nss-pkcs11-devel-3.36.0-7.el7_5>t  DH`p[$ƨ0ATFuJ8dL3'4*i1k =*B6,X==OYECγik豖S^(%CB;ǰ4ҁLQk71!2F k}C~e5j~ pQ"i Ah|,(^ /ţ.r)>;`,Ga@cYP XHd H,mɥ5}!ȡl@:0-< wv^Ĩqx2Tb*c밡JA5dԬ(F'S]85`sQU,DfِoD\ӤٍS`j]ac25b7b2423732d07df2cdccf36079ae8abf9d71[$ƨ6!hg̓;@h@A5@fW[ݸ E7z,ZC;`jkRr/2 /:OikyRB8/;A.-:oi oEc_p7I[s'Zۑh0+X_gM$.0W3mչedy#rG9#-&h׌(vt߅lL~j'% ʭ||a1$a?ϋ㺏;KN SYJ%+f)^qb0@Fs]af-"rW@!@*g`P%]rEjjj)0f C!66YO|grwjw?J"r {!˚$~~Q^t$"5 jr}ρ%tp=#Ӟo?9I/+h )w~Ppҁ]xRL>7׬?לd " Z OU\         E  T    ( \>(p8xd9 d:NdG8 Hl IԠ X԰YԼ\ ] ^ըbd{eրfփlօt֠ u vw0 xd טCnss-pkcs11-devel3.36.07.el7_5Development libraries for PKCS #11 (Cryptoki) using NSSLibrary files for developing PKCS #11 modules using basic NSS low level services.[x86-01.bsys.centos.orgJCentOSMPLv2.0CentOS BuildSystem Development/Librarieshttp://www.mozilla.org/projects/security/pki/nss/linuxx86_64 n@GCB:n *Zi(Zi(Zi(Zi(Zi(Zi(Zi(Zi(Zi(Zi([[[a35ece673d12028eb93987be84491b4a5978b26acbed9391ea7c623d892114892314809e560ccd8db3aa7c73a76761c6dfdc9970766418eda2ccf5d82d7c8c87d17c98658d22e1d43bebb72e5c2fa70d38b4813cc365664cb7e012c1c205945a44468d9015bc778365581b64aa8389d29b1253027c339f0db50c4fa4041b182610323e003c49ea719ba9d58bcc8cd25e0cb04b9ef477e86532dd49ce5aab7de426ea03608b467e5d895ef62414d18e48c7eef62075092710067aa35ab7da79c77a0eecf6f3406b0ac94bde7ea8963f1ed4bdc05c48bade64adbbe3f942607a58424de03c781dc5f6985867d3c8905ef675f7f2bef4bc52abc6e523484afb4882dc8e6a0a79dc11903d89226d4fd9a1a2e6d15433c2f77b7176b727c3d2980b1b616dd39c3520cedf4a0b72c67baa0de3103d894baa8631e24020c157d21a2473f5ee187ae698bfebcb2b4df6e21edbc3d95b5ec709756e1cd6a1c3d83fca1c440acbec33f493a1302b06314d6fb0378033331d88f784a057df21ca3116efdaef33fa2c5b9500a8b1d11b2bf6704e511aa0dac6ddca678afe78c2d7406bcc1ab5rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootnss-3.36.0-7.el7_5.src.rpmnss-pkcs11-develnss-pkcs11-devel(x86-64)nss-pkcs11-devel-static     nss-develnss-softokn-freebl-develrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.36.0-7.el7_53.36.03.0.4-14.6.0-14.0-15.2-14.11.3[Z؄Z3@ZЛZ2@ZkZw@Z\ZOhZN@Z Y@Y|YB@Y@Y@Y@Y@YJYg`Y1S@Y i@Y i@Y @Y.Y@YXX~@X•@XO@XO@XBX@XX@XWu WrfWc@Wc@WBWo@Wo@Wo@WW WW@Vn@V@V>@V`VpV'~@U6@U6@UAU@UUUݪ@UUȒ@UU@U'U3@UUx&Ux&Uq@U?v@U8U0U-@U'@U:TTq@TTto@Td@T)IS@S@Sہ@S@SnS@RJ@RRUR۾@R۾@R@R@Rx@RΏ@RkR@R;RiR@Rz/@Rv:Rt@RrF@Ro@Ro@RnQRe@RW@RSR@QQQ@QKQ@QQW@Q'@Qq1QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.36.0-7Daiki Ueno - 3.36.0-6Daiki Ueno - 3.36.0-5Daiki Ueno - 3.36.0-4Daiki Ueno - 3.36.0-3Daiki Ueno - 3.36.0-2Daiki Ueno - 3.36.0-1Daiki Ueno - 3.34.0-4Daiki Ueno - 3.34.0-3Daiki Ueno - 3.34.0-2Daiki Ueno - 3.34.0-1Daiki Ueno - 3.34.0-0.1.beta1Daiki Ueno - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.33.0-1Daiki Ueno - 3.28.4-14Daiki Ueno - 3.28.4-13Daiki Ueno - 3.28.4-12Daiki Ueno - 3.28.4-11Daiki Ueno - 3.28.4-10Daiki Ueno - 3.28.4-9Kai Engert - 3.28.4-8Daiki Ueno - 3.28.4-7Daiki Ueno - 3.28.4-6Daiki Ueno - 3.28.4-5Daiki Ueno - 3.28.4-4Daiki Ueno - 3.28.4-3Daiki Ueno - 3.28.4-2Daiki Ueno - 3.28.3-5Daiki Ueno - 3.28.3-4Daiki Ueno - 3.28.3-3Daiki Ueno - 3.28.3-2Daiki Ueno - 3.28.2-3Daiki Ueno - 3.28.2-2Daiki Ueno - 3.28.2-1.1Daiki Ueno - 3.28.2-1.0Daiki Ueno - 3.21.3-1Kai Engert - 3.21.0-17Kai Engert - 3.21.0-16Kai Engert - 3.21.0-15Kai Engert - 3.21.0-14Elio Maldonado - 3.21.0-13Elio Maldonado - 3.21.0-12Elio Maldonado - 3.21.0-11Elio Maldonado - 3.21.0-10Kai Engert - 3.21.0-9Kai Engert - 3.21.0-8Elio Maldonado - 3.21.0-7Kai Engert - 3.21.0-6Kai Engert - 3.21.0-5Elio Maldonado - 3.21.0-2Elio Maldonado - 3.21.0-1Elio Maldonado - 3.19.1-19Kai Engert - 3.19.1-18Elio Maldonado - 3.19.1-17Elio Maldonado - 3.19.1-16Elio Maldonado - 3.19.1-15Elio Maldonado - 3.19.1-14Elio Maldonado - 3.19.1-13Elio Maldonado - 3.19.1-12Elio Maldonado - 3.19.1-11Elio Maldonado - 3.19.1-10Elio Maldonado - 3.19.1-9Elio Maldonado - 3.19.1-8Elio Maldonado - 3.19.1-7Elio Maldonado - 3.19.1-6Kai Engert - 3.19.1-5Elio Maldonado - 3.19.1-4Elio Maldonado - 3.19.1-3Elio Maldonado - 3.19.1-2Elio Maldonado - 3.19.1-1Kai Engert - 3.18.0-6Kai Engert - 3.18.0-5Elio Maldonado - 3.18.0-4Elio Maldonado - 3.18.0-3Elio Maldonado - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.16.2.3-5Elio Maldonado - 3.16.2.3-4Elio Maldonado - 3.16.2.3-3Elio Maldonado - 3.16.2.3-2Elio Maldonado - 3.16.2-10Elio Maldonado - 3.16.2-9Elio Maldonado - 3.16.2-4Elio Maldonado 3.16.2-3Elio Maldonado - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.15.4-6Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Daniel Mach - 3.15.4-2Elio Maldonado - 3.15.3-9Elio Maldonado - 3.15.3-8Elio Maldonado - 3.15.3-7Elio Maldonado - 3.15.3-6Elio Maldonado - 3.15.3-5Elio Maldonado - 3.15.3-4Daniel Mach - 3.15.3-3Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-10Elio Maldonado - 3.15.2-9Elio Maldonado - 3.15.2-8Elio Maldonado - 3.15.2-7Elio Maldonado - 3.15.2-6Elio Maldonado - 3.15.2-5Elio Maldonado - 3.15.2-4Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15-6Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.14.3-13.0Kai Engert - 3.14.3-12.0Kai Engert - 3.14.3-11Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- Backport upstream fix for CVE-2018-12384 - Remove nss-lockcert-api-change.patch, which turned out to be a mistake (the symbol was not exported from libnss)- Exercise SSL tests which only run under non-FIPS setting- Restore CERT_LockCertTrust and CERT_UnlockCertTrust back in cert.h- Work around modutil -changepw error if the old and new passwords are both empty in FIPS mode- Decrease the iteration count of PKCS#12 for compatibility with Windows - Fix deadlock when a token is re-inserted while a client process is running- Set NSS_FORCE_FIPS=1 in %build - Revert the changes to tests assuming the default DB type- Rebase to NSS 3.36- Re-enable nss-is-token-present-race.patch- Temporarily disable nss-is-token-present-race.patch- Backport necessary changes from 3.35- Rebase to NSS 3.34- Rebase to NSS 3.34.BETA1- Disable TLS 1.3- Enable TLS 1.3- Rebase to NSS 3.33 - Disable TLS 1.3, temporarily disable failing gtests (Skip13Variants) - Temporarily disable race.patch and nss-3.16-token-init-race.patch, which causes a deadlock in newly added test cases - Remove upstreamed patches: moz-1320932.patch, nss-tstclnt-optspec.patch, nss-1334976-1336487-1345083-ca-2.14.patch, nss-alert-handler.patch, nss-tools-sha256-default.patch, nss-is-token-present-race.patch, nss-pk12util.patch, nss-ssl3gthr.patch, and nss-transcript.patch- Add backward compatibility to pk12util regarding faulty PBES2 AES encryption- Update iquote.patch to prefer nss.h from the source- Add backward compatibility to pk12util regarding password encoding- Backport patch to simplify transcript calculation for CertificateVerify - Enable TLS 1.3 and RSA-PSS - Disable some upstream tests failing due to downstream ciphersuites changes- Work around yum crash due to new NSPR symbol being used in nss-sysinit, patch by Kai Engert- Fix typo in nss-sni-c-v-fix.patch- Include CKBI 2.14 and updated CA constraints from NSS 3.28.5- Update nss-pk12util.patch to include fix from mozbz#1353724.- Update nss-alert-handler.patch with the upstream fix from mozbz#1360207.- Fix zero-length record treatment for stream ciphers and SSLv2- Correctly set policy file location when building- Reorder ChaCha20-Poly1305 cipher suites, as suggested in: https://bugzilla.redhat.com/show_bug.cgi?id=1373158#c9- Rebase to NSS 3.28.4 - Update nss-pk12util.patch with backport of mozbz#1353325- Switch default hash algorithm used by tools from SHA-1 to SHA-256 - Avoid race condition in nssSlot_IsTokenPresent() - Enable SHA-2 and AES in pk12util - Disable RSA-PSS for now- Utilize CKA_NSS_MOZILLA_CA_POLICY attribute, patch by Kai Engert - Backport changes adding SSL alert callbacks from upstream - Add nss-check-policy-file.patch from Fedora - Install policy config in /etc/pki/nss-legacy/nss-rhel7.config- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka - Enable new algorithms supported by the new nss-softokn- Rebase to NSS 3.28.3 - Bump required version of nss-softokn- Remove %nss_cycles setting, which was also mistakenly added - Re-enable BUILD_OPT, mistakenly disabled in the previous build - Prevent ABI incompatibilty of SECKEYECPublicKey - Disable TLS_ECDHE_{RSA,ECDSA}_WITH_AES_128_CBC_SHA256 by default - Enable 4 AES_256_GCM_SHA384 ciphersuites, enabled by the downstream patch in the previous release - Fix crash with tstclnt -W - Always enable gtests for supported features - Add patch to fix bash syntax error in tests/ssl.sh - Build with support for SSLKEYLOGFILE - Disable the use of RSA-PSS with SSL/TLS- Decouple nss-pem from the nss package - Resolves: #1316546- Remove mistakenly added R: nss-pem- Rebase to NSS 3.28.2 - Remove NSS_ENABLE_ECC and NSS_ECC_MORE_THAN_SUITE_B setting, which is no-op now - Enable gtests when requested - Remove nss-646045.patch and fix-nss-test-filtering.patch, which are not necessary - Remove sslauth-no-v2.patch and nss-sslstress-txt-ssl3-lower-value-in-range.patch, as SSLv2 is already disabled in upstream - Remove ssl-server-min-key-sizes.patch, as we decided to support DH key size greater than 1023 bits - Remove local patches for SHA384 cipher suites (now supported in upstream): dhe-sha384-dss-support.patch, client_auth_for_sha384_prf_support.patch, nss-fix-client-auth-init-hashes.patch, nss-map-oid-to-hashalg.patch, nss-enable-384-cipher-tests.patch, nss-fix-signature-and-hash.patch, fix-allowed-sig-alg.patch, tests-extra.patch - Remove upstreamed patches: rh1238290.patch, fix-reuse-of-session-cache-entry.patch, flexible-certverify.patch, call-restartmodules-in-nssinit.patch- Rebase to NSS 3.21.3 - Resolves: #1383887- remove additional false duplicates from sha384 downstream patches- enable ssl_gtests (without extended master secret tests), Bug 1298692 - call SECMOD_RestartModules in nss_Init, Bug 1317691- escape all percent characters in all changelog comments- Support TLS 1.2 certificate_verify hashes other than PRF, backported fix from NSS 3.25 (upstream bug 1179338).- Fix reuse of session cache entry - Resolves: Bug 1241172 - Certificate verification fails with multiple https urls- Fix a flaw in %check for nss not building on arm - Resolves: Bug 1200856- Cleanup: Remove unnecessary %posttrans script from nss.spec - Resolves: Bug 1174201- Merge fixes from the rhel-7.2 branch - Fix a bogus %changelog entry - Resolves: Bug 1297941- Rebuild to require the latest nss-util build and nss-softokn build.- Update the minimum nss-softokn build required at runtime.- Delete duplicates from one table- Fix missing support for sha384/dsa in certificate_request- Merge fixes from the rhel-7.2 branch - Fix the SigAlgs sent in certificate_request - Ensure all ssl.sh tests are executed - Update sslauth test patch to run additional tests- Fix sha384 support and testing patches- Rebase to NSS-3.21- Prevent TLS 1.2 Transcript Collision attacks against MD5 in key exchange protocol - Fix a mockbuild reported bad %if condition when using the __isa_bits macro instead of list of 64-bit architectures - Change the test to %if 0%{__isa_bits} == 64 as required for building the srpm which is noarch - Resolves: Bug 1289884- Rebuild against updated NSPR- Change the required_softokn_build_version back to -13 - Ensure we use nss-softokn-3.16.2.3-13.el7_1- Fix check for public key size of DSA certificates - Use size of prime P not the size of dsa.publicValue- Reorder the cipher suites and enable two more by default- Update the required_softokn_build_version to -14 - Add references to bugs filed upstream for new patches - Merge ocsp stapling and sslauth sni tests patches into one- Reorder the cipher suites and enable two more by default - Fix some of the ssauth sni and ocsp stapling tests- Support TLS > 1.0 by support while still allowing to connect to SSL3 only servers - Enable ECDSA cipher suites by default, a subset of the ones requested- Support TLS > 1.0 by support while still allowing to connect to SSL3 only servers- Fix to correctly report integrity mechanism for TLS_RSA_WITH_AES_256_GCM_SHA384- Fix checks to skip ssl2/export cipher suites tests to not skip needed tests - Fix libssl ssl2/export disabling patch to handle NULL cipher cases - Enable additional cipher suites by default- Add links to filed upstream bugs to better track patches in spec file- Package listsuites as part of the unsupported tools- Bump the release tag- Incremental patches to fix SSL/TLS test suite execution, fix the earlier SHA384 patch, and inform clients to use SHA384 with certificate_verify if required by NSS.- Add support for sha384 tls cipher suites - Add support for server-side hde key exchange - Add support for DSS+SHA256 ciphersuites- Reenable a patch that had been mistakenly disabled- Build against nss-softokn-3.16.2.3-9- Rebase to nss-3.19.1 - Resolves: Bug 1228913 - Rebase to nss-3.19.1 for CVE-2015-4000 [RHEL-7.1]- Backport mozbz#1155922 to support SHA512 signatures with TLS 1.2- Update to CKBI 2.4 from NSS 3.18.1 (the only change in NSS 3.18.1)- Update and reeneable nss-646045.patch on account of the rebase - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Fix shell syntax error on nss/tests/all.sh - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Replace expired PayPal test certificate that breaks the build - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Reverse the sense of a test in patch to fix pk12util segfault - Resolves: Bug 1174527 - Segfault in pk12util when using -l option with certain .p12 files- Fix race condition - Resolves: Bug 1094468 - 389-ds-base server reported crash in stan_GetCERTCertificate - under the replication replay failure condition- Resolves: Bug 1174527 - Segfault in pk12util when using -l option with certain .p12 files- Restore patch for certutil man page - supply missing options descriptions - Resolves: Bug 1158161 - Upgrade to NSS 3.16.2.3 for Firefox 31.3- Resolves: Bug 1158161 - Upgrade to NSS 3.16.2.3 for Firefox 31.3 - Support TLS_FALLBACK_SCSV in tstclnt and ssltap- Resolves: Bug 1145434 - CVE-2014-1568 - Using a release number higher than on rhel-7.0 branch- Fix crash in stan_GetCERTCertificate - Resolves: Bug 1094468- Generic 32/64 bit platform detection (fix ppc64le build) - Resolves: Bug 1125619 - nss fails to build on arch: ppc64le (missing dependencies) - Fix contributed by Peter Robinson - Fix libssl and test patches that disable ssl2 support - Resolves: Bug 1123435 - Replace expired PayPal test certificate with current one- Rebase to nss-3.16.2 - Resolves: Bug 1103252 - Rebase RHEL 7.1 to at least NSS 3.16.1 (FF 31) - Fix test failure detection in the %check section - Move removal of unwanted source directories to the end of the %prep section - Update various patches on account of the rebase - Remove unused patches rendered obsolete by the rebase- Disallow disabling the internal module - Resolves: Bug 1056036 - nss segfaults with opencryptoki module- Pick up a fix from rhel-6 and fix an rpm conflict - Don't hold issuer cert handles in crl cache - Resolves: Bug 1034409 - deadlock in trust domain and object lock - Move nss shared db files to the main package - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Update pem sources to latest from nss-pem upstream - Pick up pem module fixes verified on RHEL and applied upstream - Remove no loger needed pem patches on acccount on this update - Add comments documenting the iquote.patch - Resolves: Bug 1054457 - CVE-2013-1740- Remove spurious man5 wildcard entry as all manpages are listed by name - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Mass rebuild 2014-01-24- Rebase to nss-3.15.4 - Resolves: Bug 1054457 - CVE-2013-1740 nss: false start PR_Recv information disclosure security issue - Remove no longer needed patches for manpages that were applied upstream - Remove no longer needed patch to disable ocsp stapling tests - Update iquote.patch on account of upstream changes - Update and rename patch to pem/rsawrapr.c on account of upstream changes - Use the pristine upstream sources for nss without repackaging - Avoid unneeded manual step which may introduce errors- Fix the spec file to apply the nss ecc list patch for bug 752980 - Resolves: Bug 752980 - Support ECDSA algorithm in the nss package via puggable ecc- Move several nss-sysinit manpages tar archives to the %files - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Fix a coverity scan compile time warning for the pem module - Resolves: Bug 1002271 - NSS pem module should not require unique base file names- Resolves: Bug 1002271 - NSS pem module should not require unique base file names- Improve pluggable ECC support for ECDSA - Resolves: Bug 752980 - [7.0 FEAT] Support ECDSA algorithm in the nss package- Mass rebuild 2013-12-27- Revoke trust in one mis-issued anssi certificate - Resolves: Bug 1040284 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) [rhel-7.0]- Update to NSS_3_15_3_RTM - Resolves: Bug 1031463 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741- Fix path to script and remove -- from some options in nss-sysinit man page - Resolves: rhbz#982723 - man page of nss-sysinit worong path and other flaws- Fix certutil man page options names to be consistent with help - Resolves: rhbz#948495 - man page scan results for nss - Remove incorrect count argument in status description in nss-sysinit man page - Resolves: rhbz#982723 - man page of nss-sysinit incorrect option descriptions- Fix patch for disabling ssl2 in ssl to correctly set error code - Fix syntax error reported in the build.log even tough it succeeds - Add patch top ignore setpolicy result - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites - Resolves: rhbz#1026677 - Attempt to run ipa-client-install fails- Fix bash syntax error in patch for disabling ssl2 tests - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Fix errors in ssl disabling patches for both library and tests - Add s390x to the multilib_arches definition used for alt_ckbi - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Fix errors in nss-sysinit manpage options descriptions - Resolves: rhbz#982723- Enable fips when system is in fips mode - Resolves: rhbz#852023 - FIPS mode detection does not work- Remove unused and obsoleted patches - Related: rhbz#1012656- Add description of the certutil's --email option to it's manpage - Resolves: rhbz#Bug 948495 - Man page scan results for nss- Rebase to nss-3.15.2 - Resolves: rhbz#1012656 - pick up NSS 3.15.2 to fix CVE-2013-1739 and disable MD5 in OCSP/CRL- Install symlink to nss-sysinit.sh without the .sh suffix - Resolves: rhbz#982723 - nss-sysinit man page has wrong path for the script- Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Add upstream bug URL for a patch subitted upstream and remove obsolete script- Update to NSS_3_15_1_RTM - Apply various fixes to the man pages and add new ones - Enable the iquote.patch to access newly introduced types - Add man page for pkcs11.txt configuration file and cert and key databases - Add missing option descriptions for {cert|cms|crl}util - Resolves: rhbz#948495 - Man page scan results for nss - Resolves: rhbz#982723 - Fix path to script in man page for nss-sysinit- Use the unstripped source tar ball- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Reactivate nss-ssl-cbc-random-iv-off-by-default.patch- Add upstream patch to fix rhbz#872761- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build 3.36.0-7.el7_53.36.0-7.el7_53.36.0-7.el7_5nssbase.hnssbaset.hnssckepv.hnssckft.hnssckfw.hnssckfwc.hnssckfwt.hnssckg.hnssckmdt.hnssckt.hnssck.apilibnssb.alibnssckfw.a/usr/include/nss3//usr/include/nss3/templates//usr/lib64/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=genericcpioxz2x86_64-redhat-linux-gnuC source, ASCII textcurrent ar archive?7zXZ !#,] b2u Q{Kpڰr]Lgq 33=~|sq?G\6xw*CpeR_q\x%V2|Êw*6Us%ǦT/, }3^DQ *-D1X5xM()5\j1(Y I36g:WiZQDu7D:Gs9n-yIpAd.SڬB Ys4ӝjżOطtqH5|# |[Ү+Y Jcbg=ڲ[t3m % Ҵ4Jv98(G6EDQES ;ogge쮎 z)jO$6V+f|bb>r~E:FS`ֻ* ^YgVv*' fD^`g^0D$SՐzPGl"ǺPc3۲̊{0_ ZM{뗨 |pġcԛl#*=e*EpUI=vv7nB¥6dإm:<}(4(U͇He6,JioFIDL5@Ϻƫ)ޮTE>2x[x$~ ɑ==y^NR[ٹɼ1z嶧8cهÑh8jY.Nk$#WOI# QZwl{k+vZ:DMP2`SQd)kTMƱRH|2C?=RqG@þ|NcdjakN0lV$P6%->&b6ճp3:26\Q~@V)I,ct,x\|׮}얊 z鮸# F m%Z,?s ;O8r#&\`OԻy{jLA`˨>cO;~Fb/-2xH/zeqą:j],z\S[$1l {8dAc-H-"ۓBN/bz ȯ)u⾸mL7s%_ʀg/=܉pNrf`S mom2'FF%ZU}@BX8zdb`LVmsҶ(Όx K(-^oy4ZYկtbekzXn^YÓE ]B)GE8u?)V$6iZKfp$6n/-duDEI`)'ُ3v+`gjP<)WN#^SXqÏt&G(EQ}S~y,iQN|C:e%$\ȼLᔶl`\&tB]\&b%y=9*Un.kmƈAx&{l(x_˖$ AQ~!t5?Nb 1ycOFx\VT{e1~2T!1''~Tbub+#Q95aֲ_^1H4j߫?aLSd 7%UX1~̷eS|Lp>ut}O(ȶL8 f*~HݱqXNDh$e푆_wK"+wY-OY '@bd,PP ^- F z>Q48Ğ{Qquj l٣b30 Q^w[1:R;Hʒ'g:m8=a33Aw0H&TIO>1ǍFLlAwi/"V5M4i}Mk i.BssI,#vzuͪbѢǼ p`IN923yuʲ3!:$UP`շv10\zw!A!v{XzR"6tT IqTH-HIHv_;-<*jSDp9 ]Mj!U'a4FC&oCzYpL8$pk{SހNԏ[k\OwRGAL/6G;;"5CiM}wpe=WTȎ}}wCV:%8F/!EI 0 `~,DDC|t49kp:Ђ M g \Y,(xkeIHUT>p`AQ̾/QPjAi (>Y*@Ls7 p {ǝ &r5\5 O৏u/Ջ\K2Z:V}L/F 7GR]w9Bu~@_;X Ì+OP%{sq%PH*y2="J26P"-FW! ,ynjXź_?_75c8UUqV!9N1\s~dh\*@҅Q_W4Rbܰw(U`9[ם8 a7^4 7+ޙIӌi1Aw@{`ymUl3V @nuO!l1ARf'ʔzpo z0I+搤1ySkH/T¦;q5pzs9lux0oغ6jrٵN)Ŋq"@Km`ܮ#DrtF.lJspqQV?w"`'["-jo=d vGcC& σ dɲ9AD\ v&WۮYJHfzTdXzxeԈIsX@P˞lUvnc{_12>޷pI?>FL1+v"/1ܙm4nEj]!s IÃ5o,M1\l>j=dL+MIƖD{?I32~3_j8[>z vFU3tG !$lmE; )XC4d>)ȉzAJ=Ti IEXHƦ%;xbT9&Ena!V薑RDG HWr,T]S] Y؂ %ĒVL8UׇdSm&zmLџe~IW[|) 4mlXH $11^ScŋhS>q="2:&V|87F~l?DY?ePͩJõ~=uQj&ȥo?8RSmsuUnh k{P|B݃o\)|.ϖۇCq׼;j7⻥'(Sx?JwJ CE#p=s)k]荛سCz ^WnS0>O<|zgVOYN3{v_a5ݟƙmal< y.}9wU0K$o+⼉ "A|Ӹy&#$l5*4%^xtܼ)2YOIb@ȿv%&c?xS9aiBu|Q/* j|ijӾP9w 7G?^۴W(o'uvgvo\@8ň~>edxHw.e"fPc>FbT6=)³kRcD{{K" =njS{&еr~E+z* K$v'^B+`Nǣ]tz =0m,U'8x.Ǎ`lgPғ!=M(t w1L AaEtvFSPNf,6?"`sC/~F-] _&̍ y#g ~h |_X0X"˖D#o0zu!pJRο4WAmľ뻬UȺr6s!<<͆QϐE0tW53#_1Ū:5dvqQF1Ԫ6S'ulag"ajC ?/5$xzH<&yB}~ӯSn:? 7ÉWF;er `5U9#Ŧ v` kzQc~vN]ZsO HU)L]%(8}Z2} V_F"y.>PZ!Y*SXW9G'>*-Oɹ31S}&{g2C3GM!ITX1ew&bܔykV(7XV{ם}RFEb_NVRdCh˦ .#滧p3 3u6KS0]1$l-Dd'}+Yd'.J MV`!IxgOq[8ue&jΰJg ?8bHC7l/꒎c)FmXSa%}:LDN6b+Y,$Sced})^鐽}-€Qպ҅7ۭ j̾x1yܩyRRHW0Dɗ(@)mf 7]V7lVҔ{:s@ s|t!j*' ’w8~y])m}"~a.;Y%,=[WUR)P ՃYlHH^#ڝ\!E'B+DIiLuKe3^l0 bw-KQso8@#?s?[̄ p)\?>6*O# —E*O4_n`ifVb8_Vj4Gb@0c.ҥ`#o*?86h60>md\#SHhO8b#jWǴ濵cxGRVr7O09TΙi>p8 8\{^U=aHnLޑ ME`4z7becj=GAQDMxr?d.!N[Ц7TW`Qgrj mV>M ەemlҬVR4ݣPZ0I+r5Y-xu*%!E(Mk ԉC` /rnwlO/`-_@X{,dGaƛQ]Pz*;wۦCu{P4Zo|XEV ş.ez2k4…)v z7 j!~QZNp3cb]mPc"cC,2 ;yyip"t 0>xK}Å9}Dݦb$v];P2~h-]|xř58&j4_jM;đ'Ђ@qߜ_@!&'Lu죘SID_!ͫp 2nds%( <=cG;W"LFErߐ 6ITX##E(tul[P0OFX&}rek\\LV&}V@b v{eCq92kβJ=1@c.A[1TEhLQ^!EZ#rp4Eji1SH*AUMVb$f>`$RC. '߳Q#$.8ϺĉK(ɡz&&* C[{baTE[ƪ{0?sZWsx /kLZe({o8%C|# !םv0 1i@#͙ \"R~*+09 )|g`vIBsfdΊE;::қ:^kOd%(9 OƪZtKEC欟nnN"]ݷ %8MHLh6hk6YކwΤ\Ox_3#|[{}fa.\L% 7 N4,"z6 T#) A#8b!s|w~&2 潷,pRX,\k&lҒy]nGbtD*:lI0iQg(e D+Wzcl mvq`"߉]Rۋ0cNA5xc,E1Cʉԥ;Ȝ 7E؂'C[:VЫ __2(5W-0OhX!:W /;/+$'=b+df(wd+I!{2~hI3Ѩ`GYGM+'( `$*4 Xc--oW xڸ;k5N_.AXeYs&dR0wDbCDZNkTO͒z/7y# D*C -ǺƇSЯ~orI[h/•/pX,㲸 `ڶ1&w$;fq&wn, +WK+d :~uAk5C0z~^:s)p7\ء<7LVAݓ5I`x`{MeӅ9jY]>rjyT6}aP{i7/ӡvFoHm7YK8Uqk8@ѽtd2Џc*A <.RԒa )PgW`74(5[`0vP*9<-D0˟2p2 .ߴJX, tQهUpL҃|-ȅ)(H]Fob+я*כʫ>'u#T/ 28P.g脲mdq:[40X$os6i &(LrAgGoAH8#A@S)RH#"RQ)a,8ꕤӤrb wSMxPsm/T6;:N羔QKCmb;sV=b[<`X~ ϭWY*%=CF֠~{3SVN1"P9Rn0T7?@PY3'We8 Lզydc['҂ 6qhwb.Zwv816MD||<:egïDچgEWsBd`7rrAԾd8Tmĥ&\fDIEpruI8N< oMjq͡Y-AuUamH;JQ&m"Gr%żd zUtɭ`j[&nhe뛊_͙|#OXOf~pQ_ÙUq&OAxUJӟh%|7./#2gS/~WV:8YkGm}EX{w.]W6bBZ4DzS*tΑx׊V2`dWzA `ԆVe㓐W.3#՝ZIysjB{ 6'Sgm" /„>4Ar QDdl#ʫ78N蹼>f#1ClE2'ca0#R"dSjIZ>vA1ΗEĮX˅GgMmZ"W7u-|cZaL빅&BQoÒYgl vҥpZb y7.jJ{"dY[<PVc\3%1޳~M,'t;A-LjᇤJIk<IX#)fjt3qhjtElb{yȆ/FIAvֲb -4ah~hC$*ʨW|)o jOvA{^.U!7KHZ;yc:1$lPv٣)td>oc0,0Jo2l{TlYvr/l]Qx,eB;8t7Ѯx%7&B!EEٓ ABҢ繟.̇h̋O1rL=o~*9@q{5mhZ%?bxbQ5Y3毶UEjAFO9$ps?фMz60:@y6IkW.ސ ] Ƶ6CzXr :G4CK|Os>Uٙٳ YI6JgQvŇ;u_nvfL;/lo}gYjk:,)i_}OEW>xhˎ?$ɔK:Zjڬ؜4__~J-fb LXQ'me6A/ Fyg=Ehw PPi` I{Ps*0BЏKjͬKC!"YCdרs76u2bt;[<v|>MR_ֿ >[2|UO1·b!wX1 =w!vvbaOľ!% =tSFP0#^zF;ӣY2珠\Y8HʖII-y*9G2%(`~\UMW4Gh7*.ˏ,zFZK`l9lzļ%hjb5ͧͩ1w5r2Hs?fjqPܥF.G ~Tjo#oWN>eRԒ( ؁.yy>b5 P}T%%P`R jp]в/Ni*KLPz p^X0;?d0x6jK~Og̖%{Ys'ʞadg/dCTU*=PJ(<:/ Z#P)My0p< rzJ(S%ZhAPZe".6vU3|GP ?TM,"hr×aY@i3JEty"ˀ%GQ߅S ai##gD{~a2|kѣ+σR1CijdcA@?mXsɉ~6јPjF$f%l^~ FV7B zȍ3aKuQ;csu[nGJATGڙ&џxDtn߬* @Xߖ+5Xb^V뵕 'T& A> JG#pA>fкt !aPcEJEvpT 9`;j림]zڍ'LZ0@ʲIq,~&gQed]q?'W2 Fy~ K(7x_fO CnG@UV%Tmd ,`%+ܭ [u/Bi7&"\AwͰݨh>YTk)9RE+H@0U;ӜW2HBw-bNGl htΗk@B*8.<]=a߇[TSPi*EaeiF`@FCilsثd@.l#W+"h)T?4<%,L1bآ^]" ~sVo?%r{ Х9AdWv_tlKO=8(ɼaWRۃJزޒ(A@ͻObG(rReIȩYxT tŌG XGs.a嵈^#EJ7k\Kv{'TMrP:׈ƸoWݼ v<8Q^#WrhoWZM$[11H ^wF||`y-ABP> mKKh E0ةf~`VjZD ڎa$/j~Lpt'T5 ӷpr:ƥr 6۪x?V3~uGbT4^3q!?Gm܂(mы{plRR(Udڠ\T]割*`hz Lܵ nj#~`3&Goƕe5PJԥ*I(1ϯ0/BFR]*8D,vjN:#h矔i|q)F1;X6܈Ш]_v@ċ{&zGw&y!GG˂mqi1%ݕtUҭYLң5#\xl[T]}Bl8X^Y e# 3iЋHjFEkm#7蔻SS_"kR6tMT.\.kXmTm YEQ|)%gSr& D~t_:W8Q ͌CAm0B1Ya\,q-ƬČ̆)z  [G!/ix3xL^ڀk6K$#TEYDmy7M}d%E)^>t/%!.ZG%$GI'vf7h!*qeӭ4Z}6ØqhX Zս)oskrͷ•pIw`>P^,IZ#-);8jv!{CEG#NeVEB׃ſ], +zņTMĭӀ<+wڡk2@9ioH1Cgjԃ-M:7cv;ay69#+qF<0_DHjjlKV_+Z>]*Y<(m|܈|%JYN xms!? &ܱ)ߎłƣ~rG=d܌I0U`LJi?mN!jE pV\зtveƘ:o[16+6\A;g4"pQJpƓ`г0L_ӼQ$aVE|ao?@:Z?Te5#]:凩i8ja7Y] 튈 g@`w$Y^Ѐ3r03W:=9"Skw0ՓO!eNKHKO8މW&THG!k3QuWO]%Vڄ% +Cp%A%9nRػc^"'We̯Z$sxR i0 yi3vjA; VrX<-u,K)TlmWPWJEV0W٤MH$B;'G>U3*[Ÿ+~6 kjԝTʭ==JU7CQt}!(,?ᤦhfyIj‹ԖؠB:,baL[ 0kUCiPS_k[6*40ӝ0.M9r;XK*~#{hM'ֽf8HP;vܡizLZ'?x!4 @AwMc(@Hy\L8 fY/ l v=h;%V$Jj”E\q[kBnBI ߸%JpAY̋-u ݔi!+@{ryC%u-*?m5PGZz[ݡ#l0NI2зY^ʈYWԅz\IʢϝȴԚG޶7u˟&$ǫ8gbҸ9}p4W9dܴ7ZRE69D.ݕ/rՈ *̫46fP pBދ2`Y4?CV^;5o6c~;A޶zs# ?||ލƇ`&a.rϏT#ydT2-YMK*ɑz7X)!,i|c/RHPDT^Eu6GlœuT aW;}HMYwWq OS}IN8^HCM`ǜZy^mhSw3~JNQ|]h,rߍ>)1er "Lb$>Z $D-~+^bSyy!XaϢ03n%8h~'_-d ͠le@YbȰW _G&lh>yHåFj5}t2z aYGF^A1=baǠq!FNDf$b}R|Vh}cԍQ-LLɭكVENn2nVk>&@&$hCWU4<7 kBkʉRXXP@ɹln% H7ʙs PV^\Ȼ/:]G97s0A,Le@$,8CӋ\YbG6fsۮsD+mIƆc#cEu= ST#'/}abO}mk$50^OQܵsRD)\3*jAEH~2%)d>'눶([ڽޣv`qyx,>,p|I 'uT 4X zQ'5݇ o "$R%B_kK:O\ve(@2>ngq74%NU& nb׺ ST鎱R=o`;!p0yadZ_,iQ-Lz!4gܮi7 R`!PPLtźNr"5t-J0s3R[]J*n3pk@$ Fk Kl<臋F'+.y2~y -6Zr'e՘;X  BCuѯr)A.$x)xM,UÇ꫗SbBfY{i̡DVL@(9&OCLvzzv2dNf02 0\GV;HJ HeRϯƌ' :2NPxت1 Ռ@DscI@\cEHtZUbVa1$oS{jt}]E7FXJCf4IY2;fQgE<|mi_e8]c+{Zx[tm4W's&7>)@d }@v&:)2yJ\B蕄1У(37pjəQP`W^;8&fF.lt~&`GP9d>ugUqz3B3So}S#>C¾W,+ߌszs&K۳ZK*_$ 6'w8{YɊƸ2o`* D"z̄"VkCipXƒzt$>2SQ B]zzΆcU(+_ }Cٯh;]% ( Fps2`\ҮEޣx~.JD:+ɠC[~,}~l *[Ky.Jn;{,uBLMk߃?PY]2 al}L\FPbks`Y /oU[(/>M /w;g۬TKaz WKЁ8&Te@VX³-N&jKB<@XRϴ6ḁͩ9Pq+d 7,s2պƱ%ج(Vv-%~9O<%33>o9_!˨YfR 8#\9 =qs>FtI2!KbV)k}IJ,zZp{4GIX*{p' n/{2^KRtLj5@mR\I eQ?cNwqi,+VpFhYݧV*|IJ=FVi0Z(y:Wnk>6D}ۢm,p'ig> U|dڔ< K]a}q$55lNK*uEhZ(״vFX4c|iH?ApT3/0pO*YyYX9ι=Z?4<ʙW j-=MQGkHuzuSI%QɴߧVA%B8.. sDrj3&5]aQ6jDہ`=b%\L )uΎ)`zzQtY sb2δo0} QX\|R堙 ˦. ۉW;VM"U출޾ h? %oXY~!y`}LO_\nbAHCŪZ] 9`qĤEMJYWUZSTgڬ(zriʏ|AKآMڿړ@ U?"< y1|kVlIE2j+H-K1+(72nZ1rt{:4X^\/am-#B:Ql0Lt}6[^C$x10/mOKчwd=eTcj)1ܻ^9 fэ~JI*Z(59wwF$~ NkKÎARK\EERh i󣷵jD F84iUpCW#3eDlr rP {6$/y J$ ֙?A]u 8tNOf,80Y|(\t+}l?LLiysf`n`kE!S=v`GҖW%1'ܵR8&_u_7g)Hnuj{AxÔ6hSᬡxHG(4r|  zQM~BS+F3Lʾ`19]1\}P\{uNH ⭌Qڗ3θqaK)uP1n&R]#"터3v{׉P:0)F{a뗁bmӻs5݅0 wW6[uJ{ONuGYz6*jVPs*_Otc{t WYlN*u -avh/i@yv):H J?;T+]$ۺzk<}*r.#^5b+Qz8SjTxRMz'Ԡ>ras/+2.z}uױ1v,F# 5s*3)m6:pcA!#;X l}U0XPcuUhy\׾;ƆPAo\ 7tpzyiI=0Vr.34l)X%(LI:" dnxf7ghy{W089g-qLJkHRLRsaIbf,۞t2k릓7n[s䃽d{+Z^%Hg⧰d"NεuH뙛HűGc obzjzF\˱L`EBچd?)_τyxW[J8N_Xfa걏Cd])/\+ƣY8!!5y"EǰOe8]9tJ]չ<>#NQqb-0) 6 ?-WU6qWΰ 0G\ ϱYJ!&̴+hd[x ZCUS2 [.;޿腽5zpPhh{t YFު" ɘPV8D[QCjpm?N3 Q3H;K.|XZKV QnتbD[iۍRڡnr$mCvQ[;:7㩛:8.Y{v-vR_)[Z;ύSnf~4|xft~b[} wUθUBȘ%--b pYf1 us_=JXe[UF,KE4 y$ܐCxd@*`:K/%X'9ykĪRRMbTGzgfeO'еV\iyՍ^T_G%H4;%ˆtԾ!W+ݖ kK}ZW ֆú{w7{HvLE3/NZHqN~2hMюjqLJ\9xe>=Q^'5Ggt0% tEC*UKbkn""h)8<2Z!~Xs0TU> K"9+T1-W8[N(sE,*nOWI.8DVz?EFK'[BV V&dz }a-,SZYVIo6GyڂY w=MI{e"`7{6?0UpSQV?Z+}JWSt9rbvvhCˈ|Nu$Jz(呌IǠS~,nEo>%ppNV뤯$}Ђ yBT,)4Gښش48sp|Qaߠ]reɉ!N.1./an+b\QZ s6]z"V\ʲ&(0 zOBd=7<:UdLQۼ@K]FAlN@486O:1X"yRC 9= rT,R$W% |KV7]n $a\o0/Qf]^gp.%0 Ba9W )&/-z MV#a6QX(츹7f3^su1y5?aIp;<"m-}OD&A%/ @^0d߇ `L(O)S!횬3P_wL&5'R [o`xi9*1M_%ŧ$Ֆ] i^z[q} 1%~⩳ khw'n)h 勸 dľ+5wBH NxDᆗ;7֫f^17C9d9*k捙@W8:H g傹r/^U ^m{FUYBc!h"_=6(Kz&bZ`ܷy:;Gg| r?DisNh-ƊFWB JnR=P] z(y !'ER(ohmp"Ws7M?5.ߛoȅ3[aƈ:*Jg@ܥn&FףAx! 'm`r┑<zu4G^ϷXeOx#uS1+. ތun9=knkm!h%}K(2~'D)Te'$u"H X9 cBZ`|ZɆfLtж)d*׽Œ-n}V>}sY>iN'_7_RfPkYr+LT(e`(%!$Ysў;a3l@\*FYeEa_ؽBc@"͍=H2'EڤIn煦29矹H}bS) QvxC@칇֌ϴ.QNϮu}2ez̝ G*κON/4 .tLw{-Lj1I#GH' `@_W Gke⥣i+h/WLWɧe^YEwjN'̞RЩw>~[4a0Co X&Bo%`As RHQSJe&b {`MX++;"O˫d>mL m |@G|5́.M%dHd4_Y[#j~v oa>O/V<>s;K*gB|u U[xgoWtN 5_py1βb`O'7v@ F#pht q۸U,n_?dŦbG'TJ9-"f2eA3CTfm:'3`*er״>\-#1wd&Ou-vN"T5` A2(7x]|&y#M-Cc\̝_'/Ah_ml{_Fk"kUB= 3QN*HUJhD%_u!\&*a3G*vs~7j`xm|ZGP-kkXmVX+HF\[:UouZ:мʀ͸3cOZ:\4uNx=;XV|!ʋD+8A/jͰ^$X4g^J@S뉥MLawb4[c/)w\1l#=$Ȓ)AGfVsǎ ;0剙a7 ۷ $v(w՜ $U웑 #5gRwz{ $sj>]YTnj]ҵ 3m/?#$Z췯{Z*ӌb4Oz$%#ߨ@؝ C 7R"亣GG4mv*uz/Ay'6Rnev2}ou"~z8 7*m~0Y d~QpLL7_jVeeyn4{9GuS<˜O,˵ݩx!@Y ;yeƬD‚$5 dNdI!T0i{#:AP7sMQm mkcJt?B!'GaA>aj`(eqϽ;T(0≎k %JB8 fb])%1ǑSx°.yUl;"sLL_Y+!-{x]sY[߳( "\ebcYc0Ѧ9PLL |-) qHFebx(uM<&kw=ќ-!%VuW^=}N3`"~ѻ(|`}@ބXP5}N /#N A,Oԩ GJ=*h5㮖]6 f7lSCgm.]#ޢ&U\ҡ':(_ׇ*[ˊ\' 1YZ pG&댧5osBSʤ ] <>Bv~9u)x'(M)dDJ{Y^  㾷ӹ$nG#\[q }% 'MyTĈ5mGirAp̓Hį5$񛎎U$Ky&wp7@kH~rU$S&reVU iޣY'Xƨc %h6ecHi4Ù(IBZ>o "$Vm.:ges.fM=B#m ĉ{ayIXBuidxNuik"֭!{'oV7֕Ffl*Ϝ0<79_, &CY>k邉01kSgQ!X~]!EEp$unP[' se!N=r{]\kT]0*Qh&%dޛ@Y&/mQ`?&~H Eh6Cf j[Y;3 "mBVcJ&ER%kl*J8ρPnj܇% H<YK4 >'2waMI:'mKc; 1Ƚ7;Zy_-Q{Bб3e. HM'85n Qx:u M. 8)I90A̓]ᵛ8~} z)"g>}O^@ jk.1X9['$5:^ ςuQZ jvޯ=8%iPϒ^X7#b,*MYp=p B2Is/grA.@lH-@Nq} C~'H1 f"nSIsIm3@rp*ƽDDH. eO!oWr BGaV \"3x/QEcGS7t.Y # A>%I,?.3axJ:ˣz׿<{~ =_&Ux,wYa"ފ=> K5/TbcI-_"aX[rڇ+[:Kǒˡ u+.FNᙠ ܾELu!9wn*kU5VCbqKV;/&Ŕ5{&k.n='${:"Ç ,eOySz) OSpHwS~ED-`.cѸ9q *cW0LFǟs0l0qԎntIs"CY ykp5[xu'g^>TyOn_L6T1$yBHGnvpcm];I "R?;ܬ3cjyUwKى[s,L`96)y.f+ݔ??~c9:2,b}z'Y.h}()^`]aoiRf 1B:HGt~MNV2=$aPKڐ "ztJƴF!=*f3 g&ɘC֡ r3yp"8+y%}b~ȗq>z@x[3Tp)2=icO)w?^ܖ'"#6`wPA][/Z[綾`l\/K%$WLɧd}k%e`UW$;gRb?#|9|EҶ;%NCa`qzYekTG?M @$ܢ?;36΀]jhYMB ϞBGm{?M.:Pdx˯iI\ pVP(LVUZg9ӭy9j0GBiKNZ"l7=Kc5Z=0pW`dFŽYl"yֆ@g̝PԼ4\@z94FYJ‚ u5i{蜈!tP U/+sߩ7/y$x`ɾ栫 j8RChA LP!mt~^=Ci:⻙$}d,#O)p;&DroݪowCsRQ"Q|z?߫lщ+~b3.l_5Wob-"ȤD$R}Rt: ( `/.۫(1VC޹Ab~`tԗ ;R+X;XQ8QT{z;U```.y['D((Zkʏw!~kǙEѭ ms\}9=i)JzPIBm9Z\DA7a.S ;)gg}atNLʜWEr-$-f\l#*;'~D7}*%E = ܐ8"_~ [WrXRǾ:R~gS&e\ 8+8ұrΟr=f7Fc٥)f(`HSbtAq"3,s([?-竵L@<_(]ę클n> ˳Ꭺ9H_c4,ertzF4ٯ9ظ"nBbðW1 'U{4>WOԚ z3oᵘZϝc´ 2{H|]>JqfƦb [Ų&S̢UV{DVNnLpو=?K~2HĚ@+y]sq()3HI'b }k;KBG߇y"1YSY@ϵZq2mŰ#KX WбMw9ߐ^5pKH--DbD39\C[Ep)O7l2`$^dq5 t2|1Ur{ҍ60CpΡDFNZSneB:q5HPaVV]iV%+iꛎFf\gs,9!L k/+*E ֽyVc>;xr&xwȤݡ3v& 믏@ fG@^e0fT8A?$rsֻm4!,>R_Qlc%{ E=1B\O4c߉,Bߠ]otm/ʟPPsN,IW6\j/#vjSG9RauX"^9o|XL1ƌC bc*Z n4Ȇiן 97ۂF4?AT4}+V!zʟmׂI7>!,KA|6,@[|M['{7ų@AbP#hޔ"|.!M[Y)|rӦҏPbc *zb"vfqJE6nh`l]"4vLnjD,c9:bY }aTg?;Δ`.0#T<ؚԉk-@c Y!mʮ7q6xVU$!{V,H4 <N=O@`A*7^Bb왷O(7YVh׮7h/Ae &$jѕJDhDÄݽIZS-tCB5RK Vl\L)$nus%h0~ؖ [+"~PVV/ٻc!?07r?"H(,/MwVMeSc(5e#Ct ˾p3Rot p٢.buzWOj`]. f< k80ڌ*p-tCz9fnsvw; %K8 Ǥ͸kuB_52ӄDkKnjh5]1x Crͣu[嶳"1b]>i\0*`y B@ܴwcW$o)SFńaM]1LAX(%e#o LJQ>܍?3NdPW@{, B2蠟4;2'͔$Ȫu|8M-FE.O5*3^0/i'.Q Ӥjc4)z}d% S.gڧM)$ѓ `nu5͞!7m`l8:V ڔOwBEYMm/atD&!F -BoO0ݒLS^t2%1bݣJJ\}|WWבXo@Kb (=NC9;ݦ>:4/m&7Zz!{OwsP^e{ⲙعE\H@]~J9:J*71;YvCƶu߳n3]V wǖaDnk<Z2:|ĠaR^?Qgű]o䶷 /(NK4Z<ʍ,^7L#P6 ^v,2vj96X-?d[T.3q3%q6,͠Nq<|-)1hDS@CWCuj8a(Wq>P=ӿ'1͉e:8"՘LV# gI,{12$zNpLީl0srDX8efeO?+ϜVW/)@/ ӽj5ʽcc_;Cy A0tA3n0(p"{ oXp#udRJk#RMɨUw"mu^I+DiO|oX" -ynγN F,GO^X m9Wœ͂kr)EVW7|WlAJ$T᪋*[*C+3*1|G52GNꝞnA'd a`˜'H)kWȶ>d܇Lo1ҏ$W~@D"ճ8aS/-qeߒo2A zh+fGk9ܳIN/+>TdgwdgX0 )N9*sZ,et[qhKFJ$#asϨx Uf*ݾZ<^~#'fag,M? Ǻ\l:*h>jMXCe&ͅq"!EG1KWfH Ǜ|V*Y\rD>ntO܋& #Mt{#_) +w&TkT5_<`Lk#P}hzQ=ixOT obؑ;2*,Ϲ"NBS'ƔFV]Y՛nͫ/+'Y'gC y!Q|ڷӞ#?LKk fH|4۸9+3]ij=nX[fĖn^V3R{}w͘ *~ƊhY#lFGĠvR8Ѧyjwt H5S[{ir,#OZK)C~}pꨡV`=KTQ ř&#Ke&]0#ec$|>ɕfU+ Y c{XKT56gU,iKNͺ~߃ETϯ.fr#:("[AYVHͯKpK:q 8VŜyYXOީ _S<-W?y<_ɷDB-x( @эe,T>q,{x[Tbj H08Rqq,M.hfᦂwCo/o9w칸 `N s))R}:Sر^oP:vO{1Ts7O@(KlJm3M{UVk<~RNEhVٿ^&N\?Y̡1CjN6U烙cN4)ŶC@U,=rne`^ߔeRϚ/6Os` Egg9n{`>bܚ^jCdNtZ= PoNG\rI .-=-:ad~WRNDF\*De?E=1X9v 1'&d}&!(]?8ZW-~r11S$$6:A_J =b-c0LzQΎ,a1eHtiߝƠ'a?b1$ ZC-44Y6a_0o&xݣ*+zTD_ ifӝ!h*qQ+S{1%aȈWrLH֣e=AM6#r /0]=]~H$fJT0=˫4VF%δαǕدИ68[+/9pU ߇zA hLb'E׆&n9(u~X *-ā='Q@`f~2k[o&(|S#\QU&k^n>3 5̑:rSv)~pm^W "(-V*UO|abn>=.]ƍe*fXL^, =E<w-v&HғlP.VK j 9IKXpL+gΌDh k 'Fe)b@ߢ7EKu0(! ג_ #!j؏{u>RLP[Yfs]uʔ}ЕeOԣRM.ǫAU] NESmE>oQ2L yU`N?r/MYjzr1: 菨qzFz-2 :aӷN{!,yʸth pRK`ov椼IH*^8 xD\"1 kUsх> {-8q xo cG3RmKR‰eqa(!J#ز}R aWF[FHד ᛈYCe4IPf~_z"cW#gOkxk^KS1wŒ>s5ŀ.ۣ̳ms=Sh?X/tM˧dd eM~)̓Vq܆ٓV5w=,EB5]Ks kk.+Am`3;: JRj4 pTj CZ$IΨ7VLWZ[Ik& :(\(eɠdwי`> :ut1f'E#tZ8fvY~pe GCG|V;ӷ#uB8̐ JnΣZbpȗs?m-fF!tXeىدDc?lqkuU|HaB%ώɢʨ/΀Kapc(|4zsSb,ԊNz=* wkGe'\`\UrF(;>i-┣Bx b#I&@͇-3?@AtȂ`49S1=pw(HAsAr+y)6y 8z@!J[\A)<%֙f t_ZHk1̞3{wŐ#;]ԙY{MWJy`Sf!KвNT+.tw]*ƐVMvd%t<&JKq1n.f $@/ \;d> ,7g'r] S#Mw7d\zG=4 7 Re2d|ή#tN0cؙGyn!OUE+#t4~}f"2PRhV(l'VЌyf@6S޹RD6L2J5אIiVGHDH$V PVf$PE|Q޷oj^FsPw[>W' ɳwġ>c@O'#eo鈧tW267@a-} [f5:H|!&{ۋP1rOgfC&mco1$ۭ&B tvq+cVN kV4ݛȱw((0]|OÂ]ԣBrj`KO rARFg@cܯZQoFݮftzuoT߃׊]eP|.e?K;PY@eKwkBbCW  EgBzn aΟ lXX64.籱y G^ph`UjC̖Yd`ߩmOrgj[T9y[A{z ǧ#fuVeF9"gmb `%oesR閄yumyJ ?J7uX-cXIʌZ2{L",4v5,bMl,u 1n7Q`K7Vo ݼ 0a89/T)6RVpI!KT, ֱ1P\;l?Қ[gO!ג䂋 -zO*

-G%>,SڨьRc8/1$$fX;Wosv X=X>Vr8e:#% yl~$tGxYpQo e#=@+N¤ Rt-N҇7LށpAD=hZ nF5`4v4-1Gokf7LF.GM54 ǹCt.PHvZHPf ORaTzDsPo)!>1<]0Tz zQ"mnJ3)}@=WB}o3u)sIm%< Ec+YE6}ikDo}mx兯!M,`34ϡ 'Q\:Tˋr]V֞$;?~I;G]6ӊŲ&sصSK*T:+I4O;,E Ϳ}⎁m'UYOP14Y\q$o It ޛy{T 2, AÖ .,cT3G3cO`)(2D ?-opnX̲d U2VR-I VvQ z-l-a[kW67ZgC_w'I*~8kNr~YICka Nlۤ0K/.Se/=Y#tN 쀶1mMW[` z}*yY6#} UoM5V( ՀH(9Sf~MyA S{X3l2y+-:c+H̴rqRu hm1L{Z(^Mo;<D<}F%\W/!Dm} n;@횋?gnƩñIbZ'K)(N;:Uuip8Ri ).ĉHp.2vjp/aZN/<Q-P:Q^<)MH~zcE}\Os\xn+-"3nSi~(drC9#Di8ϼb{HNsTyt2"ϋ\$$,.,ءuNn'Df9c`ȷzJc-AQ/s{(x`yҵ.ݕ~YS_Zxlhx6^-z8ǽfm!ajv_yK&=MD$ L)\6qq.zr<[%HeVi̖uI-/~qFTy3{>16>=t*@*~rKU: o8u i%N^AD'HM@VvzSdQ791!vao(_K: Ni]b\cU3Sq 7AnD?6e+"SD'Ov;_(978;Wf5EZTr-ԏe s-ySZ/X=]mahÆ,XiRP|{TdQ֐)[zf[7k쟅:?k=f~ 8bUwB" LĠ:IT '`C 6Z؋(z*0OjgLN7  4]BS(|cc!P`]F$z]Rl:Gyx*8/ٹ}#QD?.aj&i]?}U{(4M:Xodp%O|M۸uW-soIE°ʎۣc&u2:Stբ*-m*^ҏCmE>B'Y,lÊufя#f]u?y;%w((k;^cas#v8!da7+BBo"y%|^pxQInbiz>84lQV҉D3dO-nk-˴\,TB(aځ;ltJln6$"ЋzKC6DIsm$dL d+naQ FU>5L׀C(Ǹ[r< Oxa`Dz}ؚ0SE3PggiꤺL1Y}i(./Y8vg`'' v9Z'}畕sJ-9ANyk;t˴.ln>E=dsRxT؅ ̉fMY%&Ru8%>m7u'0<'`<~!b?r܏酐!/֠Vys:e{#2qJc0r!AN%s<ّ,+jgXZ~q3u8LIqxae})JL_\ܦ.lmى ݃EeZՅj0`Dqk곩~gyCN-f?Ž [RMQ5pjQ~ T9MZ1C+)^eyWԤ0mś@HDe`ءNW4狟/g`w.~Qmc[J(ǹC?IE )r/KH4pQ<΍VyĂ"Cx\,ޠ` u)<`V"G% mU~v>CbmرOeݥKciq ІH> W9a1NĒBKA8r2TQV"7MXBSC tt.)|f[! 2H~OȊȥAO Ws!F,WǂO~T?%\S "-1Q΀>6Ԏ%}oύR]lL;])pLعL>^{rD7ЪQw6 ` c _ۈ O$ܸ.Kͦ:);| (XOM' B9LZ"O6. `Ywp7ȫcjˁ/Ӻ3A-'_32ڝ17H-+vgPlj<jހVȒm5zEMv81SE;ֳEO$'^]^RAV<ѯbes.H+Sbtm m$Z*{u-UHpz~F0d8]͂ 鷰.b3[l\^QC%a - I4WGʺ2É8!qH/[-X9fIQBT٣.TA֘d Roٗa:@6aI+.J FK2}_ e:HMm"!Lȸ8ޥh*Ӌ#6‚u5q0@Tl磾V [ />nP 8dd6Ip>4)v2-C玟Z; M ξr*VWBߧ\_A=`7z=Ciĸ!c{-Bp2eS2Lz&w/f޵'gixx]SsB}9 q9ϸRewBա>gg{pR<} Vw~QO/Wi)gEֶ.hb HEH঎9ԢVy{e{C>"h,S ߀cBb'85u $OUTFڽg7Ta.rϾP[Yqf>58VɌ@3WpV&t`qLfgV &2~$st1J;Yg #Y/qөz;Ozʗ {M*lߔ\)KK"u3'?\T0^8Q+W $شn- #e<(jbVOEFhяpú\ӯ2,Q%fܢk #L->H"L6k cXz{-"6r d˖fԠqz i]g:%`*%)> Ėhm"W g7hxl1gZMMKU 3 .zd!bvn(=Y3msO[_:%a}kx aQT-ID0_!oA](Strw@uLc i9*0lv Rkhˍd}L2_nVB9-P폇Ɗf^#qW1*to -a`$(薃!o\: H?4Fa֫7F"R2s7& q Ob:7թ:RT4 .WA,L<'yΝFЯL2;0yC! @K;ɴ)|1MB,Qc&.ն5Ck,دg;=A;?fE{4MtJ"J9+ҏbۡұ :OYz4dxG_FE<@A^Tozh M [8Ww(Te>#ICOD^\p%{L?!D6J٣Ƨ Y$(QȟeIai 2L_LE])ѵp$f]UՏ.jw 1첍s~cʐ2m2.ֲ߰콷=wnrFLf KG},@"uZ g2__Ebi࿊zgj 2?+q6bItdsXMqC C[M Frj"a!dP9g=6_p*/bD7H6.`H4Z~Nxtsz7I{vDe C3@'vB"P,:w h;8m(BY*jP6Ds%AB[^2+\w )`Oclh?_Չh1m7Rzpnx0c/c%7 SvIn Zpa!Q EҰ5PkI)vL*fD#^FDŀ19tUWː*#~@JGf/T E~Qd+.}TpWYCFR&_\(?)-S *ƔuB0K2iǶWw ^ nyx)~dRI딦Eyǝv.'Fn|ZҮRXPC2B g\x/ْh`'Is:g)E r` !S[VqQ@ 9*zP+-U!`;#ǿ:%4wxWvʓՂI}t搴fki۸S(NlfN$ Igࠚ+Kې I@M+}J6̎R%gƈaUE(NRۥ i&ѯW0֋uFUE,ׇ=GfK,la ?UYvJG`ŗ!'CM-Yl 6nHFlwPl 1ĪW~Ⱦ]qx{Cu3yq?0e EINWr]13+]äuBӃk.-޵-O1>= "o_kP$(d⥮\[A*Fj3<>BԤHv\S |iXF.ZsYZ &oޗ?xl97P"H5|d"iWM#5IP)Umx] BuB&+g]!j4jCT`?bꕽA-mVvo6QYbO~Mj:Yx#-s7VwN[{kþͿy+k⑥M-!*%Y7j5h.3%G&*%t(ŦA'uB!;ܶ.f ǻx;AS5;8;^&%:uA6cɉ!{J?a!5͘rPm)df)2*(E;5>I#Hyt9MjҴ- -&|S^fΈTfzy\B!bw>"C’Gt{_fSB< se¨x2 `[[Y:Fv=-=8r#x}ބ+İ#P4@dDx\ޘ0C9xx=i#F 7lztKqsF[뮬sr5ؙ\ JT`il-~N yA62Lli~N|./gY" RUІ";1Q\C>9xzs@WT11mR4T:?qdjp>5Y@m\" -QԦEH3Mh t#r@QPL]YWEpY',VL{{W8Mn9?忌/. r`ObUo(?*lF/*\@ReCA_ufP5`_~iS{({ V]:zn (kAP1oiY؁NzA ?|R\|x㤁ʕ%SXbxWt5ZoHzSh]a 7#S'Ufvqm d3DN`ٵ!?);.aN`l*Se5m<hφY*7@5 MD3Is}djGyo7K)O%G-TvFzMZq<0n1/qPLz,+CcN/6p0L7v`8(l1d`0ݍCgD?O#z}X~kX@C*w}QxTCƂCA^ITԈ:d,PcM.s@f UDwps≘c.4j)!6^2a#"̻g K&/K=D/m?`CR5;,q;9uԶ:sq/ȪQ:M{;bD3%I sτgq: Z/H3c78' 4lSptO7x~4m!#4?+LF.=(:В`3@iW@˦3QrCv `̆$Ta8 o?9/c \V4#]8\79$nS%tIaq덺狂%w ߍ+DE 0yё}Raqg2 -+vU!\Ȃ6y/Q][+ǹaLVɶxޮ$7좵(d?MIP1grboh:k7VY{?*FM̸^f+qv0Oؚyw PrH-6mkh /yw5l4%A!ΕwD }I }"OI]dJP8.&E ,m3-3 =[fFt[:'@!1ݛ{8ɘ!BE[AS.Xy0{lkۧ $@LNl瞋=8.Z/!>ŷ?%gꨀ +jvLdO.^m= .IzdOq%֯ks$1c0vJb+\orf"Fgnzz2cX"ẙExoYتɁ::N^RrE1 %M띃jڇ woϙwJxb*NN4,><2_ޤ p`+F:)-~F LxKB̿ө ncl:G# +Os:@ArG}Jg|D6ϐUY>^Б3ed~kG/k >5pLSiD&\BiJm<kbYSA—5r!sze P~ZkVpм .&}7b+Oc;LA` hHas0ƐA}钰A RUIuY)`VFRX&HtAX]<ñ$I;y-H'-֭N'Ͷt 6,o9[9 KMkUV[Μ%.¯~2k|&*}x3O.dt3lSmWi-dɡ'U, q]?10GX~g_gÜQE.n@Y"}1:%.3o"'P_jȍE/ִ]%'0$QәD2 O p.:.KNOz0 Bjq G{e(>,[]-l,Lq?Z`fa+ң)R=U\dzЩWOv}cd%|~5i~̀-2JLMK@`@Q YD5^O@@S?1̒]b-$O@o]OF1rtň58uW=z?ZLR,Crp}{zF`ˆ"ƿ0U̧ےMY)IS-wo}L4 g hMgJ ҹXzg@ֆ3Y__Ϙc=*n}5<5`T7{7"!__ Llѷf?ڜʓg K(@ R{5ܰ2֒Joh Fx8Iz.;i|BO۪T]'%5PA~W8'I(k 0_. 9C:,A0L-G-J|4._z\*V>m`@P~Nm BwI RmL6:um׻6f9Rv>SRB`*s&2E\jrwX u2m|Fg'4&ۛ>T#T"&SS{zjMbk[+}`b5acX*C^`" k4#h[,CL N2bː:NGɑҳ~`Š {6>?`q?+_O1] "&%+6k-mv4E!'RƁeY5ҟ7S˯-OTHWjqG]a{i`4$~lpHi/@9RdO8(g1R- Ƭ8E .B[.#=KQ|-5,O(nlf@[LEYKfH|&ۍqc׉`:bOǣPscm_A45,1bU/+PI>l4*ޅu7alY8`cn'Ҩ_UgaM%`1SN[_RѮW?J)؁,>W&a/e'B/#?WT[ͭ"d; Wڌ:ck JƱH&ZyMe똛ŔszͻC9!%=Cy&Ɗby5w1 'a=ƿ]Jٟ0|?U^^BG˂ݏ0\ [\?1)`vj7E6,镄ʊڌv9!KM]wi>&ޠZ!-Ux`}/, ndodHu).cw\Vuy 84όBJsr{ƻ^>nK烈FnjNʠ3P/{ Cet9&/l:BLߤުj6ANLqp+aR ~/08ָ X{xI+Ӹ9#󎊨c<x8vbr]nw Q8m(>\&}@cg{ nT1μ BF6(i\"zznoтxQs˞bbY2 uh:m`~g{€.]\yֽc(V"hM ^YjsOb+ux@f9ڑ ྄p8ף 5KsݴWzŹO! 2t1]mm8;şowTyܞdu ʲTx !589OaD=К!ՙw~jOu^5n7(IlJ$ mS?,^F"ے3.M9nN(J ^.T\?Iށ[Aw?‰qoĚkV>]h& <5Kv>d g6/l]s /`E+h<`ĀCeo҆1{LfTl٩;9my%kMX с/ʘ)3TLmIB*׈<(5'{PvD1|ܯ,3 /nMEX뛏Oo$z^:RzXX\0#ksY"I,]`JCvn! Tn.X75Cʫސ!VT)Hh>zșJQ,&7E z3:'H:Kr* uw#^ lZh?:\7ƪoO=ͨz/O2=æF?rW]b=AҲYDEl|;>5XΞ&}Ryj/>u'QKtMK]v[:k@os^ ]|@8R%/wUkr*aRSA/ nw5-L_ |iv6 .M┱ Vr}|qvem&” `[ 1NJa̭vr6TXe?y0i🚦? SsٝaCi(6|_m2R3 Ř]Q/F?5Bz+Kؐ5nDx 9){fs-!,H| $I< Թb1Ms( OlRהH"% ~g\UG.,?C vfZ| $H6n2Δg:|V3q$:D m 㵱j%^ ST43J!m-\jLF$Ӥ`ZU@葽Els`cJXaOV9ʋdCq+OM4gNJpLZU.pxˉo"L ,Ua)(طnT[lc%.|GP ]X\f1[e}S֓#_$VLS> rEdY;&:T[C5ʑuS'5^wAs +͑c6ϑ$oc'})s@ 5@f'*ËAy(h}rno R**1Àx…;]0cvg4yR)up CV[:"WIg)zv#,c 6"P2gtiO~ _i)nÃ=Vit0q<.dnqŠm":Nc)lJHlwuwL #Z-%5Zмdqj~k/#h.O-/.3NkFFv' R[}_LI nC诿J pMaHŵ@. ˬȳjԝC^dҏdSsvI&qbv $> q('Mc X]^籝KݘYD򗈓fםr N8~ǻʗZ.\>o=+,뾎It =m`:5$ x1gX)|uXK͇((6Ivrh78S[5كqWl))2.#mT#Miu/t$g2e͡ɂv JT .P:RĐ>e#LwVЍ4yC%) ۡ-ѻ-=?OEc'kVpbڎׄzsڝz#v we/ibZ-m"(#/c! ]@JD\u_@ |VCzb2xp,-p!VΏ96#CP3YDR0\"M0M̈$l .!oQIrBPaԣ-3@f{U(؋Fc̢U^$v,\7TqH" lg[O ;X٧h !;Wa#4@ X"dӮhTf$FεcK55q}ې *Upk@h}L6fnA]B[c8vt.8 |EIVlE؂ŃG עkO^uD{۪f`4?Om~'%z'rndR7".T8M1k> iԇcδ+ bۻYj|7] V߅ eW**G@)Ei1+>un؛̠h9`?<&ʌA9hj.~C9/6XE`_ #DޤE`Gyt j$%ϣ~͕p|{3 [Y9Q|cET⥅VNe0mr* 3$as*2p;.y/BlLԶ,2.5}ٻ}F0¹gԴŞx&zF@0D,aLE4/(E3&IP`P*gӋ {MGoRФ9m1ÓA8PUyI6?Cr9m%88/+Pۏ3tuLxr {XgC ֣$$25i J\x]3}ƒX{ l_=&UFUNR@K(s$845:_b/RgmNl5.a;_S_ƾ./HRO&EH)o" c /=讃Qs[OYV /rk&IYhՈdIY6ze웯VxTy(_gK4^+c:*iIlib{w&~2]TbN+ufDa ,"Gc-D2zyaJ'%^nB]A,XJ1 4VO@pg@b<~x#{8lf1HRxi%*.iGAB;h2.pm { h!lλ1_'N3_4 9!`U3I6o*t{#228I>m : E`uMqjq cq\sq8[ᵅ^?$5;(wZ՞%Vqe h@ ݍm= Dvꃎ/yG'~8v)aFӘk#-0ְqS(2T 5YZWv)wȍ JC~`' vf2AK+pޮqAδiy~$ Ž#>ADVF,t.q&Qa+ݜe˽Rhz\ dD?\p./ Y 8o@^|gh|:oxxslîbyVc 0ˣ0;T շSl*8/9ۢ|;;WWJBB#O8$rH*@}STʫSќB/]tMH};4_Ü.tXoHXNNذ.:{P^L)g@kZbCyS@ƌ=LwBd2 _l ?u[g ݟr^qn3D1@Ve]9zze=i:fl|~kgɗsǀ B(ʴd><,4xU#哉Uڿ.o?j: 20x/Kbg6isjڴZ~\+ klj^(PF[<]NcIa< cp8F< QAvq5aAWB4 f5G|,+ϟ4:ȜnigKp8*v?lI\eD߁.ĵz j^p!ykJ@|&iJقidZ ۷djXۛFe91_"WX=p H>#D?!h^E>gX%0Dv+*I7C5 M5G>}4C=QM2-YwtIRyJ}35͕Hx GΆjJrTO 1S.B>,ckR .9 }#W[Hx ^ `J{L9K6|Qq[(, ey #Џc'"*aJi@ Tԍa:JN˕WfNR*>6XH{7jR͐X,$c55jҢ(is້ M9z& @rM( !2E9Sod}NÓTRtGkԭŞ=ܞ7wu76zGs$fzٮK[EbxwԤ22[?!5&jrww)EءFt 0\]"f3m6.',.C:I6WK6_7]a8AG4 2F!ͮlOCue> ,e =r.iRBXOw[2nJ/Gxd[2AbKy1ny} ^1+RiZLPtG,U rsBU3cL(Q++o)"E+βm'WthC2%W.U?t}h|$ z2'37, `!OXտ =`-&gs?BFH5܂NNcք,hREesA1Fst|/ڣm ̪2Dc?@Z7R&+ rvLAsa77&7@ҳ<:>X(:(+}kj C{5I#p"AuBtfXjl+bmLQ |[MR4,x"Ȝ[kgrcS ğSJ1„jŅ5ʯYa}G~ ~0'l=@S̤I  YZ