nss-pkcs11-devel-3.79.0-5.el7_9> H HtxHFd& ?*}}Bb=֢ݷ4>EfgD")Kr%0204eabdb8679137f570418c9f6d03158d1c1fafӴ4U7xF8?d " Z GMT         =  L    T6(h8p9 :U7G H$ IX XhYt\ ] ^`bdienfqlst u vw xP Cnss-pkcs11-devel3.79.05.el7_9Development libraries for PKCS #11 (Cryptoki) using NSSLibrary files for developing PKCS #11 modules using basic NSS low level services.dmsl7.fnal.govScientific LinuxScientific LinuxMPLv2.0Scientific LinuxDevelopment/Librarieshttp://www.mozilla.org/projects/security/pki/nss/linuxi686 n@GCB:nZbNYbNYbNYbNYbNYbNYbNYbNYbNYbNYd0~d0d0a35ece673d12028eb93987be84491b4a5978b26acbed9391ea7c623d892114892314809e560ccd8db3aa7c73a76761c6dfdc9970766418eda2ccf5d82d7c8c87d17c98658d22e1d43bebb72e5c2fa70d38b4813cc365664cb7e012c1c205945a44468d9015bc778365581b64aa8389d29b1253027c339f0db50c4fa4041b182610323e003c49ea719ba9d58bcc8cd25e0cb04b9ef477e86532dd49ce5aab7de426ea03608b467e5d895ef62414d18e48c7eef62075092710067aa35ab7da79c77a0eecf6f3406b0ac94bde7ea8963f1ed4bdc05c48bade64adbbe3f942607a58424de03c781dc5f6985867d3c8905ef675f7f2bef4bc52abc6e523484afb4882dc8e6a0a79dc11903d89226d4fd9a1a2e6d15433c2f77b7176b727c3d2980b1b616dd39c3520cedf4a0b72c67baa0de3103d894baa8631e24020c157d21a2473f5ee187ae698bfebcb2b4df6e21edbc3d95b5ec709756e1cd6a1c3d83fca1c44ef66deea1a492bb6123f6a04f0e0ee33c7bacaf76ce453d7c80c8351c03c0b59a97c1f0b0ab1a7af7013c47fe37c48fa76406b0af549dd02ce5beb25769c0084rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootnss-3.79.0-5.el7_9.src.rpmnss-pkcs11-develnss-pkcs11-devel(x86-32)nss-pkcs11-devel-static     nss-develnss-softokn-freebl-develrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.79.0-5.el7_93.67.03.0.4-14.6.0-14.0-15.2-14.11.3dxb?by@bb@a@@a@`@``Ȗ@`@`?z@`3`.V`@_%Y@_"@_*@]B]@]]S\\\P\@\g\-@\\7\C@\@\@\\|\s[k@[Z؄Z3@ZЛZ2@ZkZw@Z\ZOhZN@Z Y@Y|YB@Y@Y@Y@Y@YJYg`Y1S@Y i@Y i@Y @Y.Y@YXX~@X•@XO@XO@XBX@XX@XWu WrfWc@Wc@WBWo@Wo@Wo@WW WW@Vn@V@V>@V`VpV'~@U6@U6@UAU@UUUݪ@UUȒ@UU@U'U3@UUx&Ux&Uq@U?v@U8U0U-@U'@U:TTq@TTto@Td@T)IS@S@Sہ@S@SnS@RJ@RRUR۾@R۾@R@R@Rx@RΏ@RkR@R;RiR@Rz/@Rv:Rt@RrF@Ro@Ro@RnQRe@RW@RSR@QQQ@QKQ@QQW@Q'@Qq1QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.79.0-5Bob Relyea - 3.79.0-4Bob Relyea - 3.79.0-3Bob Relyea - 3.79.0-2Bob Relyea - 3.79.0-1Bob Relyea - 3.67.0-4Bob Relyea - 3.67.0-3Bob Relyea - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-7Bob Relyea - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Bob Relyea - 3.44.0-8Bob Relyea - 3.44.0-7Bob Relyea - 3.44.0-6Bob Relyea - 3.44.0-5Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Daiki Ueno - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.43.0-9Daiki Ueno - 3.43.0-8Daiki Ueno - 3.43.0-7Daiki Ueno - 3.43.0-6Daiki Ueno - 3.43.0-5Bob Relyea - 3.43.0-4Daiki Ueno - 3.43.0-3Bob Relyea - 3.43.0-2Daiki Ueno - 3.43.0-1Bob Relyea - 3.36.0-8.1Bob Relyea - 3.36.0-8Daiki Ueno - 3.36.0-7Daiki Ueno - 3.36.0-6Daiki Ueno - 3.36.0-5Daiki Ueno - 3.36.0-4Daiki Ueno - 3.36.0-3Daiki Ueno - 3.36.0-2Daiki Ueno - 3.36.0-1Daiki Ueno - 3.34.0-4Daiki Ueno - 3.34.0-3Daiki Ueno - 3.34.0-2Daiki Ueno - 3.34.0-1Daiki Ueno - 3.34.0-0.1.beta1Daiki Ueno - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.33.0-1Daiki Ueno - 3.28.4-14Daiki Ueno - 3.28.4-13Daiki Ueno - 3.28.4-12Daiki Ueno - 3.28.4-11Daiki Ueno - 3.28.4-10Daiki Ueno - 3.28.4-9Kai Engert - 3.28.4-8Daiki Ueno - 3.28.4-7Daiki Ueno - 3.28.4-6Daiki Ueno - 3.28.4-5Daiki Ueno - 3.28.4-4Daiki Ueno - 3.28.4-3Daiki Ueno - 3.28.4-2Daiki Ueno - 3.28.3-5Daiki Ueno - 3.28.3-4Daiki Ueno - 3.28.3-3Daiki Ueno - 3.28.3-2Daiki Ueno - 3.28.2-3Daiki Ueno - 3.28.2-2Daiki Ueno - 3.28.2-1.1Daiki Ueno - 3.28.2-1.0Daiki Ueno - 3.21.3-1Kai Engert - 3.21.0-17Kai Engert - 3.21.0-16Kai Engert - 3.21.0-15Kai Engert - 3.21.0-14Elio Maldonado - 3.21.0-13Elio Maldonado - 3.21.0-12Elio Maldonado - 3.21.0-11Elio Maldonado - 3.21.0-10Kai Engert - 3.21.0-9Kai Engert - 3.21.0-8Elio Maldonado - 3.21.0-7Kai Engert - 3.21.0-6Kai Engert - 3.21.0-5Elio Maldonado - 3.21.0-2Elio Maldonado - 3.21.0-1Elio Maldonado - 3.19.1-19Kai Engert - 3.19.1-18Elio Maldonado - 3.19.1-17Elio Maldonado - 3.19.1-16Elio Maldonado - 3.19.1-15Elio Maldonado - 3.19.1-14Elio Maldonado - 3.19.1-13Elio Maldonado - 3.19.1-12Elio Maldonado - 3.19.1-11Elio Maldonado - 3.19.1-10Elio Maldonado - 3.19.1-9Elio Maldonado - 3.19.1-8Elio Maldonado - 3.19.1-7Elio Maldonado - 3.19.1-6Kai Engert - 3.19.1-5Elio Maldonado - 3.19.1-4Elio Maldonado - 3.19.1-3Elio Maldonado - 3.19.1-2Elio Maldonado - 3.19.1-1Kai Engert - 3.18.0-6Kai Engert - 3.18.0-5Elio Maldonado - 3.18.0-4Elio Maldonado - 3.18.0-3Elio Maldonado - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.16.2.3-5Elio Maldonado - 3.16.2.3-4Elio Maldonado - 3.16.2.3-3Elio Maldonado - 3.16.2.3-2Elio Maldonado - 3.16.2-10Elio Maldonado - 3.16.2-9Elio Maldonado - 3.16.2-4Elio Maldonado 3.16.2-3Elio Maldonado - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.15.4-6Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Daniel Mach - 3.15.4-2Elio Maldonado - 3.15.3-9Elio Maldonado - 3.15.3-8Elio Maldonado - 3.15.3-7Elio Maldonado - 3.15.3-6Elio Maldonado - 3.15.3-5Elio Maldonado - 3.15.3-4Daniel Mach - 3.15.3-3Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-10Elio Maldonado - 3.15.2-9Elio Maldonado - 3.15.2-8Elio Maldonado - 3.15.2-7Elio Maldonado - 3.15.2-6Elio Maldonado - 3.15.2-5Elio Maldonado - 3.15.2-4Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15-6Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.14.3-13.0Kai Engert - 3.14.3-12.0Kai Engert - 3.14.3-11Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- fix CVE-2023-0767- fix regression for pkcs12.- fix crash in curl. better fix for the regression below- fix regressions found in test suite- Rebase to NSS 3.79 - Set FIPS Module ID- fix CVE-2021-43527- revert sql default language in man pages - fix SEC_PKCS12EnableCipher so python-nss tests will still work.- fix sdb timeout issue - fix incorrect ssl alerts in Signature scheme processing- Rebase to NSS 3.67- restore pkcs12 defaults- Rebase to NSS 3.66- Fix HSM load failure because of CKO_Profile - Allow builds with strict-proto- Update to CVE 2020-256423 TLS flood DOS attack patch.- Fix CVE 2020-256423 TLS flood DOS Attack.- Fix deadlock issue - Fix 3 FTBS issues, 2 expired certs, one semantic change in nss-softokn.- Disable dh timing test because it's unreliable on s390 (from Bob Relyea) - Explicitly enable upgradedb/sharedb test cycles- Disable TLS 1.3 by default- Rebase to NSS 3.53.1- Increase timeout on ssl_gtest so that slow platforms can complete when running on a busy system.- back out out-of-bounds patch (patch for nss-softokn). - Fix segfault on empty or malformed ecdh keys (#1777712)- Fix out-of-bounds write in NSC_EncryptUpdate (#1775911,#1775910)- Fix pkix name constraints processing to only process the common name if the certusage you are checking is IPSEC or SSL Server.- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set- Skip sysinit gtests properly - Fix shell syntax error in tests/ssl/ssl.sh - Regenerate manual pages- Rebase to NSS 3.44 - Restore fix-min-library-version-in-SSLVersionRange.patch to keep SSL3 supported in the code level while it is disabled by policy - Skip TLS 1.3 tests under FIPS mode- Ignore system policy when running %check- Fix policy string- Don't override date in man-pages - Revert the change to use XDG basedirs (mozilla#818686) - Enable SSL2 compatible ClientHello by default - Disable SSL3 and RC4 by default- Make "-V ssl3:" option work with tools- Fix regression in MD5 disablement- add certutil documentation- Restore complete removal of SSLv2 - Disable SSLv3 - Move signtool to unsupported directory- Expand IPSEC usage to include ssl and email certs. Remove special processing of the usage based on the critical flag- Rebase to NSS 3.43- move key on unwrap failure and retry.- Update the cert verify code to allow a new ipsec usage and follow RFC 4945- Backport upstream fix for CVE-2018-12384 - Remove nss-lockcert-api-change.patch, which turned out to be a mistake (the symbol was not exported from libnss)- Exercise SSL tests which only run under non-FIPS setting- Restore CERT_LockCertTrust and CERT_UnlockCertTrust back in cert.h- Work around modutil -changepw error if the old and new passwords are both empty in FIPS mode- Decrease the iteration count of PKCS#12 for compatibility with Windows - Fix deadlock when a token is re-inserted while a client process is running- Set NSS_FORCE_FIPS=1 in %build - Revert the changes to tests assuming the default DB type- Rebase to NSS 3.36- Re-enable nss-is-token-present-race.patch- Temporarily disable nss-is-token-present-race.patch- Backport necessary changes from 3.35- Rebase to NSS 3.34- Rebase to NSS 3.34.BETA1- Disable TLS 1.3- Enable TLS 1.3- Rebase to NSS 3.33 - Disable TLS 1.3, temporarily disable failing gtests (Skip13Variants) - Temporarily disable race.patch and nss-3.16-token-init-race.patch, which causes a deadlock in newly added test cases - Remove upstreamed patches: moz-1320932.patch, nss-tstclnt-optspec.patch, nss-1334976-1336487-1345083-ca-2.14.patch, nss-alert-handler.patch, nss-tools-sha256-default.patch, nss-is-token-present-race.patch, nss-pk12util.patch, nss-ssl3gthr.patch, and nss-transcript.patch- Add backward compatibility to pk12util regarding faulty PBES2 AES encryption- Update iquote.patch to prefer nss.h from the source- Add backward compatibility to pk12util regarding password encoding- Backport patch to simplify transcript calculation for CertificateVerify - Enable TLS 1.3 and RSA-PSS - Disable some upstream tests failing due to downstream ciphersuites changes- Work around yum crash due to new NSPR symbol being used in nss-sysinit, patch by Kai Engert- Fix typo in nss-sni-c-v-fix.patch- Include CKBI 2.14 and updated CA constraints from NSS 3.28.5- Update nss-pk12util.patch to include fix from mozbz#1353724.- Update nss-alert-handler.patch with the upstream fix from mozbz#1360207.- Fix zero-length record treatment for stream ciphers and SSLv2- Correctly set policy file location when building- Reorder ChaCha20-Poly1305 cipher suites, as suggested in: https://bugzilla.redhat.com/show_bug.cgi?id=1373158#c9- Rebase to NSS 3.28.4 - Update nss-pk12util.patch with backport of mozbz#1353325- Switch default hash algorithm used by tools from SHA-1 to SHA-256 - Avoid race condition in nssSlot_IsTokenPresent() - Enable SHA-2 and AES in pk12util - Disable RSA-PSS for now- Utilize CKA_NSS_MOZILLA_CA_POLICY attribute, patch by Kai Engert - Backport changes adding SSL alert callbacks from upstream - Add nss-check-policy-file.patch from Fedora - Install policy config in /etc/pki/nss-legacy/nss-rhel7.config- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka - Enable new algorithms supported by the new nss-softokn- Rebase to NSS 3.28.3 - Bump required version of nss-softokn- Remove %nss_cycles setting, which was also mistakenly added - Re-enable BUILD_OPT, mistakenly disabled in the previous build - Prevent ABI incompatibilty of SECKEYECPublicKey - Disable TLS_ECDHE_{RSA,ECDSA}_WITH_AES_128_CBC_SHA256 by default - Enable 4 AES_256_GCM_SHA384 ciphersuites, enabled by the downstream patch in the previous release - Fix crash with tstclnt -W - Always enable gtests for supported features - Add patch to fix bash syntax error in tests/ssl.sh - Build with support for SSLKEYLOGFILE - Disable the use of RSA-PSS with SSL/TLS- Decouple nss-pem from the nss package - Resolves: #1316546- Remove mistakenly added R: nss-pem- Rebase to NSS 3.28.2 - Remove NSS_ENABLE_ECC and NSS_ECC_MORE_THAN_SUITE_B setting, which is no-op now - Enable gtests when requested - Remove nss-646045.patch and fix-nss-test-filtering.patch, which are not necessary - Remove sslauth-no-v2.patch and nss-sslstress-txt-ssl3-lower-value-in-range.patch, as SSLv2 is already disabled in upstream - Remove ssl-server-min-key-sizes.patch, as we decided to support DH key size greater than 1023 bits - Remove local patches for SHA384 cipher suites (now supported in upstream): dhe-sha384-dss-support.patch, client_auth_for_sha384_prf_support.patch, nss-fix-client-auth-init-hashes.patch, nss-map-oid-to-hashalg.patch, nss-enable-384-cipher-tests.patch, nss-fix-signature-and-hash.patch, fix-allowed-sig-alg.patch, tests-extra.patch - Remove upstreamed patches: rh1238290.patch, fix-reuse-of-session-cache-entry.patch, flexible-certverify.patch, call-restartmodules-in-nssinit.patch- Rebase to NSS 3.21.3 - Resolves: #1383887- remove additional false duplicates from sha384 downstream patches- enable ssl_gtests (without extended master secret tests), Bug 1298692 - call SECMOD_RestartModules in nss_Init, Bug 1317691- escape all percent characters in all changelog comments- Support TLS 1.2 certificate_verify hashes other than PRF, backported fix from NSS 3.25 (upstream bug 1179338).- Fix reuse of session cache entry - Resolves: Bug 1241172 - Certificate verification fails with multiple https urls- Fix a flaw in %check for nss not building on arm - Resolves: Bug 1200856- Cleanup: Remove unnecessary %posttrans script from nss.spec - Resolves: Bug 1174201- Merge fixes from the rhel-7.2 branch - Fix a bogus %changelog entry - Resolves: Bug 1297941- Rebuild to require the latest nss-util build and nss-softokn build.- Update the minimum nss-softokn build required at runtime.- Delete duplicates from one table- Fix missing support for sha384/dsa in certificate_request- Merge fixes from the rhel-7.2 branch - Fix the SigAlgs sent in certificate_request - Ensure all ssl.sh tests are executed - Update sslauth test patch to run additional tests- Fix sha384 support and testing patches- Rebase to NSS-3.21- Prevent TLS 1.2 Transcript Collision attacks against MD5 in key exchange protocol - Fix a mockbuild reported bad %if condition when using the __isa_bits macro instead of list of 64-bit architectures - Change the test to %if 0%{__isa_bits} == 64 as required for building the srpm which is noarch - Resolves: Bug 1289884- Rebuild against updated NSPR- Change the required_softokn_build_version back to -13 - Ensure we use nss-softokn-3.16.2.3-13.el7_1- Fix check for public key size of DSA certificates - Use size of prime P not the size of dsa.publicValue- Reorder the cipher suites and enable two more by default- Update the required_softokn_build_version to -14 - Add references to bugs filed upstream for new patches - Merge ocsp stapling and sslauth sni tests patches into one- Reorder the cipher suites and enable two more by default - Fix some of the ssauth sni and ocsp stapling tests- Support TLS > 1.0 by support while still allowing to connect to SSL3 only servers - Enable ECDSA cipher suites by default, a subset of the ones requested- Support TLS > 1.0 by support while still allowing to connect to SSL3 only servers- Fix to correctly report integrity mechanism for TLS_RSA_WITH_AES_256_GCM_SHA384- Fix checks to skip ssl2/export cipher suites tests to not skip needed tests - Fix libssl ssl2/export disabling patch to handle NULL cipher cases - Enable additional cipher suites by default- Add links to filed upstream bugs to better track patches in spec file- Package listsuites as part of the unsupported tools- Bump the release tag- Incremental patches to fix SSL/TLS test suite execution, fix the earlier SHA384 patch, and inform clients to use SHA384 with certificate_verify if required by NSS.- Add support for sha384 tls cipher suites - Add support for server-side hde key exchange - Add support for DSS+SHA256 ciphersuites- Reenable a patch that had been mistakenly disabled- Build against nss-softokn-3.16.2.3-9- Rebase to nss-3.19.1 - Resolves: Bug 1228913 - Rebase to nss-3.19.1 for CVE-2015-4000 [RHEL-7.1]- Backport mozbz#1155922 to support SHA512 signatures with TLS 1.2- Update to CKBI 2.4 from NSS 3.18.1 (the only change in NSS 3.18.1)- Update and reeneable nss-646045.patch on account of the rebase - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Fix shell syntax error on nss/tests/all.sh - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Replace expired PayPal test certificate that breaks the build - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Reverse the sense of a test in patch to fix pk12util segfault - Resolves: Bug 1174527 - Segfault in pk12util when using -l option with certain .p12 files- Fix race condition - Resolves: Bug 1094468 - 389-ds-base server reported crash in stan_GetCERTCertificate - under the replication replay failure condition- Resolves: Bug 1174527 - Segfault in pk12util when using -l option with certain .p12 files- Restore patch for certutil man page - supply missing options descriptions - Resolves: Bug 1158161 - Upgrade to NSS 3.16.2.3 for Firefox 31.3- Resolves: Bug 1158161 - Upgrade to NSS 3.16.2.3 for Firefox 31.3 - Support TLS_FALLBACK_SCSV in tstclnt and ssltap- Resolves: Bug 1145434 - CVE-2014-1568 - Using a release number higher than on rhel-7.0 branch- Fix crash in stan_GetCERTCertificate - Resolves: Bug 1094468- Generic 32/64 bit platform detection (fix ppc64le build) - Resolves: Bug 1125619 - nss fails to build on arch: ppc64le (missing dependencies) - Fix contributed by Peter Robinson - Fix libssl and test patches that disable ssl2 support - Resolves: Bug 1123435 - Replace expired PayPal test certificate with current one- Rebase to nss-3.16.2 - Resolves: Bug 1103252 - Rebase RHEL 7.1 to at least NSS 3.16.1 (FF 31) - Fix test failure detection in the %check section - Move removal of unwanted source directories to the end of the %prep section - Update various patches on account of the rebase - Remove unused patches rendered obsolete by the rebase- Disallow disabling the internal module - Resolves: Bug 1056036 - nss segfaults with opencryptoki module- Pick up a fix from rhel-6 and fix an rpm conflict - Don't hold issuer cert handles in crl cache - Resolves: Bug 1034409 - deadlock in trust domain and object lock - Move nss shared db files to the main package - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Update pem sources to latest from nss-pem upstream - Pick up pem module fixes verified on RHEL and applied upstream - Remove no loger needed pem patches on acccount on this update - Add comments documenting the iquote.patch - Resolves: Bug 1054457 - CVE-2013-1740- Remove spurious man5 wildcard entry as all manpages are listed by name - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Mass rebuild 2014-01-24- Rebase to nss-3.15.4 - Resolves: Bug 1054457 - CVE-2013-1740 nss: false start PR_Recv information disclosure security issue - Remove no longer needed patches for manpages that were applied upstream - Remove no longer needed patch to disable ocsp stapling tests - Update iquote.patch on account of upstream changes - Update and rename patch to pem/rsawrapr.c on account of upstream changes - Use the pristine upstream sources for nss without repackaging - Avoid unneeded manual step which may introduce errors- Fix the spec file to apply the nss ecc list patch for bug 752980 - Resolves: Bug 752980 - Support ECDSA algorithm in the nss package via puggable ecc- Move several nss-sysinit manpages tar archives to the %files - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Fix a coverity scan compile time warning for the pem module - Resolves: Bug 1002271 - NSS pem module should not require unique base file names- Resolves: Bug 1002271 - NSS pem module should not require unique base file names- Improve pluggable ECC support for ECDSA - Resolves: Bug 752980 - [7.0 FEAT] Support ECDSA algorithm in the nss package- Mass rebuild 2013-12-27- Revoke trust in one mis-issued anssi certificate - Resolves: Bug 1040284 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) [rhel-7.0]- Update to NSS_3_15_3_RTM - Resolves: Bug 1031463 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741- Fix path to script and remove -- from some options in nss-sysinit man page - Resolves: rhbz#982723 - man page of nss-sysinit worong path and other flaws- Fix certutil man page options names to be consistent with help - Resolves: rhbz#948495 - man page scan results for nss - Remove incorrect count argument in status description in nss-sysinit man page - Resolves: rhbz#982723 - man page of nss-sysinit incorrect option descriptions- Fix patch for disabling ssl2 in ssl to correctly set error code - Fix syntax error reported in the build.log even tough it succeeds - Add patch top ignore setpolicy result - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites - Resolves: rhbz#1026677 - Attempt to run ipa-client-install fails- Fix bash syntax error in patch for disabling ssl2 tests - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Fix errors in ssl disabling patches for both library and tests - Add s390x to the multilib_arches definition used for alt_ckbi - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Fix errors in nss-sysinit manpage options descriptions - Resolves: rhbz#982723- Enable fips when system is in fips mode - Resolves: rhbz#852023 - FIPS mode detection does not work- Remove unused and obsoleted patches - Related: rhbz#1012656- Add description of the certutil's --email option to it's manpage - Resolves: rhbz#Bug 948495 - Man page scan results for nss- Rebase to nss-3.15.2 - Resolves: rhbz#1012656 - pick up NSS 3.15.2 to fix CVE-2013-1739 and disable MD5 in OCSP/CRL- Install symlink to nss-sysinit.sh without the .sh suffix - Resolves: rhbz#982723 - nss-sysinit man page has wrong path for the script- Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Add upstream bug URL for a patch subitted upstream and remove obsolete script- Update to NSS_3_15_1_RTM - Apply various fixes to the man pages and add new ones - Enable the iquote.patch to access newly introduced types - Add man page for pkcs11.txt configuration file and cert and key databases - Add missing option descriptions for {cert|cms|crl}util - Resolves: rhbz#948495 - Man page scan results for nss - Resolves: rhbz#982723 - Fix path to script in man page for nss-sysinit- Use the unstripped source tar ball- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Reactivate nss-ssl-cbc-random-iv-off-by-default.patch- Add upstream patch to fix rhbz#872761- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build 3.79.0-5.el7_93.79.0-5.el7_93.79.0-5.el7_9nssbase.hnssbaset.hnssckepv.hnssckft.hnssckfw.hnssckfwc.hnssckfwt.hnssckg.hnssckmdt.hnssckt.hnssck.apilibnssb.alibnssckfw.a/usr/include/nss3//usr/include/nss3/templates//usr/lib/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m32 -march=x86-64 -mtune=generic -mfpmath=sse -fasynchronous-unwind-tablescpioxz9i686-redhat-linux-gnuC source, ASCII textcurrent ar archive?7zXZ !X?1] crv(vX0߿*VOVFmZ_@ܺ zAna-xr:4pP*"4?T#Ak1ЙU3ݽUK0[?<wzMbM9\>XֈUVN*z{[w{yl]u|5`dܑ<6Xec(P[1u@{ہj6y.rD=(naN+~_hMsoXFx5J%! mQQ(sƎTA_&:J}yS{t hg#^qvZ jL@aRG eU4.{ 72]djoRą ?9os|{8fi밆C9pb*Ԣ|PaӉ#jrr^pƥ0q'{wiALLAbaчo=@]Ee7$-wc |,lHnS;4h27Rt$l>'c9F--oגn!,XYSnV29Xg/@á5cgDE:B? w,l7- DQqQj@1cpV)MDTGla^]wj8N\MS"h%sP l QCJayVK]y3_mx*2OƖB Z;Kqtؠb>rPÓ!A3u$V6; i%LL{<32e)5H׈Dz6s|i}-i.3bJUȽ,?Ş*sأ&G=R:Q4L;~'W*0T-z+E_EiCF$_L1AżVPH=n7#ۂ rX!&>% w.Nv9| g;kx6\6g+Ȃ{fq*%/Jn.8["!EWW$)X*i=0%ΟH_^׉]]a5 b @@Cs))ؙT'ćfxzRFhɶu<¬׆lW5L9<[2)Gu<ן-z:\UyS 8N%:o:ON~mQ'&~"ڃFd٥E"}f]AYd6ݦd 1Pݗ~jdܙV.C:a7b-*h^Ȓ![5 PD8M~Y& Tge-, YT`< 1oD= Чץ޶ݬ LF3̦W 3 ? /` Elܟ5xNJc8RFHDQL~r9/q) (j*%sz/)xܝ8љwV'ip.֖gA?b (2GJ4P!4 eGN;'~k[1Ϝpbp u+Z#)\܊MZܺQ^lp VZ !P3bh>pQâH=O46q '3=y2`5O nukYᝒvgFTd@1 ׎[7{rNA $:t#[Ks)?]g K$V2Iyۤ{ޅaK/s[KLtzGnrY hC9/}T~MaIWd-nu\¨SVʧA06wЏt;hNi.;UǺDZئ.AbixoB"oLK^nTiR&9GDchpW,ӗ#Ȕ\%1qٰ*7(G H#xbCVcB\qޤ۵M#V$I\DҥE 5 pvJ<|چB2C8ǢO.]%Λ*q,<%9HUh4]T[h9whn T#"4vJ3b|2 6Gqn+P5>=eDN*S:9AS̿ ͙E9]l\E n3e%ani`68-s;{櫯BV`тOp&8U7.s+*:F >sܥ\ d*o^wV΢q kl+نt}*MuT?8ϛhesdh|cŘM6J٫=,B~p\!o=5Iˈ+ߤ HnGv%PB ̒ v@A|&ER PTEN_$>؇'KMMZBld%^w|R+hoQ9Tt~-@\P0Ԇ7wj_y[9Nâr>lKQfb2TO]b a oW oC~ 0-EĈv&k <q]/F~Gd]ssL+/a^zsu L?:qag%ۿQN$+FYC;d xnv"KϒU-.uX[}Thמ lF8u'$<.*X V.Ys3pMhsOGe)ȅyh}0*%[b쏊ԥEҝ7bh|rt|v rhi8{Ygix4>/ KPr.Aq<]μ fNj +. /Lr v1dVCh׹򡗋CM1%) _@^Ppf["]> |"# ذiwJJW55fۀDGfb/U)Qqcܵ D0Zsp |,"!XO[{DqgMjj_U-eݺ"jWN0 ~Z<_ o~v!Ƃ:Eh~!PZ H:Wy>iy;լ*^ ;8~L\ Y{lcNGaԂj $<…l(R7vj8_BaԻ|7?`k<k=Isֵd)93 dIfeѨo)aQ2 M'yDR&Μ%^E_ v<}yA5*IUV>wyN$g.rH1V.Q䰇hxd^{sC#%qEmP)O){Kv{uW% /gQPºP ~$$oF, v7<ԕ.U4J#K >S-2;ldy׺_2cV-02DCʬvԷr_~p"!GۇVǃIP&S;Ď.Ή gI 1~?jPrc"c5_u|Be>W?yfmQE)M@L-'i=ixT6cfV[.`-v>J}ʢ ,^܇ Tui 5gb;$B.YiU,Қ|&^3=!K&,}f8./`9ɨes,,P2LOdUηyM Ez[elM`У1b*3@e#-G\qD.r~k%FLqiٛvg7%DR⇛-7r[!$˶="u#+XV! 8!rMI`]] *yn!Vf~A'mI刑x8JNҤUD]=vUNLٕB NT?5/3SSROp^(Izi~H (p hJ!)gv~tH*E(>^=b HB„.t>A;,ӽ=_ʤdYFĵ?#dJ' 8ӄ5MaSSrJ^9.bM` @b򏪁 =fu1Oq#$1iF$_u=!Ȑfq0۱ tJ0 GFB;r]@TҝQ=mj³Iq= (h]`/ZxC)Nr4-bb D{z74SE q,v/@yg1f;**7"|Yklc@ vgZƣ&V@ ' +^- ba:SrlqHlSҩ0zǮ8[sa׎Nncǎ&U"iqKBK|~X&l~b{rɩY?3PoE*]CE P }"Q$'אJ: 9[wr"u[?I,dd,^l8@Mp_=F"c/[&~):ҩ0 +a|->g͠oh$vw#ecKSjRNOXUE2iġؠ${Gy%ӷ޻Z)KvIjX6pG1ӗ2TmrtV=LV_wgHK3==|-PN2^6$,X|ӬEW_8_ -@bG<{ h tb"qɁ~ 7_޺1 ξR Ni2Wxp8e BF@B=4 DDۛlfçnʛUK;n|r*ڮSJøwwPfuĹ(x)UHkOԘ L 25 1 ѓ0/&-=_,)$<w4G.SvAJٔBSWurŕ) S/J޼QA(].n jAH}ojԥM,pFǬCBunBQ>:pɁJnpP 5w뢢PCL6{-&%){M'=WقE4'Ʋ̈k[qIE1sien uFYdy81|k$eSf-C PG Ǹw $.V;4߻mMuIpc7qtUfXM: ܎Y}@-ꏆfЋUJm7ۋ~>tfSe$9ۇ :QC5X_Dhl8=}Lmco2MIN;;t۳05#/0MRa4t3@?C:yQyﶅU$},1/џq oNMRg)y+n(Dymx.zuJB3bF.UQ`HC`QLkpRt.7ڏsh1N:E^[La[ ExK3K ;8p9Q\V{|r:(cG|D=a0gYoÄYvjǗǸvw #ܧv+Hv%YG{%6\ҼW:ec(ߙVt~Xgȉ2eDtwh&݉Ap"gc2ln'asW[os)H&(\ [sfta;4oN5.$\C=v,I9q)_}s'hE(ܶ{B6+MtuxKݍWGb_ 8؛ُ݂|c&tJefdbl<*璐7GvV}mj=/8%^=&]i债"(X`/ ] K?EM8q`6hm~N&IVh NPWpf,~1UG Ǯc=Qy'tΰ!mZSUz^NKMLd+ʨ.< =ވcǷJƅxB7 CvGv"GՈթۡ x8@~U7Lbl\EP[#l:sʳi_U0Ģw~! ^% 4s$LH~i,,›0EGn+4p}&ߞ+?9J~+#}HY dNT>Tswed>~(y.ͺ Ucsq#moǃzz8.FFS X(2NLܛa~= 1僒.3vL/s=Vba;2],2kE[e<6E0X*uZYJ,\!M^z]-մvsRV(`;OfxjUeIngdHZ-1_;+iMreGV#~׽dWGY2x y"wD]oyAat)8&N - |H-rW}ł(D4֔I͡n|8FA+eE}V^I]K}(Tw#MuђC;aM1'|گz irq?5:qƓ#k$٢!b˫ LĻ&=:chC E,h%g!J?WHsSuT7Uhݞb;*fvtr*Pd">vp3"uϥ,Gd98h]|ae yB㡍F<{K Y2uS_Տ5'&f?#Aph_4|bT$V*"쇙( VO{|.IuȾ6Dk~/!ml"D1$ZĴ3CE.8 ·Ats}?iDA) BCRsF6يgMf v*fgϗl>nm7AYCyZ;6R TuN j~#(<׶EQuJ6z-w. ۏ<\Tπj<{@\WĠwdKjSL<<. R4k`$57o`y-.*V[/~w/0";k$Zip076n;4&R8m^7*-cGv{Ig.Y[Qsܙu#X+YWKMMBE(r oSlgtЌ4oD=ln6oƻh^,TȎP%q! .\2y?Cc >m.'\":ڈVp[PPV'uVr'R}r:6^A]}$xO~kh~`;Ս1;5/)|BjtkgşJؚE;<"ŋ'%QQ7vx}[[C_,LDTdʰ"k/.'.7{ϫ. KC7񸜁1m&EHTs*ډ̧:J^x[lnL((ɛ<@w(Eش=Um@`d@%ql3wVc$hgRK+1Z<5W,]SC( 8O %3hOSLD]wplL.#" x>4"Y fAA{lk}Ũ#Ev V˽ӠT7Fdp㶑G1͌*ڸ_tQٳ4(~{7Q^x[mh1c Sɛ]AuNJ%ZJ1tc d`JK ue{C,u%"z)-vkgby@Ýwlչ%N *Joxp,95x\fF&1ӯ.y Y% :kP_c3(Rzi/D`UAuf%cTp6MB6 SGAL.E4m}6z?Ծg yw睑aVݸ"o<^a8@Z*6Kn,>C, Auu{(_$'js1up2Ҷ<={'*!. 9n!SQ =p2Jk5HktHnQ? 0B%̚؟R#m$LՎ-YRyM?&;%k2یS$/ c ERvCٌx*0< Sr˓]2[ WH\撧j5\XgȊG!/39nhbBL?װ67=7ܵ|G7U@" s#Nuզ'{Hofc+-Rͮ(ٯ203#"koá)&1Dx2~/rnڰJ]+w}9lV)w=DRCCRx^ #yΪ+Cf$WR[O=#!.efl @\F=PDpLi~ I4~eJs b=~g5\14o{q&ie%{geS~7W=R]P;A[Um ZN@ 3#ht" Lb8BltȘmt5v ߾zTڧW2>V5,a'pqDv=ʓ9UG`97w(k,jnkݮ_Zj!H Q,Q_}Iy b&~_XyQ\EW*6޽q(% k ~HD@h)䨈 h=`DcW"!P񞷑ϓvm_U${me ;$,ähi{TJqN-j?\#H\Dy]mo~ e+ȴoȷKrsdqd^+7]:{f~,z*3в+l.$6_4 ~RBɎ8K*ד\c:z5tnlAhs>+Ag@D~ M,gs+շg"N41IʾlDxAWcƖ?s+fR2uPXx =<ѱ`nu#vZ0Eeڜ(#,=ݕ!*߱$3@y}6yh]"m5CJ 5GdAp^H:vs. ,Fo2/^'V]H@/"Bk8&p+' FF 0 )A#+7WG%P\ 5?u\4NY0 U>na/iSjP$˻Bo8v J~WwQߍr&$ yDNT Dz{y90v%V㿅uC 4sMK|/!V$TA_NoyB9esU[{U!vh]p@U@*񟗇 kCLucYCdͼ?-Pj1YcIӆśSZjJrx|@ 9/ͫ kω˲s/>{O`/7_gw48G_a=˄B0$|9(kmTyg-n1+їj? xDЍ reܗt#}j|eeׂ5ćt2a(8V5-2 LXU) S?!c}0ڔ a׮z0f:JXMW.=8D9`o y#R( ťܳcq5HzU8D! =yAZ a satI4JA@u]|dmCߊ!4>E4\e5+H>:y\a4BMJ`׆") $)1=),KM8y# 2jz%R?8RDi^'ǷU gW1I Ă,}r9iZU?m+٤ 'DQ(cK匐Cc3CI| -1q"CmܜKόʦ1ق~:V0(hBҙDRF.=]1v @;%t70vDdV{ N@ʯC:gD!@iZ"cSm$?kKʱlklt3&V %)YЍ;^&r0-ܽg U[9R=D1i y /U+敎@%*"ŠHM \g(,(/; &TV&JѴ$F*VUYc־4$< Š}E۪Q'P\ dI 8IWHɄV'in ]G^4UNVȮ=' Ӳ8^ϛnS AO6zبb@>yP6|p'U> XhK7>rf.HrGF('Ms#IjCg;ny@kS(@4Hn.lu6QאaQ 6N.UH@ż2dJ6!(o) s!RT'8hpA Wk`jt߾&Ʀ eHN1 9~i%`+_dmՊk|цT&uyL&iя4؊kM$Sxr|13S蘨=$|`Vۇ_ P0Jdc L/r'9 lX˓YLkVOL5΋)/?cMti]:Umh,>fx5!.qEAǩ>ZKWGL_(şFOU)g%y+IMؿdZ'l(1smّfqLt/AmE hIϻ]<% OJ}|uDit6$˄WAEC=cSOϺ[A¹޲ ߬ncGpI04$%"#r:>\OÖQw5VYldMll=PmD6( }ȟF}YoVXH~}1;V(K/e\cz)wϸO 7! /FiF0s< UHiN fvUr7T;\hS%"vzXtS^QC{3c/#E!N&4"CKkDhO$cLpa QһR2m`"ɻ_2b]75 A UQjb`RLSOw ^HߡsrvebcƒL[윲Nyv\#M8Rj i+N9YFڠPC:98ee.ߨoE;s1%6@wqҸ)] ﹶ VW ('Aq  wQkX `sFI$- ]bnp+N7?o Ƞ+:p'Q{xz g.#7;9q{!+GP9Ү@!oƈ؅36&@ :{["68P 'u{<*@Rl5)_3\kF T[(@&5o*2莹ԅU@24[ίt쇪@دh1jw>dQ:&u_% >V}]$G ]>`x׍oPrgÈ\}՜&Θ"U$;k@v{7twȍ3> bFmδ̢e>'fha>mlf܄%}i(`frK72LUGxp3!>s(5usB Im0R}Jw7 2BnfH 7D$I=B*Mnr @^_*;yDyqLAl"Fk7044)h״6,: -3`,<{7Gh6:dl _H%*yN[b^˶ESEg=TYsȎAjv&uJߎ{qô 4H+N1'6)J{_%e{tB|:^򊚎9 Q8ȑjeJ勷|!%8$1 {H]0J0jC O-Ϻ~\5ZA֋Rj``c0g✱;;Q\7]X(o{!Ppa ^ 'Of hiP<7rfʧcڲ@I. Їrd5N] A;|gz]-/c#6[^مC=iKN1EjG"\ݵSuTBzqEqn}PgFdJ <"H5ogMTX9-J}2F{tM|H!-Ai&U;D 8l@|&m4= *Ѝ!Hg!{~v\$b_2Cm~M>ء򎕳DkH2qgQϳ> 3mX)#(d0hOI<dU \}_LNa?bڷvUg2eN@ym NSLTZOch,W?Ql98P@a$`|rwn-" ++r\O%W5td!~" 5rfWSO>.e;{t)PtI^7ޙ*w] rFLw8až9 ^@,^7f/Iml8cu8;]X ?Y@ۣx 35WeTjWW'gX@ j) ="]iU,_Mrz3ֆu|۝Ŕj\*׵ЧAi 9ۢLo) 6r3y3.Z"/lDօ0˩:@j1:v;)x۴b7VaCqZ*Pֿ|Eȱcğ8a w9;]Dd3,!]Ced-f!: }L!jotOH )X@&g:x#=o`8VFІ9-N$(&0[_S/N3qU3mE&,(XOL!sbڽ@ %DyyTxJr` 9s&>  sWg1D ([Aho{A3GA|"uy^Je&S@]XP͛kH  21d3oα?DNO {}7 g}]@ %t\[tf>*0bR#c* x:-\3sn'DL5VIDlP*&CJށrP]m+[WF \e5%X#QpIǎn:2x/X=g?8 M ,/m´v}(yTvvYZ)P+{ a^y-|7Tdm*@VIhË~z2̶݂  S#njעQ܁ePnr}\n9R(4uhcn3'82צKc*ʮAiIf}>ǁś6~XH$5oC| IM:jsOo:o Kտ ZPB9fEFUj!kU7v5j*2u Z"sE+1`<@׽] =0,%垜(yW2aF6w-b NGUGӕa;w4OFS5pZ?Gj(.@uuˍSl返PN%Uf F֤K]L'otY0j(umMyyNrRH!#& $ 7cU;R!HLb0Hj+sX5t3t.Yt/?O*Z'@a2nѧjvԟ5"ؼpe "mp"sK4t/|EԫB|j83k6b-V,|]%RT2N_3͌*w1~lŎQVsVk(t6;/?ؽRUwkσ&o28"!X'~m#S)ay,c)PAb M*t=._R^OvYe0ebIL2 wHY˃{/N>594(ZN+_::!.gҡY_PFBY?3߹To@a{&h8:Y6w.߷8ㅢ:̷=ĩ|)0`xaA}"YT,u5CZ {۷7*85JMvu&꙰t՚2Bl{MswUe=!|kggZRi #IG9 @Y>)FNdvZ;xVĝ<!)2cb֖``91EZ@t]N/bE)ʧ\e9$\T# tG>灶0!5߻֑<p"bXJ+:AAj °/gu'RN*K/k>-{Qe'[a9 D,A4]/nD[ H`-\>R3>q}bEgq,v4>o54Q*ռJH `?QK8Q3U,׆jGۧ|uf]BʦfxPR`}-wffs1'U5R")ۄ*oXÛ#+l=/|,_o[)bй|q*<2s 75Ll$G$zlm}pGX+ GUT[-^"PDL)ɡakIg`CxvX8Ub)!8+;^@6Q!g*n^ڿ |^,;]t %6 ^a;.:AyEfL{'Խ $p an㎹Qw$ i-cbкX)yS}Ɗ0*:p-o90݌b^i5#>id#\UUQQI֏J"o ˭!> 7Vac-"j]``и4s33WÂΠGS%#WȴD?X1U&f"jJ>.6Sa=!|oMk!Q(p*n?ܦsɩM@/N9'BK8熤[*ΫuHR>d"XfQRtaGgNBݬ_>1V'\.͡4#S3Uk+MFUy&Qew}drOy+n b5Ӌ[%rKuXeQYȝp}DWkr"Nc6P;wHTS-N7 `x?P޽6A,y{?b4ӕ9Sr "82Ly+-ȩʯHֺ^MLtEXj"S{-Dࢴtn:w}i:`wOcEw~3 mO^͒K B􇯿؝;7+-@ƥka. pM{Qo me3B2ٷ$R-d(ORWSY];ۧRO~VT"џ(U(>O-)-c(E7_xWƼ֡ghƮ,q#)zY d}6@Kue 7q?<3Eeo3A΢&Ɠ4S"}O. _ζ8GauܨvQ0$hR"6W>{8H'JLoeNdsA`3}}\/t<> J63zyG=[RQ*ٖz{ͳ8נ\c&7 $Mo3a)ǿZ]z@H>8DRoꖥŗ]uYkYXz ݝwM]4IfdχئDgB+@ȧF 7$<|R6?3ۅ .Q"&9g^כ 鋍>1%4ʙ?rˍTS)\?@6!#3#net;OQD#'Οx*Z7 #Zdw9pi נy?flMLb$HBů3 $2&;47yB֡)>kqRq"z|8L2I6'#4ظzxv U1 TlIg4RScCR=?VI'4ĵ$h@#=z| 2|ΆM]-!ʃC?Vp$qFt&3Q[:'g%?6!IyjxJ:*S7;y*'M_|򎖲)QJ"ƙOO: ̿eYm`c|ê$jP,|a=y.tZ Av}~d~HbW@? X_p Sa6W1 nc6gtbƄXH9Ge~5~fW|1?h|he]HY.;+yJ4#өh55 8!J ۸ ;( @W@n0Lu|g>^x;M觵ɲ#&Ը㔳q];<^cP=-ߴhR"B!'hUrx(9֦V4st a:$hT}+Ρ f*עaߩ`}[b**:";l6cW-mCxGy#e0CWE] ؘi2VD!cb)F}W,g5 yv Qrt :).< ea9 t0{J A)ݓz1$GfX2TMV P4#BR ZW'[,c\F E4Y;T0B}N [Hlu o\*(06({=2SOFy/JRͱPxJ>CD`9%Dz ߓU hhJp_` `jvuNB5EV#/'G_o9ü.^C9#xM&M)S ♝ 'r'r9.ytFcc| 4] ] JmLɴ_uJ@M^dl 1~/g9=5=B$ˁh)w4iRNEs#: سAtIrʈ el3.-6pE0M0q2>9;WlR# RnE9O-:"#ΖiW7;rYSa[ V;/5}`mnCy#^[p-ϖ'*~a P γ̪%1?E'V50%Mw"-`wIXXWg1Ue`M/<ۮrvpn;M=6=ب& `1j<&PhEϛ݉'F \7lkIO4WS5R tA.hs VPCr9x6O4u2#RHܼ,t=eHp"fSzZ߉7bcD~‰-$^eAz;H&Jk6l4]EaDрP[)hIp>oˋ\]SZNzwϊ;zsnj߮ V] iWS}֖郞N(!U4-&ڊZe:{g@K7xM (8NE9j> kђN/xy3 n1"GhAy]Dp 5|U (C~<44LL䝌4IW$= ``(WpQkS^Q,:=f=p4MC'5_{m9$v]Bj[1ɉ]56s|gB"ϡfV©u* 3^f}1E }0u\mq/:ڒ BЎMz3^F;t%Mlaݥ2>k,tcS*jշUp3|3f֟^e'<›zL2 -թ's:Z֯zdg?c6I'k"-[,Gy4"^@A4$?1BTќ#C|FF||8 ,}ˆ޳l ṂuPv *'*JsP~D5Ot/kr k-#ixb$E*]N&s[aʥў=zI8{EMPX%ӆ^u=/U*]V om`jx0gqupsxS q:+B6Y{f=#! 9#dO1Xoб" qLbƺU޸-i67:B؈) ' )THYR_Wmt(X4FP~Y.1pJoxU͚rCX;f=vQrFM_FE:Gnr,d 'L獥!;4AGWdL.yMs]WAѻ%fznxH7wT5l*Z~p@oN^¼,VBZoBfj97X[sO]u+/&x\3*XV6Mo 0ˁ; j@۱bEqִ,J E("X̨]{񼺎 pZ,pIbQ1SmJ@Z,vq LZE 5y|5muxh)6N3S`;(5iH&<-s kg~I -*ρ?9EU*/_*cTYXEV/b޾Jdt sAtE=hGi=Xq#djԗ5)>i͋l^+oPRpS}qoQKIV+#2Ѫ*xOƲ'$0Gª5̎vSD?b{; -rlɴ!L qtf?;٘nF{7H 9pצ'ka[d؅㎿jY|j p~w|f/ aUruG 9a 91<"_uW Xc^ΠmI.:B(bV-ȯYKvJOրKθi߉fC ֳW;> >Ȭ1<'v֥%B3Őz%P/D 01.o5Y(EuW^2mB'np$ önBZ-ɇCR?]Q󌾏j3>pОxi=0 ҙ 4y v 7 v-snjpFbx].+F#Jc_ _zx{8ppMf6/@*BԑTrmISvE6ùBYiEXsE 9=9榒:ճ;XR7KD-FTR XbO@ dYKˈpg?TbXs-7M 2PMJ[Ǔp%Kwx{E,.}AcY/S"IS߀3;)0?&2ur^gDU\Yi.d٥BZR͂f&9p`%)Y#1^ m(vn6%7S70N\Ի7uDX (0[%Jُi /-iܗO4.#9weiJ0j__V[d;^޹gp}e1r7:ZeA NjE4=ChpZg݈uRR~S֤tǂ⪴;h*ҞKAP]y0w vsr%^WZNceR˟$r6u:_Sf_jW+zK %Q,"-<%lg? ڿw$ ltJ=-NJv 4 d.nCޭwlT*:GO{u\)P02ڥYM<`K x*bTtDP=3N _d>\!?GNf{@xxzPzy]\2M^f8b64XD 7E68/\FآD"N+?6)} V8ZJ&0 zx4Nb@ONO t~X;zS8%)W2CD~3bzCE<> j]ȣ1_ n]X5sa!ȻMX=@ma ,]hv:tvLR$( =tjIo[ĉgxRe6II$Ln'yrrMڂg6sxkJ p0|yCRL:kf{c۰GMZqLx|ƔRdW#2#R|-yuj?iT,e1@5Yv7(4vKqY պl` AhEm5atX`_\)__"T ފbX6 5h7VٳCufht@ΗE@|{K"_i )|$[.أgxqR[Zd{관= =8@<rrO[ޮG&Ėy ;ɾdj }QZ 7j95"NL¢j`:*S?b`QAIVjYy 1ifFbE"(=1T7&,}Ȣ4&9RޠU }MdDB 6`5&f|+lw9`5dAVbiz2O@Nڀ:h< ]gA!ImtSVrIo{Mǃy5?WЦT'b4Y9m27HF w~ʿmy&Rޯl+@ę;p>Hz=TLB* gSӉZiEV!W;]=h$!:dtxa}M$Hk%xE' ^CBt`C|Jp ^E8?G%HH5'Z@jgFi-;/SGEʝvqK@TgaI>G<:Lgm rָMO0Ŝ\?cq1,Zuh0b4rGdɸMoɻaVhV5%~͒'f-Ui6#P2ug|jN\" @/p-EpgP%_Ϲ~Y 0ple~Ar&kf|(BRbϠ9u*r5or-:8-J-GG#qYW`nO {fޏ1U`SqZmR^[ Ьv:4d3'yzM3v"R;J(!x}c8*k l$Y8Xّ|B='I)l;cުE+˙12::XGX;sԗdyYẙJB揅% -vj_}ǧ%G8ᓰ_w1st 4@E`ye4@MhഝXYz6W~ԧPÜ.[\ܛ "dZQr<e-ץèd,؝/>Ϋg`g/c9vͥx#'pĉQ2l в-,г #aYg.$Xwv(KA0:]3QPϪNI4/0ƌ.J&P)b ./p` ~+cwӫOm$31hJs"!4VXgMQϡUVS" ՝EC꿧8̾fW7wt8A2$= \2-eh/oS)G2@#/[[46`c_+*tUŻ.="䬦9 o]Yah&ZsNhxr-l_Bk /3+YSV ?/d\b ʖGhݷԟ$?6|ꬠli(w#|GP(*|tUW>]@πzl8OLIel Bgl?r[v""BS\g=ڷn_ VI!N4?9=(`Z؂FGyω>8v|£RrQi`1iO z$̯<lE1, < Wރ'XN uHlG^mAׇI@Wbge~Or>Lb 35;L( %j4~按⌅;-)* E^7hi&jq-|}j'aXpjgdt"]uuv [}Lҋ^@BHaO5 !CR1^թ8LP*Y,Wdr~y6yAݔ_ .n}*oO 6i Ryx,M\A۴'})ޡ^^?X/ie'}7eڱ?[ R)t^ U}@یg_zjbqc 0i>w\:0SvyF`3΂/:q)g&,ؾt\\B;*8[ڲ0MP&*xAhP=`zWZSX3Ud:$..~ocrIKf]hg-s:HNfI`x[ֶ$@Դ乒DF}~|2a:L Z z5cfl;v4ʟGB<.AwɧOՆoI7-l[~X,>Ga a 'J&X"6N쀾ssuA3@Fol;沵8rrQF4${<<}}?"ՐG庽ʉxN!/%g_/Gcr{Mpԋ6YNb`aƏ]m\qg sa%.aqْ޳ʡ:_O@m $ڸOx@ Skգ/yOCe=C!35V3.Z6j3s zg9 An^r.G+6\AѣRϘ3s$ܟNh)65񞎢-U$غՄu8RY l`DÉj9?!ASN8;| ]x-&n{RA*TX;n9&t6&CvԠ\:]SaR@ M6+h)ģϥӧfkyM1jis3 wN@}'tq }S y6J/7R񚍥6:pP{%Gq7y 0thfpjNw/fiؘnH̏pߴf%݄Z!KWY9m W=OwPĆ➩j'=[5&n058ϋ2.E:Y7ֺXxPD!gB9{ //+4N2cRZ1pSLCg2}?o0nQ1Qǿ8u(#ֈ8Ebqn<+vZvpڠrqFAgȎI9jX795Y8q"Ճs&^neyZM0~W\?Poj@ JG#uR o>ur -nP  <뛡KHmC CO.&fG-gWȍ +askgРf܌jo3 }{7kAQvGSrWx`֭rz:;ܓӒquW9i@-*jM3C6YckR| T(A.rh; imɬH0V9/"B[5I\0Y&jW 5%P#u5FW $X7:o9~wE#B3I(TѱRh@%6 Vч3CJz:GCLFrud :(k'OIlݓ&vcMtsfzc%\lHoY%Gq"P$sUZf k*Lh2&Vdk^b߽zAR2myա?G%pjmǛĪQKlj:}_o7(+p]Ѝl\4#ԜC Y_(%7ɶ'Rz kUAk-@t:]@UbeH1z]⤂5~D1'uy=[m4@J!$C˴br`P)/[jsKt`ρƗ͘MXF#- {R޾GP^`{imy{ޑi&2Yd{DRw Ҥ''7/䨇RaH#Ek HC,kBݱ)߾D"3~_4n+?6~~4xqOt;1 ]FJXzr?*(x/E)lk?;YlkY>$7eb2O NF9!6r;@8 %VR 18jZ0ytNNY8Z 8!#!dHgK$Ʋ{C<@S$ A6h!< @UMpá0wYp1/k%~C,gL䭁}t,(ER>c;)$a ¤Y;3`_=& zl) \x1 S nЬTXuelV㨯gwq!R*ޣcN8IW p,g/rl/jR6pm&z0r~P|e[~CT$c^ Xe<a5 kWkHeZљ TFuק.3$:5TX^A|چax5L0p#OW&>r^ǭ‚=^R1+ |'*yqox/ wzwi>N@Ꮯm9YRbp_]rE $awRL25c׼k…_4ՇHϣ2q: oG4028ϱw]i3B%y^BgC xqghN`[:'u׽*:lbyn1A@{X֓4a,P\eFϽ}fUY4@N$%,LK$i"-ReiruRP}fiA"F_ZsxQG=bBW_N |ltX}r5`قyx1zrG0Uh; )Ox C!Jb.:lj(:\.+U\=:sBdG0R}EFĕ6~gXZL+@M`+˲!!yL,kCnͦ"Glh$l|%71Tح8K K>&q(yLЂ'ՓV m${ uY(H_IC"~°%ța,)*)4-TQ%T)W75vY.B3& ؊d(.Py78^$O yդ,!{|h p7R.$Iv|C"0Yy#CΡ u&pߍ՚~PLF}Ƚ3aDd*V :C榴 YliѨ sqMxbQv~1XJ +6Hn Aʐcwj-l6N6Q&zt5WF>n=$>( {v JZ i]4!hI. Hp%ߌjeop.ّ!`פFqkds_U=UV!CKnRD8 (7>o/H,4ٔs}GJQq yt3ՓabקEGpMt]w-CarRey:l>gX CZ#x +0\N$I`Y+gj![v KIdi<LYYp 4ERUVO_"WǽKV"a>"Fٕ7LψobT!J#PO}u)Z^5yةe$՟-lhyXY5sH%G ,Fij#q$I>kU\ͥkYfw>mvb*!. r&:m~d59mCUVk},7[Kϕu FzrHK;WyϾ:D-83ܧ n{ Dž>RRO1+2h7%B^[c\6X,*rd zN5;vؔ5.(S ?4$lq ؤB@ {:h3m$dآ]?99'w0ڣVʥ/w3s,ҰF9-i G%CrXX- NN"ҿJb]U9ΔnD1 5 e7lE9<s % y-.D {QНKu3 W#.(XhrUUZA5\\blAO第F,:CXB/( k` @ 7f@DBG zD30sjqaya*:eumV?b\SM"B*+2K&AZX₫:31*J6/A,28-WaZ`]&KeHQ C`bXwM"ŕb%*KN4[qB{,O[Ă_QrAGa|x|4Nt%nƛDȹ(PSS1/5m0bٶ_٤J1`%Td wxO b>toZf۬ mbcΏ䈶"]aQj _jҳNkbV$yݕ]ʵLVK)m'V=涏 |t]`fÂqN4ׁbqMߥ'1w4.,b5R}NPm]2 vAR иT82iYjbH*}?4(}oj1]1E9( rfwqֈ}nNȌ4rmzbh),z+-u~le,B"ȸ ᬜti.=ZBZ034c/)tQ8@2ܥKlGB#t m'B /\\ Ыd >ψ)*(PQ+*`&s`ʨ+dXوv~AҋاΨ)0BzK df>΢1 `~)W1^1/3yACn,]-a@lQ taӕ YPBgFRʥc|KX֖<ʘmAH-}j@ ̾0^j>;ֆ ja!1^NS AQ(M$cm$reN~`j$ H0ZqC*JipF `)-D^50H1hV#9fqߜVE1ĜHZ걠n'h[=?6=(^'z Vz6*uc*~wT`7臫Ys@Rgѩ9^1W/ӒMK)Q26}A,\MʡbD;j Z:b@sU.SuB Bae͈a c0 5EhVeN$W'.˂etPdxL*{`K64@1daw9mFLMcS1]6 :%}1_nf^Sh i16eIB͞<r=-_O;]p/6im)^[EΘ;JQ)!g2?FdoNCk~F\oPkf2⣏Hz,7gւm(͊ _l4UBtd*x`gqKֿT^&ؼ3ԺX]"cl@`d-5Npœ_+2Ep3;kذ|"Xꞷ&eLnpb*RdksY(rezo֎,Ph6? *WI0<8ʁA!h5_& %iieϜ2>XO`pEt^ ,zuQ>z\5gj&vWOJF,N!Y<}[Ni=p.(PQs$ :qƖ{h蛹>RhO,}d0SUy;dC~TldYx!`N=IJ;AR"N QcX`^`nev=>^II ;3z›2  $ߧ&:IvC/m,`pH(%xZ~&F`=]=KQn;Oߘ`8-v5fq'%Q_Z:db]it~5#h4[SCHT$c j2= (#7 ogx k|3 ፲xZxe09zWBǤquߵ͒wzXWKqkk7}< g{ ȳ̝MިAr\ 22U|F S s׎qVP4;LS}zvdMJM 'g\=C<UvdinDjpy4ʩmu`*҅jFe]xxb.;2,0dѧLᾗwi"v-t"5Jl> 0Q4f0,*Fxa>s0&ҕXIV$5_w?l6zVz5)`r,gP/6BŜ:@>$\bH/nkbQսØov*䕌K\qA `Ϭr.g,t9D55cЬ|,mS2N>=#S=ϤHJOp` x҅$0!~SNE.PSVv/Px$uc r?exҌ%R:)/zS+5*>|8:luq/D~"6ʈ껠#8EDTTťmm'3܀wNdj -gzPQjbޢ31R^f4xl;KSzՎL_D9srV5]309obP*8.Ȕy@]2,>@Yi$nɗT3\Ce|k1qo5З8iN]n~Ϙ] *{0D*#xP cf eqre?JqN+NSϡ_lAW݈bavRڗ=Ru҂V3ww|kRhk@g0dd c[ bO\yΚD8N~8|_KgfykE5Yys%QM1fW8T\LP y);A5sG>}V2E\BLn[6 @+ ?b%*M?A僱2lCJ֑/a[$/~66ؼV@*D[lx("$P%=?JUbbH^E*0X#ĽG UMLJ &TM RetAm>21`otE6ɩzƲCmv7HaYA۶amMĥ'7Jb: ]GԳ(K_ۗU1^$ F_c`h^W3l\+뼢\Bs쨏;Y[Cʾ1TN.~ zr/B ]9}K[m];Б*Bg}@+ʁ[jL۞F#-[DO÷DF)i6j蛐s\);Uh9[BL m_pr1QbuV/\{02]Q@"s ۧ >zfzVRWWֻ>dN{QtE .]e 6b ŒVtv׿R6`ɐ 0`xHtHV0ܗ\䅚Ej0m5nT7|m`}NMM:5LĻ Jg2@9k?$wp3spUorsɦ(S!5 |nMt$qxe8h=sd NMѻlJg`~$ K␎ ~g9$PxvȒv"m4~3\ Q(yOeцfEhQZHtFhp?=7-:kQ%FT;3vnsڿ+b]ة8^J\%hyӮcTqˌe';1>Ѥl8}oilA7pmQfq&-Ox,!2u?AV!ؘ?N?"ѥR~2E<9RN|[a吁|9Wk~3` 6 |YGU :&aQq7-.<,^B4 :7: ?N;>L=;IoE'8Yi5)tSןSAp ! ?ڏCS. Yr#LC1z[o}|eJt5ͤDk :G~4-g¸jtq+@K^ڼµ~C&F=ƦȟW_LFF߳> *E+9'VQ7(XjL{YD1FIX#׊3D%E"1O+NBYMS!+O2= R*B Id:/xpxq6R)EX_Y0S߱k Ӿ`$A, uQ`pX>^Z9)eG(-қw|cZfg/wz1OƳE7a:d,OJ0CB!1,Kv치MwٲWLX^gB'}}t4f:#*B*hK*)w@j⌚Vh( 9l_1v6W"6w=#{W>[,Jd|$p\ib/]H8iec~Ĺ6k#GpSyS 5*;RqHއ ץ@ u = %)5>KM+DIo6ldODa|(:jFseCYqx5U 3̂*DwKw( N ʵzGsAu(!Ryіqi!E8)o?+ӂb= U7V()ʿCGEF ~t1}1)Zg%rz%Dx K%9!@]ZsE!tT-Uoܔr-We|0lo/T;:Ga|yX2:!0*t"`,uri-pM1) XP;1z|]0eRCYBb. Xs-=깞u FQ}֎{2,|wąlJ/f* H;3H@H\YYmw&12Fʭ}(X"2Ah4fZ51DªʺEsK0}}[zlg^qpDɞx1mIbKɭ@ &+ |ӉvQV{ NJ/Ē.Z`gK4na@P)&H GfE+u lT_\:~ ܃|fŴ\/}&>1v8ycMM{{nxs26)z&қ$IsGM7'ϙ@I5g) IwG)TҹXm-{uL RESD0 ꃡUɅҫ92+uF& Ekmņ/}yY뚓>Rϔ3݌Qi1>_7a6cG^s VE1Jؘ9Uʵ(uT{mbX9lUi,NA˪9ItTh5j9hE¿947.wJGEY3el:HN܅*IuwTdI#r1eAֹFd۟R{E﹠VdK 䣝7Ȭs6pV+$B)Dar[i0DW QR֓YtB{س]EbЂ7A ѶY%.3`߃UCRD&S޼9ny|:A`cgc-T(ڝځl.l8'S*R奭+섞}F)Nc| '6>Z8.:(' ]%a'cW^mw3DdӾ<#vo՗W'h|܆IWܡ\֐|Sa UJè4:MZiH/ň ɂdܯ2YAr;(^lCЉK{ד2I8ˣP6}Igݒ Ш4cs[#3rVG2gO؆L%0Fd|?2Xv>$cIoՋ6v/v5ʰCseGѷ^EXATPԋ # ́ݖ6AS43?ыR5 u(iUJ`ay^Ws{2\7Ҫz !n,N h%rYrole0M2<&ΏG߬f9 HT9:g\-X4[sW'  ~R1չ=͡wZq55ԆHyOqDU2:,5w[:/RCM͓̠9g)I5Yhc©%D38] *:; hsf;/3=]cwD>jދ"2 / 1A_e$%eNv&KA\i 0#,\&z}c8 'sQ UZi-qmQ./wT\cZm\ﴦI ox 3ѣ]'Ň[rcArkka0e>k));W* Bj$Dfq:,N) 4H&eV$>of7B ՏurdUoӍL>7< 84} ݨ±jՃ8$qdXUGei/J#[p.!/+W_zw\g] s6p&AaĘDh1pwΉ?]f*a9ws[x1e|fS NUpЃ 7FN"cS]zjީUwr{$GA`@҂P{&7 Cwru?O$xXF=ݼ)4fpW_[9giC5my?ɔҗl4'z3FBF#+h 4vLjLW9_TdC't;'fӮd;>MBF@'Wg@2m[6niZʑ3gÁȀr5 *cY 9D}1eAF(4|yYuR1mv2I#BHyU xנO }zSxUCIA|}$HYy_G9K92AKbs$}sYTS{}Sq$60dݕ@*2sx~8n%(1s[s z6Q}zTl?T}y꧕+i0;3! 87T *wB{FE5gu_};a<]RLr9v !t̀RM<=6x~^vCh̥5hn?CDguG](>oЃG߆L2#%P?\o~3HZ0GѺOLC8L|-islgYa @TbS.tB Y%I4tL|0fiq$|kTl[MUeO0!œQmSR[asj&|>˅)ZZ d͢LS*PB 8مa}xeMkTۅ[Gd?w+$j[wqrf9#*^EXJ\Bx}@Np*6t8WbFb]_m1eVb=QN[;PGc;Q@>iк۬:ӣ3HG::q4[.PH5F{~OY'UM5'SfS$#yp1wͧooFc]WfԒu]|7kM|B$2 n[%d!3!kM==KamiMf AZy-"Z.v]y&?~HvjC4Ww۱0RW0IV㋸+*eY },gsiIH,etuqEJ:nk^l_A0 n@MK)(mpuFKxdJz~ ; HY g-T#.}RN9o(1WGCgk吢:y}=Br78@B$aR;aC)<\_)HL$zz^\}ZhgҾY2&#"~R 2v9C'e\|8lFo:NlQ|MT0t G ('w y7E r5w0dyg;aعv-) B=jF-htb8lo K??w͡n4il|cb gQYEdF07to! hnڪh}+(Q$[†B l"6Ш|͏џ%.$OC~1}N9edԫ Pt_HlbcA-f7.~>`)Ēz>-{24GUK~Un2xp5[Ot:G[q t#'̦㼵Z7ڲȻ5[d.HwmD1Z!wY4?d@cЖkzc]U3VϞۭ&qPƍZɎ0H"k@ڌ{Q4 ITL)8}==p0؏OlZ=Z8AIi9;#F" 2_clofܐV)`>Vxڔ @ŋ`G+eLBy e*c?gy-Z0%Td]>K/<[&hKD0jw}{6DEbܡ݀yZxݔq`G,ZlNBOb"+U-ԕ;`JxuuF7Ƣ FilJUre&2(=xavzDN{^ ] (s%R #"H cx qpB> Y.43;8@CUѢ] F",S>GDz2{C/4O(08ՖŌc\-J|L! ֳ^5lGoy +K2!"=r6Œ湫<"!kK0:Cxjݛ hM}y3Ә0l,2ۮӈJyG 'OvϾG>/EAc*/q|[6)tҸ tZ]Y^U%S=SS6Ya#fEJF1_=;=>8D\ՙ8Z"l\]/Ƶ C=d\i+(#XnuJNs~B;+q_G[ˤ5IW)VE#lFIPE~F^7U!\ox!2Iw#fHJ1Fl갹y'Jc3{a7t~m{'43ݲjڡ V,Ԥ<%ft/*t_Yj%)d,#aĎmm0]]r4Uqk6<*oCٱTc_-a%Tʝѡ8q~Bv &7hWo1hw#,qx}'41OSއiQXi.صt'B˹GaIV Sizg\_6پ5_xrdF1G@/]L8E/7^I#pk>\qEPP[h="c+Ş[m]>>/.tRsMW|κ•X3zRJbҕOlU{K&6mN'wjsB\_b)_eg˴rΓ '; BtWapcFC1 Ib=AYm⸨2"ɛ)SKG Rki/11EF'*`f׮kj; ȜC22*hy9SjcD4Np{G$'8^P?%0"q<+Wm>{(Ygm3+Ah7xT ,pkxŶ; Wȍ5Ρ%֤$uc`a/'Q!MK1ªV?q6ez>t݊vvKcDV/؝WQb4~L f=JM5L! os >Amd>q)|2!j 5 CŽ \éLe~5m9"T(zwA4+%-G~Ua?"v~Ti\G}=F2;w/Woh:kD9s޽242%fl ɊdaT4n=9\EϵGgK'Ow\YUTLDŗCr3ѝ~]j|l_ &mL{x1"WIg2Ӣf]m^-,Yus3"q\>{1#h)RVph:P>LpL>J9Oqq5؟RIHhGV !F7Sk 8Ht/혀R8v9RTX=w) N pHyǙ9+j}<ו}A rڧ-xioOTU 摟LnvS)^[Jg?7>ԷS|N<Ælf^6PeiJRh:ʢ94<C:m`*a"f60ka`g]W%խ^j]SGORU`'ZK5P#TtEGgyq#^u|ÓruxiPdlWf)]z#Aҍ'~@f`Ǹ% =KYfUyg `AOJй~ ҉qmAjXntamTE r'ZU8-I5݉ne[[#  kZ$b[< sd~;G[hZ =:tT˫㧗\5SЗx "HAO$y(|dFrr؅h09)p"ZF@hVuWOhݔ2PNU 0 @߳_z5,KrZF7!J*'71x=TKۜJ~5ݙo4'`Z̸&T»$0_vVİ$so$nt@OYD99tr@ަ]~ ?꯭Q̹b 1Y pW @1&€ibYw] ݀hm8fW5zFFv `ON8Z+&u)ggߵ.A&6c8Mcy53Pw$O+Q?u ~sWE0@VD7ʹz.} 4*Zs[sAt~}=!'@ulIֳo dL#nʎ|6^ӱV0e ]L:Eދ7AAC:uɳB8QV4_X&]34v9>]J_Y{4'0 tYq_Hm!=$hUX .C3oWLmrW e[c @zWm<tZl(MEίToLdxCyO LU }5QW؉FaVrm+ +:=\N=ϸ~u]:ɷٕ|gewuNsY4ޯbrJa0A&|9|G%ر,a"68TKjXS7|PEŎ)E|omC|_co~ ~Vv;4ӓ%xI`񡗢&?!> g&jXc^ƑVѻ9GàR^0ƚeL}d gm U&lŬ*A9ω)хOf yNXdm&QѶ[0,OzST+̰t]CcZB&6~{JXT w'\gڴuz)BL?bvhJhv`Nd Zhimi@V\r(ȯA9JuEap_iN`~OͱP7e!*^x"1;ne#ZuÃTbRTf2_ 9(̏it;LiY])*1j7q*Q,m4]j7x\ီvS[Mg6H )ź}v$]/-3'.!:ْ{@696  ,3vԟ$yȮ^-gȥ1hܝO]lO 6Y{8­"Hl/Q_}Pt\8@BVl_3VyͱDcRԜX3̈́,1mA @0XK?FO XnȒ6ZIqMZ; N R~97R+ Pݛ;v"(gǃh"OQF S{&tD p*Z 6g!M ~Aq{2 go|Оۍץ0XK{n ''ئ+.D:D=I_z \}BchМ8Ě͏!fwVȗ^t8PqDnE4nvG(PK:1H,h.R| s^se 6ݴ jm#I!ёDž47`R {]ege'J[ ?eC|ۣȿ̺XUD`9S"h9:*bbE&D?m\p NB4i;%պРRb(Ò 1_S^'Ss&4x~[%Uei;Hiª jR&OQ36$2[½AN6 nBal"F0A6USQ:^?/ F9Me.71? :a 5ru|,lׁtO^V&bo+)7|<,OvI5P\CE.ƛZ3:ٸL1|m1ӎcZR?\ KOm =1 ݁6yجM1fA[S0U'i{'soK=DJ`32K2m5iP[{En="%1OZ0舀+ϫ@+ۗ&+^#yόDM\ g&8]Dtu$f'[~HsVδF #rpPKU/eD[C5[ ǶtFȆ S #IŐ6jfv ͏ޅg`(Qoa5P1k \rFرB3r\~xp'0Tv)2-ZZ .YO/:f#zh C FҠ3WeVvA)epXooNQ+m6X]5~R"b.p"iej<㙍{핈rgr0s Mkc"/puRu+6LMGPHC uǢfn(wCIWQ .[/GbIDm`qy7㷡ڤ)_u^{ B_iGv Tke{GD9rڔ&ݽ[Sn4kⷺD,!bˆFoԔ;{29:_S=ΓkuQ33p#7תVu6|`e|rwM##4UWSATŸ.&O2 Mɏ?e+e]<Ӡ ÿm@=Y4.V-8 \I࿝ OmΉ>܃R#QEE<ڛi1C]Ks! tc)إSSyӵ?~|7'Cq7rxbFQVJ5^'3P~h^Ã<@>Cޜ?hfD|C'=cG0W>/v10<&MB;<^xc^7^ΪH}nޜ_`snEc*U!I:lX_))JN2XAoޠ|`3uN(EԓT%H 'Z:~?}{9)^5w$]qܘmg!Kl~q"@unLay׌Dt uBp9ТKJD~&6~dp+#h~bE34pSSIQ:Vuz$ېzo3 pvoK'*$UߡGrɣu/~eNpք|aL.c',P %;! NLvW'gXyhQ"e\ĴL:-DYQvi AYupU:ݬ$B?p2qYxk4T\t>F0Z}9aR1!ogęDR5[KrS=Rm7VɩJ<$jeCȦ~/,75?[: