mod_ldap-2.4.6-99.sl7_9.1> H HtxHFdw ?*}},FgEf2=720Pid%12f9a5f46d47937abb752deb0cb2c60d4d90a3ca!XDLXrT. Fdw ?*}}C2Z:02'J|. HpqO8wJ#K>3{?{d   S *CIP\ b h t 7 <HWf4(z89:)Gz0Hz<IzHXzLYzT\zx]z^zbzd{|e{f{l{{Cmod_ldap2.4.699.sl7_9.1LDAP authentication modules for the Apache HTTP ServerThe mod_ldap and mod_authnz_ldap modules add support for LDAP authentication to the Apache HTTP Server.dpsl7.fnal.govScientific LinuxScientific LinuxASL 2.0Scientific LinuxSystem Environment/Daemonshttp://httpd.apache.org/linuxx86_64(-dp{dpYdpYcbbbdd396fe056e8ab167abd7b2cb5145b42210bfea38452968ff02a03493fc81f83d829f18842dbe2043a2ff25ae8404b13f158adba4d30023f895d5043ff5c30132167009c85b192dbd60d83a7cc5a48ed4edf623753a599f5a3161e442b8drootrootrootrootrootroothttpd-2.4.6-99.sl7_9.1.src.rpmmod_ldapmod_ldap(x86-64)   @@@@@@@@ httpdhttpd-mmnapr-util-ldaprpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(CompressedFileNames)libc.so.6()(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.4)(64bit)liblber-2.4.so.2()(64bit)libldap_r-2.4.so.2()(64bit)libpthread.so.0()(64bit)rtld(GNU_HASH)rpmlib(PayloadIsXz)0:2.4.6-99.sl7_9.120120211x86644.6.0-14.0-13.0.4-15.2-14.11.3dp@dJcd@c@b9@aaav@a^@_}^@^|@]z@]^]A\@\[+@[+@[+@[*A['[d@[d@ZZS]@Y@YeY@YY@YY@YdYp@Y{Y{Y*@YYw2Y@Y@Y@XXg@X,X,X@XƉX•@XCX@X@XXXXO@XO@XO@XO@XXWWW{@Wc@V͛@U@Uݪ@UoUȒ@UU@Un@UY@U.RT}Tto@TXTG@T2@T @TTS@SS@S@SuSǺS*@SSRUR@RRΏ@R@RkR1@RsRrF@Ri RM\@RC@Q@QQޞ@QQo@Q@QQ@Qo@Qm=@QQQ,Q,Q']QP @P6@P6@P{@PPl(PiPiPiPiPiPYPQPIP3x@P3x@PPO@OO@O@OЗOЗOF@OF@OF@O]@O"O"O@O@O@O@O@O@O@OOOOOOleOleO_6O_6O_6OU@O8@O8@O5OKO@ONNS@N{#@NoENdNBrN)f@N&@N@N MM>MMn1@MdMRMF@M(QM$]@M$]@M# L@L@LLMxL7@K@Scientific Linux Auto Patch Process Luboš Uhliarik - 2.4.6-99.1Luboš Uhliarik - 2.4.6-97.7Luboš Uhliarik - 2.4.6-97.6Luboš Uhliarik - 2.4.6-97.5Luboš Uhliarik - 2.4.6-97.4Luboš Uhliarik - 2.4.6-97.3Luboš Uhliarik - 2.4.6-97.2Luboš Uhliarik - 2.4.6-97.1Lubos Uhliarik - 2.4.6-97Lubos Uhliarik - 2.4.6-95Lubos Uhliarik - 2.4.6-94Lubos Uhliarik - 2.4.6-93Joe Orton - 2.4.6-92Lubos Uhliarik - 2.4.6-91Lubos Uhliarik - 2.4.6-90Joe Orton - 2.4.6-89Luboš Uhliarik - 2.4.6-88Luboš Uhliarik - 2.4.6-87Luboš Uhliarik - 2.4.6-86Luboš Uhliarik - 2.4.6-85Luboš Uhliarik - 2.4.6-84Luboš Uhliarik - 2.4.6-83Luboš Uhliarik - 2.4.6-82Joe Orton - 2.4.6-81Luboš Uhliarik - 2.4.6-80Luboš Uhliarik - 2.4.6-79Luboš Uhliarik - 2.4.6-78Luboš Uhliarik - 2.4.6-77Luboš Uhliarik - 2.4.6-76Luboš Uhliarik - 2.4.6-75Luboš Uhliarik - 2.4.6-74Luboš Uhliarik - 2.4.6-73Luboš Uhliarik - 2.4.6-72Luboš Uhliarik - 2.4.6-71Luboš Uhliarik - 2.4.6-70Luboš Uhliarik - 2.4.6-69Luboš Uhliarik - 2.4.6-68Luboš Uhliarik - 2.4.6-67Luboš Uhliarik - 2.4.6-66Luboš Uhliarik - 2.4.6-65Luboš Uhliarik - 2.4.6-64Luboš Uhliarik - 2.4.6-63Luboš Uhliarik - 2.4.6-62Luboš Uhliarik - 2.4.6-61Luboš Uhliarik - 2.4.6-60Luboš Uhliarik - 2.4.6-59Luboš Uhliarik - 2.4.6-58Luboš Uhliarik - 2.4.6-57Luboš Uhliarik - 2.4.6-56Luboš Uhliarik - 2.4.6-55Luboš Uhliarik - 2.4.6-54Luboš Uhliarik - 2.4.6-53Luboš Uhliarik - 2.4.6-52Luboš Uhliarik - 2.4.6-51Luboš Uhliarik - 2.4.6-50Luboš Uhliarik - 2.4.6-49Luboš Uhliarik - 2.4.6-48Joe Orton - 2.4.6-47Luboš Uhliarik - 2.4.6-46Luboš Uhliarik - 2.4.6-45Joe Orton - 2.4.6-44Joe Orton - 2.4.6-43Joe Orton - 2.4.6-42Jan Kaluza - 2.4.6-41Jan Kaluza - 2.4.6-40Jan Kaluza - 2.4.6-39Jan Kaluza - 2.4.6-38Jan Kaluza - 2.4.6-37Jan Kaluza - 2.4.6-36Jan Kaluza - 2.4.6-35Jan Kaluza - 2.4.6-34Jan Kaluza - 2.4.6-33Jan Kaluza - 2.4.6-32Jan Kaluza - 2.4.6-31Jan Kaluza - 2.4.6-30Jan Kaluza - 2.4.6-29Jan Kaluza - 2.4.6-28Jan Kaluza - 2.4.6-27Jan Kaluza - 2.4.6-26Jan Kaluza - 2.4.6-25Jan Kaluza - 2.4.6-24Jan Kaluza - 2.4.6-23Jan Kaluza - 2.4.6-22Jan Kaluza - 2.4.6-21Jan Kaluza - 2.4.6-20Jan Kaluza - 2.4.6-19Jan Kaluza - 2.4.6-18Jan Kaluza - 2.4.6-17Joe Orton - 2.4.6-16Joe Orton - 2.4.6-15Daniel Mach - 2.4.6-14Joe Orton - 2.4.6-13Joe Orton - 2.4.6-12Joe Orton - 2.4.6-11Joe Orton - 2.4.6-10Daniel Mach - 2.4.6-9Joe Orton - 2.4.6-8Jan Kaluza - 2.4.6-7Jan Kaluza - 2.4.6-6Jan Kaluza - 2.4.6-5Jan Kaluza - 2.4.6-4Jan Kaluza - 2.4.6-3Jan Kaluza - 2.4.6-2Joe Orton - 2.4.6-1Jan Kaluza - 2.4.4-12Joe Orton - 2.4.4-11Joe Orton - 2.4.4-10Joe Orton - 2.4.4-9Jan Kaluza - 2.4.4-8Jan Kaluza - 2.4.4-6Jan Kaluza - 2.4.4-5Jan Kaluza - 2.4.4-4Jan Kaluza - 2.4.4-3Joe Orton - 2.4.4-2Joe Orton - 2.4.4-1Joe Orton - 2.4.3-17Fedora Release Engineering - 2.4.3-16Joe Orton - 2.4.3-15Joe Orton - 2.4.3-14Joe Orton - 2.4.3-13Joe Orton - 2.4.3-12Joe Orton - 2.4.3-11Joe Orton - 2.4.3-10Joe Orton - 2.4.3-9.1Joe Orton - 2.4.3-9Joe Orton - 2.4.3-8Joe Orton - 2.4.3-7Jan Kaluza - 2.4.3-6Joe Orton - 2.4.3-5Joe Orton - 2.4.3-4Jan Kaluza - 2.4.3-3Joe Orton - 2.4.3-2Joe Orton - 2.4.3-1Joe Orton - 2.4.2-23Fedora Release Engineering - 2.4.2-22Joe Orton - 2.4.2-21Joe Orton - 2.4.2-20Joe Orton - 2.4.2-19Joe Orton - 2.4.2-18Joe Orton - 2.4.2-17Joe Orton - 2.4.2-16Joe Orton - 2.4.2-15Joe Orton - 2.4.2-14Joe Orton - 2.4.2-13Joe Orton - 2.4.2-12Joe Orton - 2.4.2-11Joe Orton - 2.4.2-10Joe Orton - 2.4.2-9Joe Orton - 2.4.2-8Joe Orton - 2.4.2-7Joe Orton - 2.4.2-6Joe Orton - 2.4.2-5Joe Orton - 2.4.2-4Joe Orton - 2.4.2-3.2Joe Orton - 2.4.2-3Joe Orton - 2.4.2-2Jan Kaluza - 2.4.2-1Joe Orton - 2.4.1-6Joe Orton - 2.4.1-5Joe Orton - 2.4.1-4Joe Orton - 2.4.1-3Joe Orton - 2.4.1-2Joe Orton - 2.4.1-1Joe Orton - 2.2.22-2Joe Orton - 2.2.22-1Petr Pisar - 2.2.21-8Jan Kaluza - 2.2.21-7Joe Orton - 2.2.21-6Fedora Release Engineering - 2.2.21-5Jan Kaluza - 2.2.21-4Jan Kaluza - 2.2.21-3Ville Skyttä - 2.2.21-2Joe Orton - 2.2.21-1Joe Orton - 2.2.20-1Jan Kaluza - 2.2.19-5Iain Arnell 1:2.2.19-4Jan Kaluza - 2.2.19-3Jan Kaluza - 2.2.19-2Joe Orton - 2.2.19-1Joe Orton - 2.2.17-13Joe Orton - 2.2.17-12Joe Orton - 2.2.17-11Joe Orton - 2.2.17-10Joe Orton - 2.2.17-9Fedora Release Engineering - 2.2.17-8Joe Orton - 2.2.17-7Joe Orton - 2.2.17-6Joe Orton - 2.2.17-5Joe Orton - 2.2.17-4Joe Orton - 2.2.17-3Joe Orton - 2.2.17-2Joe Orton - 2.2.17-1Joe Orton - 2.2.16-2Joe Orton - 2.2.16-1Joe Orton - 2.2.15-3Robert Scheck - 2.2.15-1- Added Source: httpd-sl_index.html.sl.patch --> This patch removes TUV branding from the default index.html - Added Source: httpd-spec_sl_index.html.sl7.patch --> The index.html file is outside of the source tarball, so we need to patch it in the install step - Added Source: httpd.ini --> Config file for automated patch script- Resolves: #2190143 - mod_rewrite regression with CVE-2023-25690- Resolves: #2177742 - CVE-2023-25690 httpd: HTTP request splitting with mod_rewrite and mod_proxy- Resolves: #2101997 - HEAD request with a 404 and custom ErrorPage causes corrupt and mixed-up responses- Resolves: #2065243 - CVE-2022-22720 httpd: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier- Resolves: #2031072 - CVE-2021-34798 httpd: NULL pointer dereference via malformed requests - Resolves: #2031074 - CVE-2021-39275 httpd: out-of-bounds write in ap_escape_quotes() via malicious input - Resolves: #1969226 - CVE-2021-26691 httpd: Heap overflow in mod_session- Resolves: #2035058 - CVE-2021-44790 httpd: mod_lua: possible buffer overflow when parsing multipart content- Resolves: #2015694 - proxy rewrite to unix socket fails with CVE-2021-40438 fix- Resolves: #2011729 - CVE-2021-40438 httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:"- Resolves: #1852350 - httpd/mod_proxy_http/mod_ssl aborted when sending a client cert to backend server - Resolves: #1785100 - mod_cgid takes CGIDScriptTimeout x 2 seconds for timeout - Resolves: #1862499 - Intermittent Segfault in Apache httpd due to pool concurrency issues- Resolves: #1823262 - CVE-2020-1934 httpd: mod_proxy_ftp use of uninitialized value- Resolves: #1565491 - CVE-2017-15715 httpd: bypass with a trailing newline in the file name - Resolves: #1747283 - CVE-2019-10098 httpd: mod_rewrite potential open redirect - Resolves: #1724879 - httpd terminates all SSL connections using an abortive shutdown - Resolves: #1715981 - Backport of SessionExpiryUpdateInterval directive - Resolves: #1565457 - CVE-2018-1303 httpd: Out of bounds read in mod_cache_socache can allow a remote attacker to cause a denial of service - Resolves: #1566531 - CVE-2018-1283 httpd: Improper handling of headers in mod_session can allow a remote user to modify session data for CGI applications- Resolves: #1677496 - CVE-2018-17199 httpd: mod_session_cookie does not respect expiry time- htpasswd: add SHA-2 crypt() support (#1486889)- Resolves: #1630886 - scriptlet can fail if hostname is not installed - Resolves: #1565465 - CVE-2017-15710 httpd: Out of bound write in mod_authnz_ldap when using too small Accept-Language values - Resolves: #1568298 - CVE-2018-1301 httpd: Out of bounds access after failure in reading the HTTP request - Resolves: #1673457 - Apache child process crashes because ScriptAliasMatch directive - Resolves: #1633152 - mod_session missing apr-util-openssl - Resolves: #1649470 - httpd response contains garbage in Content-Type header - Resolves: #1724034 - Unexpected OCSP in proxy SSL connection- Resolves: #1566317 - CVE-2018-1312 httpd: Weak Digest auth nonce generation in mod_auth_digest - Resolves: #1696141 - CVE-2019-0217 httpd: mod_auth_digest: access control bypass due to race condition - Resolves: #1696096 - CVE-2019-0220 httpd: URL normalization inconsistency- fix per-request leak of bucket brigade structure (#1583218)- Resolves: #1527295 - httpd with worker/event mpm segfaults after multiple SIGUSR1- Resolves: #1458364 - RMM list corruption in ldap module results in server hang- Resolves: #1493181 - RFE: mod_ssl: allow sending multiple CA names which differ only in case- Resolves: #1556761 - mod_proxy_wstunned config needs the default port number- Resolves: #1548501 - Make OCSP more configurable (like CRL)- Resolves: #1523536 - Backport Apache BZ#59230 mod_proxy_express uses db after close- Resolves: #1533793 - Use Variable with mod_authnz_ldap- don't terminate connections during graceful stop/restart (#1557785)- Related: #1288395 - httpd segfault when logrotate invoked- Resolves: #1274890 - mod_ssl config: tighten defaults- Resolves: #1506392 - Backport: SSLSessionTickets directive support- Resolves: #1440590 - Need an option to disable UTF8-conversion of certificate DN- Resolves: #1464406 - Apache consumes too much memory for CGI output- Resolves: #1448892 - Cannot override LD_LIBARY_PATH in Apache HTTPD using SetEnv or PassEnv. Needs documentation.- Resolves: #1430640 - "ProxyAddHeaders Off" does not become effective when it's defined outside setting- Resolves: #1499253 - ProxyRemote with HTTPS backend sends requests with absoluteURI instead of abs_path- Resolves: #1288395 - httpd segfault when logrotate invoked- Resolves: #1368491 - mod_authz_dbd segfaults when AuthzDBDQuery missing- Resolves: #1467402 - rotatelogs: creation of zombie processes when -p is used- Resolves: #1493065 - CVE-2017-9798 httpd: Use-after-free by limiting unregistered HTTP method- Resolves: #1463194 - CVE-2017-3167 httpd: ap_get_basic_auth_pw() authentication bypass - Resolves: #1463197 - CVE-2017-3169 httpd: mod_ssl NULL pointer dereference - Resolves: #1463207 - CVE-2017-7679 httpd: mod_mime buffer overread - Resolves: #1463205 - CVE-2017-7668 httpd: ap_find_token() buffer overread - Resolves: #1470748 - CVE-2017-9788 httpd: Uninitialized memory reflection in mod_auth_digest- Related: #1332242 - Explicitly disallow the '#' character in allow,deny directives- Related: #1332242 - Explicitly disallow the '#' character in allow,deny directives- Resolves: #1445885 - define _RH_HAS_HTTPPROTOCOLOPTIONS- Resolves: #1442872 - apache user is not created during httpd installation when apache group already exist with GID other than 48- Related: #1412976 - CVE-2016-0736 CVE-2016-2161 CVE-2016-8743 httpd: various flaws- Resolves: #1397241 - Backport Apache Bug 53098 - mod_proxy_ajp: patch to set worker secret passed to tomcat- Related: #1414258 - Crash during restart or at startup in mod_ssl, in certinfo_free() function registered by ssl_stapling_ex_init()- Resolves: #1414258 - Crash during restart or at startup in mod_ssl, in certinfo_free() function registered by ssl_stapling_ex_init()- Resolves: #1378946 - Backport of apache bug 55910: Continuation lines are broken during buffer resize- Resolves: #1364604 - Upstream Bug 56925 - ErrorDocument directive misbehaves with mod_proxy_http and mod_proxy_ajp- Resolves: #1324416 - Error 404 when switching language in HTML manual more than once- Resolves: #1353740 - Backport Apache PR58118 to fix mod_proxy_fcgi spamming non-errors: AH01075: Error dispatching request to : (passing brigade to output filters)- Resolves: #1371876 - Apache httpd returns "200 OK" for a request exceeding LimitRequestBody when enabling mod_ext_filter- Resolves: #1372692 - Apache httpd does not log status code "413" in access_log when exceeding LimitRequestBody- Resolves: #1376835 - httpd with worker/event mpm segfaults after multiple successive graceful reloads- Resolves: #1332242 - Explicitly disallow the '#' character in allow,deny directives- Resolves: #1396197 - Backport: mod_proxy_wstunnel - AH02447: err/hup on backconn- Resolves: #1348019 - mod_proxy: Fix a race condition that caused a failed worker to be retried before the retry period is over- Resolves: #1389535 - Segmentation fault in SSL_renegotiate- Resolves: #1406184 - stapling_renew_response: abort early (before apr_uri_parse) if ocspuri is empty- prefork: fix delay completing graceful restart (#1327624) - mod_ldap: fix authz regression, failing to rebind (#1415257)- Resolves: #1412976 - CVE-2016-0736 CVE-2016-2161 CVE-2016-8743 httpd: various flaws- RFE: run mod_rewrite external mapping program as non-root (#1316900)- add security fix for CVE-2016-5387- add 451 (Unavailable For Legal Reasons) response status-code (#1343582)- mod_cache: treat cache as valid with changed Expires in 304 (#1331341)- mod_cache: merge r->err_headers_out into r->headers when the response is cached for the first time (#1264989) - mod_ssl: Do not send SSL warning when SNI hostname is not found as per RFC 6066 (#1298148) - mod_proxy_fcgi: Ignore body data from backend for 304 responses (#1263038) - fix apache user creation when apache group already exists (#1299889) - fix apache user creation when USERGROUPS_ENAB is set to 'no' (#1288757) - mod_proxy: fix slow response time for reponses with error status code when using ProxyErrorOverride (#1283653) - mod_ldap: Respect LDAPConnectionPoolTTL for authn connections (#1300149) - mod_ssl: use "localhost" in the dummy SSL cert for long FQDNs (#1240495) - rotatelogs: improve support for localtime (#1244545) - ab: fix read failure when targeting SSL server (#1255331) - mod_log_debug: fix LogMessage example in documentation (#1279465) - mod_authz_dbd, mod_authn_dbd, mod_session_dbd, mod_rewrite: Fix lifetime of DB lookup entries independently of the selected DB engine (#1287844) - mod_ssl: fix hardware crypto support with custom DH parms (#1291865) - mod_proxy_fcgi: fix SCRIPT_FILENAME when a balancer is used (#1302797)- mod_dav: follow up fix for previous commit (#1263975)- mod_dav: treat dav_resource uri as escaped (#1255480)- mod_ssl: add support for User Principal Name in SSLUserName (#1242503)- core: fix chunk header parsing defect (CVE-2015-3183) - core: replace of ap_some_auth_required with ap_some_authn_required and ap_force_authn hook (CVE-2015-3185)- Revert fix for #1162152, it is not needed in RHEL7 - mod_proxy_ajp: fix settings ProxyPass parameters for AJP backends (#1242416)- mod_remoteip: correct the trusted proxy match test (#1179306) - mod_dav: send complete response when resource is created (#1235383) - apachectl: correct the apachectl status man page (#1231924)- mod_proxy_fcgi: honor Timeout / ProxyTimeout (#1222328) - do not show all vhosts twice in httpd -D DUMP_VHOSTS output (#1225820) - fix -D[efined] or [d] variables lifetime accross restarts (#1227219) - mod_ssl: do not send NPN extension with not configured (#1226015)- mod_authz_dbm: fix crash when using "Require dbm-file-group" (#1221575)- mod_authn_dbd: fix use-after-free bug with postgresql (#1188779) - mod_remoteip: correct the trusted proxy match test (#1179306) - mod_status: honor remote_ip as documented (#1169081) - mod_deflate: fix decompression of files larger than 4GB (#1170214) - core: improve error message for inaccessible DocumentRoot (#1170220) - ab: try all addresses instead of failing on first one when not available (#1125276) - mod_proxy_wstunnel: add support for SSL (#1180745) - mod_proxy_wstunnel: load this module by default (#1180745) - mod_rewrite: add support for WebSockets (#1180745) - mod_rewrite: do not search for directory if a URL will be rewritten (#1210091) - mod_ssl: Fix SSL_CLIENT_VERIFY value when optional_no_ca and SSLSessionCache are used and SSL session is resumed (#1170206) - mod_ssl: fix memory leak on httpd reloads (#1181690) - mod_ssl: use SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA (#1118476) - mod_cgi: return error code 408 on timeout (#1162152) - mod_dav_fs: set default value of DAVLockDB (#1176449) - add Documentation= to the httpd.service and htcacheclean.service (#1184118) - do not display "bomb" icon for files ending with "core" (#1170215) - add missing Reason-Phrase in HTTP response headers (#1162159) - fix BuildRequires to require openssl-devel >= 1:1.0.1e-37 (#1160625) - apachectl: ignore HTTPD variable from sysconfig (#1214401) - apachectl: fix "graceful" documentation (#1214398) - apachectl: fix "graceful" behaviour when httpd is not running (#1214430)- mod_proxy_fcgi: determine if FCGI_CONN_CLOSE should be enabled instead of hardcoding it (#1168050) - mod_proxy: support Unix Domain Sockets (#1168081)- core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704) - mod_cache: fix NULL pointer dereference on empty Content-Type (CVE-2014-3581)- rebuild against proper version of OpenSSL (#1080125)- set vstring based on /etc/os-release (#1114123)- fix the dependency on openssl-libs to match the fix for #1080125- allow 'es to be seen under virtual hosts (#1131847)- do not use hardcoded curve for ECDHE suites (#1080125)- allow reverse-proxy to be set via SetHandler (#1136290)- fix possible crash in SIGINT handling (#1131006)- ab: fix integer overflow when printing stats with lot of requests (#1092420)- add pre_htaccess so mpm-itk can be build as separate module (#1059143)- mod_ssl: prefer larger keys and support up to 8192-bit keys (#1073078)- fix build on ppc64le by using configure macro (#1125545) - compile httpd with -O3 on ppc64le (#1123490) - mod_rewrite: expose CONN_REMOTE_ADDR (#1060536)- mod_cgid: add security fix for CVE-2014-0231 (#1120608) - mod_proxy: add security fix for CVE-2014-0117 (#1120608) - mod_deflate: add security fix for CVE-2014-0118 (#1120608) - mod_status: add security fix for CVE-2014-0226 (#1120608) - mod_cache: add secutiry fix for CVE-2013-4352 (#1120608)- mod_dav: add security fix for CVE-2013-6438 (#1077907) - mod_log_config: add security fix for CVE-2014-0098 (#1077907)- mod_ssl: improve DH temp key handling (#1057687)- mod_ssl: use 2048-bit RSA key with SHA-256 signature in dummy certificate (#1071276)- Mass rebuild 2014-01-24- mod_ssl: sanity-check use of "SSLCompression" (#1036666) - mod_proxy_http: fix brigade memory usage (#1040447)- rebuild- build with -O3 on ppc64 (#1051066)- mod_dav: fix locktoken handling (#1004046)- Mass rebuild 2013-12-27- use unambiguous httpd-mmn (#1029360)- mod_ssl: allow SSLEngine to override Listen-based default (#1023168)- systemd: Use {MAINPID} notation in service file (#969972)- systemd: send SIGWINCH signal without httpd -k in ExecStop (#969972)- expand macros in macros.httpd (#1011393)- fix "LDAPReferrals off" to really disable LDAP Referrals- revert fix for dumping vhosts twice- update to 2.4.6 - mod_ssl: use revised NPN API (r1487772)- mod_unique_id: replace use of hostname + pid with PRNG output (#976666) - apxs: mention -p option in manpage- add patch for aarch64 (Dennis Gilmore, #925558)- remove duplicate apxs man page from httpd-tools- remove zombie dbmmanage script- return 400 Bad Request on malformed Host header- htpasswd/htdbm: fix hash generation bug (#956344) - do not dump vhosts twice in httpd -S output (#928761) - mod_cache: fix potential crash caused by uninitialized variable (#954109)- execute systemctl reload as result of apachectl graceful - mod_ssl: ignore SNI hints unless required by config - mod_cache: forward-port CacheMaxExpire "hard" option - mod_ssl: fall back on another module's proxy hook if mod_ssl proxy is not configured.- fix service file to not send SIGTERM after ExecStop (#906321, #912288)- protect MIMEMagicFile with IfModule (#893949)- really package mod_auth_form in mod_session (#915438)- update to 2.4.4 - fix duplicate ownership of mod_session config (#914901)- add mod_session subpackage, move mod_auth_form there (#894500)- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild- add systemd service for htcacheclean- drop patch for r1344712- filter mod_*.so auto-provides (thanks to rcollet) - pull in syslog logging fix from upstream (r1344712)- rebuild to pick up new apr-util-ldap- rebuild- pull upstream patch r1392850 in addition to r1387633- restore "ServerTokens Full-Release" support (#811714)- define PLATFORM in os.h using vendor string- use systemd script unconditionally (#850149)- use systemd scriptlets if available (#850149) - don't run posttrans restart if /etc/sysconfig/httpd-disable-posttrans exists- use systemctl from apachectl (#842736)- fix some error log spam with graceful-stop (r1387633) - minor mod_systemd tweaks- use IncludeOptional for conf.d/*.conf inclusion- adding mod_systemd to integrate with systemd better- mod_ssl: add check for proxy keypair match (upstream r1374214)- update to 2.4.3 (#849883) - own the docroot (#848121)- add mod_proxy fixes from upstream (r1366693, r1365604)- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- drop explicit version requirement on initscripts- mod_ext_filter: fix error_log warnings- support "configtest" and "graceful" as initscripts "legacy actions"- avoid use of "core" GIF for a "core" directory (#168776) - drop use of "syslog.target" in systemd unit file- use _unitdir for systemd unit file - use /run in unit file, ssl.conf- mod_ssl: fix NPN patch merge- move tmpfiles.d fragment into /usr/lib per new guidelines - package /run/httpd not /var/run/httpd - set runtimedir to /run/httpd likewise- fix htdbm/htpasswd crash on crypt() failure (#818684)- pull fix for NPN patch from upstream (r1345599)- update suexec patch to use LOG_AUTHPRIV facility- really fix autoindex.conf (thanks to remi@)- fix autoindex.conf to allow symlink to poweredby.png- suexec: use upstream version of patch for capability bit support- suexec: use syslog rather than suexec.log, drop dac_override capability- mod_ssl: add TLS NPN support (r1332643, #809599)- add BR on APR >= 1.4.0- use systemctl from logrotate (#221073)- pull from upstream: * use TLS close_notify alert for dummy_connection (r1326980+) * cleanup symbol exports (r1327036+)- rebuild- really fix restart- tweak default ssl.conf - fix restart handling (#814645) - use graceful restart by default- update to 2.4.2- fix macros- add _httpd_moddir to macros- fix symlink for poweredby.png - fix manual.conf- add mod_proxy_html subpackage (w/mod_proxy_html + mod_xml2enc) - move mod_ldap, mod_authnz_ldap to mod_ldap subpackage- clean docroot better - ship proxy, ssl directories within /var/cache/httpd - default config: * unrestricted access to (only) /var/www * remove (commented) Mutex, MaxRanges, ScriptSock * split autoindex config to conf.d/autoindex.conf - ship additional example configs in docdir- update to 2.4.1 - adopt upstream default httpd.conf (almost verbatim) - split all LoadModules to conf.modules.d/*.conf - include conf.d/*.conf at end of httpd.conf - trim %changelog- fix build against PCRE 8.30- update to 2.2.22- Rebuild against PCRE 8.30- fix #783629 - start httpd after named- complete conversion to systemd, drop init script (#770311) - fix comments in /etc/sysconfig/httpd (#771024) - enable PrivateTmp in service file (#781440) - set LANG=C in /etc/sysconfig/httpd- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- fix #751591 - start httpd after remote-fs- allow change state of BalancerMember in mod_proxy_balancer web interface- Make mmn available as %{_httpd_mmn}. - Add .svgz to AddEncoding x-gzip example in httpd.conf.- update to 2.2.21- update to 2.2.20 - fix MPM stub man page generation- fix #707917 - add httpd-ssl-pass-dialog to ask for SSL password using systemd- rebuild while rpm-4.9.1 is untagged to remove trailing slash in provided directory names- fix #716621 - suexec now works without setuid bit- fix #689091 - backported patch from 2.3 branch to support IPv6 in logresolve- update to 2.2.19 - enable dbd, authn_dbd in default config- fix path expansion in service files- add systemd service files (#684175, thanks to Jóhann B. Guðmundsson)- minor updates to httpd.conf - drop old patches- rebuild- use arch-specific mmn- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- generate dummy mod_ssl cert with CA:FALSE constraint (#667841) - add man page stubs for httpd.event, httpd.worker - drop distcache support - add STOP_TIMEOUT support to init script- update default SSLCipherSuite per upstream trunk- fix requires (#667397)- de-ghost /var/run/httpd- add tmpfiles.d configuration, ghost /var/run/httpd (#656600)- drop setuid bit, use capabilities for suexec binary- update to 2.2.17- link everything using -z relro and -z now- update to 2.2.16- default config tweaks: * harden httpd.conf w.r.t. .htaccess restriction (#591293) * load mod_substitute, mod_version by default * drop proxy_ajp.conf, load mod_proxy_ajp in httpd.conf * add commented list of shipped-but-unloaded modules * bump up worker defaults a little * drop KeepAliveTimeout to 5 secs per upstream - fix LSB compliance in init script (#522074) - bundle NOTICE in -tools - use init script in logrotate postrotate to pick up PIDFILE - drop some old Obsoletes/Conflicts- update to 2.2.15 (#572404, #579311)2.4.6-99.sl7_9.12.4.6-99.sl7_9.101-ldap.confmod_authnz_ldap.somod_ldap.so/etc/httpd/conf.modules.d//usr/lib64/httpd/modules/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=genericcpioxz9x86_64-redhat-linux-gnu?7zXZ !Xۢ ] crv(vX0Px K{Ca˕>JBs%[;Eu6A|V1dL̖+Iav]*=ɸU0Y*L:d{͒@+w,YiFϓd7lv fz/F,{PpMʼnSU9@ gLԣe@mٕ=X+μѐgrWA.$IZ.lAZ}9?S[ H-`f\?iVIoJ=~RZ9_Y-Og(:8,cR7۶>*I`n{E!"qwBJ>rmwPh_}PhF޺ymP#=i)8@n uV^$mio+S7fWѮӏdɥ,&jгA-etJ HIĒ+%[J9ʆw|\Cj p6*U~YRPh>UPAg5 G{);ĉtFċrc([v~MmTu9U+a`}AgtQRiC'KgS_ q9 0ՂT O`j[ۓ2q489>|%W)%}#zD^!]4vuZESVL}BhzxlSd^y+iۀ1R.ʍ)'ӟDjid;,NE{$'i ȷ1tVH[>#ֱ!s ;FԱ`*3Z̧ kn \mK̜߃] ;躐L}q7ӗa_,wy-,B r8A#TkB yA1Յ5Yy r:Nfpwsm}{495Mǵ*+B5vtdi;A?^}t9?PJV^C֢ >x>֌+9::=Ty @OmgI龰kGk(rh9ZgO9|(ږ қo@&AE#4_h:cqԕ_ME 2Wm(RUfD+=4]  ^Ɣ/k"^,+/ 7|f2f4.!9op.Iz-'>*դӒuVgP%_9=\wITo-*8u|=]~r0ee!4UJ]kci-= M)ov1:l+ gKFx0F-?97P+ɛg?XCo%K'.? g-(m/`H>8=%񜼂넠JR/zS S'o}% tj>n'l%i{ym >66mOyVDuniKl&ĞA;6'R3eL@d=:Mr2h-0F^5؞ϖ@rGpR_i5ww4Q}~87?K XR2 ݻ dEc9ꪣp2S1*]ۮәSF'HOAZ/&Y2؀Ȍ}V߀wde[`.w"/(aq~b{O7ԯi?' BlݸVO Q!fHRqw狉>dnx:.V֕Rro_]hA:zH[FmG>eph"z+Ԛ,۵1\퉛B#!Hyp0~scvG^q9| "MM@Ovrd7,x3 UfU~puDӞ/G%xipLD_+߁&`^y:K-QvV 8GuU0n'/= fYg4]߉=H]Ϋ,el^y=V-ş!wc0D6Ua$B!PI_MQ*`(Im*3r8dNFSjwVJͣsYK;xe4_%̵苋,g-%I fF=D@dB%'_|t<輂$^ׇ@ ~`fI Ř 80DC .z9/ȗݞq`9rDvEZwqIdSl@+ķ wM9+el<*-Eqz(IIJa馾&hK*m!!\v;?ڡQl$H?@ݣ6ed}=ZZ s~0oè+`WAa@Y`(#mk | P质jo0x邊@\zxf,4TWCLe$}V剒]DU{!Gn^7 nj tRԜE\l+4Cɏ?H 峨+aj0X f{KDzz3pn{P&yWŒ#z%<ٌ"f9R{] Uѻ^Ohu ŀ`]n]PL&8 3o+ڠ9mj:ln˜vks;'\7 `ߴ~DQh.v\6A!>SdZ߽wm05 {YkFz]rsd#7.E[򢎲?|s@9hlJ35pWU[#8[U c}lEA(zE }ew]cg8yK4+IS^6&J]lmҫN୬Q0pKG땽ͷC$$>\v38bqRVߣ)(,,0Z mq6h~ju=8gYԬXUo75s.%1h=eOtS E'iӭh!cZ:aSW_n#E^)M}SJf*?\,,>Es( T($OKi5dOZZq9s2JXjGכ^LjݙO`6uoa2QMZYFvf+B)g|%j!mґVrW@$Iy1Tv㵖خdcHA%zL$l%R f@ZP6Vj365gw<*k/p!VU@Hoz޳z=Xpg % 7v3Z{my=/rzr"LB!#&(vT-̇mW$-0%GH)$#[a|~xB!xQLݍC%z!8Y6ϰcvdꂗa e4s3Dgms}/qQ I^9UXAZietA?2}|d;Q1Jmt/) ~Z'{Ԋ*7K=9Nv9 zjM;BAfNH*…YL! 2B0ع_(?]gVn5/ Lo(qEd[؄?-S[*Zqzol>&_廙Δ9TldËۗގKc,E&?8&f#?PYLP?hߥ-23yf#v/}iY0osBmC"55)6;&3X1b)S1w{7abSty3xGrP ~i#G3YHI~Nҿ(KcG?YdVY!<=RLoyf?6 [bR؏ZsShf)&]:~jHRcNePS/&3ɉ]өuyv F{ݹ[*8%+*㸉jSc4W$rl\f?cLbCArGTyKMek:kqu" [̔6ySGr{N9٤ܑQ?6oޛ+M̞B.G,Z|Lhw4z*10u  R^}M}D"P(DQPWbU ,b!yY&GM[2Fa݇eˍ=`qxbA|H'C m<fX\.e=j 'ء4E`IW0/yzP9r_I|Z2 DžFCNaj{%q=2lޒ=evֆqu;#Y`W*fU^PiMbєcڤlةN'rҶlk --J]JTFt×n@F8;#< 0M ׯ7PЩ% $ͬF6ԐEjhH;QDpk{9vB葃*˚*PJIyo%FZǎw{Ῐ%a2a}b<7Mkn{Vd]Z0.zc}ʄ/>6LA] YJ1w"n6Jl\ 'YCB2Zp61,ڛ=j,Å! EM>3-)YmrHrY2VԱtyazȋڮ{l0|jac8C"h"d8\M~YmAshنNrdQ?;{wCN,_E=rG<7x#d(S(+#{mZ"57U UR !M9j[ ,d5O,P}+6TF"Y9]U,IuG&8FHАDx^j HoO9lyУUnr@(1t(UX~+ie5](I%Kj)>Co$xv:9Ҏo,1ixG\' 9yf=x<W;'W[!h5{ 2["nk)|+t4~^㇮098Ũ:M_ 퇯=],LyD3wk6;V^!£t;Kkv5|D]&Z޼,,Qa(A!'."|6|W)}LHcP^ J~^V|ӊC=RnV 26e@&K8wH0[rWfSSo*P,7<|9BfRW2(oƝߒ:49q6q~T,³@st>#co4rgmg}oAÁUG,P}><4 eUĿj;,>'Lc,U1.eڳ붺)%Q% o<$;'@92 9h䦹hVeY~Qy^>5EQVKBS)=y1=ڌ m'TTzRƎ=U4Mԣ@$[U?!)Hl p߷2u1q²R?0lDiQ]Z܂[Qv0-?2 4ֲ)Xk@ޛEoE~Q.e7t?ƢGwzo}(]/kg*6PV&iMCԙ)t-ԋ9 T?5A)XgOHָJ21WG0T zF~Yڨ)!Q~Tu"3b ":3Kib%P'W$͍c-1V-fU"#Y@6 JS}ux AA[,^Cnˤ n |&B[+ KZ^%K N??_qJ갸JOcj9y8ıŸxMTw7KY f{ !!巳5Ѷ%Ƥ2 Z_o ԮNEd]ʲVPa%5-F.bkq2 Hi`['CXÁڨjfb(ʿRd nLO;{͠CwjV""l9I\2yrWpJ89v@KkWfx-8; J\ ь%ƳΧ%e,G0NQbwxY = \t@@udMj5,#Zn&S ~k$ C Pn:1 >Cl`؏S?'+rK ORHA>6Pg,;&g_x`GAFٝbn 0nFʦALsaan&y,3y<%+/ڗ0mh/9q: ȇҏϖK[HԃPneh'% u3^V ,Q3G:!5sNżI{*X*%N#EnS(j?܁SA2Dԙ?C %q)-yJEjjsb)Pհ` E7k}5jg q|Lj#~+H=0Hә t|-[ah0j\I,[N&c#?)t'ꖢR9 f6%r:mNV46q-36M*Wq2V#5nǜ`wʺnz@k<[XP}/Ug!3ԍp&d|@-QG4^5}Aj(z;N&n*j6fU:tdb ɦ Ey2tc$vb|jj2O3TcR +dԋy?5aDT(~:u`K_yW&q/rzb=fow|J4 R&sU3֬u7R NzhQ֥B E,})Z 'k[+ J;(+YmaYMCq 0.T'7ww]Rnڌ5qU#wC{KJuj$rPK)KOơ8eip|4ƘmۖHy-q!2q <@"llo.;bE0ZFn00֥p5|+w葊_VN?':CꙖ^_<0VhCH?Z -+'꬏nE?l1OI14pS=s.gru\+L E('̗2O8AD_?fڃj”Ci> mT;<5\+Yt~J(jlZ=iy J?v"bmTXnSNm7FDwՙ$з!qN~Р Dqn`C#I:W,PćH[5OQLkBvam̮M!wb} ?M^Q<CH 89)ZƆE2W"!d*="3WY$\R:h|<"RS=_}̐n`:ͮQq:Bw>26DB&Qq6D0 Fב KWܢ NkMn/Y3n+;6&Q2S8L/#!lEl 50O &f(Rs"d:5 +a2{1Dz V:%[dLuT34A>50O,ߺI>|CN_XbC̡ω)ֶdA,U3گ<\ Q:Yf 7D(A4qpWK~8EJ6{I 2RnZ|׀,/LHQ}f.ࣾÅsUnnnڷ #F<+oP 5o !Va>ںjW= ^&-(mqĤAeWedNVh y.JOw_ѻЮOr~e0{ؼNp 7A>[wRWvPi,`JA 5`%:4~j:G9WLk#_/G\8Wx 3C!# ÇJ'-SKP><|T~s@Ҳ8/>!JJN)q;) D,, "<0+O=؇0o?h:$Od_t; [`nX\.2 rȧ,5c|[30=c gs1N8'BAJ/ )-܋'_r,='Y/Hf2@ܖE$_Uel?EpƦj͎?btVρmckp4@iϊ4: ;ZK)U4s~fn;Rmt]*H~)W |a\3ϳu">1X韷w?Oepl@ m6ODyYY85"BI|NM dPv_*@ R6kA6џQ' ?V# p-ȐdYG2ғ+4 vpQ$91?D3+y/rA%q)S;Cj(] B tPj,GN8s!>zb䖠.9M)ˍ% 5;fGZ  :Sr@*yt>k£i׻TkLpnQi<.즂`Aм0pG^^0vN<'@4.~˅6+Z ` sng^5<+Ipٺn5V_/d6$';pa\ I7QDӀ+ʻ]L8IǣiS5Ts#B\ZlU}x[gUL I3;1maiFf8%BYxY3Psh\w EU;r.EKW[}Q܏<̪8'YϠS̎`,qH^ZXS[[V4VT=46r2Y+,XZNYyUV[1NGջCbٔWo{[# j0{DL  ;WJcMA5Ïcn׸z^(G*'A@*7DLpr -'ͅ@M6pGSY_Ll?؅k~C5125NV&P.0Şd=84Lp-vґZ> CLnGS y)I&%>PGF {CPGl95#ؖ;( 㠔&@P}COn :Q 㷈g UL+WJtCO.3߷l:,L>^W9䙨І~<(c_Q54Jj#jʪ+@ w^dns%wz/[liLQ),lcaו9NT>=رUY@bԖS.HHZ@;3[L C}koTn8Hg9:lq-,*^g\K`O#LgHG0Sf)=LB@Wp [#| ny)B˯7|[/l+sHS;xJ6Y0א[^[$eqz[}U ?u)o12@[{|ș kL"[ʬf^x݇|,L<{<{e:dis t"ÚN*D}XΩa#=(:(>lUm\~yGϻASQKC~VOKӱ MTI9y+] } U*q+mL9a  OmttWub: cJ}}U*AbOT:N|")꒘(LM ěHo YߦJeѻkl7$)8jp@ojdN.S"݁ *OcАv-[tPg^[r~Op񝨊 )bB0h,[^bZ-[ 3!E2M$k\o AGgPN5@ay<|*<-Jط~b8'.I͛{adE?2/#a]L0|C F"첌ڛ(_k}>T̃\}"eP`qՄ/eiq@e*j L9L$f`;>l0El1FjB\eYtP̎;u2owIMh$ pHtŗurmcR1\LyV%91ВȻ_Bjt 4uBvn  w_&?}CڴkY ;G:]^@H"dz j@X5C|Z*{OhKIՌkc` $63$ba;f kjzQm;HK]t~0!!n(/Se n^fZ,ʥڠxߤ!y܎_Lʁ1;1jW, &]WO8+y #VEbpyr,V.Z.AlDx!Կ ֔%<;Dkli@s6J/,^| S$?F285 W%X[h nI55E4UI?QOo(Fs7 Z# >aKϋW>5C .Hh=Z66.@ˌ?Mr'e˙x3HxA˶2gI86~meQRXy~3@CkFzs8(0M 71P,&lJm>vJ.:hW]OI]~&Pe$02EFdpdt7+]r_ HivSKZGDf;tނ!\5qWqma}ec e{zlΑ\ k0QJƥW{թQyIM .~*Z[+⾫BdN77`b=t2Tfj-\ &7C'gS64e.19UpdLz(ki%!+s<|xʘdY@*k)Qœ2_y.n[ן\]PLEe1;+rg$UR <=&׌I3VWlL K`ݿWګu >QW\JDžM ^IB<;"T ۯ[#=V>BsP*gy9Dܟ7, `$ޘoPcn*.;gnjEVyN; kXQrɮfC9/["p@&w,8W'1G2Rah4$;+@JFͮ>X?x‘IkN?#Ί-scbl74Ko,i99Zt-|wf}ZE TF;C!/wlxa 9[EMEƉRyCB)oetᑔ+>Assݠ3. "" ;۔{0.#D&ֈl }Xz@Li5/3!nj}N\Nb*-M[O.yCus1g.>؃ [| "R|-\ 3Vg9+~ݙ&X)3^97j++v_i"m.Cy{.o5=pdl&mKzR2q;#i>|),|8EQ_@h{aFTN63^-&EMXG!F.=G <5Dt% alx %Զhd [Wy6ESSvqߕ.m Ǘ 4pm2h@.״z{4UB3vM?#)Y ɡrh+GWVG^Ap.wKO~{9.N&R겏qS}~XX EM@?#P-[_oLԦ^È+}A_`)\9 WAt;#WvCĺ!X?YbS9rn%㮘VH\L#Ta<"Ǝqz "љIK2޲=)C^a-?T|*ػ4յ;胰m7TC+({V̘Ҟ>=H7zF 65pҵKgq)gAI}!ni/aWρO.e~ fe+# &0Օξ>1|mƯ7/h2]k:wf 6 ǻd~u0u(+ׇwTu?M} ݱ=x( {+٘g7.[9Y[ sRĈq=L_c73޼"HS%6Qd-WhV V[BkS2a#q:S+PB:?\8Fj`Z 0g%e~hmLtQy^pH;)=y1skwy9 {nI0æ ʂrDpNuK h98{)2P㣡}v"+ E7Xװ GE/}J+ZU=--nc͐h4y>:e_E:D <"v \Bn?=oTioagj^î\Qsci@֍0#5>+"0)K}*a٧vPFP)6GFBaZw%:"a>A}W~ӉMJ Y,oB4ڳ.hiUITk|'"x͏%GFKGL &qp?VK2X5}$tcH*\JmB ﴓQ:>8~2e mg,(#d6VHִft05 L[~]VZӯx^U"jFK\ .B$ ;fF$4.**pTMz;UcyMVdlɳ1 'Z%.]-%k?pQJxxvFEu %m)S.UlGQe%r-JxZ#6b[O+:Km/}3Whwdŭin\'X`j1e!G: "(|e1*9:ͯ7;kqJBn7*Ó\Y@(jf\>W{,~m ou""Jۛ<'ij uGhLl 뒯1TNZ# V/ r[Ljy?BegL)ho'dvOX y]:ik;X:|]_ni]aH3F4'c/$71m_ _rD\tr<!S2Hl`# eZ?Z{i|hb)_n9m$p*?UT\?f[8Q:B-6>D-q1=z<`'7Ldp`G1h ݬ2^.1VhW Vs;_PePfϢMIbkYlTA.}6awW輞"Olc&SDXwikli)Z|2#oa9Gbvne?oVFsL=`՟'BbYFݷhՒO"lk#AQ*7՚ za[QQt /x6  +{Oh^93+ cѴ|@yjX8bXR/nVgHyw:ȒVy6!c#4gǘN{;N3W aT|$Oi[,OKGֺ4 /AdjE_1:{PbNX s)zx? D#KT 0x3k;s]2bْпg"۔jȵ  8q$ZHF0Lԟ`0.V\h 5948i8iDq7F_mM)6۳q1t6|.ˎ{K !r;`P1dK,5zZ ^9osM&T]tp-ƆNwJ[]U A&?5=!Io9iUXllytp54U{.+w|:YA9[~w5&Hh/..EQ<s-N4YIL_m$NDps[ O+ R\uFc=vov9֒36b/oq!f(MZjX6/L[6CH=>c̮[qnmpO_,k딉 Clt,yTO>o[3ԯr:~H (Ƶ8-P(~;!X\֏"a9gym|o?i#i28|lf ]K'&S#m6G>ç/^[4g{=?0?HƈGRrsL o+4:HϙH90ƵN YG0&BFiQn֚8.Mҭn=p6\H;ply?d2z,yyjXb?kq?/!*UĂ> Wdq1V[m<&ٻxP)eQt#eG|O[1;*2Z`JTQ;fgj7i'hu?qUILl!m ςV5n9Ԡ}+c CLjbj{%TM'8ڦ!f?$\'*ư}ڏ@;Yt {pSd.m6cT}Vv FP[$ъŞc FSZrp;P|2IWOkm^:x~'vQe_ YKU5y`Q0vIsSbN<,6Ǭjc)f2 j e)bCBڧXgz=)jW&iRۚVsY;M,yߍ =|w! ܙO ~ qxG;;Ӄ^ͭ_?C0COήQ O^@r/ϥ$~LkڑB7Ml*qGwuuRδ&AId%YNT*A'D23Fr3.0;JfS]I<w9:Pn4M5j4ˆE5jo"EV 370bLyRc#XNwMHgʠۖqյ9B?Bwvŕ^]zվXD''TU#5(Z Pȧy YpVd"v x:Pucd.Fe&E(DgӜݷOZ\ $^]`ڧbAV6;eŸZո׌tvda=M;P⋋3@s=, b# bN+$ W$+,{gEgl/Ͳӹ)w_+b11 )C 2]AIP בڌ#eSCbbt%+<6X|iy kvQi"lR-yp@جJkpjOP-ą0~[Dzf)9\"ycfˠ+nWLʘ-#k dwA=.g;5 ]8mpDzŎ!\o y)\ 8o큙`dNw>31]NxEa֭OB> O> (.jnѯf1F5W-o(uTX_-TIzܕJxy(~]|ky*jD8`%I9 ,zɬct~%Z`pܔ6!)avi8᷷I"^#`э-CeBZg!fg;$Iar l$zq:MAL5SVlZH}tzIFӅA8Y,Pڨ%2 *,z6kV;i&?mqnt=?pp#!wU^₈u}C`9<5}FtjhExq¦^*.)RnTs {EI58K+9|ؤ92%~IԸujƣD(Ɓ sKPH,%ͺU­3W %vG {&fi:F[mebreN̹EPV:yĜNu`r1]ӣt fd>B~aZ{xr˚Vu.5jd{?0U{9C;9a=5۬ syK)4B=wF9Ã=_҈#=">!kKr#v꛲'Æ lBſwvuS):_j\QAHNeMklDMv/H9y}"t-fq'Ib|Ĝ%$ 04;%.jj$OXq/b +~\bHŔݷޚ syq"2uк"` μ )@:6~vڶqWPqB0"<VPHRe}LC5'xxvk_4`(%=J7-i@>h`ؐlC6 zqs"F՚X#eK5PNZຐBhA nL?Fz͈{mk')Ifw-ZE mr0U)~֞? LX uJTct\]}{Mn=;YE+DiZ9_^0V̂]ux"QjrG?:NQ$RkUtZay \};hy7o`u)ok1׹߮"y"kt|G_hHMa u3 FQ0ةk<YzT"X2`E TL`wg|`"݋X#RtC?S /Vl3fa7ag$_@/TY!?10heŽf<%U8q.Z#L[ˆۊa@퍑& {m Id |=*|t&@Raozi˕zqunX)3"CPtCfRXŖxc~ЙcP,4%jz%i،0.1hy LLJY[yؼv1ߵTҴč"~36A8- *6Wk)o;|kSlْ߰ۤb|0m۪G ȅ ҔGAVOʮF'PإqNS [-j9lf%\ҝ@0R RJƹ)ϙpMOpdor-Vώ|p5'Qwꪝ]2 GKkZJt* n!DP?b8ζڿz<')pѲ{s}cq }h_^, ΞKJG[^?|-S6 qyNSd09~02R';JʝF "K:+IDW%=Sq 8 +;@9 Yqpl`&+q;=˩&f0RpB  F˃.% "Ua^d}Y5{ /"F\SuĚs\~jsk#0'dr -s^݌uokP嚜*+F=RARCi!mƔVFcq)STLv-hM|L'#*#VjؒѥZ;kb`y [Xߣ]s_6B^[uZL( ٍvÕ"-ĈC"2l:~D늫7{L-{, З hWˇGq|̜'uC"z{DF`y' µvN >~z`zJD|ъF~~gosmBfZ* uRqG~7?-<̺]s/d<aqS?SbINӿe\0:<^v)e$# ☯$ tSK(7('F&r@n1*<׌:E'~(6tr8jVUrAnBѦ \~ACfߚ:~&4 %bG+DŽx*Ec.Sс/m9A@'g(5cHẏjz8,`X }Dϵ1 V6&K~BWM@fG4;q[Y;GK~h*K7<M6"3n'%-_FA>i#:aR -KkWNPDFkmQٹ%L'GP ~U~B>U@BPؕ-K`"kthAQ H~{5򝢊!x8>U) ~I,[a2(0`33 Τ֖B`Y6(~K kų2g&}LH(;Q+ɜg?Au.)pR,KI$}yQ`5JW .#):w*F1wHO*ur/c2DqWox:R!ء9.'!;r:GX\0,裠@&Qbϵ+e*L)X[*:KrmdVc wu1eMִqjzun8#+6 p`l%[dJDIEm3|0rvb|:Na荵 :ͫ(9+4}VZH 3?a.}~okrA5ÖoFphVxH{U?Ã>q2B ĴQnAZ}^hΏsww y>s^ Z#P|N h2rm!;Lzئ jxP!Ax=P UVèw<ɐ؂^4 c'efy[9!n叶)g~N)o!/=N>IN+>n4p:]~txS ܟ *9݇VoQNRݚ@c_/,Y)5}+,+b]i̡TNz1ZjbeÎ7xy'^O3Ns;nCmfZ,e]I/)xC@8`Z5TJ(;%$E>ux#Z"K/sVg*-a}"sӋ|^ly3< IcGpTJWnKd_`Kng?dTE%rcPge,`V b&PSʚRkF)Kgy;Cs2"B7R̰oƖ^ +ԌҍcD)S&E&p|\–E/k^=Iy7k I%HOy^%A G @lҠ:-s4`纰-#PwկaT› 48O ]ΡO=f_)@؜IJ9^+~jJȈZFq^\\4;0#\DءӼsƱJ9K`pQw4RyRBMNhkA j~IQ$LKSG^u/ Nf1`KLIٲ2+A1nygR}Le}ÿ́lp0⿒ wV #>pz=,|a#Z3g:yORO~:6]!2G^ nXμ @YMx0]O9 GOO1 Ŭ@rq NN/J@_քb|̮طkasG(_]IYoEDeʁ1ؔ0w4'!(߷M 1鸋e"Έ|cئ; w>g}2:Ruì'īl2C#Z,N3`b 2-rYucఱ O#AKVzC5a'Ök,hWCx"8C$kW;NPZyw;ӂרLՎv#j΍c[ |`OqE7YmU2M%.?$qu&%FzY~W<\ {P0i0::qRC!ǺD o·cR 4:R""ʄU}##b2C<4\eˈ{ޞ92.l+TDxĆq](B{4IWM_z_T-O%+nىLaMʐQSۏa-G??]HTt[0K<6cʹ埮|}9?hB؜>wn`Iui/xcTLH1? Qrѐ A._ݷ.G+`4N1,Lx] &0/.lى"tabp ]֒FOp>l%#_ݳc#Ta(Oޭo8)R6e%1, شv1gMF&@4Tޥ\v X@KˏWJ|fϋ6hއZ+OArM~vnA1CQTL  QPw{9W3WO*+)7R6/X-LrL%JwJ7{ z vW"M8!RX ^w;u-bVE.{@Ԑ _ : m, &Q̡ ߃Nxr'JKlVFpX|G1Duțu =u8y$Dۨٻ.RCBg^89ejXyg y[Od 86Mv*SHB)|e g3EnDGzq7!vtjBW;o+k ç~4քB+E_;ߚv%}"Oޖ!|&wPOYYWkU6". ' 4x{2@CˬNoJ9跬+0%i̕ԧDx#\Q RZ?;U_ @PDl:FE90۪51hpZeCLA&*DX"1/@A%T^ @azQ0[OWʹ%   dS:K[*tIii֣ kU$渞moN(qU~dz*<{<Τj 䧵}PToZ#Y/zHiVDތ)|˪ꢡԡJ5 넄ssZB+U9~ZF:'Rl [Ũw]gjk6J5z%; io)]ÕN bz6F =9kH*JgЅP򓢷IcWgc)hJUkմzF̪(ɟ[8S쟵 J9YN (/s ;cj"jDăfㆂSc{f`t/vE'Uf루 5p9H֝Z`[ijGO!?eW >#|PʹUsZ9ZA5)2ɓHKvkϹZ#2x!8).308* $hl N:@iK C MXo:1qk+ ݟ7#UkoިG@CMR0N>S5(s˴ɡBdmf$?iRdSB8DM?H4b;oן_͍#/]*|7- llJ] ={B m#HF1=/uT&Kc-^G ALfKa kЌeDx[ s zS^bt?C&֥Q-m0)^o=ޗIw7{ӄ.s7} .v٧5“YS"̧^0m:aٝ:ƭh8 ]1bѨQZ$'Q0 spI\^G ]wBN8a;I)WD쇬Ed|kUf=j@ܫX\a:?4}Ĕ:6- <=4r(%t\5dzq\0*N~L ANzW%rP&+қ-O4" _}oQʻufC!HQj@YtٮCIOp-bv# _Zr+$" ea"1,0o<(`Xb.! TD~(~ێw_cUh<Ԝ=C#)?vkVqP.g+&$ Hyd&Ջ#1 +'DWѯ#c1 >b|UddRJj/VyM39n9ISY$V9*= Om-K4~l!žDs #8+zHfbyhMu{:o-W1M_E=wHr+T]9h)7& ߽)p_ H3X"j!8Pk.,(FgKV)5w.1ȓkb#>w~״^mBOjJ7I aR خy=`dG+EBq;z q}{͔yCP֯F~soU犕ax|wOCf$ z:!p6jg湹,f@. UqK> $8Va]gn!Qj.guDųldTX iꏲ;* =@ jV)G^B2g!7;3? #qP=@SOs{-zO:Y+ GިW+e3-tEa걐;zc?>!fi; 2DH;%e+` )!m!ۊ8^ظDqR:G8|<%,_n[R@~R8y\'mp^vLyX,a`ltN7gL;}a"?QXٍACsWMeGcQoEo^7t@fϔ ?K4ةU)u-G ˈ@gYT&  a;/pqCRٮ3l Pb.KJ RG%gR)p_[DBH:] a`U\Y J@ Dq¾ج@ A'hʢpnP. âf㟖؅^#:c4zp"3U@fE5߽+HuNL?r)+sLb &ʞOyU"G_K5Gp?*z'>#޽] jdK+-Y%|=rh,!SSV:| n40,t~SR8O ez݇CvLO\؄acɒo\(nL0,Al3䳎q%|tW|bqyBba>ʾi8 R%y`"mW00hsM;9FBULaQn~%䅕A³|8փ9$gm&Or :ے -%& zPwgXX]ȇ` &YWN"J1"qh~ݽBھ o 빔IlSW0rNTvTd3<[ܶOM(NL_텈cgHP7zi[!Jr 'BKىVeސϫ~֨'%RDD3!f_N^4+\,]K11_D#ӦK)Ct+ 8MVWwoԞ mUŋ4JGq: BEKv?]e0Z^ogĪJ78%g&'&,qP 6#o D/ȳe<9Зy`Jt%0c˕Tb-j(>?Ox3#i l8l~hP*Z@&G/5&y4M<7Ukq$~~$•t ]G< |7co"zYzn:bXҡ?P)RL©D%siK%j+l6A2gxћ+)˦C܆4k !E%?7sQ{GW)Hf=+r3ovr.Fiܩ*qY|Էۂ/gN7Ia&F }^~({ 巖iߘO"vF߁?U 4ᢑ~m 5M=s9Er,.66oIb~fd#[kgrp)'bwKm߼ LXᥚ/4ܳJ5mTP{k{Z˕M ˀaxOs.>n!a *v;5[hyݴm/h=2=MΈa}(K! {^k}p*r%=.P!1)y5vi$Anq@nGA>'L*[oōT^1?j1@d~'B_U\*U2/+gA6AIށϛ*vXbhֽ4J֢Xg=~Ȕ 0}7dژOozl+p${nFdizx sO2ٿGF;Z W6 v0tVʜRJ!^ӕ4ҕؠx&$˒' xFb}ka1йLIe3pMu"8rW^ꊝ *~q]P'+oBFLf(QZ}t5)7W t$)Up?` Fڳ8ů^'UNapo^tZ\ -C'_]]&$XC6~cF tY"|rsj^k?h!C7>#gƼ[=IhpdL#(;~w:g [xS$CP$2Gypb N*{3>⹖k#`:&*_O{~'/]<\a. L[Fj6CЅ~5cD%B:'55,*YH|',(AsV~H:)d#$󟟆KH/e"lQX÷ֻ!@~J{ʗ/11zL"|Y-Ċgr!u HM!-S륍xDI||,T)[ ^N=1 o o% {  ݭz]Y2+[!]5$HK\-~.c‡b4 eAyr#k.ǏmfڮIntg-=/4 ŐlkC.:tBXQ^QM-dHalrj7*2beq5U1PR dg*}37ĴɊ|63=GxFt4PI"w)* HxkDn4y4xnƫMk8:\;$͚ AOrh{NWo2jj|bZr13 3q5V$91g{5jՖ]a5y'lBieSN͈  n{3y3 P kUi! nퟟS6ʆlY: qÈZ2߬k\XM7P>x"*鐸K%e"Iz/.q78Xg'rVzeyý`ڀ}kUT S=Zpt`n^"a-eT8Y! }9 nѻ S$Y}_%fHY?zx\J}"ITPwq;Q #IJ~I!s*"4i<%YFv{ҕɿD*6Ҁ6P`s(Z-C_I8軇 =cN4$Fj`0JHh`)Wny? nTmͅU0:55lwo0& &pyS[ATRAK o_ܜKqUge Co8 I!ҽ2ZwmLIw!YJ7 .%"TE߷mC-{g),5…T,:m} Ffkv>ԋ51顔 %Q1EƊf~.?G=~A8@䇕6&N0KB/d1{,8:nV3e):HmJ>p53n>0hq6N} Ι%prtH% z(uƩ=OGVS62b^ Jywm0AHRc%F]/PI&yTze]"J0Gu;\G2#Ц֟ʄ&$i=B~n(뚲^%N+ ԱsDm0s2 ;wFfOGx#SMYdsEi?ȍG豖rl'Ӆƈ*ŽG"5\?<(XlꃭdkT&zZwf>3$Ö֩ XTX`ݱS6MX3Z>XB]k]f+f6@{]e$CSfy!+Ұr $?%1Y@7pҀGwExP  = ]O_2>1>=HG[8 ObYM͕9٬4zE6ӹG5D̅AiX?6'-{jfGf0?rT)Z1r%*`V%wzɴBȍF!^5Q0sh(S[jeڎAp Is?5ߊ0Z@\4^zyV'2 rwYX15l1]AmeGVt}饐5ZaR4" :e7yDه~+ ̯v\n d/Va$h.?)ss4) $m|Lku^ SȒb`J}r^+:YC-ɲQUpB4߆`@=ĿG`3'~NEe[j S'kZ7RG$ `]O Ӫ[f5gY:M?4W#VCM (fjn W&xWn:ş 1|iaET4-ǵx9ގ[qD[x*jՠܾFNWX gyTk!cA%s7%/WN& -[}i`~3(##CչV#*PHjK,0*)&Qn+rf8Yb1z,BZ5XJ;A^n̬b8l̛yx- YZ