nss-pkcs11-devel-3.36.0-7.1.el7_6> H HtxHF\P ?*}}@ƪL(] .yd63["3 b24a84b60dc76a5e07498899eb1507909b3b07aa\ZURʤKe!2F\P ?*}}$o4"D8$vqɄ~ }cX y<RL>80? d $ \ KQX         A  P   $ X:(n8xe9 e:NeGԸ H I X0Y<\p ]դ ^,bhdefl t$ uX v׌w״ x Cnss-pkcs11-devel3.36.07.1.el7_6Development libraries for PKCS #11 (Cryptoki) using NSSLibrary files for developing PKCS #11 modules using basic NSS low level services.\P7sl7.fnal.govJScientific LinuxScientific LinuxMPLv2.0Scientific LinuxDevelopment/Librarieshttp://www.mozilla.org/projects/security/pki/nss/linuxx86_64 n@GCB:n *Zi(Zi(Zi(Zi(Zi(Zi(Zi(Zi(Zi(Zi(\PX\Pq\Pqa35ece673d12028eb93987be84491b4a5978b26acbed9391ea7c623d892114892314809e560ccd8db3aa7c73a76761c6dfdc9970766418eda2ccf5d82d7c8c87d17c98658d22e1d43bebb72e5c2fa70d38b4813cc365664cb7e012c1c205945a44468d9015bc778365581b64aa8389d29b1253027c339f0db50c4fa4041b182610323e003c49ea719ba9d58bcc8cd25e0cb04b9ef477e86532dd49ce5aab7de426ea03608b467e5d895ef62414d18e48c7eef62075092710067aa35ab7da79c77a0eecf6f3406b0ac94bde7ea8963f1ed4bdc05c48bade64adbbe3f942607a58424de03c781dc5f6985867d3c8905ef675f7f2bef4bc52abc6e523484afb4882dc8e6a0a79dc11903d89226d4fd9a1a2e6d15433c2f77b7176b727c3d2980b1b616dd39c3520cedf4a0b72c67baa0de3103d894baa8631e24020c157d21a2473f5ee187ae698bfebcb2b4df6e21edbc3d95b5ec709756e1cd6a1c3d83fca1c449ca648f62a0056d5690059b4488a18e3ee00710b506f50999f05f8d08a87d5f20847a57b68d9a7315fe8aaa28886e3c5aff43e2c7bc15d1b39efa3fedd4d895erootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootnss-3.36.0-7.1.el7_6.src.rpmnss-pkcs11-develnss-pkcs11-devel(x86-64)nss-pkcs11-devel-static     nss-develnss-softokn-freebl-develrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.36.0-7.1.el7_63.36.03.0.4-14.6.0-14.0-15.2-14.11.3[k@[Z؄Z3@ZЛZ2@ZkZw@Z\ZOhZN@Z Y@Y|YB@Y@Y@Y@Y@YJYg`Y1S@Y i@Y i@Y @Y.Y@YXX~@X•@XO@XO@XBX@XX@XWu WrfWc@Wc@WBWo@Wo@Wo@WW WW@Vn@V@V>@V`VpV'~@U6@U6@UAU@UUUݪ@UUȒ@UU@U'U3@UUx&Ux&Uq@U?v@U8U0U-@U'@U:TTq@TTto@Td@T)IS@S@Sہ@S@SnS@RJ@RRUR۾@R۾@R@R@Rx@RΏ@RkR@R;RiR@Rz/@Rv:Rt@RrF@Ro@Ro@RnQRe@RW@RSR@QQQ@QKQ@QQW@Q'@Qq1QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.36.0-7.1Daiki Ueno - 3.36.0-7Daiki Ueno - 3.36.0-6Daiki Ueno - 3.36.0-5Daiki Ueno - 3.36.0-4Daiki Ueno - 3.36.0-3Daiki Ueno - 3.36.0-2Daiki Ueno - 3.36.0-1Daiki Ueno - 3.34.0-4Daiki Ueno - 3.34.0-3Daiki Ueno - 3.34.0-2Daiki Ueno - 3.34.0-1Daiki Ueno - 3.34.0-0.1.beta1Daiki Ueno - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.33.0-1Daiki Ueno - 3.28.4-14Daiki Ueno - 3.28.4-13Daiki Ueno - 3.28.4-12Daiki Ueno - 3.28.4-11Daiki Ueno - 3.28.4-10Daiki Ueno - 3.28.4-9Kai Engert - 3.28.4-8Daiki Ueno - 3.28.4-7Daiki Ueno - 3.28.4-6Daiki Ueno - 3.28.4-5Daiki Ueno - 3.28.4-4Daiki Ueno - 3.28.4-3Daiki Ueno - 3.28.4-2Daiki Ueno - 3.28.3-5Daiki Ueno - 3.28.3-4Daiki Ueno - 3.28.3-3Daiki Ueno - 3.28.3-2Daiki Ueno - 3.28.2-3Daiki Ueno - 3.28.2-2Daiki Ueno - 3.28.2-1.1Daiki Ueno - 3.28.2-1.0Daiki Ueno - 3.21.3-1Kai Engert - 3.21.0-17Kai Engert - 3.21.0-16Kai Engert - 3.21.0-15Kai Engert - 3.21.0-14Elio Maldonado - 3.21.0-13Elio Maldonado - 3.21.0-12Elio Maldonado - 3.21.0-11Elio Maldonado - 3.21.0-10Kai Engert - 3.21.0-9Kai Engert - 3.21.0-8Elio Maldonado - 3.21.0-7Kai Engert - 3.21.0-6Kai Engert - 3.21.0-5Elio Maldonado - 3.21.0-2Elio Maldonado - 3.21.0-1Elio Maldonado - 3.19.1-19Kai Engert - 3.19.1-18Elio Maldonado - 3.19.1-17Elio Maldonado - 3.19.1-16Elio Maldonado - 3.19.1-15Elio Maldonado - 3.19.1-14Elio Maldonado - 3.19.1-13Elio Maldonado - 3.19.1-12Elio Maldonado - 3.19.1-11Elio Maldonado - 3.19.1-10Elio Maldonado - 3.19.1-9Elio Maldonado - 3.19.1-8Elio Maldonado - 3.19.1-7Elio Maldonado - 3.19.1-6Kai Engert - 3.19.1-5Elio Maldonado - 3.19.1-4Elio Maldonado - 3.19.1-3Elio Maldonado - 3.19.1-2Elio Maldonado - 3.19.1-1Kai Engert - 3.18.0-6Kai Engert - 3.18.0-5Elio Maldonado - 3.18.0-4Elio Maldonado - 3.18.0-3Elio Maldonado - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.16.2.3-5Elio Maldonado - 3.16.2.3-4Elio Maldonado - 3.16.2.3-3Elio Maldonado - 3.16.2.3-2Elio Maldonado - 3.16.2-10Elio Maldonado - 3.16.2-9Elio Maldonado - 3.16.2-4Elio Maldonado 3.16.2-3Elio Maldonado - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.15.4-6Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Daniel Mach - 3.15.4-2Elio Maldonado - 3.15.3-9Elio Maldonado - 3.15.3-8Elio Maldonado - 3.15.3-7Elio Maldonado - 3.15.3-6Elio Maldonado - 3.15.3-5Elio Maldonado - 3.15.3-4Daniel Mach - 3.15.3-3Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-10Elio Maldonado - 3.15.2-9Elio Maldonado - 3.15.2-8Elio Maldonado - 3.15.2-7Elio Maldonado - 3.15.2-6Elio Maldonado - 3.15.2-5Elio Maldonado - 3.15.2-4Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15-6Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.14.3-13.0Kai Engert - 3.14.3-12.0Kai Engert - 3.14.3-11Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- Update the cert verify code to allow a new ipsec usage and follow RFC 4945- Backport upstream fix for CVE-2018-12384 - Remove nss-lockcert-api-change.patch, which turned out to be a mistake (the symbol was not exported from libnss)- Exercise SSL tests which only run under non-FIPS setting- Restore CERT_LockCertTrust and CERT_UnlockCertTrust back in cert.h- Work around modutil -changepw error if the old and new passwords are both empty in FIPS mode- Decrease the iteration count of PKCS#12 for compatibility with Windows - Fix deadlock when a token is re-inserted while a client process is running- Set NSS_FORCE_FIPS=1 in %build - Revert the changes to tests assuming the default DB type- Rebase to NSS 3.36- Re-enable nss-is-token-present-race.patch- Temporarily disable nss-is-token-present-race.patch- Backport necessary changes from 3.35- Rebase to NSS 3.34- Rebase to NSS 3.34.BETA1- Disable TLS 1.3- Enable TLS 1.3- Rebase to NSS 3.33 - Disable TLS 1.3, temporarily disable failing gtests (Skip13Variants) - Temporarily disable race.patch and nss-3.16-token-init-race.patch, which causes a deadlock in newly added test cases - Remove upstreamed patches: moz-1320932.patch, nss-tstclnt-optspec.patch, nss-1334976-1336487-1345083-ca-2.14.patch, nss-alert-handler.patch, nss-tools-sha256-default.patch, nss-is-token-present-race.patch, nss-pk12util.patch, nss-ssl3gthr.patch, and nss-transcript.patch- Add backward compatibility to pk12util regarding faulty PBES2 AES encryption- Update iquote.patch to prefer nss.h from the source- Add backward compatibility to pk12util regarding password encoding- Backport patch to simplify transcript calculation for CertificateVerify - Enable TLS 1.3 and RSA-PSS - Disable some upstream tests failing due to downstream ciphersuites changes- Work around yum crash due to new NSPR symbol being used in nss-sysinit, patch by Kai Engert- Fix typo in nss-sni-c-v-fix.patch- Include CKBI 2.14 and updated CA constraints from NSS 3.28.5- Update nss-pk12util.patch to include fix from mozbz#1353724.- Update nss-alert-handler.patch with the upstream fix from mozbz#1360207.- Fix zero-length record treatment for stream ciphers and SSLv2- Correctly set policy file location when building- Reorder ChaCha20-Poly1305 cipher suites, as suggested in: https://bugzilla.redhat.com/show_bug.cgi?id=1373158#c9- Rebase to NSS 3.28.4 - Update nss-pk12util.patch with backport of mozbz#1353325- Switch default hash algorithm used by tools from SHA-1 to SHA-256 - Avoid race condition in nssSlot_IsTokenPresent() - Enable SHA-2 and AES in pk12util - Disable RSA-PSS for now- Utilize CKA_NSS_MOZILLA_CA_POLICY attribute, patch by Kai Engert - Backport changes adding SSL alert callbacks from upstream - Add nss-check-policy-file.patch from Fedora - Install policy config in /etc/pki/nss-legacy/nss-rhel7.config- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka - Enable new algorithms supported by the new nss-softokn- Rebase to NSS 3.28.3 - Bump required version of nss-softokn- Remove %nss_cycles setting, which was also mistakenly added - Re-enable BUILD_OPT, mistakenly disabled in the previous build - Prevent ABI incompatibilty of SECKEYECPublicKey - Disable TLS_ECDHE_{RSA,ECDSA}_WITH_AES_128_CBC_SHA256 by default - Enable 4 AES_256_GCM_SHA384 ciphersuites, enabled by the downstream patch in the previous release - Fix crash with tstclnt -W - Always enable gtests for supported features - Add patch to fix bash syntax error in tests/ssl.sh - Build with support for SSLKEYLOGFILE - Disable the use of RSA-PSS with SSL/TLS- Decouple nss-pem from the nss package - Resolves: #1316546- Remove mistakenly added R: nss-pem- Rebase to NSS 3.28.2 - Remove NSS_ENABLE_ECC and NSS_ECC_MORE_THAN_SUITE_B setting, which is no-op now - Enable gtests when requested - Remove nss-646045.patch and fix-nss-test-filtering.patch, which are not necessary - Remove sslauth-no-v2.patch and nss-sslstress-txt-ssl3-lower-value-in-range.patch, as SSLv2 is already disabled in upstream - Remove ssl-server-min-key-sizes.patch, as we decided to support DH key size greater than 1023 bits - Remove local patches for SHA384 cipher suites (now supported in upstream): dhe-sha384-dss-support.patch, client_auth_for_sha384_prf_support.patch, nss-fix-client-auth-init-hashes.patch, nss-map-oid-to-hashalg.patch, nss-enable-384-cipher-tests.patch, nss-fix-signature-and-hash.patch, fix-allowed-sig-alg.patch, tests-extra.patch - Remove upstreamed patches: rh1238290.patch, fix-reuse-of-session-cache-entry.patch, flexible-certverify.patch, call-restartmodules-in-nssinit.patch- Rebase to NSS 3.21.3 - Resolves: #1383887- remove additional false duplicates from sha384 downstream patches- enable ssl_gtests (without extended master secret tests), Bug 1298692 - call SECMOD_RestartModules in nss_Init, Bug 1317691- escape all percent characters in all changelog comments- Support TLS 1.2 certificate_verify hashes other than PRF, backported fix from NSS 3.25 (upstream bug 1179338).- Fix reuse of session cache entry - Resolves: Bug 1241172 - Certificate verification fails with multiple https urls- Fix a flaw in %check for nss not building on arm - Resolves: Bug 1200856- Cleanup: Remove unnecessary %posttrans script from nss.spec - Resolves: Bug 1174201- Merge fixes from the rhel-7.2 branch - Fix a bogus %changelog entry - Resolves: Bug 1297941- Rebuild to require the latest nss-util build and nss-softokn build.- Update the minimum nss-softokn build required at runtime.- Delete duplicates from one table- Fix missing support for sha384/dsa in certificate_request- Merge fixes from the rhel-7.2 branch - Fix the SigAlgs sent in certificate_request - Ensure all ssl.sh tests are executed - Update sslauth test patch to run additional tests- Fix sha384 support and testing patches- Rebase to NSS-3.21- Prevent TLS 1.2 Transcript Collision attacks against MD5 in key exchange protocol - Fix a mockbuild reported bad %if condition when using the __isa_bits macro instead of list of 64-bit architectures - Change the test to %if 0%{__isa_bits} == 64 as required for building the srpm which is noarch - Resolves: Bug 1289884- Rebuild against updated NSPR- Change the required_softokn_build_version back to -13 - Ensure we use nss-softokn-3.16.2.3-13.el7_1- Fix check for public key size of DSA certificates - Use size of prime P not the size of dsa.publicValue- Reorder the cipher suites and enable two more by default- Update the required_softokn_build_version to -14 - Add references to bugs filed upstream for new patches - Merge ocsp stapling and sslauth sni tests patches into one- Reorder the cipher suites and enable two more by default - Fix some of the ssauth sni and ocsp stapling tests- Support TLS > 1.0 by support while still allowing to connect to SSL3 only servers - Enable ECDSA cipher suites by default, a subset of the ones requested- Support TLS > 1.0 by support while still allowing to connect to SSL3 only servers- Fix to correctly report integrity mechanism for TLS_RSA_WITH_AES_256_GCM_SHA384- Fix checks to skip ssl2/export cipher suites tests to not skip needed tests - Fix libssl ssl2/export disabling patch to handle NULL cipher cases - Enable additional cipher suites by default- Add links to filed upstream bugs to better track patches in spec file- Package listsuites as part of the unsupported tools- Bump the release tag- Incremental patches to fix SSL/TLS test suite execution, fix the earlier SHA384 patch, and inform clients to use SHA384 with certificate_verify if required by NSS.- Add support for sha384 tls cipher suites - Add support for server-side hde key exchange - Add support for DSS+SHA256 ciphersuites- Reenable a patch that had been mistakenly disabled- Build against nss-softokn-3.16.2.3-9- Rebase to nss-3.19.1 - Resolves: Bug 1228913 - Rebase to nss-3.19.1 for CVE-2015-4000 [RHEL-7.1]- Backport mozbz#1155922 to support SHA512 signatures with TLS 1.2- Update to CKBI 2.4 from NSS 3.18.1 (the only change in NSS 3.18.1)- Update and reeneable nss-646045.patch on account of the rebase - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Fix shell syntax error on nss/tests/all.sh - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Replace expired PayPal test certificate that breaks the build - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Reverse the sense of a test in patch to fix pk12util segfault - Resolves: Bug 1174527 - Segfault in pk12util when using -l option with certain .p12 files- Fix race condition - Resolves: Bug 1094468 - 389-ds-base server reported crash in stan_GetCERTCertificate - under the replication replay failure condition- Resolves: Bug 1174527 - Segfault in pk12util when using -l option with certain .p12 files- Restore patch for certutil man page - supply missing options descriptions - Resolves: Bug 1158161 - Upgrade to NSS 3.16.2.3 for Firefox 31.3- Resolves: Bug 1158161 - Upgrade to NSS 3.16.2.3 for Firefox 31.3 - Support TLS_FALLBACK_SCSV in tstclnt and ssltap- Resolves: Bug 1145434 - CVE-2014-1568 - Using a release number higher than on rhel-7.0 branch- Fix crash in stan_GetCERTCertificate - Resolves: Bug 1094468- Generic 32/64 bit platform detection (fix ppc64le build) - Resolves: Bug 1125619 - nss fails to build on arch: ppc64le (missing dependencies) - Fix contributed by Peter Robinson - Fix libssl and test patches that disable ssl2 support - Resolves: Bug 1123435 - Replace expired PayPal test certificate with current one- Rebase to nss-3.16.2 - Resolves: Bug 1103252 - Rebase RHEL 7.1 to at least NSS 3.16.1 (FF 31) - Fix test failure detection in the %check section - Move removal of unwanted source directories to the end of the %prep section - Update various patches on account of the rebase - Remove unused patches rendered obsolete by the rebase- Disallow disabling the internal module - Resolves: Bug 1056036 - nss segfaults with opencryptoki module- Pick up a fix from rhel-6 and fix an rpm conflict - Don't hold issuer cert handles in crl cache - Resolves: Bug 1034409 - deadlock in trust domain and object lock - Move nss shared db files to the main package - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Update pem sources to latest from nss-pem upstream - Pick up pem module fixes verified on RHEL and applied upstream - Remove no loger needed pem patches on acccount on this update - Add comments documenting the iquote.patch - Resolves: Bug 1054457 - CVE-2013-1740- Remove spurious man5 wildcard entry as all manpages are listed by name - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Mass rebuild 2014-01-24- Rebase to nss-3.15.4 - Resolves: Bug 1054457 - CVE-2013-1740 nss: false start PR_Recv information disclosure security issue - Remove no longer needed patches for manpages that were applied upstream - Remove no longer needed patch to disable ocsp stapling tests - Update iquote.patch on account of upstream changes - Update and rename patch to pem/rsawrapr.c on account of upstream changes - Use the pristine upstream sources for nss without repackaging - Avoid unneeded manual step which may introduce errors- Fix the spec file to apply the nss ecc list patch for bug 752980 - Resolves: Bug 752980 - Support ECDSA algorithm in the nss package via puggable ecc- Move several nss-sysinit manpages tar archives to the %files - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Fix a coverity scan compile time warning for the pem module - Resolves: Bug 1002271 - NSS pem module should not require unique base file names- Resolves: Bug 1002271 - NSS pem module should not require unique base file names- Improve pluggable ECC support for ECDSA - Resolves: Bug 752980 - [7.0 FEAT] Support ECDSA algorithm in the nss package- Mass rebuild 2013-12-27- Revoke trust in one mis-issued anssi certificate - Resolves: Bug 1040284 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) [rhel-7.0]- Update to NSS_3_15_3_RTM - Resolves: Bug 1031463 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741- Fix path to script and remove -- from some options in nss-sysinit man page - Resolves: rhbz#982723 - man page of nss-sysinit worong path and other flaws- Fix certutil man page options names to be consistent with help - Resolves: rhbz#948495 - man page scan results for nss - Remove incorrect count argument in status description in nss-sysinit man page - Resolves: rhbz#982723 - man page of nss-sysinit incorrect option descriptions- Fix patch for disabling ssl2 in ssl to correctly set error code - Fix syntax error reported in the build.log even tough it succeeds - Add patch top ignore setpolicy result - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites - Resolves: rhbz#1026677 - Attempt to run ipa-client-install fails- Fix bash syntax error in patch for disabling ssl2 tests - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Fix errors in ssl disabling patches for both library and tests - Add s390x to the multilib_arches definition used for alt_ckbi - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Fix errors in nss-sysinit manpage options descriptions - Resolves: rhbz#982723- Enable fips when system is in fips mode - Resolves: rhbz#852023 - FIPS mode detection does not work- Remove unused and obsoleted patches - Related: rhbz#1012656- Add description of the certutil's --email option to it's manpage - Resolves: rhbz#Bug 948495 - Man page scan results for nss- Rebase to nss-3.15.2 - Resolves: rhbz#1012656 - pick up NSS 3.15.2 to fix CVE-2013-1739 and disable MD5 in OCSP/CRL- Install symlink to nss-sysinit.sh without the .sh suffix - Resolves: rhbz#982723 - nss-sysinit man page has wrong path for the script- Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Add upstream bug URL for a patch subitted upstream and remove obsolete script- Update to NSS_3_15_1_RTM - Apply various fixes to the man pages and add new ones - Enable the iquote.patch to access newly introduced types - Add man page for pkcs11.txt configuration file and cert and key databases - Add missing option descriptions for {cert|cms|crl}util - Resolves: rhbz#948495 - Man page scan results for nss - Resolves: rhbz#982723 - Fix path to script in man page for nss-sysinit- Use the unstripped source tar ball- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Reactivate nss-ssl-cbc-random-iv-off-by-default.patch- Add upstream patch to fix rhbz#872761- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build 3.36.0-7.1.el7_63.36.0-7.1.el7_63.36.0-7.1.el7_6nssbase.hnssbaset.hnssckepv.hnssckft.hnssckfw.hnssckfwc.hnssckfwt.hnssckg.hnssckmdt.hnssckt.hnssck.apilibnssb.alibnssckfw.a/usr/include/nss3//usr/include/nss3/templates//usr/lib64/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=genericcpioxz9x86_64-redhat-linux-gnuC source, ASCII textcurrent ar archive?7zXZ !XRKC] crv(vX0zeRvFO-c%_@Ѫxg-B~Z f(w`R=a\>VfP[Z<>$*+)yO4|hg*e 8fHU6~0}co!a˽zSW_܂\?|Yט _dDw I$^yN`|5JY'u^ceD=r ax’=-J =Z[\2tʊ?:+# ׆ 5 GQYHqB:X#et@`2xd$ {hI7Zgɺp̒ xQJ6k+~*!?'Yab2ZfZKK k#dUUI@mU`"H*Ld%f6"Y~_TxvJ=;FZ\ 9"{dj +'$ZlwxթO_Cfڍw>oGc7}P[\nD~M|&v x !KQ6Wgz "С Dg!"~CJ{ų ܜ kOp|\X!ϤXm眿;E KWZRl{uM^C_l4ޮo /ȑ1DeDu/!DB- vH3uݨޜYଦw3|-T&OFKD>N)8|sd`s)ϣ|/&+$yQAຆ#Z0ZRW1Fzޭ_^̌SHv28 b׬0Ԁlt 92%"skBUj՝ b: 27il0Zcvr]&fА<,g'!!fLi#n EypޟN\prnw aL)UCF̅x ;yE8FDR[kA/Cp O,<:|=b? S Ϭwap邠$Qwg҉I9`bDpfx&O V^̶ ufOEV`6^Y&gjca+Q\ [L$xxkl1%kTvWyVmȥ :R`2?}#P1WjV|/qy BővGYuFx3xٗNc۶%^EGU;|o^-+Qg֡.y 5=k]!)AܨC5#IqT\%Б/= ={wcBW[* /k&ZVrPW Kʟ{8񞅖~UD#ܹWXIƐ< d 6E\RF!1F%X)0wZ|10!sgg (`E3 ojo @{*՘l#_S0]ڛ\ EM0n-2%XiuΓ.Ǝ c܈1I?~PJڊՂh,NC`k{KR~8tm>=]KYNt@X-RǑ;ZӸsy7|}+{;RrO"BRj6+w*f,nyoB'e-Xp/&= "9$2[cXH9 !R1qwA>̵~/Z]YMAh5^-]lB|ooAODoߪjƜw(.u0I`ǫ idolm(`uTTj:%GP5et;Iӊ\o5j4 r䳭 c>74zwZ؉KVMv&RwB{eՎjY.H}(VT:&I~3+0} #`=QKu\ICmR2m" OI^Ouq\3PBφ}g?م1z{')Yp*IvъQ!x1\>2kfɈG%Wp\X`ީ؆_~ciLE, M0m\K I=TLK5Ⱦ:ﳻ<l]}pd}O6^!HY 'YL@ud]SC60H\w=N2z8ܧul@D\;' ;a{ϟK|?DbZF)\5oPSzL7]23^#:A[醌F{ρ͐wق>oo#HAG7{ !ow5H, UAHxk D!Wj {)tݸC߃MC_u[}|. b[_t HwK>'t,1-+#.U}@s ^XK—C 埭ok H_?E:oi} 7`3xh8mg Jw.>-}싓Gԝ!Rw760bdvmγ5*y3@MF-՘|-OkU5%;!a+Ɵ}N~GQ 'CWM>N &|u pn&dh}:p*r[kA84 9ɼs{崮8?? f3a tbߕ0i $tb,YʈhzYG1)۟7Sԟx^@- [늀ˆs]xz83 Hl˥ᩒvU{+ .qlzTG ~:KPhA_X+< 9BO߁6sd| ISiX=buPZ8Z g6ϲ M[[}`ur_UC<~ۣ'9L Sbl䝦4Gtw˴^b; K D I9U;7|b/yVkm=[9( O)k;c Ǩ3dXnzw򩝘mVpl&^H}n*k>'9\)ܓO'Sa r~rHBg:~*e{P"e,:{FP4OQ^zL'dFcse XWo{J_<n Se<~(tjp X㵖 2YL^!Ɉsn'H>?>\3-4 K"e[с4S}: I,D,fZKFJcLou4leq%1Sa`K'7`$ &I=,] 25v6 #p?%oHqdyL%2iic`HxWģFZ)Cg' >00)\3ؑ<.$*ʗ>VKhޥ&tN|}"ccX.mfwmA,eK`Tg?H-EouԀ6責 ua+do]LzN j6i؝3ISJqEwu_ b#sB!l%: x-UiCJ~e ;bD7AL|V:o 94> ]r%M֗c @{K[7M{M+.Cė n $KQ B)[A\a ke@q8jˣ:O K8ͣڣsx@D| n/VL 7Mͽ@ʴSbYc+#"twҡ[<6€)/˃_Zu(KCL~ a8e:.B];9('>kfO y1΋B5bLktVutm^p4%R |C}㻆%{Sd$EbQ5Y玔&mIf[0/ӒORaŁVq 2R W+E7MnEv>ܴߨ]s e܃`%^V/>`"48y_:p&09['#4IJд.@-l Y ]Ӝo@:9p^]a,uJ`o ޶6qzU3wנ[|'Gr LA踵ߝ/*,%hR%wa?^FDoRTy<*XZQN^%r$(ʼnEJ e{MpuklAX>/;8,B6s5hYJUwm@˵HսL?na4,dz]qeUoȚF %&B){ K3_~XNӮ%)mثr ^m-/F"ӰhO#l">]0:%@2V>L ^y|=200g*(F֫^Ҥ'7*TQJ~aQ~ܭ۷γz'hA}9񧫮KDV%F-}N>Cl $ Tr$mt㰹 _s65+7" . ,Y1}23`WtevT6/+u$Oԑ[2Hc)ا,a=wK΁m0']os)ɒ9 zɅ<=]q> d[@40WAË u. GcGLNK̡1G9m·ŗMȹH&KlUvlu)<)Y]=NEnPO UnRV\.Tj51~!o=e{%rț!K{!MU;N(!o7^A@9w>#2-lh)O}I,}D=87^%_ʪ+u T}4K:|")6y ڶ%66}cR+L68NCxg$P{!cuпeiAjimIaвx$ Kn`b2gT vne:OVO_qIPd6اx4R6`ȹWo&0[1ʡzReTjތVO e\W֗$+.g Qx]d`Zփ9G*{<릾bm{ƧkLꓼ 03 -Ƨ8`.yNWhkXYoܥ71 kPf3%S]V5nڛ BcQdۦfAK.RJXi7st~8.b6 6-4OKED*EJ2i6X.r ix?%iEh@x]GAӺ` ([19)x]O(=d/.eĽz݄BV7"y*ވt 榙sĹ؇_]3_7VsԱ%b_T٦ܴܣ$ͻ#r]8d']aºG lmyE'kv@\VK4d2i>|y66]lE-uTJܤ}H[ZͩdJIm3.E9 7ֵ }Uٗ7Aԏح +jλP,PRUkԔ} JB/@b$!>y*Rw٭O$s {r<`ę)%.UQcϞ7$:󋭒=h<@|6耐<ߞÚ">/E+̑!?#LOE$z2[ZzuKXLA@DwߧEe\B9;r=3 ~`OslFuUB0NfkW?k-(EȾayN_|ۙ%C0nLػ>vmH$| x6K2g,οr2G6+MA{뻵n40 so=a'} J;7UM&Od!Zr0T@c -+דٿ0Vdi"_p'`1 qSxoWX_f]w3 8a-V΍ь6[Egb?crq >Is(=_x\D-EğQrNvdc،BMѽb CXJ|xzS<;,@h9 |mmr(uhs+H{$`- .CSH1iG" D&Z?*DV8z)dÒh*d<|R3RLv3*Q/j֥Mv!:y$4':E1OFNcI8~!eb4f{H.`ۤ ti(9ѩ.4X}UgKTΩ;I_$Kqڅ_#rJc/UmJ_ ;aFTܜd`L~ ˌӴ4"oаҳ/=`(m?VE7=0F8"7 ZسAF{"}[ !(?$?]l =Ĥir ǹ ҡQh0g(/ܿTxZuTͶo};02(цv/U0dˌE1`4ȞPܐ+I./YˈB ;&t/3ߵi)V/soch7{HlbnXO7r\/5N]Au@SC),w+0 Ƶu戟YyU7O`oeZJ5a+i^ZV&v󆌫[Z0.؁:aoaz].[įW$|*gRvK,)a^0FK:HJ7<d IuM+,튵L̴HɈjMVh%Q]T0*h9T uWdrZ!aݹ ӳuA] O0q@dfE%?DlhCH4\apNX-X=W Viq _8 B[){VX1Lk( %W2O.)Yk&LBv wDlGWoo A(,3 gB8hLt*m~ksY_A|Re3_8;O023c\mzN5p8@>)ք%3wՇsɑ!iD~͒qMyv=VQfq/j; XEd7V 09[tn*;} ?|߁Y0ګ*W "j #dg-_ eHwDïbSͱD]:;žsX֍LBYK!);?'M +4̮ؗ}gȖ`aY-N2|?R_Ds3qp֖,zY%y]XHηIdUW+/Ӝ.4]ax*6pđ/{?XW&?tӞA0{7tW C8?jk|f|TgkE\͇m,kt9MYMZJ*߶t >qP_V_!x.3.#^WQKe]A)_UM)yT]Lp(Ӷ ӇhuAcpy+VY|i[YO=QGM H%RjĶ!:CWb:Oݘ{O *+)#-|Rhai<)jXN*6P hj e ^vr'2>4-VI`O||r:NA4W5VdACȠ%硤(@nF]iޤ+-z.G.Y*+JavaZiï55\U2ɳcјaBo1b%JFt{o䞹y]{,b\܉QEX>s‰sЁ*O+̊DeEV0ժn᪸?jr@JF6ANqk@s}2p`XO>/t)xe'QRJL,@ Ze7!goSleNdϬe+>v-K<+8kAgԾ"˓£Џ"ӹ#Yv*vF2;P]yeQƄ=l↜2i5];rko b*n څ;,$E*{)H^:׃&QdQ$\s ǂy HK @IvW4 ^^ AbkKrIb[|՛<ř7=Y3ϲlJ`}n-{l~g%r=eۗ3\CY'&=魫y8\dCԁmi.}Cx{EޘϺpz3z]ϲK[BdU4)v{@[FO!AAht:Tb<њA kb aVEEQ/yfŌ;N(e)(1MHue!vGxl[$xH]>VPℶw4FE 2Z8nc_ n;7dP݅t^Ux* iQY%=5CrQ%i[oV> ܭ_Dn, 34N4gaf*OAHz5lm+Ot;q.2>ڮ$\owru YlXye[-zsU<"YĎkjq޳FfdB sK7RakB׻\_6&FyG{Wp|\c; -2 9U{x@x$@FT5qGzYdd68?_?== 6OϻTu4@- O96Ģ_oibYETIѣ%F<ٝ*2r3H%)< Y;ߜ~kۜޛl70Y,]bNS2΁J\44GDj|dXeBU):$iܴЕQ) ROs]آr&`R.BۖteCergDrEj{/X,A6@\3H VcZʆcܐaRdXpsm$(H!ɍUtY踨~Eb3+*Ҹo~qp*}@נN`_B=1^sM zht(yP6r [| $ +"LHٲ1([Q. xs S(_ߨ2;?ɩz`7b 1RfTVs%NDY <0D`0p&֧\/xkRr+jAa!h$&r^cGg#.ಸtJeÙBDx=TX-f $ Q`DIxŵ}n*Oc^6ϴɼ}ӆ#t?6s (VƛVvkl &B9-7K%nA!C7"=ϣqEʂZ`54[4%#!*M.4@2=g et1/Ah`sՇ.~ZˌAO wis2vlT2â_h,Y҄Z#ڞc㰚REOՓ4Mh>d@!&!ϊL¥0#?Zpt?S Yc@0:xV̭&C$-EY]tZiwJPc ̻;b X掝?3X?FbZN/qi1;lG.B{!RZqR%^TaXǼފck;]Y̆*_&kN +Jpl^X"'+[t7 SJ={b/21"XM Gz*Nf(Mc7VV1VjW?1kvx9eF7bf,' IXj R<40^/"Mm?צ0qi+y#BihO1p23tuYo']X"?Է/9҅ɦ4,͈w)6p--Qlx_ 0x{@_ed>ҷӤULL^:pQ5cy%'?v$=y {h/KrbPlj&PtC]2RTKw g/X M^Ae5A䓍4C#8NzC2/BmoKt$i  "evcxKQa5ʦ4!Ԝua]ew{إVZc|uVbǥ {zϫ%q |cILBсK] I퉮9XPNsuL鍟:cT^4'e [X89)`90:ƳGqM]L4M^q |. h"ִ}K:v &QГF[`Ue86V ΛF DlՏk5ru(9u5/ jYNk[D@͚TUTr5C)1'늺b~?hVY]DkfUp' _ # >ȜV( OBp@cmsMtr S_}_12+"ӖTDjw[GTqKhh !g4bV8Kr&%S~Y,>$PUmَbn5xS[h=TϺI1y}( a}P#S8nL=#/pK&`orHSAd݆ v'gAxE.- Y}Y f$ &x!iQT;51S^Y=HJl~F5x! I}K轼rAt0 2~Pơ_-S]A՟a[DX\lkԘۣA ْ<5A H3(B3nIkGm0[xW'6l}hڿ FP]?~m @ ߯a7\Uy@ɗ>B>eUGMO|0ɡ' gkDKa~2)4*Rt! Mïv!D40Jda4YC.KN._N pH ք.K)sxq`[)l+,8P͟tQhHbA,JUlktN[:T[GWfƲm1%U;BKBf%ѭc]`B!^Ȋ%?Qephsy\f'V%r6}@ _{5k|V1Y5Ke,^k$j׮&EwkE+ (ݣK?1l/Ю݆8xڇY2w 8dcU6VE9&xcI<}3SGWFIG|g>%^^ߑdqy#sE<&^ I6 Zݯd*pw%7 }y< m|oۊ̛k `B()#H"l&wk7&7\{o_`kS|'\B،m!~"zB+f$7cn-pC51጑.&)U\iEPaߠfbQ9քG:-+jޑ*$3sw_ ~aܸӥu~gʳ(!܈7Zq2_U'Ϋ@ %Qw|1܃#׬lyIS--b;?/6+ȑyc5!/?|6ӵv{e0Ep}d?v~:].ZNcB JkYIAC;W͈+}a"S.nIeȢE|x-!-efأ1EPYfOFAnV2ȩ=΄CI΂`΂n*/D3DWo.vO*,N[ 2a?ٽq׺QdmNL!sZiKjHE?OZ=)E,U xc{cC.Sſ*"ѱn\> nT|qɫLTY4/f dX}7+WUas-uZ_\Fd<.@LT::Cw#))P#7縸ˍVQjIS9Lvʹx<{V6#?"rE yODGjCCpXPeRгcop"tX HPOX<08s{jwJ ȯˏoLDx6\t"䢴ىOOJ")Ov>kNXPQR|4z] \ !] ;u=! 9жuhJT.V6* 5l^$a2gf69_CG)\,L ~x}շfD#|v5![kiORJsVIP5wHj l]':4&Dз L$,v}=0HÅma9K ]v%q< GƵC)*j㘒jYdd5}4 "a+IZVr'܅_$Itt;`]lM{֜L xx h6C&-.5F9ZmkiliE趖?j5} ?o$2X}+ uyB h^G^ËYEү y:iJU gS[l%u˭InRG3d?۽d΄e6K-wNh`'Dǹ(vv+ sbQ;^TOnZ,?r;w#挲aU %($WػY\nh̼/~6NSdkx"rҺFi5ۘt|W3˱Hvğ$gK SXlpv Sjȱ1hh@i1a8U {+G&ozqMY3xݕ:'+שooBavU]S[ȉv<6w[e"QPP+~pTnVANXauPo#N!ZC*El_.<W%'eә*hG6ApPHayNVVyLX)3冏Oh rNg9Nyv@}(Axp'3ȫIn +D`Nk/K;tQmԘNAC7C &$`W't{Q=̚ɺS:n⪯EC_ {a 9jAw54i +%B23?a4[BW(m8v+71 awץ׵R-\Btj$ -z,p[+(yH MnΏv"vUʭORNhxeP'1*`Ί7dHZ J9){t @85 NWšYҲY1|5>P{>8|֚wLonISw@APA%}a]#k2HY4WWl;ާqtiB,kvɜo%؛!,*mn++h EmvP]4$N]^c"Sh_`䅕yX-:Vjp)ۿEM+ @`!ݽ*n'qz/312xu*\~rw&)g}_5|;I uP/:ž)BGINo i3.Ps'|1 u_lkEptSK:`H*bXdx7@WĽD9/[׉? eƔ{3<.鐠pAb]'AUJcK?!ȋuU;GM*/߲< |PWE 4k@:x%^/2 RmRX~FG8:VZM28ͽ7x:QQRP0_.,b5!@hJ/I!K~iؽx;{J7PI. OoZ~lK? /\#Vac" rȅi`ҌlB`+ݪCuZeLT̴71/ m(y +ղ)B5%%Wܿ\^+ OVwQDѯy;pKЄdGN^"I3WV)# kA u?w) > `Ző0`ԎQp-1z`nf{ߋ uC?d}2>=%=4͹[PFr_4xymP!$c>%=wfgZ%!t7hg"R-@07+eY Gs E;31oP_.wCW[b [kyy=(! Y'A:ef4kyǘw#b|:}8*B2Ėgr*F. ӄC, hDѬҎ.&= ֙Sv.rٲj I{̂JQ@-!4 );h)!v] &0C֟Et峈C`_H ,8O5G2?|F@?3>W[}S2:D^Z_١XIh .QI%έC-wE #૰z%ToX`J,*+Hk>/O)&W .I# b4;2}YS˱DE`&B͋ !tSҟhvDOy긥>syKh+" cMb?#m'ӬV#x<.lE&,kow@L/o*#2T97gg Jrjk DB+p{<5H) kx5:/`sJmBJݛw;(tٵ͢I OM%BhM)&=RĻ6ܑͅ- 8>Du.rWAm]4,[شKr,rv#i@BN\g|>O ܌`AÝp۾>no|+}@NѭPz0go[{nQ| !2| bJ"29>Sx+ 4 }A { ob+X,RO|ѥRst{lGr,@cXH&D~6q_!w>v Eidyc1 ŷo#wGxzVb,1j&\9,Xẁ+ a_s+ϟ@VC|W*e.2W7lds $fa-~s0),I_coE&݋(,#/po)\rQQ5KiPޒsL"V1NzVvUre6H-S?{g /R׃[9@"="R&vIJK$̌V@%ilRA+LC1YDTց!Njƕp]-eWo(O_k|wX6<0. C;4$tuMh%-u݈G/ :Q`@#U7K Ѕa+ \};٬]J`_ч%Iajn&{~Ti&7 a)a1$ J$̬B~tc*!/e ]?*ڙI^Y.NFsG4P\HQs,VB~Po7GCCQ,Ӌ>Dy1?u}Y#be+ ͯòD/J~!p A9S"b^&qQ N'j?-)^AcV?H~4^ 嵍욣z~~C: mXLvadUMLQ隯6Jx/QoFޛ%/Z8Q9gp/kMn 6fA]{Du4s@n2/:#V8!1 UeDho7eE9}s뭓ʶ"p'tR;D#P.*`🪁||uS>L$KZ=grheY"jmSE biWG]$+Y,?̫ F#Lz;chӍ~Oup!D7:RzcQS( T@j7uӧ-}y"a#>{:p`d(By#4HU;<1TB1$áxږ,/^0*c^3IlY0q6֡+ǡe~GןqU*T(4(6-v?l3Q5U9i38"`m1D "p(($U哇w'9 p&h\)A&6B^Ғ,dmj/ϸ-4bw1ӯ1'hB\@yc^uý~b sF7]o)w2;cJI|lȫ-eyIo068IW #r[Ф3$=qf ޸kqRLy~alxva| 좈Kc=L40 ǒlҠ)hLnDYx!BeVEKwB6pm; '4ž|lv@"@&w* Yooe.n1[ @ )8v&c74k|'y5Xi~:ӵj/:PH{s5ԓQya ѯջ4OXK[mu:$.DY(kO_;u(.ZZ]GFXlu8p:QQ TQ`ԝJsY{HTN(?T D̏+Ƶ+Ok :UE1!"":G 'b w Q=LޡTOkT]8q_Łebu/K[TҕF;Sָn47*" 68)8@]һC\8TE@6*f]HIw,\p?fBoƬ}Fi 3)\`X YegѥX2 Un&Li7?QT*\yѷ2\=B;X(\+ϺcPF;!Q ,2AP?{3ݾPjv23v&g Yt:F氈 ;Y'>X:Vg`M'EEǂѤ(N> ̡_kk6/nT|Jj_cH*d琨jGbYZO'~,}8-F Ъz11Ltl泧wm^$Wu=G0;e.;*V~(?Ke$2bv SvDC>>w%/˗{3麧R* YЋu .[E(:/}ɠ&{9V4޶Yԟږ?$%p*CT.SS(ie`s{bj7nh_$ʉQ~'LsoNr&vb?ΡDpS7h q-:_Jˇߦ҉^Ʒ\sir,RG{1$%bGۚEW^N%hvGmQjɋN3lJДf[ LsuWoX*:jV6mIMTq9foH7'*eb!ǦV' =a֓%Ѐٗ9Pnr7f~5wx=X$ ,3gkOص56$ӜbY$Ԗer4%ˋѳ7+.,M3;8> ]WKgr@~ e:d4y@5bdv,xgs?ąĖZrc=Rl @7oB @L픤G"7fؽP4b:uf65Z|!kOpSh;g&vI;%M {$U7Gh[_}_KZe d0W` M%G&V; :RX 1|3# ~|#ghj> ?L1U"stOBe#OH q~~~:w+]H6!o|eHx!͓3 .*V7v#EY{Kߕl'!06~ lB_&դajl ROr/II)k(IUA|9l~n8jzOsB}Yܽ6Zz8"amNY?ɀ[;1$mz^1JF#0t.9TmȀ\>ME-V^GZUZ?2qB6x$h/Dn5E ..lra{ %^R#*/0g&׸y^՟Bc3drލn,jƑL H%W忢džkJ=RtcIH+BT{TjHn"̶ iڑ:⡙tӅ{:ؘ{ӛ:$,yB3q8X%*c?a9odg³z"I&xפU3s+nZ~7! 4y(#pB<g+M5|> 5e鴁vf~O}:1Ǒ-j#mboah!-D6)%I5UbZ_(#U$-mM&p|فɣ~=Daw*:Tf${F˻njDI".}^R%_%gF C'Zpܳe ʏ|c `l|UlA5‹8KN b\>رDfJ*.wpM}g|3 V1`4%BDp'[\;f{Y~f}zu@DwjqxVq"44ޅ9a zS֑/Vf!B!h#Uv>ERƪ |([ v ,HUtj{kxk%f~KixN֝!;Q-4/YWikK-t1BmvՖQ*o%>~RmdU'!~ FG 鑶|ww+PBBR1dr&T JO`Ч߭#v/XF$:xWa2l{ 2#P_n4(l49]\Y?jk^\ROȵBc|f#?^uZ?<բBQҥ<iѼ/ N@sP:i m1g(t\X{ 5M.^2a㕘'箱0Y1D9SAi': cnG NPd7R߳܈od**A;v.̣M* xv)|w#J<Ӻ uCeQ+WG.~W"T %m]ƣ/F;^LS1f f^l)|o1m*فX3 rI|kٌ?(}߆2?CP}(A.HZ٥ErmB(zfCLFFh[=jPTXһn}M@pCt\i^U(ʳ[hHWƲZ[{H[.Lerj(q$sgٹ?\+Vt1m3I|ɹ61wM&&j&g,aO9{>_?txi xf) [jJqE|C83$Gr]}\sy[;*j"VAUv(Yyduuko'cN zWBb4,TF@[;P]nVe3`K U{Tx gn$ju';&>Qek-rP&J3]<-v]%W[ 6]e lFAŶ1Ja_ZZ pS:h@U`Fj3+r>tVirDĥ1Upڢ4@=ѣI;y0Tsyg=ܶ"5YnUC Y ) dwk6*3.ʳ@S_[%En+Jy)l(gDkxt H3l^f5ߖx&Žz=GC=vB3ae$ " 4~7Y1.s3Y3`o[jaG}W" [ABXZO!'jTn )߷`r+|n9Y瞶C=pfgP1-aiέt~ Yd(iHz]]ݧTyfps[!BHF/iMEw )ן.Mu'wC@2C:RQ,fZlDa_1e[QXv8e ;ˉ`Ee^? 쾄ͯ_N},^ܴJ6TF8B>.2ZЮp9QoPi&(/c 10,K-W`zrgd1lLˡ=J}C|4`.\Pƀ.zS#d% s(=U%QFnGx/;)@@QO1be rY_vDvb5q|4zjDz1H00 b[l O#%d/@c[B]"2GpQ'nE'_(;Sldo7:5 %'o1_ SCfY4Q'#LW2iQ-r:{,A{Kd$z,>h}{w>2GQC@w:I8mR 9WԨJZ&K[<,}..3SֺJBT:P2;(kFa`U64H_Btx}xy| UƩ!X[G㥢݄}l ҽXT^'ILp?A8IQG'OQ}lwLv[t@AP@U&r^/ob'hA>lʼiP,9"|{ /Zm7t\b2۝҄v><*K*ol?VHTpnQ  M~<#!ݼR[0B!TG7&(H {bWgܯ 48?ӂٍ1PBB_J5{G0z)}S޶R6Fp^IC߇s:&k6}֏&҅GP^8M-!2pҀm~Vl}_ï49)Obg`"9e||_^HܩI,ƹCb rS׭ u2wj""^fЧnsA2' BU!i/eoF9ax>/oms9\x~~,Ҳ$E :rr!BwDN"s~2{ÛtzI_P?+m]h7G9o%-?u )i)V ̳N,Ltqr ")mey8k?MLB? KcڛFbk1%j%dˉE.LǷe $roG113zYi߶&ֲwh_SM:c}?qd2V|13o&:rX7+|mf8>/USbH[=;\%A9 љiCF!_F{XF]\!+;~\&M9Yq(>UuˇO|~'emᩐ,?fu* ъtχj[K5K@!;=^ u 7&[w+ uメʀid-8XKqxUc_[bۙu5KDmJںWӔC^姐Eo8X#߯EQ qY#GG8a(+z#4L{b7B[?̥`t`1 [4)F~C:WC!:-ofBLRzٺ]wkRH4).MMAuPli&!HG1{uM4ggcpK1~\,cg|V*fю+zDq^w*0wڊ2IN-2p{`=~0Ҽru_VZnOȱkR\ nɑ"~AIV2x *99qv3~se&ݯi{59\m=Li|ZպMdVDD;xS_KOw Ԕ=jOI<3k/B|uE"ȳfw6kecW?&1% aaMh o:y@87'ߊ(@Eћ\H%GuQ.tx6 ƏxJݑvqѸěidj2Ma˭ɩ1Xժ#0OCH vR :MݫZA[;8ExFAT.qKJ  p`4Yw?%uތe_)pŵ)Pc)"2y_i ʁ&41;-Úe5\u,zON?)]2?dȐʿ^:6f^ӌ"Hv]]onJq"2o#%2iGj$'$k3bx)wLZn;ſٗ[$mt:bV7v {+AæRYI5Ifa)|y8#S.d+vk_-@h&"؋y~}cRDP~'[r ;?ABmbDʼnKxR6VJ vj*@1Pj=up=xbBG)D |Uy~lB#J%۶̫A˰C<~^:%=s;s#}az%UGO E֛0>"hy1jOyI~e v:efFSs$yI!Mѹ ImlVUi.Gi@;.I㜨e磀m\F5Y;hsץtO{ùӬE@}C)Xymյ*,@qdDs7.1SpMCσC%,[l/v9@W I õzD" M mNqU4mh $^v&4s!l:lcNPO _ՉaA7F&6B$fe|!^'wAթ('&c[gvӪ*!S^v(a~:oPm[UN Lt0DO|ܹT淍$s3>hP+@oEn~MMc\ .`D#`ى|`ENԹ1b`T SV^$UO,%'hnB~e" /;I@ӄE30Z6J-܈j k7ݝ s5ӂ3(]A OP1 c]95MiOCpyFn_ 1 ]ڮ N\!Ӫzvr>iGrJ x8VT!P{Ley]b9֋REjlmQ rȾ,5C X[ίẢp S4eLsCR"> Z&!ʛr1ŋ@!w(qқtdFEOaIk*x&NC@gLNxU1h:ge|(CXzԃ#|vNDq]mdR,;#?AL!n+yJn`SaۦO6RoHmlEH z(O){GĐ5d`MG-w8/xC` XLQ4@ U34rK ΡK,^[%L ,|sO/+|(tpW^؅K^3tJaӖ<a_>օ4}2(Y4ɶo#:]̪g,}WWꇓ ϑ ,=yCcppT'tS;G[T}s{(H]nDmBz}ؑîPTzm?hb_Ʉ9r`DӸ!%O0gbPΝyiVB`5>3| ݫr_-IV-NG?Zv2&4\tZQR|vNLRǬRcAǥۻpI*2JlŨ(P2zKzRq>GRm! YjQ'~_upvvQ3 ¿ w̨I\[DA>i=3PE;Sh:&NLcTѯ.e5٦󭆞tGKFMA ֗?!aE+#&Pdj`SOh t m\BVU?:ϝ8D4+AdZƊ+0OZG$WZ6X[j+]Pe d@WtWFh#p8`I2*jAw^YW+qᒎ=tXݓr/Mד δfb[~kr;PAHW,l?o28o3_쉀B |ƒD.'j3@|4-4oY?dny|Wj)q 6G wk{{ ƷLO'sp=Qd :D'Fd76:eаT!Z8p>NƩv;`3thj_onXG\_0aVʛI4꥾,Ubg'K 1לꮨrZM<|$5Go+ ]M`朰GnqC淢Bo`f+/9Ҟ]6Z2B0%ְ93Q 1$ o ptLk±n\KIΏckWLw_o Z%!0jEw_`O_cᏏ"]Vѝ7LlniTuN_ʬ'17Tk-}Ք iS60t$~ U['JdW/H/saEꡊٰ\v1uFӸ/D;U@ ָbVW6brzQ幇JlB!{uWs7}E\UmӮg6ۡe*Df5Iu$T)Q"zسeC1s@,d:9"ZJ!hVG$.Ps_1&u6T :]NьycaJY?ITG(; .﫼v2LhUzDL sIz-*F)|Q)䉨 ;2I}oݏsjY)߳_ @i~೛>c|Nu s}^{FqWU.b4؍ȀtvGzWwaǼ) Pn=/3vϾ-CS@PCxUWuĵh/$͑v"]`P~?ģu872xdTm.IKh7G=O'뢗>Olqq5Q9kWimA/XSml\L=' :yJH4©xwRYiٳ#j7JIJbTTг OE y.e =-5_M_$Hh\l$F4&{qڶnq7H3og'2i?.=fZQ13fU6Hɐ+ۻ1ʀ #8z9٦ƃw@ue|aN<.=ݪu9vp3,uO7꽄DaQXJ_aDǔ[ͲK#uح/doe7v7MeCiwBzšgά胘[VTS@,߱3ћc͓(}nAa!p^N>55ְ[itwHrM=6ecɚ$FPB0kH'DG F`'1A>M]"8C xų3JxVA h#"æZ]]@(Ry-]Z)\.(FK䉤\d .ǚP`Rx=1/ .XqfBE CnjqRe5l1*J 8dQv-d1 u?H0$v;.Wr&FVxFMyF7ɜ [Cʦx1ibdKN,hx)D]~<ԽT@ഢ9[^¸3"(D Ɠy8F0^MTLYVf|/ͪ%Bz} d6-Aռ3X@JKu޸M^ Xf䉙zlha 4?!:pNVޱ@۫I^q1oJEj̤! {_c8/)ozG7%;Iv^ AVl-1ɷ&sLa.`#U +əF~_֮৮Ee}0SO@Ѳ$"g2g+!/d%ԙv}65]rEъw5 1f>Ҡ<0JN/P2_yk7v@Y[,YK'i>YBakVz7%WBU gP &-Raj ?#u\_4À>< zҚƷWUs8d$%![$W4ay}l%k>G'S[i ~*XTHb>O)]`A ؗ֙?-xgY1b\dùe84V+"<2a@ꄦ3kzeG+ =)2Æ֬ljfɖ7wiYv)nYw~$W""L~|_78'P&{>\l::VU4R[}Ӹ GFf~=M K"mY$>[D:RgyowswiX> QNݿ *<Kh PZ.kwBM:an̎`KVӱt0mm|Pwe'o=P6Zc6}wy IPO7(VbMH v]"*EA; E1 p1@ᩒaɍ< _3ץ&a{hpo؃6gQ}1pZxkKfW` LM\$X hVYf5vĿSK 38pnΚb[Ls؇G$ЩA>閭OBMDͫAL#2FƉ$b!v^|^- 9cm CFҍp-ª w86&w{p3$ղBR ~/mVIdڒ7#e:B!ַ˟7g#yv5 o i v7~jaٴRWlথQtT4-ugXuܿvXmӛ\L9Mv1= =slݺ,j!zH+UK5Pz"}KԸ\:xŹH+>=snx!8kfɜ dyL"T+󛲛vu/ՂHI6N /L G1|3j{,1:Vag70ȿը BS'H:L'.䩞,w_"ۤJ:/%C`R]/[a$7851}:sړѭn:f:#cs-S^P_@錰 G$(ݾ>…]>=.o"K in*6ИdS{Y}[ֵ:jbLYd )DB&7]P+@C/՝ie/fz TxBD^f[!t\T^wΚB&d~ľFrF5iDwJ3lnbS{ejEw9Ql3Kw~N IaHش?_DWg\kں0~ ([ :Lܯy@KSg7_Ν[ڽWC}c?3̇ ^)WGvcUqyZ:*\2V"t3:6_SA02~KiRRH Xɓ8b}NB0v1\\鳝ؽU uYճ߽7]al̞Rz@5Q*y5{>m"w]框ŅPY&@7c}Rɻs0,G3kB&Jŧ`wRp({]=n?IARyƛ˟GLjp/{lSZq?p)O+d)vP:#7|yA?9e6mjB)6cMT7-]ߌp~bvJy :/-:k]kh+Kn @:%Ն^ KD0" kѐw!mnuEs f6WAS呛7;F|2S܋jPVp|2xN~Ҋ@7ȑgTyϘG`"Wwɖn 2 yix/BLWWTy:ˉsuӳ4YIS7ί%+v raH6.fև 3) +uzEhNȥv2FݖfOl2׊QQ0{zbz/?& sZ'R?!&piNCqnItD5֯)ss+# |菟r1X.kK ewChE8NGS~ Iϡlj[3!-aԦ%|6vo{'! brnɓVnZu=8Gyic{Sph c7u`>Qiw ڃAH_.8xWͬmWp)g3 oO߼4/uQu"Q۟ @!G9먾5 SYTi,21nWeƮ=Sf*Ke5$fZҚŹJ --X:`iwypDN8 c {e:XWGuyEcߏ<3 7rZ\vN |C%,'>U$g8xp` /%wNo!Wc9R;ǁDŽrnEmbKVvgrn.~aN kI`vtv-j}5UOcs"@ f}7N+_#Ә1Jj 0~L]v%ZkNC&C,P"vR!%'Ѯ##POHHOU#3}[Xvf Q sNuǕP3"ȒHƓ u?_=xnT1?(pUFiS2P2/ k+Ac5jk7uuŘiP&U:c4oL4ˢAYO@g";ݚTM*0-J>1ORGgf{IȎ0όk|NY 6{n~HP9dm_03]fqs kJ}-D;!Y8L YdP)Ҵ}LnX{ =ѡ{g Nkhܱ4G: =% ZI{"FJ#ZUU/ cwb-cFPm'I+W"'mW]q$Hi5ΊP l^ZJ_X4uf.*-*wc~ɱs\dHk=ioO<&q`>VUh\bk\2nAϸ ͊1Mmf eIgNe)8\^dٕpK Y fcƾmzAEgKkHƤN(>34RƒǫBӷumk#aYL|f˻6KtװANB :e f%r+K`c10>}FP [٫6HLf Jg4q痷3}..`a(4%O1+ތgYuCcG_-(֫Z~zf ;IVL˦Q;   r|\CO=4!rJ@,ZtD)oS0 dӒ qkᢟ?' o;>תֺ%WVCS}Gq^'alRVξ\MWLP@%JtxɆ6+ &(C(WV_HMWmYEѥDU%Wŭ (wH\9e7 4f#5¦ڍB@cpzY+Z9<@ 7%h$0/e(u =(a0m|Eس;׳ZKs}B#Ǫ@i }Q>zBFzc5 }\=4q9nsVEqf"ƀ|Qq3=a0+[ M3d/eA!;SK|9QvS Ɉ<  'f aiߍ$@Vy* qW"Ѽ5b%3K7WTgo5J~ H|PVd>sŢY?HE^J?^&s/=w 9[L-f|U'b(Խ·EоxXQ3AZl@cCP(ѓQRJK 4&z0ٖB>!3(N$H$?`DV+`HʇoaRBX)'"nܬb#ދ,VeˤDJ6ŹZ(N JMRy#\ݴyC3 ^ VG)pԇ;;͌|u35a`E^biTwj)S+*0 ˣ6'c$ OKP!P|eeږj#jB+ ODvTKEC1w=T(j ]E5W/' ~-Pg2. YFD_wOt:jCOwN=R|nRl:D]-;5[x@%=#WƐ*U%!\ T%7#닲tK;e/|nkT :%5}?"`_ዒ̞$aB1ͼa9OPT v쫑UaYn 7mC2I8N28Cy8xQ1}Ch൳У)+ȧape8ŶdXbCkv-@ibNR2,&%pƎ33{W\,S8&l9u!Z̵ZYNw ʵ}( e[Ep)?~kx}(~ tmoJq90Z~@ cT;>ux`w_PxT[Nu[Qܧ>Asޜ5!t-?Hߒ7(MOgqx_|yGiQ26W feyЕhq:+i&x:^r,(wWc^8̳ nSRh:bpk1TW CFM"k"(#TOsӰNpx6X+T6$ˌ oKa=FVJ@5.\J5:9ޕ=ڇOQre ZZT"!>CA*ƫv|4c%qrEOh;vgGg^uS2ʊ7xIp]7՘sA!#*۰\F\^&\{I*BA((::L )l S0wUƫ?!Sj,;P!BvpbJ }F@4M%5BtҠAbaɐ"5xʫ4ܶXli"yR BižZUśsR8EPXJpK:YGҥA7%ZFZɧGڳfkH,=w'2˜xy9cטEO5A o--ķ$r_mԠwKN$zQ`x RsY}'vt%Z|&4U &vCITt 3]z46U<\ak_L,,Lp 8X鏊HQNxZJ]' xOzb_ CnM~,3ӭet ٔߢ|‹g(_$! % ܕp3*E4PN2v`Kmdxޞ}GqNG'!q<dU yp72E誢BY֯Â{4|`rrڇ9ظX}rQ os@y%qOYvU;#yM uOxVHI a8>>3"stF~JR1W7u˿"j _^)P]TWt=qŧK_hNhhÆ @%3bElDq;4U> vgi|2L?%[[{Cѕ>u >҂v5c6pFdD~KVH/+ґԟOL>dz) EV:TtZ^2aTy*2-jOLEF뵒 䉱J&,C;zmW`y=A~G$$#+rbeҟ( Z7IVƳ4l!|Up)CmUj=4yIj)yYhM+{l4<1փ#;LgflSDJ hSUyi:V=o. ge .~[W;7xJ?q@S%? RK 2A 'uOys#Jr?&+"s ڌkO?8zZ7=#VQFt;*eCtV"tI*alnݓS8A1sZ"{H8NOfGNTi'nih,g@.6 F::hU3x I HjGmGA z5E G#=IqP1Ĝ!?DjV뼰`A&CBSdq="JI*oI9"{d6T觷ԥ*))U+7alMx_ dr_8۞ "{=E7b}3 ˆ'7Z5W5SMKd'4[ K2{?]Z)B;LnCBK'Ow}':i;vz.h`cv|W%: Cs ^;-=b0.^2FV3:2ӷ!ls\|5^-Ֆ?A~86u[*-^G. lT Ɂj;kgvǂMuY,VP[Q, I\U" y!IC|$UYt8V ?ev$8̗GHP9 wU4MT=%]UVBٜYSM4vObjKqrg܊(5:4s ?=X^"2::rk|_hF P o_4/ڋ9I| A"sm$=&KVqHif>a1tPl(+ bDrsP/p2k3z02J2s1;wId}f/6<9KyŽnC 6s3`'u[׌a[2lx%! t9;ABUnZdqr [h 40r~@jH"5%6Ik6W"BIEJ,rm 4~4: 0q^Q?1JŸTi1'+M45IS@ALآOi;Qj E[yN*m n; ?oqN 9LīJTA0ؚ>0h "3Eg(Xˍٍ@i|r̞\l7AC5J8(#qe%Afp\l T$cw+'Cp!vܾX]IG E5*Τm^S'B&wyg Oeܱ]ssPB 5ag:;\xyy(|@O.%Ij/d^\ vr.̋Q{T|O#%XK f跸G~$--tlK5 mJHy:N\*V|3v8e< 4m,*OnL ݄`̼ ~z?"yxy&R)uw*f`*e?IJ$? B篊ɘp|F"k28D?8[c_TsߛL8s‘_r#ֳT{/Wkы~nrM^ 8r֣]u48ADK 6*ngH+zg$qH$[LCxИJT5F?TIEKaFtL8^y_l+QzCAWN&j~BLVj:~yg?|X߈n&kq[mMȟ =ŧj.%%<9=Mtf[jOY|Y,i6W:4|t$J[In"^]8|6 _>WZO02vT BK/Lx[܏/~*uyDlG뛑(̒n$JпZt>.IB3e0E+@h*gp/{GV}52ڃ2+NT87D%oW᷵&XwT7dw+oiJKڜ™R!&qk([gsCZ[1X-_ tP ~_[.i+#N?]W=,BuhWݜW}"2ַW߸M[i U!Hw9B hmubtX[ϜT#)TK"DWN vt D] kDDo1-<=f-Dr/)#ůiwL/ I+ &2L$$=EʡnH-So*θH(f#g툁$uZ/I-Vyb-2ĥAw-^$v+UP: ywL~Z﵇95ӦDhH_HxSr =p/twH>ȤyĻ~ *Ʀd,0◛ ~8y8OD,OvLg&㯏Α<*۴(~^AԵݍ<[X0Tn`VQ^_+G8]٥*2#!I*C)[ul4.<@ aI^%D߰r{֬yȌdX飧_}D ĥ)OXi /e"xexya˴7ꄰBM3!)҈jPgf ?:33G\I$(1zێo|>[ACxRc6w/>7}bbO={"3b/CHj/UR5-UƄbv;JJb/5Bz_7m@,W6A.7ʨC@)W/WY?fmxJ.Ϭ&- S#u=A"9ܳzV%M gƅsƌ*rp"䊓 QЈ}Mc6{yA*AjyQ\FE‚XJD6IDA<507g&A ?d Tk$8Lm/JUM7A'n2WqH\ʟA$KP*Ǝq֎~K4}|3#Xz9/Ƥq6]oioF3(ÈRzLv[0Gu#&c57̙~r`vJN%`6wO]8Ɨ(wiLȎ芇9w!0T]zPyEO0]Y$r[tJndxAq2-F=Cn!D}{`T#Fw*Hk gń" B{ɐ߄TyC{WNf!YxETy!^ͅi]I0A?mVn`G9\YlMH6;LDЦ b_9-)xyVz#B |D3ZrlJm`%Uf̡mk_$Vi@*e"T? f:]l u0Gwet b?2O!#Qls6V_vj}i-TV>NO-xo-d@C,:d efCgKIӰlCj kD(74d?&OiȒ4@ V\2݂@v#/؇ 7S&Q2ko!6%ú MQlZF8+Eʱb? .tJju3*7 Ǫ95|^Lj;-߫7"au=2FS[7[3wJH'fzhފM`C?J䣶 _^J>/#tmz }6+GV'#kF: ";|3B tTK"]'rq:K6E`QΉ0:?M?bRXlVYȱ0_5F{uG[kh<<ij!PbҺcbmԁ1>?LnEȶR;w.' aLrҥ&= P+{gFei4 2%TYDV4rWIE'`:cѯ[G<h4_c~JӘOmO.Nˆ_ Mii.ksDK0,տ~os~΋5,am5/FEh@{aBf:TY},h)>}kXO;1xzUk=k;F㙠O5mBܘ5ȧ{Qk49, SewuCھjtຨWËVͷ<[{X=/DpX̩@L:DD:?zpzO9Q5},qW$K˼u uP iloCK aPfm~/}HՇiD[=9289$wn~>>1AI*Hi^}d'sA5~UԍT*6F#G6>4Ejc8a-.A1}gilM̳2$_CzŤB|(Tr/`C_xmN̻v ϤD=цwڤkM%҇{-m7#]0-e7$IBh5sjn ba{f_Xɏk++T9 Bu?ɴ;e1 } -0eӝ:bn kF'Ӕ QW/.r"j ;?:-m[Jk_G6J@$3L bZr ) 8T_qd^hYaYj} [T c*uogOhRnj;w;S{vʗ%^A6& k,M"*F-w9%`敢ȩq|WI(:k܅1E* @C8{wq;F=rQFHv8#}FȆ'ܿ)^'52 MK8+7yQY͏euK0ǤUs^1"+t?4a̝'f92J#%[b:W5ֈpUWJYPf l]Fc\!3sakq++'L~) (=qnxc3Og7 5cbs`Yǀ5ABT;k8-4PATnKkj/U$w5Z*&wƁ^W`2ȶSAWHMV4N&r~n5p:̄vqOt_zg 3qQf<1xDayr ޙX7j14CGV : GX?뜟\.V,Yx団|(C6N p3C0?l R/& ۖcYT&iM$3s7~48CweB"3nC$An-(o aRPiHb<Ũ1D~{7ZգuRE/U<=Z0lX 7I>h2JQ=faÓE*19zTY[יdNJIǘU읓˯Ї&#Z/ҡv^٫~,䰵rC} d䪉 sVP ߨ xяݹ@"n uғI-S>ZՃ|KÎˮׄiQtб{a+vA_75_fwgYRkSY.P֧kA>ڤ®eHu%ˎ=7?iuZs薈"B " j96VLdI~Kv>00(lt1¾y,h32DʻqZ²EcÅ:S5`+G 9~l%Ä́NKz9g~ 8n 3+؜!6R4Li=zbdP_:p#)AD|NquЈS6#k~vN4^x'kuCsw4{aINfinA$ CoˁBoOGmʛfajK-gqBǠſ1 C'4x62_\S7 )gܺSk>iae"TFTSw C%"~bd&E5 5*zF~q-Ț^v|}jĻ hPMփmBN:^S#L쌬~-Q\=Z=0Sws:QJ4&JK64 BLҌSU\/GTtSק(ڱ`j 0>t\q}+K%,FL/H*|++6G.U 9B4dv:br 3ò*"VL=RuaK*` Ѡ=Mɧ` o" `6$Gh[ɺOZwdF :o41Z`ڵ^Z_c' Zy\EPm_.jN" d.UxO ; 3<|.ԟ*2.Hg5Wh'= P!d!G(+bObIrRjYZ3#{MGs;칬۴ؠJtH+Y]VAA W_ (żNAN Grz@Q Y'pB!$ܫp=SnXtN[c7q o=g =$/ؘڮPlk -:"C4T_Wƾqʂod6[u->Je . GHhHI~Fٌ79xs yF.э.ݞ.sOU˱X["!%ÞMAf|"s:s `%òN%a,Sm^{ˆ#.mk>gHf_v]Ap  +5'w~G'sjr#\ 0wC$3eVMBghډ®P>pcQo<ꍙH/;}i"P„ _QX!)uUx4XWu'Dq :CߒJd& k=6ȟ?$h>ؾz3494'3Ů {