nss-pkcs11-devel-3.79.0-4.el7_9> H HtxHFc3 ?*}}Q?^ M9 X>!H-$^Q80c8355b06faf27067a96c903d44138b4c28746b9`Oy[ŋFc3 ?*}}%GeIBR=Pۻ)0Fl0Z*CJwT>8$?d " Z GMT         =  L    T6(h8p9 :UG H I X(Y4\d ] ^ b\deflt uL vw x Cnss-pkcs11-devel3.79.04.el7_9Development libraries for PKCS #11 (Cryptoki) using NSSLibrary files for developing PKCS #11 modules using basic NSS low level services.c1sl7.fnal.govLScientific LinuxScientific LinuxMPLv2.0Scientific LinuxDevelopment/Librarieshttp://www.mozilla.org/projects/security/pki/nss/linuxx86_64 n@GCB:nZ,bNYbNYbNYbNYbNYbNYbNYbNYbNYbNYc1c1 c1 a35ece673d12028eb93987be84491b4a5978b26acbed9391ea7c623d892114892314809e560ccd8db3aa7c73a76761c6dfdc9970766418eda2ccf5d82d7c8c87d17c98658d22e1d43bebb72e5c2fa70d38b4813cc365664cb7e012c1c205945a44468d9015bc778365581b64aa8389d29b1253027c339f0db50c4fa4041b182610323e003c49ea719ba9d58bcc8cd25e0cb04b9ef477e86532dd49ce5aab7de426ea03608b467e5d895ef62414d18e48c7eef62075092710067aa35ab7da79c77a0eecf6f3406b0ac94bde7ea8963f1ed4bdc05c48bade64adbbe3f942607a58424de03c781dc5f6985867d3c8905ef675f7f2bef4bc52abc6e523484afb4882dc8e6a0a79dc11903d89226d4fd9a1a2e6d15433c2f77b7176b727c3d2980b1b616dd39c3520cedf4a0b72c67baa0de3103d894baa8631e24020c157d21a2473f5ee187ae698bfebcb2b4df6e21edbc3d95b5ec709756e1cd6a1c3d83fca1c448ab23db4fffddf0ebb4671ca066b0624990699c31cb6e4f86361f18245cbeae50c8f8e5f1502187552e25b5d61018d36879bcd4e8782fb7bd41157e803b2df5drootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootnss-3.79.0-4.el7_9.src.rpmnss-pkcs11-develnss-pkcs11-devel(x86-64)nss-pkcs11-devel-static     nss-develnss-softokn-freebl-develrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.79.0-4.el7_93.67.03.0.4-14.6.0-14.0-15.2-14.11.3b?by@bb@a@@a@`@``Ȗ@`@`?z@`3`.V`@_%Y@_"@_*@]B]@]]S\\\P\@\g\-@\\7\C@\@\@\\|\s[k@[Z؄Z3@ZЛZ2@ZkZw@Z\ZOhZN@Z Y@Y|YB@Y@Y@Y@Y@YJYg`Y1S@Y i@Y i@Y @Y.Y@YXX~@X•@XO@XO@XBX@XX@XWu WrfWc@Wc@WBWo@Wo@Wo@WW WW@Vn@V@V>@V`VpV'~@U6@U6@UAU@UUUݪ@UUȒ@UU@U'U3@UUx&Ux&Uq@U?v@U8U0U-@U'@U:TTq@TTto@Td@T)IS@S@Sہ@S@SnS@RJ@RRUR۾@R۾@R@R@Rx@RΏ@RkR@R;RiR@Rz/@Rv:Rt@RrF@Ro@Ro@RnQRe@RW@RSR@QQQ@QKQ@QQW@Q'@Qq1QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.79.0-4Bob Relyea - 3.79.0-3Bob Relyea - 3.79.0-2Bob Relyea - 3.79.0-1Bob Relyea - 3.67.0-4Bob Relyea - 3.67.0-3Bob Relyea - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-7Bob Relyea - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Bob Relyea - 3.44.0-8Bob Relyea - 3.44.0-7Bob Relyea - 3.44.0-6Bob Relyea - 3.44.0-5Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Daiki Ueno - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.43.0-9Daiki Ueno - 3.43.0-8Daiki Ueno - 3.43.0-7Daiki Ueno - 3.43.0-6Daiki Ueno - 3.43.0-5Bob Relyea - 3.43.0-4Daiki Ueno - 3.43.0-3Bob Relyea - 3.43.0-2Daiki Ueno - 3.43.0-1Bob Relyea - 3.36.0-8.1Bob Relyea - 3.36.0-8Daiki Ueno - 3.36.0-7Daiki Ueno - 3.36.0-6Daiki Ueno - 3.36.0-5Daiki Ueno - 3.36.0-4Daiki Ueno - 3.36.0-3Daiki Ueno - 3.36.0-2Daiki Ueno - 3.36.0-1Daiki Ueno - 3.34.0-4Daiki Ueno - 3.34.0-3Daiki Ueno - 3.34.0-2Daiki Ueno - 3.34.0-1Daiki Ueno - 3.34.0-0.1.beta1Daiki Ueno - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.33.0-1Daiki Ueno - 3.28.4-14Daiki Ueno - 3.28.4-13Daiki Ueno - 3.28.4-12Daiki Ueno - 3.28.4-11Daiki Ueno - 3.28.4-10Daiki Ueno - 3.28.4-9Kai Engert - 3.28.4-8Daiki Ueno - 3.28.4-7Daiki Ueno - 3.28.4-6Daiki Ueno - 3.28.4-5Daiki Ueno - 3.28.4-4Daiki Ueno - 3.28.4-3Daiki Ueno - 3.28.4-2Daiki Ueno - 3.28.3-5Daiki Ueno - 3.28.3-4Daiki Ueno - 3.28.3-3Daiki Ueno - 3.28.3-2Daiki Ueno - 3.28.2-3Daiki Ueno - 3.28.2-2Daiki Ueno - 3.28.2-1.1Daiki Ueno - 3.28.2-1.0Daiki Ueno - 3.21.3-1Kai Engert - 3.21.0-17Kai Engert - 3.21.0-16Kai Engert - 3.21.0-15Kai Engert - 3.21.0-14Elio Maldonado - 3.21.0-13Elio Maldonado - 3.21.0-12Elio Maldonado - 3.21.0-11Elio Maldonado - 3.21.0-10Kai Engert - 3.21.0-9Kai Engert - 3.21.0-8Elio Maldonado - 3.21.0-7Kai Engert - 3.21.0-6Kai Engert - 3.21.0-5Elio Maldonado - 3.21.0-2Elio Maldonado - 3.21.0-1Elio Maldonado - 3.19.1-19Kai Engert - 3.19.1-18Elio Maldonado - 3.19.1-17Elio Maldonado - 3.19.1-16Elio Maldonado - 3.19.1-15Elio Maldonado - 3.19.1-14Elio Maldonado - 3.19.1-13Elio Maldonado - 3.19.1-12Elio Maldonado - 3.19.1-11Elio Maldonado - 3.19.1-10Elio Maldonado - 3.19.1-9Elio Maldonado - 3.19.1-8Elio Maldonado - 3.19.1-7Elio Maldonado - 3.19.1-6Kai Engert - 3.19.1-5Elio Maldonado - 3.19.1-4Elio Maldonado - 3.19.1-3Elio Maldonado - 3.19.1-2Elio Maldonado - 3.19.1-1Kai Engert - 3.18.0-6Kai Engert - 3.18.0-5Elio Maldonado - 3.18.0-4Elio Maldonado - 3.18.0-3Elio Maldonado - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.16.2.3-5Elio Maldonado - 3.16.2.3-4Elio Maldonado - 3.16.2.3-3Elio Maldonado - 3.16.2.3-2Elio Maldonado - 3.16.2-10Elio Maldonado - 3.16.2-9Elio Maldonado - 3.16.2-4Elio Maldonado 3.16.2-3Elio Maldonado - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.15.4-6Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Daniel Mach - 3.15.4-2Elio Maldonado - 3.15.3-9Elio Maldonado - 3.15.3-8Elio Maldonado - 3.15.3-7Elio Maldonado - 3.15.3-6Elio Maldonado - 3.15.3-5Elio Maldonado - 3.15.3-4Daniel Mach - 3.15.3-3Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-10Elio Maldonado - 3.15.2-9Elio Maldonado - 3.15.2-8Elio Maldonado - 3.15.2-7Elio Maldonado - 3.15.2-6Elio Maldonado - 3.15.2-5Elio Maldonado - 3.15.2-4Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15-6Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.14.3-13.0Kai Engert - 3.14.3-12.0Kai Engert - 3.14.3-11Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- fix regression for pkcs12.- fix crash in curl. better fix for the regression below- fix regressions found in test suite- Rebase to NSS 3.79 - Set FIPS Module ID- fix CVE-2021-43527- revert sql default language in man pages - fix SEC_PKCS12EnableCipher so python-nss tests will still work.- fix sdb timeout issue - fix incorrect ssl alerts in Signature scheme processing- Rebase to NSS 3.67- restore pkcs12 defaults- Rebase to NSS 3.66- Fix HSM load failure because of CKO_Profile - Allow builds with strict-proto- Update to CVE 2020-256423 TLS flood DOS attack patch.- Fix CVE 2020-256423 TLS flood DOS Attack.- Fix deadlock issue - Fix 3 FTBS issues, 2 expired certs, one semantic change in nss-softokn.- Disable dh timing test because it's unreliable on s390 (from Bob Relyea) - Explicitly enable upgradedb/sharedb test cycles- Disable TLS 1.3 by default- Rebase to NSS 3.53.1- Increase timeout on ssl_gtest so that slow platforms can complete when running on a busy system.- back out out-of-bounds patch (patch for nss-softokn). - Fix segfault on empty or malformed ecdh keys (#1777712)- Fix out-of-bounds write in NSC_EncryptUpdate (#1775911,#1775910)- Fix pkix name constraints processing to only process the common name if the certusage you are checking is IPSEC or SSL Server.- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set- Skip sysinit gtests properly - Fix shell syntax error in tests/ssl/ssl.sh - Regenerate manual pages- Rebase to NSS 3.44 - Restore fix-min-library-version-in-SSLVersionRange.patch to keep SSL3 supported in the code level while it is disabled by policy - Skip TLS 1.3 tests under FIPS mode- Ignore system policy when running %check- Fix policy string- Don't override date in man-pages - Revert the change to use XDG basedirs (mozilla#818686) - Enable SSL2 compatible ClientHello by default - Disable SSL3 and RC4 by default- Make "-V ssl3:" option work with tools- Fix regression in MD5 disablement- add certutil documentation- Restore complete removal of SSLv2 - Disable SSLv3 - Move signtool to unsupported directory- Expand IPSEC usage to include ssl and email certs. Remove special processing of the usage based on the critical flag- Rebase to NSS 3.43- move key on unwrap failure and retry.- Update the cert verify code to allow a new ipsec usage and follow RFC 4945- Backport upstream fix for CVE-2018-12384 - Remove nss-lockcert-api-change.patch, which turned out to be a mistake (the symbol was not exported from libnss)- Exercise SSL tests which only run under non-FIPS setting- Restore CERT_LockCertTrust and CERT_UnlockCertTrust back in cert.h- Work around modutil -changepw error if the old and new passwords are both empty in FIPS mode- Decrease the iteration count of PKCS#12 for compatibility with Windows - Fix deadlock when a token is re-inserted while a client process is running- Set NSS_FORCE_FIPS=1 in %build - Revert the changes to tests assuming the default DB type- Rebase to NSS 3.36- Re-enable nss-is-token-present-race.patch- Temporarily disable nss-is-token-present-race.patch- Backport necessary changes from 3.35- Rebase to NSS 3.34- Rebase to NSS 3.34.BETA1- Disable TLS 1.3- Enable TLS 1.3- Rebase to NSS 3.33 - Disable TLS 1.3, temporarily disable failing gtests (Skip13Variants) - Temporarily disable race.patch and nss-3.16-token-init-race.patch, which causes a deadlock in newly added test cases - Remove upstreamed patches: moz-1320932.patch, nss-tstclnt-optspec.patch, nss-1334976-1336487-1345083-ca-2.14.patch, nss-alert-handler.patch, nss-tools-sha256-default.patch, nss-is-token-present-race.patch, nss-pk12util.patch, nss-ssl3gthr.patch, and nss-transcript.patch- Add backward compatibility to pk12util regarding faulty PBES2 AES encryption- Update iquote.patch to prefer nss.h from the source- Add backward compatibility to pk12util regarding password encoding- Backport patch to simplify transcript calculation for CertificateVerify - Enable TLS 1.3 and RSA-PSS - Disable some upstream tests failing due to downstream ciphersuites changes- Work around yum crash due to new NSPR symbol being used in nss-sysinit, patch by Kai Engert- Fix typo in nss-sni-c-v-fix.patch- Include CKBI 2.14 and updated CA constraints from NSS 3.28.5- Update nss-pk12util.patch to include fix from mozbz#1353724.- Update nss-alert-handler.patch with the upstream fix from mozbz#1360207.- Fix zero-length record treatment for stream ciphers and SSLv2- Correctly set policy file location when building- Reorder ChaCha20-Poly1305 cipher suites, as suggested in: https://bugzilla.redhat.com/show_bug.cgi?id=1373158#c9- Rebase to NSS 3.28.4 - Update nss-pk12util.patch with backport of mozbz#1353325- Switch default hash algorithm used by tools from SHA-1 to SHA-256 - Avoid race condition in nssSlot_IsTokenPresent() - Enable SHA-2 and AES in pk12util - Disable RSA-PSS for now- Utilize CKA_NSS_MOZILLA_CA_POLICY attribute, patch by Kai Engert - Backport changes adding SSL alert callbacks from upstream - Add nss-check-policy-file.patch from Fedora - Install policy config in /etc/pki/nss-legacy/nss-rhel7.config- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka - Enable new algorithms supported by the new nss-softokn- Rebase to NSS 3.28.3 - Bump required version of nss-softokn- Remove %nss_cycles setting, which was also mistakenly added - Re-enable BUILD_OPT, mistakenly disabled in the previous build - Prevent ABI incompatibilty of SECKEYECPublicKey - Disable TLS_ECDHE_{RSA,ECDSA}_WITH_AES_128_CBC_SHA256 by default - Enable 4 AES_256_GCM_SHA384 ciphersuites, enabled by the downstream patch in the previous release - Fix crash with tstclnt -W - Always enable gtests for supported features - Add patch to fix bash syntax error in tests/ssl.sh - Build with support for SSLKEYLOGFILE - Disable the use of RSA-PSS with SSL/TLS- Decouple nss-pem from the nss package - Resolves: #1316546- Remove mistakenly added R: nss-pem- Rebase to NSS 3.28.2 - Remove NSS_ENABLE_ECC and NSS_ECC_MORE_THAN_SUITE_B setting, which is no-op now - Enable gtests when requested - Remove nss-646045.patch and fix-nss-test-filtering.patch, which are not necessary - Remove sslauth-no-v2.patch and nss-sslstress-txt-ssl3-lower-value-in-range.patch, as SSLv2 is already disabled in upstream - Remove ssl-server-min-key-sizes.patch, as we decided to support DH key size greater than 1023 bits - Remove local patches for SHA384 cipher suites (now supported in upstream): dhe-sha384-dss-support.patch, client_auth_for_sha384_prf_support.patch, nss-fix-client-auth-init-hashes.patch, nss-map-oid-to-hashalg.patch, nss-enable-384-cipher-tests.patch, nss-fix-signature-and-hash.patch, fix-allowed-sig-alg.patch, tests-extra.patch - Remove upstreamed patches: rh1238290.patch, fix-reuse-of-session-cache-entry.patch, flexible-certverify.patch, call-restartmodules-in-nssinit.patch- Rebase to NSS 3.21.3 - Resolves: #1383887- remove additional false duplicates from sha384 downstream patches- enable ssl_gtests (without extended master secret tests), Bug 1298692 - call SECMOD_RestartModules in nss_Init, Bug 1317691- escape all percent characters in all changelog comments- Support TLS 1.2 certificate_verify hashes other than PRF, backported fix from NSS 3.25 (upstream bug 1179338).- Fix reuse of session cache entry - Resolves: Bug 1241172 - Certificate verification fails with multiple https urls- Fix a flaw in %check for nss not building on arm - Resolves: Bug 1200856- Cleanup: Remove unnecessary %posttrans script from nss.spec - Resolves: Bug 1174201- Merge fixes from the rhel-7.2 branch - Fix a bogus %changelog entry - Resolves: Bug 1297941- Rebuild to require the latest nss-util build and nss-softokn build.- Update the minimum nss-softokn build required at runtime.- Delete duplicates from one table- Fix missing support for sha384/dsa in certificate_request- Merge fixes from the rhel-7.2 branch - Fix the SigAlgs sent in certificate_request - Ensure all ssl.sh tests are executed - Update sslauth test patch to run additional tests- Fix sha384 support and testing patches- Rebase to NSS-3.21- Prevent TLS 1.2 Transcript Collision attacks against MD5 in key exchange protocol - Fix a mockbuild reported bad %if condition when using the __isa_bits macro instead of list of 64-bit architectures - Change the test to %if 0%{__isa_bits} == 64 as required for building the srpm which is noarch - Resolves: Bug 1289884- Rebuild against updated NSPR- Change the required_softokn_build_version back to -13 - Ensure we use nss-softokn-3.16.2.3-13.el7_1- Fix check for public key size of DSA certificates - Use size of prime P not the size of dsa.publicValue- Reorder the cipher suites and enable two more by default- Update the required_softokn_build_version to -14 - Add references to bugs filed upstream for new patches - Merge ocsp stapling and sslauth sni tests patches into one- Reorder the cipher suites and enable two more by default - Fix some of the ssauth sni and ocsp stapling tests- Support TLS > 1.0 by support while still allowing to connect to SSL3 only servers - Enable ECDSA cipher suites by default, a subset of the ones requested- Support TLS > 1.0 by support while still allowing to connect to SSL3 only servers- Fix to correctly report integrity mechanism for TLS_RSA_WITH_AES_256_GCM_SHA384- Fix checks to skip ssl2/export cipher suites tests to not skip needed tests - Fix libssl ssl2/export disabling patch to handle NULL cipher cases - Enable additional cipher suites by default- Add links to filed upstream bugs to better track patches in spec file- Package listsuites as part of the unsupported tools- Bump the release tag- Incremental patches to fix SSL/TLS test suite execution, fix the earlier SHA384 patch, and inform clients to use SHA384 with certificate_verify if required by NSS.- Add support for sha384 tls cipher suites - Add support for server-side hde key exchange - Add support for DSS+SHA256 ciphersuites- Reenable a patch that had been mistakenly disabled- Build against nss-softokn-3.16.2.3-9- Rebase to nss-3.19.1 - Resolves: Bug 1228913 - Rebase to nss-3.19.1 for CVE-2015-4000 [RHEL-7.1]- Backport mozbz#1155922 to support SHA512 signatures with TLS 1.2- Update to CKBI 2.4 from NSS 3.18.1 (the only change in NSS 3.18.1)- Update and reeneable nss-646045.patch on account of the rebase - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Fix shell syntax error on nss/tests/all.sh - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Replace expired PayPal test certificate that breaks the build - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Reverse the sense of a test in patch to fix pk12util segfault - Resolves: Bug 1174527 - Segfault in pk12util when using -l option with certain .p12 files- Fix race condition - Resolves: Bug 1094468 - 389-ds-base server reported crash in stan_GetCERTCertificate - under the replication replay failure condition- Resolves: Bug 1174527 - Segfault in pk12util when using -l option with certain .p12 files- Restore patch for certutil man page - supply missing options descriptions - Resolves: Bug 1158161 - Upgrade to NSS 3.16.2.3 for Firefox 31.3- Resolves: Bug 1158161 - Upgrade to NSS 3.16.2.3 for Firefox 31.3 - Support TLS_FALLBACK_SCSV in tstclnt and ssltap- Resolves: Bug 1145434 - CVE-2014-1568 - Using a release number higher than on rhel-7.0 branch- Fix crash in stan_GetCERTCertificate - Resolves: Bug 1094468- Generic 32/64 bit platform detection (fix ppc64le build) - Resolves: Bug 1125619 - nss fails to build on arch: ppc64le (missing dependencies) - Fix contributed by Peter Robinson - Fix libssl and test patches that disable ssl2 support - Resolves: Bug 1123435 - Replace expired PayPal test certificate with current one- Rebase to nss-3.16.2 - Resolves: Bug 1103252 - Rebase RHEL 7.1 to at least NSS 3.16.1 (FF 31) - Fix test failure detection in the %check section - Move removal of unwanted source directories to the end of the %prep section - Update various patches on account of the rebase - Remove unused patches rendered obsolete by the rebase- Disallow disabling the internal module - Resolves: Bug 1056036 - nss segfaults with opencryptoki module- Pick up a fix from rhel-6 and fix an rpm conflict - Don't hold issuer cert handles in crl cache - Resolves: Bug 1034409 - deadlock in trust domain and object lock - Move nss shared db files to the main package - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Update pem sources to latest from nss-pem upstream - Pick up pem module fixes verified on RHEL and applied upstream - Remove no loger needed pem patches on acccount on this update - Add comments documenting the iquote.patch - Resolves: Bug 1054457 - CVE-2013-1740- Remove spurious man5 wildcard entry as all manpages are listed by name - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Mass rebuild 2014-01-24- Rebase to nss-3.15.4 - Resolves: Bug 1054457 - CVE-2013-1740 nss: false start PR_Recv information disclosure security issue - Remove no longer needed patches for manpages that were applied upstream - Remove no longer needed patch to disable ocsp stapling tests - Update iquote.patch on account of upstream changes - Update and rename patch to pem/rsawrapr.c on account of upstream changes - Use the pristine upstream sources for nss without repackaging - Avoid unneeded manual step which may introduce errors- Fix the spec file to apply the nss ecc list patch for bug 752980 - Resolves: Bug 752980 - Support ECDSA algorithm in the nss package via puggable ecc- Move several nss-sysinit manpages tar archives to the %files - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Fix a coverity scan compile time warning for the pem module - Resolves: Bug 1002271 - NSS pem module should not require unique base file names- Resolves: Bug 1002271 - NSS pem module should not require unique base file names- Improve pluggable ECC support for ECDSA - Resolves: Bug 752980 - [7.0 FEAT] Support ECDSA algorithm in the nss package- Mass rebuild 2013-12-27- Revoke trust in one mis-issued anssi certificate - Resolves: Bug 1040284 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) [rhel-7.0]- Update to NSS_3_15_3_RTM - Resolves: Bug 1031463 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741- Fix path to script and remove -- from some options in nss-sysinit man page - Resolves: rhbz#982723 - man page of nss-sysinit worong path and other flaws- Fix certutil man page options names to be consistent with help - Resolves: rhbz#948495 - man page scan results for nss - Remove incorrect count argument in status description in nss-sysinit man page - Resolves: rhbz#982723 - man page of nss-sysinit incorrect option descriptions- Fix patch for disabling ssl2 in ssl to correctly set error code - Fix syntax error reported in the build.log even tough it succeeds - Add patch top ignore setpolicy result - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites - Resolves: rhbz#1026677 - Attempt to run ipa-client-install fails- Fix bash syntax error in patch for disabling ssl2 tests - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Fix errors in ssl disabling patches for both library and tests - Add s390x to the multilib_arches definition used for alt_ckbi - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Fix errors in nss-sysinit manpage options descriptions - Resolves: rhbz#982723- Enable fips when system is in fips mode - Resolves: rhbz#852023 - FIPS mode detection does not work- Remove unused and obsoleted patches - Related: rhbz#1012656- Add description of the certutil's --email option to it's manpage - Resolves: rhbz#Bug 948495 - Man page scan results for nss- Rebase to nss-3.15.2 - Resolves: rhbz#1012656 - pick up NSS 3.15.2 to fix CVE-2013-1739 and disable MD5 in OCSP/CRL- Install symlink to nss-sysinit.sh without the .sh suffix - Resolves: rhbz#982723 - nss-sysinit man page has wrong path for the script- Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Add upstream bug URL for a patch subitted upstream and remove obsolete script- Update to NSS_3_15_1_RTM - Apply various fixes to the man pages and add new ones - Enable the iquote.patch to access newly introduced types - Add man page for pkcs11.txt configuration file and cert and key databases - Add missing option descriptions for {cert|cms|crl}util - Resolves: rhbz#948495 - Man page scan results for nss - Resolves: rhbz#982723 - Fix path to script in man page for nss-sysinit- Use the unstripped source tar ball- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Reactivate nss-ssl-cbc-random-iv-off-by-default.patch- Add upstream patch to fix rhbz#872761- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build 3.79.0-4.el7_93.79.0-4.el7_93.79.0-4.el7_9nssbase.hnssbaset.hnssckepv.hnssckft.hnssckfw.hnssckfwc.hnssckfwt.hnssckg.hnssckmdt.hnssckt.hnssck.apilibnssb.alibnssckfw.a/usr/include/nss3//usr/include/nss3/templates//usr/lib64/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=genericcpioxz9x86_64-redhat-linux-gnuC source, ASCII textcurrent ar archive?7zXZ !XTT] crv(vX0߿*VOVFmZ_@ܺ zAna-xr:4pP*"4?T#Ak1ЙU3ݽUK0[?<wzMbM9\>XֈUVN*z{[w{yl]u|5`dܑ<6Xec(P[1u@{ہj6y.rD=(naN+~_hMsoXFx5J%! mQQ(sƎTA_&:J}yS{t hg#^qvZ jL@aRG eU4.{ 72]djoRą ?9os|{8fi밆C9pb*Ԣ|PaӉ#jrr^pƥ0q'{wiALLAbaчo=@]Ee7$-wc |,lHnS;4h27Rt$l>'c9F--oגn!,XYSnV29Xg/@á5cgDE:B? w,l7- DQqQj@1cpV)MDTGla^]wj8N\MS"h%sP l QCJayVK]y3_mx*2OƖB Z;Kqtؠb>rPÓ!A3u$V6; i%LL{<32e)5H׈Dz6s|i}-i.3bJUȽ,?Ş*sأ&G=R:Q4L;~'W*0T-z+E_EiCF$_L1AżVPH=n7#ۂ rX!&>% w.Nv9| g;kx6\6g+Ȃ{fq*%/Jn.8["!EWW$)X*i=0%ΟH_^׉]]a5 b @@Cs))ؙT'ćfxzRFhɶu<¬׆lW5L9<[2)Gu<ן-z:\UyS 8N%:o:ON~mQ'&~"ڃFd٥E"}f]AYd6ݦd 1Pݗ~jdܙV.C:a7b-*h^Ȓ![5 PD8M~Y& Tge-, YT`< 1oD= Чץ޶ݬ LF3̦W 3 ? /` Elܟ5xNJc8RFHDQL~r9/q) (j*%sz/)xܝ8љwV'ip.֖gA?b (2GJ4P!4 eGN;'~k[1Ϝpbp u+Z#)\܊MZܺQ^lp VZ !P3bh>pQâH=O46q '3=y2`5O nukYᝒvgFTd@1 ׎[7{rNA $:t#[Ks)?]g K$V2Iyۤ{ޅaK/s[KLtzGnrY hC9/}T~MaIWd-nu\¨SVʧA06wЏt;hNi.;UǺDZئ.AbixoB"oLK^nTiR&9GDchpW,ӗ#Ȕ\%1qٰ*7(G H#xbCVcB\qޤ۵M#V$I\DҥE 5 pvJ<|چB2C8ǢO.]%Λ*q,<%9HUh4]T[h9whn T#"4vJ3b|2 6Gqn+P5>=eDN*S:9AS̿ ͙E9]l\E n3e%ani`68-s;{櫯BV`тOp&8U7.s+*:F >sܥ\ d*o^wV΢q kl+نt}*MuT?8ϛhesdh|cŘM6J٫=,B~p\!o=5Iˈ+ߤ HnGv%PB ̒ v@A|&ER PTEN_$>؇'KMMZBld%^w|R+hoQ9Tt~-@\P0Ԇ7wj_y[9Nâr>lKQfb2TO]b a oW oC~ 0-EĈv&k <q]/F~Gd]ssL+/a^zsu L?:qag%ۿQN$+FYC;d xnv"KϒU-.uX[}Thמ lF8u'$<.*X V.Ys3pMhsOGe)ȅyh}0*%[b쏊ԥEҝ7bh|rt|v rhi8{Ygix4>/ KPr.Aq<]μ fNj +. /Lr v1dVCh׹򡗋CM1%) _@^Ppf["]> |"# ذiwJJW55fۀDGfb/U)Qqcܵ D0Zsp |,"!XO[{DqgMjj_U-eݺ"jWN0 ~Z<_ o~v!Ƃ:Eh~!PZ H:Wy>iy;լ*^ ;8~L\ Y{lcNGaԂj $<…l(R7vj8_BaԻ|7?`k<k=Isֵd)93 dIfeѨo)aQ2 M'yDR&Μ%^E_ v<}yA5*IUV>wyN$g.rH1V.Q䰇hxd^{sC#%qEmP)O){Kv{uW% /gQPºP ~$$oF, v7<ԕ.U4J#K >S-2;ldy׺_2cV-02DCʬvԷr_~p"!GۇVǃIP&S;Ď.Ή gI 1~?jPrc"c5_u|Be>W?yfmQE)M@L-'i=ixT6cfV[.`-v>J}ʢ ,^܇ Tui 5gb;$B.YiU,Қ|&^3=!K&,}f8./`9ɨes,,P2LOdUηyM Ez[elM`У1b*3@e#-G\qD.r~k%FLqiٛvg7%DR⇛-7r[!$˶="u#+XV! 8!rMI`]] *yn!Vf~A'mI刑x8JNҤUD]=vUNLٕB NT?5/3SSROp^(Izi~H (p hJ!)gv~tH*E(>^=b HB„.t>A;,ӽ=_ʤdYFĵ?#dJ' 8ӄ5MaSSrJ^9.bM` @b򏪁 =fu1Oq#$1iF$_u=!Ȑfq0۱ tJ0 GFB;r]@TҝQ=mj³Iq= (h]`/ZxC)Nr4-bb D{z74SE q,v/@yg1f;**7"|Yklc@ vgZƣ&V@ ' +^- ba:SrlqHlSҩ0zǮ8[sa׎Nncǎ&U"iqKBK|~X&l~b{rɩY?3PoE*]CE P }"Q$'אJ: 9[wr"u[?I,dd,^l8@Mp_=F"c/[&~):ҩ0 +a|->g͠oh$vw#ecKSjRNOXUE2iġؠ${Gy%ӷ޻Z)KvIjX6pG1ӗ2TmrtV=LV_wgHK3==|-PN2^6$,X|ӬEW_8_ -@bG<{ h tb"qɁ~ 7_޺1 ξR Ni2Wxp8e BF@B=4 DDۛlfçnʛUK;n|r*ڮSJøwwPfuĹ(x)UHkOԘ L 25 1 ѓ0/&-=_,)$<w4G.SvAJٔBSWurŕ) S/J޼QA(].n jAH}ojԥM,pFǬCBunBQ>:pɁJnpP 5w뢢PCL6{-&%){M'=WقE4'Ʋ̈k[qIE1sien uFYdy81|k$eSf-C PG Ǹw $.V;4߻mMuIpc7qtUfXM: ܎Y}@-ꏆfЋUJm7ۋ~>tfSe$9ۇ :QC5X_Dhl8=}Lmco2MIN;;t۳05#/0MRa4t3@?C:yQyﶅU$},1/џq oNMRg)y+n(Dymx.zuJB3bF.UQ`HC`QLkpRt.7ڏsh1N:E^[La[ ExK3K ;8p9Q\V{|r:(cG|D=a0gYoÄYvjǗǸvw #ܧv+Hv%YG{%6\ҼW:ec(ߙVt~Xgȉ2eDtwh&݉Ap"gc2ln'asW[os)H&(\ [sfta;4oN5.$\C=v,I9q)_}s'hE(ܶ{B6+MtuxKݍWGb_ 8؛ُ݂|c&tJefdbl<*璐7GvV}mj=/8%^=&]i债"(X`/ ] K?EM8q`6hm~N&IVh NPWpf,~1UG Ǯc=Qy'tΰ!mZSUz^NKMLd+ʨ.< =ވcǷJƅxB7 CvGv"GՈթۡ x8@~U7Lbl\EP[#l:sʳi_U0Ģw~! ^% 4s$LH~i,,›0EGn+4p}&ߞ+?9J~+#}HY dNT>Tswed>~(y.ͺ Ucsq#moǃzz8.FFS X(2NLܛa~= 1僒.3vL/s=Vba;2],2kE[e<6E0X*uZYJ,\!M^z]-մvsRV(`;OfxjUeIngdHZ-1_;+iMreGV#~׽dWGY2x y"wD]oyAat)8&N - |H-rW}ł(D4֔I͡n|8FA+eE}V^I]K}(Tw#MuђC;aM1'|گz irq?5:qƓ#k$٢!b˫ LĻ&=:chC E,h%g!J?WHsSuT7Uhݞb;*fvtr*Pd">vp3"uϥ,Gd98h]|ae yB㡍F<{K Y2uS_Տ5'&f?#Aph_4|bT$V*"쇙( VO{|.IuȾ6Dk~/!ml"D1$ZĴ3CE.8 ·Ats}?iDA) BCRsF6يgMf v*fgϗl>nm7AYCyZ;6R TuN j~#(<׶EQuJ6z-w. ۏ<\Tπj<{@\WĠwdKjSL<<. R4k`$57o`y-.*V[/~w/0";k$Zip076n;4&R8m^7*-cGv{Ig.Y[Qsܙu#X+YWKMMBE(r oSlgtЌ4oD=ln6oƻh^,TȎP%q! .\2y?Cc >m.'\":ڈVp[PPV'uVr'R}r:6^A]}$xO~kh~`;Ս1;5/)|BjtkgşJؚE;<"ŋ'%QQ7vx}[[C_,LDTdʰ"k/.'.7{ϫ. KC7񸜁1m&EHTs*ډ̧:J^x[lnL((ɛ<@w(Eش=Um@`d@%ql3wVc$hgRK+1Z<5W,]SC( 8O %3hOSLD]wplL.#" x>4"Y fAA{lk}Ũ#Ev V˽ӠT7Fdp㶑G1͌*ڸ_tQٳ4(~{7Q^x[mh1c Sɛ]AuNJ%ZJ1tc d`JK ue{C,u%"z)-vkgby@Ýwlչ%N *Joxp,95x\fF&1ӯ.y Y% :kP_c3(Rzi/D`UAuf%cTp6MB6 SGAL.E4m}6z?Ծg yw睑aVݸ"o<^a8@Z*6Kn,>C, Auu{(_$'js1up2Ҷ<={'*!. 9n!SQ =p2Jk5HktHnQ? 0B%̚؟R#m$LՎ-YRyM?&;%k2یS$/ c ERvCٌx*0< Sr˓]2[ WH\撧j5\XgȊG!/39nhbBL?װ67=7ܵ|G7U@" s#Nuզ'{Hofc+-Rͮ(ٯ203#"koá)&1Dx2~/rnڰJ]+w}9lV)w=DRCCRx^ #yΪ+Cf$WR[O=#!.efl @\F=PDpLi~ I4~eJs b=~g5\14o{q&ie%{geS~7W=R]P;A[Um ZN@ 3#ht" Lb8BltȘmt5v ߾zTڧW2>V5,a'pqDv=ʓ9UG`97w(k,jnkݮ_Zj!H Q,Q_}Iy b&~_XyQ\EW*6޽q(% k ~HD@h)䨈 h=`DcW"!P񞷑ϓvm_U${me ;$,ähi{TJqN-j?\#H\Dy]mo~ e+ȴoȷKrsdqd^+7]:{f~,z*3в+l.$6_4 ~RBɎ8K*ד\c:z5tnlAhs>+Ag@D~ M,gs+շg"N41IʾlDxAWcƖ?s+fR2uPXx =<ѱ`nu#vZ0Eeڜ(#,=ݕ!*߱$3@y}6yh]"m5CJ 5GdAp^H:vs. ,Fo2/^'V]H@/"Bk8&p+' FF 0 )A#+7WG%P\ 5?u\4NY0 U>na/iSjP$˻Bo8v J~WwQߍr&$ yDNT Dz{y90v%V㿅uC 4sMK|/!V$TA_NoyB9esU[{U!vh]p@U@*񟗇 kCLucYCdͼ?-Pj1YcIӆśSZjJrx|@ 9/ͫ kω˲s/>{O`/7_gw48G_a=˄B0$|9(kmTyg-n1+їj? xDЍ reܗt#}j|eeׂ5ćt2a(8V5-2 LXU) S?!c}0ڔ a׮z0f:JXMW.=8D9`o y#R( ťܳcq5HzU8D! =yAZ a satI4JA@u]|dmCߊ!4>E4\e5+H>:y\a4BMJ`׆") $)1=),KM8y# 2jz%R?8RDi^'ǷU gW1I Ă,}r9iZU?m+٤ 'DQ(cK匐Cc3CI| -1q"CmܜKόʦ1ق~:V0(hBҙDRF.=]1v @;%t70vDdV{ N@ʯC:gD!@iZ"cSm$?kKʱlklt3&V %)YЍ;^&r0-ܽg U[9R=D1i y /U+敎@%*"ŠHM \g(,(/; &TV&JѴ$F*VUYc־4$< Š}E۪Q'P\ dI 8IWHɄV'in ]G^4UNVȮ=' Ӳ8^ϛnS AO6zبb@>yP6|p'U> XhK7>rf.HrGF('Ms#IjCg;ny@kS(@4Hn.lu6QאaQ 6N.UH@ż*sEdٮ۬ l ATZPuw.c{nZf/oyw.4FB|ul 94R@>^ 7뻈qE2Ԫ^l7nB@׺t3Dr<\'&4AUxgK털$<zx=񨑙M'U 0s܀a=ee{S 罕6#\IϿaN!yCOc~.Io;ÕOSm2.Z;g+߬%L1-ozgv`bAYYՂ~s| oޑHZGi–S7%o*-bm~*[7muA="9=E|u'2l)܀+QO HoRCeM  Yl!Eҵ5"'Bu $Z̈́H f<˘W`dhQ@t/?s\~`gEjeDQN2L~B $kgmUyfoL#u Aw'S:a_ٹaE$|s Mmj WhٚMQԟ`C-ᶫyXbH/f  Ȝ! uAMiV>+W}71}?B[ONU'ǐw]֡d"ٟ ٚ%qY߱ۊ*#G Z \'ߎR(@U@t 4nd} ܍Dn*$;c^N:~o;dCu^Ěrz&*ea%ĻͽBٷB;w7N;qĮ[- iwNĢuƼA.(jۅhհ%pC  ߭R=o3 F'A2n 1К LO–qwr=<};"1Vmd\>c _bԵ؍"w"7~nqhM60%xR P,] J oFA_Pz|%ͽıEvw7LfU1%a.DQ|f˧*À2!~igq`Q-k?OGw5M`%iց0ߟT'M`;|#_]ndS37^9Ȏ'1AuIPjbю\,W(F:՛fXkx}uz<GvyZD[ce)+* *eƃnBvER(r(\`K =f!๑/^ ׻X踵kY1Ϋ(PWa! .{q5ᢥr]9[=^u v fTc!”6^/boO0'X:wQqF7!?}X4@ 'e7PN\![oLvtG>Q Tq\Hl¾;"]? H\\jiFkeg\&)DŽ~Y.[4UvR- 4OyQ!&pMlE4WLEkfb\O;svZ X9]<~0O':")Wػl-,#\$_}]m[jx:8 W5z_ Rt'n`|ف &uƯ#W偹q>LdnYn4Ao4 Ҋ[)闓rtQ !:l~VԬT#db,sn5O8K6Y]&mxӡA$X 9ob SobJ;[ж"TIi?IF9@S3eLNTFt$ R=$-Ish1q‰<e頹tɮpL [` poDhW5r?E/T^KC2!>΁Eb(o؝ -Bw:W/qe֛`/U0"Kd>[M?%gem@s|QZ۩=h%oL]mpVR-/cyտi ,;%[Ei=?!ņܹlakKÕZNh[1n- :\"(My^ѴV/;%&/Wր xb* mcfsXl`|}*ae[?w/ǧcnO a%cC B?`31|ZTz\{ګy43*:ؓ%{Bך$Tq SbsulqzXHoA#v ڀCKcԨT/P7'$W;stg.쵷e<x' |J'@Āz2Q6zQ|z8xHq66d&%c^ŵ])k}qO0J$`pVͼlJTko[t dJ VuRVt Ji<- Jf.e?%=ֵxmO~nibF=ʡf=^9Ny;0{3K@Q׊$ *JIK MGLexW͊ }Kzxm";94J׭UTes 9^x%F@LEѩ/h Jkɸ?YnSH 8 ,9b <cCD,ILG[X-lq-x!9XM8T`VYO(0k{+"C5k,z{uU]x15Qkt156ɺ&1݀E/}|P>k({g'عv!> X1fηoo 6X/([` >W D.Y3C;C ᴺ=XAwQ{e8'So63\av_O Uo RGT!$6+M˜dկk 0lo8g!mXtVp( ,q{poBU6Wd)RYYN+8HD:rnp YvNV<Պ@kWEDIO%?aIgz┱[KH:^jCcL ŏ㢟8AN;PQ2ɶ]CǪ4ӆPȶ2ٱ~vb2LR.a+/dFA_n6]Să7mR8|O{mkG!rǠB[\u&;EqWmBVd;\ݷqS?Lg@PQͧ ;~H N,*YG|=U-HPCpMp &Rn)I3*"q3;ʥ;Lv݇|.f+{uUB)D a:1tx08X%ʧ%>'wg\`凎%gVD=&8vZLY5M#U2_)E(d}tEf!2@KdID3q 9^7Jg^ YμQ, _iXW(>Ch]9 kJ\LPd厣<:P &its7]2=75. l䰖w`TH_M؁8GܝMEۇ TfW2 ȣ/hz=#oG(@E(RItC{6IȖHJ{)V. h;%)/RKrPtN[i\;nVl$X*s@/i>\hWӘ`o%q>_H/Y;TYGY\T!c;{@P[S.#= ٸ"6˾xk6%d0 AAcD -XZ՘-m|Η0|c&[Ov`EH-|jg?v] oM+qjЛ:0fk6xgܱV˰ h"﷯z fu!mg1 %h cЍ̜,^ Zn1d@ Z%GЄ/::rk(ڿṃ'`M"9cqS$vՄ`'3LY)T6b_d_h-)v3[ O'Vu tWޞPc@Tk̔nYgs%ϦePc<.z/Izcn|6gmY@Ei/-cаԋ3\&Wdt3mV$,;@!kt 1 ljiKԺ$!abzEW Ut_WBRZ V-AB芲FI_:H?}, YW .~dɣ B8x}%M B4=Ue U1sA3J2ojWl~V}%Jǃ5Z )1aiN[x ^^XPjҖ_GE>dRex#k "f b&crXDM`Cψ^Lc<}[ʐy^R3:ytu%AԧWWʼ!z 10߿U'P#*z23کk1?}0/;̽$jb8RufAwD}cOqpO [&VMKzP֬GO3&tML].]i Li]r{Zq7IVafq 4bKUkN0\)Y U"Ok4nR˜>=J~-{8PXHK-q$ %'Ӊ =Z^޳swK)}t.W(Ocz">|u/H:rVվY>"$*hWIcB.DU[5.ӅS|Gg,zgc~&HlD3( GIU%opB:J+GBS`eKM|jQx)VcAC6 )[طՇwB.)fqRzjf1mH3f6` ~dh:[c>o'xe>;#$['.pJ^m!zJz~O[~=\oX\%f2Kg=`E٦Z2pc}?YCjڊ~z>`X2l$OMij?{3QMIN񡗹ŋfXCA 5ؼHZ̐S }7մ\d Pӝ%%>!!/d5/,BNMϬΗ,gi Fc-*7dd@.r 8or=/!7ݴSB(5YeRȧ d-?1rOϪֹ@|LO:RvÒpeh:w8H ~ Hf_H}೾PZw} [hUÞY( yGtP/>@U0wWɕ0?uA L$G`<)~|c78Uh\{%"ʇW5 U7 z`r mľb[c=vSj5gSOݫ\Pc?^u#TZ7=mB>v[@ŵv9 ˜ Y 8Bq c&8bIoY7wg$!-b/!"BL\Xw2(U1TZ?GZ0wfe+4y2{>vr[BcgXpU]{$ˤ5qy/{'ШOJ'O>Zݺ4d$}n'z:_熙*ßjӇ(8Tbx e̹XN@VAw*ܬ4]>,@'h(Fr D" ܳ.//4~avPTqn;c=?I,E$czLOϽ ="źon(s/ ~i;IAcaJJGA Izj,pStM?MiֆeȎu"F^Z⽽y%<:!;#b.}E)|9"v x1Jp َ\g.sy7K9aUHsR&˲Qy LF..v%|81tvz~䉲o1Q"5rgEژQTK+7z^R6EowSRݐk~Ϻ,'&h;H G/`-N9T@\p3Mh =߿Q9E8R$4@/V|,㶧߁2 铿YKb:8rEMwZ,oȾ fk\t+0w4]jAQz -vrApᰱ8+h?v'y am~D<#YĈ^rᾇY"H)jI/`,AMQ϶:ͿNTj,rV-_3˘;!Rr9i OG+|5SFp^Miϐ=CRk%@Jխh_T6o*ƙ[I̞h軚F85  ]qH}a#m8_BU-1@g }9Q`CbN;sOhL\ݱYnq uPRXk|+JjX>\IӬJ ž)_[$dm\DlKz1lmxmdhn@̉4\z#qr ՆjN#kr]=D7s72^chz"t8þ%Ii1Um ر/N|hLE }":taU|['TX6A>B ˡ.~Isp-zݑ:vѧ_e`W'd3c!.X+f%W )YuíM8bÖNm&TH >ę^jm-o\*^D(|@ \˪5{l}ԟp?k}'Y(h6us /6"qc3f{3^I#8-r29٭9k24+M!#3:O3.f<G.Àe3NE^mV{hkLAԳ*9a'9f—ȨŠC5UW!͎N"Vǯ>b+)G CbVϾ=.sd: .an|qg__ŷ;)h!4B%_0{(zZ'/@*b"84 Ep30(T{ >&Dcáf/||rO^e2RBgǻk@c9c!Qmqx}S֐߾n%'Ԕ 2|OJ7Æ/DU,~VHHEmRR}V/3~"*"T^;{rdӣXd ȺLJ1,7b\݄RybW7C!ϝ84.ulQ;Q|RT^G lSϴ.{%e6W }|4(}C%/ hlnP<g"ڹ-L x)Y1*kUۃ\/͇3=$mHGrj}M b:rͯ)f#Bzӕx;V^5/@hs̓,*~s !;\ZBC@,?2zk0>X}*m *q KH| )b&E+ѻ"8(BYd Vo8P7Y?i$52ˢX} yгk,|$29~*b*.ϽCwDIU7̛TM-Ndc5:0<QVS /5z+ϧkhl&5yuc> `sjNxɺ>xhNB >N]>?0]Z-E)d'Fe8AZ.*MNn,_6vA|61G{\t?ˍ;HʹEV. ,ZMxpܶ7V[/qe*frOQ{clX*xhJE +Zfsj iid>fyoUmCU;Q-8`"qϘmPz= ȹ<8}PƱFtWmR8(!+(N$Տ`hVmw 5rBnQ7B#F0=OCi)i'Uz_z=-tiFs঴T @ ~zOzibQ81L">g@;έA'23||~ (c(URSS5K6 QŮ|#)69wAG&g7`EҬ=q{Tْ6.|:4kM\@;_UxAݶBpRBf eD 25*מ#5NM4-mc*vpE81ӽ]+z*nR㴖a@cv@|h&Kbr){ Pr9QM~mr 5~zZfi4Y>>bon,Y&]e&X0XfYJXso1Kr@ P` >4܈+$@Hp*-#C|7'=ߓSk%[7X.N DԳAv+iG0ͣF]!WQ?-ĉδDB{~,p[q!|X\aa:4-ʊ?8 wׂ*QkOpG8E9X|;D#wv5rJy̬+4b}Ys\?ac.i\X|hR1^H0+5AբsźhhGh7NjB8)7etqr烰7BPw.S)2Etg%4@ΕJ V.p1[ ~64;B9'GMSDYG3^KO~ׄȶU (,04xO6|4K([[vY s]G-=. ,{g4스<Ƒ~m S{3o-nڐ>*Pp{W@vVI;VStJE:mz@z~'aNt394P\m1$=U_|{x!=;䄤VcJF:px?qq6M~߃ʡuV*sɶOhuܓUl6U1 V,glfyOCK앭Ǡ(y>poB03ߘs0+dje_ >vI&!51ߦFm˂lh-]AnC@Sy&E8ZRVюy3YmKj;'*(mD_k4 |(/H0'F ?ȻK؄>;5/TQ`+n)VL̹*6)0 +6Ӆ3*vcѻW+G J5D9$bCV%"xIDr_]qxљm|_sgvdcÇzc;WT/ kY.>Z$;pGRP)Dl ML{F8G)HAw?!052K¦>z!87.T|U,iz|0J ag:n32ӛuЁٗW* "?ԁd--(i\<T9o-ZvU ]nm[5{<>QuDIȯ51-z9}zt(S,$<Aʬ{$옳pjRm &R$3۩WQ4(Q5bs9=7;N_p컫u+&)G,%Na5+f53ryTJaXx o&;PX34uz.[5(Sױ7X5sN)|S ''Oq _ {/S "r I; u-M롊"&͘7nCϯuCo#*qژ(wC%LkuQVAJ ◦ #%iQ9g4@4~M 3;B%'D 6G|CI#xrw5/Z5ƀYmsCrb[i|f>*c.6'AXFa&i7K' LQ` 9ziQbc'H?T0rMpxi饘)x}*p-컼g0CiEuTWm>ҧm3֩%}} -.B>1Ut7]%>a\᷹,\$ؖBJ\-5U ᙻ$pFi%P7jBh1yN%o_P%qsHű+lVרJY$:f= lSUyjv4t% إ6/oⷔ-ak 3HкVۢ(c!rsbWb3k64T<( ٝp@#'jݴ)۵T~6\>!ٔAâ{Z&w!smL ܺAux/)G)DnȾj]#;BZ΂&&paRJaU Di$|yvǿpMJ 3ԄSƲ~Y٣kAJf'b6#R}~aN7LDq{ݥה̮.?CA1R ŧAѬN%$LF?+Bq-'8C4!  iݝM"ʝDz<-&N˺3ݽ:Ѯ:|ŀm`gnm)39=2{I#m.xZf˲;ѽ}'1B=&ؠ`ՄYc }kɮgQlg{Hfb+z7c {ޔÈ~}| mQ칥ݮ;@>߽yH7Z$,fvɃ~0XS~d4YY=WYI[>;C-MK3Ę$ 2 Qڈo-leI9jgڮ+%'<3\hsw4[ É$?.j+ŭ '?숖MiDFJTS_"uLCkK}a|M*ES"%[L<^`ۻzssd&M5W (*UϕI9 Ǧ.WPX$aSK/BLao;UeIWḾl?ct %x_Gc05';aY'! )9*4\ oٚB~)=|pN7D;;]g5?'<^?*5˪.,X h|\@[؈9 {(Y K>xl.E~!{`yvUt{44m \fͦߋwvf)f3u2{Eoiȟ xyfy<6'mL@,4B>thG ~aB*;TPiÆ_wYc.6| z'Mk}b` yRPl˘" dxodͻ4z6i#`TeY6ʫ0|Ew'Qd0 "Z_\\ШƽcS01Ubq#3inV? )}4kke}'1 :S]י\bCV |3{Ç[聯4$='WbppcJ:\])W=%d{cczJ&wE1S0V˖ Rf}FFu]/@=>}.4$]Bm"Hq7EIWcQ ?@=f ^[՝a(=̟|B0GWA$?jg$;N}͑t/h`w3sԴ+-7gc'RK~tQ!ddž*3G)!b{r\\Qr]+^_#F0=g ={ 0'sPF# G$Q0[u@oT*LPЫU). 80!$| 6`v4 `լ N0b(4oS:[bq+)^I?cM\:[+v$E'G/{GyD)긗3֊B of$ &T yAk'GO([mP~&[n"@`-g8&*"Qޛ9X߀DKqj傇cDh*:m\%Ͷ(y!ReE콻XAX5e7@AߨDzV(|86P86wSv;}hsQ?bJaN&P%{t%th,[N~bLoYGخ[[j, "AnC / )X;f Ēs.4H]K1N.кwPl\quuKeCYqO39>-z7<["3"p|ʹkzcrm.i:8sd[l|9YB2LTAJʦX!eÊuU=]kZ4=9f|Jm--7/Tڤkdoj~ݝB.@Tل_GYnI}ח.\ޘ%?G2.k7[V-K)FD l6D:bafliWo ICK xgf8w OĪG7=/y&I¤,a]C;2/͜Dc|'IgxL9Dhu J{P7$\ &ˡj%ic2c0Gf{9Zkt1^)\ЅlF?{`jΠHYs ]z@JǪ+BJϦ ;m; KfQ\v#{K@Uiշ_*mÔ'O0 ?bE#uf0HfXo.nx N XO0R}}B|˓M:1'g O]I)+ &bY)jVNՙ7ndWJ63cb/0*˪K`* 㬧"'o J BZ_%*ZV% S qK)`׫$K}\&)S 2> -E l IQ=#Q2ynx]op?9s-u^cRI٫H0ncྀI07 9X x5bs\º i奻 zl @Ʉ_:Q-v[~ƈ5@ێ uO[ AӋ0GsFKPy4:oi} yuN`YV,GTbSsLyaLX ||u/Ip'+`~~4GDZ?V#*mnyR +_E~LEѓ cдiuC!/#Ce)Y$28(٩>BV4)SxVF%䀿K!Ը _ahBZϲ%ry9T&u[hqri+9/V/r#Ub|+BtKHl׿~#J5nfOÂf(DTmjbc1ѵ8o5&IT't~{Ua+0(V94(;SD( zXT4>>8a` i{@%iT 3eK-Fl|]>Q",gCa`0uKɃu8sgĥnKL RB7/>Xf_I|-z„9m! BB[-7_C?Z\=Ei ˜B8n{.f(uk>nA¿(&)q#+1baր/tY>fT 280k mmt[a@jo尛KJ@852ӱ%ъs 7N_EaFP D3S 0@:+\V ђlWD,[kU6~"w&QRe4yCOr(.%5'Lpmɿ`؈:8@D# 1Q6]"@7I?ʆYc^W>"3K?]jt-V,K}g1I?=95#aY%^AYno|*~Q9J\us޼ux;S 8uqNSqcz`KF]ڍ9+xXea)ip^h(Ce^ﳓBZ)DChigؒ{BjYpKw&\8~c15}quzZQN`5[B~>Xfw^$>-$8v-m 5} XQV |'㢲a>-lNՅ򤨂ۘD:;ZIROp!?*e.{&ANO* e;RHa<وa'X}k03^N5Zo.6yBKkţ\s6lޣ/,e!`zSeцZʲG:P_-+7H)˰ ~!i'Dx-1L?̳…yPho|1CEA8똇BP o3 U,Æ5Il*2 %`z[PUǁJG2D꬈-̕ s7}';x`{<3gq<%_d`bM5.S HviacW"ta) 1?cuZZ'{i=TIKq76vҳwߕ١؏Qs /"Q\`+- ] Ք|hM싖ɬxG VmPr,9 tvr iKŃ {&(p9WN>Д6|H#;Թ3ۯxmnbݾ9o^<,m0Qov4,'紺za ҇wm8(J.) ϗ`TLj&vA{]Ekה#+WMì k*;M(m8&J~%phӈszTIg㺹0&rNh/_rն71mb޾1H ;bĴ^T)IxAKLmX\RB9Ǥ vU]&"&n ./i(d@jΌ`Lؗ䙜u%j2 Ͻ ˳5tƾ T7rqlWb7TYUvV\T\C[QT?&kY9 )Nc\El @jXzf[D{ Z,T^>%ѺxX~ (=yo|Æۣ&Y}ߠ>dDq>k cJa)ripdk?d 5\6œb܋5P̼EPk;$2k,luxsQF}0^F1Լ! '@l4ۧI:C(24C?di\Q68ƣlh?wOw#AYmԖ7^ljڃ7(:Q/x㊎u/ьhH~OX"W$!~a@U/Uqx]3'|Iq~|wRMOϘ'TƝ>n/(U&wC+$ Yi@c[|6Rlq| 30 o.5ô%nHjҡȰ7q,Ƅ67RN lI/Ep&0Z94"Α?R{hJ6gY΅e܍'UNw(܁,oc0Wr͹<;[nqaRF_L@%A [Hⴅ_k8K00  jGce *俐%L#aTOYRK4x<&p}@oqL.cÜ3d ݄Ha Q6hftKuoT5={^et'tnv ~o.1N0 ճ>?*m4K-Nz`uBȍi8D`by͵'v[?$c%XDMBÚ ycj9cS0-QVTb .Yr&H&8N;@s&ݗEQ^$9d7LHqT:%sʇޗ3R!]5\f^Ka? &IEZgQdez$iYaGɠy+6EQ> H5>q辯yv9ob+'81 gϿ 5168UÎ)Iz 09iOTjJ5s8\ZDKWޟKb"X(Фjŭcxz c!hsDTm13\,kN''p?RTlMaU)I8&SW!_HvHm67#V]?L<* <fMBŻE"oQr0;787=p,N] ?DzXE?5?-`9QFaoJB`9j;Ԁ+ꡧa8 mcMϥ 0z`eE3hD;/>N␀Nl+sMD,]# %C|ڧBFvg4w$b!)QYxmѾ2Oi/*M^}ӦhAH 0Xv>@{LG`M(4=(Rs\乜 ˡ<( ~tA|gxۗpwiydd_s~DZ."KgE69䦧i`H_"T٠G$ `uѣY/U 26=tkiC?/UVrlHNH[1մq" WE4fy7((/j6A>PZl5/*K0?"rT} I'r)ABvrx߹/K#}/.ᷧw/47@ x Py /{s#A|;%A$DFJHؼ!v. A9rtށA~%:h"gßO6~;nF [Kz,XVT6}fQ7X1QGns*V_=vD#njX `5| bRQDe&d}.&w!әmP]'K;DS2RmD.B37='dq1ʜH Bzy @HEɑZ; qni~.tn2딶ԉ "[쎽ei0PgZMv%C01RӼJs|"%P<.\\~$^\?Zt/,TcNIDc]$_H/шq*dxfq`)# tNup5(6 ܨM,(PVY44?]ĸ9nV͛`rr޽rknh~tGcLSl(tʩ37ȥcUTb(,3>׫pPهKX#dI_қ$M&'D]M|hƌwGc>b/C'<9FܺA=r6(KdN=9R3 tRy7`D(B~s]$>C8$Ey2EZ[3u?,1[FdSH0K2@, 7=#ÈۭB\-js GVC2'?ߌZ^*X*9b|`EBՉ8R$ M2t`@ټ\ߪ5ҬLᦋV 9R1!E۬p9qTOE`'e5E3EEm=owr&+]ݺw靖t mOA-J.cEo]0#lA>o_])yyd#yJ+;) әekseEoCU dN ɫOR*L:_+S3lZV`oi='.b e >eZD<-mjj+_>fǕر+~]վhG[M`qk 0+y-q]C'[/Lr0hmK@ ޾jpBEaKĻ ORb~g~/NkV"bƤr=gqQؘrB9CNaғǞBFx=qd,7dKЇ7r"DG_n^ ͅGaL3iYF߄zz@5|H$8WFi[0b{ HNݯb\.jzyYS6&+!4Gj\o,h;3WpB<{|S:?wĠV9]gLgW#")XarZ&z`O1&Uˊ/R=0eI9ca ԅ eiP[. R%woviHdjKEع?PX= hJyN~,i oZEspL^tF//^of+ )$b܊[x83f3>m`]e ߫iCJ5lP[G'^+ّSvf4N#hWK%vRW;" ]_R#hGMbk2s%5,7ٌ)1yz L,#SB_fI0Ǒ MAKJ> T!M3lZb_؟[idbʿϬR%]0j9S'/aڑUlZB3dYMUqnWg9_$I.q .rwSip{C íTTwڳkgSRR7@06cZ\-_t]!wVwjLD*ἅĀ dTN4"ALtt磊{}>{M-NRfUZbQcWGjlD(^Zh`GQљ4m`D\i}OV{8P5%3xɩVZ{su~XOxj!1WmI5tԺ892¥%'>۪ T̓ЭSEmdSzl-?tM]wX|@:F|tdz8<G=m-%K7sy:wgke2yiO7Qɦ Bޅ\ZΙ\d>.Kq"S3:/LVvD˪)C<>f&PR`X3C B/Jx[WW.MfTIcVBb-8H7C*- hOy]h6hӳ:"Gw(;"v<*x0 P|y2ckڐzl &'v7ϻۊ{ZiSFAFWOJu}m b!kP`r< 9 RǹClӪ tX>'`Ii|j\C:cOF|\_@ָdӚg 5Wׯ| 9@*~5*UAt1q e;ڇIjEH ցX*MnvzfP;-:T8Xtg͒ 5VwEZyTϬ:qE4ڡ<8w{R6kG>,b6U.^r()=/֮bpUI3S[=ѮA-fҒ 1o޺`#B2>n$殲FIwl3/aSZ5ɭnhz6=n%$5 {TW5qipUcI- =:`mɲC!}aBVɅ"E Y/\R>Nvcz]U>uټ\̆$(:uD^ADs ~sBq@b(oXgm>Tvcm͓ gv)ˮdR㨪T׌۸SJZ0Ɍ 06,ʝ8WqPʊ렴6(_Y/+nŠ;yhA|֝oXʅYm](:aWBKi!vޣTnسE8@H2EV [+'Y̚FNN瑭>LѼQݵ,bN"}lI `vp*ՏQ_(Gѯ}(#Yx](}hYeE uJ0]Md+S86ި&P"g}XMNKɮIխ溓0 ԏOz^#{=#%=(U x&Q#jg1 bG#&wp2|Q7D[MϡneԩbAῳlR 2H uZ#yN9Dx]^}]Ɠ Y9{1'e jO"f?܈ f%7g>&0ézc@6V9|Bˑ>-gV*SgRGD{Yoxd^$ҏ8ioc+UjKGI0 l 1fE`ΈK|Yǒȃw=y^ wlPRҁuGTmnN`P9ׯE-`b`_@e"C XcP*'Dԕxy]SQTE-d& \4} (]5oڶ %7SRADOU7"]`7vQv'"rYt :9>}_]Eb.Vq[ج]=ˮ ,KZ7&^C?E4m@؞6 {%C~%έ=ZF?W}G!2o 5Oɛ"se_K͏_a0%uqNf1>si8«f9tSɼG%?z-b*/ ɅoN%IV|ZG-y<, ARB#ESk.l5' niEm*g-iMZѥN<1; IV'2FشgncFt)lB!rwŤ18PBbաUey\d-єCchK^Y|׭n G*,Hf'~ɫlq[dTn |^SA=նd5ȫb!>ZuEiiZOߜEp}e3i(d2 D7E]m6kFKDjS\kn[#']H#HSFH2gx dJ) Tw$ZLEmᝇ~' KI+k'ӆ5#<3-8b:0.٠ۉ=ʏ}`YwoYv:M'׹E'9Cf%  ہ"Bg$Xh˛m^Ao{&P+D^<JQ[) Xx:9R2!XZ+?Ģ'y_eiYځd?ũ8ֺ1[袲?$qOV}XPq#>? l;^zks+btԫrB 8S YuAN3{T@e4X 17 'm"7@>OSK5Q˙hUd6*ғ[?x!Yfl3+Dæ [8g:6wSNUQ1;!t[/.y^AXΠp nꩶ`p{28m2A,~%fUA 9Gp7Q&a9iN;/!9L6%ǰd^bNsOM5ii.q kf,q5 B5Z0*25V4@_;P8"M+UC UC\vZ'Gml8NZT0Sr96d!G^\h¬=mѫ&)}h[l-)tdzJ%9EF}lك/ ÄTbDBߡ0ZEyLrO'^:|򬾰 `6@SJ{i[j4oPw !Qky8M :3E_.7c Z^ݦl\$'BO"։()-;4Um`K/Jp˓[?pԟo= y7{cP@h=ʬ*r9ZLIԡ6;%fZ=)=$] gDqY" ,%F/;Ax!Is\9GNW8a35x3em lK ꪥp()Dɦ=Hb^\Օl }Z5r-xh=-QxMs̙-:aunԠD7,2lk^9Iþd rue ֺ(箕 /|rJ6X4FpFF*W20N!j/@YuUPO'vx?tK@2MOa8aUbWnE@joy`l?칀hTk{VאLdjQ,̜\fy ˩w=ILJAPKt 6Z^౼}N@G4C+qi0äҪbIS,* {z (ĶKSvpvh UhTݯ"`L$Vǽ ge”/ŷm츋{>݌"R ߋ1O2G%]AcJ,|~N[{C# s7v 0r1^` )JmόX_V-6y%k.).ZͨeiinŃZ2<MSz.ʀ4<&'nōM>iaBi)zuuo sH1e TH*!Zہ= o/d!jkz>μӊzQ_Fx$h;aҴ1}{x :,sa 9 Ofvq@1'2Yq;x9r q~AzdӲdWC&jPZxXI;sO?!H;Y4!òlS Y}TgCpd\g-Je|wF@@RROgEOZKCl>_y><4*܁7C 6A)A Q~;%"yt~yJk^<'zѱoϾ}9[79xͰ_![oؑÇnȲ vr:|um3PlW~FܤDgbI/Iq)Yؒ_W6"Cb^l~WieE12DsKݾ|qr|d7Ϭ{˰,㲕U gQȤuTZmcD\v1ƦnA^Njdbrď_#?rrM*;G'ZYŶKp!ob:kR=% FRI=SͿ.gOGٵ^GߔeTFAN8yxz}pwOj%qyՅ.c#6>ZEH,FsIs @ v(F,;6ʒ"L{>!E. 1ʦGt02rOl <1r(k_דp*ر-W.q 21 >j~r)ϔ1wĿ sCgčueG#CI{[k7:ӥu9P$:7LAK4GIDbIjvuRAΚg/?bun]y0lW+8#F*M oǾמE GžN PǃeDw7iT* Z! ~ňp]&;-e&+wlP 'p}LOam8AvR][6A B۫LƢ#G<)εno/`ckPpVA H+%*Lt'*͉BlFJ)R pk2dv20h+-BTs{v*-@&V;ڕf_KB%S~(6pSX݁ā+PKN(['\oER Exgk_Y9TޯCi /edv3 : _Y_r-E/4X a(G}f}WnI ]|ac &Nٙ -#rMNj1 `S_Cpr©A4)ӤU "ٕ)w1cDy\.i̛E2$=3Fhת?LFEQB5 MYݒA[D_wĉΘTMbl5F]&dmM>wvF "2Vp`S(Yȫg Ɩmp_AO,W7 &;*-XVISG-ܝ{Q~ceu tp~EG6= 4D;D<ԴG*Rݺ}?+KFYWK5¬aذS0x[TW <XL+?Y *䑎hl mLCdf[tmޖf=ڌ/}ՀKOV:psP\*yG}[P{2'gpZs5]u=#řjr TVD.d6jq,s *u@O2DHKe#i 1NH@} QW?0s#)3Nflg|;aQc5vФCèP+⟴(02lVl{y˭xX$|ԡ +F8DBVo*28tDZA\9J}*JiN:6d@uUmnΰ~Ofn&n!`ůaܕU2P ]8uyL5S\,U?7 8w <?n`~ζQds ^!.2hlkX :Db 1Bo")9v׹1 Ao#ㄏsALV]Rّ7bKԳ%K%u[;Nj2櫩Bzy^ OO'Y-7Fl9-e3N|y$<>]F0Ks@,8)l}];6sUe @%y$LF3]Nk:9X%L|MF3H'#DXa?LV3lFv]PґTʬԋllm*r02"^J#:xR].3(xA8\t]U-TD8._R(vlvuUz/c%d%ӔR]ә[jnP;nR[$/= sɃdꕦ[.VJ6kErqA\R$j"c1t0_#;)5gM= j H<{bӍk3!s%l>[*Djo{aO<\Hf4 8ק?[.Iލi5@T:}+ [ ; O%~F⣱U1PA6Q:q;V}s0_7zXMP؃Y$Ļ..g bTȸڨG$t6SL6n$O]k>&O*mzS?wm""n4>Sf}˪>6F >i"a ?`NoMbT:.4d GH~-I FDYZY{9:UNi0Ҵ9e+赼#B2.do7-Ě^ͮ+((!k}ؕ$PT!y.Sx <9d֝`gZANRkz/YY\kz&݆ /+ce4Yfr]l1jś@Y;4KA7t4`VLK'PJ!$fƤhkH@d޺eÛ|=8Lt)WW]mܴge~A Šx9]w7A/7$(s/ErsΆHpw3Ȉ[dI["E6N3Oh9H P q1ku?ʯf2 $-\m NC! 8+ݕӮ0]i8~j( D&{ݳ[e#8s![yWKK$Z"n ޚu|CaKqk[9QTԱ5zMu@R%5j_d}.dz cE!Q"rGַL#wk\pIԷ#?(iȿB崙*_aJw Ȱp[aÒm4VH5\L$7CxI1$$ufT}_<`w꣧B҄ Y.M&x{kGhOɢ8B ?_ 7 0*.pNUoqWz0:TZ_$,ui `RH&kqsn c ,2ל0B8^dPLPGU&/01 Ҏ"C84gSMݱ&zqG 1fB+ 1xI zF]?US%|~f̑֨*w%g8e{ʭsJܡ~~4l`V}SBi#*^ξj-nhۭ. H*Q~Ļt=Sye;E3r I+yغ|MU=$Oba8\%:з(XC7֟lH{g|de6$SאBSIX?\K, jqLW㰭ܠD#>dliY?is2W|\ P 79${1h!+CP -I\/l&C)y94`~IW  \FpY2)ٖp/>EclPdk<>x!d, N$[ _ s+jw;6߳ ]"k0wF%IoHi$=>7hdt YM2mД Y'~ Ͼ-Uc}:-:j;֢쵎Э`t8ٗ|1C#UZ*K?Z1w7VќXU (>UW[Y0W~9JOe!  OE)ކ=i4/vݢ\x֨Y]I x QGE4ñFwZf;L}1ڂƫ?hiR v4uMdXBF!c_wg?WffVklCROo]*}A o8K!J+<='T<%A9ˌ 8߀dq?xz Y-2iY߉H rژ[ j +M^n 94 }#I{(3v~ȕ_ߕL_FSvʾ]a}1vH4rG!9 "z*w#^HoQ谄yJoEV>'К'4Og#WIbZIɁX|[H *:aQږ >!OŻsX Ϟ=D[GQ?k@VH=kЯQ|LOʹP u-}- O=i=UT|{'wE**V[K5 ٗB=YnC*9LY9cV&Lb'6Ȩ~Ԓxʽ$*W֊jLEHcR:Rk匩n$sm2޷V>7eaMAh.N`dTT훧-wxwzs+xfcxꊻ5P)bxMHQJP t{mxa5[Sgѳ.]<+,>VG}E[emQB!oliRe8_%ʚ)ٸ/!md0qH֍ f𴫓&rJImxɣ$S2-?҃ٲ*L"zF]Bn V`(r3] Rfo-pp )C54J!LO;*7ewuO:-)~N}bMSG7'dH2:O harKJ|k,+v5$1@lo<66-: 8t@ț 7y^з.BQߊ$y&$#|Ӱ[W<+^>>8:f J+brLU0a1@!fոus~VP =nev!h9;ʼ?`~O hx[һʱ?t~UybG4@ѻz2ϙPfcDzb*V%5pO{ݾtObvN6H_c}m:>g[iHĀl봲O)ҩk$*0a_qWL*+:Uz'yIKWUJ 2wbɢ~J<dCCk9 L3WXZ$?|?Q&d1;THM$W2Z}*bTn)^NVB#Yeo3f-jQ8ؐo7ǿ”c^_f fxhAW[˰I5N6Rˆ/\Ǚ >;@bkRB;*iOY7F_Vܣ4'cPEoùGi} fSI`Nێ}M]qȡ 0%5RA*JW(o?ˊr*z~ˈc/cEGpa s{(ƌM]^\G4N. Ha^$ZHced UTzO[~IIHqb)yZ9q_pPUFSBw(WNi5* A:'o7>Wv{,ht q mgyyן0&8c&Fdk8YQ/7 B~dZx?!$MCX_g3Τ6xl#>?贬[VÑWi%٩?8xP2EyJ3s̓KBS=D(*ع>_ }^.B"'~tJl^JS "Pr@xv]us]'_dc RV/[`qbO`>Sw1Kqq`9 U^}1 `xl(U`n\&/jTC O4ctDo dP_vxFn:G!I^3Qhe9#.S.l#IF8.G#a!Z0]@&zMdCjv+ƯMʩ-Dž͐;Ke'adS-,t׷t0&լ E末Ki3cBaҮ}ۼUTֿ*vBI^Jn%o'Yl,w"fDTY(?7et%dň j;ˏ18|!knP6mdJ8uRMQQyߘyX_|:9R3G:52iyBs,6ѱe4,{YJLF`Kv^x x^[`HgqX51z0ew)8Ap%|!CJ0Aex`0M`Ok$ 3J2Dȳ?W=l"dKK+|0RDhe$ɹ_05:#/e n2/gh󫆯%i ]wak[3d?&DnفUQD\.^K;[oh] tn#/;YXF随SU)* аll}_WQEҗi vWs5ԑ Azh9^%ްT4Ѷl%3- }s-wWEoRqF*3 :+Nw@dJIEj_M,kQ7G{ .r* cž)I ^(Oh3g-D*3yF\ZD&ܬ@4hI."@!u8GP$d8n`;eC:5!Phpe8$h7oS?.d"%$ 'slB1R)R2@#@7/JfĭR 񹶬 C/רu\4 Wv_4v&[Bt=ke:qRBj+TFeՕmRO@yV?AuVsZFe0ٝ ި uB`gafĶFth jkfY_c@\,[ItxOQ{2ČX҃٫<~4_Fq+FY͔'123\!0> cm2B90kE0`Oźߤ=Ё L'2_b " IֺO{uO`4 ?iCk7 :%gfXܝT#κQ?.ݦ:.8 [m0\0$[-^R6~Qb*_\m2b Sarbpy"%p@ޜ %0{^P @11r@*"愞N얬Xk/4r$g -~8ġ:x'm=>\ ! CIQCt'K&Jm}NcƨPТdJ0<<|p*xmwK~5u&3$QlW(w@tM*qg?iHdl/X 7};5ɈyK%MSHt63m:VY OR?%DZSPkߍ;)mވ}("^QN!H Ez=A kL~Kvlf6+kzY!ecE8kuZWm% %^{A0)aʤo ?=UE96Q8[Yi0?{ { W5i7t+Lpa sSG:!BԔx=s36mOuWG[WΪ] "8Y{d1*JDD1Ams) cVۘ 2}]\Hs ɮw%ێ]nX"}wT[di.̟/lDkEZUQ/-_k){i#*?T` K v^qv 3ﲳA\|@aYl,~iקvL a3ey{N5o#u"Eٟ, ڟTED$\¨~ueo%_;r17;p*XNR!,O@͈NYdfܮnvʪNG(@Ttzhǻ{?veݝo.IE^9 ƹ-5Ob~i[~}N>6wG29]&2yKƖ&|z 2-R5Pu_>Z]E Y T=Nul;534 >KŶYaةQPC{bM" P'cbj)2Y|&2;ڥ( ً̀ݿ ӂMG{?SX(9SJt%a,ʫ%\I& 8R׭ .͜ %fj~fjtGe˞kʽ9ͽןx/FݓFG&xT(rЎfE1wC'3_ hOz=fͺ৊ . 5pN[%̭ "A0W{LMh~Tt`R!heTd`"q=,RD~ _NlJróMwņ{SH Nl!7̛*9˫o 8y+\P?7jf6agK-0g4[ܻ:-K(JN1-I-a$w"G>巫'T.f5M AwޓlD PYJ0^7CvΨ?5Oo!_EvHz(dgX*> s\mۘC`SVTQ/|x/zFfAW-:}_gQ!6K,m[Gu{n.!\}pF3dUM[_,q[o+EӬD0NS8^LUCm&ir}YQ?",%hAyڽz)O3U̸$/a"I^aKh@í[U1/ ,"JCޞXުaF4<%wv2b:}ҵy06D\}t ҩWH_@9GD﹀B|uqp?ɤY)nxS*B'X"WM[E)m CҺI,(ɿXj\Qh<&̅)eVfv>ֶ3w¥gO/}C pqm#%$F$i@P|ʾypxSNLJ2}ۈt9\+ !6+w/J5=V½o_3؆A Mw=& ؗڜ*fBݩd.r[Ҫ{ XMfOj8D"DL.ORUi\Z$t~.xXk:g4w}`Pj z(KV0<$9ZN0!NSB1JO8⃷%rd?czM"k= SF\77wӤMlj`uzW.+(e[Z*!G?CEȁe_JCau%sknѽd@ԡO W)`dJ3" VBqcy+@\rhJMc"u-6 v>s(Y8T'Eg`ފ#WH2x;hl4h|7 n0}:N|FX + %zJgNو} VhCxސ6y]Z0 J==Íf%I6%Οy%/Hs\z[!m!!t 4]{ [:GpO؞;3cyqzC}w~~aZKI{"tB7DŽX /Q֬Mt/Һ‡vA"LBOOVpe@ .ݝ* E&p@e!HȎ#7l3DdŎ:1> ҝrzB/$o\%jE1ADպnHu ||qQJ ~ DV]]Le>y3͞\yimP$kX%P]0W@,Ժ|Q> VffQ%H$vC>7v[RF ~5,Ìfh!^7Un*iq(*eSxU[ُ GjhnwaЯ5MuR>Cba`h ZлwavgOE RZ 9r5ls9t6ۅ;nFUxS]Aϱ^?(?zuC>c1B{i|É |~&B(?xkrrP[BĐhчnh3?73z>$zԭ ZՉV{Pf>V4輪3lꈮ5ۜ(1 x0HmQH~!/9"@El>XL/MjyXZw a5(Rv`FupǗ~S?vh쇷A6FzАh{Pș YZ