mod_ldap-2.4.37-65.module+el8.10.0+1842+4a9649e8.2 > 6 6_6 3!pQp)Tξ7]mtZ`fǎ ]mtZ`sV6ݽM9Bhxս~=_JNaU^Vj&; rV]HéfK~X-Dؿ<'E,-=E|0 eqZ5H7eNXuB6i6haeDp: 6$u^53%VSve-ݿb-6r#U\'E#ТE8LNHm\QWJ F3BǦ=zH|~N]orYՅćS WOוf|<OK+j#U ^K8x?|4ѣa454:?3R9b6dmugT X,eW9}-_9&3n"BFm扟J$7_1D?+wY#J Ixl,\LQ_P.̿"{O3bl༕ktAEu9pjg(B_嗾Kx#@@!mKE3456529a20959e3c292763c2b82210736ed702c97167b3e17ae19a72491a4776a279958e377b32d96c8f211adc101176edb613b5Tg3!pQp)Tξ7]mtZ`fǎ ]mtZ`;>? JwUNy 7]<چZ' 24kPDd[xWR@%N9^]c֡GEL_]+6  ?&DsXQBtYD-*+sԻR!\9Ym2\>hp5Ś3Mbve'YV%ڬ  ҢZ'ZG VfI(-LX`E\G|ҕܰC6?.&QFZ'U 07MeP/> -zl#/ _kh"mmj4/~QNj]l]U%$$>2$ ڣ-|ۭo^em>p=?d  5 l  =Xrx     2P e(89 :7/GPHhIXY\],^bdmerfulwtuvwxy \`fCmod_ldap2.4.3765.module+el8.10.0+1842+4a9649e8.2LDAP authentication modules for the Apache HTTP ServerThe mod_ldap and mod_authnz_ldap modules add support for LDAP authentication to the Apache HTTP Server.fXord1-prod-x86build003.svc.aws.rockylinux.org=KojiRockyASL 2.0infrastructure@rockylinux.orgSystem Environment/Daemonshttps://httpd.apache.org/linuxx86_646/ЀC0AfÙfVfTfTfTfTcbbbdd396fe056e8ab167abd7b2cb5145b42210bfea38452968ff02a03493fc814837f9babbc2161053206f71fb21545fc6faac1191ad00c537b2fc03285e47fc770ef8fc7249743c039d5bdd2ab3f9846bb518f31f07aa141702de0fbc9d455../../../../usr/lib64/httpd/modules/mod_authnz_ldap.so../../../../usr/lib64/httpd/modules/mod_ldap.sorootrootrootrootrootrootrootrootrootrootrootroothttpd-2.4.37-65.module+el8.10.0+1842+4a9649e8.2.src.rpmconfig(mod_ldap)mod_ldapmod_ldap(x86-64)@@@@@@@    @apr-util-ldapconfig(mod_ldap)httpdhttpd-mmnlibc.so.6()(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.4)(64bit)liblber-2.4.so.2()(64bit)libldap_r-2.4.so.2()(64bit)libpthread.so.0()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)2.4.37-65.module+el8.10.0+1842+4a9649e8.20:2.4.37-65.module+el8.10.0+1842+4a9649e8.220120211x86643.0.4-14.6.0-14.0-15.2-14.14.3f@f@fieN@e̫@d d\@d!d-@d-@d-@doMdJcdcck@cck@c(Ybޅbb2@b8haNaaaawaU`:@`f@`@`@_м@__@_:_^b^(@^@^]]@]߶]҇]@]g@]-@]]@\7\Z@\Yz\T4\\U@[@[[[@[H[u[[[ā@[ā@[ā@[@[@["@[YZ@Z@Z@Yp@Y{Y@Y@YéYéYéYéYX@YYYYx@Ym@YlYf@Ycl@YV=@YGY5GY@YXۡXP@X @X@XwoX[@X[@XEVX)@X@WW~D@W~D@W~D@WKW@VVVVn@VhV.VCV@UK@U@Ua@UF@UQUQTp@T=@T@T @TT_Tk@Tk@S0S@SGS@SS/SS@SSS"@SS5d@S4S&Sz@Sz@S(S@R@RRG@R@R@RsRrF@Ri Re@RVQ@QQޞ@QQo@Q@QQV@Q@Qo@Qm=@QQQ,Q,Q']QP @P6@P6@P{@PPl(PiPiPiPiPYPQPIP3x@P3x@PPO@OO@O@OЗOЗOF@OF@OF@O]@O"O"O@O@O@O@O@O@OOOOOOleOleO_6O_6O_6OU@O8@O8@O5OKO@ONNS@N{#@NoENdNBrN)f@N&@N@N MM>MMn1@MdMRMF@M(QM$]@M$]@M# L@L@LLMxL7@K@Luboš Uhliarik - 2.4.37-65.2Luboš Uhliarik - 2.4.37-65.1Luboš Uhliarik - 2.4.37-65Joe Orton - 2.4.37-64Joe Orton - 2.4.37-63Johnny Hughes - 2.4.37-62Luboš Uhliarik - 2.4.37-62Tomas Korbar - 2.4.37-61Tomas Korbar - 2.4.37-60Tomas Korbar - 2.4.37-59Tomas Korbar - 2.4.37-58Luboš Uhliarik - 2.4.37-57Luboš Uhliarik - 2.4.37-56.5Luboš Uhliarik - 2.4.37-56.4Luboš Uhliarik - 2.4.37-56Luboš Uhliarik - 2.4.37-55Luboš Uhliarik - 2.4.37-54Luboš Uhliarik - 2.4.37-53Tomas Korbar - 2.4.37-52Luboš Uhliarik - 2.4.37-51Luboš Uhliarik - 2.4.37-50Luboš Uhliarik - 2.4.37-49Luboš Uhliarik - 2.4.37-48Luboš Uhliarik - 2.4.37-47Luboš Uhliarik - 2.4.37-46Luboš Uhliarik - 2.4.37-45Luboš Uhliarik - 2.4.37-44Luboš Uhliarik - 2.4.37-43Luboš Uhliarik - 2.4.37-42Luboš Uhliarik - 2.4.37-41Lubos Uhliarik - 2.4.37-40Artem Egorenkov - 2.4.37-39Lubos Uhliarik - 2.4.37-38Lubos Uhliarik - 2.4.37-37Lubos Uhliarik - 2.4.37-36Lubos Uhliarik - 2.4.37-35Lubos Uhliarik - 2.4.37-33Lubos Uhliarik - 2.4.37-31Joe Orton - 2.4.37-30Lubos Uhliarik - 2.4.37-29Lubos Uhliarik - 2.4.37-28Lubos Uhliarik - 2.4.37-27Lubos Uhliarik - 2.4.37-21Lubos Uhliarik - 2.4.37-20Joe Orton - 2.4.37-19Lubos Uhliarik - 2.4.37-18Lubos Uhliarik - 2.4.37-17Lubos Uhliarik - 2.4.37-16Lubos Uhliarik - 2.4.37-15Lubos Uhliarik - 2.4.37-14Lubos Uhliarik - 2.4.37-13Lubos Uhliarik - 2.4.37-11Lubos Uhliarik - 2.4.37-10Lubos Uhliarik - 2.4.37-9Joe Orton - 2.4.37-8Joe Orton - 2.4.37-7Joe Orton - 2.4.37-6Luboš Uhliarik - 2.4.37-5Luboš Uhliarik - 2.4.37-4Luboš Uhliarik - 2.4.37-3Joe Orton - 2.4.37-2Lubos Uhliarik - 2.4.37-1Luboš Uhliarik - 2.4.35-10Lubos Uhliarik - 2.4.35-9Joe Orton - 2.4.35-7Joe Orton - 2.4.35-5Lubos Uhliarik - 2.4.35-4Lubos Uhliarik - 2.4.35-3Lubos Uhliarik - 2.4.35-2Lubos Uhliarik - 2.4.35-1Lubos Uhliarik - 2.4.33-4Joe Orton - 2.4.33-3Luboš Uhliarik - 2.4.33-2Joe Orton - 2.4.28-8Luboš Uhliarik - 2.4.28-2Luboš Uhliarik - 2.4.28-1Joe Orton - 2.4.27-14Joe Orton - 2.4.27-13Joe Orton - 2.4.27-12Stephen Gallagher - 2.4.27-11Jeroen van Meeuwen - 2.4.27-10Joe Orton - 2.4.27-9Jeroen van Meeuwen - 2.4.27-8Stephen Gallagher - 2.4.27-8.1Joe Orton - 2.4.27-8.1Joe Orton - 2.4.27-7Fedora Release Engineering - 2.4.27-6Fedora Release Engineering - 2.4.27-5Joe Orton - 2.4.27-4Joe Orton - 2.4.27-3Luboš Uhliarik - 2.4.27-2Luboš Uhliarik - 2.4.27-1Joe Orton - 2.4.26-2Luboš Uhliarik - 2.4.26-1Joe Orton - 2.4.25-10Joe Orton - 2.4.25-9Joe Orton - 2.4.25-8Luboš Uhliarik - 2.4.25-7Luboš Uhliarik - 2.4.25-6Joe Orton - 2.4.25-5Fedora Release Engineering - 2.4.25-4Joe Orton - 2.4.25-3Luboš Uhliarik - 2.4.25-2Luboš Uhliarik - 2.4.25-1Luboš Uhliarik - 2.4.23-7Joe Orton - 2.4.23-6Joe Orton - 2.4.23-5Joe Orton - 2.4.23-4Joe Orton - 2.4.23-3Joe Orton - 2.4.23-2Joe Orton - 2.4.23-1Joe Orton - 2.4.18-6Joe Orton - 2.4.18-5Joe Orton - 2.4.18-4Joe Orton - 2.4.18-3Fedora Release Engineering - 2.4.18-2Jan Kaluza - 2.4.18-1Joe Orton - 2.4.17-4Jan Kaluza - 2.4.17-3Jan Kaluza - 2.4.17-2Joe Orton - 2.4.17-1Jan Kaluza - 2.4.12-4Joe Orton - 2.4.12-3Fedora Release Engineering - 2.4.12-2Jan Kaluza - 2.4.12-1Jan Kaluza - 2.4.10-17Jan Kaluza - 2.4.10-16Jan Kaluza - 2.4.10-15Joe Orton - 2.4.10-14Jan Kaluza - 2.4.10-13Jan Kaluza - 2.4.10-12Jan Kaluza - 2.4.10-11Jan Kaluza - 2.4.10-10Joe Orton - 2.4.10-9Joe Orton - 2.4.10-8Jan Kaluza - 2.4.10-7Joe Orton - 2.4.10-6Fedora Release Engineering - 2.4.10-5Jan Kaluza - 2.4.10-4Jan Kaluza - 2.4.10-3Joe Orton - 2.4.10-2Joe Orton - 2.4.10-1Jan Kaluza - 2.4.9-8Jan Kaluza - 2.4.9-7Jan Kaluza - 2.4.9-6Joe Orton - 2.4.9-5Fedora Release Engineering - 2.4.9-4Jan Kaluza - 2.4.9-3Jan Kaluza - 2.4.9-2Jan Kaluza - 2.4.9-1Joe Orton - 2.4.7-6Stephen Gallagher 2.4.7-5Jan Kaluza - 2.4.7-4Jan Kaluza - 2.4.7-3Joe Orton - 2.4.7-2Joe Orton - 2.4.7-1Joe Orton - 2.4.6-10Joe Orton - 2.4.6-9Joe Orton - 2.4.6-8Jan Kaluza - 2.4.6-7Joe Orton - 2.4.6-6Jan kaluza - 2.4.6-5Joe Orton - 2.4.6-4Jan Kaluza - 2.4.6-3Jan Kaluza - 2.4.6-2Joe Orton - 2.4.6-1Jan Kaluza - 2.4.4-12Joe Orton - 2.4.4-11Joe Orton - 2.4.4-10Joe Orton - 2.4.4-9Jan Kaluza - 2.4.4-8Jan Kaluza - 2.4.4-7Jan Kaluza - 2.4.4-6Jan Kaluza - 2.4.4-5Jan Kaluza - 2.4.4-4Jan Kaluza - 2.4.4-3Joe Orton - 2.4.4-2Joe Orton - 2.4.4-1Joe Orton - 2.4.3-17Fedora Release Engineering - 2.4.3-16Joe Orton - 2.4.3-15Joe Orton - 2.4.3-14Joe Orton - 2.4.3-13Joe Orton - 2.4.3-12Joe Orton - 2.4.3-11Joe Orton - 2.4.3-10Joe Orton - 2.4.3-9Joe Orton - 2.4.3-8Joe Orton - 2.4.3-7Jan Kaluza - 2.4.3-6Joe Orton - 2.4.3-5Joe Orton - 2.4.3-4Jan Kaluza - 2.4.3-3Joe Orton - 2.4.3-2Joe Orton - 2.4.3-1Joe Orton - 2.4.2-23Fedora Release Engineering - 2.4.2-22Joe Orton - 2.4.2-21Joe Orton - 2.4.2-20Joe Orton - 2.4.2-19Joe Orton - 2.4.2-18Joe Orton - 2.4.2-17Joe Orton - 2.4.2-16Joe Orton - 2.4.2-15Joe Orton - 2.4.2-14Joe Orton - 2.4.2-13Joe Orton - 2.4.2-12Joe Orton - 2.4.2-11Joe Orton - 2.4.2-10Joe Orton - 2.4.2-9Joe Orton - 2.4.2-8Joe Orton - 2.4.2-7Joe Orton - 2.4.2-6Joe Orton - 2.4.2-5Joe Orton - 2.4.2-4Joe Orton - 2.4.2-3Joe Orton - 2.4.2-2Jan Kaluza - 2.4.2-1Joe Orton - 2.4.1-6Joe Orton - 2.4.1-5Joe Orton - 2.4.1-4Joe Orton - 2.4.1-3Joe Orton - 2.4.1-2Joe Orton - 2.4.1-1Joe Orton - 2.2.22-2Joe Orton - 2.2.22-1Petr Pisar - 2.2.21-8Jan Kaluza - 2.2.21-7Joe Orton - 2.2.21-6Fedora Release Engineering - 2.2.21-5Jan Kaluza - 2.2.21-4Jan Kaluza - 2.2.21-3Ville Skyttä - 2.2.21-2Joe Orton - 2.2.21-1Joe Orton - 2.2.20-1Jan Kaluza - 2.2.19-5Iain Arnell 1:2.2.19-4Jan Kaluza - 2.2.19-3Jan Kaluza - 2.2.19-2Joe Orton - 2.2.19-1Joe Orton - 2.2.17-13Joe Orton - 2.2.17-12Joe Orton - 2.2.17-11Joe Orton - 2.2.17-10Joe Orton - 2.2.17-9Fedora Release Engineering - 2.2.17-8Joe Orton - 2.2.17-7Joe Orton - 2.2.17-6Joe Orton - 2.2.17-5Joe Orton - 2.2.17-4Joe Orton - 2.2.17-3Joe Orton - 2.2.17-2Joe Orton - 2.2.17-1Joe Orton - 2.2.16-2Joe Orton - 2.2.16-1Joe Orton - 2.2.15-3Robert Scheck - 2.2.15-1- Resolves: RHEL-46040 - httpd:2.4/httpd: Security issues via backend applications whose response headers are malicious or exploitable (CVE-2024-38476) - Resolves: RHEL-53022 - Regression introduced by CVE-2024-38474 fix- Resolves: RHEL-45812 - httpd:2.4/httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474) - Resolves: RHEL-45785 - httpd:2.4/httpd: Encoding problem in mod_proxy (CVE-2024-38473) - Resolves: RHEL-45777 - httpd:2.4/httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475) - Resolves: RHEL-45758 - httpd:2.4/httpd: null pointer dereference in mod_proxy (CVE-2024-38477) - Resolves: RHEL-45743 - httpd:2.4/httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)- Resolves: RHEL-31857 - httpd:2.4/httpd: HTTP response splitting (CVE-2023-38709)- Resolves: RHEL-14448 - httpd: mod_macro: out-of-bounds read vulnerability (CVE-2023-31122)- mod_xml2enc: fix media type handling Resolves: RHEL-14321- change for CentOS Stream Branding- Resolves: #2221083 - Apache Bug 57087: mod_proxy_fcgi doesn't send cgi CONTENT_LENGTH variable when the client request used Transfer-Encoding:chunked- Fix issue found by covscan - Related: #2159603- Another rebuild because of mistake in workflow - Related: #2159603- Rebuild because of mistake in workflow - Related: #2159603- Resolves: #2159603 - mod_status lists BusyWorkers IdleWorkers keys twice- Resolves: #2176723 - CVE-2023-27522 httpd:2.4/httpd: mod_proxy_uwsgi HTTP response splitting- Resolves: #2190133 - mod_rewrite regression with CVE-2023-25690- Resolves: #2177748 - CVE-2023-25690 httpd:2.4/httpd: HTTP request splitting with mod_rewrite and mod_proxy- Resolves: #2162499 - CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write of zero byte - Resolves: #2162485 - CVE-2022-37436 httpd: mod_proxy: HTTP response splitting - Resolves: #2162509 - CVE-2022-36760 httpd: mod_proxy_ajp: Possible request smuggling- Resolves: #2155961 - prevent sscg creating /dhparams.pem- Resolves: #2095650 - Dependency from mod_http2 on httpd broken- Resolves: #2050888 - httpd with SSL fails to start unless hostname command was installed- Add the SNI support in mod_proxy_wstunnel module for Apache httpd - Resolves: rhbz#2017543- Resolves: #2097015 - CVE-2022-28614 httpd:2.4/httpd: out-of-bounds read via ap_rwrite() - Resolves: #2097031 - CVE-2022-28615 httpd:2.4/httpd: out-of-bounds read in ap_strcmp_match() - Resolves: #2097458 - CVE-2022-30522 httpd:2.4/httpd: mod_sed: DoS vulnerability - Resolves: #2097480 - CVE-2022-30556 httpd:2.4/httpd: mod_lua: Information disclosure with websockets - Resolves: #2098247 - CVE-2022-31813 httpd:2.4/httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism - Resolves: #2097451 - CVE-2022-29404 httpd:2.4/httpd: mod_lua: DoS in r:parsebody - Resolves: #2096997 - CVE-2022-26377 httpd:2.4/httpd: mod_proxy_ajp: Possible request smuggling- Resolves: #2065237 - CVE-2022-22719 httpd:2.4/httpd: mod_lua: Use of uninitialized value of in r:parsebody - Resolves: #2065267 - CVE-2022-22721 httpd:2.4/httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody - Resolves: #2065324 - CVE-2022-23943 httpd:2.4/httpd: mod_sed: Read/write beyond bounds- Resolves: #2090848 - CVE-2020-13950 httpd:2.4/httpd: mod_proxy NULL pointer dereference- Resolves: #2065249 - CVE-2022-22720 httpd:2.4/httpd: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier- Resolves: #2035030 - CVE-2021-44224 httpd:2.4/httpd: possible NULL dereference or SSRF in forward proxy configurations- Resolves: #2035063 - CVE-2021-44790 httpd:2.4/httpd: mod_lua: possible buffer overflow when parsing multipart content- Resolves: #2007199 - CVE-2021-36160 httpd:2.4/httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path - Resolves: #1972491 - CVE-2021-33193 httpd:2.4/mod_http2: Request splitting via HTTP/2 method injection and mod_proxy- Resolves: #1968278 - CVE-2020-35452 httpd:2.4/httpd: Single zero byte stack overflow in mod_auth_digest - Resolves: #2001046 - Apache httpd OOME with mod_dav in RHEL 8 - Resolves: #2005128 (CVE-2021-34798) - CVE-2021-34798 httpd: NULL pointer dereference via malformed requests - Resolves: #1984828 - mod_proxy_hcheck piles up health checks leading to high memory consumption - Resolves: #2005119 - CVE-2021-39275 httpd: out-of-bounds write in ap_escape_quotes() via malicious input- Related: #2007236 - CVE-2021-40438 httpd:2.4/httpd: mod_proxy: SSRF via a crafted request uri-path- Resolves: #2007236 - CVE-2021-40438 httpd:2.4/httpd: mod_proxy: SSRF via a crafted request uri-path - Resolves: #1969229 - CVE-2021-26691 httpd:2.4/httpd: Heap overflow in mod_session- Resolves: #1680111 - httpd sends reply to HTTPS GET using two TLS records - Resolves: #1905613 - mod_ssl does not like valid certificate chain - Resolves: #1935742 - [RFE] backport samesite/httponly/secure flags for usertrack - Resolves: #1972500 - CVE-2021-30641 httpd:2.4/httpd: MergeSlashes regression - Resolves: #1968307 - CVE-2021-26690 httpd:2.4/httpd: mod_session NULL pointer dereference in parser - Resolves: #1934741 - Apache trademark update - new logo- Resolves: #1952557 - mod_proxy_wstunnel.html is a malformed XML - Resolves: #1937334 - SSLProtocol with based virtual hosts- prevent htcacheclean from while break when first file processed- Resolves: #1918741 - Thousands of /tmp/modproxy.tmp.* files created by apache- Resolves: #1883648 - [RFE] Update httpd directive SSLProxyMachineCertificateFile to be able to handle certs without matching private key- Resolves: #1896176 - [RFE] ProxyWebsocketIdleTimeout from httpd mod_proxy_wstunnel - Resolves: #1847585 - mod_ldap: High CPU usage at apr_ldap_rebind_remove()- Resolves: #1651376 - centralizing default index.html for httpd- Resolves: #1868608 - Intermittent Segfault in Apache httpd due to pool concurrency issues - Resolves: #1861380 - httpd/mod_proxy_http/mod_ssl aborted when sending a client cert to backend server - Resolves: #1680118 - unorderly connection close when client attempts renegotiation- Resolves: #1677590 - CVE-2018-17199 httpd:2.4/httpd: mod_session_cookie does not respect expiry time - Resolves: #1869075 - CVE-2020-11984 httpd:2.4/httpd: mod_proxy_uswgi buffer overflow - Resolves: #1872828 - httpd: typo in htpasswd, contained in httpd-tools package - Resolves: #1869576 - httpd : mod_proxy should allow to specify Proxy-Authorization in ProxyRemote directive - Resolves: #1875844 - mod_cgid takes CGIDScriptTimeout x 2 seconds for timeout - Resolves: #1891829 - mod_proxy_hcheck Doesn't perform checks when in a balancer- Resolves: #1209162 - support logging to journald from CustomLog- Resolves: #1823263 (CVE-2020-1934) - CVE-2020-1934 httpd: mod_proxy_ftp use of uninitialized value- Related: #1771847 - BalancerMember ping parameter for mod_proxy_http doesn't work- Resolves: #1823259 - CVE-2020-1927 httpd:2.4/httpd: mod_rewrite configurations vulnerable to open redirect - Resolves: #1747284 - CVE-2019-10098 httpd:2.4/httpd: mod_rewrite potential open redirect - Resolves: #1747281 - CVE-2019-10092 httpd:2.4/httpd: limited cross-site scripting in mod_proxy error page - Resolves: #1747291 - CVE-2019-10097 httpd:2.4/httpd: null-pointer dereference in mod_remoteip - Resolves: #1771847 - BalancerMember ping parameter for mod_proxy_http doesn't work - Resolves: #1794728 - Backport of SessionExpiryUpdateInterval directive- Resolves: #1775158 - POST request with TLS 1.3 PHA client auth fails: Re-negotiation handshake failed: Client certificate missing- Resolves: #1704317 - Add support for SSLKEYLOGFILE- mod_cgid: enable fd passing (#1633224)- Resolves: #1744121 - Unexpected OCSP in proxy SSL connection - Resolves: #1725031 - htpasswd: support SHA-x passwords for FIPS compatibility - Resolves: #1633224 - mod_cgid logging issues- remove bundled mod_md module - Related: #1747898 - add mod_md package- Resolves: #1744999 - CVE-2019-9511 httpd:2.4/mod_http2: HTTP/2: large amount of data request leads to denial of service - Resolves: #1745086 - CVE-2019-9516 httpd:2.4/mod_http2: HTTP/2: 0-length headers leads to denial of service - Resolves: #1745154 - CVE-2019-9517 httpd:2.4/mod_http2: HTTP/2: request for large response leads to denial of service- Resolves: #1730721 - absolute path used for default state and runtime dir by default- Resolves: #1724549 - httpd response contains garbage in Content-Type header- Resolves: #1696142 - CVE-2019-0217 httpd:2.4/httpd: mod_auth_digest: access control bypass due to race condition - Resolves: #1696097 - CVE-2019-0220 httpd:2.4/httpd: URL normalization inconsistency - Resolves: #1669221 - `ExtendedStatus Off` directive when using mod_systemd causes systemctl to hang - Resolves: #1673022 - httpd can not be started with mod_md enabled- Resolves: #1695432 - CVE-2019-0211 httpd: privilege escalation from modules scripts - Resolves: #1696091 - CVE-2019-0215 httpd:2.4/httpd: mod_ssl: access control bypass when using per-location client certification authentication- Resolves: #1672977 - state-dir corruption on reload- Resolves: #1670716 - Coredump when starting in FIPS mode- add security fix for CVE-2019-0190 (#1671282)- add DefaultStateDir/ap_state_dir_relative() (#1653009) - mod_dav_fs: use state dir for default DAVLockDB - mod_md: use state dir for default MDStoreDir- add httpd.conf(5) (#1611361)- Resolves: #1652966 - Missing RELEASE in http header- Resolves: #1641951 - No Documentation= line in htcacheclean.service files- Resolves: #1643713 - TLS connection allowed while all protocols are forbidden- mod_ssl: fix off-by-one causing crashes in CGI children (#1649428)- Resolves: #1644625 - httpd rebase to 2.4.37- Related: #1493510 - RFE: httpd, add IP_FREEBIND support for Listen- mod_ssl: allow sending multiple CA names which differ only in case- mod_ssl: drop SSLRandomSeed from default config (#1638730) - mod_ssl: follow OpenSSL protocol defaults if SSLProtocol is not configured (Rob Crittenden, #1638738)- mod_ssl: don't require SSLCryptoDevice to be set for PKCS#11 cert- Resolves: #1635681 - sync with Fedora 28/29 httpd - comment-out SSLProtocol, SSLProxyProtocol from ssl.conf in default configuration; now follow OpenSSL system default (#1468322) - dropped NPN support - mod_md: change hard-coded default MdStoreDir to state/md (#1563846) - don't block on service try-restart in posttrans scriptlet - build and load mod_brotli - mod_systemd: show bound ports in status and log to journal at startup - updated httpd.service.xml man page - tweak wording in privkey passphrase prompt - drop sslmultiproxy patch - apachectl: don't read /etc/sysconfig/httpd - drop irrelevant Obsoletes for devel subpackage - move instantiated httpd@.service to main httpd package- Resolves: #1602548 - various covscan fixes- apache httpd can work with TLS 1.3 (#1617997) - drop SSLv3 support patch- new version 2.4.35 (#1632754)- mod_ssl: enable SSLv3 and change behavior of "SSLProtocol All" configuration (#1622630)- mod_ssl: add PKCS#11 cert/key support (Anderson Sasaki, #1527084)- new version 2.4.33 - add mod_md subpackage; load mod_proxy_uwsgi by default- remove %ghosted /etc/sysconfig/httpd (#1572676)- Resolves: #1512563 - httpd: update welcome page branding - Resolves: #1511123 - RFE: httpd use event MPM by default - Resolves: #1493510 - RFE: httpd, add IP_FREEBIND support for Listen- new version 2.4.28- add notes on enabling httpd_graceful_shutdown boolean for prefork- drop Requires(post) for mod_ssl- better error handling in httpd-ssl-gencerts (#1494556)- Require sscg 2.2.0 for creating service and CA certificates together- Address CVE-2017-9798 by applying patch from upstream (#1490344)- use sscg defaults; append CA cert to generated cert - document httpd-init.service in httpd-init.service(8)- Address CVE-2017-9798 by applying patch from upstream (#1490344)- Generate SSL certificates on service start, not %posttrans- move httpd.service.d, httpd.socket.d dirs to -filesystem- add new content-length filter (upstream PR 61222)- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- update mod_systemd (r1802251)- switch to event by default for Fedora 27 and later (#1471708)- Resolves: #1469959 - httpd update cleaned out /etc/sysconfig- new version 2.4.27- mod_proxy_fcgi: fix further regressions (PR 61202)- new version 2.4.26- move unit man pages to section 8, add as Documentation= in units- add httpd.service(5) and httpd.socket(5) man pages- require mod_http2, now packaged separately- Resolves: #1397243 - Backport Apache Bug 53098 - mod_proxy_ajp: patch to set worker secret passed to tomcat- Resolves: #1434916 - httpd.service: Failed with result timeout- link only httpd, not support/* against -lselinux -lsystemd- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild- mod_watchdog: restrict thread lifetime (#1410883)- Resolves: #1358875 - require nghttp2 >= 1.5.0- new version 2.4.25- Resolves: #1401530 - CVE-2016-8740 httpd: Incomplete handling of LimitRequestFields directive in mod_http2- fix build with OpenSSL 1.1 (#1392900) - fix typos in ssl.conf (josef randinger, #1379407)- no longer package /etc/sysconfig/httpd - synch ssl.conf with upstream- add security fix for CVE-2016-5387- load mod_watchdog by default (#1353582)- restore build of mod_proxy_fdpass (#1325883) - improve check tests to catch configured-but-not-built modules- update to 2.4.23 (#1325883, #1353203) - load mod_proxy_hcheck - recommend use of "systemctl edit" in httpd.service- have "apachectl graceful" start httpd if not running, per man page- use redirects for lang-specific /manual/ URLs- fix welcome page HTML validity (Ville Skyttä)- remove httpd pre script (duplicate of httpd-filesystem's) - in httpd-filesystem pre script, create group/user iff non-existent- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- update to new version 2.4.18- re-enable mod_asis due to popular demand (#1284315)- fix crash when using -X argument (#1272234)- rebase socket activation patch to 2.4.17- update to 2.4.17 (#1271224) - build, load mod_http2 - don't build mod_asis, mod_file_cache - load mod_cache_socache, mod_proxy_wstunnel by default - check every built mod_* is configured - synch ssl.conf with upstream; disable SSLv3 by default- update to 2.4.16- mod_ssl: use "localhost" in the dummy SSL cert if len(FQDN) > 59 chars- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild- update to 2.4.12- fix compilation with lua-5.3- remove filter for auto-provides of httpd modules, it is not needed since F20- core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704) - mod_cache: fix NULL pointer dereference on empty Content-Type (CVE-2014-3581) - mod_proxy_fcgi: fix a potential crash with long headers (CVE-2014-3583) - mod_lua: fix handling of the Require line when a LuaAuthzProvider is used in multiple Require directives with different arguments (CVE-2014-8109)- require apr-util 1.5.x- use NoDelay and DeferAcceptSec in httpd.socket- increase suexec minimum acceptable uid/gid to 1000 (#1136391)- fix hostname requirement and conflict with openssl-libs- use KillMode=mixed in httpd.service (#1135122)- set vstring based on /etc/os-release (Pat Riehecky, #1114539)- pull in httpd-filesystem as Requires(pre) (#1128328) - fix cipher selection in default ssl.conf, depend on new OpenSSL (#1134348) - require hostname for mod_ssl post script (#1135118)- mod_systemd: updated to the latest version - use -lsystemd instead of -lsystemd-daemon (#1125084) - fix possible crash in SIGINT handling (#958934)- mod_ssl: treat "SSLCipherSuite PROFILE=..." as special (#1109119) - switch default ssl.conf to use PROFILE=SYSTEM (#1109119)- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- add /usr/bin/useradd dependency to -filesystem requires- fix creating apache user in pre script (#1128328)- enable mod_request by default for mod_auth_form - move disabled-by-default modules from 00-base.conf to 00-optional.conf- update to 2.4.10 - expand variables in docdir example configs- add support for systemd socket activation (#1111648)- remove conf.modules.d from httpd-filesystem subpackage (#1081453)- add httpd-filesystem subpackage (#1081453)- mod_ssl: don't use the default OpenSSL cipher suite in ssl.conf (#1109119)- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- add support for SetHandler + proxy (#1078970)- move macros from /etc/rpm to macros.d (#1074277) - remove unused patches- update to 2.4.9- use 2048-bit RSA key with SHA-256 signature in dummy certificate- Create drop directory for systemd snippets- remove provides of old MMN, because it contained double-dash (#1068851)- fix graceful restart using legacy actions- conflict with pre-1.5.0 APR - fix sslsninotreq patch- update to 2.4.7 (#1034071)- switch to requiring system-logos-httpd (#1031288)- change mmnisa to drop "-" altogether- drop ambiguous invalid "-" in RHS of httpd-mmn Provide, keeping old Provide for transition- systemd: use {MAINPID} notation to ensure /bin/kill has always the second arg- mod_ssl: allow SSLEngine to override Listen-based default (r1537535)- systemd: send SIGWINCH signal without httpd -k in ExecStop- load mod_macro by default (#998452) - add README to conf.modules.d - mod_proxy_http: add possible fix for threading issues (r1534321) - core: add fix for truncated output with CGI scripts (r1530793)- require fedora-logos-httpd (#1009162)- revert fix for dumping vhosts twice- update to 2.4.6 - mod_ssl: use revised NPN API (r1487772)- mod_unique_id: replace use of hostname + pid with PRNG output (#976666) - apxs: mention -p option in manpage- add patch for aarch64 (Dennis Gilmore, #925558)- remove duplicate apxs man page from httpd-tools- remove zombie dbmmanage script- return 400 Bad Request on malformed Host header- ignore /etc/sysconfig/httpd and document systemd way of setting env variables in this file- htpasswd/htdbm: fix hash generation bug (#956344) - do not dump vhosts twice in httpd -S output (#928761) - mod_cache: fix potential crash caused by uninitialized variable (#954109)- execute systemctl reload as result of apachectl graceful - mod_ssl: ignore SNI hints unless required by config - mod_cache: forward-port CacheMaxExpire "hard" option - mod_ssl: fall back on another module's proxy hook if mod_ssl proxy is not configured.- fix service file to not send SIGTERM after ExecStop (#906321, #912288)- protect MIMEMagicFile with IfModule (#893949)- really package mod_auth_form in mod_session (#915438)- update to 2.4.4 - fix duplicate ownership of mod_session config (#914901)- add mod_session subpackage, move mod_auth_form there (#894500)- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild- add systemd service for htcacheclean- drop patch for r1344712- filter mod_*.so auto-provides (thanks to rcollet) - pull in syslog logging fix from upstream (r1344712)- rebuild to pick up new apr-util-ldap- rebuild- pull upstream patch r1392850 in addition to r1387633- define PLATFORM in os.h using vendor string- use systemd script unconditionally (#850149)- use systemd scriptlets if available (#850149) - don't run posttrans restart if /etc/sysconfig/httpd-disable-posttrans exists- use systemctl from apachectl (#842736)- fix some error log spam with graceful-stop (r1387633) - minor mod_systemd tweaks- use IncludeOptional for conf.d/*.conf inclusion- adding mod_systemd to integrate with systemd better- mod_ssl: add check for proxy keypair match (upstream r1374214)- update to 2.4.3 (#849883) - own the docroot (#848121)- add mod_proxy fixes from upstream (r1366693, r1365604)- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- drop explicit version requirement on initscripts- mod_ext_filter: fix error_log warnings- support "configtest" and "graceful" as initscripts "legacy actions"- avoid use of "core" GIF for a "core" directory (#168776) - drop use of "syslog.target" in systemd unit file- use _unitdir for systemd unit file - use /run in unit file, ssl.conf- mod_ssl: fix NPN patch merge- move tmpfiles.d fragment into /usr/lib per new guidelines - package /run/httpd not /var/run/httpd - set runtimedir to /run/httpd likewise- fix htdbm/htpasswd crash on crypt() failure (#818684)- pull fix for NPN patch from upstream (r1345599)- update suexec patch to use LOG_AUTHPRIV facility- really fix autoindex.conf (thanks to remi@)- fix autoindex.conf to allow symlink to poweredby.png- suexec: use upstream version of patch for capability bit support- suexec: use syslog rather than suexec.log, drop dac_override capability- mod_ssl: add TLS NPN support (r1332643, #809599)- add BR on APR >= 1.4.0- use systemctl from logrotate (#221073)- pull from upstream: * use TLS close_notify alert for dummy_connection (r1326980+) * cleanup symbol exports (r1327036+)- really fix restart- tweak default ssl.conf - fix restart handling (#814645) - use graceful restart by default- update to 2.4.2- fix macros- add _httpd_moddir to macros- fix symlink for poweredby.png - fix manual.conf- add mod_proxy_html subpackage (w/mod_proxy_html + mod_xml2enc) - move mod_ldap, mod_authnz_ldap to mod_ldap subpackage- clean docroot better - ship proxy, ssl directories within /var/cache/httpd - default config: * unrestricted access to (only) /var/www * remove (commented) Mutex, MaxRanges, ScriptSock * split autoindex config to conf.d/autoindex.conf - ship additional example configs in docdir- update to 2.4.1 - adopt upstream default httpd.conf (almost verbatim) - split all LoadModules to conf.modules.d/*.conf - include conf.d/*.conf at end of httpd.conf - trim %changelog- fix build against PCRE 8.30- update to 2.2.22- Rebuild against PCRE 8.30- fix #783629 - start httpd after named- complete conversion to systemd, drop init script (#770311) - fix comments in /etc/sysconfig/httpd (#771024) - enable PrivateTmp in service file (#781440) - set LANG=C in /etc/sysconfig/httpd- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- fix #751591 - start httpd after remote-fs- allow change state of BalancerMember in mod_proxy_balancer web interface- Make mmn available as %{_httpd_mmn}. - Add .svgz to AddEncoding x-gzip example in httpd.conf.- update to 2.2.21- update to 2.2.20 - fix MPM stub man page generation- fix #707917 - add httpd-ssl-pass-dialog to ask for SSL password using systemd- rebuild while rpm-4.9.1 is untagged to remove trailing slash in provided directory names- fix #716621 - suexec now works without setuid bit- fix #689091 - backported patch from 2.3 branch to support IPv6 in logresolve- update to 2.2.19 - enable dbd, authn_dbd in default config- fix path expansion in service files- add systemd service files (#684175, thanks to Jóhann B. Guðmundsson)- minor updates to httpd.conf - drop old patches- rebuild- use arch-specific mmn- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- generate dummy mod_ssl cert with CA:FALSE constraint (#667841) - add man page stubs for httpd.event, httpd.worker - drop distcache support - add STOP_TIMEOUT support to init script- update default SSLCipherSuite per upstream trunk- fix requires (#667397)- de-ghost /var/run/httpd- add tmpfiles.d configuration, ghost /var/run/httpd (#656600)- drop setuid bit, use capabilities for suexec binary- update to 2.2.17- link everything using -z relro and -z now- update to 2.2.16- default config tweaks: * harden httpd.conf w.r.t. .htaccess restriction (#591293) * load mod_substitute, mod_version by default * drop proxy_ajp.conf, load mod_proxy_ajp in httpd.conf * add commented list of shipped-but-unloaded modules * bump up worker defaults a little * drop KeepAliveTimeout to 5 secs per upstream - fix LSB compliance in init script (#522074) - bundle NOTICE in -tools - use init script in logrotate postrotate to pick up PIDFILE - drop some old Obsoletes/Conflicts- update to 2.2.15 (#572404, #579311)2.4.37-65.module+el8.10.0+1842+4a9649e8.22.4.37-65.module+el8.10.0+1842+4a9649e8.22.4.37-65.module+el8.10.0+1842+4a9649e8.201-ldap.conf.build-idead64333c984915b0dd36ebac2da808cce6cdbc21c90ea81cf2fbcdea76190a6530cdee07c48mod_authnz_ldap.somod_ldap.so/etc/httpd/conf.modules.d//usr/lib//usr/lib/.build-id/b5//usr/lib/.build-id/ce//usr/lib64/httpd/modules/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpioxz2x86_64-redhat-linux-gnuASCII textdirectoryELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=b5ead64333c984915b0dd36ebac2da808cce6cdb, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=cec21c90ea81cf2fbcdea76190a6530cdee07c48, strippedRRRR RR RRRRR RR RRutf-813d529c8be47405bb6c2212122e877ba168231a5792ee78e6edd72dbadc91c9ehttpd:2.4:8100020240812075544:e155f54d?07zXZ !#,ǴL] b2u Q{LYZ믤d~xGnW)JƊbθ,?G`6q57u8dZ}'+`gQGs 8^m#\LoH .> mƧ*^#dT|&#׎ ŢoZRPuבBnc:7|!۬9 g&x -/h%eZG@C:@ފQo^$` oMX]ؠ=5>Opp>*wpIK O#)*<ҹ FqZxFX1$ޝ`WzASL0DʩmN CD _lXQk`5@N 'Įо >(NaMg@!onmf#l_c rE}<=6v# YA^vC  3,ݟMW?/wFX:L'd2ZEjblԫV9m(<THD/x^uB!Q4dea |ǵΪ;Lr;GS m毱ٽom=@;!WliNXt0 yohJ]fQ]gs35t#qXgD&) - Y$7u.SBmdN 5Ǐ,AʌlyƎ|c;:UCh; RuDwjrez c i}Nǹ\)U=={\άd{{WL$>M1eZcJ2 DD%`C, {$Yy9x1?cE |a`%'`ۧ$sZ}V8+ukʪMOF-;v2wtƻ7/1z= T XgM GJwIP3Rꡧ6"qHN+#' "C2) .AKa~ranΘHmhvrfjomjP_vj+Slj͏ç% ! y^962D '"J;"F'6Ae6QJ,yy`ߠ YK&2ug 1y)n<G~yh7| ־_v!4` oa{'GE>Q`˜ ;)`RHX~ {Cۊ'TК̌[pĒJ&P7$#6E*AV6idgEZRh7eW :֜\l8^L64R}+"͈U ش ⡯[.7P : ^{h_RȽnfʢDϙ~I7gQ1w c7UDzEc;1SL b=CίbD7-O*2MǏ&W2Hs/i(`X7 Bzw. YڐY\9!~ AGl6t]mAS-*j#<u;xA@| ux7.Ȍ@J\ڨJ5?ʗ `?+c'` B;RN^Z\ȌxGj5آ6#ex(B_BRр83x`epULK9*wkH\w;l wfŘDNhm2apNuꖐ96g'}Zo".9M8VJo՜]6bw Xwo%k:٣ W2m HՔudcLNLV@T$LlpNJȃk=>*Г1'=dMT<V/_31i I0ddT|m[Rce{jfNdjxFuhk?HsƞbeIh 3[X+H"nބWnuw$:wn~?IP8՚-QҎ P4B)&@ͯgeqyLܻ"rQ-`6{bx]f AĴC hLTI;|MmϭwPEB_Ɋ[ rnqXZ`8a`MM@GOoH~l"`[Ed<%CLEmE_vYaAC}-ء]o,~^6+c#ߑ|0cj<՛i_Gy8p'`B5*_?}3%q:a^#ۦXw;v;q)([X-`|O EMH ")Rkqgl}C蛞LCyZw;Dqn=7moK?(Ʃ:OŽ27 \lЌjiza 3Gs!K*7-F@.2%<(w!b֟7{Ch{6)kSJ:B|টS!!Α,NcE}+Wv2"]&dL΁?špTUg z+Xc~L,~:ÚgՓ7x*DQLÓj U?wX)*(?3UVKi5/B' Io*{$D@Dbi[׶$w 9#kWzp0Ο3u6E0+frFEmOdD p%*oNg}{nYJrrslzlκ~5`=ư:R7:z^ lR,uz,y"7@ {0ng s *k*ɰ {A)zcUAe@/-\m[f!!n$ ڥF3m)M}pvJ@| KxRڍb1Q If4iR9Slʊ|[`]Ty4܁iymsY'CWo]?bw؃shS92=6SC v௘b;3!PZM K{DbķEb5՛X1uufLPuffu4T%%+ׄ [DFޣ[KN.\ϖhNp4z/+w $ :ZOBU nn8T FK<ғB@҈BxI^|@=$c_Ch!R=t C`<ȥظSYˇ ]@^8|"Qk j[gkѭ:ly^p=.9~)J>W@J c7WWd}LBKqol2r[G2ֿcV7T&x +yf)48ݤ9"^!ept݇\)7I_F[]yq!7+B|#~fD%GD0(e*ЄiO,*5S0itJ`?@\5"jG{_? 9:ZQ %ı~vӜ;JõH4 Q3! O3MO^'b,xyZ-oj_1go@j?b4JW*L3I@/F,3]s>$7b++>\P74f Fht UGχ, VUv`ꯙ볽6DYݟigdSX#t#ab1=> aC?;B"f1y6X+kd$2yO~W>j0\tn8Xi&tG!Tx 9_@";bGY7sl]+Й4bZ2 1пP{Z11r[om Y].uȸaPxv ANrB6aM`z*pocoSM~dWNSbR!5N a]/ T/{ !]&IAK.`e}'MmS~T+1U254{h~7Ѫo~@>.3Sط=ckuZkhU Ũ$ "*Mx3ok͉H_'wMy)gNE 嶫fxO:BUzI0n2p`1KL1/Tg V#- ]h|hק6P?[^.M< hC c2 PW3{{% BJQ%${H#XTMD"AA'"v2?5W琥Kڱ-p4s5-vq[5v"& bS9x[$BCˠ*0`[S&pKrjV.ҟr$fs9ExK\ZQp?`d[VxCha. ]-Cwvt6YA 1Ѯ{Sc5K Y|Q'(&p<˸!||Yi͌[HHgӘ`qm, xOmBgl0HIcE'lO'ѡ̱lƵM(*>Z`ΊIr K}o;7sqH΃Sc#ףş %F)EG[Q2leaQH :ݪ7b/(eY l΀Ny]3NOvlcW̆x%4=)I`{JmcbۀGcU[~rcx(h1{Vӊu$e/c1O3t,،3]Nw6\T2~]ڀ,ɼv#6'u   .hKRg 2f#11!7LK^/R&ՇemxF;b=νg,aU_7q35o;F#%ZA0& ׷abE~"_SV&!C70+n_kF ]ɴr}o$h;w 1r;WowVQ!Q;7h-PcFZetrj'Š~R{W%6\P^`X:KAEm}l; قq#! O%AyU3@ n]_-uzqGDŽD{6 A ׭^.UZ?gjHcV6IS,ӱ0:`֊p5Qyi9˴k2IPagxgNaz;EU$lp;}H'J).L8rizOÏ3 |a;l% Ju'x^K+GjW7̓dߜ\] .#[^uM~W "TƱspZ]YECpYRt)2m<8?1r4꣠0fV>4%9'^$_|%R3GF/z75hO8CN `TpIĵG~%c^CVy B;"t+d[oS̳B2 ,qOsI2AY=~^q _S6\1 .dwƛ՝~/@ׯn>ƌak1_9= "5vzj\XBWq,L{ {ɟ^Wm@a w 0>C=WI Ö 2)*TLn>|{|@z.슳А) X\2ǀUf"6}ifbq`0~)0]jΑdn@. Zg}7mk LDlLIم謁t]dTxGVN|^xqZU/[j8NꜶPy +aJ9n/bJh)$XK]énYܺOmƸͤ[HEtN*河]$w)J?FOPut>,^9'ږ^:i$]39,%`*vJ. ?K9p貖fs) @$@Wۈ-oѨB?JT:E3brXڱVa<[sG8jFD45bNCpRh/jsr qG!ޒ MTzڴYԲqȵ%@R(_5ў`!BsA\ݽ\ITz9l~oRG&N:I  Ѽk6̇s4=#viG5>txdO[ 3:Eٷ^U07Pwd&Uq 8.+',à*p1Qz_Vk# EoDL)8Y/,$_>ԍP`J:V DD (,N' xv4όsdp78#aٰv#'.$ &~Ԝ(P.aCro'c$tLӣdZ/܆Um6دd5|-5cK%Bt.W}AHȋƧi&Ҥ4 wr.34 Tήqm7zxo$w;>"3?\n"vG[A1h?-6 2*Aϰ@iХ}YR:EQHwr_<ҽf%Ĩ]Y( t!Ick)#Uag G;ƺH1պ/2>%=Eǁc* %Av,JjlVe+8H[kB=ILoFL70k^~h87ZkMv'osz0Q#f2[=*naлyl',|z~Ǿj g;6$!^:~ | ڋa|16hBϐ74TfI)a;@|mIwP$c \9рXE0w6oEM{,o4*u<:?V1ptTn+IC 4y&2 Q7Ӱ> ٺ(Um^#- $u/R7h-up&>\_y;u,pJLl 9iZ9b~1=[|Y@T)K{$^#0kF-wwP:5c,Cre>q'^~';YϗPi?N?yCoSmJA'23(?ּR 9Oh4PT>~{~S~Bxwgx*eqۗGVNT`ΐ|P?iihCU%pǿXAux܀GDFwYD`z`*iM"eXy?N*"c'!oQ-ӳHE1oP Np]'ghv},) \I˵464, :i; 8dJRW,PLG6(5Y5aF j}=NqBT%%F-"~"tG`hF@#Vzأ|Yt́OƱ쒌DuI@{Mm`-U4ll>T %OWтђeF1[y ^37T3=uTJ2l|6z s!ӇޢؔVߩd'A% mY 0U|Yow}|&B3+Eq*P'bHLJQ8tfD2&lR7ȉ8--3)%/Ke vj ^neL܌zŎO߰k>ʤ\g5@bc"vWaebb&%XZYP )G{iy?]3-'RpQ÷7lMuHB7?&. Jh&µv4fuOg S0)`p˞/ J1C@*Hm70 Ѕ=}ϝۅ2DCkwFH lb!9R : _O-';0@"i8,G#-Qkڊfڔ>Ţ +R0IoS}:~j(njTR鼿nJ < 'd"+p!uqxTtjO7JuA83α+6r.ކBA*.2@5[oF[i'2qTɊz[’$ rHm4F_=B?+(x}{KxR8CBхe :'魹*$!unE`.Yn%/K1Jiv)|py6z5=яf@xT<\_oæ-D|P.\vV)I>gy9QVs!~ciܪ Vae\EifxlsZ)40Yd  b)؟>[ Q;߳; \9ߛs)`40VSJzHL29`/s\Z .ғ|{Z"M-#ٖlPdWPV MĜd/9 (i|O-JwD~X7܇WߋOPpLV⫑{<0ۚZlj U3DCPtY7:џ׃fVa:Oꆁ#R.pB<(/3bچ9)6\2U4Ӎi E=tኜ?쪫H*u ;ٔVJ;xnq*x<A@s1sL:>bdf&pa܀~() &C|#Ӻv |t}o[$ͳ=T?7ƗU-xjK5ǢiIl0N9WhuU}9jAx)[ @ƴp*ղ)_%5M{E8n8",vC.RHz?Mƍ_Wn HMIs|7o?tWكDU#&hI[ V;34Ed0&ǯ4\-9aj"~]Mkǎw9埶J\sUe~ClW#P`m vfȆ&7ybDb//S".jA:i+_N%K"ց_>^Bg@t'PpP7Q|a\m$~Lkp>}2A]Z]Y|3(?8kCa]vu.rO@%1[[z="\C{qjK9"Bs\W K~WfuPXaTvX8ziRvßZ2w4$fa^dw\# UJRAG8'*׼qׇ uj97B/̘_b"&cn/4mgm +f4q ||Y[0.I#Y"q+QnLx,Do\\Z un}&l$+^siG'5usH !:qjEvlζfMGDgad\vSuct 3L ~V]7uV4sSX1k{E~5p;1DʼhTMn} Hq3W=z"uz d Z 8>l`ZMdweSwFezIH\QRv|Bt}m7BzBa|}-#ӈȫީe DMK )v~Vv-uꬍ8ݒD|]]J2 I]u65?ED}+qr^UnF DcJ{80v  ËܰSEAl2iS:7>,eq[O׋ Elu詒/i%rU;L:SO;i?wWr9ǥ`q 0_k`@c@5*cqd[WAѕqo%XwQW w]x&bkÎ o(l$8×1nazoCލd}z8bN \9 @":X(tQ3 knƅRC, 9+C6mQ_M;fJ${iUP]=$A6Z0bl52k6qRL[AeNb#33ݦҤߙq;+ u-,.J߈]iH-i>|upomKᓄk*z(PtnZ$WUjҸ=f- mU mgȭ:Gy- O]ZmV>:"y=+ Es3фb(I/=㇂88fnp5%\`3!m/ 4KOvm-f !%]e)ϢH0b{XsdX𻆉 gֱ3֤.`,0IS 84ĽqbtY(\WָadY U;=(6ѱg"z{@ez1f8g^g Eoƴ`s:%yUf6GW>+Zo1 1bbMD+A(4Q$*{2dP*r2o7jf;TˠC-:O'!73ԎP=YC{U!U\]'1 ^c,QwL~ K_1v ,Fk5f@kC227 SU"ScXW#;PP)w fO,(&UdIQ0rBi\ݯ~U k@oBkwhr1Y4 /,ݰ x3 ooy|J c! Q  O\lT9nxP`r:*m0ܰrv4\׹DiHN^dbPx?&7FvhlD%>zʤMz='pسAxDQ Nq-tQR1?ҜV( FoJp.` !Щ,Qgm9fGS1O]JlUq2xPWuCA $[& ɁYZ- med߾~pPݺk6̇`̓j{$&J3^%+<!A/>d\T ^E$_mtXH =vjsW3d=\6$ޥ:)'9b'uz핹( JP/R9ԇfX PKܘqגnp5⼾<BaOf:y얌)\\v3 7BrسZx[I9ݏ0Kf%TDެ;kiãdbpdds!!2.;o FZ/ FțٰzJ3s2h>/EŻUdUkK2L>Qݮ A 'ɊV`f0k\sgeDҷN6OGOɱ+UZ#zBы4uh7i'ջ JB4^ToꅋÏ]03Wax.! O_V: Shl>F wœdqLQhGE;~㗭p5m_]͌e{ #HݗMxrY'NS]HO8):iڋ~`2_4oT~BK͜JU%lJR*)l z_CE I45lyN ;nŅZ愊j$vq:&9S =M?`P%K]^ nX Xj{l?Ow n$%~jZl|WXB elQAIV'Az"!Fkպdט1'+C]WNDfdJ*Xcri?ì1/ߡe &*+x kRvh Gj8縍ӎ:Mgn,CHjO|$YNbKxT$l>{&:g8d[7g#H =!R|$7}ӳ]>)z6m =j"붛畬}9Q4RZVGê"6ن㔌{)ҨDߓMc g Sѩ߾!~HurjмZhA&Gܟ^vk U\@]3aօbx*0LNMDljД9 0q$a,,)PM<1\{/gm i%]"=_90]5hi~PS@`gδ]9pqHqZH 8v9ʓC!Ͳ94FX.)j~Lq#O q:E'Kا9llhI,p.a#KQ"Qrs@ntA}ew _a dݶ)VX-ݝ9*Lla{r `ڍw;]O,,SM݋Ox6[HoJ9$V]WiH㳉!,93s4Pqw$KyFSy%!Bvd`# o*VBȑfd9'1ӗ GFiQsP_r5j<>Aq2EBsVJed*uj/ %? j8-̇\ 0;ʨbA-^W9k0|{B ,T]aRI*i8cz\\&rPelb}t֦i^ ,64豭W~(Ēakv-( t}=NF\N0) JW;3xWSdk YL"4ru}W&s9*PneY ݉F~,!B g D6TR_ r}m+ԏT1ESykEW:H8>`sT8x6^|yN fh6_]_I_?2gf^S0pZDW ̜272] ߫ǚ__O. } mq ob\50- WxČLkY ڂCUl'$ )kElhkP\3wLL L`~L ڨ(Xs 2e%!5J*l{妒P D)Rmh"eQ&gwE [t0{ݣтܭj4r1] OKțdn;LlU[X]e]Qo/k~̴Bs6 ͭ"ۏT SdGx/eR>̳2}d\$yO+_ G+ u%Sc* GcU( 8k}\f4Xbz,֒6٘TP[0@2;Z4ERxZKA6llc ]PZ;]c޿'Iڼ{( zVkbgf?^t%՚ۓ#%~XQɴvhIEr=u4Oiwm63EPAn<|kx^Ӊt)TM:Lj&] Ι\:vE^;"kak;/Hv!Ԅ* bCЎV\%g{ UȇJg hlMP~XMƆ=IvDƖA>INQ=0!5ٜq,40t]pu!kX?Wb-Fv yM^-<ε4Ƈ"PopWU"h^ Cf̽8+@acTҌ;O0 f)7+s@u/!YdɟZ[m0MK?4x(VZQlzt_".v2+2yxA:tT#!񗕂Q 5Pm6!CzMn;;rj5` 6⛺bCK|<\rY !OS5"y~0r6naX7Eog%b&Ӕ2Зl/=okVsa!52VeMϜqa]H32KI'=Luuwi6<3ghܫ0 < y@my/c3_r{ aBwע;N^R&'p(vL9\Ups@6, mGkbb͈֬T3FuI{(a?/CyXAA[F *o(%s| nmJqKz$+>Us&vIdC,k4̩?oYB1H&;&+o1Сʆ8c\n_~I5%cv#KpE&!hS5!לp^->ԦH]n·siʎޯ[rU5j1\mJ ) )Ťts$,PJT-[o8e[kZ sbrD0 GNը-3aЖ[#ׁq\qtOdȂz1_%=^xuZWbEǤ?gTٻ 5< U+jOesEL1wWku8+GiuC2Ǝ_F.%^PhX-YJЂ'T|e! <.z$n*.AkZ4!8SUOwpm׋T-V,zH r+`OU0Z>ZI~p .DP AO@-x6Bng*݌Ľ]WN%Ġ>ݩ ̖b1*llf⦚?`Dߏ[Iǽ&Hvs)YBcdA'UA!.7v")[wT'8?4Qa(jXF0zjnHKKJ*[bmRV @xV/>~}2;ү /ٛ `.c?f~$W?W yW_>s u ui3oؿcZvVc;|z}8Ʌ'@xzV3[إLYFNP#j>"* olASۋ ,B%|QSlA#Τ  AB +O/{؅HzdmA[; ߖSrY!̕4k d(qpcXD-7g†ݨ嬭\+4k| z"( lh.9kKCp|>hXERm4'rizQ ƫD_͸8:YZ`պ{2/}Ԋv oxjhV(~`Q8’`hhlLri~Y(-?64݀G/[Yex9ǰ(c谷w&{'=$?bY!8Aۊ|ʷWQ: 'o~8A;#gdi0VO쓕pPYqI'zOHUXE`r#q"KCcy1!Z&ג0|#MBiO^ܨR6 "&;pytvO8v|_ T `IW8DQ4) VfeyNTP) ;{{{%qqҋ=kGD\+хǝD#AD-Rmb8J-_ #Ѩt$bcMQG׹nv6{nM̧V=r(W3O'$~XGq@lG}D,[T TJfQb(%>CGN) fg@}+EV ңZEe ˇAY]l')|}G9]3"'2XڏsTB:A.i;c$cwi ƒEk7):RjmXq g0:#z|ɬֈ'і,4Ĭ\~gwpffLjݬ=_$ۇY@ZqV ?TVͬ7p46_"쉲kAvp| ^?!-7t /q/d8q$x2ƙ$ 0VyS= ^`*!7MG!zDSpÃCq $bYSZū`Ms_Uފ zCKB[ aq2\&I>䋉tע$k:p-|i=> oC y4~&krKW2ftј-Cv589-Fw9+ӻ+FT =?`2#: J[|;"(^zhsd]|KōX>Qtn4?H=#6b[\vփ}sS[X,qEx/Os(Q9<+aSޟ̔>B<+̉B8ԼyZ֣Fm]i :s5!XcxV>"xP>#:bԜIuLNCn ֨:ݜ7|EH__)vs@#8/XQNRmw^Ayֻ9d=7n/Or(y*0#i+r(%Y$o?VPoъc'MOwYrH 0h a,=22Wh;CzDK\-?ަU2k$, zsAzXjeiһ*y(] oys3XDOBڌbЎ|ɤqv۫<< 8 [VrR SxbRFxV[ g:e! ez{auT#9;U"ޖ:A)fR Z(qzKv.$.<(B3V۩σamuMW0ԽlL &\޾ޯOsVxۄ ơcibj?.[bU;MQ3{Wm.8'HxG6-HzSa Ht^NJ?)wR3{) 1l ]8Xʉ L$T5h' C ,pt*(.1ud!ė>mם/`)i0SgCMj/yK9F# ;rT Ca/^Y$e!ӹi;SV60lKЧR{q2V&=p.J8ؽ]~=zkCM䦪 䭑x H>'W"}H?)ea/8,hW0@e$s=<6B{$O,^e̱5oíUb-4{-؂}RS1z缵-K b?D+q 'N¢KBZj[X,Ƙ b)ڞq.}V'@ǜEUwL<1)G4DȢ{n$t1 Ĥg/|^vW}X#rH\<~PQo=G!Qb˪ËZvߋ`]F v4 wp mѠR?c)(na^;sC`(2ڱ.콦:7S@ܞ6Fa)'"H^e $8ލ1^t+J8yŪ TΌ 'K`Ҟdsb& ϳG!'y`. NU52<]2p~VEt$dxʩPP)L5G +RxI=d e)Ş8:Aŏw ⥲)D ڐ |~voܹ1fؐy.YRs&#M}_HFcSGR<^[\>z =VyJB]2~~E~uѻZC ;zPF`t$i ZY Kw-N54T̡B8qfܻg 8w'G֭gˣ6Ěi!ex%s Oa7f<$sgX -8 XeATo!b>gm8_f+Fυ?ҁ,V̝2P}ث{>[0GPa/r[P 2C;_ʾ۠VtMi<戧vVܨib ~ؘ;k9'Irct&A8 qG@a~cL$)3o(q'gV`nd+Ԏ~vl(ydD]]S# i yg t*Gv\1Rq)Eߡ4M y(ı\|kV.*>fdB5<hQaMl[8͘uwi& Vy|ij)~2V60*7e71)̬ՌGwIr(&Jр9݉5p-OqK LK^:Wӧ쪰XXf і>6̈;S4OOcEqNwb78ڑ/${8_gU2v727i'^g%t`ERAJj.VМ_v`[kW eRR7G046:\Hw D#4 +F]\:,x(E-*'Rp_B䓜>t10Ԛ^oWKZfLs+IFzrVݩسv?W'LSN!<§De~.6CxEi@Фb&w_WM)ٴBJcks>z^(g7 R&:3^eX-uF3!T uZ*hNJq ʨI!օQ@")8״)y^(UQ<ȡ}4Q5Xn_Q$È#?X:Ң{[(p ;5yw?% 9<-gD龬^L~>>5+ߝŜh4K?:*a >;uT Z[~ht[ִo-Q#_B TtoM~quǪ=؜x"5{KNėMR^ P@gJ<$k XUd,ލU@$i0QgS"$sM=!ַو/Y2YS˨; 1j{e]ȄeY:dՅ5SHkyʣtƼtq$c͹GQFS+ qGYBYeߌª:d %̹7&<11+UN`Q'T.4񉳊LLԞ E:q~u?Dz@VP/6%0--%+&xm%4`K _ca'$bw?,CCq7B"Qym8)o~ l(֥採%b\̺btYNK3s73 *q֒a7܉Ak2T.z 4Ű/L?rk$Z5tl/$~yVGky8>s qi!r.j$wqЦ %54WL 2Uɛ:a¬g{3Ho۠F;dőUjbkK*O^>lyqgWo&_m4)aK0 !`V{e59ʂ`l |AnD ׳5#&܅ dI%qG{|* V,BJ?ꬳ/R!ˊdm0sz^LjT0qh:=|z)ňI4s&iÃ')#:TZn6I }dc䣆=ڑQ Læ bv%AنsYC~}񴩡ҞJfl˿wa|-O Sj܂!f{gfNP;. !/ۦ$MЗV:Q \vr#dqK }'Ip2iGgY\nng5̪qfe#m.<= [UKx'7O_@*8Δ}Qڍ$<ȡk`C`q,Gx|ߘLdBϥmlFIǦc3S=+xTq2ɵz8kv#ט`ĝ%% %laKB6dZVi;O8op xz4t1҂|\)vfp;y@K01UaeWܸ8ZTQ9MAVZ.ֲ?%I>٣o-a/Ƴ޺4砤6yM* o,^ч.ք%k=܂O.CXCA+ZzpY}ٜk'8NY f6 A[񠭩˹KA_;OS lpWjǥ $k[dPUEriedU@ %kceEL Eu/҈=]$O1X)6դ nP 5(5O /lV1]k;dE{1'}nA,YqȺ lNlăV@q(FfۉWr* f]F$bxPȝQ$A9 6w O}U@pESa!XsRE(3Գ{ڀ7F+p~tH F4.d#nت0B_6i`s fX/]GxòRs/@>f۳| a?\;g*VTԪCv)|]A<ŌFc;u@)R hABT4 ̢|LsӬ6x+YAcɶoE82=y{=wPXw 6UW0G% _0!M\p6k(c ",*RmkDa(&}gنT^;p}1:GgΩEp s@M 2})`e?im?xR8L@L?*{+eUvyȝYCֳ98Y2S4Bc|%wfLw(_{2<+か>E(t'戄f <N5ٓpE]\7c^isvl~սdx~VF)DvC0dQ.Vvi^Y3nvZPJQ Q84kW1pi ݎ[}`aE5IJr]ms:ط [VI~}?TRݻ"GG|rq&|eb&d:B]sz0Xr=ʒ^DŽCi1ñ9^җ0D/ԕRwS; wS"4A χkɶT$IT'oP)'j%h$m~*4 4(0rmEUtL.{W~pKX0Gf ڋO%VLl(wBƱь]hJpdS4 G=onfiC1g)lȸltGCmlb3{y_e[Ś:ԅIB#K6Apv0@'G.o upxC1T~P/Nġ ,ǶP7[ 6ʮCkS\S_l 'ʭfӰřq7o. G-ȧJMn;VA7[놾 ,2]*I ZȮ2"aF{xPcy}q1T%0ik#;(*<+b 8!gb;XlXw:?rRqCfi*bSc/\Q؏GiiP\ !T MXR4́60'@NG -wkPEYdh  |KAX}, m]A >cPI<@/74nW= O@7xZZ\g$[R-8sS?4lmD9rIR\w_,F.B^ !"L.i˺۫2pעR1ho-uhr{\m5l3*S+IkG YҋX18dKRfMϓޚEY/ʿ~QNt;9U5cJ=l @Do'd@ֳmdsݶb@9S@rR+UgeoU9|aXa.=) uxVC׋8=DJɓY'pMQ s{`c`O꿍y @*1XN{0[fg0+:$  ocrA1[+pOsxz|,'R+i\62O >0B68'FBEW-݀,=mŐ>*,3٢;}h cCdGrfk,>RlP?Et^-u<HL |"FR8% "Rw;_  $~"<VmyJj,MA&-<%Mi)Ej5}"=E_Xa_YY[z8Mn*/_|L@Yvև^/]%ON33|rBPY^U vsd:U6Ckne KMF:5cW N&dtp~w²vmq:zI [ް`pvێXŶ˂@5!M OQϽyrRtjBa:|BG tWmDGFwֆ|r~4 ;n7auaE25.WP cM;4|1r؅Jaڸ<5.1%F{zk_lHAP}`{)[-:(ryr΀c[{SهDgVvy/d݀2}!G|œ(\!'_%0Qӱ"z}}bJp(vNhUdӑ1mAC`sY6(B?A~JMAˡFBM4) bL @C8B_,)!l?8vv 5%Žo6d9vv&;B;:ofSs;k@uOƪli 5[~?xfT4PCm%|ň{mlN(]?ӕUmY@L}N'93ƶxɥ;B~b45F S:.^D]W0@wy|\,1&N6V~uG|[3A RД\U:ONIxtӳg_s,ȶ!^J͊slRk,^;DzX>$!l(ʦktI`(hUFwUg׳CtPc1&rٌ*B(K2 )C#yk=c˧fG^%׺2E=9CVĶjJox<1Cܞh6÷GO,GCμG6 I Ӕ1THy䟢->w|շmTY 7y,zd2b{`h2%3mNp4V0BH@='SOVM3"һQȀRr=h|fHpuASgJ8r[Ѵ8~!:HgQS@.Tq hxBm#g'A2.W l Dv9.sI͖+Iڕ1pPxlkC^m}hͦO4>h9Ԓ1Nt^ 170$ 1U;3P B.f mvDBCuiᚿ/]qmMsne{Xr[0!KyF) zkedT؁dž+ӕ64w#D@,NOq t"&w$R;crBgM7rAWǫT5r}q0B{ת$'[F&']b\x !Rç.p#%H /DKZ1 0JjB v >^&8DE ڥe5^3$ː̐[\} -HXZ m1)6(!!NU:{k=&Ε|[4}M 7"nBǩ{@\-TR(PeUFEo[7QODVczL;UóS%[q4;ƒ*B9. C=;8㧉xO 6^C-ܓCcj[mm@>5+whY& ̃EaHwnơGkxyjf rv |V9,ٜݣZ𳯣ʬ \V2r#B1 󲺼* /~eSE\W@g}aͽA"z0L%WpBYL|e'>02k; ]F/I,ܷ s8"vrA}#CVR{ve9?`)O(ѸFx\6)9(&q)ss)o)B~-:jDP5WWR1W_HAڰ_VH# HGg>;uhhDX3`GBﭽPJ/ȔFwnނ2n*0X2Ϗb)fH fڙR<rƄnCQt BP%뤄];ݥn>| (q9OI kRLX1[+ӛ\j[,o+:;UbʂG+XJ}_t14H0Ņ=as IsrBPH655bEz;]oKs~.0WEU ݡV_@0L#7K 4y{LIQ{2VP*]%)/0<(HնpUI;dptߺO4{RgFTkHՄ%lMG&ˉ9#Cwg #HF$za0Օc,:I?+P|[1bbR$K,DqV0 Dٝ>-$!RеLBVrm]M9,-#OȷSOP% Y>iݾ}{p\11`sK KdPZpzSxih| S ڟpf'Am*{ԘuYlƎMLڐ\^ٓrx&SstNh^"&ZBDZpv;bIMi"%8Hf6~n ZqupħhjƖN0~BWM޲YC=Pu?l0nr1^k&Gfd A SM;⧀|5ax%z'Q[Sp@9y|]GB"_XoS%?-iEo֎~ĦZ h-{~E3t#HJiO[V i7u-g]_r8#} 7 ȬmjRɸ$LR[.@ﰵPj"ظޣ{C("i%g=B> hX)OTIn ģ| kI(B8rGDf~o_i nAdmyd\u#XrH0"@XQ >eo7,*Z  NɿvC<>6 OkN#MgiSrXLS~w9pm%V/'t=q U4͕/:2pc7~Hڛ1bfPF+tPRVzu'\jTrtLmEHO< PALrF,ϸ-bAGYVH8>:&ߕv6{J@#ԝJRF60K+ګ+CM`c 'w>gWr|EL(>~NXf-@`guJ'hUVs2[Gpdg xbkeW">vdtw Y_nFDo'gfmpeh2ms496 8r6SntJ9A|veauYW/rqX4ԟRlyW.+ l-H?ѻ1ͱ!m]{SH~#);e/NMR)7 Rj p1 J ];T3VDr[/ ~Ǜ(V\ӔaN"ck1k(N\D-]ZfH; wߖeZE& y11V_ S2] Ҵ9' 5Z5F%DaTP#s{x=}zԾ/I)zיjߏ4(=Khi&Ҧt:qi3Y(%C컿Gd ò QjuCl+D"iSL)Hb!t"uHЈ QVg9 {*MáڸCDgJ즂 υD@qI>7-RLm1oړ#<H+4P ]'Nްᆜm_}V98 j͇ۯ-qڥi3=ah4/ųSZxF E[eʙ, xpp%U!P1m9D #G\o^7b)s:C?i챙C ۬~oۤ)<ݲ{+w&?; /^!ntZ8ˎxÆ+=)ǯ4s2" ca`6SVS'55[tKJ}Bw2g`o-xqF eוPv6 !Ma9хk&.}i0 㞫pt휄o׈YiڬАBGyM inVfP! k``8 O>7%cdB9"ORx;Hs.@H2I풎8Sʼn=enzj!3Cn)ERud(fPƪI@C7Kq5%hQOzKe.zp%&y" n;n;CqD֘L5@ ie[EJ9PuX쇹vmW[?HWF)"D΄UN+RvxD)A~qS3 x>+3WEv1?KFfZA=c@(и]0=0_gW%K|C~ ELSt7'DtRD ă!ݦ.v4/UӴ=}uޏ8G@Q -F^00J)h竧@JRN;ʇ`Ao|n^0BWw^W)]O|ďO#*ك}_c0;e0YgY7W \a0qv7RvsAKV!O*iӃVDO=*%{'slONd Q9O4=ӁQOn>DF6Mx 'O!vI2 dw 5 i^eȐ|*ښ"F>q ;hT֤~(Q־UA,nl9 =ׅo 7Ԙ9F0 ^AV$N[^=[1HybKɗThRVޠbrDGeɊ>KBu'l:աYG>rHJ} LlNwɈso 8@! ꁟNhccRW|RKl$QVH2lgփObV'h;fky"J$ACTVd-G IHnVpK`*{T2l LT)6m-Ȧωzj^RfgѿW3q^S D@@B˻>Wbl?߰l ^kU J?-3泺s{CUfu^pUR>iR 1:4e}-4 qX[>>A^T "ܫ4ã$F~q!M >h~k T*HX0SYWJr~5١u*t܍/]>zaa߭|ۧy^FNs/aYJGU`''jkE)ooR7Y1#M!-e1Ue:07d3Ͼ&<i@C6 RW꒒PXRV06kpMPۂd<ͣޔm^ nmJЧ;T S X;l0TH; 6O^;=8=进*SsP9m#ѥXt=  R1رi#'v<}NZ C0vv30Sڈzjf(c~2x3Q5ӽmv,Ekbp7V.zSެN5B0}fF$Y\Y h<ԟBV؜lw}LOLvJZ@ wn}DAx%Hոz׋Ugٱ'DgXXaoJ3)1b[/RMh9&_`@Vذ-ڭ\s|7H# xpM'u_@y^JXU1U"Ud*z:,muO0_\\} $J[PD58"Tx!j\Zt<D.!]z m9zI5i)RNx U%g>kD8!dN3V$LS֙grY_6J7'@d1equtZw8-@&xU>~J&,q B|h4b'/N+ ,hЯ0eb0kTdKi68po :~ǜ_Տ2c]Њ< WύO?ڀReqv=H;<-7ȴ>5& xZ-Ɲ)[ՑEzt1ܰ! u93k_y ~_/b1iѽQ&]"ŞJ7=9 CYCԠg:aBh;'0ci6I Stnbq\UMWgqF?cMU wyR\jϚA_cаMgpeEڙ6 t tцL*K]q>Rf)`& @ ؊mٰ=.kƫVlDds5:'ɵ05Pb2)g}C$v(Й,T칔=t]/C`> a0cl$6=*wִ ȱ}> YZ