mod_ldap-2.4.37-65.module+el8.10.0+1840+b070a976.1 > 6 6_6 3!pQp)Tξ7]mtZ`fY ]mtZ`_@lyqh|3=hmkHoLz2z,3':gSğUU6@*Svqw#2o$\HϡREEf8Y\U7"ߙA'>^ &RѰN1gS^y8mOjUG2 |27h s_Ip|vYz }m[Ng*KPyc8iRy\,e T+ %x+C5V3=E9Kl;^kA+~Y #ԨHk@61f9=NIG(N_;yTns34by40 $Gh^ hn/YjliMoՄ3ڔ<6>-QoK%wv5'#ɔRA/e #r˓ӒqP\$h%̹[bTjeOE4#9`9ie᭏uݪX#|y.Hr{fgާ#jOOqp#*]e`,f.nm51oR>79U ]"ݝN*Yעz)\Jf6G3\h$c?DhfpNIo-RAmp!ujhUƎF&*uӸ.c:M'x>p=?d  5 l  =Xrx     2Px(8 9 :7 GLHdI|XY\](^bdEeJfMlOthuvwxyDHNCmod_ldap2.4.3765.module+el8.10.0+1840+b070a976.1LDAP authentication modules for the Apache HTTP ServerThe mod_ldap and mod_authnz_ldap modules add support for LDAP authentication to the Apache HTTP Server.fJord1-prod-a64build001.svc.aws.rockylinux.org"KojiRockyASL 2.0infrastructure@rockylinux.orgSystem Environment/Daemonshttps://httpd.apache.org/linuxaarch646/Af|fGfFfFfFfFcbbbdd396fe056e8ab167abd7b2cb5145b42210bfea38452968ff02a03493fc8fc69f8ed77ea14a3baa0ef2046702e0992d3c68809d59e30455e7246d07630cfff56b81be33c6e7c089e0f3ec994d174d831f83cba57fed00c3dbd857c580b1d../../../../usr/lib64/httpd/modules/mod_authnz_ldap.so../../../../usr/lib64/httpd/modules/mod_ldap.sorootrootrootrootrootrootrootrootrootrootrootroothttpd-2.4.37-65.module+el8.10.0+1840+b070a976.1.src.rpmconfig(mod_ldap)mod_ldapmod_ldap(aarch-64)@@@@@@@    @apr-util-ldapconfig(mod_ldap)httpdhttpd-mmnld-linux-aarch64.so.1()(64bit)ld-linux-aarch64.so.1(GLIBC_2.17)(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)liblber-2.4.so.2()(64bit)libldap_r-2.4.so.2()(64bit)libpthread.so.0()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)2.4.37-65.module+el8.10.0+1840+b070a976.10:2.4.37-65.module+el8.10.0+1840+b070a976.120120211aarch643.0.4-14.6.0-14.0-15.2-14.14.3f@fieN@e̫@d d\@d!d-@d-@d-@doMdJcdcck@cck@c(Ybޅbb2@b8haNaaaawaU`:@`f@`@`@_м@__@_:_^b^(@^@^]]@]߶]҇]@]g@]-@]]@\7\Z@\Yz\T4\\U@[@[[[@[H[u[[[ā@[ā@[ā@[@[@["@[YZ@Z@Z@Yp@Y{Y@Y@YéYéYéYéYX@YYYYx@Ym@YlYf@Ycl@YV=@YGY5GY@YXۡXP@X @X@XwoX[@X[@XEVX)@X@WW~D@W~D@W~D@WKW@VVVVn@VhV.VCV@UK@U@Ua@UF@UQUQTp@T=@T@T @TT_Tk@Tk@S0S@SGS@SS/SS@SSS"@SS5d@S4S&Sz@Sz@S(S@R@RRG@R@R@RsRrF@Ri Re@RVQ@QQޞ@QQo@Q@QQV@Q@Qo@Qm=@QQQ,Q,Q']QP @P6@P6@P{@PPl(PiPiPiPiPYPQPIP3x@P3x@PPO@OO@O@OЗOЗOF@OF@OF@O]@O"O"O@O@O@O@O@O@OOOOOOleOleO_6O_6O_6OU@O8@O8@O5OKO@ONNS@N{#@NoENdNBrN)f@N&@N@N MM>MMn1@MdMRMF@M(QM$]@M$]@M# L@L@LLMxL7@K@Luboš Uhliarik - 2.4.37-65.1Luboš Uhliarik - 2.4.37-65Joe Orton - 2.4.37-64Joe Orton - 2.4.37-63Johnny Hughes - 2.4.37-62Luboš Uhliarik - 2.4.37-62Tomas Korbar - 2.4.37-61Tomas Korbar - 2.4.37-60Tomas Korbar - 2.4.37-59Tomas Korbar - 2.4.37-58Luboš Uhliarik - 2.4.37-57Luboš Uhliarik - 2.4.37-56.5Luboš Uhliarik - 2.4.37-56.4Luboš Uhliarik - 2.4.37-56Luboš Uhliarik - 2.4.37-55Luboš Uhliarik - 2.4.37-54Luboš Uhliarik - 2.4.37-53Tomas Korbar - 2.4.37-52Luboš Uhliarik - 2.4.37-51Luboš Uhliarik - 2.4.37-50Luboš Uhliarik - 2.4.37-49Luboš Uhliarik - 2.4.37-48Luboš Uhliarik - 2.4.37-47Luboš Uhliarik - 2.4.37-46Luboš Uhliarik - 2.4.37-45Luboš Uhliarik - 2.4.37-44Luboš Uhliarik - 2.4.37-43Luboš Uhliarik - 2.4.37-42Luboš Uhliarik - 2.4.37-41Lubos Uhliarik - 2.4.37-40Artem Egorenkov - 2.4.37-39Lubos Uhliarik - 2.4.37-38Lubos Uhliarik - 2.4.37-37Lubos Uhliarik - 2.4.37-36Lubos Uhliarik - 2.4.37-35Lubos Uhliarik - 2.4.37-33Lubos Uhliarik - 2.4.37-31Joe Orton - 2.4.37-30Lubos Uhliarik - 2.4.37-29Lubos Uhliarik - 2.4.37-28Lubos Uhliarik - 2.4.37-27Lubos Uhliarik - 2.4.37-21Lubos Uhliarik - 2.4.37-20Joe Orton - 2.4.37-19Lubos Uhliarik - 2.4.37-18Lubos Uhliarik - 2.4.37-17Lubos Uhliarik - 2.4.37-16Lubos Uhliarik - 2.4.37-15Lubos Uhliarik - 2.4.37-14Lubos Uhliarik - 2.4.37-13Lubos Uhliarik - 2.4.37-11Lubos Uhliarik - 2.4.37-10Lubos Uhliarik - 2.4.37-9Joe Orton - 2.4.37-8Joe Orton - 2.4.37-7Joe Orton - 2.4.37-6Luboš Uhliarik - 2.4.37-5Luboš Uhliarik - 2.4.37-4Luboš Uhliarik - 2.4.37-3Joe Orton - 2.4.37-2Lubos Uhliarik - 2.4.37-1Luboš Uhliarik - 2.4.35-10Lubos Uhliarik - 2.4.35-9Joe Orton - 2.4.35-7Joe Orton - 2.4.35-5Lubos Uhliarik - 2.4.35-4Lubos Uhliarik - 2.4.35-3Lubos Uhliarik - 2.4.35-2Lubos Uhliarik - 2.4.35-1Lubos Uhliarik - 2.4.33-4Joe Orton - 2.4.33-3Luboš Uhliarik - 2.4.33-2Joe Orton - 2.4.28-8Luboš Uhliarik - 2.4.28-2Luboš Uhliarik - 2.4.28-1Joe Orton - 2.4.27-14Joe Orton - 2.4.27-13Joe Orton - 2.4.27-12Stephen Gallagher - 2.4.27-11Jeroen van Meeuwen - 2.4.27-10Joe Orton - 2.4.27-9Jeroen van Meeuwen - 2.4.27-8Stephen Gallagher - 2.4.27-8.1Joe Orton - 2.4.27-8.1Joe Orton - 2.4.27-7Fedora Release Engineering - 2.4.27-6Fedora Release Engineering - 2.4.27-5Joe Orton - 2.4.27-4Joe Orton - 2.4.27-3Luboš Uhliarik - 2.4.27-2Luboš Uhliarik - 2.4.27-1Joe Orton - 2.4.26-2Luboš Uhliarik - 2.4.26-1Joe Orton - 2.4.25-10Joe Orton - 2.4.25-9Joe Orton - 2.4.25-8Luboš Uhliarik - 2.4.25-7Luboš Uhliarik - 2.4.25-6Joe Orton - 2.4.25-5Fedora Release Engineering - 2.4.25-4Joe Orton - 2.4.25-3Luboš Uhliarik - 2.4.25-2Luboš Uhliarik - 2.4.25-1Luboš Uhliarik - 2.4.23-7Joe Orton - 2.4.23-6Joe Orton - 2.4.23-5Joe Orton - 2.4.23-4Joe Orton - 2.4.23-3Joe Orton - 2.4.23-2Joe Orton - 2.4.23-1Joe Orton - 2.4.18-6Joe Orton - 2.4.18-5Joe Orton - 2.4.18-4Joe Orton - 2.4.18-3Fedora Release Engineering - 2.4.18-2Jan Kaluza - 2.4.18-1Joe Orton - 2.4.17-4Jan Kaluza - 2.4.17-3Jan Kaluza - 2.4.17-2Joe Orton - 2.4.17-1Jan Kaluza - 2.4.12-4Joe Orton - 2.4.12-3Fedora Release Engineering - 2.4.12-2Jan Kaluza - 2.4.12-1Jan Kaluza - 2.4.10-17Jan Kaluza - 2.4.10-16Jan Kaluza - 2.4.10-15Joe Orton - 2.4.10-14Jan Kaluza - 2.4.10-13Jan Kaluza - 2.4.10-12Jan Kaluza - 2.4.10-11Jan Kaluza - 2.4.10-10Joe Orton - 2.4.10-9Joe Orton - 2.4.10-8Jan Kaluza - 2.4.10-7Joe Orton - 2.4.10-6Fedora Release Engineering - 2.4.10-5Jan Kaluza - 2.4.10-4Jan Kaluza - 2.4.10-3Joe Orton - 2.4.10-2Joe Orton - 2.4.10-1Jan Kaluza - 2.4.9-8Jan Kaluza - 2.4.9-7Jan Kaluza - 2.4.9-6Joe Orton - 2.4.9-5Fedora Release Engineering - 2.4.9-4Jan Kaluza - 2.4.9-3Jan Kaluza - 2.4.9-2Jan Kaluza - 2.4.9-1Joe Orton - 2.4.7-6Stephen Gallagher 2.4.7-5Jan Kaluza - 2.4.7-4Jan Kaluza - 2.4.7-3Joe Orton - 2.4.7-2Joe Orton - 2.4.7-1Joe Orton - 2.4.6-10Joe Orton - 2.4.6-9Joe Orton - 2.4.6-8Jan Kaluza - 2.4.6-7Joe Orton - 2.4.6-6Jan kaluza - 2.4.6-5Joe Orton - 2.4.6-4Jan Kaluza - 2.4.6-3Jan Kaluza - 2.4.6-2Joe Orton - 2.4.6-1Jan Kaluza - 2.4.4-12Joe Orton - 2.4.4-11Joe Orton - 2.4.4-10Joe Orton - 2.4.4-9Jan Kaluza - 2.4.4-8Jan Kaluza - 2.4.4-7Jan Kaluza - 2.4.4-6Jan Kaluza - 2.4.4-5Jan Kaluza - 2.4.4-4Jan Kaluza - 2.4.4-3Joe Orton - 2.4.4-2Joe Orton - 2.4.4-1Joe Orton - 2.4.3-17Fedora Release Engineering - 2.4.3-16Joe Orton - 2.4.3-15Joe Orton - 2.4.3-14Joe Orton - 2.4.3-13Joe Orton - 2.4.3-12Joe Orton - 2.4.3-11Joe Orton - 2.4.3-10Joe Orton - 2.4.3-9Joe Orton - 2.4.3-8Joe Orton - 2.4.3-7Jan Kaluza - 2.4.3-6Joe Orton - 2.4.3-5Joe Orton - 2.4.3-4Jan Kaluza - 2.4.3-3Joe Orton - 2.4.3-2Joe Orton - 2.4.3-1Joe Orton - 2.4.2-23Fedora Release Engineering - 2.4.2-22Joe Orton - 2.4.2-21Joe Orton - 2.4.2-20Joe Orton - 2.4.2-19Joe Orton - 2.4.2-18Joe Orton - 2.4.2-17Joe Orton - 2.4.2-16Joe Orton - 2.4.2-15Joe Orton - 2.4.2-14Joe Orton - 2.4.2-13Joe Orton - 2.4.2-12Joe Orton - 2.4.2-11Joe Orton - 2.4.2-10Joe Orton - 2.4.2-9Joe Orton - 2.4.2-8Joe Orton - 2.4.2-7Joe Orton - 2.4.2-6Joe Orton - 2.4.2-5Joe Orton - 2.4.2-4Joe Orton - 2.4.2-3Joe Orton - 2.4.2-2Jan Kaluza - 2.4.2-1Joe Orton - 2.4.1-6Joe Orton - 2.4.1-5Joe Orton - 2.4.1-4Joe Orton - 2.4.1-3Joe Orton - 2.4.1-2Joe Orton - 2.4.1-1Joe Orton - 2.2.22-2Joe Orton - 2.2.22-1Petr Pisar - 2.2.21-8Jan Kaluza - 2.2.21-7Joe Orton - 2.2.21-6Fedora Release Engineering - 2.2.21-5Jan Kaluza - 2.2.21-4Jan Kaluza - 2.2.21-3Ville Skyttä - 2.2.21-2Joe Orton - 2.2.21-1Joe Orton - 2.2.20-1Jan Kaluza - 2.2.19-5Iain Arnell 1:2.2.19-4Jan Kaluza - 2.2.19-3Jan Kaluza - 2.2.19-2Joe Orton - 2.2.19-1Joe Orton - 2.2.17-13Joe Orton - 2.2.17-12Joe Orton - 2.2.17-11Joe Orton - 2.2.17-10Joe Orton - 2.2.17-9Fedora Release Engineering - 2.2.17-8Joe Orton - 2.2.17-7Joe Orton - 2.2.17-6Joe Orton - 2.2.17-5Joe Orton - 2.2.17-4Joe Orton - 2.2.17-3Joe Orton - 2.2.17-2Joe Orton - 2.2.17-1Joe Orton - 2.2.16-2Joe Orton - 2.2.16-1Joe Orton - 2.2.15-3Robert Scheck - 2.2.15-1- Resolves: RHEL-45812 - httpd:2.4/httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474) - Resolves: RHEL-45785 - httpd:2.4/httpd: Encoding problem in mod_proxy (CVE-2024-38473) - Resolves: RHEL-45777 - httpd:2.4/httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475) - Resolves: RHEL-45758 - httpd:2.4/httpd: null pointer dereference in mod_proxy (CVE-2024-38477) - Resolves: RHEL-45743 - httpd:2.4/httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)- Resolves: RHEL-31857 - httpd:2.4/httpd: HTTP response splitting (CVE-2023-38709)- Resolves: RHEL-14448 - httpd: mod_macro: out-of-bounds read vulnerability (CVE-2023-31122)- mod_xml2enc: fix media type handling Resolves: RHEL-14321- change for CentOS Stream Branding- Resolves: #2221083 - Apache Bug 57087: mod_proxy_fcgi doesn't send cgi CONTENT_LENGTH variable when the client request used Transfer-Encoding:chunked- Fix issue found by covscan - Related: #2159603- Another rebuild because of mistake in workflow - Related: #2159603- Rebuild because of mistake in workflow - Related: #2159603- Resolves: #2159603 - mod_status lists BusyWorkers IdleWorkers keys twice- Resolves: #2176723 - CVE-2023-27522 httpd:2.4/httpd: mod_proxy_uwsgi HTTP response splitting- Resolves: #2190133 - mod_rewrite regression with CVE-2023-25690- Resolves: #2177748 - CVE-2023-25690 httpd:2.4/httpd: HTTP request splitting with mod_rewrite and mod_proxy- Resolves: #2162499 - CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write of zero byte - Resolves: #2162485 - CVE-2022-37436 httpd: mod_proxy: HTTP response splitting - Resolves: #2162509 - CVE-2022-36760 httpd: mod_proxy_ajp: Possible request smuggling- Resolves: #2155961 - prevent sscg creating /dhparams.pem- Resolves: #2095650 - Dependency from mod_http2 on httpd broken- Resolves: #2050888 - httpd with SSL fails to start unless hostname command was installed- Add the SNI support in mod_proxy_wstunnel module for Apache httpd - Resolves: rhbz#2017543- Resolves: #2097015 - CVE-2022-28614 httpd:2.4/httpd: out-of-bounds read via ap_rwrite() - Resolves: #2097031 - CVE-2022-28615 httpd:2.4/httpd: out-of-bounds read in ap_strcmp_match() - Resolves: #2097458 - CVE-2022-30522 httpd:2.4/httpd: mod_sed: DoS vulnerability - Resolves: #2097480 - CVE-2022-30556 httpd:2.4/httpd: mod_lua: Information disclosure with websockets - Resolves: #2098247 - CVE-2022-31813 httpd:2.4/httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism - Resolves: #2097451 - CVE-2022-29404 httpd:2.4/httpd: mod_lua: DoS in r:parsebody - Resolves: #2096997 - CVE-2022-26377 httpd:2.4/httpd: mod_proxy_ajp: Possible request smuggling- Resolves: #2065237 - CVE-2022-22719 httpd:2.4/httpd: mod_lua: Use of uninitialized value of in r:parsebody - Resolves: #2065267 - CVE-2022-22721 httpd:2.4/httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody - Resolves: #2065324 - CVE-2022-23943 httpd:2.4/httpd: mod_sed: Read/write beyond bounds- Resolves: #2090848 - CVE-2020-13950 httpd:2.4/httpd: mod_proxy NULL pointer dereference- Resolves: #2065249 - CVE-2022-22720 httpd:2.4/httpd: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier- Resolves: #2035030 - CVE-2021-44224 httpd:2.4/httpd: possible NULL dereference or SSRF in forward proxy configurations- Resolves: #2035063 - CVE-2021-44790 httpd:2.4/httpd: mod_lua: possible buffer overflow when parsing multipart content- Resolves: #2007199 - CVE-2021-36160 httpd:2.4/httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path - Resolves: #1972491 - CVE-2021-33193 httpd:2.4/mod_http2: Request splitting via HTTP/2 method injection and mod_proxy- Resolves: #1968278 - CVE-2020-35452 httpd:2.4/httpd: Single zero byte stack overflow in mod_auth_digest - Resolves: #2001046 - Apache httpd OOME with mod_dav in RHEL 8 - Resolves: #2005128 (CVE-2021-34798) - CVE-2021-34798 httpd: NULL pointer dereference via malformed requests - Resolves: #1984828 - mod_proxy_hcheck piles up health checks leading to high memory consumption - Resolves: #2005119 - CVE-2021-39275 httpd: out-of-bounds write in ap_escape_quotes() via malicious input- Related: #2007236 - CVE-2021-40438 httpd:2.4/httpd: mod_proxy: SSRF via a crafted request uri-path- Resolves: #2007236 - CVE-2021-40438 httpd:2.4/httpd: mod_proxy: SSRF via a crafted request uri-path - Resolves: #1969229 - CVE-2021-26691 httpd:2.4/httpd: Heap overflow in mod_session- Resolves: #1680111 - httpd sends reply to HTTPS GET using two TLS records - Resolves: #1905613 - mod_ssl does not like valid certificate chain - Resolves: #1935742 - [RFE] backport samesite/httponly/secure flags for usertrack - Resolves: #1972500 - CVE-2021-30641 httpd:2.4/httpd: MergeSlashes regression - Resolves: #1968307 - CVE-2021-26690 httpd:2.4/httpd: mod_session NULL pointer dereference in parser - Resolves: #1934741 - Apache trademark update - new logo- Resolves: #1952557 - mod_proxy_wstunnel.html is a malformed XML - Resolves: #1937334 - SSLProtocol with based virtual hosts- prevent htcacheclean from while break when first file processed- Resolves: #1918741 - Thousands of /tmp/modproxy.tmp.* files created by apache- Resolves: #1883648 - [RFE] Update httpd directive SSLProxyMachineCertificateFile to be able to handle certs without matching private key- Resolves: #1896176 - [RFE] ProxyWebsocketIdleTimeout from httpd mod_proxy_wstunnel - Resolves: #1847585 - mod_ldap: High CPU usage at apr_ldap_rebind_remove()- Resolves: #1651376 - centralizing default index.html for httpd- Resolves: #1868608 - Intermittent Segfault in Apache httpd due to pool concurrency issues - Resolves: #1861380 - httpd/mod_proxy_http/mod_ssl aborted when sending a client cert to backend server - Resolves: #1680118 - unorderly connection close when client attempts renegotiation- Resolves: #1677590 - CVE-2018-17199 httpd:2.4/httpd: mod_session_cookie does not respect expiry time - Resolves: #1869075 - CVE-2020-11984 httpd:2.4/httpd: mod_proxy_uswgi buffer overflow - Resolves: #1872828 - httpd: typo in htpasswd, contained in httpd-tools package - Resolves: #1869576 - httpd : mod_proxy should allow to specify Proxy-Authorization in ProxyRemote directive - Resolves: #1875844 - mod_cgid takes CGIDScriptTimeout x 2 seconds for timeout - Resolves: #1891829 - mod_proxy_hcheck Doesn't perform checks when in a balancer- Resolves: #1209162 - support logging to journald from CustomLog- Resolves: #1823263 (CVE-2020-1934) - CVE-2020-1934 httpd: mod_proxy_ftp use of uninitialized value- Related: #1771847 - BalancerMember ping parameter for mod_proxy_http doesn't work- Resolves: #1823259 - CVE-2020-1927 httpd:2.4/httpd: mod_rewrite configurations vulnerable to open redirect - Resolves: #1747284 - CVE-2019-10098 httpd:2.4/httpd: mod_rewrite potential open redirect - Resolves: #1747281 - CVE-2019-10092 httpd:2.4/httpd: limited cross-site scripting in mod_proxy error page - Resolves: #1747291 - CVE-2019-10097 httpd:2.4/httpd: null-pointer dereference in mod_remoteip - Resolves: #1771847 - BalancerMember ping parameter for mod_proxy_http doesn't work - Resolves: #1794728 - Backport of SessionExpiryUpdateInterval directive- Resolves: #1775158 - POST request with TLS 1.3 PHA client auth fails: Re-negotiation handshake failed: Client certificate missing- Resolves: #1704317 - Add support for SSLKEYLOGFILE- mod_cgid: enable fd passing (#1633224)- Resolves: #1744121 - Unexpected OCSP in proxy SSL connection - Resolves: #1725031 - htpasswd: support SHA-x passwords for FIPS compatibility - Resolves: #1633224 - mod_cgid logging issues- remove bundled mod_md module - Related: #1747898 - add mod_md package- Resolves: #1744999 - CVE-2019-9511 httpd:2.4/mod_http2: HTTP/2: large amount of data request leads to denial of service - Resolves: #1745086 - CVE-2019-9516 httpd:2.4/mod_http2: HTTP/2: 0-length headers leads to denial of service - Resolves: #1745154 - CVE-2019-9517 httpd:2.4/mod_http2: HTTP/2: request for large response leads to denial of service- Resolves: #1730721 - absolute path used for default state and runtime dir by default- Resolves: #1724549 - httpd response contains garbage in Content-Type header- Resolves: #1696142 - CVE-2019-0217 httpd:2.4/httpd: mod_auth_digest: access control bypass due to race condition - Resolves: #1696097 - CVE-2019-0220 httpd:2.4/httpd: URL normalization inconsistency - Resolves: #1669221 - `ExtendedStatus Off` directive when using mod_systemd causes systemctl to hang - Resolves: #1673022 - httpd can not be started with mod_md enabled- Resolves: #1695432 - CVE-2019-0211 httpd: privilege escalation from modules scripts - Resolves: #1696091 - CVE-2019-0215 httpd:2.4/httpd: mod_ssl: access control bypass when using per-location client certification authentication- Resolves: #1672977 - state-dir corruption on reload- Resolves: #1670716 - Coredump when starting in FIPS mode- add security fix for CVE-2019-0190 (#1671282)- add DefaultStateDir/ap_state_dir_relative() (#1653009) - mod_dav_fs: use state dir for default DAVLockDB - mod_md: use state dir for default MDStoreDir- add httpd.conf(5) (#1611361)- Resolves: #1652966 - Missing RELEASE in http header- Resolves: #1641951 - No Documentation= line in htcacheclean.service files- Resolves: #1643713 - TLS connection allowed while all protocols are forbidden- mod_ssl: fix off-by-one causing crashes in CGI children (#1649428)- Resolves: #1644625 - httpd rebase to 2.4.37- Related: #1493510 - RFE: httpd, add IP_FREEBIND support for Listen- mod_ssl: allow sending multiple CA names which differ only in case- mod_ssl: drop SSLRandomSeed from default config (#1638730) - mod_ssl: follow OpenSSL protocol defaults if SSLProtocol is not configured (Rob Crittenden, #1638738)- mod_ssl: don't require SSLCryptoDevice to be set for PKCS#11 cert- Resolves: #1635681 - sync with Fedora 28/29 httpd - comment-out SSLProtocol, SSLProxyProtocol from ssl.conf in default configuration; now follow OpenSSL system default (#1468322) - dropped NPN support - mod_md: change hard-coded default MdStoreDir to state/md (#1563846) - don't block on service try-restart in posttrans scriptlet - build and load mod_brotli - mod_systemd: show bound ports in status and log to journal at startup - updated httpd.service.xml man page - tweak wording in privkey passphrase prompt - drop sslmultiproxy patch - apachectl: don't read /etc/sysconfig/httpd - drop irrelevant Obsoletes for devel subpackage - move instantiated httpd@.service to main httpd package- Resolves: #1602548 - various covscan fixes- apache httpd can work with TLS 1.3 (#1617997) - drop SSLv3 support patch- new version 2.4.35 (#1632754)- mod_ssl: enable SSLv3 and change behavior of "SSLProtocol All" configuration (#1622630)- mod_ssl: add PKCS#11 cert/key support (Anderson Sasaki, #1527084)- new version 2.4.33 - add mod_md subpackage; load mod_proxy_uwsgi by default- remove %ghosted /etc/sysconfig/httpd (#1572676)- Resolves: #1512563 - httpd: update welcome page branding - Resolves: #1511123 - RFE: httpd use event MPM by default - Resolves: #1493510 - RFE: httpd, add IP_FREEBIND support for Listen- new version 2.4.28- add notes on enabling httpd_graceful_shutdown boolean for prefork- drop Requires(post) for mod_ssl- better error handling in httpd-ssl-gencerts (#1494556)- Require sscg 2.2.0 for creating service and CA certificates together- Address CVE-2017-9798 by applying patch from upstream (#1490344)- use sscg defaults; append CA cert to generated cert - document httpd-init.service in httpd-init.service(8)- Address CVE-2017-9798 by applying patch from upstream (#1490344)- Generate SSL certificates on service start, not %posttrans- move httpd.service.d, httpd.socket.d dirs to -filesystem- add new content-length filter (upstream PR 61222)- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- update mod_systemd (r1802251)- switch to event by default for Fedora 27 and later (#1471708)- Resolves: #1469959 - httpd update cleaned out /etc/sysconfig- new version 2.4.27- mod_proxy_fcgi: fix further regressions (PR 61202)- new version 2.4.26- move unit man pages to section 8, add as Documentation= in units- add httpd.service(5) and httpd.socket(5) man pages- require mod_http2, now packaged separately- Resolves: #1397243 - Backport Apache Bug 53098 - mod_proxy_ajp: patch to set worker secret passed to tomcat- Resolves: #1434916 - httpd.service: Failed with result timeout- link only httpd, not support/* against -lselinux -lsystemd- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild- mod_watchdog: restrict thread lifetime (#1410883)- Resolves: #1358875 - require nghttp2 >= 1.5.0- new version 2.4.25- Resolves: #1401530 - CVE-2016-8740 httpd: Incomplete handling of LimitRequestFields directive in mod_http2- fix build with OpenSSL 1.1 (#1392900) - fix typos in ssl.conf (josef randinger, #1379407)- no longer package /etc/sysconfig/httpd - synch ssl.conf with upstream- add security fix for CVE-2016-5387- load mod_watchdog by default (#1353582)- restore build of mod_proxy_fdpass (#1325883) - improve check tests to catch configured-but-not-built modules- update to 2.4.23 (#1325883, #1353203) - load mod_proxy_hcheck - recommend use of "systemctl edit" in httpd.service- have "apachectl graceful" start httpd if not running, per man page- use redirects for lang-specific /manual/ URLs- fix welcome page HTML validity (Ville Skyttä)- remove httpd pre script (duplicate of httpd-filesystem's) - in httpd-filesystem pre script, create group/user iff non-existent- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- update to new version 2.4.18- re-enable mod_asis due to popular demand (#1284315)- fix crash when using -X argument (#1272234)- rebase socket activation patch to 2.4.17- update to 2.4.17 (#1271224) - build, load mod_http2 - don't build mod_asis, mod_file_cache - load mod_cache_socache, mod_proxy_wstunnel by default - check every built mod_* is configured - synch ssl.conf with upstream; disable SSLv3 by default- update to 2.4.16- mod_ssl: use "localhost" in the dummy SSL cert if len(FQDN) > 59 chars- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild- update to 2.4.12- fix compilation with lua-5.3- remove filter for auto-provides of httpd modules, it is not needed since F20- core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704) - mod_cache: fix NULL pointer dereference on empty Content-Type (CVE-2014-3581) - mod_proxy_fcgi: fix a potential crash with long headers (CVE-2014-3583) - mod_lua: fix handling of the Require line when a LuaAuthzProvider is used in multiple Require directives with different arguments (CVE-2014-8109)- require apr-util 1.5.x- use NoDelay and DeferAcceptSec in httpd.socket- increase suexec minimum acceptable uid/gid to 1000 (#1136391)- fix hostname requirement and conflict with openssl-libs- use KillMode=mixed in httpd.service (#1135122)- set vstring based on /etc/os-release (Pat Riehecky, #1114539)- pull in httpd-filesystem as Requires(pre) (#1128328) - fix cipher selection in default ssl.conf, depend on new OpenSSL (#1134348) - require hostname for mod_ssl post script (#1135118)- mod_systemd: updated to the latest version - use -lsystemd instead of -lsystemd-daemon (#1125084) - fix possible crash in SIGINT handling (#958934)- mod_ssl: treat "SSLCipherSuite PROFILE=..." as special (#1109119) - switch default ssl.conf to use PROFILE=SYSTEM (#1109119)- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- add /usr/bin/useradd dependency to -filesystem requires- fix creating apache user in pre script (#1128328)- enable mod_request by default for mod_auth_form - move disabled-by-default modules from 00-base.conf to 00-optional.conf- update to 2.4.10 - expand variables in docdir example configs- add support for systemd socket activation (#1111648)- remove conf.modules.d from httpd-filesystem subpackage (#1081453)- add httpd-filesystem subpackage (#1081453)- mod_ssl: don't use the default OpenSSL cipher suite in ssl.conf (#1109119)- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- add support for SetHandler + proxy (#1078970)- move macros from /etc/rpm to macros.d (#1074277) - remove unused patches- update to 2.4.9- use 2048-bit RSA key with SHA-256 signature in dummy certificate- Create drop directory for systemd snippets- remove provides of old MMN, because it contained double-dash (#1068851)- fix graceful restart using legacy actions- conflict with pre-1.5.0 APR - fix sslsninotreq patch- update to 2.4.7 (#1034071)- switch to requiring system-logos-httpd (#1031288)- change mmnisa to drop "-" altogether- drop ambiguous invalid "-" in RHS of httpd-mmn Provide, keeping old Provide for transition- systemd: use {MAINPID} notation to ensure /bin/kill has always the second arg- mod_ssl: allow SSLEngine to override Listen-based default (r1537535)- systemd: send SIGWINCH signal without httpd -k in ExecStop- load mod_macro by default (#998452) - add README to conf.modules.d - mod_proxy_http: add possible fix for threading issues (r1534321) - core: add fix for truncated output with CGI scripts (r1530793)- require fedora-logos-httpd (#1009162)- revert fix for dumping vhosts twice- update to 2.4.6 - mod_ssl: use revised NPN API (r1487772)- mod_unique_id: replace use of hostname + pid with PRNG output (#976666) - apxs: mention -p option in manpage- add patch for aarch64 (Dennis Gilmore, #925558)- remove duplicate apxs man page from httpd-tools- remove zombie dbmmanage script- return 400 Bad Request on malformed Host header- ignore /etc/sysconfig/httpd and document systemd way of setting env variables in this file- htpasswd/htdbm: fix hash generation bug (#956344) - do not dump vhosts twice in httpd -S output (#928761) - mod_cache: fix potential crash caused by uninitialized variable (#954109)- execute systemctl reload as result of apachectl graceful - mod_ssl: ignore SNI hints unless required by config - mod_cache: forward-port CacheMaxExpire "hard" option - mod_ssl: fall back on another module's proxy hook if mod_ssl proxy is not configured.- fix service file to not send SIGTERM after ExecStop (#906321, #912288)- protect MIMEMagicFile with IfModule (#893949)- really package mod_auth_form in mod_session (#915438)- update to 2.4.4 - fix duplicate ownership of mod_session config (#914901)- add mod_session subpackage, move mod_auth_form there (#894500)- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild- add systemd service for htcacheclean- drop patch for r1344712- filter mod_*.so auto-provides (thanks to rcollet) - pull in syslog logging fix from upstream (r1344712)- rebuild to pick up new apr-util-ldap- rebuild- pull upstream patch r1392850 in addition to r1387633- define PLATFORM in os.h using vendor string- use systemd script unconditionally (#850149)- use systemd scriptlets if available (#850149) - don't run posttrans restart if /etc/sysconfig/httpd-disable-posttrans exists- use systemctl from apachectl (#842736)- fix some error log spam with graceful-stop (r1387633) - minor mod_systemd tweaks- use IncludeOptional for conf.d/*.conf inclusion- adding mod_systemd to integrate with systemd better- mod_ssl: add check for proxy keypair match (upstream r1374214)- update to 2.4.3 (#849883) - own the docroot (#848121)- add mod_proxy fixes from upstream (r1366693, r1365604)- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- drop explicit version requirement on initscripts- mod_ext_filter: fix error_log warnings- support "configtest" and "graceful" as initscripts "legacy actions"- avoid use of "core" GIF for a "core" directory (#168776) - drop use of "syslog.target" in systemd unit file- use _unitdir for systemd unit file - use /run in unit file, ssl.conf- mod_ssl: fix NPN patch merge- move tmpfiles.d fragment into /usr/lib per new guidelines - package /run/httpd not /var/run/httpd - set runtimedir to /run/httpd likewise- fix htdbm/htpasswd crash on crypt() failure (#818684)- pull fix for NPN patch from upstream (r1345599)- update suexec patch to use LOG_AUTHPRIV facility- really fix autoindex.conf (thanks to remi@)- fix autoindex.conf to allow symlink to poweredby.png- suexec: use upstream version of patch for capability bit support- suexec: use syslog rather than suexec.log, drop dac_override capability- mod_ssl: add TLS NPN support (r1332643, #809599)- add BR on APR >= 1.4.0- use systemctl from logrotate (#221073)- pull from upstream: * use TLS close_notify alert for dummy_connection (r1326980+) * cleanup symbol exports (r1327036+)- really fix restart- tweak default ssl.conf - fix restart handling (#814645) - use graceful restart by default- update to 2.4.2- fix macros- add _httpd_moddir to macros- fix symlink for poweredby.png - fix manual.conf- add mod_proxy_html subpackage (w/mod_proxy_html + mod_xml2enc) - move mod_ldap, mod_authnz_ldap to mod_ldap subpackage- clean docroot better - ship proxy, ssl directories within /var/cache/httpd - default config: * unrestricted access to (only) /var/www * remove (commented) Mutex, MaxRanges, ScriptSock * split autoindex config to conf.d/autoindex.conf - ship additional example configs in docdir- update to 2.4.1 - adopt upstream default httpd.conf (almost verbatim) - split all LoadModules to conf.modules.d/*.conf - include conf.d/*.conf at end of httpd.conf - trim %changelog- fix build against PCRE 8.30- update to 2.2.22- Rebuild against PCRE 8.30- fix #783629 - start httpd after named- complete conversion to systemd, drop init script (#770311) - fix comments in /etc/sysconfig/httpd (#771024) - enable PrivateTmp in service file (#781440) - set LANG=C in /etc/sysconfig/httpd- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- fix #751591 - start httpd after remote-fs- allow change state of BalancerMember in mod_proxy_balancer web interface- Make mmn available as %{_httpd_mmn}. - Add .svgz to AddEncoding x-gzip example in httpd.conf.- update to 2.2.21- update to 2.2.20 - fix MPM stub man page generation- fix #707917 - add httpd-ssl-pass-dialog to ask for SSL password using systemd- rebuild while rpm-4.9.1 is untagged to remove trailing slash in provided directory names- fix #716621 - suexec now works without setuid bit- fix #689091 - backported patch from 2.3 branch to support IPv6 in logresolve- update to 2.2.19 - enable dbd, authn_dbd in default config- fix path expansion in service files- add systemd service files (#684175, thanks to Jóhann B. Guðmundsson)- minor updates to httpd.conf - drop old patches- rebuild- use arch-specific mmn- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- generate dummy mod_ssl cert with CA:FALSE constraint (#667841) - add man page stubs for httpd.event, httpd.worker - drop distcache support - add STOP_TIMEOUT support to init script- update default SSLCipherSuite per upstream trunk- fix requires (#667397)- de-ghost /var/run/httpd- add tmpfiles.d configuration, ghost /var/run/httpd (#656600)- drop setuid bit, use capabilities for suexec binary- update to 2.2.17- link everything using -z relro and -z now- update to 2.2.16- default config tweaks: * harden httpd.conf w.r.t. .htaccess restriction (#591293) * load mod_substitute, mod_version by default * drop proxy_ajp.conf, load mod_proxy_ajp in httpd.conf * add commented list of shipped-but-unloaded modules * bump up worker defaults a little * drop KeepAliveTimeout to 5 secs per upstream - fix LSB compliance in init script (#522074) - bundle NOTICE in -tools - use init script in logrotate postrotate to pick up PIDFILE - drop some old Obsoletes/Conflicts- update to 2.2.15 (#572404, #579311)2.4.37-65.module+el8.10.0+1840+b070a976.12.4.37-65.module+el8.10.0+1840+b070a976.12.4.37-65.module+el8.10.0+1840+b070a976.101-ldap.conf.build-id0cb21fbd644888c9b3e7a54b2d9c13636a18aa02ac511733fb609a8d1cf5664b6989b6804f56mod_authnz_ldap.somod_ldap.so/etc/httpd/conf.modules.d//usr/lib//usr/lib/.build-id/8e//usr/lib/.build-id/fd//usr/lib64/httpd/modules/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protectioncpioxz2aarch64-redhat-linux-gnuASCII textdirectoryELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=8e0cb21fbd644888c9b3e7a54b2d9c13636a18aa, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=fd02ac511733fb609a8d1cf5664b6989b6804f56, strippedRRR RR RRRRRR RR RRRutf-8765ed5632375cb1e4d93a0d43fe84635253b883a39fff2c521b87ed0f13bfe44httpd:2.4:8100020240723155411:e155f54d?07zXZ !#,'w] b2u Q{LY8ZIh&}af+wZePR8Ϸ E7p2%b@)-k&ODڮ+fƢy}JgYY N2r^1GX*4]6\9.ˡRwq>:O*ETu4p Olj<:K-r]BDBȡ7NY0w?$+Xg07R&6MIwtP3&i4!W:*}VE$3tU X,39 V}@ S^᛻dQŭj ng@D}x"Ej dX.GEo]Cݧ#trzSdL*d!V:El\?](RL}NΎJo!Mk9 ё,r.J2> 4kV&]qcSpֈ4t炩!*MN4ԭNhQ*O`=n^R,,UUp'da<%..zt"c ׬3#K=N ySU!{./iLgTA6!I#;m1D"+>.lI2I#K Tȫ'1 Hς84n$O2]2@;d(lX$0ɆO&? NDIԒ tUE Apy')Lw((*`_Lfɮ . uޱ;rH8/NUJ+{[ȉ[X ءJQH}sx>r >EhsR 2!vQҧ_K&f; ܸT{Pg6`(l, R4n O,[ϲ-Wu-#k3o49D )yq!76s)t,)vHhL.LGD}69x͕TO%/c*t˱~5^<K[&? <{T."=}*_mv;0&L,KFբX|hNe2VJVN.f}{\S8SsGт ?.l>e+ޛ `I)]qɖ*~(M -ς.O,L*LsZ[6ezXD"z8WJAm$UMCY >NbwN}]y1L85YՋLϩnANQp#<%qtoituT T]CE@X_(7_ő h}-V{$mZ@;ɻO ] h,Bd>5P"r-xL}ȍi![ĻV =ٷP^*hXۖ~"٘ɄZ'4{-nD[Hw o:wꯙ(OsnOJwq2I 3K2"4璟{i#k`EFm; Rƺǔ5bGr}`5ޤpyy#@7=LlUD&-6X|OA쭔'+uCZ|Vjvʚ6r,+ԨdNȓ^U@#?_%`dBk8%n usF#h6` 3Eԧ7z_* v#@-")0$rf1$m"ak):K/;m 6QEhxFfikMdǘw;#Cfie? j`=G G 0t(x FoE^@K;t&uY3nFjߋ]Bn]XQgbޚ;d-YB@ iq];1y9ُv|/4$A/zOl'&5x߼#?O ,VG8e[ELkԑʺ- 5YM厎V|%'_B͂On2äSdA5nwڃ$eaPZc+waBgmheйIՁd৸KfEJQT-K@Z<=Ƶoi ~bg€O%gԩL̉I0dǗtb!6]dz R`&w;%vS/<-JD:)K|K/N_* ZqS7d(kPxƶk*ǔ ,c,sl [ϥ R6Fe0'YSF2U:OY86;=Kʬ2\֔p-gEiˆ j!2c0ܕ12yOe.B6tY2d- I:\N4냱ñ Yk:ʲ7K+brEyִȦZAʍ%:4z}ڭVWm |kW1z&H@k]&]Bޛ$[Kil@_SGb?q{].НqMJˏ?rD8i3fNWI<`3|psL!S$pn|ndxLp9S;TgζaE?ҶڧbKoƢnx'ROzc{ksƳ%Hk=E5бhՎТj@,+nU- ݇y7y_1\7' :] Hk8DԵ@T#%a,8?i 7LL} 6-it^|{Tnoʭt)L:N8Sh}6Q|hZ/ͽЁI2HUʋ*K2s_fpTaNprXvG!1`o"3Ekt*PБ"{۴ PƏ=Ak3p uD#HЩ>Cw^W?|gS[eO@}1 ća(GvL!Х(/D``4i 1v,r? ]22:䆁=CnIR?\EkCo#x ˘~vrQhn(Ckn?<:{@,~יD˵)35mi|@=I U֛y%کq@̳OI~_|s :ewe)Y)S8qgP V jNT,XO< uO99r+3 (:"Ջ7SAd6:6+ٚC<CւR23¸QM+DGMa5>{<Mxs"#fn?x8gK%`#Svm'QA_gQ$7y"Un6ZWjX[:Vl ):seO2 eݞYrOS'`a]aI  7Oi48(X4p" Dh'4& :2g7⫌_`m_m=p,{e'yt({/Z-6?v"&@Ci+b07@7SeXUߐ<6mgAPc Yl:CfMA$ƎGGNr>.Ԩuυ\msC‹fSY%'4:MJ˂w\9rwAۭ:]!%32f{){/dYyIk<0 @Qmȱ*&իȐ;='_4d>bUr|2!9KuL&@ѲصB7!̊n>-Dqas wiYi&Dˤ8Ȳ5fJpFN_xGi= s&3@nLXט^M3PRѕѠ pmR |֨e gڹ>?G1/3HB@Dz@ִj L&TԖfL<\C kMVteLqa Ý]:j""E(eO[nvB)J9AxpˀBIB^-N&4Zy!9bG{W$ҮrGeуbT;g[^Lo䕦SԯS-\`0a1Vn3L$89]U{ c`& 8U6 M$Sxb*w9 w9> G[>7xX[m̬q'n61hK>+Ftս`os*`))ɶ@_e|!D gs H IDV*ؠ?|L1gG'BCDcg -4 7d 5.pXćLW]9ό;k83qe lsnz?LD??b> EFdUBGS=ZF[_ЊsQ^ng[^_a(nzy1RT YΥ r,=q '>#{1o*bYE"S"2D^u xi9y?2DCpW+꿖H&0ͳ?# 4/Z %b- H|B_>ݴ W_Xc =A%-=ڤ35!P5:z{ܟ\NA֌Oh:MUM_yI>FzzLLo&݈sWiϗԋ'qąHCfdgb : ZUN5 |BF[nRQ򯁒dݨMȈV2Wҙm VQ0h!-)X:>h#u*ҳ܊2dy3tٵgt=w)>Cy#LG urdaR?:Sg*5i2-|VD;u5Qh8=K>T}W~/p|Vn-7,|7hJQĺHsCa `ĘjEo3Z&2 /ʲe9l@HpP?scuH _j%"~}8~nu% *)af*Zv g^"UJA*abܲ|a7x);$T BD֠ h.JBlcoX"mix]pݓygpF1iNtZ߆E (^Ya COy'b܁uř0~2w>ƢJ1`Z9?#Ԡ߂G 6@˳GHF>evHټw 2P4` ї 5!&_NxMjBF?1d:3L/bBdR<, bTBG1 ֮ =74dFHKe1:( f0'Y厖5g߭-`D񜩔'.ҁ۝ԅ L}Sgrr"}V7qɃM3Ď\JTCn[<2}! PQ:/,vKWkiR#wNo\$},y$:Q:N4qtX[y9ƐFjJ""CN+w"W)ɤ+s\#B4rX-܀7^f VmWv_}8RT. >8Xe*$B-7Rrn= a~o+sT(t˵:GQU/r.&/p~֛+K3V9 1ֻ{$NIs9gSoۣ)}O%`ew\=z"K6±f^g(uG2Q)(;`8 311ҢaqK&o5|hlz鄈h1F w#9Q!,'Z%ʅIu#h>ڕqeλi$ c^/ B=})ĒMt& sX?gWb9zF c6Ǻ5SFXٗUԵӋč6ǚ{#?rVX.8,|T۴4 v&T(ԕ}L i&%t[m4{ܶ"'PY\8!q{g+_~ž,b?6` 3Pux*cpc;Mp<ƌ*Gq |Zq9Y# gSïɺ܊"~(Z4mp) ئmxK(B*Ї߲˪3rmq@\U E:{3V"n3oڏXOyudo5l9qsC(B_LGupԄkeՃ VkWzCKVC{ەA^~e[o(wRV[yN.eIn7FVLHIQ6J=@b*S2zT;;3΢vT^IyA{{%%Y+C>.ÚeJ:x 9DжIvnI FΑ{=\"k6d^5>W5~/1m W[tD8n++QYXN#|Ε0zge(TDG [,h,;mƿX c\NzI"5R@X2)$ $kc˭p%1nmH*"x}y*("n)B=A^~ۓVyUX#G`NqfiBi`@BŽ=GUtDu4Eڅ㻭ۂUu=^?V^}QOL*GbCցCRi'K=gұχMcY&ZaHjv\+m1甧WwڒT$vI'R|{Ҡ 'ډa=(U. Bxq.uapc5,`nF[YYhd/5=r:ԐUW8mpN{n0zK{I{9u-hD} c{(^6>KrFcK Vj~UC̤+Fzt !tLU \` <8l}܋ĵxxNxz}Ŧ[&/~6َ< {8:4'šI1IqE¡m>:kS;)/g uZFrC )6 59R$ OXQy1V[0^Iwoi쐖4DRU|!54L(΅@Ɇ_DTMAj:B7pVtgI ' {YR!&L;Q}+nׯ0_Cw@Gi"I=Z+/Mf0'\rݡ$I~7;P=<{lgm,l鿫yd/)zk>ؒle"8/zᓱ\ck P%7JJ.З+żf  |N'M9~I o0HѪEP^wHk$潨Ϳ?VE%Xt1U+RZ6FԮeuG9q`PbmBCķoΜ(~IX+[ϡ|vmtoz}1h= P2ˣ*Un,ei׍WJ1nEjܲI,7I/ a8]4dG|P0C/gU^5A=2׵1#e^AWg5/9j0#W$p]$;m`+? כIZvss샤䛬HYΙFc9dKCYՉׂn LI2ފ8: =ZD>o{ U\kn pe/-ȇI@{E(>A݅F$8]H2`J|}KmyF4 ]ɣ[=$B_ Z t3ҙmn9KHZރxf87/ &z6 ZRẸ]k#s,YSſZ6.Zϱ(m׾}srM&E_|:>i(^8_W0y 1Tw}-ɾiA^_#\ݏSʡn2ˤfBw~+ڴJ0̳wZ ]AM;MRDF{rۆgB\ (~& tbGdo#fLrGIt R#B3WE.ϋ %yvؘ\,p2qs3I Bu3K#kmnaՌ uTPh5(H K˕l#:\T%*=x (2 &:1lX/ݵe$8@Ls),`Fqܘn` ym$3L?i8 ѩXs;)6W?mKHTO+уhA; p|v :ȸZ/(G,-cŴ>?{@ZnCn2J@BrLir rbNdVC f2 [v"Aַ": +/8a5iM%z_42^֏_>^!Љ8.!,Rff4NÃQկDgL"?':ߨlM# 8$ btYSqfWVbZrIAKU j6o`򂑚I7n4S wm:ʳV JY־ }`<]L4ܫwt6-6^b*^`t v#^3zssW*6HjsǻjzTCL!x@0D)`R+m@Ѱ~ OR!\S0y{ ӑXj >ܔ8)ٿw%]k"W.7_#HMf#vVsuڅ =UԝEZȏ_Ǝ DPygU18άWYQvPHqQ'-\ ܤmiuMHKx[I -Rka?.~Zݱ,c^}`~ 2nMy}7VS۠Z7ZG7`=~rD^@MovMQ̠p"a1t2RLI-$.i~l38s& .g`k`Io>4RGltVY]d 5@9v4j춡V;=%Vg͛.tj{+0Ivv ApOQc#rʜ*G&f (l=2i/>ia.=*^Tc{5k}ka+z }ğfGoEzk zpk6Fa8*5_@JG?v >yЎGuTVʊ bc<9h<2\f<•~$&L;Ѝ]<qVk`V#7 ;vցyr97Q{`0--3}ϝsvxKي:Ru1]3=~׌‹(p<7"{bɮk1:5<ԔK?$"'l%*E@n륬MoQ C!oՊae?"^Wb"ڶh032xt$]h3cZU5։UU|. 9Th1lttUDd B+ǖ) l['`pZrQU^.\p 8tq_ܠ>bq5Æ0}x[n(4y^*CT/oڕ*MZM*C^J'nѽb(a E2=}BC޼Pp(@+5qwڎC쳄A)TBi!RŶCvِ̬Ք]F#nn2~8j{ƙiR(`(WM؇qnQ0֋Y/K7`EM1~yWT,z >鲕{K)'Y g=eGGG5ȷTd!<:ގ vxQTPqQq-cRM]~e<3̠ag~=On fLxƽ7_ w7E#uX]0']Ykgt':h#3\Ҷ4A@*B8@x.< Tshfe[L.y 4@_3`2 h,W3U*hI7V ClM߶ Z:NZEkQy;Qe8YᏹΝDo,$T>ޏ o˪| =<zbF2,m_QpbhxŠ"z=0ڛJ&wGMyFw?d9Cp_Yq>E=\DR]G6ӷ EDŶٟtR>st B*^}YsNͤ]z@K5բ2H m 1W@R@ϛ9p[l@DG%Ah!DosɃk=ϙƊWbPoعId&vxZ,bcIȝc;dZGp~"@GP|$:^@,/jݜg|D^9I8ښ%|{ޖ`Ze8!ndvEV>:s<1b'{^W=; dD-O_[<\s;pDJ Vo#aP$]qv}4h馈 ( ratww>\k~Uqfz0x(RK&>Jynd&|g:RPTƼC>X(u0pQK5jmx`FZL=$ֺ)s`ii\c/ Ui2vcѽm9J o85z5 Oڰ⻕謴9GfaS^-/]5*ל]֊WER禜mYm.?*osc,Ը}3ʙ Ǒ|r PM 3ވm ^Ȳ/.?fQkhȥlI֠#Y;$X+VkxYL?ۈ9B#ʠ#ZӚs> GGy4!zBPPH]3Q7q2o‹v2g&mDvF=\@4a6j1]BsA`ۈzx$=Pc,_,vJPixDŽ蹇)x!0hAZ=%>Em2*4v̊EP牐 rL10rM(ԨTsu,~&Tk,>ęYNϒt|qUHRL:w;lS΀Xn @dgtIG\$mUg7J%l44j:.ty8&yA PQr8:0+U:A֘1f_SPlHNKXj*,%ӗʡD f5-oR=yq&SuraڟpL)*37erqJ&|'W>Ԋ򝡂j&{8D.{:+Rx69 -#4a-%sgar~f\ed^RȪdq/t63L=5e akQ(i3Ӂ3?Ϻkj}Ɩ(q"$1eNK󗌔J^f3wm;e 5 56{dFHOAXL +scՉMk(A f vbIť!̟* CO`!PcjܩaC6>0u>XB|,K e4Gjʊ*ZUu/M|E.[S gwnic2h:ϢL`ߴlG$:YnؤmaJݗEԷ`7REG s u2RZb7DSk%+)S)W"m@;9&̞''x R2v*-IKMBs TwS'w#G@!IuFOnY HDۉpu>{yF /@48IOB43R6X#fP35%e`Z8A+ .d8o|dx֩ Vѯ[} *8!J4Zm57g@nse̳0Dnw/xĂ=%aK(vy-iZ:*=5sѽ.V3~Uið=S9{܃*=LM{%Ex8n᠒%lC6A%GfϬ5$rf0R<ߤw,X;{/j#k޸M-UθaI]YCa%{i5u;˽:(9:j[t37%Mj\WxN_ /5٬N<_èQ<KvLq-kI?loJbE_EPUT{5|WE$Q<^nZmt9|y7t-@#``r8sAS#j a/2" P!ZE-8]^8TJi] џ&4d_୙ǧDO3%-XQPmze;X/Q,,T:=kX GLYXDkrRu8@\~T:9] \EA ڒ&"R\hZ{*x}'q̞%ՒyK[zQg,@bYq-=`Kh(cr 8JiLPIt ;x_ kd>.ŢTJPzkG.DOwfw"CA`$lx^ݎJ(zVQ=̓ I $\p?,p(I>bmmF˽.}n'\|W[ ~؉cx?!S\?$@\rI)Cеs2@ħ"VFraE ~)~P;>0ѭ+*$(2ɏ\lBFTéwAĊUm݆KlbjߦPNk-\qs,eU{~Rl1}m\:ɧeý%-73w{PE!j6$G|mq1rC`Rsl?L=N\E.jSEWuuLŅ/A&՗x:2:f~@zJp +${= 7ohG4+SJM4[Ei !m$B^@$G>ڲ\M߯>A &07Hb7 zɭQ&SYR!!W9fߛ\#Uqedv*aru}AIL"^j~O:)As  Z98>h2 כ-:i'so`R*B!~ۏy-'Ԭ~Hy6W9!8 PDdn1zpsf602窦cyxh9w}=nqp<<,ż-op4w/ukp f~I70hsm.rSxhfw"d҆hܭ|7f,6I v+ \IUh)ՔWNRzbaZѰ;"'߀{-IgD? a^Ehjk?qotA 8I'o;;5T?\Rv3a`" noOp_3O'q2-eA(wx*t *Ƒr @0hꕗ0&暽vjvz?0 }g_Ӆ2K7s$tPЇ__,V+hMrcuE>gN3{[_aVOdan$y}7cN0|w͒xS5[&_Zp@٤O6]YU_>λS\@h7MQW nS0Ր5H^.`F?1: i!^/֍e^$k!g—5"\f/F #x7;xC• -5vۺY0qf.žP IYU$\ob+퐇E3>Z&ߕutvX9FpN i7TVzp, N"nDZ0)gU[~F%\0NEsCp1-R3K($A*nC߻j^6لW®Կ(6:׎/xpCp"Ʌ\J@.}+G Wg%te ; {ۡ xT>ImGGZB5jnӌS ~eUy7 UiV Ln)?hF%F\kƳX['[v.ľly^蜁Dpcn)&2H8s}٩s.#y\̭B4$3~BmfjOm`Ⓓ߃ SjЂ9vm똭:ǾRuiq΂Ӽve}s\[L${FI/.f._^m0o5Ċuſ f;OGC}.f7#:@i!KGz*:OZ۞H巖 ˾2FZ~ET6vJ_K;`}lkfb.ffF8*$p$іj:Ň`.FQom.ǣI橭u|H\=[?0̠uZ˃i߬ 5(p28m*us~)D^P<N!yK1b zq0g!l:7o8]u{2(o6{)}*^:*Ŗi~`D\ϧ˻(JKVZIe;w1a V33,;ZɹXA#7ǷOJ=qUNFq4j?N}ת{Iд$ѠɽóL$>1Jԭ<%Li݁xs:Sʳ.`&l),Ky[܅ߜb,H[Ũj!JM)+ n7Ni5٢ɈF1" R.IרHĐtkoEqc{4jJA-lXKX!j>\NsUyxt)5uנM\ ka(/`{L0(]"톇]? 虝1Y5?/^}IDc3Srza/7zRJp)cb8,?2O XY8n qq;J1-U- 71x=^L-#ُ uX~Aw/ !Fv cZ@cÿIEElrݙU5Q|n$^؝'R>̢@.5 !³ >I1`ʋȡEOYPjulzSs+ 8x{HN! ? T©OkráA(Fه! (s 9R*y;o6:'ٟ[至݆PԀNAM9lwegsvGHQ8KG> zԌh勰wb^,Z)K5a7qVg! AMe{+vLIk4_xؐPҜ$̷dmBF3i J_O ``gI'ܭK#:3^vU|QH:KNJ#5 wuV^=A!kfź\r ]z b,I>"6z,eŗ?h b[ؤci;x%9l-؁/u FT8#ky92pa=D\/[2JcIui bl($ ̀3GE}Zj4#} ٘",[jCፔ=7s(xjNGwvq{뭂㧬wd(j{l5xBG E~+zt_Ym7&QтT |!z^hh-Z>C;)4*{-Uc]O v۽U$&􈧇jFQ?pDD:X Qe foQHXBr@ZmW^6DA|`o(ù˯q[\xD(֘4U(J>pӇm5eM'pF7;3k!==>CRvb4,rZZĸw~8B3$U1?xNj#Cj 9άՃΑS~xUs1%`ؔrguC;RS:CD+"f0*{@Ebr}VRA_#+='i^L1CwR=+e/JF+G{:eb/ t vGQJ@zފ'vb%yUUGt.5u5O@u2StޯIY{b#RWS=h5Bz : INyLm1Bށ"|: PcTfLDbWœpT(TY-Re 6xҧ"'e9mBwxP&3t8ѡ G+0CLQQل- ?n9;tcRI ܨ$Hw%A^xca#bŚDC,aׂ+b& IQ=Q ds?o8s'Z9f(m,A_MBhkAyvH~9j5=LSV"GVj(m7pz@֦x:W~pFnYkF_r@(=Xp8=OZ@AYYyXa:X8>2x׳}E&Zi rI6UR5K3a4?Hlbhy6!c ro\3DndM +'V$-;U\F|$\zqO+ ]r_vbЌԡlI管' RNA",y.9MӛJʡ<`Tmt6-PGē<Q )\/j?MK SNp`a _pz;\=8< ғ&NRK d^Đ 'Xp$i-ts co"څr8DZ rCItDލXJ!h8\!MYucNCE|\t\\7ުӇ_=^e\ 2^bIxmIM/iIٱw |xa- 3nP +_d;#N=@H0Y8eHol1;qO/k u*8$Nye^g1tڛGD6kdlB"[?ھ5ܵY8j]:&ߋ1PA䵁SC9Z+}or`;Gj _۟#*;VI6;|Y#hޅb)3˜3!/#?gvIGM:TFaϥb˖EgH0]HWT;C;=A`g2<M8C#,]=",:H^v9yR#V~张-* _fW۠N\%a0̃$dLD|#*R9u^ %L(@ςtq8]R D7} R0pF$|UQa@zl^hocqZl@gƅr|s9}hlFB*A:p-v;})?{ӽd cؠ yh$lI.о{,ƀP$M':i44PfmEx V3Yح58 mjeW 8`GK: z?, +qBtb6z mxu{GY<1ڴ'e>ͷMRR~"5xZ*%ǸΐUxڄ\ Q'њGn/ki-Gq i}Dz>0V)Iň_=Ֆ,$i%vp;퇚SH"jDYM8H|v =x::҆pNqZ+@:ڠZ;RkI*O00B_Ŷ'B%AW>K$t G@f[)l}0hdB[QZ+_>2KcrMǏ{Kм B*b Cߵ0x{$iG~NV.?aVf36ջ毃XW @f4U;G(RCAbX`qKC|<cesh?$^"7m%^wVx5ө?3J,#@/F"B~SUoJ.P4cU;:3fi]_PԽuki.D%( /t$)8Aq+NVȼh[JCLK}\vm]ij pq-\1F혾W-N?}~B/G -gU*Yg37?Q%~05;ւ4ROЌt @CdTE{hO_Y7i/?םGh>JfZu I#Kp4l;j/]jKgL"RnI4]ϿܯW]k O"D_1oۤ4G;B:{3J|Qy7IBV*k~p¬DR9++{1llǰp`ׄl6S]cԶ9օyKT/ww(4 ,ux"\'MJܲI&2~)4<܁u5vW-+r&%v[20 tu˛Ѕq$R'vlJ \MrF`"]&6W.e!SwwO_ozK/}\j"jD:8zUj o6 #C.;UIhҜ%J:q+%,9قSvwTR "ƵvURNܧ.p)+79 ,*e]K$5!.nfÐbkz4N,<ZF`ѱ3f{9X |vԌn,h=ȍ' A߂_Y.0/^ mSV"G8+H+ kI36@6R"C?TM*#yÂYGTΔPA l:JThStOmoHgOaw2<2Uw i!9 ;me ^gC|MҎZjئ7_s7x^]Y2 rԠG9QҢ;kcCtM¤ U[9)j%3<7Rzf VBX{ɋɳtQe==P_aMDžc4R7c6BlyςXKoL 13}fq?2-ֱԬl!i,عi3>cVZƣ0(x蘃>`}io'aJ>8\m>]/b:I<.S!Iy@[OOPJQ;~ff']zv)c,v qmrWhaᷫۍE,B,*me+2ԍƉ :t4s1XIWQrJj;qU mB{Y'x˷RZՇgȜa0Hg97q*+sV2i+c*lQ`~DW<}[#dm+Myhx^?yqk#R9LYg1Or'6`tfVH)= \~E!oCX}\~:Bn,J}#BӲdq;gā1u#/ܺiEY辣LP|òUk6Dr:^wPPɔ!N4{bYiV˫!渏MOGbq~r<|(h7^9V?-fYߘK驲Hګt䭐[;ZՀa\+ps6qrHQ́4W "SO! W>8pN00M7n5]8 &uG V+E=V# E!\̕V΁nJ= kW?&j;"Î읠 RjoኊLtQmZnI==[7О}0:cR=pb ̮YCGk!+| GV)&{LSk^w>!Nn;&~x5(ž?J&qǮ#E:I$j÷er $ rX\Bi|<}/;]nv+ K#m{D[TGPʽ"_z+ ByC?s>AClBTb` :FKή*UQDoZp'4"e߀eAklBo!loE[,SeHHZB'$ R\fL'x\7Ų!_\ FJÈȳ] A {&a: b\zKYp ZVF,a}q-~Ru{h8"8KzDM!\E,,8ѳ6}>[z"˭;*ʶe8|Gω#ǭ VĥC͝mh=>zw=ړ:"6wa_gL՞mӈ +hEs:5ơV""\&dpJmv#?LUЂ{#^gO!bny3<:S1Vi>*07 ^ƞuƋ!Em]i0g1P؇q4E~~!wEV}BQt6$ kʚ/9n:RfY  Qc T^(k_QHcdjF ||^(]n!W6̉fgFTc%R,P@r$=C%U R\ K`G]1PuG^4ZȒx6Dk#ui;$_#YL?wrvLO_ -V8<=p/La.9L_܆:x4|XۑVwAQZ$DFZDٹeNE}Jc`eLmQNٰ3m }'Zۡg>5UI}`ڋpmh%t'"ȣ x-훉=p(J45caPxC2w<1UqCGp̞`-)9 {#֥,Uޕ˳<|.]ݙS$]oXXf*cTSӮ5FXtKuJͿ[Ў:T2FEL2'd'ۨ苶KH;}o?F>:ڿ9f;??| Ek%wgۊá'=5‰lenYl#`rXPҴ&[Q=h䉪Oa=O1Zp}JE"?# \llXU&r|B@RZ#>ۤn'85Kd iO,>( YAG<4V-Qy`=aN #e' O$}@x_~ &ǯY>S+9~J,+++Kβm6}doXVg +١0UOWR+cwVѕl]-QT}dT _3 ;6pWfs:N]H<޹;`X\f]\͂R&Du^41iUJok3n.-h0Vٱ JuZߕ}WK1%1v]>:%&Qd]KxbQL{xz뀖%pci> a#5|diH{U59Oz$3󆻠OjWPU!Hg1`?`};)7)rj dYslxb,eRw!am8l՟bh?afGSɬyЧ77 ԓ1>JIj0j,]c< 6L-Lk4 b}(9_RtjwCZQM!Oy:5LT\~qʍ>w?p\0˅VWe3$`x/?fH}W+#%sGLj؋ub,wؚsM{$s #Bsۿ66J?Xy,MtL#41'Zac[L#) J=޳uٻc'V9.`R 1W̧mpdbÂ-F?zo|+GP)mRD=<l3=Bz ԄĀluBќw.4w0.#cs@*9ޛ%̍…{rl`#h꟒J0s8Wô?Q̜\@Iyl D&)6!qƇ[؋ݨW&vq{Ej7H*0+b +`IqSkBc$9 ն(Le7,}:VmވjR PЗ~r@I,`3ksWǘo` 5$ s~a=B$*!  /ssnd &L<nt˘aQZU]G[얓yB3ٝLDn0\S/YJT^kY cw˰=6"KB'&t‰I+pp嶟mbRQK-9 5I.6V6Qsؚ5OREъs0WVť^檤8B͒AgܡL0y d$`՛5XLe@zAS",|{Ud1@Wb'8oSV0H3h9](sXav_eԓtB[/9.%]PuЗZ1sl;w8#B޷ˣF; E?MqeR Igd)` ̇Xp\4UdP6恁޳B @,㏨UCD>`gb$[P 0REPnʟ9+MPƪ8z({P' ukݤ]؀QJxd.>DԸ0vHr_ 8&jjtSW:N.΃ZTO쨹RPz~ YnelYCҕ#I83$T\<{hn,su!w2@VFVdHze<.2DٍvbFv{ 9m C"ɢ_.]A%emkX%k݃˹2[@X@i U9 N,-W (d #FeoQuX"ug ݈hM֗(bOu.ZU7ژp^g@m-o3fq?\3u=~5-/{6m1+E }uvXΔF}M ||,trmx˙$)%z,qfZK+C}ILWT\V%]ӶvH8\GR䍇}2/mzU}N i{`s!vԖ/ĞYҢD}?ۗlΎߞ܍Y!s_PgR٬:t-uA f  ʆtF`*^¥Pcl2- 5]qhZD%@b$sZ-e@S  ͉̇$u]Zs]44Dm$r⑻7hhZ[P1{Y5̒c#dns'd(ߟz;glT@[~woXV߁aLv :6A˩.'޶ j?Hq p nu.Yί/#k\|UY]Ӝ깗bZDEypj؅(a:*{ݰ]Uc:ǎβ?ߒ- CyTH ]Ne:k.jP#8a#A4i2m+~i6xRWR~&)'fǘ:=VB2 eE6Tb XR>%)FoDϱ7'\̕G SlAJPQS,Ced5Y [ofog|?2+MG : [# ZkC#H3kYkmјb;f}Lnapm9}fYzh(f$|^ŵtܕ"N *-rN,Q^g:5thYוwh2dI>N-C%XrYYwjf1._Ol69h]0vP[);)}鲾J_z$\! al gO&W`z*qr$GpJߦ@DB؄JSTի֘S˟Fz7&|ݪ{%r``U0?)*3FA/ȐTB{1Uul @1xDzj6?m f#ْ .8֑#rFj6hȷ9:cEȶ3m7VbNi԰_J^+R)Gon9CcӍ<`!ZsL<[ƣV醕ϗ,N98Zlz9I(k?W-"_m4SNU"MḂo_5PW}͢=bsSȝ/KPH_uiZVdNrˡurjͧi=?!-5^28Sz 2@A0Is(AYD(¸˥9K*S"aI?FO{Ƙ0j_bhhYQ%DSK$U#ހVftc2)KnrEH8hTǮGG.OD!8:C~SS }d^bM̯N88KYNr4j9fR}Wn&~M (>%/ ؟L2.@X%rP)U򨒧X8r Ё4M6zWe""=xӍ=_/&It? ]'wLGU244i:@2'Le"'e,,-*$g+lܨ( uƮ?A 9P1Kk&."%3=F 6"V~/ vFO5\#z2b)!y\~b>aya#0K8{%5(fi\`[2|b..AۉN.4#yS~ǛB,ݫ1z6]r9HlJE%A;`uْ klM3Z"Z:zhhAH6@S/pdЗYc) (S8;H/rUBrC`xע *AE&F7fbx }4`iغ׬٪&AϿ48CdҎ'3}w`.Iu@!2u1qϗAW^鸯#F2Va(_'>@re{pD;tJ0*,NdK {TMT]Vd YtpA%h|{No"+C:m>[ٛyl&FB26jP@j֢O`f+=eAe|ȆTϮM,6ҐPIN9-pĥM!ek9ЯT=*׬Dn_& l]Io3I+Wx4$pn#Qt[C*|ro8wSBEьg36O#˼{^-^Y'Z֠ͨC'Z&jG ay>2<=yy9dkWZD[Ma`Zwˇg S'@琝VaSݤRFL|sssSpJI4d}r'U.O6DOИAln7WC6sWz_yK7_CbQQei`fS&Wr%* EsPsSRq`0W9]VV޼b rR|z%򗱭-2ЊeE­|֘E΃W]w+G0>0a@fR[珏 a^D8f<ۨ@vp LV.ܢy$`zԛLLFZO|w?ts֐B <( 4-IfEb|/Jj|G[ @D,_9hngL€ |>l)8T=l&#qrIZJ vXa5j4Ь= =/H6_*~>26>讂c9g#VK]޼R:Kj73SA{;s\JZ^hGe+2{GH-$ Ll'Hk;X]_jh5tc.v-] QSBF_ȰȥrUHR*HWdCt"f6/vBvlkZV}9!އ,,/8Y}4V:Y<Ն(l?79_ o+e*B: >'s ENw7u"Z5XFuRT9wIrI(ރ>*E R TzŜ>mFvFk~4Á&PccimbvޢBӑP/lRǝtb&]![kwZ8:1&9`~.f~ȵCmF5r50%Y@&}3=yK`InWrڦVikf11 gLAO奮ИKm e5-vɿW!$פ` 4$c%ϑ 5VAHAW!<3+s}mc|(ab!K4QcsQ_֭RF x8 åvWЩх+2EAJ(3[ATQkTى8ס{.'A@r1K"j,wL RVؽq^AgVR4Lu.p_)P|T$q0 C0[jpce_5Hm7*"J௞)a;D8P/I+R"}'fi͛;J1ASӐ\}:ܽfoP԰\x~lLЀcqerk$"ќGb HIk^ۜ#438;x,T!k(U k+mq]HB'n] Lrf28zaPmȤ8~H"aqmV0*gM @ ~¸m,aI6RRYfTPŴp$Dn&״g[$. 6iFR׮2)ro~*3TEQDQ#=99 M b껟1l }biҢ.)Yh"S4g=Rme LK>|{w3|YeRoTؼBhHU*NO.oO_p-] oyQSy/s*3 :ORRf,sAbЉ#:3d^Oy0DE`æ0޾QYKs#ͷ-& ˍ ܇`A|Hj{]H$Qs^mS*s;*ZKR€tW8`Y&Vʽ)hpݶ}!/ <f#nlBeu\_| ul2~AUBa®, "cfP+:ʤjA%[߼kL=>kگrعj:F^ȃ#ǧr7WKmlܮARGsaY.G!+j@\7񇓯'hJ/!|8g 9C8 Ad,^;d&`ha$$RqָIǔRrr?}ALtț 6?|# KU ʔ>'VdиG1wp?ld ;pl4AH׷zל,m"ܤH#9j 5%,a!fmVOp@Q&u$sֆZI\3w'@R}0uVrzekKK`C.4WJd!'!t%bQ do,nD+ xVrTPoXrց5"=`^KM;E e?JD:yS~@ /MćV?^KO :c<ӼidĞW *r6Lψb{[DN~ )!o@c} _w"RDi??2\B5CbWJyL%MmӾ.]5ˢQ +W0T=8H

"`t2(h7U e3Zf m!k mO38]H=][cT\MG*t~JFĮ2]D>Oy%0T4|瘎 tU(>. nwQ ҿ`OqVp/شPF?y7"u05T k^%FoևB }R> QʋABD+I'zl&2+m# 1x:БhB;YrzJ㣵Dv5+& ^VHqy]55a2V duvڼ4;B"@jH ^Udii',齼9KeN 80DW3_m'z37$P*G7Ϯ Tܪ¨Iju16׋利D Ji4ƦVW<[B5`WfqR ۖq19D4Cis=47T$WT NP>*^0,[ Pn&n'n Ӈ`JP*̂X" V+\S'C Tӂ㦒>OA3w,R yIow3FmCOHZ5=EӐ @YDS0-ѧyek }Zm049JM{vx **>PCT5َQјw\کf?omgSm4q~PA;k^6J;wncM|$@_J!*go_57:NNj{CTaD9ƹ l2| dd;dI}agh8iҝ:sVZr&L?!Rn㝒 :~/zﰩakT"4kJ*Eƥ^uIK20A$$+ѯwI_ (>1:6be{5tCLFpB#d SJo6QˣKo#@ Zf]U M0)MhTWNX?@g#:)t|XǷ#4&N[req9毣@MGyK/0gdI][Y9ˡvգ(P 1KTENw*~jyJYZ(tf^1u$COK~#b<@bIKy[EM PIqzŽ?Μ92CQXa&"y.IJ9O?麻&rpdD@Qt 2\fOԸ]#&\bS_B|R2$^UZܴ ׁcwich|#v%wd10U Eeb0Mf0Z_)GAldc+֐*&1B_5y'Dgv,ֱ%g:v;gz5 k=WP u[Eߦ \ȉ?+;ۓ*v  5XguDhP'|%ws^Z\o\wa͂!-߿KZݨ*ofGvT,dA4H+jK>%$C}0C/kxjr$f}Aݏx19,v[ ,3K/J;vݱ <bOz~$c8_e_X#gF$dm]rUNdnj1Oǡ"q b o\lCel±53<5pJ2:c52p홆8dsnPq/MUK)ñ!ի 3Z xP׷/)ʿ v=ʡHV} D8ӦZ;#I.5 .Tİh0!]c]Q~}W7 }r YZ