nss-util-3.90.0-7.el8_10 > 6 6_6 3!pQp)Tξ7]mtZ`fO ]mtZ`\wOPF!zSt$)i)Hhnc8i+t+ai$TAzz) tP}q̝SϓtF"9$K]/UPDR;>s^> ݠ5*$D ϣc@(¹_i0MtWN3^Jj(FVg('i'fĻ0L 1~=6E 3Ku }rhJ+߯(f&pr:njyK*=lYxZf!ㆬ sڹteݒD)|_k3!)ޮ+Cv%sY&*VG)78ee35c0eb2586a41315cf421349c4cfb23efb231f0dd4780cf3b63b303f8e5153525bb1250413011846d955b084eb2634dcaae63!pQp)Tξ7]mtZ`fO ]mtZ`[t-R :]!, B0oGx!8?W$q*NmysR6sV4|za,t r9y|E8w3-}p9 Z/F|$)Ti eǐc(PӉ4Oσ#(Б h;~BEDJWJl e@QdoOZ?‹0rXs'R&(I1 CՂ"G ISRPd JKdOdS~p;N.!?{fIPGVƀ|xVfFg6V>F}QJVZxfRGt~y˪Y1M :q4C;Ud"^g%l]NIh b+_D"_[+\n vI]~dyuI"oRWL?8йV<_/D7ƻSPZV' S[Kĕx~@[KjrX>p<?d   G /5<T ` l    4Ljr(89:_GH4ILXTY\]^Hbd eflt0uHv`wxy4 Cnss-util3.90.07.el8_10Network Security Services Utilities LibraryUtilities for Network Security Services and the Softoken modulefNord1-prod-x86build002.svc.aws.rockylinux.orgnTKojiRockyMPLv2.0infrastructure@rockylinux.orgUnspecifiedhttp://www.mozilla.org/projects/security/pki/nss/linuxx86_64$'FAAA큤fNfNfNfNfNd|Nf5c92551895491b035d816c037957b1cec1830f09b3330c4cee07a65c2c64567a20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4../../../../usr/lib64/libnssutil3.sorootrootrootrootrootrootrootrootrootrootrootrootnss-3.90.0-7.el8_10.src.rpmlibnssutil3.so()(64bit)libnssutil3.so(NSSUTIL_3.12)(64bit)libnssutil3.so(NSSUTIL_3.12.3)(64bit)libnssutil3.so(NSSUTIL_3.12.5)(64bit)libnssutil3.so(NSSUTIL_3.12.7)(64bit)libnssutil3.so(NSSUTIL_3.13)(64bit)libnssutil3.so(NSSUTIL_3.14)(64bit)libnssutil3.so(NSSUTIL_3.15)(64bit)libnssutil3.so(NSSUTIL_3.17.1)(64bit)libnssutil3.so(NSSUTIL_3.21)(64bit)libnssutil3.so(NSSUTIL_3.24)(64bit)libnssutil3.so(NSSUTIL_3.25)(64bit)libnssutil3.so(NSSUTIL_3.31)(64bit)libnssutil3.so(NSSUTIL_3.33)(64bit)libnssutil3.so(NSSUTIL_3.38)(64bit)libnssutil3.so(NSSUTIL_3.39)(64bit)libnssutil3.so(NSSUTIL_3.59)(64bit)libnssutil3.so(NSSUTIL_3.82)(64bit)libnssutil3.so(NSSUTIL_3.90)(64bit)nss-utilnss-util(x86-64)@@@@@@@@@@@@     @libc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libdl.so.2()(64bit)libnspr4.so()(64bit)libplc4.so()(64bit)libplds4.so()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2.5)(64bit)nsprrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)4.35.0-13.0.4-14.6.0-14.0-15.2-14.14.3f@e@e@epb@e\d˖d\@d\@dxb@b@bγby@bba@blbbb@a@@`E`ݮ@` @`ٹ`̊`9@`Ȗ@`D`r_@_^@___@__"@_"@_"@_!d_@_ L_ _@^^@@^@^ۅ@^4]N@]]߶]e@]M@]µ]L]]^@\F@\Q\\\\\\@\I\I\U@\ `\l@[[[u[#@[[W[O+[M@[ZZw@Z|;Zo Zo Zg#Z ZZZ@Y+@Y{YY@Yn@YV@Y@YyYm@Yg`YJ_Y1S@XX@XX @XXYX@X@XX~@Xx@XoX>@X*X@WW@Wt@W~Wv[@WrfWoWm WbWQq@WPWJWDB@W4p@W@Wo@W@VV޾V޾V@VяVIVɦV@V@V=@V@V@VO @VHsVEV3[V UYU@UU@U@U>Ua@Ug@U[%UUU @T@Ts@TTء@T@TÉ@TT@T@T?@T:m@T"@S@S<@S@S@S @SSSSpShS(5@S@SRy@RJ@R@RR@RSRR@Rm@Rg@RD!R@RRR|Q@Q*@QQ@QKQ@QQW@Qw@Q]k@QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.90.0-7Bob Relyea - 3.90.0-6Bob Relyea - 3.90.0-5Bob Relyea - 3.90.0-4Bob Relyea - 3.90.0-3.1Bob Relyea - 3.90.0-3Bob Relyea - 3.90.0-2Bob Relyea - 3.90.0-1Bob Relyea - 3.79.0-11Bob Relyea - 3.79.0-10Bob Relyea - 3.79.0-9Bob Relyea - 3.79.0-8Bob Relyea - 3.79.0-7Bob Relyea - 3.79.0-6Bob Relyea - 3.79.0-5Bob Relyea - 3.79.0-4Bob Relyea - 3.79.0-3Bob Relyea - 3.79.0-2Bob Relyea - 3.79.0-1Bob Relyea - 3.67.0-7Bob Relyea - 3.67.0-6Bob Relyea - 3.67.0-5Bob Relyea - 3.67.0-4Bob Relyea - 3.67.0-3Bob Relyea - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1.1Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-17Bob Relyea - 3.53.1-16Bob Relyea - 3.53.1-15Bob Relyea - 3.53.1-14Bob Relyea - 3.53.1-13Bob Relyea - 3.53.1-12Bob Relyea - 3.53.1-11Bob Relyea - 3.53.1-10Daiki Ueno - 3.53.1-9Daiki Ueno - 3.53.1-8Bob Relyea - 3.53.1-7Daiki Ueno - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Daiki Ueno - 3.53.0-1Bob Relyea - 3.44.0-15Bob Relyea - 3.44.0-14Bob Relyea - 3.44.0-13Daiki Ueno - 3.44.0-12Bob Relyea - 3.44.0-11Daiki Ueno - 3.44.0-10Bob Relyea - 3.44.0-9Bob Relyea - 3.44.0-8Daiki Ueno - 3.44.0-7Daiki Ueno - 3.44.0-6Daiki Ueno - 3.44.0-5Bob Relyea - 3.44.0-4.1Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Bob Relyea - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.41.0-5Bob Relyea - 3.41.0-4Daiki Ueno - 3.41.0-3Daiki Ueno - 3.41.0-2Daiki Ueno - 3.41.0-1Daiki Ueno - 3.39.0-1.5Bob Relyea - 3.39.0-1.4Daiki Ueno - 3.39.0-1.3Daiki Ueno - 3.39.0-1.2Daiki Ueno - 3.39.0-1.1Daiki Ueno - 3.39.0-1.0Daiki Ueno - 3.38.0-1.2Daiki Ueno - 3.38.0-1.1Daiki Ueno - 3.38.0-1.0Kai Engert - 3.36.1-1.2Daiki Ueno - 3.36.1-1.1Daiki Ueno - 3.36.1-1.0Daiki Ueno - 3.36.0-1.0Fedora Release Engineering - 3.35.0-5Kai Engert - 3.35.0-4Kai Engert - 3.35.0-3Daiki Ueno - 3.35.0-2Daiki Ueno - 3.34.0-2Daiki Ueno - 3.33.0-6Kai Engert - 3.33.0-5Kai Engert - 3.33.0-4Kai Engert - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.32.1-2Daiki Ueno - 3.32.0-4Kai Engert - 3.32.0-3Daiki Ueno - 3.32.0-2Fedora Release Engineering - 3.31.0-6Fedora Release Engineering - 3.31.0-5Daiki Ueno - 3.31.0-4Daiki Ueno - 3.31.0-3Daiki Ueno - 3.31.0-2Daiki Ueno - 3.30.2-3Daiki Ueno - 3.30.2-2Kai Engert - 3.30.0-3Daiki Ueno - 3.30.0-2Kai Engert - 3.29.1-3Daiki Ueno - 3.29.1-2Daiki Ueno - 3.29.0-3Daiki Ueno - 3.29.0-2Daiki Ueno - 3.28.1-6Daiki Ueno - 3.28.1-5Daiki Ueno - 3.28.1-4Daiki Ueno - 3.28.1-3Daiki Ueno - 3.28.1-2Daiki Ueno - 3.27.2-2Daiki Ueno - 3.27.0-5Kai Engert - 3.27.0-4Daiki Ueno - 3.27.0-3Daiki Ueno - 3.27.0-2Daiki Ueno - 3.26.0-2Elio Maldonado - 3.25.0-6Elio Maldonado - 3.25.0-5Elio Maldonado - 3.25.0-4Elio Maldonado - 3.25.0-3Elio Maldonado - 3.25.0-2Kamil Dudka - 3.24.0-3Elio Maldonado - 3.24.0-2.3Elio Maldonado - 3.24.0-2.2Elio Maldonado - 3.24.0-2.1Elio Maldonado - 3.24.0-2.0Elio Maldonado - 3.23.0-9Elio Maldonado - 3.23.0-8Elio Maldonado - 3.23.0-7Elio Maldonado - 3.23.0-6Elio Maldonado - 3.23.0-5Elio Maldonado - 3.23.0-4Elio Maldonado - 3.23.0-3Elio Maldonado - 3.23.0-2Elio Maldonado - 3.22.2-2Elio Maldonado - 3.22.1-3Elio Maldonado - 3.22.1-1Elio Maldonado - 3.22.0-3Elio Maldonado - 3.22.0-2Fedora Release Engineering - 3.21.0-7Elio Maldonado - 3.21.0-6Michal Toman - 3.21.0-5Elio Maldonado - 3.21.0-4Elio Maldonado - 3.21.0-3Elio Maldonado Batiz - 3.21.1-2Elio Maldonado - 3.20.1-2Elio Maldonado - 3.20.0-6Elio Maldonado - 3.20.0-5Elio Maldonado - 3.20.0-4Elio Maldonado - 3.20.0-3Elio Maldonado - 3.20.0-2Elio Maldonado - 3.19.3-2Elio Maldonado - 3.19.2-3Kai Engert - 3.19.2-2Kai Engert - 3.19.1-2Kai Engert - 3.19.0-2Kai Engert - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.17.4-5Till Maas - 3.17.4-4Elio Maldonado - 3.17.4-3Elio Maldonado - 3.17.4-2Elio Maldonado - 3.17.4-1Ville Skyttä - 3.17.3-4Elio Maldonado - 3.17.3-3Elio Maldonado - 3.17.3-2Elio Maldonado - 3.17.3-1Elio Maldonado - 3.17.2-2Elio Maldonado - 3.17.2-1Kai Engert - 3.17.1-1Kevin Fenzi - 3.17.0-2Elio Maldonado - 3.17.0-1Fedora Release Engineering - 3.16.2-4Elio Maldonado - 3.16.2-3Tom Callaway - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.16.1-4Fedora Release Engineering - 3.16.1-3Jaromir Capik - 3.16.1-2Elio Maldonado - 3.16.1-1Elio Maldonado - 3.16.0-1Elio Maldonado - 3.15.5-2Elio Maldonado - 3.15.5-1Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Peter Robinson 3.15.4-2Elio Maldonado - 3.15.4-1Elio Maldonado - 3.15.3.1-1Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-7Elio Maldonado - 3.15.1-6Elio Maldonado - 3.15.1-5Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-1Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.15-0.1.beta1.2Elio Maldonado - 3.15-0.1.beta1.1Kai Engert - 3.14.3-12Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- Allow for shorter ecdsa signatures by padding them to full length- Fix ecc DER wrapping.- Pick up validated constant time implementations of p256, p384, and p521 from upsream - More Fips indicator changes- FIPS review changes - add PORT_SafeZero to avoid compiler optimizing a way zeroing memory. - update the indicators for this release - allow hashing of longer than int32 values in a single PKCS #11 call.- Fix expired certs in tests - Fix CVE-2023-5388- add indicators for pbkdf2 - add camellia to pkcs12 doc files - fix ems policy bug - disable ech- fix the change log- rebase to NSS 3.90- Fix CVE-2023-0767- Fix QA found failures: - remove extra '+' from sslpolicy.txt file causing test error values - only use GRND_RANDOM if the kernel is in FIPS mode.- FIPS 140-3 changes- Update fips default for pk12util to AES rather than TDES - Fix bug in pkcs12 files with null passwords- Better fix for test regressions- fix nss.spec so it works in a rhel-8.1.0 buildroot- FIPS 140-3 changes - Reject Small RSA keys, 1024 bit keys are marked as FIP OK when verifying, reject signature keys by policy - Allow applications to retrigger selftests on demand.- Fix pkgconfig output- NSR Coverity fix changed selfserv from passive to active, change it back- Fix regressions found in test suites.- Rebase to NSS 3.79 - Set FIPS Module ID - skip attribute verification on attributes with default values - don't export trust objects if they are default trust objects from dbm - add dbtool to nss-tools- Fix CVE 2021 43527- Fix ssl alert issue- Fix issue with reading databases that were updated using unpatched versions of nss- Better fix for the sdb timeout. The issue wasn't a race, it was the sqlite timeout waiting to begin a transaction under heavy thread usage.- Fix sdb race condition- Fix coverity issues- Rebase to NSS 3.67- Restore old pkcs12 defaults.- build nss for older nspr so we can pass gating with the new nspr in the build root- Rebase to NSS 3.66- Fix various corner cases with ike v1 app b support.- Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC.- Revert some policy changes the generate ABI runtime issues.- Add support for enable/disable in policy. Now if your policy file has disallow=x enable=y it will act just like our other libraries.- Add OAEP interface so applications can wrap keys with RSA-OAEP rather than RSA-PKCS-1.- fips need to reject small primes even if they are approved - code to autodetect whether or not to use the cache needs to do so in a way that doesn't mess with filesystem negative file caching. - add kdf selftests- Fix issue with upgradedb where upgradedb expects standard to generate dbm databases, not sql databases (default in RHEL8)- Disable dh timing test because it's unreliable on s390- Explicitly enable upgradedb/sharedb test cycles- Disable Delegated Credentials for TLS- Fix attribute decryption issue where the private key components integrity check on private attributes where not being checked.- Update nss-rsa-pkcs1-sigalgs.patch to the upstream version- Include required checks for dh and ecdh key generation in FIPS mode.- Add better checks for dh derive operations in FIPS mode.- Disable NSS_HASH_ALG_SUPPORT as well for MD5 (#1849938) - Adjust for update-crypto-policies packaging change (#1848649) - Fix compilation with -Werror=strict-prototypes (#1843417)- Fix regression in MD5 disablement (#1849938) - Include rsa_pkcs1_* in signature_algorithms extension (#1847945)- Update to NSS 3.53.1- Update to NSS 3.53- Fix swapped CMAC PKCS #11 values. - Fix data alignment crash in CMAC.- Fix coverify scan issue- Fix endian problem in SP-800 108 code.- Install cmac.h required by blapi.h (#1764513) - Fix out-of-bounds write in NSC_EncryptUpdate (#1775913)- Add SP-800 108 Generalized kdf- Check policy against hash algorithms used for ServerKeyExchange (#1730039)- Add CMAC- CKM_NSS_IKE1_APP_B_PRF_DERIVE was missing from the mechanism list, preventing PK11_Derive*() from using it. Add gtests for the PK11_Derive interface for all the CKM_NSS_IKE*_DERIVE mechanism.- Backport fixes from 3.44.1- Add continuous RNG test required by FIPS - fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor specific mechanism- Rebuild with the correct build target- rebuild to try to retrigger CI tests- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set - Revert the change to use XDG basedirs (mozilla#818686)- Add ike mechanisms in softokn - Add FIPS checks in softoken- Update to NSS 3.44 - Define NSS_SEED_ONLY_DEV_URANDOM=1 to exclusively use getentropy - Use %autosetup - Clean up manual pages generation - Clean up %check - Remove prelink dependency, which is not available in RHEL-8 - Remove upstreamed patches- Update manual pages to reflect recent changes in commands- Make sure corresponding public keys are created when importing private keys.- Fix the last change - Add --no-reload option to update-crypto-policies to avoid unnecessary restart of daemons- Restore LDFLAGS injection when linking DSO- Update to NSS 3.41 - Consolidate nss-util, nss-softokn, and nss into a single source package- Fix the last commit- Support for IKE/IPsec typical PKIX usage so libreswan can use nss without rejecting certs based on EKU- Backport upstream fixes for rhbz#1649026, rhbz#1608895, rhbz#1644854 - Document PKCS #11 URI - Add warning when adding module with modutil while p11-kit is enabled- Update nss-dsa.patch to not advertise DSA signature algorithm - Update PayPal test certs for testing- Backport "DSA" keyword in crypto-policies- Update to NSS 3.39- Fix LDFLAGS injection when linking DSO- Install crypto-policies configuration file for https://fedoraproject.org/wiki/Changes/NSSLoadP11KitModules - Port enable-fips-when-system-is-in-fips-mode.patch from RHEL-7 - Use %ldconfig_scriptlets - Remove needless use of %defattr, by Jason Tibbitts- Update to NSS 3.38- Backport upstream addition of nss-policy-check utility, rhbz#1428746, includes required fixes for mozbz#1296263 and mozbz#1474875- Switch the default DB type to SQL - Enable SSLKEYLOGFILE- Update to NSS 3.36.1 - Remove nss-3.14.0.0-disble-ocsp-test.patch - Fix partial injection of LDFLAGS - Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream- Update to NSS 3.36.0 - Add gcc-c++ to BuildRequires (C++ is needed for gtests) - Make test failure detection robuster- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Fix a compiler error with gcc 8, mozbz#1434070 - Set NSS_FORCE_FIPS=1 at %build time, and remove from %check.- Stop pulling in nss-pem automatically, packages that need it should depend on it, rhbz#1539401- Update to NSS 3.35.0- Update to NSS 3.34.0- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka- Fix test script- Update tests to be compatible with default NSS DB changed to sql (the default was changed in the nss-util package).- rhbz#1505487, backport upstream fixes required for rhbz#1496560- Update to NSS 3.33.0- Update to NSS 3.32.1- Update iquote.patch to really prefer in-tree headers over system headers- NSS libnssckbi.so has already been obsoleted by p11-kit-trust, rhbz#1484449- Update to NSS 3.32.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- Backport mozbz#1381784 to avoid deadlock in dnf- Move signtool to %_libdir/nss/unsupported-tools, for: https://fedoraproject.org/wiki/Changes/NSSSigntoolDeprecation- Rebase to NSS 3.31.0- Enable gtests- Rebase to NSS 3.30.2 - Enable TLS 1.3- Backport upstream mozbz#1328318 to support crypto policy FUTURE.- Rebase to NSS 3.30.0 - Remove upstreamed patches- Backport mozbz#1334976 and mozbz#1336487.- Rebase to NSS 3.29.1- Disable TLS 1.3, following the upstream change- Rebase to NSS 3.29.0 - Suppress -Werror=int-in-bool-context warnings with GCC7- Work around pkgconfig -> pkgconf transition issue (releng#6597)- Disable TLS 1.3 - Add "Conflicts" with packages using older Mozilla codebase, which is not compatible with NSS 3.28.1 - Remove NSS_ECC_MORE_THAN_SUITE_B setting, as it was removed in upstream- Add "Conflicts" with older firefox packages which don't have support for smaller curves added in NSS 3.28.1- Fix incorrect version specification in %nss_{util,softokn}_version, pointed by Elio Maldonado- Rebase to NSS 3.28.1 - Remove upstreamed patch for disabling RSA-PSS - Re-enable TLS 1.3- Rebase to NSS 3.27.2- Revert the previous fix for RSA-PSS and use the upstream fix instead- Disable the use of RSA-PSS with SSL/TLS. #1383809- Disable TLS 1.3 for now, to avoid reported regression with TLS to version intolerant servers- Rebase to NSS 3.27.0 - Remove upstreamed ectest patch- Rebase to NSS 3.26.0 - Update check policy file patch to better match what was upstreamed - Remove conditionally ignore system policy patch as it has been upstreamed - Skip ectest as well as ecperf, which are built as part of nss-softokn - Fix rpmlint error regarding %define usage- Incorporate some changes requested in upstream review and commited upstream (#1157720)- Add support for conditionally ignoring the system policy (#1157720) - Remove unneeded test scripts patches in order to run more tests - Remove unneeded test data modifications from the spec file- Remove obsolete patch and spurious lines from the spec file (#1347336)- Cleanup spec file and patches and add references to bugs filed upstream- Rebase to nss 3.25- decouple nss-pem from the nss package (#1347336)- Apply the patch that was last introduced - Renumber and reorder some of the patches - Resolves: Bug 1342158- Allow application requests to disable SSL v2 to succeed - Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails- Rebase to NSS 3.24.0 - Restore setting the policy file location - Make ssl tests scripts aware of policy - Ajust tests data expected result for policy- Bootstrap build to rebase to NSS 3.24.0 - Temporarily not setting the policy file location- Change POLICY_FILE to "nss.config"- Change POLICY_FILE to "nss.cfg"- Change the POLICY_PATH to "/etc/crypto-policies/back-ends" - Regenerate the check policy patch with hg to provide more context- Fix typo in the last %changelog entry- Load policy file if /etc/pki/nssdb/policy.cfg exists - Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy- Remove unused patch rendered obsolete by pem update- Update pem sources to latest from nss-pem upstream - Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key- Rebase to NSS 3.23- Rebase to NSS 3.22.2- Fix ssl2/exp test disabling to run all the required tests- Rebase to NSS 3.22.1- Update .gitignore as part of updating to nss 3.22- Update to NSS 3.22- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Resolves: Bug 1299040 - Enable ssl_gtests upstream test suite - Remove 'export NSS_DISABLE_GTESTS=1' go ssl_gtests are built - Use %define when specifying the nss_tests to run- Add 64-bit MIPS to multilib arches- Update %{nss_util_version} and %{nss_softokn_version} to 3.21.0 - Resolves: Bug 1284095 - all https fails with sec_error_no_token- Add references to bugs filed upstream- Update to NSS 3.21 - Package listsuites as part of the unsupported tools set - Resolves: Bug 1279912 - nss-3.21 is available - Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit - Resolves: Bug 1280032 - Package listsuites as part of the nss unsupported tools set- Update to NSS 3.20.1- Enable ECC cipher-suites by default [hrbz#1185708] - Split the enabling patch in two for easier maintenance - Remove unused patches rendered obsolete by prior rebase- Enable ECC cipher-suites by default [hrbz#1185708] - Implement corrections requested in code review- Enable ECC cipher-suites by default [hrbz#1185708]- Fix patches that disable ssl2 and export cipher suites support - Fix libssl patch that disable ssl2 & export cipher suites to not disable RSA_WITH_NULL ciphers - Fix syntax errors in patch to skip ssl2 and export cipher suite tests - Turn ssl2 off by default in the tstclnt tool - Disable ssl stress tests containing TLS RC4 128 with MD5- Update to NSS 3.20- Update to NSS 3.19.3- Create on the fly versions of sslcov.txt and sslstress.txt that disable tests for SSL2 and EXPORT ciphers- Update to NSS 3.19.2- Update to NSS 3.19.1- Update to NSS 3.19- Replace expired test certificates, upstream bug 1151037- Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available- Disable export suites and SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code- Commented out the export NSS_NO_SSL2=1 line to not disable ssl2 - Backing out from disabling ssl2 until the patches are fixed- Disable SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Update to nss-3.17.4- Own the %{_datadir}/doc/nss-tools dir- Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic- Install pp man page in alternative location - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer- Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available- Resolves: Bug 994599 - Enable TLS 1.2 by default- Update to nss-3.17.2- Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work- Rebuild for rpm bug 1131960- Update to nss-3.17.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Replace expired PayPal test cert with current one to prevent build failure- fix license handling- Update to nss-3.16.2- Remove unwanted source directories at end of %prep so it truly does it - Skip the cipher suite already run as part of the nss-softokn build- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Replacing ppc64 and ppc64le with the power64 macro - Related: Bug 1052545 - Trivial change for ppc64le in nss spec- Update to nss-3.16.1 - Update the iquote patch on account of the rebase - Improve error detection in the %section - Resolves: Bug 1094702 - nss-3.16.1 is available- Update to nss-3.16.0 - Cleanup the copying of the tools man pages - Update the iquote.patch on account of the rebase- Restore requiring nss_softokn_version >= 3.15.5- Update to nss-3.15.5 - Temporarily requiring only nss_softokn_version >= 3.15.4 - Fix location of sharedb files and their manpages - Move cert9.db, key4.db, and pkcs11.txt to the main package - Move nss-sysinit manpages tar archives to the main package - Resolves: Bug 1066877 - nss-3.15.5 is available - Resolves: Bug 1067091 - Move sharedb files to the %files section- Revert previous change that moved some sysinit manpages - Restore nss-sysinit manpages tar archives to %files sysinit - Removing spurious wildcard entry was the only change needed- Add explanatory comments for iquote.patch as was done on f20- Update pem sources to latest from nss-pem upstream - Pick up pem fixes verified on RHEL and applied upstream - Fix a problem where same files in two rpms created rpm conflict - Move some nss-sysinit manpages tar archives to the %files the - All man pages are listed by name so there shouldn't be wildcard inclusion - Add support for ppc64le, Resolves: Bug 1052545- ARM tests pass so remove ARM conditional- Update to nss-3.15.4 (hg tag NSS_3_15_4_RTM) - Resolves: Bug 1049229 - nss-3.15.4 is available - Update pem sources to latest from the interim upstream for pem - Remove no longer needed patches - Update pem/rsawrapr.c patch on account of upstream changes to freebl/softoken - Update iquote.patch on account of upstream changes- Update to nss-3.15.3.1 (hg tag NSS_3_15_3_1_RTM) - Resolves: Bug 1040282 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) - Resolves: Bug 1040192 - nss-3.15.3.1 is available- Bump the release tag- Update to NSS_3_15_3_RTM - Resolves: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws - Fix option descriptions for setup-nsssysinit manpage - Fix man page of nss-sysinit wrong path and other flaws - Document email option for certutil manpage - Remove unused patches- Revert one change from last commit to preserve full nss pluggable ecc supprt [1019245]- Use the full sources from upstream - Bug 1019245 - ECDHE in openssl available -> NSS needs too for Firefox/Thunderbird- Update to NSS_3_15_2_RTM - Update iquote.patch on account of modified prototype on cert.h installed by nss-devel- Update pem sources to pick up a patch applied upstream which a faulty merge had missed - The pem module should not require unique file basenames- Update pem sources to the latest from interim upstream- Resolves: rhbz#996639 - Minor bugs in nss man pages - Fix some typos and improve description and see also sections- Cleanup spec file to address most rpmlint errors and warnings - Using double percent symbols to fix macro-in-comment warnings - Ignore unversioned-explicit-provides nss-system-init per spec comments - Ignore invalid-url Source0 as it comes from the git lookaside cache - Ignore invalid-url Source12 as it comes from the git lookaside cache- Add man page for pkcs11.txt configuration file and cert and key databases - Resolves: rhbz#985114 - Provide man pages for the nss configuration files- Fix errors in the man pages - Resolves: rhbz#984106 - Add missing option descriptions to man pages for {cert|cms|crl}util - Resolves: rhbz#982856 - Fix path to script in man page for nss-sysinit- Update to NSS_3_15_1_RTM - Enable the iquote.patch to access newly introduced types- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Fix incorrect path that hid failed test from view - Add ocsp to the test suites to run but ... - Temporarily disable the ocsp stapling tests - Do not treat failed attempts at ssl pkcs11 bypass as fatal errors- Update to NSS_3_15_BETA1 - Update spec file, patches, and helper scripts on account of a shallower source tree- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build3.90.0-7.el8_103.90.0-7.el8_10.build-id44408c2d8b5cfedc3a498954f97cb9bcf623aaa5libnssutil3.sonss-utilCOPYING/usr/lib//usr/lib/.build-id//usr/lib/.build-id/44//usr/lib64//usr/share/licenses//usr/share/licenses/nss-util/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpioxz2x86_64-redhat-linux-gnudirectoryELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=44408c2d8b5cfedc3a498954f97cb9bcf623aaa5, strippedASCII text PPPPPPPPP P P P P PPPPPPR RRRRRRR RR RRRutf-80613b799612670fb39a2c157e818a4584f7fe6c317048c311a24ed6348fbbd6e?@7zXZ !#,] b2u jӫ`(y0/!m75nϲXU4)kǧ9l٥? r#ΪyI=I/EuɅr7.Fh#;-b#R7Os30'trD`5jٜsLWÈBB'>IVP] +ژljBʏH4VV4u$a*>Ygy4a_+a/XD=zSg=y8ݶPyȹkِ 5{U*K"z2zuw]n ^8-X1_o>nXM_j9:+a_J,3S+9#J^8"^Z楾R%tKl>YOeq5VXp hҸq;o5΂WB9([Z\'V耛u5T%ʷUJK ub͐"\Etƿ1zѽIj n0/., Q3W~_yfp arΏ<1$8rbLr)egi/>-4\`'&ݎӨb7BFtm91̟WUlh,|y,OTwA u9%OrсEK@V1ynr.0ᅤY7h͈b@}VU"DPZ v9'b1ʹ u+a'l<‚=;67W;GIDgl,MjmS.x^ngCh{V=![jUi 'OzF ( M{!U*<1cѽm] E%xT.g pi~a1kg'!V e%2𴌻Қ"[BҜd b^|S! pxQhdEݚc4qmjs,P9.E$t*PB:=au^sB (#Vkd|im>qi*UT\+;~S)H6K20بNTe\(y+)b72Ղ^ܴ?)j$擕Ѣ׿ :ȊfGluFT_Ci%t0dp2FE1hmt s4__z }`ǻ=D}h6 9[!d.9:UQm1\AiI@\AZA̜U1`^QՐ K&4sc_N?XOuh&DV50׆2YNB S +7?IyO91VY4J⿲%·]D`  CĸhtYgo.}JFs22w 䫖Gh.p4O44PGaqqd'vmxBM`}o=.A+qT mcTxn* k9T`D H.d_"F MYʻj)u]jߪ <9 ˊ]5pp@N5l`dZhjY|^]PU0p~r.b' X=x|JlꬓYNU :hv͸1L*џs 8?[LD?*d@ΰA b!C_U- ~9~2ފ :dt%AϷ?A JPf۴C]S6L-ULjrf!S LlCKF<VJc<הX)(LD2>9,sP%^޸ip6pN v/$)-y`2. r䧦]of8/+ fI;s; 4$~w-k[?%ռx ;ǚ}Fu5+ mP}]bmn~Mtw>ķ(dGqKCR]FQm0&]G/˶m$1Mڶi R/DKꕦ* d~ !^ut7Uxd:Y<9L>+3ɦWՅ(QlsO|tfs}!fv}n(2FOW9 fkg}\ׅϺ{ϋ&'Eq k}zk@^UIv1(#{ɯo8rހٖ9*BRXEc8U1i2w3pQxbY@[!mMOKI^ - @hbT)Dn;tdjAǠz<>GSxL+\QbIa||UA:qwY'c3a 'Vl㚼˒*@y6&ok#NQ ǢxV׮b<39;AcZ+rJtx:B']Nr2) m<ҳFX٪ȯ2s,ahvJV"i)q}2Cf|##}3JVW >Qd#m}}zm@BUv/"ZR퉬1#3RW/Z |)Q2ofC֚[^I/o{a}h0'& }ţYVE o 'e}{w}$h׻^aD@'H za*7 T. h"^s̗2^?ǥ0w+drUrxl ^%cC^bUL2@ox@2]b>u"sQP &ܕdB,Ƚ8;1uPNK&c6m{A+E ?# x-#[2A&P;@& j51dk /016翷l.A34',Ռv d{psEK'8 95wű|ƈ4@  E“SSV7ַ4<;t?)WZwօ]7Ց >H {s|t$-".dZy˃tP]a~Xf]XD+-mzy].>-D<v7" k&)@[7Rjuv ^6(Af5^sׅ]a !Ҩۆae^$.ݝÅ(Ue.L^: k jۢjlgY/@ wY PJ^B)Nk%MV"5053JfmO8ar~V3)Mt7!Hqw Fgy@C|0Rq3(_FЏx8Lo94,ud#o0ѡ *8^$etG=YWm(ͭzh<40fu&羅?wDU # X}U0 0)`Z] 6ũ2k8QYGʋ+[򵞒D$3#C'(<KA!EiJ5.kp7T oUwiO%(TmxѴ#2ۛq fG +C>A&Bz&)Մ-Slwux>Lv7{avt qFtfA/!|-Ŵsz?rrAGh[ U-F2PKzYmjicOX.lx|S&Mh7|wQt6ئxLUfl[#Ѫ[gd xm{g5@hj߾! 1V;[F<ӴW kR҄(.wW1=ho* jWt {"Iye?&lHQ>W?gg/q|#_GQuiQ l13fxnYlWd 7U,|]P2(cE5Q|(D H8tLw7Y4)~=hC )8`t#Il Dhm.^C(ВSAKaU5h8 K;pP;G兼RQ:|4+߹&L[͕x9cZMlIVM&J,-{$/j q9BV} uL=gwB;of:5 .a1Ą@I[8ʷһ%cba6VrU|CvI'FM9 LaYR;O4^wY2 *<4-psiwb|AtܦI0p%OAϏa;l`Kdج N"T].$xNa4* ei5X{\$f$>oy5Y7kHg-6hwhD$^Ku"cXC m%H}m/_`광D\\l( +R ?OM5\71TVa7I(Ų|A&BSgT8G\ebt)/(=9FtesQ1lRU-ȅ/|sQD%4h (:}l.v~LJkEc*/%Kʋȓ,F y?5Y:gl3e&|쉗Y"1 =8"c6ҙ~X^'j~<[W e- OIr5F]wp GFi"1)46Aus Η=_UCslO"ZkcN \+T18Y6Ycƥ6|DŽdߵRʽYCiYy Z[k6EmOKj MEփAzDTk9!782\3{QcWݨ< ᱎʨH #wfI@Kh7Wࣖ .~mӻՁV~3{K@>5˪~7/P{Vpܡ(lP=ĩCǝ1R^% s}}Yx;Nd`vO1Nyˢd g[)4Q1< ϊ"%T%5&zӂT]`JٿT>>Ҭ|7+=(B6 QRȘ+|i oEC ~W:8gδꇲE"W! Cnj1tM@{Sը+'w6M2dYZS~YCAocd}9#W:`HD=4X{y1|X}dc%T2V4w?"ºMɭ6޿  3Ӱca8dz.#ITcóQ)JeJnCCQA=P6 {H&߫W]E 0=98z:fgfi:Ufݓק\b?9KLB8e/Pn]X) ģptpж18 kj@dN,leآF6bL&b8@[UٽkB%O,nw8"x5>a9OuY>i4/Y8vbBKDv. Hcì낾/cjsx˨O-}z>zL!Ϝ?KF{CfYr?SMEEjWQ穆}}،{E;*fn "g p4ùi$-4 =Ƕ$J S9[3` F٢B`EG )a\`y~{o-މ@0-HvI غ򨬺  \}-vz~!x.4 C+_'^|eAGU+m >kF5;[.A@g b^]/d.G$,\9Eu П$3e#\Ir #ߵjf  "h5Bl+;?N{[dá<إG;%9K% (Y0)d lk*.FR 2cjRG/x ,UwCGVX]& SJy5#%*K/|lyκcZk]^Wǩ_+gvU~pj`qwR꠽pŕ@) c`tN7ϩILNtCu{Ao)B*|%:7D:/h 8w 71<"; }|z}_ce2ܲ!x||'7TvÊ0P3%׉N,ҝfh9H<ӾY!9Sjq=<\Y_6w`l 6f10T_Q}-=d85uPF:)uq'n Ս:B~EoFV;pHZ27oV;f:~jZ4^t4gfdAxp8>1:(-R/-c &wt=u|=R_Q8F+;oj' Vރ1Jeϡd )~F7>pT-( AӔʛiG?DE`v)]Y eLS~NAfM*\ۭy[X3۩v nV($\șaT$^෵^T h## H/,}F郎W@|3Q4` {ޗeT)!pp6IdEwkr)>:{ 6l[Hzr>?se񣰕ze,C8)&? &뷲Ѹ]Nm}Zi6M{pN'ډ$ltwe Z~Qje`Vo ,[!A4oiSKW,Uˢ:Ǧ崗h yya`O}}y?ǃSE4p©,tC&t|r|zt\h= cغc%Ypk܊|J>Qc&^6Ora%;"^6 +%R!5WYEh"`܆T}O mS阀`w*%6A%\G;ڋ 18=LOiʴR{VVIZa(x ϐ+T0'ӕ%OIQ|#$"Dk 7xTg7x=% S3յ 0j傳ށs+љqG+th8}[[[`뽂Dšf^>Ӯq3<[Soy GBG]VnB;uV Z.4R(Pm)T`}_D $| ?ܛkULp;<Yn`?3nD \$ _g$tt}3V7*'0FTHq8s}%tǍbhO[f\oYӇrj\3}74Q][˞s!<a\K`*K?DFli]wfvV1X:|8eགྷߣ5'ut1][֦/+{o?!^hgj'T"H~wC~~EnY}پʈRoYC>]-s@qIw+= nJED?zy﷊L r?g g!ޜO|.Ro75Wa% 5,ӫP Iz' =L'7ޖf#= Xѽzrrq-ȶfK-cWQ$J4qxpE}ٿ_Y{qf QS LpCF2_!W0 xJ6+ ǴYZ,143٩|'Y42Sr*Tm >>'֩j ʷ^m1i-%]!as}([,B+kK5f40r]`/Q1n*/kFwxAEmpѳ8DpLu<91sW S֡;mj/LSád ' T= <-A":'e"p;6ڍ0muOњ<%لpj+mBIE|x3f< I)lD"bPdzFQi[+P$u(63fO-5p|g&8٧RَCk-C?B2:cU<[ip'6.ÉDgrǏ{Eluj:s!$$I`׼+ȨӾM#m/0ͩ<b8@ڈc-0iҗg%` ԏ /6HtT<WO K5 :իqHoY;ŢݪN֧Yn I󥜽$ QMDu}nU0C3B =<~oXVQL9DM+2wBhxaTn!g@V-NR 3Kak.}l|G[RlB %4y#29V-/bnVL3j#R@ !!LܐVL"~ 6ǚ>iur\xrͧj>9 W^f_qDP+0p[Xͥl8$R_M,f-{_pMޠhʀ5 +Q{ dDx7u"qsa tZ\L&*FLXY.2RiJ>8 8&6~;n@\^D[y—Fh䑋L !ކ~:e5{4^$B[b@+5V8 G3y]0S1zIp lp#]ؕz;/D:6DrJwb"lz50!cY;svsP1ٶqq@ʡ.@jNNOKo$.+Y{ " qt'7Qᅕ1o%.LWLnU+|Mv=j1+D *LKaeb^s=BD! ܵz|~,uvP`ThXPI{] QzylH t \f ]UI (Cpc֌dD '11~LD;Y1w#!׫cF_5AG!ze}? ?BfL+z~;{c,W-.Ӹ\8C5j22c|7я^-zc6,'!V G ks" \+"Y .HlKXPv q~Y+P WlaI eSEA.ǦZ)JFNwNݯGW (kS.C:ZCL Ӣ @ڦm.g؉&Mz!=ay9}u`;mjp\Xed``71.|RkP?Veo P,wܹ*YJ#LH (0Dy`(Q1Jd"-JA<),8BQͣp@l/@jlR`L)aw6eh7fx܋(\S LZDnK^0$3z50Rԃf-2'>HHB{-0"6lC33mu|eZ50.mñO_j$G/ƨ6w9&$"owl,J3:caso첳dEgDns&ܥ9<H]ҒM![B]>R3Q\UXWĶآka^_ ^cjK*Xúo`+SWBDN]\6R NkҤ'$ }z{~:7>pDu) ㇙T#I[cK !s=ތX\1qT| }o'G bn$EL;S4g&F~fo%NH5BARzIpe|JpRoa,q_ia,Ȗ4K4GCrbkg+襛tƙ,5x]FhW3@f'vEWh;*=:X>^$&3ZPaa5ڣ]d:ujM^#Z9BXX41c0ԵZ'S`|W ޱK +aT~-;&]m_Š[>&uMgSc8"N_pg].SS,MOw s܁.˜\V|dV Ptҏ2%:ޔ:keF1û {R0 't囘9r+^yI5eHr؋}g *@# .*?8uPUgc1V}y)F~O ך|tX M{3vxRb4%.4%H1)XSbPuV%A&E%<">}j ;2b,Q곿́AH7M(3> x;I \|ö,IpX^Z)$t0id:)ϜXizG5q5ΰĶy{r4=gr ROpy`kAFt l=!gu7(-:b"2ez ~ jGA# kvaJ?KIawER>((*V, ^pZ˳(DuKq ȖeE4xR?A;Y X~=5nYRWºh!@fqWpp n{j36K@bUr;)$]uwC6tܧd(cyHd DЯmG~<Ð|i^X <"N;UKZ x@Ȟ _IR^1['/in j)&v `QռIê.gNGq*.IzAIS5_;pC|V hJh, *ûW|j yf5}&yr{Ÿz zԺ02v8EV=dRKAՇ!x4$4Fjg0}&HbEh!wEd&ll!7|ˆ?=ah)Vl FMM,J5s:%Ϙ!O0AP]yC,9񍆋dfI:L8*x ~7VWe\9HeI !7LaeXV G*29LV#uhvjȧRq17:r44 <~E4#P;}"H B\YGlvK؎ş"k_w'f!gߗ.)xd̂Pz~AJ:MPJ< YN|K*LrܳJ[r;G\LL"U-4pԓ宔svm\RDvcJ -/ݴOAKD oEzKiָ(7ۋJI",MM`L}d鍂vJasf5VYҷnQԇz4>gS~=Ӊy n/]@.OBܣ/IRqH&u{Q\X82w{9ׄSu/~nD.kݽ a: #6S;WB )i,3%(AqN&P&F,IccDWGMX;b/)b=+d4NMNTcٗk;mg\:7gsr샂7 XѸRzl0`l A9 Vw~%*3]z!+k.!xk42'?a(jlڣӜ@K*?,rTJw^@&m q hjᾊ%¿v_2_5A/AhJ``2d%\<6CqvZ=QwuV7RٌNA}Mv75"rxoջ<:\85NJǐ9&څAV"ߙgLӘEՄe^m؋ TV%͎nVR632B((ǀ>*Q]?/F|s]t I| Z},x!x?JDH}N[{`$il{욳_t9jeW? A5=n4750!ݝ }* ."UvuDU?iY"jPGu9E}d/v9ҢZ'<|>ѣal}4 (<ḩ̺ΠU2JUte3}'AWSfD̈́E\{UAj펭jw ;~&0UceMmGG^YB9f48M3+R &nƻ̓Q6Eٷe*Àe[ ouˀC4UӵggO* Lo2q49qH!Oиb@^K*żox #$&Ø (T ;aI!T>,8<5,/>OGOH\NtNJMmѭ/ %ۛIqbfD.= l^G!ut]R|baݑ NJBro]\C9]x`KnV";8Tgbl;T؍US>GY@:1`YTMWX L((,:16ݝ<GtC!JE5J5TFs//JyK1%۪N@ 3;2\oLiXq5v}c}й2ܑcU 'c_)JZ@(qu@aF%2c/wCkx ka˸ NTkvEx}/<"b;F_Dꯢ_Q2X ]&\Se .ؕU=gls HtQMō",!8ʼt5Gߛ/Pb{ U6P[R U]LҪ:%#sDWNlߐbN!'0ڐ dxJO w0ngA_Ov1F ݆D ?T^>ƕÊz_B$8\.Սu9b8 >6K w"Z\%w76Co{ 8/RoceWtizlFh^UMMiDl'>DX6_kR6 @A^TFq+HtVwe|x!?g[xM9Ӻ"G>6s C*Cg3#Ko?E  ,p2[0E9;ޕ̣L1qe 00  ሏOsF=> x1 Ê"6ʶl9/Ji9A(@ RfGg 1.GO$¼ua~Wu7w#?~LeUeN{ f^cMXFmdƟin|@Ե 2gpso둍{_䎁qj񙭑TVsn*yMtf6yG"Q7*6L'6w6+7 dY}5G$dgN1~2{D7g XzRqu.]_dy;pωh9A_m @>"S0b':K9_׵~dckY75TJxe|ebjLچ &XmuTjVR+jZfCewjb1G~S5ÈXʖbeY ]_'nqOT(׮_ FP~d_O?`>F>&Px 4v\uKBfO"4JXaZ~A@欞 13$JÆ$+.cNgS6-{~yY,9@zY{tLL$Q~Lo sTNte =br`1/ ;]S?V*fOj`AB z.oMg GNZ=x6X"H]`(AL Z cMKA22=!> ?Ӯۙ4j@<µ4ZQmbۗ6 ~h?D1S} ]#u`TE#YÄ)#m ] 6Pzڿ#]bLѕxty!p:ua[ [klz=j9 qT %us XoNwD;$F)rij>AzU)_xƩz0iq5;ޟڍ刚ۮBݕgR{ ( 㚓- cѦ06UfFJ$pP%K2ވr s d1r}7vZзPԒ~sͬy#Ux[E'l/X ]0^ܴvN\0L!k4s9r758d̵eMt/"ŝz҉E֣S7R`Z!) sm:y 3|PD UNy7&:۽^ތ$k ?)`0WBM5 tN+9Tn" Sf,P4޴W'/|(I= ٺњQM[&#ZKTPmZ2QY,ihJSI'1-d]M&|2a܋(r 4E9~?f? m WO -_ }Z D3̒۸>A@NB%&zpi~ӸpMWlℨxlԡc7 GLX*sYrIа|&H<1m=|Oc8o9%7؜PYx/ HmqXF0Ԃ5_F7Kq gt{0# H!U(,~`8B[UVKYzvw=7,Wnϣ`Ћ޲D}QWټR,xԧ/ػRhbyjWqŀ#N+v4EŦcB4lN17]E+I1'o?Wddn/&B:QBa,!Td_gڨM[bW\l R*t;(AuMJlDewe>AG~nAe=c-V!JD=LUo&!((') @E4kiu:0ɺsNIbu]92 ʬ#~2 jq(#hLկ֙35V[fl,ec)Гy ~VUe5N`;BSjјoڊR RT{Ӄ;/ J]{h{`&:eظ,lvf>W?ioٿ+Ax|7)Ki6|05[z6 T(~RO#'*ش`ZJV˸ő.M'@ѯ4}q Il|6wK(?ܧ\7cgrFQ ަ=Bi&3c!ݲح TJѷ vK9x[oAրzhCZ='$0~`oj@!];>'jhÁ7$s2OMltOq²1˓:niqU5TS>WEu+(Yd_`Xѹ#zou 6s h wT?mkiGe=1ݑQ]MbGwylN1LT@I?F 4;g&9.DpfYٚ "]"!nDfLNjlV.FF KgOf#]qXAҗk)tR%g]ht,­KCP=PTI=պ*']U3QPwHs- KbA~˫,~4j@ ~Iy1CH? UOjs_h|sR^ 2w1'Q0Zo "YN-}\sVd @,3[Soy'v RAm_ZVɻZ>3$/d$]_YM 13.v&RRV/o^)TAɏa$O8lwl-H,2f?,q<H>cE0Y)9ʪhҰ9M3B;2/O%C#kMw*E\6Pk}3bUBs6efS$*uwmWNIرZ.X?Icu^Yȟm$BT4x]68epam **zV0!b5wN%Oo]д;fao$#}ai!b^dٓZ~o߇}.N=DF'\d0腬( L=!RH^ftM*QК? 6xȥ/g"4Ii+rpA"Lt`{u>iƿࣦٓ#P\j{pbYPtMZN`2MsC ~@!^e5W/%2ؐ0ğ:燀(4\2r֌Ezn匓 _a̭,!476hL.KsuansV^.Z^w+ մ4\U¥A[U%\iqXHn߂5jv@[paZjW#hh?k4k`lҌ80+(4 etw|&&7!D[gYqZmxj;U|rE~[r(U_o|*GBMW(&m慲R]#e9E!4%|c^  L=3 X]34O~1%taԧ=6eqm}Gp 9Tv'|oΤsDM*}ݥLF:oq[SPΏ̣fjOp$v&cBEґZ 9][ۊ@a* !1?.;5rea" *j^( C9}3U_{.+BbB?7VL{F#GmЉ'pXF=)Qw(K~M; _-La1pԅI&y#l!^]:ү*딨?_Y&d"HBKs]m=֞h^>*oB--BRڒʔx$x آ= $0~̦"'HLJR4_>;] u)J8LϖꔱٰVj5&A[s5XN%!^sv JgNݎe9Bp]$շ2-lj[+لN* 3m )FA,Oޔa|\s?ڥN-_]T~'n2r }lWjV./Z Lo7=+&\|L. M=6vN& ؄2] 3D@!Ux+B*T !nX4Lv؏S.W+=t^~&^\ؽKj:$K30d W[XW-w&έg[$5Xn4u*6[rOe*Jlxxƪ3.h -~%?y߲;%'' '0S! Xa4=ӒBlAg[hw+{:ɦ,ϐPC%Lq0p̣1ve/PzixC A>aHg3֭0ε^r ψ N ߛIP]=Rq)A/aeѢ\Dz%&4Z٪o88[դ_p="B!kC|(`` BF9mL4/5Z&;:Ԙt>UX/D7"|F]WݻckƬwm'AQZZY{ @-NWJ)"hq@ދOL}6 ;ҹ1kd ; x6UniN7`aU?.|kNvh̙Lڏ e Y4rG HEL+$*U)0J*]`jiM4sgߏW(XN2B!s&E̢wYWʘY ;$k/{jh9Sy8]_d" |Akq:b^>Tk&邚o@2k*=r'Hs}78 R7Lox+R>;B$Uɔ0)lt z(NZ;1tgŭ`I%GNj( ּGC=C2c`yz"6IQ#~But~'4.xN n Q:SFL|a^흊Jݷ yuPF*D%j(ar\O.8x>d.>|~=ļ5)V.蒊sGA uSWaԲ68^tSC 0$(u*{ Y70"%+Aw'M jp/esoG'?@9J.:lhNjL6oz멢(|'a8/#0*m9(rWX2gS>/`pD΅eBQVR0sp-u ~G ߿Œ,=B"1vG&YNoj,h(%U YЋ׫ T)DK_R+*t`-Y')Jo^zwԩmk֣K=e0'n{4Zn["0miT̍ȉM m #X+&mJTy0MPbʥ%v=/V宂ii)!㡌H7(1)F;B#nj( +;dۃCQ!H;nBT2)ʻ7AfJ'-2WO.PaAM{fK𣉇.&['dzQ(lGJL^(s}Ӧk_~V8ĮynZJ@)VilXCoPN=q!R2r.R+?-bSPG[h'5(ɣH"^Z$tSM%gRCj:"bDbsP Q)rCy]7hĕ-rɛBqi+IP}ܱHQ Mh:y\9s)iU}X߈(!*Ƴ~'<٭FDY݇>@9%-Ry\p?_Tp+(S824lXr?G/]Sq :%Q%n̜ܰ[e15:ÚG˱- 5UǶD8 -Ct"UNzJbkN N(FSҲWY3x "^ڰ䙏 KY?^D ~qȵ-9aG?R$~$E-&CՅpw=4up_am?8}̢z4a(kqQDNDetNخ^έ!;A_l_!NLRaEǞxRb`+UH!ROȪ<`lQZK"+ 2Ř~n(aRo2žREI}iS`vN^J*wBHaJE_>efGKb5!*s GЛn/vOSRMwglVgMt B=@P=b{Ls3 1bC2qdϗ0yڮ{e,ar O=BGb\'|lT~;!؁J|'Q8KCᬤ< T]l;*nKmw>b bzoaԨ8RmXC/WZxW3< uoȿSzx%f֪d"$Kp:;!~vPgHAa|m㌝>Ặ|9#<6u(h\ X3CL65۵x@Jz𬈉j|@eZGxkj]嫦l'^mR NWcDxg XD 8H/3֪A6">%e}5G%nLn۵):_ܻ%OՎEL(YzBH)0QK8E@mC"PCBG:83%XVse79'gR{jk&Ҳ@dDT-۸\k=tf he4M퀴">P;^yOd{H^ָWss]a.m0+w!8QR\TSہ9Kl! ͎t< 9@2caYbˇLZ@Ez\CmQ}^5Q0NP4fða֩0$.Zձ3.<1tv4|!n H8B2S0fW\.ϱ]st}h7b~)Hا*ىA=%[n`>ڲ4VZe`9^Oe/Z3DcOv Z声Ϥײ W:%hl\fcԠ쐶Қպ mh)O(8*yxDY4Z7ޛ]v1n/eR:bd,K!:}.JY~n+¥\N.@BР^7֜ __ ڬ۰7yߥixveﳿH,K݄Z8"S~W3!-nbe,RsgWnܬ:seNh.W3_1iTﭻ'=nGP~_h LGd}-D]ǃD8ps Bb7cwZ ʡCpa9sd5pD]eWh58wL,GPI<U ,,/AWwb/?$T^E@)E{8y ,v3XBg $Aq}ZɈg>Lݾ+i~&ErIZ:h~{.︐&lߪXJk7T#^T|:XY2BJ@jwXu\(OUJ0QŢ_IxF*l}`R9yu(Rx.pRN4eUMrlǒT[9L{(K 7wrׄ}5vJP3{IxR8~+"Mj[,IЕm3pj='#Jfb_:ZzY h8ړRrk _Yf' Mg,$:luxdm炈O!t@_m/RbncB [ ¤P"]m}!1G& *mKFء_Y{, }SV"Q%G7eʞ}8%.q̳!8Z|_ļ9R$R)p-pmj!m} 6MѴ|ԩS,Xa<<0L-70n G1eأo|jѧź˘OIe ''N/Lyr[D97ys` 8Y#aT&#i2|6^'ʟ>v.yaE>%JnB'|L{w/3j[?TQQ\^xـ!m}|K1eнX*ZEEPgiie٠$UW]ExS}1-}K=1 Ξפ>k1~hyguz;1vW&蟽ytβӲ#Ƥ~}&{N9'I<[ie{Aqd_`RvxRXEqrdC)>L[>˘p"oߗi}Y ngo*4͇C] i X3z璢Ŋ !LP..+/;Ϟэ۠t- Z:1@YPJ]hQkGGrdyu49-q$g(,C (|,{Ew?vXSMuz붔ff6XJEriv.\i"+n%sOB'r2[^4pRN:Q?@t^K tI W',&Xw#uG" T, 0uouV[PFd#w*S2]8>g' #PTDn9OT(`O!|E.*3dӁѣK[[81TY'LPq*nIdFS<\c5\1tu|4)džQ|6ɚgS{@ v£(|wKe&˭lNJ DBz30zq?*{I@{Ȟ,r¨)?I@:sí*2"Cn4ġԧVFrj2laS#}l+̲N(D7) ګ0\ a0mxh–\=Ciqv^ko(a8mӗ'Þ7ޫZOLi?sOve PydyQ kūzwwV46"Ɓ7wO˹:804;:2.ҳÀT!)HGE#l;0fǍ 8xUr!IkwO=w+mwmHTE.|$Y ҈nmp Mz]lFRfVJ7o )☤rM dž&o 2 `05Wjc=\f[}:O&oY؞fIQ' / KNY tmΙ[<8>VbjCNsLN.hF\n,Q y 8wQ}klUv`إCul 6gi@bo1y;oU|XcԪ%lDbrp+);qGj[ ]P tm\ R1hd;7R [3o]WBN>V H5̃;-sŪot1-hy%]eL$Ӣ="j3c?C t ٣7~ ]: lǫ20^Bfr1~c~٫14`Aüs \bӪU,)Z}h?鷺H͇w 3ܘgRǹK0\C^׺{ݯoW?=0K>fS‡TlTi=t/hHt%+Bovlʆ`jʏ=!ܜB+] e#7-q%DQi^/hM;+,aϿV7I8MCp#1YM4x$dQJ~ >>[X,K!gi6 j͞UiS;',_oIخcΧ4z|XQʘ./oyW}Pyhe-X߫:Tdcn<5dKtI ' @@0mB􎟁%lc1G K;c4ƍh>ਘU6bV2QQ.9S-08ʳo>*>#f}3]'tvi:p!PO2:Q$r qӖAAA t?=~sa&>^S:{-O Wh|%# H]MIn,4:oq- :GY+qU C9K@9we8!P"}9%-mx6&Q+4:}̼8Ưotr`v*%A(VX#FR"!8E'-uO'S 5tFlv'_iU!',1Y1ܬ;e)YOLk(/6Riwԃ1)q4ϔ&=7-H@ҍps8rRVaQb\҅>nWe\CKQj]]49y*_$e"K||lHͷa\o<{Rhy ̰ `(/v6y |02TNs9wrݴn\b"k%3NƾJG!оaE4UUoˣW>fM'fr]]gl9޽mgLGHz'9~Ԟ"U 9.2-we_u,/3 ]@c5U$ȣkG?49 wE?ܰv;&\Z̨.G$ j5"Uq&3x_(7l'BL> <@g\H'8?8ؖA^8Hy;Fz.T^hԱW[M:Xlx&gi8 *z^6 ^XAnD ;^,h),[we[gԏ ;V _ɌU:XcSȞ`* ^a ߛQ#ԚKriT'/L4>wKϺuęەL%˙v}n1+$YzWrkGa,?E9<]N# тFwz0]ISa M\Mɘ^%-xEz ,/HFVT&BPZWFu&(9u6S4,ϓ?ġc;w'16\fSG.!Z6ް1-Y_}4Ti־/`q/*g_z[NAH/*0Ig[Ɗ1\Gd^ sPeةj^eo{rjGH܍N%'&AIc#ӓQE6\iBZo'A=%GoɌ=a4SA:gԎ!'i/DwN~H>B˼Mf7ĉG[ԂX7\Xʤ}mS4q$G+'dn񋺌Ek+b( e ^WHMqLZEB\ǔ1?,4-8I~DnE/o0j ~]918 EBih+֬r}\uų aĂ[a'2qlQΟVl^N*[ ;:ueBO9mrMQt!yCw5ɜ``Y(2yj{ْZDKfs>ZZكRl=7\[UxwE xR/9AknⱪIg8X5 Ϝ-Zľ{\>2҃B ioWTJN~@5될qEiq6 $ LbrCbb?krL d]roܤxh}{zM^EY~\6'(t. `KYYzdn7ŗ"ǽcak-Q`IUE>3eOgGn {a=YW{~]r1wvR^ʔk

]>Z INx"[-vs1+׺Pˠ$xD!Γ#!D ^q&& MEA:c@#L\DM.8 Kp*Uc=8Jcet$*G4c#gOL %Oy)ľ G$צ2j0 :& EQhIbzanSȕ]8p3 }᧋agGzϽ,Y"7 wc5Uql/Cz~OUjlpf|a*ż08P(p@ 2mCܷx VENA >fh( <ɟ"JZ4ipg/@{dx3^ ^vRK⋄oRDhÒdJ-'υ2)-PMG}Z\C72Lzb]e2s~>(W",-x6N2 SbYׂz9=cUL/Fnqh1HZ\)@RʻԧRAI7GF<@0䅎5yWĨf/0J0͢66\pmY5P)DjNx_złZؐfftưbW_%T<{=#iy`d|4 J}V% =@Nrݹ-O/ph |w.r-P`Mǔ %+w+lE>ʟl',HnByi5\h,ʏqb<"qOPQv5ĺKY(Xu|BLhk8[\#;tW\kLʧ\;e**`]Ьh}WҜSBKǨ;޶:i٣"{Pfwc36l@A5*{d˩\a@"$rqu,8~}w*#_|I i;D}mEDI¨Z7jVQ~P9''LQ' @^kes_*#~Y>W\(v F|7:~7JkMgWMEyTsP<Rg7Nhwu d܅=!"=lf"ic@50XUވ?NWmfz H, |δ~]}Vr`i5؛?oHV4*!q|y C^ɤI6och. K5BTH_}BBwP~ɸZ2 ʂ:,rL[u?fᆜT96Xf| r׍s%ʇw +&o۳2-,21k+@/>3Ê#b E_8< *İ&b#ALs\K12߆࿣]d.>oyȌԽ]O9 u 5!r%5T@J>$yZ0w8=S'P@3eb;>f~\dt8B < amPzhHD;Ĥ5D'»Syxߌ_(={AÞMEd : 3Qz잹%l[|'-&iÀ_HE9fbr~O/?=כ@Vɹi#Ik|gSC^9]}nI8:iPE : +8[1RpJBu?$GHޙvHb޿}c|6{yae?x^NuÉN3Z mo#POɛqjdq{k;td?N J,@ v8BS-nX:!ܾ?FLU0w+>yjRLI:oĶpV>婱yOߣW:嗿1ʷ['j0[{G?)_8L& <m5Gu:~tD%6o6fFFNբÈ{35\ #>gҷ)0q4sʖC`^TSPIE}3IN"̟=WB&噊_!wօ]-Ɉ.5϶ׯ!+ 62j>[+G˿`tǔ>yY|Ƨ,Zk3cӔ"pwG (ieiF/ci؜g1'+Lϕ 3IRH#֐\[C 4ۢzcFt V؉\-1IoaqtT|1B<8'}5P}#z`ђg7.xul%CTzCfw<[0G1q;w;Nb8梬i U>xnwo`:ryKDm^<ľ4#_䚹" F@hoқIp45WS,QCa5#薍=C:5X<@;(FJ"czƕx Ce< x! Fؿ?uo^(Oebkg)'!!GZj'iZv(!e}h P#[)>%h(t\S'ǰ3Fyk1Z !Ɗy&*t:9N.K TkikJ*m2ԭ9~`{h[ 隋󇼌 1 %S-UYGƏ:l=6Lɑ+2Ejn`ѹWc#HL,ΧGP`M *@,Z =Wqylݵ#9y)Ð0/`-nr^"|VL54oQԉv$b& `Ca'dhƪ?:5h &㽢`WI&*5`}}H[#65U/Em≰ \Q}@骽KuDBVENuzo8$#"p)`1!ID ~,! {k;OYiL!]-`o $΋uVe|b4/Ez&4o)_$:E7 b0V?My)$-ſvs+D*rfjmV6>yKAE7+o>+?G:h#1u| ,oc`zRX\F DFĉ ΞʂbRo $olXkۘ;*G'Ն9\TA4qj5.OD[A_bO(PFZ:Syh,]c  VҘ$2<:+2AsI/hտ(Y <4@|j6 !q6qm0\[ܬRK)4"R>^q b9YmέQK%gܰ-x:m,mV}6fnKĦXM*pҝhn)Unz{lOR~.ތ- VF޾b} ޟ )L'v5 8T5(8fٽul-k*ZNqCb]d(a^dlJtb*\6tzNhnr?e+0ɜoKN~<pb75/y>(K8!Z\3nS̘>"G-Lvk<6 Ҩf:?dlnsŃvξDdl-j'`8j'ϓ|ٔruSQu3fT^`Kj/tgouכ#2A-9N{Rɕ6aW4xR,Sa~f t˭u^ FM]؊u~y)/[Hzi PB!0{f٣6άdZ٫JoML1`kXNdVl"T )ƍ41Uks5HG߀< 93jl(mdczPO3T+WF6Y[F,vm/$DΡ{Çz5wo{OSQ@~jwl!+낄?6B^￧ N& (W`';F% O:<(J6SX Ga%8ÍTX#  Z4CT15)ҙys Oqe7!O 9#Us?v.ʼnfɻJI#):\+C"H3?ҡS-C5Xss]5Z|1ґ|\TGۇ,'!:n4J'O~!̘f?hI0ՐD  ]FN X_dMAz# N'W}t P-:_*r$I/ׅOH{2̤+ΞVOǗ0s=tOO;E*==W:BމnWtܑlA-^"Tj80y4Jlh UeԂۄUq݉d,CXf1akVYC ɱt,ن@[]T41lhs, eOI!M9ܫI`4υ]C,CH+u"4(j"'gE?,؁(E%N9q xZrbbks.-&9yCDST58ӟX4.2QZ HTPKK2S>&VMkAU}N}`5މ7qY"1 3C>A9~@2 ZX K(P 'z3jk2~כs 0%⌆m&#Xךc^rs&|oaBCl@3cУu=6Xwǥ^۷%02vU'{>9i$}Ѫ)Kq$7;;=:Ŗyn_}y^X[crC$qLY_rH`2鰽[zseDJ!BSOwêN ]T5R9g u]/?\:{VufO&0 qQ}=_R]L1v0tze+Q*WS%bGHKOi3 9FrV(YVP63(uEtS:,"Ǵsa<`uOgŤ(uS|8G8vhF_fMI.:Rݝ­t;E}:.Wp?2;ifOwap N2} 1@;繪;Ru,ܱ tINvzAjj xAa.|Ò@Pq=ިerr%:/rc] =UyKH "/8e7ärܿK>ucTo\6k#Sfsne 肵+J, Ff?U7>26/sB\9tKdp+se{vAlN ŭ_ظO0`z5IŌ7[:;dJ6IfbrrYd*FX\LS} :I@ji]Kz]L901 TDn:47D%1PgR݇8W {R'g!/xTgPr vk #G:("+7kv=gO r[}%XN#ltHqc'xaIB* Qf[7A^/SC'8?{-jgt@. #XDZݨAb*:=k eH1SX5nyF>.sCA_NpF4yr9 ~gTx S 頋(#;h|JϜo/W3VK⮍ngaڂF.->{`dn۪Gb< i} &lb8 @i:K >C>?B_VIPBl郫65Jf86o{ CH?skEPsRϖ=l(&܃qpѢ[}'q%Krݱ5[ÂHͥ1Qō5ӲQ0APJ%ds0BR|x p?X~&w3Q<`WAOvEw tP(ʹSlwAͱdj[ Znd胠rYyoIȷxRO7,oi| {׿hZyE,>!M@rA 𰥃~ۖ4i|4f18)HnL:> yustL}u *3b;1b N_SMCDr7P|nim?B輡hH̺^ cf/q2#N:]~w}URjo y4.Ǖ[\,H N1K{ ֙¥6l[y: 䶱ox9ef/G Rf_hjc<]TNsk/ns Ķ\UC`,_B_󂅜|$a`!B.C5[d <,7F+ϯm !SXdx1`O&x\-(xfɦI\3 5_띴OƴCdN3euϏ{3X]vŴWP'Ɵ̌O4~ ~RUp2dV\w  B.f"J]y20unҢŏ[V]/! 3cl&_Udw\ Gm()9>~GF$ m TkѲ c%:>;l@`=QxI`_/p K&yaX!QG7jRf˭,i2-=㙏}֗q`6uZ$jL7T:Ն\`)_@eÊ`IڝtkZ35rL~@fyr~&]0ka51ҟ]I ǃAx 2D8#hq&~{ȯ#DDm\(Z/[eZQ熍+_uq`ũSrBc1Qd2 Ap\2ڍZGHS,@/O8sӋ}&\Kp8anuHBmNe-b8FMSѠi8o,2\dd)Jק3sNkZvzڙ:EKhrxA;2OsОjוFD3\T;^%ǰBM7p"HcLCӚ&續ʨ@;8s?lߩ:"lyF0cّ;-\C%,ja0^*f_%ԇOYB0Ӯ{DzYM+ r~X*z|V*sT0t%r25O&{L?m]ԓ4%&Ad W3[`*m(}M)KyEz "V}*3!0zPcXORo1[^@<"^()T gYQ3؅P2AT/iep5@ӺAߌȁ]2 w'LV^Rrxt;bɝ5'=o‹q4B;#?\ϥP3lVvOQf e;V3%PCfx3.k$5si;oK؎t]M6 x~h\1 &0$%&tؼ0:ȩW֢yIS^Mٺ!97l<(h^.=;8v*< y&;Fx &6tK8ZNoܤ8x&Phdo(r̈́>pl<4V+ޭun͆=$kO IuLN?/~* <*tC.Lp]#^#kWy405a"IUE*6̃!tRNStE)+ >HBlUΕEDdVAM<µjERu0~KI&c8?xTEm)Ң=eS<s,OsZ!% M{iBRE "خXtΎ1 /UeT/n5Vs3 BQI FѴ<ѨN"RN}*`5[O98[0/u7eI3 ]`}_EP$eDþJ1_0cbUkٮcZ' tڱgIO}a*[Ό^]#ȃ<,$]xr?^ tG!e@mpAK\JF4Mn%Uҕ :GB*k Q `96`덿A'F毋 5ISכX"PؑEr,&I$31N}+GC٣^5^p\2pej}ç#?Rؓ5C](>- 2.\یV >O{0w@>ʱj.ٷgMv",<& lq5hC(koqs$YhQwV+7p|5=qZ9z.kSD%^ 6jĽԺ2*<+a_zz TsIE.]7 U{{a#:TNnKY/'ѡ} ]H͵ǒAkSŮDk 0_Gd3h vQnNkQAtʄ0O7u=۠p1XVZ"g*[A q빟<!W}UC͵ɳUrq w3opOݙ~v&u_{jCEtz0= [;q(Uih a0T}Z2Ązo _RY2m&9L:Yw:݌$ KO`9ral f2_.u] ?g]l2v8{J13Լ< EIHL{u(V;&UvʃFI!ژ8j Q[pggNrMǙ[]}BXt^<2nye}^^̤>0ƥU+O(bx\fu_v |m"ľaNL O0{P~Qs'TPc mi)e~ ohYcG`ϵ+G C-&70VTkS]lc)aZTw`;oB3CߣT}䱗W4 \-R_A6څGrWDȥ* $%NC0L?oNXTn~Ρz#Ɉ.qG*l t5-`)%F^YuIYn݃nX^ khkxz kqNY?@{bAtڕ.fyNm2(tٚ,T3B*$uqgbTa'kz2QTl:&U>{J_˷̦wdKLzm5 \'jHdYIU+،2|}@t2ykmZdGXqQ٭,`I6ʹAM=9^F%料~&`csNd8vwp9up>xd[אBG}b,Ay3;Y5ZkcRtCʸ LJ1wTM/?=b'PtF:iG?`uH գmydoF?lsu5'g: o&XA>%]0M\pX)DGs87FzZ9pEtаePSN"f2" C D&aOHlQGԼ]êxH,)O=b{z$ҡ]Vv0q/AE^gI4jO.BK JmDUk(iah]xѾJ.gة/Si&{~s!V% 8jV0@f]j4;ҙ"Wlcr/V@?STD?6N?0`aQnܥ5S2f<Tɓs1:Z[ pSxI R:Kېb@L7ݽIyrC$^" YF_93>(aL4>}#iKZ=ndw333\.'O NS28n.Kz:XMCxzޚ% 'ҞCD/FW%,3`C[sd{A3Hۚ-(۶7rcĊ=o mEڻC]ܾ C.Yn" $@圉hq/K'FMͫLZS'{B6jyPC§}P hJ eGoH:0d.H{ssW/}Sӭ;ir}_%-W+9dC-0"#=1ZGIx3eB ܝE" 4 ʬKo46gpϿ]4 wudPJ ;t@S;7+4KnwP噵)w?ӣ #d(1t+[ldOx8ynQfE*VjtU;B |Wl)c Ft K[{DsRn'aڱ-q/! zm%c8!e(m }rϽ!/ ]y=QkGB;.P'\ _m%-CFvc K±˰=o ZA!ő%p3>(g`MFUff5yNO 1ZOpKESvenA,~Ѻ1ݘ Ӎ{&ВnzX =805#*3ch6=I:ȏG#H&\* [.ՙM:X-$m 'Β&߫XF|.ξ_(t&GCZ8{2 Pe!P.B=^q0]75t28sw̫+7ulоkĠrN'X noɱ!,SlH>shܪ>P$J0Zq2 D|"/ P0)*Jun9$0rA `}sUPFtLD'AaZiӍCwvQ<c Cx\%rI?qΑ~ 6{)}mЂ7zQ#)Dud'kl"UǏ3 eEdD~Yb PDϝZme'!B6eO{=|QxPO =9t|F'R'1d%nZg[c+4]j y1VC-jg)hmylI2yJ AtΎ)* <'}A.i0P `rU9O;W8L1cSct,">MLeWqÊ?YDe5)Vv\߰3ܚjL3b-KK>-B/VT4T)j_zå؃Ly#77K W ]Xs7ᅻ[XDcik(ft%ζbwU> V7TuXVFlY7dWOK?ruEs1g蚨d$*#f'd#qtUF rЇi 픳RT[n\= ! қp~f Mq)8*&FyRFЀ,MfSRCmL&{O Դ MhnC+ K;?7LyB^ڹ>;7n9)!ʁӦer G mx~ףT~O㢐T_rxj͈Xm zaHH"^1B0A@&LfAa֏nYaO-Ϥw򗊠mϒM8'^S"Na{ A{T8ܒ%/I|P}3~3}6AoQrNPiw5& 1;Bߙ␛ƮeQJ3޷*-xy2U%gs0g`Hm&Lk,ړ| vzwd\&MI{GR7=%s4e-d1Mw 0nsc h(7hcžf&9Jf>/No+GTl$[ykruhbJq۞LԻ4qם13‰Bۓ9'u;Q|XrHjrc7< ~~?:AfE IfLѽGivj,f'a_Lq4I +Fϯod]f3{sMHw6Xrbjg:d9>OTdE^]i"Ꞷ*H:@%~f2I3ԌU.N)&lQ i~vku)cC>o`Y狽cZ*{kOjAz[; qt51k "N@'w)K޹b+17ޞK [rF9%UzQKĺSviӮˀwf8 EB#g*zqvjKH؝kFplm-J q34O (#hevrnIFt<=ArqGOZ=I9\""Q1 mLšS$DOKgEG)m VϚʹ*6?"Dmp0sk(ʥAQOiL&G8X5[ÿ|\>cK/Rtua (|Qt}L_&rt}l^h [ǝ2$mՐx~k,W:ۨZe2ňykܱ2{41z%f;ÓNX$29jy E7 V#!x.d޿aE`^x x74וSh?YFt;m-EFV@AKe$VTr."Lj(c:>CrW|=wԬa;L,"mv]a?l֌Fw݋21yyV-Od&Tيx=0)+RRj1Zfí.d'rZZVkFp97cc<0_e߫k%9p,PbIyT.'덴=S ҃9k6ٰdZp,~TW -Jfui…Fq|sx63pH_Cm)QN+HCHpQQ~!Z$RJjUВニ΋gc Ձ^G:Φy\fW؎ )&˼^Յ=+ oHjw`BrJώlwGci2Y.ilGWteJ 9aXkKB|{@&sX"̿u ׁ%`;`K 5;IU/O1lɆ|=ca a,K97_ q:"8 qFK2\L<2զPq/Ά= SPKг`0T"Fz̑^&"1/⩥<lwfKX ef;}Qz HIj!RAt 럺kLw3П׃B.A[H&(,#YB w4dn$xpyB2s)Jz6Xo3G܂o)TRSǻ?a/$U}E.&ǹnyU~% wkAtI:"\?Svq8I5(6OZŋLr<^߰VI>AGr-ԣ`}H!*\ _kv=g O2Ϲ]l'5ZǞ ڻgeP_ԫ5=9X^NvhڣUErtem\, %GY[[TW )U+YYB=ӼGQQ h(7 [=q]9R 6'8J:`:>Feiwb)]o7=ps5{R2^`_Ke2=Xӈݐ;a8e3m>"Y[Cc$/hJ'm uА([Qi*.$,]G<|x6#}Ԫ@YL{oL}ȞaHhyꔱ9*{Qn?ڱx"lAmyB]h7?UOiI>qhYcH`lv&q;-Wlxa[ނ)0]2i=GM[`]:w1 `r_*N$DzuwaAn+^1wγ޼q1(&" 2%I& ]‰PKtY8lD !i XӨ@9T5uG1"MTfd)TS,i=h_5&J/3ʾbE?-"S:Htw{:uQmGR(kȐ/'E(hp"8]!d󒟤!$?LYB>yAvq2b0RJ:l+,ij͒\=!b'Paݳ.`&;U.՛%lh⥥=0#q~/m ] r-P@;hZx(#ӇPEaZ$ryum|h~f(930%XҤoPz"9dXԌOz[OڬJhF |}a:)`ᰍva+t^?E6vQMzNX-H,"f^GbufUā+=\bN4zre:KBM)Zn*H _0O[%p)UN@[0<]o%P1Dl,iyoJF7AF',}T"\1J()=zj঄;-S:? Co6HwGw8n(8zvog]m5yH d3j\\}%|*pDqߧKywOo,՟ }l[> f TZjyCard޵M%t?\[ҨC|9A7sqDl@ 0[#oW9^Q ALSWwC>F?TQaANEP1v+y)8‹C]K]G>ҀX]ykwT `8/DԟBȗeDi끮L mR^{OպmB?Xd8*wD' $ S-?oIEo`: R#).ABYDP  #Ͽ Wl{䴨I8f@KCNܢ7D1Q|62lcyT->fW >@-bbD^jf%kI8f}PqFèG@Uad%GkdJTɓܜH4@\5#֐˩o*ɗM:a篺KUQg?8Pۤ$3{4[[Ii_OqKG>DZd_镠9 jks㗨 ;hLs`z:]:m7ʳwr Rnmm>o_͔G1]dP83,^=޾&)B;Y.J^U^#(fb }:z2>6 .ax\A>!V#TGtF %2QuK Y2v4iC ( QթE(~WU1UpCa}6Yͬm#dzs^>!ϴ-MT{jr-xKCˆOM|Ijb9C l( @O/ t.zVYg[㓍T8akC֩*;H *f]#V_LS9MBn{%hDFl*BW41gؘ_#b?e/БԢMIgfc(|D#t,3EӗQG[>1)bQxЕ,aD%k۠d1v5A:Ncc%=H2OkyZ:4=_?2Fͫ7p<W'۰.cs8#Pd'lhz[xp$^G:hMROpv8!c=01D#1B͠gel B Exx#@/fDLy򈿑xZrB@Z3Ijs B,lI0-+<0ӃH|qŁyZ|lƴ5<0d#H4|89+&s._g<-w.ܪ~65!9pʅ V Գپ͸xz|6݊C8ιkzfo}ˈ硤$4\uCn.OP(AFдa&[hPПTo):<[NT6W؍pVE{GזɩC@M-Qhtz]C8MjA ~Z2滳NYr~ [Ҙpa;NƎ%}CG=ħgF1޹܁*%Z]*N>.e:%UxLX9/'P'Le74,25UnYǢˆx{OvAkqޢin*RꛍN"=Zjsޭ^e/KC30 #RqdEbZ-,eVS<-˳JW,2o?. IS򽤽n=yej26er5c2mT.ԑ'ޤ[W ^qzxA |G;Җ]IP=:tGv\TEY瘘xHO WFD鵯TlV|; S|̱4#9i=f[0{idњ&oYZ Upĭ/*Td'>`T0ۺ.6Ͻ\TkW 0̒XJxb=kQ|dI^S٨ctUܽA-✎Ec@5q>;-[f5$ckZWUFKF]w!PzIiB+ӳ`a߲aCfAw┭RVBjz摧~Z^p #҉;e|.u%S' Hl[d6 (F1d9Cz"D85CLD۟@LMJ%2$=hUbY[I ᇎH)nhdw:١'wDMe+A>E\.@_ ݰ,ѺK*§8q[|+[EQŦA3x=ATPVyVЕ">Ώo9G OM8=G#6LHc3""DWWm>V/Ę幐+pOʣZ }xj&$@+I-, =SVhYӨAsϳ}d~rL^K+EX91NE/q~msf'xZ[opP+rădvP][4LI %m0t6vF)c NMog.DWXۃԻ)A<PrGVvS k5# ޼&$OQI~(znT;M;N@1 boœqo=z\h[Vl XC[!WdnVG^C[p1[m~Dr픆VL-Wqm5ZwжPZ-CL v+ٌWLo8Z): %bA7oB0$mָ-4g_ {R1. _bzFU1/}ۍ‘}2Q&fՉLy >b/t-tڋuXlUmSalG^ [`\¤B}`!;I}"nR?AŒ kP=F^G5.=I,?`{4s곟4UгOk}D5}9X"QM gcF35oTMz'&o .EX4v IF=«uí8랭ca^0Nރ-B5G~XkyMgTޕ̡_#W5h Әdd'^/Z;9~;G\UCXrǪUŬu4>?O9๙yC:'Om9Gd<ҕ>jCz BoZT"ܔWX sȮ:djRvo& n*s90ٝMw1}av{k;Փ!׿ =BVl0%WDaNcx$2m}< 9Ʉlv>,%Ǿ`ڽǃ{8Tzߋz7h'Q~X!G,@ 1,b9^W +EVZtwãt6 _cP/|#~j%ui2]Ic*J<_[ pczg/R;> 6~!i6,~SdN{jZi#5"9M='nMyS>],ꑑ7e4y7+\02KAZ7U#5 gf=(N~pK6Zwl,HTUcOB։iRxm>Q (KHɪje'̺lU\IϑZpoɕ9;,LoK3cB3q^/sL\ZQu=05pwg_zF;%\r&d-Oj$|yqx˗9P }XǓ'+u1'Y4 R,K7l/C'F⊎=p#u"²`;AC;\3L (^`gxQֲt0? S«սM8ρ^4@QK|/01j\AS6l/R[7Z2( aXŠ6#T|[TdXh٭+ 3XKqS)li !5?-avf̦퍛?71u!O O Ռ8 ϨD62NjB(A[#V!G9.4dhNbnohJ,H8`q! ҄_vɥupxg Mu}*rWQ_3j٫(e:JV]p{:7 'Qy<2bZs$ѡPe7 #&H`Kf*1q=*.RüQ$uI!ՠ`[?IevYnBRR<˞TmdT*BV=%-;-t]ʡ$ʥo { -R=캸CF0xPd%kxf-[Fx NE S> |(|݃"`LA yF ߄+y<9 tj1n$#hziO3:Aa CRCA]8O$ҳ+sڠvr!j/f6;.!$7`?G`DP:YRFjy0`@g9b_[;:Ebp sQ=DlA M ]3Z,Y*ph{ON島qnv} fzP `^`о4/6XWy]fBcgd/e ufYMR+)E}s4\AQ}-14JjWXF0̿mn ȥF.7Aԧp.R88b/i[/<i=+w}zb3f7O - &H 9esx!SrKQ&NO@'u2z+euhAƼLʾZa:ԎU" ḽ#wSK|M}ʮ" H뾉NhAzB? F>2HAhk0q^g ^P.K;YTL Q97&$܍ qz⻣"Grr:I|3j $c90pgqQ[VA1~8өtIC+05E| wcv#TF 翚5a9DpI;*K] IU4PUMS-ҧP5{=xLj?w oKߣվJ 3i˽иm=6pQzE?bUyt^IL'TaJ@`j 1X#H/+ւ#H{瀤|K=\"S^U=U(쟝~#T,!^kPq@-─ +"@Ry6 E}on7"nk vmc&aRkM  DY'*5/Biƒ&Bte/=m9ɭS$Ҡאb,^!M(Įk#̈ 'WzäZ:03j32o|P!U/íƿMv*,gy7Dl^}B OG&ۄSe*'*okT#! EF\l/VJVUKvw&hL4zZ҂NuK˧8..WzbOT#ٻ`]8|:a,Uj YuкTGc)>WcoE;'otnJ'VYǐ|scEGvE?P=tgIt?ٱ^ଢ{ϝ]$7-A`" qfԠ \GB7j!N;, ͭ6fBʨt?X uF,|B/R*)13"=fG.* Q6;fNer$ ڱ*;6o\Bc4w2Czc)nR]M#'z6 2/7)ҸٸNtJ|rM=\_Ty7+M|O.T!x/Ij1q^2W~5dz4eGSO5u6_l;SKS)ָuNP[H2s4-Ft3w49w])ɈsB?e=jނ.rSBxK8ҙxWJoyfNjҰ\Px֞-zl?Y:2Q*!|dc%,b4N~%YosFGԋ(z)Sܨu`޼ݹ=>eӝM1ٔz+Z!+ 4@w],]Wy⋿Z1MgXŪ<ӛdj_’-m9ϛ/AWێm_.0>]S;r*yu Y*m y£[B-uLu{L'zlK6=f/;#>NU9x;p:r۠)$^\1CVQT㸣Ez\Gpj٪d&Ż3B.ן:kJQaعJPlέBm-pz~V+][\y>%0H q`ٓ3k]F_"&} %39VN*"8u<+M3or0-_{(\x=%qbQ_];e|Z!< s?22RoOoĉaW;,UbP3;})l9~[TsjeFQ,&[*ALuOmKkKXw\ӰӧsI*v lg".EzI9KʵXoUm%Z-rH_#Uj~XnI_#ߌh]#I ywLEݾuA);,w 3 c >Fڽ4)-LFԨXI,e.X( iKlvj 2\ D5f5F>I#-LJY>r41ᩞ@NI'W̯OZ¤h5r}Lk#޸r>6ۮ ?wdu;uuyZd.n%#Y6$q'U"A "Ufv^!j;܄d(R0ᇬ)&)V7@؂M+w$h?pZ;y #sD5KԟKAs<ɏfedW.80v Y(T]16Ld ! 6 g@it0DHPNvH ކkgJ1|?ts0²xײVyR-W_"#s)^!n&u>`a|" ?5@."hJnM?)S_5Ùh{;Bۣ! #6/ыgW;E <~N!ri4I){R>%t}`g'4kTÕ_:C0Cd*Vu#&++?vv-t~M㿣_? _Q^ ڥMXH.Mm+o/]cuF*Z7IBSI_C,(Pұ10U7\@4k51A,DAl}BC@Uq\r O2.| Ha+xb[#ʸs`oXyc89)jĠy! 2s.|q9AY3@ ae<'XķȚ7XPrl'ȡ⍾0”)XBSW9>ieH.᰿S([Av&QxPQw􎴊'j&/(5pZ䶕tGZo }ep𸝡{&9enli(IUE"6IeYM;$!p pfZR%fM)?̽ht@a-R> bmYgGZcsgdñQI$Y %xIRJ.KDyăߖv=\(:W?he~HAK*nsit$u}9=yry-21(Gj0{4 B5Rf@;T<q$,B]tX_s㤗0@vxe 1ߌBk6,h~3u^*>'̙-ql-}USFgzһy7Χ} 3BUJqDM:D:vhDҌxT1ev}w2e&B:n;y&uꟿ7ƏШǔRyuT&:kiNݽz nP^E~h.AK숈D{``OqAyJwVY1*[ubۤ5 '6 gsb* "qrpL IbKh7;_H4ͱbHWj1G3MH>q$3ԢsA9t?[G. Iq\r.ZЃyHw7*> d~zvl4:\ ~b_W/Kx؍HRILq`5/Z@vwl5E687[MLR1i_p Hݓ/սN 0iUuY/4bI q v)OҭCc۶?\I> LH4K5,I\F)[eQ[/v& h)**u]x3&*ǚu`љV`h*]oλ^ʶSޱz|Lp2k,ՌcJ{㓪wհcK3NŘk#.ђECI׍% E QvBw=OfWxu-t'wj;