mod_ldap-2.4.6-98.sl7_9.6> H HtxHFc> ?*}}:䷩_pQ `w[)`IYE`&1 9926d9ba448eebdb357f796126a1c6a07f847c72 GD)amcTZ4Fc> ?*}}wK<'o1[_uMZ $r(| WarLSH>3z?zd   S *CIP\ b h t 7 <HWf4(z89:)rGyHy$Iy0Xy4Yy<\y`]yl^ybydzdezifzllznzCmod_ldap2.4.698.sl7_9.6LDAP authentication modules for the Apache HTTP ServerThe mod_ldap and mod_authnz_ldap modules add support for LDAP authentication to the Apache HTTP Server.cϼsl7.fnal.govScientific LinuxScientific LinuxASL 2.0Scientific LinuxSystem Environment/Daemonshttp://httpd.apache.org/linuxx86_64(-cϲcϼ^cϼ^cbbbdd396fe056e8ab167abd7b2cb5145b42210bfea38452968ff02a03493fc8702ff2d6e8c35e79e8abe93d7321c0d81dcac824b9471b357ba95c7fdd4abc421f134498bb2afd9c5bf6b52172b0222b752e1ba186fdd9cd192d30db346461e3rootrootrootrootrootroothttpd-2.4.6-98.sl7_9.6.src.rpmmod_ldapmod_ldap(x86-64)   @@@@@@@@ httpdhttpd-mmnapr-util-ldaprpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(CompressedFileNames)libc.so.6()(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.4)(64bit)liblber-2.4.so.2()(64bit)libldap_r-2.4.so.2()(64bit)libpthread.so.0()(64bit)rtld(GNU_HASH)rpmlib(PayloadIsXz)0:2.4.6-98.sl7_9.620120211x86644.6.0-14.0-13.0.4-15.2-14.11.3c@c@b9@aaav@a^@_}^@^|@]z@]^]A\@\[+@[+@[+@[*A['[d@[d@ZZS]@Y@YeY@YY@YY@YdYp@Y{Y{Y*@YYw2Y@Y@Y@XXg@X,X,X@XƉX•@XCX@X@XXXXO@XO@XO@XO@XXWWW{@Wc@V͛@U@Uݪ@UoUȒ@UU@Un@UY@U.RT}Tto@TXTG@T2@T @TTS@SS@S@SuSǺS*@SSRUR@RRΏ@R@RkR1@RsRrF@Ri RM\@RC@Q@QQޞ@QQo@Q@QQ@Qo@Qm=@QQQ,Q,Q']QP @P6@P6@P{@PPl(PiPiPiPiPiPYPQPIP3x@P3x@PPO@OO@O@OЗOЗOF@OF@OF@O]@O"O"O@O@O@O@O@O@O@OOOOOOleOleO_6O_6O_6OU@O8@O8@O5OKO@ONNS@N{#@NoENdNBrN)f@N&@N@N MM>MMn1@MdMRMF@M(QM$]@M$]@M# L@L@LLMxL7@K@Scientific Linux Auto Patch Process Luboš Uhliarik - 2.4.6-97.6Luboš Uhliarik - 2.4.6-97.5Luboš Uhliarik - 2.4.6-97.4Luboš Uhliarik - 2.4.6-97.3Luboš Uhliarik - 2.4.6-97.2Luboš Uhliarik - 2.4.6-97.1Lubos Uhliarik - 2.4.6-97Lubos Uhliarik - 2.4.6-95Lubos Uhliarik - 2.4.6-94Lubos Uhliarik - 2.4.6-93Joe Orton - 2.4.6-92Lubos Uhliarik - 2.4.6-91Lubos Uhliarik - 2.4.6-90Joe Orton - 2.4.6-89Luboš Uhliarik - 2.4.6-88Luboš Uhliarik - 2.4.6-87Luboš Uhliarik - 2.4.6-86Luboš Uhliarik - 2.4.6-85Luboš Uhliarik - 2.4.6-84Luboš Uhliarik - 2.4.6-83Luboš Uhliarik - 2.4.6-82Joe Orton - 2.4.6-81Luboš Uhliarik - 2.4.6-80Luboš Uhliarik - 2.4.6-79Luboš Uhliarik - 2.4.6-78Luboš Uhliarik - 2.4.6-77Luboš Uhliarik - 2.4.6-76Luboš Uhliarik - 2.4.6-75Luboš Uhliarik - 2.4.6-74Luboš Uhliarik - 2.4.6-73Luboš Uhliarik - 2.4.6-72Luboš Uhliarik - 2.4.6-71Luboš Uhliarik - 2.4.6-70Luboš Uhliarik - 2.4.6-69Luboš Uhliarik - 2.4.6-68Luboš Uhliarik - 2.4.6-67Luboš Uhliarik - 2.4.6-66Luboš Uhliarik - 2.4.6-65Luboš Uhliarik - 2.4.6-64Luboš Uhliarik - 2.4.6-63Luboš Uhliarik - 2.4.6-62Luboš Uhliarik - 2.4.6-61Luboš Uhliarik - 2.4.6-60Luboš Uhliarik - 2.4.6-59Luboš Uhliarik - 2.4.6-58Luboš Uhliarik - 2.4.6-57Luboš Uhliarik - 2.4.6-56Luboš Uhliarik - 2.4.6-55Luboš Uhliarik - 2.4.6-54Luboš Uhliarik - 2.4.6-53Luboš Uhliarik - 2.4.6-52Luboš Uhliarik - 2.4.6-51Luboš Uhliarik - 2.4.6-50Luboš Uhliarik - 2.4.6-49Luboš Uhliarik - 2.4.6-48Joe Orton - 2.4.6-47Luboš Uhliarik - 2.4.6-46Luboš Uhliarik - 2.4.6-45Joe Orton - 2.4.6-44Joe Orton - 2.4.6-43Joe Orton - 2.4.6-42Jan Kaluza - 2.4.6-41Jan Kaluza - 2.4.6-40Jan Kaluza - 2.4.6-39Jan Kaluza - 2.4.6-38Jan Kaluza - 2.4.6-37Jan Kaluza - 2.4.6-36Jan Kaluza - 2.4.6-35Jan Kaluza - 2.4.6-34Jan Kaluza - 2.4.6-33Jan Kaluza - 2.4.6-32Jan Kaluza - 2.4.6-31Jan Kaluza - 2.4.6-30Jan Kaluza - 2.4.6-29Jan Kaluza - 2.4.6-28Jan Kaluza - 2.4.6-27Jan Kaluza - 2.4.6-26Jan Kaluza - 2.4.6-25Jan Kaluza - 2.4.6-24Jan Kaluza - 2.4.6-23Jan Kaluza - 2.4.6-22Jan Kaluza - 2.4.6-21Jan Kaluza - 2.4.6-20Jan Kaluza - 2.4.6-19Jan Kaluza - 2.4.6-18Jan Kaluza - 2.4.6-17Joe Orton - 2.4.6-16Joe Orton - 2.4.6-15Daniel Mach - 2.4.6-14Joe Orton - 2.4.6-13Joe Orton - 2.4.6-12Joe Orton - 2.4.6-11Joe Orton - 2.4.6-10Daniel Mach - 2.4.6-9Joe Orton - 2.4.6-8Jan Kaluza - 2.4.6-7Jan Kaluza - 2.4.6-6Jan Kaluza - 2.4.6-5Jan Kaluza - 2.4.6-4Jan Kaluza - 2.4.6-3Jan Kaluza - 2.4.6-2Joe Orton - 2.4.6-1Jan Kaluza - 2.4.4-12Joe Orton - 2.4.4-11Joe Orton - 2.4.4-10Joe Orton - 2.4.4-9Jan Kaluza - 2.4.4-8Jan Kaluza - 2.4.4-6Jan Kaluza - 2.4.4-5Jan Kaluza - 2.4.4-4Jan Kaluza - 2.4.4-3Joe Orton - 2.4.4-2Joe Orton - 2.4.4-1Joe Orton - 2.4.3-17Fedora Release Engineering - 2.4.3-16Joe Orton - 2.4.3-15Joe Orton - 2.4.3-14Joe Orton - 2.4.3-13Joe Orton - 2.4.3-12Joe Orton - 2.4.3-11Joe Orton - 2.4.3-10Joe Orton - 2.4.3-9.1Joe Orton - 2.4.3-9Joe Orton - 2.4.3-8Joe Orton - 2.4.3-7Jan Kaluza - 2.4.3-6Joe Orton - 2.4.3-5Joe Orton - 2.4.3-4Jan Kaluza - 2.4.3-3Joe Orton - 2.4.3-2Joe Orton - 2.4.3-1Joe Orton - 2.4.2-23Fedora Release Engineering - 2.4.2-22Joe Orton - 2.4.2-21Joe Orton - 2.4.2-20Joe Orton - 2.4.2-19Joe Orton - 2.4.2-18Joe Orton - 2.4.2-17Joe Orton - 2.4.2-16Joe Orton - 2.4.2-15Joe Orton - 2.4.2-14Joe Orton - 2.4.2-13Joe Orton - 2.4.2-12Joe Orton - 2.4.2-11Joe Orton - 2.4.2-10Joe Orton - 2.4.2-9Joe Orton - 2.4.2-8Joe Orton - 2.4.2-7Joe Orton - 2.4.2-6Joe Orton - 2.4.2-5Joe Orton - 2.4.2-4Joe Orton - 2.4.2-3.2Joe Orton - 2.4.2-3Joe Orton - 2.4.2-2Jan Kaluza - 2.4.2-1Joe Orton - 2.4.1-6Joe Orton - 2.4.1-5Joe Orton - 2.4.1-4Joe Orton - 2.4.1-3Joe Orton - 2.4.1-2Joe Orton - 2.4.1-1Joe Orton - 2.2.22-2Joe Orton - 2.2.22-1Petr Pisar - 2.2.21-8Jan Kaluza - 2.2.21-7Joe Orton - 2.2.21-6Fedora Release Engineering - 2.2.21-5Jan Kaluza - 2.2.21-4Jan Kaluza - 2.2.21-3Ville Skyttä - 2.2.21-2Joe Orton - 2.2.21-1Joe Orton - 2.2.20-1Jan Kaluza - 2.2.19-5Iain Arnell 1:2.2.19-4Jan Kaluza - 2.2.19-3Jan Kaluza - 2.2.19-2Joe Orton - 2.2.19-1Joe Orton - 2.2.17-13Joe Orton - 2.2.17-12Joe Orton - 2.2.17-11Joe Orton - 2.2.17-10Joe Orton - 2.2.17-9Fedora Release Engineering - 2.2.17-8Joe Orton - 2.2.17-7Joe Orton - 2.2.17-6Joe Orton - 2.2.17-5Joe Orton - 2.2.17-4Joe Orton - 2.2.17-3Joe Orton - 2.2.17-2Joe Orton - 2.2.17-1Joe Orton - 2.2.16-2Joe Orton - 2.2.16-1Joe Orton - 2.2.15-3Robert Scheck - 2.2.15-1- Added Source: httpd-sl_index.html.sl.patch --> This patch removes TUV branding from the default index.html - Added Source: httpd-spec_sl_index.html.sl7.patch --> The index.html file is outside of the source tarball, so we need to patch it in the install step - Added Source: httpd.ini --> Config file for automated patch script- Resolves: #2101997 - HEAD request with a 404 and custom ErrorPage causes corrupt and mixed-up responses- Resolves: #2065243 - CVE-2022-22720 httpd: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier- Resolves: #2031072 - CVE-2021-34798 httpd: NULL pointer dereference via malformed requests - Resolves: #2031074 - CVE-2021-39275 httpd: out-of-bounds write in ap_escape_quotes() via malicious input - Resolves: #1969226 - CVE-2021-26691 httpd: Heap overflow in mod_session- Resolves: #2035058 - CVE-2021-44790 httpd: mod_lua: possible buffer overflow when parsing multipart content- Resolves: #2015694 - proxy rewrite to unix socket fails with CVE-2021-40438 fix- Resolves: #2011729 - CVE-2021-40438 httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:"- Resolves: #1852350 - httpd/mod_proxy_http/mod_ssl aborted when sending a client cert to backend server - Resolves: #1785100 - mod_cgid takes CGIDScriptTimeout x 2 seconds for timeout - Resolves: #1862499 - Intermittent Segfault in Apache httpd due to pool concurrency issues- Resolves: #1823262 - CVE-2020-1934 httpd: mod_proxy_ftp use of uninitialized value- Resolves: #1565491 - CVE-2017-15715 httpd: bypass with a trailing newline in the file name - Resolves: #1747283 - CVE-2019-10098 httpd: mod_rewrite potential open redirect - Resolves: #1724879 - httpd terminates all SSL connections using an abortive shutdown - Resolves: #1715981 - Backport of SessionExpiryUpdateInterval directive - Resolves: #1565457 - CVE-2018-1303 httpd: Out of bounds read in mod_cache_socache can allow a remote attacker to cause a denial of service - Resolves: #1566531 - CVE-2018-1283 httpd: Improper handling of headers in mod_session can allow a remote user to modify session data for CGI applications- Resolves: #1677496 - CVE-2018-17199 httpd: mod_session_cookie does not respect expiry time- htpasswd: add SHA-2 crypt() support (#1486889)- Resolves: #1630886 - scriptlet can fail if hostname is not installed - Resolves: #1565465 - CVE-2017-15710 httpd: Out of bound write in mod_authnz_ldap when using too small Accept-Language values - Resolves: #1568298 - CVE-2018-1301 httpd: Out of bounds access after failure in reading the HTTP request - Resolves: #1673457 - Apache child process crashes because ScriptAliasMatch directive - Resolves: #1633152 - mod_session missing apr-util-openssl - Resolves: #1649470 - httpd response contains garbage in Content-Type header - Resolves: #1724034 - Unexpected OCSP in proxy SSL connection- Resolves: #1566317 - CVE-2018-1312 httpd: Weak Digest auth nonce generation in mod_auth_digest - Resolves: #1696141 - CVE-2019-0217 httpd: mod_auth_digest: access control bypass due to race condition - Resolves: #1696096 - CVE-2019-0220 httpd: URL normalization inconsistency- fix per-request leak of bucket brigade structure (#1583218)- Resolves: #1527295 - httpd with worker/event mpm segfaults after multiple SIGUSR1- Resolves: #1458364 - RMM list corruption in ldap module results in server hang- Resolves: #1493181 - RFE: mod_ssl: allow sending multiple CA names which differ only in case- Resolves: #1556761 - mod_proxy_wstunned config needs the default port number- Resolves: #1548501 - Make OCSP more configurable (like CRL)- Resolves: #1523536 - Backport Apache BZ#59230 mod_proxy_express uses db after close- Resolves: #1533793 - Use Variable with mod_authnz_ldap- don't terminate connections during graceful stop/restart (#1557785)- Related: #1288395 - httpd segfault when logrotate invoked- Resolves: #1274890 - mod_ssl config: tighten defaults- Resolves: #1506392 - Backport: SSLSessionTickets directive support- Resolves: #1440590 - Need an option to disable UTF8-conversion of certificate DN- Resolves: #1464406 - Apache consumes too much memory for CGI output- Resolves: #1448892 - Cannot override LD_LIBARY_PATH in Apache HTTPD using SetEnv or PassEnv. Needs documentation.- Resolves: #1430640 - "ProxyAddHeaders Off" does not become effective when it's defined outside setting- Resolves: #1499253 - ProxyRemote with HTTPS backend sends requests with absoluteURI instead of abs_path- Resolves: #1288395 - httpd segfault when logrotate invoked- Resolves: #1368491 - mod_authz_dbd segfaults when AuthzDBDQuery missing- Resolves: #1467402 - rotatelogs: creation of zombie processes when -p is used- Resolves: #1493065 - CVE-2017-9798 httpd: Use-after-free by limiting unregistered HTTP method- Resolves: #1463194 - CVE-2017-3167 httpd: ap_get_basic_auth_pw() authentication bypass - Resolves: #1463197 - CVE-2017-3169 httpd: mod_ssl NULL pointer dereference - Resolves: #1463207 - CVE-2017-7679 httpd: mod_mime buffer overread - Resolves: #1463205 - CVE-2017-7668 httpd: ap_find_token() buffer overread - Resolves: #1470748 - CVE-2017-9788 httpd: Uninitialized memory reflection in mod_auth_digest- Related: #1332242 - Explicitly disallow the '#' character in allow,deny directives- Related: #1332242 - Explicitly disallow the '#' character in allow,deny directives- Resolves: #1445885 - define _RH_HAS_HTTPPROTOCOLOPTIONS- Resolves: #1442872 - apache user is not created during httpd installation when apache group already exist with GID other than 48- Related: #1412976 - CVE-2016-0736 CVE-2016-2161 CVE-2016-8743 httpd: various flaws- Resolves: #1397241 - Backport Apache Bug 53098 - mod_proxy_ajp: patch to set worker secret passed to tomcat- Related: #1414258 - Crash during restart or at startup in mod_ssl, in certinfo_free() function registered by ssl_stapling_ex_init()- Resolves: #1414258 - Crash during restart or at startup in mod_ssl, in certinfo_free() function registered by ssl_stapling_ex_init()- Resolves: #1378946 - Backport of apache bug 55910: Continuation lines are broken during buffer resize- Resolves: #1364604 - Upstream Bug 56925 - ErrorDocument directive misbehaves with mod_proxy_http and mod_proxy_ajp- Resolves: #1324416 - Error 404 when switching language in HTML manual more than once- Resolves: #1353740 - Backport Apache PR58118 to fix mod_proxy_fcgi spamming non-errors: AH01075: Error dispatching request to : (passing brigade to output filters)- Resolves: #1371876 - Apache httpd returns "200 OK" for a request exceeding LimitRequestBody when enabling mod_ext_filter- Resolves: #1372692 - Apache httpd does not log status code "413" in access_log when exceeding LimitRequestBody- Resolves: #1376835 - httpd with worker/event mpm segfaults after multiple successive graceful reloads- Resolves: #1332242 - Explicitly disallow the '#' character in allow,deny directives- Resolves: #1396197 - Backport: mod_proxy_wstunnel - AH02447: err/hup on backconn- Resolves: #1348019 - mod_proxy: Fix a race condition that caused a failed worker to be retried before the retry period is over- Resolves: #1389535 - Segmentation fault in SSL_renegotiate- Resolves: #1406184 - stapling_renew_response: abort early (before apr_uri_parse) if ocspuri is empty- prefork: fix delay completing graceful restart (#1327624) - mod_ldap: fix authz regression, failing to rebind (#1415257)- Resolves: #1412976 - CVE-2016-0736 CVE-2016-2161 CVE-2016-8743 httpd: various flaws- RFE: run mod_rewrite external mapping program as non-root (#1316900)- add security fix for CVE-2016-5387- add 451 (Unavailable For Legal Reasons) response status-code (#1343582)- mod_cache: treat cache as valid with changed Expires in 304 (#1331341)- mod_cache: merge r->err_headers_out into r->headers when the response is cached for the first time (#1264989) - mod_ssl: Do not send SSL warning when SNI hostname is not found as per RFC 6066 (#1298148) - mod_proxy_fcgi: Ignore body data from backend for 304 responses (#1263038) - fix apache user creation when apache group already exists (#1299889) - fix apache user creation when USERGROUPS_ENAB is set to 'no' (#1288757) - mod_proxy: fix slow response time for reponses with error status code when using ProxyErrorOverride (#1283653) - mod_ldap: Respect LDAPConnectionPoolTTL for authn connections (#1300149) - mod_ssl: use "localhost" in the dummy SSL cert for long FQDNs (#1240495) - rotatelogs: improve support for localtime (#1244545) - ab: fix read failure when targeting SSL server (#1255331) - mod_log_debug: fix LogMessage example in documentation (#1279465) - mod_authz_dbd, mod_authn_dbd, mod_session_dbd, mod_rewrite: Fix lifetime of DB lookup entries independently of the selected DB engine (#1287844) - mod_ssl: fix hardware crypto support with custom DH parms (#1291865) - mod_proxy_fcgi: fix SCRIPT_FILENAME when a balancer is used (#1302797)- mod_dav: follow up fix for previous commit (#1263975)- mod_dav: treat dav_resource uri as escaped (#1255480)- mod_ssl: add support for User Principal Name in SSLUserName (#1242503)- core: fix chunk header parsing defect (CVE-2015-3183) - core: replace of ap_some_auth_required with ap_some_authn_required and ap_force_authn hook (CVE-2015-3185)- Revert fix for #1162152, it is not needed in RHEL7 - mod_proxy_ajp: fix settings ProxyPass parameters for AJP backends (#1242416)- mod_remoteip: correct the trusted proxy match test (#1179306) - mod_dav: send complete response when resource is created (#1235383) - apachectl: correct the apachectl status man page (#1231924)- mod_proxy_fcgi: honor Timeout / ProxyTimeout (#1222328) - do not show all vhosts twice in httpd -D DUMP_VHOSTS output (#1225820) - fix -D[efined] or [d] variables lifetime accross restarts (#1227219) - mod_ssl: do not send NPN extension with not configured (#1226015)- mod_authz_dbm: fix crash when using "Require dbm-file-group" (#1221575)- mod_authn_dbd: fix use-after-free bug with postgresql (#1188779) - mod_remoteip: correct the trusted proxy match test (#1179306) - mod_status: honor remote_ip as documented (#1169081) - mod_deflate: fix decompression of files larger than 4GB (#1170214) - core: improve error message for inaccessible DocumentRoot (#1170220) - ab: try all addresses instead of failing on first one when not available (#1125276) - mod_proxy_wstunnel: add support for SSL (#1180745) - mod_proxy_wstunnel: load this module by default (#1180745) - mod_rewrite: add support for WebSockets (#1180745) - mod_rewrite: do not search for directory if a URL will be rewritten (#1210091) - mod_ssl: Fix SSL_CLIENT_VERIFY value when optional_no_ca and SSLSessionCache are used and SSL session is resumed (#1170206) - mod_ssl: fix memory leak on httpd reloads (#1181690) - mod_ssl: use SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA (#1118476) - mod_cgi: return error code 408 on timeout (#1162152) - mod_dav_fs: set default value of DAVLockDB (#1176449) - add Documentation= to the httpd.service and htcacheclean.service (#1184118) - do not display "bomb" icon for files ending with "core" (#1170215) - add missing Reason-Phrase in HTTP response headers (#1162159) - fix BuildRequires to require openssl-devel >= 1:1.0.1e-37 (#1160625) - apachectl: ignore HTTPD variable from sysconfig (#1214401) - apachectl: fix "graceful" documentation (#1214398) - apachectl: fix "graceful" behaviour when httpd is not running (#1214430)- mod_proxy_fcgi: determine if FCGI_CONN_CLOSE should be enabled instead of hardcoding it (#1168050) - mod_proxy: support Unix Domain Sockets (#1168081)- core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704) - mod_cache: fix NULL pointer dereference on empty Content-Type (CVE-2014-3581)- rebuild against proper version of OpenSSL (#1080125)- set vstring based on /etc/os-release (#1114123)- fix the dependency on openssl-libs to match the fix for #1080125- allow 'es to be seen under virtual hosts (#1131847)- do not use hardcoded curve for ECDHE suites (#1080125)- allow reverse-proxy to be set via SetHandler (#1136290)- fix possible crash in SIGINT handling (#1131006)- ab: fix integer overflow when printing stats with lot of requests (#1092420)- add pre_htaccess so mpm-itk can be build as separate module (#1059143)- mod_ssl: prefer larger keys and support up to 8192-bit keys (#1073078)- fix build on ppc64le by using configure macro (#1125545) - compile httpd with -O3 on ppc64le (#1123490) - mod_rewrite: expose CONN_REMOTE_ADDR (#1060536)- mod_cgid: add security fix for CVE-2014-0231 (#1120608) - mod_proxy: add security fix for CVE-2014-0117 (#1120608) - mod_deflate: add security fix for CVE-2014-0118 (#1120608) - mod_status: add security fix for CVE-2014-0226 (#1120608) - mod_cache: add secutiry fix for CVE-2013-4352 (#1120608)- mod_dav: add security fix for CVE-2013-6438 (#1077907) - mod_log_config: add security fix for CVE-2014-0098 (#1077907)- mod_ssl: improve DH temp key handling (#1057687)- mod_ssl: use 2048-bit RSA key with SHA-256 signature in dummy certificate (#1071276)- Mass rebuild 2014-01-24- mod_ssl: sanity-check use of "SSLCompression" (#1036666) - mod_proxy_http: fix brigade memory usage (#1040447)- rebuild- build with -O3 on ppc64 (#1051066)- mod_dav: fix locktoken handling (#1004046)- Mass rebuild 2013-12-27- use unambiguous httpd-mmn (#1029360)- mod_ssl: allow SSLEngine to override Listen-based default (#1023168)- systemd: Use {MAINPID} notation in service file (#969972)- systemd: send SIGWINCH signal without httpd -k in ExecStop (#969972)- expand macros in macros.httpd (#1011393)- fix "LDAPReferrals off" to really disable LDAP Referrals- revert fix for dumping vhosts twice- update to 2.4.6 - mod_ssl: use revised NPN API (r1487772)- mod_unique_id: replace use of hostname + pid with PRNG output (#976666) - apxs: mention -p option in manpage- add patch for aarch64 (Dennis Gilmore, #925558)- remove duplicate apxs man page from httpd-tools- remove zombie dbmmanage script- return 400 Bad Request on malformed Host header- htpasswd/htdbm: fix hash generation bug (#956344) - do not dump vhosts twice in httpd -S output (#928761) - mod_cache: fix potential crash caused by uninitialized variable (#954109)- execute systemctl reload as result of apachectl graceful - mod_ssl: ignore SNI hints unless required by config - mod_cache: forward-port CacheMaxExpire "hard" option - mod_ssl: fall back on another module's proxy hook if mod_ssl proxy is not configured.- fix service file to not send SIGTERM after ExecStop (#906321, #912288)- protect MIMEMagicFile with IfModule (#893949)- really package mod_auth_form in mod_session (#915438)- update to 2.4.4 - fix duplicate ownership of mod_session config (#914901)- add mod_session subpackage, move mod_auth_form there (#894500)- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild- add systemd service for htcacheclean- drop patch for r1344712- filter mod_*.so auto-provides (thanks to rcollet) - pull in syslog logging fix from upstream (r1344712)- rebuild to pick up new apr-util-ldap- rebuild- pull upstream patch r1392850 in addition to r1387633- restore "ServerTokens Full-Release" support (#811714)- define PLATFORM in os.h using vendor string- use systemd script unconditionally (#850149)- use systemd scriptlets if available (#850149) - don't run posttrans restart if /etc/sysconfig/httpd-disable-posttrans exists- use systemctl from apachectl (#842736)- fix some error log spam with graceful-stop (r1387633) - minor mod_systemd tweaks- use IncludeOptional for conf.d/*.conf inclusion- adding mod_systemd to integrate with systemd better- mod_ssl: add check for proxy keypair match (upstream r1374214)- update to 2.4.3 (#849883) - own the docroot (#848121)- add mod_proxy fixes from upstream (r1366693, r1365604)- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- drop explicit version requirement on initscripts- mod_ext_filter: fix error_log warnings- support "configtest" and "graceful" as initscripts "legacy actions"- avoid use of "core" GIF for a "core" directory (#168776) - drop use of "syslog.target" in systemd unit file- use _unitdir for systemd unit file - use /run in unit file, ssl.conf- mod_ssl: fix NPN patch merge- move tmpfiles.d fragment into /usr/lib per new guidelines - package /run/httpd not /var/run/httpd - set runtimedir to /run/httpd likewise- fix htdbm/htpasswd crash on crypt() failure (#818684)- pull fix for NPN patch from upstream (r1345599)- update suexec patch to use LOG_AUTHPRIV facility- really fix autoindex.conf (thanks to remi@)- fix autoindex.conf to allow symlink to poweredby.png- suexec: use upstream version of patch for capability bit support- suexec: use syslog rather than suexec.log, drop dac_override capability- mod_ssl: add TLS NPN support (r1332643, #809599)- add BR on APR >= 1.4.0- use systemctl from logrotate (#221073)- pull from upstream: * use TLS close_notify alert for dummy_connection (r1326980+) * cleanup symbol exports (r1327036+)- rebuild- really fix restart- tweak default ssl.conf - fix restart handling (#814645) - use graceful restart by default- update to 2.4.2- fix macros- add _httpd_moddir to macros- fix symlink for poweredby.png - fix manual.conf- add mod_proxy_html subpackage (w/mod_proxy_html + mod_xml2enc) - move mod_ldap, mod_authnz_ldap to mod_ldap subpackage- clean docroot better - ship proxy, ssl directories within /var/cache/httpd - default config: * unrestricted access to (only) /var/www * remove (commented) Mutex, MaxRanges, ScriptSock * split autoindex config to conf.d/autoindex.conf - ship additional example configs in docdir- update to 2.4.1 - adopt upstream default httpd.conf (almost verbatim) - split all LoadModules to conf.modules.d/*.conf - include conf.d/*.conf at end of httpd.conf - trim %changelog- fix build against PCRE 8.30- update to 2.2.22- Rebuild against PCRE 8.30- fix #783629 - start httpd after named- complete conversion to systemd, drop init script (#770311) - fix comments in /etc/sysconfig/httpd (#771024) - enable PrivateTmp in service file (#781440) - set LANG=C in /etc/sysconfig/httpd- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- fix #751591 - start httpd after remote-fs- allow change state of BalancerMember in mod_proxy_balancer web interface- Make mmn available as %{_httpd_mmn}. - Add .svgz to AddEncoding x-gzip example in httpd.conf.- update to 2.2.21- update to 2.2.20 - fix MPM stub man page generation- fix #707917 - add httpd-ssl-pass-dialog to ask for SSL password using systemd- rebuild while rpm-4.9.1 is untagged to remove trailing slash in provided directory names- fix #716621 - suexec now works without setuid bit- fix #689091 - backported patch from 2.3 branch to support IPv6 in logresolve- update to 2.2.19 - enable dbd, authn_dbd in default config- fix path expansion in service files- add systemd service files (#684175, thanks to Jóhann B. Guðmundsson)- minor updates to httpd.conf - drop old patches- rebuild- use arch-specific mmn- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- generate dummy mod_ssl cert with CA:FALSE constraint (#667841) - add man page stubs for httpd.event, httpd.worker - drop distcache support - add STOP_TIMEOUT support to init script- update default SSLCipherSuite per upstream trunk- fix requires (#667397)- de-ghost /var/run/httpd- add tmpfiles.d configuration, ghost /var/run/httpd (#656600)- drop setuid bit, use capabilities for suexec binary- update to 2.2.17- link everything using -z relro and -z now- update to 2.2.16- default config tweaks: * harden httpd.conf w.r.t. .htaccess restriction (#591293) * load mod_substitute, mod_version by default * drop proxy_ajp.conf, load mod_proxy_ajp in httpd.conf * add commented list of shipped-but-unloaded modules * bump up worker defaults a little * drop KeepAliveTimeout to 5 secs per upstream - fix LSB compliance in init script (#522074) - bundle NOTICE in -tools - use init script in logrotate postrotate to pick up PIDFILE - drop some old Obsoletes/Conflicts- update to 2.2.15 (#572404, #579311)2.4.6-98.sl7_9.62.4.6-98.sl7_9.601-ldap.confmod_authnz_ldap.somod_ldap.so/etc/httpd/conf.modules.d//usr/lib64/httpd/modules/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=genericcpioxz9x86_64-redhat-linux-gnu?7zXZ !Xۢ^] crv(vX0']{ vZ 0|| GN `Z aS- iHrJla9s7b1)Z'+=YU_j56VO+'f@>w~wC0 jّdv^菱x?FmxwNeY{qbEV_ӿL-MH\w߃i]2ujusxXոwȸ ъA\,8.\bF{zK>z}avK,$N\kuG98>U[2q:%Z|=j %V(H+(贗פxPoP,پ̮n!Z2oq-upA'6UU AJ/8C}ZRi-eUt(i!9+R&GRп}Dpo=O[|k*qp$)Wl9)9 @TaX corZ{:Vob^;&XV;\QDwrk5SV\ÁPsn"(a;<~R(a0䷵˞<4\>TMklbx B63ig9\yʌ Q yߨ`]$" ]j:4KDB,%rg9( Q+#wzHQjy*w/qp wWYFDf P[=\XåSz ,R 8>~FF=%l`D: )v;I BwI y4O?=R%=zm"LVU"vۿ8Eryߢ=J>FCҦexOē=~8 AxR#sv>$^X^al#v`|s< Dc_=X~-ofʁ r'"\; T+ 52FRvW @X_eu%m3jTj{Hne?'c"Jο ^4㑔&E/OEGAY@ /IOfH;JjkPf}2qQj\ ާ%=3,)i^3nL, {$|&7b뤱Epϵmde6X`@+V2X|*\,ɢy-"ZI$?=]ZN53@5!NSh\wGxZ m\ԍy⸷FS>l(J0cSXu8|H$e80;qhcN^GTaeyl; RR V7%jT!ԟtz<`=t0u953m"S<+kQώ/p# V:htD;@;hxHYc_Q:,9=:-&we[jr.-}{ +edC?E07sLhW3kv4MDMq՛vp9 %6mBƟtZ}[dg$=vWX?]n\ $[GJMmacO@OQihr麈,{i|7=aƦeokc1"[a&5)R᙭LDåz"+4k qD%n棞ӑQ<  Q[̀u*ZqlЊoZY*gd\aޔ, o[X afkt=N_&.t)bs@$|dҾY|0@p3Sׇ6T%Ү@5hY *0 9lD{@I(R+|͹ mDj2!$)N.%c0d}PD\J hmغoq+FbxJ0nJak?\hy$ 8fWN"rwÀ"<+2QO(Nʒbʉ 򻰎gE+_Y9B2~_ƨ*~#~nV([¬$:*RDZru oo գj])*x`!ODs*Q!ݘr-"-®=9~w?7~|E:I%9 D{|v`6/jFb5wdnm!@ Ы1DE>zOQ_X4+f3r"4|t VGIdcՕo3/fe_D ƶ!' tB.JhM5Am?NG(>q;y^z2ETx PĶuzĿ IVN3Q&W)3^.b7x~{偝 涻"FSO爜3\K1meY.H QA97oe~,wVuF٧WA wm 2Wc/3cSN?ql޶ZVN>bsZ^tK,yPOLe_怃Tׄ+GѝLH =c˱ڵ~w)j zJ┓)C;l2%Ev-n3+4FOAͮ*UlH0 Z7$QʡjKg E! 풗Y/5C#ntWSJ(+wvcBrqZPܽ@`9Ry$Ր:ws\ @t3p|#qW/\Z\Έ]JXCxShA.vZ5qܙr&.('Qs_)*k${Ĩ;ٹ ZX6`? )O\Y_=Aa`}$눂>ch*osGF ŁwHՕw0u 8|֦HXjÒ;JӰɶ3Ma5bk>cA'k 0,Sv슜hĩ!w<.TGDɮRLj0E#NcޗMz#)V!"P`%fPT~ğTl\.I+[wফWnI% !^'t)wo {2Jάe+\z.`R26Rؿ:Y_~n`rjWCl\7roL"oS1L}#oWl>8gkfq 8: OW/T +ùNY=" YOZMM`K̸_ل;u<:Z+scs$ ?2JܥOWܿ+֛{~P 2CjVL[aY-a.{klmgzVp$@B.Z m 5n^YZvܬh&.i furx*<璤wk$ZZض,JskRՌ"<5o q2t8`? :ʼnUٜn2*tUsWfҫcm${i&[\§}@NF!+\=n$*ʞ##9Wi \MgX->2L Nt/;?|XGb{VPԗ7Ck.x_ OQ' jnubXD?,{,- \38.ঈ36ݟ@NǞ/T[x@8v\ȗ/hۄ/@O 6<毎L&Xp0?##X8F_b #7T>Q@*:ϒ"]E`ŀ0 .ء$/ME\4 W7G-k148R#pk Xdpjv\OʧogAL GqX%;_(Ȃख़ʰ^8P: ;p|wVj- ][Ae}_{28%>N&+ӿu9 );=kj,kF5`|| -~y ٘)u=a2` -:9bVܱn/$|;6p1ڡ˴aez/ ;ymgWB ,8wЊ_z{g4`XtLkkD~r^H/ uVZ]xȥI#pg˜W֙ T{`H"C &Npfo ܜ@+ Z\{TT[إYz C6ÅΰiT끔KLRz}vr=eи>@\kOY sSbeu,˷xP1&.V7]-;Iտ,n#0rR_ 4B9 2w/iWMmG9I (OO!o U2/>(+FOJTpsJTd@.'0^]J$^;D>ҫjQf0+T* BAoFaPi`pW$jq%8"H-& bI1ߎoaP6IfXkc/W-!r^=ߦ؍S?RB|=+i˧ꩇihsiQʽyͻ~fSo5CJ{eH` JhUecN 4(nՎ`~p:R<3t ݧ$Nb3CBӇ?z/j^Z .X~ѯFqv8o-to$T&26KP XO΍YֽE?9,lKЂB~TA0lj\%_ϫLk嚦Ow8CF+RTwRJS:J>ܔGbtY T2|#JʿUB`YsAuK2CږZۍJ<]vi%m 2XB|>%6e )24𤺇N͍OjhOYRև c5l9B't3N1ݡhONq _m@ZԈ\tMeV+| Igw<&?k-F ɮS8]%r\35Mj~;4Jv@Mf@涭#nb:Eb6Hjh#v7md EGЧJ07̘5 㰥('ֶ(>C}Nc1M (iGAV:r$ BOmcMR0G#2 r[X')E3Yl wAZQNb֫5 %C^ #VuM[8-q MLْíNNJ0k"'C]up?pg"d;oUNtsrf. dT:@@ ŚeW= يFfN[B`{^R,)n{*"\+]ǝ'TӇ{gWm zs|Ysoc >Wfh"6A0 Yd̯,51{/ lny@f?N\K!0BZ#volɹ?*ʍP) ?7@4lZ 78M01[ȯIS)JYFw$G\󯝬l:n-v!ksҜ,rIږKfUN2Y|͝jc4k NR}uOf0\Mkӭﵩv?G] V?\ߨ!Ck1fl#94.lӀyXd̀q@YL &k8 $w#N1-NTZ܉GDݫP  !:e&p #% 'S~wހ8מ'yu~"fFwL^1Chha{"m{ai\\np| yѾD[\$O$C"+jjAzG},o50 K_͜oesV]#Z̋6 re͵jDBKN`rS30{{K! V-NP?HSt_9t^mJ:.Sb[CIAέ sDˢz9etd:pqv` B=+Ԋs_PUa$$ Ԕ њ%mYZ83l٩Mu!N-xCAۧ/_^ƒX$k `Wy:)>&ieIC<D L08 'Jh (2fK:ghȵ0C<-Wx&hbP*a 6Vnţ;լ oWVes|Nl^q^9x>wZ~| -D)lM f4 f-k+X$J`ƥr3e,3ْ-/dmDA8<{&hh'l݇BiG{nrKHj 5|=@ka=N=C}%O,(0Z"J(ؤLm뚺>Pţ5T7OFYiD*??#7>!,zۂzj@@Sl8Z|cw?0"#]X@9R)ނ}dB[-pNw֔9ՇK1:seM/kc<;d䔶%n%AڔF3W|6>0=S0KJ׎ďB'{g{5rmʾ*lm` 8 !aV5lnw[$1wKa|֚?Bo}pTj4H*˨Z 1ߤ_ӚV>JA =wyrcs%p ]@9܂|c@l2 MpY֩CG[͎n%}5s JBsbbP iocjV7Wȵn^<瞫E|j2='*9̫Ybh_L|SoN`~dm#C;C d_+ V/(LغޘP2_MUFwWC_H.MzUSeNŒH3ֈY"ȄUy^#}ܡֶpp:o#f7Z؆zVN퐕I6vN> c3:_1NSt bQHZ+?*R+? EN>̼3D$ <iR?tB<. [`䜖8'&A$]R*23?$lP~2:][,'}5`Xΰ/N,+&RYkGI4 RrbhO߮1]K @@43} B_H=b{ SJܕ+0cO-R~$P0z7ZIc>RdzѣW9ViثMl7P9eo7zP.C'rb r\E?. w F3E~DVJ'F* vcT=j_)!׆dj-Rj'i W懪"Es0d1s o5>E5-y'䧆QD3G*et{"eģ }63GI+]f6=Kt.Fq$Lɛ=$n@{4P;]/ߙA07_juq&"A,DՙYl-B@^(g&-:K02u''^pH08S,[s Hozdp7LjW܅ˬ|Gp-h5i+g"rU;>;9LN I%C>LK$8N8CL`\ ;bߥ$Z,;.="$JR'J!ϸܔ0ex64C!%!OD8h>_'(j0J9"Q5CO`F?QI&Y 9ɒ\ ΒUs=bR+m"`sg(:AA4 VT؉4˪ H=h1tϖ/==|ڇ n7 =Ul6Jƒ_lu`Ha_^ ޹ôcl^MYǨ|0pշP: B cޞ ᾃQ?ThwO0Ns|zy:l/_V3ՊQA;68lE&P˷;E`vg?TWoP&A !fd>ޠKPpUTѻU6va4 o V4K( "u[8$kV!G^M'{;fNN+^ٴ^rs55ϼvRCz.`#u  r?wۄJJxPJkzfڙK(OeR'?%)T[V<୊l:/./Ragr`nX _lMwu8U*^iů٢|IMRzfXUP_Z]C/.iE(P8zhMp1zZ {|>@^v+ ?} 'h0'cR(9^D<9TRoud.+ZRc( BiJiޖV PXs{ 0:-a {),TJ6 'zw4?M{#NV~BĎޅH77MCPR,8m 3|-cL{Zh" Ig뚤 +X9px؊;_edԦC ѶsJ!7gp  bEb8fr`15y8&5s}ݑ0to|C!t)RcgЭTXt `y)EZ@2]YK!v%Iz<xT~I(6tCl{<1%#ʴ]T#g  djbK="9b$,S@&hG$Z̓Ԏ׭3v9Oĥ=+`J+X<VT)dV4]ܳ?5ޏv .)+f:^\Pld߮:y|AN(z<1XuFeUH%;chn{rTnh\Z&YW ^p yM{ }`ٵXQ."d*2~TF/<ŃD` 1*6AkͺdgJoPSI `WyЦ2;>n:FXI)enS{@wm)|佊S1Yͼ|:]j5G~Zw~+QYnhVE3)̰s@}s bhDdcZ{|$$F^UGknJ EOPQM=8Fx U*=]fhf4-0(l%ֲK)%77 -w9U 7Mȫq9y#OA#p(Jda B4H Q$[jK8P".#kP"RukpY վ> ;1SΗņw[atOCڍ?+cF tu0̑I" _75/ړPݸW׉oY>bޚS5$[T79fZ*g U)Y`T@/0A9",ӴtPJؚ#wL;y(Ƿ.dZi4$QY2"xޗѼz@o~` kn &LI,jO/z^H "$tG/+NW;(,R^f< N}heSPydzZl(^Czj*|RP1scZiBu[ys -Äg-;EYC Dy_x&sIlzwir fcbCkr|Lnv9@uWTlK[9CL5V)o_)lXZ!AT2v.^År"tctԀhYiFaτ4JoҖ4x][\9_. &զ?aSTI+oֶ'qꗺΥDϐmB{վ bM"+}]E뵄'x?'Fx@(ȿ"Ey~jӕ!M׶x&9g.шpqfQѿ.e~d'w8hf] ;vtL/a`߸Ͻb* hy1hO @zZC sR:ܫ2zvH߂H,Ecf" ݤsDݛ|֚8"/R` N2w%NW$Dmf EEBૢ<= ndZu\كޤehD$_CƸ9%/rF˥nNu(;"* ߑ+9a\p3%W)}] iFexkkbv;Oc=t/3͠еk ӑp}E3u--rKwQ5.w$TFI_VOQ,$}rQ-IEˉL{ _pn±AR0EdS`\+K֏h_kGX.쩽+kcSYV̊O4FF )BGEaDc%Kʺs/{*8J5uX[΂O'zT81t!5>%hv |P^SIJw^$oTN|9P?Pb+-(##QX9̷IMwn NrVF2rsJEG&H2NsJL9u37eԠwѝGI5N{څAC[v?{~c4߭DZ)HDj#tH3Tu<{]u8P3(so*-GAόqQ{եU1 kV(Q>-*TʄS g+c'i[hK6 lSךP2@.O&/`kFZ8ELiGLfz:\Z?oyPUa[gTEnPh4B{Z=m8רm~[44:!gz8P2`Ď[ )rܪ3'rl@/HojۊgPe9ǖ ..+Ҿt@QHi~|ȫZu$$40c1PtA?mE~HXf'Xj@5Hj' )d*jei S@GM 62Kaj" h<Á &9rtz#壃AJ.A ~Nʐɇ Ug 1ЁJXVi^4L[拓.8ЕKUhџ=M;v%>@) Dv06oDmys,/5,+4%‘qmpD"%ل}}'PgBF8Eֻ~XJR.i.2z Yv1!ơ<)5FqѪ|n6?$2}tȸ1| fkgƃo}U0$t:77h[{  gf: e_r[6qZnq)2 詼K3)/Dtv; ?Al t[e|t~<a=HUKF\9烔g.r D?PLB>ZSZ++gUkvM; O)j̐C}et1`#cCl-O fyR;ʫzo1tx *-%&S3 8o!5M757=;C׷4`F1ɓd~Y@@ִLc0l *Cc[?2)!Bހ4"zz@j׳2UAN8(z8`0Nox91_/33ӟ ^^UdzJ?Ƴ29~)iBC@#~  ?> 2*'3Y fI Y[ +NJ9x[<6@\Ҋqq4"kpaߣT&WRGNku"'6˄L$܃,!\`}?K4):4(̩ZҤ#{^u.\z)`vAO9S)*)u/vBrr=9L0U?nw/HWY^w9H?>hP׮y)%6gx@r.P~;v{\|* ڬ5uU|\!|OfZzN{Z!몹eH67a;VՖKc%Umɇذ *i!]vvhNݭbdM@׻)i]f [b? p۠2hute7 iM7Otv~vR_)<0nz*Cɐ>VaXm9v[nbrxH!nFFD)kC٬v@$f XbfFwc@ "hΤrD("K Ǯ4.5}vjC05z>hݙ;,wqȦdBn8\_n'^>&BIdu^ǤaTT'y6=pSQ k\4qZ ڼLѦQL'V:w 1< ]|%f7PhgAle|=86 |2X`s&joG4&TLm[|&Gʕ缉x&g09Ȫ+1|f|9U"HŅfFp's&_Ga zwdJOJM}Ǔq*c#9|6\|6mp8z(Q E|dWdPڎ`JQMg9Q)"٤pLh}ŦCb\NGםsd7Q` aLP"<vqϮ u! YNdfob5/,Q*]H3)\a!jm\oBR1Us:$dFENH[u~:mO][h=Xg./;V4'Cg $u_6Ԋ#'gseaAM@M$xs8 qL)L!eD ,=Vq{ L_{V「WM#P $8=:~|XĄ'"'BQ~ Xyiz'Pu~ 19 S.\J/mInVVX =zǝ)08=aXx9گu,-s&K&jkfn^ o= j2OO~ɶtF@6ߊ=9것=d 7GYr_\I8҄4و08 `lb0hV|N!WtRTdE؄[J ՗K >2 a:գǓ cPWge$W3䠍c0{R/tO[M #G`МE,u+Ӷ`όAqu?O͕yuvɮ(5*B2%?E03l$fJ܀] =oӪņEO{^6?~/f/?3#|n/j[x/A\3 IElEkTD:xjӮqW r1}k_hގ\t3mn!ḄԱ>FPO:gMi2Zt1"\yŤ9Y{V ]z# ?;By[30[QK 0ijE܋{L!{N"GdNZKg+7 V@{\F!^Um}Tْ̞,V8aʉ: +)y_9BܤUXMrk}@V>5ǝ %9x3~M{.5r,p[vp!1K.%ּm~3]1. ^"J[Z~҄5HX6z!(ܜXNݔdg~Eğb5Q1Z۾!2|SRN:/Xů ѷR@EdQ|d ٍ~UЗ}#B*q #m5 e~wq"tOt $j=,Dgyn7;cC'ojWӺpSvcп߃o#4x/KyQ6}\pNcwC&gNNDED. vCؼpQÞ9 ˭C*]u^*ƌ(-S](D, :'-ދ9P?N*QjTR3RϫDM-]M [i|=wyԍ%1'2m)~杦yG8{fN$7_]5_O.S׺43PhIܾOaC#xu, E6MqLa CeF) }&$Yg࿪U`Ĥĝ«S#y`ā8,d%sc)~T[XM SbM|5g?#9X-ͩ& QzyɳOS#{@ݐA 9wNÙwB 2#μ2:`'^K}U\lPpҐ;WQ?W h璏lĭZ:j4Ao_Ew(ഒZ`mj Ȃdh}}0E= ٓ^ dh0q1dp f}lC`PNM6OT}9Bpo A-tT( y[ӅRfG qӘM˿ $imgi8D@\B0L *Gөp!F/>.c,mMduh--m6 5ܰFiY0PM|K1 g}D`b{ 8-r@g=W)lך_;&Eό(¹@f`b6k1D&!M[7Υ/a (y*ʫd->lIB >@dܝATaK05AX84Og :Ag5Cu(J_UdAT,* ذ>rz74ys ކGtl;];_c&p2LU MF@>`yxC"j ?,@=ӌMnzBs{{ğlPؿ\*\t&ab'rpuΘ v¢ l1aڶP(稙ީ.jl O leԌӟ>sδloYk*s^++Z5viZ]zw(+qx3J R| a9mq۩eUjeIਸ਼yqgg܇Dm8xwam)אq€{܆K[QA=BJFof{z =>|Y_Qu~V"4Auo.PZ ,\wZ 3ۥ01$:f?Q^|X-E;0L>]VpMO[ Q`C>H 2 i=GUc-°I$K AeG.͝P2Y ΂]]BYЍ6LI^Y?"hdaHxnNnŠv0=1u(6hڿ&bo[&qlƧ HI1uMiKYqRbZuײri&15);lg#^zL ?I.؝UK,m5;{H:Nctw>X1fHj-)Թj[+3[Ois吙 1%Y.`8`uD ܅;9ݻ+ |ΎDѯ"%4 .v^o֦+M Uzt ۽I FuXMN(wlh^+rlQKQ'!zcH(Ɩŝ}kĄ57*f#?lC/6ĚFnzxif{ ]d-&6|~f+VIiCySCEcܠ<GTQH&fә\g|緅ߨHef49/1&kk6 rMl`C [ETpP}*U3-< 3\JS`x^cAr~HX;Oh) \f-F $Q\>Z2[QRtN% 2 /DcyCj׾ɵJO|nj'Д,h8ٜG#/ +/+⌼CC,nt?"'aKSG-hx\ 84!i]`^0`RֹMУv{ 7`~=ޅJ !lt퐲Ip9aY% ě![˪h-ɭ,6>0sh,w 4[uf7k }EwFudt~F{C|m^ v2ֽ$ TTV'=:w>Bt.+>$&(:Pi.a٬Y!xǐʅeW\%ZQQ=K iMd \ #? ўt(ב;Okʊ+/Oζ;xNK_9ְ?k8ۆD7z z~ٓ< M _2&IW_x@r'731r/v\?̡U>*?܁ *oGRZPAH4F v%iU6 n7<:nSNekrйS~C_ы>NэB?@b.w)Mz=X}^8&_(H+ycM2+h<OScu=K6eVo4.:琬֠:P0nC ǁ^9&:D^x::N iRՋеnཿ}ԃ3P"T=yFQnws?G7V]U7eEP2ؐzX~/.p9 wz=Gts{t).fwcz%IHaETU0[ފZhiQ p!jJ<.y噤"QGa9TNa/Gc8:S^( 2b|~whv&LJ]H6Rcɡ`{8߮(8U0'W~7/ܘX){_h8[$BFEdvr\ _CÑbcu4`5kJo}_Qiy(fNFمZȒv$PP :p]}G̔ǹv;4N/ }?DޝQC!kyʴV}E}օVv$Mh4Ǖy2~F諾;<; j"2.Gi;QU^Od"d> ˁoBmFgis'F1{sy1ȎhC4'ES%z p2X .u#hs mEpyv?GUcKYvd%}{4Qӆ)2OP>+}/-9Tmq)Oʽ }@OM&' ?TxʒJEP~ѹ:7kC{482Zվ5V IYg$oR|tu$5^[5ؒLO!f8+.6aQooyiG=X31ե.ћ#m,˙䯛-bi*5$ .vO$еÍx #ot=$/ҹ=qs:wY")YUFr+:E H1F/bhUv "G*|krU8rIWzkVeTVnrp`~i/5ɿygҎp%g{ɚS5y7NY!/N05)4~vIlyX۪35v%5 ij;܌Vj9mMkΞ' Ԉ8a-W@:/<]Zps; 8PgMoo;y\Qͷ^Tz&ً5T}It b- yM~R$ݐXyo aJ7P[DA,Waɬ!ϊe-8 ȯGv6 mb,4}'5Az9x!3޻j_Cٓ rg竓M|,1Ξ9`(9-(3Gp~IjщlX|Ӊ"ۢ5Pסd0躕0\F%gR)}hwM]cp /yo W]fIAlRZժmJ-fl`P͕9uG~sh*r9ސ,IT?)]W+փY1^~yͥQmWx? 3~3NIIHU4X 'Y6eUM&Fwmk;\s5fD=_ZCN͍o6rMW'ZxQ>"ם#8='rLҷ$ԍG: quZ\ GxzǼ9ѪB7*Jwj&hhe%U 6WU[ml12.f-@ant *܀dx.4È8n~ãsfXW J/PL4s*SOs V%Z̴Ȫ1Ԍ)3BD . ॻ <:EVJ:l{h-&|%ʱ$+2Wo(k-t%NGAQ^IEyےCu#6lp߭zA$zμ1cط!dscGO,eG('slh|Caʧ& 6cʹyvjCй[v^i$Qm.*|c HsG^LLk 7{4k*n^y[ D8s7Ȳ֑۵@6UM<[mXOtEG{>5&遗yvR=dqgVݍۭB8ϯVb\шfOhzb.:,(\?4⊩GP܌|l8v>;_}IP/eᾗ&=puh:`%Hc}bk1b =t4D&uv,ȆQ!]_B`5~cp@*QΒcsYj=3(@vv.&4O=somj )0X2b`!W&|z]=hR|Ji*G;n0r6E8QT[ᤉ]%-7?6M/?iBšNs[!,h`%yf̖V3\(6ˇ'96R󋨕.!ioc iؾɱ9v²Ad2 cl lV_Q1SJC5EEK/>}-5la1R,#A9/X 1b|=Pr4p2K)j`8zd?ɭٿ*֒Np`!kَ!zߝ6\:ςi j'% IBL2Rӛ{M)hsYC4QL50y߷S Lk㸟k>X"!rE(e58YclwhC(l*lGHK+cD0Ő^rz_!g%A(yqEqH&\}ijmkwN|&$,v^BI)$Z)vIQK Xx쐨n hl,Ȝ_73P]gBVsnCA V}'G]rB.V2J':ԺT_GT6x$֩ Ծ[ *m Wr-<;j`0J$R^`tŘOKӋ:͗)'_lBZʻ[fWcUS62D>c:ǙӮp)3gn i0m'~()zzj 'ڇ E-h?/H܂?ECAU#1i[ K47Y8)AM!RP. NFN>s$H zgLN4 #NPjjX`H?=섉mʖٹ7W)9ު.2Ŕ Լ$+CDk2' 8`cz)ןzTh5D;: fb5'aEYD י?7;ˏ~geD* F=Gxoc6Lxթ&ucLLZL0h+Z6Up "UĂ$0LG=H!w.1VD*QZi‚TP XS I+Lbg]Fj?zqNzP<ǕHr5u-P[{ڷ|II+3O?L*[؋"Ώ쭪񒅎+`3W_X{U>256 ݹo@x;M1C$Xtr>E2U)bd/Ԙ0~{NRK }0n)a^#I1>X "+ͼvnMN*fhity5~( %tƻ3-?J67}&lU{YpZ[HTb]^pT@xg" uz[]toPRc_ &䟏aQWWz po_e-e%ZlY޵q tR|鷖N8]ݸ%p*EcNA89A!BSMNY܅^wW(%}͌]7beMo5Djt#-ux%+gŷs؟-RЈc R9yX;[{dh=! ׯ ,s]ciM kfh39wLz֘ù*^kԥG\\*#K] 7k RJCJL.Ԡv0 $ x{uBJ83e.0š ~\ -bi?fn_{w|-|(:H)NJhlDiӏ/ҔP|e>wü(ю3NME O:p^@h@b'\@;ZaIOK;<>95DR>"=6{]%:i(O'M=Yh׭ᳩ%aߺt23a70Ec"s?<4vԺY퉟 5VXwS+{Hd0U]du#6,6$W2,uqA6-}$.\|`l%:s;66gh+H/$:o;KM hL.r(OK_n1 nx!*QO9HhTJֆ B::e<ɕ47FU6##+qUN}c9R]z?I#.#05\Vɩ@)AFZ334X&VȏkLzd@aȗjP ,P xٔexS-mڙr@id;jOI4!`:<-*Sփu?Mcqo0rzfv=d2.ޛڝdҭZn&^ɺ;#D\e_{UK[FCPH& jf\%mx u3aP#bxPo)]a8+~@y& 5U\*IwCY- 'fӲTbxL˙sXPuvKZ0_;w1h/b H?7M[Hc^V$j#:AvaYOm>6 & 'fK tSjv} g*_۴<˓XVy%|8;R?^Z`_^fxv=}:2~ʒ`Br!e>&C7[ הH-$KF|p=eQޘ*|u#tYI^!zס$wcYKBJv"f2D)ޱ_r&I=.T/d!~ 3<)Ⱏ:)삛gqLc)u˥P&'/ yq+[&\ I T l ]եLwbsC%ơ5 +Кۜ ?l.jn$YPXn|mb @~kU,疛 =-FxX e]b/^F%U1ܔ5TFb 8cS,kF'\˞Մfc;ڏ!Xe-?֬S\|أLW=Dߐ?:2_F21%EPҭ, 4W*ۭ8nY[5V\oLG/;f #1PDZSunfs2ܞ@ >wAk8Z0k~AS|?jNL@$N +VEER@m⭾ᮉFՃ)kJ$6evtXR]:LhI2ѲAk|a[< '9豱W%.j=an*\:ɔ4wRn՚%%59vlU`y\Z_+ֆܝn΂<_-G T%k`Oh_pƬ{LA$s+֨f\Iŷ.I$zƯ`szDw{ DIސ@ȶ⽟ܨHa iCv"݀MF C#FEO'Vh)ֽ4ސtj"p%dy]0!9Wlb6C8j׫5EgD( ,3i|lɒ]ky%6lRhO6iܱC{d4c&N4[Q.ٸyM3WX2& H2 ETu^r]](@IJE:!;g+NqRҖFdYv>5x09cԋ`L,f%<  B 7WыRy}tc6Ei>5kdlŠ{˃`AҮ${h@K<,67L/9럅2GXYnYJqs}]r$HLu`Tfc-ǚ_[]hh9[;@E8%&EyЏp/w^qޣktSV=5ۿ +]tsT;1 9 . X,C3%}`I_.V nO tbUӦL??Djps$G( uX$ 605(Az(ڰ 劳F`xMuge~3#~0lW:%ܚB2487̦Vϟô)݊j*ٴ>d'p޿G'^h{zFIDeP,Lxᄏ$څϛ-T:36ZYؘ"CR &4Vdf q k@cK:k˵=z]G΂MSA-,#Pu o4Vdi6̇A5uv?~W>%4 eLv5yQAHQVBNҭ"3>v||Ã2=A\F)& Dkt$NsЉU/r$`OM '+D:ʢV@yAŧcLTe Qr$/ FnVܧ%ug E4A| DtB9A6;/T1m\5%KJ.JA˨S!1 !fGVVŰlXCA,ckyXlc^& "2hQAE٩n4raI{6[y ~鴼tmb~k֙#ysa46{E()x8&ZA7}԰5Mo#蓶FP|bnhzOnUHjJ"=l̛}3)uݥF@XCQ)]OӺ_RsB]?msĦ2 EKЁl&1$`YOZdwfjb߄ `rK.R C} &nfǚMIs!& ) h|DQ1&)U6fҁ~tV:m!b(?+͍̬Ǧ\( >|mvPGv!u. H(mGLVDp)gG_98 -LEv@ Ep"1z8Sec"zG4ׁ*ZU ?+!-Zf =GObEܪ L+͔Jx?x|zO4 YZ