libssh2-1-1.11.0-150200.9.2.1<>,Dfp9|nj.E!]ʥ'qf wl4j_Ϟ̉hڸWmw,ʴ87ʓy$&0&~DR| n:hYU1%Ǽ ,˵.%7tsSq e"QH"R`>ϓ77=FkYSYU y&p +Sk5N&F4U][':pS|*K >@L?Ld   I(,Efs     * <DNX(89<:>Ig@IvFIGIHIIIXIYI\I]I^JbJcJdKIeKNfKQlKSuKhvKpwLxLyL zL@LPLTLZLClibssh2-11.11.0150200.9.2.1A library implementing the SSH2 protocollibssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS, SECSH-USERAUTH, SECSH-CONNECTION, SECSH-ARCH, SECSH-FILEXFER, SECSH-DHGEX, SECSH-NUMBERS, and SECSH-PUBLICKEY.fh04-ch1cPSUSE Linux Enterprise 15SUSE LLC BSD-3-Clausehttps://www.suse.com/Development/Libraries/C and C++https://www.libssh2.org/linuxx86_64Pff2454025eef2518e76263e23895df0b2d5cdb7c2b3d89669a53cc879e673e3417libssh2.so.1.0.1rootrootrootrootlibssh2_org-1.11.0-150200.9.2.1.src.rpmlibssh2-1libssh2-1(x86-64)libssh2.so.1()(64bit)@@@@@@@@@@@    /sbin/ldconfig/sbin/ldconfiglibc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.25)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libcrypto.so.1.1()(64bit)libcrypto.so.1.1(OPENSSL_1_1_0)(64bit)libcrypto.so.1.1(OPENSSL_1_1_1)(64bit)libz.so.1()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.1f @eee;d@daA@_@_G@]@\\@\MZ]@YTYA%@VIUzU.@pmonreal@suse.compmonreal@suse.comotto.hollmann@suse.compmonreal@suse.compmonreal@suse.compmonreal@suse.comdavid.anes@suse.compmonreal@suse.comdimstar@opensuse.orgpmonrealgonzalez@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.comdimstar@opensuse.orgjengelh@inai.detchvatal@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.com- Fix an issue with Encrypt-then-MAC family. [bsc#1221622] * Test the ETM feature in the remote end's configuration when receiving data. Upstream issue: #1331. * Add libssh2_org-ETM-remote.patch- Always add the KEX pseudo-methods "ext-info-c" and "kex-strict-c-v00@openssh.com" when configuring custom method list. [bsc#1218971, CVE-2023-48795] * The strict-kex extension is announced in the list of available KEX methods. However, when the default KEX method list is modified or replaced, the extension is not added back automatically. * Add libssh2_org-CVE-2023-48795-ext.patch- Security fix: [bsc#1218127, CVE-2023-48795] * Add 'strict KEX' to fix CVE-2023-48795 "Terrapin Attack" * Add libssh2_org-CVE-2023-48795.patch- Upgrade to version 1.11.0 in SLE-15: [jsc#PED-7040] * Add the keyring file: libssh2_org.keyring * Rebase libssh2-ocloexec.patch * Remove libssh2_org-CVE-2020-22218.patch- Security fix: [bsc#1214527, CVE-2020-22218] * The function _libssh2_packet_add() allows to access out of bounds memory. * Add libssh2_org-CVE-2020-22218.patch- Update to 1.11.0: * Enhancements and bugfixes - Adds support for encrypt-then-mac (ETM) MACs - Adds support for AES-GCM crypto protocols - Adds support for sk-ecdsa-sha2-nistp256 and sk-ssh-ed25519 keys - Adds support for RSA certificate authentication - Adds FIDO support with *_sk() functions - Adds RSA-SHA2 key upgrading to OpenSSL, WinCNG, mbedTLS, OS400 backends - Adds Agent Forwarding and libssh2_agent_sign() - Adds support for Channel Signal message libssh2_channel_signal_ex() - Adds support to get the user auth banner message libssh2_userauth_banner() - Adds LIBSSH2_NO_{MD5, HMAC_RIPEMD, DSA, RSA, RSA_SHA1, ECDSA, ED25519, AES_CBC, AES_CTR, BLOWFISH, RC4, CAST, 3DES} options - Adds direct stream UNIX sockets with libssh2_channel_direct_streamlocal_ex() - Adds wolfSSL support to CMake file - Adds mbedTLS 3.x support - Adds LibreSSL 3.5 support - Adds support for CMake "unity" builds - Adds CMake support for building shared and static libs in a single pass - Adds symbol hiding support to CMake - Adds support for libssh2.rc for all build tools - Adds .zip, .tar.xz and .tar.bz2 release tarballs - Enables ed25519 key support for LibreSSL 3.7.0 or higher - Improves OpenSSL 1.1 and 3 compatibility - Now requires OpenSSL 1.0.2 or newer - Now requires CMake 3.1 or newer - SFTP: Adds libssh2_sftp_open_ex_r() and libssh2_sftp_open_r() extended APIs - SFTP: No longer has a packet limit when reading a directory - SFTP: now parses attribute extensions if they exist - SFTP: no longer will busy loop if SFTP fails to initialize - SFTP: now clear various errors as expected - SFTP: no longer skips files if the line buffer is too small - SCP: add option to not quote paths - SCP: Enables 64-bit offset support unconditionally - Now skips leading \r and \n characters in banner_receive() - Enables secure memory zeroing with all build tools on all platforms - No longer logs SSH_MSG_REQUEST_FAILURE packets from keepalive - Speed up base64 encoding by 7x - Assert if there is an attempt to write a value that is too large - WinCNG: fix memory leak in _libssh2_dh_secret() - Added protection against possible null pointer dereferences - Agent now handles overly large comment lengths - Now ensure KEX replies don't include extra bytes - Fixed possible buffer overflow when receiving SSH_MSG_USERAUTH_BANNER - Fixed possible buffer overflow in keyboard interactive code path - Fixed overlapping memcpy() - Fixed Windows UWP builds - Fixed DLL import name - Renamed local RANDOM_PADDING macro to avoid unexpected define on Windows - Support for building with gcc versions older than 8 - Improvements to CMake, Makefile, NMakefile, GNUmakefile, autoreconf files - Restores ANSI C89 compliance - Enabled new compiler warnings and fixed/silenced them - Improved error messages - Now uses CIFuzz - Numerous minor code improvements - Improvements to CI builds - Improvements to unit tests - Improvements to doc files - Improvements to example files - Removed "old gex" build option - Removed no-encryption/no-mac builds - Removed support for NetWare and Watcom wmake build files * Rebase libssh2-ocloexec.patch- Bump to version 1.10.0 Enhancements and bugfixes: * support ECDSA certificate authentication * fix detailed _libssh2_error being overwritten by generic errors * unified error handling * fix _libssh2_random() silently discarding errors * don't error if using keys without RSA * avoid OpenSSL latent error in FIPS mode * fix EVP_Cipher interface change in openssl 3 * fix potential overwrite of buffer when reading stdout of command * use string_buf in ecdh_sha2_nistp() to avoid attempting to parse malformed data * correct a typo which may lead to stack overflow * fix random big number generation to match openssl * added key exchange group16-sha512 and group18-sha512. * add support for an OSS Fuzzer fuzzing target * adds support for ECDSA for both key exchange and host key algorithms * clean up curve25519 code * update the min, preferred and max DH group values based on RFC 8270. * changed type of LIBSSH2_FX_* constants to unsigned long * added diffie-hellman-group14-sha256 kex * fix for use of uninitialized aes_ctr_cipher.key_len when using HAVE_OPAQUE_STRUCTS, regression * fixes memory leaks and use after free AES EVP_CIPHER contexts when using OpenSSL 1.0.x. * fixes crash with delayed compression option using Bitvise server. * adds support for PKIX key reading * use new API to parse data in packet_x11_open() for better bounds checking. * double the static buffer size when reading and writing known hosts * improved bounds checking in packet_queue_listener * improve message parsing (CVE-2019-17498) * improve bounds checking in kex_agree_methods() * adding SSH agent forwarding. * fix agent forwarding message, updated example. * added integration test code and cmake target. Added example to cmake list. * don't call `libssh2_crypto_exit()` until `_libssh2_initialized` count is down to zero. * add an EWOULDBLOCK check for better portability * fix off by one error when loading public keys with no id * fix use-after-free crash on reinitialization of openssl backend * preserve error info from agent_list_identities() * make sure the error code is set in _libssh2_channel_open() * fixed misspellings * fix potential typecast error for `_libssh2_ecdsa_key_get_curve_type` * rename _libssh2_ecdsa_key_get_curve_type to _libssh2_ecdsa_get_curve_type - Rebased patch libssh2-ocloexec.path - Removed patch libssh2_org-CVE-2019-17498.patch: the security fix is already included in the latest version.- Version update to 1.9.0: [bsc#1178083, jsc#SLE-16922] Enhancements and bugfixes: * adds ECDSA keys and host key support when using OpenSSL * adds ED25519 key and host key support when using OpenSSL 1.1.1 * adds OpenSSH style key file reading * adds AES CTR mode support when using WinCNG * adds PEM passphrase protected file support for Libgcrypt and WinCNG * adds SHA256 hostkey fingerprint * adds libssh2_agent_get_identity_path() and libssh2_agent_set_identity_path() * adds explicit zeroing of sensitive data in memory * adds additional bounds checks to network buffer reads * adds the ability to use the server default permissions when creating sftp directories * adds support for building with OpenSSL no engine flag * adds support for building with LibreSSL * increased sftp packet size to 256k * fixed oversized packet handling in sftp * fixed building with OpenSSL 1.1 * fixed a possible crash if sftp stat gets an unexpected response * fixed incorrect parsing of the KEX preference string value * fixed conditional RSA and AES-CTR support * fixed a small memory leak during the key exchange process * fixed a possible memory leak of the ssh banner string * fixed various small memory leaks in the backends * fixed possible out of bounds read when parsing public keys from the server * fixed possible out of bounds read when parsing invalid PEM files * no longer null terminates the scp remote exec command * now handle errors when diffie hellman key pair generation fails * improved building instructions * improved unit tests - Rebased patches: * libssh2-ocloexec.patch * libssh2_org-CVE-2019-17498.patch - Remove patches fixed in this version: libssh2_org-CVE-2019-3855.patch libssh2_org-CVE-2019-3856.patch libssh2_org-CVE-2019-3857.patch libssh2_org-CVE-2019-3858.patch libssh2_org-CVE-2019-3859.patch libssh2_org-CVE-2019-3859-fix.patch libssh2_org-CVE-2019-3860.patch libssh2_org-CVE-2019-3861.patch libssh2_org-CVE-2019-3862.patch libssh2_org-CVE-2019-3863.patch- Drop man and groff BuildRequires: both are no longer used in current versions.- Security fix: [bsc#1154862, CVE-2019-17498] * The SSH_MSG_DISCONNECT:packet.c logic has an integer overflow in a bounds check that might lead to disclose sensitive information or cause a denial of service * Add patch libssh2_org-CVE-2019-17498.patch- Fix upstream patch for CVE-2019-3859 [bsc#1133528, bsc#1130103] - Added libssh2_org-CVE-2019-3859-fix.patch- Version update to 1.8.2: [bsc#1130103] Bug fixes: * Fixed the misapplied userauth patch that broke 1.8.1 * moved the MAX size declarations from the public header- Security fixes: * [bsc#1128471, CVE-2019-3855] Possible integer overflow in transport read allows out-of-bounds write with specially crafted payload - libssh2_org-CVE-2019-3855.patch * [bsc#1128472, CVE-2019-3856] Possible integer overflow in keyboard interactive handling allows out-of-bounds write with specially crafted payload - libssh2_org-CVE-2019-3856.patch * [bsc#1128474, CVE-2019-3857] Possible integer overflow leading to zero-byte allocation and out-of-bounds with specially crafted message channel request SSH packet - libssh2_org-CVE-2019-3857.patch * [bsc#1128476, CVE-2019-3858] Possible zero-byte allocation leading to an out-of-bounds read with a specially crafted SFTP packet - libssh2_org-CVE-2019-3858.patch * [bsc#1128480, CVE-2019-3859] Out-of-bounds reads with specially crafted payloads due to unchecked use of _libssh2_packet_require and _libssh2_packet_requirev - libssh2_org-CVE-2019-3859.patch * [bsc#1128481, CVE-2019-3860] Out-of-bounds reads with specially crafted SFTP packets - libssh2_org-CVE-2019-3860.patch * [bsc#1128490, CVE-2019-3861] Out-of-bounds reads with specially crafted SSH packets - libssh2_org-CVE-2019-3861.patch * [bsc#1128492, CVE-2019-3862] Out-of-bounds memory comparison with specially crafted message channel request SSH packet - libssh2_org-CVE-2019-3862.patch * [bsc#1128493, CVE-2019-3863] Integer overflow in user authenicate keyboard interactive allows out-of-bounds writes with specially crafted keyboard responses - libssh2_org-CVE-2019-3863.patch- Drop openssh BuildRequires: this is only used for one of the minor self-tests.- Remove --with-pic which is only for static libs- Version update to 1.8.0: * support openssl-1.1 * many bugfixes - Fixes bsc#1042660 - Remove obsolete conditionals that are no longer needed- update to 1.7.0 * Fixes CVE-2016-0787 (boo#967026) * Changes: libssh2_session_set_last_error: Add function mac: Add support for HMAC-SHA-256 and HMAC-SHA-512 WinCNG: support for SHA256/512 HMAC kex: Added diffie-hellman-group-exchange-sha256 support OS/400 crypto library QC3 support * and many bugfixes- update to 1.6.0 Changes: Added CMake build system Added libssh2_userauth_publickey_frommemory() Bug fixes: wait_socket: wrong use of difftime() userauth: Fixed prompt text no longer being copied to the prompts struct mingw build: allow to pass custom CFLAGS Let mansyntax.sh work regardless of where it is called from Init HMAC_CTX before using it direct_tcpip: Fixed channel write WinCNG: fixed backend breakage OpenSSL: caused by introducing libssh2_hmac_ctx_init userauth.c: fix possible dereferences of a null pointer wincng: Added explicit clear memory feature to WinCNG backend openssl.c: fix possible segfault in case EVP_DigestInit fails wincng: fix return code of libssh2_md5_init() kex: do not ignore failure of libssh2_sha1_init() scp: fix that scp_send may transmit not initialised memory scp.c: improved command length calculation nonblocking examples: fix warning about unused tvdiff on Mac OS X configure: make clear-memory default but WARN if backend unsupported OpenSSL: Enable use of OpenSSL that doesn't have DSA OpenSSL: Use correct no-blowfish #define kex: fix libgcrypt memory leaks of bignum libssh2_channel_open: more detailed error message wincng: fixed memleak in (block) cipher destructor- update to 1.5.0 * fixes CVE-2015-1782 (bnc#921070) - tarball verification * added libssh2_org.keyring * added libssh2-1.5.0.tar.gz.asc Changes in 1.5.0: Added Windows Cryptography API: Next Generation based backend Bug fixes: Security Advisory: Using `SSH_MSG_KEXINIT` data unbounded, CVE-2015-1782 missing _libssh2_error in _libssh2_channel_write knownhost: Fix DSS keys being detected as unknown. knownhost: Restore behaviour of `libssh2_knownhost_writeline` with short buffer. libssh2.h: on Windows, a socket is of type SOCKET, not int libssh2_priv.h: a 1 bit bit-field should be unsigned windows build: do not export externals from static library Fixed two potential use-after-frees of the payload buffer Fixed a few memory leaks in error paths userauth: Fixed an attempt to free from stack on error agent_list_identities: Fixed memory leak on OOM knownhosts: Abort if the hosts buffer is too small sftp_close_handle: ensure the handle is always closed channel_close: Close the channel even in the case of errors docs: added missing libssh2_session_handshake.3 file docs: fixed a bunch of typos userauth_password: pass on the underlying error code _libssh2_channel_forward_cancel: accessed struct after free _libssh2_packet_add: avoid using uninitialized memory _libssh2_channel_forward_cancel: avoid memory leaks on error _libssh2_channel_write: client spins on write when window full windows build: fix build errors publickey_packet_receive: avoid junk in returned pointers channel_receive_window_adjust: store windows size always userauth_hostbased_fromfile: zero assign to avoid uninitialized use configure: change LIBS not LDFLAGS when checking for libs agent_connect_unix: make sure there's a trailing zero MinGW build: Fixed redefine warnings. sftpdir.c: added authentication method detection. Watcom build: added support for WinCNG build. configure.ac: replace AM_CONFIG_HEADER with AC_CONFIG_HEADERS sftp_statvfs: fix for servers not supporting statfvs extension knownhost.c: use LIBSSH2_FREE macro instead of free Fixed compilation using mingw-w64 knownhost.c: fixed that 'key_type_len' may be used uninitialized configure: Display individual crypto backends on separate lines examples on Windows: check for WSAStartup return code examples on Windows: check for socket return code agent.c: check return code of MapViewOfFile kex.c: fix possible NULL pointer de-reference with session->kex packet.c: fix possible NULL pointer de-reference within listen_state tests on Windows: check for WSAStartup return code userauth.c: improve readability and clarity of for-loops examples on Windows: use native SOCKET-type instead of int packet.c: i < 256 was always true and i would overflow to 0 kex.c: make sure mlist is not set to NULL session.c: check return value of session_nonblock in debug mode session.c: check return value of session_nonblock during startup userauth.c: make sure that sp_len is positive and avoid overflows knownhost.c: fix use of uninitialized argument variable wrote openssl: initialise the digest context before calling EVP_DigestInit() libssh2_agent_init: init ->fd to LIBSSH2_INVALID_SOCKET configure.ac: Add zlib to Requires.private in libssh2.pc if using zlib configure.ac: Rework crypto library detection configure.ac: Reorder --with-* options in --help output configure.ac: Call zlib zlib and not libz in text but keep option names Fix non-autotools builds: Always define the LIBSSH2_OPENSSL CPP macro sftp: seek: Don't flush buffers on same offset sftp: statvfs: Along error path, reset the correct 'state' variable. sftp: Add support for fsync (OpenSSH extension). _libssh2_channel_read: fix data drop when out of window comp_method_zlib_decomp: Improve buffer growing algorithm _libssh2_channel_read: Honour window_size_initial window_size: redid window handling for flow control reasons knownhosts: handle unknown key types/sbin/ldconfig/sbin/ldconfigh04-ch1c 17204313541.11.0-150200.9.2.11.11.0-150200.9.2.1libssh2.so.1libssh2.so.1.0.1/usr/lib64/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:34684/SUSE_SLE-15-SP2_Update/46c5ea33ef99278175b344836cd73591-libssh2_org.SUSE_SLE-15-SP2_Updatedrpmxz5x86_64-suse-linuxELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=3eba59da431489a634c061cfd49a2a1485793f99, stripped PRRRRRRR R R R Rn0gþ& 5Sutf-80c6b2faac866b32cdb0049a5039018a0e78c519c2fc6c52f2360313f342e7bfa?7zXZ !t/j+]"k%]d涻eQQG^"DQ_vqςDiB~ktҸdTOzVɞ0fF=<$7nhd| TD1&k4ep4faEG6V?E1M$!{%لr(MĠ}嶘$ )^&kyS3x X[c-* Cb=mGaj {=" Nr {*2?B;u;$?n`:R3GG0 =6Eq56XC$mɍ'5B^NE8*X:ǐzJpÃxa\3P*0>{;/5H<b<Ɠ&DbF_+kw*v}* p(zSfƨ)[BAg"'GD=v~]d}9{Z:RS'>w`,]NcJ{r򱥫 9UjiTDfM@WB.Ҩ$CV<Jk`#A.b0t s[4籄ECzMDlR$]sIugR_/ ONSZ_G ).0c!S4>7jAdt3mZ֊nوm֏+!7i.U03{U$ K/: -Ѿ9_D|[u;Kc<8Pܰ5'TYV&Mv'Ֆ1v[RRia QT ЦQ'~;Z;d:Z!.d7=%~ߺ;$Xva{a!Td;Hu-(Qb$pzKJQ;D?Q4jNN]2u6l_!Box@d=dms|H+ZKOi/Fؠ@mZ?HvĶz 3+_nؗ Ku{id&m!DC(?N@ {|ȥ6 c}s]jkzkMξtZ~jMΕI`LJ@C9ȾsrINB)&GibZە`/ĂxM,kp~4G  mH(:PT"Yyk@B  ꮼ[`3kqlg`V?_ DŽ/$QS0B^QCa4fËx4h H;6;g9r^Mukw<˖:9ÁVMdHԑK,11c5u$ou-rJ':G5 &_ g,J  x̑HK!R8PX_ 8$9ѐHyH0)R<>h L~wm DAr+ż@N\)OzefW*h↌ݕvp*WfEH67>f?ᴀcZ`Y zXWR6qTN =z .?e^b/XY4+!棕UIk>p* >T)ÝF#4ʕ|&S9c]e , q0/'D܎b"A۝uV2 O=iHtX+YpF)¸`oU+[wSփ?_Mu,z("{g|Ԑ+(PpqPPh{P!,X_9*WF2hoR }z~MjMB;g`<.cy&8ׁRcz>IJ)zvzحa;JթNڙ z*7ߺn[X n^iީ(e{8j:Sw8'kD5K"y]e^yo-h6yǥ:q]O*&XajM—^X&aFrg'H"|ŝɾVR̹u:<{(Av PE׏%<-hq1p*8%ŌnEs1B뼋N+ws}Yc7ITkam1, [PT&iU)]CQ) d"˾:e eA gP9e(l:Wo@{JNN4&t\ Gufa`);aΝzv(V&[{^'zћSϡv)?s*2΂?$EV: i.+Z5D[G2([0ڢ3Ji`,iquyl}Uyio)la5V RLҸN+fӋI-~|9tWeP|NJt5˫t֎(+CWUśMhC%Kw}0fݔDʱ_(s!N{t\U: ڏu(9r w,, R=x'ɗ"Puey!:?G-ujCp?5{~Bf$B1|Ì4 hpmߴQ̗S8 ;" $c׳/x6rUH.u/BEU^/kհF[;>PFk>.k]>Cx>U8$ fj?GZvfwW$\:{ C7q(b=>E_ItIIqfGn+UkkS;Kҡyo1oמ,zZ׈yE՗]Z=5::D#*Grts(%Bh XʃC&cHn;,ݥhtef9}ePa-E5&J-q>q)ffGYL0rΙsmO.e nND?üN _!;zаm2YRI$!}vIh,sxx'p0yg Hj0ᎤK%KЙAG(.6N3 zA8GyRU3g4↝'My-m`†(U ;[CGts D9:>9 ?MhvmcLáR>7\DCˢ˵:&hPv>y"@{Sl4ɴT#$j-=*FG#K=bO?*ݖ._# ǧۚ_9(}# صԬ9a٨̛_a<ʝ c2#2HZg/C>qy.L焜t!J<6Z2;ZIqz]uƓm]޺x},>Y~'w3UӏCp˭J^sj/# FV3Ҭ{ )#48Dl$u!6JaͰi@k Q%)%Qv`L#ȼIө&_ni(~} d;:*[q\!)>fSx݅?UdeHneA L Y~ f` :"}8YĬ ?eMeso^'a  \ZJ6U=dQZ殒ۛEn߷ ɿ,2\FN%Vcp^i[DagimQzLiP#{:p5/c߈;ʖr$W6%h6NwWˮJȞn8TXH@8 N#\"7;*ژ{99 >ޣ' &p/](mLTA mPHvneDbtH<~-wgrWEq|Yɦ}2F繺]mw#[$oB"Al%@?q%Ԭ .i+2 קI<*^RX>w[P^{FY?<: WiEST{՟Mh`{0+RLfދ+-4]Nw-ňs xM_W)Gg3%IΣ}˹QYܦj k~+С'Y ia/ 6,.VV2[_ [P/VSzM1=fV;%Y_l/RK 4<J-Mc'·sGzh@էONE? o;pɖ4AJ,mA[󘈆k'\(ٚ얘e2JcQY "&t t/X?!h?<0{?{uWzISQWV7a*i/#`{:>%ǐeXܟ9_`qtX{=etNӗG{LIt#?8mȈµ^Wq?~=A-ԉ1 G`zdř&Rb+X%k}T}aFaM{WthU|5+p5c狻 SL5IFGS1#qR$tI05:W x^g}_6p p 3>5=AbH39!gږY.RyWrlP\Fmy.sEX=(4c}#.x"mbH)L"&Ko k P+z`sSkmfeix6 0zjʐy瀟L-5Yo; J,@Y`i%"o:t4C8P85p V-pW3fuzxV2i L5:F)e5I@ y%1Y.TTpA߮"qڃS:lCBA)/qYA4{30Цu1nl㤠m)7> 9+H-۽^ *܇`ѥ6Ỿ-ƶogm5!gyEhK;C _x=R7=e^jijue-@ ?$0:3(dߦzCpIW!{DWT;s Ry*c0BPO8g $glH25E#\]U~5.z*,}QSXdUs  lȎ=Z'cI&o.={j34cH?: O!.*)S" dᕌdnK[n©ԋ]Ict{+j&$RSmEP]9Ȧۿ{<2'6lOb_ʨ9Sil&TT=tܤ7My5V; p}'8FQe)=9tS-H4M&(k6:<7%k_q ѩ5o l_h;)s TaKVE6-^-+Ʉp?[g \谋[pբBɽt qh6S|V`mgx'fwkDAD4R1}zB88=Ebpbu yqiV;cyxLVӚC9Ԏ;]ܢ1g]r>uOI|uO&Ʒh)ViHs8W'u6$&u]L'Pam'z~6~nRL VM㝃Tb(/`krmP'g n;hun7bD6:|Z`g*Bާ=_=1Kb>Zo\$13Y>j# sܵ/f;wWIoܬ9F2F$6bGI'Gzng7I]K@^Z1W9\:_7/k {Dw3ikVj,H3l"6j܂k*ȕۚ()΀ +k5w\W++G19_X^MÂR/mԘ 4P !g^^¡R7vJ l@AOgksȒ< 6{gK0?}B˲;k+Y)NTzv;H%ZҒ|"'ErƓ?xAr$9Yꎉ2w]j3.Vv6Aw(|V('ꂹ_7vj o3qwv {0Ibi pXO?2Rz1CC\s\t)>wݲb6ޚH_^kwqu)1)hq]/(qJʊ !De+ڠo޾+%NuxrM, A//2(lDLUۈҔC}6MG}S8S, wN" tG64t|pt ktZV&~/ q͸Vc~P,qɠb Y7blAAsc- %N ݦio { K߀1!3nE17j&[-4 lԭB68A޴=ސB.ToT6py "n(f џvĝ,πE5PE];оwm.Y$s s?k.TЅ>>j$݈JXq^-Hz)lKS[&N<' Kq˙d>}kMOu4G5"23K7nf"|hh{Xx/Uh{*QeN'h8eF~ q!efNf} eqľ,Bi{\* <ZS)΁@JC6fE[ȅOXdi4^Tc :Ӄ(%'Fee?Ez1em]oYE2W(,_O60O; v !W s.O[l6歖z+̕9s53D% ŨE|_ !$16V3'g7قG >16q^\+Ha{m$y4wմ6l>Y=U$M^RKmJ^0op 7Q G,v9/[*kB)@nW-3s4{k5N6[<(dnE#Q,aō6ɭժ cmlOHYϔC3#{ ;/!žGKtpI© ִC@(4M*5dgZUoʇWLKYT!j *;2pDacQ\xGÓdtr}aJ^wί"P] YWp <J!r҄ޥqpd/3>OyQ]q yjNd-61tR_4"} ֳP~qRz!gQCZx{gu] QgJ0!*d_x9"+R>CD>_=i-/ʹr|sԮJV%l)"gdbt1k@a|ܓk waH-)۴8g=lȹ{SuD:Je2 j?䅰)Q`pi!;-R<s0bezVviqcV|#+1l:e̯8 aHFJ]l]L6ʓ!;r_7KoݛA?wtzz9umԜ;}$]-𓶓qUIYB-Z&\I»B;Զ?ԕ|vY>}fhFzJDžidG#o? fG s]=b#զPbFIP~[uS} ђ@[bfn33KEh{ݔԱV:ရJ.oa|!QOZo" %y-EN8;Ş]d6vBH yvO5  %!s*=uBݴ:"w?:7VA;^`"oNC(EO(sozF>c[^@͆l EAǮ'Kt?2uM){4Hm ,R؟B84_(W19^o\#\\>nS6!3\ a<35 k BLk#+>dL _Bb_ݚhnNʔl0*n>W-SꅟqY65324c)&$$(oϣh-1`_X1'VNiUD6fѐge'K ljUi*YSj)SĖfA)M` Pd֮ 2xkdzl 9nӥɛ'e- wHXr,$Nnu)7n!U5 #"-NGG/@Yp=E>`! B-$V=GDr>A;ڔ{Fi8rq`F/uTcP¡Z&ڽi`nv3Cmc`6U;],8S6fԇp_3!t ï`PS)qMX3V]s)W$9peAYDBQ4&'O4 _z=*YC̵k g I93`d[dY=CzگGv흪Y|4Жl$-Aqv/ҩky_K)˒zPG[@K* k@ %{y } $viH@ ϊo+1l8Cʟ3ʦL/Q2)03ۑ@j|LC9zPCZ, 9Ij TW)+C<*f`k!(ǙqCHh$_E }ݠޓh_ik}Sw$ouq58?|w ._֛fŻyq`wZA _ثG"39)27Kj4oF0{=NM0QV@JIgfIG]w On?X`T@$登*Yl"Ē@6sr|֗570FF 蛛 Ch^=02|"L:<3T)fv]bm':n2AVn7_o0kHcm,QQiu ;{}nL2lP`']QI<40jDO M ݀5'6^$1ל 3Id mb&N3|7j߮#;1]c9~ 3͟R$4U.Cfg p(33*XMs zc&)'$B͊e"qT|1@#\IٸV+3 RNg}FnWr%#+톱 3Hva&X[ BQKS}7Ih9gtACSNK+3ԔG}wg)z~p{zLLp] Nؚl:1AT] GTb)4½eŠgdѥSuωI.ۊEW'/SѪ~ Rt3`)~ :L;Aw޼شBڝ wbd$%;*1D 9ׯ,.þ@!Om A_Pf3Os؁[hլ|׊ "Kb*TʂX|UEo  Etr/5?딕 Kb}"YqcA1EZ<>/X9O}FHc%-M_?ʛE p*־ƙTuq]K7HSX$U c {ckb$U<_-C7z J[i= ][ p( IQ"uV9'EL X, 8zw ̎U>(1#Wߢ-4/^;flGJ10-Gvhi,8%2U HPnm•4݃d܆|-h2Â-[[|XYy ?O+wՃ0Jeu wM fv6W zEd6%c2Euͫ]r -,@2̯!TbJa awaosnrt-4enI;bl)N5 _5LAwfʡ [ajԐHq@_rsJ_|<+k\ $0$oOiٻktO&GZse-[W f;[o\}:w >P7(9~:n xqw˜El waB;~+0"U^?V ݓTIv]PTJVid7LT8EP!mЖ.~MmcBq-Nq(Z(Z}?#ێ \``6Zvŷ 1RmQbB qxQC?q8d~=_< Z? S1[qN RY*RQlbܹcsY==\UZ]CM)fؚC2 *j\:8QuXXAܜ-(eH238Nk]Ght3>/\m`6x(rI@3m1hybƲ"hRZPtkn[q s7"(gYxPO1{g?9k[bL&!g0o׮?} n?s z>)j6[;Qh!+9dOK4]b  P{e_"-}/}&pa*#${Y_k zGBm/)0Ms`E/թ&wwW rQۍ٬$tPj TpD:”AJebGpIᎣq0XARr땨SKkόbAfCpy kFL9 hf*V(RJNM54@gB`!Zwi1tS?16t=o *18QF-: ԉ 6XjrxAnC9F,v142KrsDrW9=V;,뗸sGZr$^Y=;9_~l^P83 )]kIy ܵ|+?bӄDi;TSbDbՓ+U\SJ!em R/C jµNS;D?(|'!4efW`ϰdIX>샦"~{_9KC,߷qY/bxªFLY]1Ah{TP/ XwvTxr-˗Ja6d*fʛmzseI ¾`: d=++?ԿN;xBe}Gs sԒ*Wpo"T$7"M~|n ̬O9]hQBm% VfWS;b| VLR~rǤydYjQfۅ!dX3<\(̛-ǺBg3llnks`ӥ&n=B0sWw?ֲ۲}.>-4o vd.:'he$M*  , w്uS&rc49Hx@BMT41FU{޾f\~o[`Jx,MrX-1sZ0JX&'tCe+5BVstYGHqBެjȼW,&{6ˬSm(^=^gZ'sejJ~WGZ&-{jF>bgBCU?#^AWe,s{Sb9P|0#Vy+xՅK2ui!'ݱf~IX8&F.+0:r' GN\X JvK!~\s_em]JĈ1>('n gSzÙb߽9`>7?6Fe2}cc9{|Ջ'$XEВZ-koHv>UPMz2@^FĢ[η>QN?@| {.2s+Qc7QEc>MNX|;!#>˒tjJVbUA@_ hc7jO<2~M[LUm`g$QKHD#\V>,g_kv\rUX2-o%$tu (IkT{bq2_xkpq бIR{!^)dO !E\Y #@wfc6pGIBӿk2U`(|ҥ-Es(enl&FkA5ߊ?1Q|ٯ"Q⚧jd<}5o1Z{´eN,C}n.("~jG EDx;.^qŴp?ԅvbNivbpIQA|})?M4ѼM@~zP2[I:'bO$=L^7>RCBT ߁yKpDڑ s1C+R*#a}\r<Vxe]ȏs+t)t+DRׯj滻[7eb]btLgrm@/]DՁ2œ=5Y/~=4HjBvmx xYu1'I𵆺ɯi)ldl!*@EWT^ cr@Ļw:>S8A:n27qHs4ٮi-6:,xID#3?P{vksŭQѯWBt94r$]xΗ7r^^tjqVj8kz19lb$"iŴ }* К׊8B3b 0~/@!nA} -:I%BHL?==P?sR-3 R*hm,7 L87eVxQۏ4;&3HtKw mXE6't {р;K7@ɜBH+},Q1T.ջz:#`%mV=hJ<ӁL `3P8)xh;+\[x>,sU`;rZޒ/;q }/KNVC1r 7]K)!m33Aا]3M' (Uf˂E) dߐyZ˵QJ2a:=$ Ɏׂ()YCXI Oc%*>$/̟be|yqFN]-ɞ\pSW\1LجkD9>g% fd%r i_ׇ/1 ;"f8֢5avR%cVgqce,ފP Q$$!{A9L+O`T`e;۴@N C6$4|]^3FZm(S,y!G49@DZ4%vI}c Ls( ,_Tv&G鶶 l"\ N& z *vM˽ n\, ?GOs/!gfpA1H^= 5k{ (̗9ّx\$A=}> 7www)B Q&(B "LwO,k.nfʿ sVh@5my*hI! dӾ iwkP?9aPRPm[:^'8_"Tw ` %$̨5s8.R (m %ƊUϊANI~ TXN7;*:Xa.|kTT&VN/ճ\* 9)Rԩľqd[ בdHV1*#B_[4eoF?ONrV{󏄊[D4'EI|S:>=I?gvx_ alrt2UjxppWLNrl}mI$ x"JRA}'?H\)\(s $5mbEP{q:amWӡ7 Մ@4`YufH-jP:85d &Bk GEة^FzCOLCyҦNRR4ɣmAaG[nC齶 7?tE3}S{фL|:^)'4 L ܲd" H\K@F+O"4A+897hnv~0?|#tmRniQ#Nj#,I&f$S 4 `0Łq:ܠn}K9_U6+a9cF!ʞxRu[Fpܮ2yq&͝{ R@)ٍI!XCA\2- \~ݬ%'>V!Oiد4|iCЦLg{Zzv%q&ƺDNĎȁm,2,fr6ˠccM \7Ik Qh~pM7 1wadA-u7d?VR5 hgXSkΞTfyaWcelx@yL qnlz͠N >6yDH*{l2?l[\m;̶?FkI9^)NGM%8TFGʳ04(ֈKP,S`?}NשqkYhK#$=V$7}mnu7 M=p=zK]x2q5t"ֶq~yS/nąӓowbd䱉3E[մ}ݿa蓙b"Ҷk@,Bĉ4DfHKc=MRwfOr/ZD%g諁E0J;H|t Y@2'.V6(|Qɥl`Ϫ,( i19Ut3Fvuem!f[ A+Pexhm0Y"&9kf9&bjfIlNVM#DGZs: ؄6@ #)Ҿ\qR H~PވQ&Sl[[~ ǽ1 @"U6-B8w:% ^5DSل`ȪADՌtRŔ6|tzD/y QEqEBm!P)'ùEkJc :.tҊV'a@8R?#:J"[|>3E6n)/NucLJIhH, 0r[bBGlh>˄ (d| K`.h} Rmrru}9gRhX@\C-j/gL&41O-zDeY] !@g 1Q~dW ρlW6r+.*WAխ|([FѣCVÓ:'1U,6e*X^'7sbc fLZyWX^ZEΝ$Y2FAA= YZ