F{ρ͐wق>oo#HAG7{ !ow5H, UAHxk D!Wj {)tݸC߃MC_u[}|. b[_t HwK>'t,1-+#.U}@s ^XK—C 埭ok H_?E:oi} 7`3xh8mg Jw.>-}싓Gԝ!Rw760bdvmγ5*y3@MF-՘|-OkU5%;!a+Ɵ}N~GQ 'CWM>N &|u pn&dh}:p*r[kA84 9ɼs{崮8?? f3a tbߕ0i $tb,YʈhzYG1)۟7Sԟx^@- [늀ˆs]xz83 Hl˥ᩒvU{+ .qlzTG ~:KPhA_X+< 9BO߁6sd| ISiX=buPZ8Z g6ϲ M[[}`ur_UC<~ۣ'9L Sbl䝦4Gtw˴^b; K D I9U;7|b/yVkm=[9( O)k;c Ǩ3dXnzw򩝘mVpl&^H}n*k>'9\)ܓO'Sa r~rHBg:~*e{P"e,:{FP4OQ^zL'dFcse XWo{J_<n Se<~(tjp X㵖 2YL^!Ɉsn'H>?>\3-4 K"e[с4S}: I,D,fZKFJcLou4leq%1Sa`K'7`$ &I=,] 25v6 #p?%oHqdyL%2iic`HxWģFZ)Cg' >00)\3ؑ<.$*ʗ>VKhޥ&tN|}"ccX.mfwmA,eK`Tg?H-EouԀ6責 ua+do]LzN j6i؝3ISJqEwu_ b#sB!l%: x-UiCJ~e ;bD7AL|V:o 94> ]r%M֗c @{K[7M{M+.Cė n $KQ B)[A\a ke@q8jˣ:O K8ͣڣsx@D| n/VL 7Mͽ@ʴSbYc+#"twҡ[<6€)/˃_Zu(KCL~ a8e:.B];9('>kfO y1΋B5bLktVutm^p4%R |C}㻆%{Sd$EbQ5Y玔&mIf[0/ӒORaŁVq 2R W+E7MnEv>ܴߨ]s e܃`%^V/>`"48y_:p&09['#4IJд.@-l Y ]Ӝo@:9p^]a,uJ`o ޶6qzU3wנ[|'Gr LA踵ߝ/*,%hR%wa?^FDoRTy<*XZQN^%r$(ʼnEJ e{MpuklAX>/;8,B6s5hYJUwm@˵HսL?na4,dz]qeUoȚF %&B){ K3_~XNӮ%)mثr ^m-/F"ӰhO#l">]0:%@2V>L ^y|=200g*(F֫^Ҥ'7*TQJ~aQ~ܭ۷γz'hA}9񧫮KDV%F-}N>Cl $ Tr$mt㰹 _s65+7" . ,Y1}23`WtevT6/+u$Oԑ[2Hc)ا,a=wK΁m0']os)ɒ9 zɅ<=]q> d[@40WAË u. GcGLNK̡1G9m·ŗMȹH&KlUvlu)<)Y]=NEnPO UnRV\.Tj51~!o=e{%rț!K{!MU;N(!o7^A@9w>#2-lh)O}I,}D=87^%_ʪ+u T}4K:|")6y ڶ%66}cR+L68NCxg$P{!cuпeiAjimIaвx$ Kn`b2gT vne:OVO_qIPd6اx4R6`ȹWo&0[1ʡzReTjތVO e\W֗$+.g Qx]d`Zփ9G*{<릾bm{ƧkLꓼ 03 -Ƨ8`.yNWhkXYoܥ71 kPf3%S]V5nڛ BcQdۦfAK.RJXi7st~8.b6 6-4OKED*EJ2i6X.r ix?%iEh@x]GAӺ` ([19)x]O(=d/.eĽz݄BV7"y*ވt 榙sĹ؇_]3_7VsԱ%b_T٦ܴܣ$ͻ#r]8d']aºG lmyE'kv@\VK4d2i>|y66]lE-uTJܤ}H[ZͩdJIm3.E9 7ֵ }Uٗ7Aԏح +jλP,PRUkԔ} JB/@b$!>y*Rw٭O$s {r<`ę)%.UQcϞ7$:󋭒=h<@|6耐<ߞÚ">/E+̑!?#LOE$z2[ZzuKXLA@DwߧEe\B9;r=3 ~`OslFuUB0NfkW?k-(EȾayN_|ۙ%C0nLػ>vmH$| x6K2g,οr2G6+MA{뻵n40 so=a'} J;7UM&Od!Zr0T@c -+דٿ0Vdi"_p'`1 qSxoWX_f]w3 8a-V΍ь6[Egb?crq >Is(=_x\D-EğQrNvdc،BMѽb CXJ|xzS<;,@h9 |mmr(uhs+H{$`- .CSH1iG" D&Z?*DV8z)dÒh*d<|R3RLv3*Q/j֥Mv!:y$4':E1OFNcI8~!eb4f{H.`ۤ ti(9ѩ.4X}UgKTΩ;I_$Kqڅ_#rJc/UmJ_ ;aFTܜd`L~ ˌӴ4"oаҳ/=`(m?VE7=0F8"7 ZسAF{"}[ !(?$?]l =Ĥir ǹ ҡQh0g(/ܿTxZuTͶo};02(цv/U0dˌE1`4ȞPܐ+I./YˈB ;&t/3ߵi)V/soch7{HlbnXO7r\/5N]Au@SC),w+0 Ƶu戟YyU7O`oeZJ5a+i^ZV&v󆌫[Z0.؁:aoaz].[įW$|*gRvK,)a^0FK:HJ7<d IuM+,튵L̴HɈjMVh%Q]T0*h9T uWdrZ!aݹ ӳuA] O0q@dfE%?DlhCH4\apNX-X=W Viq _8 B[){VX1Lk( %W2O.)Yk&LBv wDlGWoo A(,3 gB8hLt*m~ksY_A|Re3_8;O023c\mzN5p8@>)ք%3wՇsɑ!iD~͒qMyv=VQfq/j; XEd7V 09[tn*;} ?|߁Y0ګ*W "j #dg-_ eHwDïbSͱD]:;žsX֍LBYK!);?'M +4̮ؗ}gȖ`aY-N2|?R_Ds3qp֖,zY%y]XHηIdUW+/Ӝ.4]ax*6pđ/{?XW&?tӞA0{7tW C8?jk|f|TgkE\͇m,kt9MYMZJ*߶t >qP_V_!x.3.#^WQKe]A)_UM)yT]Lp(Ӷ ӇhuAcpy+VY|i[YO=QGM H%RjĶ!:CWb:Oݘ{O *+)#-|Rhai<)jXN*6P hj e ^vr'2>4-VI`O||r:NA4W5VdACȠ%硤(@nF]iޤ+-z.G.Y*+JavaZiï55\U2ɳcјaBo1b%JFt{o䞹y]{,b\܉QEX>s‰sЁ*O+̊DeEV0ժn᪸?jr@JF6ANqk@s}2p`XO>/t)xe'QRJL,@ Ze7!goSleNdϬe+>v-K<+8kAgԾ"˓£Џ"ӹ#Yv*vF2;P]yeQƄ=l↜2i5];rko b*n څ;,$E*{)H^:׃&QdQ$\s ǂy HK @IvW4 ^^ AbkKrIb[|՛<ř7=Y3ϲlJ`}n-{l~g%r=eۗ3\CY'&=魫y8\dCԁmi.}Cx{EޘϺpz3z]ϲK[BdU4)v{@[FO!AAht:Tb<њA kb aVEEQ/yfŌ;N(e)(1MHue!vGxl[$xH]>VPℶw4FE 2Z8nc_ n;7dP݅t^Ux* iQY%=5CrQ%i[oV> ܭ_Dn, 34N4gaf*OAHz5lm+Ot;q.2>ڮ$\owru YlXye[-zsU<"YĎkjq޳FfdB sK7RakB׻\_6&FyG{Wp|\c; -2 9U{x@x$@FT5qGzYdd68?_?== 6OϻTu4@- O96Ģ_oibYETIѣ%F<ٝ*2r3H%)< Y;ߜ~kۜޛl70Y,]bNS2΁J\44GDj|dXeBU):$iܴЕQ) ROs]آr&`R.BۖteCergDrEj{/X,A6@\3H VcZʆcܐaRdXpsm$(H!ɍUtY踨~Eb3+*Ҹo~qp*}@נN`_B=1^sM zht(yP6r [| $ +"LHٲ1([Q. xsN7r#CMs-DHdD"Yp*L͓0 y]0JpWp~K7Y;}-ڸ;/o.Zڀjɴ}x1TNڜ.ē@CA; @# C8nC]_@ PఱQ>dqT3o;Q-ëOo8rC/~ Uu1Z]$X.Z<i1 n]<|컡ioVNV(CW/1y8R67UP;6y*d}z,l0(ⴚj*_~ZXaYOfby&o"hq@ݙ8/Y}|7!m>枿IX;m~v%B\l-v\~M_1Xbʅ@bfLȻ5G89pۙLdN@A_?6Qa8Cg~ޒf?N_`9UM]㊮Tz/ѣ&:auP #>);Z^$"X2\eXݙNz׬z~DšcR\t=fĬZ13eCgWXA['eW7 wtމ#-֠kfg$}%k_$q̰cdp.Juqd=kW|73s|!LsgJt/U:VUERb&up/ܖ R-G[ӶC[1 >+"zI' e?u+4L"6jmc0^c}3ϖ-]TȍjAus_]nz%Uw؂[+V{njڹ:t='W)Q4&N FƳ>ZY %9q^hùk+9Ϡ6 4 g|rgj#s5~&Xm6 {.L/֚b5 2%?-{Sc_oB''GO6AS);RRۦ_(߬1dь";hމ,SIORjPn0-~$!c{D0_b,Z<vg;|b Rv|e)O+|侔D+(w^])$.jOt)6 >O|I@H0[R5+՛=l#ß &RBTlV|Z&&_\U/MK#59i@`4n;cv]Azݪ,zB>9h1йV HD%fo16 $$*4N"ae0 < j dQg) 6- N{qZWR/l?nvp#FrԣΑIu #r^$ĉ eX-ee2E:1>pKjW+Ikʇs,f]4I,bOz8Jt쉢~ṇBa;0j>ꔵeW$pŻlpoq ک[YCVl?V_ kg }0 v#@)\@.!:~oYѡZ5!YV9}{%7)ށEny9BTcY>GTR8=F/= e̟Um00nv.sxg)dl~NNrv6b\?ѻ.մh/I6mCCSЯ/ l]374mC+'y9s/j B{CeM͞ SF+eN0P`Z:?> K7V^9"YM8ޑo`1Z5usO;`š0Чƀ(jrJح'cN1/˅R]6=헄${Z.+n0HάK}Il7 !FC(8jrW{6q{P6l ]!YbAD2]ȼF@lc܋^NX vV_defm l>0yϗ 6:#$4 \tFw[FoWtddv>xޔ+`-lY'$+`Lzd^j v+ kn#5n lM~ϬOriYj a Da;>O] -X4sي;~?+Qlg0LVfkU3·zdw'!<Ss+l^6PuJ.:tB=G6)!t\u3Ҷ*ߓry*SU rRuqM?ff~N/%*"pT.Ov%=Sg;ۦ2]˓ sZ5i/^YOPFC%*CFd5wd)y O}SwgbؤnZBS`YVVc_1ץ/cXLXh~>^!Wmܠ=#Ck=}8|(ddmY/W51-X!  ݘnȦƱfqD MR2 3$cW3~V ;MIYi ϟH¥)ZA=XO FFWVAZ|/-* J[[Q5ԣ-bGYBUtW,r8e0eMVD?PBR0/2.k?L;wOJfD1'5PNOg__h`Z["7"f0դ&vi˺`OũfKk,6"+b$!bx5- p\*T*aY؆c@`tjo|{WT? OK$Z!!wZǎ?G͡v#{Yu}PD-\mpvxhL0Pe2T$[mc  p }ȯB ֛{fu[&YKok]jCe##?5T hc{8s_tkjN&&Am^i<8aZ:oqvS"=/$PLg.2:+L@omS]ß!N =X~ug| ɨq3٥Seu %nbh?\֛D!-ѵ77( 烠\̓K] ur2:^+E02~#ܤn0x7p 7NJ69`/9.pߑ&2>Fi0dAFD+L#^[*LyOoJdD/#i %fIZֱՁڔ0~&m`u3f{M@XX'|BH(_BA `:j^ \=9IG׃Ǘ<~^ͪp?GгŽ{)j.5I8R#)9+SIR9UΟG տjqڲZOԺsjy[URj.YQcEW[:|T [mwXЉQneA1l^Pl2 GT",4"% خ)I&0]d!56 }HzPrL UJ"T(Ž IMBV?6Zσ gpA&W'}'9#/d>o7cmŻ㟟Œ9]lA7`?0aQS&urFSΊ1izKK(uj^Cdk,)F2ߖ~$s**/ڹ 6k;U0==7.xf',6G\cƲ@v˽[/C.)΅IGyuQp=_b@3ohMD`  "gB-R6Ņ6m*AED\PYQNy1`wLB}պpV74J(^7;RK'xkF/"܉z(%);:P=SV٫.SN 10mySFO6oĖ;#1-&)tKM2Zw&EvFV- v4ܳ8cFLڐʵZ>0 \۳<ǧ9oaĪ--neQat5궡6q'j5w-q#"G(&kt߄a'Z_#T"i{Up 4J/SGnDv82wV7~_3g;> fVtU璶sqM5(&j^nz`w8tO }Mn9@˝ZTJXr"]݆e73mƖôCjHЂy`sz.M.X*md'Ҥ/qGE9$Z{"-;MmDJJ*"M];upZ킭YH~M]]hpo`W]@]QǸkñfV`3s =9x,{_B[<J46bDKKNoNŏx-8OG t8Yً[2[yaF0 b>miP[2AtQ!hXq=5pF>茵Hy(p8qZS.堮R6y&Sghr?qr]W8soyD&7Jȕ`=~.i~ILx:yFkQxE?n Tx/zx1n#BC0Ȫd:{3iZK&կzɿ4>ÞD;FS 03 knw&!d'T!U(pjM"9d&tumoA5gy5R @,L~Ҥ]z֊Ĕel 6A4!\!Wxe*%&QQzjRX a+TG,-b`sŝZ\Ͳ{btt ݶ_~B+E~l)= B"#f%rzΡ C{ttx ʄhU$x&0uk #<%Kb1Q 7|$XxK# 1<?+|J|ٷlܡR" M@;U=8 dxQ+Q'ul^X1;noT\n uw]ЙjcttAchRM]F_s^|o`er8)Ζ  /IFiN^52t6x2Ua2_#uβ$oG7Q+ăk1yB|!Qȳ:`a@ e+ĆZU3nJ[/  7dĽ!SW4s#ywM&qg)";kT}'$s2[^|t s.mlV%8 ̴vi^$Nkf7_tU~Mf+O 1H*dQnJxs dMr K9ŘEGVrޜ_ڵhK_gq>N%Q zQrSh?T7y`8 (`pᙉf{-~Eؒ|-PHLG-F _76Bs i=kڕs |n-PP~sTDy̹ڨ=gf/;B&Hn߫ؗӦp#w6[sX䕰Jz]r|1]扖IN?/|\]^+_#%ѽe uTx}T!.={}Ŋ^۬Bm:\a rՃ89P2{zm"[Ђꋆ*v]VE$h,\ePÉY5/4>SJpVl:cޛĄ+)m^ ` P{'l/:kk&">mBr.5W򧄪ݗ/d6*TA5mDd/U^zۈn%mJQuZ7+ +x-u-קs*Ӳg=/?X.I8W ]6W߳ z#YI_T#MD,i#"b< 6尉pg1at^ɣl 7 M} G N|` K419)iYԁ8'غY`ӸGh\+$A->t3''UBAQnhG J8 @ ∛H5 4/Eõ "Ry!#g|-æAkG@9)Zh,Z*yLEی3a-6*/:.792F%O%4z >!nFƹ=áo P |%W~[%aW>ѱs} p_PpáXRN Ua lY"^p`j튁wp39D%-TO W%aV%L1" zP}6h&VMW"ՖcR7GМj^B6-9{#Г~*@?ܸh4C]ojjX[.<&> Kon/*;NfWh6sVba@%{oD8mU衧{ `er +uG;Y T9\5Ъ 5u}(K =K2WBp,+ɘ@R೛<$"4UCA<3D&4UϰNiDk~}]䋃UUJ1{y'ys|t6$ӞoQlxpC?w"mgYd5[Ego t EK5lYԖ)N`jfX+ sG-<}DOz YbUTY[t}ﮭ{ad 6L&SnF׷Ƕﹹ2 ްa&/ /M2E[77,뙀;f>j:p}K&mú B;+#)>']kE\J~m䡜O5GQ:7qo?<I9gӿ:s`82\jI6PA.Siv=P ut(N)P#W8:/ȒbD9jOuЂJ1> gCDdD+ ~4F72W>c1F ]D>08ɶ.`qTwQNpQP+hբ^?ertI ̗N|VׂPIĢˠːvCE3g"@T`5i#P$JV/P}/tQ-j K[tnjVY}}ћOEz}SIr"V\Ta {t>*^q^nfm? k$B {dpcUl{:pul, P;x%B{al|ɨGd'ؑ@:1c> _yp7٧7f[u;/T0ǤFw'PN[pfiE'z% \À_ ޞ8&P"KФR1A>Vd kmҽt<7荡BWnO_oͫ{,owgNǠٺ5bYoDx'#`~E,Ut=Ͻ}d S!awb H KNܲXzPoN ~!P 63̙漬|ŤrD{]4ڤ[H^ E,7 iǑ8# Qʧ)DR@ja],]v%f`>.b<'(Fl^gV&sc  9lUZbNDoدi`/lJ0'XE\,S#\*˲*'akNTVar֬yv Bâ0=WJFq |f'^oH7*.*Vcs`#P@h[Rv}+O3;fk~|;e7 [7q'l^8qIxe$nDZYuW?xd6cd7!JhXjtq_XY)9\ OQz#7MLfp@i 41]ЍBlhі;3dSO991ITb4I/VjG92}hVgѼ3Xǻ3On;{i4|L*Ќ&$QARZP/&턿3Ծ4`G\0UsL`wO;r}GՔ#cXwp3BH2yXV% 3!fBo*/+ڐ.(tb˹5<ҫe'J9K$o)7rO"FsрHpWVq679q0*_4@x3/=[n٤KC*fElݲm_m/؀\}M8(``&Ss]!fT[~ڂ 3˨a;o4'+진[@pj.. !x<Enz) `]bRuߏ)Ȍ6ۂ>c|Դb͌aQ\\? +%sjՉ CV3V tpB`OBfI(2t2H1$oM~S^I^Hm~2MKJEM~\n`MT>ڷj*nB.q y{V5 ykr꧉Ym;y{s#1$)~`\݇-XED ̥cE|cJՖ5 %FWy EY1 =CE'ܘU'VyeEa9D#fiB"^~Iі Q:1 ?'YeǏpڑ16rZ(KJQo6<Q͛W6qZg![uN8<]ћ$Bm[ӚǑ0'Ng]Tu PD梾s4&)kXTD"'OEsO 'Է&P|&j"l6Dpmڙ0!7&"Шm H<,c}Jg2cMEuqAZK<%Q&b~BN$8_Q+K܍082"ņ#0dֱ]YLt]5+?0MK?G=SiܯPJZ @Mre-}{+0KfvqB#Gը|js`\Nסn`OŨԸmɌm+Wwl>Rka$}?)za6Z1g/api~˼4I92U76>I'm"9߶4 m$cBV*ÆE x:%XWPJv؝n/ IJ\ MDN~.iǠzK.KqJ .۾Τ2k(*JeI1>tJiˉNP:]; pm)y&DPW@9 (g3)&EZ":}0Z!ƪ)$Å$eA* h?CP:zUbz'*Q(?T@`*oj N, P sm9i]eqE(.[axԷ_J7{dC J!@ZY=ړa#SHd=H Vɩ}/4[M@ߌ6MECi-GŽKaك ۅK$U#]ŕ)"ґ#B5'Pk#/xY#~?5{?\&< ia愨*5EqW>yW Ѣ}mhb5>?ٯu2W +hDkvSD\ K@Ő>Z> ="'^@) pjp-3Ղ;c4 ij_??VJQECQ QS:nɢ9# {q~> koo怒'sOm@ǓT*/kIu_۠$M /" hL)q{KQO\+0SkSSm[DGV%n&Hj@%Xׁ4))8G0BjF=nwv9cܔ.̥)TCI&#ZRgCetSD0+'Ѿ KAA_Hg~3+?p"QF;$:[͎"k *mpk*<ɘP>vJhw4-с\,"⸓fx LH On|ݭ?CYL!j&$hǃjȊ?3NolQP]<B4+LO%XVI˱*s( LB'ߌgewV'eqkJKyk9|@_eh+UD:)oe1+&$3'7\sFcZɀc؋7\1O xY4SJ[$]CVQzXV_A$$*y/zlӔ{`[c.yH>:XY:kz݆a,1~+.cЭ}F4)φHǛ4gUX^ gѱ`ۚ:zB9hGH)3A(D GoL?9:Ԉͣ4ᓭ3E/e=G]wrDeӶ %d dIaw:HFtJ UpS/%"O1{"=iܜ5`6\= ȁiMԸ"@z4 )0(>~ސ: vaJ7qGN $"AAhַrgc-[ņ~\}c{HꯗeMރq@B x6>9z`j!Y.>뤷-K{)4I:0B3Nf>CO_%w5F+8 4[v'tH5ܖ(%_l Ì*urRx)\ ݗ~ӹ$''qˊKX B)tP<}`NKE4X!}V{K})< J_Ə4m+?ZK!v2uK׌ T_nl X)Y_qǮ͘W鉫<_Ѷr+FNb>Ũ:5p_A*7W.FP }P*/gVHaS٩Cl3CGma+5W>o#~*fوOEN5-q? H1ʈiuTĩ$8lg=$ JͰ5[ Z67ϱS]T*'JmW'?tfP!(6?2 F_p [=dupL5KvaFe"u_7viox:d5?%'GmԘGDX;vlpq/ Gm̭Zx~hUB5sʷi`ڝKKN9H2ާaH&G⣈׌)!-[k쑓DxӁGL~i>L^ 8fͮ-'2s dTadRV@ӓL(QO~l^1>G&*N`AfOpUa|x LΑe9(*XaL4 c0ڕ-N.w?vԴ GB0hNS4 MX xnIsf am*4fD;a@agiwn |jx=?Y)U~ vjso*+5G3֎).am%7?H;]mMȴ*ozQ)uZM/a83!<y '4k!l;zAlNxi"*SJ8[xgh; #}=?[P-/ $(&lj(uw y֫iT'loDx34qu%HCHu}+tN1A2f՗-\΃(]&B7 tCy:-Vf9ʾ]Nt2fؙ,GXu>& 70..uoHNRO2ǎa&%q'Bh9r͙&H0.!ό^י9ES}"^ډ"K#E/3 gñk۪9#v1.v =DHyarA7- B3`("E j2TdNd25+bNV($E*D(O;t/3vu2wL˕btA#f=۵~%7uxo S:7w_/3}1-sd&:os;g)' Mq}:, y)M *2ն R^ETi9N ^qՋz3gx?+b1T!$dњ5 7U](|^/oZez Ecl%$n1Ñ7e2ePEl&*S L,/0`k'Q[/| >rijU4\d-XaE6!8zcrQn-k6.թn%ڲsݺM~Z%}v, HoKPBBu&"8lPWUE-w!l! nhRݸfwVK"ɣu8?'HtexIgztGQ`PsbmXS B46ACe N|Mfˑ/06j JTGsAlj2 vq#J985{P.#~NWvVzԑmIfz;"iݑ1Ϭ*¥epE|-ɮ}7%R[ ww,ށ#wF,ewVa E^>;AM1ɢZ\ -J P1UmPEC]; 2f5%Qu 5P48g1b߅A'> G?V} y_PKwshȟNj#5?,T)qwB$ )i@>>h+Űy?א_ʉn`Mf nBF$;?O@R$Z\8Uhž NHOu"Zʪ3NBmyŠa@%Yz2ƐOFů<b-u- hA3u8pTv}/(G}w*.z^]cmP7J-o܉.dhU5 Xwmg/VCHg7k?w/tKK<U- pgf$^26DEDj|=tQw7o9ǩVZ5}Ѝ|fZf yQWk,bX86#⡃,FKOd mEC!BKbbsODES&k DUtG}qh) VDmŔU'L~aAGs[!Ws>e6q=߉ӿ PU';;R"Sl"3Hu-O/Pڃ^+^$`cKp+ ;ܿDQ~BbDy^g"JUo'#ײF\;S3lI Ӡ,X ZEۅ2~ˇ 6-tJ)j"w\brxĎfۄ'3o圮h~Uܭ{ZP뮩81 tI6i{FiUf&O qn<cp723 zGj({2XGZIuI`hNk@ "4Gs7`>bp#>Ȉ_HI=1ؚ)+^]6W-F'-}b<.-G }s INgtX52HGy:ybhcpqjT"ϰ3goBa'OΙFCv_Cż"{͌D 5_}g>M`q e -QD@g;Qpl㊫?].kYT)#L6E\Uer>*im_lǃXTxIt"Oˁy,K+ '=@IK-K+@S2A:z׍S޳!=£X{?Lxa1]WUU1};F#4rhԁ)z><d}T;reSW0z:BI9/ /wm7^l19pE1R+MQATh/ 0K'}7[ S9RY+,w?H!ϖǿM(du{u^TDtA̝H+t7 wa[Js: co[ zc^DGZ_f+uMBKɹr-+MG&6/7xDu$ ԸcAu6I|6 ks ^"p^_gTHp&QC(_#a)'Ke%*;8׃fe/;d1o%VpůajrfcGZ}ryif3\1g۽ &!),Q'B & MmkN#Zݸ"z"8ʃVU-4=*xa?Ee&]ec[Y1و!cC&eL^Cq?J&1:33=mq4fW2?Ff(pSIIY>hOњyfYiQLjbk'cT[C;j2)b~kcjIHБCXC?JZ~™b<_|waguS+gR1Y x:<@Hd$K8QAKI;a:5]t3tcf[[E9{s6r?ڡ@w b־nbB&|Dt;Zkө_Hl&gH_&-|֭L& c?nNbU;4/ B8 h)^=WF!q95)o 2[1]+ bE"-)QV7%sDBﳅ>>}6f%]W# 56*є! ) }ǜIS:RV /~2\#Jza8Aq A:&&¬G&a9ntTKbX^e`BlyhEjG_lu1k)cEo38d >YsWlygR7ч5?l>WöҶe?h4aH Ylc 0M;rlѱ+HOhƿt7ƭ 8.v XLut(7Q$~锢>l8 e ;e1*E3%Mꦺۡ &Y+nHyֻQFyۆ9l[wfṫ̶HnDOՍ|  @bmgCKvGihjJ(g[Hac8ɳ#ʬ.4s/ nKL~jz6zr [a&V$t2aݓռVl~4b9PDMm׍ʐrAasWO:Bj]=/wg]"_Eݿϋ+Y)=C՝MXjRr%2/7Q= w-xXYA)ꨍ7o aډ>i6j#(^BJ1nȕ9F}v;|EYۜ F#c-{5.xC"[b]ؾkЇT$~n8%;Jב;ɖe/] lgDӒeU6%;9vR||K*jjh%^e=JrRϽf ۑ@/X6u?֘΅:ghwmq.pj<Rg_RhE5!"]j3HO{йy :C]W*BstG/yօUhZ%aNU-\tީfpC2>AJw9=ІWJtdE1kmt%FĐZnJXƴs0} s*I)1Me_Tn3O];)|>0'T8$yi*d쪆IMZfNF?&kĠa;U[Ə\81uh wA r0~ڙuHRJQPXkr*GX G0W=AaLsay?>j3@5Co7u'kͤ$xNP)g´4UY%@`c,_u x4=wu!BG@^H+E20[9: 6m 8@UfA-6|IβbtVVT\Nl]47:xAϊӻ_rBJtLmiCy*C:G8D\{jh".(m`8tz⍼'';i:C]1ЎT+FkʙUoS1?D/ nW PiF!YöJ|LHLЛ Ե #Ԝ,E $ػw{OkHq{_G9K/w|T[pr9CۙHfӃ2g$@FYbŕ_Z26z=sPЙQ+%s͚9G 4x|M2C3nAIj=j-WHJJm[ئHEuh9͞Fn8Tpai3 ׏ ^< |8#j C̣im]>5O `l82f'.}JwwCkd^$l޹?<t]!vYd;MS(T r+ dh{~7q{t5-Z%}G2ba͇;m{;T\o%Ic*)vЉepW(~1 5q Mwӵ9DAc;Ϣ#%J+5d1_N]"'[l_#>0MF2ts l*#e>;OVJPk(,W4j |f)oPI3,H"EбgKg q1jf9J 1nE=ץ rgMKkтa67Sv kifclGH`a9EB^ nz(a-ӋNjVrP}9-7tǐzXЎ+o?ŇZ:yRa)ݧ=@P0U6#pZ>hv u@-$O'oz &*LSC,Y}[h,T&ЩwȠ茲$ŸDAx3N}Y庅zuE%(N C:oJf3qWeY߁yC+t?*>vu:Ք `jfT#nL7aI:iȀ(Wڴ ߖኅiT=S<"K1rk]U<$6'k%|^NFc?̎,{@gx @틭/lk䡔> ]~ۊooExM`i:e%cy&Ct- A0jxUA;_kã6aO2FxqFR#b8mXA!BBk !ef2yXZɎwǗ^k -rtFμ<D f:aST# ..\/ vnR_ -|0LSeX`7F{wT{ ֙~-xvi{TRe35a``(CpiFj[ƹΈè~$#ͣ<19˭f?GX y*! و;#=~թ\r3g)YPrz,f=W|esXb&܈ÇqS.2xʲSԙ(d$±D \l l׃0wsbVԝuwV&Nuz,aT׹HGLeI6aWS^iʃYDK40C\vtj8eSFyģ dMa&1û6=m[awy9f|f`kõ:uKPof6#.د\H.cwvR,̭!sQL(DjK˅PnuC+Co{ڷ.scdK_?WDc0rDϰ͑(%bd2Cntj$ T*,saRQ5ת-^D cE19l'mҤ{qdHV"#^j]G0yqJ #VL|UsI(mޭq\{W*9Wds"s% J"h'5eы$u5bw0^̂Z߅EEʓ,FBXdKZZO [BJJD}jԇALN&9<"vvrm4>vl:7M§UDC܁u3\E{ԯ6jlU&7j^+LžĀQS#Jf}\8hpn7Ҽ>sc/r2vrVg>^vQxuIt{:pDYHI^4෸nM#4_K6 ڬ[J&raR}@w=NF֭P4(h+]G:NE,Zf4x'/;yg-R U0}f3 .AAo% N KS96k. l. M0!]4̮ٜK,W#e]0Ys a ޓ\C/E֡—\jJ,GhՉwqg/mh& -!\?R n|_jDVSk&0ʜS~%$Gdr85Ws bq%LB+ѣu^φ,\Pۭb_AwuZbu[, Y}3K%xXƟƃO8,=H [k3$1mB}Zu4"򁬝'|84Qv`N]gϟ`݆ r!]bʸ>~\!@I^rW tI"EYKa ֦q!/  VR,ds|2u3^+mrf>̏\l&TTcfB/(F@ @n i{v$G wqr0yǝCQdaVBZ݋Z|<23cU[>c)x캌~"jXGl.fqL!Geyt32tЪ<.pŒȦ3ŲLALW<,r aΫ]ifq6X !sث:[ Po{xY!!'5,l !ŸPڋ;@Qɖ'20^dO,#2MTB6IgA'@V?٥?0q DgH?(q5( Ti`}J0"ajq\.ᝪ]U"yfvjk̎ q_Q5 Ahv ~J67ڦ0U2a kwrۖ!Gl4F. t8Gr;"{%4[sS(m(4Fi{.W^@,m#'.+c!gK g"/p9ۻz3MDYB Vd#]^hNO? 2U#w{wa4/'΋RߢlMyvn̜sI,-U):fu}@1H !@e"jVC44i_+J6fpd/NsLv 7EqI wxXVPzl`tN#k &1=OOמ Q)LL?UJ!J70N,wWH&AB2Ph3ve[[+1V6QbYNܫ&N/$_.)SXz ~v> &.d_ue'}ӢIA 6Suqfx(+_\Zi{gdz8V.7ulD/YDj¬~n̄zת վt3#LDƸ ^0X)ko1ckH"m&lEU[FkQh,f\jHzv#GmRnՑC'.[.M%AjZ{m(#Pˢ%s\O(q0]~-]3ا$==ҳ}sTp[V!<5rI6"URe!,H I{T-Zpd{Z43ŲiRM/C43)-=S(g;Cc>G# vIp`w Ե12$5"7^@Uɫ֑2cud@xU6Y8+(TG8s'S >e`(p-t ssn_RnͿ=oj.# $u 9u^m߫.s]+q wz*S7yI0B$ٹL (,Dhi%]?&Za"9]Yj06\< n\fy 6ߍ^U~pkK̖| eogBKՎ鵖NZ`&П-dQV$)nVPH%U+@`[@ zP(ݏ9A=1:/]l) l:4HHz=Cy]Pu`esQ?@MPHXU '8v.'i=#P:z2S>9m2QbFa bE6j"[1zZ5s D]k8,7[C$O9ԏ jTfLsnYx%\I+ub %e=?=p2J!ceZDfݱ_R8,ʝ_E̟q̅d҂oou$*7k#Ӈ{ȃIEĵm z),4}Q5cOUl;C#OB;5}B3ׯO[Dye hk}1#)/jD-ս@1j4bz isya#i X<쏝"Dv/P8C 8qHHӑemל4'ۃ|{-,Sf7!Jէ2]j?˻ch/|-oB%B=(OCg)Po:kJ*9e?` :`[u7(obrNeo?ygɕ[n`WMOf߬+A v0Mft-;nyu3/; QQF&0xZ3uz[3#]YPOUQS4XRgz:;ݽdؼadU>q,DG6O_xqxFL*&DbҤDϡ)ģI~sx-!q_OdC:[a'|iX%[_9+{^B^)ɣb"Cw>VMd&K(OUT"5rCH:/W ָ5;0j{  TϩlSA#&q\r$^)Z5 6wsA_G< )C~j!ӿ%!_ŋI6(BQ(ęV=h('*$_JzĂnʗ҉j =T<U& 5*gצw6v|0^oH(X,6(Sc奔8̎;JӰpgZ+F?! p(S;_p~q 8_,ry:#[qW{7H,ugym b&N|(2aKRBŒ%AxhhNnI^-#b\_=Ɖ;3<{JE8%thfCϓ`H^>8'R;[^ -J*bin5EZWߝCDdD"iZ󫒔Pfw,Ճ^Y (1xqߪC3e |ӳi.A08E\mh8PDZA1dۮG }(d:oP|˒vPgF lnV]`;O>$x{,槮R3rUmoq^6Zx 'U-:*)ubuW:Hj>Dd3!2D#;EpUbJYU)QHPpIDWP#Lt c_#|U&* 6TǗX|^  ]4("DƙR_Ak,%'?%Q;dP]|'ڶ1`9'M :{ T"coyw) pV)5|lPFbs$Y:ܹc,ml<Ȉ=H>։UkY<͗ު`¾7:Fs DdX|FFOru!}%ZB!VifB4|L nu<ИK?&,sfAu{x^PP:CΜWFQbJ[N 3tZu"L{z޲ͧ.9X D +T"&R^ȘG@q]RSթ!48IcP㵭affo/=CԌ(l_͙(qwѡgR>ݏEʍZjwlZ*KCCZ&H&K5^<0NG3FQy7a2/Ϛر[Iġoat>{MX^d.54KM;D1#_Ģp-ۘXC&$Lh9> ,P݌,OڍGw缅uy9c]G"C%v,a3fs5"Ixm iXaώjD <Z:-Dnv%ۻ@m$G j\^5-Ǿ )RF}LJڌb6Ֆph>x_&bd4 ڀK>`Q6i$RH*5"H8H%7h5*&㈴x߳VY .4߲n++0( 7FS:#bS1 5aݞɞݹP[X&Lo43u,捣Lyc5$c#z%~ԾHOSvC 'kܛl Ϳ~t;X&~Bb⻶!oe [\n";)}Y 27ku`#GBT(pXnx\ P:$^@\P !?adIwJ1g@GctP݁0[0h^]_& 2a".r-Ch1N _ Vk 3(S_:o<B<ҥ"Ko |7bGէ 3Qj eOEU#A2:!bhcd,叡qRŲPzs9C~O%rm Mф[kCǣ "cpx&YɻxMu{TȊPLZPO8#x5&'t A5|| ޕaK;z {m$$k@GS^v3"((%")D^s2oWcBx:؄t鉁pN< ՐW|z 6q36xxԴLJQ8IQEuk'kGs/ê&S'qB.P4Ϧ3Xa\h\Y(eFsVM̽L"8x/Fl&`6"YR,&:Xt )Q)@wc:\9c0U(6q$tJSQ։E$Xx> "h] Ry8Ժ|)"s"OXe~+-GͲ9m&A%:aEX-e7֪pJ`t=i{jDG>-5,Gw*LSh@>EmGbg_?OdDR`o^I0II1eؿ7ɹEnIv9319HUCQ;h \ &OYg& !-$yR1[yB>;EQPF Pw+~JON<Zgynk%sc#%V^U)yޞ2{\aL,5A"q==KhMgfg+%Gvv(|+="GL2 qJ7+DpnW >n$ɩ;7Ji>'N(9UW ; MQ+|OkMy`f_ui0ür3l17p6=HGe ѧx5 5d~aUp&a| ޠoM﹝dm$ ")S}[X<Wd/V]mL]MEhe dMltqJ^R@(xWX]ZX i;s $ 0MEhp3OF`Z 8[K>6";x~eg> Q-+cH{N!^?lǾukL}O選sbjMrig]Ձy%@# @nXCO8@$K%m] 37}?I%4K,>Pֵы3M-:~oY(ݥs>+@wE7>9@[VOW-,ޕ=8Br4YB DoދD(E _=4S%1SPSo.%%no!m*}Jr~SSW$$)NZ'\J6~!'b4lU ODfYy N{@4"!͠)Qe=ɷ#;5g^Z߯Fu|6!F"rjCXL{Iq Vi=[JH_^ַ] -~wЭs7I~^^9Vvc?U,pro& 6:IX!! ߽d#D`>kSN1]A@NA"Tb(T*!LhE bΨŐP0$@UCu#w:W9C|"Bc܃V)fS7I{%V-t/'Xԓ67sZ){2W MEM9uSW"/nKY;¯T삗ރW#.~O~O͎hVwU,$"%_clpr*eƤz:J'Ǣi?>+]^|x/h"E0=ʕIN`Sh˻]Ck-VlȌ09[C5-b {%_Aw=LwAf Y>e.:W'{Uun 0ˑOKC'kSrw: +$ssh$Q;Xb`[+"%6cɘwՒ= T_$Uhh6b:^A4mjUV%lD&WKn3&hyH@Ju-昊J KEm覴BLXb w_ +0Q9t ;|L^O }wP UUv1M<8\*\P| ejX1|<㒇UHM,sx4DgоXE5Nn܇XgUI"U.y2e'鱮Ysצʀ&ò]#BU B)Чx*U9>N}0IE=ͮpd [}B$T:sd Zm&+ U$v?5򔐣o$,Gb00XfDhj2$MJ^_ -`zWͳԦ`Htoke1k CdƦxM=,%pJkY$dr#4]G/t*X"8cLR-eU)U҇QƵ?SPv+BPX_˿PDԁaY_k/8J!?7"Y<':nnIP'Jj(ԁw3ZjR9}sEz6Nc7TbGcw\|ᠶ 4.8c`ͱ4chFu{Ofj"E^N_OyQ&~zD-1pmWnd TD:u&VcjoI6j\AS,4 K2VɃH)~N2|B XnF @CM$h8+d S+@_Ѿs&\:ȻrX?Hu, gH7<ԫVm9i5axmeh($* (Ƞj;JMPBp"B`5'-ݫx;qb_!yú|ک5bG%x"gdUaS[ '\,AXrec}Kw]K!Fs>tRB]'T٨vn4fvQ~UxZ\LU_`~8J|>6է,nD 8"<8p³R2yQD-TT\o|XP0Qޏ㕛~}?X&ˢnRfJx"؜Zj.-ӛ. n!{? Ӈkx e~>>#pe)ΒmjR0dٵNzXzG.4Y/r/gDn8r"hKȾRe#0RB0 iUNU܏."'O/ϊ3 O |UPE8xy?kxOjmc ʨ"|9B+o>8|Od30`;gBqI2Y& l4XdRgP\{猃]g5MkDo%A-/AJu>"3ݬ;'2_?CsHj9yYV"-°*0ЎIަH=rmIGq:|o̿ثޱ!zn>!R?zQL+;:Ct:a>Qz 'I+dK xh{?hz'M<0£m{CEQۃ0+z$j޻o2]zIzt] Р~ %?]1ǫO"4>+Yfg tZ+#pg9; ܆ylxp:JξvH˻ȢpI}(0gF>:+|.!Q4H ~e@<ːtV7K7MFQf0}fA&u^M˨KRgx1% H RfW$CVaGhBv\WdXG//`TE'$GʊTڼ(މ)drs_{'qH%溥k_-ߑjfEcGW 8KaY@ \7.R`p&Ihf9G7IQ)oc̗7kz=DXktG%qC<B19G))5aoT|94Y҅[hڔQL& [+l[[9No sg{qW؟1SӐEoå\;W/Q %\+H؂\d3U,&$rn@R_Y*Ub{> m`\zDf2e[͌[An/?n& Alr1xK뤴fVFfF#\H&S@;P˕~9\0Oi{_<˻+F+iK)մ1#,|3T!j2;Mc-/`emR nŻ\Zq⚌wbfg5UuR?K%W,%Ӳ$!$7{7L%(qֽt)c4}*PXްm^^sCh S!-A N(((35S1^u. шe#d!_\t\?P1*[n޲ՄӖv9C_J^7d{8X6W ^X"2/#8C 'OZ)/,Ǻ2ä`6I-͢gc '/{*M7h{;F>H1jԜ0S}WF_$jTF_'3GyWR#~J@ k'\}E.ʋ'Q$\:_a%wVq1vdȳ:T'u23ӻK^ok^ S Z"$D4IF;s3- Z0ezȌ#e u7y r[i@3x]ҝD[-b.Ra+=+%2opjxX"_Z; ?.|Ō5CpjkXVåd߰t/-,(.RqFrXyIc'Xh)PImn r4@:Sr)_d 䩜 | 5K 85bZXhI bwIy!0HwCt{X qْKk>-: 1,zs?uH;Ch]9 IkLlVKO%fP6!z'Xt+6Ix_0%~SlBk8ЋJesr`'?KvTz๞"#wg,gMM$Wt,-/1T%֙1"ڼXG :9m kF{I%F!qᤕt`I0qDדЋC".p[Ce,%hWFg0!\C CV2? %2HqUr0]SKرa^SRͳFmri9}5D.Bk3xZ < VcG>Ɍ@w`"n00br?o?7,2ϔï{VŽEZƃ 8țjQlU=A1Ejhv37'tuϙԣG"©fjIZRTNXGqJs{\ 2yam.!GǾ#ASLA(*GYMlJ Fnˢ^=ftJ`!Q!oS(v˘]`ϙ3pn]f~󙉋He~+qvGd!%ŅPbNB@?m'N1SA?vsj*i=A@u$l-b Я_JSyP??F$}ZD~Nm[2s=]2HNar g80)88CeݱEb>~vMje5(Swz4*1:{ v5ŬWYa}چ?O&pGW9==hj AA\RYXxo#]pD_nY*Krq 8z& rlfݚ 5S2;=wQ o{lbvGm*MD+$`(k_婝s^1B'@xDoAR=Kp*k(=xY5NGvAx4C Sh>k1lbQ3Ĩy~eŴ7208D8_(ּǞ3-1񌼳r4twE՜Zq0ً"kÞQֲ3zt50/.;g޷nY7[K!ܐۚS!U}}{sXgXL-oAl~Qr`< -\gW_OzE YS4(IU؆ܖ` _D Z[&[l-{8*\"ISǒ 75ls'AǛjPf[|4kETc)5U 0M+w"ǦJnZ[`ҥZuމ!Ӄ;:՗=oj `鶖RsF|#T4|K߫v_7!Z[~htQt<|M#kUb][W53ϙ Pɯ(3 *(5S.Cvɓƃ+`1@oil؅4 TsD G`TmZ<=QԜ㮕 j@FnVmXlOdåkK3CD\ZoˣSE:zt#%!t@&QjdXgjh RS=4En=ԕ9槝86d28ρ5&Dޟt8d}PbIy_Zb 6X>p7l(褱߰`86\66c[ַ  VR dzsM>?[i[y5`kPêJБ Al?1薄Q[[Vx4V'\6jͽƬ~&+poيoB1I*򘉃Ot l%[|R۾$J@e*8 jU~[nLLC7ӡFn jjY+Cm[uȚ"qv@KGySiF\i K=F׎ YZ