openssl-perl-1:3.2.2-6.el9_5> M Mv ĉJ4!!%joLne)Ip-Bm5 ']g%)releng@rockylinux.org p-Bm5 ']mr } eس۫( š\^ zG<u#Y/pttQPK~vѿc쭰gi.*9Wcjd0RT)qlKvM wXvaE%R6VnSwZFdJYpq1$sD_쑯q.5C$NⲊp-; F< q&Hex؛E @Knw{4w9:Q]>\m!чǍ_St=|]A--\k۾=k?ծwuWOqVrn䶟p}$#?۷zS]JԱ݃Iӳ= S=ee8^rāTWLaE* !-zec0bc051c0dc928f1769cec24e979d60af9c6731026d5fa5ac17e3729739cdafc2deac98d3e5e31c5a293f6e0876f7bfc019f682vwuEN}|d>>5Q?5Ad  $ G DHX}    6  L  x      ; r (8&9d&: &G0 H0 I1 X1Y1$\1D ]1p ^1b2d3Je3Of3Tl3Wt3p u3 v3w4L x4x y444445Copenssl-perl3.2.26.el9_5Perl scripts provided with OpenSSLOpenSSL is a toolkit for supporting cryptography. The openssl-perl package provides Perl scripts for converting certificates and keys from other formats to the formats used by the OpenSSL toolkit.g%pb-9775349a-7896-4924-afc7-62dfcde02f23-b-aarch64v+Rocky Linux 9.5Rocky Enterprise Software FoundationASL 2.0Rocky Linux Build System (Peridot) Unspecifiedhttp://www.openssl.org/linuxaarch64VgAAAAA큤g%g%g%g%g%g%g%g%g%g%g%a1d6e3bc4fcfb1bcfbe0372863b7c1cfb665e29cf49fe19b3105f157f0a4d1566628a5f51adc4ce870bcb006a803f74c17a68e78b124681defbd29f13db47c1d4f0f7260c1bfbc859cdd850b142903cc7a44b28ab46393d8f71959d5b4fa7e2ce99b8bdb8a5bb6e3f10b929806d07103f665b65db1e4ccde9bb7ca9c80d5b35a5cc83706e688add72fabf3493856ebf5f9239c93f69b7c1558fb9ecc82bea8d1tsget.plrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootopenssl-3.2.2-6.el9_5.src.rpmopenssl-perlopenssl-perl(aarch-64)@    /usr/bin/perlopenssl(aarch-64)perl-interpreterrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsZstd)1:3.2.2-6.el9_53.0.4-14.6.0-14.0-15.4.18-14.16.1.3fٝ@fKffvfif`S@fO/f Dee\e-%ddD@dd}du@dkY@df@dZ5dP@dK@dBzd>@ddJdV@dddadxcccc\c|cr-ca @cY!@Dmitry Belyavskiy - 1:3.2.2-6Dmitry Belyavskiy - 1:3.2.2-5Clemens Lang - 1:3.2.2-4Daiki Ueno - 1:3.2.2-3Daiki Ueno - 1:3.2.2-2Dmitry Belyavskiy - 1:3.2.2-1Dmitry Belyavskiy - 1:3.2.1-2Dmitry Belyavskiy - 1:3.2.1-1Dmitry Belyavskiy - 1:3.0.7-27Dmitry Belyavskiy - 1:3.0.7-26Dmitry Belyavskiy - 1:3.0.7-25Dmitry Belyavskiy - 1:3.0.7-24Dmitry Belyavskiy - 1:3.0.7-23Sahana Prasad - 1:3.0.7-22Sahana Prasad - 1:3.0.7-21Dmitry Belyavskiy - 1:3.0.7-20Clemens Lang - 1:3.0.7-19Dmitry Belyavskiy - 1:3.0.7-18Dmitry Belyavskiy - 1:3.0.7-17Sahana Prasad - 1:3.0.7-16Dmitry Belyavskiy - 1:3.0.7-15Dmitry Belyavskiy - 1:3.0.7-14Dmitry Belyavskiy - 1:3.0.7-13Clemens Lang - 1:3.0.7-12Clemens Lang - 1:3.0.7-11Clemens Lang - 1:3.0.7-10Clemens Lang - 1:3.0.7-9Clemens Lang - 1:3.0.7-8Clemens Lang - 1:3.0.7-7Dmitry Belyavskiy - 1:3.0.7-6Dmitry Belyavskiy - 1:3.0.7-5Clemens Lang - 1:3.0.7-4Dmitry Belyavskiy - 1:3.0.7-3Dmitry Belyavskiy - 1:3.0.7-2Dmitry Belyavskiy - 1:3.0.7-1Dmitry Belyavskiy - 1:3.0.1-44Dmitry Belyavskiy - 1:3.0.1-43Dmitry Belyavskiy - 1:3.0.1-42- rebuilt Related: RHEL-55339- Fix CVE-2024-6119: Possible denial of service in X.509 name checks Resolves: RHEL-55339- Fix CVE-2024-5535: SSL_select_next_proto buffer overread Resolves: RHEL-45657- Replace HKDF backward compatibility patch with the official one Related: RHEL-40823- Add workaround for EVP_PKEY_CTX_add1_hkdf_info with older providers Resolves: RHEL-40823- Rebase to OpenSSL 3.2.2. Fixes CVE-2024-2511, CVE-2024-4603, CVE-2024-4741, and Minerva attack. Resolves: RHEL-32148 Resolves: RHEL-36792 Resolves: RHEL-38514 Resolves: RHEL-39111- Update RNG changing for FIPS purpose Resolves: RHEL-35380- Rebasing OpenSSL to 3.2.1 Resolves: RHEL-26271- Use certified FIPS module instead of freshly built one in Red Hat distribution Related: RHEL-23474- Avoid implicit function declaration when building openssl Related: RHEL-1780 - In FIPS mode, prevent any other operations when rsa_keygen_pairwise_test fails Resolves: RHEL-17104 - Add a directory for OpenSSL providers configuration Resolves: RHEL-17193 - Eliminate memory leak in OpenSSL when setting elliptic curves on SSL context Resolves: RHEL-19515 - POLY1305 MAC implementation corrupts vector registers on PowerPC (CVE-2023-6129) Resolves: RHEL-21151 - Excessive time spent checking invalid RSA public keys (CVE-2023-6237) Resolves: RHEL-21654 - SSL ECDHE Kex fails when pkcs11 engine is set in config file Resolves: RHEL-20249 - Denial of service via null dereference in PKCS#12 Resolves: RHEL-22486 - Use certified FIPS module instead of freshly built one in Red Hat distribution Resolves: RHEL-23474- Provide relevant diagnostics when FIPS checksum is corrupted Resolves: RHEL-5317 - Don't limit using SHA1 in KDFs in non-FIPS mode. Resolves: RHEL-5295 - Provide empty evp_properties section in main OpenSSL configuration file Resolves: RHEL-11439 - Avoid implicit function declaration when building openssl Resolves: RHEL-1780 - Forbid explicit curves when created via EVP_PKEY_fromdata Resolves: RHEL-5304 - AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries (CVE-2023-2975) Resolves: RHEL-5302 - Excessive time spent checking DH keys and parameters (CVE-2023-3446) Resolves: RHEL-5306 - Excessive time spent checking DH q parameter value (CVE-2023-3817) Resolves: RHEL-5308 - Fix incorrect cipher key and IV length processing (CVE-2023-5363) Resolves: RHEL-13251 - Switch explicit FIPS indicator for RSA-OAEP to approved following clarification with CMVP Resolves: RHEL-14083 - Backport the check required by SP800-56Br2 6.4.1.2.1 (3.c) Resolves: RHEL-14083 - Add missing ECDH Public Key Check in FIPS mode Resolves: RHEL-15990 - Excessive time spent in DH check/generation with large Q parameter value (CVE-2023-5678) Resolves: RHEL-15954- Make FIPS module configuration more crypto-policies friendly Related: rhbz#2216256- Add a workaround for lack of EMS in FIPS mode Resolves: rhbz#2216256- Remove unsupported curves from nist_curves. Resolves: rhbz#2069336- Remove the listing of brainpool curves in FIPS mode. Related: rhbz#2188180- Fix possible DoS translating ASN.1 object identifiers Resolves: CVE-2023-2650 - Release the DRBG in global default libctx early Resolves: rhbz#2211340- Re-enable DHX keys in FIPS mode, disable FIPS 186-4 parameter validation and generation in FIPS mode Resolves: rhbz#2169757- Use OAEP padding and aes-128-cbc by default in cms command in FIPS mode Resolves: rhbz#2160797- Enforce using EMS in FIPS mode - better alerts Related: rhbz#2157951- Upload new upstream sources without manually hobbling them. - Remove the hobbling script as it is redundant. It is now allowed to ship the sources of patented EC curves, however it is still made unavailable to use by compiling with the 'no-ec2m' Configure option. The additional forbidden curves such as P-160, P-192, wap-tls curves are manually removed by updating 0011-Remove-EC-curves.patch. - Enable Brainpool curves. - Apply the changes to ec_curve.c and ectest.c as a new patch 0010-Add-changes-to-ectest-and-eccurve.patch instead of replacing them. - Modify 0011-Remove-EC-curves.patch to allow Brainpool curves. - Modify 0011-Remove-EC-curves.patch to allow code under macro OPENSSL_NO_EC2M. Resolves: rhbz#2130618, rhbz#2188180- Backport implicit rejection for RSA PKCS#1 v1.5 encryption Resolves: rhbz#2153471- Input buffer over-read in AES-XTS implementation on 64 bit ARM Resolves: rhbz#2188554- Enforce using EMS in FIPS mode Resolves: rhbz#2157951 - Fix excessive resource usage in verifying X509 policy constraints Resolves: rhbz#2186661 - Fix invalid certificate policies in leaf certificates check Resolves: rhbz#2187429 - Certificate policy check not enabled Resolves: rhbz#2187431 - OpenSSL rsa_verify_recover key length checks in FIPS mode Resolves: rhbz#2186819- Change explicit FIPS indicator for RSA decryption to unapproved Resolves: rhbz#2179379- Add missing reference to patchfile to add explicit FIPS indicator to RSA encryption and RSASVE and fix the gettable parameter list for the RSA asymmetric cipher implementation. Resolves: rhbz#2179379- Add explicit FIPS indicator to RSA encryption and RSASVE Resolves: rhbz#2179379- Fix explicit FIPS indicator for X9.42 KDF when used with output lengths < 14 bytes Resolves: rhbz#2175864- Fix Wpointer-sign compiler warning Resolves: rhbz#2178034- Add explicit FIPS indicators to key derivation functions Resolves: rhbz#2175860 rhbz#2175864 - Zeroize FIPS module integrity check MAC after check Resolves: rhbz#2175873 - Add explicit FIPS indicator for IV generation in AES-GCM Resolves: rhbz#2175868 - Add explicit FIPS indicator for PBKDF2, use test vector with FIPS-compliant salt in PBKDF2 FIPS self-test Resolves: rhbz#2178137 - Limit RSA_NO_PADDING for encryption and signature in FIPS mode Resolves: rhbz#2178029 - Pairwise consistency tests should use Digest+Sign/Verify Resolves: rhbz#2178034 - Forbid DHX keys import in FIPS mode Resolves: rhbz#2178030 - DH PCT should abort on failure Resolves: rhbz#2178039 - Increase RNG seeding buffer size to 32 Related: rhbz#2168224- Fixes RNG slowdown in FIPS mode Resolves: rhbz#2168224- Fixed X.509 Name Constraints Read Buffer Overflow Resolves: CVE-2022-4203 - Fixed Timing Oracle in RSA Decryption Resolves: CVE-2022-4304 - Fixed Double free after calling PEM_read_bio_ex Resolves: CVE-2022-4450 - Fixed Use-after-free following BIO_new_NDEF Resolves: CVE-2023-0215 - Fixed Invalid pointer dereference in d2i_PKCS7 functions Resolves: CVE-2023-0216 - Fixed NULL dereference validating DSA public key Resolves: CVE-2023-0217 - Fixed X.400 address type confusion in X.509 GeneralName Resolves: CVE-2023-0286 - Fixed NULL dereference during PKCS7 data verification Resolves: CVE-2023-0401- Disallow SHAKE in RSA-OAEP decryption in FIPS mode Resolves: rhbz#2142121- Refactor OpenSSL fips module MAC verification Resolves: rhbz#2157965- Various provider-related imrovements necessary for PKCS#11 provider correct operations Resolves: rhbz#2142517 - We should export 2 versions of OPENSSL_str[n]casecmp to be compatible with upstream Resolves: rhbz#2133809 - Removed recommended package for openssl-libs Resolves: rhbz#2093804 - Adjusting include for the FIPS_mode macro Resolves: rhbz#2083879 - Backport of ppc64le Montgomery multiply enhancement Resolves: rhbz#2130708 - Fix explicit indicator for PSS salt length in FIPS mode when used with negative magic values Resolves: rhbz#2142087 - Update change to default PSS salt length with patch state from upstream Related: rhbz#2142087- Rebasing to OpenSSL 3.0.7 Resolves: rhbz#2129063- SHAKE-128/256 are not allowed with RSA in FIPS mode Resolves: rhbz#2144010 - Avoid memory leaks in TLS Resolves: rhbz#2144008 - FIPS RSA CRT tests must use correct parameters Resolves: rhbz#2144006 - FIPS-140-3 permits only SHA1, SHA256, and SHA512 for DRBG-HASH/DRBG-HMAC Resolves: rhbz#2144017 - Remove support for X9.31 signature padding in FIPS mode Resolves: rhbz#2144015 - Add explicit indicator for SP 800-108 KDFs with short key lengths Resolves: rhbz#2144019 - Add explicit indicator for HMAC with short key lengths Resolves: rhbz#2144000 - Set minimum password length for PBKDF2 in FIPS mode Resolves: rhbz#2144003 - Add explicit indicator for PSS salt length in FIPS mode Resolves: rhbz#2144012 - Clamp default PSS salt length to digest size for FIPS 186-4 compliance Related: rhbz#2144012 - Forbid short RSA keys for key encapsulation/decapsulation in FIPS mode Resolves: rhbz#2145170- CVE-2022-3602: X.509 Email Address Buffer Overflow - CVE-2022-3786: X.509 Email Address Buffer Overflow Resolves: CVE-2022-3602- CVE-2022-3602: X.509 Email Address Buffer Overflow Resolves: CVE-2022-3602 (rhbz#2137723) 1:3.2.2-6.el9_51:3.2.2-6.el9_5CAcertscrlnewcertsprivateCA.plc_rehashtsgettsget.plCA.pl.1ossl.gztsget.1ossl.gz/etc/pki//etc/pki/CA//usr/bin//usr/share/man/man1/-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protectioncpiozstd19aarch64-redhat-linux-gnudirectoryPerl script text executabletroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)RRRutf-872dd55787ad90df0c6da93b455e88a15023aaf1af173f0a8e2f7d54c0696614ce80a9f435908ca1db797c954383b507fb339bac1e1e78e42a0abdd76cf66c26c? (/hsb.NmwE0`Od W[j)?28SV' P8eQi^"FcӠ[omp܊iqxiAXd0΂v$im2Ƭ&16ɽM=O[W0X_8 ~':.&#p.}%:z'c֜Klzp`\wn1K- >;M$˷DbtxXe]7LBH>_leڤe5Df CBL HUW/}|;gr3ȵ~{Kk}zN&5=~G.Y}L{"."qI0\4F %TZiq?;NEy[;LOC]ɴamplcrv}s$W66â(VQ[DtH[&%#ҥ09AC?A #3?@D0D3BaE.$V. 6k%W挿Tۖ4|l$Lt 7Kiax8ihcӳOe\ ,5BAh >cy7qh|U9h5/z0&mT}FfdLUIr`AOXʳ>ھWдx7Q6=UhnCvt9hj~n8p7./X*LTp`% Ith_6\uq ̥ct,d:A:)AڷףIfOv#yD$IAP$$& )?C1""HI 5q-fB9KR:KV)}&MX3M c\&fs B vd=ngJruQ#v:- 3cFxz5^&jSv3+<)JbÙ-|*Н8QϠ>ţ+}~)e*3L:bNp |,0Y4: ^Sb}"}.\2x#0({#]4VqF"ֆ뛅p:3-b2dPB^<^ b";>yǃµF]ПY]*FK5cf]aX]/X65e|̬G+d5Ds4' 9cg@֮nM9Ŕ N9I«q\/0qQ y@F:y+tʖ#7#=Y3&\$_,'삟B_u G$<[u{w_2>O V]u>^,?*,j]쮅ij2-vs> h2*PbXI{jaez^z< () KiX!cT ,Y!2CѡtrŢ#%!SxM '?t+ 5S0\(y7[n2ϦOۛnT\)%U_Q(]ՄAi%ŀڽLN`- )= ^`rIL%yǛXp&q6 .gqDZ.N'yZ^+y1mr RxL/?;C B!d3 宒q_r 8qʎ 贋w 1@@o%+ŦLv_bšXF|?\ȥ| 1{M876Φ<,?qSLݰ2lS짙$׈OwA፱ӃY^wW@2,N؈̃O.)>Ox Yߧ3֛(3|Y}/R V=D r;'7_֘-MW"I2rhTgZ&Kl_9͇RF{<&@+Vx3MٱLݾѰ 9>T*e7:JtK39qQt{2صxG9#vH?0ig$_v!E0ztPU@rK[ knQ4lL#ڑTf8cY~{Opׄ-+ņH*7U?`;1{hIZ>RȲ&f%|Y2BE| PSH؛lM/Ӷk@6YhC %B^zo.qۯ9,eL~TXWuVj}ESͫ#w&ڵr)%ďTqf %Ÿ0I%r n^O[XuزE#PE1d|wsb*HkRg&A$ <=G$ ddQ|wT<^WQ7V3*`^3zI ݿ`CG% ZalS<2RyLMtPZGo)b(q)YCHH7ie!=L3={7HaZӕ!ڏܙMK-?oA `2wK^x[ןaù;lƔty+-D PpiLt_WO Nw^3&X+i raxP_*}PYAB !Dc0a\1KIHJtNء03δ}/Zvco<-)='-"1eC@#()ݷ65g[,#IWMI$G\zS [~HuǂPbm8ťÁu62(fr/9[8hzFXUD6G#Ħi抇2`CU`I,팉rHo#8&~b2&:&Hl~%]LG7A$:z%<яT  撣P"D  e3P4;g1Rġ<Σ@>0$&B""D"DI$ƌOXmx: p5'z'DqձSOuu8͙\R-nj>ڋnn@nh v$!G<; G kvLf3uNAAV nK_*~E"EO Q߄K*p@_qYbyr;w|Yi%;w_?q^3A< ;BhUI~ĵ"ð0Y(t/gVr f j#8u  WId$|aM˖ʘz0I@}Mt)y*AabLi #*Z7D}]:̸l)k#8@>srP;ZK8 ׎^JFS h OafePN0z%W,ݙ^,8EFr~(J`_f˽hz0(OG_ ؔ&n)G$xE*Q>~m$Cߣ ݥwT=/]0~,4*ب3A4% Vo2{\Bd>Si7H𢃈$Dh?wrWDYclhӡ0^pg0LtFrٽKGnc#o󖫺DOkX\;d~ B,L,I8E #! 5c{d$H!U8e#֬&Su|mh'>:ME_ՒZ/B&2 p?nO򺭻 QN¬3D7o3 ^32C(9\uzC=S}Zbk^j˚ۣ&1nKGnA`ȥIIK ##޼i6JW)Kuq6$A01b0qsJ#@FH*Ck8,v0y; ,+W_ p:/^"!FѶ=!&×lwǑ2n5 ]06ޢ3π]%N1KuzU@2)eom[/D9hmv78Dh&Cl#X =PhW= է9\^&֛?V9TD\0VӧG<Y R87Ԟ?8|Pa8^)N*-;#^=Q|Yk_g6^ShЬSB4$Q](Kn$@oi.䊣q%P> b ll(`M2/|&"tp'XN h9!7 dž:i[@S)$ VE|\qN6ώ엲igDLȪ][4=%edm}0@qfpc6y#*+!WJT)L{߄@ܱ -2s&WB]<#GjRtXl;e}et {|(4o\?aٍ:`p$Y@"`v{&I!%gVJQg '<"C 1t ("-")e.tsrc/;Fwhol;base(\.[^.]*'_. : .->flu"vR-PxV,Vb[%KysLA;vΪm'폎#'` RP!_ڄ 4Gi}oF >#1V殞7xk 71IU#>jӨ=KlrQ}TGnհ(GH]+B2$`߃-k$ ĒNOPʦln:?"Bvx "wHpo=86e A(BP4WIB|,tnO* 4LY\ 05`w}2U dbĎۛw`BQm+ 3I4+1(<]/@\XLA]r|y*Qc3^X]a"K1`?lO2+C^!O.Xӗo e5fa |9N0b@`y3j-ѹ3w)F)i~B,ׅXT)wnu~%^>/?@uuT2<)"roIkxbvL| L7wC-4rDźAsU\:Impj;!zwv:üq.oGyj4h {q˦:)mS}W|_O\p3&x8#}sm;)X9[uϞ%}]rpp<vL0nw`4fm9pOOs5f:s>R;w Ajr>{;OO?,l{kDtFHW=Gmx=1Ⱦ}2sETh;89ܴ ѫ,FNg iR/p0qaЮNAh2@G rI;9:>R4h[uFz4#C99~.`E$v2*^;WX;/.Jq$)(Y5}}]]3'L)NulAmωVDrوnq-Cщ(Uw.gB_4-ghkYGj[NDY\=\V3$ 1ID3<2<<8\Q`")}{-Q  Fw+d'MZ"4D' <ͼJxo6WU&yJ!ˊ0nEVQ*:uy@.P #'B2>/Zn#T8=;CR rI-K0([&2H5nngY煳w|ŝbjVՆk\84[@;M]$Z!D:}gasng1A%c7 $~pሆ:!BkxHOMyGԁD*4 5.CS' vKċ3*~UJf_اJDj-QCC5`dʐL㈠ðSw>w`.8覉mM $ d E-\=/>TD5ӧOQl0?3Jc#}5"z)fԂBEi 85SQPQseH]  9TTjY姐µjb6=*x $\CtH4Q~“QWW8BM>)p7( DPG$њog| 5Bӟ Wn}sۋp|.nRXjπHUe~Ky BDBnfkq^`'f&oE =QF -q' Dמ-6HׅAiRo`WcY@x$ޡ}මg'IԖm&2Xl欈;V"S };!qZwlL;w+W fkHţrqGUܶ/W[$ExPKԣx\M19Fu(X!)6x`;Uhd(7Ɏ 6]-`jd(KT>081)xJ(a4P!p]BWP+=d3U h\(GDR`±&8\,n9()dHx^7CrPiloUEAs$w07*bAlFj֖ݴa/;x2L-|Lr N ~pj ic0t|N'H5=Ȕ4@Z 5慍 O)!tGidmi cZ驌yK~~&_K$Bgmԃp&􀓚'WsbY6Zq?TmimDJɑߟ IW2\j (m!:XޛMѴ)׮~ VDٵbZ!B5*[i;-#FU#?K>͞IL\0j٤ӕ؞:IگjPIY^r_a c(7,j))m c#tJYʕMn(,}ۋ!O/o~LA.})dr\֔e}S:,/؃ϼ>ҞPe0"2ժ#wWȠJ d (%}ۚ* ڛ  &A/ N-sN[xjZ`d%^1gpcUYp(ŧ7'>ØkcI JFZFwg~8 l5g|u:jU-Cː=p&iT(9T:t}.1fuz_Aw%'?>OŌ%[,(K ŭV)کd3U79 KV)D(a1:΢c;}UCBEB_Oov^Yv;לm7kUL]yݥfeS^|ԏonxqo>G!J&?pg(I@D*}2iе>j (J1ÂrME5&?4JͺO\r0Dz[@ fBY|=C/KJ,/̬ܶWYgǛ6dy* ^M-bc067ksH_˜ 62`gMR{LSƓdj44RZa7~%5gw^\Q5pU1/BGц-D"r^6l+3wZj8 ,=kЇM <X "1PM6@"Ɍ"a{-{m!FჍٴYXJ&\HgI4FI B6Ә-HM~YTjUz#-AH0gf,]A¢_td*&>@|b",M@Q LOwXDXhwWc4PfR:`j)`* T$=y][݇Փ^cejzM^+xm֠6vˁ'z-,Z妃NDRZ*{%!`v훥[Mz}ΰQ.=R#4iȎ{(8ӁrfjXM :6,P8_Pi}٦e,i^/VbY*hzq@iʣPOq\=韜Pꥴ஄!to3'O%DRp3eB kj2?2ǯ+?_oO~\}J9b,mɖQtERLъ@! eQxeD|Τ)3,JYQ妚& Hv;5s=gHO5b̅~1gDdyDpDѿ:~bOwJaY::ݧhOݾM&25b'b_V*I?q=ח ]Z#4${!4Cb&ٰ>DDAb ]nنr5kh8\i:`8bnrB̏B@gLS-+U[ڳwGқYIzL5߯Uk¬fRKGkam=9{q34 K6,kߣ,v̎PʝIbife8f⧗eߋq.>1s]7xr7y%z?crsmzms_P,y2cˍdk(`x?JeI~7"I\lA@L@Oj&l%wjHIH&N<-)*t3AeZ5 5nLۙ#H3fs k+"KvEi:Y|ӱcYGdx #lZ>1}Fm_y(6}S>?˒=,/#}юG^J89X12Ra:*$)yeBMi&~Bg-{HH5$GϜ^BN&~geZ kSXv Aaw;r0tPPVُ|U-#"BJQܡкWCv%˲rn#\yE1AU C~C&6GeHaP5qaB/ʚ"`CCłիu7U vv&ה઒9;x됪{,s;~"mjPNNyϮ5Pne=[[U@jul֩߹xf|{;fx;x}< ԱӕD4QUzյm*׽%+ UA@EFvo33Uީ~( /S(n#1~\КGak>w%w0){U>r&BT;NvN5tXeWZ`ѶPGnuO~Qhw䱕U%utB/R/QEIydˢ'';"hUۂE!ɥrP:- r=U []=Af "Ԍ'Le}S**P$fŏS#c}8>/lTQjr8f :.SH?gV Tl>Y^jc :ʖ(|(ZՀb^wnp6^Uҩ:"im&m[Hj՗l\:LWr+tKNyZ_mCP:Y|6OojIQ s^Ï-)d2Rd 6f+x{zp\;J|#L!jncPe.8zL~tuM5=JeRyE&yX3&Fe /Sjő0{fVXEm̈k3JjeoՐ䜪^h'!eQC7T!6S l6ZA".^O/($%r Lb[FOJIdp+e Ž,bTRER!!!aI9$A1s=ryd@2"#$Q,c8t jsѷTS(PeR~ BFMQ"5/Z5!4БQ9T%d]KspOnAgqʢor_IGo%dz3.BƈpLbDgI*$rEQ" A7,$U)`T_qq%c5ofAO-Z *b);Oh]x tZ5ڶQ1?d.$\b2A*qy|,> uj/nCiA|3j{~?O$IWRaA! n^::8m:8˂)ov9)YLY$X>8o$)MyXM(K *4 =Q"[Ʒʻ W2JG 0u'U PoClK)E>>&4-jKү ),wQ+[HӔ .qX{TѺD,\e^E`KxuQ.!gR0j