nss-pkcs11-devel-3.67.0-3.el7_9>t  DH`pai$ƨGltI/ P] Fv7)Ԝڡm{ &mF%. 1KۤXod)s0B? : Qsp DiȺR>^0uܹLERm䄸>}qʤ 2m4 E/s؃!UMzL:khPɑ cU= \oXL|AY(}؈t/!ݚ 2 wUa~ 0 H_ =!?%N*l2Q,[k:s$Lf^l~p{6brDi?kD/XZt&7e+BBϰ"$cngXVNaޝji}o,%h% /=%b+8GKVϐ%ؾ]DBЁj57a0hj)p K9 {lI7,8?͢&150ef1b63a59151346dd5067e4e3eb177a2ce704Xai$ƨZL|?b\YsQhTK+r;InR#n^Tx1l~w2oA8S>7?td " Z OU\         E  T    ( \>(p8x9 :T%G HD Ix XY\ ] ^bdSeXf[l]tx u vw x< pCnss-pkcs11-devel3.67.03.el7_9Development libraries for PKCS #11 (Cryptoki) using NSSLibrary files for developing PKCS #11 modules using basic NSS low level services.agx86-01.bsys.centos.orgL:CentOSMPLv2.0CentOS BuildSystem Development/Librarieshttp://www.mozilla.org/projects/security/pki/nss/linuxx86_64 n@GCB:n +``````````agvbagvjagvja35ece673d12028eb93987be84491b4a5978b26acbed9391ea7c623d892114892314809e560ccd8db3aa7c73a76761c6dfdc9970766418eda2ccf5d82d7c8c87d17c98658d22e1d43bebb72e5c2fa70d38b4813cc365664cb7e012c1c205945a44468d9015bc778365581b64aa8389d29b1253027c339f0db50c4fa4041b182610323e003c49ea719ba9d58bcc8cd25e0cb04b9ef477e86532dd49ce5aab7de426ea03608b467e5d895ef62414d18e48c7eef62075092710067aa35ab7da79c77a0eecf6f3406b0ac94bde7ea8963f1ed4bdc05c48bade64adbbe3f942607a58424de03c781dc5f6985867d3c8905ef675f7f2bef4bc52abc6e523484afb4882dc8e6a0a79dc11903d89226d4fd9a1a2e6d15433c2f77b7176b727c3d2980b1b616dd39c3520cedf4a0b72c67baa0de3103d894baa8631e24020c157d21a2473f5ee187ae698bfebcb2b4df6e21edbc3d95b5ec709756e1cd6a1c3d83fca1c443caa1b2da8827cfabc5b8dc6dbf2f3513bf26104a0197a3d0beb0ceda0233e116c39c04b4f6a40ca704d5f7a980a51f1a4745825e8f2ea57f8b9976f358d8af6rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootnss-3.67.0-3.el7_9.src.rpmnss-pkcs11-develnss-pkcs11-devel(x86-64)nss-pkcs11-devel-static     nss-develnss-softokn-freebl-develrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.67.0-3.el7_93.53.13.0.4-14.6.0-14.0-15.2-14.11.3a=`@``Ȗ@`@`?z@`3`.V`@_%Y@_"@_*@]B]@]]S\\\P\@\g\-@\\7\C@\@\@\\|\s[k@[Z؄Z3@ZЛZ2@ZkZw@Z\ZOhZN@Z Y@Y|YB@Y@Y@Y@Y@YJYg`Y1S@Y i@Y i@Y @Y.Y@YXX~@X•@XO@XO@XBX@XX@XWu WrfWc@Wc@WBWo@Wo@Wo@WW WW@Vn@V@V>@V`VpV'~@U6@U6@UAU@UUUݪ@UUȒ@UU@U'U3@UUx&Ux&Uq@U?v@U8U0U-@U'@U:TTq@TTto@Td@T)IS@S@Sہ@S@SnS@RJ@RRUR۾@R۾@R@R@Rx@RΏ@RkR@R;RiR@Rz/@Rv:Rt@RrF@Ro@Ro@RnQRe@RW@RSR@QQQ@QKQ@QQW@Q'@Qq1QNQ9Q7/Q#@QQ @P!@PՠP @PqP@P@PAPXPd@Pd@PPP@PP5@PPnP;a@P(@P H@O;O;O@OiO@O@O}O~OiOYOX@OOdO&@O!@@OO@O@N>@N>@NNܲ@N`NؽNN@NuN;@Np@Nf @NA!@N*NpM@MWMc@MM@M@MMfH@M^_@MZjMS@MQ0@MQ0@MQ0@MQ0@MK@MGMF@M6@M-MM@Ls@LOLLZ@L6LdL@L*@L@LA@LL@L4Lx@Lx@Li(@Lf@L_L_LT@L0L0L K @KsKsKKCKCKCK]KMKLd@KD{@K<@K5K4@K,@K+nK*@K K@K@K@KJݦ@J - 3.67.0-3Bob Relyea - 3.67.0-2Bob Relyea - 3.67.0-1Bob Relyea - 3.66.0-2Bob Relyea - 3.66.0-1Bob Relyea - 3.53.1-7Bob Relyea - 3.53.1-6Bob Relyea - 3.53.1-5Bob Relyea - 3.53.1-4Daiki Ueno - 3.53.1-3Daiki Ueno - 3.53.1-2Daiki Ueno - 3.53.1-1Bob Relyea - 3.44.0-8Bob Relyea - 3.44.0-7Bob Relyea - 3.44.0-6Bob Relyea - 3.44.0-5Bob Relyea - 3.44.0-4Daiki Ueno - 3.44.0-3Daiki Ueno - 3.44.0-2Daiki Ueno - 3.44.0-1Daiki Ueno - 3.43.0-9Daiki Ueno - 3.43.0-8Daiki Ueno - 3.43.0-7Daiki Ueno - 3.43.0-6Daiki Ueno - 3.43.0-5Bob Relyea - 3.43.0-4Daiki Ueno - 3.43.0-3Bob Relyea - 3.43.0-2Daiki Ueno - 3.43.0-1Bob Relyea - 3.36.0-8.1Bob Relyea - 3.36.0-8Daiki Ueno - 3.36.0-7Daiki Ueno - 3.36.0-6Daiki Ueno - 3.36.0-5Daiki Ueno - 3.36.0-4Daiki Ueno - 3.36.0-3Daiki Ueno - 3.36.0-2Daiki Ueno - 3.36.0-1Daiki Ueno - 3.34.0-4Daiki Ueno - 3.34.0-3Daiki Ueno - 3.34.0-2Daiki Ueno - 3.34.0-1Daiki Ueno - 3.34.0-0.1.beta1Daiki Ueno - 3.33.0-3Daiki Ueno - 3.33.0-2Daiki Ueno - 3.33.0-1Daiki Ueno - 3.28.4-14Daiki Ueno - 3.28.4-13Daiki Ueno - 3.28.4-12Daiki Ueno - 3.28.4-11Daiki Ueno - 3.28.4-10Daiki Ueno - 3.28.4-9Kai Engert - 3.28.4-8Daiki Ueno - 3.28.4-7Daiki Ueno - 3.28.4-6Daiki Ueno - 3.28.4-5Daiki Ueno - 3.28.4-4Daiki Ueno - 3.28.4-3Daiki Ueno - 3.28.4-2Daiki Ueno - 3.28.3-5Daiki Ueno - 3.28.3-4Daiki Ueno - 3.28.3-3Daiki Ueno - 3.28.3-2Daiki Ueno - 3.28.2-3Daiki Ueno - 3.28.2-2Daiki Ueno - 3.28.2-1.1Daiki Ueno - 3.28.2-1.0Daiki Ueno - 3.21.3-1Kai Engert - 3.21.0-17Kai Engert - 3.21.0-16Kai Engert - 3.21.0-15Kai Engert - 3.21.0-14Elio Maldonado - 3.21.0-13Elio Maldonado - 3.21.0-12Elio Maldonado - 3.21.0-11Elio Maldonado - 3.21.0-10Kai Engert - 3.21.0-9Kai Engert - 3.21.0-8Elio Maldonado - 3.21.0-7Kai Engert - 3.21.0-6Kai Engert - 3.21.0-5Elio Maldonado - 3.21.0-2Elio Maldonado - 3.21.0-1Elio Maldonado - 3.19.1-19Kai Engert - 3.19.1-18Elio Maldonado - 3.19.1-17Elio Maldonado - 3.19.1-16Elio Maldonado - 3.19.1-15Elio Maldonado - 3.19.1-14Elio Maldonado - 3.19.1-13Elio Maldonado - 3.19.1-12Elio Maldonado - 3.19.1-11Elio Maldonado - 3.19.1-10Elio Maldonado - 3.19.1-9Elio Maldonado - 3.19.1-8Elio Maldonado - 3.19.1-7Elio Maldonado - 3.19.1-6Kai Engert - 3.19.1-5Elio Maldonado - 3.19.1-4Elio Maldonado - 3.19.1-3Elio Maldonado - 3.19.1-2Elio Maldonado - 3.19.1-1Kai Engert - 3.18.0-6Kai Engert - 3.18.0-5Elio Maldonado - 3.18.0-4Elio Maldonado - 3.18.0-3Elio Maldonado - 3.18.0-2Elio Maldonado - 3.18.0-1Elio Maldonado - 3.16.2.3-5Elio Maldonado - 3.16.2.3-4Elio Maldonado - 3.16.2.3-3Elio Maldonado - 3.16.2.3-2Elio Maldonado - 3.16.2-10Elio Maldonado - 3.16.2-9Elio Maldonado - 3.16.2-4Elio Maldonado 3.16.2-3Elio Maldonado - 3.16.2-2Elio Maldonado - 3.16.2-1Elio Maldonado - 3.15.4-6Elio Maldonado - 3.15.4-5Elio Maldonado - 3.15.4-4Elio Maldonado - 3.15.4-3Daniel Mach - 3.15.4-2Elio Maldonado - 3.15.3-9Elio Maldonado - 3.15.3-8Elio Maldonado - 3.15.3-7Elio Maldonado - 3.15.3-6Elio Maldonado - 3.15.3-5Elio Maldonado - 3.15.3-4Daniel Mach - 3.15.3-3Elio Maldonado - 3.15.3-2Elio Maldonado - 3.15.3-1Elio Maldonado - 3.15.2-10Elio Maldonado - 3.15.2-9Elio Maldonado - 3.15.2-8Elio Maldonado - 3.15.2-7Elio Maldonado - 3.15.2-6Elio Maldonado - 3.15.2-5Elio Maldonado - 3.15.2-4Elio Maldonado - 3.15.2-3Elio Maldonado - 3.15.2-2Elio Maldonado - 3.15.2-1Elio Maldonado - 3.15.1-4Elio Maldonado - 3.15.1-3Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15.1-2Elio Maldonado - 3.15-6Elio Maldonado - 3.15-5emaldona - 3.15-4emaldona - 3.15-3Elio Maldonado - 3.15-2Elio Maldonado - 3.15-1Elio Maldonado - 3.14.3-13.0Kai Engert - 3.14.3-12.0Kai Engert - 3.14.3-11Kai Engert - 3.14.3-10Kai Engert - 3.14.3-9Elio Maldonado - 3.14.3-1Elio Maldonado - 3.14.2-2Elio Maldonado - 3.14.2-1Kai Engert - 3.14.1-3Elio Maldonado - 3.14.1-2Elio Maldonado - 3.14.1-1Elio Maldonado - 3.14-12Elio Maldonado - 3.14-11Elio Maldonado - 3.14-10Elio Maldonado - 3.14-9Elio Maldonado - 3.14-8Elio Maldonado - 3.14-7Elio Maldonado - 3.14-6Elio Maldonado - 3.14-5Elio Maldonado - 3.14-4Elio Maldonado - 3.14-3Elio Maldonado - 3.14-2Elio Maldonado - 3.14-1Elio Maldonado - 3.14-0.1.rc.1Kai Engert - 3.13.6-1Elio Maldonado - 3.13.5-8Elio Maldonado - 3.13.5-7Fedora Release Engineering - 3.13.5-6Elio Maldonado - 3.13.5-5Elio Maldonado - 3.13.5-4Elio Maldonado - 3.13.5-3Elio Maldonado - 3.13.5-2Elio Maldonado - 3.13.5-1Elio Maldonado - 3.13.4-3Elio Maldonado - 3.13.4-2Elio Maldonado - 3.13.4-1Elio Maldonado - 3.13.3-4Elio Maldonado - 3.13.3-3Elio Maldonado - 3.13.3-2Elio Maldonado - 3.13.3-1Tom Callaway - 3.13.1-13Elio Maldonado - 3.13.1-12Fedora Release Engineering - 3.13.1-11Elio Maldonado - 3.13.1-11Elio Maldonado - 3.13.1-10elio maldonado - 3.13.1-9Elio Maldonado - 3.13.1-8Elio Maldonado - 3.13.1-7Elio Maldonado - 3.13.1-6Elio Maldonado - 3.13.1-5Elio Maldonado Batiz - 3.13.1-4Elio Maldonado - 3.13.1-2Elio Maldonado - 3.13.1-1Elio Maldonado - 3.13-1Elio Maldonado - 3.13-0.1.rc0.1Elio Maldonado - 3.12.11-3Kai Engert - 3.12.11-2Elio Maldonado - 3.12.11-1Elio Maldonado - 3.12.10-6Michael Schwendt - 3.12.10-5Elio Maldonado - 3.12.10-4Dennis Gilmore - 3.12.10-3Elio Maldonado - 3.12.10-2Elio Maldonado - 3.12.10-1Elio Maldonado - 3.12.10-0.1.beta1Elio Maldonado - 3.12.9-15Elio Maldonado - 3.12.9-14Elio Maldonado - 3.12.9-13Elio Maldonado - 3.12.9-12Elio Maldonado - 3.12.9-11Elio Maldonado - 3.12.9-10Elio Maldonado - 3.12.9-9Fedora Release Engineering - 3.12.9-8Elio Maldonado - 3.12.9-7Christopher Aillon - 3.12.9-6Elio Maldonado - 3.12.9-5Elio Maldonado - 3.12.9-4Elio Maldonado - 3.12.9-3Elio Maldonado - 3.12.9-2Elio Maldonado - 3.12.9-1Elio Maldonado - 3.12.9-0.1.beta2Elio Maldonado - 3.12.8.99.2-1Elio Maldonado - 3.12.8.99.1-1Elio Maldonado - 3.12.8-9Elio Maldonado - 3.12.8-8Elio Maldonado - 3.12.8-7Elio Maldonado - 3.12.8-6Elio Maldonado - 3.12.8-5Elio Maldonado - 3.12.8-4Elio Maldonado - 3.12.8-3Elio Maldonado - 3.12.8-2Elio Maldonado - 3.12.8-1Elio Maldonado - 3.12.7.99.4-1Elio Maldonado - 3.12.7.99.3-2Elio Maldonado - 3.12.7.99.3-1Elio Maldonado - 3.12.7-3Elio Maldonado - 3.12.7-2Elio Maldonado - 3.12.7-1Elio Maldonado - 3.12.6-12Elio Maldonado - 3.12.6-11Elio Maldonado - 3.12.6-10Elio Maldonado - 3.12.6-9Dennis Gilmore - 3.12.6-8Elio Maldonado - 3.12.6-7Elio Maldonado - 3.12.6-6Elio Maldonado - 3.12.6-5Elio Maldonado - 3.12.6-4Elio Maldonado - 3.12.6-3Elio Maldonado - 3.12.6-2Elio Maldonado - 3.12.6-1.2Elio Maldonado - 3.12.6-1.1Elio Maldonado - 3.12.6-1Elio Maldonado - 3.12.5-8Elio Maldonado - 3.12.5-5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.13.2Elio Maldonado - 3.12.5-1.13.1Elio Maldonado - 3.12.5-1.13Elio Maldonado - 3.12.5-1.11Elio maldonado - 3.12.5-1.9Elio Maldonado - 3.12.5-2.7Elio Maldonado - 3.12.5-1.6Elio Maldonado - 3.12.5-1.5Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1.1Elio Maldonado - 3.12.5-1Elio Maldonado - 3.12.4-14.1Elio Maldonado - 3.12.4-13.1Elio Maldonado - 3.12.4-13Elio Maldonado - 3.12.4-12Elio Maldonado - 3.12.4-11Elio Maldonado - 3.12.4-10Elio Maldonado - 3.12.4-8Elio Maldonado - 3.12.4-6Elio Maldonado - 3.12.4-5Elio Maldonado - 3.12.4-4Elio Maldonado - 3.12.4-3Elio Maldonado - 3.12.4-2Elio Maldonado - 3.12.4-1Elio Maldonado - 3.12.3.99.3-30Elio Maldonado - 3.12.3.99.3-29Elio Maldonado - 3.12.3.99.3-28Elio Maldonado - 3.12.3.99.3-27Elio Maldonado - 3.12.3.99.3-26Elio Maldonado - 3.12.3.99.3-25Warren Togami - 3.12.3.99.3-24Elio Maldonado - 3.12.3.99.3-23Elio Maldonado - 3.12.3.99.3-22Elio Maldonado - 3.12.3.99.3-21Elio Maldonado - 3.12.3.99.3-20Elio Maldonado - 3.12.3.99.3-19Elio Maldonado - 3.12.3.99.3-18Elio Maldonado - 3.12.3.99.3-16Dennis Gilmore - 3.12.3.99.3-15Dennis Gilmore - 3.12.3.99.3-14Dennis Gilmore - 3.12.3.99.3-13Dennis Gilmore - 3.12.3.99.3-12Elio Maldonado+emaldona@redhat.com - 3.12.3.99.3-11Elio Maldonado - 3.12.3.99.3-10Dennis Gilmore - 3.12.3.99.3-9Elio Maldonado - 3.12.3.99.3-7.1Fedora Release Engineering - 3.12.3.99.3-7Elio Maldonado - 3.12.3.99.3-6Elio Maldonado - 3.12.3.99.3-5Elio Maldonado - 3.12.3.99.3-4Kai Engert - 3.12.3.99.3-3Kai Engert - 3.12.3.99.3-2Kai Engert - 3.12.3-7Kai Engert - 3.12.3-4Kai Engert - 3.12.3-3Kai Engert - 3.12.3-2Kai Engert - 3.12.2.99.3-7Kai Engert - 3.12.2.99.3-6Kai Engert - 3.12.2.99.3-5Kai Engert - 3.12.2.99.3-4Kai Engert - 3.12.2.99.3-3Kai Engert - 3.12.2.99.3-2Kai Engert - 3.12.2.99.3-1Fedora Release Engineering - 3.12.2.0-4Kai Engert - 3.12.2.0-3Dennis Gilmore - 3.12.1.1-4Kai Engert - 3.12.1.1-3Kai Engert - 3.12.1.1-2Kai Engert - 3.12.1.0-2Kai Engert - 3.12.0.3-7Kai Engert - 3.12.0.3-6Kai Engert - 3.12.0.3-3Kai Engert - 3.12.0.3-2Kai Engert - 3.12.0.1-1Jesse Keating - 3.11.99.5-2Kai Engert - 3.11.99.5-1Kai Engert - 3.11.99.4-1Kai Engert - 3.11.99.3-6Kai Engert - 3.11.99.3-5Kai Engert - 3.11.99.3-4Kai Engert - 3.11.99.3-3Kai Engert - 3.11.99.3-2Kai Engert - 3.11.99.3-1Kai Engert - 3.11.99.2b-3Kai Engert - 3.11.99.2b-2Kai Engert - 3.11.99.2-2Kai Engert - 3.11.99.2-1Kai Engert - 3.11.7-10Rob Crittenden - 3.11.7-9Kai Engert - 3.11.7-8Bob Relyea - 3.11.7-7Kai Engert - 3.11.7-6Kai Engert - 3.11.7-5Kai Engert - 3.11.7-4Kai Engert - 3.11.7-3Kai Engert - 3.11.7-2Kai Engert - 3.11.5-2Kai Engert - 3.11.5-1Bob Relyea - 3.11.4-4Kai Engert - 3.11.4-1Kai Engert - 3.11.3-2Kai Engert - 3.11.3-1Kai Engert - 3.11.2-2Jesse Keating - 3.11.2-1.1Kai Engert - 3.11.2-1Kai Engert - 3.11.1-2Kai Engert - 3.11.1-1Kai Engert - 3.11-4Jesse Keating - 3.11-3.2Jesse Keating - 3.11-3.1Ray Strode 3.11-3Christopher Aillon 3.11-2Christopher Aillon 3.11-1Christopher Aillon 3.11-0.cvs.2Christopher Aillon 3.11-0.cvsKai Engert Rob Crittenden 3.10-1- revert sql default language in man pages - fix SEC_PKCS12EnableCipher so python-nss tests will still work.- fix sdb timeout issue - fix incorrect ssl alerts in Signature scheme processing- Rebase to NSS 3.67- restore pkcs12 defaults- Rebase to NSS 3.66- Fix HSM load failure because of CKO_Profile - Allow builds with strict-proto- Update to CVE 2020-256423 TLS flood DOS attack patch.- Fix CVE 2020-256423 TLS flood DOS Attack.- Fix deadlock issue - Fix 3 FTBS issues, 2 expired certs, one semantic change in nss-softokn.- Disable dh timing test because it's unreliable on s390 (from Bob Relyea) - Explicitly enable upgradedb/sharedb test cycles- Disable TLS 1.3 by default- Rebase to NSS 3.53.1- Increase timeout on ssl_gtest so that slow platforms can complete when running on a busy system.- back out out-of-bounds patch (patch for nss-softokn). - Fix segfault on empty or malformed ecdh keys (#1777712)- Fix out-of-bounds write in NSC_EncryptUpdate (#1775911,#1775910)- Fix pkix name constraints processing to only process the common name if the certusage you are checking is IPSEC or SSL Server.- Fix certutil man page - Fix extracting a public key from a private key for dh, ec, and dsa- Disable TLS 1.3 under FIPS mode - Disable RSASSA-PKCS1-v1_5 in TLS 1.3 - Fix post-handshake auth transcript calculation if SSL_ENABLE_SESSION_TICKETS is set- Skip sysinit gtests properly - Fix shell syntax error in tests/ssl/ssl.sh - Regenerate manual pages- Rebase to NSS 3.44 - Restore fix-min-library-version-in-SSLVersionRange.patch to keep SSL3 supported in the code level while it is disabled by policy - Skip TLS 1.3 tests under FIPS mode- Ignore system policy when running %check- Fix policy string- Don't override date in man-pages - Revert the change to use XDG basedirs (mozilla#818686) - Enable SSL2 compatible ClientHello by default - Disable SSL3 and RC4 by default- Make "-V ssl3:" option work with tools- Fix regression in MD5 disablement- add certutil documentation- Restore complete removal of SSLv2 - Disable SSLv3 - Move signtool to unsupported directory- Expand IPSEC usage to include ssl and email certs. Remove special processing of the usage based on the critical flag- Rebase to NSS 3.43- move key on unwrap failure and retry.- Update the cert verify code to allow a new ipsec usage and follow RFC 4945- Backport upstream fix for CVE-2018-12384 - Remove nss-lockcert-api-change.patch, which turned out to be a mistake (the symbol was not exported from libnss)- Exercise SSL tests which only run under non-FIPS setting- Restore CERT_LockCertTrust and CERT_UnlockCertTrust back in cert.h- Work around modutil -changepw error if the old and new passwords are both empty in FIPS mode- Decrease the iteration count of PKCS#12 for compatibility with Windows - Fix deadlock when a token is re-inserted while a client process is running- Set NSS_FORCE_FIPS=1 in %build - Revert the changes to tests assuming the default DB type- Rebase to NSS 3.36- Re-enable nss-is-token-present-race.patch- Temporarily disable nss-is-token-present-race.patch- Backport necessary changes from 3.35- Rebase to NSS 3.34- Rebase to NSS 3.34.BETA1- Disable TLS 1.3- Enable TLS 1.3- Rebase to NSS 3.33 - Disable TLS 1.3, temporarily disable failing gtests (Skip13Variants) - Temporarily disable race.patch and nss-3.16-token-init-race.patch, which causes a deadlock in newly added test cases - Remove upstreamed patches: moz-1320932.patch, nss-tstclnt-optspec.patch, nss-1334976-1336487-1345083-ca-2.14.patch, nss-alert-handler.patch, nss-tools-sha256-default.patch, nss-is-token-present-race.patch, nss-pk12util.patch, nss-ssl3gthr.patch, and nss-transcript.patch- Add backward compatibility to pk12util regarding faulty PBES2 AES encryption- Update iquote.patch to prefer nss.h from the source- Add backward compatibility to pk12util regarding password encoding- Backport patch to simplify transcript calculation for CertificateVerify - Enable TLS 1.3 and RSA-PSS - Disable some upstream tests failing due to downstream ciphersuites changes- Work around yum crash due to new NSPR symbol being used in nss-sysinit, patch by Kai Engert- Fix typo in nss-sni-c-v-fix.patch- Include CKBI 2.14 and updated CA constraints from NSS 3.28.5- Update nss-pk12util.patch to include fix from mozbz#1353724.- Update nss-alert-handler.patch with the upstream fix from mozbz#1360207.- Fix zero-length record treatment for stream ciphers and SSLv2- Correctly set policy file location when building- Reorder ChaCha20-Poly1305 cipher suites, as suggested in: https://bugzilla.redhat.com/show_bug.cgi?id=1373158#c9- Rebase to NSS 3.28.4 - Update nss-pk12util.patch with backport of mozbz#1353325- Switch default hash algorithm used by tools from SHA-1 to SHA-256 - Avoid race condition in nssSlot_IsTokenPresent() - Enable SHA-2 and AES in pk12util - Disable RSA-PSS for now- Utilize CKA_NSS_MOZILLA_CA_POLICY attribute, patch by Kai Engert - Backport changes adding SSL alert callbacks from upstream - Add nss-check-policy-file.patch from Fedora - Install policy config in /etc/pki/nss-legacy/nss-rhel7.config- Make sure 32bit nss-pem always be installed with 32bit nss in multlib environment, patch by Kamil Dudka - Enable new algorithms supported by the new nss-softokn- Rebase to NSS 3.28.3 - Bump required version of nss-softokn- Remove %nss_cycles setting, which was also mistakenly added - Re-enable BUILD_OPT, mistakenly disabled in the previous build - Prevent ABI incompatibilty of SECKEYECPublicKey - Disable TLS_ECDHE_{RSA,ECDSA}_WITH_AES_128_CBC_SHA256 by default - Enable 4 AES_256_GCM_SHA384 ciphersuites, enabled by the downstream patch in the previous release - Fix crash with tstclnt -W - Always enable gtests for supported features - Add patch to fix bash syntax error in tests/ssl.sh - Build with support for SSLKEYLOGFILE - Disable the use of RSA-PSS with SSL/TLS- Decouple nss-pem from the nss package - Resolves: #1316546- Remove mistakenly added R: nss-pem- Rebase to NSS 3.28.2 - Remove NSS_ENABLE_ECC and NSS_ECC_MORE_THAN_SUITE_B setting, which is no-op now - Enable gtests when requested - Remove nss-646045.patch and fix-nss-test-filtering.patch, which are not necessary - Remove sslauth-no-v2.patch and nss-sslstress-txt-ssl3-lower-value-in-range.patch, as SSLv2 is already disabled in upstream - Remove ssl-server-min-key-sizes.patch, as we decided to support DH key size greater than 1023 bits - Remove local patches for SHA384 cipher suites (now supported in upstream): dhe-sha384-dss-support.patch, client_auth_for_sha384_prf_support.patch, nss-fix-client-auth-init-hashes.patch, nss-map-oid-to-hashalg.patch, nss-enable-384-cipher-tests.patch, nss-fix-signature-and-hash.patch, fix-allowed-sig-alg.patch, tests-extra.patch - Remove upstreamed patches: rh1238290.patch, fix-reuse-of-session-cache-entry.patch, flexible-certverify.patch, call-restartmodules-in-nssinit.patch- Rebase to NSS 3.21.3 - Resolves: #1383887- remove additional false duplicates from sha384 downstream patches- enable ssl_gtests (without extended master secret tests), Bug 1298692 - call SECMOD_RestartModules in nss_Init, Bug 1317691- escape all percent characters in all changelog comments- Support TLS 1.2 certificate_verify hashes other than PRF, backported fix from NSS 3.25 (upstream bug 1179338).- Fix reuse of session cache entry - Resolves: Bug 1241172 - Certificate verification fails with multiple https urls- Fix a flaw in %check for nss not building on arm - Resolves: Bug 1200856- Cleanup: Remove unnecessary %posttrans script from nss.spec - Resolves: Bug 1174201- Merge fixes from the rhel-7.2 branch - Fix a bogus %changelog entry - Resolves: Bug 1297941- Rebuild to require the latest nss-util build and nss-softokn build.- Update the minimum nss-softokn build required at runtime.- Delete duplicates from one table- Fix missing support for sha384/dsa in certificate_request- Merge fixes from the rhel-7.2 branch - Fix the SigAlgs sent in certificate_request - Ensure all ssl.sh tests are executed - Update sslauth test patch to run additional tests- Fix sha384 support and testing patches- Rebase to NSS-3.21- Prevent TLS 1.2 Transcript Collision attacks against MD5 in key exchange protocol - Fix a mockbuild reported bad %if condition when using the __isa_bits macro instead of list of 64-bit architectures - Change the test to %if 0%{__isa_bits} == 64 as required for building the srpm which is noarch - Resolves: Bug 1289884- Rebuild against updated NSPR- Change the required_softokn_build_version back to -13 - Ensure we use nss-softokn-3.16.2.3-13.el7_1- Fix check for public key size of DSA certificates - Use size of prime P not the size of dsa.publicValue- Reorder the cipher suites and enable two more by default- Update the required_softokn_build_version to -14 - Add references to bugs filed upstream for new patches - Merge ocsp stapling and sslauth sni tests patches into one- Reorder the cipher suites and enable two more by default - Fix some of the ssauth sni and ocsp stapling tests- Support TLS > 1.0 by support while still allowing to connect to SSL3 only servers - Enable ECDSA cipher suites by default, a subset of the ones requested- Support TLS > 1.0 by support while still allowing to connect to SSL3 only servers- Fix to correctly report integrity mechanism for TLS_RSA_WITH_AES_256_GCM_SHA384- Fix checks to skip ssl2/export cipher suites tests to not skip needed tests - Fix libssl ssl2/export disabling patch to handle NULL cipher cases - Enable additional cipher suites by default- Add links to filed upstream bugs to better track patches in spec file- Package listsuites as part of the unsupported tools- Bump the release tag- Incremental patches to fix SSL/TLS test suite execution, fix the earlier SHA384 patch, and inform clients to use SHA384 with certificate_verify if required by NSS.- Add support for sha384 tls cipher suites - Add support for server-side hde key exchange - Add support for DSS+SHA256 ciphersuites- Reenable a patch that had been mistakenly disabled- Build against nss-softokn-3.16.2.3-9- Rebase to nss-3.19.1 - Resolves: Bug 1228913 - Rebase to nss-3.19.1 for CVE-2015-4000 [RHEL-7.1]- Backport mozbz#1155922 to support SHA512 signatures with TLS 1.2- Update to CKBI 2.4 from NSS 3.18.1 (the only change in NSS 3.18.1)- Update and reeneable nss-646045.patch on account of the rebase - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Fix shell syntax error on nss/tests/all.sh - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Replace expired PayPal test certificate that breaks the build - Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Resolves: Bug 1200898 - Rebase nss to 3.18 for Firefox 38 ESR [RHEL7.1]- Reverse the sense of a test in patch to fix pk12util segfault - Resolves: Bug 1174527 - Segfault in pk12util when using -l option with certain .p12 files- Fix race condition - Resolves: Bug 1094468 - 389-ds-base server reported crash in stan_GetCERTCertificate - under the replication replay failure condition- Resolves: Bug 1174527 - Segfault in pk12util when using -l option with certain .p12 files- Restore patch for certutil man page - supply missing options descriptions - Resolves: Bug 1158161 - Upgrade to NSS 3.16.2.3 for Firefox 31.3- Resolves: Bug 1158161 - Upgrade to NSS 3.16.2.3 for Firefox 31.3 - Support TLS_FALLBACK_SCSV in tstclnt and ssltap- Resolves: Bug 1145434 - CVE-2014-1568 - Using a release number higher than on rhel-7.0 branch- Fix crash in stan_GetCERTCertificate - Resolves: Bug 1094468- Generic 32/64 bit platform detection (fix ppc64le build) - Resolves: Bug 1125619 - nss fails to build on arch: ppc64le (missing dependencies) - Fix contributed by Peter Robinson - Fix libssl and test patches that disable ssl2 support - Resolves: Bug 1123435 - Replace expired PayPal test certificate with current one- Rebase to nss-3.16.2 - Resolves: Bug 1103252 - Rebase RHEL 7.1 to at least NSS 3.16.1 (FF 31) - Fix test failure detection in the %check section - Move removal of unwanted source directories to the end of the %prep section - Update various patches on account of the rebase - Remove unused patches rendered obsolete by the rebase- Disallow disabling the internal module - Resolves: Bug 1056036 - nss segfaults with opencryptoki module- Pick up a fix from rhel-6 and fix an rpm conflict - Don't hold issuer cert handles in crl cache - Resolves: Bug 1034409 - deadlock in trust domain and object lock - Move nss shared db files to the main package - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Update pem sources to latest from nss-pem upstream - Pick up pem module fixes verified on RHEL and applied upstream - Remove no loger needed pem patches on acccount on this update - Add comments documenting the iquote.patch - Resolves: Bug 1054457 - CVE-2013-1740- Remove spurious man5 wildcard entry as all manpages are listed by name - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Mass rebuild 2014-01-24- Rebase to nss-3.15.4 - Resolves: Bug 1054457 - CVE-2013-1740 nss: false start PR_Recv information disclosure security issue - Remove no longer needed patches for manpages that were applied upstream - Remove no longer needed patch to disable ocsp stapling tests - Update iquote.patch on account of upstream changes - Update and rename patch to pem/rsawrapr.c on account of upstream changes - Use the pristine upstream sources for nss without repackaging - Avoid unneeded manual step which may introduce errors- Fix the spec file to apply the nss ecc list patch for bug 752980 - Resolves: Bug 752980 - Support ECDSA algorithm in the nss package via puggable ecc- Move several nss-sysinit manpages tar archives to the %files - Resolves: Bug 1050163 - Same files in two packages create rpm conflict- Fix a coverity scan compile time warning for the pem module - Resolves: Bug 1002271 - NSS pem module should not require unique base file names- Resolves: Bug 1002271 - NSS pem module should not require unique base file names- Improve pluggable ECC support for ECDSA - Resolves: Bug 752980 - [7.0 FEAT] Support ECDSA algorithm in the nss package- Mass rebuild 2013-12-27- Revoke trust in one mis-issued anssi certificate - Resolves: Bug 1040284 - nss: Mis-issued ANSSI/DCSSI certificate (MFSA 2013-117) [rhel-7.0]- Update to NSS_3_15_3_RTM - Resolves: Bug 1031463 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741- Fix path to script and remove -- from some options in nss-sysinit man page - Resolves: rhbz#982723 - man page of nss-sysinit worong path and other flaws- Fix certutil man page options names to be consistent with help - Resolves: rhbz#948495 - man page scan results for nss - Remove incorrect count argument in status description in nss-sysinit man page - Resolves: rhbz#982723 - man page of nss-sysinit incorrect option descriptions- Fix patch for disabling ssl2 in ssl to correctly set error code - Fix syntax error reported in the build.log even tough it succeeds - Add patch top ignore setpolicy result - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites - Resolves: rhbz#1026677 - Attempt to run ipa-client-install fails- Fix bash syntax error in patch for disabling ssl2 tests - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Fix errors in ssl disabling patches for both library and tests - Add s390x to the multilib_arches definition used for alt_ckbi - Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Fix errors in nss-sysinit manpage options descriptions - Resolves: rhbz#982723- Enable fips when system is in fips mode - Resolves: rhbz#852023 - FIPS mode detection does not work- Remove unused and obsoleted patches - Related: rhbz#1012656- Add description of the certutil's --email option to it's manpage - Resolves: rhbz#Bug 948495 - Man page scan results for nss- Rebase to nss-3.15.2 - Resolves: rhbz#1012656 - pick up NSS 3.15.2 to fix CVE-2013-1739 and disable MD5 in OCSP/CRL- Install symlink to nss-sysinit.sh without the .sh suffix - Resolves: rhbz#982723 - nss-sysinit man page has wrong path for the script- Resolves: rhbz#1001841 - Disable SSL2 and the export cipher suites- Add upstream bug URL for a patch subitted upstream and remove obsolete script- Update to NSS_3_15_1_RTM - Apply various fixes to the man pages and add new ones - Enable the iquote.patch to access newly introduced types - Add man page for pkcs11.txt configuration file and cert and key databases - Add missing option descriptions for {cert|cms|crl}util - Resolves: rhbz#948495 - Man page scan results for nss - Resolves: rhbz#982723 - Fix path to script in man page for nss-sysinit- Use the unstripped source tar ball- Install man pages for nss-tools and the nss-config and setup-nsssysinit scripts - Resolves: rhbz#606020 - nss security tools lack man pages- Build nss without softoken or util sources in the tree - Resolves: rhbz#689918- Update ssl-cbc-random-iv-by-default.patch- Fix generation of NSS_VMAJOR, NSS_VMINOR, and NSS_VPATCH for nss-config- Update to NSS_3_15_RTM- Reactivate nss-ssl-cbc-random-iv-off-by-default.patch- Add upstream patch to fix rhbz#872761- Update expired test certificates (fixed in upstream bug 852781)- Fix incorrect post/postun scripts. Fix broken links in posttrans.- Configure libnssckbi.so to use the alternatives system in order to prepare for a drop in replacement.- Update to NSS_3_14_3_RTM - sync up pem rsawrapr.c with softoken upstream changes for nss-3.14.3 - Resolves: rhbz#908257 - CVE-2013-1620 nss: TLS CBC padding timing attack - Resolves: rhbz#896651 - PEM module trashes private keys if login fails - Resolves: rhbz#909775 - specfile support for AArch64 - Resolves: rhbz#910584 - certutil -a does not produce ASCII output- Allow building nss against older system sqlite- Update to NSS_3_14_2_RTM- Update to NSS_3_14_1_WITH_CKBI_1_93_RTM- Require nspr >= 4.9.4 - Fix changelog invalid dates- Update to NSS_3_14_1_RTM- Bug 879978 - Install the nssck.api header template where mod_revocator can access it - Install nssck.api in /usr/includes/nss3/templates- Bug 879978 - Install the nssck.api header template in a place where mod_revocator can access it - Install nssck.api in /usr/includes/nss3- Bug 870864 - Add support in NSS for Secure Boot- Disable bypass code at build time and return failure on attempts to enable at runtime - Bug 806588 - Disable SSL PKCS #11 bypass at build time- Fix pk11wrap locking which fixes 'fedpkg new-sources' and 'fedpkg update' hangs - Bug 872124 - nss-3.14 breaks fedpkg new-sources - Fix should be considered preliminary since the patch may change upon upstream approval- Add a dummy source file for testing /preventing fedpkg breakage - Helps test the fedpkg new-sources and upload commands for breakage by nss updates - Related to Bug 872124 - nss 3.14 breaks fedpkg new-sources- Fix a previous unwanted merge from f18 - Update the SS_SSL_CBC_RANDOM_IV patch to match new sources while - Keeping the patch disabled while we are still in rawhide and - State in comment that patch is needed for both stable and beta branches - Update .gitignore to download only the new sources- Fix the spec file so sechash.h gets installed - Resolves: rhbz#871882 - missing header: sechash.h in nss 3.14- Update the license to MPLv2.0- Use only -f when removing unwanted headers- Add secmodt.h to the headers installed by nss-devel - nss-devel must install secmodt.h which moved from softoken to pk11wrap with nss-3.14- Update to NSS_3_14_RTM- Update to NSS_3_14_RC1 - update nss-589636.patch to apply to httpdserv - turn off ocsp tests for now - remove no longer needed patches - remove headers shipped by nss-util- Update to NSS_3_13_6_RTM- Rebase pem sources to fedora-hosted upstream to pick up two fixes from rhel-6.3 - Resolves: rhbz#847460 - Fix invalid read and free on invalid cert load - Resolves: rhbz#847462 - PEM module may attempt to free uninitialized pointer - Remove unneeded fix gcc 4.7 c++ issue in secmodt.h that actually undoes the upstream fix- Fix pluggable ecc support- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild- Fix checkin comment to prevent unwanted expansions of percents- Resolves: Bug 830410 - Missing Requires %{?_isa} - Use Requires: %{name}%{?_isa} = %{version}-%{release} on tools - Drop zlib requires which rpmlint reports as error E: explicit-lib-dependency zlib - Enable sha224 portion of powerup selftest when running test suites - Require nspr 4.9.1- Resolves: rhbz#833529 - revert unwanted change to nss.pc.in- Resolves: rhbz#833529 - Remove unwanted space from the Libs: line on nss.pc.in- Update to NSS_3_13_5_RTM- Resolves: Bug 812423 - nss_Init leaks memory, fix from RHEL 6.3- Resolves: Bug 805723 - Library needs partial RELRO support added - Patch coreconf/Linux.mk as done on RHEL 6.2- Update to NSS_3_13_4_RTM - Update the nss-pem source archive to the latest version - Remove no longer needed patches - Resolves: Bug 806043 - use pem files interchangeably in a single process - Resolves: Bug 806051 - PEM various flaws detected by Coverity - Resolves: Bug 806058 - PEM pem_CreateObject leaks memory given a non-existing file name- Resolves: Bug 805723 - Library needs partial RELRO support added- Cleanup of the spec file - Add references to the upstream bugs - Fix typo in Summary for sysinit- Pick up fixes from RHEL - Resolves: rhbz#800674 - Unable to contact LDAP Server during winsync - Resolves: rhbz#800682 - Qpid AMQP daemon fails to load after nss update - Resolves: rhbz#800676 - NSS workaround for freebl bug that causes openswan to drop connections- Update to NSS_3_13_3_RTM- fix issue with gcc 4.7 in secmodt.h and C++11 user-defined literals- Resolves: Bug 784672 - nss should protect against being called before nss_Init- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild- Deactivate a patch currently meant for stable branches only- Resolves: Bug 770682 - nss update breaks pidgin-sipe connectivity - NSS_SSL_CBC_RANDOM_IV set to 0 by default and changed to 1 on user request- Revert to using current nss_softokn_version - Patch to deal with lack of sha224 is no longer needed- Resolves: Bug 754771 - [PEM] an unregistered callback causes a SIGSEGV- Resolves: Bug 750376 - nss 3.13 breaks sssd TLS - Fix how pem is built so that nss-3.13.x works with nss-softokn-3.12.y - Only patch blapitest for the lack of sha224 on system freebl - Completed the patch to make pem link against system freebl- Removed unwanted /usr/include/nss3 in front of the normal cflags include path - Removed unnecessary patch dealing with CERTDB_TERMINAL_RECORD, it's visible- Statically link the pem module against system freebl found in buildroot - Disabling sha224-related powerup selftest until we update softokn - Disable sha224 and pss tests which nss-softokn 3.12.x doesn't support- Rebuild with nss-softokn from 3.12 in the buildroot - Allows the pem module to statically link against 3.12.x freebl - Required for using nss-3.13.x with nss-softokn-3.12.y for a merge inrto rhel git repo - Build will be temprarily placed on buildroot override but not pushed in bodhi- Fix broken dependencies by updating the nss-util and nss-softokn versions- Update to NSS_3_13_1_RTM - Update builtin certs to those from NSSCKBI_1_88_RTM- Update to NSS_3_13_RTM- Update to NSS_3_13_RC0- Fix attempt to free initilized pointer (#717338) - Fix leak on pem_CreateObject when given non-existing file name (#734760) - Fix pem_Initialize to return CKR_CANT_LOCK on multi-treaded calls (#736410)- Update builtins certs to those from NSSCKBI_1_87_RTM- Update to NSS_3_12_11_RTM- Indicate the provenance of stripped source tarball (#688015)- Provide virtual -static package to meet guidelines (#609612).- Enable pluggable ecc support (#712556) - Disable the nssdb write-access-on-read-only-dir tests when user is root (#646045)- make the testsuite non fatal on arm arches- Fix crmf hard-coded maximum size for wrapped private keys (#703656)- Update to NSS_3_12_10_RTM- Update to NSS_3_12_10_BETA1- Implement PEM logging using NSPR's own (#695011)- Update to NSS_3.12.9_WITH_CKBI_1_82_RTM- Short-term fix for ssl test suites hangs on ipv6 type connections (#539183)- Add a missing requires for pkcs11-devel (#675196)- Run the test suites in the check section (#677809)- Fix cms headers to not use c++ reserved words (#676036) - Reenabling Bug 499444 patches - Fix to swap internal key slot on fips mode switches- Revert patches for 499444 until all c++ reserved words are found and extirpated- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Fix cms header to not use c++ reserved word (#676036) - Reenable patches for bug 499444- Revert patches for 499444 as they use a C++ reserved word and cause compilation of Firefox to fail- Fix the earlier infinite recursion patch (#499444) - Remove a header that now nss-softokn-freebl-devel ships- Fix infinite recursion when encoding NSS enveloped/digested data (#499444)- Update the cacert trust patch per upstream review requests (#633043)- Fix to honor the user's cert trust preferences (#633043) - Remove obsoleted patch- Update to 3.12.9- Rebuilt according to fedora pre-release package naming guidelines- Update to NSS_3_12_9_BETA2 - Fix libpnsspem crash when cacert dir contains other directories (#642433)- Update to NSS_3_12_9_BETA1- Update pem source tar with fixes for 614532 and 596674 - Remove no longer needed patches- Update PayPalEE.cert test certificate which had expired- Tell rpm not to verify md5, size, and modtime of configurations file- Fix certificates trust order (#643134) - Apply nss-sysinit-userdb-first.patch last- Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248)- Fix invalid %postun scriptlet (#639248)- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)- Add posttrans scriptlet (#636787)- Update to 3.12.8 - Prevent disabling of nss-sysinit on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Added provides pkcs11-devel-static to comply with packaging guidelines (#609612)- NSS 3.12.8 RC0- Fix nss-util_version and nss_softokn_version required to be 3.12.7.99.3- NSS 3.12.8 Beta3 - Fix unclosed comment in renegotiate-transitional.patch- Change BuildRequries to available version of nss-util-devel- Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7- Update to 3.12.7- Apply the patches to fix rhbz#614532- Removed pem sourecs as they are in the cache- Add support for PKCS#8 encoded PEM RSA private key files (#614532)- Fix nsssysinit to return userdb ahead of systemdb (#603313)- Require and BuildRequire >= the listed version not =- Require nss-softoken 3.12.6- Fix SIGSEGV within CreateObject (#596674)- Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv- Update the test cert in the setup phase- Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207)- Fix ns.spec to not require nss-softokn (#575001)- rebuilt with all tests enabled- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Disabling ssl tests suites until bug 539183 is resolved- Update to 3.12.6 - Reactivate all tests - Patch tools to validate command line options arguments- Fix curl related regression and general patch code clean up- retagging- Fix SIGSEGV on call of NSS_Initialize (#553638)- New version of patch to allow root to modify ystem database (#547860)- Temporarily disabling the ssl tests- Fix nsssysinit to allow root to modify the nss system database (#547860)- Fix an error introduced when adapting the patch for rhbz #546211- Remove left over trace statements from nsssysinit patching- Fix a misconstructed patch- Fix nsssysinit to enable apps to use system cert store, patch contributed by David Woodhouse (#546221) - Fix spec so sysinit requires coreutils for post install scriplet (#547067) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387)- Fix nsssysinit to set the default flags on the crypto module (#545779) - Remove redundant header from the pem module- Remove unneeded patch- Retagging to include missing patch- Update to 3.12.5 - Patch to allow ssl/tls clients to interoperate with servers that require renogiation- Retagging- Require nss-softoken of same architecture as nss (#527867) - Merge setup-nsssysinit.sh improvements from F-12 (#527051)- User no longer prompted for a password when listing keys an empty system db (#527048) - Fix setup-nsssysinit to handle more general formats (#527051)- Fix syntax error in setup-nsssysinit.sh- Fix sysinit to be under mozilla/security/nss/lib- Add nss-sysinit activation/deactivation script- Install blank databases and configuration file for system shared database - nsssysinit queries system for fips mode before relying on environment variable- Restoring nssutil and -rpath-link to nss-config for now - 522477- Add the nss-sysinit subpackage- Installing shared libraries to %{_libdir}- Retagging to pick up new sources- Update pem enabling source tar with latest fixes (509705, 51209)- PEM module implements memory management for internal objects - 509705 - PEM module doesn't crash when processing malformed key files - 512019- Remove symbolic links to shared libraries from devel - 521155 - No rpath-link in nss-softokn-config- Update to 3.12.4- Fix FORTIFY_SOURCE buffer overflows in test suite on ppc and ppc64 - bug 519766 - Fixed requires and buildrequires as per recommendations in spec file review- Restoring patches 2 and 7 as we still compile all sources - Applying the nss-nolocalsql.patch solves nss-tools sqlite dependency problems- restore require sqlite- Don't require sqlite for nss- Ensure versions in the requires match those used when creating nss.pc- Remove nss-prelink.conf as signed all shared libraries moved to nss-softokn - Add a temprary hack to nss.pc.in to unblock builds- caolan's nss.pc patch- Bump the release number for a chained build of nss-util, nss-softokn and nss- Fix nss-config not to include nssutil - Add BuildRequires on nss-softokn and nss-util since build also runs the test suite- disabling all tests while we investigate a buffer overflow bug- disabling some tests while we investigate a buffer overflow bug - 519766- remove patches that are now in nss-softokn and - remove spurious exec-permissions for nss.pc per rpmlint - single requires line in nss.pc.in- Fix BuildRequires: nss-softokn-devel release number- fix nss.pc.in to have one single requires line- cleanups for softokn- remove the softokn subpackages- don install the nss-util pkgconfig bits- remove from -devel the 3 headers that ship in nss-util-devel- kill off the nss-util nss-util-devel subpackages- split off nss-softokn and nss-util as subpackages with their own rpms - first phase of splitting nss-softokn and nss-util as their own packages- must install libnssutil3.since nss-util is untagged at the moment - preserve time stamps when installing various files- dont install libnssutil3.so since its now in nss-util- Fix spec file problems uncovered by Fedora_12_Mass_Rebuild- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild- removed two patch files which are no longer needed and fixed previous change log number- updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak. (483855) - fix data type to work on x86_64 systems. (429175) - fix various memory leaks and free internal objects on module unload. (501080) - fix to not clone internal objects in collect_objects(). (501118) - fix to not bypass initialization if module arguments are omitted. (501058) - fix numerous gcc warnings. (500815) - fix to support arbitrarily long password while loading a private key. (500180) - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login (501191)- add patch for bug 502133 upstream bug 496997- rebuild with higher release number for upgrade sanity- updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75- re-enable test suite - add patch for upstream bug 488646 and add newer paypal certs in order to make the test suite pass- add conflicts info in order to fix bug 499436- ship .chk files instead of running shlibsign at install time - include .chk file in softokn-freebl subpackage - add patch for upstream nss bug 488350- Update to NSS 3.12.3- temporarily disable the test suite because of bug 494266- fix softokn-freebl dependency for multilib (bug 494122)- introduce separate nss-softokn-freebl package- disable execstack when building freebl- add upstream patch to fix bug 483855- build nspr-less freebl library- Update to NSS_3_12_3_BETA4- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild- update to NSS_3_12_2_RC1 - use system zlib- add sparc64 to the list of 64 bit arches- bug 456847, move pkgconfig requirement to devel package- Update to NSS_3_12_1_RC2- NSS 3.12.1 RC1- fix bug bug 429175 in libpem module- bug 456847, add Requires: pkgconfig- nss package should own /etc/prelink.conf.d folder, rhbz#452062 - use upstream patch to fix test suite abort- Update to NSS_3_12_RC4- Update to NSS_3_12_RC2- Zapping old Obsoletes/Provides. No longer needed, causes multilib headache.- Update to NSS_3_12_BETA3- NSS 3.12 Beta 2 - Use /usr/lib{64} as devel libdir, create symbolic links.- Apply upstream patch for bug 417664, enable test suite on pcc.- Support concurrent runs of the test suite on a single build host.- disable test suite on ppc- disable test suite on ppc64- Build against gcc 4.3.0, use workaround for bug 432146 - Run the test suite after the build and abort on failures.* NSS 3.12 Beta 1- move .so files to /lib- NSS 3.12 alpha 2b- upstream patches to avoid calling netstat for random data- NSS 3.12 alpha 2- Add /etc/prelink.conf.d/nss-prelink.conf in order to blacklist our signed libraries and protect them from modification.- Fix off-by-one error in the PEM module- fix a C++ mode compilation error- Add 3.12 ckfw and libnsspem- Updated license tag- Ensure the workaround for mozilla bug 51429 really get's built.- Better approach to ship freebl/softokn based on 3.11.5 - Remove link time dependency on softokn- Fix unowned directories, rhbz#233890- Update to 3.11.7, but freebl/softokn remain at 3.11.5. - Use a workaround to avoid mozilla bug 51429.- Fix rhbz#230545, failure to enable FIPS mode - Fix rhbz#220542, make NSS more tolerant of resets when in the middle of prompting for a user password.- Update to 3.11.5 - This update fixes two security vulnerabilities with SSL 2 - Do not use -rpath link option - Added several unsupported tools to tools package- disable ECC, cleanout dead code- Update to 3.11.4- Revert the attempt to require latest NSPR, as it is not yet available in the build infrastructure.- Update to 3.11.3- Add /etc/pki/nssdb- rebuild- Update to 3.11.2 - Enable executable bit on shared libs, also fixes debug info.- Enable Elliptic Curve Cryptography (ECC)- Update to 3.11.1 - Include upstream patch to limit curves- add --noexecstack when compiling assembler on x86_64- bump again for double-long bug on ppc(64)- rebuilt for new gcc4.1 snapshot and glibc changes- rebuild- Update file list for the devel packages- Update to 3.11- Add patch to allow building on ppc* - Update the pkgconfig file to Require nspr- Initial import into Fedora Core, based on a CVS snapshot of the NSS_3_11_RTM tag - Fix up the pkcs11-devel subpackage to contain the proper headers - Build with RPM_OPT_FLAGS - No need to have rpath of /usr/lib in the pc file- Adressed review comments by Wan-Teh Chang, Bob Relyea, Christopher Aillon.- Initial build 3.67.0-3.el7_93.67.0-3.el7_93.67.0-3.el7_9nssbase.hnssbaset.hnssckepv.hnssckft.hnssckfw.hnssckfwc.hnssckfwt.hnssckg.hnssckmdt.hnssckt.hnssck.apilibnssb.alibnssckfw.a/usr/include/nss3//usr/include/nss3/templates//usr/lib64/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=genericcpioxz2x86_64-redhat-linux-gnuC source, ASCII textcurrent ar archive?7zXZ !#,] b2u Q{LQأ;D%T^(UYymYGA+lj,Ç %!S^BT4Q{S=2S\+jBTfp}%DN qͿJ#Uυ ϭ$&gOn6AML[(;ՅEL4LBG%ZB eHv)ztY y i\ p]WD̓70J?r`P%rh+Q{zE~d7sUmE%C(޶0IO0(TϲZG!'=a)@s RAy&Ji?Wr@OlEUr{sZy>O*]?,Oqy/H_v.ϔ~6ЛDKj܄BquUhu0aOPv @ԅ()FG&[Q0F'D/058E3\# FX뾭RMY4slz< Zh5ЏˋĻ_WRu߫kNQP Ӯt>> 679:y-<ž1Wt0VUlyrk%`WV 8;a&:VoknйTBQ/.+/o0M,E(/-^4VaMiҬ?lY0;'lzX?-hU;}f-M.ܒ8tfؼNqt ~*<_籘ĄNv -!RdM5nY  "-ZJ.^}-u05׺>4x8ou͟ށFG[ kh4cl?$H5Ie?,! I>Cvn_A57D/qJb4-pvj+?2)zz:6㶸}L%\grScZ)s;`Ó+*(}{\ۿ[ 3n6#xgPB?#4U/w9saߠR2oj06 )n,j#޽!gr Ve3<t.^9~)C+8_o$h; xHy8Dp;qBj: Shb''B'HHؤ^|L6*^9`%'IMi\E.RmQnOh->t,B3 ? -t. so9={C5_9ڷˁ5vhNKxhE_/J#+<\qɎȕDT Ku"XBa5\?Dڪ*mXEv^J_`s00cb#po|$ FTlIJ Z#'hNٞENY --{0E#efe%"r+9lY qE;0IncĩagAr:M$/ZB|ݳf#0:~e<!-UsyK޹u=It19lP1ra!tVA>>/mXdO"DH^eQ& CWT [rk%[K1V>ao@:)I_6i錍>ae*zX84;܌ B׷IfZwgM9k1/&@-@)Vŗz|"2|AdO6yU8o^6Yr uxNhˡ VȞ a2_Qj}d!_'tm Cɳ+*^ y\J-bƺ[l8S]#G|"U? }mu~ͳ _qq9Xfkk;,Y/n|cMץݬ|Iz$Msn 1~#] 5r3uccYıoܦc:նJɚďŝ#m> {l/ >ڂ D^D%Xr3šObBWJiev5td (kthL^tT :u/Lq/k)dk%sLZi)&WlJxc֓%ţ`^ComHPͨ?u|c;F?:ڛ'^dF0!M0ͨ')bz@9sc5ʂ!q,#MoZ A#BMō&x>=>T%ﮧ`x SjI os/xiKͷԾS}qH.ZS%^5,]ZOxrK~R XX77klIƐ1o47m]Nț <p6=Vp wmњ3.sтGIY#K.x)^+کSRJzKBVۺ+.#Q#a8pC<2`:^BX{ٴQmvC_' ebU=N.2P4Ama=apZ@$,ArQsјH ~g1j[ĈNR6pTGỴա'u%d al}úTw>^j2^ 0}g] lMd72Xg𳶩1(f2=]fۆ׬V' ;@ L8A  PAd4 CPC 53疠_yX;qTЂO>N;@J)C;]p%WIn$VEPvsZ{}׶ C5ѵQUʉ\N4UU,lW .+De<~g2-'dQ]"oGnO[:IQa)kusAߘ|QDs4Bԥ+#sd`5SXH6&S.ŁL6TH#'6,b93t\KteUqq r66G/+U 7|0O2? T$-1&y [Ahq@\9qBу~E^v@&#xFUE4y$.>Ď#onn:4`.P??Qq4k1-lzM8|lZtPPXj'61\InNXIe@N/ye4Ы0sU@M*` M?pJeP1L:C>M~0ŌvҎet2'(T|h@%}m@Rv~ ODѵ֗ԎV~bNk6Omݛl-~e70;ZIDEk| OqwJLTVf٢FDWePZim)܅ ?63%,$!z$/V;^0`L ?ń7O܌JA5 v m~~l]W8D)UfH,ۂВz\qEU'3Yi+HZb/P׈?5. 1 SOl;*ùdvK,:O٠JfX`U'Y!~=m,بt7VL쿋{feh3X̶߳5QozAӎtlP:jf-WoL@4ţOLJP1&otKiHg︁i۶*A =A}/xͥ7(TU*n[ KSpR$1U9pwv;_Wq.:Z5wQ]EIjÉ78JzYÈ8bY(C,{D1p mQ0G7ޟf`i:E$|0hoaj6]Hlj&א(Q:kBψE+cBkwC;3MN#1,g}ߣ[O2EU*$bW$5=$Sn?Ʀ7#6rQPm){|,LKh'g5GH&Ǟ p%s9Tv%#GH6w) [dy)P=DE?5l鹠g$h9HUIl4aQ qq5ˆw1InكR5 5l@pH[!cQ-A(sRgVjW\icĠϨoV+Q%- =:ƿDJ X`mSqV(Z0\'Es/yę~o/X 6S8OMzg+(_ֆ&VOҔPz| DapcXpW^^y;=we*mYʡeYH/e`du /^%QW|Hv )t,9SaY`f&qf1/r6eRk6R-IW(\-s8z+]Z}MX׃)@1۞%@>N켽{ى\?qx%S>n׿"jaD9Aw\mZe ݈{MMN A0.!=Ʃ;&+jAmQRU07;; aJ,Jm_fyoqޑ &bݴ 8 QQ~-Hj#pAaSRmiඕѣ9܁H٧̯9bD8a8GXΌ؛ k&Q-Rz3ןnqsW''h$Ɇ3{8I}P8mӟՌ/b4w{BΓH$6k KcG_C4k U6 ָOW&hX =,ԓG!YdTNG0hEd,ɣu9ϫ榃Wa_6aתq(8#7f ,CM4)h,ij] WI{K Qlۮ3VhuGFK͵es:hD >/W\s΁TKN1ɒh$jR3ge{W#FE7xu %;S4K@G6jSZ|\ʗC&K!ycv9rҖRDo~0J$,B^8 ~}kM5 PdB[bnpźQI:$_{ܚkhK-]k^[q t(P],GP;zN8r!u .882>sɲ\DɎ~=/t$0c4X{D+ЭLPZI~8-oc DqI% t*Ǩ_q;SEq7 Ua0I->}WHmTrf=Ci[Q"KI dpB>$>ݪކ0d(YfѻH9<;|(NE$,-QN]H3_Ⳇ9p=0{P#փgW) Œ` _}%ʍ_TLَ~꩙_m y'Ow'n| 0bV6 9qiz邡6Vo/%g9]3k5_^ h&ϺϢ|4зX-5DXw%eK~8(J PG*G=1^1#] lLr*:m3*lƨJĐlix;/D+ʠQc玽$:}321:BmEa== 4 7Srn# $qmޏ6diUT/}0|SүyúT7ᮮS(3(^ŸWĮy3EE3N:QYQ[=e[/T +*٩G ajΩ Ŕ=m:ss<7g=9JW^3JC#5VŐ]3uL_?Q28OȠLh4vh0`g]ܗ뺈v3|f\F[̢"I28y*bCSwjS[ #uW[Ychf_uªjݹudGU $խc%C~VIc(>#apYA5X)6_f_u$,E~e%hcu'r;p[֨ySYư-ٲ$Y"JX-`ݮ(G9~ #LM0E^apȷ`,Ϣ!2kAf Z_@Mc^Ϧ`аԾ`ݍv"t-En Ï[6& >0\AXޏoN,3%}N?`Hf0n6L8BKHx0D""@3zG}0[L+g`lWM l'.wO!2 ;xaV-2K1=2Pd/_QIp1K֎H<9Tij&X\uRe<>IX7΅s.k ӳo|)d?¸nON=fbilnO~sY!y2axf--"'1!'ϻ#l"W![߀qIzz:D\X/F(Rs16;ƣXu.gE[QgZ{݅Gr)*aXRrYM}D | 7RQXjv%0AIB>21h,I nWwgj 몲#`b# '8][o5fٳggOU%sc(vI"rE"F)IlvHB&IzJaKrI6|~UrnLJ8x*!^LiÖ((IAX|0^Duz1kUNH2{yjUWea}zͼFHD  Ai]|;RzJ3,tXгRX2y+sA,`"lS<^u<; wՐ"E44,/B^:ɶ7_w'M U-HRa*]uQ0f>ʮ+f' @{2V}Ox%Yw m;>B$ߠ OyI _# !bXlY&@K,ZrԽa˓P nt">QIm g!H @{̧ն~Cu3:׿-cIl[#=z;q-փp5eXVcn{0@´t]$$J5%fT*+mP뀍a|m72 ȕ [?1#jMS//h~>m}p"; yhu9^~,moW2%[ ln GVYTmJ3 h}EHO?c n:I^j*k N>(^ҫE)4>£N4N]7S]BMGh •H ԗ+85->uT/NuJ g75Ӧ $ndmRZV,)p|s3:nhE( %Ý~ T"0k5 F_t05yEbzeL@륋֫:+~0%HB] KU/T~g ݙ3؁fɜ~fUS"OX ~580V؅˾<]ߨV4ɾ2B>Whffahr;&Ox. wgC~[#djn$/妕szV)xm7&b0쉵4q %xyL"C>- :5 bMGoDMB;BZl\щ<74ku.W(*D{w (M<&)+peT6#@Ô|]{iQ~X.M=ƘQK#$%g'BS4EI{}=f [-}Xʫ6i%ݐ6Gh[3<-H_&%2܍$ t.V²}3(5ˤ^r^[&om0ZR6\tAYؾqwϭqK/Jm߷J/?D"pgZqkxV_rH8gمQeU'BSz^C垸!D3, #5?'z\7Jrh;nTlVcj0wHTW %sGUP|vҶ#;~ܨ_Db\l``I.]QLQV0?o4.f^Js'E Uߠsx'D$120ېD _~@.Cs *st߉+R%;vII&M}sprҙ"r/:2%^@y_bdsUEdES eXTp a,Dph(a8:? *!I*cyh{'pL7Zv 3Ů>9#0wk%GK jbٗ: N(~#}ҩ0sꢈ[D]ݨ|&HDw;C2B]._zř//;5yV > ?` m"1rPMpqz15,Gj[l5@I$ ~gtzwM}V9!Y'A׳ %˸ I1m ef'a0ЀqZ7a}QBqZÓ~޸j] e%7VoH5jٴhҦhGCN$-%8:dN[N!juAʷMl. xnjlՄ^nL`uHg|:o/ B߄6ǘo[=i9y+o*|l5VX_RyyB'77nTl+lI{b跻?V7|ᲈ6ٞ쓹.zZcѽĈAIiS^{щEn;w1u%O=A$~,="\rjB>f?@Lɵ RFY?y)$ŽDy^ِ![;( N8kϏH$wh;ŧ1sZ|9SJXwA'ih-HcĐid$=Y YsE{#Hwl1RKlZY5iUr84=kw!8~U##Ս=Ie fDʉfoF廳Bf6h',|ֳ>D.:ӈ2!ᶎ Ͱ:S['AxG"#.gP "arđ`3ĂTJ}Ak.S>?Q W3! jEkd7ن|if_m ="d:~b(&r.LƳ5%=s_+ji 4#KH˅Zd#Wco&\߿ߘR q?,~]a]N//Qɉ7!ַD^R [qb@$謏91VRpل dDj@W+O9fR)Ь8ܯuqi۔갦깭8ypg X]J{ f{-2R(LcjBp-ͲwE dfݔ՗mCxƒ^|`hƍuOAY钃g6*܈PO,jE&a y ~ŋgf)bZ|T_.]KY$~i"BV y3^6~e5A Fs?1=(`vw_'T+.:|˿$J!Md ?zj7H-2fUN Ēr:{SX^ZQj]Qhj[ʘCfJra@(K!_ЬZ; >vDʋ@E2nZO,,3[dR2*xQv/s҃J̦]A1sXWsʩQN56 ǮI1"9U e̟Q6u_՜H=F^t}|>:XP%wSWDcd ms`AQnl9OßDHHFR$zQY?:k 8DP%|ڜʖe] YpRo^*VIX^>Z$5¾)y6!NѢs9?XyD M&ndzJVAQp-\D"P锘.nww$T%cWtSjh4 [5vAbt%ͽn SUsfwd T[qIk58*1SGS/{M ji0Q63!pF( R;x6qN;A3'ݣKdx3;(PX0fya~3$"?b8G |4@'8Դab|\Gl]il3b,0AS 5( 2PBZu }ID@Z]7Y@oeGJdR}d>4*մwq8+@C vhC24"`LdEԈۮtӸalDh¹3i{F"k7aʃܜ']j̟7$Da%1M-yR|*ra^6KpOsie$M~^y7%2ysW':.XvCiԞ9,߻e;&ś:%9f4P4ҼV'ܙwq;)&z [; V\R I@ vr TpZ|A^K].4"wTb&B+a9~dFa#wVȞCs^:IWK` '1M,8.{FP!R6H(r$%Y2 fog[=~WߎܴC-੻n鹲]~)|m:!Q<9ּru~sFF.7R M[S:W7`0xkTNJs~ #fFփGlSH6~߼lws ϼ7]oWse<ŇTQƛj奀AwYЄ "vCrIsxqYk;vbc%wm 6?JJaGt"(/?XxT%~ޕ{n$y'1Rx[ǽ=kzl&_]vɛH.h63h% xەC)6F2)/<4cˤ'Vbഷ+,,3r1$͹@l4iSgso9+@*]vY:~#8@9%IQoO9}EfqwߟjţϣY08 9b#vK4Q}+\= # 71ޜlCO=QM3 S5!VWZ%nw cږzKlw3I-9tcN o"6]&p|ҬP/ict3Ssy0tX^wl;:`u`UE6PEKy>,Iw!p .\ IL鰿?/uUe)"{٭ ٥nIlw x (ȋ-gH$R?gNnbWІ0+1IoW~A>gzH|; s`N@`KR7=6lB#B1Ɏє_(Ӈ_$QΖqk܋cxl&NX{+р FkfC\h@B+SVO 5g;3^+vM܆kC #Jh-vR=1M%Sqj=zU=)-3UUbhEmn"hܲRqvw@VB2zV?'ZVCzO},6 ut_Lw5Rv>2F 7Ms>11s0P躽䝨u]L{Ħ}ui91KVTvd -oƱp$R/=*z˒ ٝ1^?+ 4ri) M6lȇo-t؊Z㎼B:XkkT1'Ha+[U7N,}.,S67s7$X, aaP٦dz)BhdZ]=dN -WtKKؙz?U].`V["r_QM `Y>"wqd[j%F]ghzg`G|K={#w47V-ST [Jy{=Npj!YTns3[8+G ,68A%O kkqR5,`A1BR ,`5.UцHZ_͸E$]_[@x0aT,OnA!.3;vس1R,ӎ-TI鵖SZ#6M׽j%x?2tPdNQB]3IEf ^꽨T;X\),3EHns]([Eށ?QIa&~& SM`CEMY]GY_gtVzd3YЎWa+R :WuN9<xbdCȅm0u@A:7 P'W {_G۲1B)c uKahE; 6Lt0*,"R&`gš>G3G^ϿqAئ4:7B\/<i!Bnzن0_ջ֓b3Zt%TSnH># @׀9? =&lrM}+0Z1*;ot.On:NlaP ZH32pǽߑy= wd (хigyD&kc{7]\RtϟfNa֭A;S3[Y>8ԛ̷ݙg !gOjP\IzgQvPWY+jīsđ@2<^"{}?{2c5L곶zayI4t${fL{>ޣIvS5*h,-G5 ?[EZ {ˈ: J6x>Ww_s|fGԳ$8^To;y,tB;0rK6m¹ƊA*in="+4UWn!|SEj!?UPjzbgD}0s8|P+"$# +c EΖt?>Oj8UORG s;٠WNˁ0<5;a2Ȋ5OGdz"}\HAH"kl3ॆ=(\֔C`O/V `Vo;Ol2ċ_V߄6l1%WLltƙdZqO &A0• :޹l,#;nv,>/)dҀ#Ol-_sn\feƄXquD!d>0ݞؘ޺,YH3T= ժ]k=s_9=R7 Ci{xWM8n`KB M4t9A#`_Pfjj/M"+'ufѵqf.w/snucd1Jw9PI*2hO k5mUS=-V0:ld=|MzsMCPW݋F0X`G/1'Ё9=#۷B ,LY%IM9"ٜ@Ȋ# 7k#  8@r&!7zvNlqj'IJw!Ur6 Nw6-]= p΅L{ n gMjgb!SE8 ABCU vV1tbFڣRi3 4t QPH2̬L)/풊:w*`$t2t4^NRقBEdr?҅ QhQׯטO_>7ÏI><PR#2~<q)ݮ<4gN'z@:Mk: 遏%XPHKImIpj4}z@[PK^@4|[4^~k"{-(|?ڥ㎭@nZ|עB{5 .?zo 'nFP蕛z6Ħ(Ci8ƔLݕ,[([Fp 6`cۊX+~0"&l=,d2o9Ӛh7W D<Ϫe-dxIrjItOB!.Oe7!t!P˝gB 7y[p lsGF4f8rv%2:eX89C: Jp!HJR5hɭz$ Nw'x3c=@5E{;^طCbi:Fh|S=GYe[h ?OH$~e;1q$Fx'W!'zjl5'aޖ)klog6*YZDQ[>K@m!o:G?L"mM 5|1g7Q # Sz޴u RLb^V"֛)T۷oζ>?禠·]?U'Nӈx(Q(Oj`^[E#<^}g}0P/f.EijV r+LjKD .>]@N$A` %BE:hZħb7w:#ʺ'ei&qaJ1A4+wnOE*uI3 ߍ՛`;/M<=5EC\͖="3Q$X:6ߩ!!xVy]3J]X/*C΅QH*T$MK@H%O*=q=Jɂ_'sA;aI "NvOnL2bMF :'. [cR2icHP 4+%䐎d"|JS!u_oȫVw}."I׾Moo |f)«Jҿb6phRa @*~ι?bdb~g煉a8|%K F"K%Ai{VE9BgJJHnז+HG ZcrC}y|Oap,"[Q#oL!OUU ^SkL1o]ȳ .jJ9ya|Q;U|K.%i!͢^D Z"GT7F2)G)v6_R<cQM.|K`3x4 1[KJ:^,y&h\R;!Q _ꎏn͞LZ=& Buܰ1Ҟ :!>Hy&.6o54eg YVD7 ? &}5_I'- <=Ւ}> l~ܕxv?0՝Dg2r}8j{)'d>&imuꭰqJK 8 bhxL!)elh/򋿖rCove"7zC:peypp/C%XԎw:~0ѸQY/dX WS‘M5x\.̧qf ; *ed~r}nu!Awkڱ2t<4'1еnbjAHrBn&gjTh?K5;.D#oqJ9,HHrb*Ҙ9:W C?nbb4rUS>|g=]sg@}knX-EA^'߇AaPa_$e"%Kiq@V٧gA *Ν~=ukUA=VRdWܗkp@Ga&YmP4OIY .uBƈsebX#epF]o 3/}4;BbaF I |7f Ry915r4Rbtu4H&N5:K4} +@: nmZ_,t)FU8FB^d2]y,17nl>`޷Ŋpťh hݻzO?ͣMowO>}f!J`[+$e[}'=aXvAIq(8bI9~˝QWvVw硆wEDǩ 3/nEu$Cʈ;" S/"kG՗cn_$XHNb~lzu_eHtId2T!q{oe;#dZ׊O)5dx;=8A7D LSҁKhQj',NԓFAYStI]*#sh iŏ,4yc.6nI*xWUؐ]ǩA޺3y*G] P%cu2iwPELYb%Zbw'kxd t{gdK9=^"1mfUbYj0KP]7Bʯ|NQM⯳(sX -޺,+V׷Uy%uߔ[Ap`V߆L(uvpя=Ev3RKqqZi7o=RQԸ#^"Bln.I#BLЖ~" +AXckC.q7o\3jwv -s)U\7FkqY%ASDŽ7L7wU . 2wz'|@U&Ϋt} DqSx,!w⣹M猧lV@Ԭ"҈1 }*2(,__"k{`>4N8~Bl5Rp.Y4K@ۧLDb>gLܕCr$\ۓU8ؼtww4 N!W8m:6MDf"uf0[ H ΓނBm1<=C(:$EGQly5?=٧R{Pza9< *碁2q˂!Ք9rW}⹨sIM/74AŒE7FD1xʪk6=Y>k“afwnδH_C kϔȡj J;)](&E|HѰPXyf萝qhyR3$g1}5rK:O_)N yG9g<yc[FTw^V$|-R,3>>-p Q@ɩyd|J\9Z@E1WK7C{aCُXq hvtK+-EBShv($to@AB9D"|!\*X%OMFv1+hTx+ؑ0_ܥ_UB੢!ef"R9e#eX7|z5 (VXI羋Ա<"x'>+dhpJK~S.V*/zL6 Ǣ7aΰ i 6aS#Zn~~yQGoﺞ/QS} a]5.1eW(fTw'RH@^^QTUf>P@wڑstCZ SڻDAj@sV/Q^qz5g~Ky;~ɬ?Dg-?Q0fo!7U&-:3܆zAf¿x༴9>/Qߖln B'TUMrj+%I[BƶGBIU i\"<[i(WFPG:Scf휀t9Dh!,nzCqw4f.ыCQ<`)1d8V{j'[A χܠ $O]/NZPrH 0vQuEKo~01Z @\G*{Ά{CcLH9#}|G@b]'$NY~W}Miͥ.n4bj=K8Tk̶0"|`/5>Бit+nP.խ9_@)19W}f8UvX@ AC8)l!"h*{1 gGaCXOV x׺O?NòجVook׿oN[te⺷ #J6k\C.b\*BߴxF+n+C0#2M89NՖ?__IR%?%mŦeMǔ QxH͙ *[͓yk~Jg,Jb[rxzmzKUOK->4YfC,XBuݽκ(Mަ-Q'/SsjNtϽׄ *w %Mŭk9tKEfxc7KZb72V_̏4%^J~ R/C%K!TaNU0[A?(bŘ"j{XJڐ0F">d/_$z hXo&wv>n30z܄Bx>Vۙ8*FzePC)u1X̕9:e %fCKVvzQ z8XjOȈO_ڍڪᅤ;j)HYf^`$E 7"^tcQ^+Cư]Ey??7JfWTIF!%Gb"lKf?1꣑Z0R]hxB:=fr(Cՠ×Vi9󹉙-==XRF-tYA@A)@KVݿ0G"6dW}bѯvuK#`l{^GLIU00l : Dlhlگ#emOd6vGb{E 6KBW:=,Ҵ@䟲vHqWV=P#kV,RES*QC =x\I$".{+=s̈́wP0ZϠm?:D-,dQǚʊ e &ݱLKv8G?QHhҝVLb G4Z zf #t&53|}{$%NG;jScoӱ!M]W+:h`?6S7r*QGVz#w|CI. N׊qQAp4]guju |֤?&"| &T@Ⱦѽ5hչۮ~ ?سX [tY:e6:MqW`/LJڜdK[j1$Cbz˞lH:uWG?Al%o[Xšn&ឨZU;|4B}jv-jktZGJ =F,&Hk7?yD x̗g|: Dhӂ]GtD&b`*$y/S¶⎶Fꏏ&CE^9-iwDg cM qbVQlE^x`)p&cgݓPmYPHJΑ f@2sAA锴Atcz5o0{'?|괋jXӊwȄ;N+2'Etqk)t/@kgXsJ537N̊e& 3uK`9FAqR-MZ)X0.@85l̲\6#׫* ٶu,ˍٱVzu$#SP"̄ I7Wiof~vJFD:v.N>3P ΑaVï[PPJDFg}XHa>7)05>5a 0g楮k NՀvphz= Nnt=3c{U77`f7_SZ)'^p]jVӮJ+mc9l5[Zn(xP3C=vၡq^E_#vNj!T8qJοTĿ}8ɝ^?{,M)"dNjхS0B[XبJ&S0 ViwcߑQ"Vq8;L'%m؂T7Ҽ w-{FGobf4oo:oģLA~ =xT~[;8wf&ےݰ܏!Wg$?]%uӽzw{b#v-C4!xj{H,Rh8nVvg`C排A/3̻5H?ꥡp<6dv \{+]M(}56M,1I!'/2S8BRoJzaꅿoZqk̦p;T&\Vb94#FIIIO@g*.9ۜhȺ-)Ԃ=s͜! K\ tL0|{DQkv'ŗP B@uRg;i\df*Wgǀ^vA`͎dR\:gPW Â8TZ˥v^j1)pmX٦m)Kc&)&iVMtN@U%=dpvF $.IG[!`ɛ%ʑ pyxWxjM6UJ+<:/T( }*G8xRo<h,8!NIXoax۞eCtf2c_)$Xް? $#8}.J(+<O}BRMl+G^!rT.ȧYxw->vdOe`8`wsS8>\B,UicqA,%~wHu4)S30{Ú{/lWҷ'i#L2ۢ P;kڈ[+ܱ"+PDB)-l|_P>miJ;͇Τ͢.$@)[ɖW*v9cTx=}X\?cM)eiEvfh*eq`̫|QKxbplPش ^ZǟJM VxFpظ.IF{NA]LV? {ج݄|?{X7 +l&Pk)${ !F~eM/y>$=:G'M _)ں>ܬo Z`fmRv '2qvc7&./:^5B7,9,`c铴Rq* xP㙑;*hr7eK'<8,ء̢쇬[sr|LATg#6)se9)'}vߒ~R`9'k[Lg3QXfi1ƒQaO/]S,RO*׺7h.ϑpD!/A^ /]䠢q>?P W!}X-=*y{)>nA6S 0Cb=v)Nf:rKLr?.nCRb,*?( ʖv9~{(L//e/& +WO>L Qob <;^a(Qtv(yWWWkLj[[1$ s3'- t.ȳ_T~g}'Y?[ea3?`z(M2i8lȔ.2gw;O;'Sl?𷹂_j=<8K(aC>NIF?>!P3&°7i+6.9]XU;ۅ$CDe[50=+B]%8`h5REQ*Sg-| RuRSmxҾ&Y ɢ*Jr`&C+`5?V?]VvvBG1(Yv8}2uÝTGg%)%LtZvY 8g>)`ok"+j331VFoN2cf{ O?S|~J= px> C鰶g-W]א~ <8Dڦ9fs}5Gg15Mz+sS/"_yÇUgFd:ScNN+]bި^5@%hq1%FW;9qC*{g+?M1G_M_Nٜ޺@ 43G)BlI~܋&QɖH4blC:MМ[Z}J֓lHIs)OSyƖKrR)˝z\ͷ\祉s9"[ Vײ;C:gˠn{_W$9c>-N(wc a4k)D՞%' ('U84U[ޙ/95ւa Ѻ̃vamET {6KWڢ[|*RrTud8\FmYQhF jbM/,yk yRi6(9[E25­`khTd*mX˘IɊlxj F]=+|(K=~41%) Zos-M&malI[֐j1JZns]ygT%1t#ڐF//G |l f"rljmF4iFAc^}PeNFuHT$M%06W]>}"y&_p)ěpؘZ;' 2 Qi.q<<}kQik!i17򘬲h-,Ii٧W%1$TWv0@w%`Q,WET)T!骴! z !`x{(VwH_h: P͜"-7 dqoޭDVunQPaFMK$bFJ&"IvcYrH/.!|hmyJTC, ȃPHqHarqԱ܊pԘs$Nv|(g/>z"0gg(}@'%:є;}Ұ[~kzs i;|2/Hњy%TKW5]#څ}#єo {CbB_j]*4s*_ؒ5%49Yj0P^ߙރt`| ~ $B_>+*6V=edj MJu>/Aܷ©LG(yV9iATxv ]F]%Cr %*qlzNrKE9ykhco MWg L:K˗9g ˌTbޙ&jTPV'<$i!]&eOOBYbb\2-cdAY| =ڡua<-rCuL>K8Ts|oK%e@9!,|J:fyjPA>Y*Mt6qUf5E*z'+4.EWvJv):ia=2en+P?^FZM״W^z%})WL:6Ur"1Q}\K] Le; ω av.Þc AIˉEa=ߺ|;vvXت8L$ k`PS[J=6kXLtUC-{ WZ'>B^ߛM;Vs9xU-!Ouvy=urt!T8ˇv(,'^] WɡSqjǜt&GLqxVH 4.jiv Rshl0ڹ@iIDȃͳyBcLUVvm];~VYuZvPoDv^g2D._Yn|# h93|(POBQkF_![\b$5as{?.ON"Œ͆xĬxH]?srm[F:ʚ\ǻmBV6zeG 9f#%V{ qZ"gƾkabv^A:W_7i bP-"weMi.w{ѯĥ]-g~N!DY6(*Ǎrs9jhIR F28V>K3Ϛc쪉hqX81y-ݓN #az$^:#cԟ@yZ raka6_DC2B-ĂRI;ei-^;fÁlchgX"̺yw@uJ2(ZQ`zPxf}՗ ($+mҽ[KN ƬL3VLppȳ+S"U䊪 )N'Pz4% Nԛ,㏙5!Os0݃xvB#o_m!oDYE0_yq"K(^ \Ou p[ fEuJ|" KޮGߞ 0X0A;p^_`vA:7ugU1ˎ5g0KLDG5Tvt-.!ij<: 1buxz1&LaK@Օh ԁMN2l7}lLR?Bpvzcs'&b*.{DS^(%w='x1~rnxAm#$yF6nr 1xy+ŗQI}QEBnbZ>f va_ < q7wDo"GhШ)}wU4w"~oJӁ7dVǭ;Bل1GiU5W郿wd2x5kz@xl)ey,xZǃ?EB+cq>ʡd?S1#OM1ܥ^^uhVX3tڈJHY8dv gyFq!܌q&5Lɦ[!ωr IXHJ/rF"l&ۣi.Ժ5555200, 6,%P$ p|zmMYq.OI_I|v -5OF:<CjE$yH9_#nz@YHDLWBQ' ɦ> 0IH}"(A3G!Y@&q*a|=НGh{VK *8J !s >PC+]UuϿ%k+4vVV8vzU]% gQi 8^Ư2{eN)m4QÏi@}aoؔ~yRa{6-#՗*]0.oA>L~\(.Z U0zhEm]p?$ }%wu^XLK$?ʼQlnhT]Vg5ܶa9ܡ75*}^h?BPn :DĀ++һpN & [+~i- K(:,6_sN0yr?fO;q04~ ԋjv}Vj>쯃~E > ը@ x,i)>W`z6dD4LѯM]V-{Pr H3KL:aOABUydFRZhfw>fkP-N?AĒI3ofߡs/}gOvF%%= ?+y!_![jjvͲ(!g)QTsWZYPa TꎱDHp47pwiBAc;d/.w mF$+ \",]TXD>֠8Nde\0ʹ`xUjVeLiyW±5R4y 9m3B2!۸z3~(AD'.ƤD anJ09e ZN &[ H_d?_ҐH)Ęߴ>?B3S$Z&H9bYlCẇjχ(pPsy~ސR/'^JTd(pv&Cjyj+ؠ<(đTù 啷7R,7ʦ$ݶXOVY̍=jWmZ~ẍ́?#͠z55_xx̋ԋ^- U{y3S'>usy,EZ`Я~h4 R *&D݈FI`ձ@E#ԞdnVi#BN",l:aVJT©(VQOM߂EnHr9v U p?mP*jl9]W"mOU^*Ve$<]4uf%Gx780[qZ!nh-Hi+ig< )3&ede#*ƌZRktlhHTfTsz9vƣ0u܌s#jnb+K1&O[t }0J+~CPORC]R#f&N% )ǝO:DE}2g?yN|ઌSE^8ߥ1DM;I}.F2@WyLF ق=FYKi'YsOZapKS,veTi33QO.2(:ǰN|q*ڶkpcp1n35ۛ#J2# p5b \CqJ>fpeFGF@GyVlBadT u>0K'k#3t o|,$-ٳqE|G/1+l}yx_PJ3k:G{7an<:){:ѫ-뷭ER8&WhPx(kK@V.Ywt=D' mfْ]-mؒ)rFÆ EsQ}]pX6@SA}'ςu65b=BIʁY|{=bL3x5&+g &da:&{&rޔKG l<O+v[U8E6C_6OHSzYLBȷ4nD*+[9uT^:q˻G 틤ߏ`T+4޾G)֟ Ғu!>CW5l21̂e Em+um1(7w,6JٛU^{7*ҞsQu (ꢮ'q - D%]4BT E.Fj24B`f?\NÅZd\wyժ;@|a`!Sn[ wMc^R TJ1r8?VI9ڵN@r@7ӹHg/nGٍo׎!L*L.so]ufQJ*t q߻a+x5*%EtqJ=Iʹ~ @bjI20 Kh#&֠7r+mX`3DidDtsNo7oS,)ǧkԢm$cFOMQ%'tG[KD 1t}Gٴ0qϱF C)yw_b6xU@㬠~'._ CW}2VNm+a?_gFm_-$[#[\M"Hp+m{v ~X"M&Ol',!H8w獵<؟B/Eyxk^FF߹ e7p521ţʹ &0#zKq9]דŻ59:RCO(C0qcJ|"ے߽˾<9L7z F/p:&hC;%;r$kG޳œwh +„]~Sq1oaZՑ`_e<^GhRA7 =߈sU\Iv)ZEs `wOuFfm1JX*%d~h,e:7LS&_TMA)>tv>v9d܇` ?n+WcG矞O+vv]_җ"k=~-^3t lr/,sZCx;@N̵FkdRц*b ~oM]ފ*8R Xk4\Jcց37ƽE*o^T̉3>z`4HOidaͻIB&k?11#WJՐiR55>)龓wN|asIכ&D&J]3N%c+?!Zn¬waAxSI$2m^'<1/D16QDf#wV>ɝV @ǨftByw%fH ~@bz+E_-Do Fޛfawãl.u sd>,_9B+ {KA8-ӕ2hBXq !Dxr)(GlI]3g+JNonSVE3so+=IC;vU@ Ӱ*r,_eEQvI[?gp`憗Ì6B'l^);S<|ő=Cy8;RMald³UGFlM erbe.R5X8Slܥr9Sʄ5fW)EoҰ#jHA%'P*_cN?j?͈݅{I G=BuΕ&kޘVmSjRnB 2GQlpRS^Z*g9#Ɗ=H7ϩ58Y|'&Я ʔ}=vn߿S>TAd; P`Vh罣 ]ԥ$s1DUҤ[MR Ii͆aڅk 䘞yY NN ToʣD^,ehxAflO*KCOO:Y6 yV)d8L+پ&v6_#3ʆg2d$E`o]@{QgCxђ%I_A2g^ΚV1x 5 +UV7íͱN᠇fxGN90FDێ4zp]R5Fx Fw7}s{vd=g!{+ I!}ʮʺbg:VB{EY-*T ;Y4 D`GknNvC%|iVJĤFOfgX_gk]B8]߽"Ny[K6q'AZhar^}ؘ'6=KĖO.EP`E@OğY* Qʿ{6:*&!Q L!72 hTؼ׋T&>s2~o[>uMT p2/a l04;2 ) -k ٵCl31;q'7}TG{H҂Oq!m WsKcvxp THtәmMn=&N%11vËmŇ4_![!yWWamO8C= +Eظ?M"ґboVIG,ߨc'1זV|aJ,f1ې\% Qy߁$֘~ɋ}"$zֽIm^[7,Uk51(J8{܄h"~׉isEY#׎3E?^0?s} چj-)n`5)=Hm˴"YRJ<θx"͆, H$Y!*ꋛ޶P t*Vgpm߀(\\'s6k!sϔa&D&Y]V^ r\ $\WWnؾgˤoiq"Dd LCC&3i9Chx뽎][B5jUk3cR"[me5Dª fd2}*/,R xZ2$榲 ݹ"~tNJ&N*BcDJ;z>UqY\0fv#OյOA&||~0) 'ULz_qU<1)aqJGds4+-]$ָ"! B>֞22r.ce<#y% F,+ JIzA@^u[\?İ { TC~h6CJ(U9thajgnݬG*"mH|lpQbf*EIWJ b`l،,+˦{]EZBt\Ԁ: Bz[/Oc0Qm܎=dS,/'HT-# Ta=LN! zSoDKjB]8^0sLƑlN4Qڍ(ml'3t߫6 Rdv3g'"xQьHWDu?)`9~_1 j>)oʋ6?YYe_X\UI_U?J7M1<gfgZUAďعU7mObMQЋ;X`R?% wsjc+JSn`հ1QpGiScmQ>e`bєb6ͅ#tyg|ma;s4! aڵvV`#{;;.vfȵ %Hb6ePof.ǖ!ϴ1#Vݶݫ gҎtyЇ 䛕.6s"P{xk?j7[n΀NNBvt{=kꣿv*gmپJVy L7|_?-tFh\m.A5$6 ~eX2J,*b#,溚9 w4;L!lE0"3$fL΁ԍ\M?POc_Q\pzoѐؕHa퓙ٙ)#9JPYls$4ܶzol\4ګ4gxgtxrS:q0P29S >ƻgſ_ϲyn8cZ$PZ-ZJ;fNaX`Xv}M2K)(k8\Jf2,REo.2q1}j kN~ñC BkN<[]?Db 9Ґ!&fe.;ki1Ge! 8A ]HA @ gA6di7YJOIi \}DG !|"*&'9k]QNݛXª%z厽owHxsx syg_#RdwG}Hvݽ4t"דWt w0߅X&۝~ 0}RhJ˝~z8RF%}5|FVak2/ŧuQIeGvWH*U s[FN&'eB(TRfQRh$>eaS/cl"vtJuEC$ [EIꅿ3RS Et9ޫл. Lpftop5{-h;)2@:i̳P 9]s4lڑko[t$XK3j, !n}%Bj=[>Xh˶p2-Ӏ[SS |A?FCg-^Sf(R|KDVJ`I"б..z*E[I~ afp|`ۯ #)n8GT^Fu}L+ 6`3H1d~=<(Fyե4T&bOp`gBϜe>}Ú/b~vo LdsaTzँ+[#=rT^0#6>ϥ:$7DEٸΦ_~j|fe]84Ixy ݻÊ )?lآdŁK)FX/"z,(v!KK+yΟL{n iYWD[Kf@9zuE|p?,h_b6~pi/ ԰vO1R6H2e |!$- jL3f;[\?6rγ6~7|u-bn2AwvdkZu[̀s7:aEM^%S}ΏOpv]ƨdc|`{QlRд$/!A"AT08@wqu}eI7@jkN g|%  smĦvo:ʨ#nRN]~4bK샓n󤧗r޵ZEo@V )XFCr`ٿ!E_;D7x!OCB4㫟ÑWrQ@kz%Fދ*aӼ˃"Е~\)x8GbX0–ѣ~zZ?&y $?Xi ީ99, tI$eg͗oSGjg9ұ{VD'5&an2 #ɘb`W3}m}!ךuy$$uJ4DMbnBVm4z}5QF7Eذ$bRqBυ_`KSr j ˞-ǺVN@&u swL Y~Ř-Uj(k\i$MeW;M@:6dOws^ixU,1l{kXNRIDDM!] N3NEzcZ Il7.%:Rtf!j-*GF3WjO?)_$oen6t;ݝ{g.NI*-=׻>@I ֋,? 埍Q"~;GKmFL-Аu׮Yƚ~*]VsJ*4Dn{z@$UI:QW׭AH|Ē&J`,k"U͠fh] .;Tyh|wT02hr1I/gq7t Zr(6&KurML`͖M̰720r6A7X ]!'Qd(o匶4J\Sym4!OK_fܠ8A2oF";^;8&@Ho>4+ >b&ӮV0Vm+I9f; g;ι+ ^6XL] SwX|+l_MK?ќX]fM1 u_ćj2.y%j{9>>gqH5% qu^2 P0?7,6)9e _N)K=)ۜ?"kc2gӨ[B~>Bvv6D. GbSuټU"8żXꓩ)yXiF|8'oPLx4.^ VCn mrw4!1}a:=&]}VU!W+e(#Ni6Z90!m%~eL5(iyK#&y$bd}).O V~ᙍrJUCer Řm!}=˔5x0%/S6ĕUsnZ )aD:T^Q{fGsOط2FKkON7 {CR=g-txl eзk.>T[=<Kw5ei*6AO䤈-.K;:pMOGq^:X꼦hD|CTXV1zOpjzy;ߠ;HW)^R0@Kc-j,Jq(L򡇤S2U:}-cNƤñ>柁6bANA [Ffe {-vn!X$GB1 ֦iBzhdMT&pEC}S+WJ@]X)J|3Jpf{H̢ {up7m?j m?N ȓ4ulZI"-ہTjEXOXT]%%'W ^H*%ADX9Lʖ.'xyjĞ[6SK&p#V@zksC>݄7[ESrXPuDpY%8yvl&(EJy3vð: wK""~x)e={l= [5B`?Qēy=Tg*} oGFAǃ$U>4!ớz",٬$z漺v 3ac3ڼTB xP`OF2Ux,^-Ϳ翜'i[Yfx45#^dyK5/wಳKtp.C2e a u]FLNq}H hdf}ᚉxWy?A F" yJZ4&S()7l O >[x@OȄ(dFa*}̌u1š- uO7jZbU 'p͖2S}xdҠ/@̓ ;}OgsLeZ,`kzXR>ۗ[rfb-d`={(n̿72Kr$CV5?@Zv6p#Ŧ+iY;=(\W+^9%xq5.?dybv'C`2!v>Ix♩8$6TVA fq}=cI53nǦ"(y~V~Up됯t;:`?ٙg[:;HRibS*̀(y*}j -O~Ț^8t"ؗQ"3-b&v,~GG=;=tVnjG'h[G rׁW.R 7oJ)9o͙޺ mQ_ZEQ*Bض1?cqyPFn&'4)XTTJ1wE [r ]4`Z _ B4&OmdgXBN%R#s׈mF鮭46j}Wa;]1EK"9Q 6V"t|ZLX7/h/ux2h݀ĕMI}baMb! zK'Ǚj3B}lWRI>y ^aw$cKj+CqJ&E?h_1p$["?V,x82@F"[±N*5轾„@t&(jO>VW%;Y$s'FWY9ws+D MYeaW)I/-d8 /r)?`횦-*W*p7)M MȌ N7է\јΞqxb$ ~;C&-03i\^ FA>!J3qa,,*{KbP\uE ;J[1{- /Y0w1~Pu>O)ԵHP =pƂYVכz˂Qj-ZV53 |BM?]$x> qvpG'0SIHAۧ=C"5nwKrQ*͏42g'VqsWl?l=^ׅ*--,s*=r am_k:{;e94<vj=4niH^rԨ.S,a`3,q2sz5a~;=>e=DrqGɸfz C#b}ps9dƝ7SqyuE$,kG>X>NɍZhTe6F|LSj\C!>~PkCR3¢g`W75L(႑&d$  CO1~H&`u/腝?&ۡ=3E`;⹇ϯ&baDM>^y|X[ &rƆz-ҞH3LM3Ds߁-<OtF* ?ᬱ}!9\ЦI1ɿ~"oJ"mlUlBXOja'%2"T՗JjR0j!?FG1R hGlp_rb;֍nJ=*}៤H 2xJ;xQ^(ʛ&4/G)ZVmUB>^I)emlwkӛ[# ڠԎzO;DJB xE-:!Eoґqu)GY֋ëP}łAV4UVdOVJ*SV6cvC"v $| U# j?qXMNnVs " &jY#6,icd{BiϺ_f#k%;#⊹ͫZ@ɿo+H"s;5۠\hHZ\e]YnDVgio "Qh?QMMh/LQOvDz~hamK (SKZͲUX,(zӘPZ[4gF7iK [C\ hgmgom/Ä(P№ګb=FŃps69y9OIie=.-XNp-S-eeu4Y/ȅ3+>|6^ʹ-i*` *Wsb놦|OG @R/d;ǎ}:1M@|ks&>─\!̕&vh ZqK/Ext2g +:R~|U=$@ei=&;y_vfXCe+ )2 gיYQ#nWHbp63Z=[4ҊܵmLkyr4ȋo"z A2ԈIܛּ@L OX#̕|MN&mDKv͕ \WJۜP$.7H(MBF|1ۄk*7qc'1G$曨ENO 8ez9KJ3IkiZs,Q;qs$^^X:O5t6.#Tt 0)MaҰ魙3 >ߔ([ML@ hԽ3VT0* ӍL1Y㕀로h[3޶MaD PtYTyo w0JY\4!v`Yᙝ 1frVAoU+p {/fTᘤ"^l\/y>=z'3bU!~0ۏt@`fcn'9V^OgG mӛJ#p'Bh}ZzbDّH-[h&nN!h-\uDa`0&r\{KIۊO᳖׃-x;[| ϐs3fE Q/%s_8\|4V̒D_} |Ɖn &)8#g^Da鐙 T^Akmx@կfpx!9p#?R!V'Yߪ{KvDZ͵Hsy;=D2YZ~\`X͈ ""kg:M8\Mi2iwXl֜]߿ .Pp^bn<ƖۺPb=cLu%\kˍƇRineWǮwAc5Q WUu Äp(@[Ū ~Be>4|Hp(Zi]Jlam|ɱj^ARSzv&:q_P_c V#M2þfX 2%<4dڧH% $HRS!q6:|B ƒE8/Ru 0ꜧNA-ew"\OaU<65uŧ{-7TEjo"o|t0WGj4*ڨμϚ;nfPpɣdR[L6_P/ f#o-#-ڣP-,ŒCO2+N.7U&(_5)K+ZoҜ*ګօ Йz z6e $IT\?Ṋ./o&d|ut 2CxW# DeO=ʟe}ïbY :F|c +/+WE;?TɌWNĭ! 12LR=7\us>Azu6#!E&q_qOϪ,q/NQJp]P jJpK1HIPydk):d`Vc) eW^&~19Y:cSc~άÂ}(_8Wh`{ͩ8# NJ H9{=wU%ԌԢ)(ï,^?ՙ5=rGqxah\g2oH2HcwٳH&q!TDʦ P2m6fSPs.<r\G,Yv#{ ^Gk&*JsO;ӊl2,#J00x>z^j_xqK+jB_m)X%`_Z8dΑFB}/r\90 B>~J8r%^  nn@+N Ӫ>l%RB9vl3Dtݾ尃?‡DhH/Cf@ ̚ K='p3>@oS%!ݾB5e''f7ﷆ%*dʿPz=ȭP1[w@ 41)V\s؛ȂJ}oX&h F#5zuKGƍ; gƨKgGBi9s,e,2zx hɳ!fT{0 ÛSoO e҈dSȽ0U h?+l!?vwB&bIeh4/HRn#Zb$e{ MlyCϰzMf/i\tpNN7E6ۀ5fcv\<4$ks|z{'LSzF-"y-uׂ *G5sN^+$1P6l1=o 4f;a'E EtxN;)ֺ?!L{9F [Dt.T)ߓp+F qQy=b5H:cG/9,n F@U:ƓY K+B0yX1x$k*JG1kp7XelXBm,7$(wliyBT6-a2ۤX%jk COVMgtSC;GYjgɠ:jM9˥$N뻚J,cqc ;iqtZScr3v`zU}!bҼvXf< %j 9l˛ΥMϠ2DDnӽG=c8_]ID6ef7vgW1д7܆E(l-]dE8oBKHpO~[l]dۦ^RS3A체 G9ǖ^08JNЧIUrJ,+o O564z f*XBwԱ$۩^ăωYBnfSjB`\ d%nI5pճj):-]/X+Sp $4˻)%Q,_"M~ A86 71BfBSf{&mt̯n:'׿WJ|O&ea3`]@%QQې!Bk3?r\0[Dž oMyf]b1<ɵX$> #s6jLe^"|$kbT*scۏ1qP~ ʱq[yɚM^h Ǟjs~bjwtVSF]MZc$2:qm;FK#EZ*O񆑰ƞ`s.сnMM$roV2ukk*לPa$^ZYv+4_Cl@wc\U瓆-D #DJp]\N7!8 2(tz'y8j}߾x[8r,~cEI[g}[# ?* C{]PW@ee-#8V>I.BWn({ p2IunrmQO,(Ks>sRgNgŒʙtj'Ż"˧/qj O+uk0isqƾ&ĩ V8<Ԙ* S`\,Qo['cQnH}j@mGy]tsI[ϙ$Bx.Iza4'[S,\K;μx|q}кku~1$$.X \%jp-~ *Y^)RiZCêz|2OH:DjWlzA,)x1[.lCP/1M>C}#Xdv#ʟV'(~v "z!Q6%ڹ[s̟  y[n^)5 qtQ(Ϻz*oOlW(2Mxa2%=ISI'ӛ,C5r>U$fE$ks/٭=Lr'̗UOWVəʖj[Yvl P&e-rZ@ƁIN/,申ÉKw+=U :J.K19%Kl kN"ÅW<&i}%_J=~mz37UHT{ܳM2ڒ@R N)\BY*;EjLbGf.2Nz>.i;fٴ[Vis/T.n2Nk,S-:HL]=Rb8B"tp&7SX/ 2Cږ ʫ}#1N兏јgwS8>9h0Hs !up9ܖO6*D_SP tmhWh&YrPm"{ įL?Dܣ(S>7zf㭾=WmwU瓅f8gն YZ