nss-util-3.101.0-11.el8_10 > 6 6_6 3!pQp)Tξ7]mtZ`gf ]mtZ`1_׮H\5v㰪aL`A  mps2s;l0W)=cBvO?Єͽ3E9l %Y (ғ+oќ/j]zA^HK` qh㦴5(Qzq)1wSx0~ZG3&Gk2,/̃qG0S}iYU0vJoEO-|΁P>q03k+ROGИdgF7JSm+**JI}KG6z(V²_nv+Td{ gxƠt~_.wZ@mj15od%Nl!EsťO=v1Kjdѳn)+N,Ά|##\δp<@?0d   I 39@X d p   8Pn<(8 94:a G H$I<XDY\]^Hbd*e/f2l4tLudv|w$x<yT#,Cnss-util3.101.011.el8_10Network Security Services Utilities LibraryUtilities for Network Security Services and the Softoken modulegf ord1-prod-x86build001.svc.aws.rockylinux.org-`KojiRockyMPLv2.0infrastructure@rockylinux.orgUnspecifiedhttp://www.mozilla.org/projects/security/pki/nss/linuxi686"FAAA큤gf gf gf gegf fc47f197e32902bef7430359a7543e9f521df4ec4d612d8174e4e51d64f79543af8a20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4../../../../usr/lib/libnssutil3.sorootrootrootrootrootrootrootrootrootrootrootrootnss-3.101.0-11.el8_10.src.rpmlibnssutil3.solibnssutil3.so(NSSUTIL_3.101)libnssutil3.so(NSSUTIL_3.12)libnssutil3.so(NSSUTIL_3.12.3)libnssutil3.so(NSSUTIL_3.12.5)libnssutil3.so(NSSUTIL_3.12.7)libnssutil3.so(NSSUTIL_3.13)libnssutil3.so(NSSUTIL_3.14)libnssutil3.so(NSSUTIL_3.15)libnssutil3.so(NSSUTIL_3.17.1)libnssutil3.so(NSSUTIL_3.21)libnssutil3.so(NSSUTIL_3.24)libnssutil3.so(NSSUTIL_3.25)libnssutil3.so(NSSUTIL_3.31)libnssutil3.so(NSSUTIL_3.33)libnssutil3.so(NSSUTIL_3.38)libnssutil3.so(NSSUTIL_3.39)libnssutil3.so(NSSUTIL_3.59)libnssutil3.so(NSSUTIL_3.82)libnssutil3.so(NSSUTIL_3.90)libnssutil3.so(NSSUTIL_3.94)nss-utilnss-util(x86-32)@@@@@@@@@@@@@     @libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.3)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)libdl.so.2libnspr4.solibplc4.solibplds4.solibpthread.so.0libpthread.so.0(GLIBC_2.0)nsprrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)4.35.0-13.0.4-14.6.0-14.0-15.2-14.14.3g3C@g1g1g(@fKfxff@fqvf@e@e@epb@e\d˖d\@d\@dxb@b@bγby@bba@blbbb@a@@`E`ݮ@` @`ٹ`̊`9@`Ȗ@`D`r_@_^@___@__"@_"@_"@_!d_@_ L_ _@^^@@^@^ۅ@^4]N@]]߶]e@]M@]µ]L]]^@\F@\Q\\\\\\@\I\I\U@\ `\l@[[[u[#@[[W[O+[M@[ZZw@Z|;Zo Zo Zg#Z ZZZ@Y+@Y{YY@Yn@YV@Y@YyYm@Yg`YJ_Y1S@XX@XX @XXYX@X@XX~@Xx@XoX>@X*X@WW@Wt@W~Wv[@WrfWoWm WbWQq@WPWJWDB@W4p@W@Wo@W@VV޾V޾V@VяVIVɦV@V@V=@V@V@VO @VHsVEV3[V UYU@UU@U@U>Ua@Ug@U[%UUU @T@Ts@TTء@T@TÉ@TT@T@T?@T:m@T"@S@S<@S@S@S @SSSSpShS(5@S@SRy@RJ@R@RR@RSRR@Rm@Rg@RD!R@RRR|Q@Q*@QQ@QKQ@QQW@Qw@Q]k@QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.101.0-11Frantisek Krenzelok - 3.101.0-10Frantisek Krenzelok - 3.101.0-9Bob Relyea - 3.101.0-8Bob Relyea - 3.101.0-7Bob Relyea - 3.101.0-6Bob Relyea - 3.101.0-3Bob Relyea - 3.101.0-2Bob Relyea - 3.101.0-1Frantisek Krenzelok - 3.90.0-7Bob Relyea - 3.90.0-6Bob Relyea - 3.90.0-5Bob Relyea - 3.90.0-4Bob Relyea - 3.90.0-3.1Bob Relyea - 3.90.0-3Bob Relyea - 3.90.0-2Bob Relyea - 3.90.0-1Bob Relyea - 3.79.0-11Bob Relyea - 3.79.0-10Bob Relyea - 3.79.0-9Bob Relyea - 3.79.0-8Bob Relyea - 3.79.0-7Bob Relyea - 3.79.0-6Bob Relyea - 3.79.0-5Bob Relyea - 3.79.0-4Bob Relyea - 3.79.0-3Bob Relyea - 3.79.0-2Bob Relyea - 3.79.0-1Bob Relyea - 3.67.0-7Bob Relyea - 3.67.0-6Bob Relyea - 3.67.0-5Bob Relyea - 3.67.0-4Bob Relyea - 3.67.0-3Bob Relyea - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1.1Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-17Bob Relyea - 3.53.1-16Bob Relyea - 3.53.1-15Bob Relyea - 3.53.1-14Bob Relyea - 3.53.1-13Bob Relyea - 3.53.1-12Bob Relyea - 3.53.1-11Bob Relyea - 3.53.1-10Daiki Ueno - 3.53.1-9Daiki Ueno - 3.53.1-8Bob Relyea - 3.53.1-7Daiki Ueno - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Daiki Ueno - 3.53.0-1Bob Relyea - 3.44.0-15Bob Relyea - 3.44.0-14Bob Relyea - 3.44.0-13Daiki Ueno - 3.44.0-12Bob Relyea - 3.44.0-11Daiki Ueno - 3.44.0-10Bob Relyea - 3.44.0-9Bob Relyea - 3.44.0-8Daiki Ueno - 3.44.0-7Daiki Ueno - 3.44.0-6Daiki Ueno - 3.44.0-5Bob Relyea - 3.44.0-4.1Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Bob Relyea - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.41.0-5Bob Relyea - 3.41.0-4Daiki Ueno - 3.41.0-3Daiki Ueno - 3.41.0-2Daiki Ueno - 3.41.0-1Daiki Ueno - 3.39.0-1.5Bob Relyea - 3.39.0-1.4Daiki Ueno - 3.39.0-1.3Daiki Ueno - 3.39.0-1.2Daiki Ueno - 3.39.0-1.1Daiki Ueno - 3.39.0-1.0Daiki Ueno - 3.38.0-1.2Daiki Ueno - 3.38.0-1.1Daiki Ueno - 3.38.0-1.0Kai Engert - 3.36.1-1.2Daiki Ueno - 3.36.1-1.1Daiki Ueno - 3.36.1-1.0Daiki Ueno - 3.36.0-1.0Fedora Release Engineering - 3.35.0-5Kai Engert - 3.35.0-4Kai Engert - 3.35.0-3Daiki Ueno - 3.35.0-2Daiki Ueno - 3.34.0-2Daiki Ueno - 3.33.0-6Kai Engert - 3.33.0-5Kai Engert - 3.33.0-4Kai Engert - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.32.1-2Daiki Ueno - 3.32.0-4Kai Engert - 3.32.0-3Daiki Ueno - 3.32.0-2Fedora Release Engineering - 3.31.0-6Fedora Release Engineering - 3.31.0-5Daiki Ueno - 3.31.0-4Daiki Ueno - 3.31.0-3Daiki Ueno - 3.31.0-2Daiki Ueno - 3.30.2-3Daiki Ueno - 3.30.2-2Kai Engert - 3.30.0-3Daiki Ueno - 3.30.0-2Kai Engert - 3.29.1-3Daiki Ueno - 3.29.1-2Daiki Ueno - 3.29.0-3Daiki Ueno - 3.29.0-2Daiki Ueno - 3.28.1-6Daiki Ueno - 3.28.1-5Daiki Ueno - 3.28.1-4Daiki Ueno - 3.28.1-3Daiki Ueno - 3.28.1-2Daiki Ueno - 3.27.2-2Daiki Ueno - 3.27.0-5Kai Engert - 3.27.0-4Daiki Ueno - 3.27.0-3Daiki Ueno - 3.27.0-2Daiki Ueno - 3.26.0-2Elio Maldonado - 3.25.0-6Elio Maldonado - 3.25.0-5Elio Maldonado - 3.25.0-4Elio Maldonado - 3.25.0-3Elio Maldonado - 3.25.0-2Kamil Dudka - 3.24.0-3Elio Maldonado - 3.24.0-2.3Elio Maldonado - 3.24.0-2.2Elio Maldonado - 3.24.0-2.1Elio Maldonado - 3.24.0-2.0Elio Maldonado - 3.23.0-9Elio Maldonado - 3.23.0-8Elio Maldonado - 3.23.0-7Elio Maldonado - 3.23.0-6Elio Maldonado - 3.23.0-5Elio Maldonado - 3.23.0-4Elio Maldonado - 3.23.0-3Elio Maldonado - 3.23.0-2Elio Maldonado - 3.22.2-2Elio Maldonado - 3.22.1-3Elio Maldonado - 3.22.1-1Elio Maldonado - 3.22.0-3Elio Maldonado - 3.22.0-2Fedora Release Engineering - 3.21.0-7Elio Maldonado - 3.21.0-6Michal Toman - 3.21.0-5Elio Maldonado - 3.21.0-4Elio Maldonado - 3.21.0-3Elio Maldonado Batiz - 3.21.1-2Elio Maldonado - 3.20.1-2Elio Maldonado - 3.20.0-6Elio Maldonado - 3.20.0-5Elio Maldonado - 3.20.0-4Elio Maldonado - 3.20.0-3Elio Maldonado - 3.20.0-2Elio Maldonado - 3.19.3-2Elio Maldonado - 3.19.2-3Kai Engert - 3.19.2-2Kai Engert - 3.19.1-2Kai Engert - 3.19.0-2Kai Engert - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.17.4-5Till Maas - 3.17.4-4Elio Maldonado - 3.17.4-3Elio Maldonado - 3.17.4-2Elio Maldonado - 3.17.4-1Ville Skyttä - 3.17.3-4Elio Maldonado - 3.17.3-3Elio Maldonado - 3.17.3-2Elio Maldonado - 3.17.3-1Elio Maldonado - 3.17.2-2Elio Maldonado - 3.17.2-1Kai Engert - 3.17.1-1Kevin Fenzi - 3.17.0-2Elio Maldonado - 3.17.0-1Fedora Release Engineering - 3.16.2-4Elio Maldonado - 3.16.2-3Tom Callaway - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.16.1-4Fedora Release Engineering - 3.16.1-3Jaromir Capik - 3.16.1-2Elio Maldonado - 3.16.1-1Elio Maldonado - 3.16.0-1Elio Maldonado - 3.15.5-2Elio Maldonado - 3.15.5-1Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Peter Robinson 3.15.4-2Elio Maldonado - 3.15.4-1Elio Maldonado - 3.15.3.1-1Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-7Elio Maldonado - 3.15.1-6Elio Maldonado - 3.15.1-5Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-1Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.15-0.1.beta1.2Elio Maldonado - 3.15-0.1.beta1.1Kai Engert - 3.14.3-12Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- don't define -DNSS_NO_INIT_SUPPORT for legacydb on pcc systems- Allow RSA-OAEP in FIPS mode- Add SEC_OID_CURVE25519 to FIPS checks. - This will mark algorithm using it as FIPS unapproved.- fix shlibsign to work when the system is in FIPS mode.- fix cms abi breakage - fix long password issue on pbmac encodings- fix param encoding in pkcs12 pbamac encoding - add support for certificate compression in selfserv and tstclient- Fix missing and inaccurate key length checks - Fix chacha timing issue- Fix MD-5 decode issue in pkcs #12 - turn off policy processing for pkcs12 and smime - update the restore defaults for pkcs12- Rebase to NSS 3.101- Allow for shorter ecdsa signatures by padding them to full length- Fix ecc DER wrapping.- Pick up validated constant time implementations of p256, p384, and p521 from upsream - More Fips indicator changes- FIPS review changes - add PORT_SafeZero to avoid compiler optimizing a way zeroing memory. - update the indicators for this release - allow hashing of longer than int32 values in a single PKCS #11 call.- Fix expired certs in tests - Fix CVE-2023-5388- add indicators for pbkdf2 - add camellia to pkcs12 doc files - fix ems policy bug - disable ech- fix the change log- rebase to NSS 3.90- Fix CVE-2023-0767- Fix QA found failures: - remove extra '+' from sslpolicy.txt file causing test error values - only use GRND_RANDOM if the kernel is in FIPS mode.- FIPS 140-3 changes- Update fips default for pk12util to AES rather than TDES - Fix bug in pkcs12 files with null passwords- Better fix for test regressions- fix nss.spec so it works in a rhel-8.1.0 buildroot- FIPS 140-3 changes - Reject Small RSA keys, 1024 bit keys are marked as FIP OK when verifying, reject signature keys by policy - Allow applications to retrigger selftests on demand.- Fix pkgconfig output- NSR Coverity fix changed selfserv from passive to active, change it back- Fix regressions found in test suites.- Rebase to NSS 3.79 - Set FIPS Module ID - skip attribute verification on attributes with default values - don't export trust objects if they are default trust objects from dbm - add dbtool to nss-tools- Fix CVE 2021 43527- Fix ssl alert issue- Fix issue with reading databases that were updated using unpatched versions of nss- Better fix for the sdb timeout. The issue wasn't a race, it was the sqlite timeout waiting to begin a transaction under heavy thread usage.- Fix sdb race condition- Fix coverity issues- Rebase to NSS 3.67- Restore old pkcs12 defaults.- build nss for older nspr so we can pass gating with the new nspr in the build root- Rebase to NSS 3.66- Fix various corner cases with ike v1 app b support.- Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC.- Revert some policy changes the generate ABI runtime issues.- Add support for enable/disable in policy. Now if your policy file has disallow=x enable=y it will act just like our other libraries.- Add OAEP interface so applications can wrap keys with RSA-OAEP rather than RSA-PKCS-1.- fips need to reject small primes even if they are approved - code to autodetect whether or not to use the cache needs to do so in a way that doesn't mess with filesystem negative file caching. - add kdf selftests- Fix issue with upgradedb where upgradedb expects standard to generate dbm databases, not sql databases (default in RHEL8)- Disable dh timing test because it's unreliable on s390- Explicitly enable upgradedb/sharedb test cycles- Disable Delegated Credentials for TLS- Fix attribute decryption issue where the private key components integrity check on private attributes where not being checked.- Update nss-rsa-pkcs1-sigalgs.patch to the upstream version- Include required checks for dh and ecdh key generation in FIPS mode.- Add better checks for dh derive operations in FIPS mode.- Disable NSS_HASH_ALG_SUPPORT as well for MD5 (#1849938) - Adjust for update-crypto-policies packaging change (#1848649) - Fix compilation with -Werror=strict-prototypes (#1843417)- Fix regression in MD5 disablement (#1849938) - Include rsa_pkcs1_* in signature_algorithms extension (#1847945)- Update to NSS 3.53.1- Update to NSS 3.53- Fix swapped CMAC PKCS #11 values. - Fix data alignment crash in CMAC.- Fix coverify scan issue- Fix endian problem in SP-800 108 code.- Install cmac.h required by blapi.h (#1764513) - Fix out-of-bounds write in NSC_EncryptUpdate (#1775913)- Add SP-800 108 Generalized kdf- Check policy against hash algorithms used for ServerKeyExchange (#1730039)- Add CMAC- CKM_NSS_IKE1_APP_B_PRF_DERIVE was missing from the mechanism list, preventing PK11_Derive*() from using it. Add gtests for the PK11_Derive interface for all the CKM_NSS_IKE*_DERIVE mechanism.- Backport fixes from 3.44.1- Add continuous RNG test required by FIPS - fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor specific mechanism- Rebuild with the correct build target- rebuild to try to retrigger CI tests- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set - Revert the change to use XDG basedirs (mozilla#818686)- Add ike mechanisms in softokn - Add FIPS checks in softoken- Update to NSS 3.44 - Define NSS_SEED_ONLY_DEV_URANDOM=1 to exclusively use getentropy - Use %autosetup - Clean up manual pages generation - Clean up %check - Remove prelink dependency, which is not available in RHEL-8 - Remove upstreamed patches- Update manual pages to reflect recent changes in commands- Make sure corresponding public keys are created when importing private keys.- Fix the last change - Add --no-reload option to update-crypto-policies to avoid unnecessary restart of daemons- Restore LDFLAGS injection when linking DSO- Update to NSS 3.41 - Consolidate nss-util, nss-softokn, and nss into a single source package- Fix the last commit- Support for IKE/IPsec typical PKIX usage so libreswan can use nss without rejecting certs based on EKU- Backport upstream fixes for rhbz#1649026, rhbz#1608895, rhbz#1644854 - Document PKCS #11 URI - Add warning when adding module with modutil while p11-kit is enabled- Update nss-dsa.patch to not advertise DSA signature algorithm - Update PayPal test certs for testing- Backport "DSA" keyword in crypto-policies- Update to NSS 3.39- Fix LDFLAGS injection when linking DSO- Install crypto-policies configuration file for https://fedoraproject.org/wiki/Changes/NSSLoadP11KitModules - Port enable-fips-when-system-is-in-fips-mode.patch from RHEL-7 - Use %ldconfig_scriptlets - Remove needless use of %defattr, by Jason Tibbitts- Update to NSS 3.38- Backport upstream addition of nss-policy-check utility, rhbz#1428746, includes required fixes for mozbz#1296263 and mozbz#1474875- Switch the default DB type to SQL - Enable SSLKEYLOGFILE- Update to NSS 3.36.1 - Remove nss-3.14.0.0-disble-ocsp-test.patch - Fix partial injection of LDFLAGS - Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream- Update to NSS 3.36.0 - Add gcc-c++ to BuildRequires (C++ is needed for gtests) - Make test failure detection robuster- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Fix a compiler error with gcc 8, mozbz#1434070 - Set NSS_FORCE_FIPS=1 at %build time, and remove from %check.- Stop pulling in nss-pem automatically, packages that need it should depend on it, rhbz#1539401- Update to NSS 3.35.0- Update to NSS 3.34.0- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka- Fix test script- Update tests to be compatible with default NSS DB changed to sql (the default was changed in the nss-util package).- rhbz#1505487, backport upstream fixes required for rhbz#1496560- Update to NSS 3.33.0- Update to NSS 3.32.1- Update iquote.patch to really prefer in-tree headers over system headers- NSS libnssckbi.so has already been obsoleted by p11-kit-trust, rhbz#1484449- Update to NSS 3.32.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- Backport mozbz#1381784 to avoid deadlock in dnf- Move signtool to %_libdir/nss/unsupported-tools, for: https://fedoraproject.org/wiki/Changes/NSSSigntoolDeprecation- Rebase to NSS 3.31.0- Enable gtests- Rebase to NSS 3.30.2 - Enable TLS 1.3- Backport upstream mozbz#1328318 to support crypto policy FUTURE.- Rebase to NSS 3.30.0 - Remove upstreamed patches- Backport mozbz#1334976 and mozbz#1336487.- Rebase to NSS 3.29.1- Disable TLS 1.3, following the upstream change- Rebase to NSS 3.29.0 - Suppress -Werror=int-in-bool-context warnings with GCC7- Work around pkgconfig -> pkgconf transition issue (releng#6597)- Disable TLS 1.3 - Add "Conflicts" with packages using older Mozilla codebase, which is not compatible with NSS 3.28.1 - Remove NSS_ECC_MORE_THAN_SUITE_B setting, as it was removed in upstream- Add "Conflicts" with older firefox packages which don't have support for smaller curves added in NSS 3.28.1- Fix incorrect version specification in %nss_{util,softokn}_version, pointed by Elio Maldonado- Rebase to NSS 3.28.1 - Remove upstreamed patch for disabling RSA-PSS - Re-enable TLS 1.3- Rebase to NSS 3.27.2- Revert the previous fix for RSA-PSS and use the upstream fix instead- Disable the use of RSA-PSS with SSL/TLS. #1383809- Disable TLS 1.3 for now, to avoid reported regression with TLS to version intolerant servers- Rebase to NSS 3.27.0 - Remove upstreamed ectest patch- Rebase to NSS 3.26.0 - Update check policy file patch to better match what was upstreamed - Remove conditionally ignore system policy patch as it has been upstreamed - Skip ectest as well as ecperf, which are built as part of nss-softokn - Fix rpmlint error regarding %define usage- Incorporate some changes requested in upstream review and commited upstream (#1157720)- Add support for conditionally ignoring the system policy (#1157720) - Remove unneeded test scripts patches in order to run more tests - Remove unneeded test data modifications from the spec file- Remove obsolete patch and spurious lines from the spec file (#1347336)- Cleanup spec file and patches and add references to bugs filed upstream- Rebase to nss 3.25- decouple nss-pem from the nss package (#1347336)- Apply the patch that was last introduced - Renumber and reorder some of the patches - Resolves: Bug 1342158- Allow application requests to disable SSL v2 to succeed - Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails- Rebase to NSS 3.24.0 - Restore setting the policy file location - Make ssl tests scripts aware of policy - Ajust tests data expected result for policy- Bootstrap build to rebase to NSS 3.24.0 - Temporarily not setting the policy file location- Change POLICY_FILE to "nss.config"- Change POLICY_FILE to "nss.cfg"- Change the POLICY_PATH to "/etc/crypto-policies/back-ends" - Regenerate the check policy patch with hg to provide more context- Fix typo in the last %changelog entry- Load policy file if /etc/pki/nssdb/policy.cfg exists - Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy- Remove unused patch rendered obsolete by pem update- Update pem sources to latest from nss-pem upstream - Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key- Rebase to NSS 3.23- Rebase to NSS 3.22.2- Fix ssl2/exp test disabling to run all the required tests- Rebase to NSS 3.22.1- Update .gitignore as part of updating to nss 3.22- Update to NSS 3.22- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Resolves: Bug 1299040 - Enable ssl_gtests upstream test suite - Remove 'export NSS_DISABLE_GTESTS=1' go ssl_gtests are built - Use %define when specifying the nss_tests to run- Add 64-bit MIPS to multilib arches- Update %{nss_util_version} and %{nss_softokn_version} to 3.21.0 - Resolves: Bug 1284095 - all https fails with sec_error_no_token- Add references to bugs filed upstream- Update to NSS 3.21 - Package listsuites as part of the unsupported tools set - Resolves: Bug 1279912 - nss-3.21 is available - Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit - Resolves: Bug 1280032 - Package listsuites as part of the nss unsupported tools set- Update to NSS 3.20.1- Enable ECC cipher-suites by default [hrbz#1185708] - Split the enabling patch in two for easier maintenance - Remove unused patches rendered obsolete by prior rebase- Enable ECC cipher-suites by default [hrbz#1185708] - Implement corrections requested in code review- Enable ECC cipher-suites by default [hrbz#1185708]- Fix patches that disable ssl2 and export cipher suites support - Fix libssl patch that disable ssl2 & export cipher suites to not disable RSA_WITH_NULL ciphers - Fix syntax errors in patch to skip ssl2 and export cipher suite tests - Turn ssl2 off by default in the tstclnt tool - Disable ssl stress tests containing TLS RC4 128 with MD5- Update to NSS 3.20- Update to NSS 3.19.3- Create on the fly versions of sslcov.txt and sslstress.txt that disable tests for SSL2 and EXPORT ciphers- Update to NSS 3.19.2- Update to NSS 3.19.1- Update to NSS 3.19- Replace expired test certificates, upstream bug 1151037- Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available- Disable export suites and SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code- Commented out the export NSS_NO_SSL2=1 line to not disable ssl2 - Backing out from disabling ssl2 until the patches are fixed- Disable SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Update to nss-3.17.4- Own the %{_datadir}/doc/nss-tools dir- Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic- Install pp man page in alternative location - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer- Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available- Resolves: Bug 994599 - Enable TLS 1.2 by default- Update to nss-3.17.2- Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work- Rebuild for rpm bug 1131960- Update to nss-3.17.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Replace expired PayPal test cert with current one to prevent build failure- fix license handling- Update to nss-3.16.2- Remove unwanted source directories at end of %prep so it truly does it - Skip the cipher suite already run as part of the nss-softokn build- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Replacing ppc64 and ppc64le with the power64 macro - Related: Bug 1052545 - Trivial change for ppc64le in nss spec- Update to nss-3.16.1 - Update the iquote patch on account of the rebase - Improve error detection in the %section - Resolves: Bug 1094702 - nss-3.16.1 is available- Update to nss-3.16.0 - Cleanup the copying of the tools man pages - Update the iquote.patch on account of the rebase- Restore requiring nss_softokn_version >= 3.15.5- Update to nss-3.15.5 - Temporarily requiring only nss_softokn_version >= 3.15.4 - Fix location of sharedb files and their manpages - Move cert9.db, key4.db, and pkcs11.txt to the main package - Move nss-sysinit manpages tar archives to the main package - Resolves: Bug 1066877 - nss-3.15.5 is available - Resolves: Bug 1067091 - Move sharedb files to the %files section- Revert previous change that moved some sysinit manpages - Restore nss-sysinit manpages tar archives to %files sysinit - Removing spurious wildcard entry was the only change needed- Add explanatory comments for iquote.patch as was done on f20- Update pem sources to latest from nss-pem upstream - Pick up pem fixes verified on RHEL and applied upstream - Fix a problem where same files in two rpms created rpm conflict - Move some nss-sysinit manpages tar archives to the %files the - All man pages are listed by name so there shouldn't be wildcard inclusion - Add support for ppc64le, Resolves: Bug 1052545- ARM tests pass so remove ARM conditional- Update to nss-3.15.4 (hg tag NSS_3_15_4_RTM) - Resolves: Bug 1049229 - nss-3.15.4 is available - Update pem sources to latest from the interim upstream for pem - Remove no longer needed patches - Update pem/rsawrapr.c patch on account of upstream changes to freebl/softoken - Update iquote.patch on account of upstream changes- Update to nss-3.15.3.1 (hg tag NSS_3_15_3_1_RTM) - Resolves: Bug 1040282 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) - Resolves: Bug 1040192 - nss-3.15.3.1 is available- Bump the release tag- Update to NSS_3_15_3_RTM - Resolves: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws - Fix option descriptions for setup-nsssysinit manpage - Fix man page of nss-sysinit wrong path and other flaws - Document email option for certutil manpage - Remove unused patches- Revert one change from last commit to preserve full nss pluggable ecc supprt [1019245]- Use the full sources from upstream - Bug 1019245 - ECDHE in openssl available -> NSS needs too for Firefox/Thunderbird- Update to NSS_3_15_2_RTM - Update iquote.patch on account of modified prototype on cert.h installed by nss-devel- Update pem sources to pick up a patch applied upstream which a faulty merge had missed - The pem module should not require unique file basenames- Update pem sources to the latest from interim upstream- Resolves: rhbz#996639 - Minor bugs in nss man pages - Fix some typos and improve description and see also sections- Cleanup spec file to address most rpmlint errors and warnings - Using double percent symbols to fix macro-in-comment warnings - Ignore unversioned-explicit-provides nss-system-init per spec comments - Ignore invalid-url Source0 as it comes from the git lookaside cache - Ignore invalid-url Source12 as it comes from the git lookaside cache- Add man page for pkcs11.txt configuration file and cert and key databases - Resolves: rhbz#985114 - Provide man pages for the nss configuration files- Fix errors in the man pages - Resolves: rhbz#984106 - Add missing option descriptions to man pages for {cert|cms|crl}util - Resolves: rhbz#982856 - Fix path to script in man page for nss-sysinit- Update to NSS_3_15_1_RTM - Enable the iquote.patch to access newly introduced types- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Fix incorrect path that hid failed test from view - Add ocsp to the test suites to run but ... - Temporarily disable the ocsp stapling tests - Do not treat failed attempts at ssl pkcs11 bypass as fatal errors- Update to NSS_3_15_BETA1 - Update spec file, patches, and helper scripts on account of a shallower source tree- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build3.101.0-11.el8_103.101.0-11.el8_10.build-id137ddab5b2e9c45b51efa2af18167e0f188654b6libnssutil3.sonss-utilCOPYING/usr/lib//usr/lib/.build-id//usr/lib/.build-id/13//usr/share/licenses//usr/share/licenses/nss-util/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m32 -march=x86-64 -mtune=generic -mfpmath=sse -mstackrealign -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpioxz2i686-redhat-linux-gnudirectoryELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=137ddab5b2e9c45b51efa2af18167e0f188654b6, strippedASCII text#PPPPPPPP P P P P PPPPPPPPPR RRRRRRR R RR RRRutf-8d1c62a93aea649038e57ce0504087ae7a950444135c863c03f71f489071e7ced?@7zXZ !#,l] b2u jӫ`(y1 /5s i6$MR5`z$@^/'#PJ@]xА.ty"`#Wfn~PO7G/ C2~/n֍.a̬a"+]JOjfrp5@o^e^G7{%0nHtj ]&XbxiǤ8ںyĬiݿe0RD6ޙ\9aq@f_ig@Ť{]`bB{c< Q7r kFq2^7϶I.O5Q8vؐ幯{˶$5"2K Z>!mHW͐PqxkF<sD[Ձtt4MptY!)b=DʂF o06o 1!*{EɱNX~g} A?(w^鎇Ȥ5dIHB^0JQsE:scY.2!﷟ƱefB'H5&է`|vωR13n6' 'mKq4g`;tGPPcZ.읤8aܬnѶ\U_]=+]Ip7A !Md'^C>^9%3Yňîp, S~x!AZnBE3٠ ݏRj3{ d9xm5@) %󳛙27{$u)yǴȳguvtUzv1tkaoܺi C._\41 *yɔp?3s#N# vZ:(ϬoVNq,9wZ;cW1Ēt[<.FR{01bǭp,HA^̓z/)Nz|{Ux`35lLVzijm8)d%z×c0t-}>l,Du*3m,DMf˸Bk׾ y(A'pѫַq~{XD"lV8 `૛FsLjfv*"h'Z# f_s8b^dYX៧RYe$b:lojW\ DfgU9d{>0dy(v>&rЌeqLR][CT.H%3,skh0`քxjw8&ύdt\Ѕd VMH[`PfFȔ p3PL*8揀FFl 195b+G%Y:Ѯս1ą'LsaCRt Do gSnn]*F 'Y4'K()(\ѱ b8Jhb`gcX{]gIbN-D?3͌)\_uLnWIԡ4}.M G}[r RZc%?@IF)C*3-?ߏZbJpe=CQ?d3?xV$B*-Ӯ*A"€b>n6  B` ]2vLUX-KŐ8#'q@֓%+Yh ;a8 dJ2Amd_;@N'q W}CܺZ+~~(BJ!iʈW@U%w4b7Jz>ϣ"©Z,&G)rg7VkjƋ 2H8(u8=iNK'pdg宋|9p elSioTo>*'8[ Mq%r@i" 3VZ &tO 3֜V0+<퇑,B*1▢1pmݠSoNox%̈ `6?Vfcf}H4/MS!rAoNZ:YkB Hd"HX yPȩ%!3,W}^D!/˒5*yjc 9,-_=Ԩ"=` 5 jUveI&[Wynz2~Za<vl k&ШJP/jf)_~wBrܷȆV9͸\oNsM?J2-ڮF @_75exM s6 gf=ҒuUa_N%L`C'M㲙o`GzS-p~nA L}alv8'Y^\]lMZJ%o J1 2/_oiy#[ggA̍ZI0I;_baQ^V&~I?QBI]$Sc,*`ȕ][Vxz!c4sT3# jNpgzcOϒfxExI*?4 `XM4'5ApЩm?mqc L˹ EM(MUd 䊜4Hm|@;P.d kh%o>b.2q#0>5z*⚗?@)#8rdur,j;1Zjȸ ˧j Dly頚κ6ʎ6"1V8)R]+N`N=0 '2i+.)j#MJRl7RNS/RY$UiT;]-h'5ݡE+,\]Yj4M4v $4}UUuЙ p~u+)崶%fP=_ 3]Q-xw`2jr0\l,}`as04sBfjT~'CPg o`viET/$w>OcHVHৰ 1^PNhɅYx(Z9|LC?ڛ; v$J*үC1 @WdZ/S7$?j]eݟ3 \SL~oMK}jx BVӄ lY5X9;=(ʛC2GY7 iwIVՈNv|D^'ѽ=iH) =^!i*0HhU:tvΰ XQ\ ;&b AZ{åޘ%34ϵ4%y5m4!n[WMXo,,YO ?X!ؚ, %ͦ@>#ƴC֜(WO,3 (39UVN]1|Yͩ.S[U-ม4+] A5˚:a8>81V;&sIdE8mo xe@`*G ":En- )BiXѧ8̒aYDk>e EشraQ&̴T={gfGzNZW|Aǔ[:w_-_})JQ*|jb4=>urPgJM䊰52m ٧8DnVF;4} <$K20+ځh&'%jOp@\F^|P/ ܸyҼoB96Nl] x]:`VPu Gl@& ק)is7RtJZ.GD#Ae4;qe8*[-\ޖZi"Z?V::z}56&p-YK!aiJ;-mHCMFv <.VyƜd\(gOXoֳ tZ [ttVk;[TsB ꣧;K{D TDk:#-`5_P~8JWr@ab\ͫ(|ieA$ޡɵ J$i޶o@QvTsGC xm9j !b*w<im7aѠBNHYB&m(&V:H N,^ qa1C/nju*fU?/wf2<; >B-cz'v'bXYFش'jJX: $<VZDȷ;n*(3ǟ U5[NL?`ytKO>k"CSJ.~#0) q%g,mG 8}R5-C^,zb :m_ihWjF]Pj*v3|ߙW?H@ +a2XFpzk3)_uqOhQBt_ANȕă"gP@w}Kd,ْHѫvu/c<'d]ɥaK[< Ag*a59ߐ v&CI>5Et) O@9R{Q WL~{;,ߴ/]ݪ]}-M'VzI{:Q Cܫg|q? 5%KF4scMtfr^5v"~a7[F Z?SZ/v$^Z* ancTV-(#vLʦ.^Z`m2Z|L,ri&:#JCC#h80;}~=ױS>UZR9?^+r*1(xSoZ6MU5c{mv. |ej`];AGi橥@vC G}* 4^8j^#iT q%߿E04[t e<2BOfX{;B2[Ph̥?Zq&G 7@.- gPwL ǚgﶥI8@x{;}iWshqnxx,(}V72B lbq)WZ";mFQ[6@4O-g|?<1]l$Ι bpRW32\յ'|]ٕ)MiZh=C! -(jX1)3HDfDCpn/S(UDci͟vY;͘apb !83 p%QUe]Qօms6* <7PZ$ng%"sE ̞:9a#I.֧폴Q螹6KFc'oް۸lL;NzӉܛ > )8\Ψ ?<*^%6kRa'IrŮcd 3\'r^Q #( cϱV}3imn?73iVxU} W&~ U>7I8/59T/}Щ5J-9۸ )!eĶ[4p]#ik`uXD`utmtᯏpl݃5xf^3RMLmX8{ڪЫ-$ܾYk6zfflO-1Gm:7 V+b:eXóFPmw*Zpu+lzQ|wÊ! oIn SR4<̠dSuҠ٢S ?c!T; a0'4!Ôom~2+gTF֋ iD W[qG9qkXt~gB #F<]T3,k%zHI%*>XPAR)ex[;PJ]YF& v59sюXI|햤xu$L _RgCB=s>]Zyev@ء*)J]]*Hh=g~/g/Q@C~T:ŕei9N9 | V3T3~LPbWx̶uel0;RW82<1)7"?&('7~'ȌTꕳ\CYKy|>E0wRכJڴxPnn3iw.[F4!1 GKI~2LdX?'P޳'4Dy0#l >\<#JC#R=+:uVm|ϗPDF9ERdERl?z>H* zUӝ_hmI?)lՎ0 +Kq>ß7+s~ڄfGIq)Ȯ.H=qN_i19,Jfє<]Ss2/AlTZyL[Z]UHF3#w\Pu#: ssm5/qE;GJH"yI6•6{3Ѹ`WhGְB> uA[FPs4DW*vP"5OFshPZuY0./DPQfB m 0ґ#MdPUd,t(w-a 6_$4qb.AG t媡NN=Sl rݟ tOd4F@,X0$eBBGOpxƻ8@h/_QY/ ;(9[X%z4iHuõĻyq:r+kK_KēSz4GC6_ʕK'AV% g`L% vn,BM7" ٤I M" - Zs*"ɥ^Y.}µ1/<<~Za VHZF)JP퓵]M'BŶZZ3Z_On0@ Bד#H\ ȧ2|aav~LZ4"{xUIH--a.@>_ ?*HSæ=! ؜|Q7";>|} J6ؕmz?A W4\ҲTx) y:6> Y#_´FٿIAc:l@eo,S5Wp @Hd8^*dثKyU۷~B#@`|_fiڸ Kdܒ/h1+RuK./&K-ϻ-iK'`uw7!<'+T$\dar)T%:#<(iec:_֖uDG +XWb%z3:AW]b}=^W;V&yJp;jz o`D|sE LREq("`Z91)kI':d}aBRu/Imb ? F(/X ha7 Fq/O:(gѪgk R^a" |@70Ɯ%^n@fkws$Qgl6DhޛBj~pHDF AR;h9Y_ aL"C5ର(I_%NYX RzJV4 X`ÛTB/ӫG3ٻpOj/d.(F<&C-}G+k~:z۾ڣ3#yw,ya$Q~#g;x<\)|y;l޿ _ѡuF+˙)tR?'y֋")9|58|}GBuHإqcӧmJy{ ˶[ jN$[1}O!Q|ȨyuK4'TٕPjX c5 y.of"mDN[-ܮMeVJk_oSkNG#%7E3X'MEjCyΎ[[uY-C2]k@Wq9ߥ&EQVFP_\^\=‚{_{G17#R$sB)  {B:[qiKwރ߅nݰtK65ĻCk> phxlX'S")PAWB%MԟCn5=e[g&(FX cHuF8 WᑙABOle^؟ȩgC%,ultcͲ=+T) cp q484&Xo䳜sdap^V#W@]HtI6&ߦF?SĊ!QI%3os~E>/ݔ, "Rُ̢O" ArXQoN֗ 0/B1;|B1:ܠл֡^Nv*!*7"T(: KepRy= ^U ,ر$t4s U{/l/1mۮP!WB?! rNaQӥ+yBF8/KgⓁ`þU:n7& (Rad VA JaEǚvF,!93dO%/5'wJW/A2PpmT̘dڟK@4xu-njM լtM$DިSZ~Z1Ps~PЧzmaLvQ>%ɓf}I4SjW4xlG.]6^^`TAo,B\JڜQ8<"|YAZEs ƒ 4N NjTꃞZ^LqI:x6ؑ9ijJV7c#*ҥo5Gb1M18vK}\Mq\+c?KI)IAf >^:Ti{ h3q{hR1Q>` _ޙbH._Қd|@( ǫGЭ?L>S 񤝇8?]r#hæp(FAajWJ0)>zALt~^7asmR᧧應c% ,$I1"x xy<$a:"~n! W`Z\(b܅ ~EĆ(fq:O|oM\z#œ~TKs ;F<\)hZ-`Fks^"=sS Ѯz?PvcZ2/?L_J'.L!a9 mL\aڿ='#"+pReE K> _@x`RruJiNu g#06(Y))\M*ٖ$fT4>b4ES !X1g7T(1S9٫P+3~oDq䳝rYX|:p;J,7=(!k2IdU GT-pO"`e<|"`;ǃ>& (vFO|ݠRRriҤ@^;7U"6^/"Bd= [u~E *>7Ix$dOh5>oPQp˥5(qY;K>_ƞu]2k>{'drbS^/-:gS(N9B[E b=;hu5\渂0m@ZQCDת Q6^y'@Qyfleyný¾,>k|ڍGd@;0yYui TRXNC QWգ,x۸OsFmPRw&R|Wt┥Rbj(&J1\AxC*6/:d,$F2 {ZΨwj`j,Pt"ۀcU:[}:l?[:U KȢ3v]Ѝ[hgUP={4σ;JACsx )+TN>Yߵw|Jl9ڛ.a`Gғ9tQ<^r~|(.[=6Xt/eivCOJ#b #]QBmE3;X%STW &OeD%NVTgJN1^Ӭ |,DW7;$:{5]xRt.rFM I %fA%G+^6ȾQ6ݡѝB3yh 5ZnrWJFy/s)2@/x|%dJQ6lCluxq%O|Pv r7aSn!F 7ԧY촩`-*LZdO,  H!#Mdžw/u-$|L$=&6,IZo$p2.͕HC=zAEw$L'2]ݲ[Ae .Z٣AF0| "^Zn ^܏:--FcDZKOp ڮL0J'mn0Y}v^Nd2h[M=;¶7ɟz#[qm=p}f9m?Jȸ:v,u\%]]CSQʞBH- 5o.Mzn!Cn4 ֛a_`t?$|9Q}1LJ 9"AòD `ug”hOs  9YNLJm:$bEan E!Š>1`r%Q"4xplէO-ߙF+Qsxblg !5vD8ۢfKE|cbΥ \+ԚP]X:ZӪTva_FQA F50!r uJZ ~_zCR>L *RyQ .|x,U]SSm4l ֬?7:(Q*8,ĂA(lFK}L^=p MƢzWǪo^J$o?8K?-f/I)DrhCНQZ㑎9c1 c vn.(t t+nev[& <0&b0חͫC\uZ%D{ MB +8/+,y9;3w]OgU+lI6M[;1ֺcʘY}:%^KчljX8]W=b,$=ݠ(ߞEˠ(Gl7̧g[PiRfA5LnoQgVK)oS9&C?3"(c*/*$!/eyZ=˜k4>qsNszꝇu9A19%ՀyR6ii7v$8e`TmMlapP;}g3F BMߓxރ@gՔ-4Γ[Ժ JBz$ڝ.=4 64dâ |8l&L$䲠~ gw>"XP獪J.z#P+{FDSG&IlI߫&Sߏ ͎0K&-I1r.WFֱ,95xm!Sa0cX#zUW:,$XNƥj!]K()nA6_ȥB'ܻ=d~ ȍk1 9$$.Cw*#QP5. =3w#eR B";ع֣)q.Ÿഹ<'xW < 2 8+j1w_!'v =7]Pv%ؿl2^rk)Y۽I- $t8F74%+=>;IJo5ŵ\ thYUG~MJpZ99C-rwe*ňSmu<ǹ ?.PbMɩ*T[s fy Q^їnh]IQqhPm`mg`J7"8(ʚL `F"P.\VXveӚ+06ƃsl/Zɢ߈Rkn6R 4: u4&`8-L>J%o†v\d~D@QF՚#7Sj>.k;yb84~A O%&֮n cBNKyye\#|i oe}\ֱRC՚'8[;A6pb׫89p͒ ͝"96[1zd 7Ƞ܊kӡ BgҙH)>: v6i EH`е#T=:8w홏ϫB˗y_*~?؝4(((Ch^>k`(, ^%zن7o졩(]iվ%`J(>_]bEr 5k=N*&"BqkoS=u;7[%Nxs҉5VV8̄26c4Ynj]?#El÷@&;mHzh%gr~o-9D~&.@R3͉#20ɸIF'S8],=[h#)G^Yp[ڞmA;?,e4vsXȍuC(F{`=j?4jCmq[VU#6Mzt?qY)b -U,Xeo@!ky ^Ith{?CK 8NQZ(MxCԃs\)UQ>eAoq\5l;V؄?&4߿В1c kO*3،sQ{#%BtBu|l?H7n{WSK덕AgqPܤVD4sSjk^=jb\5>⏺")/AO^dչ h1g*PI_%Y9Lvt|٫ }:ݎJ˹M m-.c (zWV? +0i/{'ry0FG,*-kkL=!iCs[0PQOHR聢1oO@P[]<%K=*yWզ`! J|`·@H%#_Ts-?ܳ6]gv 'e$r!v:-f"KlC7}g?(s0)jl$c12 XL1Y'Ac?jf"4CTlXއ߯9 5+uGoJ2^?BUeg]5VT8H CWmԤYefTn\7#&`+@50C#Q5KOG[y $yt189'?tm|׋k* _.SN&ѧn“Kȏ+JKF>Ƶy;\aM/)`!.u_בoQؖ ekaAmg^%.iRS{zqٱ&VTN&O,8cLaYA:`Ep(}# T"SK(štt_WԐ{$L8ZZgٰj%'ɉngb"/ _bg+YCHA@Ǚ_E#dsPnMY*؞0 3տEm{x<ϜpG}#G$M4O"}+)i |#Y`Zܣޟ^YF1gVv uGA. X4z$qwQ.6%r&;, 8n LTV H L[7#g [׈]?PR?|࿷"`@TUvrBnQctsh! `vė(|%x3Ĝڛ"-Ay3S3͋,K]*wdf[:C> d<˂3,4V{b笑\/ۑhf)8oDl_wdx^1PxGoP,ˆƳ{2mT hIyw.osN6O1 `mBq>C59;s2 v'š4igނ1ciLׯ@$Q*&qkO+Naw{.2^j8i}R먘eɷB/%TS%+:a[!*0EHԞhE'(@eV.h?"Ѥנ"pAx@Q&\K7 *.4Jlb }X:K3e;oEQ: t0;š|q$sVfED&+ҁV zʿ[|E +Z&h<nJVH]ũУM穹1,w=2`VfW1}YC&o$(+$RuWs;Э]mzFK3C7FS҈-9a %c4D='Xy tEB'%_l>^CHQ QiN&Leb( [YvXF̌yE$rȆrĻ_rX2h4Fc](0kH3`3(#\׽\kBb ƶ2}xk,eh۞a ]wdz'ZO*T$}ڍr.R ;]/c&!>mp;/WLK$cLY$p*~l)|@+|>%]qxuoWv@P^aGmC7l!I7Z Ce{׫hK c^諺J]RYٙ/C6ơg {VJKn깇޻@{ߋb9R1Α7܀;YZ ֯o>P֣ FUb[ʹ2s {T!d`\_r_?J?ͻV~EOZg}~MtP03` 5SZVфSZ $OLqs~ցd s+g]ߒxT⫠o"  XD0>{L[Tdz@џůnAi#%[*ÌYɠ Hˠ"呔jI'RлM lhU$ T_G.bRpm t3w!Lz7z7]}*-SI|mV%eJ^?4O>vNi=|T4 <=ZV)iT$CO hceHx{$B3}?)"f,r(/M58`~TF,'+9|\9IhCȀ~F#̫jkX@#jq/lDxb8jR7|OExyDcpT9 ~]s]3}5o\E¯'.||4o [i@dp. v 4d5[%sUweyU}[}L"Kym0}SuJEE^p"r=* r]OD7q{~H_hW"}TLepczz%sd*,kӢAq%϶aqLIZc^b|'F*:/1Mgvx^ù)piJĽ}ޠƟxϨBֶ.E-<8=Gr,ay'ϕ,T/QMzE C8y-*VPܴK,{uQ77f/ 4Xq$50*k mhPx0%a1Yؘ5$N\F;} (2ΨEi]F*eYoIE&Zޘ\k존rcNYh!HeVN>CT9]: Hr:[!mWkJG>~jQu9 ٙB@UL &bK\.OHW }6ITȂn޳X_]C3P]ʞ3:pS[a9:$XV]GD~2otj['Lr,Mx5st*=;q>4W2m`r^.DuCaEK'.qåaĐ_|2m`*gV;`Rv 98D#ܪ3onwls'H+m\Ɋb'UCl5ba}>oayɹhU<SH~N橒0` XV:Xg!Z.5,ݮomشѳ3(BWh{D0X ~E+J} i}) - T@JE֫5<eNeGN/ #?<H@Q26@nO8eMҐ$Ufld 7N ʪ*(*w^awA/s syf  FX *|"Ar,Iq9EN +s @ܙF "BU*ťOJzT {9[' k L Ӎ:(kO`@W=BЩOvnQHɃn#ZI{c-[:ؒű`mEJSu܇o.aL֓{F'+ +$Ј'ZڶA\q );XT[l %RvmE.8tcoKm,ה FԻ.ctݛ?T랐Zyb+/q#a4j3jVZuăC-9-3@N_"E`mZv,Y",!?CUKR/9ԖcL! [^p6:[Aː/&*n5x/Fp:[ض .:^[vf|@+,W"+3 wb79,IԎ0]jKgծ}tnS5/H@]\,7mu^Au َ|o Ք| yyһѪJ2!1c(2FSt/}Ǣb.igipAݝރ? ab >'Ԛ`hпz%JO"0ܧΏj0Ҳ^%L谒-3NcL-T(),hR@W Э'ޒL@sAR+N L*ҽa .k)7h]jR寬dE-1FN8[ R$LN꣦>E}-#*ȟ D$@KĴFNQ Oe*;@V lU(ڛd5H I!"gKr6wM ;>6Z,Z PY܉o4j7JW?ZP6pJBf6ue g퉲S!q34%>8b^d*p⭲A@!>o\2r|` ߑn)$xW@"QNuin'ƾ~F)21} D_ (*tjYd,_,PnE-&sbjNfĮT2* /fϛ"#qzɦ՞ ^8lȹ[{=c3gOSӛ[W1PWAYZAxѻIxa檊Ȩ6le=dvZ{F 㫴L]،0w5nču/jh( +k ^/ &BZ3 _M>p^r#̓ŭ/u邿cB.7M#~Ydy yo3A(!xn4 W@b)m q/ {'5A8,.-"C/g`]7hJѥ/!EܣD$[Md|+Πe4)O>pqyhh6!8JTTL|gt~@S;}9snڄO HMnA]l4rx/cR x`{.z56ʧxN%w_;upX]ϯbkAaKP?ʐƔ-4Eu'ۏ&S¦SR-[eXԽ1?AZHӓqILJ*.3jG~KˎT=? e`FLh,Ȃ(WC]&ȧO4w]"J +8B}[T~,JLE+NWǛ9cC R?X*˹Zg`DYn$25ȩ*IPw){gf[߬;)S,|E:YQ,h/uo{MN\rU&6BiXE/Eހ\Wf$Tq~ G>j/"s:i{Ro,kePkI9͏7`_5#vO;{/R.}>7ge"i#fl̀-'q?hZlv[7(*Σ.Dt,*dOM!υ o$ +yt1@bEmV^NPaX$my#ϓ{AJpX0W^kN,d+q5? 5j?_k #m$nWag}?TۭaY9/0|VbQn@9H|xNLd:yQb!%l 0͝o@-?xaM!3 ^U~@7 15-d!qc_gB "iIo9]Vz8pϓ~簆&ve[K=N\mHMY*V0@ esw?Rl+ x1V;PTNe)N- 圯hqҵU.)ձm>yQpDMʮmP|3oAw݂FQoW?p͐OU4Ҟ}&P-GW:m O [kukT>j1A%=*n$4i86ՀW%(Bz.}C*:X4)/Kqm3ֵ9y,Ǔ"u\@tf tf\xŜ(Ďl9U}}ahիZQҞg`f`I:^QҘCYcUgl p9?13q\A:;Tfp/ۦSwPu O[[ ȕidHv1pL;pӊjGh3A/Dwf; 7v/FF$at ٫]x]/u :e;cdΦ̐# Cf&34 {ozRS^![X!kVUb.@ɚ+,aqAn7Jo܆ٮl Wcs>gvzp>79^…ҸNiQsS-|JUE BnZ.}Y"fg38{{s^1ȑ߷"Grh{F&kn47O+ŕgI rc*VN%t/;\^f/D@:YSq"И':1mʛ6a(j1ײN*B-}ɓ#|6C<]g+ɯH$#B=sw tUZ^76gY[?bYԊrbgg e.}'"x`FvД`%[gfCl8n,X//,8|EުOUYX7,ӅȥyaQ`2I%;0Be~ q4?o~'mE:<8gNDz#2Ami/;OU-\F6]F:|@Qjv#B??imH~@BfBp3[Ϣ+H`un?KHWr(--j.w\rM߶Cjl:0H:Y] sM ,w-% ;Obۿkyw1æ DhM?)Cq'7WU&$ +!qVv[k|Qѧ$fnH8eZ0oxXzv7hXߋcd$-׌)G+F '5X l/7yEԣƔ`7YCti&=$$9]xv=+rDZF*mZ _xvۃUcΙ?!߅*%r6zt2IZAhR}:/`bn{4v%>l:/fިm}4,/ӷ 0Wԙ'ʶ,#Hs5Ր j}/i{n vyMuVL C U.YT2*ز=1qA]_3$K0A>8i+@hbޯ۳E ʞj+σd^us2vftJ4gzG'Io$*T˶NNIi.z?h2qd@·8T&̙~Oe9<9E>4W!OB- 7ݵޠ@ c_ 9t[YSĶ)1Fv-TV!m(s\-%AߙrUw-ST1i8IL (clĻL5 2;6ER2!>+ H/,u_Dc6:#z{\\ NTO2B9VR Ne,p2%:u<@ꛡ>e03ȳ駘dzD[`5R:io2L@i|kaկWz<񻢪.RL#QFm?P,KƮޫ/+9k$td@(c)ۨU_[@_Cvd 9t68Y8f9Ù7: m)̸lU5ip?}awj9vJ^f;%6Y,gm.+UZ|cc2g| xtU#Dt!տ m`^/e|{tp$VlIɪjen?#&[۩XCګiCD>ɼ׋H~nkDCufډ ~xn~]y94hYL AXU_NUS+/-/RfHFJyYScgaIM U$#yk8nBxLW!jZ]'XSan'd~JpsFw_39C䐰6|sS) 龯ڣI!:pzWzN19aɠ0AB%z3x 1;ɴ%X%\*xU2"Eo0`߳gqG T/dn; dOVJ:y!4y]cD[6CLjZ[e,TEWL Jp !/}q~u *`a릂SQZYu$!:$ Q lF߿ vu_,R,#TUs!V1X,g>& f gDkQD;dq74!BdS+ToJQzj?_ dL>qIQ[Uo/Nb< wZ:LpV=6kG2~lPl]"JnH21czZ͏+EXZ&D@6$l\)wsDA1 ՞^-2V7d]l2ԙؾ $@&4pZTQky 2-3<3Bkp+~Xh[b5=RqЕǭeD)[Un15Zp]tV2<> y_!CN%9CV3+Ô$sq1[ZHQ%5%;^al|u`β0R~/L*^/ϖ5[, /rx:v#꾨-"\k]4[CJ} hk=5ۈYOU1֚^3K0W껩K(؍"sU5yZϘ3i>Qjzڊ@,RYЋ/^ O25 TkKZb4DH9eA?ᬑ>? uQ,8Qg h(K%ɸ.$7Y}CÄpv?u=}}k] н~>bɏ#eP5*fHk-X cP DeXۚ+)+;In|oe]/VA7^1æ6#2/ Dط'4nЮi$ >蟆h7}Q3)8\*z TV2'1Oq${{'"@w !nd2aaӞ0dD+Y 1MbXW_C5e#V$LՕ?GTцMPl&vU <噁lo3{@# ع.\j֑f۾QKr``@wTzl9##AwۭHқܠD)lgH\}3lZz31,g"#╫,ؘ;L0+QmVq!\-'n|.M)|q0TG9Jk hRZ4j*v=Zm|9Z o{gQU| ]IxO:cڼSqv-6uٛJ<$MTAa<^zkMuW9H D:=9AJ 26⾓$+{j AO]++Ϙ_'A{s6_Mm3t@,#qKTAN}kQ B0.5y9@b!PItpSky|_\WHг]gTARiC{2 |KpjGk66=}S}G8q$FBOř )Ћx,P$nYNpQc*dg-xA owJbT0E/ ?f@\o]ڄ~3d wr@^I>Ʌ̻)]aP8\syqϰâp#]wwZz۾vo=e-xC=^ &9z!G؋%3(F ܸmw 1KuEEק*$xX/!1ȸC)LS$(u`f_75038n;d 24Qpzg5gݍ{^QDss!wxߌ.eyM,$Z[ <H1?)7*~t*]}k\~}<F*ߚ rt(oػGgP 6_85rw.ˊ:O?{[T̩"pVGP!͒񬸓 jm@fƍE5GI#4w ThڵX_4ildm>r\+}z59 0d;uP.%ne7d_+Ρt}lf%ĐӍpk\ *61^߲lTM[|vz3ɞuDSXBJ@>"gx ,aS.,ܡ <҃hNy_l[Id"#t Ջۖ=-F|u󏷨zm'ZqIJa,1.\IXy |Fԯ0 fa,,Η=`F7яjdrF! )ZYUG= aF#gv+Yg]7@0u8k?o$2bzrC9)`vt}Ԫg_݅&%7!AE Dl&5ora!۩irEdV _t.m&34m BQ*]uʅ6W}lsuYj^E3:Y-PPR[90[A'4+M vC/ICeiI.z{4$#{pv|Dq \O+ JnC P{ K]<#|s1"M,tMWNf Ep1TJ{nZPMo*K1\4 &y4g>.oG uۆu|{ }4~mVDQhL drM06z} B[O&uH_GwAD$zǺ!mAIe|qm0S>cgGKoW~\ 'H_>%gpݤΓt88.A~FKj/'?B֋)J IT%JحT&^vIUzf:z?T{ͧzoX@=YI=;Zqq9DˎV q ѳ|۶N b8uW3|x{v?S'EQf2QC^]#P*34t}fc%@\6ð YVȴ \Ldt3 ]^JĂWALrA.9{7+O|ޗpW&-5_UڞlKjd$xdCXA ӏ?+EŃ8 C>I Yke߮}hBzŤ EX8qꓭ7Cd}pbcYBǨa-Ucjq0ۻc<dQt#'E753fZ.b -X$~ } # ЕRwpJ+1,"B}3 Y3dEp\%9$qy-pFs⃹-߾z ۫n=͔nuqXpՓA07A0~DP@6&҂TO%d|Hy6S4yZusRE77U&LAZb3en4\e|ˢ\Ѧj/pǶռ[у 2I#~2.jTqfeLǶ)(nB+rJ0*l$ KQ63iX^w=SRtSoE4OLKӛci[`[KVv{@8kvڈK.qqo{j\VD\L48LIFPol53T/Vg8rWFv&mNlgy*hK˔s9k5F?i)k$ _Z"}&76b%)5X'?%jxky2$2'Ѭ>_TT[6+{pǐzX+~OE1߻lVsZa(uMCP /.!cA"30_'3rf/J.|*a=ڲӅI=WYY*qy͝vxɰHrO $>yKm{YHP{Y7=}h7+_a}ZQš$Ԧ í鑅0lHևW6qq0(tQhd.Ue`࢘:׭yuS.%lFЙKniQ,+hDAFCmp04 Yڇ[a]_Lv.h(GUr|h [OO)7 A4hQb@ }L+gXOŻRms눋3sPn0"3p&\c%ll$;A@;+a eS5:2P;cwSZ3Q$T7 #>;dz>f.G8/ӛ\4G-٘ us^){;}%t0tf{Dld>P, c!汘r1Ae[bW ,;]eֿ$L$Dm'WRFNA ^AubQ4jML,/9zb\LkEJ^g傄^d[ٴûh$>{sۀY%V?Y)_r֊a<%U%Ld?9c Y0Y[+G{NŊ!ևmljX~ KՆ7P&hCY50QK.! +zV. nIi~JVW"fNj-@aҧ#uu=L =̒ ;J3 ʇOk{Qe;@mJ% eЧ喾La8EtH"% ~KTHXe8 gz 7;p5z hnCRHPXm,CȈ3XUu7<JU˲Խ2j+Oȓ4ay1ektVsxʍJOqiuˉ iQ(2#~bHwPaCd;x`ە`^" >-9EʂHQnbGv!NJzF^szsF-z5U>}) 9plbdHi56eoՁɖ󟘻Xbcnq~m}N8$']S` 6)h6:IKe66v04z bj'/}󛖩ec`ݟw苭pJa "NEy~e:F*$Uz2ltK,|%oy=K -3;_5I1 /$ NB&Twz3Tiî[Ådl¿?X5=$ZVZxͨ96I;h}?tvwIcqRkdl忣' |bY( r% &'JvB!*Xgm $^$RGtmB# ' R[:h=(k\(Ms6GWjdx$`إRZrN_nU!ajՁ 1 иSFUǸk/v=ڝ9mM٭G?w9L֬H8K$;Aft)+J];-J[>ic4. v i /eV}09GC*oP&)/NzQwi#ǼhoR&cz0!]R@I85ͅV փ X4SWnh a1[fMKhX$&@0~qdskq~`k)yZ >LhU&@0w;zkJ~3iņwE )ĢEE_j8Vp6VG6T>3:k`u,˼G}d W:)Q(}YhS+  !͙}'Zݨw+fQs'4>yBRU[/`,֑2sfQxn1jxz#Md| 0íջo͎h˟AMlਫ਼ѳzO"4友vUKE$XS/K+;-[\;ֿiC`rt{_7Q0@+\dɶs 7mCjTXjS 㿺#XafOLtԻŸ$o4Gơ?g $xb0XA=-*ۻkm* Q^*7T3|Djk!P7]r0/ލK3,&u:;%EަasB[ȜP .!iw<*UiXT`Ögi7k7` z:=4=:RH@]bd@w{ 6B #c?Doy 776"CĂe<&mQXC _[;c"U) T? qu?j!\V\\ɯC!`a%t}mFx1:c5X7[e;lG6$cdtqWp'a*j gQ}q ź_M TE>갞OYQ]_529e.N*薭RB't*5(&q䔲t6m4Elik .MjT =/#nN[z5o]~N2#=9F(Y{fEm8mv {KZ)E˃ :2/y y5RT:gW߀ky,Ts5جYrԻzIߗkSeo;y޴EPʈ9%"*,P*/\l#Yt j}o{c2[;w89'~J:Mu/@V8 8f:qGJh3oNnkKgDXD0"Gܒ 6h s`#(UCUڕGUUDJHr .yhZlaj̟uZa+e-w?PqggjjCY9'Q [QȉAڇ]s2"}þ~ڟksyű}%-b^lu7}1oMc8 b7T՜¢ګ~םuIИ®U )5XdDɡXCVr(Ś*bꍑE\- A鳬)Z؁ele3}NF7H*OփS\];<4c"A@)@4&$'vEs.xk Ir 2Uu"M]?(v7pS)mqwWDIJTiJ ;;P%4ԠKafb׎.7A:cyɶwv[n 38y5oH:zz-~n)*v5&\#}( dz۵l\E͗˛^t)s㶆`~R Oflک7@[ x%?.րȐ+wA|oȢuX[Hr܀zn@؆ k'ݚR :Qa(%B(|b,xH VDgfBsʒ"a2"yW\7W*惐p gK" (tldI(;pچ1 ҕ4.ker 0e^@S7,Qfb?_0vHtkhBǵ/PGR~ T<1o$%&s\>iHwOkD^ǻ:c΃6bϹA-D+xo3H&% A޾BmM8Te]^Wgڗ-Nm~ /^ >x┡³) :^*'{nzLGaEц|[9߉^<]lwBĩppa,ZNY2j 3a=F9 )qnFnֱ_ ӳ|Ė̸$;Zo\ه",! jm+W^R[Bh b.]pxr۾ ~m޲j`SU3̧ Umdҏp%4`vpGnۄ Ȱإ W9~4Cv|S2NX$NRv_V;#->6a&oҽ?Ę:u&sF2v")Z9(mT1`&q5lF[yka RI&sSI,sE˄N 1+<-c _J:n9L !d*mGyԚ~ay|6@jɦPY |ص?x*e;R0G yWt!yZ!kPFT1$A^J碞bސl9 "㵀l[Kp=%ȣC/ uz Lh˂#GFIdJ! G)9Uu :g&>tE` 5|'ryE^BMDjq#V R1DM7mk!_ R>fY=vT"ޒΪ+dvff8S?q}΁5go/ѿ2vvyt[)+Kf~=}hX?`oq"bcp9rjwMSkl?^;vES2 mU:fM`?7M1W%#nnk?>ʸ!"xe}ÃKicaW!6IG%C|\iӍE·şCmZ˚yzy@b?Vʔ]u_bnC”H "|c;"Uh"P \kM !S̘ (<"4fmCE|Ts:֯[nKrv%^)5" WAuR]BkDE#VK`}mcaԗIs) 3rK/)I}7/vn5 #'sTҁLM0/IVM(Vt&@wX#:W`V꫚$Ɵi &)4紋iQˌ#/J5Ks D!R*cDh^tI_nAu㡡\rKr`C ,TY5DY]1g AhRd6=mY@{9y/<@ܭkZ}jn3bN: :tGhoIA~ 38u:l+ m]p?[rEA E6 vHk$T,B_O #JY'Ut }䀤EF1ec ~}gu`6Æ˳w~1Bk1P<ǧ/>2xZѫikdp L(у>\~Rʣx(\)= D'^q3 ^-Ň0v(T5>Y5/ʖbk4k*(+2a[UIz+&AkNn|},{{0X3S-ܾJ^Z_*l g8(I:[^t\TɟMjj~8}#No7=`|i8:v]_+jgNM|6z&" d uӺgGn O5*s:o"/OK7 tz7uwEaF񤠲jX+4p&3T2ؕ=m6i<@c حL19(N nrޫu7ËQ9=qWyWC[3*Bnk7`كo+  "Y7e F`|-TSnW\{sEjS.9NoyM5oacsߛ3r }S4VD;N!`T@;'^7zvY2;w!-4D=je1 i,mn^r+3aLcJf0]hWA1RYv_Ϙ}`9RO0)`B(9+ *`\yXOtʾ< #":6kB\1rĦZ3; ;x99yD+_\Xxz5INͧS N2}_,ط4=FraEvb*pճZh-E]krN2J-]Ї,: K@{|Sn5\TDuJ.<{~cHƖIh"}Ö:ݭ@k_ [70e.aY buYb@t]U)>q$!vz1eQk"zR6Xq!*n}McT,eMhQH|{:aP6kx__ܼmK;?k{$!Um;;4%I,pğu,L GLwtEJxxyUeǹ^V'hLiX',w#'ƅVZ֪*|P?V쯹ʮR!vҗr]D'Zri3Ya$W]45xbe*2PE_LĀ@¯@(Rt0w,D5p[?wqT c5%YB=m&ɔVΤ P)YPF!2ʧ)8=Ql\L̋;fyJA"j.v YnzUh<1"=):'l&~7d#@%F{4!Sp$vc.x@ ]IJhitCۈ,(ҜwJ; r\#׵\ eE9Mh3rr_&h2/Fs3MMںKϏ*8aBKT(ӊa o)+_Pjߠ DŸZ \Ly6/hqw54o*,s?2ɕ4˙ Bl%[ގ`m4D1:vATUDIYDDsicAE+%/O# )PG8fIĈU;IaH͒>mkBJ۪@2p2H(L«U"FC=5OG3FttƱ$`OKS|:. ̄Wߝudg/v|WTrÂN)mauQ b>}O)H7j &>ǼD;V`u@D3ݘ}= cOkȍ(]G4?Z~ ,~"s#-]$zWZщ]=x56ƓUʚ}"yЛP @ɕJybLAqԗxsf,Tj4p4nΦ[ (v̂˨ppl1n--ߙj劼&)2KE $Gڽ$ dE}Ҳ)iqJ5.wrwһ7%"Ĵq_>Q.5˃;\_QTHolxu +4Ed^8n>O~8lM9}?xD5y *~q5ѭ ՜ZlS$m?xh}y34Ru+,h"-~:z2̝X_,/DpjJx3(In{zDMYs\|)`5I$[c=< ݊v.].ȵK wݿixQ{t$}I?%`:zz]ԇGX1<}kKN # .*65X' Uk] 3tq&2o~n fa~ q Ut]]%z8<=iưc5M`;o7{ Y(e\PuZ@M=>0Q'ELabwYV /R MK&M: k CuQ[VmrNܗ.::10>no4u6n(_ʒMRɇ-e[:0Z1Fb@!RV`l%Հ$"2h ,N;Y8ΆMlff|xVČ"=ۻh:$S'~߂;Rj# =|p!)?{Ђ0'Zd[;UO.RY:4 ̃M꼲d uu3C_Z*m{Ta lNߜCGTa~^Rόa-{AФ(AYK2y cZ348D &0Q|;M.p>C@` HB԰Z`mi( r'48UDs&g i\[ATnد^up /ڟ̄8ִ0xXa//`G|ri-%)91 fN`T(_PR$:K wgF"Jz%H9xaReQe4ʃTQOU3>U~7ǤQ^$C>#[0 21_s9hZjæ Ij} $9Ħ}1%?ťYmV[oE;QMsv 6c'X8#2{!pi ?qc~4RGkn5'OS( f4vocdf˻/0ޯ"mOUs^)gʓ= lmi 7%|M9S䙫ߪ֎#VG:Ō,'ʔjooQyԶ0+G&܊㑥k,.n۷7gpx/R`JԄhq{4Hh{6 թZ:Ԟ_-æ4;0,h4=-G7E@fN u͂ yIy|E@ u1I2WI܌_Hp—1|-ҰLVåPr|NTc#hMʀaz"H^4٘ GB.] "PbCFZ8>L}zcrdWhFs \ݢe7*dhvާE@.lJTl2D=DYsQ8p>t:ƫEiW9+xFQX/'~g?1- jk\pqIoOV f4T7# gkz[E4QdB/E\}nouYf?:|}/Fe+@}Ṋ)P<^&~<۵[Ú/{N'zڸn`+.+56`?J>)\6-dzZT?k"uﻀ.&@ND3ߡ\q ^ਪQ%*yK,G8Za8pMDy֦YLglIr,.cw2Nn3S?wҦAX %w/-_NT˗[j+S3Qh-?7B>P궤V`G<9**@j .KqÑ"q4=.Mz;[+IS{K &j Ύbm5ɟ {p(h­M"T]o!HACG+>@q ܹž"ΫU>lߒ.uԠG\d#3Y'޹ѫRt(7ivLMFS_q,1[?tgG([@һx_8i<_Vw+_bC|QL[B@8k-~HCл 7aOT7||'9Fҧ|;R80+}Sfaފvw n>SQ1Q3ؙ||ЏI f?3l/Ri*\>[=>L4P/ ~)Q~s+m0;!=fl0أw iPb|ln8KLԪ;&̑iyl,cgy4>7oP-JN:%2JViS-^P6ov>KC=zf\}"ɴj514";f?uAob.Wl EHj,s5LBA&x,'A7؋h-?#&2 ȴII3o—T7f.1Tq6=E~y@u+v$i`K+_Bcb7Ԏ60AokYܜy; B +(8`9aer"ޚ`"dZSDQ'+cp&\^/h d84|nZ o_8$qH{>6,E4\x'8T Lex' {)-@T=_O l| ucTKHa Whm|=d"A(o#cl8 zi;ǾVy ٳ #ӛ!ooluFE$M< O%1g7ZlPP DҙMXm!zahE}Y cMgH} *v6(Z@(1guZ=9&1ac]oK̜Zm~2b?21}Ox>).k}?H+wbMx0LCj;P/!)ET hvx1=Dᴡ ET*n` &W-hJ0t_5b2NdFKDZIsk?ͥV7}x@˜f&3铣A G ^rdWsYo͓Hw;-G\|?{+R^wO[}Rh%a+rюs balBH>?jF`>EMQ@ٽ.imÏ*g5(HC]e݄SףD1cpΚ}`zNR#!@yw:5FÎlD+fL.owI_Mj#⫶)ߚ^gM=|2a{rnϔ/ /KJo+ilF5d. Xrz[(̨O\>HK…;c#^$sW|#J:zDuzHoz*[DPiS:]-lD-Њ~JCIA$]ցtE ;>Y\1H=}f/YOeHPK.֕2#\;]#J@rg?hxܮO  p!R3T#Zw~9ƌWcL1lKd CCb~O.F aSn,q7w"'ڥn)Z [h|7°8/ ;{ҨJѽj 7ۡV({ [%r E? j׉UFP.bQչw)羟R:qw5(p-I'z 9hygh.<R\ 5({;>J(ϚImW H!1qB l|DձZnFvK+nd3da]+1ϜF?W!_AϏ/[eQLTU@^2TrgQpߖ@턙pkpyقzAdQ1\揙w>sKf;lvkɓ5kLOnTY* Z?i{l1$|_~НIEX#cpjd) 2s}Oli>H_a,FT[C ֆ9voYw",fRpxM+9)63˜Q21(~pCZ۔ #6ڽR)pԳ|= h }(zh{jclpYnOIg˺t.YOԡDN؞YƊ/xitjXaM3@/,Xa{[rih(:ᶪN#ƍ>B[_ =tZrF;.,csc ;>@ 60U5p +r+ψt>젝IFcV)Af VUu,r~Ӻ gHو6y~U~E GB/]mt5XŸ==.QUQ@;sEפe>}FuIܼNͬx|gO]l+t(GڋZv?5N&7>+q}IpbL s&"0Ζ?} c dXkf띏x]v2F,5gِ}b[0Ԝ8,ݴy|HG#^H9 $I34-bmk(s~Pׇͯ IRT/ՠ Qze\>) Lz0(v-uy?= @R.,yVSDp@ =aI&frG;8Lv5ewPi>xSU2P+yYLH=d6,H[M;H\%킱U8^n߫ h ĄeٛG,7M+ޟU.fవS] Sxe%]bCͯG*G63T(oia3V3>؞oDU L!m~Nkᣅ7bA>e&Zr-+c%3"c%i~(:k !햡&%䷃;/ӌo37kwY5I#jHcb.[tb$:B4.\M\Fki u2cѓW%)-g6 Hsk}GH$+^@ ?#yXDpXh3OmN}5U`$KAodzlLyרuc?9Z>3n{2Yt&^k`=ZI0;FT~4 C22m6wŸb3薙,H v?) #훵%2# ee dql^Tcq_RZK*IC#ji.w+ik!0rcb%mNHR0TLW6Q+?N6Dz{1רO|Mj搣r}C 0l*nOwp]B v%)$ZѠ<էql#z);t^jXfɽ;J1=;weR6VL%`AR>ܤZWC]jd/jVtQt煲NhŸDEs)J=pʭ녤tCȜf)Vw'h0|8”wױfc2NaX`i0m 8q2Z밄NQ`uNqBGl0[΄\dGʃ.yd}?~>".vI)?1a ) vpdrET}W+lf@~wy{#y.+/`W^-qtN\yVGQt(P9mwt C QgOb.~՚ocE)p6ѼJWr~i8(椥c{EgolYmCH60b{ԩmR"]g2|hitƒC~)H?O^p}O^kv&-//&ơ{&Q{|vP}Z@&&< f'v³-+ GaZ07:܄vzKu{ \M/P޴ N}.̃|yɨ<3g?tkJT5.zF_jg[F.+CI^05:U4k \kRahVEVXZHbSA+,^fQDR_l;C|KɈ_6B=߅aԄ'cGoVvq߷Y 2EBy'yGy[)HX#02PFA ^qe(!Bs,{kBd)J% 9*!*̝4TSwJ4XSAtLͶ(ȶ._OYƬ U Yܦ{(˖W<"6mr-҃]6|mcbjt b T[vFLf\ڛ~J,8td7.a93k6b_1ƳRT"VNe5~''U3 QH 5:1Á]kOST[I0Š;cwhf)*B$rW^Aǥ_/ {A±฽_yIlʌhu^\Ϫ( SN#s|>l\F4j̿LrpYcpBNy9KxDήMNQtI U&AF0p}cn{"rA D6Qڏ}A{.gCgN5e|0aU69~1 ql$c͈R,.=si(:{ΔZ<,yMfhYk6JQ1Ghāl{ee<)Qf<}lQsL`I.{ϱ~/>;+RI usPNЩg^͋ }:HrHgQ aٚrlU5䋰CvH%ozAWj7+FA}TLSXߡl;hrFƾv[vӼ_Z{od`8՞s&nBV? e*#%AUd*KFf1qzߚZByPyAZ/w %T`^xM]j~I4>vpu<(| uTSUZ2d1WӞ;;iαպ_w}8:JG/`2Z"Z#sɀr#>F@<yh۲GQj#*;~\Q+sPw]y22P4WVGJFiZހHxzS7zpuU{* RMFObaMHxD1uJǩuK4c岙 j)?N$g.iDU`zA8l&_k,Zn*5nZachFKޞi'SH"Jq/(kh屾nFn*?uW:_'բH 8m2~>&>4OqnSȦJbOI#Ђ{AODy:Y&(ZbM晈 {lVTUèp8]ꃟvn$􌕩 [K\*/~Ȃ [EE-M<'obL,򳞋#}Weտ%mmz°#; *?5=)Gxm+cs#Xʹ)soVE?fmo0ZwVdW|w`q!S^zPlpEUaj ^%$k N\T3k?YJM]U Xl*X 0PFWm5[F@@QD}eUŪ>唭z7,׭^x8&tܩ{}q2C|x63制 )L hܿ!!| ./Vs,G Ur$bg@ÑRo'i{<X)_};feUpTdjb?`{kH؞lm#M`Au(MfJ5 w{YZlҸD] )k<B͑}',UuɾY:0sS*#5W:}w-&P9r~I`;VR|鹮uKDWI'Li*WkZ J-TQS+7 P- Z)2xoD`*;]Is_K{]<%{2P0oP/dlW,>鬂][B+XIloM5 &8f+]G\ R &{%Z7y:Ăs>n J-^Bt֪9gs%6~/÷R:-@yY9=O-H,=`R0C?IJ>ۼ&PJQ+ĶY`/)>>wQ_l?:sѹb3RAFM:L٪ex3:GL7aȤ~nbVV{$ {  7e0}5>,GlTKu +qvlLuo=x}P&Vw-zO7}+jr3 Xz/iY$QnbF[4;!V6&yi> wPL")}0tXStHώ N^[Yj@`ޛf=&{1QL#尖aZϑ~l\'=3GælC%lS:FEcdmoCg&K`;>Y# vjĉܽ\Yd1KBGN+ ?,fak~j!W{W*6e ?sǟD;wQcB.tΎ@DRG FO!mg2~9CEnF+;Gax7\=N΋kO+o2">MeZzT)[wa׋@U.aӣ7Q\S{~D:u }y*@WyOaU$a謠d7kEKO ɩJQ%].E뇘#(x<\GT90D=4Ol 3 {_M:jXф",bF3N-74"ݱK$.=Z2׆P;uy=¯w9KS E7%5lbP7QhULӫFeLo>e4,ްQ9I =ckկ(tކLSJ ꞅg,2UVq ͹4tMɜK޹Z)My@%`v!1V@T1t8g(z,r8y/*fD M![1ߛ *ۧ7k8;-HXr dӳ&ґ F@uj쓡4j}Baֻm"D8P)i;tنיG ;-DX6D+٪.D繈ѿ":}-C Uv˸LPƠ~ǓD H>ڂ7YӘR\e=qQ hhF =Varؔzr#O jUt TwF|3z[:ऍwj JQ ʯQ 4n4!*(ܘRj `Dh%OgL W%:վcVd*^HrCsL&ޜ;Lq#؛w x:qJhm0,%Y`:Y~ZQdz,b7,.m:EjFf㖮MB]% l|r=a1klfԽCΪꍺ,kP#)&x6fW8Q'3> 0i DU#o%CEk 51dВNvn m@b@_ <9x[F-~[ܓ7h5`@X¹Z6`Cbcg`}$t,s?fktY J>MAK-2k b |gSʢ gIIl¨-Ўr OyM"MUdmQz^! > z\k^mX)coeiqh[l<'r"MxI_ V!D7z ǙeCw]ibxyZAhyvEAD/"B =ZL(f9|A(hFBU tQ8|)͜ۦ-sp*ƒ&e)kP=!>7  3E>߄zH .zsª"!n?/duӍHme t9f/ V?O[Zd\}BYM8 &AxJ$ZBS2Ǥ@f9dͭ0(6wٺ1H~~)~+ CTZl[^I+Ԕ9N"޳?Sͻ:hZTlۜO)zJ,j- q-veFgPyST<.O]9f[ȟ7"|A\ 4kYG#u۬MGn^/1xc?9j Ӵ$ve8I fI|$)׷ȐbV(aFOމǺ<`kNye5"\йõ<* G?iS9$|kS鮕1^^ Ý  -V ϥX}lJUƬ/qf;Pn&wzhp*LF-*x=,UR F=3$sEO&\ySv dMb* [f 1ɠiϴ]nhEh8X_q 23bEְ-1dĸ mK}`P>ZYه,i]|yqg}L4w`GWȪm ;K-S%E?5w7K eUvP'.WMCBg xhY*)݂yBp\Zä>fBGQS!5(,r΢)NAtyHFm!/$Q-?#W[~h"+WL9s&*y Rn"b2#$W c !DKŰzjpNiƻaֶ}Db<B%w!^5+ =$h/L.? }7bLe/y;5MEo *X q0c^ܒɹo7A !P8;'/ϩ _ f]*To[OKÒ_`DX;_s1P6M vT|0u4"A\jW (LD_giǭZw).oʮxoSIpG/ʲT剑xf)Aa-~_Y #xg8 ƦPr̢[oZɎճ_lܝSu$-Yz\ba ?^)q&rGX|FKN;" ubA{/UXzi{nAf&H1d'r#bwXS5Zl u`iS0F!U1+t;-2ۮ-dN*ZL٪zo iޮ~ =~KЀem8}vU>?l~G]D On>k.^bnKoŬdB9sXv 5g-]T~EӐ͌&rm>7u1EM0pr!QV<w;}t:F-`.Ykiqt M,˓D X5!2ledz(z.@~ie=|#e\ycP2Գ>~fC7mN7$\y`>hw'ƀR+ި)o%9D+V35NqGb%d5C9c6y`ͧjݯcWweg,6dVY+6aO(^h"ޒbGZiwrT g/pu~ o殬||BDybwQPa'>5#k&ֻH;!L'&!~9s8#&mSevvnMʥk\| Шsnly(\'~:1VJJwf삦|"^za+ԧN/qSQK)|4 Q Q-[/P/% T]&%ǽ8xh~da~O8W@^I!XD|yB~xjz\3 1|iM7M0*oe ЇK%'^ 1 c.z@*ABpV{ 8tN/,I7]p6=6rc(}(% ~Ul=!. AoCoYۼi)C!|R5CB2K:n'VC bKȦ -ʼn'(K4dCȪduw([Ct[vhe9"&WV{sugY$miWH0 mpZsKr #H03搸=\źe*nY;v2K β%%RȚI||XqKyթ gѳ^FEc]90u1x)I'5TI XeYv!P|d* yf̧_,( -h0RmW@2DLNΨѴ{22|ws K+ty//xei?f7L9 aZJ]9;kk2{0BЩ䟪ϚƠjEfTaJ i>]T-b%ۙ[nRT.[-/<0!,K#?_)&FB( .=Q:QSQqIWF\oj:B'L5 )чh֍DpI Fa#V\4apBtt4q5+e߀H8 މ }o@rZ7eW: FUIf?. zϮM y t"μ92EG{,DV  ȍ Bex}%xNu#F9`M7P8\We# #R}TTThsO:{Ͷ54%ǵO5Ҕ-Yؾ7_jFjfr=ViP/07;C$v:˞XYT=j;jʇOD39.G%m{Z&[C=܇r(iWQBѽ5_i2o[@lƼj񿧱D^ 1"} 7'$CTTZ\nnJ{Xώ{T{( ):^vyf1Niyyo4^;:lv#dD/tn4muJ4-(#:+؛QX~\e$G ㍉\-%4,t5 E})AFvGyܶci=,hE9.Ԍ4Ό,ώ5oZe=!jyuޑ\G+Qg4'6MG- b]U߂o=ݟDWgި\ݱ0U~p]Ml2j%Wf"+$ A++Lz+LŮӀdr<W|It HW{V;PKC%2zf^UxK{*<V)/R*С'm)%YX^t'٪BF*Mrfb G3-?KMÅ.'RP-^b:q>yl[{t),x셔H-hʜB[I!A4l%opWY Qh= R +P 0[9>@d^qtZYkd-z6>B.bV_شGU<`kVUo")cx4ӥP' HOnvW/䚿<\LSdwDc6mXuOejS2$G\A3r쳢tur xC.˪ϳ(.w߶Ӣj 6dv?'(jPέ Os,+d4\sXC3($5ϷGhn^,!gMy`_zM1]EaSv#eRP̈LmF@Z (3 # wL6U6 >:9 (AGXnt26xEQq ΊI[!OkΫ3πy̥>k/虽~Þ'[tǁ'sTFHoƘJ⑮ÏΆ[ݚˢѐY5-3 f^iJi8WWxg<0#F Np^ QevC'##tm{Ia~ջX%ՠY|g%dL%I<{kڬl#VF0%F#JMr³g -Ic/rѾ3MW>)T4^u.mDxzfS"F5v]ܪO!&ʔߋ܇G8!og|zU;#pn@Rs,I.