mod_session-2.4.37-65.module+el8.10.0+1842+4a9649e8.2 > 6 6_6 3!pQp)Tξ7]mtZ`fǕ ]mtZ`MhM]&>vG\u$wo;PE>*1lrI&>xA,8]ȥ9t+un s4Ok[ a \EpeW`2t6c:).dϟw31L^l*G`׊᷒L鹡5jDd}HdXwoJpd4dΩ)6WRV~_i5Vj>_nQթNG :_X e*pGN+SvgtCP5ri;ܭGP78u[#dp}7[c]3KaJ.Jrv%skTJ7^62";ZS$ēq*|Nf#A/#:)W 1)ʗW%`:WYria\˗Tt lpP} oR8od724b71e1ce0b44b8589d2c829a4eb041f4d7ae6644b6acf4ff6da3ee30acf4f94aeb05414d30972298930b69578deeb7cc05c5e'3!pQp)Tξ7]mtZ`fǕ ]mtZ`8 BٕB dwn5I\ ܪљ0 l_w Kj_ Gh:IHwAfaB#uŸ[w:IsNq2M`k]>A^vM!#%N4X1Չ~Ϋee{E>ߤ,msӔ40Gfv7$w6WRi-/5X'㍇><@Jެg/Z,> SEBbQhpt%p5!.:2+M"&7Lʭa6;+ǚ[`HgaV6foEpbfj=-H,!/Ä A01ɗJyb]P_CG1Ƒ>R?ō jhTn9;17Π6)4{'r dfo$ϗگu؛$82\nP̞¨]rEȸ>p=w?gd 8 e!'/ Mh             4 p  Dy(89 :9?G` H I XY\X ] ^bvdeflt u vHw xP y<@Cmod_session2.4.3765.module+el8.10.0+1842+4a9649e8.2Session interface for the Apache HTTP ServerThe mod_session module and associated backends provide an abstract interface for storing and accessing per-user session data.fXord1-prod-x86build003.svc.aws.rockylinux.orgKojiRockyASL 2.0infrastructure@rockylinux.orgSystem Environment/Daemonshttps://httpd.apache.org/linuxx86_6429694_/@_hOhAfÙfVfTfTfTfTfTfTfTfTfTfT51df0ceeb7dae9922817f4af0554f83fe01d6268025ee08260aeed69be3953d1ea16b67825566ec920c10735dcf51298fb6f446548fde67c2b1b22d97a418a5065a9eddb1a0ac2645a96ed7e67e6ee7fc9f7361a70aaf41c829f1304e3197e2769a774c2a65f7c50bce8ab384adf8af3690fdb4ed4f2ebca0947dd31056fb864d15bf9bcfa90f4a4caf5875642c59c23638beec80bcf121420c1259df9065dced239922ae90cc6f7a6adcbc33062fbad8a5fb61e54eb106f990d1b168c95ed5a../../../../usr/lib64/httpd/modules/mod_session.so../../../../usr/lib64/httpd/modules/mod_session_cookie.so../../../../usr/lib64/httpd/modules/mod_session_dbd.so../../../../usr/lib64/httpd/modules/mod_session_crypto.so../../../../usr/lib64/httpd/modules/mod_auth_form.sorootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootroothttpd-2.4.37-65.module+el8.10.0+1842+4a9649e8.2.src.rpmconfig(mod_session)mod_sessionmod_session(x86-64)@@@@@@    @config(mod_session)httpdhttpd-mmnlibc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.4)(64bit)libpthread.so.0()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)2.4.37-65.module+el8.10.0+1842+4a9649e8.20:2.4.37-65.module+el8.10.0+1842+4a9649e8.220120211x86643.0.4-14.6.0-14.0-15.2-14.14.3f@f@fieN@e̫@d d\@d!d-@d-@d-@doMdJcdcck@cck@c(Ybޅbb2@b8haNaaaawaU`:@`f@`@`@_м@__@_:_^b^(@^@^]]@]߶]҇]@]g@]-@]]@\7\Z@\Yz\T4\\U@[@[[[@[H[u[[[ā@[ā@[ā@[@[@["@[YZ@Z@Z@Yp@Y{Y@Y@YéYéYéYéYX@YYYYx@Ym@YlYf@Ycl@YV=@YGY5GY@YXۡXP@X @X@XwoX[@X[@XEVX)@X@WW~D@W~D@W~D@WKW@VVVVn@VhV.VCV@UK@U@Ua@UF@UQUQTp@T=@T@T @TT_Tk@Tk@S0S@SGS@SS/SS@SSS"@SS5d@S4S&Sz@Sz@S(S@R@RRG@R@R@RsRrF@Ri Re@RVQ@QQޞ@QQo@Q@QQV@Q@Qo@Qm=@QQQ,Q,Q']QP @P6@P6@P{@PPl(PiPiPiPiPYPQPIP3x@P3x@PPO@OO@O@OЗOЗOF@OF@OF@O]@O"O"O@O@O@O@O@O@OOOOOOleOleO_6O_6O_6OU@O8@O8@O5OKO@ONNS@N{#@NoENdNBrN)f@N&@N@N MM>MMn1@MdMRMF@M(QM$]@M$]@M# L@L@LLMxL7@K@Luboš Uhliarik - 2.4.37-65.2Luboš Uhliarik - 2.4.37-65.1Luboš Uhliarik - 2.4.37-65Joe Orton - 2.4.37-64Joe Orton - 2.4.37-63Johnny Hughes - 2.4.37-62Luboš Uhliarik - 2.4.37-62Tomas Korbar - 2.4.37-61Tomas Korbar - 2.4.37-60Tomas Korbar - 2.4.37-59Tomas Korbar - 2.4.37-58Luboš Uhliarik - 2.4.37-57Luboš Uhliarik - 2.4.37-56.5Luboš Uhliarik - 2.4.37-56.4Luboš Uhliarik - 2.4.37-56Luboš Uhliarik - 2.4.37-55Luboš Uhliarik - 2.4.37-54Luboš Uhliarik - 2.4.37-53Tomas Korbar - 2.4.37-52Luboš Uhliarik - 2.4.37-51Luboš Uhliarik - 2.4.37-50Luboš Uhliarik - 2.4.37-49Luboš Uhliarik - 2.4.37-48Luboš Uhliarik - 2.4.37-47Luboš Uhliarik - 2.4.37-46Luboš Uhliarik - 2.4.37-45Luboš Uhliarik - 2.4.37-44Luboš Uhliarik - 2.4.37-43Luboš Uhliarik - 2.4.37-42Luboš Uhliarik - 2.4.37-41Lubos Uhliarik - 2.4.37-40Artem Egorenkov - 2.4.37-39Lubos Uhliarik - 2.4.37-38Lubos Uhliarik - 2.4.37-37Lubos Uhliarik - 2.4.37-36Lubos Uhliarik - 2.4.37-35Lubos Uhliarik - 2.4.37-33Lubos Uhliarik - 2.4.37-31Joe Orton - 2.4.37-30Lubos Uhliarik - 2.4.37-29Lubos Uhliarik - 2.4.37-28Lubos Uhliarik - 2.4.37-27Lubos Uhliarik - 2.4.37-21Lubos Uhliarik - 2.4.37-20Joe Orton - 2.4.37-19Lubos Uhliarik - 2.4.37-18Lubos Uhliarik - 2.4.37-17Lubos Uhliarik - 2.4.37-16Lubos Uhliarik - 2.4.37-15Lubos Uhliarik - 2.4.37-14Lubos Uhliarik - 2.4.37-13Lubos Uhliarik - 2.4.37-11Lubos Uhliarik - 2.4.37-10Lubos Uhliarik - 2.4.37-9Joe Orton - 2.4.37-8Joe Orton - 2.4.37-7Joe Orton - 2.4.37-6Luboš Uhliarik - 2.4.37-5Luboš Uhliarik - 2.4.37-4Luboš Uhliarik - 2.4.37-3Joe Orton - 2.4.37-2Lubos Uhliarik - 2.4.37-1Luboš Uhliarik - 2.4.35-10Lubos Uhliarik - 2.4.35-9Joe Orton - 2.4.35-7Joe Orton - 2.4.35-5Lubos Uhliarik - 2.4.35-4Lubos Uhliarik - 2.4.35-3Lubos Uhliarik - 2.4.35-2Lubos Uhliarik - 2.4.35-1Lubos Uhliarik - 2.4.33-4Joe Orton - 2.4.33-3Luboš Uhliarik - 2.4.33-2Joe Orton - 2.4.28-8Luboš Uhliarik - 2.4.28-2Luboš Uhliarik - 2.4.28-1Joe Orton - 2.4.27-14Joe Orton - 2.4.27-13Joe Orton - 2.4.27-12Stephen Gallagher - 2.4.27-11Jeroen van Meeuwen - 2.4.27-10Joe Orton - 2.4.27-9Jeroen van Meeuwen - 2.4.27-8Stephen Gallagher - 2.4.27-8.1Joe Orton - 2.4.27-8.1Joe Orton - 2.4.27-7Fedora Release Engineering - 2.4.27-6Fedora Release Engineering - 2.4.27-5Joe Orton - 2.4.27-4Joe Orton - 2.4.27-3Luboš Uhliarik - 2.4.27-2Luboš Uhliarik - 2.4.27-1Joe Orton - 2.4.26-2Luboš Uhliarik - 2.4.26-1Joe Orton - 2.4.25-10Joe Orton - 2.4.25-9Joe Orton - 2.4.25-8Luboš Uhliarik - 2.4.25-7Luboš Uhliarik - 2.4.25-6Joe Orton - 2.4.25-5Fedora Release Engineering - 2.4.25-4Joe Orton - 2.4.25-3Luboš Uhliarik - 2.4.25-2Luboš Uhliarik - 2.4.25-1Luboš Uhliarik - 2.4.23-7Joe Orton - 2.4.23-6Joe Orton - 2.4.23-5Joe Orton - 2.4.23-4Joe Orton - 2.4.23-3Joe Orton - 2.4.23-2Joe Orton - 2.4.23-1Joe Orton - 2.4.18-6Joe Orton - 2.4.18-5Joe Orton - 2.4.18-4Joe Orton - 2.4.18-3Fedora Release Engineering - 2.4.18-2Jan Kaluza - 2.4.18-1Joe Orton - 2.4.17-4Jan Kaluza - 2.4.17-3Jan Kaluza - 2.4.17-2Joe Orton - 2.4.17-1Jan Kaluza - 2.4.12-4Joe Orton - 2.4.12-3Fedora Release Engineering - 2.4.12-2Jan Kaluza - 2.4.12-1Jan Kaluza - 2.4.10-17Jan Kaluza - 2.4.10-16Jan Kaluza - 2.4.10-15Joe Orton - 2.4.10-14Jan Kaluza - 2.4.10-13Jan Kaluza - 2.4.10-12Jan Kaluza - 2.4.10-11Jan Kaluza - 2.4.10-10Joe Orton - 2.4.10-9Joe Orton - 2.4.10-8Jan Kaluza - 2.4.10-7Joe Orton - 2.4.10-6Fedora Release Engineering - 2.4.10-5Jan Kaluza - 2.4.10-4Jan Kaluza - 2.4.10-3Joe Orton - 2.4.10-2Joe Orton - 2.4.10-1Jan Kaluza - 2.4.9-8Jan Kaluza - 2.4.9-7Jan Kaluza - 2.4.9-6Joe Orton - 2.4.9-5Fedora Release Engineering - 2.4.9-4Jan Kaluza - 2.4.9-3Jan Kaluza - 2.4.9-2Jan Kaluza - 2.4.9-1Joe Orton - 2.4.7-6Stephen Gallagher 2.4.7-5Jan Kaluza - 2.4.7-4Jan Kaluza - 2.4.7-3Joe Orton - 2.4.7-2Joe Orton - 2.4.7-1Joe Orton - 2.4.6-10Joe Orton - 2.4.6-9Joe Orton - 2.4.6-8Jan Kaluza - 2.4.6-7Joe Orton - 2.4.6-6Jan kaluza - 2.4.6-5Joe Orton - 2.4.6-4Jan Kaluza - 2.4.6-3Jan Kaluza - 2.4.6-2Joe Orton - 2.4.6-1Jan Kaluza - 2.4.4-12Joe Orton - 2.4.4-11Joe Orton - 2.4.4-10Joe Orton - 2.4.4-9Jan Kaluza - 2.4.4-8Jan Kaluza - 2.4.4-7Jan Kaluza - 2.4.4-6Jan Kaluza - 2.4.4-5Jan Kaluza - 2.4.4-4Jan Kaluza - 2.4.4-3Joe Orton - 2.4.4-2Joe Orton - 2.4.4-1Joe Orton - 2.4.3-17Fedora Release Engineering - 2.4.3-16Joe Orton - 2.4.3-15Joe Orton - 2.4.3-14Joe Orton - 2.4.3-13Joe Orton - 2.4.3-12Joe Orton - 2.4.3-11Joe Orton - 2.4.3-10Joe Orton - 2.4.3-9Joe Orton - 2.4.3-8Joe Orton - 2.4.3-7Jan Kaluza - 2.4.3-6Joe Orton - 2.4.3-5Joe Orton - 2.4.3-4Jan Kaluza - 2.4.3-3Joe Orton - 2.4.3-2Joe Orton - 2.4.3-1Joe Orton - 2.4.2-23Fedora Release Engineering - 2.4.2-22Joe Orton - 2.4.2-21Joe Orton - 2.4.2-20Joe Orton - 2.4.2-19Joe Orton - 2.4.2-18Joe Orton - 2.4.2-17Joe Orton - 2.4.2-16Joe Orton - 2.4.2-15Joe Orton - 2.4.2-14Joe Orton - 2.4.2-13Joe Orton - 2.4.2-12Joe Orton - 2.4.2-11Joe Orton - 2.4.2-10Joe Orton - 2.4.2-9Joe Orton - 2.4.2-8Joe Orton - 2.4.2-7Joe Orton - 2.4.2-6Joe Orton - 2.4.2-5Joe Orton - 2.4.2-4Joe Orton - 2.4.2-3Joe Orton - 2.4.2-2Jan Kaluza - 2.4.2-1Joe Orton - 2.4.1-6Joe Orton - 2.4.1-5Joe Orton - 2.4.1-4Joe Orton - 2.4.1-3Joe Orton - 2.4.1-2Joe Orton - 2.4.1-1Joe Orton - 2.2.22-2Joe Orton - 2.2.22-1Petr Pisar - 2.2.21-8Jan Kaluza - 2.2.21-7Joe Orton - 2.2.21-6Fedora Release Engineering - 2.2.21-5Jan Kaluza - 2.2.21-4Jan Kaluza - 2.2.21-3Ville Skyttä - 2.2.21-2Joe Orton - 2.2.21-1Joe Orton - 2.2.20-1Jan Kaluza - 2.2.19-5Iain Arnell 1:2.2.19-4Jan Kaluza - 2.2.19-3Jan Kaluza - 2.2.19-2Joe Orton - 2.2.19-1Joe Orton - 2.2.17-13Joe Orton - 2.2.17-12Joe Orton - 2.2.17-11Joe Orton - 2.2.17-10Joe Orton - 2.2.17-9Fedora Release Engineering - 2.2.17-8Joe Orton - 2.2.17-7Joe Orton - 2.2.17-6Joe Orton - 2.2.17-5Joe Orton - 2.2.17-4Joe Orton - 2.2.17-3Joe Orton - 2.2.17-2Joe Orton - 2.2.17-1Joe Orton - 2.2.16-2Joe Orton - 2.2.16-1Joe Orton - 2.2.15-3Robert Scheck - 2.2.15-1- Resolves: RHEL-46040 - httpd:2.4/httpd: Security issues via backend applications whose response headers are malicious or exploitable (CVE-2024-38476) - Resolves: RHEL-53022 - Regression introduced by CVE-2024-38474 fix- Resolves: RHEL-45812 - httpd:2.4/httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474) - Resolves: RHEL-45785 - httpd:2.4/httpd: Encoding problem in mod_proxy (CVE-2024-38473) - Resolves: RHEL-45777 - httpd:2.4/httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475) - Resolves: RHEL-45758 - httpd:2.4/httpd: null pointer dereference in mod_proxy (CVE-2024-38477) - Resolves: RHEL-45743 - httpd:2.4/httpd: Potential SSRF in mod_rewrite (CVE-2024-39573)- Resolves: RHEL-31857 - httpd:2.4/httpd: HTTP response splitting (CVE-2023-38709)- Resolves: RHEL-14448 - httpd: mod_macro: out-of-bounds read vulnerability (CVE-2023-31122)- mod_xml2enc: fix media type handling Resolves: RHEL-14321- change for CentOS Stream Branding- Resolves: #2221083 - Apache Bug 57087: mod_proxy_fcgi doesn't send cgi CONTENT_LENGTH variable when the client request used Transfer-Encoding:chunked- Fix issue found by covscan - Related: #2159603- Another rebuild because of mistake in workflow - Related: #2159603- Rebuild because of mistake in workflow - Related: #2159603- Resolves: #2159603 - mod_status lists BusyWorkers IdleWorkers keys twice- Resolves: #2176723 - CVE-2023-27522 httpd:2.4/httpd: mod_proxy_uwsgi HTTP response splitting- Resolves: #2190133 - mod_rewrite regression with CVE-2023-25690- Resolves: #2177748 - CVE-2023-25690 httpd:2.4/httpd: HTTP request splitting with mod_rewrite and mod_proxy- Resolves: #2162499 - CVE-2006-20001 httpd: mod_dav: out-of-bounds read/write of zero byte - Resolves: #2162485 - CVE-2022-37436 httpd: mod_proxy: HTTP response splitting - Resolves: #2162509 - CVE-2022-36760 httpd: mod_proxy_ajp: Possible request smuggling- Resolves: #2155961 - prevent sscg creating /dhparams.pem- Resolves: #2095650 - Dependency from mod_http2 on httpd broken- Resolves: #2050888 - httpd with SSL fails to start unless hostname command was installed- Add the SNI support in mod_proxy_wstunnel module for Apache httpd - Resolves: rhbz#2017543- Resolves: #2097015 - CVE-2022-28614 httpd:2.4/httpd: out-of-bounds read via ap_rwrite() - Resolves: #2097031 - CVE-2022-28615 httpd:2.4/httpd: out-of-bounds read in ap_strcmp_match() - Resolves: #2097458 - CVE-2022-30522 httpd:2.4/httpd: mod_sed: DoS vulnerability - Resolves: #2097480 - CVE-2022-30556 httpd:2.4/httpd: mod_lua: Information disclosure with websockets - Resolves: #2098247 - CVE-2022-31813 httpd:2.4/httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism - Resolves: #2097451 - CVE-2022-29404 httpd:2.4/httpd: mod_lua: DoS in r:parsebody - Resolves: #2096997 - CVE-2022-26377 httpd:2.4/httpd: mod_proxy_ajp: Possible request smuggling- Resolves: #2065237 - CVE-2022-22719 httpd:2.4/httpd: mod_lua: Use of uninitialized value of in r:parsebody - Resolves: #2065267 - CVE-2022-22721 httpd:2.4/httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody - Resolves: #2065324 - CVE-2022-23943 httpd:2.4/httpd: mod_sed: Read/write beyond bounds- Resolves: #2090848 - CVE-2020-13950 httpd:2.4/httpd: mod_proxy NULL pointer dereference- Resolves: #2065249 - CVE-2022-22720 httpd:2.4/httpd: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier- Resolves: #2035030 - CVE-2021-44224 httpd:2.4/httpd: possible NULL dereference or SSRF in forward proxy configurations- Resolves: #2035063 - CVE-2021-44790 httpd:2.4/httpd: mod_lua: possible buffer overflow when parsing multipart content- Resolves: #2007199 - CVE-2021-36160 httpd:2.4/httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path - Resolves: #1972491 - CVE-2021-33193 httpd:2.4/mod_http2: Request splitting via HTTP/2 method injection and mod_proxy- Resolves: #1968278 - CVE-2020-35452 httpd:2.4/httpd: Single zero byte stack overflow in mod_auth_digest - Resolves: #2001046 - Apache httpd OOME with mod_dav in RHEL 8 - Resolves: #2005128 (CVE-2021-34798) - CVE-2021-34798 httpd: NULL pointer dereference via malformed requests - Resolves: #1984828 - mod_proxy_hcheck piles up health checks leading to high memory consumption - Resolves: #2005119 - CVE-2021-39275 httpd: out-of-bounds write in ap_escape_quotes() via malicious input- Related: #2007236 - CVE-2021-40438 httpd:2.4/httpd: mod_proxy: SSRF via a crafted request uri-path- Resolves: #2007236 - CVE-2021-40438 httpd:2.4/httpd: mod_proxy: SSRF via a crafted request uri-path - Resolves: #1969229 - CVE-2021-26691 httpd:2.4/httpd: Heap overflow in mod_session- Resolves: #1680111 - httpd sends reply to HTTPS GET using two TLS records - Resolves: #1905613 - mod_ssl does not like valid certificate chain - Resolves: #1935742 - [RFE] backport samesite/httponly/secure flags for usertrack - Resolves: #1972500 - CVE-2021-30641 httpd:2.4/httpd: MergeSlashes regression - Resolves: #1968307 - CVE-2021-26690 httpd:2.4/httpd: mod_session NULL pointer dereference in parser - Resolves: #1934741 - Apache trademark update - new logo- Resolves: #1952557 - mod_proxy_wstunnel.html is a malformed XML - Resolves: #1937334 - SSLProtocol with based virtual hosts- prevent htcacheclean from while break when first file processed- Resolves: #1918741 - Thousands of /tmp/modproxy.tmp.* files created by apache- Resolves: #1883648 - [RFE] Update httpd directive SSLProxyMachineCertificateFile to be able to handle certs without matching private key- Resolves: #1896176 - [RFE] ProxyWebsocketIdleTimeout from httpd mod_proxy_wstunnel - Resolves: #1847585 - mod_ldap: High CPU usage at apr_ldap_rebind_remove()- Resolves: #1651376 - centralizing default index.html for httpd- Resolves: #1868608 - Intermittent Segfault in Apache httpd due to pool concurrency issues - Resolves: #1861380 - httpd/mod_proxy_http/mod_ssl aborted when sending a client cert to backend server - Resolves: #1680118 - unorderly connection close when client attempts renegotiation- Resolves: #1677590 - CVE-2018-17199 httpd:2.4/httpd: mod_session_cookie does not respect expiry time - Resolves: #1869075 - CVE-2020-11984 httpd:2.4/httpd: mod_proxy_uswgi buffer overflow - Resolves: #1872828 - httpd: typo in htpasswd, contained in httpd-tools package - Resolves: #1869576 - httpd : mod_proxy should allow to specify Proxy-Authorization in ProxyRemote directive - Resolves: #1875844 - mod_cgid takes CGIDScriptTimeout x 2 seconds for timeout - Resolves: #1891829 - mod_proxy_hcheck Doesn't perform checks when in a balancer- Resolves: #1209162 - support logging to journald from CustomLog- Resolves: #1823263 (CVE-2020-1934) - CVE-2020-1934 httpd: mod_proxy_ftp use of uninitialized value- Related: #1771847 - BalancerMember ping parameter for mod_proxy_http doesn't work- Resolves: #1823259 - CVE-2020-1927 httpd:2.4/httpd: mod_rewrite configurations vulnerable to open redirect - Resolves: #1747284 - CVE-2019-10098 httpd:2.4/httpd: mod_rewrite potential open redirect - Resolves: #1747281 - CVE-2019-10092 httpd:2.4/httpd: limited cross-site scripting in mod_proxy error page - Resolves: #1747291 - CVE-2019-10097 httpd:2.4/httpd: null-pointer dereference in mod_remoteip - Resolves: #1771847 - BalancerMember ping parameter for mod_proxy_http doesn't work - Resolves: #1794728 - Backport of SessionExpiryUpdateInterval directive- Resolves: #1775158 - POST request with TLS 1.3 PHA client auth fails: Re-negotiation handshake failed: Client certificate missing- Resolves: #1704317 - Add support for SSLKEYLOGFILE- mod_cgid: enable fd passing (#1633224)- Resolves: #1744121 - Unexpected OCSP in proxy SSL connection - Resolves: #1725031 - htpasswd: support SHA-x passwords for FIPS compatibility - Resolves: #1633224 - mod_cgid logging issues- remove bundled mod_md module - Related: #1747898 - add mod_md package- Resolves: #1744999 - CVE-2019-9511 httpd:2.4/mod_http2: HTTP/2: large amount of data request leads to denial of service - Resolves: #1745086 - CVE-2019-9516 httpd:2.4/mod_http2: HTTP/2: 0-length headers leads to denial of service - Resolves: #1745154 - CVE-2019-9517 httpd:2.4/mod_http2: HTTP/2: request for large response leads to denial of service- Resolves: #1730721 - absolute path used for default state and runtime dir by default- Resolves: #1724549 - httpd response contains garbage in Content-Type header- Resolves: #1696142 - CVE-2019-0217 httpd:2.4/httpd: mod_auth_digest: access control bypass due to race condition - Resolves: #1696097 - CVE-2019-0220 httpd:2.4/httpd: URL normalization inconsistency - Resolves: #1669221 - `ExtendedStatus Off` directive when using mod_systemd causes systemctl to hang - Resolves: #1673022 - httpd can not be started with mod_md enabled- Resolves: #1695432 - CVE-2019-0211 httpd: privilege escalation from modules scripts - Resolves: #1696091 - CVE-2019-0215 httpd:2.4/httpd: mod_ssl: access control bypass when using per-location client certification authentication- Resolves: #1672977 - state-dir corruption on reload- Resolves: #1670716 - Coredump when starting in FIPS mode- add security fix for CVE-2019-0190 (#1671282)- add DefaultStateDir/ap_state_dir_relative() (#1653009) - mod_dav_fs: use state dir for default DAVLockDB - mod_md: use state dir for default MDStoreDir- add httpd.conf(5) (#1611361)- Resolves: #1652966 - Missing RELEASE in http header- Resolves: #1641951 - No Documentation= line in htcacheclean.service files- Resolves: #1643713 - TLS connection allowed while all protocols are forbidden- mod_ssl: fix off-by-one causing crashes in CGI children (#1649428)- Resolves: #1644625 - httpd rebase to 2.4.37- Related: #1493510 - RFE: httpd, add IP_FREEBIND support for Listen- mod_ssl: allow sending multiple CA names which differ only in case- mod_ssl: drop SSLRandomSeed from default config (#1638730) - mod_ssl: follow OpenSSL protocol defaults if SSLProtocol is not configured (Rob Crittenden, #1638738)- mod_ssl: don't require SSLCryptoDevice to be set for PKCS#11 cert- Resolves: #1635681 - sync with Fedora 28/29 httpd - comment-out SSLProtocol, SSLProxyProtocol from ssl.conf in default configuration; now follow OpenSSL system default (#1468322) - dropped NPN support - mod_md: change hard-coded default MdStoreDir to state/md (#1563846) - don't block on service try-restart in posttrans scriptlet - build and load mod_brotli - mod_systemd: show bound ports in status and log to journal at startup - updated httpd.service.xml man page - tweak wording in privkey passphrase prompt - drop sslmultiproxy patch - apachectl: don't read /etc/sysconfig/httpd - drop irrelevant Obsoletes for devel subpackage - move instantiated httpd@.service to main httpd package- Resolves: #1602548 - various covscan fixes- apache httpd can work with TLS 1.3 (#1617997) - drop SSLv3 support patch- new version 2.4.35 (#1632754)- mod_ssl: enable SSLv3 and change behavior of "SSLProtocol All" configuration (#1622630)- mod_ssl: add PKCS#11 cert/key support (Anderson Sasaki, #1527084)- new version 2.4.33 - add mod_md subpackage; load mod_proxy_uwsgi by default- remove %ghosted /etc/sysconfig/httpd (#1572676)- Resolves: #1512563 - httpd: update welcome page branding - Resolves: #1511123 - RFE: httpd use event MPM by default - Resolves: #1493510 - RFE: httpd, add IP_FREEBIND support for Listen- new version 2.4.28- add notes on enabling httpd_graceful_shutdown boolean for prefork- drop Requires(post) for mod_ssl- better error handling in httpd-ssl-gencerts (#1494556)- Require sscg 2.2.0 for creating service and CA certificates together- Address CVE-2017-9798 by applying patch from upstream (#1490344)- use sscg defaults; append CA cert to generated cert - document httpd-init.service in httpd-init.service(8)- Address CVE-2017-9798 by applying patch from upstream (#1490344)- Generate SSL certificates on service start, not %posttrans- move httpd.service.d, httpd.socket.d dirs to -filesystem- add new content-length filter (upstream PR 61222)- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- update mod_systemd (r1802251)- switch to event by default for Fedora 27 and later (#1471708)- Resolves: #1469959 - httpd update cleaned out /etc/sysconfig- new version 2.4.27- mod_proxy_fcgi: fix further regressions (PR 61202)- new version 2.4.26- move unit man pages to section 8, add as Documentation= in units- add httpd.service(5) and httpd.socket(5) man pages- require mod_http2, now packaged separately- Resolves: #1397243 - Backport Apache Bug 53098 - mod_proxy_ajp: patch to set worker secret passed to tomcat- Resolves: #1434916 - httpd.service: Failed with result timeout- link only httpd, not support/* against -lselinux -lsystemd- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild- mod_watchdog: restrict thread lifetime (#1410883)- Resolves: #1358875 - require nghttp2 >= 1.5.0- new version 2.4.25- Resolves: #1401530 - CVE-2016-8740 httpd: Incomplete handling of LimitRequestFields directive in mod_http2- fix build with OpenSSL 1.1 (#1392900) - fix typos in ssl.conf (josef randinger, #1379407)- no longer package /etc/sysconfig/httpd - synch ssl.conf with upstream- add security fix for CVE-2016-5387- load mod_watchdog by default (#1353582)- restore build of mod_proxy_fdpass (#1325883) - improve check tests to catch configured-but-not-built modules- update to 2.4.23 (#1325883, #1353203) - load mod_proxy_hcheck - recommend use of "systemctl edit" in httpd.service- have "apachectl graceful" start httpd if not running, per man page- use redirects for lang-specific /manual/ URLs- fix welcome page HTML validity (Ville Skyttä)- remove httpd pre script (duplicate of httpd-filesystem's) - in httpd-filesystem pre script, create group/user iff non-existent- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- update to new version 2.4.18- re-enable mod_asis due to popular demand (#1284315)- fix crash when using -X argument (#1272234)- rebase socket activation patch to 2.4.17- update to 2.4.17 (#1271224) - build, load mod_http2 - don't build mod_asis, mod_file_cache - load mod_cache_socache, mod_proxy_wstunnel by default - check every built mod_* is configured - synch ssl.conf with upstream; disable SSLv3 by default- update to 2.4.16- mod_ssl: use "localhost" in the dummy SSL cert if len(FQDN) > 59 chars- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild- update to 2.4.12- fix compilation with lua-5.3- remove filter for auto-provides of httpd modules, it is not needed since F20- core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704) - mod_cache: fix NULL pointer dereference on empty Content-Type (CVE-2014-3581) - mod_proxy_fcgi: fix a potential crash with long headers (CVE-2014-3583) - mod_lua: fix handling of the Require line when a LuaAuthzProvider is used in multiple Require directives with different arguments (CVE-2014-8109)- require apr-util 1.5.x- use NoDelay and DeferAcceptSec in httpd.socket- increase suexec minimum acceptable uid/gid to 1000 (#1136391)- fix hostname requirement and conflict with openssl-libs- use KillMode=mixed in httpd.service (#1135122)- set vstring based on /etc/os-release (Pat Riehecky, #1114539)- pull in httpd-filesystem as Requires(pre) (#1128328) - fix cipher selection in default ssl.conf, depend on new OpenSSL (#1134348) - require hostname for mod_ssl post script (#1135118)- mod_systemd: updated to the latest version - use -lsystemd instead of -lsystemd-daemon (#1125084) - fix possible crash in SIGINT handling (#958934)- mod_ssl: treat "SSLCipherSuite PROFILE=..." as special (#1109119) - switch default ssl.conf to use PROFILE=SYSTEM (#1109119)- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- add /usr/bin/useradd dependency to -filesystem requires- fix creating apache user in pre script (#1128328)- enable mod_request by default for mod_auth_form - move disabled-by-default modules from 00-base.conf to 00-optional.conf- update to 2.4.10 - expand variables in docdir example configs- add support for systemd socket activation (#1111648)- remove conf.modules.d from httpd-filesystem subpackage (#1081453)- add httpd-filesystem subpackage (#1081453)- mod_ssl: don't use the default OpenSSL cipher suite in ssl.conf (#1109119)- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- add support for SetHandler + proxy (#1078970)- move macros from /etc/rpm to macros.d (#1074277) - remove unused patches- update to 2.4.9- use 2048-bit RSA key with SHA-256 signature in dummy certificate- Create drop directory for systemd snippets- remove provides of old MMN, because it contained double-dash (#1068851)- fix graceful restart using legacy actions- conflict with pre-1.5.0 APR - fix sslsninotreq patch- update to 2.4.7 (#1034071)- switch to requiring system-logos-httpd (#1031288)- change mmnisa to drop "-" altogether- drop ambiguous invalid "-" in RHS of httpd-mmn Provide, keeping old Provide for transition- systemd: use {MAINPID} notation to ensure /bin/kill has always the second arg- mod_ssl: allow SSLEngine to override Listen-based default (r1537535)- systemd: send SIGWINCH signal without httpd -k in ExecStop- load mod_macro by default (#998452) - add README to conf.modules.d - mod_proxy_http: add possible fix for threading issues (r1534321) - core: add fix for truncated output with CGI scripts (r1530793)- require fedora-logos-httpd (#1009162)- revert fix for dumping vhosts twice- update to 2.4.6 - mod_ssl: use revised NPN API (r1487772)- mod_unique_id: replace use of hostname + pid with PRNG output (#976666) - apxs: mention -p option in manpage- add patch for aarch64 (Dennis Gilmore, #925558)- remove duplicate apxs man page from httpd-tools- remove zombie dbmmanage script- return 400 Bad Request on malformed Host header- ignore /etc/sysconfig/httpd and document systemd way of setting env variables in this file- htpasswd/htdbm: fix hash generation bug (#956344) - do not dump vhosts twice in httpd -S output (#928761) - mod_cache: fix potential crash caused by uninitialized variable (#954109)- execute systemctl reload as result of apachectl graceful - mod_ssl: ignore SNI hints unless required by config - mod_cache: forward-port CacheMaxExpire "hard" option - mod_ssl: fall back on another module's proxy hook if mod_ssl proxy is not configured.- fix service file to not send SIGTERM after ExecStop (#906321, #912288)- protect MIMEMagicFile with IfModule (#893949)- really package mod_auth_form in mod_session (#915438)- update to 2.4.4 - fix duplicate ownership of mod_session config (#914901)- add mod_session subpackage, move mod_auth_form there (#894500)- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild- add systemd service for htcacheclean- drop patch for r1344712- filter mod_*.so auto-provides (thanks to rcollet) - pull in syslog logging fix from upstream (r1344712)- rebuild to pick up new apr-util-ldap- rebuild- pull upstream patch r1392850 in addition to r1387633- define PLATFORM in os.h using vendor string- use systemd script unconditionally (#850149)- use systemd scriptlets if available (#850149) - don't run posttrans restart if /etc/sysconfig/httpd-disable-posttrans exists- use systemctl from apachectl (#842736)- fix some error log spam with graceful-stop (r1387633) - minor mod_systemd tweaks- use IncludeOptional for conf.d/*.conf inclusion- adding mod_systemd to integrate with systemd better- mod_ssl: add check for proxy keypair match (upstream r1374214)- update to 2.4.3 (#849883) - own the docroot (#848121)- add mod_proxy fixes from upstream (r1366693, r1365604)- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- drop explicit version requirement on initscripts- mod_ext_filter: fix error_log warnings- support "configtest" and "graceful" as initscripts "legacy actions"- avoid use of "core" GIF for a "core" directory (#168776) - drop use of "syslog.target" in systemd unit file- use _unitdir for systemd unit file - use /run in unit file, ssl.conf- mod_ssl: fix NPN patch merge- move tmpfiles.d fragment into /usr/lib per new guidelines - package /run/httpd not /var/run/httpd - set runtimedir to /run/httpd likewise- fix htdbm/htpasswd crash on crypt() failure (#818684)- pull fix for NPN patch from upstream (r1345599)- update suexec patch to use LOG_AUTHPRIV facility- really fix autoindex.conf (thanks to remi@)- fix autoindex.conf to allow symlink to poweredby.png- suexec: use upstream version of patch for capability bit support- suexec: use syslog rather than suexec.log, drop dac_override capability- mod_ssl: add TLS NPN support (r1332643, #809599)- add BR on APR >= 1.4.0- use systemctl from logrotate (#221073)- pull from upstream: * use TLS close_notify alert for dummy_connection (r1326980+) * cleanup symbol exports (r1327036+)- really fix restart- tweak default ssl.conf - fix restart handling (#814645) - use graceful restart by default- update to 2.4.2- fix macros- add _httpd_moddir to macros- fix symlink for poweredby.png - fix manual.conf- add mod_proxy_html subpackage (w/mod_proxy_html + mod_xml2enc) - move mod_ldap, mod_authnz_ldap to mod_ldap subpackage- clean docroot better - ship proxy, ssl directories within /var/cache/httpd - default config: * unrestricted access to (only) /var/www * remove (commented) Mutex, MaxRanges, ScriptSock * split autoindex config to conf.d/autoindex.conf - ship additional example configs in docdir- update to 2.4.1 - adopt upstream default httpd.conf (almost verbatim) - split all LoadModules to conf.modules.d/*.conf - include conf.d/*.conf at end of httpd.conf - trim %changelog- fix build against PCRE 8.30- update to 2.2.22- Rebuild against PCRE 8.30- fix #783629 - start httpd after named- complete conversion to systemd, drop init script (#770311) - fix comments in /etc/sysconfig/httpd (#771024) - enable PrivateTmp in service file (#781440) - set LANG=C in /etc/sysconfig/httpd- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- fix #751591 - start httpd after remote-fs- allow change state of BalancerMember in mod_proxy_balancer web interface- Make mmn available as %{_httpd_mmn}. - Add .svgz to AddEncoding x-gzip example in httpd.conf.- update to 2.2.21- update to 2.2.20 - fix MPM stub man page generation- fix #707917 - add httpd-ssl-pass-dialog to ask for SSL password using systemd- rebuild while rpm-4.9.1 is untagged to remove trailing slash in provided directory names- fix #716621 - suexec now works without setuid bit- fix #689091 - backported patch from 2.3 branch to support IPv6 in logresolve- update to 2.2.19 - enable dbd, authn_dbd in default config- fix path expansion in service files- add systemd service files (#684175, thanks to Jóhann B. Guðmundsson)- minor updates to httpd.conf - drop old patches- rebuild- use arch-specific mmn- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- generate dummy mod_ssl cert with CA:FALSE constraint (#667841) - add man page stubs for httpd.event, httpd.worker - drop distcache support - add STOP_TIMEOUT support to init script- update default SSLCipherSuite per upstream trunk- fix requires (#667397)- de-ghost /var/run/httpd- add tmpfiles.d configuration, ghost /var/run/httpd (#656600)- drop setuid bit, use capabilities for suexec binary- update to 2.2.17- link everything using -z relro and -z now- update to 2.2.16- default config tweaks: * harden httpd.conf w.r.t. .htaccess restriction (#591293) * load mod_substitute, mod_version by default * drop proxy_ajp.conf, load mod_proxy_ajp in httpd.conf * add commented list of shipped-but-unloaded modules * bump up worker defaults a little * drop KeepAliveTimeout to 5 secs per upstream - fix LSB compliance in init script (#522074) - bundle NOTICE in -tools - use init script in logrotate postrotate to pick up PIDFILE - drop some old Obsoletes/Conflicts- update to 2.2.15 (#572404, #579311) 2.4.37-65.module+el8.10.0+1842+4a9649e8.22.4.37-65.module+el8.10.0+1842+4a9649e8.22.4.37-65.module+el8.10.0+1842+4a9649e8.201-session.conf.build-id350843516fcced2ae964f4bdf6485ba2edd340fc1f062c4754b9c9301f1ec264e0dc04b6954ffbea5e70b59817ed1520bac15b6121e8e640580f7868ccdee05c22ceba575dab698e032e6329e370b1b78a9beb7854847ffe5c72334ebe66d0mod_auth_form.somod_session.somod_session_cookie.somod_session_crypto.somod_session_dbd.so/etc/httpd/conf.modules.d//usr/lib//usr/lib/.build-id/0f//usr/lib/.build-id/1f//usr/lib/.build-id/37//usr/lib/.build-id/74//usr/lib/.build-id/89//usr/lib64/httpd/modules/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpioxz2x86_64-redhat-linux-gnuASCII textdirectoryELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=89e370b1b78a9beb7854847ffe5c72334ebe66d0, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=0f350843516fcced2ae964f4bdf6485ba2edd340, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=1ffc1f062c4754b9c9301f1ec264e0dc04b6954f, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=740f7868ccdee05c22ceba575dab698e032e6329, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=37fbea5e70b59817ed1520bac15b6121e8e64058, stripped RRRRR RRRRR RRRRRR RRRRRR RRRRRR utf-8cdfdb05fbe10c780a3e4b9656e1d94c7bcee9bee5e4a88fd6fb2af6a90e87559httpd:2.4:8100020240812075544:e155f54d?07zXZ !#,ȷ] b2u Q{LYZ믤&pߺ'PIuݦ w4ftcf4U‚c}nTm`,10%xW<@/n~Q &p#YcT }[sxadU81@H9 f#|у96ԽDtvg*S Pwx#E? SlnҊ_5n+!.hYU( U:(N;AUx)eEGݬ'\8c\/]~D%V׮<ӑٳ1&Ge'C_F)hK+Dh"9y8O]*mMܛ1*[(bC1}h.Ԙɽ5~a N9MQ]07`"oYgn ZHq NU+GEAz$gݒ8„^ q=\þ&NAy%ښJ6BDbi|*djGiY`YNp ]E MC2rFΥ1.#wX;ZExNFV0+b/ +%n th_7y(Raѝ8QZïTJ| 3~,5-c jR:tM*Ė5N EȴtƎJ^G. )hg^eTɦn-&eW} 2y H|/,i7u[$xx; +uɎAVfHe'g,j%7WG6*>b=Z9)*vD/_ ™/,Cz2~K);uC24"{0hBdx1z16k%BRhKCƟX*ֶ;މ y՛{wYL\M}<ʑFhν/;#RUjtR \:1~a 4۹t׈s#@ xs?Pm:?9fL!̐Ц 9KezQژr4GP1Ԗ2'“^ʻMSG妪fC:N t^|=3fAWa@6m”\RԮWN]YK]݇kvlZlJm~X, kYq)W#0aT9x;TJGڳ# $zdK z@TC@D7ɠJw)#>rj6Ҁ,Q\fi)soՠzɲ+vӏa4~L77CSΣ6E6}x!9KaXf(%)AВǛYyd8|x`s²t;/ЪY%: 803]bax e VC0-$3klT tr2=f;Ha[\rO Y?:g ˩>7F[b; $^K2#x!н.V~j\ dϩ , Ll3%o㋍۴:Ul٤-@Ӹ\b"wSܿS8mzfs&?xɽ gVHѧzWg܉_27ˆ;uw(bip?aSXeE7M@N$xrr~FcF(󉱻ŕShWUs.ϏQ~I"B$18ss4U˘RJ'0X̟Nk!Gc-l"ATNI6) 旭^Ѣl,‹cv "ܸ)D( c4C62.69lu&KwHIxU/ a! "?Gg@Y31K4B\nS+x?-J 6z4tҽ\} SGG&my߬OAF.nKQGGOQSv`5uߛ!޴f"-~[fҧ),1_ EU0V'ԗY10[>Wul3 6?"} 6]t|JZ1"zvPN9v?xH m/9tFͲ_#m9ϨZX-X7Q;\i\Vl;i*R%Za8_^ߣD(Nġ ¿mւX_j,9_ y}G(&.xe2#rO-pF<_O4g n~*Z /$]+f%iz0~Z tO)3ct0ܑG@ ~* A}ㅐwk A,albB,տ_?"M>rȧF]䰻n]$#?*< ePJ1" /}E#2+Ce.jo+hdhp4¦ NBO]?0wqbCmkK?ɛ{7aK}sW@L<BQw%NgQv.i:^Ebb. 6Ey5ƺCNܾE^{×lyEWYU6CN6ZIwJl~lK\}-@&bE^սoIH,N\MEscuJfwlkedQRT'Y0)lUR>XwIJh7eN E3݅nxe͡@LrE*_mdN@!-.q$ |%]5QXS6ݢuޓxa<@cXf?l~,K.4cQ$Q WB)<ΟI0̈́S]"ƬRPjC\ײwj~dHM(:C#enYG"AsL3 {]ȋg$D֢@-bЖJs,n;fٽ]Պ|- +5䢗u._ΐ),Z6t 1AlXFTUei))JNFZxצä5IHO)#A`~6NR'17Nrlh<*%Ȉꜷ\F%Me@휶<*n:#H`F b 94: L #}q|>wylu7cӓ7b݌$^S.̕yp!Cݭi+ oȚk:(07b&|YǪ{ mW4 'Ҧ:\J2U> .ܞza0&v?/wnɦ) cDr\d7ёZG.[ĈwJNkVzbnsYcD!0veP 8'᠓D= j&AipŹ;/}ULED{jPL ,= D̬)(UK^ė%4]Adxlk7ů"g+tO =tҡwl/%,–턩`M`}W}g~1t jf)cRTJ=􉝂K.[[R^4qag mHq 3oSZ斈"i /C|KK`-!oN O:-~Fj+Rs%I_2WAFy>Lmq|*;@o'9h į~$Ȏ66]yGx|2*&JEVV˝Nxp qTz Gm -'#*ZE3M` Iw'c`əhX4SHACIX#w060,8bktȫG3M y^tb{3a(Oߤ*6)]ќu>҉X^D+;5_ Q#+dpcƑ_#Q-2ԥHS?ܲﯦ `dW+ׂǏG3|,W Ø# Z1YX`X9&-sh`^ܦm7(-BuUZ/ջyDWv>c. 1 ּbX ZK.-=Dk9%̘|/J^7F8+xWlLgNoR1G[ʮjp"0<_jߧ9T6]|kKne~—:.jUw" /JP u{z@:(k|,{;άa5V@!b  u,vPrTL3]KAA`^yzOe_aU(Xm58б0$FOqR@$Oōt 8EubPu bb :bۦnB3μB ROO՗'dr8auAbY'de!Zxb :ހ#m -ɽ7əmM92hBh\ 4l ~=\TMEc$qGb>@P-"4S Tŕ9ݜh޸)sz&cpoYxeDգbbd(QQ*%2F.vMm8i"M(,٢IuʚG¿W?-==2O!NPHT޶HEѨp~ tt U ^Zb3`'EϞ0] ;p$M1>@E:E.bnlnp4\gi>>_ :5;_<(ʂ4U4;UكGct;ޚo=O_ۍc. ;2ֺҦzdaL/e;twbEkUDO5A9Ѻo4 =z }sxR:HúFQp aFz6@]0SIf#yHf=(zĆ*5M7/l{ [z"iqTEš+÷Z{(1ڨWJC<4o<${< P٩u@ \!.,i;s9ݔ4|Cv~$[M5ex3Q63a?q;A 9% ;bk 6ύ%n.VKbFڰcx1\4!;kΧ[pP%\T7ᑚ2v[a^vXVr*)r+mu= MSћ- 0:fZ' ٦F FM t|>yN/0jX8:NNX O/mc-養f4 4y*3HS%]s72<Xz0(.SNg$:)WP<(vŹS!j% '5՚x\P7Z aO=ʉ 5N}g#Vyo'^(r4 xNnz#}7[gY׼ťreȥ)?uBOJǙ7Zhɹ:գTS0҂ :C+a(φʱtqKHG LTاŨ3;z;R(sf <18B@;&&)࿪]U ]ɶGq!)][%lS*Ԁ!tSvv(Λ~lK"ȅ:f #K1z=Nֵ}cl(#u @ΣHAi_l%RsH FTb? FOA;לn*#E,:Wn{'ACh}#?udZI pȊ}#±vm\[G}./Cyޅ eX43;+Yq<|9?ÙzTOZZɎE<.n;')R \M[ hc< ` )fMdYZgҾ>։6zWzΆ}oh;>@dǾ.,@-x0;y e SO+|жqJYeyiցZ^"G^Q$fF!3Ƙ 'xց>NqKvIFPg8"Z fct%A`XAOYz+_>ms/ws9  ק"B(anNr?6ӆx]Üw\KZ+p2|sJњ p'il(Qg_*Zc# a!m: UC-$n{UՕǔ w0<9\]/k[9"(2~]n#5kU$dxs> 8eļXx?@6 2㤧 8 D`x"C2.gy3W)ҧYf#-Rخƶ6h/9 OaHF"\,Ki@ʀqN<~c[ PK Zp4m*LEoZ !(o&Yر픦A(NM k/K2w-lG9y#}[\8KT tm]#wrQ?4,? =|RbQkT|EC򅬢E;?~rh(Tjk껖у7}o 6wegOZfOA&y'zN@Q9(G[VNT4}>{A[S[\S9tBha[4^>g M 崷d9pTF :T6%Z<ɡ/}#qCPYJ+dG~5\ի*XH^>/Qbu,3!0_*Z?t`bOe]Ee 9ލFAzdV&h*Њ!yD< 3 ǒ$T*$ -OʻfI:%\k㳍p#밙0\`"VS urDcY9  '{p]ӈ4b~S8OvjmҸB a{D&|1/d>8*bo(XvLbW *p4;llTJFY#E(Nb+pDw8; ! XC`߭; TYSh la# GާU=Eގ9/A=;[052I =NDYh.67^䝿05gYE->]L}& ٩ gOyxv÷AVBp=%fU"CU.=ǗKĪ3XQ/c+w ƺϺA mb1/dX" Zc$N#]@¬Aݺ~n$pl w!Rk䀙G)-ˬ:$lb+Q57cpdV^*JmJs "vOL5 w#Dc$ fP@?H gl4xv%d4CY{ \3pZ`.ۥ'+0=`9H%.s2٢퉄=:sܞM3uDKH.{w'%]w ᴃ2wBU\I9K<~70^bIiq?~x =ษ j#fO9$fvenY'<_]@PaBBpnQiq'n?Z'NBno= >L*C©4q;W4_/+ A]OX%1\d 14B>J,hC^y_ AۍW4~yG^r9wPo̳ ӜDzފlpeFܸ5tpMX/,[M2#`rKHFArN˷  B73 -TFYW(`E_s;H'n_Tm|@R.kmޘo/=?f0-_Sl~F:dVN 6v?Ւ}\bVw=_s5)ave\}Evt?)Do Wkjy%`֊] t"woi2꣧$AkS< rcjXM'/BAf[#gS@siվ<.¨O  @P>8kDA}YQvGBdDN/ȅh) Gp ;{P%(iͳRۗ)ݮ4T.%28DZKS冻1w7SgFYILv$>w} /C8~w^ `aP lfIJ5pMb(;'Z!MVy7:XImsJe%beKGp85C;8͛";F M@N ӛ7$-gtxruO r#0jC^듰R!\k2p:x 0kw{Jz[Q!F#Њ {YB 30dg\2"6(>hAk ' z00uʣɷr?ɡت71[}5=-`)Acp*6 ^VnH<> "J~d I8H%?\7q& ڟVДHҡ8텿 3 m[qb1:+A4/C঳WP1YDut EJ.O ӌ$rZ:TZF`6yr\v+# u{e.KBz{ї|ثKw7k9=bsAaR80Fj P-v%/˿~@w%M`H˧s>b~znOO #/7ip%.-UXYiQ_Xh&@1]VMA'Ԃs;SHHܘ!N _ƹDsLv ": (m0=:ZRC_ QudFym(+iJֶff@;bFEiB jc7z:Ug7Bz4MFZ.a{#mA^B"PX17\#OFZ,5gΥ.E'i2{ǝ lekDEeE|2 rujx{d=[ TdPtRUCԬvIZl'7FY4\EحfI!XJ[ܴN{\StY>7/IvG${t(Ah@==C$TZ yq3]-#o"k,~xSǨnovE(߸øѣc('p~gQvUJ!Kv6Rq*GO&2a j>ctF A'3 Bx`.o|PXhrǿBdZx8 T\Sd Sطeh9g•Bk y%#^z &S`7}ٜOaXhQכ_u ɦ)E)mL3",R~nGʝ!^0Գx%*:ذ'S{L , -?~u݆Uv#GM;9ΰAQH܏fB+z7ɁvWg YªY|a$Pv7;8ek?8V 0`:7On֒rݷ~4#lQ8 ET_=ԿgEK嵹RTlŧ8٨ĥNۏTM6ɓl8s1=܄ %ଊ]Gdm I7!23@fV"ؑ-o=>6ֽ]cLؼf lz6jlU6_cbA.ۋ0p<E θj|)#=Hm΁fr6>Pѥݤ/ԕM.Ɩ5b](,{JAfq(G~,9jJt=DG1ЅBF Ve6ۿoy+VIܾ?BYDA Obkm{,8ܚ+z߼K>er~YH{{hIy*vO%L+rU!Vj0`2Ep9:ҦTAg{2$).B)W^t8w>j*WT=Tyc< &_!pħ6k6b q.Wk }:Xmv(jcgo׾b^Ȑk s3-GugkZ;> ]DwEj2DX@>.:|9?=PՔ&Ĕq:­ABY-K СV:%'LI9qq_`6G ~ |_yYqMC!8 f! 9355P&9HWG, 3tg=;NpE2\e[bFەv019RVnYE`Imq\+a.2ƷO"ƪO,e)u͍ 8߳ն ɪ z^JKƮlA L@W/&ƭVr#ǽxFj \V^8,pQeG1  /xfbo7隆a)Q*7da:x_w DiG]|߇X(#4%~:Rdb߽z\ ^|C a rҿqJgQWK~ByG|k#6l] /liLr?RV'810k]+2+@A,+ӈ ZI1al 4%2Xj!+qTh&:iړW֜nm4|m},dxM?$Wu <w5 ZҠQ}!k`d6DE<j:3[%H0b!M5'FmN{@ !!>lgVC9JO<({̉zA͎ ͿNW?46y9KFsvoY'pj4) oK[T8x-LFkL;a,ĝOO>bbޟ\.4WaR#yoIi,TC^Bɂk}M{%#\&1x{Yo9yqBdT;Ӛ\ +<s`F~PU=N9]!Ǫm[.Sh{zzA `EiVC韂S{CY.$Tg*vQR!y1XdY6AfFܰEx'6+ϾqIfatʰ{L0S`^uzoښs5n-&z DDт֥͘vTl AkY}T!U`ߏz_4ݨE0\*XV,Gܖ4q?0hFŌDϫ =v,Xzo`ldrı/kי޵nep /?YwE!iiEWV4$̟-I;Zn성EDsmp5߲ &)|zۑ1DbH 늿GeOfxX B*Rn%x)4 y?dX>lm|t錉qra#5.UߓzqJnn;u"nA" oNgQ0CwgV8r=9,V&_O/ ?|fqt<4?l7a:?R!@p+9h}X2De9:!IK[ xڟ z }j?/g*mR";eO m^0VtB,/HLZO ̃$"GΒ)̭~W{>sE<8D ų3u%wmbϛԫ>!7ktXJj [Wj~*I8!a~C^E2/-g:U%E-F0?Y p  -ȰY4,q49n%Gda#{jp6/ysjv Aڠͧ< y!cwnN+<*:EvV: _9U &u4[u#F5~d*s$UȹoiyU~ia{b0-&͌]|ϾKpϤp}̸ip;ɽ{$ȥ3}d$rl VWo-icN[ <9ջxSgFs FXY-? GEi:00ܡJq$\~HT?'zPWt:Y+fu;Ղ!r^=ΙՆi ؒ[OAAyTw[*,rRz8n;'_50q-| ѝIZ_^:iX1GZxIw/d5 MͶK&i* l5HnG:mGDox]6RLSPVN ԰>:@k (UqLYӿU C U Dt25a{kn|O0"eAFr)*nY: l*e<ߢzLa0qL(+)ok(5| 86a-(Ǣ阜'ׇhe["u s"=SbwYQV23JX`״Q/[L3 -I 1'bB/p#$wP6H1j6B/m3{?l;/pL2Eyɱ5UڨKt9MIS?CkX-N|W  -wRkuLƼ.VWڜ9:KւthDW鞥Ls91R=JZNPB~oP&-CV9b4<d3zѸ+535<#߹ gA%юc\'P1Z5!N@SR hn^78q|Ϝ a"|^7 4 VEƫޅX\f;&i%?fv66D[Mph~NP_1רrIc}8Wxu)]/O xJ@'ER-}m =x7cDRid_ևf]/YߨKS Qiܿ\:R8p6dlPzr&Oc;QJ׊09maɦzS\SI?3چF]iPƥeṛWr +8P܆ &H]S>aeAF0I#G7&̑*vj ˋ0. iG+MSq?u16~˥%"eɳLABN+6e[l=!,paA;vD"UĩętҰ"#+2>% 赋M63Tm1w}ށA)ѳ+@6E=k1TFM }~>PARs/ٜb{u[M3e lf|ӥ``\Y;Z+Ė,p=`T7J&/ab6Ko(b# W8Hyb#nԗPUwb`|pSA+&GESr s:y~{{HEq.Uu.(3uL=Jg{@ZҰv{UWB}%I>|6ݳЊPs㒯OdΕ]7`gc f6 u!=Ci^;k~$+l| s_KdFD"WLx!L o%v:czؿ`$;fXZПrpa0\<x <ǫgCH0 ʚnHW9Sį-DT釋k|:XF,1=q<3ئ"K`II 9KWZm] Dߝ0wꉽsʾا^Xa|S\"yB7b1J˕*.=ZܙM"2_VbCZjr+d[Huʌȩ$]a~ AAGCP0I.{5lg,O]z@@= 0"|QaniX:xfuBK wyR ndxmWANWL"lՈhLZ-޵bO"`lͶ_E #[s_p]6|NVkjB])(M>Gd^JЎ4~[FTS4y"I|CJ{z< h9w-~+J~fGYaU.oX6"s>,q~J!ױ*Gx&Uwur/A17BN̚rY1nbјg1,EUC}?/()R(\aK&hK} pܭ`M>1lWd˻Mj8xT!/,Vcos#_Δ~_x{!R٭6P*<ﱺm0uEShSMB?^%&`# >/ʯ?yEiF fٴE_H4pW1) 16}`pW6[bݦVzњWR:ٞ:FN|NzA*/.+Oq&}┡*U %;gV] @2)Ӈvm$CGkDǐ˔b$AХhwU~a՘*RoEׁv-XеG|.~-]#3iK~ze"ŬwKF}0%wY`Li?Q +lLjW3Ҟb83Y4q{,)M(;N|8x:xUbNvo;l PIlk)Dl8RVS`F}rՄt͋DͨvO ꌾmUJZ~%@U4ƖEAh_ı|~e+_7{׾c`9V28nY`鉵N|]鸀TONqx%;QХ=v`pU~_WV#mzj~(Bⳡxqi8`'@}E'[?>i ^W5iD)T>Gdzp܅ԌRDaG.]{I+{lmbvqPz*$5QLP*[s$F)C+!]ơ A|e`,7sA7.WYU".yjy'@ uI/8QO6\%qvJI`o *ɇμ\< .-uk[ko_NSD@j3[ԅ|E4yP"$nݦ֎QY uϔ DHQ8e igRkȍV&ذ~ ORSfxy.>NLV:hlH5$#6 '1ފ$i$gI->F-QbWLPaYMM&6EP {m@a.(DG"hpN tQȺ& UE&֔ '"iwVƸ~ O_[@pT~l+U) Z O\r76ߏz޹!4.M%qRFs[9hu'Y3C ۝g6)䥁^N{ 0<3w;E@Vby(ě&redx,Mn5 K$rZ3۔+fR [_:${\FCVz;z+?M5EGޞ % _7Ӣri˲ (k'aiRaR #tj].x)Ǔ~#ͱ{]w#җ&vȰ!YPw#e_'.\g ~ʍ$is&J#;b}ipVQXm5gske;"I,9hʥf;|;+ɤh댹=yravf,Po;/X}3ߡe } -)i",j~/ea|}%ܸjs_7%Z´y F傆"(!vo7z03&[F1gcҹyGQ\ͪ2&;N>£kÂ#f-r|20O{Q3$gPC}hBBs4tFP%SE'm(S-^ߡ:69z1'jZC@Mbf8:ǔ~Tl(G$ᾌ`ޮE/VY PXOn),h#RyihM;1Ud#V&`I ]1qLwx9>;5(4&g6*`>F­INJs39}kpVүe9 ~B6llm2[ H JngF*fKB1AVvhps%J \bؔN,R973Q8j9_ݴV$pД+Ό/s,3+Nөð'\iSHs Sٝ;99}IkKǶPݰ4 {[{Tb#K.{F%"Ȓz^4+84Wr?QYOvc1:v x|}sY4 q b>&s?,g="8{H(#$%e<2W ǢH-.kM©vXxÆ`xFt.={kEQҡG'y Uwa077|2IK?u~xܗÄo8Q6j%3iҳN-=3$-#*gɾcLH DN#$F=0WRkP+dϖ46-2(};:ۂa~;Z-K %/d+"dj! -OMg\FĤUZ8e=RK] ܁zgI-Z\:RezF\okv)? |qFp_s϶HD)9S"㼹FRxP/?6Q2eGڤY1=k .%b&Nm`8FF&TeX\cfwhsY hP ]%2X@-VJ´ndv[ cﻹZ&po,Y={J#nxOmC{cT&RM>pT~k(KGݠEG 6PF~ 0Zޡkmsmi]0s-!O~t9BI=ʐ@ c\S(rW ޒ97?T|>am@a6!V;#Tn~*y6YodK~KWt#Qh#[ CgK Q3-KŮ/)Ŗo#ƣ&CQCnQ4 9k`JR@Y ?]/QhܛO`\9:i 5O $Y)e8-BZXdfth8WnpBٴfM'Yr=z5[.C)RH'g&t-_>ΈʄLBǽuS;%l9R;rG \\fJC )v-p&D0ܔ2#{QǾ^%9'ͥ{z+ `8;F>I n3۔zݻ0`ځvb+/*mUJklo-ң`W=^RX??|YcoRjP}3ɧT$[d3 *fs!};\^ZEsyƦR ~Jܰ!VרJK( $(,+c[LO.?*AI4,׀CCLdHKN#Uվ9 8!)r[ܪU{&vB;1=4e}4f 4xP}暨H|.ޟ"wͷ%7?S}"R:(khl] 'MhBl]o#C!o3J,)yMS  fιDde_W3B١uPZx ~jbi%7s9c'mrao&aTT:isM/Gx֠3] 4Q& "[pQjUB ";H5-,4ja{W*n_y Dj-K4^xiGWl ِՆ/~t$N>S0w:J*1"/+8d)/kf}eehɗ i5ĕ =% xVuVtm]q~gf60'bM!Od%VVB`!+9Ej5eY~9l]3)`( z^r ^pmS00 Í_+&,OwD{_)v_G(Yۖ]$ܤ4K7484 aVLb sur(mc =Xox'^zCJ/1Q̻F2x#ǢxMx,Pl[X :}$9笭E73kr>d\d?RGDm=u!b8";Wq,ߍͿ4$#DvGH|N{3A}t JKDRl6Gm.|rpD1gaw~s}#!F4\1AtR$c+4tSל8_6)3FCKEUaf6|KN}`)%'Z|b.98l553SNSMM,bx[H^Yij#4Qy{:wDo8&GpZ&͔_|N,0z\$~$>;C&n6r(i*˕tTx Q8}>ٴaa>q+Bֺj"˦"j&ڂ G|P`K-͘  9z"AЇ o;="ٍLv1b(-TqCM٬ f6 WÝoy j|p߻t#wqm*21 Kb43>)RѕѢcuO%GK : ѣ?/~aκ;s0ܦD^WqYD\lNEўԦمy(%gA0z?`VfOgRИ#ţwa{j,7јMyoEwH5S5,*#o=6-zVC{?B p}St#"y^\Pd #enUeGx aN%5 oeO;:Y.f S]U[B|H@S151Y$f>SQޞafڍK}LCߡ 9_x1}m39yNt8?ՐূVXN2zp 8¯AZ"5gsWW)g#v#02 jF/K<2*[C,C/,G*ԋ!ͱ&Qޔ|$b}u>HpFtWlОQTKHӨ|7Iu]o1'S0 Brt 7Q`·!%1>>qYݕ+So*v^/MYv~K87dYt4 Ø6n]TK$, Z)o&<9l ˣpcHpQ EkN6oD CQw$ K_yۢ(1-lĹƺ/}rByrc zMYTŝMGy*ϒwIL3Erc;c\Z`VޫXl\_ k·C.Lbz?&u}PקO -:ecN2,͝tMy79se;&XQ<1OzuXJsͶ,}=zEcNXk(TKJcbf/ةK9nq* VmFMEm}8 .:iJKAY#u ϸ&SY"UkCz;@Fr]=isOG C61@]u1^(߰IBqѩd<,"3"g6 pyb)y?GivIȏXF8eH0avFlqC3,=N0PPXݨhv}B+[޽m$\L凸 [Sl2 gYƳkU%"/qIg,1ƚH8 4 d'd;zkf{?Kʳ k# `ľևv3ņpr` |s(O#8?M3_Lή!ޤ ҇Rs^ qj%=;~DŽܩH/L2V)=ޜİ]aN " Mo.i,ϞBl,8Fọȥnc4X)8ށ6,~䛅 |ȅi[mdS+-~  /vAC3ﰩku{o0̤\c>ΗqUjA !N5`&<V#9LT%pv=mDzT&Np.iWF%P4g c>ڱOU&:bv