nss-util-3.101.0-7.el8_10 > 6 6_6 3!pQp)Tξ7]mtZ`f褋 ]mtZ`ŔK'+>6TLmG:P0̓aSZTX,eMbfW_Ғ2ؽdxq/[u)uKK39ǫV$lw݆x #G6OO4HM`ZI[&rdGN2AkFfQO 'ܵvsv09dƤatV=jX6AA0I..pFǗ|HFC!rCI''ړxde)%H)@GL̋isOP2 T%@hRiLJ.Ć@zgV!20{[o@@6TrZ %4Y_a:cGQGPsK;s%?;sNԪf%+i3?#4GiS}x>p<?d   H /5<T ` l    4Lj(89:`GHIX$Y\]^$bdeflt u$v<wxy"Cnss-util3.101.07.el8_10Network Security Services Utilities LibraryUtilities for Network Security Services and the Softoken modulef蓿ord1-prod-x86build002.svc.aws.rockylinux.orgtKojiRockyMPLv2.0infrastructure@rockylinux.orgUnspecifiedhttp://www.mozilla.org/projects/security/pki/nss/linuxx86_64$GFAAA큤f蓽f蓽f蓽faQf蓽fc4cf23f1f5efbb7b23f2c1fbddc24e2e6a8e3f575aa1bec360b2bc67b416a0fa04a20c1a32d1f8102432360b42e932869f7c11c7cdbacf9cac554c422132af47f4../../../../usr/lib64/libnssutil3.sorootrootrootrootrootrootrootrootrootrootrootrootnss-3.101.0-7.el8_10.src.rpmlibnssutil3.so()(64bit)libnssutil3.so(NSSUTIL_3.101)(64bit)libnssutil3.so(NSSUTIL_3.12)(64bit)libnssutil3.so(NSSUTIL_3.12.3)(64bit)libnssutil3.so(NSSUTIL_3.12.5)(64bit)libnssutil3.so(NSSUTIL_3.12.7)(64bit)libnssutil3.so(NSSUTIL_3.13)(64bit)libnssutil3.so(NSSUTIL_3.14)(64bit)libnssutil3.so(NSSUTIL_3.15)(64bit)libnssutil3.so(NSSUTIL_3.17.1)(64bit)libnssutil3.so(NSSUTIL_3.21)(64bit)libnssutil3.so(NSSUTIL_3.24)(64bit)libnssutil3.so(NSSUTIL_3.25)(64bit)libnssutil3.so(NSSUTIL_3.31)(64bit)libnssutil3.so(NSSUTIL_3.33)(64bit)libnssutil3.so(NSSUTIL_3.38)(64bit)libnssutil3.so(NSSUTIL_3.39)(64bit)libnssutil3.so(NSSUTIL_3.59)(64bit)libnssutil3.so(NSSUTIL_3.82)(64bit)libnssutil3.so(NSSUTIL_3.90)(64bit)libnssutil3.so(NSSUTIL_3.94)(64bit)nss-utilnss-util(x86-64)@@@@@@@@@@@@     @libc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libdl.so.2()(64bit)libnspr4.so()(64bit)libplc4.so()(64bit)libplds4.so()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2.5)(64bit)nsprrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rtld(GNU_HASH)4.35.0-13.0.4-14.6.0-14.0-15.2-14.14.3fKfxff@fqvf@e@e@epb@e\d˖d\@d\@dxb@b@bγby@bba@blbbb@a@@`E`ݮ@` @`ٹ`̊`9@`Ȗ@`D`r_@_^@___@__"@_"@_"@_!d_@_ L_ _@^^@@^@^ۅ@^4]N@]]߶]e@]M@]µ]L]]^@\F@\Q\\\\\\@\I\I\U@\ `\l@[[[u[#@[[W[O+[M@[ZZw@Z|;Zo Zo Zg#Z ZZZ@Y+@Y{YY@Yn@YV@Y@YyYm@Yg`YJ_Y1S@XX@XX @XXYX@X@XX~@Xx@XoX>@X*X@WW@Wt@W~Wv[@WrfWoWm WbWQq@WPWJWDB@W4p@W@Wo@W@VV޾V޾V@VяVIVɦV@V@V=@V@V@VO @VHsVEV3[V UYU@UU@U@U>Ua@Ug@U[%UUU @T@Ts@TTء@T@TÉ@TT@T@T?@T:m@T"@S@S<@S@S@S @SSSSpShS(5@S@SRy@RJ@R@RR@RSRR@Rm@Rg@RD!R@RRR|Q@Q*@QQ@QKQ@QQW@Qw@Q]k@QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.101.0-7Bob Relyea - 3.101.0-6Bob Relyea - 3.101.0-3Bob Relyea - 3.101.0-2Bob Relyea - 3.101.0-1Frantisek Krenzelok - 3.90.0-7Bob Relyea - 3.90.0-6Bob Relyea - 3.90.0-5Bob Relyea - 3.90.0-4Bob Relyea - 3.90.0-3.1Bob Relyea - 3.90.0-3Bob Relyea - 3.90.0-2Bob Relyea - 3.90.0-1Bob Relyea - 3.79.0-11Bob Relyea - 3.79.0-10Bob Relyea - 3.79.0-9Bob Relyea - 3.79.0-8Bob Relyea - 3.79.0-7Bob Relyea - 3.79.0-6Bob Relyea - 3.79.0-5Bob Relyea - 3.79.0-4Bob Relyea - 3.79.0-3Bob Relyea - 3.79.0-2Bob Relyea - 3.79.0-1Bob Relyea - 3.67.0-7Bob Relyea - 3.67.0-6Bob Relyea - 3.67.0-5Bob Relyea - 3.67.0-4Bob Relyea - 3.67.0-3Bob Relyea - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1.1Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-17Bob Relyea - 3.53.1-16Bob Relyea - 3.53.1-15Bob Relyea - 3.53.1-14Bob Relyea - 3.53.1-13Bob Relyea - 3.53.1-12Bob Relyea - 3.53.1-11Bob Relyea - 3.53.1-10Daiki Ueno - 3.53.1-9Daiki Ueno - 3.53.1-8Bob Relyea - 3.53.1-7Daiki Ueno - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Daiki Ueno - 3.53.0-1Bob Relyea - 3.44.0-15Bob Relyea - 3.44.0-14Bob Relyea - 3.44.0-13Daiki Ueno - 3.44.0-12Bob Relyea - 3.44.0-11Daiki Ueno - 3.44.0-10Bob Relyea - 3.44.0-9Bob Relyea - 3.44.0-8Daiki Ueno - 3.44.0-7Daiki Ueno - 3.44.0-6Daiki Ueno - 3.44.0-5Bob Relyea - 3.44.0-4.1Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Bob Relyea - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.41.0-5Bob Relyea - 3.41.0-4Daiki Ueno - 3.41.0-3Daiki Ueno - 3.41.0-2Daiki Ueno - 3.41.0-1Daiki Ueno - 3.39.0-1.5Bob Relyea - 3.39.0-1.4Daiki Ueno - 3.39.0-1.3Daiki Ueno - 3.39.0-1.2Daiki Ueno - 3.39.0-1.1Daiki Ueno - 3.39.0-1.0Daiki Ueno - 3.38.0-1.2Daiki Ueno - 3.38.0-1.1Daiki Ueno - 3.38.0-1.0Kai Engert - 3.36.1-1.2Daiki Ueno - 3.36.1-1.1Daiki Ueno - 3.36.1-1.0Daiki Ueno - 3.36.0-1.0Fedora Release Engineering - 3.35.0-5Kai Engert - 3.35.0-4Kai Engert - 3.35.0-3Daiki Ueno - 3.35.0-2Daiki Ueno - 3.34.0-2Daiki Ueno - 3.33.0-6Kai Engert - 3.33.0-5Kai Engert - 3.33.0-4Kai Engert - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.32.1-2Daiki Ueno - 3.32.0-4Kai Engert - 3.32.0-3Daiki Ueno - 3.32.0-2Fedora Release Engineering - 3.31.0-6Fedora Release Engineering - 3.31.0-5Daiki Ueno - 3.31.0-4Daiki Ueno - 3.31.0-3Daiki Ueno - 3.31.0-2Daiki Ueno - 3.30.2-3Daiki Ueno - 3.30.2-2Kai Engert - 3.30.0-3Daiki Ueno - 3.30.0-2Kai Engert - 3.29.1-3Daiki Ueno - 3.29.1-2Daiki Ueno - 3.29.0-3Daiki Ueno - 3.29.0-2Daiki Ueno - 3.28.1-6Daiki Ueno - 3.28.1-5Daiki Ueno - 3.28.1-4Daiki Ueno - 3.28.1-3Daiki Ueno - 3.28.1-2Daiki Ueno - 3.27.2-2Daiki Ueno - 3.27.0-5Kai Engert - 3.27.0-4Daiki Ueno - 3.27.0-3Daiki Ueno - 3.27.0-2Daiki Ueno - 3.26.0-2Elio Maldonado - 3.25.0-6Elio Maldonado - 3.25.0-5Elio Maldonado - 3.25.0-4Elio Maldonado - 3.25.0-3Elio Maldonado - 3.25.0-2Kamil Dudka - 3.24.0-3Elio Maldonado - 3.24.0-2.3Elio Maldonado - 3.24.0-2.2Elio Maldonado - 3.24.0-2.1Elio Maldonado - 3.24.0-2.0Elio Maldonado - 3.23.0-9Elio Maldonado - 3.23.0-8Elio Maldonado - 3.23.0-7Elio Maldonado - 3.23.0-6Elio Maldonado - 3.23.0-5Elio Maldonado - 3.23.0-4Elio Maldonado - 3.23.0-3Elio Maldonado - 3.23.0-2Elio Maldonado - 3.22.2-2Elio Maldonado - 3.22.1-3Elio Maldonado - 3.22.1-1Elio Maldonado - 3.22.0-3Elio Maldonado - 3.22.0-2Fedora Release Engineering - 3.21.0-7Elio Maldonado - 3.21.0-6Michal Toman - 3.21.0-5Elio Maldonado - 3.21.0-4Elio Maldonado - 3.21.0-3Elio Maldonado Batiz - 3.21.1-2Elio Maldonado - 3.20.1-2Elio Maldonado - 3.20.0-6Elio Maldonado - 3.20.0-5Elio Maldonado - 3.20.0-4Elio Maldonado - 3.20.0-3Elio Maldonado - 3.20.0-2Elio Maldonado - 3.19.3-2Elio Maldonado - 3.19.2-3Kai Engert - 3.19.2-2Kai Engert - 3.19.1-2Kai Engert - 3.19.0-2Kai Engert - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.17.4-5Till Maas - 3.17.4-4Elio Maldonado - 3.17.4-3Elio Maldonado - 3.17.4-2Elio Maldonado - 3.17.4-1Ville Skyttä - 3.17.3-4Elio Maldonado - 3.17.3-3Elio Maldonado - 3.17.3-2Elio Maldonado - 3.17.3-1Elio Maldonado - 3.17.2-2Elio Maldonado - 3.17.2-1Kai Engert - 3.17.1-1Kevin Fenzi - 3.17.0-2Elio Maldonado - 3.17.0-1Fedora Release Engineering - 3.16.2-4Elio Maldonado - 3.16.2-3Tom Callaway - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.16.1-4Fedora Release Engineering - 3.16.1-3Jaromir Capik - 3.16.1-2Elio Maldonado - 3.16.1-1Elio Maldonado - 3.16.0-1Elio Maldonado - 3.15.5-2Elio Maldonado - 3.15.5-1Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Peter Robinson 3.15.4-2Elio Maldonado - 3.15.4-1Elio Maldonado - 3.15.3.1-1Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-7Elio Maldonado - 3.15.1-6Elio Maldonado - 3.15.1-5Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-1Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.15-0.1.beta1.2Elio Maldonado - 3.15-0.1.beta1.1Kai Engert - 3.14.3-12Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- fix cms abi breakage - fix long password issue on pbmac encodings- fix param encoding in pkcs12 pbamac encoding - add support for certificate compression in selfserv and tstclient- Fix missing and inaccurate key length checks - Fix chacha timing issue- Fix MD-5 decode issue in pkcs #12 - turn off policy processing for pkcs12 and smime - update the restore defaults for pkcs12- Rebase to NSS 3.101- Allow for shorter ecdsa signatures by padding them to full length- Fix ecc DER wrapping.- Pick up validated constant time implementations of p256, p384, and p521 from upsream - More Fips indicator changes- FIPS review changes - add PORT_SafeZero to avoid compiler optimizing a way zeroing memory. - update the indicators for this release - allow hashing of longer than int32 values in a single PKCS #11 call.- Fix expired certs in tests - Fix CVE-2023-5388- add indicators for pbkdf2 - add camellia to pkcs12 doc files - fix ems policy bug - disable ech- fix the change log- rebase to NSS 3.90- Fix CVE-2023-0767- Fix QA found failures: - remove extra '+' from sslpolicy.txt file causing test error values - only use GRND_RANDOM if the kernel is in FIPS mode.- FIPS 140-3 changes- Update fips default for pk12util to AES rather than TDES - Fix bug in pkcs12 files with null passwords- Better fix for test regressions- fix nss.spec so it works in a rhel-8.1.0 buildroot- FIPS 140-3 changes - Reject Small RSA keys, 1024 bit keys are marked as FIP OK when verifying, reject signature keys by policy - Allow applications to retrigger selftests on demand.- Fix pkgconfig output- NSR Coverity fix changed selfserv from passive to active, change it back- Fix regressions found in test suites.- Rebase to NSS 3.79 - Set FIPS Module ID - skip attribute verification on attributes with default values - don't export trust objects if they are default trust objects from dbm - add dbtool to nss-tools- Fix CVE 2021 43527- Fix ssl alert issue- Fix issue with reading databases that were updated using unpatched versions of nss- Better fix for the sdb timeout. The issue wasn't a race, it was the sqlite timeout waiting to begin a transaction under heavy thread usage.- Fix sdb race condition- Fix coverity issues- Rebase to NSS 3.67- Restore old pkcs12 defaults.- build nss for older nspr so we can pass gating with the new nspr in the build root- Rebase to NSS 3.66- Fix various corner cases with ike v1 app b support.- Fix the following CVE - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC.- Revert some policy changes the generate ABI runtime issues.- Add support for enable/disable in policy. Now if your policy file has disallow=x enable=y it will act just like our other libraries.- Add OAEP interface so applications can wrap keys with RSA-OAEP rather than RSA-PKCS-1.- fips need to reject small primes even if they are approved - code to autodetect whether or not to use the cache needs to do so in a way that doesn't mess with filesystem negative file caching. - add kdf selftests- Fix issue with upgradedb where upgradedb expects standard to generate dbm databases, not sql databases (default in RHEL8)- Disable dh timing test because it's unreliable on s390- Explicitly enable upgradedb/sharedb test cycles- Disable Delegated Credentials for TLS- Fix attribute decryption issue where the private key components integrity check on private attributes where not being checked.- Update nss-rsa-pkcs1-sigalgs.patch to the upstream version- Include required checks for dh and ecdh key generation in FIPS mode.- Add better checks for dh derive operations in FIPS mode.- Disable NSS_HASH_ALG_SUPPORT as well for MD5 (#1849938) - Adjust for update-crypto-policies packaging change (#1848649) - Fix compilation with -Werror=strict-prototypes (#1843417)- Fix regression in MD5 disablement (#1849938) - Include rsa_pkcs1_* in signature_algorithms extension (#1847945)- Update to NSS 3.53.1- Update to NSS 3.53- Fix swapped CMAC PKCS #11 values. - Fix data alignment crash in CMAC.- Fix coverify scan issue- Fix endian problem in SP-800 108 code.- Install cmac.h required by blapi.h (#1764513) - Fix out-of-bounds write in NSC_EncryptUpdate (#1775913)- Add SP-800 108 Generalized kdf- Check policy against hash algorithms used for ServerKeyExchange (#1730039)- Add CMAC- CKM_NSS_IKE1_APP_B_PRF_DERIVE was missing from the mechanism list, preventing PK11_Derive*() from using it. Add gtests for the PK11_Derive interface for all the CKM_NSS_IKE*_DERIVE mechanism.- Backport fixes from 3.44.1- Add continuous RNG test required by FIPS - fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor specific mechanism- Rebuild with the correct build target- rebuild to try to retrigger CI tests- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set - Revert the change to use XDG basedirs (mozilla#818686)- Add ike mechanisms in softokn - Add FIPS checks in softoken- Update to NSS 3.44 - Define NSS_SEED_ONLY_DEV_URANDOM=1 to exclusively use getentropy - Use %autosetup - Clean up manual pages generation - Clean up %check - Remove prelink dependency, which is not available in RHEL-8 - Remove upstreamed patches- Update manual pages to reflect recent changes in commands- Make sure corresponding public keys are created when importing private keys.- Fix the last change - Add --no-reload option to update-crypto-policies to avoid unnecessary restart of daemons- Restore LDFLAGS injection when linking DSO- Update to NSS 3.41 - Consolidate nss-util, nss-softokn, and nss into a single source package- Fix the last commit- Support for IKE/IPsec typical PKIX usage so libreswan can use nss without rejecting certs based on EKU- Backport upstream fixes for rhbz#1649026, rhbz#1608895, rhbz#1644854 - Document PKCS #11 URI - Add warning when adding module with modutil while p11-kit is enabled- Update nss-dsa.patch to not advertise DSA signature algorithm - Update PayPal test certs for testing- Backport "DSA" keyword in crypto-policies- Update to NSS 3.39- Fix LDFLAGS injection when linking DSO- Install crypto-policies configuration file for https://fedoraproject.org/wiki/Changes/NSSLoadP11KitModules - Port enable-fips-when-system-is-in-fips-mode.patch from RHEL-7 - Use %ldconfig_scriptlets - Remove needless use of %defattr, by Jason Tibbitts- Update to NSS 3.38- Backport upstream addition of nss-policy-check utility, rhbz#1428746, includes required fixes for mozbz#1296263 and mozbz#1474875- Switch the default DB type to SQL - Enable SSLKEYLOGFILE- Update to NSS 3.36.1 - Remove nss-3.14.0.0-disble-ocsp-test.patch - Fix partial injection of LDFLAGS - Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream- Update to NSS 3.36.0 - Add gcc-c++ to BuildRequires (C++ is needed for gtests) - Make test failure detection robuster- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild- Fix a compiler error with gcc 8, mozbz#1434070 - Set NSS_FORCE_FIPS=1 at %build time, and remove from %check.- Stop pulling in nss-pem automatically, packages that need it should depend on it, rhbz#1539401- Update to NSS 3.35.0- Update to NSS 3.34.0- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka- Fix test script- Update tests to be compatible with default NSS DB changed to sql (the default was changed in the nss-util package).- rhbz#1505487, backport upstream fixes required for rhbz#1496560- Update to NSS 3.33.0- Update to NSS 3.32.1- Update iquote.patch to really prefer in-tree headers over system headers- NSS libnssckbi.so has already been obsoleted by p11-kit-trust, rhbz#1484449- Update to NSS 3.32.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild- Backport mozbz#1381784 to avoid deadlock in dnf- Move signtool to %_libdir/nss/unsupported-tools, for: https://fedoraproject.org/wiki/Changes/NSSSigntoolDeprecation- Rebase to NSS 3.31.0- Enable gtests- Rebase to NSS 3.30.2 - Enable TLS 1.3- Backport upstream mozbz#1328318 to support crypto policy FUTURE.- Rebase to NSS 3.30.0 - Remove upstreamed patches- Backport mozbz#1334976 and mozbz#1336487.- Rebase to NSS 3.29.1- Disable TLS 1.3, following the upstream change- Rebase to NSS 3.29.0 - Suppress -Werror=int-in-bool-context warnings with GCC7- Work around pkgconfig -> pkgconf transition issue (releng#6597)- Disable TLS 1.3 - Add "Conflicts" with packages using older Mozilla codebase, which is not compatible with NSS 3.28.1 - Remove NSS_ECC_MORE_THAN_SUITE_B setting, as it was removed in upstream- Add "Conflicts" with older firefox packages which don't have support for smaller curves added in NSS 3.28.1- Fix incorrect version specification in %nss_{util,softokn}_version, pointed by Elio Maldonado- Rebase to NSS 3.28.1 - Remove upstreamed patch for disabling RSA-PSS - Re-enable TLS 1.3- Rebase to NSS 3.27.2- Revert the previous fix for RSA-PSS and use the upstream fix instead- Disable the use of RSA-PSS with SSL/TLS. #1383809- Disable TLS 1.3 for now, to avoid reported regression with TLS to version intolerant servers- Rebase to NSS 3.27.0 - Remove upstreamed ectest patch- Rebase to NSS 3.26.0 - Update check policy file patch to better match what was upstreamed - Remove conditionally ignore system policy patch as it has been upstreamed - Skip ectest as well as ecperf, which are built as part of nss-softokn - Fix rpmlint error regarding %define usage- Incorporate some changes requested in upstream review and commited upstream (#1157720)- Add support for conditionally ignoring the system policy (#1157720) - Remove unneeded test scripts patches in order to run more tests - Remove unneeded test data modifications from the spec file- Remove obsolete patch and spurious lines from the spec file (#1347336)- Cleanup spec file and patches and add references to bugs filed upstream- Rebase to nss 3.25- decouple nss-pem from the nss package (#1347336)- Apply the patch that was last introduced - Renumber and reorder some of the patches - Resolves: Bug 1342158- Allow application requests to disable SSL v2 to succeed - Resolves: Bug 1342158 - nss-3.24 does no longer support ssl V2, installation of IPA fails because nss init fails- Rebase to NSS 3.24.0 - Restore setting the policy file location - Make ssl tests scripts aware of policy - Ajust tests data expected result for policy- Bootstrap build to rebase to NSS 3.24.0 - Temporarily not setting the policy file location- Change POLICY_FILE to "nss.config"- Change POLICY_FILE to "nss.cfg"- Change the POLICY_PATH to "/etc/crypto-policies/back-ends" - Regenerate the check policy patch with hg to provide more context- Fix typo in the last %changelog entry- Load policy file if /etc/pki/nssdb/policy.cfg exists - Resolves: Bug 1157720 - NSS should enforce the system-wide crypto policy- Remove unused patch rendered obsolete by pem update- Update pem sources to latest from nss-pem upstream - Resolves: Bug 1300652 - [PEM] insufficient input validity checking while loading a private key- Rebase to NSS 3.23- Rebase to NSS 3.22.2- Fix ssl2/exp test disabling to run all the required tests- Rebase to NSS 3.22.1- Update .gitignore as part of updating to nss 3.22- Update to NSS 3.22- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild- Resolves: Bug 1299040 - Enable ssl_gtests upstream test suite - Remove 'export NSS_DISABLE_GTESTS=1' go ssl_gtests are built - Use %define when specifying the nss_tests to run- Add 64-bit MIPS to multilib arches- Update %{nss_util_version} and %{nss_softokn_version} to 3.21.0 - Resolves: Bug 1284095 - all https fails with sec_error_no_token- Add references to bugs filed upstream- Update to NSS 3.21 - Package listsuites as part of the unsupported tools set - Resolves: Bug 1279912 - nss-3.21 is available - Resolves: Bug 1258425 - Use __isa_bits macro instead of list of 64-bit - Resolves: Bug 1280032 - Package listsuites as part of the nss unsupported tools set- Update to NSS 3.20.1- Enable ECC cipher-suites by default [hrbz#1185708] - Split the enabling patch in two for easier maintenance - Remove unused patches rendered obsolete by prior rebase- Enable ECC cipher-suites by default [hrbz#1185708] - Implement corrections requested in code review- Enable ECC cipher-suites by default [hrbz#1185708]- Fix patches that disable ssl2 and export cipher suites support - Fix libssl patch that disable ssl2 & export cipher suites to not disable RSA_WITH_NULL ciphers - Fix syntax errors in patch to skip ssl2 and export cipher suite tests - Turn ssl2 off by default in the tstclnt tool - Disable ssl stress tests containing TLS RC4 128 with MD5- Update to NSS 3.20- Update to NSS 3.19.3- Create on the fly versions of sslcov.txt and sslstress.txt that disable tests for SSL2 and EXPORT ciphers- Update to NSS 3.19.2- Update to NSS 3.19.1- Update to NSS 3.19- Replace expired test certificates, upstream bug 1151037- Update to nss-3.18.0 - Resolves: Bug 1203689 - nss-3.18 is available- Disable export suites and SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code- Commented out the export NSS_NO_SSL2=1 line to not disable ssl2 - Backing out from disabling ssl2 until the patches are fixed- Disable SSL2 support at build time - Fix syntax errors in various shell scripts - Resolves: Bug 1189952 - Disable SSL2 and the export cipher suites- Update to nss-3.17.4- Own the %{_datadir}/doc/nss-tools dir- Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer - Install pp man page in %{_datadir}/doc/nss-tools/pp.1 - Use %{_mandir} instead of /usr/share/man as more generic- Install pp man page in alternative location - Resolves: Bug 987189 - nss-tools RPM conflicts with perl-PAR-Packer- Update to nss-3.17.3 - Resolves: Bug 1171012 - nss-3.17.3 is available- Resolves: Bug 994599 - Enable TLS 1.2 by default- Update to nss-3.17.2- Update to nss-3.17.1 - Add a mechanism to skip test suite execution during development work- Rebuild for rpm bug 1131960- Update to nss-3.17.0- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild- Replace expired PayPal test cert with current one to prevent build failure- fix license handling- Update to nss-3.16.2- Remove unwanted source directories at end of %prep so it truly does it - Skip the cipher suite already run as part of the nss-softokn build- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild- Replacing ppc64 and ppc64le with the power64 macro - Related: Bug 1052545 - Trivial change for ppc64le in nss spec- Update to nss-3.16.1 - Update the iquote patch on account of the rebase - Improve error detection in the %section - Resolves: Bug 1094702 - nss-3.16.1 is available- Update to nss-3.16.0 - Cleanup the copying of the tools man pages - Update the iquote.patch on account of the rebase- Restore requiring nss_softokn_version >= 3.15.5- Update to nss-3.15.5 - Temporarily requiring only nss_softokn_version >= 3.15.4 - Fix location of sharedb files and their manpages - Move cert9.db, key4.db, and pkcs11.txt to the main package - Move nss-sysinit manpages tar archives to the main package - Resolves: Bug 1066877 - nss-3.15.5 is available - Resolves: Bug 1067091 - Move sharedb files to the %files section- Revert previous change that moved some sysinit manpages - Restore nss-sysinit manpages tar archives to %files sysinit - Removing spurious wildcard entry was the only change needed- Add explanatory comments for iquote.patch as was done on f20- Update pem sources to latest from nss-pem upstream - Pick up pem fixes verified on RHEL and applied upstream - Fix a problem where same files in two rpms created rpm conflict - Move some nss-sysinit manpages tar archives to the %files the - All man pages are listed by name so there shouldn't be wildcard inclusion - Add support for ppc64le, Resolves: Bug 1052545- ARM tests pass so remove ARM conditional- Update to nss-3.15.4 (hg tag NSS_3_15_4_RTM) - Resolves: Bug 1049229 - nss-3.15.4 is available - Update pem sources to latest from the interim upstream for pem - Remove no longer needed patches - Update pem/rsawrapr.c patch on account of upstream changes to freebl/softoken - Update iquote.patch on account of upstream changes- Update to nss-3.15.3.1 (hg tag NSS_3_15_3_1_RTM) - Resolves: Bug 1040282 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) - Resolves: Bug 1040192 - nss-3.15.3.1 is available- Bump the release tag- Update to NSS_3_15_3_RTM - Resolves: Bug 1031897 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws - Fix option descriptions for setup-nsssysinit manpage - Fix man page of nss-sysinit wrong path and other flaws - Document email option for certutil manpage - Remove unused patches- Revert one change from last commit to preserve full nss pluggable ecc supprt [1019245]- Use the full sources from upstream - Bug 1019245 - ECDHE in openssl available -> NSS needs too for Firefox/Thunderbird- Update to NSS_3_15_2_RTM - Update iquote.patch on account of modified prototype on cert.h installed by nss-devel- Update pem sources to pick up a patch applied upstream which a faulty merge had missed - The pem module should not require unique file basenames- Update pem sources to the latest from interim upstream- Resolves: rhbz#996639 - Minor bugs in nss man pages - Fix some typos and improve description and see also sections- Cleanup spec file to address most rpmlint errors and warnings - Using double percent symbols to fix macro-in-comment warnings - Ignore unversioned-explicit-provides nss-system-init per spec comments - Ignore invalid-url Source0 as it comes from the git lookaside cache - Ignore invalid-url Source12 as it comes from the git lookaside cache- Add man page for pkcs11.txt configuration file and cert and key databases - Resolves: rhbz#985114 - Provide man pages for the nss configuration files- Fix errors in the man pages - Resolves: rhbz#984106 - Add missing option descriptions to man pages for {cert|cms|crl}util - Resolves: rhbz#982856 - Fix path to script in man page for nss-sysinit- Update to NSS_3_15_1_RTM - Enable the iquote.patch to access newly introduced types- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Fix incorrect path that hid failed test from view - Add ocsp to the test suites to run but ... - Temporarily disable the ocsp stapling tests - Do not treat failed attempts at ssl pkcs11 bypass as fatal errors- Update to NSS_3_15_BETA1 - Update spec file, patches, and helper scripts on account of a shallower source tree- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build3.101.0-7.el8_103.101.0-7.el8_10.build-id91a0c6dca6cbab2f2a4100927084d252603395aelibnssutil3.sonss-utilCOPYING/usr/lib//usr/lib/.build-id//usr/lib/.build-id/91//usr/lib64//usr/share/licenses//usr/share/licenses/nss-util/-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpioxz2x86_64-redhat-linux-gnudirectoryELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=91a0c6dca6cbab2f2a4100927084d252603395ae, strippedASCII text"PPPPPPPP P P P P PPPPPPPPPR RRRRRRR RR RRRutf-8aa2a354e2b6d346fbe3c2a09674473a24e9521885ddb0de93f418242c2a4e295?@7zXZ !#,] b2u jӫ`(y0lo׿,NP+uv!'Zpm6!=e16ѝ($mfN_y&Ӵqe ^/?`C; #zKNw@C p Q^KYSC)P9qAa_1so%PzwgA+F4U]ں:\iM8J*qڏDm%`4H*rL6NLA@B&2ء.;pxR,QYEJBv4ǜWgz׬NpRݠ)[tF3x&b;R9{ 6fEǒ@DE1bzRFMP)uL˃SZ:FQVOV{(.]:P90uv6Sj&^bVZ>l`‰}['Y%RQ^㤓?Woբg_5QEHlp)Wq87ujz|N&% L&EGv∋Ɲ|$u}L@] 'V5c59bidz[MXqD\P釓1N=yT/ǥ/([(,wRx8k?Sibjw $a ͝BX^,خ=W?3WOr 4)FQ!za+bԢnհ(SLJ]k\wukW$xWX,_a [`=pLw*"(JZ}^:X)Al4YQ~7[Q30 ,]XSn] (vղ2)gx0{xE5,6uP1_ҪwJ2gwy{dNT_~߈¯й?a*=S`){'B 3ZIh{^Ohg0.)rL$x>Z#p2 v{=x|@jfJKJ&}kT}EW񿔏=}>UF0m\DkW yS_mtC'DN~>SrH} 8 %7pG}tS<,ӐMȀҰSCC*_{TLq_8S-tl 1RS6emT,ԣAȍ?SO{s,}ř'7_k7C;8ȉqʦƽn8CziC~߼dzNr𻶋v֚ম52j5:B-SR.j+_NU}r@8eSĬp9jzye*pR-S!ɩL})SuTۺf}Ebf }e<0 -D]WEH5MPyE(I}x|1Qy088&,; qp8u9 B~!\ vtkV%ioiU0ީϤkExCfTwY  8#apUW#:ӟY5i=@x}I6GV@_M$!~C=(4ҕ1W{Z]ڞD ~8JZ1, "m x#eZa&JS~Xa)aaOn8nhwi_sMw'nx+D;(z anʥDүDg犮2ξa|t-v`6 }(HRsPQ^uADM9B&HMfF]CpӞa~w"D_>9(ue\m ܔlրx}^"n; 23d1NW< (0V,Tk[a38?Z=Bl0ˮ+c(4:i6r S5ԩۭ-:yyg~q(ͬI,PJWקd_6;Z! vHmn5 +a,MEOrT"n:-/ /ēUEh?r^VM DFNY f߬ѴXP 0y#vzl#QTƥa7x~(XWF  /} |~(M4dа\DrmUZGAOw]Afp$r/O=.=Ůꡀ0W|\O RkAKB}`U|07xSYETv)®Е\*t㈎QK[$ma?Ә2)-i}_z{ÔHEp)/Xp،C'DЋ[Rkl 1IٍtŧZȀ@鱴X^ZrKnQOvM"*[@s)"a{2%a2p5g,a T+}:>5eic}ңYmc1|JqhcSwyc(.J@RN0bm A~*5v_>qW kV8~*xtl>lasIZ g2k"&I\7kw7YbJ\iW Os=%8̔-r/=jW/k]qh09.g=%=kT8Cvhux nX-ׄ92 ]#>U^-/'IEvIBO!njJFnJ_s{NQ⬂vapЭkyrVn g\;M,x5lcMO(iM'A _(k4F7*\ycң,_Ej̖Y} P/:!(-n8\dكhy̽aY@n28I'$:( rm1UABPWQiԥ1%u;8>ƉQlӋMSgEPjhq71c=@5(Oi%Ԉ3P@^*wxwj8l"0U/b;+Di .]2efLl  J‹a1ʤM֢޵ I 2fyJS5~+ڣ(/u+OKչpQIS9GX5B_CӇYyCAnlEMzHv#Ԝ_O*@4w t#F :XI(_%qt 񭆗T4'4A=I^Dd\r:!L&G'@t?ğ@.A^X"ߪvگ1 (R`FiߗTuY#hY+Mb胺I-xAOd fe艆:jn;3961`5!OHүؕ>4/P ʁbU VѨ=$˝uS_p.+r}YDt~ZbWe) t xG1%QOz ׾8GvOCʂC3]ǂѣgLNJf@صy3XlH='+,[g݊_[n#t7!fW['I<./Z &3- ~Y'?@2yO^Q{ֹzZpQFNU깚YX>@OQ綎Yr46WFU*6MJ(Q-e›L_Xtmt9hrdR= Mlr{Eh~KAZ¹?awzg +H6A$0 WuXK/atĪWjhfFU>mLHZ終=wM#A0ѣ7>)-UPǶI]o~gV̘e=%͛lz祆{fePKkߩsd0I@S~ՠ)qyL\ueNƕ,xpѤ BC1 PO[f yt!eފwd9ύ᳌a-ա͓ϑwtNˊ?R} %wvZ=w9qo!Z?AEQ֍'O˜1 uЦ7BJUTb'نH@xxȓ)Cbre+ L0Gg5OEZ'ne:H p=P^KAp_>vs|HPaZH?P3~n~+B#ɠ^SmT}† ~jrj vb6\+hov&:5|\\MDt%NێQaDѼ|-tōik;(w2dN bH jL:]o_U}w>qyW*O᪯Ȃ뺆ܫ/N ZY|lk|l[QSb poЋP\}k\T֚ )bjHɻuܡR˦dX9Num%,vK2-MI:T̓K^ps*W4 §E%į9Ԛ?~P:V?KE3$@~-}/2#k9{B`x(c~m}ibCy}1;zēku #myl"SAٲsݑ2 8-Ն4~yo˿#x3x&haΌC*T]04=H1#v&{]6]w|ogy1<Jq|:,2>oqK5m ˾ѩ? KڅWd{ Ш^%ZkͮKHSIzn }ĕ? E#N%r!0H(hE45개 nz^d9P yۋ +P۪31H`t3[bm`W]q,¤S4GVP_"Bf)2ճ}׉C%G#F|3?T'HFvք;$ Y.^TczG%8?mZ~x.˿Cb1kS`:pj-hupW9 m2mj~(q_$!7XP̐`wzujoMyzj8gNS'̤5 E-~et~juwn6kԣK%ҒKT[5C:$&t&n1b`thBjaTE| .V&WhRn p. s~NhҒqTKaJ!U4NRP(׻Ru<{*DR#Ӥ"#d1ȭN:lΥ̨rrȕx es(tjߴaV}FN*뉆WG[r*0funB1@dhq=^`}EE-Mz[N)B} OA2 e 5T'~Xߚav[N"w i2a5(BY/Ԑ}ك~x ('-؃u.M2%`L}'!N{xw,%{OW!gWѺhW5e]T ԭ),Yއ=q<޷wm-zy噊F^ͨb^"bR.މOADc^O9nvY/Gj-#GW<.9M(:Hd[_NJCrVC^ֈxVI\lb'M ~yn'v^2Ȕ1Rm1NhU&R?W3_cet/PG&QfV*b!K 74HuDJ *_集>qAT¯k;dNq~PlqB/Pm#,KS`e$>]9aHtE{s_޽[h, 5<T3'fbmI7R0Y.e_| ڽX;54OZۑ-U(ZLNy\oUկ9)S 膖Q.4%;rֺ2Bv(p7T⡨{$%N4R^&$y{_^fk3@JTH/ R8x_:$ L@M}33s;(ÊSQe B*Lk yJ02n&}r@g9ou$7_&ΐZA2XA&XN/sqn<̇qWŦ 4Oā_FJ>dpn< $4ܾ<ƾVF#u2(Hཹn}~m> 2‘`ʉb s)C۱ª-Q;U%%c`(*EC\&p@YK_8He_~tߴ"S;κwzd 6@/1Q%/*ok?l0~ϴH9%%4)|pkasp5 =hk }yݛn/@n e c~\|Sg1*+nJ"}HfhR0!u*{:_p&6s(|9?K2QΥ*Ed~p-WC1XD~QHp|U'C98B曜R#| qR&5Lx^6 lcB 2i3_rt/%xXs$ʻo=IJ4Mw:yUXxu.a;>p;{Ca%6P}6"s<.j-&"Y둷';a9,+x ]ݝ[`k84I*TBJ0 -LpzF<ixVC$][Vjn:ʖ}MɡKlw*OCLq6@_Tܭv3pCI[-9>*O~G=>p{.hwc2ÎpHkjJИ_)EDZP1i8ZwwPDT#J?'~&;#4RΟry܀hy?gGh)u/kT2l"-|qoOؐȝSV\c<&z|bE.Y_͓("@dfDnDO48Ko0 mC_&@4Fn;Mx,t-d>۪6(n0ա$-ԣX=y[8f9h{  ܉U@h.DEqL܍yz};SEõ>!r)' x˨%S_tb{g,W|܊g$P-a8gE`U)Ι·u!O,m3s{0+X 1E#2(7 Ĝ+&k \ 7`dH;_5pS ;H\wbHfКۧIMb&:/*Y$S@:1qd/iQf'(bgxS0 |,e0#T|D /~@I!v2k#R\0M+<~} slc.B5Sqw9V,Y}}7{ܛYCU.&X7R~ %S՛~ u3 >@j.ȲߋIe}#*9mccBH]A-(Px[Ee*5/ʣ4^"t2t߁d; 7=o3c)ᖄ9ߪHmb8 `}"eZt*G8uC|z}V vw EuIlTj25` -ā0ğRSi e @SnY%1Ʀ GȦ4/<ڬ+$$#yF,FJf*ӗc"r3|]nAe-Mi)QANM Of5=ˮԀ{x{⽧,V]On\X"p:ΚC<تO4\TlD JL`Za,\.|97O:]{T9eOTIO4mL1~ 2͐cFEQjEmGҾ(ޘP!SQҀ+A4J?Hhz=o5L}XL?Q]Lan"!q+Uqv]h JĦS50p% ö]WFN;+K C\Y}v`se]a92ufh5N2然\)4}o0ۇ# K>g }h(@),JZ ҲN ŲK~8w>DWZ  ќz bA"bѬW $[zjsЦ퍜qpĠaʞfFgW+Bu1OrcĻRw=iEthh!ipm(g:StVCMHR,ۋ]̌.mwIbՅ!B}$W/4.Ȝ~W9]ϊ 7||_(N4 x42u5$8xIG(f| _dv1LUuMŌ6jCuoR(+>Hσa:#FaWEx;[9[SȱꮼawȪ M&G)#IS dء`ew&7nIv Ǧ)"î M;TU;c>\o6XU]i$6F(=!hTH?-A,F]: VB|_eZ0ɂ~01q3]P AͲ.3\IU/g[̍>h,gp-+JAqMi EB9יVjB0lq"[sbs l8 ghWHյhsn+2t0/_Z ?!N-^<ljbwy ^gu]xN5:'`1#ғ /_N":c24c3$\q"P5fZ7`nbQG**OG??T!j Ni#ڦfm*9[eEJNJ0}^a[83۰@.9f'~FF9G&A1Ԯs{LEa腓qm8-zim#w@ԭ9̾Uw Ԡ "`KI.(t#XF4&wxc,$Ԕh*.!ͤDNi}T7(pnWob&m ěE MmDaJ-_tR-;}" ~ٳ)}gw\_FK\ɬ{jmO=rњ D̐QɹJ!0aoI> ų~BJ ̷w4Yˑ!*=(T3ۥ"h(q˜6Mq4XvBӶ+>¸L?)bԓ7Uv8;*yME_siZNC 5rE)yxDi!@rTو`c,~iZP+w['XLMŒ0 8߽)&/A/LlmX6r"BΡqU#k%;I<\{_`MO,Jl`KFLK)( :{Z)58`!ӫCLfײOϔ\ t >Y7.\5VqxӜoNr޶#XqfT",3@A-j2hw*vNhφ^✵"bT0,6%b,:<]OMmΙS'gA0yve a`VK]^*\m'N4ޘ\nNvE'icxc[ѯ©r;MT=Q 3x Zikr4: Vh)Ӥmde3ɉɩE= fE5Ԍւl >%:z~omn8i:OϮ4M$9! \=HN4sd5}}Ճ\fw`#g7[ &<9c |98P~iR2gD0RPm|{ v !-;НđdtY=hr%~v>e]0DT˂a }פ;b$e:AMYow0då{* E8Tvdѭj.NMO^><[쩮:[w!0 c-d-b俓Yx:-5kڼ|\V#7<`^\Рp MlQY\*;7~ c jlqxxqMd`ܵs]6,#A#~䞚2}RZY Ոo]=~\x) e\Tٕ[ S̻buFn q$^U+'L9cCsW]q]eKwޑ]kS9(ke6I#Kޚ2s_ldD `d Qב6pRj:)zm)P͖Ss ӆ J$)l~H+gPQg~(1JG}Yw./;ӲY5T zsv#F%?t@Bۂ_:}$l_hKs x$r$Y `31DN2W.r){̨~@Z+{ӻs%%([&E a"e(zٳ#u3C@γO`dЈpda[PZ5% 8np,Dvֽe5#jaE!EuN1{%L8NwqoKB'֫}> J:8=s( Lh?#NdSUj Bs{  S@| Kd.%zLRed'L` Ω# _/Vlg=ތ OfEFՎ}2[>(鍃jmpHHp>?Qt NxUn,`%{7ypv;V͑JO.,VLD0mfMj Ģ}p #m {l2n;|@էDBH93g #it49⃙tt$]L^ L~"s_KxZ_Zҍ_ ~Fn\L${ͶK͵ :WS;ؔ p߻9*+x1$J12lwOi)~j#n] Vtw8yAVm\U^6LuhHpwiM J^ZނDZV+ҳMn~~ =zj 3}B)I@._ ̻RvutCx#$x_6h.xh` cmP[n8#v/I,$fY{hϪ,⓷\:viwjЕbӕZo# ˀ{11 _pkMbc| YaBkŧ  M5PfT?>)YC ?]LH,E-a˔/~.:c{i(F`p U`T4r@Ad=7VX\S`E[M]+zU% h ˚@gNAuH C6T3kgYeh -·gR7;ه6}XgK{Z \_F%ܺE@PцˉFWTDZ=EO [@ҭ~ |6>|,jN9kyF?07zvCDoUD #8:R8]bTa |8;Ñٝ=3>}YH,g9siq6MڤN:'@B,` Yfb2-[:\JͅM]?Ol.*A5% JoiŦD N*{{HГbRr7”4LGβ~ 7a&W Dt7ְ[\Zz˓ڞsV12|LX\O;5ftFl+t7$)S[NrFk X`P^㈖Y$"Ar\RW)~gB: |v`/] hl 闄Uvh7[~ə2UyPP e_/xGJL2-x◩{_i(!SW$:*V7NUEݹ: ͗"?;Ʈ Rtw]!V.1*bN?gTϧg+z|hy >#C\=̑+j^l6'!J0HWusqH/uESkSowmx<_@߄~pf"RlǞfzab +o\?6f=!|Z/@q95D7xԮ:i|`A6Jggsiv|9<ۼYz^ QmNom,5VYd&C_sicr9s=3Sz?>kT!33|aqO 2/myЍʣy>:R%s_qߨ#"8H^;4H=41c(Ma;p\RbWBy2zIm\9D984bz0P[½P@] z_~ZI[+ǹfahE>`cBC:-y'eX']+n E0 f-{jS͇p*!l2M;.! m%w@dI~@}b \jaH@rz+ l!6޵t LQWB@1*&{( /loY5z! ,Bxesׅ#o;˯sz4{ԇ۸N*P*兟*ggi|jX 2iXJ:޿sBpKݍhK\r js ;.|bߔ)g#""pSdAh LZ#5pWW}[zڥt{A,Bׄb~|ުw[~>G ħ=ݏ ^(ΰ1)7kٴFu O3Lԇڣmv|%]GpIsAc'4+;q8p Q2Ad.+T3-ԉ˞4ul~öH0%}vÙ_Aytf6YWkuu/ǝO9쭍ƛdQSHIO(>h8 ,w4'} y^=B ?sS "imǥfb$kPƯ-O]}@V)vs8QB2K YzX켅:O 8͡#uheHk>XLķ<}a[1n&#ވLpm ̱B8%t*/Ѐoe/Lm;W;{UwP]|/gӫ%Zȴ˄ffZyMh"G1fp8!DSߗ\`ly@g>f1weRe^%!+Q_ BSWb0!V@XnF_kpTNq~#M,F78߭J(_FaB|cHYW!´Ay*6 Rfnj&!͋Paz4F?:h)únY rH 8B섖?A%Bz0VP܍ECְw4D*PKQ۪,ġu>0#mM)1} Ԅ:mſޯw˃ŕA>/XZ7O|T$s`6cd~!8]6f'y;>_enfIɘX L噁}9^Gⲁ znIc֊% &x뜶ns<J zG~ݡ%@軰R)i((КMHC#̗z駀}BDz3}z((*y*aԎKw"[u4)6yBG )5`Hj74V obꬮ8{x'hqavУ~'^Lb#,n_ڿX9S9iUsZN#A '|oQa1as#3Fb,uWt¡#Hoڌ+nfߛ4T{_z8:Ӝ) 5F,;]$q.JrE{ s57rIq!)!VU# B'kv6 -&2 IQAIUaC]2h˾b+?Lhj yn#"J^`U[?m "Оe  j"W??>쬡m1~/n2-F&ےuU:=gFf{=DT!eNӛ!C; ,q:wz띭=[W\RN|un"B6ves&To Bjx|͇F+53H)Z#ݫdVppnu{{((Ί):N6V{Ɵ?=vń)5Y_C9ǘ].wyvNk0EFA=Rݴj-! ԑN= gnK*:UQ"9F-;UtTD!B%q-2ye%i f y bݥ8]b31k\9bDqL2S}ȕ솢H;d7;gF.Dz%1;-S}ʎr$ 4<%̋kh HFd")]_Cqaf>ؙ=IF%5b2 ]Fv[l-q-R%|0E&lpLo@3i֔ [X2˃xPNZ(/eϞ'-1sHuTTd^ s{7r;G:_fǞRJ1ꓪvCp1%k Rd!%VK`d-7:, lVvooގ||E%8?|9f"=TP5r6ϥ|:Jה0e *nD553:z 8Ll2xi-%i0S[sJ>x'F fŨY'.JtKyM#4QS̿b8IhAQ7vHJ$u# w 8GH'Ūb>)R PӻƳZv$2:>c}? Nf=b9Y6gr!1%vb|gtfH:sw{Zk-E2y ߢqn{^Ez ✈s̎G3j:Kݶ"b׎8}'+W&  SFŚ/hRWx;KUqdCCEMܚS ;΁IX8MT&{ø}f!x.3LR)ͽ?6.tWw趘9(7T*CE;4-餠7Z,gF_E%: <hx_@vkR=3KCI0*RÙ7- =Gk$ພToR6"3[J`@KOc\+ya8T+0 CWgij̥wR(x*Y'\}2 e nZ螭|x0@m EO:˾,j}㒚:u]uoΤ!xE^pEcqKr11Qbv2Ȫu!yp&*džuw+_JtM!pX_CLv,](;/( @r KVXY-П~)jȚ}T[=%3r*lEk(~G[ Z'6<[i9]4 ߛ~Њv`am=%j/T^Y6bW':a#.?3!xgVHŵu.N2*OUP+|eO֙xV6T ڋzFKUlI^Ă[Bܸv4oQ0f'NѣZ]I%ä/ o&u?&"\J2BCFq%)[-˧Y(.h^:`^=;,Y onS%r\6x/?hX)E-%!AQ!ۣpMnjuZ˜u6BV6fNxnGhF|?wdELu 2@]_&}TV64heDtp}7͇l߾wԂ]-O5'f-:7pEE;'6 Zj>[!I"p]C]NUȱ Ӫ0'ᤗՔJvݭɮme!omv3 U`9EI.R?tj.`xRKc ǽc-۳҈Wb'$:=`Dl= PS-o;9@ֱ ji!J!q}71Sw/)⒔!c\4@uߢ#;6궥]/s U<- vp.V^a:q*H i4!As @_4=e[b cQNll74="0Sfdy4b},w+p1dM}O2^e.\?dQH)PڠhwvJ&&Zebi&F\O=+ ՅՔכ1OsM :Hԋ,@RK4{ΠYg3',qZ4;{V6)ЧJ#. 1Sk&)+p dD|9n_˻t尻zSR?n[=UZT p1̋~53J]8xTw3|S/iH?v f~ b:Xpfy\QɅ-Rܐynz@Uun>ƗMv9yQ"Y 8H#E.Oϯ鑖%sI5S,]50 za0!Zu 'NGvaIQhGhdt69 9ѓ `RNI±Ѕ~$h7зчK',ٍwca>j~a*K0}wN[c&!Rm[4$?0+` 3s4Zsv! R|Vw3Z qM޴2["f~l\j|63$i}Ӿ;m e0cV(8a"3t- Yn\{beQt;Nk#ˁheZt5vg>OXWRR5j #]e{-W/V6FHXTװ3(Xr%ΰkRZM f  2M=IR8Ve,:[eӒ8|ܕ䝇^ T}PhOIԀ="RYv ^z%*uK[ Hs~<ܯ'O'hH+͸eIcbi!jr^{{)[:rvt >^51B+C( w1f8k"ċĿi-2T-$^uڔtx$.8y2xkEޣM_h2B\<왨2_9g'@m!L#n${He\Qf8M"ʥ6JV 2qE0&}gJK_EF,$!]BQ#ls N|Ю1 zƂX_8Ľt@|KE]rup3߯7bJc8]6Ye:ld8hGlb\|Q?  S 48޾Z!*-O\yi+37UܴG)y,o<1}/e>tȕ)R׋Y+,mz2 C'RVQ]bZn=%u 6Rrw8R* y (=da=X~-zytkeNjK k{A:rTr]z8(U \6KuMV0u':S8aD NêLVW+5t$ .aφ]SZbzBɖKg*ih"EH8VzVu}Ľdٛ'#p 0{ע3wvBj3ҳ4SIK[DB0>h=2o~ɇc%/Lw8-%\gvm64~:",Kñm-©cDr.Gm?Zv+Rܷs𢶶} qPV*!GH~DT !0c :b&8u p@N+pP294 % :װѪ[ ۓ2ǺlI fbsZJoU!*?C'`+6m.+q~C#A.Al+''Y[m Z}5V"0iR+E:UzfI-XUv6IX*Ld(4o#I W3+Dff '(} 8p36T7J d9iN4eeӗm'IOYMWVnc| K<vi}gUDe<[E(/NrQU$9!ZռVbZW{5)ìuc@jzG山G..skI], G1gYg a;F|2+:BqܩP[܆J:0 -wNHmz9NÜ{(uz|?<9myEoHK& ~0n]5p|Li3%O CȪ)܄Cދ[ֆy3^$z@@vUH4wg_*R#sTP7EA\Jqcj셓Ch/RGYs]ak@ʸ3m(gs5oZju>l8ËLecp5;g{wuy06ߙӧcDfYR:ai "n;̜_ fX +;uUD;;RFv'C)fS \m]~qg1ohOSݽ/;7Cs4& y{bVcvܩ*v%|>X; Lmcۼ!f{=ӫSWL#\ο|9/OW+Yd3?,RlG}0zCG'eZ l̥|Z'ui 6)Cglb)*>oX^G[8‹?;>&д2"Doi>rvSE>Mdr#S0.Qq8ql~"-KZ5y>:ZIva5<'ZΩx. ,頞8ܛx=LKZ+(?j(o}t}+}QlZ'T߾JQֺ^VEO"h;[*1y^m.?XS >cFb]$ ֜r-5/ȌiHBVB X} هJ DABU] dD#Y{nA4rsLߣY6Xir=5Y 3~*ۍgHz;a9a5%'p=PZ"S͐orZ#$d-aݢ4҈\8{|nnSd=X.6V{=wo O,l8q},0V:_˖r \5x4n1|q4VbPسG(Tk҅.D>)$ N&^+֡/Ff^%/ѳߘX>}O[2έO16Hz oW&P̒u&x@2^re|7{NŠt@ }'hMkc'%OZE{6s}יbk2M{SM2MO^&K6t$=FNoޕM$B2P$k\Wo+95mk̓a݄g0SZ4~DClN@nO֕1</j4[x@qt"nU5 z@چ9 (l-SbB\4.qvG;NyM%kXUDLi7ybW4ÿ,UQ%8SWb#>ă lԟ ;PTYl E^ *hGh$-_u8K F9q/+{1$ g)7>7>V<1Dž4?}HQ:cvg^%/:57.+[h:#Q/i;_?Iu33tTJBLXlxl f9:p ZJt ȯhvd͉JR"L΋ (տO2 c'az3c\:=.>)F~mo@r'2ų|\NYTa5aGz #gW'bx!\7ekgz.Qrma=ԶFyչo\F͔|$p Yi.&_ԾD'PiɇE |Kׯ@=ԈwqZlcIn9Yw3!vv)(Qh@Wh BLK!G=1gió5mZlA'n1>m*։AK_}h<^]6}nܻZ6U$W=p @7mE|Hso(ڏͩVqHs^ɮ֡'RTl?UfEY H{Ӄ Ƅ_%:o#֜yw"Kڒ,X,FߢX s4:AV̝{O"gU :G%X9< (GK,i 2ƣ_Q4X/QVx&a S Ia9l7o^ݾh\ X#CGDǫv <| v_M@+X]Kck$GOE'>^){(:E UHjFs/p!(|o<~Ӻсu?BgTBVK v!ŨPj{h?]m2u{ԭ^Gŗ};+7HF&{L<]0FT>& cpCʯ8<*2մ}D\o]ML(a.oоb$X(&=$m@G9X/q{G'6_h~I8;BҷM}J S&|͝b lDBT"qUp hȊC ˧S(R4p߾wz$ 'Y (T!j>s-mj9yQ|nqSKe9V #012_hʶl,'h*sӕLz<>]/ʵ$GY܃cVR8܁ՃYvG8puڈVBmP>3聉|bx:yGΛ,8PVPxVyE0 iv=zZ}k nmOC m"JЪ60|A2q^1J??|I'(I<|),`t)_5@*nq:( e0^ܝ%+b-򪙜joJ*3J߸QFLa}0)4%?LLMhu=ȶf= Lcާ-q犮a!Q m7;,䑯&k˯ NDvn{'B@UK=UDY8k<`samqIOw:A&- P?T$8RpdQ;ٮ ~ˍ-SQ,b|oƢDxk?k8*$m0=ztiQ*3~l8c=bhBʋMv: &S:R'xz !.^7`u9Ѭ3wpmktW1T=lE=Π#5% bijZiߕ ԠC[7zX cro,tO-8ӕ4s$2k֧7B1wSox*Zu6tp;pma([hi{A-uJ8 RܢBA\,!ulkRjTݚTH3pO[N;\"-?jTwa^{(g!z:o&e _?aI.6 c;HeK 0DZ[g:矛4S@Pw.`ψt2 Ųr).>ս'މi¢h/~@ѼrZ6֚]a D`D7 fHwש/ SN6ܑx"EՊsU߾d >i̬`;Т U (jui-qhiK(BUI/s:#%7Ps&J.jT1#mJjk=g$Ko=DlQj&_IHeqQB?%I`W|(CXAHp)$ϢvlbSq@0O@|;Ŭ pB q78/CSzhs>"ե*&w~Lbn=)[>A|?`2(IT M.P`}W}miTڈdB靏gMqhDuo}ǧlk z\C'a0ѺaI,~"dx6?QZ"eEףNa{ώm`$K2O1BPN)a/[v0 pc>,#>RkYqkpSF+g$X™p{U2n5ұNǯ#wʴ?NA\ֻ|FḄݭ+t? r<;{\?e hd,jԶ#7i>:@fՄfAS8-f  DHT΋W!|\*x ]!9"h7hS,<qXFS^xLIR)rJ!fAPd8"n nWsփ`#G{~5R8!ډ>5)]wfҶ2 6G@[ECń5n8k汇[;33?J)6 igױ %./0Kżd4}o'TZIK۟O uP=5e^M'3k²4z{D3#NstØ~]"Vl?oG̻!׺Z4}iP2]&ʰA`Q)I~;Ǣf>Kz0rXٕ'|ΒJMQ=DR4] K |%AHi:k1f̓b&W; hBs'VevYP9g TeU1TWklZyd/15ӎvQ2E]zkE#KWE~;r:),=B |ZSNӞoN04i 1`(*QyܓӬ6Yjʁ.n3&pbRԳ)] CFnhW hꅢpˮF͓ť/|pA [SܚX" 勬vX$ ͇DĮ8 !r\A.ME:i[JkE\ PTp_6ttc,9F7 ٲiCƁkID<>WT$%Uy=?[Yg@ׅ40R7m|"(myJongzD+I>lk=ac⋯'SC7lS>J6I[ r[~ Hw(c`JtMGhW>XNV>E>.%boL&yN]Jb |TUH9PS0cr%CS* fb2$AܐZ#{@nz媪em}F DK^P/Y4`)TI((Lq;[OPiG֫vn8:}x p bnѕDU>_E=mXo\V[}&%OylnGfrs,&e)VKQaٽ@~<(S!#+m>Zfz9xlLVv}܎ܮ#ܾYܴAP 'Rޞ]UHC$M/4DFy*~ (Wr.cpt,ӈ4c^ ;aZhWa"ƨWGF# k4NHh+ekjP绫[Ҭt䕸 *5k}!fQ(<KMXr]ɾ3,NJ_W4ŻEّj IgtQAs 4lѢ+?g 8hgW8[V-FaQ8D6wU;c(fӳQb[Mw$Rez^ܣx%'+C<)hr|7oU=`[l$زI樂osQ[=J-4B3P]}Q>ipatb|PeAԞй9q3?ݥz $9E$ ,|`ZUt(tt)~K>vԠ^>r|I@[p+rrOiuneQqު,z{12&hDn Md<7Ksg67PN2_M#KY*MaHyX6v a5᳍?;jR2f;l%.GJCGS᣾vZ!whxv%RS >4ߤݱbQnrDChY\YLt( 8r F;]lxb&޺JfV>(81hMj+",nupέl:?XY(ap(5tc:67MߐT&x{p~T p֟RȨ9<|KGO|GC?$|X;$A&:A?hTQDufv.c^SSų[ -=@iqP] ).<nics%+?t(}R:Ht5<.%87'6LCRZerj  F*#|KfM .0VpT©ĭ[3T R70$Y!h!C~I4jX%)lWs@oPnWGKg!]M3dķI6FCuo9DmU -VKYs\ho8x피{}d}+CÁt7O¤; wq/Z$E̮;;|Lia!!DCfĽfg+mz颐Upl=<Ǖ[/A'rǢr tJl۫x>D-֕3,j0z.]Z>B\Q2Аjjk=O '4agO,~0a<*A״m^v>=8H?L_n"n 1P5f&Xs;pv)TCO 'oĈxC%j&cn㵷(%IZ=:Bz:,Z6;ΔAŤ|tcny>x ^-~ÙkK'Z`%WTl3qGԨ=-xKRIЪFÏ3\Lq4%E5i#+NL" F~*bk uPJb5ʊ`[yL @M H_B2h p+$?3 IƪR)268o%}1pQ`Ъb!+"!3eq z8D?mJ}å;-R6frwD{ƘHs. Ӗϻrg=/9骜PƷЖB \nFB2p"20]{*eeoS<JSR3]pd`q_Wu9-Z $mp0y5!d)K2=jb-9tˤDaA0HĐqg/rUh/,&OeO~/bC%Rg`wG3CO$1Jt9I&6*bQѤytNF=/463HxU: ~m @c!ލi7>GB[b%="ő$8 zQ7~YeIO>8-ЎW†>=2("a4H~!&g9>9P @> #s'&.)hCWwh^jy݆Gl#y <+P\Ć"?U7fUq4&Ux"KIظMXU`qa|), Xk ^AIeN,Q'n"t}!}s7 wq&j306ILyf& .#k#ޕG0vOc_'&h[JZbGztzjݟ#`\B !GC %* rjxVX H@zM?1sR2!T#YDZn큝N/=H^$\ƪ!5¶,Y&asF:x5P.b [7UqV!@Bo$Lx,]#=HN|&"~"$_5L)ܟ 6Hq%" L.WIcȄC\}.> fl/NHsU{: خuٴj:~GT#z."Bͨ?-|0 ~/ 5v*W96N JQz5@ M G0RR +*HZ G3: +,eK[ RWVɨbGG(F  "M1 ;#^C}!r*52 {l.&,3^^+j·yL@uodP{2qfU0f[ϏƁf . ػsW P)X5hks?tok_*Z=q ݧ?SW'= 妕z0wor:sTr,|kH#=2 W7u5fcc5(T5ԄzE%`RA-.,JyTe=Xuhxד6O/&WEgEsIzZzdVDx9⣚ɵݥ(aI:'CIVEBa߅!kVT'?{'$$H|:PķDQI: 1˕":\SVpػ^H(zw4Q3gO0^0R~v_E=3ojAW΂*Dx', E%u40I-G6Cfj^{i->lOp7/]nU36hI"B/5L/ΤCD*tb:rGrVv*V`U=3{2ִJWQ2{"q+4τ.",鯛Hy]2@gaP%1Y Yk$D+)et3שuoo_66s(Љ br r>RAr6s zDhhm2qEj40Y^d('\tuIf~TQ5,ͬ5o-IVќᗳ[ě Mceci'rW/J%&ڷ@}:v`^[Ie+5?]d95Kzf6ŵh4g4 %g5m|6MN wXEV E> f~nZ"ӼI _9،2Z{1z7u._@/ֈ2^g1t91#E@E,:_\Ö@RLcm7UNi|ˁ~B4Y1x U8tNkCb$ǡ3 `2ngX~ h<b6!Dfè3xz_,-9^T5QmEM \d ΢~z8tiyB,%exWVJw~Ꞌh\}W ,R~31E&h,(`BE~:ä2{R>o9aFMбuԈ z傐o;kun`9&833f-\u:s5&R[z$CA)NTu \6O 6VhzZ`ՄS$M Z=p1kF8;7b^|v6plkLtzo0ƄN]_lꩭPUQohX6MǕn\ :6 }eU 1 . KV5A޲hm}AG*Ǵ{vg=l#ȎSHL-}sE!Fm!1vu5/ɺ7ӕ\)YO Z3ΐpbT>CUk#ҷǁd!zvɣB~O/ K0>t&]]vi? ȿ|jDsoҶ7aZj<]1mj#uzp!>z7 0f &y~7XS;錃֏9Ǟmiяʝ1xT ŒY|*XYfMf qrKЭ(C@³尌9Koj5;~n[آ58dHlh8\HL?r^&ָq%PnNdh^Wq,ˁ 6U^0 S]yevQrnb)5sVY3O͠gǍ>znK "n969x& -mWεJXA ӤtY%K(̿51r&D\x h#w/.B2v2) rFZHlgv4)pLJJ#DY颜k%RiP@@q/yy}ϙRңOŃG9yNkW]IF/^x="('A?JDm񫦦`,6-jl%%}xkFjbdB_ "0;q q " B}")!Mp0]XX‹) w|M!3yU^4"{&mqMgUgbVv:⺜XW8MyCB_GֵاRsBKWOJ$!)Ezm71|9&*+ қ{\vݜ὎mjzЋ|-_c_GP.=fa0׵ב&_ ++E6Ri//y2ֈF<ſ(&AHF`a%yOd751m1pކTbG  ^XdXyvѽq]+SH[m" |[-9H2g ,?]9k[|+'\v|\jDXjʂȵ+u(M1V+c pgezHx@&R|a,-Bt/ec^V]|<}W$V1F|AY/Pʁ6ӔhS%RASz_>ik c(L +!u==[ϰ-_Y"WmMDt氅!V> CEJFܠ :%=Pݩ!p*ZPzo}X|.OZ;%/}1(6UߔP1jgAmE'\ yBhw^9F+7 n xGPHLscU)xAp WvSq8ca+gwH]|-dzxg>ch%,F)~9߃ϥ`cbhӬSrG|Dgf:[}-,>8kݹ31t&F0hBv˷,䱩"_1L+撀:WFKA/ (\# _K`jg.PBzcYϸWDkeڝ}g!xR܋'I|n':t]wDn++~cBh0&&J#Klߔo59wX k;֐rjPj [[cxt 3]} +edwKy݌Ma /Z[{)`RUjv2>[COubO!^P= PS_X@)Ve+6 3㸏=xk' M+<LP)%th)*X ݬC |X"HR1Y.)V "l" G*+EyyഊTpikgq%[aƔdX RTėdwjɻ̓&2HP} q$(ן\5n^ZUqS`r o |vznƎ`%{xaB- ; l=x (̶?o)u"ug1 a=S -;L޷\%#90Q0*p1";hjA?t)o۴M0b9H e)\mxd#/9ST$ qR OJ" `aʉ݌r̩ˏ-ϏlzQ8.1k ,0u|ubxyV>C_yM96J"o]ciEOjXS/*$kΩ=6:oB8O:Wû0/:^N/C@.T 'u9ɻ#,_hlmzX?kš(V×z|0vG2c!${#PIH#2{wC߹,`jԬ(KߤtZv5# \k_/7 pW_ ^Q6BFup^_ͥ2˳-[!kAy$_PNA# O@gYM?|:]w>7\S|kf.Tc;U)]|0z9?ѓJ%WF&T1|?T6V$P(,wzKuW_K*4S5Q70SK̀trv==gVsWzݜ3ڈ47BXϒ g8D`삘N=FO5'CoUtC((RnɔG`T F;O*=u!w}V1 awvPka Cu~- XKZ4Qm  "ă|vИ|$̫Mɤ.)j`^,/L=oz.|x<LHAKz"p /GQ=m~򕄀2cf|xJ&дMTI=KTH2 sŒi_φsHKYzt]}ǖf$^_6nF<^XWyR􃤲}C"|P@c3m[s 9h|c2ѿPj. [C0`"O|WVfD>=5J%2li ~zH+]r? 1l'<4_ՂMffT+yUT}ŝDsuk)^ufq8!-RK޵5nЯ윤Kt.OV Sǔ'Z%xd=X׬[SôdTӰz4ڷjۀߗfA$"d / Q&Cex=m7pakA[A `Wռ*M5|j(xD2UN,]t]oOϩH_Zi "oΐn6a v*E'.jk@ )geq|>̭;D˩eSK||d8?=_;C{T~ϢkB׮eU.hSJ`YZ]y>ԅȲ5.<7S nW0` 6:G,WU^0(DaBC& &˷QҿmELNΦ>HF q=KWؕFg"n:=CaPaUk͂p=M}N{tXZE41nL,N Hw;b4LKMZ=0o6<۝/ѡqp)-M'əG} ⇩f SISwTN՝ӿ[qVx3_'zye00:~Zxw5%Naܖ[nY9VA3D!jdt.APhGM<#1 {מ6;:EӭUr5 ,s€&KBt_E̛Z6eYNs \ԙll=i6.S>𼎽%IO{(4r.xA .6BX.B¨M@ 2!OE 6(^SƏ.~)ń`}ec*TLu[!@9ps`ӦWJ yOH|%m&N,?"R;Ha[}YZĚS9W#(G4/&m(qg Ÿ́W@6'kf"'9 EnJg$)SKDIN lHT)`!\-n+0RWX>2_ $Et;¯?M-+:1&!e0!n孢Vds ?w"MKlY>֣ rVmjq z(D,p}-`b`E”HXvםYtHs#H.qm j#/XB4SDmS wC̭AݝZ\ "6Z.1!'CiI:]\T@'tmDqXl\Uݬphr[+cm'9qYWuKB> DcEc- eW t^BE׋jK'Tg ^yX /pkXnECȳe)XVD~d-c0"o!BTF懸Ά+ \l=%a:;Xџ&5 l.uǤP,;;E@ \ŢwK&%&u Sd43F㛝U?cډ=`R b#@Fe{ [= /Rp RR6W s8Lؔ='jPC'B5g0i8 <ߍ5,xqB>L>SJ ot1 4ƥO\cq|8)sdtВ֤C$4Sg}?H Ck PqLi{XT)"RK)sEPo mD_^M7|@a,`Gp8nJIׇ?ы1P:J[@>9b z?8>L5y=O3"pJﵸby7fr[otY;L/N\?+/^`>q$#dVEG\>pJ{w9eFXnٝ[>_5=}t u=jLNV_pSm 8;ZNUxJV1G9,xSoZYfӸv%=JduA7Ebb/[,^2>|4!Oݻn. $5(%[W}DH#|wE+3M{]Ӥh*k;:F5ݙAe>6 abKD3:J;|yH]N4Qq9̋ KER'O~EQ >Nb +pׅwP> . q` |!ώ_i>1SiW J=7ȥ`\7zԻDܭG1RxXwPchDG'v"Y-j _mW lT/._5ݲ{67F'9xsNu`~ M{ ")aq1ЭDZPRߢIq1{yZ( [iH7=!du] 2!HnHyH;*5ĶQ ,y.n3\#541ܗhL6c?_(3 ҴtPDj@\$ G#2a7څX6`Gu{J4oq>qtD2W3>X';Z8WO~kCOfolsI}U葍wpc h22FoW'GPf7u%f<7d  ?¡2w(buHLJяtB2bL@6G>Uzת\un\cT4#N^aQ,ͣDܵsؕ5 >^z^jUP&xc{#6w5y$;hiF_Χ?[D4|PS{^wZyyea1?-*.,"Uxc6DODcPfg -r`Fqf1] $5Era |܅<ՈP`I?(l!(`u6wǠրm,JP@b ]4 / E Fíљ,5NYTʤG {|qwc#DX Լ4~;qzB6jV#aVt)%G `T e()M&=Z ˜nՁn4bOpc)Zd7vso]RLjpى2hc_3(4}6&=L~ƃ`ObPI]g4N<.P:i/{BxdiD`b]:PЯo&~|$q47Qd Ol=$CnFe\x1Ut<2AN:ډWlQ%5Be@'u~3ɰbIp՞Amr\B[8e&mkO ޲k[\DXJB;_,t&F 7ɕj?!ݫ&oعS"8㥀>'399ZFFףW4@v5%|ep?eΛGzpX.JTO5:XĺMV=^ Ic?SrYr_Y 0z :@u3% n2ݯAʸx#|/ўyUT,*;}'05VQ;641ulӝ{"xoC H fgz6mbTHmGgH! 0:g{Tm-!Kq?vұ|rQ fCԝ8O$ӧ*HZ^ H8 ƺ D[c\ ^fh#n) Q˅gyB$r|6!Pq@ֵ^̢<7r$l#焜g*8|?ɓVL:f'7ɯڳfPޙf+V! :)(h.9}tDevRzQ!ZP]yTN9B@h(L,oܽ>5Qƞ1)(=x&|##׌s3^j Ճ&i/ ,KvJ`Q!_{R^j-*|ќ79i]F{/КU#uUm>[|i B }n^(IVjV< )WGq' gr,0O,%d:R x롦#p=AXgNIv >f4T#FTY$hսc,Ξ\'\m,SC0MuV<͜:`7#T/]p> 4)%ȥ!ȏM"^ "A8Ѳ yG0wO{x\܎.>pH礳1!]NIRg쒣ߧ&^G5.{9qĝ WkhFs(N|kĹͰfRI|whX+OZ $zGա!V1AcYOtfBͶ(oy7oVl1t«yB = @N7:NU务#۝@ۑz"mTZN|UٵʲMNm;TFmlރ8Zvj7i bzԖ2JWUC&YL'O`lxPQ(H$ h4Bs"mWOkpkxHQYija~ڇOETEZ;oԂ|ع^krA+堬1vThnj#p J=xh?;dvH9]/9I*;\8Ӹ0Z1*D6_4܂ vh7HfpXe)* C~[O6Q~'5xլv؆._$t)[ Fd`OYT<(?¡|vf[$:,ŗ[.Nǒd4放-COhGuYO&o} Ӫ3w,&6ɞ,IlV`z eugS%Vc6'#M@t䛻ޕz-.ۃq#={d^__#E LP.x< I_˻,V-]6pb-iߙUԐGGֽ.5m\2(sٯW0}͢-Y]R,Br0_3; 5Gpd`l2\I98I DKa!fk#K1,ESnDah&F^Z+ڌ<}GgfΦa6typZ/X <;{Q4l\=i,D?+͑NRk/Jݾqs1 ^gD.?ܤq^r(J%Z7NNQ枍r]*]^g- g!00'W4QГ=yOk)j,;hՇ*h5\ fE{6/ ϟas?+rexZ|x݉}/` W6{<'*يWمjȯ7{KqI9 MyQjtiVTuBZon 2[f#3/Y:Pj`ToZMrǤ&'Dc][d$rnԑ{D8ި?hFHI=ETa)(B$ ):"ńaa2^aBAp2$ p3+ 3zz z`NUx)9c RY9SR &R~Ha7P.O Y 9%a8"S`4(Cl"9򩬧TyIë]{ǡLXm逫,`6OEd@/k5/M6j@ؗRnOgI^TPԓEIoXt.vQ"q$E/dLL<$֢qboa[}=#P%:2nC 0ӂG;_-23K{3`=;kڔjYh^@_%Cg9ΙP|Eϙ"JXG'ؾ7J(׿9CPAV1^zZs~ %O$k_WLXK%P@M(IJ±O#L+ɠ Pv&\!"@v>sK, "\ {mg}tug)"d w g5Ҥyp\9/% 8. 4Y|;s`v;z<58L`wRVْҖc¬VI4@ m\vȠ2bSݓh|p=\Xl_|0F]A*G̬.!Dl G1Jtګ\"1ZPØͷ(8Y Pq9BR$Daanr!@kŢUVwpv[هZ#+ŀL9˶~X+;ٳ)I;AGPAos~Q6" "P9M%*QRN7ҒkAtvB+ǟr B$~m]bZiAz#떸Zbq*z8596#dĴ|-KZ}>rd558 Nd´2;Ǝ8 ^ஐ4PUS-K2pΉpGb9n~W²`yd!$kVFj?/{PuUz1 *`E'cI(1R׿s3'h F 2.W| B8Ҋ6n `xN? #tõ%be@%A( ݯ!()Hh) dE{Sr.c%_Z1ńY|Q/=%v $8;Z.P 3vk@!S]榮񖵠X[rW m6NivVh$Qf)U̗,K?\ x*y8h`|`5EMw5Mwi!'"s-{(|&aAQKp5^&|/ X_&:{(e~}+fE'5u P@ oza=!>cTh^EO[30^m wtO|N}xX葖Tch8eۆ7rxh#i5Ze"0R.qn1h`|4/5*?Pet0-^"Mqx݁4-` k5 QZO܀{ Sh-e'H="F#Pk*,~KxQ"ҖGA +Wr/V skV_v$8m}tvzE=XԻ[}hDd@\d_ vrgYCV"skY@x7Eᯞ{\^E=1|4>t6BUf_ʦTX˜hU1[!]Qd]8jᗎdZEMJmuW_++sE4I tY jC@DttXwn^$g*\q$,QƼ8XgĢ9Z!'Hm:Ψ%yEP$ iem'iBVh Zz"dxUbrF~PJeC h?q^/$t8I)T0'ٜ}-s;=1ڭz̐aUMgƺ;юk!,->%iEVffwJtr|-8>1}jo u5b!~ՔnT~= ?LSڴ ~ѶB)+7d̷YerְX4 v٥p)@_W-C`B/X[8I?^eUot50L92oz@dy6,(z JcZEρI7tҍ_:g_3c3towZ\H0"Wk\xr Y:g*C{TA22/ݥ(wFwYӒp|*x<ouRI 3U8eٸ~[OjJ/e c*0鍣 矽h&9;;hg&C2Nq'{R -I@I%seӣ]sb+-Aj_L  .:gi#&Apļ Zz Yv%WM`bWfu(ͧ$.5UpaĀؖQu,Q#6@B܌)*[@{<.b¤DD3Z`Iһ ̫$x]@,6Дg;JΧB6H|AEAQLI+\&ITg=^=KNC f]b vV9%ۿ'ឿJ]"ܢ ).huwQ+4=7Y^aa3U@w/ b,/3ݥ3Zznk(P|Fm?+ڦ+PT.D)>|őCH͖YΙZ2qx; d 3+C f9> B|.&|rO* \1X-HQ:>wKGGDꀙ\%g(̀]GU;4#r9.06B=C]~??{~o srЏ&4sK$͹o ԪVEqb^q#|2"$ȕ NR3MM߁q ukF8a08VaHc |:JBaBc571VW) uJ 15Uz f)/r[7?hiccwXC(m AxEE?.1s*bT^Vm>{Aq8oWrYӶ_*7{pV (35r=rZS 1Ep1t_T_!=9+-*y[|2)`8-IULB;: K.ܢ-]t3ÍWJrv/QCua;?y7f:m5iB֡З'e[cuHtV j ewaqըeDbW2HILcK4˂I=4f8w+tg,A n2Jt*GXSqG]&ldtIO5屾ٿ,kMVXq v7YHOXR+{ M7[kD[-! c_Hst0Uvyf]Vn!F 4.%ՎdH;4LF쥪,/68∥ybpR>/S䇹lY7+Yg ?L 񲡼 V_qS2[gٵa.Gg5@Xzu5 )n ȟKx sX0Hwd%x)>ëv~KgEoQ|rboa) @L[Rl k.^wBa^>ZQ1 l$NÄ5XpqMw@(lFx&4l p á5uR;26T6]f@xCcF>3Ĭje+*RnI*@ :*qp‚=ě;Isi.z^1o @pzDɆGs=~2KdXćԤ(,Xo*щE>߭Ԑk"67@sF(D>7OZBDzl8eIţo4&ףSes1{U:mS [JR/tnΡ`D(xP#n\aCEkn'WMɚw(j %QV@x c1ϋCb8Ϡ{h$W"C>xA^cKu ĹGh",Dd-.1ijpk;P{sH8-~.S ȃdlI~' ߖ3~pZ$(I;檺~mIV],g:} ctH0~t檆yeF^$Uss E{Qa hk }ymtZKlgnx_G F#$ǧT}Cq%t903[d960 EΉJSuC7hD1Ȕ+M (ncܔː0] yQ5/-8ts{B{SP RM .6J(ܔOKsCS̞4 /bz!p"b17'bN9"1SpxS9zB,(S->ڶt[RfLzm X n]/y ʶYNuFOwkuիrI+rsoW;|BUk[v5>ՙ Hn,ێ&."\(@h6|#ʱ ǀ:|"ƒf)0Ps&%_ n )CLs;Ye) D5 %#wkΔf.t~n^ȹnF\C";0FdanreZ2l{><Ɓw{^40̀0}UM[O2uR!J qQ!%-9z,K Nݭ(Q q w[xaBgoI &-xQӥwoUrH,K6;=+)sTbHE &3QЉJЫ.0HjqUܮF[1Gf>y/%)3(% >@ɿ̱*qQ VR]"`UV SR.n_Pi^ Aac律)5Ìb̹Z)IMvaO9kpKSjbtPcOlK-΅AoLV?t6~|[zQ!9%K$Y.)HEu,5/6[/ZOz鋋U"v/cg( ĉBFd;& BuZ^ʵjL4/4G"V"3'gU:AzW='n2CĮc;LjV k(Ζ(jεT[KeAPRqnؖY[2 p'l*@tM_4| H~\tАʈ>;Dְ=kx!/s.U]0~QMYVBJ%cγ7`fBXYmIe&[ЗM)'u78h* VgrZ/(:*&b8m #< !cF9NoNp0j >y|Ju5=cQȆ3pNm_EXWȬA츖Bto>0|f.G3tm!a DR#'o$lY# BIUg~,*Ѓ5*IIBMЃa媵äǚnv (Kqt^:u Gd{uI201yssќi.>RR"ˁ; Xkv7i|1}>%AXa~yꋴpZ[7{;!/h-i Oe3@bw  0oYTEBI$}u ؀Iʌ,^ԸZ^-.°p$Žap&q+u0Ί.W A MGzvZlu#Ðn!ƈQN8Xle2|1 A7qmV3:h Y&YV\;wTq(kmErtRCKkj"~A,i 'Zi2dϴY!_y52>QP}_%۵;l ށ)$]O&4>}{A[˯n1a?B~^ltHKQF*3tSLj&=57Z!nvZTbN8}0g W1Iq!fQ89$gM{YB _ivwRhO\p zGpB ne]Kw'`p,q/=];P^jԜfNd  ;K`]GPH4s=ɳ49x0j8XBRr:z,خ0{XII UW d[jHRẠB3MkuY}*Y <ޚB::BMD=h^Q`V.t <:' &>ذ`nVe! @ z6t^}BX%rHt'|L~-:DC[6AttdO&+bJhO^/ֶA9t[SÀw(-86]5iܿ 9Z9mڅaZS/}M*ƩA*n&W:\UGE{CȚ +DMƲ 6Όn-b!v M2}N 6%$éMNXTY*i|\p㾲L|jk?|:ԂZKw! )S3ZRwF/ш^{N]OW ~!J!2𓸬f$LleY~$PDmZ VI+F-]u3,k4wa -4yO}* @&^ͻ(dJִWPUڻ=$PK%A_䢶CwC6J: 8bR^ܒfPV?Tb7TEN~zo54C@ 3JOuxoM.Hf# Û!;%Aew#>r݋O䉶iF][M$1՚%!5ytO#SԙiHy$JN MQY7oN>0 3.XVKV[ƑǨf&:__"k\]Kĺ$%-Ic@?$QQhGк0 Z0i)@$S#g7D`=2]A(ʁAwl y{ Dz:5mPečER77`V/gM9[GC|7'V9d0ˆZbCWLb|dG]6 \ePzJgqļa|yUv+۲-$~Xm:odbmeJ"41FfZם/[ ;2Y4jcW5`*Qb)%#q6C]Je-%*vʼn6,5>1ASn=*2XH.5?Dg'c)S} Tr?Ivks"!}^{vA!qZECšv"JsU@*QRE\Bu7I ̰9˔?UV~PBl8G۴E]dQRԵfZ-V_vfJIXl~%qf݆kY( ;Hw\?[l{W>{lEPxȑ$mD%p:͞jdƓA >.!詗sE3A0+UH?W!y= $"BkzHQ>a 0 flu5 2IsV= %%MjVѝovO-ZC_ Krd) PG) ̧ᇕ0Ě7G˘gk'] ,Xoci0gq4s[-pp\2"9BpD(5Z \S3OKDsp`ِM"16(]l Umewηbs?׳d'0~ C ybIX 6q>;~EQX4;!J4RRWۙˍ`0zy%CGj]ZW3~?9P" NF=$6Mֹr T /d#v+h &1&)6ij>"W<[7Թ e4nwUwZR]GLD~20J9MXφd}@ꏛI /d-3zt.>p-ܲ#ķ7nɈ>dH!]Wi @hf@QCӕJFT=}b|Ym;St`1) SCRt+ٸ&@E԰􍹮'ws@HBh#r#斛 %`lZ[B6B0`"@6A.4|/Rm{͊m2=IId~azt |,f=tU?-dT&`r-|(أ== F! yA4}Z3_hyձK)ѭ^E3Rmh4"G=+Z5)[X$z4}\Wh-Ut諱D Dfj'm&slUA|lrjIVkǷZJK.b)~ߤx0AOIkWK &u+u?p\4ѸIGB|fڋE<^yX{sH[@N8Hxnf &N9 '1uL/}PL.OpKŠ|EtHhnT-4(!F\;' e (8۪"z3E|1pȦXG*{'G^| F!e9럏pLTՑ2ܛ${|>'n,F΂P lRɲ]H_ER?@*j(;bY\  YI,j&#RKq:-MÝ(댚b^:-GhzmP>ゴqsD,Dg UP#2LGgJMkX\ |(GY幅 l2+ "[kSl|x,cgUHz<<0i` NW g9V;p/((琂Y)f'w2C$Z4!Ln-W ,Avi+7RNA–=XC$v gPtpKyb~+ɕY#R(0De[ !PU7{;p>)xb@:PXJ4dgLLRHcJI/ϯuI6N/sIY#\'pהI[B,S1-ʱdw@M2 /U&b g12/D&^ȋ)cyBYW'£7_6 bLӢpjLq}V}5 _葡#}_vOc$ҧoQ:Ys !M>Of>[F H O6b`jS eEsץyC;v6 :=yemTf;KeX#O9^LFoL5WviVô~v:>Jef I:F%#b\a a?0teKw$9icSVP_bP_ bp ;:ɇ5` +癹ix|68Y5,J[ |5',>&!n]*] R' ˛2*L0XVEA!k $&ugs${ ǵ(E&`ǥn'I ^F7k5x#{݅v,0i"Y\G]w#CQnELa:ZhV}d|_1 S-r_oCeh,ڣJYǧ=M5Czz7g>2PB1w4,,8W.*&M&ݰADE3 ,iVs[N$V^FR ڴ"`L>Z-ܠfq~͵ !LuLyZ̿8}M%漢:83RiWl0~X څ%<' cZ'ߣ^4' Ebpfp I c_l^T/A,>c4z_{,v-k;@[/ia5:)Gsm*[OTٽ{}b7a"Қ&r| {iey΃E"(FG%mT(o`)cG߭C Mu_Y?CkIHD F&B-XE0|["8^7 K@iZcrhFG姧4 B|2ӿ$pl4*@xL 6t$JI}L?1MiBPzvݘ4dc2cC\-)BD%:۬6Vn"w*`"ff$#$)2cz?eo g9q4%I*&>·w!Xx|G씾!X16w@ǪJן7-@BEUS[YСGnfèx2"\"3mFG$2t+mvb-p/8ECɰ$C*,-{+mxʳ[n+<LAkٔɅF&4\\W<-(tl`DFS>&a z_&[77L_@ڊo4h0/E:џLFS+HV +Bu]u eXw _Zy'r]x&܏$7sFN cϼkE 8{Q9U_iT%>pqtzb>or'%i!v<+itig  (h9fRuwm[=fw!;Љ*Lb݀@8Cd C`Q G'}z~xS|Za6O=@}k2M(?6'W +5i\(y%1K3㓩ɸ~C,vIb#@Ōv=?.Ÿ6q J@`Ƅ@{MFT7a-c\ uKL4!iL$̤oL kOakD݁r (cQY|^iwh:) YZ