mod_session-2.4.37-65.module+el8.10.0+1830+22f0c9e0 > 6 6_6 3!pQp)Tξ7]mtZ`f ]mtZ`nRmOȗRȫ7]?OĒ=-ix i0pƯ%TDi@yR5Y9^:SKA+\Їr䦁 T}A$CuN;{a7H<15ʨn'$vUG`"]:B20e$Bu.Ը|d [M)ɯ+銕ȕ{c#C4}箒+nt TV\'Bz1Z=nY3WORa==Q~Q$gr'2_!~,Uq) xt b)/Z3f8ae3913cea07724a9ec2fc1e1b889693d935de5b17c3fe8ffcbd393e32becfefed0d5b0db2acc0f000b153423e9d4a62683a4f/3!pQp)Tξ7]mtZ`f ]mtZ`0ܺq33 xdi_FM̋:C?G~7~:ء<F6TPpZv&U;AoQT:4EޏiB[Hj`;*TmE,qշq}ufq)odx@3Cpk^\ߤވ;g]'Kg=Eѯ~vOrldfcL+Z=Z^S3&(u[b#U>p=?d 6 c!'/ Mh             4 p  D k (89 :8G HH Ix XY\ ]8 ^tbd;e@fClEt` u vw x yCmod_session2.4.3765.module+el8.10.0+1830+22f0c9e0Session interface for the Apache HTTP ServerThe mod_session module and associated backends provide an abstract interface for storing and accessing per-user session data.ford1-prod-a64build001.svc.aws.rockylinux.orgL_KojiRockyASL 2.0infrastructure@rockylinux.orgSystem Environment/Daemonshttps://httpd.apache.org/linuxaarch6449962HAffffffffffff51df0ceeb7dae9922817f4af0554f83fe01d6268025ee08260aeed69be3953d159c4f7cf81c34c054e97c271b2ca41c410c125abcd9be6cda5cea682a431a2eb87c10269200fef8db98e05809020422171ec07a4ebb3dee130ec8901fdd4ce30bfe521b8fe247b79289addaf49e20e098ba87171bf882351dd87e52d0d5e28d123e9588b2db9c05d182fcc85ebb0c0dee9d217b312f1717d83291a602b21e9c7fe9ee0cd26c622906e03d1e2bd04d489e3d34c12192b93635b8a51248dcfcdc9../../../../usr/lib64/httpd/modules/mod_auth_form.so../../../../usr/lib64/httpd/modules/mod_session_cookie.so../../../../usr/lib64/httpd/modules/mod_session_crypto.so../../../../usr/lib64/httpd/modules/mod_session_dbd.so../../../../usr/lib64/httpd/modules/mod_session.sorootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootroothttpd-2.4.37-65.module+el8.10.0+1830+22f0c9e0.src.rpmconfig(mod_session)mod_sessionmod_session(aarch-64)@@@@@    @config(mod_session)httpdhttpd-mmnld-linux-aarch64.so.1()(64bit)ld-linux-aarch64.so.1(GLIBC_2.17)(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libpthread.so.0()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)2.4.37-65.module+el8.10.0+1830+22f0c9e00:2.4.37-65.module+el8.10.0+1830+22f0c9e020120211aarch643.0.4-14.6.0-14.0-15.2-14.14.3fieN@e̫@d d\@d!d-@d-@d-@doMdJcdcck@cck@c(Ybޅbb2@b8haNaaaawaU`:@`f@`@`@_м@__@_:_^b^(@^@^]]@]߶]҇]@]g@]-@]]@\7\Z@\Yz\T4\\U@[@[[[@[H[u[[[ā@[ā@[ā@[@[@["@[YZ@Z@Z@Yp@Y{Y@Y@YéYéYéYéYX@YYYYx@Ym@YlYf@Ycl@YV=@YGY5GY@YXۡXP@X @X@XwoX[@X[@XEVX)@X@WW~D@W~D@W~D@WKW@VVVVn@VhV.VCV@UK@U@Ua@UF@UQUQTp@T=@T@T @TT_Tk@Tk@S0S@SGS@SS/SS@SSS"@SS5d@S4S&Sz@Sz@S(S@R@RRG@R@R@RsRrF@Ri Re@RVQ@QQޞ@QQo@Q@QQV@Q@Qo@Qm=@QQQ,Q,Q']QP @P6@P6@P{@PPl(PiPiPiPiPYPQPIP3x@P3x@PPO@OO@O@OЗOЗOF@OF@OF@O]@O"O"O@O@O@O@O@O@OOOOOOleOleO_6O_6O_6OU@O8@O8@O5OKO@ONNS@N{#@NoENdNBrN)f@N&@N@N MM>MMn1@MdMRMF@M(QM$]@M$]@M# L@L@LLMxL7@K@Luboš Uhliarik - 2.4.37-65Joe Orton - 2.4.37-64Joe Orton - 2.4.37-63Johnny Hughes - 2.4.37-62Luboš Uhliarik - 2.4.37-62Tomas Korbar - 2.4.37-61Tomas Korbar - 2.4.37-60Tomas Korbar - 2.4.37-59Tomas Korbar - 2.4.37-58Luboš Uhliarik - 2.4.37-57Luboš Uhliarik - 2.4.37-56.5Luboš Uhliarik - 2.4.37-56.4Luboš Uhliarik - 2.4.37-56Luboš Uhliarik - 2.4.37-55Luboš Uhliarik - 2.4.37-54Luboš Uhliarik - 2.4.37-53Tomas Korbar - 2.4.37-52Luboš Uhliarik - 2.4.37-51Luboš Uhliarik - 2.4.37-50Luboš Uhliarik - 2.4.37-49Luboš Uhliarik - 2.4.37-48Luboš Uhliarik - 2.4.37-47Luboš Uhliarik - 2.4.37-46Luboš Uhliarik - 2.4.37-45Luboš Uhliarik - 2.4.37-44Luboš Uhliarik - 2.4.37-43Luboš Uhliarik - 2.4.37-42Luboš Uhliarik - 2.4.37-41Lubos Uhliarik - 2.4.37-40Artem Egorenkov - 2.4.37-39Lubos Uhliarik - 2.4.37-38Lubos Uhliarik - 2.4.37-37Lubos Uhliarik - 2.4.37-36Lubos Uhliarik - 2.4.37-35Lubos Uhliarik - 2.4.37-33Lubos Uhliarik - 2.4.37-31Joe Orton - 2.4.37-30Lubos Uhliarik - 2.4.37-29Lubos Uhliarik - 2.4.37-28Lubos Uhliarik - 2.4.37-27Lubos Uhliarik - 2.4.37-21Lubos Uhliarik - 2.4.37-20Joe Orton - 2.4.37-19Lubos Uhliarik - 2.4.37-18Lubos Uhliarik - 2.4.37-17Lubos Uhliarik - 2.4.37-16Lubos Uhliarik - 2.4.37-15Lubos Uhliarik - 2.4.37-14Lubos Uhliarik - 2.4.37-13Lubos Uhliarik - 2.4.37-11Lubos Uhliarik - 2.4.37-10Lubos Uhliarik - 2.4.37-9Joe Orton - 2.4.37-8Joe Orton - 2.4.37-7Joe Orton - 2.4.37-6Luboš Uhliarik - 2.4.37-5Luboš Uhliarik - 2.4.37-4Luboš Uhliarik - 2.4.37-3Joe Orton - 2.4.37-2Lubos Uhliarik - 2.4.37-1Luboš Uhliarik - 2.4.35-10Lubos Uhliarik - 2.4.35-9Joe Orton - 2.4.35-7Joe Orton - 2.4.35-5Lubos Uhliarik - 2.4.35-4Lubos Uhliarik - 2.4.35-3Lubos Uhliarik - 2.4.35-2Lubos Uhliarik - 2.4.35-1Lubos Uhliarik - 2.4.33-4Joe Orton - 2.4.33-3Luboš Uhliarik - 2.4.33-2Joe Orton - 2.4.28-8Luboš Uhliarik - 2.4.28-2Luboš Uhliarik - 2.4.28-1Joe Orton - 2.4.27-14Joe Orton - 2.4.27-13Joe Orton - 2.4.27-12Stephen Gallagher - 2.4.27-11Jeroen van Meeuwen - 2.4.27-10Joe Orton - 2.4.27-9Jeroen van Meeuwen - 2.4.27-8Stephen Gallagher - 2.4.27-8.1Joe Orton - 2.4.27-8.1Joe Orton - 2.4.27-7Fedora Release Engineering - 2.4.27-6Fedora Release Engineering - 2.4.27-5Joe Orton - 2.4.27-4Joe Orton - 2.4.27-3Luboš Uhliarik - 2.4.27-2Luboš Uhliarik - 2.4.27-1Joe Orton - 2.4.26-2Luboš Uhliarik - 2.4.26-1Joe Orton - 2.4.25-10Joe Orton - 2.4.25-9Joe Orton - 2.4.25-8Luboš Uhliarik - 2.4.25-7Luboš Uhliarik - 2.4.25-6Joe Orton - 2.4.25-5Fedora Release Engineering - 2.4.25-4Joe Orton - 2.4.25-3Luboš Uhliarik - 2.4.25-2Luboš Uhliarik - 2.4.25-1Luboš Uhliarik - 2.4.23-7Joe Orton - 2.4.23-6Joe Orton - 2.4.23-5Joe Orton - 2.4.23-4Joe Orton - 2.4.23-3Joe Orton - 2.4.23-2Joe Orton - 2.4.23-1Joe Orton - 2.4.18-6Joe Orton - 2.4.18-5Joe Orton - 2.4.18-4Joe Orton - 2.4.18-3Fedora Release Engineering - 2.4.18-2Jan Kaluza - 2.4.18-1Joe Orton - 2.4.17-4Jan Kaluza - 2.4.17-3Jan Kaluza - 2.4.17-2Joe Orton - 2.4.17-1Jan Kaluza - 2.4.12-4Joe Orton - 2.4.12-3Fedora Release Engineering - 2.4.12-2Jan Kaluza - 2.4.12-1Jan Kaluza - 2.4.10-17Jan Kaluza - 2.4.10-16Jan Kaluza - 2.4.10-15Joe Orton - 2.4.10-14Jan Kaluza - 2.4.10-13Jan Kaluza - 2.4.10-12Jan Kaluza - 2.4.10-11Jan Kaluza - 2.4.10-10Joe Orton - 2.4.10-9Joe Orton - 2.4.10-8Jan Kaluza - 2.4.10-7Joe Orton - 2.4.10-6Fedora Release Engineering - 2.4.10-5Jan Kaluza - 2.4.10-4Jan Kaluza - 2.4.10-3Joe Orton - 2.4.10-2Joe Orton - 2.4.10-1Jan Kaluza - 2.4.9-8Jan Kaluza - 2.4.9-7Jan Kaluza - 2.4.9-6Joe Orton - 2.4.9-5Fedora Release Engineering - 2.4.9-4Jan Kaluza - 2.4.9-3Jan Kaluza - 2.4.9-2Jan Kaluza - 2.4.9-1Joe Orton - 2.4.7-6Stephen Gallagher 2.4.7-5Jan Kaluza - 2.4.7-4Jan Kaluza - 2.4.7-3Joe Orton - 2.4.7-2Joe Orton - 2.4.7-1Joe Orton - 2.4.6-10Joe Orton - 2.4.6-9Joe Orton - 2.4.6-8Jan Kaluza - 2.4.6-7Joe Orton - 2.4.6-6Jan kaluza - 2.4.6-5Joe Orton - 2.4.6-4Jan Kaluza - 2.4.6-3Jan Kaluza - 2.4.6-2Joe Orton - 2.4.6-1Jan Kaluza - 2.4.4-12Joe Orton - 2.4.4-11Joe Orton - 2.4.4-10Joe Orton - 2.4.4-9Jan Kaluza - 2.4.4-8Jan Kaluza - 2.4.4-7Jan Kaluza - 2.4.4-6Jan Kaluza - 2.4.4-5Jan Kaluza - 2.4.4-4Jan Kaluza - 2.4.4-3Joe Orton - 2.4.4-2Joe Orton - 2.4.4-1Joe Orton - 2.4.3-17Fedora Release Engineering - 2.4.3-16Joe Orton - 2.4.3-15Joe Orton - 2.4.3-14Joe Orton - 2.4.3-13Joe Orton - 2.4.3-12Joe Orton - 2.4.3-11Joe Orton - 2.4.3-10Joe Orton - 2.4.3-9Joe Orton - 2.4.3-8Joe Orton - 2.4.3-7Jan Kaluza - 2.4.3-6Joe Orton - 2.4.3-5Joe Orton - 2.4.3-4Jan Kaluza - 2.4.3-3Joe Orton - 2.4.3-2Joe Orton - 2.4.3-1Joe Orton - 2.4.2-23Fedora Release Engineering - 2.4.2-22Joe Orton - 2.4.2-21Joe Orton - 2.4.2-20Joe Orton - 2.4.2-19Joe Orton - 2.4.2-18Joe Orton - 2.4.2-17Joe Orton - 2.4.2-16Joe Orton - 2.4.2-15Joe Orton - 2.4.2-14Joe Orton - 2.4.2-13Joe Orton - 2.4.2-12Joe Orton - 2.4.2-11Joe Orton - 2.4.2-10Joe Orton - 2.4.2-9Joe Orton - 2.4.2-8Joe Orton - 2.4.2-7Joe Orton - 2.4.2-6Joe Orton - 2.4.2-5Joe Orton - 2.4.2-4Joe Orton - 2.4.2-3Joe Orton - 2.4.2-2Jan Kaluza - 2.4.2-1Joe Orton - 2.4.1-6Joe Orton - 2.4.1-5Joe Orton - 2.4.1-4Joe Orton - 2.4.1-3Joe Orton - 2.4.1-2Joe Orton - 2.4.1-1Joe Orton - 2.2.22-2Joe Orton - 2.2.22-1Petr Pisar - 2.2.21-8Jan Kaluza - 2.2.21-7Joe Orton - 2.2.21-6Fedora Release Engineering - 2.2.21-5Jan Kaluza - 2.2.21-4Jan Kaluza - 2.2.21-3Ville Skyttä - 2.2.21-2Joe Orton - 2.2.21-1Joe Orton - 2.2.20-1Jan Kaluza - 2.2.19-5Iain Arnell 1:2.2.19-4Jan Kaluza - 2.2.19-3Jan Kaluza - 2.2.19-2Joe Orton - 2.2.19-1Joe Orton - 2.2.17-13Joe Orton - 2.2.17-12Joe Orton - 2.2.17-11Joe Orton - 2.2.17-10Joe Orton - 2.2.17-9Fedora Release Engineering - 2.2.17-8Joe Orton - 2.2.17-7Joe Orton - 2.2.17-6Joe Orton - 2.2.17-5Joe Orton - 2.2.17-4Joe Orton - 2.2.17-3Joe Orton - 2.2.17-2Joe Orton - 2.2.17-1Joe Orton - 2.2.16-2Joe Orton - 2.2.16-1Joe Orton - 2.2.15-3Robert Scheck - 2.2.15-1- Resolves: RHEL-31857 - httpd:2.4/httpd: HTTP response splitting (CVE-2023-38709)- Resolves: RHEL-14448 - httpd: mod_macro: out-of-bounds read vulnerability (CVE-2023-31122)- mod_xml2enc: fix media type handling Resolves: RHEL-14321- change for CentOS Stream Branding- Resolves: #2221083 - Apache Bug 57087: mod_proxy_fcgi doesn't send cgi CONTENT_LENGTH variable when the client request used Transfer-Encoding:chunked- Fix issue found by covscan - Related: #2159603- Another rebuild because of mistake in workflow - Related: #2159603- Rebuild because of mistake in workflow - Related: #2159603- Resolves: #2159603 - mod_status lists BusyWorkers IdleWorkers keys twice- Resolves: #2176723 - CVE-2023-27522 httpd:2.4/httpd: mod_proxy_uwsgi HTTP response splitting- Resolves: #2190133 - mod_rewrite regression with CVE-2023-25690- Resolves: #2177748 - CVE-2023-25690 httpd:2.4/httpd: HTTP request splitting with mod_rewrite and mod_proxy- Resolves: #2162499 - CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write of zero byte - Resolves: #2162485 - CVE-2022-37436 httpd: mod_proxy: HTTP response splitting - Resolves: #2162509 - CVE-2022-36760 httpd: mod_proxy_ajp: Possible request smuggling- Resolves: #2155961 - prevent sscg creating /dhparams.pem- Resolves: #2095650 - Dependency from mod_http2 on httpd broken- Resolves: #2050888 - httpd with SSL fails to start unless hostname command was installed- Add the SNI support in mod_proxy_wstunnel module for Apache httpd - Resolves: rhbz#2017543- Resolves: #2097015 - CVE-2022-28614 httpd:2.4/httpd: out-of-bounds read via ap_rwrite() - Resolves: #2097031 - CVE-2022-28615 httpd:2.4/httpd: out-of-bounds read in ap_strcmp_match() - Resolves: #2097458 - CVE-2022-30522 httpd:2.4/httpd: mod_sed: DoS vulnerability - Resolves: #2097480 - CVE-2022-30556 httpd:2.4/httpd: mod_lua: Information disclosure with websockets - Resolves: #2098247 - CVE-2022-31813 httpd:2.4/httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism - Resolves: #2097451 - CVE-2022-29404 httpd:2.4/httpd: mod_lua: DoS in r:parsebody - Resolves: #2096997 - CVE-2022-26377 httpd:2.4/httpd: mod_proxy_ajp: Possible request smuggling- Resolves: #2065237 - CVE-2022-22719 httpd:2.4/httpd: mod_lua: Use of uninitialized value of in r:parsebody - Resolves: #2065267 - CVE-2022-22721 httpd:2.4/httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody - Resolves: #2065324 - CVE-2022-23943 httpd:2.4/httpd: mod_sed: Read/write beyond bounds- Resolves: #2090848 - CVE-2020-13950 httpd:2.4/httpd: mod_proxy NULL pointer dereference- Resolves: #2065249 - CVE-2022-22720 httpd:2.4/httpd: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier- Resolves: #2035030 - CVE-2021-44224 httpd:2.4/httpd: possible NULL dereference or SSRF in forward proxy configurations- Resolves: #2035063 - CVE-2021-44790 httpd:2.4/httpd: mod_lua: possible buffer overflow when parsing multipart content- Resolves: #2007199 - CVE-2021-36160 httpd:2.4/httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path - Resolves: #1972491 - CVE-2021-33193 httpd:2.4/mod_http2: Request splitting via HTTP/2 method injection and mod_proxy- Resolves: #1968278 - CVE-2020-35452 httpd:2.4/httpd: Single zero byte stack overflow in mod_auth_digest - Resolves: #2001046 - Apache httpd OOME with mod_dav in RHEL 8 - Resolves: #2005128 (CVE-2021-34798) - CVE-2021-34798 httpd: NULL pointer dereference via malformed requests - Resolves: #1984828 - mod_proxy_hcheck piles up health checks leading to high memory consumption - Resolves: #2005119 - CVE-2021-39275 httpd: out-of-bounds write in ap_escape_quotes() via malicious input- Related: #2007236 - CVE-2021-40438 httpd:2.4/httpd: mod_proxy: SSRF via a crafted request uri-path- Resolves: #2007236 - CVE-2021-40438 httpd:2.4/httpd: mod_proxy: SSRF via a crafted request uri-path - Resolves: #1969229 - CVE-2021-26691 httpd:2.4/httpd: Heap overflow in mod_session- Resolves: #1680111 - httpd sends reply to HTTPS GET using two TLS records - Resolves: #1905613 - mod_ssl does not like valid certificate chain - Resolves: #1935742 - [RFE] backport samesite/httponly/secure flags for usertrack - Resolves: #1972500 - CVE-2021-30641 httpd:2.4/httpd: MergeSlashes regression - Resolves: #1968307 - CVE-2021-26690 httpd:2.4/httpd: mod_session NULL pointer dereference in parser - Resolves: #1934741 - Apache trademark update - new logo- Resolves: #1952557 - mod_proxy_wstunnel.html is a malformed XML - Resolves: #1937334 - SSLProtocol with based virtual hosts- prevent htcacheclean from while break when first file processed- Resolves: #1918741 - Thousands of /tmp/modproxy.tmp.* files created by apache- Resolves: #1883648 - [RFE] Update httpd directive SSLProxyMachineCertificateFile to be able to handle certs without matching private key- Resolves: #1896176 - [RFE] ProxyWebsocketIdleTimeout from httpd mod_proxy_wstunnel - Resolves: #1847585 - mod_ldap: High CPU usage at apr_ldap_rebind_remove()- Resolves: #1651376 - centralizing default index.html for httpd- Resolves: #1868608 - Intermittent Segfault in Apache httpd due to pool concurrency issues - Resolves: #1861380 - httpd/mod_proxy_http/mod_ssl aborted when sending a client cert to backend server - Resolves: #1680118 - unorderly connection close when client attempts renegotiation- Resolves: #1677590 - CVE-2018-17199 httpd:2.4/httpd: mod_session_cookie does not respect expiry time - Resolves: #1869075 - CVE-2020-11984 httpd:2.4/httpd: mod_proxy_uswgi buffer overflow - Resolves: #1872828 - httpd: typo in htpasswd, contained in httpd-tools package - Resolves: #1869576 - httpd : mod_proxy should allow to specify Proxy-Authorization in ProxyRemote directive - Resolves: #1875844 - mod_cgid takes CGIDScriptTimeout x 2 seconds for timeout - Resolves: #1891829 - mod_proxy_hcheck Doesn't perform checks when in a balancer- Resolves: #1209162 - support logging to journald from CustomLog- Resolves: #1823263 (CVE-2020-1934) - CVE-2020-1934 httpd: mod_proxy_ftp use of uninitialized value- Related: #1771847 - BalancerMember ping parameter for mod_proxy_http doesn't work- Resolves: #1823259 - CVE-2020-1927 httpd:2.4/httpd: mod_rewrite configurations vulnerable to open redirect - Resolves: #1747284 - CVE-2019-10098 httpd:2.4/httpd: mod_rewrite potential open redirect - Resolves: #1747281 - CVE-2019-10092 httpd:2.4/httpd: limited cross-site scripting in mod_proxy error page - Resolves: #1747291 - CVE-2019-10097 httpd:2.4/httpd: null-pointer dereference in mod_remoteip - Resolves: #1771847 - BalancerMember ping parameter for mod_proxy_http doesn't work - Resolves: #1794728 - Backport of SessionExpiryUpdateInterval directive- Resolves: #1775158 - POST request with TLS 1.3 PHA client auth fails: Re-negotiation handshake failed: Client certificate missing- Resolves: #1704317 - Add support for SSLKEYLOGFILE- mod_cgid: enable fd passing (#1633224)- Resolves: #1744121 - Unexpected OCSP in proxy SSL connection - Resolves: #1725031 - htpasswd: support SHA-x passwords for FIPS compatibility - Resolves: #1633224 - mod_cgid logging issues- remove bundled mod_md module - Related: #1747898 - add mod_md package- Resolves: #1744999 - CVE-2019-9511 httpd:2.4/mod_http2: HTTP/2: large amount of data request leads to denial of service - Resolves: #1745086 - CVE-2019-9516 httpd:2.4/mod_http2: HTTP/2: 0-length headers leads to denial of service - Resolves: #1745154 - CVE-2019-9517 httpd:2.4/mod_http2: HTTP/2: request for large response leads to denial of service- Resolves: #1730721 - absolute path used for default state and runtime dir by default- Resolves: #1724549 - httpd response contains garbage in Content-Type header- Resolves: #1696142 - CVE-2019-0217 httpd:2.4/httpd: mod_auth_digest: access control bypass due to race condition - Resolves: #1696097 - CVE-2019-0220 httpd:2.4/httpd: URL normalization inconsistency - Resolves: #1669221 - `ExtendedStatus Off` directive when using mod_systemd causes systemctl to hang - Resolves: #1673022 - httpd can not be started with mod_md enabled- Resolves: #1695432 - CVE-2019-0211 httpd: privilege escalation from modules scripts - Resolves: #1696091 - CVE-2019-0215 httpd:2.4/httpd: mod_ssl: access control bypass when using per-location client certification authentication- Resolves: #1672977 - state-dir corruption on reload- Resolves: #1670716 - Coredump when starting in FIPS mode- add security fix for CVE-2019-0190 (#1671282)- add DefaultStateDir/ap_state_dir_relative() (#1653009) - mod_dav_fs: use state dir for default DAVLockDB - mod_md: use state dir for default MDStoreDir- add httpd.conf(5) (#1611361)- Resolves: #1652966 - Missing RELEASE in http header- Resolves: #1641951 - No Documentation= line in htcacheclean.service files- Resolves: #1643713 - TLS connection allowed while all protocols are forbidden- mod_ssl: fix off-by-one causing crashes in CGI children (#1649428)- Resolves: #1644625 - httpd rebase to 2.4.37- Related: #1493510 - RFE: httpd, add IP_FREEBIND support for Listen- mod_ssl: allow sending multiple CA names which differ only in case- mod_ssl: drop SSLRandomSeed from default config (#1638730) - mod_ssl: follow OpenSSL protocol defaults if SSLProtocol is not configured (Rob Crittenden, #1638738)- mod_ssl: don't require SSLCryptoDevice to be set for PKCS#11 cert- Resolves: #1635681 - sync with Fedora 28/29 httpd - comment-out SSLProtocol, SSLProxyProtocol from ssl.conf in default configuration; now follow OpenSSL system default (#1468322) - dropped NPN support - mod_md: change hard-coded default MdStoreDir to state/md (#1563846) - don't block on service try-restart in posttrans scriptlet - build and load mod_brotli - mod_systemd: show bound ports in status and log to journal at startup - updated httpd.service.xml man page - tweak wording in privkey passphrase prompt - drop sslmultiproxy patch - apachectl: don't read /etc/sysconfig/httpd - drop irrelevant Obsoletes for devel subpackage - move instantiated httpd@.service to main httpd package- Resolves: #1602548 - various covscan fixes- apache httpd can work with TLS 1.3 (#1617997) - drop SSLv3 support patch- new version 2.4.35 (#1632754)- mod_ssl: enable SSLv3 and change behavior of "SSLProtocol All" configuration (#1622630)- mod_ssl: add PKCS#11 cert/key support (Anderson Sasaki, #1527084)- new version 2.4.33 - add mod_md subpackage; load mod_proxy_uwsgi by default- remove %ghosted /etc/sysconfig/httpd (#1572676)- Resolves: #1512563 - httpd: update welcome page branding - Resolves: #1511123 - RFE: httpd use event MPM by default - Resolves: #1493510 - RFE: httpd, add IP_FREEBIND support for Listen- new version 2.4.28- add notes on enabling httpd_graceful_shutdown boolean for prefork- drop Requires(post) for mod_ssl- better error handling in httpd-ssl-gencerts (#1494556)- Require sscg 2.2.0 for creating service and CA certificates together- Address CVE-2017-9798 by applying patch from upstream (#1490344)- use sscg defaults; append CA cert to generated cert - document httpd-init.service in httpd-init.service(8)- Address CVE-2017-9798 by applying patch from upstream (#1490344)- Generate SSL certificates on service start, not %posttrans- move httpd.service.d, httpd.socket.d dirs to -filesystem- add new content-length filter (upstream PR 61222)- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- update mod_systemd (r1802251)- switch to event by default for Fedora 27 and later (#1471708)- Resolves: #1469959 - httpd update cleaned out /etc/sysconfig- new version 2.4.27- mod_proxy_fcgi: fix further regressions (PR 61202)- new version 2.4.26- move unit man pages to section 8, add as Documentation= in units- add httpd.service(5) and httpd.socket(5) man pages- require mod_http2, now packaged separately- Resolves: #1397243 - Backport Apache Bug 53098 - mod_proxy_ajp: patch to set worker secret passed to tomcat- Resolves: #1434916 - httpd.service: Failed with result timeout- link only httpd, not support/* against -lselinux -lsystemd- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild- mod_watchdog: restrict thread lifetime (#1410883)- Resolves: #1358875 - require nghttp2 >= 1.5.0- new version 2.4.25- Resolves: #1401530 - CVE-2016-8740 httpd: Incomplete handling of LimitRequestFields directive in mod_http2- fix build with OpenSSL 1.1 (#1392900) - fix typos in ssl.conf (josef randinger, #1379407)- no longer package /etc/sysconfig/httpd - synch ssl.conf with upstream- add security fix for CVE-2016-5387- load mod_watchdog by default (#1353582)- restore build of mod_proxy_fdpass (#1325883) - improve check tests to catch configured-but-not-built modules- update to 2.4.23 (#1325883, #1353203) - load mod_proxy_hcheck - recommend use of "systemctl edit" in httpd.service- have "apachectl graceful" start httpd if not running, per man page- use redirects for lang-specific /manual/ URLs- fix welcome page HTML validity (Ville Skyttä)- remove httpd pre script (duplicate of httpd-filesystem's) - in httpd-filesystem pre script, create group/user iff non-existent- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- update to new version 2.4.18- re-enable mod_asis due to popular demand (#1284315)- fix crash when using -X argument (#1272234)- rebase socket activation patch to 2.4.17- update to 2.4.17 (#1271224) - build, load mod_http2 - don't build mod_asis, mod_file_cache - load mod_cache_socache, mod_proxy_wstunnel by default - check every built mod_* is configured - synch ssl.conf with upstream; disable SSLv3 by default- update to 2.4.16- mod_ssl: use "localhost" in the dummy SSL cert if len(FQDN) > 59 chars- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild- update to 2.4.12- fix compilation with lua-5.3- remove filter for auto-provides of httpd modules, it is not needed since F20- core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704) - mod_cache: fix NULL pointer dereference on empty Content-Type (CVE-2014-3581) - mod_proxy_fcgi: fix a potential crash with long headers (CVE-2014-3583) - mod_lua: fix handling of the Require line when a LuaAuthzProvider is used in multiple Require directives with different arguments (CVE-2014-8109)- require apr-util 1.5.x- use NoDelay and DeferAcceptSec in httpd.socket- increase suexec minimum acceptable uid/gid to 1000 (#1136391)- fix hostname requirement and conflict with openssl-libs- use KillMode=mixed in httpd.service (#1135122)- set vstring based on /etc/os-release (Pat Riehecky, #1114539)- pull in httpd-filesystem as Requires(pre) (#1128328) - fix cipher selection in default ssl.conf, depend on new OpenSSL (#1134348) - require hostname for mod_ssl post script (#1135118)- mod_systemd: updated to the latest version - use -lsystemd instead of -lsystemd-daemon (#1125084) - fix possible crash in SIGINT handling (#958934)- mod_ssl: treat "SSLCipherSuite PROFILE=..." as special (#1109119) - switch default ssl.conf to use PROFILE=SYSTEM (#1109119)- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- add /usr/bin/useradd dependency to -filesystem requires- fix creating apache user in pre script (#1128328)- enable mod_request by default for mod_auth_form - move disabled-by-default modules from 00-base.conf to 00-optional.conf- update to 2.4.10 - expand variables in docdir example configs- add support for systemd socket activation (#1111648)- remove conf.modules.d from httpd-filesystem subpackage (#1081453)- add httpd-filesystem subpackage (#1081453)- mod_ssl: don't use the default OpenSSL cipher suite in ssl.conf (#1109119)- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- add support for SetHandler + proxy (#1078970)- move macros from /etc/rpm to macros.d (#1074277) - remove unused patches- update to 2.4.9- use 2048-bit RSA key with SHA-256 signature in dummy certificate- Create drop directory for systemd snippets- remove provides of old MMN, because it contained double-dash (#1068851)- fix graceful restart using legacy actions- conflict with pre-1.5.0 APR - fix sslsninotreq patch- update to 2.4.7 (#1034071)- switch to requiring system-logos-httpd (#1031288)- change mmnisa to drop "-" altogether- drop ambiguous invalid "-" in RHS of httpd-mmn Provide, keeping old Provide for transition- systemd: use {MAINPID} notation to ensure /bin/kill has always the second arg- mod_ssl: allow SSLEngine to override Listen-based default (r1537535)- systemd: send SIGWINCH signal without httpd -k in ExecStop- load mod_macro by default (#998452) - add README to conf.modules.d - mod_proxy_http: add possible fix for threading issues (r1534321) - core: add fix for truncated output with CGI scripts (r1530793)- require fedora-logos-httpd (#1009162)- revert fix for dumping vhosts twice- update to 2.4.6 - mod_ssl: use revised NPN API (r1487772)- mod_unique_id: replace use of hostname + pid with PRNG output (#976666) - apxs: mention -p option in manpage- add patch for aarch64 (Dennis Gilmore, #925558)- remove duplicate apxs man page from httpd-tools- remove zombie dbmmanage script- return 400 Bad Request on malformed Host header- ignore /etc/sysconfig/httpd and document systemd way of setting env variables in this file- htpasswd/htdbm: fix hash generation bug (#956344) - do not dump vhosts twice in httpd -S output (#928761) - mod_cache: fix potential crash caused by uninitialized variable (#954109)- execute systemctl reload as result of apachectl graceful - mod_ssl: ignore SNI hints unless required by config - mod_cache: forward-port CacheMaxExpire "hard" option - mod_ssl: fall back on another module's proxy hook if mod_ssl proxy is not configured.- fix service file to not send SIGTERM after ExecStop (#906321, #912288)- protect MIMEMagicFile with IfModule (#893949)- really package mod_auth_form in mod_session (#915438)- update to 2.4.4 - fix duplicate ownership of mod_session config (#914901)- add mod_session subpackage, move mod_auth_form there (#894500)- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild- add systemd service for htcacheclean- drop patch for r1344712- filter mod_*.so auto-provides (thanks to rcollet) - pull in syslog logging fix from upstream (r1344712)- rebuild to pick up new apr-util-ldap- rebuild- pull upstream patch r1392850 in addition to r1387633- define PLATFORM in os.h using vendor string- use systemd script unconditionally (#850149)- use systemd scriptlets if available (#850149) - don't run posttrans restart if /etc/sysconfig/httpd-disable-posttrans exists- use systemctl from apachectl (#842736)- fix some error log spam with graceful-stop (r1387633) - minor mod_systemd tweaks- use IncludeOptional for conf.d/*.conf inclusion- adding mod_systemd to integrate with systemd better- mod_ssl: add check for proxy keypair match (upstream r1374214)- update to 2.4.3 (#849883) - own the docroot (#848121)- add mod_proxy fixes from upstream (r1366693, r1365604)- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- drop explicit version requirement on initscripts- mod_ext_filter: fix error_log warnings- support "configtest" and "graceful" as initscripts "legacy actions"- avoid use of "core" GIF for a "core" directory (#168776) - drop use of "syslog.target" in systemd unit file- use _unitdir for systemd unit file - use /run in unit file, ssl.conf- mod_ssl: fix NPN patch merge- move tmpfiles.d fragment into /usr/lib per new guidelines - package /run/httpd not /var/run/httpd - set runtimedir to /run/httpd likewise- fix htdbm/htpasswd crash on crypt() failure (#818684)- pull fix for NPN patch from upstream (r1345599)- update suexec patch to use LOG_AUTHPRIV facility- really fix autoindex.conf (thanks to remi@)- fix autoindex.conf to allow symlink to poweredby.png- suexec: use upstream version of patch for capability bit support- suexec: use syslog rather than suexec.log, drop dac_override capability- mod_ssl: add TLS NPN support (r1332643, #809599)- add BR on APR >= 1.4.0- use systemctl from logrotate (#221073)- pull from upstream: * use TLS close_notify alert for dummy_connection (r1326980+) * cleanup symbol exports (r1327036+)- really fix restart- tweak default ssl.conf - fix restart handling (#814645) - use graceful restart by default- update to 2.4.2- fix macros- add _httpd_moddir to macros- fix symlink for poweredby.png - fix manual.conf- add mod_proxy_html subpackage (w/mod_proxy_html + mod_xml2enc) - move mod_ldap, mod_authnz_ldap to mod_ldap subpackage- clean docroot better - ship proxy, ssl directories within /var/cache/httpd - default config: * unrestricted access to (only) /var/www * remove (commented) Mutex, MaxRanges, ScriptSock * split autoindex config to conf.d/autoindex.conf - ship additional example configs in docdir- update to 2.4.1 - adopt upstream default httpd.conf (almost verbatim) - split all LoadModules to conf.modules.d/*.conf - include conf.d/*.conf at end of httpd.conf - trim %changelog- fix build against PCRE 8.30- update to 2.2.22- Rebuild against PCRE 8.30- fix #783629 - start httpd after named- complete conversion to systemd, drop init script (#770311) - fix comments in /etc/sysconfig/httpd (#771024) - enable PrivateTmp in service file (#781440) - set LANG=C in /etc/sysconfig/httpd- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- fix #751591 - start httpd after remote-fs- allow change state of BalancerMember in mod_proxy_balancer web interface- Make mmn available as %{_httpd_mmn}. - Add .svgz to AddEncoding x-gzip example in httpd.conf.- update to 2.2.21- update to 2.2.20 - fix MPM stub man page generation- fix #707917 - add httpd-ssl-pass-dialog to ask for SSL password using systemd- rebuild while rpm-4.9.1 is untagged to remove trailing slash in provided directory names- fix #716621 - suexec now works without setuid bit- fix #689091 - backported patch from 2.3 branch to support IPv6 in logresolve- update to 2.2.19 - enable dbd, authn_dbd in default config- fix path expansion in service files- add systemd service files (#684175, thanks to Jóhann B. Guðmundsson)- minor updates to httpd.conf - drop old patches- rebuild- use arch-specific mmn- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- generate dummy mod_ssl cert with CA:FALSE constraint (#667841) - add man page stubs for httpd.event, httpd.worker - drop distcache support - add STOP_TIMEOUT support to init script- update default SSLCipherSuite per upstream trunk- fix requires (#667397)- de-ghost /var/run/httpd- add tmpfiles.d configuration, ghost /var/run/httpd (#656600)- drop setuid bit, use capabilities for suexec binary- update to 2.2.17- link everything using -z relro and -z now- update to 2.2.16- default config tweaks: * harden httpd.conf w.r.t. .htaccess restriction (#591293) * load mod_substitute, mod_version by default * drop proxy_ajp.conf, load mod_proxy_ajp in httpd.conf * add commented list of shipped-but-unloaded modules * bump up worker defaults a little * drop KeepAliveTimeout to 5 secs per upstream - fix LSB compliance in init script (#522074) - bundle NOTICE in -tools - use init script in logrotate postrotate to pick up PIDFILE - drop some old Obsoletes/Conflicts- update to 2.2.15 (#572404, #579311) 2.4.37-65.module+el8.10.0+1830+22f0c9e02.4.37-65.module+el8.10.0+1830+22f0c9e02.4.37-65.module+el8.10.0+1830+22f0c9e001-session.conf.build-iddb81b09e5d1cf0afd54dd95a42daeb19217e96eadffbbe2378732ed856a135697849475439dc33a2d6b3ac4bd0a317ba919b0c9ccb4ac008e384c7e12fe6f6f0ee8573cb58f155346be6d3fc0b7488a404e9ab7998088a9a511ed1143ce8a8mod_auth_form.somod_session.somod_session_cookie.somod_session_crypto.somod_session_dbd.so/etc/httpd/conf.modules.d//usr/lib//usr/lib/.build-id/a7//usr/lib/.build-id/b7//usr/lib/.build-id/be//usr/lib/.build-id/c6//usr/lib64/httpd/modules/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protectioncpioxz2aarch64-redhat-linux-gnuASCII textdirectoryELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=a7db81b09e5d1cf0afd54dd95a42daeb19217e96, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=c60b7488a404e9ab7998088a9a511ed1143ce8a8, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=a7eadffbbe2378732ed856a135697849475439dc, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=b733a2d6b3ac4bd0a317ba919b0c9ccb4ac008e3, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=be84c7e12fe6f6f0ee8573cb58f155346be6d3fc, stripped RRRRRR RRRRRR RRRRRR RRRRRR RRRRRR utf-8fd3054e2b38d7c2942923544ac2e6c747f4620f4a229b8d1218c96faffcb04a0httpd:2.4:8100020240701134220:e155f54d?07zXZ !#,Uy] b2u Q{LY7(e@ #ޖ2 q @LCFܯᵘ*BL.F20;D4n')]ԋ4) Kc'}qϸH3em(}֦LԡZ0l2ז41,4mmڻ/ep֊0@';8U*C7/Q@λi:R;**߾q{Ί8pBӔycp<' ,ѭk;=:1^rBK>ao~e"pBV~0Vz磆6g/tk=E{HMc3 Tjh:eQձKtLe0jܨ90ݥ})!qErϡ_Q;qN½[=^q>GY9*ȏ5UN ǥ}Y|Ɓ6)Ag~rMe1X_D#]O. vzu_oqYJ.\t: 3.Nej7;oBИ-pN'ITr١xFcIbmv{Dh|8O53|PՂ?[U rs*Uudz ;!e$O P@"(#4(9׷@W0eeD 3N_:gq&$^2ޔ;(k>j۶«tfR(zuDȱ4V`ws^BOpX1IK]:[n% GSvV汀=:,8\fM|vmbMH^]1 AU]MaW\\|etn&"a5̦THh|r؝HӠ#N61+$6ghMf )ГM(>n5 2YbHFVaYIm FĢpch4,Bb#( ¢Y褐o-|% (dsuO@>!6 9(2E㸤}V=5"a˶5f{K]*jp=9+BGWZBU$'1$@\7΄=w#>P5}^ԛO\Z"A>̝JYͯ5ͤXߡgALNc& OWnO*o1J9Otq\beC{f=mS6aGc!@/E %R#y--Ȏ_uחG %P,CΎ\(% -a\(_tx81K]=kwk@zۍ@s fڟd0 ڌ}Wg`.bX0j~ قc$%V2'U'E(yrwlu3i&%L³{"/BǴ,'s.1kxDV*8팝|7ۊJ|Sw!* Wїʼ^}-/?ҽ2[\p|a 9b ş`J-/M [ۍHc$~?q.XFD& `Y=<,'n yY 2_$7ٔ5QBMja z,Bxۍ:'O#hyHӫvcōҾgPBTt@n`_o K5Tھ_t8p%v[c fWa(,3GV-TťD̯d2zCnCr>u@R@K/f4 tc|y-ƙ_'D`:'Dc$ѽ&,#YSC=d} H%BDިݟ齖k՟R[0tQpIzeㆽ̶pX6ۺz`^=?ST>W}683bq,MudִeԄkì,h0\YE*R:P ЧָcKxbO( HHrYmw$n2rX~Q2[·DZ|8C'Զ _ >_cFn04ZfMӨ0DaBd"~[IJ ?1p%`(rrQrb?ۚMaF?:Z;xABܿeݑhgq!0mםYTf9pǡ[*v=v:ZIJ1مT%?,$pnǖv㌝YZJYMQ A@$RbV-Iy(%R(_(7L|.6E=I" ,1HO[G*y}in(U`9t\n0jm 7z'>)RI5bV㭦ٷHUdig4F_yRr[.gӱ3hV&Ӑ> Q;1 ځeG\ՒxYY_Uͮ?c{44m-zNPfH9ơA.?BQG+Z pGx./CE@3K1pB(2&‘2KG0-//KT{dC)ߋ:#9L_~%/PT;#nuYL !hjw5K7[d,[;YV ~!Kmw͆_FN8^Lq:Gg ;y0UWp?&vD'DD1m ׹>z:K#NV&r[qp7bAO2v!+"VT3sEgdдSQN!$V0U AA =z %]ђ }`>wl44'? 4*"<="/XTF$8-Ɋ φ :-0w ac,n`NAPma6@YU^*)шP^PR"X37d1'K;jŀ^C`VF txI2ЁQ"kÐ!vjxW?7:Jۍ#1XFqstS ib[|Tg.wϵ(;&6S0x%W*!z#Mח$g?E,仫3re3HF=9񛎄H= 3_:K0ۻf]֕>JY/~j$r |\p$/))yc SA9%Ғׯ3ܝer~O5Ka!X\JU'x#;\ IBo%w6*z5f{A>$ 4Z_R~7IeO2{NMl gc) hw{,奂4?JXhXK/|`MLhk\GsR+5gYoCOٵoLx p҄qyCpWR@z9PTYeE ,F<~Ovݓ9l`zi; }ϙl M;O{] uTkUw϶*i H-FW}ԛ`gJG֥);EN-#Rk|Xga#HU.@sOALO°gZMbRg`V{p@Xw*A[WNb_=?St1^0*ypř7|xiiEA"V4n,<]{Ny)r qC^A+PHA8@uy\sLS+;г~~vOCs<<vir\s#1IXy|.S1k^Bܥ!eN@ىMQۤ^NǀPxe  \_0'MO,K? *$: P~2`y {܅9oy\AEhb΁SlDw#oS!"n6!hxcDDF>rc+J$ihYu_c(dc6ϲ88.S 'Qq𥤎ė^|K`=H]G2^ຣ⦜Dg;), =蛔:b`ԋ8/"`]YT1*CT);c}k"\Dm 71,[8Izgec"Itpp"a^m:K=Ťg̀0GIombtiPI.pyħu,lVeF$QVh 1Q|zȃ^ l]MX~[y&cXuMKXr^iCK#oŧdSS.s hW/ @ekeeD#[7P,*ڗ[L G^ew PǙ ¡ w7p8&=1RGhcJ& :c{Vn)>N N['7R=ѭ6L NpvBо$uemsDq?D6+Ψ:i?,d".k鳵u+|^d @ PRRQCqRFRK0E~ܔ)zNNt_?onfn͌|贚OQ7eE/\4 dү};: dM5C ό1,}dXJi4O},6]5fIH\^Pz|@X3`!.!O:d'Kg]v;UQu;+j鉉tk6;2ry]i`%#ٲTȲ9uZw`X2^<{W:0G׬}^r~`X7r[u5o<|0uJyj#J0tMf̑׹^kK!q?rBF4>Q`G{>gN>t7/Levz-DZ{fhJmUV6kfavA ;_^WG.F ш[Joo^Sq\ΘtP*}UǮ1_i !Z@Tq,iG xv hU=enlY ȄO@ȸ1ncoz\r޷ m&V4:9N yc]|P=O[yQH'U2bġT|vgh8A ՗*ef<)LX~mn".6JFMtQ`wLȠ׌j&F9 (!ӯj1a:x2e4I Fq[ 0:K{$Pq _#?"SS>Ŷ$:)sY6Xp ON.D*A @! |L]GSBr!EFTڟTK*P.;`uꖥ!-Roz;u!4$U :A=U)h岡M[Dw8&$ YAw(|&r~SdQlYa˲3@ǴᢦJkLTq=ĵm {?#D [K':$-Y.3gb1f4ˉK05(zjԚ!}~kme(\eo>"dF &F"^`1@\˩[)H52ix/rҸrpߺ{ tSE ;.3~Ej>3.d`%CLI>|'#H#;(2Q%~/_er$3iq,a,}ӟ.TLqڔū;۸4[Ot$yoӢS^C^*Yj :ǫ[̡1]8Լ#h lL-}40rM ,<k׀b2 縵E$%De? LSHmOfɵGj!N1jca)Y(b>9%c"TI2 ֜wb`= WhCT”-5z%- I&!lK- @YFa5y&̱WY`}D#x[3dF23ìėڅJ3չ s*wP<b!L@gȦTI՛q9>9g(Wly%2XݬU~=N o.g4lOvI1Ѥ\.=tA^nsx,NWKjiWtXSlԖ1ا]E*z] ^\ & *@CL^^(;ˎ"8# +xI#l.5ۏ2o?%u}Ļ1t#E4ބGqԾC=ZدUt=e;$j"5;bU[%Fk&B{a~ҕ[>1g{R)^\__XJF0wlWl_b _5=LZ/+mԆavhgutKt=ЏJU[~8g;;Tߥv*鵤JzJ#\di =,ːE0!ڴmzI}.8ua ZmEU\-SuR-7qDO\mgaSE5Fow䧽|su [R&ӭ I\8 UN23Fl1ް# @-*sM!H<|3T +1VN?&{&FrQG+G@K)8f<Ҏv 3M:s3eFg!y`LVd%~P0f\@λh~~5#`' ;Zu=! gNkHV6/ hGZ;%\@ G_4-Q̸6o-:̄m5JecD0ôn2 VĎ&E f9.VEO8kBـIQRO]FdP5mk^k 1쪆H,'FV &Vk5|D[|SBpڱ(/+k%#Q&*"%lej4F)3]DnK"gF/6Z(,Ί0~#5ʁga؝ UXdE0EƏl,рe %C$v7$GR< A>;,܁&)Se$@pj`eItT1KM6 eDH>ܟSm Sdcn)S/0~>b9 ׁFqϳP|Cf٦EOڧc#UuoA ,Wlhh/nF}™x 0V#xvia%(x-igM˲=]asy:aPĠw+-D$1ΊB$?iAuNnW^֞-4A4cd~6z4A$9q0SOsm@a-S& xuB 5Y@p>T,u} CXJ&*_ w8|ﶼ3{JkS&5~jT,,`/Eah H.uu=xtTdB)V=:.AAefuV#q~5A'8i+j I@ShِHuK9raKjJ_`+ƌN;_׶kYI|K&=%? @[nxʔCc?Pɿ,4"B-^a"V2ڌ?@('cLww"Å.$>(9'IVb/)pk!i؅|&%z(@L`Fی0b0|ulxlg^OhPv)cS&z! ˂m7EA3ir$1y^ [X,[YxZJ@U۽>>'@j,.ޘ9P"6FiNS z4lO冁v"bjsU߉nYǤ;wwP![3ֈd98+l(Zb& cvrI٘HɿےO{{~XG?;PلNV{qV V/$.wS5mӮf1H^XًȬh{@bM@@X\MV<^:uDZzSwOKG(l)!~x j؜=7q7̼qBo~՞1ȴE|Cչ' i/+Zxtb{jvz$%孞F#!|-ÖIwONE3lj5aԽ󬑎sfp믷2YU0'6/X)A5t;2ONkYܠyv+Fdak'E;(>>/gz+ B H>V#ߓ7z2_o܃霨VxWVՃrj(ƒly1Q p򃘐YդV@Oq[b ׷&^\2.O+X+o 댖!2 f"}~n $f-!-Ev\+|Jsun+'Ehx,Y1MU|8! hb©o4(8ΐKKm-X| {6n-XN_;%hG` ;O$^ʖb 7sm3m)}1*i|x;jkۺ>n.s+ 2>9N̦H/! h4tD,Y&hFNJ=wEt&uE$,N72"*ů0mMVx Nv@MN  ͺ<4K-aH?db8Q)޻ޟ`: Cv-` qJ9 hЅ }Ffdxu>zuq9{!ߜW*D{k羋3 U'@ aRH;"6^ikQ.ɋϙYW+.a77-> h!pXgU ES6tpjx(qvQa\Zπť-,7T,M`Nw:m۬pH̄SR4^-U"Y\!@و8s<.v}Է]eTVHL!9q2u~\.{bY2 392 7 7:5 v=uQ~$ueAGTȑ# MQ5t&/ p&V +dH)L_;\-dĽXT9F둢eV*O}b~Rv뭂RӶI%$aN^;TSŻCAS>Ks\_gBI8wc~uQt)@, K' qcעW%oZ6_#) ըj K3C1&ֆ(MpRB1ފuP 0fewy YAbİi~rip)TIc#CC\tn* D~vҜCH9wA ̪~,(aC`ۃPcjܗT^ˑ\ƒ %LPW>qJ4]-Z0 ^ZBBq O@q9L˙J> lʈ djo$Im؋N{甇3k@Fɼ\F_"FGN͡_Z:hca-~%:}y$^1w0w :,D&G ]}d!岲>OgGAc` _r[Io4gG 5|zu)}NbCO{~UHgmA:NT:@~*,Jw>oy D{N,0Œk[ ^fN{FhZ˃> VO`yqyv㮋e _鷑/5YT>D(׆ׯlJ,v ƖWkF[0So 4fRX|죀mQttfBp Qڇ̔!N1S]ZV܎##Ht$~+m l.>>5S={yi BNVK6U*BeVIeÃ<Cc)_n'w/Ҽ0a0dzȗ;z@+ހ:理Ǖcl`!Ak*s-jz77u- a V6oyZpi RO>%Zd  ݋wE?K/7}Upݔ=,"lehJ(U)N1X(; ^:<,t59ݝ06Q~z֬O5`pBekn9؈FWI`ѝTHvm<v&Oі3U@ j*̦'-7A6czG# &p/)l~; tWiK㡜}L|5OPV#"we"ny5Dw NT-kGo]Ðt$@ŵs2p0$U TQsNLJyOOWcz+ymÖN֎ vx*gyb_ qY;n1 Z64nUjvTHpnb0f17L+ևtbG8n\.0IHIUQ`NH eDE)݌C~VA 3JbnR~qv-_(߶ڟu7"ne;c#B &O!Q]1’47a@ꄗ,OY<_^.>yw\to߿r,1ӱ)Eͼ/{Tcwz6Fg[.\9RdajLOoN-~*xޅϤGP,mKUI0W7w].jDTsrzW+.BџP*]hEBXtoYv.{9.[PAͪR9{pXxC߿Li[Nׄ߫6Maו|?3|aCoрK6WIdžZ bR$a_τ!|T &\YjA&gf>.΂˞9/ W*$[%q/52;/G|m#ˍcHø $RRY}RC2{c?j^"k5%YUԒ&CJ{%N*uV1wҝ$ۼ2 U'va =*渮aN VOW ضY cHcf? :i[=|8oE Am3G (FIS?Rn<8BZma* J`dԟ0Tb&C2e7:̆uتaƊC/ 18݆} QIqa wsڲ^_jet:k@~TS>A/HU Tfq1hx{%p)t:oy[Ix+Sz_ ӰyF-vZ@sqxMb~[ǎ]@@1RZ?geZHjoB2|*scx'9iqetIs-0f9흏8H"8U9ҫ^ C&so`xH$0I`ZLpSLړ&1O>a2;$ٛHu/cB׮.DWYx Ah0P9djpXn]dfami^BۘRHtWUM8Lq)Y]'~|5 &ʰ]SEtsת5u> yS]kC,,.=BGrI ;;O:# {H-EK]Bnk {*}!.gHg+BXZ:I0a(g?o12s/8;l7;&}@=T?'SwycRLys3tg[}P|p_GW]Fe؛zM[YhiJp a(E=2Zlc[Upw to^sΟ${Bf_:_1`bժ 6Rإc0b=pmGZ{ig ( 7SXIXr9G&9)gD#eO %Q6ہB d0NSD&I6q;8N :suz̥U ;`ɘ7+r ˱VXfBff:xAB/tY,'s )o|Hp5'QATU{l\e{[Zuz՟x3En/um<(MFp I @4$M糤XWހxngsmoSeQ+[*Vaf/Q}<ݘ ɬr+j(P+4eg>' \*o浻')AQ@%(Љh >-+B[(j#e}~@(} n;:3 ioR>@!3̪bo>H_3ʿq"uf_GRyÆ(& cBW@)몲ϐWu1r](`"&@l&QFq>ufSn‚pB巗Fp&ݎc,~,e6hz. .M(bflU?Z!6Tn-ڣIh7D8/HqۮȨ8/JguҮ?SRyt]w )xmϸWrmIrő])1l%^B>N=kS;?XhZUFG`9fb߭g('Syܼ:Ҭ*vX^O+Q=eMgd~t}S$C~w'˄PL\^W]r05!c룪\IS]\g~57j~֢va~^6JrIJD=`$Rn%7MN+ZBs/ tN =:?& h͒g%u:B?ߍ݈ V1MTWuժIPބYPjP㑠hKZ[ +/nuܧ +Pu UρR5^4 ʤH!1@mAOM0!b+ÑS;/\r.דL =;uM(aWۗz&I\C+\ "${ oj4 _z:yFk [40> 7QQt{ 7O\I럔T&T{j|F;4p>r bBW^IC &"v5ߍs$ NߺY#3U[BYq9:saYQIŰrNXpնgw U?N*_<&͡=Un Ҷi dш5㍣5hE>fi=Fqv Lv?Dn=qN/2l-Rs)cJxsC|LJ; 3 @S`@Ɠ;n/ʗ: H 2()Ul}6rPĦ&N4Jp!.y_+uo /aLMn= ؎*X/"rX>1T|3|4 qڂ"5 ՠx%lcuь-%3Y0ۚtdCNp-;K.BWRNu/^:p#ޤ7VCw rNJSImMEKfyl n^VJ|//Iٗn#x܃*pӛ@O Wsw xaf8zЈ#,9c@pHa J}~喜YW.`&Rց3QmJwTbŇU&!y#JHnA7 Sn'c|m ~8 z˂-Mb7~=x2s8oz)e-PXPGqśC(O^@-_w$OHaCKo c? y~Xzl dx +.͢%;n~0k3ٛ{@btg ͖\ 79~6c:DStl$wJ+*nL-L0׾2ΕH'@WkLl]+_IPXehr$҆\M\cTtֆ~U[2܁b 똴K.#PpR=Y) \;bqFvS";3hAO= i_3Q^ aok ~,K4ċc}EJhS|\JrXXWy&ySOێF+Jb^X%+M{7ۦ A[K@?5 Mv|= tYVv oFN- ԣ$|A$[ha"_9փW .j 7yd55S}xB4XA۫&5dlL[NhrN+GFW@/\k6nr9=^NobhZbwe6*ۈz+v';#*_"-w .ZSՌyĕ5[Hz*L*=t߆I3D"@PbmW0O  իv⎗\l=K>He7n)<|.{`O40R?OžǑT QEq)^=q$Wě$8"l[{ -`T,ApjPRG|"|QVP 1 n3aU-F6tY1U ^ف`*.Rr/t,Zx6&*CfJy>dI|!#!WvZ}VHKzr>1"(Sw<"Q\'y,/6&f?(cp9(7:wy8n$$D /21,^RJ@_m 2gOeKQ=}ޢ탑'X0CQbޑӓsYXXSk쌂#c>K*ƀsܳdF9o#+!tO\NCźg cxFr|?A^Gtȍ*UeE_g`;f쌓+93iHDTL3O+1m@]#xNkT?1_IJR ݮ#BӣRꆝp骖U_e_y~h(xpkwdW~U fNH& "F=G[S>()*ݷ](6^kpA OW<Щ ꜟm?#!c}5@t# Tn*}#qpsgYU7KA>܅_" pbQt9\-^}=cx=Lгd"L{~ä9rb}h},3jSp(ɉbDrRŚ<0*8\7Vegs;ap ZSrs>숆>HLXvy<+!^x?"q@~znȲ(*`90]6ҡd[XV ^ֆ\:-p#ٸ3jcrT+ -_:}}b<Ɨ%08h9?gC.MdUF|PZvn-><# o B}1'.bULd zhHb>O W^qs]p0^}['0)4^؜9e;zS%1Gf$)Qy42gRRTŀ::"gU%l0EyGk_:G.jֺ4'(V,nn wQ8E.T(2urs\)*MԝkQ  eDš`C8ůKB' K6Uc;&Fa&g}.M*a憅 к|SnNSn@ҍ.מۆ`- 0vF"hi@Dݻu_|(U$f"q@צM`)cu)r(%uFe 5eCw~yI+|?x?6Qw#B,xbb8%"\I?܋h/PS._d:v0lF֢pw^[諠ޢGټ\0 9S:p< PY{_VJ$\ȏJ^"˜+񋊳]k 6.2'Q,lZLbC^# y0b oCmXⰰ(ֺ|c=yݗbA(OkQoltKxÏb jLXkV/%F*vyT@UkBݦ3`Xh8:Obpp\֊ahLPbErZKtq'e,vO5۠+<kvC"$lm((/޾m05bUuѝ# ĀL%z\ &wǨ D{&$|DKwU%nK򣯴-Ku)Җj%]׈!@'>zBhm%d2Az;z|t7 MSؓq^mLN.,hȾWA&}:}ҮA}|(NŃD ac̨oiD'rXe ؼ(xHGF,1́\m*sYX٦=5zA+{qjЀ@~{\6Vc(4@'?T-yi\y:)m䋙lX'Q0=9U,/SƘwTD Enh@TBFf+t:vM:x C:/F< JbFR {- D '/iEcmXy./;*'5G'W%i kk!}vJ&;n5 VU8rƉ-+pi~U/Fj:~\ J{DLo<q` `4ju@M83&1+uLɎj$ aIƏ5@y*5dG+f1iH 8́,o;J(۰a7˕`/x : NRJC`>*ګ2Pb( _&]~dd!~3"t-&'mPvƘ3= "lF4mo0Q(׈rn\c xAj0Q脋(*V;¬0'$;*٥TR&թp b t, &^N`jdYDlt#]|8g.̉.Fc'D{޿7!FrgVf 8Je~ oCAU 8wvC>8>[HqQ 5 +ާt}[1Lc5mJs}'t8{n-k+鼄OڔeΉAr"&ɶBE SD !m*)cD470U3cM>8[r|}/ovGA5 {[ XC4W_EMۀE?_xQ³^mD^@,Q-Y^f_2aZOp^uv|v#BB'l؝h"9 4N)DIkNQ śi+ceӝP[@&yE #t#@ p=,QPBGX%Y Bհ/ Rbh(Z bls͑h<+lxQ/8u nCŠ YS&Q qi4W弙LT 3i|BfNa۟&X;ahE.Y '^5\jEغ[429hו>1Kli1`XDS3$C8~F.\P ɦkU:{7&K(RfL!p,,5Sd<̶)8x#}ZY`(*Ϝa{ T[rZXcA?X\"EN,*79r+j FDcF" zBaR;+;^Ed@ÅhsZr7!PIs;U $]l :Q?/ PWlBNٺ4X+R"qNYnX+ F/nu=3_~嬈T `tQ=vK379:)-] cX{dttv#ӍpMPaDi78'5{~sy"G:Do1TksCwgZf2#u4~m,:|yLMJ`L}xelNcհJ%HgiQZ0hp&=60`^֦@#"ݿ8g¬@]t2hTTHՅJd70b Ud eH}T?36'g8ϰp#̗ M3Ԇ p֌z7}ܦʐ͵ˏƩ"xossz&ڦ͒\EaL4ʾZpo.6չL}89D!=Q }SeW`⸙OGr>ʣz+z>1BKm+󭯀A qU:N]B.Eh}zGTri(t]pwP0ՇcIȭ^3Y/^Ň$dU9ouG5'y'hG eӜv'c\T~U슉 q (f)FOm肇 ncCv6[tzK'>'qxKi(WS=c?` 'rl c׶WFy[71Z@T:$_ \AmOJn*KnC4$Ե[4m^^O-g$Zw08*Yixg/bZ|_Ib΃]'T*4V87й=?}:ǸB()Gh@u4<$u.7|ACw$یe,'B3tC5;iaf1xذfXd༭sRRI{R{s]R<ڢ>@$"qgް*ROO w`%%k,kUiVWmwk!Ùag>JFamЅO.͌BÓ2ɧ4M*]{i&."ct VhΩ(ge)g5)Jg)y&lˎ 8(ȸHku!*Y-qULA6k$p#oSsx?>ڜ#TWE&$@hɧa= &3)å5.Zs #Ҙik )e٩B©Bz|ⴥh7cJT/FΣM NF;*D#_7ЂA =\āWם>N%C#"L-"rn31Dž3~y>bsژ#, . eh:}Ϟv["R'6XJ$Iãǫ>gNl ꎭV\+:}ky , o֔bz9KuZIeحŕ̿bv32\s}4ѤiBNvhzXͩXI.Zћ"S{PjKsp)sQۙ9@0 4Am0\MIh갍T~L;@u6E!