nss-pkcs11-devel-3.79.0-5.el7_9> H HtxHFd& ?*}}Jd ~dځU? yـx<*RÑ]MV049358c589dc5bd55f3f63874d213eb140258308P.ŽaZ`gsFd& ?*}} FfvbwİÍed㌇F*_ cRFT>8d?Td " Z GMT         =  L    T6(h8p9 :U7G H$ IX XhYt\ ] ^`bd3e8f;l=tX u vw x PCnss-pkcs11-devel3.79.05.el7_9Development libraries for PKCS #11 (Cryptoki) using NSSLibrary files for developing PKCS #11 modules using basic NSS low level services.dXsl7.fnal.govLScientific LinuxScientific LinuxMPLv2.0Scientific LinuxDevelopment/Librarieshttp://www.mozilla.org/projects/security/pki/nss/linuxx86_64 n@GCB:nZ,bNYbNYbNYbNYbNYbNYbNYbNYbNYbNYd0Hd0Td0Ta35ece673d12028eb93987be84491b4a5978b26acbed9391ea7c623d892114892314809e560ccd8db3aa7c73a76761c6dfdc9970766418eda2ccf5d82d7c8c87d17c98658d22e1d43bebb72e5c2fa70d38b4813cc365664cb7e012c1c205945a44468d9015bc778365581b64aa8389d29b1253027c339f0db50c4fa4041b182610323e003c49ea719ba9d58bcc8cd25e0cb04b9ef477e86532dd49ce5aab7de426ea03608b467e5d895ef62414d18e48c7eef62075092710067aa35ab7da79c77a0eecf6f3406b0ac94bde7ea8963f1ed4bdc05c48bade64adbbe3f942607a58424de03c781dc5f6985867d3c8905ef675f7f2bef4bc52abc6e523484afb4882dc8e6a0a79dc11903d89226d4fd9a1a2e6d15433c2f77b7176b727c3d2980b1b616dd39c3520cedf4a0b72c67baa0de3103d894baa8631e24020c157d21a2473f5ee187ae698bfebcb2b4df6e21edbc3d95b5ec709756e1cd6a1c3d83fca1c442bd91adb6490f13381bc2e184bc8fec6d47f56f98f5152835629950aec221ac5d580628ce6543fa231a360bc6c9e0f1f986fcba75303d22dec2a22848ad95a8drootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootnss-3.79.0-5.el7_9.src.rpmnss-pkcs11-develnss-pkcs11-devel(x86-64)nss-pkcs11-devel-static     nss-develnss-softokn-freebl-develrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.79.0-5.el7_93.67.03.0.4-14.6.0-14.0-15.2-14.11.3dxb?by@bb@a@@a@`@``Ȗ@`@`?z@`3`.V`@_%Y@_"@_*@]B]@]]S\\\P\@\g\-@\\7\C@\@\@\\|\s[k@[Z؄Z3@ZЛZ2@ZkZw@Z\ZOhZN@Z Y@Y|YB@Y@Y@Y@Y@YJYg`Y1S@Y i@Y i@Y @Y.Y@YXX~@X•@XO@XO@XBX@XX@XWu WrfWc@Wc@WBWo@Wo@Wo@WW WW@Vn@V@V>@V`VpV'~@U6@U6@UAU@UUUݪ@UUȒ@UU@U'U3@UUx&Ux&Uq@U?v@U8U0U-@U'@U:TTq@TTto@Td@T)IS@S@Sہ@S@SnS@RJ@RRUR۾@R۾@R@R@Rx@RΏ@RkR@R;RiR@Rz/@Rv:Rt@RrF@Ro@Ro@RnQRe@RW@RSR@QQQ@QKQ@QQW@Q'@Qq1QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.79.0-5Bob Relyea - 3.79.0-4Bob Relyea - 3.79.0-3Bob Relyea - 3.79.0-2Bob Relyea - 3.79.0-1Bob Relyea - 3.67.0-4Bob Relyea - 3.67.0-3Bob Relyea - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-7Bob Relyea - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Bob Relyea - 3.44.0-8Bob Relyea - 3.44.0-7Bob Relyea - 3.44.0-6Bob Relyea - 3.44.0-5Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Daiki Ueno - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.43.0-9Daiki Ueno - 3.43.0-8Daiki Ueno - 3.43.0-7Daiki Ueno - 3.43.0-6Daiki Ueno - 3.43.0-5Bob Relyea - 3.43.0-4Daiki Ueno - 3.43.0-3Bob Relyea - 3.43.0-2Daiki Ueno - 3.43.0-1Bob Relyea - 3.36.0-8.1Bob Relyea - 3.36.0-8Daiki Ueno - 3.36.0-7Daiki Ueno - 3.36.0-6Daiki Ueno - 3.36.0-5Daiki Ueno - 3.36.0-4Daiki Ueno - 3.36.0-3Daiki Ueno - 3.36.0-2Daiki Ueno - 3.36.0-1Daiki Ueno - 3.34.0-4Daiki Ueno - 3.34.0-3Daiki Ueno - 3.34.0-2Daiki Ueno - 3.34.0-1Daiki Ueno - 3.34.0-0.1.beta1Daiki Ueno - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.33.0-1Daiki Ueno - 3.28.4-14Daiki Ueno - 3.28.4-13Daiki Ueno - 3.28.4-12Daiki Ueno - 3.28.4-11Daiki Ueno - 3.28.4-10Daiki Ueno - 3.28.4-9Kai Engert - 3.28.4-8Daiki Ueno - 3.28.4-7Daiki Ueno - 3.28.4-6Daiki Ueno - 3.28.4-5Daiki Ueno - 3.28.4-4Daiki Ueno - 3.28.4-3Daiki Ueno - 3.28.4-2Daiki Ueno - 3.28.3-5Daiki Ueno - 3.28.3-4Daiki Ueno - 3.28.3-3Daiki Ueno - 3.28.3-2Daiki Ueno - 3.28.2-3Daiki Ueno - 3.28.2-2Daiki Ueno - 3.28.2-1.1Daiki Ueno - 3.28.2-1.0Daiki Ueno - 3.21.3-1Kai Engert - 3.21.0-17Kai Engert - 3.21.0-16Kai Engert - 3.21.0-15Kai Engert - 3.21.0-14Elio Maldonado - 3.21.0-13Elio Maldonado - 3.21.0-12Elio Maldonado - 3.21.0-11Elio Maldonado - 3.21.0-10Kai Engert - 3.21.0-9Kai Engert - 3.21.0-8Elio Maldonado - 3.21.0-7Kai Engert - 3.21.0-6Kai Engert - 3.21.0-5Elio Maldonado - 3.21.0-2Elio Maldonado - 3.21.0-1Elio Maldonado - 3.19.1-19Kai Engert - 3.19.1-18Elio Maldonado - 3.19.1-17Elio Maldonado - 3.19.1-16Elio Maldonado - 3.19.1-15Elio Maldonado - 3.19.1-14Elio Maldonado - 3.19.1-13Elio Maldonado - 3.19.1-12Elio Maldonado - 3.19.1-11Elio Maldonado - 3.19.1-10Elio Maldonado - 3.19.1-9Elio Maldonado - 3.19.1-8Elio Maldonado - 3.19.1-7Elio Maldonado - 3.19.1-6Kai Engert - 3.19.1-5Elio Maldonado - 3.19.1-4Elio Maldonado - 3.19.1-3Elio Maldonado - 3.19.1-2Elio Maldonado - 3.19.1-1Kai Engert - 3.18.0-6Kai Engert - 3.18.0-5Elio Maldonado - 3.18.0-4Elio Maldonado - 3.18.0-3Elio Maldonado - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.16.2.3-5Elio Maldonado - 3.16.2.3-4Elio Maldonado - 3.16.2.3-3Elio Maldonado - 3.16.2.3-2Elio Maldonado - 3.16.2-10Elio Maldonado - 3.16.2-9Elio Maldonado - 3.16.2-4Elio Maldonado 3.16.2-3Elio Maldonado - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.15.4-6Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Daniel Mach - 3.15.4-2Elio Maldonado - 3.15.3-9Elio Maldonado - 3.15.3-8Elio Maldonado - 3.15.3-7Elio Maldonado - 3.15.3-6Elio Maldonado - 3.15.3-5Elio Maldonado - 3.15.3-4Daniel Mach - 3.15.3-3Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-10Elio Maldonado - 3.15.2-9Elio Maldonado - 3.15.2-8Elio Maldonado - 3.15.2-7Elio Maldonado - 3.15.2-6Elio Maldonado - 3.15.2-5Elio Maldonado - 3.15.2-4Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15-6Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.14.3-13.0Kai Engert - 3.14.3-12.0Kai Engert - 3.14.3-11Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- fix CVE-2023-0767- fix regression for pkcs12.- fix crash in curl. better fix for the regression below- fix regressions found in test suite- Rebase to NSS 3.79 - Set FIPS Module ID- fix CVE-2021-43527- revert sql default language in man pages - fix SEC_PKCS12EnableCipher so python-nss tests will still work.- fix sdb timeout issue - fix incorrect ssl alerts in Signature scheme processing- Rebase to NSS 3.67- restore pkcs12 defaults- Rebase to NSS 3.66- Fix HSM load failure because of CKO_Profile - Allow builds with strict-proto- Update to CVE 2020-256423 TLS flood DOS attack patch.- Fix CVE 2020-256423 TLS flood DOS Attack.- Fix deadlock issue - Fix 3 FTBS issues, 2 expired certs, one semantic change in nss-softokn.- Disable dh timing test because it's unreliable on s390 (from Bob Relyea) - Explicitly enable upgradedb/sharedb test cycles- Disable TLS 1.3 by default- Rebase to NSS 3.53.1- Increase timeout on ssl_gtest so that slow platforms can complete when running on a busy system.- back out out-of-bounds patch (patch for nss-softokn). - Fix segfault on empty or malformed ecdh keys (#1777712)- Fix out-of-bounds write in NSC_EncryptUpdate (#1775911,#1775910)- Fix pkix name constraints processing to only process the common name if the certusage you are checking is IPSEC or SSL Server.- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set- Skip sysinit gtests properly - Fix shell syntax error in tests/ssl/ssl.sh - Regenerate manual pages- Rebase to NSS 3.44 - Restore fix-min-library-version-in-SSLVersionRange.patch to keep SSL3 supported in the code level while it is disabled by policy - Skip TLS 1.3 tests under FIPS mode- Ignore system policy when running %check- Fix policy string- Don't override date in man-pages - Revert the change to use XDG basedirs (mozilla#818686) - Enable SSL2 compatible ClientHello by default - Disable SSL3 and RC4 by default- Make "-V ssl3:" option work with tools- Fix regression in MD5 disablement- add certutil documentation- Restore complete removal of SSLv2 - Disable SSLv3 - Move signtool to unsupported directory- Expand IPSEC usage to include ssl and email certs. Remove special processing of the usage based on the critical flag- Rebase to NSS 3.43- move key on unwrap failure and retry.- Update the cert verify code to allow a new ipsec usage and follow RFC 4945- Backport upstream fix for CVE-2018-12384 - Remove nss-lockcert-api-change.patch, which turned out to be a mistake (the symbol was not exported from libnss)- Exercise SSL tests which only run under non-FIPS setting- Restore CERT_LockCertTrust and CERT_UnlockCertTrust back in cert.h- Work around modutil -changepw error if the old and new passwords are both empty in FIPS mode- Decrease the iteration count of PKCS#12 for compatibility with Windows - Fix deadlock when a token is re-inserted while a client process is running- Set NSS_FORCE_FIPS=1 in %build - Revert the changes to tests assuming the default DB type- Rebase to NSS 3.36- Re-enable nss-is-token-present-race.patch- Temporarily disable nss-is-token-present-race.patch- Backport necessary changes from 3.35- Rebase to NSS 3.34- Rebase to NSS 3.34.BETA1- Disable TLS 1.3- Enable TLS 1.3- Rebase to NSS 3.33 - Disable TLS 1.3, temporarily disable failing gtests (Skip13Variants) - Temporarily disable race.patch and nss-3.16-token-init-race.patch, which causes a deadlock in newly added test cases - Remove upstreamed patches: moz-1320932.patch, nss-tstclnt-optspec.patch, nss-1334976-1336487-1345083-ca-2.14.patch, nss-alert-handler.patch, nss-tools-sha256-default.patch, nss-is-token-present-race.patch, nss-pk12util.patch, nss-ssl3gthr.patch, and nss-transcript.patch- Add backward compatibility to pk12util regarding faulty PBES2 AES encryption- Update iquote.patch to prefer nss.h from the source- Add backward compatibility to pk12util regarding password encoding- Backport patch to simplify transcript calculation for CertificateVerify - Enable TLS 1.3 and RSA-PSS - Disable some upstream tests failing due to downstream ciphersuites changes- Work around yum crash due to new NSPR symbol being used in nss-sysinit, patch by Kai Engert- Fix typo in nss-sni-c-v-fix.patch- Include CKBI 2.14 and updated CA constraints from NSS 3.28.5- Update nss-pk12util.patch to include fix from mozbz#1353724.- Update nss-alert-handler.patch with the upstream fix from mozbz#1360207.- Fix zero-length record treatment for stream ciphers and SSLv2- Correctly set policy file location when building- Reorder ChaCha20-Poly1305 cipher suites, as suggested in: https://bugzilla.redhat.com/show_bug.cgi?id=1373158#c9- Rebase to NSS 3.28.4 - Update nss-pk12util.patch with backport of mozbz#1353325- Switch default hash algorithm used by tools from SHA-1 to SHA-256 - Avoid race condition in nssSlot_IsTokenPresent() - Enable SHA-2 and AES in pk12util - Disable RSA-PSS for now- Utilize CKA_NSS_MOZILLA_CA_POLICY attribute, patch by Kai Engert - Backport changes adding SSL alert callbacks from upstream - Add nss-check-policy-file.patch from Fedora - Install policy config in /etc/pki/nss-legacy/nss-rhel7.config- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka - Enable new algorithms supported by the new nss-softokn- Rebase to NSS 3.28.3 - Bump required version of nss-softokn- Remove %nss_cycles setting, which was also mistakenly added - Re-enable BUILD_OPT, mistakenly disabled in the previous build - Prevent ABI incompatibilty of SECKEYECPublicKey - Disable TLS_ECDHE_{RSA,ECDSA}_WITH_AES_128_CBC_SHA256 by default - Enable 4 AES_256_GCM_SHA384 ciphersuites, enabled by the downstream patch in the previous release - Fix crash with tstclnt -W - Always enable gtests for supported features - Add patch to fix bash syntax error in tests/ssl.sh - Build with support for SSLKEYLOGFILE - Disable the use of RSA-PSS with SSL/TLS- Decouple nss-pem from the nss package - Resolves: #1316546- Remove mistakenly added R: nss-pem- Rebase to NSS 3.28.2 - Remove NSS_ENABLE_ECC and NSS_ECC_MORE_THAN_SUITE_B setting, which is no-op now - Enable gtests when requested - Remove nss-646045.patch and fix-nss-test-filtering.patch, which are not necessary - Remove sslauth-no-v2.patch and nss-sslstress-txt-ssl3-lower-value-in-range.patch, as SSLv2 is already disabled in upstream - Remove ssl-server-min-key-sizes.patch, as we decided to support DH key size greater than 1023 bits - Remove local patches for SHA384 cipher suites (now supported in upstream): dhe-sha384-dss-support.patch, client_auth_for_sha384_prf_support.patch, nss-fix-client-auth-init-hashes.patch, nss-map-oid-to-hashalg.patch, nss-enable-384-cipher-tests.patch, nss-fix-signature-and-hash.patch, fix-allowed-sig-alg.patch, tests-extra.patch - Remove upstreamed patches: rh1238290.patch, fix-reuse-of-session-cache-entry.patch, flexible-certverify.patch, call-restartmodules-in-nssinit.patch- Rebase to NSS 3.21.3 - Resolves: #1383887- remove additional false duplicates from sha384 downstream patches- enable ssl_gtests (without extended master secret tests), Bug 1298692 - call SECMOD_RestartModules in nss_Init, Bug 1317691- escape all percent characters in all changelog comments- Support TLS 1.2 certificate_verify hashes other than PRF, backported fix from NSS 3.25 (upstream bug 1179338).- Fix reuse of session cache entry - Resolves: Bug 1241172 - Certificate verification fails with multiple https urls- Fix a flaw in %check for nss not building on arm - Resolves: Bug 1200856- Cleanup: Remove unnecessary %posttrans script from nss.spec - Resolves: Bug 1174201- Merge fixes from the rhel-7.2 branch - Fix a bogus %changelog entry - Resolves: Bug 1297941- Rebuild to require the latest nss-util build and nss-softokn build.- Update the minimum nss-softokn build required at runtime.- Delete duplicates from one table- Fix missing support for sha384/dsa in certificate_request- Merge fixes from the rhel-7.2 branch - Fix the SigAlgs sent in certificate_request - Ensure all ssl.sh tests are executed - Update sslauth test patch to run additional tests- Fix sha384 support and testing patches- Rebase to NSS-3.21- Prevent TLS 1.2 Transcript Collision attacks against MD5 in key exchange protocol - Fix a mockbuild reported bad %if condition when using the __isa_bits macro instead of list of 64-bit architectures - Change the test to %if 0%{__isa_bits} == 64 as required for building the srpm which is noarch - Resolves: Bug 1289884- Rebuild against updated NSPR- Change the required_softokn_build_version back to -13 - Ensure we use nss-softokn-3.16.2.3-13.el7_1- Fix check for public key size of DSA certificates - Use size of prime P not the size of dsa.publicValue- Reorder the cipher suites and enable two more by default- Update the required_softokn_build_version to -14 - Add references to bugs filed upstream for new patches - Merge ocsp stapling and sslauth sni tests patches into one- Reorder the cipher suites and enable two more by default - Fix some of the ssauth sni and ocsp stapling tests- Support TLS > 1.0 by support while still allowing to connect to SSL3 only servers - Enable ECDSA cipher suites by default, a subset of the ones requested- Support TLS > 1.0 by support while still allowing to connect to SSL3 only servers- Fix to correctly report integrity mechanism for TLS_RSA_WITH_AES_256_GCM_SHA384- Fix checks to skip ssl2/export cipher suites tests to not skip needed tests - Fix libssl ssl2/export disabling patch to handle NULL cipher cases - Enable additional cipher suites by default- Add links to filed upstream bugs to better track patches in spec file- Package listsuites as part of the unsupported tools- Bump the release tag- Incremental patches to fix SSL/TLS test suite execution, fix the earlier SHA384 patch, and inform clients to use SHA384 with certificate_verify if required by NSS.- Add support for sha384 tls cipher suites - Add support for server-side hde key exchange - Add support for DSS+SHA256 ciphersuites- Reenable a patch that had been mistakenly disabled- Build against nss-softokn-3.16.2.3-9- Rebase to nss-3.19.1 - Resolves: Bug 1228913 - Rebase to nss-3.19.1 for CVE-2015-4000 [RHEL-7.1]- Backport mozbz#1155922 to support SHA512 signatures with TLS 1.2- Update to CKBI 2.4 from NSS 3.18.1 (the only change in NSS 3.18.1)- Update and reeneable nss-646045.patch on account of the rebase - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Fix shell syntax error on nss/tests/all.sh - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Replace expired PayPal test certificate that breaks the build - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Reverse the sense of a test in patch to fix pk12util segfault - Resolves: Bug 1174527 - Segfault in pk12util when using -l option with certain .p12 files- Fix race condition - Resolves: Bug 1094468 - 389-ds-base server reported crash in stan_GetCERTCertificate - under the replication replay failure condition- Resolves: Bug 1174527 - Segfault in pk12util when using -l option with certain .p12 files- Restore patch for certutil man page - supply missing options descriptions - Resolves: Bug 1158161 - Upgrade to NSS 3.16.2.3 for Firefox 31.3- Resolves: Bug 1158161 - Upgrade to NSS 3.16.2.3 for Firefox 31.3 - Support TLS_FALLBACK_SCSV in tstclnt and ssltap- Resolves: Bug 1145434 - CVE-2014-1568 - Using a release number higher than on rhel-7.0 branch- Fix crash in stan_GetCERTCertificate - Resolves: Bug 1094468- Generic 32/64 bit platform detection (fix ppc64le build) - Resolves: Bug 1125619 - nss fails to build on arch: ppc64le (missing dependencies) - Fix contributed by Peter Robinson - Fix libssl and test patches that disable ssl2 support - Resolves: Bug 1123435 - Replace expired PayPal test certificate with current one- Rebase to nss-3.16.2 - Resolves: Bug 1103252 - Rebase RHEL 7.1 to at least NSS 3.16.1 (FF 31) - Fix test failure detection in the %check section - Move removal of unwanted source directories to the end of the %prep section - Update various patches on account of the rebase - Remove unused patches rendered obsolete by the rebase- Disallow disabling the internal module - Resolves: Bug 1056036 - nss segfaults with opencryptoki module- Pick up a fix from rhel-6 and fix an rpm conflict - Don't hold issuer cert handles in crl cache - Resolves: Bug 1034409 - deadlock in trust domain and object lock - Move nss shared db files to the main package - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Update pem sources to latest from nss-pem upstream - Pick up pem module fixes verified on RHEL and applied upstream - Remove no loger needed pem patches on acccount on this update - Add comments documenting the iquote.patch - Resolves: Bug 1054457 - CVE-2013-1740- Remove spurious man5 wildcard entry as all manpages are listed by name - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Mass rebuild 2014-01-24- Rebase to nss-3.15.4 - Resolves: Bug 1054457 - CVE-2013-1740 nss: false start PR_Recv information disclosure security issue - Remove no longer needed patches for manpages that were applied upstream - Remove no longer needed patch to disable ocsp stapling tests - Update iquote.patch on account of upstream changes - Update and rename patch to pem/rsawrapr.c on account of upstream changes - Use the pristine upstream sources for nss without repackaging - Avoid unneeded manual step which may introduce errors- Fix the spec file to apply the nss ecc list patch for bug 752980 - Resolves: Bug 752980 - Support ECDSA algorithm in the nss package via puggable ecc- Move several nss-sysinit manpages tar archives to the %files - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Fix a coverity scan compile time warning for the pem module - Resolves: Bug 1002271 - NSS pem module should not require unique base file names- Resolves: Bug 1002271 - NSS pem module should not require unique base file names- Improve pluggable ECC support for ECDSA - Resolves: Bug 752980 - [7.0 FEAT] Support ECDSA algorithm in the nss package- Mass rebuild 2013-12-27- Revoke trust in one mis-issued anssi certificate - Resolves: Bug 1040284 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) [rhel-7.0]- Update to NSS_3_15_3_RTM - Resolves: Bug 1031463 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741- Fix path to script and remove -- from some options in nss-sysinit man page - Resolves: rhbz#982723 - man page of nss-sysinit worong path and other flaws- Fix certutil man page options names to be consistent with help - Resolves: rhbz#948495 - man page scan results for nss - Remove incorrect count argument in status description in nss-sysinit man page - Resolves: rhbz#982723 - man page of nss-sysinit incorrect option descriptions- Fix patch for disabling ssl2 in ssl to correctly set error code - Fix syntax error reported in the build.log even tough it succeeds - Add patch top ignore setpolicy result - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites - Resolves: rhbz#1026677 - Attempt to run ipa-client-install fails- Fix bash syntax error in patch for disabling ssl2 tests - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Fix errors in ssl disabling patches for both library and tests - Add s390x to the multilib_arches definition used for alt_ckbi - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Fix errors in nss-sysinit manpage options descriptions - Resolves: rhbz#982723- Enable fips when system is in fips mode - Resolves: rhbz#852023 - FIPS mode detection does not work- Remove unused and obsoleted patches - Related: rhbz#1012656- Add description of the certutil's --email option to it's manpage - Resolves: rhbz#Bug 948495 - Man page scan results for nss- Rebase to nss-3.15.2 - Resolves: rhbz#1012656 - pick up NSS 3.15.2 to fix CVE-2013-1739 and disable MD5 in OCSP/CRL- Install symlink to nss-sysinit.sh without the .sh suffix - Resolves: rhbz#982723 - nss-sysinit man page has wrong path for the script- Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Add upstream bug URL for a patch subitted upstream and remove obsolete script- Update to NSS_3_15_1_RTM - Apply various fixes to the man pages and add new ones - Enable the iquote.patch to access newly introduced types - Add man page for pkcs11.txt configuration file and cert and key databases - Add missing option descriptions for {cert|cms|crl}util - Resolves: rhbz#948495 - Man page scan results for nss - Resolves: rhbz#982723 - Fix path to script in man page for nss-sysinit- Use the unstripped source tar ball- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Reactivate nss-ssl-cbc-random-iv-off-by-default.patch- Add upstream patch to fix rhbz#872761- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build 3.79.0-5.el7_93.79.0-5.el7_93.79.0-5.el7_9nssbase.hnssbaset.hnssckepv.hnssckft.hnssckfw.hnssckfwc.hnssckfwt.hnssckg.hnssckmdt.hnssckt.hnssck.apilibnssb.alibnssckfw.a/usr/include/nss3//usr/include/nss3/templates//usr/lib64/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=genericcpioxz9x86_64-redhat-linux-gnuC source, ASCII textcurrent ar archive?7zXZ !XT] crv(vX0߿*VOVFmZ_@ܺ zAna-xr:4pP*"4?T#Ak1ЙU3ݽUK0[?<wzMbM9\>XֈUVN*z{[w{yl]u|5`dܑ<6Xec(P[1u@{ہj6y.rD=(naN+~_hMsoXFx5J%! mQQ(sƎTA_&:J}yS{t hg#^qvZ jL@aRG eU4.{ 72]djoRą ?9os|{8fi밆C9pb*Ԣ|PaӉ#jrr^pƥ0q'{wiALLAbaчo=@]Ee7$-wc |,lHnS;4h27Rt$l>'c9F--oגn!,XYSnV29Xg/@á5cgDE:B? w,l7- DQqQj@1cpV)MDTGla^]wj8N\MS"h%sP l QCJayVK]y3_mx*2OƖB Z;Kqtؠb>rPÓ!A3u$V6; i%LL{<32e)5H׈Dz6s|i}-i.3bJUȽ,?Ş*sأ&G=R:Q4L;~'W*0T-z+E_EiCF$_L1AżVPH=n7#ۂ rX!&>% w.Nv9| g;kx6\6g+Ȃ{fq*%/Jn.8["!EWW$)X*i=0%ΟH_^׉]]a5 b @@Cs))ؙT'ćfxzRFhɶu<¬׆lW5L9<[2)Gu<ן-z:\UyS 8N%:o:ON~mQ'&~"ڃFd٥E"}f]AYd6ݦd 1Pݗ~jdܙV.C:a7b-*h^Ȓ![5 PD8M~Y& Tge-, YT`< 1oD= Чץ޶ݬ LF3̦W 3 ? /` Elܟ5xNJc8RFHDQL~r9/q) (j*%sz/)xܝ8љwV'ip.֖gA?b (2GJ4P!4 eGN;'~k[1Ϝpbp u+Z#)\܊MZܺQ^lp VZ !P3bh>pQâH=O46q '3=y2`5O nukYᝒvgFTd@1 ׎[7{rNA $:t#[Ks)?]g K$V2Iyۤ{ޅaK/s[KLtzGnrY hC9/}T~MaIWd-nu\¨SVʧA06wЏt;hNi.;UǺDZئ.AbixoB"oLK^nTiR&9GDchpW,ӗ#Ȕ\%1qٰ*7(G H#xbCVcB\qޤ۵M#V$I\DҥE 5 pvJ<|چB2C8ǢO.]%Λ*q,<%9HUh4]T[h9whn T#"4vJ3b|2 6Gqn+P5>=eDN*S:9AS̿ ͙E9]l\E n3e%ani`68-s;{櫯BV`тOp&8U7.s+*:F >sܥ\ d*o^wV΢q kl+نt}*MuT?8ϛhesdh|cŘM6J٫=,B~p\!o=5Iˈ+ߤ HnGv%PB ̒ v@A|&ER PTEN_$>؇'KMMZBld%^w|R+hoQ9Tt~-@\P0Ԇ7wj_y[9Nâr>lKQfb2TO]b a oW oC~ 0-EĈv&k <q]/F~Gd]ssL+/a^zsu L?:qag%ۿQN$+FYC;d xnv"KϒU-.uX[}Thמ lF8u'$<.*X V.Ys3pMhsOGe)ȅyh}0*%[b쏊ԥEҝ7bh|rt|v rhi8{Ygix4>/ KPr.Aq<]μ fNj +. /Lr v1dVCh׹򡗋CM1%) _@^Ppf["]> |"# ذiwJJW55fۀDGfb/U)Qqcܵ D0Zsp |,"!XO[{DqgMjj_U-eݺ"jWN0 ~Z<_ o~v!Ƃ:Eh~!PZ H:Wy>iy;լ*^ ;8~L\ Y{lcNGaԂj $<…l(R7vj8_BaԻ|7?`k<k=Isֵd)93 dIfeѨo)aQ2 M'yDR&Μ%^E_ v<}yA5*IUV>wyN$g.rH1V.Q䰇hxd^{sC#%qEmP)O){Kv{uW% /gQPºP ~$$oF, v7<ԕ.U4J#K >S-2;ldy׺_2cV-02DCʬvԷr_~p"!GۇVǃIP&S;Ď.Ή gI 1~?jPrc"c5_u|Be>W?yfmQE)M@L-'i=ixT6cfV[.`-v>J}ʢ ,^܇ Tui 5gb;$B.YiU,Қ|&^3=!K&,}f8./`9ɨes,,P2LOdUηyM Ez[elM`У1b*3@e#-G\qD.r~k%FLqiٛvg7%DR⇛-7r[!$˶="u#+XV! 8!rMI`]] *yn!Vf~A'mI刑x8JNҤUD]=vUNLٕB NT?5/3SSROp^(Izi~H (p hJ!)gv~tH*E(>^=b HB„.t>A;,ӽ=_ʤdYFĵ?#dJ' 8ӄ5MaSSrJ^9.bM` @b򏪁 =fu1Oq#$1iF$_u=!Ȑfq0۱ tJ0 GFB;r]@TҝQ=mj³Iq= (h]`/ZxC)Nr4-bb D{z74SE q,v/@yg1f;**7"|Yklc@ vgZƣ&V@ ' +^- ba:SrlqHlSҩ0zǮ8[sa׎Nncǎ&U"iqKBK|~X&l~b{rɩY?3PoE*]CE P }"Q$'אJ: 9[wr"u[?I,dd,^l8@Mp_=F"c/[&~):ҩ0 +a|->g͠oh$vw#ecKSjRNOXUE2iġؠ${Gy%ӷ޻Z)KvIjX6pG1ӗ2TmrtV=LV_wgHK3==|-PN2^6$,X|ӬEW_8_ -@bG<{ h tb"qɁ~ 7_޺1 ξR Ni2Wxp8e BF@B=4 DDۛlfçnʛUK;n|r*ڮSJøwwPfuĹ(x)UHkOԘ L 25 1 ѓ0/&-=_,)$<w4G.SvAJٔBSWurŕ) S/J޼QA(].n jAH}ojԥM,pFǬCBunBQ>:pɁJnpP 5w뢢PCL6{-&%){M'=WقE4'Ʋ̈k[qIE1sien uFYdy81|k$eSf-C PG Ǹw $.V;4߻mMuIpc7qtUfXM: ܎Y}@-ꏆfЋUJm7ۋ~>tfSe$9ۇ :QC5X_Dhl8=}Lmco2MIN;;t۳05#/0MRa4t3@?C:yQyﶅU$},1/џq oNMRg)y+n(Dymx.zuJB3bF.UQ`HC`QLkpRt.7ڏsh1N:E^[La[ ExK3K ;8p9Q\V{|r:(cG|D=a0gYoÄYvjǗǸvw #ܧv+Hv%YG{%6\ҼW:ec(ߙVt~Xgȉ2eDtwh&݉Ap"gc2ln'asW[os)H&(\ [sfta;4oN5.$\C=v,I9q)_}s'hE(ܶ{B6+MtuxKݍWGb_ 8؛ُ݂|c&tJefdbl<*璐7GvV}mj=/8%^=&]i债"(X`/ ] K?EM8q`6hm~N&IVh NPWpf,~1UG Ǯc=Qy'tΰ!mZSUz^NKMLd+ʨ.< =ވcǷJƅxB7 CvGv"GՈթۡ x8@~U7Lbl\EP[#l:sʳi_U0Ģw~! ^% 4s$LH~i,,›0EGn+4p}&ߞ+?9J~+#}HY dNT>Tswed>~(y.ͺ Ucsq#moǃzz8.FFS X(2NLܛa~= 1僒.3vL/s=Vba;2],2kE[e<6E0X*uZYJ,\!M^z]-մvsRV(`;OfxjUeIngdHZ-1_;+iMreGV#~׽dWGY2x y"wD]oyAat)8&N - |H-rW}ł(D4֔I͡n|8FA+eE}V^I]K}(Tw#MuђC;aM1'|گz irq?5:qƓ#k$٢!b˫ LĻ&=:chC E,h%g!J?WHsSuT7Uhݞb;*fvtr*Pd">vp3"uϥ,Gd98h]|ae yB㡍F<{K Y2uS_Տ5'&f?#Aph_4|bT$V*"쇙( VO{|.IuȾ6Dk~/!ml"D1$ZĴ3CE.8 ·Ats}?iDA) BCRsF6يgMf v*fgϗl>nm7AYCyZ;6R TuN j~#(<׶EQuJ6z-w. ۏ<\Tπj<{@\WĠwdKjSL<<. R4k`$57o`y-.*V[/~w/0";k$Zip076n;4&R8m^7*-cGv{Ig.Y[Qsܙu#X+YWKMMBE(r oSlgtЌ4oD=ln6oƻh^,TȎP%q! .\2y?Cc >m.'\":ڈVp[PPV'uVr'R}r:6^A]}$xO~kh~`;Ս1;5/)|BjtkgşJؚE;<"ŋ'%QQ7vx}[[C_,LDTdʰ"k/.'.7{ϫ. KC7񸜁1m&EHTs*ډ̧:J^x[lnL((ɛ<@w(Eش=Um@`d@%ql3wVc$hgRK+1Z<5W,]SC( 8O %3hOSLD]wplL.#" x>4"Y fAA{lk}Ũ#Ev V˽ӠT7Fdp㶑G1͌*ڸ_tQٳ4(~{7Q^x[mh1c Sɛ]AuNJ%ZJ1tc d`JK ue{C,u%"z)-vkgby@Ýwlչ%N *Joxp,95x\fF&1ӯ.y Y% :kP_c3(Rzi/D`UAuf%cTp6MB6 SGAL.E4m}6z?Ծg yw睑aVݸ"o<^a8@Z*6Kn,>C, Auu{(_$'js1up2Ҷ<={'*!. 9n!SQ =p2Jk5HktHnQ? 0B%̚؟R#m$LՎ-YRyM?&;%k2یS$/ c ERvCٌx*0< Sr˓]2[ WH\撧j5\XgȊG!/39nhbBL?װ67=7ܵ|G7U@" s#Nuզ'{Hofc+-Rͮ(ٯ203#"koá)&1Dx2~/rnڰJ]+w}9lV)w=DRCCRx^ #yΪ+Cf$WR[O=#!.efl @\F=PDpLi~ I4~eJs b=~g5\14o{q&ie%{geS~7W=R]P;A[Um ZN@ 3#ht" Lb8BltȘmt5v ߾zTڧW2>V5,a'pqDv=ʓ9UG`97w(k,jnkݮ_Zj!H Q,Q_}Iy b&~_XyQ\EW*6޽q(% k ~HD@h)䨈 h=`DcW"!P񞷑ϓvm_U${me ;$,ähi{TJqN-j?\#H\Dy]mo~ e+ȴoȷKrsdqd^+7]:{f~,z*3в+l.$6_4 ~RBɎ8K*ד\c:z5tnlAhs>+Ag@D~ M,gs+շg"N41IʾlDxAWcƖ?s+fR2uPXx =<ѱ`nu#vZ0Eeڜ(#,=ݕ!*߱$3@y}6yh]"m5CJ 5GdAp^H:vs. ,Fo2/^'V]H@/"Bk8&p+' FF 0 )A#+7WG%P\ 5?u\4NY0 U>na/iSjP$˻Bo8v J~WwQߍr&$ yDNT Dz{y90v%V㿅uC 4sMK|/!V$TA_NoyB9esU[{U!vh]p@U@*񟗇 kCLucYCdͼ?-Pj1YcIӆśSZjJrx|@ 9/ͫ kω˲s/>{O`/7_gw48G_a=˄B0$|9(kmTyg-n1+їj? xDЍ reܗt#}j|eeׂ5ćt2a(8V5-2 LXU) S?!c}0ڔ a׮z0f:JXMW.=8D9`o y#R( ťܳcq5HzU8D! =yAZ a satI4JA@u]|dmCߊ!4>E4\e5+H>:y\a4BMJ`׆") $)1=),KM8y# 2jz%R?8RDi^'ǷU gW1I Ă,}r9iZU?m+٤ 'DQ(cK匐Cc3CI| -1q"CmܜKόʦ1ق~:V0(hBҙDRF.=]1v @;%t70vDdV{ N@ʯC:gD!@iZ"cSm$?kKʱlklt3&V %)YЍ;^&r0-ܽg U[9R=D1i y /U+敎@%*"ŠHM \g(,(/; &TV&JѴ$F*VUYc־4$< Š}E۪Q'P\ dI 8IWHɄV'in ]G^4UNVȮ=' Ӳ8^ϛnS AO6zبb@>yP6|p'U> XhK7>rf.HrGF('Ms#IjCg;ny@kS(@4Hn.lu6QאaQ 6N.UH@ż2dJ6 X*U"Μ>5*ᥣ Ljcn=~MDSA-l-I.LgT3}|6֗V~N˘! 550n˥xU.ձv& W 9@hV%&#})[[wQ#AS74 *nq7ke uSZ]kB @Q-kOѣܜ9%#"H̙E8'r.tPK)s%ٌ9 vד5%1+'UrbuHRV$~ Ő}=(xc4R^hZ컷q9ˡEWɉ,Kp P Tn\QZi${N*VXo8pXfI9c16B {n ꚳ?cN/%2J<2vEHY].xtLk7Wn(۵{_h@0=yT];n fGUR+BJIJP@@83+9>|3r#a۫zr XA ,&B|̶%jjCC0没1B=_sJ f"=ߧ4!C e$fiET4UF4I0NKq2WW QFXu{HZdeS˖&e= 0&yx%ZSV& r˼*vij|҇,0-4\/U 4v~dv">s(lr ]Dr8$= \pai؉a>_ǍS|PO$P:k${of}bXnHLBUBWYXqJ3,_E«y}$N' uLaWY6!"x- Sc5ǁN`p5{u`C1P &BE,wHٿ3SXC;FXNY+-vD9,?[Hc%V.&E|tYmh8 .9T_U y LmǴgNUmF cxLJKyNṁ0zYEXM.kR&; P?@8PI yPR\,Օ+c6h$]E:sfRH`?s+54i I@R}ZOJK}obN G ڸEq;`!{u u9gu~A#( K xvT1+8VO:OU1-(TȒ6L%H"[RmPbAl674z]C YNLÔ%HP!\V f@vctF̌},"0 C\ 负_W7lb]1l?ؠhJh!]N'L2o#rC)(%}'ZO qν(KS ӧtl>]E[>l i"HEXuiơ}퀛FJw-Iab;V,5 S/e:\@QP&Exϕq(K*o#RH"_$*[<#X: >d"P+ yW"CL^Xi[wO#Ie\GXcTTҊ8>䨭;KapGu݊Of"RK4 {U M1!uF;V[47~ƺ󼞫* \TƖvDNœa"da-mS SyTkl< z6'N/|%b{tQ'+P/T`=w4 4WW|_c߸6cY!I9IDS9H\؊|a@DڊC[n96sr! #Qd!F,M91P#%Ec21˙ͪ9?6hkپYW :j6xg9S*EFR7d(-Wie [Xw[̎0vҞҬ J+ٜݼdXVφ 䟁9$R,?bdº1GI| NasMkZTC4C1]|OC o3'pr@eY'&$;+@@N4[pG/SUs!=cvdlz"uH c ;:)'l^j="%{W5tst,O(VV6v8y[Ļm4[[L8Hʧ Uvu n4X>"|{ݝB8#]JrTSNYa7 KwˏwnԞ#Wx8ӣE[k2p,}P@v Iă _'éXUG6_1>[;Ku>ogEK"Nz qpЗOz# 䤈{A H/mɿV:lW>bM-)</ɧwMɐ͘J&q-YJOqKF%1;K4_h(c5U1tgsrd֭.x!m듨$Vd9١<%C >8=FIFh\ïKݢ,jPYT,E0FaX C HyO swA0{z }Z&A#ČTN-4ڴֲ85IX_d;N}jǤ7 c+nTb3?W$9P| /{,gcCQxTt\F(B1e,7#ěKXֶ~1YLf$r% =@ۿvې:(Nfś 訆߾qk/hX]. 汤=>H7/7yԊn>"6PVL4i9mZJ; h+81L I@mY ~h7Ȉo-|il}uQ|+:5V<͞,<5 O{Jhmc)(\1g&yv@">E uL#ޔ.y-xѡ90l: F tޜϯV_J`PXChaU)c, dLW݈M>jC,FKW} fjWB~6JnƐ qR?* yOp n5:xkhiivhv:?[kVj"7fb\ȆVԬ.+a$JO 9w=&4v"o~f%V`%sюMJE#qBc2ptx >]: oЊ%[.% ^njE q/5'/VzHMgÿȍN oj`Wqv,p--ib ,d2 5gY4/ֆ&vwdE('#:]4e'kiIwR ֿi`?j{ ˹< CQFޠf;u[rOYG_Xanl/e\8@)#x;+ŷW}\Qi=gWКA4ˈoLC{ /(kX 8=lK`<}Ϊ^l@/|GcIz:+Y90iZGUJa;%9+mjF>%/TUۮ{~/&S ^w'*6_ ɩ9!dʴi_*{3ԇ'T~rur3=. [eIȧ8Mw\=[ />#շO^#SQ9( 1o3=}q/o+.;+Y=S\P  ,JNv[;\<9(k.9!IBoR+'L}`%ˬ$U|V`!"7Se*H=*L%]촃1(wqsLRzuHѬeV4^z]% c>" @Lu_ va:y C龶bޙ|iK gT--6fnD0W,*<3;ŭ -2;EER!~!c'UWs>ْn;m p-XqM*ǡB 4!(_zӡEx2yճqj i*#Q'HvUu+65­ 3oz# I#<@\T<iG9@=>"D> P/b_xW9__;>?tNUrm>`yG?3y?Q9 ѾbKX.l$r޹D{WQyɂИSH~KI;=OUI]O'9 OT:ȷY֏#}(2S? np*{IڮsI5N} t ~Z3 ;]\F}& &sQpRىѹoc:6ODҏ9<Ѩ=jre7 1b8҄'b :ưE"LmNUz2;<1CQ!f[{}@|$ n:W%w \h?LUzɭ|C 5opN7q7设)SbW+4ӦXW ?Cs`yb&[,oi'%I?:&x-SJkdrPaWqһ^g+ɰyX"Et`%XۏYR<;.XW[~[H'\ƉP]gv "gfܭ7JV~&I,oh6Tɸ:Uޫ- X;ll@%fޓUww,|a\JaC0߲ _9<6:{_V1sV1I$քF43 NKJӂ'aouh'BL^{0"!P|U$FyRmso&,R跺5)2v|ĜzmD`X]$>ZH9:`9h rUːa؉֕@ Agmmԧ\b}cѱc Ȥ 3Jx^$b+>`\]PBÀօDSSQ*!w`—Is~/<]u? z8YR(Fl!74'ԝ(:U ˚ =J>:*wr4lj(hO;#"~c\Ǣ,Rv%M+/&'d8Sb7cHlYv3diή8T{fcrrM+ B6H$%~7Up0мkЛ(ڍ}_ _ӕox=FN]lVs,ŧ0 1M?wש)A 5a;?_h2WOɺ$ee$Ӿ9jjAYW2|=ʶkq h.pj7Fz5ۭ5r|k1(Z}V GRG_W/+ W(!>"S+l.F̄=n`KW$ r M>$U*JBiA=zﰵ;U*p^Jёn (ܣ,Ư ?u&qWfk #)J8.8q y\=E Icb qsIjDW7C =mu9qq.JwEJ{LGfgh#>5 -,zJhVl\ *c(={5^0' `/Փ Tirڱ~ JGDY2A4VR* LQ%4QRh7|V,S')!-?O"KO(.ĝ|=5"J-lGJ8aw޷BZ -T O YNl xOYsm8J)Aq:SVh-B#]g>?]hQ Uw)p=\}_Fz?ךݜ)`S4gP$TO|wv{&9a-?{R>pI20 E.oQ ̿ʍV<:\KYF|mwmԊш.*BPAEZ͇^TaPWZ\"NU"78d_/KԟYch~$;榇‡@e+b.\%p-%PqRgGF@3dJ T֎sSA"ǴW(ԋ^I)z= JԿ2:Z Etw*0Sls!sɟ ,PO mqy{xt2skŠƥJ,Ӎ/C2?1gqV|ymCΠ* >QǷld#M܇2֌g]m5H Z(zJ isDמhoLsԴ<9Xp+1*p˜ %Ś@-m=>dgVCV2͆pXC~M +2"&aIɓх͙ϡ&-*4ֆZIȏ jYNye!Ir~]Zu_9Ԙk"J)g{ve&00Q.*,5Q Cm^|pU{N;1xjҾ (8a>k\I:qwߔXҫ 7' JZ@ }լEXVC@47YHTzJ8S#euDvC30i9XY\*$+>HTiosYҾ4/ l+ŮœWb #*:3Ձ e4Xf챃Q"g_H.Z, Qms8zhDӬ]H^vxL`{"+8H,/XT/3ދ0wP)n R5 𘣅;(VS_j,!3t2}]Y9ȅ@}5s#{"חgM [vR h0xq~I'2OZ}M}:PLӕ?[ϓ͔uMy&=2P(1]/4(צo j' ÅUCIzWY|Vc>|8t;,; Q3C/`pC93Dצr1_IqZtz2( n(~KDȶD,Y&[Z7uc, 3 ő&˕AiLU\4+.)Pnp6e6ZK W8-TBN*#/BW7ƃZƬ L䁓 vS& ʫp+ۺ\xĭ *DY8C+&FPɅQӔpv!kH0Qй%\tialpO:2f`o Lb M-WSYZ3 ABQ9A8n˙@X׃eD,{Nrӣc}uzɦ?1r{rHJjmYeD=BuH|$)7슎 wW>vA<˺zJO:h6Xyp_> OlջSo[]r7f2n`<?.|&yKϱw%mrϤZJ]yH/4S'(ZLÎ@G^/ !fo޺Q0N\NJGsnԢ'BZm{әzhPk>z {O{DlLqj1 A)NnM=`C&_)YC`o*HWl./![z2], RgxUCK't[S Ə}xb*?.6;qTx5Ғ"҆CJL >j2vм3o19 v굄>rkbyQg$Jq˔? r A6EqM`G (VFx4ٺ$o>"L@5y\xE.˚yM7}a@[HEBU9r+-dSm%= Uf5y{3[ 4'Ћ06.D](W D|'7m BJlfuQ2v&?$@λdgDX$#EOSҞnggٍM`3mV~Fv)OwD)g|KV@nTfк+ /{ʗS+ׂMdWjFڙS+ Sl*QT =G܈9 zE;A)Qo%K4K@~@Ǎ>㌵@ֳzPlԹ(Y_-*#e`6h?G1g/9 *BP02'\V&]8G!dwIc9F j!ӣwM,k{tZ"\s7S?ƃA4nrL&umɬJ_*\pSNyp6yI`wr֡bP6#L@ARzt%I"y%3%:i3d6P7}sNQ7PNCU;&PA0rmg#.7M`~>1)dPٹ"( +X{҆غ[bۓ03ϳFd 9M sYs(p)C/glzBM ܶP&t<.ĉ ^9KŁJڮ,4ω̵EJ#}d!H0FbD`oa [,SDc͹C1,PJч F7Z!^Am{V%[Ч^9528T4N c5sN\WXh oKSo8HnD]h!kixශ~剽`^d\r#ңg36kR:ш-9~'?\er ² U)J`)EJ[V;Kd9N#6$y-)`vt.c 6ch,FcijlGy𭒆/eXK#l?WnÙ軎6`;<ρ>/ƣ2uA<[jr!bI8&2rsĹ {;S%5zm%ƨ33Lkn< \\6I +h\̋eεiO Uɓ '%ɩZ3zfkTha[S31 ؤ)=26"%H9@oDv( ~@'@ؒ_7Bk!]Хhr{rW2=yIdtRz8_& .בĽ[o#E;+@w&VM[׮Ծj} R:@.q.+-Gu@z)?~Q]l_zԩ3|w,W|U,Ё[`m~&{nm E^ưV516gm `TC*3}M?\^p5Ql9 k^DnvS8k #]aAlq},[hW͏5 OEN"H{(]mk >=v֐Ƞ)3A܂A9O "WT6|NfW>nSAU)"™镊1A繏cSB2j++X 3+yYH[~4Щ]ΰG3שc;قu%Vr303*JrPSloB##S`=;}R+2-Ʃ,]<#E Zvs7M!snЇA3}yAy]Bn8-BL 5h7Iv>kxm"cK$@QG~{ 7L*{@+0R4m?njc$@>s^g )(DDZ)N&!LI@?LAsܕajvUEy;_sgvmE/g?Ḿώ% ά[ΤT@I2(n*8IQV&{rlx? 8هY,s9ڌ)*2Dg҄l z| }#O9ULkT̬X8N^ɺw%p鬫hvȰ;$$T-N-:Yq.5x8N$3{| 9Hi9Zb"i3GNMa0u\oDL7ͽ= ?]>@ <^XIXG?O6$x|GI G\onpEa՜"NYݕ)i&6)ѰуBOC .f:HNNS=h@eJ49Jr\yӯGBHp+T>7_btHK~D~Y&L4wmrDY @'Tbudj0PurOqoe`w>Tvq&(nG*3/?xIb,^ahJ]Vd({Q~E](P{\I3YU$M 7Sv۟Kw ;,eedQr8JS&Oe밍 UIM!e<SKwGvOd;EAk_מZ.DzBX,BR#p!QZ TK~K 񧫉{>ϡF 7V`҅Fd476[3FJAvFH3[!%ȴЃճ)4n%4xС`έu>] %zG^µqxC +i*ː?ĻT#Ӎ,-Ncu(1sMYHdPgnk8x phUb?Np:umYOj}#wO_uwH*524&8t+H.aY,i?FAƞj:Ub*KPcφ^z%x\WL>jDrK3xQ}H$[uT*GR©^g TL!(ͷVڑ\ 1ӓsM23iMlg<TYjE$TVâ,9ZZ }hڞ9"\}υ'Fv(==EzbCvFh~||<‘v#*&Α?0wV\\ưߋ[C ,zɮy!:+K-ܢGxߍM־n2rXAQa\~GڨWoF6OM/ERө\QM!/4>WUmck\K|-;LGK͞7ttv}'[oc|SFf:=bBQ=Sc8w$Vȭ0,؆Kfԗq+tHv{5t;{&PUXm,_50gEcj'7(sHPRŢ8N:s#qaX*4]Yf59[dh\iMݔŖ] Bqtmb%`ei$qpڍy$=e"CO/ 9FFƼupF"21XU8S&8ϣ5Y W˨w G PV?ϽwV(aMR^ϳqMLy߈p6jDŚ:{60P=~_B|);,Yb8`pH?i;xGWfμMe#xDdb)|!@2RzvfJ~c?JYޯ3;4B&.:fKYKdYzW'UG#`Rįv|`y@Y'R/f5Wz&q.o(^BGGr:q`|/_۬C٩`'GmŦ+ B^}̕F!km%$C`7i`+4EE:i'S뼠 #YyRVK%J/4jjвvG5$2*RSozyeD#큯m,NMdeBQG Xt5M&=iq2b6(=»#}BrX=LݠI3ozOog˰N^jnZ8My5#}v܍#e5RU}ePl7PeMdZu&߂[Rˀt0wRoNuIoaa3It3UTo1@~gXmAcKU+~`HQ)h1x:^zRTVlZI:dd mW4u 9Gֽª#jŲߏPֽ=`T#$_ Ԛή*VY"VcG4Eqˆs) I%` -KCyH, R1I[ԡfcQr3k;+P쩁QffB~I: j{} E5%5L$ś6ɖf!dߵkOo+DZs4U:שuB#b=Vlġ N7/XwȦSt^=/ )j咴2iP:ɤAsе1uk:=uyx+ cTJۯtFdc3z~rM`<7T*"h#AUd&W'tl(u;3[y351O|UqoAVt%N[] ͌%|,5xkV:6yKøj8G<ثQs嘀*k\$+jʹ"x|kKsŚwHI`2UJ'2 tG鄢r#D\n~ q'&Pt3Ir@~%ZYO6a.0Q@6˕ }o VCb %謭;.@4eDA/wg^)$%M{?؋}<5[u Z11c؝t>'x#W#/59H~^1z +j5ݮ+hKa+kPIeɻCꆦTz֡fʸu50'mjYUN= ߍfdѱ ]Yu[b. f\tПhƭ11.&4:pܢT|?r RГ*p+tx"T(Bو 2&_.@1k' bӲZ rJ6XFӉl?S4]&3h%:dxf"+YŶ"mtQӴ(nC4N ?}ɇjM6 TC_nN&FQ gf•tYd?ɿ :rNZ &+(OKx.Lm1{0# \8{ޛB )ڈל^" D;:-\ͱ!-Bc=,A2Uo6I2(CߐgLPQg> %rhq{UJBSZI y3s[iutδV/6!bq5AT28F0 Ay5+:Hɪn|~@oZ<+vE89 pwvSvMJMdbjt=r2 #/~ZI 8mmThθ*#U|u抠RAP繥ytZ'!uç+S"aR%T,j0{_ L ]TyӸBDrF6$lt(YASrS &U9 4q.l/M,c"}<h+Ő؃DdA4Zyl =ݓp ~J([y$Ñ5ZIߍBCJ(L%t|NRXtv+?(Qvfr*YS2VƬo2=@r\J&`.R#tĠM!w;oӈZDnO:dbMxUdrګ aERo$~UQ)u XoO5A1]di _۷0x"j9m&YăFc;%<9q޽x'27Ÿ>lF )ʿWՆ,T&֓e._5V?24Ot1EAW Pg W'XTəm>\x y'v1 /~K@\UC{m"QEvۋ5Ud+:,czGbHӂdLF] k:s_Õk sq,Y3eնBtY՝y0S, p(mМv>W&CB必?=\;8qw gDv=*ryQ㜷lͱPvP@d+i KTOt+a@ɢ_>yY)]ki nXjQPh[˳a6`s:vʏxTUVӋ÷y4u"7gQ 7K;_ h55̽E@kЪ UU֔C8_Jv٥)l}7r:h'_N>Zj*ڻ _N}QnCŌ;Qi\p /ͤ/&P'B7I-~Z zB7W ﮍE:Nv20h/*iag}u[< S0GJϚ$qu$ْPP=@`_?T7۸#*qngGS;b]}-\%qZ4[-T1Y,5yΠ`4-(f@0l1:=˃X؏ 1=(DcT&R0#1Xn143bb8ND&^h7G.5̟L3EuļDe ϥdf?A$bD ފy5>b ;Âɒ̨۫$ >97%00 ]u‹G6ki9@Y:{ᙯ) \D-He`;e{!4NlIFM$b 2l"Lpy=|"5Wcmp; He7։^aSE`$y|*cUY,۬V*OUemC9}9GT7)$gkO뤀jgT6]}ai)-߱&Ĕ;Tֽ ᶏӐa.O* 'úpUF h1ʍCW퍋ViDQimF43YsopZBH챤܈D6?&t#r'h R-=mf4y|9ꡍ]}x1sZ|D7<; (IOain?͂lUͲJ<^:h/Sv R-b7 ZҗfVou3-,&U _l*aoR?tJ/SW&+(U%p@,,?*/P'=׿jg_RPmTɡ h6Y%%vKKEjvG7H!2r&q+(7-.OYmE ]yK+It=2=؝*3A j5lw 6al7Ӛ8pq>78Ѵ8@_wh53g.n+6L`߽hj1.9+#t5fXl/DKY)cj!7CM_Y>Ja'TLD~$%=e&{Dt{Ye&x6{ 8k1 D(Tme_nJwI}`zHll^{8}.Y g /P2X.2+Q3g6,Kϔ-р!}" mpY֗*rY(!TC0TRMf4Wr͑HMgU0)`/T1QB4nx-Ed߳WH(Gr~=~30滑 LqKZ< gǐ=9߮gMQ<ߧΝpցR:!ɔX4:M !)š{ydK" h@[1sE2ˑr UɩBDZ"m0F&;Td9vn} y~=Ku ~rM$řJh7' p3hH*pdo}A8ș0#hL$46;:a.{ٍC*<{ DCNPQU`8hB>k@#y7&1GVE:S'k~n-+yfkk'u]I(}9`)'N6[uс<#M>s7!kjR>椫 !Z2p]/[u_EdjK$Ȅ]8p1zǰ[sF=ۤܗ>ŕ#P-İgo2pe&XuTD.ڹu_+6Bb HoyyzT P:lnŕW*wK1j2t,k^9M@KCaٿzzV^:p|})O 1E+㺫T^paJXFh~d 4):Jf !dA{p*Օ :HZ0כiQ!{̌[HmZa6 y)%#VaXܝInvuJ&`zAQ,_/v@]6d~`sҞQP*7{L"ػ8@ӃyuJ3>:b%ݒ86?EroQ3@lY@FnZ AO'=}oy6gkA/ӕ͏7= o(&%7mQ` _da#(M!lzϓB灜C ؼ[OuU_Y5ԤtC'R1)zt,  RCe܌&ȭcs|k#jHD`aF(`S6 1xG}uc1ڟ)J=Xۈ8qn?ޛs Qqemp |sc YDPd|y Ծ35eQ(S~RI DEހwSy".48oFv`eY0۹2";6t&C%l rbFo>ov`MIY$?rͷUr2̚z5xBS{B`.M  JcHۡ VeefQtALԪq^?F2"󰾋2n+=>sZ?wzA!b| J8IbѬ]G٨_Q@w5(~s 7:AR5+ |jt|m+O"c@,֡O2d{e1k>CxJ BaA&?kKGO ԑRؒ55vX Y܆ꧫjxH,r%_6 6eNk 4EROnR5&=USʎ-ެ$:J<*ou2q@93&r  E7r$,Af4!&9#Qq9RP* h暜7?]| V-5NR3 ɪ Gɕ*5˴g" 鲝b_**uE QK7ʼbk.'4_hB.;!]ZTTΏ/=o[zȯ{V WRB<mrƧ:)M_R>z1EFU7ԍ7wc[5Eu)q2)T!x[۹4% f"]o'M_on~0}Kt6~cP0@_-[cE :7Û&ti'tCj^g?;wHVѩ/ &12A 9'7A=bKȪ~y"ɩzv-0}?H*Dtgddqm+pu.!u/xΙ4 F{o'-`($p6qᯪҲTs.Y r-A?A)k, 0UЉyBZ.JN u<έTpSTMޓr6!&}{P}mԏ:7 >8YN@LW"җlߏɼHÒϜ w눯1ehLtC6^C-;j?쁂Մih %+.UA3x-8k<ﴧ zeJf~bimׯycЀ .NeTtsC2K(JZ  g9 `K0<n!E; &?7qlJȞWJ[}e,t+T?A<\mc;E{}Y+. ɷNW88zoYh!C` L5{P .3 '"Yui=̩@F,{h`|a fLCHKr:5Wbh@)6K۪?RS7vh0?gJ4ZSNZ-' ÏWZJ]|<k2MF7ȴGp'>U 0$|R*]X2yv_p#Fm ZB$K`=z=9 l\%hA0iQa1Z&Ɔ7dQJ;y1GRl.ZSϞ '/M_17C 19~0Ӷ]G,rPF4|q (ZJ!"{E[ee#9CH4DZFYfȆ=1B߫w8!rD @BAbˡ?Ȩn#1eb}gУ~"_柴ʼn薪|r/ta5 8NFC `g?M 5LvEq*61=.R:YL72e@1ǫ<}Kvҁr?$-[scV07"!9͗3ՇW7l'$d :nVˑ`푮u Do#ǯժ)q;h'GŐ@L?ʸNO5Ga Ev߯LY򐽮DKb%4H0Ϋ,{ z3St}ue7\zV)bjm&W2;I(74.* pI+LrNڒQ#(gEPʩ%_@v7$C] 7@Nm )-s3Y+yqׄU"]h|ZB uWű|T/!rYI[ЗD#5$EPA &vTg?sa94{g8iVѫJ \>αk:)P G/]2RJY0 c.aZ]6kAmnV7*~td*%v$|sES~ yx5,,nfA^w.Hh[jO̊OҁK@! ,d[P.B8,Svm~&KI2tW` &OutM:yKlh섚lTrn&eZW<`'e)ffV&%PSp4_e &"!’ߪg;enw4נD頩,{+!hI sU|\q- f:qW%_4j7btQmBWW\!{$Dwv'Zw>|Ȏg ڡ@ٞnvy \ޠu+gQ{?̞ib(GҠf?R)rbP^dO+l5ٵdSo.pRRN*fn筝=5.{\% j<ߛd|m‰ Ʊkb>dt1$ZAx~%!avM#E#,&n恐?0ھY(lzE1^NFvUKEp&kʳ焁P%s{:AEaۅS1:}&ú 3n\d}o7~! ΌzrIr_i~_G^b t!T̽nx_$@lPHNZf C_6%Fvoq!$0֏L!ӌ2K~nfsEfH}ӜzPp2s}Yq5H6\C#*93Q1%ĎNڲ)L1@I=PZh/s̕(oG j= /2EF7<؋{PiA rqyGCY {-4. p>߅ӧ/6!w9!Hx_avA().}8EkU~ƾL"^t<;6;U\獆Fh/$ 7- ?3@_¨ mJ{.Pv!tf*>7GPhRnh~5N 1d:ȦKS>@li:vؚ>ߥ1%Q2ol5qHAʝW>>#NYCZEgR_TL 8FB5>{38o;^ ~ 7?C)'"^؛/N89/ ~hfS&WA4`A.c?vcuiXb7܍Hi r4_7Kp5B8 ~b_d_gD@xZ1Q. Ѵn83߉C0pLyNJS)nn 2INAB4 Օ | TCI do,r_CiG矶_E ^90f\LSyFQI2O9̴7/M "L/v\K5p9qWhxk-;EηdEMOe"(5W$ Qs#Vik=`ӮSM9Q}q(y>뼗Y +;xBJcHOXm![cR L#KQy=0g(|ۺ-VxFc-G 8ZAA|[m}%ž(M^0V:D3f}-C8>(ӱ/_ϯA1]Bh K ":πPy%ls YehxhYYeyscbӰ׸m1H4|P#VۦA$mj,]ﶖ|g$b=v97f֍vOojnfź0آ6a*5Cf#]5#6hVWkF|+ő߭'j3ߗu|ՏAq 4OȴgA& Pږ;C* 9M%Q4PEQ:/,=θ+`G,lA˫ ^)7@N(_Umq `!ȵ KdP\tsm_]K"ND(v3)5fߒژɎy"nz>ʷJm^ɜV};;x.KY dJ32u B@ӰY_ˡɐw6ⴰ<\U*hv@u"A&"!>Ahm|\J (UkX,~ٛI"{-oXʭ1؋Z\-4 n۳ZJ >9)v(rg`3ho' :\FS53L}mf#t@G􀮺AS6.8= j뇊(53x;b!Tv;)2;$( \&VKgXyaCSS9i{Ɲb$2 z]50`Õ5bȑFx\m@  lj'VD&1[z;[!/+'nӣ ' yƊ 4X&l8aGo,a/D5hB4CeiL$r!4lT<0e7M 8*c#A }ćAgM/A#M/ѣX ]YXO*l=s=Q y6Cݧzpke]9ޔ|Lµ%l1z/VTUF@RS5e]^$ rL?4y@Y-y4u[ߪ>W #B,B]Pޣ>Zi ,'d9LX)N3SD~RXG%R>[ 4LL`m^|Zd:o(Om/[5c mԷr2 |oe̥g/ʿ Ku_;ܱS_?n yL4>8zW,9cq¥ BDX%QU#oA0ލ,h+|R}[MM2Rrs"Ui#: vi@?9٭GhꨆWkj38{pC_ۗsiˋ5Cw%Mg7>'ldk+ 'Hw*z,qiE <ڛ[U׽́L>6SPPTw1Mֵ|I upLAd@5kts}e|t4qpqaCcX5Rcqw` u!|i1T6g0ghDuX)!2nta2\*gd-VLexSeZ$]BWN~-92b@M$*c++Yր[9!x RԋbXGewҵXgFJ BdKBy QM}ٔY` oiGbr5 wa7B"nN+RU܀)v OMK7c^x!#&Վk|'I(Qm{>DoU^86)ᡨhyq(s<&~${T[I[`;zm\h 4N`c p`|ۇ<)ÔeZE,z-*u `,_C%#;R+΢U;?FSB$:n^Zcq_)Y00`]wt?/"n@g=W Wn{We29RFt!aBP#z7 ?6a>~-GVKV #e~e|vo̡MB& Gp8jup-yGjuoCJugq2n\mT;$>ӜpXԂ% p)2.I\^^XfnN9 !EŇWȣd4a5I6hݩz41OPœ݀( !-rV1mAA52]5]]Ȭ`Db5voeh^oFiȘ\D\U7&af12u-J1kvս:Pp B' ͢U%}`j)7}b9[27rKn7Q k?BI9:m~PA]Hοv)⮀ #8V-XY Lټ_ Xrl#v)͸z]0]G|k@DK;v2~UetQIk1g)po1Lc&QXT1;:2BRg# F]zշ\}8ݢ< ".'HDQ@&%Rg8΢؃e\W$ hIκ >!JyǤ ,I^S=:&^I8(zHpG`ore- dVYmismb$&\NfC dfR'=)m P{LK&MZPi/ 5_k#l'F~Y?nx-s'&1#e 3bpn*Vq:MYUzoV]`7nhn/Ah)."Qn/g`AR涀!hC`R6Q?(ik0pU_j&JmJ#u*| _@[o(;3Wyfi6%ơgJ[vkj%f{DPB  Tc4qnNgr+V@F&'X3A&?Pqlr>=6 *(ޘMJ!87j1y-^i37u$}P٢=9-|TEc7u @XN~:ʚY04$9m._H+&U%jƘ):2ٸfx$w/ԎbXfl|m?ٵS5t?@ ^ (ܟr?oHkF=X v,c4+NCd_@c'bGV\Y:| 1ğgeGO+3)p+e2ny]Pr/a<}Z=CLE}EN鐗7cNT = ʴI 4n"7FRIf+9.9 ۚ|#iYFx>2Q#b;{tjn}4ďKxd|&ߡ`=\e nW٫C촯&XDJ;t㾠gه𓻀CԟUM?a:3LE(i MJݹ3}k @OǮ0{&,:%j%V5<)sul2jd Q]]87iKd'Ai3GR)]1sT? &Q|vb#\(RSz!U \ٮ*#k:tfI1:P~%&2ľfU!M O&(AlfQA)>S0_G*n>NtH4BT=ˆOGOFAX RK ,z|M/L]~/lR{x݄&_{OE^(mJ$3Q3g Zn9$7l8oUhS_˔uHIRYn(IgR߭LMFIe +R{sQ>0e(}IS.ek~=*?|7K/09럥, ^CGHqb6\4ZeRqql (zap= zx@uJY)tw0w~l 2 ݂eэ\@h[} dׂ,I{JZ{mRL[eNsC%WLGIxZ?+%owzq/<'ĿQ#7 ­JbM| $׺:EVrЅ/sҬRцr;¬%isIMI9|[K|VܙYΏ+Wm,׵n2'4L=A.g5{Ny_#M5rJ^J4\f_H{/Zp)g!lF> J#DžGcxrڠCMzTPp䒳^P}Wz<RF{< OEP)1rz( .)9 u,Œ~; .(A@vTyI@I.m&ywu:1k]R3Uŏzm07 ʛEM5*v`L~{R$=`5=) Gsٿk 5-c[C킭}|2dؕC@ؖk'FG_VsuHe;Ɣ].3i^*t Njay)%H361ϲDsiAMeOhl xB'o;Xr d,K, 9#ԈtS_4n uv_|p|qtWGyAOVZ/k@cb ~) ym=sơfCp[M XG|SLCx{ǸVP:$%|y(6u\#|Yr֜R z)Kz\*rn1T;#UBM"Ja+УkujDgqΟ  nH,Dgʟd"jlXMW mw=iI0ʫw6&2hGS[X[;72^U+ e= ]`g{꩎戵šzP<́q@pv6\$ZT0ꡔ;Guq!N9קk x3[ױqB+h[KxЛ\ґӬCD&VQH u(*p"MR!߷N}|^ak(X[Zcw0{Vֹl>Ĺ OƸIi3wjcsإ\(B&t:ɼ'P%x:ϦzD2 Iy8/,aݵZP:S"@u*/唠p&i^Qou). + "1\:!f#Sf; {4X;6!>e/RۦᒺU/U/l cfc),ﶼ,wn!=V(XrG1JWr0:fcn-mCVŸ8,2T'B#.)Ob)jDUEjY^ٞs`N]kn2)vz1Fͻ_}$Q5PJJС`S嗄R6DvVAR`~wb鸘3nNA 6/y:.U>|Aةhlg@69gMUTD0kT'iѥzph=ЂJA;Ctᢵe"If Vr,gw{iۗn\EbIpA2]gUD,ҔUR4}KG~;UkKND+ofGVx{LY'r!vB%F1䀮mQj[!M?L> %oW<$*r|-hm17OG=$2m G`,R]w(ʞ.%RҊȿxh-M5e1RFt G| ̑;:p&X5Rϟ #MFZa[hGa+^)dy6?CmOW]hmچᡦB:.#C)~ ׎T xq]~3%2 0z}եGu(])Z%Wf,Ux(gY Ο:Dj+k6[Dy֨qu2 Be)vpq"]/!:R6>PQ2x kq568e"|&`iB1{f?|FIxi潨'YVi7r8~PǠ >?t韏-$򢠡{KBÓ-op*|@w?k<}z qX@r`2՛'!HVrB q(+1^th͸&@+bHI$8Elrq{65rVa ម̮=#qWg|"*P (+'L4oz4Gy2> S"\cĖ)ƣ̨YjNA8vx1ۤ2m63 LӃ[%DIC}i[nr J+mS̳*)#p84@-wU(3D~ûHhכSz~>9\rМ9]G/W[MA#IE'H9{\*j9+ʵ9$0SOPd÷uQcȜ)Z%*&]t&oG\3vUOTu?5aZZ끅C@,B*KgdS,<A?QyؐVaJ5KYS&ΐXR$1G}gil\hF5ts( \zG謿kOŃϛ8Ҏ-k#<e[2Gԑ;iI|k/dM 4;fev0p} ћYBQƷ'Q 9 $QeCC'mr4ϰ{0"i5Q?${XuUkOM hٙc"(lN{TGdc0;{CZoȘ~?^,{ה$C,:02V#'=-cPY3 |S.&XzUbD`,@ 3\PcTq:m)q[%jb~ Z5/%$ /;2z.9+TAON7PD[J.qZLYXƵk `T7(%NLWvI޼(Xf0ǧ8Yf@ڢgiTUvmWd?#3iriSU|-اCHhwu%kB/>ƹ*9ohI hTa{Z~-Fm^wY0nE='n&KFpzYe"(^od #d`lEb$+|y!f?| o[`讏XW}fI=rN-Y@%fЌALd96gj(Ç8)HTTa47K`^'$?:[|j#1#Z"&yjjɛ>*&Fa C,j(7罐V.2*Ɲb1~`K|'WvEnq6!h ;>_͒:wI6wq{cRraX[Ya 5]@%CǞC e@YmRT%ixrhcA᭬mr@VB@GBY+b 8-j2JvR 2g fD"ݐcn.S_ǟnK;z9z翜$0-o $㺡\RP*t-6|lGH3}0)n1qV_ z)YTų]hC)*6dḮpDKEP~Pߢ{uL`k( Z C5A`+ve`\[*h-ܒxw؎@{?R-i(JYWgfs[WID2qaiʒ^p*(*V1e \G tX4KSq*Q{|<@Jz S=ښ2W ") [՘mhȯ;"X :˼_Q RbVm{_odeUrlN+E3Z5FiW ] `6u\3Us4J|_[K4ƠUQVFZ*(= %I;7"6i(ɲ-pZc׆;0.-HN6eEPK`gUi k,ۆUCTw3Efr1?C!ӆC:}ft(BPGwk(OM)&КϻK؇e%ˮ$5-LTr^}@H{ATS[qݭ%&|+b )b "2%Je02R`)l1ʛ_NlΥ A{O]zoMs+ pmOYA3D% =-po ނq0obHt $CP@“.bZx3EŨZK&V_>3XڢZ<9v򿥴ɟJOʡY<ע ÚՍX@߅.>U*4ZPRkeS6\H`P?K #> 0Sr/3T3 l&Pc:8gXQaX[$ߋy5u &_! 5H߲9gͽG5ЛyLœ*rq-(9ا/Xj 4yc9?= ]*P\ =SOΧxrn{lo}CPCD4}"Ȯ7`0Z [Mҗ_J#]"oM-\Ü=9SPݣ_I5T.n7}CYb5i?XuCa3Weq ZWLJ]F෸s[dyMX/udJ`rr>c$'xۅ%M]dU6"3yPFǚH1"b!|bW,Y^l8Q*܁J̱qCyָKX8{uK#Y'Gë.ƪ6p-0?tE`}\eu_%"VAb)NrV ^)yOb o5_YtOV(u>Db|P;HY@'67Om/<'S}5 YZ