libssh2-1-1.11.0-150200.9.2.1<>,Љfp9|.N 3Nđ Cgvz)^#xX&4d+?~c(Oe{WPRA%Q6_gVC9a,,/dIfgقpgB̺ZPΚ{%A,#p St͡Uspk&VF4?aP[^eG ĥ;U{^MiX:p 7)J,5lԎ0 נD\sKō#ID/k>Z&b_|>@Lt?Ldd   I(,Efs     * <DNX(89:>I/@I>FIMGIdHIlIItXIxYI\I]I^IbIcJdKeKfKlKuK0vK8wKxKyK zLLLLL`Clibssh2-11.11.0150200.9.2.1A library implementing the SSH2 protocollibssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS, SECSH-USERAUTH, SECSH-CONNECTION, SECSH-ARCH, SECSH-FILEXFER, SECSH-DHGEX, SECSH-NUMBERS, and SECSH-PUBLICKEY.fh02-armsrv1SUSE Linux Enterprise 15SUSE LLC BSD-3-Clausehttps://www.suse.com/Development/Libraries/C and C++https://www.libssh2.org/linuxaarch64ff7073bff2488daae93b7cb8f1dbe3dfae5322bc4b1f27fecb5181c5bd82464bb1libssh2.so.1.0.1rootrootrootrootlibssh2_org-1.11.0-150200.9.2.1.src.rpmlibssh2-1libssh2-1(aarch-64)libssh2.so.1()(64bit)@@@@@@@@@    /sbin/ldconfig/sbin/ldconfigld-linux-aarch64.so.1()(64bit)ld-linux-aarch64.so.1(GLIBC_2.17)(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libc.so.6(GLIBC_2.25)(64bit)libcrypto.so.1.1()(64bit)libcrypto.so.1.1(OPENSSL_1_1_0)(64bit)libcrypto.so.1.1(OPENSSL_1_1_1)(64bit)libz.so.1()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.1f @eee;d@daA@_@_G@]@\\@\MZ]@YTYA%@VIUzU.@pmonreal@suse.compmonreal@suse.comotto.hollmann@suse.compmonreal@suse.compmonreal@suse.compmonreal@suse.comdavid.anes@suse.compmonreal@suse.comdimstar@opensuse.orgpmonrealgonzalez@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.comdimstar@opensuse.orgjengelh@inai.detchvatal@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.com- Fix an issue with Encrypt-then-MAC family. [bsc#1221622] * Test the ETM feature in the remote end's configuration when receiving data. Upstream issue: #1331. * Add libssh2_org-ETM-remote.patch- Always add the KEX pseudo-methods "ext-info-c" and "kex-strict-c-v00@openssh.com" when configuring custom method list. [bsc#1218971, CVE-2023-48795] * The strict-kex extension is announced in the list of available KEX methods. However, when the default KEX method list is modified or replaced, the extension is not added back automatically. * Add libssh2_org-CVE-2023-48795-ext.patch- Security fix: [bsc#1218127, CVE-2023-48795] * Add 'strict KEX' to fix CVE-2023-48795 "Terrapin Attack" * Add libssh2_org-CVE-2023-48795.patch- Upgrade to version 1.11.0 in SLE-15: [jsc#PED-7040] * Add the keyring file: libssh2_org.keyring * Rebase libssh2-ocloexec.patch * Remove libssh2_org-CVE-2020-22218.patch- Security fix: [bsc#1214527, CVE-2020-22218] * The function _libssh2_packet_add() allows to access out of bounds memory. * Add libssh2_org-CVE-2020-22218.patch- Update to 1.11.0: * Enhancements and bugfixes - Adds support for encrypt-then-mac (ETM) MACs - Adds support for AES-GCM crypto protocols - Adds support for sk-ecdsa-sha2-nistp256 and sk-ssh-ed25519 keys - Adds support for RSA certificate authentication - Adds FIDO support with *_sk() functions - Adds RSA-SHA2 key upgrading to OpenSSL, WinCNG, mbedTLS, OS400 backends - Adds Agent Forwarding and libssh2_agent_sign() - Adds support for Channel Signal message libssh2_channel_signal_ex() - Adds support to get the user auth banner message libssh2_userauth_banner() - Adds LIBSSH2_NO_{MD5, HMAC_RIPEMD, DSA, RSA, RSA_SHA1, ECDSA, ED25519, AES_CBC, AES_CTR, BLOWFISH, RC4, CAST, 3DES} options - Adds direct stream UNIX sockets with libssh2_channel_direct_streamlocal_ex() - Adds wolfSSL support to CMake file - Adds mbedTLS 3.x support - Adds LibreSSL 3.5 support - Adds support for CMake "unity" builds - Adds CMake support for building shared and static libs in a single pass - Adds symbol hiding support to CMake - Adds support for libssh2.rc for all build tools - Adds .zip, .tar.xz and .tar.bz2 release tarballs - Enables ed25519 key support for LibreSSL 3.7.0 or higher - Improves OpenSSL 1.1 and 3 compatibility - Now requires OpenSSL 1.0.2 or newer - Now requires CMake 3.1 or newer - SFTP: Adds libssh2_sftp_open_ex_r() and libssh2_sftp_open_r() extended APIs - SFTP: No longer has a packet limit when reading a directory - SFTP: now parses attribute extensions if they exist - SFTP: no longer will busy loop if SFTP fails to initialize - SFTP: now clear various errors as expected - SFTP: no longer skips files if the line buffer is too small - SCP: add option to not quote paths - SCP: Enables 64-bit offset support unconditionally - Now skips leading \r and \n characters in banner_receive() - Enables secure memory zeroing with all build tools on all platforms - No longer logs SSH_MSG_REQUEST_FAILURE packets from keepalive - Speed up base64 encoding by 7x - Assert if there is an attempt to write a value that is too large - WinCNG: fix memory leak in _libssh2_dh_secret() - Added protection against possible null pointer dereferences - Agent now handles overly large comment lengths - Now ensure KEX replies don't include extra bytes - Fixed possible buffer overflow when receiving SSH_MSG_USERAUTH_BANNER - Fixed possible buffer overflow in keyboard interactive code path - Fixed overlapping memcpy() - Fixed Windows UWP builds - Fixed DLL import name - Renamed local RANDOM_PADDING macro to avoid unexpected define on Windows - Support for building with gcc versions older than 8 - Improvements to CMake, Makefile, NMakefile, GNUmakefile, autoreconf files - Restores ANSI C89 compliance - Enabled new compiler warnings and fixed/silenced them - Improved error messages - Now uses CIFuzz - Numerous minor code improvements - Improvements to CI builds - Improvements to unit tests - Improvements to doc files - Improvements to example files - Removed "old gex" build option - Removed no-encryption/no-mac builds - Removed support for NetWare and Watcom wmake build files * Rebase libssh2-ocloexec.patch- Bump to version 1.10.0 Enhancements and bugfixes: * support ECDSA certificate authentication * fix detailed _libssh2_error being overwritten by generic errors * unified error handling * fix _libssh2_random() silently discarding errors * don't error if using keys without RSA * avoid OpenSSL latent error in FIPS mode * fix EVP_Cipher interface change in openssl 3 * fix potential overwrite of buffer when reading stdout of command * use string_buf in ecdh_sha2_nistp() to avoid attempting to parse malformed data * correct a typo which may lead to stack overflow * fix random big number generation to match openssl * added key exchange group16-sha512 and group18-sha512. * add support for an OSS Fuzzer fuzzing target * adds support for ECDSA for both key exchange and host key algorithms * clean up curve25519 code * update the min, preferred and max DH group values based on RFC 8270. * changed type of LIBSSH2_FX_* constants to unsigned long * added diffie-hellman-group14-sha256 kex * fix for use of uninitialized aes_ctr_cipher.key_len when using HAVE_OPAQUE_STRUCTS, regression * fixes memory leaks and use after free AES EVP_CIPHER contexts when using OpenSSL 1.0.x. * fixes crash with delayed compression option using Bitvise server. * adds support for PKIX key reading * use new API to parse data in packet_x11_open() for better bounds checking. * double the static buffer size when reading and writing known hosts * improved bounds checking in packet_queue_listener * improve message parsing (CVE-2019-17498) * improve bounds checking in kex_agree_methods() * adding SSH agent forwarding. * fix agent forwarding message, updated example. * added integration test code and cmake target. Added example to cmake list. * don't call `libssh2_crypto_exit()` until `_libssh2_initialized` count is down to zero. * add an EWOULDBLOCK check for better portability * fix off by one error when loading public keys with no id * fix use-after-free crash on reinitialization of openssl backend * preserve error info from agent_list_identities() * make sure the error code is set in _libssh2_channel_open() * fixed misspellings * fix potential typecast error for `_libssh2_ecdsa_key_get_curve_type` * rename _libssh2_ecdsa_key_get_curve_type to _libssh2_ecdsa_get_curve_type - Rebased patch libssh2-ocloexec.path - Removed patch libssh2_org-CVE-2019-17498.patch: the security fix is already included in the latest version.- Version update to 1.9.0: [bsc#1178083, jsc#SLE-16922] Enhancements and bugfixes: * adds ECDSA keys and host key support when using OpenSSL * adds ED25519 key and host key support when using OpenSSL 1.1.1 * adds OpenSSH style key file reading * adds AES CTR mode support when using WinCNG * adds PEM passphrase protected file support for Libgcrypt and WinCNG * adds SHA256 hostkey fingerprint * adds libssh2_agent_get_identity_path() and libssh2_agent_set_identity_path() * adds explicit zeroing of sensitive data in memory * adds additional bounds checks to network buffer reads * adds the ability to use the server default permissions when creating sftp directories * adds support for building with OpenSSL no engine flag * adds support for building with LibreSSL * increased sftp packet size to 256k * fixed oversized packet handling in sftp * fixed building with OpenSSL 1.1 * fixed a possible crash if sftp stat gets an unexpected response * fixed incorrect parsing of the KEX preference string value * fixed conditional RSA and AES-CTR support * fixed a small memory leak during the key exchange process * fixed a possible memory leak of the ssh banner string * fixed various small memory leaks in the backends * fixed possible out of bounds read when parsing public keys from the server * fixed possible out of bounds read when parsing invalid PEM files * no longer null terminates the scp remote exec command * now handle errors when diffie hellman key pair generation fails * improved building instructions * improved unit tests - Rebased patches: * libssh2-ocloexec.patch * libssh2_org-CVE-2019-17498.patch - Remove patches fixed in this version: libssh2_org-CVE-2019-3855.patch libssh2_org-CVE-2019-3856.patch libssh2_org-CVE-2019-3857.patch libssh2_org-CVE-2019-3858.patch libssh2_org-CVE-2019-3859.patch libssh2_org-CVE-2019-3859-fix.patch libssh2_org-CVE-2019-3860.patch libssh2_org-CVE-2019-3861.patch libssh2_org-CVE-2019-3862.patch libssh2_org-CVE-2019-3863.patch- Drop man and groff BuildRequires: both are no longer used in current versions.- Security fix: [bsc#1154862, CVE-2019-17498] * The SSH_MSG_DISCONNECT:packet.c logic has an integer overflow in a bounds check that might lead to disclose sensitive information or cause a denial of service * Add patch libssh2_org-CVE-2019-17498.patch- Fix upstream patch for CVE-2019-3859 [bsc#1133528, bsc#1130103] - Added libssh2_org-CVE-2019-3859-fix.patch- Version update to 1.8.2: [bsc#1130103] Bug fixes: * Fixed the misapplied userauth patch that broke 1.8.1 * moved the MAX size declarations from the public header- Security fixes: * [bsc#1128471, CVE-2019-3855] Possible integer overflow in transport read allows out-of-bounds write with specially crafted payload - libssh2_org-CVE-2019-3855.patch * [bsc#1128472, CVE-2019-3856] Possible integer overflow in keyboard interactive handling allows out-of-bounds write with specially crafted payload - libssh2_org-CVE-2019-3856.patch * [bsc#1128474, CVE-2019-3857] Possible integer overflow leading to zero-byte allocation and out-of-bounds with specially crafted message channel request SSH packet - libssh2_org-CVE-2019-3857.patch * [bsc#1128476, CVE-2019-3858] Possible zero-byte allocation leading to an out-of-bounds read with a specially crafted SFTP packet - libssh2_org-CVE-2019-3858.patch * [bsc#1128480, CVE-2019-3859] Out-of-bounds reads with specially crafted payloads due to unchecked use of _libssh2_packet_require and _libssh2_packet_requirev - libssh2_org-CVE-2019-3859.patch * [bsc#1128481, CVE-2019-3860] Out-of-bounds reads with specially crafted SFTP packets - libssh2_org-CVE-2019-3860.patch * [bsc#1128490, CVE-2019-3861] Out-of-bounds reads with specially crafted SSH packets - libssh2_org-CVE-2019-3861.patch * [bsc#1128492, CVE-2019-3862] Out-of-bounds memory comparison with specially crafted message channel request SSH packet - libssh2_org-CVE-2019-3862.patch * [bsc#1128493, CVE-2019-3863] Integer overflow in user authenicate keyboard interactive allows out-of-bounds writes with specially crafted keyboard responses - libssh2_org-CVE-2019-3863.patch- Drop openssh BuildRequires: this is only used for one of the minor self-tests.- Remove --with-pic which is only for static libs- Version update to 1.8.0: * support openssl-1.1 * many bugfixes - Fixes bsc#1042660 - Remove obsolete conditionals that are no longer needed- update to 1.7.0 * Fixes CVE-2016-0787 (boo#967026) * Changes: libssh2_session_set_last_error: Add function mac: Add support for HMAC-SHA-256 and HMAC-SHA-512 WinCNG: support for SHA256/512 HMAC kex: Added diffie-hellman-group-exchange-sha256 support OS/400 crypto library QC3 support * and many bugfixes- update to 1.6.0 Changes: Added CMake build system Added libssh2_userauth_publickey_frommemory() Bug fixes: wait_socket: wrong use of difftime() userauth: Fixed prompt text no longer being copied to the prompts struct mingw build: allow to pass custom CFLAGS Let mansyntax.sh work regardless of where it is called from Init HMAC_CTX before using it direct_tcpip: Fixed channel write WinCNG: fixed backend breakage OpenSSL: caused by introducing libssh2_hmac_ctx_init userauth.c: fix possible dereferences of a null pointer wincng: Added explicit clear memory feature to WinCNG backend openssl.c: fix possible segfault in case EVP_DigestInit fails wincng: fix return code of libssh2_md5_init() kex: do not ignore failure of libssh2_sha1_init() scp: fix that scp_send may transmit not initialised memory scp.c: improved command length calculation nonblocking examples: fix warning about unused tvdiff on Mac OS X configure: make clear-memory default but WARN if backend unsupported OpenSSL: Enable use of OpenSSL that doesn't have DSA OpenSSL: Use correct no-blowfish #define kex: fix libgcrypt memory leaks of bignum libssh2_channel_open: more detailed error message wincng: fixed memleak in (block) cipher destructor- update to 1.5.0 * fixes CVE-2015-1782 (bnc#921070) - tarball verification * added libssh2_org.keyring * added libssh2-1.5.0.tar.gz.asc Changes in 1.5.0: Added Windows Cryptography API: Next Generation based backend Bug fixes: Security Advisory: Using `SSH_MSG_KEXINIT` data unbounded, CVE-2015-1782 missing _libssh2_error in _libssh2_channel_write knownhost: Fix DSS keys being detected as unknown. knownhost: Restore behaviour of `libssh2_knownhost_writeline` with short buffer. libssh2.h: on Windows, a socket is of type SOCKET, not int libssh2_priv.h: a 1 bit bit-field should be unsigned windows build: do not export externals from static library Fixed two potential use-after-frees of the payload buffer Fixed a few memory leaks in error paths userauth: Fixed an attempt to free from stack on error agent_list_identities: Fixed memory leak on OOM knownhosts: Abort if the hosts buffer is too small sftp_close_handle: ensure the handle is always closed channel_close: Close the channel even in the case of errors docs: added missing libssh2_session_handshake.3 file docs: fixed a bunch of typos userauth_password: pass on the underlying error code _libssh2_channel_forward_cancel: accessed struct after free _libssh2_packet_add: avoid using uninitialized memory _libssh2_channel_forward_cancel: avoid memory leaks on error _libssh2_channel_write: client spins on write when window full windows build: fix build errors publickey_packet_receive: avoid junk in returned pointers channel_receive_window_adjust: store windows size always userauth_hostbased_fromfile: zero assign to avoid uninitialized use configure: change LIBS not LDFLAGS when checking for libs agent_connect_unix: make sure there's a trailing zero MinGW build: Fixed redefine warnings. sftpdir.c: added authentication method detection. Watcom build: added support for WinCNG build. configure.ac: replace AM_CONFIG_HEADER with AC_CONFIG_HEADERS sftp_statvfs: fix for servers not supporting statfvs extension knownhost.c: use LIBSSH2_FREE macro instead of free Fixed compilation using mingw-w64 knownhost.c: fixed that 'key_type_len' may be used uninitialized configure: Display individual crypto backends on separate lines examples on Windows: check for WSAStartup return code examples on Windows: check for socket return code agent.c: check return code of MapViewOfFile kex.c: fix possible NULL pointer de-reference with session->kex packet.c: fix possible NULL pointer de-reference within listen_state tests on Windows: check for WSAStartup return code userauth.c: improve readability and clarity of for-loops examples on Windows: use native SOCKET-type instead of int packet.c: i < 256 was always true and i would overflow to 0 kex.c: make sure mlist is not set to NULL session.c: check return value of session_nonblock in debug mode session.c: check return value of session_nonblock during startup userauth.c: make sure that sp_len is positive and avoid overflows knownhost.c: fix use of uninitialized argument variable wrote openssl: initialise the digest context before calling EVP_DigestInit() libssh2_agent_init: init ->fd to LIBSSH2_INVALID_SOCKET configure.ac: Add zlib to Requires.private in libssh2.pc if using zlib configure.ac: Rework crypto library detection configure.ac: Reorder --with-* options in --help output configure.ac: Call zlib zlib and not libz in text but keep option names Fix non-autotools builds: Always define the LIBSSH2_OPENSSL CPP macro sftp: seek: Don't flush buffers on same offset sftp: statvfs: Along error path, reset the correct 'state' variable. sftp: Add support for fsync (OpenSSH extension). _libssh2_channel_read: fix data drop when out of window comp_method_zlib_decomp: Improve buffer growing algorithm _libssh2_channel_read: Honour window_size_initial window_size: redid window handling for flow control reasons knownhosts: handle unknown key types/sbin/ldconfig/sbin/ldconfigh02-armsrv1 17204313651.11.0-150200.9.2.11.11.0-150200.9.2.1libssh2.so.1libssh2.so.1.0.1/usr/lib64/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:34684/SUSE_SLE-15-SP2_Update/46c5ea33ef99278175b344836cd73591-libssh2_org.SUSE_SLE-15-SP2_Updatedrpmxz5aarch64-suse-linuxELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=9119ada2a864d23945804d650e403cf438f77875, stripped PRRRR RR RRR$VkԟHutf-874f6a212d5f7987674f27a856e13f74a7c1124ae86449ef417c8e090eedd62ac?7zXZ !t/-q]"k%]d涻eQQG^"DQ_ሢD$Is0 U3wLs07y 049Â={3|5{3@^E'y $=]I %~?MSaWTTFYR`[gC"t.[0 {EQSL1= q\~u3&H E{_V|;} ]Hx :x]JzE%Ѓb)9zwUB@LWJe󂜟?5nI^:f3wCeo?_Od :JFN[6uxZNua@?ޥl* бi{^Lwkț׊ _ CSf=970 ]5n{h-?cQ:1@}ZMo)}5ri_u"V'%$! Dؿ嚻AFkU(<پ4F0z.IN*Bl/~)U"TQa1 zyTc8%vlBZtoN5!5Cm'?L1ʍd\'cך]⽸$qQY=ĸA )TBrֈғ&)H~_7OQ IDmR ?N6x)hh}8`j竛9\ޯ8Qɞ]ρ>hbeE.`n\/׼ ZC橝|6n"bnrbJ &"Qqk ?Ǘ %J[Acܬ$K%F쩡YZ`Cg <@^ir(S0=G?fxUZ¹k̥2-ue/!B7BHt6USf .|Pvd6#>kfMΐU)/AEe`}Kuߞwd9ZyHv#&钑\d=)*6P`[zxADx9tx԰1jQ跾ar|<_ gլpKqkfjgH{QPx\"uw<1Xy~U?I`jEڹjך2Xz{-qFB(vjNEJtkRc*f9|PMcBrZFpҰ_ɸlQ~_jt~`1\j|,1wqy\2B$,䴪1xu" W*HQ:q~W @( l m bFASP"*A}ForT ns q6csE#kuFF EBNk ."J,%K>zE~CQJp S׿bz$,SjRb ҅mEl*B]4gQA')c (iCPj IBGqy[=063v[YHHss@ _IBˌD|~:wSԳUJغ:#,O_ajE} $ܬtP{lp,,(&pqU= ۏ  M'`;<{QxvY1psäH>@6[=Iu|bc SF삏r%Oku7]˙*cƶ )]\o8fNʣYz;r|b~ey<5޴mv/#oţ`haCs.2_Ң/YՌH4ԅHe1ZE|^YY=nM$)(IB9M& gz9Ik(R9-b8ځ."S?}HZ2|ضEJэSr1h74 3˒E'gX:^[*A+Ni3݅| P&~ȽfJbv~6_*o.|fë;%A S{ qWʋV"K@qTc}3Uk(q\y(!?x(S_h2%|NvB*R7ʔ=-hpN 3YWPoh@~v%=ܪEA+E|}1~L"纯p*A[kM#$X:l|LwgiT,_CNWZJD}Ϡ~܂ zK!ڑ|}xP|L{t#*@VOuVkxYuKE,!u1ʋڇ_LD,m 񥔚J]f^q+iGi3M/[]-ny^ҶؗN9Nᵹl|ĚhT+-A. cP7畱#&;E]qGlfSM $GcF*b<(^L|?9&: H89eՃ>8sPR?aTLY1!\`ɤPPB%b Nuw S~+) U vA>&iEm,`BPNEz5v}LTR]uQ'L%u vD !C]\'"[;TBE>?**tm`2˳p1ZczX^&wtɨp_TJY ."OEvnM$9bB{i ͊3._G#괬/vZrJ0E=iCjeܢf?v ٥\(r\WKrmK7J]rG:q*>3~|n|*ͣo'n23eklБ5֛9) ⟭f7կF-fzZ!TwqX9xf[+$.Fv 85b䠺7|b[i趓8ty]!C {m Qq}o,f,݊/&F Ee9E:_I%5!EW Vߨ Fq7Nd8 7w/i^HGaW[ R[/3m7"]yF]1Uxk ~ [eGB'yE5)'4an= ӳZ; W^gS r5W͂Jixʠ0dORUs}e 7o@Ϗ'3IL !硬 Bw31)S#kwޚ?966+})I`*ɻ2 M!1t`"(X^;rnPhuNI&,_qp=`r kO D!]S~bhZX|"2ɽ3V穷Œ,Ʈ:{^{żVO~PUJw-'B;Y;8>$h8 BzBi9㫆лr-OjZ!j$xd9K6wpRw\&圴Ն@P.ytuYRl<?/\ySM/IQ\)U6dWhP,^,=fKH#P^5BJjD~+;`˜|A±k%vie|U$r6D1%?ܳt0~WJdrj3 ʇe@3C:ȴ5 ޜDd>B %{`@a"ܢB$|'&O>ɥn> 1UHq;~/ D<R+s{sB]L ۓ#\ulKj,Sz/DO-q:^nX11D,L1b!nζ/"i^ܧҫӝ,%l3ۂ6Vna[d P *S^gr-6zRXZI:3'zVx{*u|~Nݼc꩙_}; wkkm2xm_19Fi8R|$3ɳM KM~< >ؒ,I-$pp^k$dSy-eyNs kisju{ó,Ӻj]=:|pN ;N\= ~uF<?%{3&T7}IT:pFٙSxwqiln@`h*MEp|j|g/~!)!&tI0=`3]138LkRh+`=P>a^~AǙUkB9Sux^R ؚ' S YS}ee [{i=]1>㶁M(3Sdc0rq.fCL%vR\+`<-p:ʗwd_!zw]!2%S{W\OOyRċ l$&$-i3GCx%UDdrm2rJH~^h*zd)#^Nj{ f ,"iJCd5ېgkB\Xt*0p̻,~#Wl >HVԌ2MDܫ4|uuЛC8 q2a! r`-.vG?ֳ\X[?d: xN*JQ qb6b7`j%;?b~]]Yk vQւqI \;{u4j15/@#RiPKbr9}pJf jƅxTH$`xnDо(m,$qE54'.}<Rbe }/ "`Es(j4!٠WRӷLw0_#}8稺QHA~ K LY1 =U^%tI+GPo1Uń 1DOٹ_ &8\`g/e7Ar~TDxP/!j[Nulo䌥(g2+0vV 8Үk 0tPFQC?hɝ|Zvm# JtwV#TؿO8JF_-.yKD0UH!gKMO $vF@X^z1[%gRFYBC.졾t"aeE!`%( ҭ]١F'F: +Q  `,>:Aq4H_DW8! C= td55|N SH(^GMUac(<<$RƥƵV<$Rc ßvcqC'^.'kTd^])dCbH%Y^3Z{Ը3#Ivw9zD/Ra'tUdD[&$Wszb#?CN7M*OP͇p!t34~~S(A 2hu]\ZU |'N7Z0ChZk@CD\Dly"${#7Lu8yt{:ߓq:ϸ8/r>aGi,-^Ubxcc}n#KKip}qTzR*}HrAz*ݲ%@ UUT/D OUPKҢt x^:04H{kV\!>d-#;P'I&cq\23 ~́@J9QYS2%~E"CͮchM*%hQ*ntVhϻZ#-!"G~۬0] L@z X@dAk0A$><@;oT}f?P24#8? \tJbeP}hLӽӸk`շ>1GݑAκ5(K,Ld!@q_1:‚ ^ ;e9;P3pw5ڦ;xE4>%.Qo ֤Q& [1m.^zPSG}Dy=mlF ` rnU [ 'g#FkJȑ~\̌rJ{UcS8LLZv`r[yO=ܳ(C翓K)G6d+Y2;@B?tAyHЀyQH'6ؒuy+3(;K]*l`zy.6v ƥ ɇܵ[̃;$He+i<q JYvs?ѷ/H" TQ' ()XZCn<hAXIlwD c#7? pJQ s0oLS+Q 4:]nI)s Jh^v@T w8 .v~r,+7~$h#KOD|+lox1z/s֗p7 7F?_o&$L&jEP @hft:D,ϫ:b+'ɮhPHbh}YrNkڱF4Z]b8<4|ɗ4dF~[NDދ)sv =/%MwPw>6?&,Yn|31ê`EKaÇ- \6={pق6րj}Z (C.G!;\sIj@_+){-3yl@2#!2+BNmJpD9yV|N|Vje\|1s~!~DE>*h~b8}ꚃDI=թԮA/%@F`U ^z1׊ꂺ^{ӚR©%;nRNI 4GMpYJ so9p\R}#F)rQ~xO$"D^mޚc@3 Qg,I^݀|z%# hM}D/V%5 K6n%gia eSxni75ea٨1.04}V,l2_giә3&)" ?9m:'gSeJK>8S=8J``PFvF6B+P<(B6E}1΋ V O잌;&Z^5ܾ2D M?,6<ʿHhx4 2f{w2aރh@2cSF'з=?}kR3ɛ8.[Y^Jgh$STNtS1ݠc1'zL6%isleб%N8ܲ3 JOoONy#¢ 8I* B(>,nd\:^(!sJ2͒d/z捕)iHǡoB={qߢ^OMV k?ŅCtL{Յd~v}XiZfwi_u5ԇ:2B@Op0BOjK}7qҔ$gR=s x>*da6nYx\t&.lRlbh,W!Y{͍`3b,4|݃1zgQk:j/4D0--0?Dlש2E˯iaR7G37;/v1iauV;`:m~] 0zCn=~ڳ< h""P4-E+p%qr2A>(ER$ M_ۉ@,Wpy]&g6s1rҨlp-y.J w;VdiP KS*swuk*qX?-׬h-#MP|F7LM58}ӻgPiD$;]d [`XLE!,O\R$u͵48[5^!) hC^Ub?"mM-q8iOL@0m^0X2:>T(YcLm` 0ś@62,֬cJp̶EfB9a%":$d^e.3hU$OU0 fғa؎%T'RʺW₊dF=b5‰D'o}.!3)2rT:0ݹ=\H.CM0wfd#),Dt 2< JE?NE2Q;sj5okTDY_Ǿ<_lk 5{:¥wN pK-WBm˿7thO ][`DWZ\mq jeBKBf(RfVّ!A-HN3T#:F\Qj^'=8Vv daU>A܋t@U?k*?BߠIm]tXe臇ׂZD@DL\~iQ^IӸ,F!4 WԽ˗AQ$aFm)V)7vY ilp1tpO;k*N٤;%S{`ϔ,INqɝß=*1UynE! @nb[4s)xr>\sN( <1EGf]T,`=vYU{#Hi}N3WqD%/pƅVQ<3NC+C qMʴemFTJ`Zx`)dpH)GB|Zd=1Ɯt:?{K Vw^K4NX2b'(|ʞ(Zz?8^,7^gpuZX<QY6Jr.8+vvy<8kHjHdB4M281Ь) z v{X%F?Qș-WqT&*^28/UZ~]ϯ& zE1~i%gCrX&U&X;=w*(1 ^oa]_ArnOW\Q #EǾWkq7L¸=]ԛO;%$ >5O"kEAo8mñx =c߀ :RE6HN'+E1tIΚj m` vFFF'o/u#rfm/)p@v41_;ZH}K\aدÛ8XO 4[k_UdFD#D7)pk6wڼuƱA7KbG@]E'Ɋ#-ѺFϽ}&M 0+Qhz=*{&\ QrSkifXWjIҩ362k.m\t>]l ߅NLϬ*b7, zY|F_촤BNG墲UZ`R84N{|U uZ=~P3ף_ԯ/AgaVOW qJ ҽv8k~llVS]a@p|NKJ镨bxf90A4LjӅ{22 U;0P9^B7tIRn0FS rd6&Zx_1 wxq/hK 4TEHTL***{=Š5ޕI>1fmuhĊ:T,R"~ND&_*UQfG6a (p))W̠2M܎ CQdrXS3fQw\s7d#n-ʸڇ&}GŁeյA$$j=مF8$w?]<1;Zռ2: N&E|vxpҲ%GHmL+nw!J(#9yrS䍰xLG ohfDZkN7] 9= ˟ehxJrpyE˽ˌKbDg$θȷ| 3WDѧәS;V]>>rSnWgm=@N`gVڢ].(,:ڠLG0[usock埽vD i;$hڸdwYb W'WJA7'Kټ8<)nFy;o\_=wW0n*c%Y>xy9b;F > E'1 >_r3]b[5iesj&W#?D+$^ry:gdi+#v^f){{_~'mGe{`0|$? Y@|@MŸL? Å H%܈Na뭏XO˹o8-uˎ{bz2$%+V|bƣ叓#IQ ' *Өc%'{D3N՗$d۲sz]['I4\:%oWFLlQٝi,K.r*= #tdZքދLT鍈J)~SxaTcHCkty‘P /#M I ؄?)`ġiy|:؝l=촥,KD\|5 ul?9BpEqDHۑ(c?(/-XKNpO^NouEjRgm*!Q& &:<Ǥ}j#)Bx@zHvyh/$=A+ f ӿ X> x^җk'zl1 -aߦeDX[MHpnԟ ?N)lb"2c 4ST)rJSB_=3MUHI ;2Re]z(#q^=]ZuQ %׋Jݑ3l5{źZQ7t[e g0$('n !)q5Փ'lXsI}_=(ypZ~z &y{-m|}uewPkȲYݪ.ͩ?³P ^t_-l@X (ϕY)4 WD HѬʍ=3()OGvhMs@QPL[y8]p ^3YjOXu@ $K]pEąOpO_cg,;7 z@[k3BgF:\#F +'Ľg1Ე,K|pםZDCKd,6(W ;´Ҽc.GU/'_ß,}[^\YүlmnY?*d=1cR,g^]8\o/ `xem3rxO"o7ɥva !WaqA8Eƭ$!A5+xZD6-=e~ي2aE˔(l^VdDRrz9:xPʼnONPBk4َmOϢFR ?k(d,εSʃ>!gR8S޾ Zڰq< 7\e79 Ul|9e%ra% iVS]dfB}3Tf#Ud?T#ȷ͟P}dĪb1v(scahw?cMsH`oE˫*69 T_ @jLDɗ&,0r#YNK}&^n $Ocy/ r$m[b0)w/V;uq/(Τ827#@o6-yIt =^0o|l>j;۰Y* #ׇ.:mk9pdPLB-Ϻa-k~A }[h9U~{HVu-˖2fpD >EķYiFM*5vH~BιI6s}ɔc vr{:Rm 3@?2d cQ-Z=晌7JkG \cq%7p:+U!>>emn9&?YiO?6m,X\!LM|,S/Ն?A{Nf#Y;zDf$-DϘG' z$/#OWn\?v %ۑʵR"j r!VÓZW (|u6mnٟރ(p&>ɂ"3j6aR M{T{yy\8sa?RL=+#7-BT7 AdG^N?g9X`3W/^aGbHr.5d@I#*_#~ob!܎.Q܎{,[o.vbJm~m_9OrV. #`[`Tg',qU,h݈]f|l$)Sw^ T}4> xWNx I53};Gű78V37([Qս)STov%_|IS/"4ݔhCeOFo )ctctS!JH8>80+KJǚ2=AF=O&JvSALGϓ /ey8dz`+y,oH%e 1ZD7@{sD!wհGVL>˺9%Ehgdw% 1$B^G \Rs-S4NWP>0;cqh5:Mb:e^"f_0@$)kFQY յx5 Zi_6 O*Ȫﺸmx{Yck3C@U"T/)>8h:ux&/},uIA}%88 $hL${ C2>+L.pmY1i# xqMq8T XOi^8Tj'u2w(oN 5ά$AEWU0?:q#EWhPT՝v"Vw>-0Z&^Ѡ>@)eMt*'^$3L겞g n !dZxi21a;Žx3Cy %_}LUIi+>lQؾm% +( džw3db:B:^hXYK3E33>SIW_XtÝy9b\F ?O#G>qݱkmT|%>6[ Є^Aw1uBguaf&%֨VopSKBtvySi& kIgQ/?W #jH#QaN&09O؁JI\1V=\GM)yF\!xvO0?՞$yBɸ!dMjv mzQ&fE(Y+͙BȪSɐjF{6DP7tУN Bz3= 2'0(sJv[oP̸ zr8ټZu d׼Iz>@ߘg1?& \n6\P$gJ3:áW{΄%wnETqnh^PbIMM(l6w܏ok*v*:N"DNQzob8JE?<7&o-zBR ,7|idHA-G,AU:NV9ObM EG{Ӓڨ;`%)bQ9F'ҥ)P1Ǒ.bKPPi#TǾdvՓ>G.[p<Q41\PJ Mus EۢBsk pTLɉׂ 54z F3`[۴TM%PKmqKk 3ٓuHi~]@#J͂x | :C8Pׂ~,Ȉ"sϼ"ꅂ[߯ gݸhuBS&5ewk87}ω?߁/eOqgzLH{MR'DpIǹD,D0%aH!UBwyy0rx /8RiIIi(j|\ %=<} 1~5VIu^>LM?,~qao$4 P5j2tƋ-_lNi(9?zm'J\8P{jXe=ᅆt=$c5h|!*@|Ǧ+$ ŧ{b:?_('VdћAt{<<8@r&XJ%L9}1TGttRgir=NJMbuGe+o vx`|QJT͊H3@fKmLwB5m|1(> i6u1&opm4*m*t}9&Upݰh4@%(0fy6C]xjv& y522ݴ Vug0pi˰ըw]&y;"=˻IYu5"Zj=Nk) \ `r<RzVڢ䟺K^CUQwvwoocb2)9ŚEޖaSy d $n[B7}kbb/=8kBs64L3Ldjs(}X$+; fI4Vį )~2qoV* =6f'܉'YZ re} Z@D-fRR q}e(7a:ytydˠJGAEYPs$lڡYNpzIDpW;n^gO=8eP#D]+ yM^. ylAbP^O>ڀ@DC~m6< l"QReX_crrC6 [\A Cxr/2AYޑ9U?(f!P<ӥ<ۗedr8S#^A_xEB(HXJ7W)^WeF_٢g^sZ ,Wغn+2VMJal]<<j l'(Ў?GDy)bkP e+BZjJ0;ډ3T!jx! ('AagL f{ E\38lagza -2GJ1jy M=;Ud:Gmy7a*59@QB$'C}p+Mӛ տJ8[+vCD 3AE4?IwB=u:Ȩ!~c26%<2W.e쁆"vIn,pJPWY.n "@GL/Գ%"Mぇ媸= 7)]#4=#rt@zx(z$C]=0$mxԫ24D7 ]1ǯ!p7-uB+m"5ZpsNts3eBUeI5!6' Cn;){:5B;QøYkD 5"Bɥpw WVpB$q@v9Y ;pX0f N~w mz:\+)ixE^K}3]Em҆Z$5\3[? bar~k6~Y<sRI5Xu<6A _l`tW ;$}"pN8oYvl}CBܑ˛;jxMt i0{ P`_ dJ'͆v ^҄߅5V叹S@B'LZf;d{B]~qgA5+\ҕIs <' 2~+c!{bK#yƝ|qŞb7:"*q3Q]i) ԛCo]F kAu8~w} d`NHie4jMΔI2wcbfQ sf$ 2bZJ7Mr)I>e k+oJ=~t%څ[ٲ@RM>|ll՘ Cu4dوAߞ۽VqSx4r紌a#`]Å9y4+KU#h7/-_ PyX]x/G5Yi0λFiF˦DhkꖹrΥSohC4||IqOi#Z$#5Gs 猋(8kB~7ژIO5KǼr%e0 ^K;W.VTUmAA>#uN1Z9>g<VX}KIi*9tB bX?b*HyНX8<X%ei\562j ;2Dm<`1}Ht*^'9"Ev]c:k{^kȘBs ߘ^>448MB^[. 4zӏb`s R: E }/^?vJ%Z i jwgMޮZn2Vw`$2[09Qym\NĤfiQ-SC!59v%zBgM,[ pTƐD!ە=}){h#1x`iB3N\@Qe jb9bR܎%W FBTʗ8l=/tsVcYO9z_]I~3;id:|MK੧0 ڌxRpmz/͙mDP'_e*Ψ.ma"5MQ™~pU{닐drqTСeNא)Q>ZJU{\y5'4%Z_/ُS1{A-MON'OI@ X"zu 7;3t2e,d=ޟ 14nn Frw X-L{[z;~zBz:/70A*2DxIIöy,V/8C$m6R?l{z(%G1 =# ]:5/C&$_7F4ɠP{ Vn/s' ?uL+`m eVn҅:<c}tR y(gУp?쪱5,F1$ 6r$7+Y~K:ڠwpa!@/^g2˜`cM/ ܎ě*.5L!;nKʩ&t;R-tZ&ڊE/o܋|ҾNT6 )=&^ڭ܇ _yrs ouYg%VRe=hά; ~x?zh:(o_H:I /=#$T;sv<qg!cb@ 'FSRx")V;T/(&d"ZP$x7<܄Bs6jbK>Fꌕc J7' >1ize2!+Jx[JI.[\HR͈yBytzlŭb,L̳CY>K9rErkdꀥczqOUN9%-#UyJZ4MIiVI͔An6yo]L]EbWn=C*T(G:NCCEڌID(9 =4 t~p<D({LM `bPgˮgXk PQ'Lطmpz@X|˂= /Η.<4>;0Q=Rhu)3j2:.ZuY\F.|}CvFgjɐ?I=WF1"`YLhX[!cedH[ߩ-Րb$>7?~H >?R,'|{a#Q2;wϗ"lngJL $KBivLm#^\To_Pu8Yakb*nu!E Hsw-bUM{>}W;J ?>@in d0Dk+U2@#JtF~2!*T &<=uRZK5Ҙ$bgX;٦j԰p`\І+_!q5-M-i sȰ`#PxF}{;]WLA"OnF[!Kr.iҒ(GP%Đ:D2C`f!qADms>nF0;=p00KBZV#!'`!\0kwB򗙗dH?oIRrfOJp/%[N>;b}ܤK0+**e;Uyڕ aR:rȜiDq@XLa w|6+`T1פ/1y|TK`ZJ웦[-1?Ƞ$MQMcUx73Z}QJ w5]R2Ŕ,˜>Jr$1ջ9MKn" 59#b B%Dlaf%~wp/N_K5ÓDA3hi}<*.5pƭo~k6޺C溩^= d5Նv0 ۩B&LgR^)MCBDڵyAŀZ|D*{Z{!ʰM]QIN`hU,Qrέ opK``5+MoB :{(-Sz!연9Ģ5AߜYlK?A!cμV{ g : Yn^|x\P}˅Ȣ`g\"ɝGl%-(d"] ympӫC<5 |XGTf:A}45![DzVXyq:;謵MٷF@2;< ok _vyK.otr1RFݦ(R~WW*G7˚B3PIǀf$?4ŕPo.Tਥm%)H6&^Ov_QkIu7új7g6OC\㪒ڈ?]Eѯfz/ )6{ '\h@/wKLխ;Eۭ6"xgAnD+-$YG'z26^yo{w&WRJ,g>-H-}+.c _\$AY j󑌈+uW %~ &s68>Tc/Ӂ&FEeXqQY "zW>S:OhqdNl8{.F=Э!Z6 fc1n[(/i1%x<5qx2+SW QnkljV馂C\;\OCpP;?Z)>z=f>Qs:ֱg5eakWh٨b4nO@p:LqѾl>3S4,ꀿ vV)X~OwǺF(j>!o^̻]AĄj1 ŋb$0 l( " E VFXQOatޏgo(RJ9cF"l6zǛMWC`_|Q%3 t7j˷A_i3U`D?W=U.%lV",fG-}q'KphVAM|846ML(q q؋ڰ_9H s4gw/Լ"{ӳMIBl*U 8$~ޡ.?$>OBOٛMm8R@"^p6SA!k%SO/cV^ oHDXD/&.+CiNd[gɞI&ÿsʰfS/O6qVz-MYа YZ