nss-pkcs11-devel-3.36.0-5.el7_5>t  DH`pZ$ƨ z' 6j17{8Hdm7NRJc]<ΔNdʜ)Ee]r="9k*!^XI*TwϯXd *~sKP+g+xb6JEheaJty_tp`}ucT`)T:(E<*BG$<5ff g@qh1<,FGa eZ|NBv1gRn'=@Ң$u "5#!YT|7!~ou$*niKneyyzJ&Y])8rF~A&Lŗa b:}|[$.fvdΝIL!q90f/eE옮j, c aYy5W&hdÆuJ3o(Τ:JדzᎰ؟wzèqk8(N_A^ג,A³1zM4FĔ9D\.EcwX=~;zd9f2M#CTw[[3=ϩ~viZ|~!/z ;|xpHXH/w %sYT~b\ -rmRk4fu1Mfߘoлy'T>7֬?֜d " Z OU\         E  T    ( \>(p8xb9 b:N2bG H8 Il X|Yӈ\Ӹ ] ^tbԮd}eՂfՅlՇtՠ u vw0 xd ֘Cnss-pkcs11-devel3.36.05.el7_5Development libraries for PKCS #11 (Cryptoki) using NSSLibrary files for developing PKCS #11 modules using basic NSS low level services.ZJc1bm.rdu2.centos.orgCentOSMPLv2.0CentOS BuildSystem Development/Librarieshttp://www.mozilla.org/projects/security/pki/nss/linuxi686 n@GCB:n Zi(Zi(Zi(Zi(Zi(Zi(Zi(Zi(Zi(Zi(ZJZJZJa35ece673d12028eb93987be84491b4a5978b26acbed9391ea7c623d892114892314809e560ccd8db3aa7c73a76761c6dfdc9970766418eda2ccf5d82d7c8c87d17c98658d22e1d43bebb72e5c2fa70d38b4813cc365664cb7e012c1c205945a44468d9015bc778365581b64aa8389d29b1253027c339f0db50c4fa4041b182610323e003c49ea719ba9d58bcc8cd25e0cb04b9ef477e86532dd49ce5aab7de426ea03608b467e5d895ef62414d18e48c7eef62075092710067aa35ab7da79c77a0eecf6f3406b0ac94bde7ea8963f1ed4bdc05c48bade64adbbe3f942607a58424de03c781dc5f6985867d3c8905ef675f7f2bef4bc52abc6e523484afb4882dc8e6a0a79dc11903d89226d4fd9a1a2e6d15433c2f77b7176b727c3d2980b1b616dd39c3520cedf4a0b72c67baa0de3103d894baa8631e24020c157d21a2473f5ee187ae698bfebcb2b4df6e21edbc3d95b5ec709756e1cd6a1c3d83fca1c445bca4f9d34b4ec42ff333132925258bd24aec9d50d3add6f3693904179c7c7d7e3c885cb79cae4b2d76143cbfc60e0d1e005abab72b2fa99f925da32d27bb310rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootnss-3.36.0-5.el7_5.src.rpmnss-pkcs11-develnss-pkcs11-devel(x86-32)nss-pkcs11-devel-static     nss-develnss-softokn-freebl-develrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.36.0-5.el7_53.36.03.0.4-14.6.0-14.0-15.2-14.11.3Z3@ZЛZ2@ZkZw@Z\ZOhZN@Z Y@Y|YB@Y@Y@Y@Y@YJYg`Y1S@Y i@Y i@Y @Y.Y@YXX~@X•@XO@XO@XBX@XX@XWu WrfWc@Wc@WBWo@Wo@Wo@WW WW@Vn@V@V>@V`VpV'~@U6@U6@UAU@UUUݪ@UUȒ@UU@U'U3@UUx&Ux&Uq@U?v@U8U0U-@U'@U:TTq@TTto@Td@T)IS@S@Sہ@S@SnS@RJ@RRUR۾@R۾@R@R@Rx@RΏ@RkR@R;RiR@Rz/@Rv:Rt@RrF@Ro@Ro@RnQRe@RW@RSR@QQQ@QKQ@QQW@Q'@Qq1QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.36.0-5Daiki Ueno - 3.36.0-4Daiki Ueno - 3.36.0-3Daiki Ueno - 3.36.0-2Daiki Ueno - 3.36.0-1Daiki Ueno - 3.34.0-4Daiki Ueno - 3.34.0-3Daiki Ueno - 3.34.0-2Daiki Ueno - 3.34.0-1Daiki Ueno - 3.34.0-0.1.beta1Daiki Ueno - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.33.0-1Daiki Ueno - 3.28.4-14Daiki Ueno - 3.28.4-13Daiki Ueno - 3.28.4-12Daiki Ueno - 3.28.4-11Daiki Ueno - 3.28.4-10Daiki Ueno - 3.28.4-9Kai Engert - 3.28.4-8Daiki Ueno - 3.28.4-7Daiki Ueno - 3.28.4-6Daiki Ueno - 3.28.4-5Daiki Ueno - 3.28.4-4Daiki Ueno - 3.28.4-3Daiki Ueno - 3.28.4-2Daiki Ueno - 3.28.3-5Daiki Ueno - 3.28.3-4Daiki Ueno - 3.28.3-3Daiki Ueno - 3.28.3-2Daiki Ueno - 3.28.2-3Daiki Ueno - 3.28.2-2Daiki Ueno - 3.28.2-1.1Daiki Ueno - 3.28.2-1.0Daiki Ueno - 3.21.3-1Kai Engert - 3.21.0-17Kai Engert - 3.21.0-16Kai Engert - 3.21.0-15Kai Engert - 3.21.0-14Elio Maldonado - 3.21.0-13Elio Maldonado - 3.21.0-12Elio Maldonado - 3.21.0-11Elio Maldonado - 3.21.0-10Kai Engert - 3.21.0-9Kai Engert - 3.21.0-8Elio Maldonado - 3.21.0-7Kai Engert - 3.21.0-6Kai Engert - 3.21.0-5Elio Maldonado - 3.21.0-2Elio Maldonado - 3.21.0-1Elio Maldonado - 3.19.1-19Kai Engert - 3.19.1-18Elio Maldonado - 3.19.1-17Elio Maldonado - 3.19.1-16Elio Maldonado - 3.19.1-15Elio Maldonado - 3.19.1-14Elio Maldonado - 3.19.1-13Elio Maldonado - 3.19.1-12Elio Maldonado - 3.19.1-11Elio Maldonado - 3.19.1-10Elio Maldonado - 3.19.1-9Elio Maldonado - 3.19.1-8Elio Maldonado - 3.19.1-7Elio Maldonado - 3.19.1-6Kai Engert - 3.19.1-5Elio Maldonado - 3.19.1-4Elio Maldonado - 3.19.1-3Elio Maldonado - 3.19.1-2Elio Maldonado - 3.19.1-1Kai Engert - 3.18.0-6Kai Engert - 3.18.0-5Elio Maldonado - 3.18.0-4Elio Maldonado - 3.18.0-3Elio Maldonado - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.16.2.3-5Elio Maldonado - 3.16.2.3-4Elio Maldonado - 3.16.2.3-3Elio Maldonado - 3.16.2.3-2Elio Maldonado - 3.16.2-10Elio Maldonado - 3.16.2-9Elio Maldonado - 3.16.2-4Elio Maldonado 3.16.2-3Elio Maldonado - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.15.4-6Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Daniel Mach - 3.15.4-2Elio Maldonado - 3.15.3-9Elio Maldonado - 3.15.3-8Elio Maldonado - 3.15.3-7Elio Maldonado - 3.15.3-6Elio Maldonado - 3.15.3-5Elio Maldonado - 3.15.3-4Daniel Mach - 3.15.3-3Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-10Elio Maldonado - 3.15.2-9Elio Maldonado - 3.15.2-8Elio Maldonado - 3.15.2-7Elio Maldonado - 3.15.2-6Elio Maldonado - 3.15.2-5Elio Maldonado - 3.15.2-4Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15-6Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.14.3-13.0Kai Engert - 3.14.3-12.0Kai Engert - 3.14.3-11Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- Restore CERT_LockCertTrust and CERT_UnlockCertTrust back in cert.h- Work around modutil -changepw error if the old and new passwords are both empty in FIPS mode- Decrease the iteration count of PKCS#12 for compatibility with Windows - Fix deadlock when a token is re-inserted while a client process is running- Set NSS_FORCE_FIPS=1 in %build - Revert the changes to tests assuming the default DB type- Rebase to NSS 3.36- Re-enable nss-is-token-present-race.patch- Temporarily disable nss-is-token-present-race.patch- Backport necessary changes from 3.35- Rebase to NSS 3.34- Rebase to NSS 3.34.BETA1- Disable TLS 1.3- Enable TLS 1.3- Rebase to NSS 3.33 - Disable TLS 1.3, temporarily disable failing gtests (Skip13Variants) - Temporarily disable race.patch and nss-3.16-token-init-race.patch, which causes a deadlock in newly added test cases - Remove upstreamed patches: moz-1320932.patch, nss-tstclnt-optspec.patch, nss-1334976-1336487-1345083-ca-2.14.patch, nss-alert-handler.patch, nss-tools-sha256-default.patch, nss-is-token-present-race.patch, nss-pk12util.patch, nss-ssl3gthr.patch, and nss-transcript.patch- Add backward compatibility to pk12util regarding faulty PBES2 AES encryption- Update iquote.patch to prefer nss.h from the source- Add backward compatibility to pk12util regarding password encoding- Backport patch to simplify transcript calculation for CertificateVerify - Enable TLS 1.3 and RSA-PSS - Disable some upstream tests failing due to downstream ciphersuites changes- Work around yum crash due to new NSPR symbol being used in nss-sysinit, patch by Kai Engert- Fix typo in nss-sni-c-v-fix.patch- Include CKBI 2.14 and updated CA constraints from NSS 3.28.5- Update nss-pk12util.patch to include fix from mozbz#1353724.- Update nss-alert-handler.patch with the upstream fix from mozbz#1360207.- Fix zero-length record treatment for stream ciphers and SSLv2- Correctly set policy file location when building- Reorder ChaCha20-Poly1305 cipher suites, as suggested in: https://bugzilla.redhat.com/show_bug.cgi?id=1373158#c9- Rebase to NSS 3.28.4 - Update nss-pk12util.patch with backport of mozbz#1353325- Switch default hash algorithm used by tools from SHA-1 to SHA-256 - Avoid race condition in nssSlot_IsTokenPresent() - Enable SHA-2 and AES in pk12util - Disable RSA-PSS for now- Utilize CKA_NSS_MOZILLA_CA_POLICY attribute, patch by Kai Engert - Backport changes adding SSL alert callbacks from upstream - Add nss-check-policy-file.patch from Fedora - Install policy config in /etc/pki/nss-legacy/nss-rhel7.config- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka - Enable new algorithms supported by the new nss-softokn- Rebase to NSS 3.28.3 - Bump required version of nss-softokn- Remove %nss_cycles setting, which was also mistakenly added - Re-enable BUILD_OPT, mistakenly disabled in the previous build - Prevent ABI incompatibilty of SECKEYECPublicKey - Disable TLS_ECDHE_{RSA,ECDSA}_WITH_AES_128_CBC_SHA256 by default - Enable 4 AES_256_GCM_SHA384 ciphersuites, enabled by the downstream patch in the previous release - Fix crash with tstclnt -W - Always enable gtests for supported features - Add patch to fix bash syntax error in tests/ssl.sh - Build with support for SSLKEYLOGFILE - Disable the use of RSA-PSS with SSL/TLS- Decouple nss-pem from the nss package - Resolves: #1316546- Remove mistakenly added R: nss-pem- Rebase to NSS 3.28.2 - Remove NSS_ENABLE_ECC and NSS_ECC_MORE_THAN_SUITE_B setting, which is no-op now - Enable gtests when requested - Remove nss-646045.patch and fix-nss-test-filtering.patch, which are not necessary - Remove sslauth-no-v2.patch and nss-sslstress-txt-ssl3-lower-value-in-range.patch, as SSLv2 is already disabled in upstream - Remove ssl-server-min-key-sizes.patch, as we decided to support DH key size greater than 1023 bits - Remove local patches for SHA384 cipher suites (now supported in upstream): dhe-sha384-dss-support.patch, client_auth_for_sha384_prf_support.patch, nss-fix-client-auth-init-hashes.patch, nss-map-oid-to-hashalg.patch, nss-enable-384-cipher-tests.patch, nss-fix-signature-and-hash.patch, fix-allowed-sig-alg.patch, tests-extra.patch - Remove upstreamed patches: rh1238290.patch, fix-reuse-of-session-cache-entry.patch, flexible-certverify.patch, call-restartmodules-in-nssinit.patch- Rebase to NSS 3.21.3 - Resolves: #1383887- remove additional false duplicates from sha384 downstream patches- enable ssl_gtests (without extended master secret tests), Bug 1298692 - call SECMOD_RestartModules in nss_Init, Bug 1317691- escape all percent characters in all changelog comments- Support TLS 1.2 certificate_verify hashes other than PRF, backported fix from NSS 3.25 (upstream bug 1179338).- Fix reuse of session cache entry - Resolves: Bug 1241172 - Certificate verification fails with multiple https urls- Fix a flaw in %check for nss not building on arm - Resolves: Bug 1200856- Cleanup: Remove unnecessary %posttrans script from nss.spec - Resolves: Bug 1174201- Merge fixes from the rhel-7.2 branch - Fix a bogus %changelog entry - Resolves: Bug 1297941- Rebuild to require the latest nss-util build and nss-softokn build.- Update the minimum nss-softokn build required at runtime.- Delete duplicates from one table- Fix missing support for sha384/dsa in certificate_request- Merge fixes from the rhel-7.2 branch - Fix the SigAlgs sent in certificate_request - Ensure all ssl.sh tests are executed - Update sslauth test patch to run additional tests- Fix sha384 support and testing patches- Rebase to NSS-3.21- Prevent TLS 1.2 Transcript Collision attacks against MD5 in key exchange protocol - Fix a mockbuild reported bad %if condition when using the __isa_bits macro instead of list of 64-bit architectures - Change the test to %if 0%{__isa_bits} == 64 as required for building the srpm which is noarch - Resolves: Bug 1289884- Rebuild against updated NSPR- Change the required_softokn_build_version back to -13 - Ensure we use nss-softokn-3.16.2.3-13.el7_1- Fix check for public key size of DSA certificates - Use size of prime P not the size of dsa.publicValue- Reorder the cipher suites and enable two more by default- Update the required_softokn_build_version to -14 - Add references to bugs filed upstream for new patches - Merge ocsp stapling and sslauth sni tests patches into one- Reorder the cipher suites and enable two more by default - Fix some of the ssauth sni and ocsp stapling tests- Support TLS > 1.0 by support while still allowing to connect to SSL3 only servers - Enable ECDSA cipher suites by default, a subset of the ones requested- Support TLS > 1.0 by support while still allowing to connect to SSL3 only servers- Fix to correctly report integrity mechanism for TLS_RSA_WITH_AES_256_GCM_SHA384- Fix checks to skip ssl2/export cipher suites tests to not skip needed tests - Fix libssl ssl2/export disabling patch to handle NULL cipher cases - Enable additional cipher suites by default- Add links to filed upstream bugs to better track patches in spec file- Package listsuites as part of the unsupported tools- Bump the release tag- Incremental patches to fix SSL/TLS test suite execution, fix the earlier SHA384 patch, and inform clients to use SHA384 with certificate_verify if required by NSS.- Add support for sha384 tls cipher suites - Add support for server-side hde key exchange - Add support for DSS+SHA256 ciphersuites- Reenable a patch that had been mistakenly disabled- Build against nss-softokn-3.16.2.3-9- Rebase to nss-3.19.1 - Resolves: Bug 1228913 - Rebase to nss-3.19.1 for CVE-2015-4000 [RHEL-7.1]- Backport mozbz#1155922 to support SHA512 signatures with TLS 1.2- Update to CKBI 2.4 from NSS 3.18.1 (the only change in NSS 3.18.1)- Update and reeneable nss-646045.patch on account of the rebase - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Fix shell syntax error on nss/tests/all.sh - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Replace expired PayPal test certificate that breaks the build - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Reverse the sense of a test in patch to fix pk12util segfault - Resolves: Bug 1174527 - Segfault in pk12util when using -l option with certain .p12 files- Fix race condition - Resolves: Bug 1094468 - 389-ds-base server reported crash in stan_GetCERTCertificate - under the replication replay failure condition- Resolves: Bug 1174527 - Segfault in pk12util when using -l option with certain .p12 files- Restore patch for certutil man page - supply missing options descriptions - Resolves: Bug 1158161 - Upgrade to NSS 3.16.2.3 for Firefox 31.3- Resolves: Bug 1158161 - Upgrade to NSS 3.16.2.3 for Firefox 31.3 - Support TLS_FALLBACK_SCSV in tstclnt and ssltap- Resolves: Bug 1145434 - CVE-2014-1568 - Using a release number higher than on rhel-7.0 branch- Fix crash in stan_GetCERTCertificate - Resolves: Bug 1094468- Generic 32/64 bit platform detection (fix ppc64le build) - Resolves: Bug 1125619 - nss fails to build on arch: ppc64le (missing dependencies) - Fix contributed by Peter Robinson - Fix libssl and test patches that disable ssl2 support - Resolves: Bug 1123435 - Replace expired PayPal test certificate with current one- Rebase to nss-3.16.2 - Resolves: Bug 1103252 - Rebase RHEL 7.1 to at least NSS 3.16.1 (FF 31) - Fix test failure detection in the %check section - Move removal of unwanted source directories to the end of the %prep section - Update various patches on account of the rebase - Remove unused patches rendered obsolete by the rebase- Disallow disabling the internal module - Resolves: Bug 1056036 - nss segfaults with opencryptoki module- Pick up a fix from rhel-6 and fix an rpm conflict - Don't hold issuer cert handles in crl cache - Resolves: Bug 1034409 - deadlock in trust domain and object lock - Move nss shared db files to the main package - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Update pem sources to latest from nss-pem upstream - Pick up pem module fixes verified on RHEL and applied upstream - Remove no loger needed pem patches on acccount on this update - Add comments documenting the iquote.patch - Resolves: Bug 1054457 - CVE-2013-1740- Remove spurious man5 wildcard entry as all manpages are listed by name - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Mass rebuild 2014-01-24- Rebase to nss-3.15.4 - Resolves: Bug 1054457 - CVE-2013-1740 nss: false start PR_Recv information disclosure security issue - Remove no longer needed patches for manpages that were applied upstream - Remove no longer needed patch to disable ocsp stapling tests - Update iquote.patch on account of upstream changes - Update and rename patch to pem/rsawrapr.c on account of upstream changes - Use the pristine upstream sources for nss without repackaging - Avoid unneeded manual step which may introduce errors- Fix the spec file to apply the nss ecc list patch for bug 752980 - Resolves: Bug 752980 - Support ECDSA algorithm in the nss package via puggable ecc- Move several nss-sysinit manpages tar archives to the %files - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Fix a coverity scan compile time warning for the pem module - Resolves: Bug 1002271 - NSS pem module should not require unique base file names- Resolves: Bug 1002271 - NSS pem module should not require unique base file names- Improve pluggable ECC support for ECDSA - Resolves: Bug 752980 - [7.0 FEAT] Support ECDSA algorithm in the nss package- Mass rebuild 2013-12-27- Revoke trust in one mis-issued anssi certificate - Resolves: Bug 1040284 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) [rhel-7.0]- Update to NSS_3_15_3_RTM - Resolves: Bug 1031463 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741- Fix path to script and remove -- from some options in nss-sysinit man page - Resolves: rhbz#982723 - man page of nss-sysinit worong path and other flaws- Fix certutil man page options names to be consistent with help - Resolves: rhbz#948495 - man page scan results for nss - Remove incorrect count argument in status description in nss-sysinit man page - Resolves: rhbz#982723 - man page of nss-sysinit incorrect option descriptions- Fix patch for disabling ssl2 in ssl to correctly set error code - Fix syntax error reported in the build.log even tough it succeeds - Add patch top ignore setpolicy result - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites - Resolves: rhbz#1026677 - Attempt to run ipa-client-install fails- Fix bash syntax error in patch for disabling ssl2 tests - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Fix errors in ssl disabling patches for both library and tests - Add s390x to the multilib_arches definition used for alt_ckbi - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Fix errors in nss-sysinit manpage options descriptions - Resolves: rhbz#982723- Enable fips when system is in fips mode - Resolves: rhbz#852023 - FIPS mode detection does not work- Remove unused and obsoleted patches - Related: rhbz#1012656- Add description of the certutil's --email option to it's manpage - Resolves: rhbz#Bug 948495 - Man page scan results for nss- Rebase to nss-3.15.2 - Resolves: rhbz#1012656 - pick up NSS 3.15.2 to fix CVE-2013-1739 and disable MD5 in OCSP/CRL- Install symlink to nss-sysinit.sh without the .sh suffix - Resolves: rhbz#982723 - nss-sysinit man page has wrong path for the script- Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Add upstream bug URL for a patch subitted upstream and remove obsolete script- Update to NSS_3_15_1_RTM - Apply various fixes to the man pages and add new ones - Enable the iquote.patch to access newly introduced types - Add man page for pkcs11.txt configuration file and cert and key databases - Add missing option descriptions for {cert|cms|crl}util - Resolves: rhbz#948495 - Man page scan results for nss - Resolves: rhbz#982723 - Fix path to script in man page for nss-sysinit- Use the unstripped source tar ball- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Reactivate nss-ssl-cbc-random-iv-off-by-default.patch- Add upstream patch to fix rhbz#872761- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build 3.36.0-5.el7_53.36.0-5.el7_53.36.0-5.el7_5nssbase.hnssbaset.hnssckepv.hnssckft.hnssckfw.hnssckfwc.hnssckfwt.hnssckg.hnssckmdt.hnssckt.hnssck.apilibnssb.alibnssckfw.a/usr/include/nss3//usr/include/nss3/templates//usr/lib/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m32 -march=x86-64 -mtune=generic -mfpmath=sse -fasynchronous-unwind-tablescpioxz2i686-redhat-linux-gnuC source, ASCII textcurrent ar archive?7zXZ !#,L] b2u Q{Kpڰr]Lgq 33=~|sq?G\6xw*CpeR_q\x%V2|Êw*6Us%ǦT/, }3^DQ *-D1X5xM()5\j1(Y I36g:WiZQDu7D:Gs9n-yIpAd.SڬB Ys4ӝjżOطtqH5|# |[Ү+Y Jcbg=ڲ[t3m % Ҵ4Jv98(G6EDQES ;ogge쮎 z)jO$6V+f|bb>r~E:FS`ֻ* ^YgVv*' fD^`g^0D$SՐzPGl"ǺPc3۲̊{0_ ZM{뗨 |pġcԛl#*=e*EpUI=vv7nB¥6dإm:<}(4(U͇He6,JioFIDL5@Ϻƫ)ޮTE>2x[x$~ ɑ==y^NR[ٹɼ1z嶧8cهÑh8jY.Nk$#WOI# QZwl{k+vZ:DMP2`SQd)kTMƱRH|2C?=RqG@þ|NcdjakN0lV$P6%->&b6ճp3:26\Q~@V)I,ct,x\|׮}얊 z鮸# F m%Z,?s ;O8r#&\`OԻy{jLA`˨>cO;~Fb/-2xH/zeqą:j],z\S[$1l {8dAc-H-"ۓBN/bz ȯ)u⾸mL7s%_ʀg/=܉pNrf`S mom2'FF%ZU}@BX8zdb`LVmsҶ(Όx K(-^oy4ZYկtbekzXn^YÓE ]B)GE8u?)V$6iZKfp$6n/-duDEI`)'ُ3v+`gjP<)WN#^SXqÏt&G(EQ}S~y,iQN|C:e%$\ȼLᔶl`\&tB]\&b%y=9*Un.kmƈAx&{l(x_˖$ AQ~!t5?Nb 1ycOFx\VT{e1~2T!1''~Tbub+#Q95aֲ_^1H4j߫?aLSd 7%UX1~̷eS|Lp>ut}O(ȶL8 f*~HݱqXNDh$e푆_wK"+wY-OY '@bd,PP ^- F z>Q48Ğ{Qquj l٣b30 Q^w[1:R;Hʒ'g:m8=a33Aw0H&TIO>1ǍFLlAwi/"V5M4i}Mk i.BssI,#vzuͪbѢǼ p`IN923yuʲ3!:$UP`շv10\zw!A!v{XzR"6tT IqTH-HIHv_;-<*jSDp9 ]Mj!U'a4FC&oCzYpL8$pk{SހNԏ[k\OwRGAL/6G;;"5CiM}wpe=WTȎ}}wCV:%8F/!EI 0 `~,DDC|t49kp:Ђ M g \Y,(xkeIHUT>p`AQ̾/QPjAi (>Y*@Ls7 p {ǝ &r5\5 O৏u/Ջ\K2Z:V}L/F 7GR]w9Bu~@_;X Ì+OP%{sq%PH*y2="J26P"-FW! ,ynjXź_?_75c8UUqV!9N1\s~dh\*@҅Q_W4Rbܰw(U`9[ם8 a7^4 7+ޙIӌi1Aw@{`ymUl3V @nuO!l1ARf'ʔzpo z0I+搤1ySkH/T¦;q5pzs9lux0oغ6jrٵN)Ŋq"@Km`ܮ#DrtF.lJspqQV?w"`'["-jo=d vGcC& σ dɲ9AD\ v&WۮYJHfzTdXzxeԈIsX@P˞lUvnc{_12>޷pI?>FL1+v"/1ܙm4nEj]!s IÃ5o,M1\l>j=dL+MIƖD{?I32~3_j8[>z vFU3tG !$lmE; )XC4d>)ȉzAJ=Ti IEXHƦ%;xbT9&Ena!V薑RDG HWr,T]S] Y؂ %ĒVL8UׇdSm&zmLџe~IW[|) 4mlXH $11^ScŋhS>q="2:&V|87F~l?DY?ePͩJõ~=uQj&ȥo?8RSmsuUnh k{P|B݃o\)|.ϖۇCq׼;j7⻥'(Sx?JwJ CE#p=s)k]荛سCz ^WnS0>O<|zgVOYN3{v_a5ݟƙmal< y.}9wU0K$o+⼉ "A|Ӹy&#$l5*4%^xtܼ)2YOIb@ȿv%&c?xS9aiBu|Q/* j|ijӾP9w 7G?^۴W(o'uvgvo\@8ň~>edxHw.e"fPc>FbT6=)³kRcD{{K" =njS{&еr~E+z* K$v'^B+`Nǣ]tz =0m,U'8x.Ǎ`lgPғ!=M(t w1L AaEtvFSPNf,6?"`sC/~F-] _&̍ y#g ~h |_X0X"˖D#o0zu!pJRο4WAmľ뻬UȺr6s!<<͆QϐE0tW53#_1Ū:5dvqQF1Ԫ6S'ulag"ajC ?/5$xzH<&yB}~ӯSn:? 7ÉWF;er `5U9#Ŧ v` kzQc~vN]ZsO HU)L]%(8}Z2} V_F"y.>PZ!Y*SXW9G'>*-Oɹ31S}&{g2C3GM!ITX1ew&bܔykV(7XV{ם}RFEb_NVRdCh˦ .#滧p3 3u6KS0]1$l-Dd'}+Yd'.J MV`!IxgOq[8ue&jΰJg ?8bHC7l/꒎c)FmXSa%}:LDN6b+Y,$Sced})^鐽}-€Qպ҅7ۭ j̾x1yܩyRRHW0Dɗ(@)mf 7]V7lVҔ{:s@ s|t!j*' ’w8~y])m}"~a.;Y%,=[WUR)P ՃYlHH^#ڝ\!E'B+DIiLuKe3^l0 bw-KQso8@#?s?[̄ p)\?>6*O# —E*O4_n`ifVb8_Vj4Gb@0c.ҥ`#o*?86h60>md\#SHhO8b#jWǴ濵cxGRVr7O09TΙi>p8 8\{^U=aHnLޑ ME`4z7becj=GAQDMxr?d.!N[Ц7TW`Qgrj mV>M ەemlҬVR4ݣPZ0I+r5Y-xu*%!E(Mk ԉC` /rnwlO/`-_@X{,dGaƛQ]Pz*;wۦCu{P4Zo|XEV ş.ez2k4…)v z7 j!~QZNp3cb]mPc"cC,2 ;yyip"t 0>xK}Å9}Dݦb$v];P2~h-]|xř58&j4_jM;đ'Ђ@qߜ_@!&'Lu죘SID_!ͫp 2nds%( <=cG;W"LFErߐ 6ITX##E(tul[P0OFX&}rek\\LV&}V@b v{eCq92kβJ=1@c.A[1TEhLQ^!EZ#rp4Eji1SH*AUMVb$f>`$RC. '߳Q#$.8ϺĉK(ɡz&&* C[{baTE[ƪ{0?sZWsx /kLZe({o8%C|# !םv0 1i@#͙ \"R~*+09 )|g`vIBsfdΊE;::қ:^kOd%(9 OƪZtKEC欟nnN"]ݷ %8MHLh6hk6YކwΤ\Ox_3#|[{}fa.\L% 7 N4,"z6 T#) A#8b!s|w~&2 潷,pRX,\k&lҒy]nGbtD*:lI0iQg(e D+Wzcl mvq`"߉]Rۋ0cNA5xc,E1Cʉԥ;Ȝ 7E؂'C[:VЫ __2(5W-0OhX!:W /;/+$'=b+df(wd+I!{2~hI3Ѩ`GYGM+'( `$*4 Xc--oW xڸ;k5N_.AXeYs&dR0wDbCDZNkTO͒z/7y# D*C -ǺƇSЯ~orI[h/•/pX,㲸 `ڶ1&w$;fq&wn, +WK+d :~uAk5C0z~^:s)p7\ء<7LVAݓ5I`x`{MeӅ9jY]>rjyT6}aP{i7/ӡvFoHm7YK8Uqk8@ѽtd2Џc*A <.RԒa )PgW`74(5[`0vP*9<-D0˟2p2 .ߴJX, tQهUpL҃|-ȅ)(H]Fob+я*כʫ>'u#T/ 28P.g脲mdq:[40X$os6i &(LrAgGoAH8#A@S)RH#"RQ)a,8ꕤӤrb wSMxPsm/T6;:N羔QKCmb;sV=b[<`X~ ϭWY*%=CF֠~{3SVN1"P9Rn0T7?@PY3'We8 Lզydc['҂ 6qhwb.Zwv816MD||<:egïDچgEWsBd`7rrAԾd8Tmĥ&\fDIEpruI8N< oMjq͡Y-AuUamH;JQ&m"Gr%żd zUtɭ`j[&nhe뛊_͙|#OXOf~pQ_ÙUq&OAxUJӟh%|7./#2gS/~WV:8YkGm}EX{w.]W6bBZ4DzS*tΑx׊V2`dWzA `ԆVe㓐W.3#՝ZIysjB{ 6'Sgm" /„>4Ar QDdl#ʫ78N蹼>f#1ClE2'ca0#R"dSjIZ>vA1ΗEĮX˅GgMmZ"W7u-|cZaL빅&BQoÒYgl vҥpZb y7.jJ{"dY[<PVc\3%1޳~M,'t;A-LjᇤJIk<IX#)fjt3qhjtElb{yȆ/FIAvֲb -4ah~hC$*ʨW|)o jOvA{^.U!7KHZ;yc:1$lPv٣)td>oc0,0Jo2l{TlYvr/l]Qx,eB;8t7Ѯx%7&B!EEٓ ABҢ繟.̇h̋O1rL=o~*9@q{5mhZ%?bxbQ5Y3毶UEjAFO9$ps?фMz60:@y6IkW.ސ ] Ƶ6CzXr :G4CK|Os>Uٙٳ YI6JgQvŇ;u_nvfL;/lo}gYjk:,)i_}OEW>xhˎ?$ɔK:Zjڬ؜4__~J-fb LXQ'me6A/ Fyg=Ehw PPi` I{Ps*0BЏKjͬKC!"YCdרs76u2bt;[<v|>MR_ֿ >[2|UO1·b!wX1 =w!vvbaOľ!% =tSFP0#^zF;ӣY2珠\Y8HʖII-y*9G2%(`~\UMW4Gh7*.ˏ,zFZK`l9lzļ%hjb5ͧͩ1w5r2Hs?fjqPܥF.G ~Tjo#oWN>eRԒ( ؁.yy>b5 P}T%%P`R jp]в/Ni*KLPz p^X0;?d0x6jK~Og̖%{Ys'ʞadg/dCTU*=PJ(<:/ Z#P)My0p< rzJ(S%ZhAPZe".6vU3|GP ?TM,"hr×aY@i3JEty"ˀ%GQ߅S ai##gD{~a2|kѣ+σR1CijdcA@?mXsɉ~6јPjF$f%l^~ FV7B zȍ3aKuQ;csu[nGJATGڙ&џxDtn߬* @Xߖ+5Xb^V뵕 'T& A> JG#pA>fкt !aPcEJEvpT 9`;j림]zڍ'LZ0@ʲIq,~&gQed]q?'W2 Fy~ K(8 x Slbc d xKvФ]D4꯬":6_fCx|_zdk٦@;ъZWԎd""~yBg49͌dw:,CiHrhsJ8 )6xRƗ/ i.!Eg;FJ[UlȔ"+de5U>۸<7pBq[`O qjmڭa#P`K2]f9ۯWӍ$2}./ [|1c2S8uDƞUo]oTSӷ)z4>vM5D3W V%= O1YJg|..ͦ- R%ij+y|hzç.+cNlWLɃ!D_ph_=ͲY3M5 h5癝䳦lށ2~ʏ;kcb6&LK[23auE7;vk~zW%_ܱxel=l LPN\V=V}dU 0v2Fvbx1RLiDeKvbu6Nr*X"%];g4#}ErN7b*^''pϑFO@i^5z?0pj= K8Үd VXoՈfn n)}p>9lujƧ!]RTr u|n]XW cS'deI X)j$K֮uSÚVLHRl)c=?`:JC ,L)Mm~z~yve 7¬0$b7lYy2u]NM5tB&Xǃlr>U6ڱf<^r]sӛ 7gxYb0)8Ŗ.`XTRt>䊱yBȲ΁ǽ2)qLS03hIX#Py FJrm(#PF8"0ny%Dri,Պ$c?3eb\7MSn2Vq[`x>"~5ϑߓӨ߆8eiF2BElZ9Ѵr:z»@g߂sA|Wr+>48 i_KmM3Ux<,=WgR7u g7t0AEf{L$!:/.swSfInqL/0ۂ57RpRu@l}803V^x7IZ1Zx%cAHiò,^6#H.Wp)QHXu:TAD":\]]LЃ\z M@ 5j4 %9Mض#0ҌBXN>8Y¹uvX_ v7rg`y*WHB1,Q~ oi΀Ɗ zβ@Fʞ_)z_>Jȡg/`nnk:lK[h> !/޺{[Ge-ܮS%H>co:6L8]T&O5U[r@gƁ |gg靧J l m܃er<)S{y[81ĽoF%0ŮZ: ah>n9vcJ=EYh<ТD"ovFצ+{BVlnr1j oxfl_IhS0TJM N_!p--9I@^OS 0"cؗRW5$y/ K,5.ɴE5D"3|SQ21CZ#1A? Rўv"bEqX]v N|hrm) h8V!4Xw#s `#a^]⼿XoArCt6Z6?^>~B0ZMT=jalR`0gC_G$ՑFp@+2,dy7g`yVqyhLl}v=Ќ$UEu[6GL=d :x$b1v="k}Rwm3I _I-2YLa @Ȩ7۹G+ 9({(ǶG]')81R8yRRue{0taF>1d)j`crRv?lg0S?k+yfI]_g4T\^r 3(< ̒QJ#hj3KZ1)."61)}Jlq?c5puC3mj;4 HlTXZ0.&p}&[IXrpH~}.eq1z>x#{Iuv-ѮCm , iwj{-IǪ3B Mo@aE&kT`l?4]馄`D08-Kf rHtNQf].\$LjZۺ%|Zk$ =$S9Ne>a-N| v6YVm71 OkKE ?Ah]zlɴ`5FQEx ˡFjI>s8n']Z9miK/ _`f}/z?3 FT9@{>t@]~ ˷0<*CXwd+KX)- mR+*XVkgӝn^%x0\0B|,O@y\5Xh p/$A昨0!5jq K㼥M2ӬFh#:+DS=`yHZw 77Xj]CҶ+JHۆ|*(xiZ?夹!v&-UD&}ESSkfgbRS2$n5=g\Yáv͈.[A o=txVhe:eH/6>ZϹoG3S}Y_7NMbYE^- T8+hNOof"P)}pjtwPYAՍcr=e7y 4|MiCX]MX`Dc QhvuhjphHxXԏojnC<#8W밾=oN@* 5<uD6.56߽Ew:u5v~<^0֣^d ZveJ ϒ45J[Sڑ? 64.cj'_Oi(?,vínA|AYXϊ0sn뿬+*xВ5)m|M"e+kvS?J5J2dyNQ{xCyXObL˙;hL0 H-Uԧ3_G)V~KIi>m;ʮJ*C6pk)B5[ѻVL̍6u,=r"r`©kC|en(DEs(##Q%=1)$$ԯxbI[uuJS\K1bYc㵽CgB{MAVBSCJ"ecԦ8wkv** ɵ`J8ohFO*ĽO^*zQÈQR$nsL _"aX#7a°7dH*3&SgPڪxW8e3MqFQ=YG6;?Jas0&NaEa!(,;v=u?EE]@gvŁ 81@d=R?Q/O7E] Xʏoj3- F`oj_VxQ!_z.pJQ;T.0IA{)0V'`BL}~ovr) n*Wן*)Spq,4EѢGPcQ=ˆ{hi08{Hd)Z56ѿ۠t,j+E@XkFvhp{ HX44?pӥݰlT-h-u ~'ˋ'%KWMCHd63`|>g4[<ِ_VN蝲.@\oc?t;D&:H~T-8K BϏ^sրaN-Q=Cbpzqa>Beuh+ Oʧy0&GY hq86^IIС 7~ihXtT!3osn-r\6tup\|jS@]o&a3\-ھBGl+jc+nᶌ]%0EU҉)0Czӹhtg],?F'g >pfrmW83S~ =Th7AǦ$%v3w^[ bAu)~B^ oKn7nиOZbyhiМ\q.dڎ-iWےd) 2UjI 9Xgِ!IMc?1A 2뵀}GհnODA}S1?j-6iIXB*^dC8b,gYf=bAE8AP[2:5 e&ˤoS_(geEE+";`-pTKN5eV ^@"½Eh{w٢uu- T-U jA2@|($j*4?%37^OhLHE@fE$9lԗ=EC7G}0DoP87̦gC^#2ٸ?$u~hg]$ݞO?h!ʪOJA!+qf,MOM<ӞW @Q]T~KL! Ĉ1`ANޯK :CrkS G֞2EruSsSF}.7^t0GhiBzCm(A FCB=ܕT _RAv9ׯ®0qڃoyguM{8d'9]u-=ۏ0|ȒYn|F\z|5 =J&"_%_+Wn}=Y!I?2<h7LRy1EbX)V_"L/Zu $p#][xG=8to}Op+% `iH0OB30{6I\m/w,CǗ4 \?IQ=' 4n* ٫, Rй_+ƟgIk]uH){Ӱ7gwHr8ou` 6DbbAQأp/6Tػ Dݱ䛉>즈\]`JWR1f-0l] f#[HD;RZC/tT3O_qnW iMsÜy,~ wx\P(4/%ŤȦ)u;ʦ-Ul/757iqnSxlfI5]Jt殷Q :ϥC[ܳmy%Y' /ineaO o^GZHd[&9B |D&m ήuoTp?:`,]f|J 0s 1y+k vCFI3|孥y⟥)ҫRy$#WV{DžZ@jE#i5̚4WGh'J/!^+s6rjJpxW9Pwkyfp-֋J'8Sؔj{ ] f/BE:<~m0X6y{>n ;Y[XKD5N>1^Ob>rPJ&ƵOqMӶ\xRyJz36'#0cxrb$BfHPO 9`u*\AmꪯQ\dh0R} qb{*-4[K#~cTWWʃ9ܭTў-}w#kt>XJSHB:orH:cCS0s@I틛w,4iYUNܯH:^nJ.`Rfna[WĦh|#@Plw׭CLcQZ6]; 3;B#[h't4ӈmܡ<T矈M|B89;Jx] X]>/suj] Fu0N"[W-`@X>ap#ԆlILd'}Z ˋo/ӝM LJB檍iv+1i{:=yHP{D>.l>ocVǓl'uE ilf@>]3p+M2Sj/&tc6yؓ|`AK \h46 @uofdd~MG1`V\tV=8ȑ"u dCCǂrR"/!x#sevnQd'@" Ix[@K2NBIΛy ]e^b D8ݓ]SShRkn$%!$;Q VQVf5]2;})jzIk o>Q^=͎\87H'T7J|z*DvN;m3e!qUn39v6+3+4?v ] p  e{2~?;2ϕ:q4>.0̫ Ԛ$ KC s]lZZ67Pg(d0v ]V *&ln ihZ18Â9&!N\}6O,7M.,9Vc(JP" :) 5]ϱLטԉ3<6G`Y!R'm6w.s\;-ĸ˹x~ÿ7kȡV]RvEf,/ݛ!7N9/wK`}݃bDu_cU0C4=kTD-(pZN-+xVoh!7d,p|E3+"(,/˴{M4o Co5G~ٶ5:Yqt&>;+Ui TG.R=7 oǰd&оx ȻmZd2H1v$Վ܆g <揂a΅D҃(ŖYT\dPjYw-߹ X6QX1+QWR}C٨6([Gv}cuM*ɘPGʣ4 f(4Eլ ,qN8VS5>0C%ꛒ}3̰XvzvZ3.Cx &.fy1S^ {즋rF*l16S 9TB}D3dădZKTeG: #8v?h q r&]@?!p6?Fb>Q[Kf} 4Rʀ !>3A+0Ne1H.rL- avP-f?RQ pǟzs}%*jiwkfޢWx$НW׻wJ0UB Yi^agM>6 W~•O8&tK(2 [׬An zdjc-yG p\p#PϱVZ+r BXWk nac+YmZqX64..$nrbj&'=*Y͆\䲹 uBszEsQEDH+I_Ƥ626>G+ȡ$5[1.7F3? J$=YNETQ2dQ:E 1JŰ=2ᔓO#1/ ſd}E@Lx6̊ztW0I =@J‚iMDKA^;AdƦ4"sp82%*Vx5!mRU?77n>vFCTp@:oXNi% l/kvm^j1v:0$k]xZB*$uƶ=ZF&'m+cb򋼘=%S[zl1Iߥ]ztD])plE! xr/,'թrgs)5r͂x԰mWMLxxٟIA>v2:Ӿ~dOG!A[a ~o x3FT)ЎuJuR(.j<_vr*6A 3mJ_8X{fz Ӈؙ~ɫ篃}u |X5x2ikY`07E¡C%SA cG&M9 ʡ;W:\CI9R"6Y$˲c pOc^Ied P':bd gH`d |H9ç+'^c3 S0v0RʔÛ"-Ż&1菼L'!R770xdCMMDyKzr9~T\6ajdmL'>])41kB+Gʿ¸Ȉp^6^o\ʧQ4Y( RƗY)z%yԥh|'U#"8yjzg49ml#+.v>٪SvltT&Nm~q8R=lZ\?vtE `o 5!<(YEh١@E}\89TW}'j5#̛<&9 kDq^Uځ3:(;>Uc}:}9R*Db%^ԕ\>(UV0< J b0Sӽ9:^3W#S,rdpj,uEWaS{)i]}A(3ո2Unޚ2JB~Sl\VN qi#%ۃb7I zcQ?]Eg*i/nO"Vb4u;A! jbCL^oy8O'spKq"#yA=+}5SǸDb@8tA?aG;`g{]k+&Όc'|Li閇Ǜ mԠK's-(9>qp 7U=Zˍ +9t^Ji|gms92gyW6 SV[V뭚ф13mitRq {M?M?t2z2xҟ9ߖQorl &CJ+GZj 3%P?>;Ȍm5mXR)صvȘ/a@}V#rhU(as10P1mBT$ߏI)'f\iltkV6%V|JtܒF&i}'ٮ\E)=J]sQgzjPHUJ IN64=jh5S^' R=዁ fd+2y|AѼ<Ī~;Ol@]`6kYێӚ,m>"=qW]jtoB%%<_U7$Prma"bI7'u RC觃NZEt)}78 ĻMh+ ?'ᢻqqH]cJk}ÔCw23÷-`g"f F \Ntab\NCv=bˁ)A7+A8:_dB-WwjFL_ lA(~esʱ*Qk=Nϔ%A+S#hl.уw9i(Yt>=UTuq랠e<2Pn<ۙa,mtH<(\TN,\;QF / [%='( [`^T hKgJSI*w8tĩoL#V%Xɒ^N3HA>Ӳyy kDp"NѪjqWN7cA*@v3рKk }+;ܦeҀw=QR`;,oe>%"8|Pe2o6C@?5qC:W udd?dtkGF|).%#?2jF^] V~.fxFJ/p콛O*TwOy:Ӳ>%5a&[B{Wg%Xt){G"X= E=i PYD-טA3IyQQš2=C{PgЅM,MF̒S*X gr:Qn}쨝*v:rKheѷ2R 33[jLR9j#uR5lz7C8e-$H2pya$nvghʾ*{yE7J41DkIer֞R UFc͵5s׋N5mL9,=]|ѭe7$;9>o 0u`2O`wg$Cy#i5y;XԌKݨt/ (Qk;.Q#ѯ}L\KQJD&/hCL# GT}W,Jq3J.9u Y?,󎼻5 6;k o6/6Ie]ܫ#X5KK_-?%?C:HRn)K VEdݻVLVYRHdԻ#)6 ^s^yM8P 4RV0SJn9s86 9̴y// D`{! (^JXNY}ФxIwu,"Ey~yᝢb|ΤyvbC_(!XH;<c[(a)ge"$c:z5 xj6t]bnĖdX $SQ7SGv}_Lo-ɍP'gLon{̻TEHQwݾo ;AH<FouY-"AehY(ʤv@8SK,ƹJ_+.K,^h0O^y-H%8-U0D&!TyXVޢ4#^Ś.!'P^݈,+~0Q5>/꺣# Q ~V |{;G6rԃ e\v}g(T/?^BHmT𡌘N{HIvO[T1.f* U?|FRDva*LVAZ!@R8̪ fZz ]j ۍk ;ـ~ۋI8L-6k><(,c1On,<ʥ1lqlh8t "Ɔ݇#ꇝžmԼդ+AsryșqU~5mfSO

kAhjX_K.Mԧ̦L)=,K-o+~,3+K_&nIJ'.QtP }1DskvXNXVn=FyQu]`R\V W99J0VEgӖ-Z:\X+T ?eM槀.IR,0Kzd,MHA%Z'\T&|')F*ɞ聤\l,cX氮δ+ܺ$# v,R#}o=IP,: &xda2O3ؼ!O$%^NC{^<@aq]mJmHWfC60oKͅi¬\΢xy92m%,ocb+Xwo4}gMXuX]C&2a1S'U7K*y2½*$10+x{x5ѓ_)Xӎ]=vϙpU~1Vؓ[K.@#e!ms3Ӹ`A,pbHu)*i QIG Zq <|ц1w=UCe P]ad>+=zODP8c.Adzb}T0ȕP833V$ 2bW x!xιPa34R)ޕh(J0%ShTC)(m$w2e&8 4˔srWU=8BlGr0eV,D6w2̧&(aa\ +\.y#.mʮ`9X#GBADçq>od@˷o%ܞwb qv܊)6݅ ^~AkvPs@h9bWlfB( aI/Rlok(>?p(EҬ~*K#]5ڝ7' rvLgFi6I"{ײ0'(`@̾p#h$>EΛ^LKeᶊ$kl4*y۴ΰwTvuyF:w UiO\yv6wiF9epT*URhRe*+<)ycG-dP"RawHud5RۚcG@ﲟe9(O?PL<"\+;-WkǼ> "KcYrzDQ+Z;wWUbFIbriy<ɻ;zfSV 163O>DK1w7 S4G c/s2ei&O[G~K4W,oQOqaBǒ 1c1RJ&n-wooĽJYɤ!C.[ʟ*a[ѕwK<J,2}]EZs$ ogp?+!] l;+Scco-rQ3iVPE@V3 !faVtbcnPrH"ϼ_: (ojr<٣MNZ5 傺GZl~ukÐ^13 ~mpFb7t-3[9(.ܮRNBG3 ̥?u{ϐQo ^e U|Og%Q]o _ VhLr'KΙK迻eEH}HS>k!aԗ㹚Ħ).wy/d⬚B Den- XBS2N bOѿ%L3O?gG B*GG's^:?B4ˁ_ bw[Mۖ^ ݦj;,|6?I=?9R."p˓ oP3CkLuMW $ 'wR˳ސ.ʗTh5Ϩ+"*"q[†9QЯb(zvr MMʝ!d K aMNE29Q(?$!?A]B&5r9ҟtiǚA8,~u_cE:BNC;'pA XJ=[Ldwĉ0j,VSަW}k#GxùZ cP @ڲ/#T({m}IT^4[/yc^mI,۠,ATQI1&0qV Xq(`M$*qP6nn V#n=?7ґ /I14Z3V*݁ zkPX~[wC9Ǡn MIe9,{2/aC+'R.: &9RџŖLϻR.O8Vg6 ]=e3- i0&nUZ;㦺ל.4XkK  Ofe8پ2rҖg_[(uYVP.#ա7w^WU/zGH j )}iC21u'NV-Ϩ"ҕnQvSӀSQsβ SFjl\!գX8KKNf-nD3kXxu%BR;' (ln8nfANBn;++28S@W 6[`eH`6(CF( `|g^Rs#(X1/:kjUɞ߂3a6wS0ZekT)5 -\Df WH#e1ZWO \=v8}CP/yVQ{:, zil 6""SQqv~Բ\= @]^irXR|e6iq=Y&Ng|Zp9 (Z֢A,CwPzh jqCWK^ѥYo6a2M&xqgz惯5V>0}7n'8>ھ:DȷMJ x iiB&|7wҏ?ٖD%C_k8i-Xyha&NVa"zS쎫չ,G[8N'Kv9 5KGϪ@0Q{j_6",^#GV1%bV.L0,8jJ%N# GlԠ%}d#[ȹNuGx;BmP9B|pP9,m(s`ù~CXϢgqfl컻95(-\wwrL6qpC(ܴܫ#@"4ďƫB>9M뽚SUAR)9&= 9(d\Nz7oNˢdgg^9r9 ?#5mI \=>^A's^> I6$מ9`We 6cDf nPq/1e&/4 UR5~m?լۚnl pb|` A*knFrmkc5dû[>⨃hV3lK̕]#]couy&PX7obӤ";|Ea>o_Hv f~5eC*w?u`їzRgVTw bKzy-f9m5HBHOm|Q7%2C:ļ›:<{ѱ~$* ?Kv H@B/7@v^FQ . -G03 AjwA]^rwJGilq P {qP˅x -6ⓜ!a؟¡8 @j)3 nMK/zL}>zjK\DvdZfP~ +"|XDPrpϟb͠#$~h@[P}4_5(aa&$V׃[_Ji9BIJxc7!V/Inx%:11x(kYP~2Pj" `c7AFj/-g X&n8O󯐜RŰbpxdn0iCΰ+\Av3MLU zaå|0Zj1?,62hX6a\Cpr5C챠mMij(j֚ Dq⢜d%QVXFRh ȜòMJ)&Wo@jp}58thL8+II2)+JnCLx ݜKc*_wxR_sDL(R5,۲]UT-7d2'i k&[?=4UOoF_^ pɢչR%cb<2u]֊Nڲ dmgRW"vUcptTRj ,ڲX{ P& #r^џ:32op\nGlGgoyp\j&knu`|K*( 44֕i+9jq +Ea~lƴ x(R]A׿GA[be3HuCIdo1簇xQ3±U5 c8cFD3Yl M$ ڕW/4eymGҐH`vOӷ\z%äã64A784+@Y1|)tՁc 2O|UZJF(l:8jmLO|@-CE1)qrQ/D=$ȭ׬o}x0  J3_^s~Ů( U6_jJsgl₉ >4sgu7mWqp#S=>7狝w#`l=^vJ \n94m K CII[!.EҲ3'̔t_~C+@{Qv9xdL]2(IHmPa6 &MMYU[?`t4Lh_y@a찕u٠/]rt}ʅGzU5)C2z7[֤fg+ AZ3ĻQ |AKhu! gGũ}o.֋G-٘7tV=c\>3]/gE*xJDןdP,h~-u#HRp$70W} ƲD CBNly<2Sݰb9`԰˓~,Do~=|0`R'jk0џE8 ~8䜞}g+?ܑazZ E ކAG .TR?ϔ!Z^R[?@d4oŗlqE"pwT}5M؈ޗ n^ɿp\BȚ 9~O[o/ka5pU0 $ {YYǿ,">8Xk[vS`f6N BѫiQ]h}d E;o?Q*/~2 &g51" u#$bm`A<#4:p6Bg9J?yC[9?r?(|DpaaP4J Mۚ76֒yY4ZMXlC`x3dMRd痩{{t^XjwzYk1 ܴ2Jγ]Y@g e3*\c X BtQF! l{c *=GP-4KdNuu<_ܻX2ݺnp ?L7H]`. v'n*^b[ݺjn!V:M60>=?>.W&u (#Dˆ-*-Sp#LϜЫ!h#Y= (ʯ|YKn foܚzD$C3W=|a3{J*\mEu4xnƓRkk(S<шS?nCH3Fy rA_dnbdv\)~?\:7Gpa[luYX9W0nvF O=Vko"t'}xM:Bg;;rrisX!,=7$v?,OeuL!&=.x5.ዋ ,#om_ ?'*SD&)z4uLp"Jwuޱoq|q31͜U#ss:-s1ZĄ^~c ͜letn%.[#f=@f1K+f"@vC( Eī礼Fجc' 9^*J%g%|U w> D'Ys 幒&cӱ|R.{}sIm)M(%RXT~Zy[,WюF7sE0;ʿYH!;PWE$D#dasǏs b^Y\W2_@!Er|ڀYd ctޮO*yV"u;$+.ej\wd5gIFߩ.bQ&Ζ\QѵCN}a_ZIߪ7~,i[eX|皤!GLє`k͠8IolEYYLݯ5,aeQgPEV=p-]?{>Z*[i9|&|" e1T ~lwU2i~DST! :3}%Sn|Wx4 nt$Ǔe*3YsQpץ'HLʜm\"7)m cj_D W4 3-5Gq)kKHx3>^?e .!CK>%I9Bn[K~ 2Ȍ?F#o:9E͑%W^uq%@@^B?[K!W@ .a<@t=hZ;QCjGZ2irYbL-9>`6=H Ȕ]rT0!_Um`Ru, @ogp3 o s<"=FV6D>tVmX/m{aM76_ԷԄ?B;{ wMWt}]ħ\&}%&,/6-T Ļ#Sh䛺:Hz<̄^|A 8d{ $ Xni r6+b7Nb ^3ɭ~+WeW{#l~7Đ5C{m(fއ Pks`?h1 =X?!p\&tq aZoiYG_b\<\s!7̾ g抔G_WcTpba>=KݚVOzv=aH B:?ӕ]_'ƣC;ԋ3AbF #_S0gOB`ff@H*!֨%y%ʦ@Qj8VQ0[bNҏlR,>wS+ra,< k TAuH]?T.^|>&'m,!?gk!T5Q;`/#}(Jȹb/!'3G@z(EcNNZ ܝ^rhS;j+vө[=U7{:WOh c7hwiI\x|U6 :R^e~I?hѵ*wMv@ xbAnDܡ-?}:$hSYaAr', ֤v9Xmbd+ʞ w JnK35.jhE!eiW Ryb3zc- "FPp`k6o:'9fm0>lzONF$K!A"r pOqu!)b!A)T:H1)?qlzgdu9R2 "6$uvi`"$p>K+Wkǘ.xT!B/,O :?5:r~DThUK ]F1HV4S/75E+o|}ǶOfk<>$bmJљc PÉ~Ft{Kk΋X  uI.+ċodz QZZE> 7q,\n %Նϩ) 4s4W+?!)#"G6ov'2?w UC} exllWn̺^LoHi>y=:E*f̵3Rw Sz0=m֒r{ UHDj.bGQˏ]HD]t,Gla뙟< Msh 8/ćza a> :3hGg>SM{؊^t$u:|LBJ %i1A`x?cy~%4 ?$ GAJ I|gh#~^z|.)MCnr.-lY2eap,8hX ~Vbg "=M2Vk%`<3"a{s"<=DmݤT%OrKH%3^ D> ,Y0k93+2"G0[' 5wsH'5 cZϕ yjrk#1eAW-ք[Ln*yUab'׆ʎ_);vt(mi/$s ;oƨ8@0\p1+!J3 ,g$[&NBؤvEs hv""Eko3l;ar|.v!cv?Q2 AU7E&xUj{>:;Ko>HBgz(zS $R`nvddDyxN>*9t̬dIjI_󐐊g-_5-a5Ab|/l;vvY,,Nŗs/s7+T=Ss,j@bAʹUnsE#/^/w`1:s/s0"ͺE"+8,7Ԅo. jIP{)T6S[9]V bc>s5,nfX_QtlK saB' Ŝ(/;-`}Xـ TȯbFݕ 4.]SotⲰiUɌ;[֣9+Z(Q {HJxFE@Pæt@#>#Q`,ŤG_::!%9 Δer]ǓXW7u, 36b%v8;Cw\"Esux3l`ݎ衈 ;;&; .]@@u{|1hő2i>I[{*cm! !PYSЕD)#Bl8쫖"@K]mw\CR= Kߓ3T2h >> s#Ơ}'Ej2K9FNy_V{7|̓?fFrIqLB#^zpua b< `h/%>^c{NXp$L쇼cC)G-9"]`E&$$mKm߁JEV$dbFkm[AA4Q;_Zv&y 8xlk4@GC߯(嫭-_a2 ;`sa; =Ov-c8Zeυ^w*V;تhŅГB1#˥!kgc_~#ǴcHv=۷^DQ[ǫQ lk@U}m O-QeFmvokL5Iߦ6Н XY@KCJcA(5]nr}|Ac"hC7X:hj0Cܲ?@;>7cAHQL#t -9{4LѾ>lmkBkmB55 8z=/Loʟg /.%7u_wۢ7$ Z;֞*젟ܽnf"cפ r3sjM8(na/m٪h:*VIie1hRP MIZ9 Y9^f$,ոѓ$Mb;)`w[Md鰤ϭx08!@X-C`e)%jZOtdc=,W4ʑ;q4c2T5%T-<;PLES؏ڿQ2+ Pk#Vgv6.jVq٥RB 0fNs%.Z i!* ù$/yrWN m|_;IR1e +>j%J;fzvB6`Z!x^82Ny12 c7l+ i,ۺpR yay*B~M+=iڠD*d,劖g:S?[r sǘX J<揭׉h*ǫF'KCDl8@H,.ى9`}&,Q[H_K!H.'_G"icY-cǁS\nPD{~y᠄M]_(BnuF6_z: XQ/G!BdN2lgHߵdJS)MPȀ[(՟o˧4YWz[c*Ŕ AՀ5a[U9$ G8%*wk`O[J΄q0+jrw1PU|~2djF3 fW\C^fd 'Dq }XliP/S`,u1<Ɣ' iNU!EZG>-8'"<m1_V^2šS[4D+tsFϣFabL^d2/bY׿px?w9:+EզsF53<"VF `ڱ:s0ByQazr;.JM_m}Ht%*NBZ+~kznbo^7O3M&hJ93 $l?eJ*2NAF͡UXv|B7s{W c;38Yެ!,yNx7C 4C>^MRLn{k؃HA.Ao%5ޚFپ*5z0mAڗK sş6*G89Ñ{ tឩaF.7VBMEu#~{^M,YW0]&cV]uaOZZK982;trN=dV=ʸN]ـ4ő>1Iz~Dz1t<2guMR|O BoZofB tkP t6SjΧMiQAۆh=\H#-՗.B7I99YJѣaVҝK;z^'tX<+DO>.LYq"=[':ɸM_qn( 17,juH'B_1(У(C/p_ vk;1J0/t/UMTL& ,e1 /M <> %2gQ6$rP|όzCHԷ_9%*C\i:EWZ j^dqo3J Sy/8rЊoHa'nv?3|s7#(rB#/3>KYA` ԟ@6ux O/2F=RV gGStZ Eyt@YR-h}c9C}B5 @VLYxio~.ߩRw؆G /i6= XoIs)b8.ҫ,p/7aKP#Oigǃ˵⧒.(˭6"jx[LYha+*p3ZדTP7`=)=&z;Jܳ c}AdB9‹rgl@E,4GC`nz!8_zqy5f9UVnk䘅2?Q}S0dBKg͌h4hD fc#'z+ j#s=g sw "z(F 4K:/,\kW9[Tƕ9IVmJԎsNۼKѩӝwD]IH^@jK֙*Sęy/?)!ehR sYT$g6K3WIYùg1Z.i8,מvh h7S&śڙ(ZdٿڧW،.FN&8ކ챥aEpkuuWCn,Kh;sllI>> #\S ݺ{lq I+X5hy ZP :hݿlY y&zHql7NnQv,٪¹.]\`q/HߌXbįZbtZ_A`l?lj4a)% ``9rt؁r3kr1%38q$5",U~a" I9ZxV[…s<]p π'uUցi |]Zug]X"I$.vYSiŽ]O rZ3=Z2&.?zF=1'=ZYnvvi{J"[FUvuX!mj!%vBm #mB=db¸ jSGCU qz 1c`S{3T}ڋ_c t1Tb_†o}V~\"O9׋: ܈KJc}GGx"TNf@߳roe/鿘`b*nXe)F~aEKI|aW6/T%?-3#Bj)L繱 1~okΠOaNLN^ 1lF -`E=?{3y^{bfV,AKG\u9K 2ʠ?DղqPSr-.O\&K_>Rm4@jurEYf'&<نSɓ4`| =ѣSO'e̪Y'94gGssTuѿ\t}Jӷ5t,+F!T`>Y皐):&Syv pT,qx(7 Z\̅t!\}>0OeqBM_)^[F7-Ḷ Y*<}#dڡyOO p-m"v L8POUU(@3MlI뜪J O,txdId6kՙBrg_ٯ~#/&Ny8dk%^΢N3?}{˜D^1WvJzSt<%12O~Drv~֭lL#$Ǣavm@HL/?Tƪ _kOX&*]QԻGrbҤq-y`Z f|GjI?ӗʜW+..d]`#Kz9}9Y^" * P:QJɶcHaUF!+%1 w)^@^vO[X^uNZf'9w\^,L@Pf4c=?0i?cJ OT(Ue&YLF1 "BR^SEJ;+xA~[ Z-Fz&]iY,A%'5QgFBV R8+xU4HX9Izq`2S̝k@:Th4lZI0JfHU'@F am`=vhGZsk ;^ _dpD@8 3ơCB=z`8V5ŲEieo}!$j-b7޴oWDT5O*H(D4ExX"0fRsDK-9$G=r~v*pJX J=y" C@ cƫS-r7խ/ѾL_j@C_%OpKvnA@`%q!fi=[!AjYtN|G*7okbJAo vdpgjN*lŪwi66r+%'~{~S\tD-pD0TG2bU<(Ap''>Yj*j NrU]B]yoE[2C u`2Mm赎ܪ_K\.vj*vL0Ds[MdreJ:*O.BܶSs O B ~CĂ|KcU?8|bCNW@3P_sHԞdBĵC8 ӌ|>DqV>D$˜>%$vOGq4k&ɯ S@}t#, b`d::Gb}?x,"ŌUuO[ y_CXT`uuT-LKFlRO)0]NXU-CHuSe;'yvGX",|?-.( 9x5<Ȉ%NG`PEf ?._d 0\*OE5yfJ+oȶbsi:8FLW^*uoVFh|·KiœUE4Vc7mq%T:5BVnQ_em%v̧uHXBua’v?R[`T"wM[#rqG݁xo xD+zo?Ol&Wחjz0C.8̼gyo|O6'3Mxfٱ: GqS8:.p;,y] 21F3\W0^kܿdeH PA _. ݬެYUHu?O<. 7;*3k{x—˅K| (p%ݯՑ1ӗ{4q*ڮLm sc%,Q|Ed;&k pMS>aٟ)Tw[7=…t08yhu%FKn@وlD0q6a\n,ɮ~7=XlxM=Qbac͡ {W\;ܜXԲ':Φ;ϵO]4=\j:ҖqjDhf`Vg8-[3gőqU+OQ:3tvp|ɑ&Ñy1)ꌑl]#rHY4%zmn)6q t²iؐ9'[9hv Sv7gf@!T {S;B S#rJ8={1lS\_U"}Mlebhp~0B8(2?4Z4 S^txrMx.h߲=kzM7d5uifp˰,ECEy-h 6gX,@e!Y"MrBS ~9  xʠniOh+T<ؒv{Q2chEZ-s$݁QN>Ӹsws ܍w82#ArBKTw/>@ r[`L @/DS/>I/R^tw8i<&D]SE|S1 )v ?NS_ya(F=8Oϝ2kzp*mGvwY)ьV~T8#mZD 6 }.OM֋Z5@bqbe đdXtN˻EeaosR4k`Ma{Xל~RB J0#8Xj%hŅ/͟ & ll,"9ngu4MV ;]8\rw$juy LA'0̕R PORQrs~92Q(MQ'J-wyV< 9=*jcʯ]Oij/?񼤁@&]rn.-TpsseY&( (>G3\Lށ0~L+wWvs+a[ݧ)#mAJYF?]{>j8~o) ̗LDY$IbJcx=XMV S# 9=xȡF/i66/n# g|Qno!iu>R,5% ً[1p })} 2 ?)aWjLjpz̓m$GX~`@,C,|/3t? Z ( P$(khuOҩ*W)~Ώ=4 Ƚ= *7 'M5F(FO#q資(&K#M;mQ%1@UD6NdM\ MX=KsTPf3 H=:Ӡդ',3 97P|pjq !Gl i[\5qS+g긆(7v2]-tT d secޕMԽlDlK*ܞe-0g?9!o3\}d#HJ@)K_~t9b8h_>6}Pf`Xc. ,,$}[qw*(?8YMgzztZLOAR{H3 ܨg2qx<TÅ= E/a'_jNz'z0>w`ȫ8 \&l_Vbhb-%X/А1JLzEb6Dۑ~lXjw];#}k}./ZEhdv_ I[yt.%D]ՙ}eBW%x;qMH3;_6;gؒPW-+IA1>3~~4Xnj+ hOFr$C|-eH{|>j.fJNDTv"K|DwXz/͓Dc|:@JMμAFE]쟆"OT  9/nZl ^`#2=ӑQo6TlM-39׍TX4ad3"zO2:+QڴFiR?֛"jwZMV*Dݕa^bighEy,otO{G.[L}i^0c XS$1kq=y=q1.,ȕ+|a _A%l2ͬI (ňJvT Ꞿ3]%:@GƲҖTMRhuy%x/&jP]5k#XDjƤ3wDz \)8 ycP#F/- d>l@MԼ\Uze^Y 8la~.y=jq";{nn2Uw%d-W.ʼnC72:2)ϲU=/=g,  ڗ 3-wÎ֥w2d Z-R?;P T3%6﬿.BzNno"'&ϛB<*fSG" 迄&,ȡܳ".l ?EM^u~rF  E3^,2z&n2Ŧ0hF G=b<|l['Epox|]D_mB_*.*Pq @-J:QѿfBOO(SBVqV$1/ƞH&SjB+4rK Q}e,)m<3K 0!'R˜Q猨'@ٹ<+.~~R9!߶d<ɨJMh`<}G@(#Eo .R&p]QgJ9:SyW<-o]Sd 0Xq7(T-'VELUXJ& )[A(o YEdoAAԹ$?) ݓhYt-Ik 1OT%S DNb;OS'v*zc;QiVnWIxx8s%R ų `EMIw6 lyaHyk(jٺ r+nN =8OxP q0}#mO,=M ϔ_xI 'U-::~p\ okW$)6weG[. ~)f&N YŘ]|a)b^hhٰ*xKxheڐ7sB_ rw[ D Ho]ٵtKDjKaDzF,䣦)"MV e@;eCs߻ 05WޗC@;ozG!0bCWqCÃ1?6?[Q|>vab (AdzY2 Sdb6iPU4MI=37Nq=ɗt-܍6oS5MQ׵U%$ >wg=jWmšhPڃ`Ñ Ne9 jqqP~vbgɨǬˆJ; Rlp~%0uB~BM!Ĭ˥FQe X RM<r;8Q!_~,\wE}P ΔY4Nhm@VPZ2a*ݐUDˀ|G쉠#HĐY› KHD^!CU9ɿW IV#o6S OsZm͐%_l4@#W Ω( !'54 ՐnЋth% O7cnII&Ӛ'÷,BS e6tbWX#3lcw/ YSf O~->a4@ ?e3 yz)ih;ekF !{P?Hq wfzLUn:oAOA6<7z56H߀^ZJF&؞WJ*u"b`1W:x'źm9CJ$o13$˂z]𔗓&G5JQ " r{vR.$F7u'GPhә@A)mG# l'3'Gaq4,x62P<4+991iy]gN_sp]Tk8r/L=cA7:/ r ƶqA gwA0CԬl9By)infBG@01|7DXVV2OڤɁcjީm&II2RUѮ#FH;$Wb`[1L|g\SbmSr9aam|tTtnXW&B2gXG'-[V01Q1[mկe.݈r@/J,RNجb!ك IF9/)Ҭ5 ڂq'AC"/LZzZq7/%AwU ub2ĿuYa 3> BZJfuD@[._V(YGjel}QL V~T~QZSk4lyp%(:N@!m!eO)a:dȘR ǟga@Ƞ~Lh$k-i?4dz_`yLFSy$A-ayWN95F+hoy')Q΍,yxSeL%X[D|H@%'8s&\Bl*NCW/d'pAH՞2&C^ 2D2/'nm5_K[7h0J<(>LVm7 b#5o7BC; PZUs父>,8?OPSmNd!RnWhX#}HGkkd v[/<XSΚ 0Ԩx!D]x9Wg}t)]wa\3ALPlC]MH],8sjNfy]sF aJȘYX0b$9>b4q=) B V5J@VSÞ 㙸{(uWy#;"}XۜgjDd QW(tnyzyvqjxJccW//HK37 rXm jtV>^: ^c*لɅ՚R@Nt*~At\ƌQF%8[ϸcӶS~b >s[>O޵҉򚨪Z=i K@Aw EIm"~:+g#6Ǥ]')UMWYYj`/؆dBƄlmlVgm{tt㈲^80+)"L5jUY,C 6'S,6LALpF?R7:} n~јRU[yu8 "^qF )Sy:a$>u( Um;6u%\Fx!8=+F\Ux~At㦂"+ri\Bc d3HPDlv.f{o2v3pG&\}曗Q[r t"~zejmBoKbSGy8Uk} 04cYJBAM?OL=#-g*dq턼Ekgd lP < !ߟ1hZJ}g.1!jE+