libssh2-1-1.11.0-150200.9.2.1<>,fp9|Y|vL;hq!HֲuxSKqropN@tLie %'D2mU\tguH~J3Ǖ. ,9 [zy C }Ú/80|Bt[BP6|$'⼙x|߷ҦBcΙf4f5$8k&;1sAUy-;x@S-pbFvx̰X^m({ԍ_~Jndk^'!R>@L?Lxd   I(,Efs     * <DNX(89:>IC@IRFIaGIxHIIIXIYI\I]I^IbIcJdK%eK*fK-lK/uK@vKHwKxKyK zLL(L,L2LtClibssh2-11.11.0150200.9.2.1A library implementing the SSH2 protocollibssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS, SECSH-USERAUTH, SECSH-CONNECTION, SECSH-ARCH, SECSH-FILEXFER, SECSH-DHGEX, SECSH-NUMBERS, and SECSH-PUBLICKEY.fs390zp31pSUSE Linux Enterprise 15SUSE LLC BSD-3-Clausehttps://www.suse.com/Development/Libraries/C and C++https://www.libssh2.org/linuxs390xpf f b4d912ee4929f115ebb5f811ade56dc93b0cf5c98fd4b6ce61a2d8acfd70a0e6libssh2.so.1.0.1rootrootrootrootlibssh2_org-1.11.0-150200.9.2.1.src.rpmlibssh2-1libssh2-1(s390-64)libssh2.so.1()(64bit)@@@@@@@@@@    /sbin/ldconfig/sbin/ldconfiglibc.so.6()(64bit)libc.so.6(GLIBC_2.2)(64bit)libc.so.6(GLIBC_2.25)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libcrypto.so.1.1()(64bit)libcrypto.so.1.1(OPENSSL_1_1_0)(64bit)libcrypto.so.1.1(OPENSSL_1_1_1)(64bit)libz.so.1()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.1f @eee;d@daA@_@_G@]@\\@\MZ]@YTYA%@VIUzU.@pmonreal@suse.compmonreal@suse.comotto.hollmann@suse.compmonreal@suse.compmonreal@suse.compmonreal@suse.comdavid.anes@suse.compmonreal@suse.comdimstar@opensuse.orgpmonrealgonzalez@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.comdimstar@opensuse.orgjengelh@inai.detchvatal@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.com- Fix an issue with Encrypt-then-MAC family. [bsc#1221622] * Test the ETM feature in the remote end's configuration when receiving data. Upstream issue: #1331. * Add libssh2_org-ETM-remote.patch- Always add the KEX pseudo-methods "ext-info-c" and "kex-strict-c-v00@openssh.com" when configuring custom method list. [bsc#1218971, CVE-2023-48795] * The strict-kex extension is announced in the list of available KEX methods. However, when the default KEX method list is modified or replaced, the extension is not added back automatically. * Add libssh2_org-CVE-2023-48795-ext.patch- Security fix: [bsc#1218127, CVE-2023-48795] * Add 'strict KEX' to fix CVE-2023-48795 "Terrapin Attack" * Add libssh2_org-CVE-2023-48795.patch- Upgrade to version 1.11.0 in SLE-15: [jsc#PED-7040] * Add the keyring file: libssh2_org.keyring * Rebase libssh2-ocloexec.patch * Remove libssh2_org-CVE-2020-22218.patch- Security fix: [bsc#1214527, CVE-2020-22218] * The function _libssh2_packet_add() allows to access out of bounds memory. * Add libssh2_org-CVE-2020-22218.patch- Update to 1.11.0: * Enhancements and bugfixes - Adds support for encrypt-then-mac (ETM) MACs - Adds support for AES-GCM crypto protocols - Adds support for sk-ecdsa-sha2-nistp256 and sk-ssh-ed25519 keys - Adds support for RSA certificate authentication - Adds FIDO support with *_sk() functions - Adds RSA-SHA2 key upgrading to OpenSSL, WinCNG, mbedTLS, OS400 backends - Adds Agent Forwarding and libssh2_agent_sign() - Adds support for Channel Signal message libssh2_channel_signal_ex() - Adds support to get the user auth banner message libssh2_userauth_banner() - Adds LIBSSH2_NO_{MD5, HMAC_RIPEMD, DSA, RSA, RSA_SHA1, ECDSA, ED25519, AES_CBC, AES_CTR, BLOWFISH, RC4, CAST, 3DES} options - Adds direct stream UNIX sockets with libssh2_channel_direct_streamlocal_ex() - Adds wolfSSL support to CMake file - Adds mbedTLS 3.x support - Adds LibreSSL 3.5 support - Adds support for CMake "unity" builds - Adds CMake support for building shared and static libs in a single pass - Adds symbol hiding support to CMake - Adds support for libssh2.rc for all build tools - Adds .zip, .tar.xz and .tar.bz2 release tarballs - Enables ed25519 key support for LibreSSL 3.7.0 or higher - Improves OpenSSL 1.1 and 3 compatibility - Now requires OpenSSL 1.0.2 or newer - Now requires CMake 3.1 or newer - SFTP: Adds libssh2_sftp_open_ex_r() and libssh2_sftp_open_r() extended APIs - SFTP: No longer has a packet limit when reading a directory - SFTP: now parses attribute extensions if they exist - SFTP: no longer will busy loop if SFTP fails to initialize - SFTP: now clear various errors as expected - SFTP: no longer skips files if the line buffer is too small - SCP: add option to not quote paths - SCP: Enables 64-bit offset support unconditionally - Now skips leading \r and \n characters in banner_receive() - Enables secure memory zeroing with all build tools on all platforms - No longer logs SSH_MSG_REQUEST_FAILURE packets from keepalive - Speed up base64 encoding by 7x - Assert if there is an attempt to write a value that is too large - WinCNG: fix memory leak in _libssh2_dh_secret() - Added protection against possible null pointer dereferences - Agent now handles overly large comment lengths - Now ensure KEX replies don't include extra bytes - Fixed possible buffer overflow when receiving SSH_MSG_USERAUTH_BANNER - Fixed possible buffer overflow in keyboard interactive code path - Fixed overlapping memcpy() - Fixed Windows UWP builds - Fixed DLL import name - Renamed local RANDOM_PADDING macro to avoid unexpected define on Windows - Support for building with gcc versions older than 8 - Improvements to CMake, Makefile, NMakefile, GNUmakefile, autoreconf files - Restores ANSI C89 compliance - Enabled new compiler warnings and fixed/silenced them - Improved error messages - Now uses CIFuzz - Numerous minor code improvements - Improvements to CI builds - Improvements to unit tests - Improvements to doc files - Improvements to example files - Removed "old gex" build option - Removed no-encryption/no-mac builds - Removed support for NetWare and Watcom wmake build files * Rebase libssh2-ocloexec.patch- Bump to version 1.10.0 Enhancements and bugfixes: * support ECDSA certificate authentication * fix detailed _libssh2_error being overwritten by generic errors * unified error handling * fix _libssh2_random() silently discarding errors * don't error if using keys without RSA * avoid OpenSSL latent error in FIPS mode * fix EVP_Cipher interface change in openssl 3 * fix potential overwrite of buffer when reading stdout of command * use string_buf in ecdh_sha2_nistp() to avoid attempting to parse malformed data * correct a typo which may lead to stack overflow * fix random big number generation to match openssl * added key exchange group16-sha512 and group18-sha512. * add support for an OSS Fuzzer fuzzing target * adds support for ECDSA for both key exchange and host key algorithms * clean up curve25519 code * update the min, preferred and max DH group values based on RFC 8270. * changed type of LIBSSH2_FX_* constants to unsigned long * added diffie-hellman-group14-sha256 kex * fix for use of uninitialized aes_ctr_cipher.key_len when using HAVE_OPAQUE_STRUCTS, regression * fixes memory leaks and use after free AES EVP_CIPHER contexts when using OpenSSL 1.0.x. * fixes crash with delayed compression option using Bitvise server. * adds support for PKIX key reading * use new API to parse data in packet_x11_open() for better bounds checking. * double the static buffer size when reading and writing known hosts * improved bounds checking in packet_queue_listener * improve message parsing (CVE-2019-17498) * improve bounds checking in kex_agree_methods() * adding SSH agent forwarding. * fix agent forwarding message, updated example. * added integration test code and cmake target. Added example to cmake list. * don't call `libssh2_crypto_exit()` until `_libssh2_initialized` count is down to zero. * add an EWOULDBLOCK check for better portability * fix off by one error when loading public keys with no id * fix use-after-free crash on reinitialization of openssl backend * preserve error info from agent_list_identities() * make sure the error code is set in _libssh2_channel_open() * fixed misspellings * fix potential typecast error for `_libssh2_ecdsa_key_get_curve_type` * rename _libssh2_ecdsa_key_get_curve_type to _libssh2_ecdsa_get_curve_type - Rebased patch libssh2-ocloexec.path - Removed patch libssh2_org-CVE-2019-17498.patch: the security fix is already included in the latest version.- Version update to 1.9.0: [bsc#1178083, jsc#SLE-16922] Enhancements and bugfixes: * adds ECDSA keys and host key support when using OpenSSL * adds ED25519 key and host key support when using OpenSSL 1.1.1 * adds OpenSSH style key file reading * adds AES CTR mode support when using WinCNG * adds PEM passphrase protected file support for Libgcrypt and WinCNG * adds SHA256 hostkey fingerprint * adds libssh2_agent_get_identity_path() and libssh2_agent_set_identity_path() * adds explicit zeroing of sensitive data in memory * adds additional bounds checks to network buffer reads * adds the ability to use the server default permissions when creating sftp directories * adds support for building with OpenSSL no engine flag * adds support for building with LibreSSL * increased sftp packet size to 256k * fixed oversized packet handling in sftp * fixed building with OpenSSL 1.1 * fixed a possible crash if sftp stat gets an unexpected response * fixed incorrect parsing of the KEX preference string value * fixed conditional RSA and AES-CTR support * fixed a small memory leak during the key exchange process * fixed a possible memory leak of the ssh banner string * fixed various small memory leaks in the backends * fixed possible out of bounds read when parsing public keys from the server * fixed possible out of bounds read when parsing invalid PEM files * no longer null terminates the scp remote exec command * now handle errors when diffie hellman key pair generation fails * improved building instructions * improved unit tests - Rebased patches: * libssh2-ocloexec.patch * libssh2_org-CVE-2019-17498.patch - Remove patches fixed in this version: libssh2_org-CVE-2019-3855.patch libssh2_org-CVE-2019-3856.patch libssh2_org-CVE-2019-3857.patch libssh2_org-CVE-2019-3858.patch libssh2_org-CVE-2019-3859.patch libssh2_org-CVE-2019-3859-fix.patch libssh2_org-CVE-2019-3860.patch libssh2_org-CVE-2019-3861.patch libssh2_org-CVE-2019-3862.patch libssh2_org-CVE-2019-3863.patch- Drop man and groff BuildRequires: both are no longer used in current versions.- Security fix: [bsc#1154862, CVE-2019-17498] * The SSH_MSG_DISCONNECT:packet.c logic has an integer overflow in a bounds check that might lead to disclose sensitive information or cause a denial of service * Add patch libssh2_org-CVE-2019-17498.patch- Fix upstream patch for CVE-2019-3859 [bsc#1133528, bsc#1130103] - Added libssh2_org-CVE-2019-3859-fix.patch- Version update to 1.8.2: [bsc#1130103] Bug fixes: * Fixed the misapplied userauth patch that broke 1.8.1 * moved the MAX size declarations from the public header- Security fixes: * [bsc#1128471, CVE-2019-3855] Possible integer overflow in transport read allows out-of-bounds write with specially crafted payload - libssh2_org-CVE-2019-3855.patch * [bsc#1128472, CVE-2019-3856] Possible integer overflow in keyboard interactive handling allows out-of-bounds write with specially crafted payload - libssh2_org-CVE-2019-3856.patch * [bsc#1128474, CVE-2019-3857] Possible integer overflow leading to zero-byte allocation and out-of-bounds with specially crafted message channel request SSH packet - libssh2_org-CVE-2019-3857.patch * [bsc#1128476, CVE-2019-3858] Possible zero-byte allocation leading to an out-of-bounds read with a specially crafted SFTP packet - libssh2_org-CVE-2019-3858.patch * [bsc#1128480, CVE-2019-3859] Out-of-bounds reads with specially crafted payloads due to unchecked use of _libssh2_packet_require and _libssh2_packet_requirev - libssh2_org-CVE-2019-3859.patch * [bsc#1128481, CVE-2019-3860] Out-of-bounds reads with specially crafted SFTP packets - libssh2_org-CVE-2019-3860.patch * [bsc#1128490, CVE-2019-3861] Out-of-bounds reads with specially crafted SSH packets - libssh2_org-CVE-2019-3861.patch * [bsc#1128492, CVE-2019-3862] Out-of-bounds memory comparison with specially crafted message channel request SSH packet - libssh2_org-CVE-2019-3862.patch * [bsc#1128493, CVE-2019-3863] Integer overflow in user authenicate keyboard interactive allows out-of-bounds writes with specially crafted keyboard responses - libssh2_org-CVE-2019-3863.patch- Drop openssh BuildRequires: this is only used for one of the minor self-tests.- Remove --with-pic which is only for static libs- Version update to 1.8.0: * support openssl-1.1 * many bugfixes - Fixes bsc#1042660 - Remove obsolete conditionals that are no longer needed- update to 1.7.0 * Fixes CVE-2016-0787 (boo#967026) * Changes: libssh2_session_set_last_error: Add function mac: Add support for HMAC-SHA-256 and HMAC-SHA-512 WinCNG: support for SHA256/512 HMAC kex: Added diffie-hellman-group-exchange-sha256 support OS/400 crypto library QC3 support * and many bugfixes- update to 1.6.0 Changes: Added CMake build system Added libssh2_userauth_publickey_frommemory() Bug fixes: wait_socket: wrong use of difftime() userauth: Fixed prompt text no longer being copied to the prompts struct mingw build: allow to pass custom CFLAGS Let mansyntax.sh work regardless of where it is called from Init HMAC_CTX before using it direct_tcpip: Fixed channel write WinCNG: fixed backend breakage OpenSSL: caused by introducing libssh2_hmac_ctx_init userauth.c: fix possible dereferences of a null pointer wincng: Added explicit clear memory feature to WinCNG backend openssl.c: fix possible segfault in case EVP_DigestInit fails wincng: fix return code of libssh2_md5_init() kex: do not ignore failure of libssh2_sha1_init() scp: fix that scp_send may transmit not initialised memory scp.c: improved command length calculation nonblocking examples: fix warning about unused tvdiff on Mac OS X configure: make clear-memory default but WARN if backend unsupported OpenSSL: Enable use of OpenSSL that doesn't have DSA OpenSSL: Use correct no-blowfish #define kex: fix libgcrypt memory leaks of bignum libssh2_channel_open: more detailed error message wincng: fixed memleak in (block) cipher destructor- update to 1.5.0 * fixes CVE-2015-1782 (bnc#921070) - tarball verification * added libssh2_org.keyring * added libssh2-1.5.0.tar.gz.asc Changes in 1.5.0: Added Windows Cryptography API: Next Generation based backend Bug fixes: Security Advisory: Using `SSH_MSG_KEXINIT` data unbounded, CVE-2015-1782 missing _libssh2_error in _libssh2_channel_write knownhost: Fix DSS keys being detected as unknown. knownhost: Restore behaviour of `libssh2_knownhost_writeline` with short buffer. libssh2.h: on Windows, a socket is of type SOCKET, not int libssh2_priv.h: a 1 bit bit-field should be unsigned windows build: do not export externals from static library Fixed two potential use-after-frees of the payload buffer Fixed a few memory leaks in error paths userauth: Fixed an attempt to free from stack on error agent_list_identities: Fixed memory leak on OOM knownhosts: Abort if the hosts buffer is too small sftp_close_handle: ensure the handle is always closed channel_close: Close the channel even in the case of errors docs: added missing libssh2_session_handshake.3 file docs: fixed a bunch of typos userauth_password: pass on the underlying error code _libssh2_channel_forward_cancel: accessed struct after free _libssh2_packet_add: avoid using uninitialized memory _libssh2_channel_forward_cancel: avoid memory leaks on error _libssh2_channel_write: client spins on write when window full windows build: fix build errors publickey_packet_receive: avoid junk in returned pointers channel_receive_window_adjust: store windows size always userauth_hostbased_fromfile: zero assign to avoid uninitialized use configure: change LIBS not LDFLAGS when checking for libs agent_connect_unix: make sure there's a trailing zero MinGW build: Fixed redefine warnings. sftpdir.c: added authentication method detection. Watcom build: added support for WinCNG build. configure.ac: replace AM_CONFIG_HEADER with AC_CONFIG_HEADERS sftp_statvfs: fix for servers not supporting statfvs extension knownhost.c: use LIBSSH2_FREE macro instead of free Fixed compilation using mingw-w64 knownhost.c: fixed that 'key_type_len' may be used uninitialized configure: Display individual crypto backends on separate lines examples on Windows: check for WSAStartup return code examples on Windows: check for socket return code agent.c: check return code of MapViewOfFile kex.c: fix possible NULL pointer de-reference with session->kex packet.c: fix possible NULL pointer de-reference within listen_state tests on Windows: check for WSAStartup return code userauth.c: improve readability and clarity of for-loops examples on Windows: use native SOCKET-type instead of int packet.c: i < 256 was always true and i would overflow to 0 kex.c: make sure mlist is not set to NULL session.c: check return value of session_nonblock in debug mode session.c: check return value of session_nonblock during startup userauth.c: make sure that sp_len is positive and avoid overflows knownhost.c: fix use of uninitialized argument variable wrote openssl: initialise the digest context before calling EVP_DigestInit() libssh2_agent_init: init ->fd to LIBSSH2_INVALID_SOCKET configure.ac: Add zlib to Requires.private in libssh2.pc if using zlib configure.ac: Rework crypto library detection configure.ac: Reorder --with-* options in --help output configure.ac: Call zlib zlib and not libz in text but keep option names Fix non-autotools builds: Always define the LIBSSH2_OPENSSL CPP macro sftp: seek: Don't flush buffers on same offset sftp: statvfs: Along error path, reset the correct 'state' variable. sftp: Add support for fsync (OpenSSH extension). _libssh2_channel_read: fix data drop when out of window comp_method_zlib_decomp: Improve buffer growing algorithm _libssh2_channel_read: Honour window_size_initial window_size: redid window handling for flow control reasons knownhosts: handle unknown key types/sbin/ldconfig/sbin/ldconfigs390zp31 17204316311.11.0-150200.9.2.11.11.0-150200.9.2.1libssh2.so.1libssh2.so.1.0.1/usr/lib64/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:34684/SUSE_SLE-15-SP2_Update/46c5ea33ef99278175b344836cd73591-libssh2_org.SUSE_SLE-15-SP2_Updatedrpmxz5s390x-suse-linuxELF 64-bit MSB shared object, IBM S/390, version 1 (SYSV), dynamically linked, BuildID[sha1]=9524b6947fbe846cdc30626ec4c0e736c3f37e7a, stripped PRRRRRR R R RRNOWǬx欥(utf-8cc7d7ff0142cab43d647c94af3baa9dd44b545108176e0bc7c607afac481b300?7zXZ !t/_]"k%]d涻eQQG^"DQ_͡*vvՕLa층KFԎkcj I'jM>C˺KkK0oGG}hGCF] 51)PqkV根);Nj.+򾔈2H82m:d31ۙO,$In\)B`5*mT͊u؛NQOdx3PWB@]ƳҤ;"tFr)~>vӶP ?o+oAPK;8;FRQ$U"α_ pvHp<יRe#ZI;p\ZlZEhI1Ɯއol07+|Ƙ[Qik~hJU+,{| p;s>MPsRLO\z[gȕ GKTj!{gmrIPw''-RO|ks4:K!GÐ!I]~YxbS`MvyTNTܔk2b3:x-_8̲A+6S"~BNCс(2z9-,O~Hs(˜t7hXս/ VfV$n&R4;99g@^KOA{)'i+7tIտ`E+oV] ->(I hؾQ,o>ͣ$sk?"oS}E~AYBgcQf殩E]9Pkjk.Mj5u]Np *a䏫itJ#R|,jTKx#mb48`V4ꑛNM)Ѕ>罩{pJ4+!# {9m;L@pY>*\:PAY(tWd 02M'?\4<Ù6?ZoXt*cM6}0PQ~՗IG A.o)ѣK!0Pl#{@ 8_\#yxE@pXz ~hl?V*$SfM-&$(2%dUo? *Q P[u-_K5tEɰM2#ԁfGWK#5&{y@|^jYM2Ykkd0s1)O,w`r@f`fN 6} &p'5Dsr%YZ'Cl9gnYMlh2 ݿ> ٚŦ؟dyQ] y`6$SrSP1C`R;?PN½8ԕ8, ֶw$%:`1Des0ZB0YPO0_ ~POPzd KԉT]Vή[8+0#{yl&~}`L!%!"(Vђ8?R}et,2:,GIX }[u`+@g`mb6amAXS7_u>ބ:sս%D +.Q$qڥtq.7xiRz/9|z`H1jyw :Z+5racejGMa ^"0t_T}1kRod6鈷'CaUV[fM; PmC,>7XTS"3X'Wu7NܹmmkyÖ{-i6SPo %GBӖGa&ItmvI$M'(9ZJ`HXNVƒ&20l#~}xKbNB! )`ҋHIv˿DHEsϹ'QlS$*JaHp l"F'8y흪-s]@eC1 7_ F%b./whT}$1rgA1gҫWUB!ڥ*iS\.w!_:ZOdiKvȖwR ů]rX& fVD5vgҪٮ%aQUJ]*hThywtv-ep:8) 9@. f'8; aUf=#?O[2 y@ȒkvU;Z: KooSs9$̀s0+M~k(*Qaւk6G{nNB@%:| ytCHG&?kl Ύ{vP,KN vXL)V:D;cHEUTFgΗ!#}%pi0Z3kڊSV0ɳiIJ:F\BvΚÎ恢Fim-"ْ\sԝay\;e}U&:fj3zAn@Y %^4nWɑJh!WWFuoe6]P yoK*˙+2 ﻥ'T ÂysXB|)ap4e6N0*[p=m "ڬ&^__P43ؠeXok7jX%h|0Lg 8ھU2OK1y!-"O$V%݌XVHIq{K$^b>EW@{^י:fd,u, !@qlQ(7BE6o%Z݄}}ȝ=䫜r~Bvm&# ^x'K}3%"]BfLwjM^痗Ԁ?g=`'ņ#?RKX0=z+ NW92D۷* *܎Q|. ZyF<8~bbkH~D7R^wf=n `eu,OօUi&5lN[_fBr4#7Je?ەY0#uj鴆ـVmSSsTdpx9Ԡ1X=7^TD^GC?TAb.^ۼ:v7x} ,̈́ʎ!t]CF&FVr}". 2%8繴7t[Qۏ'63i$e⎹]skn"`yt<6W5 [/6߶u0ZҫGn]ɽztz徵9)͝}WږnCGaSM-T@jCzT`O6C0 QNa#h] . &A^~ !$&5ζ^ H.$mt&joZ2>ۏX0ي%,Z$jڿ׆6P-i3{/r7)ot>j` "UŤh$`b\+DQmv #xzfk[ٛ RYS um%JFJ8dNa`*j9AʑZ҅xs/sk67Ȟ'UށE KXks軷@|+[_ ޲US㹆cuA;UvB9v^TVٽ7(^C´nZ&A yN:S}4nk1qU>1 #BI2/Krq; .?Kja8St U~_:,kX/N 5:4rmـ߮!}; q 'W`(-%*09"tNOfHScq{0+7 ?T#۷]Xv~%&+޷_ A7 8y <IgU5}x-]@CIJ,?yS[}R.';0@#Ρ>\ၫԤPYcl W)$Uz&V *n%u[RE:֐_v (4U˝z{3x*%%ѢF5u`*}z1 b'Ϯ ;#OMF&gA?¹ eәЭ{&PTR%{}zɔ{c $R6,6s<jYC`LDTqwɫdLSl[X8hqshEEܻ˙M(Ds[hC6cHẻ 6f?v׼4 >>yMo)ݶݔ As-?/b*3fyTBS#:<&LrBO>w5za Dx^nQzCF/$< o5ݰ洘ֻ&.'gV3';nD+! wTdSLHѵLʍHIhædj ֗^XTuhvyϴL7{iƒ/bu]%2`J5%4kG ,vԲۯ߷ϝ\kJ l2xo(>)Dz~IJd8E|xW<_#i?k/c2m۱`AD' ~N3 \!܍UGCYY(P)s]`So+ɷ'j6Óqo䩢yAhF*b5yIGg绉|q9u-bA o*KȰ,D_"SeX5;0^sUV2F~}8b-03;^a8L$>so#cV6viPP?G^,Mg%coRdq89 i1 WZ #G{ڰJ-B=GN:DU)Kӆ뵧h4_6Y2ވi^`pf]QIal)jvi ҇'ᏂO,M)vz>Jq8SG[?7acA^Ҷ 81}|"> F*&ð~iE0lîg|u8`a:rñtAy+ L 1؊C菒{TtfGMj:$+kܜO 'ܳqŮd$ 7$ ERۥHTF@4U޻!q9hB#[gvxD:OЄ# cPdGkrXE0i%:ədJH6U+//'~'T%A{p; b'W w^T,اK 31ZlZuYI=j9#! 딭tą›Svş-W ԁ I7~a ԶVQ._ |yogt5:86uT)JeF(|7h* NO>E8{O515Or/t,u>b-MO "/uֈyOw["ɣ7m4*uU憏%'kPxQZ,MCoYVcXC&:qG%^o͑InSfY2 n2utحY}4p1\WKπ\VL/ŅGeQd`nNNv]x( GHm)o2MKIɄNlG"y%J/d֫_AS%@p=F{IN[Uΐ9i` MdV@oDhߢۚ^$(lUZP9SK²+ oog/(u/EEd2.s&]g*X' ~jpO$w~JdxS ܩ!PEV@k h@z9G^+ w&L(Fң{~v֧w~b;RhHT䵍@(Fc<٥0`gl*==H3MThWAɤ'WO't)~/5ńT' S%8:jul\v)M#M7 z" )+9ZZD=~j^巊8_C%ȿcSdKtuYrsLw75& gGɥ&D;p|TkktZ x!golaIVD |{S5K9}Y3&:}!FncMjROGd13u2c!3e9w08X Ȁ 34nЩHt4' "JwgH'N YB)6,$Zm@hE3b:4d M\"YR^Mϊ./8&+@?P a6xvpLwAG].I"ҽkޘ 9݌2?k=֙[mhٷK 8D#(=|ŗT[,KKEץ=)Y_4 %neNXN n$)'krq:5a,L2xGT<3v?[\^; 븭|lJ;+n/gT Zn.<)kGp5~r"4+u8@d Kp&s>Wƥ7c&2#)vaEy6A*4iKVc(a{lA]DndˈI\*X k9tP25H§O%Jw;p3.=x Ni-u_K@:xj}L;m^PvcӘOWTNv*?g3e+xMEA$z[YIQ\]2~$}f`h9\Ҋ$H pb,8%族ʧKd+tس3# bA 5 r3TR;`"҉nA!% j(uV\S9uhczU'\d/; XR[*0φ`:1W7%"Z³.0Tsa%0%-> H<{Tl}6o$ec 48/hW@>YC*P/\Lv2Y(fmS"QlT@?Bb;1ҘLp3E0o ] Ϫ\YC䒛/0*^sc?$X#: )7{$9U>@e%*1 1L"RE<8J+!(xx'W Ӹ'@5&Pkvft򛊎{_bD̵g略Wގc7(_sIܪ 7ֳE3NGVðK^4}{6fyGkH[%fA}SI4~NS4\v݈#d7!V_a'ϭ*~DM6*ٺْ*\E푃w&Va-ԕϡoudNӘtWf\ƶKNMQM&+V6++ Ȼc Cz ?1חwp40?paDlދt:)9R~@5AVẍ́f@EV&Kdt60~\9!~KvXYB!Zs K17<)|rQ!#Qv8?"L)?EjkbToi0.X-Dл zvՒz{${-+BsG-K~^'1MCfC1 I# m}0C|taC![[@&Q_Rf*,9輼bRLb0̛-Ӯ;T7ihodSp Ph6]@H8Gn!AG*b ʒ93=dIY ٗkfٲiT[wSj$͢OFJDk^RF. %˪"c9&N<.  R95m6<^-`jC=gkV_* 4nr z2"̃NFӜT&x#$)3Εne"oLo+Hy:;Bp-M{KV-_B8,gF>D:ʰ|U1^]ȹ~vk}4F,{| #N؍*~_"MT]P@G:ڽk4Rl@ c(ѾiiE7*33tB -J_>M8oR*5 +! @{'8`* 6a{'Z [qȔ IJݹR`~b&;!tg>P8Jg:_\T1 PRab"3נ4/l" cu^TysF In 7ˊFUCk֌W[ob s=]F^>| MT_388q{nWyPU R y? kɣ>(DO5.źĈjHE͓+T[N<ĝ CtpMDmժ("BK[#RL+g F a@JDR|=?2=v`r^oF.inbS #1 ʼɟO`-m0}vk8r j"Q׌~7\B'mULhqظ<2:[i&WIȂ%vƬD> bPҞ\=A9m޼x ,BjH_R5x93Nq2&iK &Y^dMmXf7/ &L΀ n7V 񣀛Q]kpY%ɬ;eO|HzY3$ve7w aWWδ^5Ks,]{jp5܊ #xzdV_e$@x!X ޑd;&f^:޻7!R]YF.:( I%˘cf>7%P Nf UwB}BhlTҋ9 `*P'hַՄ)n+<#d(̸5tdx@p潚V.®ӈ DQvtoh}rI>@.: JiPai=Ysw)u/< :H^ߨnW4T8o&©D$3`Y+_PxODee{X_ 1m+Uoh؃o_g!rAΣRGF'r~@{N/Dp>>(MVO?Y>6N9G1##TJV 48`TqTşyq@~xJӖ')$*1kgIzthHҸZ1^h6[pql1ź d9ɾe?#IK5l}`)?NI'"͢6gq+؄w PuP4nRz /|wdcкϹ q5 p.Ybk+[\ ؓZfE/Wc' }$AO+H$81oo]Z 1naK:#P>ਲ਼7Cb'R1Hd/ |bYi$wȢ,G+KlHzmYD]xjUVV֗A0$cC$fj'$31ŀJ3u·pOE;|` Xa@fI oܥ c *,KcۯsaE5id4lkZ4S 3_a\*H^`\.d K U%Rl .{}1V6%9wv0⮔P$N<{yxq+̆'~SfmҚJ9N\!E vk q[x9t{Gu Z+. Y*5z۫% i-K5sw#L-à_!˭&7^!ja'[,Ճqʻ"N6 {Vu@2ȩ_WKlmďwQT:'EƆ:tP2.Hw뵯}%XyCW ĢI .(3'mlܭt#ozH:oD5PE*a$WC7+ LtK5)P8B^&;43^VC'VXee+ZKOs$^_51 yq=ib"ۺJ$4>qEmiô])D9GFQ49-<<(6dLVz;d3ZSt =GtPH2GZA@3j %h%+hQŶGɑt3i=Ħ V kO)]u\_Zy{R Vf83;jdbT5l>+*y~AeTL5D~C:rZȎu .|Id쀔<6Y|aiDGpj`OR] +R09q؟ٞa(4NHRc5=;ڮ&ب(f:H,ܐ[f"h}=C%3:c;GOkГ~ dX1,ͺ[/: + {4*ިB,47wK 8ĸ`&P{ z?W I@~|섆ලt$7 Kͳ7âxpSڝ\DNGYBݭmp,1[AI0IFp D̀htX 7$uuiy~tu'TMK±q@|ˬ_"x r#x4 :FMxCfOFE`G͂)@amu{*4& Í9 ۯj'(|by#[蟴$́ÏZcGaYXK ,"gtХ&YH'*ժd_p A5 ZAXn*xWF3EJWO!GTɬ-Є-'ɱLNs=լ79VOT6G+\0 i#v؅hA/A\U5|h>l=AKzjr!}=eՂB@mK PE@Wgm◆UsLEWvFPe0b"gN'*P^ao G!U%[H ;ҰɋR`+o]Ih?s:&E".2œo OpYR ^:o0/)Dª?Xk eKFqq !!dӕMϾ,kPД^}vƮ7Q%L~#!#eml*k":ON'[|2%JMYۿ'5 4 *=b\L~gxգ6?VLr0v*QRY~fuJ;yl`1fhpuPbm.ʘ1XJȬb)Ʈ&L] sc [6dzŰ.*dw ήQ%)A,w ٙ签V' a , $H= X`GґiJu102w4<=b'PW)-®Pe(̡w,e)B[?AkQcLl?<&kT\'଀6;R ׿hPxt nX+@U2^#rFB]#$o=߉`Hj3xZGSwSkPxw]6֬}J)F A@ۋ]5#֎?xt*ChAN ئ!Zh3<Sh6c-B}juQiՋG'"o_izkGX!< Nw"#(FќK#cF>$;9뷾'מM#RC|=L86>5Z)"O_7{F'ݰq&+Rigx@u;Ͽ28yeK;OGv?d 0'0g 0:`5Tat|꧖-( 0lPF_)5e4Weti?J$BAOO6̵T}mܴ)#$61'0/g}(ͧp#%]tȍ$umPk0;BGs-MC0i @Ps: y[rfHGt)>^'%w{xEMh[Utm樨ǓUwV-::z1 ~T(( 豀fo 5]3KCq_r VOպfs|Ь !zYQPDHAg=.:<`,s G6mnlP5ة6v. yYodVe1we#=oI+Vö pv*<'Dֵe{M5 (%.;Iڿ_Ѐt>^1AϷhbJg[+uFIs/|qnF|Hh~b S=mхcGiueHCy5i:SvnѼ+)x~O-mo:i9?A`[Os^zO}Sd}}1 jӕi(?߼ F+3Y1RyY~uD{ٹP}a~ӯ?CԤkMCJWjXGbVqݩU`6E46a C:FcD`80TK|FJDqg'=$_AM6[{/GK l*{S7&^zSL 蟝 }Lba4U[+ A_uN[Pog'W҃J~C7>K"D"Ϸ$Wﶯu7&ZQ'\M#\˷=Q/F^NL̗jӟlOom{5mDŭuguWZO'{JXCԧ‡S͍ez\g_qdu;(w]m/u{ Q!Yuܸ&0_#"o=O+ט${o)"Y]t*!z 't?uBS2~d~\mC]l/Oۍ2^6mdE 3Czq7r#>|G902sAPK-q}qi6Qbm *~~ov4.ΙB6nd%͈6ClF F 1$ݽٞ%Lwci&tnbqe[@p>9 Uploԛ{8M9eEKNG-PqMC0laxs=@}ob:A! @k۬ hcG_ǹUn檍?ty̵3kgD{ՋQf_[۞\ZJnzئ 8Φ7:XhCeebM ͩO*fZ0/ixCگLa1ַ0Cyxr yty\wu"m{Dcxçw$Njs@a%e:)侰C]|Ԩcx~4<5GMnj.J-@⟯"8`}/o%/oQtbG`>_Md |V4J^9;@m~T%W/<#E"k1Y h6%'[ z/&xu";L_#Djq{;6s%9gSm`coʴMUcE68#ao\Vc!aCU4C8tr#LjǩR =3Z,C<٬xP++nZA}!{k6|#eD98JE9̙7pkwrc;n93kӚJn犟m"QzܦMMm|y/Ι(ɃՅ6 吞/#}Zkb8ũ$0Be n4` s @ _.%=8 SdfRu Cn]pn2Uv"P\ aK-$%^C5t*o J9V!^6=ة9D%}-hq*jrV9rÓ윶541 QWh+-Qq<[34LߵO\\ǃo!*π2 h0q@]bOq:$fMPJ*hzbER7V qm:Lg+'y覝pf\&0Ov( tu QM== n|/FA[giV,,(QD4XjA6{XOauۦ3ɺeuoL.Hxl(r2Rs&TD%R7/&=H23N.ls}cqoNt8$k㡟A3O]e (ȵ/Au2nx 7 g(F%^5ES,c* Ii_j ]18_ NxBGѵ^<@))V,h0ȄiqXXvF~;h_36ک]SQ #=(6f>0'u;&*Dx%q75ĵVfem;1@BaT e5`eE/H.tFT'&eT623D~=A ^=TRÚGOcZ"LΗ:xwpF7"r(rJ#<%:C b!IYNM7^w8toA9,ey{WwRJQ}yn)SSMu YZ