mod_session-2.4.6-99.sl7_9.1> H HtxHFdw ?*}} 7]*wNG#7i~%#k;fTK]c7f542b21964c9c3452a6871fd9dd18589829fecZ&CJ $CtVQFdw ?*}}Z@rI%Tw'x~XIQ24Ol,>3}4?}$d  L :SY`x    . 4LjJ(89:*G{DH{\I{tX{|Y{\{]{^|/b|dd|e}f}l}} Cmod_session2.4.699.sl7_9.1Session interface for the Apache HTTP ServerThe mod_session module and associated backends provide an abstract interface for storing and accessing per-user session data.dpsl7.fnal.govScientific LinuxScientific LinuxASL 2.0Scientific LinuxSystem Environment/Daemonshttp://httpd.apache.org/linuxx86_64m\x+\Ldp{dpYdpYdpYdpYdpY51df0ceeb7dae9922817f4af0554f83fe01d6268025ee08260aeed69be3953d1b3793eb1eb9003e377c81c364db57d923a70b88337331aa86ec8d34540bc9f7459361e63996ba38d04c81b78d32877249e8aa9bbd6ad48325e42acdc7398bf8daf3d460945569468da4d5dcf0945b631e9ddb8620eb183c8883fba24e5f3162d147e7c077703bad1b9af28b505fea6c7b34958975a277ee0d8db6f979880c5785a2aa587ee611d377b605aeb0e8934cd6ee1f093389012b980b895e213c6c8f2rootrootrootrootrootrootrootrootrootrootrootroothttpd-2.4.6-99.sl7_9.1.src.rpmmod_sessionmod_session(x86-64)   @@@@@@@ httpdhttpd-mmnapr-util-opensslrpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(CompressedFileNames)libc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.4)(64bit)libpthread.so.0()(64bit)rtld(GNU_HASH)rpmlib(PayloadIsXz)0:2.4.6-99.sl7_9.120120211x86644.6.0-14.0-13.0.4-15.2-14.11.3dp@dJcd@c@b9@aaav@a^@_}^@^|@]z@]^]A\@\[+@[+@[+@[*A['[d@[d@ZZS]@Y@YeY@YY@YY@YdYp@Y{Y{Y*@YYw2Y@Y@Y@XXg@X,X,X@XƉX•@XCX@X@XXXXO@XO@XO@XO@XXWWW{@Wc@V͛@U@Uݪ@UoUȒ@UU@Un@UY@U.RT}Tto@TXTG@T2@T @TTS@SS@S@SuSǺS*@SSRUR@RRΏ@R@RkR1@RsRrF@Ri RM\@RC@Q@QQޞ@QQo@Q@QQ@Qo@Qm=@QQQ,Q,Q']QP @P6@P6@P{@PPl(PiPiPiPiPiPYPQPIP3x@P3x@PPO@OO@O@OЗOЗOF@OF@OF@O]@O"O"O@O@O@O@O@O@O@OOOOOOleOleO_6O_6O_6OU@O8@O8@O5OKO@ONNS@N{#@NoENdNBrN)f@N&@N@N MM>MMn1@MdMRMF@M(QM$]@M$]@M# L@L@LLMxL7@K@Scientific Linux Auto Patch Process Luboš Uhliarik - 2.4.6-99.1Luboš Uhliarik - 2.4.6-97.7Luboš Uhliarik - 2.4.6-97.6Luboš Uhliarik - 2.4.6-97.5Luboš Uhliarik - 2.4.6-97.4Luboš Uhliarik - 2.4.6-97.3Luboš Uhliarik - 2.4.6-97.2Luboš Uhliarik - 2.4.6-97.1Lubos Uhliarik - 2.4.6-97Lubos Uhliarik - 2.4.6-95Lubos Uhliarik - 2.4.6-94Lubos Uhliarik - 2.4.6-93Joe Orton - 2.4.6-92Lubos Uhliarik - 2.4.6-91Lubos Uhliarik - 2.4.6-90Joe Orton - 2.4.6-89Luboš Uhliarik - 2.4.6-88Luboš Uhliarik - 2.4.6-87Luboš Uhliarik - 2.4.6-86Luboš Uhliarik - 2.4.6-85Luboš Uhliarik - 2.4.6-84Luboš Uhliarik - 2.4.6-83Luboš Uhliarik - 2.4.6-82Joe Orton - 2.4.6-81Luboš Uhliarik - 2.4.6-80Luboš Uhliarik - 2.4.6-79Luboš Uhliarik - 2.4.6-78Luboš Uhliarik - 2.4.6-77Luboš Uhliarik - 2.4.6-76Luboš Uhliarik - 2.4.6-75Luboš Uhliarik - 2.4.6-74Luboš Uhliarik - 2.4.6-73Luboš Uhliarik - 2.4.6-72Luboš Uhliarik - 2.4.6-71Luboš Uhliarik - 2.4.6-70Luboš Uhliarik - 2.4.6-69Luboš Uhliarik - 2.4.6-68Luboš Uhliarik - 2.4.6-67Luboš Uhliarik - 2.4.6-66Luboš Uhliarik - 2.4.6-65Luboš Uhliarik - 2.4.6-64Luboš Uhliarik - 2.4.6-63Luboš Uhliarik - 2.4.6-62Luboš Uhliarik - 2.4.6-61Luboš Uhliarik - 2.4.6-60Luboš Uhliarik - 2.4.6-59Luboš Uhliarik - 2.4.6-58Luboš Uhliarik - 2.4.6-57Luboš Uhliarik - 2.4.6-56Luboš Uhliarik - 2.4.6-55Luboš Uhliarik - 2.4.6-54Luboš Uhliarik - 2.4.6-53Luboš Uhliarik - 2.4.6-52Luboš Uhliarik - 2.4.6-51Luboš Uhliarik - 2.4.6-50Luboš Uhliarik - 2.4.6-49Luboš Uhliarik - 2.4.6-48Joe Orton - 2.4.6-47Luboš Uhliarik - 2.4.6-46Luboš Uhliarik - 2.4.6-45Joe Orton - 2.4.6-44Joe Orton - 2.4.6-43Joe Orton - 2.4.6-42Jan Kaluza - 2.4.6-41Jan Kaluza - 2.4.6-40Jan Kaluza - 2.4.6-39Jan Kaluza - 2.4.6-38Jan Kaluza - 2.4.6-37Jan Kaluza - 2.4.6-36Jan Kaluza - 2.4.6-35Jan Kaluza - 2.4.6-34Jan Kaluza - 2.4.6-33Jan Kaluza - 2.4.6-32Jan Kaluza - 2.4.6-31Jan Kaluza - 2.4.6-30Jan Kaluza - 2.4.6-29Jan Kaluza - 2.4.6-28Jan Kaluza - 2.4.6-27Jan Kaluza - 2.4.6-26Jan Kaluza - 2.4.6-25Jan Kaluza - 2.4.6-24Jan Kaluza - 2.4.6-23Jan Kaluza - 2.4.6-22Jan Kaluza - 2.4.6-21Jan Kaluza - 2.4.6-20Jan Kaluza - 2.4.6-19Jan Kaluza - 2.4.6-18Jan Kaluza - 2.4.6-17Joe Orton - 2.4.6-16Joe Orton - 2.4.6-15Daniel Mach - 2.4.6-14Joe Orton - 2.4.6-13Joe Orton - 2.4.6-12Joe Orton - 2.4.6-11Joe Orton - 2.4.6-10Daniel Mach - 2.4.6-9Joe Orton - 2.4.6-8Jan Kaluza - 2.4.6-7Jan Kaluza - 2.4.6-6Jan Kaluza - 2.4.6-5Jan Kaluza - 2.4.6-4Jan Kaluza - 2.4.6-3Jan Kaluza - 2.4.6-2Joe Orton - 2.4.6-1Jan Kaluza - 2.4.4-12Joe Orton - 2.4.4-11Joe Orton - 2.4.4-10Joe Orton - 2.4.4-9Jan Kaluza - 2.4.4-8Jan Kaluza - 2.4.4-6Jan Kaluza - 2.4.4-5Jan Kaluza - 2.4.4-4Jan Kaluza - 2.4.4-3Joe Orton - 2.4.4-2Joe Orton - 2.4.4-1Joe Orton - 2.4.3-17Fedora Release Engineering - 2.4.3-16Joe Orton - 2.4.3-15Joe Orton - 2.4.3-14Joe Orton - 2.4.3-13Joe Orton - 2.4.3-12Joe Orton - 2.4.3-11Joe Orton - 2.4.3-10Joe Orton - 2.4.3-9.1Joe Orton - 2.4.3-9Joe Orton - 2.4.3-8Joe Orton - 2.4.3-7Jan Kaluza - 2.4.3-6Joe Orton - 2.4.3-5Joe Orton - 2.4.3-4Jan Kaluza - 2.4.3-3Joe Orton - 2.4.3-2Joe Orton - 2.4.3-1Joe Orton - 2.4.2-23Fedora Release Engineering - 2.4.2-22Joe Orton - 2.4.2-21Joe Orton - 2.4.2-20Joe Orton - 2.4.2-19Joe Orton - 2.4.2-18Joe Orton - 2.4.2-17Joe Orton - 2.4.2-16Joe Orton - 2.4.2-15Joe Orton - 2.4.2-14Joe Orton - 2.4.2-13Joe Orton - 2.4.2-12Joe Orton - 2.4.2-11Joe Orton - 2.4.2-10Joe Orton - 2.4.2-9Joe Orton - 2.4.2-8Joe Orton - 2.4.2-7Joe Orton - 2.4.2-6Joe Orton - 2.4.2-5Joe Orton - 2.4.2-4Joe Orton - 2.4.2-3.2Joe Orton - 2.4.2-3Joe Orton - 2.4.2-2Jan Kaluza - 2.4.2-1Joe Orton - 2.4.1-6Joe Orton - 2.4.1-5Joe Orton - 2.4.1-4Joe Orton - 2.4.1-3Joe Orton - 2.4.1-2Joe Orton - 2.4.1-1Joe Orton - 2.2.22-2Joe Orton - 2.2.22-1Petr Pisar - 2.2.21-8Jan Kaluza - 2.2.21-7Joe Orton - 2.2.21-6Fedora Release Engineering - 2.2.21-5Jan Kaluza - 2.2.21-4Jan Kaluza - 2.2.21-3Ville Skyttä - 2.2.21-2Joe Orton - 2.2.21-1Joe Orton - 2.2.20-1Jan Kaluza - 2.2.19-5Iain Arnell 1:2.2.19-4Jan Kaluza - 2.2.19-3Jan Kaluza - 2.2.19-2Joe Orton - 2.2.19-1Joe Orton - 2.2.17-13Joe Orton - 2.2.17-12Joe Orton - 2.2.17-11Joe Orton - 2.2.17-10Joe Orton - 2.2.17-9Fedora Release Engineering - 2.2.17-8Joe Orton - 2.2.17-7Joe Orton - 2.2.17-6Joe Orton - 2.2.17-5Joe Orton - 2.2.17-4Joe Orton - 2.2.17-3Joe Orton - 2.2.17-2Joe Orton - 2.2.17-1Joe Orton - 2.2.16-2Joe Orton - 2.2.16-1Joe Orton - 2.2.15-3Robert Scheck - 2.2.15-1- Added Source: httpd-sl_index.html.sl.patch --> This patch removes TUV branding from the default index.html - Added Source: httpd-spec_sl_index.html.sl7.patch --> The index.html file is outside of the source tarball, so we need to patch it in the install step - Added Source: httpd.ini --> Config file for automated patch script- Resolves: #2190143 - mod_rewrite regression with CVE-2023-25690- Resolves: #2177742 - CVE-2023-25690 httpd: HTTP request splitting with mod_rewrite and mod_proxy- Resolves: #2101997 - HEAD request with a 404 and custom ErrorPage causes corrupt and mixed-up responses- Resolves: #2065243 - CVE-2022-22720 httpd: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier- Resolves: #2031072 - CVE-2021-34798 httpd: NULL pointer dereference via malformed requests - Resolves: #2031074 - CVE-2021-39275 httpd: out-of-bounds write in ap_escape_quotes() via malicious input - Resolves: #1969226 - CVE-2021-26691 httpd: Heap overflow in mod_session- Resolves: #2035058 - CVE-2021-44790 httpd: mod_lua: possible buffer overflow when parsing multipart content- Resolves: #2015694 - proxy rewrite to unix socket fails with CVE-2021-40438 fix- Resolves: #2011729 - CVE-2021-40438 httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:"- Resolves: #1852350 - httpd/mod_proxy_http/mod_ssl aborted when sending a client cert to backend server - Resolves: #1785100 - mod_cgid takes CGIDScriptTimeout x 2 seconds for timeout - Resolves: #1862499 - Intermittent Segfault in Apache httpd due to pool concurrency issues- Resolves: #1823262 - CVE-2020-1934 httpd: mod_proxy_ftp use of uninitialized value- Resolves: #1565491 - CVE-2017-15715 httpd: bypass with a trailing newline in the file name - Resolves: #1747283 - CVE-2019-10098 httpd: mod_rewrite potential open redirect - Resolves: #1724879 - httpd terminates all SSL connections using an abortive shutdown - Resolves: #1715981 - Backport of SessionExpiryUpdateInterval directive - Resolves: #1565457 - CVE-2018-1303 httpd: Out of bounds read in mod_cache_socache can allow a remote attacker to cause a denial of service - Resolves: #1566531 - CVE-2018-1283 httpd: Improper handling of headers in mod_session can allow a remote user to modify session data for CGI applications- Resolves: #1677496 - CVE-2018-17199 httpd: mod_session_cookie does not respect expiry time- htpasswd: add SHA-2 crypt() support (#1486889)- Resolves: #1630886 - scriptlet can fail if hostname is not installed - Resolves: #1565465 - CVE-2017-15710 httpd: Out of bound write in mod_authnz_ldap when using too small Accept-Language values - Resolves: #1568298 - CVE-2018-1301 httpd: Out of bounds access after failure in reading the HTTP request - Resolves: #1673457 - Apache child process crashes because ScriptAliasMatch directive - Resolves: #1633152 - mod_session missing apr-util-openssl - Resolves: #1649470 - httpd response contains garbage in Content-Type header - Resolves: #1724034 - Unexpected OCSP in proxy SSL connection- Resolves: #1566317 - CVE-2018-1312 httpd: Weak Digest auth nonce generation in mod_auth_digest - Resolves: #1696141 - CVE-2019-0217 httpd: mod_auth_digest: access control bypass due to race condition - Resolves: #1696096 - CVE-2019-0220 httpd: URL normalization inconsistency- fix per-request leak of bucket brigade structure (#1583218)- Resolves: #1527295 - httpd with worker/event mpm segfaults after multiple SIGUSR1- Resolves: #1458364 - RMM list corruption in ldap module results in server hang- Resolves: #1493181 - RFE: mod_ssl: allow sending multiple CA names which differ only in case- Resolves: #1556761 - mod_proxy_wstunned config needs the default port number- Resolves: #1548501 - Make OCSP more configurable (like CRL)- Resolves: #1523536 - Backport Apache BZ#59230 mod_proxy_express uses db after close- Resolves: #1533793 - Use Variable with mod_authnz_ldap- don't terminate connections during graceful stop/restart (#1557785)- Related: #1288395 - httpd segfault when logrotate invoked- Resolves: #1274890 - mod_ssl config: tighten defaults- Resolves: #1506392 - Backport: SSLSessionTickets directive support- Resolves: #1440590 - Need an option to disable UTF8-conversion of certificate DN- Resolves: #1464406 - Apache consumes too much memory for CGI output- Resolves: #1448892 - Cannot override LD_LIBARY_PATH in Apache HTTPD using SetEnv or PassEnv. Needs documentation.- Resolves: #1430640 - "ProxyAddHeaders Off" does not become effective when it's defined outside setting- Resolves: #1499253 - ProxyRemote with HTTPS backend sends requests with absoluteURI instead of abs_path- Resolves: #1288395 - httpd segfault when logrotate invoked- Resolves: #1368491 - mod_authz_dbd segfaults when AuthzDBDQuery missing- Resolves: #1467402 - rotatelogs: creation of zombie processes when -p is used- Resolves: #1493065 - CVE-2017-9798 httpd: Use-after-free by limiting unregistered HTTP method- Resolves: #1463194 - CVE-2017-3167 httpd: ap_get_basic_auth_pw() authentication bypass - Resolves: #1463197 - CVE-2017-3169 httpd: mod_ssl NULL pointer dereference - Resolves: #1463207 - CVE-2017-7679 httpd: mod_mime buffer overread - Resolves: #1463205 - CVE-2017-7668 httpd: ap_find_token() buffer overread - Resolves: #1470748 - CVE-2017-9788 httpd: Uninitialized memory reflection in mod_auth_digest- Related: #1332242 - Explicitly disallow the '#' character in allow,deny directives- Related: #1332242 - Explicitly disallow the '#' character in allow,deny directives- Resolves: #1445885 - define _RH_HAS_HTTPPROTOCOLOPTIONS- Resolves: #1442872 - apache user is not created during httpd installation when apache group already exist with GID other than 48- Related: #1412976 - CVE-2016-0736 CVE-2016-2161 CVE-2016-8743 httpd: various flaws- Resolves: #1397241 - Backport Apache Bug 53098 - mod_proxy_ajp: patch to set worker secret passed to tomcat- Related: #1414258 - Crash during restart or at startup in mod_ssl, in certinfo_free() function registered by ssl_stapling_ex_init()- Resolves: #1414258 - Crash during restart or at startup in mod_ssl, in certinfo_free() function registered by ssl_stapling_ex_init()- Resolves: #1378946 - Backport of apache bug 55910: Continuation lines are broken during buffer resize- Resolves: #1364604 - Upstream Bug 56925 - ErrorDocument directive misbehaves with mod_proxy_http and mod_proxy_ajp- Resolves: #1324416 - Error 404 when switching language in HTML manual more than once- Resolves: #1353740 - Backport Apache PR58118 to fix mod_proxy_fcgi spamming non-errors: AH01075: Error dispatching request to : (passing brigade to output filters)- Resolves: #1371876 - Apache httpd returns "200 OK" for a request exceeding LimitRequestBody when enabling mod_ext_filter- Resolves: #1372692 - Apache httpd does not log status code "413" in access_log when exceeding LimitRequestBody- Resolves: #1376835 - httpd with worker/event mpm segfaults after multiple successive graceful reloads- Resolves: #1332242 - Explicitly disallow the '#' character in allow,deny directives- Resolves: #1396197 - Backport: mod_proxy_wstunnel - AH02447: err/hup on backconn- Resolves: #1348019 - mod_proxy: Fix a race condition that caused a failed worker to be retried before the retry period is over- Resolves: #1389535 - Segmentation fault in SSL_renegotiate- Resolves: #1406184 - stapling_renew_response: abort early (before apr_uri_parse) if ocspuri is empty- prefork: fix delay completing graceful restart (#1327624) - mod_ldap: fix authz regression, failing to rebind (#1415257)- Resolves: #1412976 - CVE-2016-0736 CVE-2016-2161 CVE-2016-8743 httpd: various flaws- RFE: run mod_rewrite external mapping program as non-root (#1316900)- add security fix for CVE-2016-5387- add 451 (Unavailable For Legal Reasons) response status-code (#1343582)- mod_cache: treat cache as valid with changed Expires in 304 (#1331341)- mod_cache: merge r->err_headers_out into r->headers when the response is cached for the first time (#1264989) - mod_ssl: Do not send SSL warning when SNI hostname is not found as per RFC 6066 (#1298148) - mod_proxy_fcgi: Ignore body data from backend for 304 responses (#1263038) - fix apache user creation when apache group already exists (#1299889) - fix apache user creation when USERGROUPS_ENAB is set to 'no' (#1288757) - mod_proxy: fix slow response time for reponses with error status code when using ProxyErrorOverride (#1283653) - mod_ldap: Respect LDAPConnectionPoolTTL for authn connections (#1300149) - mod_ssl: use "localhost" in the dummy SSL cert for long FQDNs (#1240495) - rotatelogs: improve support for localtime (#1244545) - ab: fix read failure when targeting SSL server (#1255331) - mod_log_debug: fix LogMessage example in documentation (#1279465) - mod_authz_dbd, mod_authn_dbd, mod_session_dbd, mod_rewrite: Fix lifetime of DB lookup entries independently of the selected DB engine (#1287844) - mod_ssl: fix hardware crypto support with custom DH parms (#1291865) - mod_proxy_fcgi: fix SCRIPT_FILENAME when a balancer is used (#1302797)- mod_dav: follow up fix for previous commit (#1263975)- mod_dav: treat dav_resource uri as escaped (#1255480)- mod_ssl: add support for User Principal Name in SSLUserName (#1242503)- core: fix chunk header parsing defect (CVE-2015-3183) - core: replace of ap_some_auth_required with ap_some_authn_required and ap_force_authn hook (CVE-2015-3185)- Revert fix for #1162152, it is not needed in RHEL7 - mod_proxy_ajp: fix settings ProxyPass parameters for AJP backends (#1242416)- mod_remoteip: correct the trusted proxy match test (#1179306) - mod_dav: send complete response when resource is created (#1235383) - apachectl: correct the apachectl status man page (#1231924)- mod_proxy_fcgi: honor Timeout / ProxyTimeout (#1222328) - do not show all vhosts twice in httpd -D DUMP_VHOSTS output (#1225820) - fix -D[efined] or [d] variables lifetime accross restarts (#1227219) - mod_ssl: do not send NPN extension with not configured (#1226015)- mod_authz_dbm: fix crash when using "Require dbm-file-group" (#1221575)- mod_authn_dbd: fix use-after-free bug with postgresql (#1188779) - mod_remoteip: correct the trusted proxy match test (#1179306) - mod_status: honor remote_ip as documented (#1169081) - mod_deflate: fix decompression of files larger than 4GB (#1170214) - core: improve error message for inaccessible DocumentRoot (#1170220) - ab: try all addresses instead of failing on first one when not available (#1125276) - mod_proxy_wstunnel: add support for SSL (#1180745) - mod_proxy_wstunnel: load this module by default (#1180745) - mod_rewrite: add support for WebSockets (#1180745) - mod_rewrite: do not search for directory if a URL will be rewritten (#1210091) - mod_ssl: Fix SSL_CLIENT_VERIFY value when optional_no_ca and SSLSessionCache are used and SSL session is resumed (#1170206) - mod_ssl: fix memory leak on httpd reloads (#1181690) - mod_ssl: use SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA (#1118476) - mod_cgi: return error code 408 on timeout (#1162152) - mod_dav_fs: set default value of DAVLockDB (#1176449) - add Documentation= to the httpd.service and htcacheclean.service (#1184118) - do not display "bomb" icon for files ending with "core" (#1170215) - add missing Reason-Phrase in HTTP response headers (#1162159) - fix BuildRequires to require openssl-devel >= 1:1.0.1e-37 (#1160625) - apachectl: ignore HTTPD variable from sysconfig (#1214401) - apachectl: fix "graceful" documentation (#1214398) - apachectl: fix "graceful" behaviour when httpd is not running (#1214430)- mod_proxy_fcgi: determine if FCGI_CONN_CLOSE should be enabled instead of hardcoding it (#1168050) - mod_proxy: support Unix Domain Sockets (#1168081)- core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704) - mod_cache: fix NULL pointer dereference on empty Content-Type (CVE-2014-3581)- rebuild against proper version of OpenSSL (#1080125)- set vstring based on /etc/os-release (#1114123)- fix the dependency on openssl-libs to match the fix for #1080125- allow 'es to be seen under virtual hosts (#1131847)- do not use hardcoded curve for ECDHE suites (#1080125)- allow reverse-proxy to be set via SetHandler (#1136290)- fix possible crash in SIGINT handling (#1131006)- ab: fix integer overflow when printing stats with lot of requests (#1092420)- add pre_htaccess so mpm-itk can be build as separate module (#1059143)- mod_ssl: prefer larger keys and support up to 8192-bit keys (#1073078)- fix build on ppc64le by using configure macro (#1125545) - compile httpd with -O3 on ppc64le (#1123490) - mod_rewrite: expose CONN_REMOTE_ADDR (#1060536)- mod_cgid: add security fix for CVE-2014-0231 (#1120608) - mod_proxy: add security fix for CVE-2014-0117 (#1120608) - mod_deflate: add security fix for CVE-2014-0118 (#1120608) - mod_status: add security fix for CVE-2014-0226 (#1120608) - mod_cache: add secutiry fix for CVE-2013-4352 (#1120608)- mod_dav: add security fix for CVE-2013-6438 (#1077907) - mod_log_config: add security fix for CVE-2014-0098 (#1077907)- mod_ssl: improve DH temp key handling (#1057687)- mod_ssl: use 2048-bit RSA key with SHA-256 signature in dummy certificate (#1071276)- Mass rebuild 2014-01-24- mod_ssl: sanity-check use of "SSLCompression" (#1036666) - mod_proxy_http: fix brigade memory usage (#1040447)- rebuild- build with -O3 on ppc64 (#1051066)- mod_dav: fix locktoken handling (#1004046)- Mass rebuild 2013-12-27- use unambiguous httpd-mmn (#1029360)- mod_ssl: allow SSLEngine to override Listen-based default (#1023168)- systemd: Use {MAINPID} notation in service file (#969972)- systemd: send SIGWINCH signal without httpd -k in ExecStop (#969972)- expand macros in macros.httpd (#1011393)- fix "LDAPReferrals off" to really disable LDAP Referrals- revert fix for dumping vhosts twice- update to 2.4.6 - mod_ssl: use revised NPN API (r1487772)- mod_unique_id: replace use of hostname + pid with PRNG output (#976666) - apxs: mention -p option in manpage- add patch for aarch64 (Dennis Gilmore, #925558)- remove duplicate apxs man page from httpd-tools- remove zombie dbmmanage script- return 400 Bad Request on malformed Host header- htpasswd/htdbm: fix hash generation bug (#956344) - do not dump vhosts twice in httpd -S output (#928761) - mod_cache: fix potential crash caused by uninitialized variable (#954109)- execute systemctl reload as result of apachectl graceful - mod_ssl: ignore SNI hints unless required by config - mod_cache: forward-port CacheMaxExpire "hard" option - mod_ssl: fall back on another module's proxy hook if mod_ssl proxy is not configured.- fix service file to not send SIGTERM after ExecStop (#906321, #912288)- protect MIMEMagicFile with IfModule (#893949)- really package mod_auth_form in mod_session (#915438)- update to 2.4.4 - fix duplicate ownership of mod_session config (#914901)- add mod_session subpackage, move mod_auth_form there (#894500)- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild- add systemd service for htcacheclean- drop patch for r1344712- filter mod_*.so auto-provides (thanks to rcollet) - pull in syslog logging fix from upstream (r1344712)- rebuild to pick up new apr-util-ldap- rebuild- pull upstream patch r1392850 in addition to r1387633- restore "ServerTokens Full-Release" support (#811714)- define PLATFORM in os.h using vendor string- use systemd script unconditionally (#850149)- use systemd scriptlets if available (#850149) - don't run posttrans restart if /etc/sysconfig/httpd-disable-posttrans exists- use systemctl from apachectl (#842736)- fix some error log spam with graceful-stop (r1387633) - minor mod_systemd tweaks- use IncludeOptional for conf.d/*.conf inclusion- adding mod_systemd to integrate with systemd better- mod_ssl: add check for proxy keypair match (upstream r1374214)- update to 2.4.3 (#849883) - own the docroot (#848121)- add mod_proxy fixes from upstream (r1366693, r1365604)- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- drop explicit version requirement on initscripts- mod_ext_filter: fix error_log warnings- support "configtest" and "graceful" as initscripts "legacy actions"- avoid use of "core" GIF for a "core" directory (#168776) - drop use of "syslog.target" in systemd unit file- use _unitdir for systemd unit file - use /run in unit file, ssl.conf- mod_ssl: fix NPN patch merge- move tmpfiles.d fragment into /usr/lib per new guidelines - package /run/httpd not /var/run/httpd - set runtimedir to /run/httpd likewise- fix htdbm/htpasswd crash on crypt() failure (#818684)- pull fix for NPN patch from upstream (r1345599)- update suexec patch to use LOG_AUTHPRIV facility- really fix autoindex.conf (thanks to remi@)- fix autoindex.conf to allow symlink to poweredby.png- suexec: use upstream version of patch for capability bit support- suexec: use syslog rather than suexec.log, drop dac_override capability- mod_ssl: add TLS NPN support (r1332643, #809599)- add BR on APR >= 1.4.0- use systemctl from logrotate (#221073)- pull from upstream: * use TLS close_notify alert for dummy_connection (r1326980+) * cleanup symbol exports (r1327036+)- rebuild- really fix restart- tweak default ssl.conf - fix restart handling (#814645) - use graceful restart by default- update to 2.4.2- fix macros- add _httpd_moddir to macros- fix symlink for poweredby.png - fix manual.conf- add mod_proxy_html subpackage (w/mod_proxy_html + mod_xml2enc) - move mod_ldap, mod_authnz_ldap to mod_ldap subpackage- clean docroot better - ship proxy, ssl directories within /var/cache/httpd - default config: * unrestricted access to (only) /var/www * remove (commented) Mutex, MaxRanges, ScriptSock * split autoindex config to conf.d/autoindex.conf - ship additional example configs in docdir- update to 2.4.1 - adopt upstream default httpd.conf (almost verbatim) - split all LoadModules to conf.modules.d/*.conf - include conf.d/*.conf at end of httpd.conf - trim %changelog- fix build against PCRE 8.30- update to 2.2.22- Rebuild against PCRE 8.30- fix #783629 - start httpd after named- complete conversion to systemd, drop init script (#770311) - fix comments in /etc/sysconfig/httpd (#771024) - enable PrivateTmp in service file (#781440) - set LANG=C in /etc/sysconfig/httpd- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- fix #751591 - start httpd after remote-fs- allow change state of BalancerMember in mod_proxy_balancer web interface- Make mmn available as %{_httpd_mmn}. - Add .svgz to AddEncoding x-gzip example in httpd.conf.- update to 2.2.21- update to 2.2.20 - fix MPM stub man page generation- fix #707917 - add httpd-ssl-pass-dialog to ask for SSL password using systemd- rebuild while rpm-4.9.1 is untagged to remove trailing slash in provided directory names- fix #716621 - suexec now works without setuid bit- fix #689091 - backported patch from 2.3 branch to support IPv6 in logresolve- update to 2.2.19 - enable dbd, authn_dbd in default config- fix path expansion in service files- add systemd service files (#684175, thanks to Jóhann B. Guðmundsson)- minor updates to httpd.conf - drop old patches- rebuild- use arch-specific mmn- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- generate dummy mod_ssl cert with CA:FALSE constraint (#667841) - add man page stubs for httpd.event, httpd.worker - drop distcache support - add STOP_TIMEOUT support to init script- update default SSLCipherSuite per upstream trunk- fix requires (#667397)- de-ghost /var/run/httpd- add tmpfiles.d configuration, ghost /var/run/httpd (#656600)- drop setuid bit, use capabilities for suexec binary- update to 2.2.17- link everything using -z relro and -z now- update to 2.2.16- default config tweaks: * harden httpd.conf w.r.t. .htaccess restriction (#591293) * load mod_substitute, mod_version by default * drop proxy_ajp.conf, load mod_proxy_ajp in httpd.conf * add commented list of shipped-but-unloaded modules * bump up worker defaults a little * drop KeepAliveTimeout to 5 secs per upstream - fix LSB compliance in init script (#522074) - bundle NOTICE in -tools - use init script in logrotate postrotate to pick up PIDFILE - drop some old Obsoletes/Conflicts- update to 2.2.15 (#572404, #579311)2.4.6-99.sl7_9.12.4.6-99.sl7_9.101-session.confmod_auth_form.somod_session.somod_session_cookie.somod_session_crypto.somod_session_dbd.so/etc/httpd/conf.modules.d//usr/lib64/httpd/modules/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=genericcpioxz9x86_64-redhat-linux-gnu?7zXZ !Xᢧx4] crv(vX0PxK*w 66p&]ݓy%~jhE4R+XH-L!ӋnJߴ=L E!YK]B@=q^~ +%Fo~H$@tpAmVB"g-* ]Yg.<lӧ+9OZT\WҖ)Ң+ju>|=[_́D@ߵN+:Q=gQ?MˮhnyiE ^?#>;K5$bK _`$;nj^W+NB^xtēJ4ighA&|),ROڃt#R%7W2kOihÅ|{;$Ҍt t1Ij r8Fꄷj@K$+΢v ?pke?xvucm DZ =Ǒ >E-PÚ&(@Z4TߥyRx7ڗu,/,)͕η/t#l 랫N\ؗd sTYsʫ Q]"j.f+mlm{2g$ EZNWCKԾrsNe`DtZ*33 щ:Q"zV!D!F+(W{lNb̡R%gDTv+r5p .!竴0q} !Gߊ`}e@ݒ5d7=LrvM\zl,e׌e?qJT]4fjuIǣF\=kw-uSX5KͣM,tLM^v&z[P-+2Ƈ+ב`=/V9k8*~>YXϛz#2oQzv( f&v Q1o5eeo[: ZWu / ЦY+is oF_ؖlm \&݅IQ9Z!HtӐ+2c퇍dH`Čqօb]KARH/rm"&*|[%)=)ZS׎b]źCJ[ x녨{vl5')a2y =I,d&mqo+>zM鮄&۞wMG+`zLƗKRmXZʧ߄KVΛyl6(G?ՙH$lM0|¶l$;bawIoEր;VVcHH3C-.N?} 5ML vr tRʧL^c}+6G`OP!fا\SaNi.:7 eȂ/#$>G+ERnQ+g^o<T1\f-jEY$ EMsq"tJݓ!'7,Qpw['*{`HP( }j|'Ffqd3 _xG=l m{+y)L=ٲ1` cM q1˦]k/\(1.ts1*@ШnIФ :{)iIdK6#osu~xjxcb IֿK NUqӰqyА؎|O) Eb/(APks>y.)n܉ȍ'}{egLbfSiP? ֜46H&hQi!׼a^sˣ/Jj%UϨ7I7͉=$H0˂խD~S7WMv{GwP8ecR.xA.o[Vb7j [c> Y8S4ź!@p@y&R~Dz ߐh_y~!5>ȲYN|d9~GDwd1rHi+T og=uD#G u3uiJcZXDirnL;nJF0)}=pU5`FP^$z晍\z㕋Ս5g#'5+OVT. gu- ?iFܳC SUȭș^^m^'?_2fxR8%pr Fd_K+K3C2ҙ  5/Wx'oſM![i-9AӅpp )s@ RKJ? 3{]R5{PC6z34YТlLK6쳃Jk S`2C{e, #"t IE[y|$Mv;RQQ`]wTI0OGz!ݏbqS4"kw6F󴁍G5C۵2Oqmd~G#$Ѿ&qq_Wu]IDžj렍[Pe`څ¾'t޸u@.9LurH~q 32wOFRkIcp4yhE Qh0XQ.?k[X9<5)r0O{9ܸM( hJP[O ɋC-gk/K4=8{8]/ %e|F-ELWsR&6Ō ̰zZ,Av9'}[ᆴᮎE/ ؾZ!fD>Ʈڊ!7Ԑ"NP"i5:IucaD9H@N}/\Z݊6r~!Vrպ+$Д((Ytǖds'LԴ&^(rs 2-Lr`v UXQtbө{l&ް^ZN*M|  =78|aM%y4VrO7'SpfMKRWX9Y,hM'ð=!e 5z~jT` {L_F1r]龳YQttc(j,E&u#\; 9I^,tXyL2]t lJKպpVF 5+phB 'Db}0!hjϊpj,yeᓷQ:9{Eo{&F4ċ&$Wd?W&8I$ gyK'Dg~3yYrQ1liZn{,i]lbTp9Gʌ+\عjq1R+S?fM-z6f ɇ8@ʛ ~- *toU^U̟q6 `7MɿFI? Wekf5JH2>7 `7Lh I&h|Kej‡UkFfNa{ 1yyߢa4Çy~˄{F6iy`i9)4E?r4`(y͖}AxTLp"9-+h!^}]2u;-3-5;&-3Y`5Ews~!O6͢ ƲP<5I'݆bU*x`6^X6bLh GrIĖBR y UL&[ۛcAXQąu([Op x8*1UᴍU+mg'Im ΦvpwU6$ [B8xv4}ʎb ބ(5ºwy:W]C#"+i+5.STzNݵ;>WˉM볋R׌J<[n6=j!V!qeLpk%m0u"ڡ ;VȫSКc@q ,X/=8.K{0y\-%zB˂ ;-+*EKE|dV@IKW- 2 n V v61K]%~<;„JK\ͺ ߰a]#+%z; mFx sn}ٮMTK01 Ni_ax |"|B<ԭjufɪ:{|܁V}6x(SĘ[w*H!w:?mfB&BI^U6vɀLJȏҙ>ؿMv[G9i\b!uwuH#`4dq:8y-T+?]g4Ұv(k@~:72jAA9=FkGrֹ¼%VJ1G6.Yw.oGVsփGg,0P@*-eu[r \Ұԅs^ c|۩pn=IA6Ȫѷڴ%99+B޲Zh&- A %kFwU ə",\mXS2AIF ԗs9`Ki .l Ab&TDA' _b|) "^&s&`vW&6 NjЧ>ܿ8ۓ,4&,r[sn^P϶gXhxhNA[b!74fdl6g/ly>|)ށb^0[&iBVGwQ7;tK-R+Ȧ+$͏܂Q]dX<͉ɋ;"`~b)eN;-YrevǝXāu7z8+K$ܨ! svi$#GzJ;_0k9 $=%v'*֏A#Eڏm|ӻJF:MM6ZVTIl K  T"(DenUh9p(ǗU%f:V.v1b))| p/LB'p1rOG]cc"\ô4Nj 7ŊYOZJJo{R,ϐ~Yݕ6-HEag/JOߝ%Q7 zk[Yvq3PD|]ZrL*P.ڜV$U/E>|vDm?摜;U'>mᮟ`[2-'fmQPQ-M1x=OȹL##Xŝ.(Е6ʁu9!^s'' !7r3a6L#4U > EXKSvpGzcۍFkkM ֱ#t>[qT A RT*rӗSpFW*K.XBR3@S\*G1*tݜ,΅;-NxU" knmLvQ@C>!90̑U=-n= k}U#n8/Rhx=@r`@7 w231?-QȲY XvT[gg8wL!KZKǢԬQnuFH,̎ND:/۽]Fk%cE$%|@`$K0J|!:/*; ip`&S_%ہxCDibzkt!9@)Uۡh)s)OLrܚuDy>e^ ݎ'<\+Baoh㣇6,Qm#Нۮ. P5,C%_  {K\|R4NDՆ*^-j~9_XI`#V@S PuB:S>x-?^;d? #&A[}nX5. "w.Yzgw5?}n0o},Xa ?7U1z? pxZ^Xrs]$}/I_;2+ỳCj6A"4%?2/7 0yK;%[~vˀY܀lUiClܭCT@6{wA(\9XGn )nȨ'&:5dm/mi^eTwݓ@ABT'^jumv_'`}ڙ*Eo;K`_gƹՁ4[`>ă1ffp╔W_?|MOc۴YR~V]o'VA۷,GadU%qZ>P`ېm'.R"YPEJ C$[/S3`7o!dMWI;jDC- yoN>_)U]]A}34VZ.1;] [07Z'Ίqe㝵4gh5orz1^GzK֭{Ϯaj(f FCPa¥cX?>"ze1Fx\Z"6A׃Ni|fce$״,F5 АiSV6kjq}$i7~F>+Y2O9ag45o֜P)Q9Ӂ['i-C=wV0gtX3ëak%X.e' 3B[aǜ q),S 2ϔq5J~ճWEfͶ/˼IRP#HA}B|e1BhrAb3`vOz>dqc砀yńv.|Dd>GMπ+"qv/6#6߁Ga Bj!6@@R!jXasIXЛ ~5Wܠ7{pr`i 4#Z?̀zBC.a32 4S[m2Ad~6{ë 2n2 eup*:)0ճM~Fs'jc,3$)P2Ŧu/@"L_@瞜Sǡuл*+Hc17fFkƜ< ۬]r|>ZQHedCRu"e>rM HX?}pS9֝o1[ )=ԣd.Y΂M B؋'WY=P6W7%}dPtSkpgb,^8B?3г2uY|Y0U7d$ZlU G'2&?E~z&P:VXgƷ懮D"@/L#X6 )ZmZ "Ƹ7~e|R9Msߩפ&s] .k?6#=ztyf:shtT fx.pgvy?6xw]&q;L y@3b_@ZDgQE Q̪50x-!N W5$ɝtP,Hbd Sq,I 8$cWޠ`\a>صWb:U^6.Qh;N߽Ul}XqL)Z1ZjW' d7NG%+GA% 3}c)\=QE6iJ[ZlR(K|-\gv Wj`k3ٹ%#E5| C G1sy ZVo>'ci(~:0R[O_@츕ZHaOsY\:hI2Ñ\KV2:(A sb_]i28jofNimC`*S|vbB㒞 $ g|鄡`.^!|qx gz Qw0'^|,M[4.!kʴq=2Q8< koc.Ds | vmaF/Lpr+́t*ysА~7X%7 ncYyCssy9G+a]J;[m]R,B1KQyn ~[<ލA}iֽhU4\Ng4=:{~ܤ)a5wPuEC{ 9 zRW8IZ;?%ýݚ 9aWL<bx/j PyFV$׏ (yKM餞A8.}ƿN- $N,ۤFEV[0wP KfqnY2߫ҡtrIG©9hWʍ5ֲ::]ǻTWEDs dI5kZ. ʜ La9\<~T Q.pʳC }aSh@6F,?B*m@.x#y;U۱Yn븴fDIq:KhQ=;z'{F(Od73X|ȄnÜf-n"5#0[X¼6删N&`Vf(ofw)eKcx\,=Р$cyߌ__1i*qL-[PaiǑӟ:Mފ^>5yj>V^p#\acN@]͍Jh7ng\ ώ@ s>|N7KFİg|*{/RvVP BPO}6b[|8r?Q;~lrqC}$ !T1k ĒB֌(ls;ja顴ȭ"wEMni)[<[s኶*B<5&5/%~ \Ynilyg14lFk\ a׬@~tk%6iA65 H֤^I'x<Cb>E*AK-feմQ睊6ILm.f8(1*Vͤؼd6̚7Y݋vT)82: 24m+%gsi0-LO4WpXD;P3+4/l@0R.ct%Q۬foM'=fvTtow,6\B٢c C"Ƶs%hG+v59I99G}$U1 q [p)Bnj 04s`McN+*K)ឳEH|`P"DWq:Aν9zNpK#`)~T^X ;*>Si p!_ҍV<10̮A aAOȻL?\,ГuC7}:P? ; rm,̽R\tٚF QUI3-xv{9Q)~K]A>/π7<@MXjȸ/Zl7=wO9KXЊχ;YؿQ]rƚq+¸T!"|apI +X=C WRn 'E,_).|bc(ߨ =}Eq~Bt 2/ܕ kk#G}']kBW}ȑ>bHU}%2f4-fӍ RX Ýmϫۗ\%*z *UF+?s7"354H3H+K30K"# tI(w6K[9(5bfۦlH4] vT?j5[EHL*x5wXT,zNRi5⺵o 4 ER;y>+&N[.w3+7Oz4Mr9"DU"t R]S[Y':o<&,$V%"]ZN ¤Gh !* '>6:?x_!F~.bJl ꫑Ru"׳M@caSNmAOUݚL?%;S{G@pOe]?=,:~ҢQrOw# 7g Xe^r,wtԙYC Y~~I{3u|}|d[8<>,ilF)uVzw5u^eNܸ+ |XŊ](Cb+,hb ԙ$\\*ij@_ ݉BQ#Uɢ4ZMH4(<ؚB|DLEҳC rKIؕ^ f{~W ڻSE:yGネ{Tz Z-;R. D{d+]-#j9pke650C׽ׅ"a!"n*h2,2S 4h_Y{b RA!AxsVխ[F\(tzL2W>z:h|näy#%V(9 ЄlШ̋vyxy(:1AԟG(?1w\s]hx5J! h]Sf ,dOWdJzn H#KHW17fZw87/au*ϾHI,t\$ !]صZm VzL}kҵ*o"=hP =Iz 軙4&O߮c_CGS#ȡ;̮S70ٮ=cg4#mbZ3 |Mte@/Pa!|U 6UnXvUHzLd˽c]C}4jSٝ~Ko4ABF98U.AM ] 6Dꍚ'v# 3@;!z2ߥC+a!`TupC5Kjy:.˫urFMJ/JnDX-3UޙD!ϛ`[S_`{j/,6I$<(#@L"08 #UֽML?P& exGKF"MԋcQ]C'=ƧWȳjτ Hw_ѕbj)fj` ZwW\bqSϼ%T'>m24_=-t| ,&+@`݅ qf#r5k>ObW28h@U.'3| ɋ}V)V& 쿏>d{hJ`PP-&6d.Vrk|yHQ>԰aMseĭE|rE'/YO'(؋mb*/ !v{-cRٽF}?W3]lq^u*VSNYӦ|=ML=&|`fVmL ",z%9a'+&bci. $f:pUrX.6F^Xߒq\\<.`orl *t 85++p]#ۺ?&ܙʹuBd{qa"CIgDZL"B ؀pئ ,bKi>Y0X0>>/Ib4aP>zT&[+ Y¨%O>jͩHwz+{]1"JWG?a5u01 pcDfWjįGTGJ.*AQ {" uޒD,5: -!yʺ권h'J( q]qSuS,>ܧ|;Md3s?6X+5w3h?O./#BPٔbf]{yӖEd1I=k>6$!ΆRGFQA e(f0ϑt/@5"zdx@]^{P~Ai7ax[>\,|7dh;ncMZNg>vD}a0;}=]Oh/xPŬDzkJ"z^_IIV.K+K|k.ICP㲛7h$TBbKqtu_1P# Ux"M>z0(6׸_Fe45ӷƖ} :kw.ɭ=7ɪF<~&5n30*>E҈{Iˡ{s׋*m/yޡ ;i0½_zT#7{A4ʬ%2#IO^i@ky1$غ H J_oOA8N<$hL..aW)0Eʟ= ˭pwb;1Q{q.㟼|}XT`em,>bjzA&^#jEv'D%&*& {Ǐ˜>BmsdO5d"XMS 7{K0sUY:f-fo%nΝ5D",/kRv;7d!nKA7{E^/a $9JWdfxr K4)ڭ-`$o{Sc"4 f_eL_v`֎HqeSg2*wiOD~H3SbSyJ%i[eZKC`gqH HE xcJ_O.:PBʥRMDX[|۪M,~|2*;k] StbUX'P[ R)r֝Bԥ^ZPM0o>*`n:TMJg0$@vH)\ln\EBr=M^SW^hrdP*nT# r_`H_?VMLb鸸/~5& Ơc*B U"Yv8VSᦗB1f6¦)-bIESLe9BKWt1TtZ6~z C!I:6':f].IyV%Sl`ݦD>sCԋ󗵺Zf61,6僥;O 1AlՏ/"}w| g>^)vqyؾ@ C5 @(_ӒGSk'Kt}4;YfiֽWZ M!2_MO1At9E|=n,];/K TnԈBy3Y,e)TlX1KF_LM)t 3?ޓWIbHCC4~Q@-]L$x_U(;l=u9+g[I~AI_̥tumZ$zZ_Qq@;v>L +I8$Ds<ʙu!^a A<{2l&@IQa+>2.rn*^@/ֳ_zƵ\ȅ~hrbJaAT3qC$T{+u([.sV| \c]W_E6 hd^%a_M-5<Ȳz %uQeYO! I !TA.齍c`᜵%W$tE $v~]FM'l帼[ZtʿS]@܍Z/eA}N>zqL@ݔHKU_d6-5GA&SJ :ř='HX~Ȫ zgV|L[؇Q b:zkpdO'+5tC&7^qYƕ&xDI_&yp{uٟpcDxB1$ЀyusBB6b,`"Uo҂|ǧ7CLoGo$;Q'{5uHHܺ= 3xj pLjY]p[ MJdײ4iBy+36Nպ>KALWN*tM,]x:lWx4/kOHJ;Xek BrW'*.CZ79*$W!=P*lTO^RSFR"Nu@1ydln<'#:GڼbV"yX)G [2E3Ʊ%qʪ3*a@e`$c)m C-8!>I9|ڋ#}ɚ{!X] M(PBH슆˻$<+^WILm#Ndp"$C!ȐiڿYmnYP<2UZ ]O ȮJx>[+J߹V53` DVE6u ZwQ9H&;`CKkG-"$h&NJ}^zn l+KMS3迺>E2)oZ/\u>}P " 8-DK`mb1b.ŤoG B;zE=JBN lߪ<gmm.Z)[&2nDnƆT+#u$!|P)"3tfw^ Z>W:nI K۶ hQQz4KP[,_ m$_mHfN,XIUdkԾX + &!W>E)(44Ĵ{K6촥e`0''~c[[4tI=47UMTs4vނ=?e@k[yV[o(u:dXHծm"S+(AŤ]`f[v m$"֌18 4lVQ;,`;E%UEI|(k:M2Ts@,<2 SE@z()BT]zd><U>U)9Q9ӤĘ밳{S#FcP^=Ԋ9wʛ-U_9(VY|7߳:+ʷm+.pGsvP]/ѣ]걍-~$^5oy0!mV/6AE.斖7\=hR`%9 G"L5Jȍсadg)8aA~$C%ʩ%osa/-PN{5FD ٌFOͳ -gwRB9nԀ ^9X3Uv0"[%_O`8(8`cebI]ſNxT֌lV%WN lUC8k SX@#8`bg 6 K߶$O'1)6bJz  @bd`,sr6Z^1@=}TߕIHMNI^f:iyV/ϭԖDWSJngwW+݁/ej'N0?@P2{jqH#=l'VF.Hau|K}%/%b5t/6Z_@֜`Mh ,i枘̍oM qzhu\qTvyݡJGiY)s|D}f'}b@8|o%=Nј7~^]1غŸli´ᒆd6 n>8 ءa2O)o&檃bQrV qC-C`7d.bDgn5-~e;T 4LBXсߦ|CMu\fuuq~yF.AN7[" ߠi߄,725^z-Okc:hyRX zfrLDi(EQ0Bb,4ty.".e)) "#7LOđ)uk[o}@,IH-]ށKΒgMk{' ~S^NGG9@W9n;m_S倚gmBD2D4Řv7mʉ#CŦc~W!r+D&OW]`R> 7dz9l"ɗK> פxR?;<]'+jL2=>0ӜLY(DZ~7@njS~]ymctH2 Zy*oM`)ֲm| cmq'uCF$axif$&:6N``9)?jT#%D~Uh #  S)HB#b ,Φ5˯pZPTxmhQ{ ת gU|' di-lpOA4 ,y~'[pR{d¶\l jfM tAys8fޱ4)/߀7ɁP{d* SE7e"xYgV@7Isk;m/\:ݕ+oKSƖr^Yjrt\$ ץs?LpBևJz5ѓFA;PHsPH@ 8,D&~eƺ\Ct.eј;(EQ5n[n2x =r3HMsJz` b͘TC ^8SDw1K!1A5|LD;f% A zuQQƘXtR)Fd8Qi vbG :U#gc ?i NćϏT0`p0bL͡AU6ݑPTY t:~{"|1Άj)̭ I_:yw-4ef2@:S)=RNAPA_@T_[0=e Jxm':AO0vOM@YwK]V̽P1g>xݔN#~w>f4ak䇏)8byY(_h![#&͉Dn.Gn%SΛ3 (LeUf4aunh) 7"ؗ7U΃$x> 昆=a{bByX S %5x&fA T$> Ovy$)Μq+{)Z`UvN2IڼɃm$,ƒ|eSLZu MB0w Pf0EIȈoqlޯF.m_{zo\0=սhC}1ەvsCC@{mmJ 4]| W9ٿ >.e~+L8[,f!z!dQ11`Q!\? =-߉ 2UҹL!Jvx~}?҆x㘏ًUTO0E݊ H6E /Z~+VIJ7Ư8۰;48G uV.Yy,@!\s 9򼥣b ۥZ@!:@Xj1S|f /bѽkFl duh3y.#Zf0q?=:Ȣ'݂4Ɍl湄EkOٞhr^xz)'Ypbq̣G96M{ƊB70]' ÷Pnozõ#+zDtfzVv^ W뀁o=SKf4'w 8}5=) ԆD`W}k+e&WL/w׈/Zλƶ-uLхHg2`Y8 6c,(º]?x R4xizۿu;k B-vS0xp+R tRm}<@pW2)Mov+l3_]勎(醾;w6XAKuQ ODS5pTЮw2O়B@9RwL5EJCŎ7=Gdt39zĎ: Y.xun] 1A4M:H)s /QZ *2UIeT(ܚw`%QoCF+%_G\6G^'&M.p "lr/ƀ$.?3§MZgsj|ewj0oGw<[o# U.´%7x"-n7GS.gɏ l:nQtLf=*viK2/izGC lT<_M[,>>FyepK=/F)+jDPV0@q"c>kE㙮G`mn/@gU xI_7H.TCP=Aw.J\gĶ#"!Q Y(*1Q gAre^^.xRƘ"/tXt?;6 w\kM6}0sbn|sɇ2`E^ HVvaf#L(G*SۋY^(k?.XG"gDhR>(ުLɢ$&P~׏yp2 |خc;3bxb@((hn\5(וZm +٘įxs` # ldFp-z3a6ll-WD24 ÛHHgVŐTy7agZkseEfgK&Lzpe/t)|̌_r*"(]ؐ§j}j*#Cن[hd^0E< QigJҁw5$#+[SJ'E}+.4ϓ8Ҭ(*;YpPjP VX^0=b3`S(g0HKO6b%!L&h7qQkZ'e(M$&DSY|*Cl$e>>5KD؏H}IɪnczcDcۥq>bqӨ"J'ViΥ #8' џ#7?  Wn>G̬!ҧX^ɰ)wcn!29s I@Dv0@ ΢o-x*^R vveb fDZ1mjIeeVI="Pd$OsެoBDc'յ!b4!?>[QUA8a߲i%mٯҴ bsT_xt5ʧ.J@gr:k;Ҋ\4'@{[kS XsVՖ, Z 0[=N*bw4+ORU/:*EF *]E+o벰Z2ވ $em\1JT^&|PMkgVmJ/"*S,/IOs, \'VQD/$[yz3U9*ꩆTB'zE~<=?UKE] pLՋj1X'$%~$l4* B-}ħ=7aM&-lGzRcAV̂laH3uq.,Gmc_k*? k>rWBN_\g-L< VǙ&FA_sQ&skJC;%! ^qA!ޡ(i(g.9r#F|Z;g yIvC 8ic< ^c.dy;B&mbBc֙i<…R,8&|ͺi]_Tz PkuZ=L} ydˌauNMtτfZG /)gqUx򓸈^.O =vOkY- DVpS9s j&(| LօeGx8[\7bbO0+<'9ifu}77'F6$5n1MPz$}!hx_"dxGf]o}PP* t_ ԫ>UUo"qRyzLRG\*Y!MgYts ˆV >׎Ub-4iWr\bA T2WhPz'0?V4h-4~WhOuq$!4 nћb\OΫv|'Mp"z R[OKFT=P!/Z:t =nTH<&aA //B8pTZvy<,6(^qޫSCYĥ h19C':.v>Bdӱ P*CL.\}J+f?%GV ka( ߷s 9kSŶt7  ~c0+"rx;aArrw:0 Z*zz]iN- eAZË!=pUqi0ߗ)vc&\M.=J_L.CTcj/; ySǵw(Cźg⺑n "TpAǣPH ̇,~/g{Z8 {BJV8/)Y֑Ck}>/uh` B)Ä[AupK< B1GEnU?sU{eB/v砂ɣ;fщH ф#4^; 'L29%]#ȳMuEO+BU80 LHC=)3vZ.hgvWhaeH=yh%+1E;d]oK>t Kbo[w) . ᨗJ|1z~\6b_(+"߮u7g Ja 2M!NwUS rN6$P8[b;18 [7`QIIu˂[4gD%obDq=$r(k=0i2iL,I8)Y6H)Q4?2qͽ) 2uLBf1Bܿ*D:8^9%#2nh]J<lr`Y kW rmc 85DdA~yD BU|z*2wAŜh RJ{?4y\XIp˽y @Z@ŕ10OKĜQAAY[{%m48R8;#\i$ @ʇ wUłŽz.6 P'l^(`5iRx oJx2 #O(xW(u,8<tp#~\yo93`£D C}ɳ 7;3\=3)/S,ޓde*GuxRr濇1FVan#n  ;-M $^FSu묞mL3 |&v{.jD0G6z&A-|S~vt[Sg#RczB q~_7uʇDIw9飃`36VD=alY^{({9|_l C4e!1^y,cPd{L7 +B42(C Ah;b-+}V6f^7L hs\r%9`qV?`} D_hjㅚDq3K[F DV95j M(TC!ZTiӏ߶Q/ gW5pX C߱A8~)i(zqniTpUP! -M5j*X[Nk3 F%Su+9,|ޡY0/AF)}'aW*7Kj Iح;a6b:CotA^J×PY$gA5P}xҲDIj*4Ca:(4=?[Acy 9gA$US=v,־b7U=MA:fb0+ tGDYןV:f$5-[YXZ Poءy:.Z8ý Ġ}̓_ojdO"L%KD 좃9U|nT6s!*rt<8nߗPHTPMPɷ&S5sBTn*I'_oOX* ۩|ͬNXY;3>"\%&@t 2w寜 ^J_Pgl6*lۉ5?eRf{ 6Q/}c5]#%aT;l0P%-ޘ}gDםyػH}e]*yo<ҸݡI EyXmzHyטAOsk!c˗2"H^Dqas0*=(+]pndذ=ǯp?glڵutOZ8ILqeąÄdJ]yPl}4 c0[-l3@)́^:rѰ:,OZQ6 p)SȰ-$|N̔Se"qkdᶼ&&kgĠ"Lj--]tAvýZjB<Q'Xe@R&R~kג el2oZ@+A 7}hOx'gf郻:S.QBNX2Ճ(;YѨ;ErOA YZ