mod_ldap-2.4.37-65.module+el8.10.0+1840+b070a976.1 > 6 6_6 3!pQp)Tξ7]mtZ`f+ ]mtZ` h!;`c"u6ƨ@_=] CLf)ƣ zMZiKg'Fؾq t?[֛g<92Qu@j䎈gB 'Q2͗@P @^ؑ@ߧ}ǒfv@pa  ;Sf2LVLsh؋e@9bzc,;%%GbmA2ffsG)NVϹx;'hK>l9\'_*5'0r2M{q6Ligҵ~p&DT.@Q;D-fq( ;Xm0VO[n;#bZW:ި8d+^6*Y]iMkG1IMca#6(9?uEPVHjYC5?HS-*I dU~?= X$YtҒE+d63e022a05937420d79022bcc44f3c3092cd1c078db77777048fad4f2dfd4ac415916d3ade7f2756f6bd7dc4cdc7bfd8a8b17e4dS_3!pQp)Tξ7]mtZ`f, ]mtZ`XtሁW LIrC9N$أ}ktGDd~'_(G wIג\O.bdk|yv$Jt!4 'eB8 I 4bL5=db}E`T#́F)xUaX3y3 W$Q ϵG/+л}~5y0ە ':d37N;`x{>C\l}LWUc&`/ \,E0ߍv1(pMc}=#wIq>ݞw.)o ="ӯvp=?d  5 l  =Xrx     2P e(89 :6G8HPIhXpY|\]^bdUeZf]l_txuvwxyDHNCmod_ldap2.4.3765.module+el8.10.0+1840+b070a976.1LDAP authentication modules for the Apache HTTP ServerThe mod_ldap and mod_authnz_ldap modules add support for LDAP authentication to the Apache HTTP Server.fEord1-prod-x86build003.svc.aws.rockylinux.org-KojiRockyASL 2.0infrastructure@rockylinux.orgSystem Environment/Daemonshttps://httpd.apache.org/linuxx86_64/6xC(Af|fCfBfBfAfAcbbbdd396fe056e8ab167abd7b2cb5145b42210bfea38452968ff02a03493fc827f0cebe2147e0d8f206fad5562094a294955b628cdd9d87bfd8d01656face47d4b66cd82aaf0e5a1491bc5d1c5e2149d915dc9dcdb97211f4ff58ccf2c5241c../../../../usr/lib64/httpd/modules/mod_ldap.so../../../../usr/lib64/httpd/modules/mod_authnz_ldap.sorootrootrootrootrootrootrootrootrootrootrootroothttpd-2.4.37-65.module+el8.10.0+1840+b070a976.1.src.rpmconfig(mod_ldap)mod_ldapmod_ldap(x86-64)@@@@@@@    @apr-util-ldapconfig(mod_ldap)httpdhttpd-mmnlibc.so.6()(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.4)(64bit)liblber-2.4.so.2()(64bit)libldap_r-2.4.so.2()(64bit)libpthread.so.0()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)2.4.37-65.module+el8.10.0+1840+b070a976.10:2.4.37-65.module+el8.10.0+1840+b070a976.120120211x86643.0.4-14.6.0-14.0-15.2-14.14.3f@fieN@e̫@d d\@d!d-@d-@d-@doMdJcdcck@cck@c(Ybޅbb2@b8haNaaaawaU`:@`f@`@`@_м@__@_:_^b^(@^@^]]@]߶]҇]@]g@]-@]]@\7\Z@\Yz\T4\\U@[@[[[@[H[u[[[ā@[ā@[ā@[@[@["@[YZ@Z@Z@Yp@Y{Y@Y@YéYéYéYéYX@YYYYx@Ym@YlYf@Ycl@YV=@YGY5GY@YXۡXP@X @X@XwoX[@X[@XEVX)@X@WW~D@W~D@W~D@WKW@VVVVn@VhV.VCV@UK@U@Ua@UF@UQUQTp@T=@T@T @TT_Tk@Tk@S0S@SGS@SS/SS@SSS"@SS5d@S4S&Sz@Sz@S(S@R@RRG@R@R@RsRrF@Ri Re@RVQ@QQޞ@QQo@Q@QQV@Q@Qo@Qm=@QQQ,Q,Q']QP @P6@P6@P{@PPl(PiPiPiPiPYPQPIP3x@P3x@PPO@OO@O@OЗOЗOF@OF@OF@O]@O"O"O@O@O@O@O@O@OOOOOOleOleO_6O_6O_6OU@O8@O8@O5OKO@ONNS@N{#@NoENdNBrN)f@N&@N@N MM>MMn1@MdMRMF@M(QM$]@M$]@M# L@L@LLMxL7@K@Luboš Uhliarik - 2.4.37-65.1Luboš Uhliarik - 2.4.37-65Joe Orton - 2.4.37-64Joe Orton - 2.4.37-63Johnny Hughes - 2.4.37-62Luboš Uhliarik - 2.4.37-62Tomas Korbar - 2.4.37-61Tomas Korbar - 2.4.37-60Tomas Korbar - 2.4.37-59Tomas Korbar - 2.4.37-58Luboš Uhliarik - 2.4.37-57Luboš Uhliarik - 2.4.37-56.5Luboš Uhliarik - 2.4.37-56.4Luboš Uhliarik - 2.4.37-56Luboš Uhliarik - 2.4.37-55Luboš Uhliarik - 2.4.37-54Luboš Uhliarik - 2.4.37-53Tomas Korbar - 2.4.37-52Luboš Uhliarik - 2.4.37-51Luboš Uhliarik - 2.4.37-50Luboš Uhliarik - 2.4.37-49Luboš Uhliarik - 2.4.37-48Luboš Uhliarik - 2.4.37-47Luboš Uhliarik - 2.4.37-46Luboš Uhliarik - 2.4.37-45Luboš Uhliarik - 2.4.37-44Luboš Uhliarik - 2.4.37-43Luboš Uhliarik - 2.4.37-42Luboš Uhliarik - 2.4.37-41Lubos Uhliarik - 2.4.37-40Artem Egorenkov - 2.4.37-39Lubos Uhliarik - 2.4.37-38Lubos Uhliarik - 2.4.37-37Lubos Uhliarik - 2.4.37-36Lubos Uhliarik - 2.4.37-35Lubos Uhliarik - 2.4.37-33Lubos Uhliarik - 2.4.37-31Joe Orton - 2.4.37-30Lubos Uhliarik - 2.4.37-29Lubos Uhliarik - 2.4.37-28Lubos Uhliarik - 2.4.37-27Lubos Uhliarik - 2.4.37-21Lubos Uhliarik - 2.4.37-20Joe Orton - 2.4.37-19Lubos Uhliarik - 2.4.37-18Lubos Uhliarik - 2.4.37-17Lubos Uhliarik - 2.4.37-16Lubos Uhliarik - 2.4.37-15Lubos Uhliarik - 2.4.37-14Lubos Uhliarik - 2.4.37-13Lubos Uhliarik - 2.4.37-11Lubos Uhliarik - 2.4.37-10Lubos Uhliarik - 2.4.37-9Joe Orton - 2.4.37-8Joe Orton - 2.4.37-7Joe Orton - 2.4.37-6Luboš Uhliarik - 2.4.37-5Luboš Uhliarik - 2.4.37-4Luboš Uhliarik - 2.4.37-3Joe Orton - 2.4.37-2Lubos Uhliarik - 2.4.37-1Luboš Uhliarik - 2.4.35-10Lubos Uhliarik - 2.4.35-9Joe Orton - 2.4.35-7Joe Orton - 2.4.35-5Lubos Uhliarik - 2.4.35-4Lubos Uhliarik - 2.4.35-3Lubos Uhliarik - 2.4.35-2Lubos Uhliarik - 2.4.35-1Lubos Uhliarik - 2.4.33-4Joe Orton - 2.4.33-3Luboš Uhliarik - 2.4.33-2Joe Orton - 2.4.28-8Luboš Uhliarik - 2.4.28-2Luboš Uhliarik - 2.4.28-1Joe Orton - 2.4.27-14Joe Orton - 2.4.27-13Joe Orton - 2.4.27-12Stephen Gallagher - 2.4.27-11Jeroen van Meeuwen - 2.4.27-10Joe Orton - 2.4.27-9Jeroen van Meeuwen - 2.4.27-8Stephen Gallagher - 2.4.27-8.1Joe Orton - 2.4.27-8.1Joe Orton - 2.4.27-7Fedora Release Engineering - 2.4.27-6Fedora Release Engineering - 2.4.27-5Joe Orton - 2.4.27-4Joe Orton - 2.4.27-3Luboš Uhliarik - 2.4.27-2Luboš Uhliarik - 2.4.27-1Joe Orton - 2.4.26-2Luboš Uhliarik - 2.4.26-1Joe Orton - 2.4.25-10Joe Orton - 2.4.25-9Joe Orton - 2.4.25-8Luboš Uhliarik - 2.4.25-7Luboš Uhliarik - 2.4.25-6Joe Orton - 2.4.25-5Fedora Release Engineering - 2.4.25-4Joe Orton - 2.4.25-3Luboš Uhliarik - 2.4.25-2Luboš Uhliarik - 2.4.25-1Luboš Uhliarik - 2.4.23-7Joe Orton - 2.4.23-6Joe Orton - 2.4.23-5Joe Orton - 2.4.23-4Joe Orton - 2.4.23-3Joe Orton - 2.4.23-2Joe Orton - 2.4.23-1Joe Orton - 2.4.18-6Joe Orton - 2.4.18-5Joe Orton - 2.4.18-4Joe Orton - 2.4.18-3Fedora Release Engineering - 2.4.18-2Jan Kaluza - 2.4.18-1Joe Orton - 2.4.17-4Jan Kaluza - 2.4.17-3Jan Kaluza - 2.4.17-2Joe Orton - 2.4.17-1Jan Kaluza - 2.4.12-4Joe Orton - 2.4.12-3Fedora Release Engineering - 2.4.12-2Jan Kaluza - 2.4.12-1Jan Kaluza - 2.4.10-17Jan Kaluza - 2.4.10-16Jan Kaluza - 2.4.10-15Joe Orton - 2.4.10-14Jan Kaluza - 2.4.10-13Jan Kaluza - 2.4.10-12Jan Kaluza - 2.4.10-11Jan Kaluza - 2.4.10-10Joe Orton - 2.4.10-9Joe Orton - 2.4.10-8Jan Kaluza - 2.4.10-7Joe Orton - 2.4.10-6Fedora Release Engineering - 2.4.10-5Jan Kaluza - 2.4.10-4Jan Kaluza - 2.4.10-3Joe Orton - 2.4.10-2Joe Orton - 2.4.10-1Jan Kaluza - 2.4.9-8Jan Kaluza - 2.4.9-7Jan Kaluza - 2.4.9-6Joe Orton - 2.4.9-5Fedora Release Engineering - 2.4.9-4Jan Kaluza - 2.4.9-3Jan Kaluza - 2.4.9-2Jan Kaluza - 2.4.9-1Joe Orton - 2.4.7-6Stephen Gallagher 2.4.7-5Jan Kaluza - 2.4.7-4Jan Kaluza - 2.4.7-3Joe Orton - 2.4.7-2Joe Orton - 2.4.7-1Joe Orton - 2.4.6-10Joe Orton - 2.4.6-9Joe Orton - 2.4.6-8Jan Kaluza - 2.4.6-7Joe Orton - 2.4.6-6Jan kaluza - 2.4.6-5Joe Orton - 2.4.6-4Jan Kaluza - 2.4.6-3Jan Kaluza - 2.4.6-2Joe Orton - 2.4.6-1Jan Kaluza - 2.4.4-12Joe Orton - 2.4.4-11Joe Orton - 2.4.4-10Joe Orton - 2.4.4-9Jan Kaluza - 2.4.4-8Jan Kaluza - 2.4.4-7Jan Kaluza - 2.4.4-6Jan Kaluza - 2.4.4-5Jan Kaluza - 2.4.4-4Jan Kaluza - 2.4.4-3Joe Orton - 2.4.4-2Joe Orton - 2.4.4-1Joe Orton - 2.4.3-17Fedora Release Engineering - 2.4.3-16Joe Orton - 2.4.3-15Joe Orton - 2.4.3-14Joe Orton - 2.4.3-13Joe Orton - 2.4.3-12Joe Orton - 2.4.3-11Joe Orton - 2.4.3-10Joe Orton - 2.4.3-9Joe Orton - 2.4.3-8Joe Orton - 2.4.3-7Jan Kaluza - 2.4.3-6Joe Orton - 2.4.3-5Joe Orton - 2.4.3-4Jan Kaluza - 2.4.3-3Joe Orton - 2.4.3-2Joe Orton - 2.4.3-1Joe Orton - 2.4.2-23Fedora Release Engineering - 2.4.2-22Joe Orton - 2.4.2-21Joe Orton - 2.4.2-20Joe Orton - 2.4.2-19Joe Orton - 2.4.2-18Joe Orton - 2.4.2-17Joe Orton - 2.4.2-16Joe Orton - 2.4.2-15Joe Orton - 2.4.2-14Joe Orton - 2.4.2-13Joe Orton - 2.4.2-12Joe Orton - 2.4.2-11Joe Orton - 2.4.2-10Joe Orton - 2.4.2-9Joe Orton - 2.4.2-8Joe Orton - 2.4.2-7Joe Orton - 2.4.2-6Joe Orton - 2.4.2-5Joe Orton - 2.4.2-4Joe Orton - 2.4.2-3Joe Orton - 2.4.2-2Jan Kaluza - 2.4.2-1Joe Orton - 2.4.1-6Joe Orton - 2.4.1-5Joe Orton - 2.4.1-4Joe Orton - 2.4.1-3Joe Orton - 2.4.1-2Joe Orton - 2.4.1-1Joe Orton - 2.2.22-2Joe Orton - 2.2.22-1Petr Pisar - 2.2.21-8Jan Kaluza - 2.2.21-7Joe Orton - 2.2.21-6Fedora Release Engineering - 2.2.21-5Jan Kaluza - 2.2.21-4Jan Kaluza - 2.2.21-3Ville Skyttä - 2.2.21-2Joe Orton - 2.2.21-1Joe Orton - 2.2.20-1Jan Kaluza - 2.2.19-5Iain Arnell 1:2.2.19-4Jan Kaluza - 2.2.19-3Jan Kaluza - 2.2.19-2Joe Orton - 2.2.19-1Joe Orton - 2.2.17-13Joe Orton - 2.2.17-12Joe Orton - 2.2.17-11Joe Orton - 2.2.17-10Joe Orton - 2.2.17-9Fedora Release Engineering - 2.2.17-8Joe Orton - 2.2.17-7Joe Orton - 2.2.17-6Joe Orton - 2.2.17-5Joe Orton - 2.2.17-4Joe Orton - 2.2.17-3Joe Orton - 2.2.17-2Joe Orton - 2.2.17-1Joe Orton - 2.2.16-2Joe Orton - 2.2.16-1Joe Orton - 2.2.15-3Robert Scheck - 2.2.15-1- Resolves: RHEL-45812 - httpd:2.4/httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474) - Resolves: RHEL-45785 - httpd:2.4/httpd: Encoding problem in mod_proxy (CVE-2024-38473) - Resolves: RHEL-45777 - httpd:2.4/httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475) - Resolves: RHEL-45758 - httpd:2.4/httpd: null pointer dereference in mod_proxy (CVE-2024-38477) - Resolves: RHEL-45743 - httpd:2.4/httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)- Resolves: RHEL-31857 - httpd:2.4/httpd: HTTP response splitting (CVE-2023-38709)- Resolves: RHEL-14448 - httpd: mod_macro: out-of-bounds read vulnerability (CVE-2023-31122)- mod_xml2enc: fix media type handling Resolves: RHEL-14321- change for CentOS Stream Branding- Resolves: #2221083 - Apache Bug 57087: mod_proxy_fcgi doesn't send cgi CONTENT_LENGTH variable when the client request used Transfer-Encoding:chunked- Fix issue found by covscan - Related: #2159603- Another rebuild because of mistake in workflow - Related: #2159603- Rebuild because of mistake in workflow - Related: #2159603- Resolves: #2159603 - mod_status lists BusyWorkers IdleWorkers keys twice- Resolves: #2176723 - CVE-2023-27522 httpd:2.4/httpd: mod_proxy_uwsgi HTTP response splitting- Resolves: #2190133 - mod_rewrite regression with CVE-2023-25690- Resolves: #2177748 - CVE-2023-25690 httpd:2.4/httpd: HTTP request splitting with mod_rewrite and mod_proxy- Resolves: #2162499 - CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write of zero byte - Resolves: #2162485 - CVE-2022-37436 httpd: mod_proxy: HTTP response splitting - Resolves: #2162509 - CVE-2022-36760 httpd: mod_proxy_ajp: Possible request smuggling- Resolves: #2155961 - prevent sscg creating /dhparams.pem- Resolves: #2095650 - Dependency from mod_http2 on httpd broken- Resolves: #2050888 - httpd with SSL fails to start unless hostname command was installed- Add the SNI support in mod_proxy_wstunnel module for Apache httpd - Resolves: rhbz#2017543- Resolves: #2097015 - CVE-2022-28614 httpd:2.4/httpd: out-of-bounds read via ap_rwrite() - Resolves: #2097031 - CVE-2022-28615 httpd:2.4/httpd: out-of-bounds read in ap_strcmp_match() - Resolves: #2097458 - CVE-2022-30522 httpd:2.4/httpd: mod_sed: DoS vulnerability - Resolves: #2097480 - CVE-2022-30556 httpd:2.4/httpd: mod_lua: Information disclosure with websockets - Resolves: #2098247 - CVE-2022-31813 httpd:2.4/httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism - Resolves: #2097451 - CVE-2022-29404 httpd:2.4/httpd: mod_lua: DoS in r:parsebody - Resolves: #2096997 - CVE-2022-26377 httpd:2.4/httpd: mod_proxy_ajp: Possible request smuggling- Resolves: #2065237 - CVE-2022-22719 httpd:2.4/httpd: mod_lua: Use of uninitialized value of in r:parsebody - Resolves: #2065267 - CVE-2022-22721 httpd:2.4/httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody - Resolves: #2065324 - CVE-2022-23943 httpd:2.4/httpd: mod_sed: Read/write beyond bounds- Resolves: #2090848 - CVE-2020-13950 httpd:2.4/httpd: mod_proxy NULL pointer dereference- Resolves: #2065249 - CVE-2022-22720 httpd:2.4/httpd: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier- Resolves: #2035030 - CVE-2021-44224 httpd:2.4/httpd: possible NULL dereference or SSRF in forward proxy configurations- Resolves: #2035063 - CVE-2021-44790 httpd:2.4/httpd: mod_lua: possible buffer overflow when parsing multipart content- Resolves: #2007199 - CVE-2021-36160 httpd:2.4/httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path - Resolves: #1972491 - CVE-2021-33193 httpd:2.4/mod_http2: Request splitting via HTTP/2 method injection and mod_proxy- Resolves: #1968278 - CVE-2020-35452 httpd:2.4/httpd: Single zero byte stack overflow in mod_auth_digest - Resolves: #2001046 - Apache httpd OOME with mod_dav in RHEL 8 - Resolves: #2005128 (CVE-2021-34798) - CVE-2021-34798 httpd: NULL pointer dereference via malformed requests - Resolves: #1984828 - mod_proxy_hcheck piles up health checks leading to high memory consumption - Resolves: #2005119 - CVE-2021-39275 httpd: out-of-bounds write in ap_escape_quotes() via malicious input- Related: #2007236 - CVE-2021-40438 httpd:2.4/httpd: mod_proxy: SSRF via a crafted request uri-path- Resolves: #2007236 - CVE-2021-40438 httpd:2.4/httpd: mod_proxy: SSRF via a crafted request uri-path - Resolves: #1969229 - CVE-2021-26691 httpd:2.4/httpd: Heap overflow in mod_session- Resolves: #1680111 - httpd sends reply to HTTPS GET using two TLS records - Resolves: #1905613 - mod_ssl does not like valid certificate chain - Resolves: #1935742 - [RFE] backport samesite/httponly/secure flags for usertrack - Resolves: #1972500 - CVE-2021-30641 httpd:2.4/httpd: MergeSlashes regression - Resolves: #1968307 - CVE-2021-26690 httpd:2.4/httpd: mod_session NULL pointer dereference in parser - Resolves: #1934741 - Apache trademark update - new logo- Resolves: #1952557 - mod_proxy_wstunnel.html is a malformed XML - Resolves: #1937334 - SSLProtocol with based virtual hosts- prevent htcacheclean from while break when first file processed- Resolves: #1918741 - Thousands of /tmp/modproxy.tmp.* files created by apache- Resolves: #1883648 - [RFE] Update httpd directive SSLProxyMachineCertificateFile to be able to handle certs without matching private key- Resolves: #1896176 - [RFE] ProxyWebsocketIdleTimeout from httpd mod_proxy_wstunnel - Resolves: #1847585 - mod_ldap: High CPU usage at apr_ldap_rebind_remove()- Resolves: #1651376 - centralizing default index.html for httpd- Resolves: #1868608 - Intermittent Segfault in Apache httpd due to pool concurrency issues - Resolves: #1861380 - httpd/mod_proxy_http/mod_ssl aborted when sending a client cert to backend server - Resolves: #1680118 - unorderly connection close when client attempts renegotiation- Resolves: #1677590 - CVE-2018-17199 httpd:2.4/httpd: mod_session_cookie does not respect expiry time - Resolves: #1869075 - CVE-2020-11984 httpd:2.4/httpd: mod_proxy_uswgi buffer overflow - Resolves: #1872828 - httpd: typo in htpasswd, contained in httpd-tools package - Resolves: #1869576 - httpd : mod_proxy should allow to specify Proxy-Authorization in ProxyRemote directive - Resolves: #1875844 - mod_cgid takes CGIDScriptTimeout x 2 seconds for timeout - Resolves: #1891829 - mod_proxy_hcheck Doesn't perform checks when in a balancer- Resolves: #1209162 - support logging to journald from CustomLog- Resolves: #1823263 (CVE-2020-1934) - CVE-2020-1934 httpd: mod_proxy_ftp use of uninitialized value- Related: #1771847 - BalancerMember ping parameter for mod_proxy_http doesn't work- Resolves: #1823259 - CVE-2020-1927 httpd:2.4/httpd: mod_rewrite configurations vulnerable to open redirect - Resolves: #1747284 - CVE-2019-10098 httpd:2.4/httpd: mod_rewrite potential open redirect - Resolves: #1747281 - CVE-2019-10092 httpd:2.4/httpd: limited cross-site scripting in mod_proxy error page - Resolves: #1747291 - CVE-2019-10097 httpd:2.4/httpd: null-pointer dereference in mod_remoteip - Resolves: #1771847 - BalancerMember ping parameter for mod_proxy_http doesn't work - Resolves: #1794728 - Backport of SessionExpiryUpdateInterval directive- Resolves: #1775158 - POST request with TLS 1.3 PHA client auth fails: Re-negotiation handshake failed: Client certificate missing- Resolves: #1704317 - Add support for SSLKEYLOGFILE- mod_cgid: enable fd passing (#1633224)- Resolves: #1744121 - Unexpected OCSP in proxy SSL connection - Resolves: #1725031 - htpasswd: support SHA-x passwords for FIPS compatibility - Resolves: #1633224 - mod_cgid logging issues- remove bundled mod_md module - Related: #1747898 - add mod_md package- Resolves: #1744999 - CVE-2019-9511 httpd:2.4/mod_http2: HTTP/2: large amount of data request leads to denial of service - Resolves: #1745086 - CVE-2019-9516 httpd:2.4/mod_http2: HTTP/2: 0-length headers leads to denial of service - Resolves: #1745154 - CVE-2019-9517 httpd:2.4/mod_http2: HTTP/2: request for large response leads to denial of service- Resolves: #1730721 - absolute path used for default state and runtime dir by default- Resolves: #1724549 - httpd response contains garbage in Content-Type header- Resolves: #1696142 - CVE-2019-0217 httpd:2.4/httpd: mod_auth_digest: access control bypass due to race condition - Resolves: #1696097 - CVE-2019-0220 httpd:2.4/httpd: URL normalization inconsistency - Resolves: #1669221 - `ExtendedStatus Off` directive when using mod_systemd causes systemctl to hang - Resolves: #1673022 - httpd can not be started with mod_md enabled- Resolves: #1695432 - CVE-2019-0211 httpd: privilege escalation from modules scripts - Resolves: #1696091 - CVE-2019-0215 httpd:2.4/httpd: mod_ssl: access control bypass when using per-location client certification authentication- Resolves: #1672977 - state-dir corruption on reload- Resolves: #1670716 - Coredump when starting in FIPS mode- add security fix for CVE-2019-0190 (#1671282)- add DefaultStateDir/ap_state_dir_relative() (#1653009) - mod_dav_fs: use state dir for default DAVLockDB - mod_md: use state dir for default MDStoreDir- add httpd.conf(5) (#1611361)- Resolves: #1652966 - Missing RELEASE in http header- Resolves: #1641951 - No Documentation= line in htcacheclean.service files- Resolves: #1643713 - TLS connection allowed while all protocols are forbidden- mod_ssl: fix off-by-one causing crashes in CGI children (#1649428)- Resolves: #1644625 - httpd rebase to 2.4.37- Related: #1493510 - RFE: httpd, add IP_FREEBIND support for Listen- mod_ssl: allow sending multiple CA names which differ only in case- mod_ssl: drop SSLRandomSeed from default config (#1638730) - mod_ssl: follow OpenSSL protocol defaults if SSLProtocol is not configured (Rob Crittenden, #1638738)- mod_ssl: don't require SSLCryptoDevice to be set for PKCS#11 cert- Resolves: #1635681 - sync with Fedora 28/29 httpd - comment-out SSLProtocol, SSLProxyProtocol from ssl.conf in default configuration; now follow OpenSSL system default (#1468322) - dropped NPN support - mod_md: change hard-coded default MdStoreDir to state/md (#1563846) - don't block on service try-restart in posttrans scriptlet - build and load mod_brotli - mod_systemd: show bound ports in status and log to journal at startup - updated httpd.service.xml man page - tweak wording in privkey passphrase prompt - drop sslmultiproxy patch - apachectl: don't read /etc/sysconfig/httpd - drop irrelevant Obsoletes for devel subpackage - move instantiated httpd@.service to main httpd package- Resolves: #1602548 - various covscan fixes- apache httpd can work with TLS 1.3 (#1617997) - drop SSLv3 support patch- new version 2.4.35 (#1632754)- mod_ssl: enable SSLv3 and change behavior of "SSLProtocol All" configuration (#1622630)- mod_ssl: add PKCS#11 cert/key support (Anderson Sasaki, #1527084)- new version 2.4.33 - add mod_md subpackage; load mod_proxy_uwsgi by default- remove %ghosted /etc/sysconfig/httpd (#1572676)- Resolves: #1512563 - httpd: update welcome page branding - Resolves: #1511123 - RFE: httpd use event MPM by default - Resolves: #1493510 - RFE: httpd, add IP_FREEBIND support for Listen- new version 2.4.28- add notes on enabling httpd_graceful_shutdown boolean for prefork- drop Requires(post) for mod_ssl- better error handling in httpd-ssl-gencerts (#1494556)- Require sscg 2.2.0 for creating service and CA certificates together- Address CVE-2017-9798 by applying patch from upstream (#1490344)- use sscg defaults; append CA cert to generated cert - document httpd-init.service in httpd-init.service(8)- Address CVE-2017-9798 by applying patch from upstream (#1490344)- Generate SSL certificates on service start, not %posttrans- move httpd.service.d, httpd.socket.d dirs to -filesystem- add new content-length filter (upstream PR 61222)- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- update mod_systemd (r1802251)- switch to event by default for Fedora 27 and later (#1471708)- Resolves: #1469959 - httpd update cleaned out /etc/sysconfig- new version 2.4.27- mod_proxy_fcgi: fix further regressions (PR 61202)- new version 2.4.26- move unit man pages to section 8, add as Documentation= in units- add httpd.service(5) and httpd.socket(5) man pages- require mod_http2, now packaged separately- Resolves: #1397243 - Backport Apache Bug 53098 - mod_proxy_ajp: patch to set worker secret passed to tomcat- Resolves: #1434916 - httpd.service: Failed with result timeout- link only httpd, not support/* against -lselinux -lsystemd- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild- mod_watchdog: restrict thread lifetime (#1410883)- Resolves: #1358875 - require nghttp2 >= 1.5.0- new version 2.4.25- Resolves: #1401530 - CVE-2016-8740 httpd: Incomplete handling of LimitRequestFields directive in mod_http2- fix build with OpenSSL 1.1 (#1392900) - fix typos in ssl.conf (josef randinger, #1379407)- no longer package /etc/sysconfig/httpd - synch ssl.conf with upstream- add security fix for CVE-2016-5387- load mod_watchdog by default (#1353582)- restore build of mod_proxy_fdpass (#1325883) - improve check tests to catch configured-but-not-built modules- update to 2.4.23 (#1325883, #1353203) - load mod_proxy_hcheck - recommend use of "systemctl edit" in httpd.service- have "apachectl graceful" start httpd if not running, per man page- use redirects for lang-specific /manual/ URLs- fix welcome page HTML validity (Ville Skyttä)- remove httpd pre script (duplicate of httpd-filesystem's) - in httpd-filesystem pre script, create group/user iff non-existent- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- update to new version 2.4.18- re-enable mod_asis due to popular demand (#1284315)- fix crash when using -X argument (#1272234)- rebase socket activation patch to 2.4.17- update to 2.4.17 (#1271224) - build, load mod_http2 - don't build mod_asis, mod_file_cache - load mod_cache_socache, mod_proxy_wstunnel by default - check every built mod_* is configured - synch ssl.conf with upstream; disable SSLv3 by default- update to 2.4.16- mod_ssl: use "localhost" in the dummy SSL cert if len(FQDN) > 59 chars- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild- update to 2.4.12- fix compilation with lua-5.3- remove filter for auto-provides of httpd modules, it is not needed since F20- core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704) - mod_cache: fix NULL pointer dereference on empty Content-Type (CVE-2014-3581) - mod_proxy_fcgi: fix a potential crash with long headers (CVE-2014-3583) - mod_lua: fix handling of the Require line when a LuaAuthzProvider is used in multiple Require directives with different arguments (CVE-2014-8109)- require apr-util 1.5.x- use NoDelay and DeferAcceptSec in httpd.socket- increase suexec minimum acceptable uid/gid to 1000 (#1136391)- fix hostname requirement and conflict with openssl-libs- use KillMode=mixed in httpd.service (#1135122)- set vstring based on /etc/os-release (Pat Riehecky, #1114539)- pull in httpd-filesystem as Requires(pre) (#1128328) - fix cipher selection in default ssl.conf, depend on new OpenSSL (#1134348) - require hostname for mod_ssl post script (#1135118)- mod_systemd: updated to the latest version - use -lsystemd instead of -lsystemd-daemon (#1125084) - fix possible crash in SIGINT handling (#958934)- mod_ssl: treat "SSLCipherSuite PROFILE=..." as special (#1109119) - switch default ssl.conf to use PROFILE=SYSTEM (#1109119)- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- add /usr/bin/useradd dependency to -filesystem requires- fix creating apache user in pre script (#1128328)- enable mod_request by default for mod_auth_form - move disabled-by-default modules from 00-base.conf to 00-optional.conf- update to 2.4.10 - expand variables in docdir example configs- add support for systemd socket activation (#1111648)- remove conf.modules.d from httpd-filesystem subpackage (#1081453)- add httpd-filesystem subpackage (#1081453)- mod_ssl: don't use the default OpenSSL cipher suite in ssl.conf (#1109119)- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- add support for SetHandler + proxy (#1078970)- move macros from /etc/rpm to macros.d (#1074277) - remove unused patches- update to 2.4.9- use 2048-bit RSA key with SHA-256 signature in dummy certificate- Create drop directory for systemd snippets- remove provides of old MMN, because it contained double-dash (#1068851)- fix graceful restart using legacy actions- conflict with pre-1.5.0 APR - fix sslsninotreq patch- update to 2.4.7 (#1034071)- switch to requiring system-logos-httpd (#1031288)- change mmnisa to drop "-" altogether- drop ambiguous invalid "-" in RHS of httpd-mmn Provide, keeping old Provide for transition- systemd: use {MAINPID} notation to ensure /bin/kill has always the second arg- mod_ssl: allow SSLEngine to override Listen-based default (r1537535)- systemd: send SIGWINCH signal without httpd -k in ExecStop- load mod_macro by default (#998452) - add README to conf.modules.d - mod_proxy_http: add possible fix for threading issues (r1534321) - core: add fix for truncated output with CGI scripts (r1530793)- require fedora-logos-httpd (#1009162)- revert fix for dumping vhosts twice- update to 2.4.6 - mod_ssl: use revised NPN API (r1487772)- mod_unique_id: replace use of hostname + pid with PRNG output (#976666) - apxs: mention -p option in manpage- add patch for aarch64 (Dennis Gilmore, #925558)- remove duplicate apxs man page from httpd-tools- remove zombie dbmmanage script- return 400 Bad Request on malformed Host header- ignore /etc/sysconfig/httpd and document systemd way of setting env variables in this file- htpasswd/htdbm: fix hash generation bug (#956344) - do not dump vhosts twice in httpd -S output (#928761) - mod_cache: fix potential crash caused by uninitialized variable (#954109)- execute systemctl reload as result of apachectl graceful - mod_ssl: ignore SNI hints unless required by config - mod_cache: forward-port CacheMaxExpire "hard" option - mod_ssl: fall back on another module's proxy hook if mod_ssl proxy is not configured.- fix service file to not send SIGTERM after ExecStop (#906321, #912288)- protect MIMEMagicFile with IfModule (#893949)- really package mod_auth_form in mod_session (#915438)- update to 2.4.4 - fix duplicate ownership of mod_session config (#914901)- add mod_session subpackage, move mod_auth_form there (#894500)- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild- add systemd service for htcacheclean- drop patch for r1344712- filter mod_*.so auto-provides (thanks to rcollet) - pull in syslog logging fix from upstream (r1344712)- rebuild to pick up new apr-util-ldap- rebuild- pull upstream patch r1392850 in addition to r1387633- define PLATFORM in os.h using vendor string- use systemd script unconditionally (#850149)- use systemd scriptlets if available (#850149) - don't run posttrans restart if /etc/sysconfig/httpd-disable-posttrans exists- use systemctl from apachectl (#842736)- fix some error log spam with graceful-stop (r1387633) - minor mod_systemd tweaks- use IncludeOptional for conf.d/*.conf inclusion- adding mod_systemd to integrate with systemd better- mod_ssl: add check for proxy keypair match (upstream r1374214)- update to 2.4.3 (#849883) - own the docroot (#848121)- add mod_proxy fixes from upstream (r1366693, r1365604)- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- drop explicit version requirement on initscripts- mod_ext_filter: fix error_log warnings- support "configtest" and "graceful" as initscripts "legacy actions"- avoid use of "core" GIF for a "core" directory (#168776) - drop use of "syslog.target" in systemd unit file- use _unitdir for systemd unit file - use /run in unit file, ssl.conf- mod_ssl: fix NPN patch merge- move tmpfiles.d fragment into /usr/lib per new guidelines - package /run/httpd not /var/run/httpd - set runtimedir to /run/httpd likewise- fix htdbm/htpasswd crash on crypt() failure (#818684)- pull fix for NPN patch from upstream (r1345599)- update suexec patch to use LOG_AUTHPRIV facility- really fix autoindex.conf (thanks to remi@)- fix autoindex.conf to allow symlink to poweredby.png- suexec: use upstream version of patch for capability bit support- suexec: use syslog rather than suexec.log, drop dac_override capability- mod_ssl: add TLS NPN support (r1332643, #809599)- add BR on APR >= 1.4.0- use systemctl from logrotate (#221073)- pull from upstream: * use TLS close_notify alert for dummy_connection (r1326980+) * cleanup symbol exports (r1327036+)- really fix restart- tweak default ssl.conf - fix restart handling (#814645) - use graceful restart by default- update to 2.4.2- fix macros- add _httpd_moddir to macros- fix symlink for poweredby.png - fix manual.conf- add mod_proxy_html subpackage (w/mod_proxy_html + mod_xml2enc) - move mod_ldap, mod_authnz_ldap to mod_ldap subpackage- clean docroot better - ship proxy, ssl directories within /var/cache/httpd - default config: * unrestricted access to (only) /var/www * remove (commented) Mutex, MaxRanges, ScriptSock * split autoindex config to conf.d/autoindex.conf - ship additional example configs in docdir- update to 2.4.1 - adopt upstream default httpd.conf (almost verbatim) - split all LoadModules to conf.modules.d/*.conf - include conf.d/*.conf at end of httpd.conf - trim %changelog- fix build against PCRE 8.30- update to 2.2.22- Rebuild against PCRE 8.30- fix #783629 - start httpd after named- complete conversion to systemd, drop init script (#770311) - fix comments in /etc/sysconfig/httpd (#771024) - enable PrivateTmp in service file (#781440) - set LANG=C in /etc/sysconfig/httpd- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- fix #751591 - start httpd after remote-fs- allow change state of BalancerMember in mod_proxy_balancer web interface- Make mmn available as %{_httpd_mmn}. - Add .svgz to AddEncoding x-gzip example in httpd.conf.- update to 2.2.21- update to 2.2.20 - fix MPM stub man page generation- fix #707917 - add httpd-ssl-pass-dialog to ask for SSL password using systemd- rebuild while rpm-4.9.1 is untagged to remove trailing slash in provided directory names- fix #716621 - suexec now works without setuid bit- fix #689091 - backported patch from 2.3 branch to support IPv6 in logresolve- update to 2.2.19 - enable dbd, authn_dbd in default config- fix path expansion in service files- add systemd service files (#684175, thanks to Jóhann B. Guðmundsson)- minor updates to httpd.conf - drop old patches- rebuild- use arch-specific mmn- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- generate dummy mod_ssl cert with CA:FALSE constraint (#667841) - add man page stubs for httpd.event, httpd.worker - drop distcache support - add STOP_TIMEOUT support to init script- update default SSLCipherSuite per upstream trunk- fix requires (#667397)- de-ghost /var/run/httpd- add tmpfiles.d configuration, ghost /var/run/httpd (#656600)- drop setuid bit, use capabilities for suexec binary- update to 2.2.17- link everything using -z relro and -z now- update to 2.2.16- default config tweaks: * harden httpd.conf w.r.t. .htaccess restriction (#591293) * load mod_substitute, mod_version by default * drop proxy_ajp.conf, load mod_proxy_ajp in httpd.conf * add commented list of shipped-but-unloaded modules * bump up worker defaults a little * drop KeepAliveTimeout to 5 secs per upstream - fix LSB compliance in init script (#522074) - bundle NOTICE in -tools - use init script in logrotate postrotate to pick up PIDFILE - drop some old Obsoletes/Conflicts- update to 2.2.15 (#572404, #579311)2.4.37-65.module+el8.10.0+1840+b070a976.12.4.37-65.module+el8.10.0+1840+b070a976.12.4.37-65.module+el8.10.0+1840+b070a976.101-ldap.conf.build-id012b3a16c6db46c384131ca6382b535b8f6735c9c63f84f26947ee948d2165aa365f36022e9fmod_authnz_ldap.somod_ldap.so/etc/httpd/conf.modules.d//usr/lib//usr/lib/.build-id/4c//usr/lib/.build-id/66//usr/lib64/httpd/modules/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpioxz2x86_64-redhat-linux-gnuASCII textdirectoryELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=66c9c63f84f26947ee948d2165aa365f36022e9f, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=4c012b3a16c6db46c384131ca6382b535b8f6735, strippedRRRR RR RRRRR RR RRutf-8156ecd8e4024bed6fc975df4816711b62f70f7efe755e7f187fc35db02e0f7d1httpd:2.4:8100020240723155411:e155f54d?07zXZ !#,Z] b2u Q{LY8ZIh&}af+wZePR8Ϸ E7p2%b@)-k&ODڮ+fƢy}JgYY N2r^1GX*4]6\9.ˡRwq>:O*ETuva̾&ò: ,ED˧} d|;?(8BgNi>b<} zfV$=\zCfW. --C+ӑfU mٟ n票by3rBc'Æu(V$o8 +l~pbɵB4#I AP@`aٷPc|Z0 UfaNH U7n0 ȅo\>^5'9 TEh~᭜4ۆK%d SPvS`_)$v(oA23>>1>ݣyݪèvֱ=(X:WiK9N̕{ Af05d0^G-k6}eXka7.7xj8!W&-bbIuWg8\BOPd<~-b(OGҎ^(]Peb;uL$gY#4s;- N!'d&[yNnPxQgTh,zا t&@ E|a&dƜUa0D +܀~W,=;4g_c ډpÌ"0qfaEYBAjcgY]WaTy=""enk%A<p-s7i)-Eдj˻Eغ։}l юB_ €`b/HlQq2W/ޤc#B݂EXLa*sE}qiTh?-G[3DVeq5t80*'оsZe Xa1 07H3bOTF5 ֓!ŅKLBqUKŐuG-wbMvT" @Ў2"+ 7M(Wz z9lqq'dch,0 ֙iWgKzq6m5]*h2 X䖎tQ3+ca+d{bΙD4AG;ݧݧm(jҜ<iwTVJ1|c/bQ ֊D>/yo%,_قse/Vn h&>_2퀢Ȩ#ߏ/k.X0u$aI׈oI4eϺBF©i.s\^RyQa `E!TxLDMC((k0hz{gJ$JTB^5W 70Y9eάʷFeJUʌ{r=,V\Ƣ”t.GXf{VGvg(1zZM tvv ފtiqmQIIm,ӸE3GRUu !Ԗ l;fKA0x0`uYz$pXQ, .!U =>:Q質h Tyo+ԟs"c2wZ5 WW>EY*tWrG/?:(6uW%a ǝ%%U3H+I#t;hTS(tFV]5uLHgaۛvnnq$>7"di+ X| g L2Ϫs6,*8G%޿Z[slՒNhmYôZTS>4iB%3C0 1a(D2 5Xi/Qv::7iz:@dzѠtN*8a2<2cNH|@K 4K[^zucIPS҈ƹzf(JM}BxPCw>)"'d+mwRЭews) "KiT #6+J= %E^$v|WzSytB%*v%XZ6kԭـL *ClsJ|C {Dq; SW - vYJˠĜ]8*D^R-m#LU ^sY<*O xBtpÊpӌuQأ[chC;RfU]e%Cm*z-\?ixC3%/Xgmڏt޴C,OEϐN p[x`Ѡ} +0{AxTH j5_<ijp8: %UJ9reIDhTN$H,)G*'١Y;;Pm{/#󞉰#ֹ.Ŵ3M=c*OJf CCs]22.,!aD.{3b6Z q0Z4[߹xl # g$9l4$\?^(׀t3@#@"gb)c?@4<8pv<&u[R 7r%؛{*? EŇ(8C$=]~z:ݿ8c$,;R^Aj*ڧ~4H۞:,/x^^vX@ļXB~Z}Gm &[ ޝX'߈CPۨ_]dS&]ih~S3J!xޤv?] )a' &A ,)^}(kPNHJk'KıSTb"m/ZQz0U)$1ZEKLS-xUS[Xx= B[,n^.jڪ09hA{y>H2Ќ7a(Œ7P-@FR(Jh\Nl(Ԑ/iD54ΦPkAC):b*dU ͸.7wn߸8+,|45촨LEg2UZ:&]^21j@=vёRM-2;tQ3lۀ%]{*.(cS$:zKJS~Um?]EpO&1TuvVE'uz|ω(֙FYD'Ps _1WBA}hG^Ě-{i'f&W8`e UTP ZN7]AW1qj+l1rF?C. <+Jm @r]HޏsuOFhIִ\BH ڢsj (z Yy3C b0Lhe LrmrT≯K]& B\Sɶ ॸZYLXin" FfO hC X-bxVe ͱII> jOlLЭU.^'r +—nYWx^%Q}]7J>N^ہ@3ZbVVYl%|F^ sc3b+F>Z4ό9\UӉ,B-6)eHUE(0m妃M3F^dKkrߴ;dœh )fJL4}TF2b(~{X|X:&> '`JU*V]3K /t+#.TqDYӳ-oTqJML#P>sCeI qmq.A|]fZ@CfBhoV {^X XK=;O\G`(.DžlDXjB*C#l*ZBZ*3Xw6ʿ\AGdUݜJ!]O*NzRI,b,G V~ B0qȇ}ҐIc帒]U)3)KFXB̠NHp!;nMߥs3" x)x|lM]>Qy[&"^՟a:=e+ h:Dk)yZPm X7zB ͙藚lYOĉ;ժ , deGO~8VUZ%~i z# =̍hauiVԨM]!VryαX-h2wV :_*8_5g᥎ ogkE D m#عWS 0yxbx=_Q\QfgbeM%T-_$v)Y0+؇(`XJّȢawM3uM؏x2l GTțЏo!~F uw]H`?6T"R7&ԜD-N<0-7B~Y4آFٶ#tf[|7TN;tyũ{2P"*Fn陥͑Hq}jJ3ٖ.a@Էzm W^8qOc*_g]hEmU<|zR47K )jla6T`;tJ1+^b 3iaqcNLu;* UX'(U!`B8X23H+i`\a-7Y}4pUKO],no5r Hr$:0NN<j=8鱗8('q iS30t ` ;B[ OҗŸ8#>T×Ƶ$+XN_ {]?y3td)jF{ʕOJߌaYb%=Zj*1^l~ j+Ov&ter0oIR|Z?} V_l40xXy4SAa; X3Y6os .qʝ/O-/6CvOc8j?yH{wo߅-i=BL7TEAa}ăҹb B;4H'k{ oÍ#%BF*kfy0IDYpd%J5!R S-P;)u>FJ1TdqWEhin$'vynj3Aj*[8iwh7z%DZtxƇ3'in3wTtbs}|kZ'$8rMu0GGoνS]^m¤C{Ɨ#噗t2BAaP+ |k@wq|t4銀>9#qA+1s^Fͮ[S(<H!e==4ΰ&]Q$Xpl ћ5 '<뒅wJz^/ @%O-GQ.e{_rɂ XծzObĂ]ijl2I0DfeGtgW_?*>%ֵP`N?.f31̅o,OupUoKtwa8 }d}V9d)fƂ 6::%SAY1p.㐧rl)k׉E(x,rŮ,&lus$#E|ml*@h:tuSo`мvհtȀt݂]W\,|"7JoY/`-\j"A YkX3 φ3e☍yIy/8~<-IȠ$h-tA kSC'5w'7cnV񑗫 ZНt(i$0\*ʰ<EBtaz ;V5ܑKXC30Vk'LV*oIL*o9}3Jj筆mr [=|ꎱ[2ީ%iJhN8(G5һfA|^`Q&pvFk]VnB:^@{yDR驀Kk4F(a]&5psr+DQMVRJq|W.Z[Hl%+PũpF=ɠp0d ,ǻkܜ3`?Q6kkIqJpI`@oӿGIё_mt5zݒq޹Aݚh~k@B K ~;i`3%cY&C, 6OɁ=ݰL\BVi!@+cHFdB~io(8 ) OaJoE?LCPʬͤ5Qr%ծzU@}fuoVMޠShhRfy`7IolwrRY iTlǓ-!vUo|Vs{<w%#-vޓj/⇠kWc,4 6I+ŧQg?ko(N/$g2aem8>귌{;b@jj)t<_d'J! 9?\8zfqU /1ST~ƙN?);~tkgȡM1R{f36҃.ɖkc9AXܳ?Dy ;V4B-'c49a<o3T\;x19οHվeUY1bv'iNX. VN}<\^'Z/* @CӔ¨:By/Co7xCE$ϸ,džvk񡠳F ~>7U<ׅpzNȷHh tB"[7GY,0 u-6udsCC` p5}7eۓ|ͬ-'}25)´$gH\|nn6)eh.E9xC'ٽI wBE,iR3׫f+&#cPG{?/,'X#!0j6 5㻱g8ف\]Lbg )uRO G|"Y:W^~T!W:{Dsި*iOء!t߶ G-g>ɑ]^$ b )nUe2(L@I#t/383NB{M+HAgW{٬|auIź[iG{~l%(5Y"ԑ@$ul[aB쾄ix 8d^jFDdr[?ڰ5+5j"A&/2Kh0z)9%OZ O QR8mo/*;R n ]s#C{`Xm(ۥ7ni|J7#uKI7\k2<7^rYZxW(`ŏ~;Fʃˇ7#ZkNmΒGrެ:vt[ C JX{@=miMbujxEeMᦐ'Բ)'s\yK$[d?AMJ`l h!,sgENOL_4Gz>URŽ/:ld;OFq 54Ʋ1} 8%sEi}+șwx/ލm@!H\WtbuezH^r(8Ъi|Oѐf۱ҡw>7X:SqRؕv$!nZNy"KPq)#@߉Y{A8(0{5{2 ={r*:0hNT 5oX_Q >,C2&B0kM?80ŹYyDm#MaU_oE }22`K7*M O2#HKQP9lF_ٴ+T ۟0PG_7~̏?hopڼJdX@فCi3bj% )ސ.Q!gE%nȹHNzn!:M ؆*3G%B eiO5hfJiw&dO,2t₶-~+>ys!r?h1/1|_?SAOZ;_KV r7.Pd2qq5⸄ 9Gq*5̪y{> z^s4;a&8 'C~nɜw,(G? x|;m$\ǖh:2xØ+˰fVC$TcpcQg<7)/%@j2C5I+ճ_be)&ޞvQ4B 5)ТDD2jL'#_S~'GKڿr6G%>} kȿ+kJ)'kq%fi*+>5gk^KKu{bEmcEy+7GȞn+PQ5g"dBW\);u$v$cP lm(TًuLsќ{7ЏxPз lЇ9oJmQkpc tٟ@Esb1fqwҫ^ ]@F'±$DQJ4Od Ԣ\B6BhլIqM9"s'8{1E]uHB@Wk)IE.pE'ʪ>WхYjw!J"Nq[?/vDGot{̵ؖMԯkO350%R.NcGѿ}\XVQ.vxt6cExD'MH-6q/VkR,#m1p`CmBSJ]Sy˷N{\$Ř_ f0Bi#,r4Wu5=e4X',]9IV+ËlxLǜbWL4QcX=590Y+Xe(01Lx#w35YԆSbT:6Ha$G'+lԪ˦Z%Ctgƫ+M$(\".?]HWҧlF=Lx۩:cGfbτn\c Xnȑ)O-2饿?z)fP r< yboܞdݚҀQ I) `JfD?:c[=Y8Ǒ(WI 7'hUz>=f(3L!f@f0A))vGxzLbDq >ҎSUC 2V#3;kF{"ӟ}АP< MDxfuu >}i)΁<9TŇIaO~m1k d nrl@1 H+nA7ǀk6`ߍc@%.J6+ RP.Q_֑tQ $kEv:XW*uiӾDO\*>!cEI ƗPfY:Ṟ&ۏ^b0WA>ӓc.개xU {vQo|ҦP8P%1}۳X1mk2n`uO8rf&⚨xe?YON0g\Jh?հm#ڏKlQFGK}G=t.%~ʼnVCdz^,+ L&g@ v;N QզW?nR[c6!p{އ@+F禽dzK³6ȥz PNDuܙڑ=#iwArTeP ~Q5neZT{%Hz"5)2U! /bA{F8"<,@]5ꃧPmFU},Z1B{>?k»IcWHF"GDcP߹f8${, '*9:Eݷç2k4s;/-H05Msy(a;SmR- A 0[IKvot":JxU5`,qV) ?7&ψ̓<}H,ynI y~Fz^D'/ON)hߏ![&%6QroE[͂Gpu/=V4CMɕ爟wu8d+- #1 J7bi- KmWG iHXwF7)8|=*7ɯ0m߳v@$j f7Im7tP FoBRs#̜=)O 6D.UhLLQg9&%\F>uwhBCn6xbvlǚx_2y;n1g&̩KkT$9+CEۛ?S%5R͍[ʎKpC,dV<V 0ٮq z46F>_ue3U:Dr6 (W8z() xrQ}Kȸw*lȨ %=ˣoe(*+`lJ)u2J dFხ| xEBJ>-d(+JPGj;^Ëq3Wb|76jmC=XY6WۛvbX[%f O"]D'hj+Pi,jh´/ <,iy[q'F;PbB7Tͯɇ:'ؒffϲvf`#O6Kg %^ ^a5ރ>UFH.j'05@nza;rG}h#;-҂vYT+{P4w|c6-o: 31.nK ΂PqsuDGCrؒ/+Ai{%Bpq& ߪ&0c$VHㅦܕ'8a([|గ8:M>vg#m'e 5Lu!jjj/{UX\aq95yVB9Vha3'ZP&GAB(Y+U2gzB/ !Up:KR`%s{1[zd-^04ن Ң k H5B|-#ͅ鏊~QtROܜbOSC*x~|ng}^wGMI2bm4KVȟ~7U=I0sA~֮K^GvsP!| wI+5< x,WOfGB0 {"6)Bv x;#R=s`?E¥H=ϒfyrVHo}6zAȽB-&HVpr#5{<$#fǣEh73  ڦŅquځNdK3.#E :-b^Yw~t١BJ_\)}q>-7bg:aPX K;,T~1B _(58ogM,"` m{>}{Ƒ.qr[苕U>!{bɋ_GvdSrJ4!D`z&Ǹ `uT4,SLr?㠧;l\$NmG>_wP:MmU=Svkœ- :}V~XpC~=9LBqy,>oZyn]< }idXV,$ <(,4Y)N"4n²Nz0|Fus;q`p?w#Vv!)#ɢqtƩ߄kt) c%77b*rG{ht)?\"R녽pqWPo Sm)2iŪ 4Z/2TKva3E^O3Q㘊^+ę7g c{J.[J[zt"U7w% :^wv&L@IX>& MZ'#' <8Q]iO#ѠM;ۍFauHO3( wE޾vں 4-θmE=tڈ},>طv>SuZZ~^h,:*`>2vODgȦaq-"InZ8k Җ@:~qE$x2EȊ+91g ]Y=DŽP(alO|d.t-xţ IF;϶&}|Ў{i?I\-s).J3U<|f8HS%7<w+j: 2t='A|fZ. FR]p _9Iz"CY-CE6tm0 Sy^s<\+9&,,A&s14 xdkn vEǃ'4)Z$͂sΜ2>f1 ed !@xk9⣕R6KW>Q-7FOs5S%d gL?FZG& b/~J,: x${,sE,iޓg7_19{zǭ螴4ޤ{WWŨdAս%P{P|Qr{K>~ y)  gMmӤRـ'_Q 8-3鹪`{qŠ0r֍$va6dn#+MnP[eh/ȋDʱ@d eɌV\@4g=V?y8xѕG@m<}lPȀ ࡟a0Uܖva# kGT$Vv`*{SUTm^KAŹUy):fP׽oyĤ,Zs`WFjqñHn]r1~~%O4X~615\K~j=vM WA@DcxuuFP.7?KԆi5@IA.F{F:t;-mʐ qjfz_M˒#(onO% m/d TZ PDulWXBH+I:\m'у[)׋72egLl@SlBSf+eѐЧ֩(Rњ#ȋ`&n+j9EZCzY?NEO=C8>֚Tky"d+.F;Ǫ>͆Ai, E`p7#zTƻ?.~oewC<*W.Ԧ zLkیCzh `5ڟša>KJ ~!9R*Tk]'*"xZ}NIF~G z)1yIU7~>'Φzѝzz-sI[+{0Bd.,'`GoJ<$/;DVfn]hp83Jn!&-Q3uz~u1zl+ޟfS(eޥdAbjvR 3: S+W=y6=>;ze;)\, lvTY8Pcn`3"N|N y5 / `xqe@3"q1 +()9&/pffs,Zvz!} v"_'Rqm\{ ؾUp#n/1Jp%Aaf2.҆!ejM4vj- ܹvVf>?TJ] Ģ!YSTa:'K8薺]$cǭT3haWI2ϩh:Lz\P)_d~=!84b1\rgS ,i2$@`b*˱Ҩ_`<1:nz -tZQQkYl8>?z/ރ\-lcdgkțv~)}H@S6Եl,PIwƀ#~KQ~ fRs۷f3xFK=7gzgItOK5.V+SgܳPZ!bsFQۺ;UM`LmltQeN@!)[q\}ηty$LavjS5Z6&KU΄J Oz[Ҡ$+T]qed&n}v6V;G.R8;:f5"D ؕBa0 "ۯETe?G>LL˺U%Xm;h,=ӞB}-O6vYf7*vRy0 u(BF&CCI"3q62b)|%82VVy>J7 1xArژ>P_+zrtL[:E}0  o懧 UCxjzKZz~n5rM:-ymR6VD|c 7lls]2=3=CG5jSFgl}/jB$IGw`@ɯk_ ͑2 [Iu.-K[Y8@ANSیwEۭ. ς֫i=XJs Y\凊WRBDzSr_N,eR@z:0:! &z4tܱ<6>)()P}.lRzCcNJ 0M'SZOQc5o+d<%k֛;j=K#Jµg'`>\bMp2$AZ1 :O$H܆\;} dW-Pȵ_gk O}İ}i̝WJ۱ P@.XAb`&u.(nњeS~/saJl6du{' cȻK^ t{H荖;VȾ3HSH}8Wo/exQG+o)Xmnoʈi20 N?5kCRxy|/Ɣr'*elFTYTh|z2gڦ%9`ld4i=Q4 ijAxn5b^(ےlJ ,Kj󥞈e;F$nωQ!n7eNql I! !dP=CY_5]f9Ù8b ]vTj%fakprj)4vodC2g7b>*U<he\zR C6r T&#6ޟz0#Zs$2'A|Y;ZɎa]FlyW'I#[4WjZ@Wk)Ey'_̍EU!+)'u=VXHP̉$oZ܍NCT.ؠ~3)7(ldԨvAi!W!ׇ[U" hyh@q~IPo}~(eTxӘF%UP|+FƝ=h\x&0pz' +4^n !`Yc5a|qWQYńqV|yfg18֢\0ܷ<%D3/q"8W~nACD.Ե_P'̺ ,V ȠUڪVof| c]} PL'r'2=oX B'UA/+2o_$>Xi``gyn{1*D9TWdG:–]d6?^Gt1|w\d`#0ntJ\[3I z#)y(+s EV/B_fgfjs`P=f6,h#A9x*_ۊKA۶smԇܗ/G#a,@b/3Ա+|GVvꔳ]RWV1'wH!E0*6>>Iޒ{|! ;w 7{ -%)+ 'OSm20هhLzԋ{_ҳ=oUo*S@i]*+̟U/m-;0 >uZ:yۗhq2̱o#<|-AEz7HZR[*jh ݹeE#S &0W0} ˂YߤI1pD1)+m6uQvV@is/($vZQ[z h%a?b!PM?^=6~ %rso%nT`EO et۸ݲ9,~4bAxw! #^WӕI z):4nPt4;ʗٴJеa {I̵M4&W'nZ )@=~O) @zLP#yrޫVbNc[T$V&G^ yf)c58fF@=4\/P3T4,#Y;U;.=8y#i5V# .`GN2=iʃrft[&dIytS5*~܀ ]nG$9? 0r6q>SG?Y ~A!DČV~@/yq/gZx~:;+')XaO?/\*]pBRp\ :8 Eu2y9a[u|~ WX:B̠B#y]/R ̠Eqd7Ֆs G =Q]mAyxeϹ>! P|=bC4Eʜe C6|L`d Ö2.iP&$l=H4 :vlg1u01#ɯ{ߍj%rKW-NQk-0He_m_XMmiSu78'\Ė'h87b6B0*5WS,ΥcSx4%$JW`=8~A(+/ _7gp,ҷSE w+tp,9Gbez1_X`Ɠ1{y4ʐEx,}óNWX WM\#˹FhL54ήXa-ɕnטcHG/,K4ؗl 91/;ho 2;|a#ʘ~T^o-%ml 93&084yha׬XCԛ]`SEA$UHұj6E Jtb/>TՉwG%uPB,j`N >}O%,+ݻާLe? rw1%=ˡm3\Ɠi"^,lvY Oh *c NK|M0 BMEH (M:y:{@,ՐЈƢ-B>1MiJCGÄra/m %G-Nu nLa<"%G<uݷ 3:[7YxoE^{`)eȺ:Um#ux20/}XKcxܾ ootG^< w 9Ow?Eb 薝lyL]2TPJ%y;5y Q"j5Eݤ6aGdn+y#sQkh1mQD'F RK$c17mTciʏ:׋&lbh?9v4mp (xm;ǫE5F3,s/nn 1UډAbB)G_`EMO^Le76`Sk $R29ئI=)BˇZ]̑⫝̸2xtAVA<?ifR*v;9K*L⩌;yr wZʗWOS3ᴶU*k*T ,&0!ߋd% T`,l]0tX]u*1l+m[P"D|(eRpZ sV!n8Zi,/<klIV5 EnzaM'Č{/MwcyF0= q gȋ ړ6 a޲EXqwq$TKy|i͚}5s%`-17з2{{nKa 3 @3| $J%1'E{K.:ڭ'$?$8Ѯ'r 6&ţf͑5⩁ljSb~I5!XE8n000{bY$_yүq!b>e4L?&#kVUDƿOB%'|UEBj~nU}{ -L{R3˿^{1uhfjgx2|v:Їm@o%N`;{WJ6@`O,^[ҋ,}Ck&)Pr Iվ+=^|ږW&Ty?YQVi q[rv{.ŽЧ" +/tfmvF4x"PE1GŽ0xV1#: ޴ݣ1d3_[Q 7œ[mq9lɳwbH,V YPc*@3N `WE!97VFhثUAp䘥:-cg`FO7(@$w.8#* t==gz|M"0ѿ(Ż\Мo6\?8>:g=>wR ŧH^iӌXdДJM3gD"`W,?j"~"sy@ - /6F:DII*; a{kej0;iMe*m~OZԈVNMFr~"j_5X$ꋒ\w[Hw,]IDa7ZL-f.5h ܀->+Z)е"cz#a*A^eܿ*ME?ۚ\V~^ߦlz(f0ˆc+>UfiXѩ(sj4M:}4J{")[ip_`v8G(-^TgdGqPco䝜`tåkPsޡǤ&)@ HdQ.۬ M:HGvT&XeVVGav?p'x9قM>G9?B?*TRb\p &&lqU3%4ɨu iRmZ0LLxUU8>W-=:'-|{z{r\̛j{Z3%@i9 8_V)}xqM} M^lЭƝ`͙J95"qs{h g"x+rE#21^Dݓi]_O{G7ՕG6^|7|7&:rQkP@UL2 Ӛ+_9,F/j51*́ɡG8L]S#o,#o,Y5 Ux2M>Ogl4qv*h`NamQ~@AdPcwfoqz]p Mb$OxH= joj9&HKm}c_ X+ r$HY;}_ (!sYg\|V:d._gQ ]TG d0WV̺+#ʷ>?k*,y =Yu55^ 0BW>0vMyiׂ2P`e :KAACREMRj4{ D2SCnQWyvvuۻOG22"u 9{[IGm:4ξTUJ>U⁦&oPHs5h榟O\LKVHiIrVѐ+v5}<ö}@z&sE{`Z-CHJ4-ݏɧMX"ġkcZ ]9'Ȏ⽥g`ߑ=X*ŢG֥2Q cҾg5QnV]M+9h"K]هÍy7z45#*2V&PY03K'oZ<x#r`Y6'h)VWw t |bsjXf >_zEPH0P I3q;Sxњoiuj"̨ÌvJ^Յ܉'I|/yOl12F450H.5˷AiUD fʁZ[ޠӨ9R6ζ*Lϟ(*_GNֱ;nx) RU'278R+s %HD&=W<(׮xi~(n&;SS2Fnn lnyIe0"ᮤ:σyw @"m Q4oGR|ܬϏ|k?-H$ -_n j7*o[Hy A4*ݪOoͣپ1"u:L_lBcN ٦E>EA DU Rj9ljR?H<ԔwZ~KĊHrlc6]픢HiCrmW]\nq-0#I`Й{a8ҼDiۆ) w}C!®=3_$a`ҨHM)RdGA⤨-#&ت'ϟ= Ex\`ի{$(rVL. A H>PIAQ 1 :<~'p(!/z#EavƖM1"UEZ\6դJAqaV{ιB#JWx0=݅{Z WRbǦ17 80#DV׋T#!+!J7= XTf^~6y}~$]C"gNn)7L+1 qw~B,Qi_` Me4f^V;'K4_=]jX.z- &U@-}9FxٽGP݊`uXFyCh̒a!0[R&VPOoa1hk JD޳Ok9v5~ BƦ `5c/ %5gؐʟY'&KB* J'w1:`֫&"t"((8dV8 ɖe4$:pw),DO\Òe'!Nfxۘ18d 0`9ܰ $<+b&t]?"<\^'usMzl!a %mirtt+t$Ԙ3 \֒ҸM_A"؀8в w&^-VzBYw[.yPAY^+g\3/lC>=.߿%?fe^xS̼ߊք ^B}khx.&11/=O@D?Ѹ"h7Ʈ:G8}@4߁-sTŽ7u܈rE:C+u5ZodxuSd^xu@őN+08I^gV],8D_U(3 4KB@ 5^FΆ>u})1%y>gx@sЎA0XhZ0i| ,޾z5'L\oЉ ,оDZGx>F݀H2YFT-!-O}@<cy傹BjOeR9b?g^1i櫵3{;mq1p18־'TŨEL*"h'EF?{:w>J핏PTeiy͕ @p(67+?F X>WS于xM?5WJFȄ#v)Ni-x$ PU 5]g>ٸC)G-}{M5,bg 9@<17$Q)Y`WX@_?QGP( qB|X=04AKYa[N' `(!zVhͪ$LH\RH!3u(r^]:rѕ(I4n@L&g%'rPSO3~ޘz2obM RK,Pb`ڊ~=SAEߕ!j>O[p( 5 2eN>qHHG5W K~;Pvrb#,(HcI~yhs|d۔ $@fܑߚ1:JFwᴻvF:)b`6ڸivBkFGȖeT{bb+ JgвՕDyg`[ܠS-L)s#tT:H:EM`H x=obI/2\nLkE*L/; b&U!K0/mN/Lċ_":7$DM yG 7e%Vjb3'ܷ_ 7@ƺ %:u:l.tI3۾HT325Gu9 ' _spK}sikO6 7GѦF/b(ӵxPe# _oV| ۝7k뇈|'=(dnL ;wХIZڊ/]j*DHdo ZP^wyRC0_ܖHBF VoiD8"NMgE_iS[ y9h~D Jv[w+1S ȈrNtqdkjA/yF"3]<7:?N >K"l%eۿ⽦|P j4БH\&Ěl=lQ! ,EuAn; J+JBY/vq G4w^v6M36!- aS2-H1lPܝDURߎHBvARU&Sb#к^YX:u&|d FĭTZzs R}<@e.a'0cSD!*$w1FBZ1ߔVvLswVZ )x iNJt)#%tz?bl0,FM}N8ɶ䄈o9O>l 0蹬pb{GN$%~ \䟵Hr6yP8[#=1h+ZG v&e|Y?s:xXisQ{Mj/?(qw}H "]رN㭝">u_=8°PxZ=(liO&iDWQTaFK[)-yc4-^h\G=cwY*incIc*<#x\qQ*#R&/۶WP71`*ѐ`4jj^-R+i`%5aVF!]{qXo/'TI,SU3RP!^ `8Өt(P~.q=02&^ilc}Fk5b^}ARO\>/gRÀ2=]0YVd\MlB0ڏIwki P։a+;OgnfӓqC[BBaqBVt1h?TH+b0Cz Wg olas^" #;67f~CgΣ FV͜["ĝVKpsq1\_:.pS?(vҟ2{W0wodh=<p7i鲝2*LE1.9A։7oɩL͢P3o&ri+hj[ KQ.lߏޠ/991;A8L4^ Gy^?tkp·hMCeC5A|sƷw=mkpP)4Ixgs,|%Y]}{8̭ϓ֤tJDyu#VbsXS&泋A1q^2|nFn󲯢v!\7$J]3K~Az(#Vkg?zlSp!NV:]Ȉ`=3hp*ft0W"wl5<ynIe#xYiUW^Iz:ͭXKB$ 8rfbΫ$KU䂥 bB?3?ʕ4?[^ciD3@Q:iŖ_K:sa3НNshE誑0@͌@؟yKJGiPMܒVJWsD|]%9/ЩSb7yoMI<^MnC-}S_ᠰ 8 %5Mid[Tt|Y|7^bj!:/O\@?[=}(ॳ0(8JչπTVI"ATv3ցh_bz=di#XQ)dO]As:2$Tmw+(+ ϰG]k'W5xC=iTI\@VIpR#P) KɴWhrji<`#4*^.rC9d!;C^iNUVz< BT "c WXuf=,8ZI5 J+F鰩-(:߫ gU[4ZJ`RVdEcuљ bj#gF'y@nV^EK; Α&r2:89##U HEòDC>^O^>[oM>Oԭ~=;wl/HMWIAa8ol{|\L8[i]p2QOوRN18$qa}34{!D Ւ^4#NJ,Q8\yd#ǝ_,c wڧ٥J:Φ;K;rk9ۗf&.qjn Mx鮂nǬ0ivwAS `1N6;VhII2ND&%DpUm^PuMb22욋MIzGZsͱ(IֿB2ъ>=l%Cj?O(> ẙ4')> G?zg^`#iz}!Ý^~#]J.7}.o z ;U8QҀQ,DqO_K ~+Nu}^l|%?%[^lfIγ( b?bA9)zV(Mr*ٍ4mf pghF۫ޛηLY*%y_^xyup:3gNJ0Kc.w7RߛJ ?m!Rm%};3V N~t'wMRY1z`+srڋVMsB#UW[n9օQs&ƣ}'mNwUø[󯱈& C n䜮3·Ūum~Jt̶H_Y عɽN݀sMQEue.T9'Z "Mq`d [¶`H4<%I-Vdl/mE2wOf8^35gxizs dWܶ"ßV~t$9YmM+Bd}ʂ<z2?v߼3*/?H)z=' m[Z^cTgL%A,ŸrV4+BlC3_N6D Yk')ԸiٔDS:BXAc0sXFYʅE2AMO c6I7 hOZ@{Sh=͠4w+ɽ~nʖpЄBߗ1bQXbmR8Uǣi^+zi.QBkz3JrA_ /ݼL;z.<JAقy Q6Õ@4rj5k(/ W*,|CO"/(?,4}aA~< tH-LlRGd3yW,W.>O/_,oH!qDpQ9 nGH ǽ*Ysn u ֒=5:fGY1-l*];i|Jr %+˅8/Ph//Ʌ &q@u&7k;}T>! 湀Mg;70!HG%vxV&ӞaNunݨfͨ4i+f6ڜ:!VB8Tq wC;3{!4u=7RJqTXJ%"gN+?ueLorST9T `Į3"2{( ׫=KUf1?!P]Ucgڌ`Y"V3iK~A==}1[pbCvNEYWCx߷gFҟqW<.;d 8Ǿ8pcЍdvXl]OX9'b-Q'뒙sz,! "Qio7R 0E}M2P@'dF69"a;+0g*R,Kzנ y!Gᵣ6{UHߠAʼ@z0EnNbeэ1 /KeB s+$Ud2P tmw4ǗkIeE7X _l71@,I+ʋ#ҹ'h Ċΐ+Ԑӭabd dp!=|LJ.z0g8| AY@8JUsLEC!Et ќ|/zQoG.Ѡ-?O7y=&cpCgI]6Z9umdL x'V a½$VB l Qay`*[5A\[?m@Q4ܱl~4Q]S¾o- g>[!%Pxxek"GA~> }#|夌TD|o-[(&8ߟa7Tk7ήgel٘I| S.Pj;kv:)lՙKSޅs`B-;^ɷh9K78$zv n[NB> `᪜9:⥃HWTN'dUFIWO-(Հq9=F4#ư&]} ʙzVh .loؓ5[7D7iZd3YT=\aݢr= XZci-t}ia;Q<)4FL禿(_$BBԁEт`="ryN̝fo6A%v?$6[QƆM?^.a=4tz\[ȜJ5gvC(A>J<"7OFcKZ Hr ̬ɠK20Y0} B'dCÀSsm1^wHCێ+ZRaci&/y ?*L8m&HUE &ךEsƊ5X7c?ڈ8WLuzD8plE϶HT~p`NZYpI_} (DecN*(AzZ,\ FzIzc'P:4ԐJf'z̗䫽elowh\uX7Nov>'Q%ΰUxo OzXJ3=w`Na=rp:0!]C asq7 {\NҌ> D44K5l*nKr>-n1HI ^"I`e#+^ɠp2 *z^m)iOuGuV 76~Cs4!a44! G+N)0}g)Etbս;-+(J[7Q;rjGGͺ0.!}@7TDN'0HK\^tT7͍O:RAVzɂŪByTT` x%oȻ%_[‹S5Ƴbj=fO؃jݒ[N?+ D&KyÍ"ˡ~ >mH(.o!alA 1e/Sj^Z }Kz.X$ rH@ "F9djK%eDZndڐbA(EGK;v:ŷE3\ͩ]9Nj#:TOEfs5^wٽ~j,F.}2*倖5" voc3iF@5h'ꔷj#.pW-6CCTdBfZ>ۆ`L.ݑ̭ *CV:$IGE59SELL284|3Υ ǛXWcz Z|WZ S 2JcՑIU{j@-/L-g:rO9>INb渹- X湃g9;h૝mF!CGOnδKɹ&l%4ӂ-1\i+7UU[kݫo]Ů9E7=m,:b8mZ>5l/&VfA'Ʀ,ǨA'~- Mӹj$kֺ /^jm_d'P?`*>L 3ei eJFAJؒShy.OIM5O _~)Va5Y{x~ݻGl3tjP YZ