í«îÛ    pdns-backend-geoip-4.1.8-lp151.2.9.1                                                Ž­è         <   >     ,     è            ê          ì          —À‰ _kQt¸‹/Ô=½Â„`ÿy'e"¬Üººòçü–…Z5>Ôƒÿ_ŠKi€û<òÎrÞ¬5BdˆþuŠ“ECÿœ•{ÞÀ¾Höé?@zˆL³ãfE»6/Tú®¯öÌ°lœ–º’ ÷/êÄSÓÕˆêÁCÂ<tÛj×$p,ã(ºµE}O“÷K@—ÈlÐù6ä©¸½“5žµ†ññv€CDšÛGN¸}ä¢äN÷Ï‘j:ÞÛ:XËª$”È¹6ÀóÔ¸÷[ób]ÁÅ÷¡O´9ìbÔZ–ÍyŽ§Ãïø…ô/’Dè¿ˆ7€Ý-:æX¼±yƒ4 FŽ†¶V®ñ0¢I2éýDC)ã<Ë"Â5h?×µå¯vö´0œ¸ƒ"(‘   >   ÿÿÿÀ       Ž­è       >  X¨   ?     X˜      d            è           é           ê           ì   	   '     í   	   ?     î      ä     ï      è     ñ      ð     ò      ô     ó          ö          ÷          ø   	  6     ü     Z     ý     t     þ     z          „          ˆ     	     Š     
     Œ                    Ñ          Ô          Ø          Ý          â                              T          ¬                (     S     8     \   2  9     $   2  :     
€   2  F     U†     G     U˜     H     Uœ     I     U      X     U¤     Y     U°     \     UØ     ]     UÜ     ^     Uï     b     V      c     V©     d     W7     e     W<     f     W?     l     WA     u     WT     v     WX     w     Wè     x     Wì     y     Wð     z     X8     “     XH     Æ     XL     ä     XR     å     X”   C pdns-backend-geoip 4.1.8 lp151.2.9.1 GeoIP2 backend for pdns The PowerDNS Nameserver is a authoritative-only nameserver.
It conforms to contemporary DNS standards documents.

This package holds the GeoIP2 backend for pdns.    _kQtlamb58   øXopenSUSE Leap 15.1 openSUSE GPL-2.0-only http://bugs.opensuse.org Productivity/Networking/DNS/Servers https://www.powerdns.com/ linux x86_64     øXí  _kQm231cd67ad65621df5ca604a4e50e5b1c858b546c7b00e39f9de62f03a03987a6        root root pdns-4.1.8-lp151.2.9.1.src.rpm    ÿÿÿÿlibgeoipbackend.so()(64bit) pdns-backend-geoip pdns-backend-geoip(x86-64)     @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @      
  
  
  
libc.so.6()(64bit) libc.so.6(GLIBC_2.14)(64bit) libc.so.6(GLIBC_2.2.5)(64bit) libc.so.6(GLIBC_2.3.4)(64bit) libc.so.6(GLIBC_2.4)(64bit) libgcc_s.so.1()(64bit) libgcc_s.so.1(GCC_3.0)(64bit) libmaxminddb.so.0()(64bit) libstdc++.so.6()(64bit) libstdc++.so.6(CXXABI_1.3)(64bit) libstdc++.so.6(CXXABI_1.3.9)(64bit) libstdc++.so.6(GLIBCXX_3.4)(64bit) libstdc++.so.6(GLIBCXX_3.4.11)(64bit) libstdc++.so.6(GLIBCXX_3.4.20)(64bit) libstdc++.so.6(GLIBCXX_3.4.21)(64bit) libstdc++.so.6(GLIBCXX_3.4.9)(64bit) libyaml-cpp.so.0.6()(64bit) pdns rpmlib(CompressedFileNames) rpmlib(FileDigests) rpmlib(PayloadFilesHavePrefix) rpmlib(PayloadIsXz)                  4.1.8 3.0.4-1 4.6.0-1 4.0-1 5.2-1 4.14.1   _k8À^‡%@^`éÀ]A‚À\”Î@\ˆ@\ˆ@\ˆðÀ[âÓÀ[†ŠÀ[©@Zõ…ÀZÝÊÀZÐ›ÀZ†ÇÀZòÀZþ@Zþ@YøeÀYè“ÀYÎ5ÀY}Ê@YMÀYMÀXÞDÀX“@X~@XxÁ@XxÁ@XN‘@Wœ–ÀWƒŠ@WJÙÀV±ëÀV8¡ÀUæäÀUvÕ@U>$ÀU8ÞÀTôPÀTÐ¸@TÐ¸@TÐ¸@Tto@Taú@T_W@TR(@TO…@TO…@TO…@Adam Majer <adam.majer@suse.de> Adam Majer <adam.majer@suse.de> VÃ­tÄ›zslav ÄŒÃ­Å¾ek <vcizek@suse.com> Adam Majer <adam.majer@suse.de> Michael StrÃ¶der <michael@stroeder.com> Michael StrÃ¶der <michael@stroeder.com> Michael StrÃ¶der <michael@stroeder.com> Dirk Mueller <dmueller@suse.com> Michael StrÃ¶der <michael@stroeder.com> amajer@suse.com michael@stroeder.com kbabioch@suse.com mrueckert@suse.de adam.majer@suse.de michael@stroeder.com adam.majer@suse.de mrueckert@suse.de adam.majer@suse.de jengelh@inai.de adam.majer@suse.de vcizek@suse.com wr@rosenauer.org michael@stroeder.com michael@stroeder.com mrueckert@suse.de adam.majer@suse.de michael@stroeder.com adam.majer@suse.de adam.majer@suse.de dimstar@opensuse.org michael@stroeder.com mrueckert@suse.de michael@stroeder.com michael@stroeder.com michael@stroeder.com michael@stroeder.com michael@stroeder.com mrueckert@suse.de michael@stroeder.com mrueckert@suse.de mrueckert@suse.de mrueckert@suse.de mrueckert@suse.de mrueckert@suse.de michael@stroeder.com Led <ledest@gmail.com> michael@stroeder.com mrueckert@suse.de mrueckert@suse.de mrueckert@suse.de - CVE-2020-17482.patch: fixed an error that can result in leaking of
  uninitialised memory through crafted zone records
  (CVE-2020-17482, bsc#1176535) - pdns_maxmind.patch: backport support for MaxMindDB - Build with libmaxminddb instead of the obsolete GeoIP (bsc#1156196) - CVE-2019-10162.patch: fixes a denial of service but when authorized
  user to cause the server to exit by inserting a crafted record in
  a MASTER type zone under their control. (bsc#1138582, CVE-2019-10162)
- CVE-2019-10163.patch: fixes a denial of service of slave server when
  an authorized master server sends large number of NOTIFY messages
  (bsc#1138582, CVE-2019-10163)
- CVE-2019-10203.patch: update postgresql schema to address a possible
  denial of service by an authorized user by inserting a crafted
  record in a MASTER type zone under their control.
  (bsc#1142810, CVE-2019-10203)
  To fix the issue, run the following command against your PostgreSQL
  pdns database:
    ALTER TABLE domains ALTER notified_serial TYPE bigint
    USING CASE WHEN notified_serial >= 0
    THEN notified_serial::bigint END; - Update to 4.1.8
  * #7604: Correctly interpret an empty AXFR response to an IXFR query,
  * #7610: Fix replying from ANY address for non-standard port,
  * #7609: Fix rectify for ENT records in narrow zones,
  * #7607: Do not compress the root,
  * #7608: Fix dot stripping in `setcontent()`,
  * #7605: Fix invalid SOA record in MySQL which prevented the authoritative server from starting,
  * #7603: Prevent leak of file descriptor if running out of ports for incoming AXFR,
  * #7602: Fix API search failed with â€œCommands out of sync; you canâ€™t run this command nowâ€,
  * #7509: Plug `mysql_thread_init` memory leak,
  * #7567: EL6: fix `CXXFLAGS` to build with compiler optimizations. - Update to 4.1.7 with a security fix:
  * Insufficient validation in the HTTP remote backend
    (bsc#1129734, CVE-2019-3871) - Update to 4.1.6
  * Prevent more than one CNAME/SOA record in the same RRset - adjust buildrequires for mariadb 10.2.x on SLES - Update to 4.1.5
  * Improvements
  - Apply alias scopemask after chasing
  - Release memory in case of error in the openssl ecdsa constructor
  - Switch to devtoolset 7 for el6
  * Bug Fixes
  - Crafted zone record can cause a denial of service
    (bsc#1114157, CVE-2018-10851)
  - Packet cache pollution via crafted query
    (bsc#1114169, CVE-2018-14626)
  - Fix compilation with libressl 2.7.0+
  - Actually truncate truncated responses - Update to 4.1.4
  - Improvements
  * #6590: Fix warnings reported by gcc 8.1.0.
  * #6632, #6844, #6842, #6848: Make the gmysql backend future-proof
  * #6685, #6686: Initialize some missed qtypes.
  - Bug Fixes
  * #6780: Avoid concurrent records/comments iteration from
    running out of sync.
  * #6816: Fix a crash in the API when adding records.
  * #4457, #6691: pdns_control notify: handle slave without
    renotify properly.
  * #6736, #6738: Reset the TSIG state between queries.
  * #6857: Remove SOA-check backoff on incoming notify and fix
    lock handling.
  * #6858: Fix an issue where updating a record via DNS-UPDATE in
    a child zone that also exists in the parent zone, we would
    incorrectly apply the update to the parent zone.
  * #6676, #6677: Geoipbackend: check geoip_id_by_addr_gl and
    geoip_id_by_addr_v6_gl return value. (Aki Tuomi) - Use HTTPS links in .spec file like mentioned in PowerDNS announcements
- removed obsolete 6370.patch
- Update to 4.1.3
  - Improvements
  * #6239, #6559: pdnsutil: use new domain in b2bmigrate (Aki Tuomi)
  * #6130: Update copyright years to 2018 (Matt Nordhoff)
  * #6312, #6545: Lower â€˜packet too shortâ€™ loglevel
  - Bug Fixes
  * #6441, #6614: Restrict creation of OPT and TSIG RRsets
  * #6228, #6370: Fix handling of user-defined axfr filters return values
  * #6584, #6585, #6608: Prevent the GeoIP backend from copying
    NetMaskTrees around, fixes slow-downs in certain configurations
    (Aki Tuomi)
  * #6654, #6659: Ensure alias answers over TCP have correct name - Update to 4.1.2
  - Improvements
  * API: increase serial after dnssec related updates
  * Auth: lower â€˜packet too shortâ€™ loglevel
  * Make check-zone error on rows that have content but shouldnâ€™t
  * Auth: avoid an isane amount of new backend connections during an axfr
  * Report unparseable data in stoul invalid_argument exception
  * Backport: recheck serial when axfr is done
  * Backport: add tcp support for alias
  - Bug Fixes
  * Auth: allocate new statements after reconnecting to postgresql
  * Auth-bindbackend: only compare ips in ismaster() (Kees Monshouwer)
  * Rather than crash, sheepishly report no file/linenum
  * Document undocumented config vars
  * Backport #6276 (auth 4.1.x): prevent cname + other data with dnsupdate
  - misc
  * Move includes around to avoid boost L conflict
  * Backport: update edns option code list
  * Auth: link dnspcap2protobuf against librt when needed
  * Fix a warning on botan >= 2.5.0
  * Auth 4.1.x: unbreak build
  * Dnsreplay: bail out on a too small outgoing buffer (CVE-2018-1046 bsc#1092540) - add patch for upstream issue #6228
  https://patch-diff.githubusercontent.com/raw/PowerDNS/pdns/pull/6370.patch - geoip not available on SLE15 but protobuf support is available. - Update to version 4.1.1:
  bug-fix only release, with fixes to the LDAP and MySQL backends,
  the pdnsutil tool, and PDNS internals - Update to version 4.1.0:
  + Recursor passthrough removal. Migration plans for users of
    recursor passthrough are in documentation and available at,
    https://doc.powerdns.com/authoritative/guides/recursion.html
  + Improved performance: 4x speedup in some scenarios
  + Crypto API: DNSSEC fully configurable via RESTful API
  + Database: enhanced reconnection logic solving problems
    associated with idle disonnection from database servers.
  + Documentation improvements
  + Support for TCP Fast Open
  + Removed deprecated SOA-EDIT values: INCEPTION and INCEPTION-WEEK
- pkgconfig(krb5) is now always required for building LDAP backend
- pdns-4.0.4_mysql-schema-mariadb.patch: removed, upstreamed - package schema files in ldap subpackage - Update to version 4.0.5:
  + fixes CVE-2017-15091: Missing check on API operations
  + Bindbackend: do not corrupt data supplied by other backends in
    getAllDomains
  + For create-slave-zone, actually add all slaves, and not only
    first n times
  + Check return value for all getTSIGKey calls.
  + Publish inactive KSK/CSK as CDNSKEY/CDS
  + Treat requestorâ€™s payload size lower than 512 as equal to 512
  + Correctly purge entries from the caches after a transfer
  + LuaWrapper: Allow embedded NULs in strings received from Lua
  + Stubresolver: Use only recursor setting if given
  + mydnsbackend: Add getAllDomains
  + LuaJIT 2.1: Lua fallback functionality no longer uses Lua namespace
  + gpgsql: make statement names actually unique
  + API: prevent sending nameservers list and zone-level NS in rrsets - Ensure descriptions are neutral. Remove ineffective --with-pic.
- Do not ignore errors from useradd.
- Trim idempotent %if..%endif around %package. - Added pdns.keyring linked from https://dnsdist.org/install.html - Don't BuildRequire Botan 1.x which will be dropped (bsc#1055322)
  * upstream support for Botan was dropped in favor of OpenSSL, see
  https://blog.powerdns.com/2016/07/11/powerdns-authoritative-server-4-0-0-released - This makes the schema fit storage requirements of various
  mysql/mariadb versions. pdns-4.0.4_mysql-schema-mariadb.patch
- preset uid and gid in configuration - fixed use of pdns_protobuf - update to 4.0.4
  - fixes ed25519 signer. This signer hashed the message before
    signing, resulting in unverifiable signatures.
  - send a notification to all slave servers after every dnsupdate
  for complete list of changes, see
  https://blog.powerdns.com/2017/06/23/powerdns-authoritative-server-4-0-4-released/ - added pdns-4.0.3_allow_dacoverride_in_capset.patch:
  Adding CAP_DAC_OVERRIDE to fix startup problems with sqlite3
  backend - use individual libboost-*-devel packages instead of boost-devel - update to 4.0.3 which obsoletes b854d9f.diff - b854d9f.diff: revert upstream change that caused a regression
  with multiple-backends - update to 4.0.2:
  The following security issues were fixed:
  - 2016-02: Crafted queries can cause abnormal CPU usage
  (CVE-2016-7068, boo#1018326)
  - 2016-03: Denial of service via the web server
  (CVE-2016-7072, boo#1018327)
  - 2016-04: Insufficient validation of TSIG signatures
  (CVE-2016-7073, CVE-2016-7074, boo#1018328)
  - 2016-05: Crafted zone record can cause a denial of service
  (CVE-2016-2120, boo#1018329)
  For complete changelog, see
  https://doc.powerdns.com/md/changelog/#powerdns-authoritative-server-402 - BuildRequire pkgconfig(libsystemd) instead of
  pkgconfig(libsystemd-daemon): these libs were merged in systemd
  209 times. The build system is capable of finding either one. - update to 4.0.1
  Bug fixes
  - #4126 Wait for the connection to the carbon server to be established
  - #4206 Don't try to deallocate empty PG statements
  - #4245 Send the correct response when queried for an NSEC directly (Kees Monshouwer)
  - #4252 Don't include bind files if length <= 2 or > sizeof(filename)
  - #4255 Catch runtime_error when parsing a broken MNAME
  Improvements
  - #4044 Make DNSPacket return a ComboAddress for local and remote (Aki Tuomi)
  - #4056 OpenSSL 1.1.0 support (Christian Hofstaedtler)
  - #4169 Fix typos in a logmessage and exception (Christian Hofsteadtler)
  - #4183 pdnsutil: Remove checking of ctime and always diff the changes (Hannu Ylitalo)
  - #4192 dnsreplay: Only add Client Subnet stamp when asked
  - #4250 Use toLogString() for ringAccount (Kees Monshouwer)
  Additions
  - #4133 Add limits to the size of received {A,I}XFR (CVE-2016-6172)
  - #4142 Add used filedescriptor statistic (Kees Monshouwer) - update to 4.0.0
  https://blog.powerdns.com/2016/07/11/powerdns-authoritative-server-4-0-0-released/
  https://blog.powerdns.com/2016/07/11/welcome-to-powerdns-4-0-0/
- packaging changes:
  - remotebackend split out now
  - enabled experimental_gss_tsig support
  - enabled protobuf based stats support
  - no more xdb and lmdb backend
  - added odbc backend where supported
- drop pdns-3.4.0-no_date_time.patch: replaced with
  - -enable-reproducible - update to 3.4.9
  * use OpenSSL for ECDSA signing where available
  * allow common signing key
  * Add a disable-syslog setting
  * fix SOA caching with multiple backends
  * whitespace-related zone parsing fixes [ticket #3568]
  * bindbackend: fix, set domain in list() - update to 3.4.8
  * Use AC_SEARCH_LIBS (Ruben Kerkhof)
  * Check for inet_aton in libresolv (Ruben Kerkhof)
  * Remove hardcoded -lresolv, -lnsl and -lsocket (Ruben Kerkhof)
  * pdnssec: don't check disabled records (Pieter Lexis)
  * pdnssec: check all records (including disabled ones)
    only in verbose mode (Kees Monshouwer)
  * traling dot in DNAME content (Kees Monshouwer)
  * Fix luabackend compilation on FreeBSD i386 (RvdE)
  * silence g++ 6.0 warnings and error (Kees Monshouwer)
  * add gcc 5.3 and 6.0 support to boost.m4 (Kees Monshouwer) - update to 3.4.7
  Bug fixes:
  * Ignore invalid/empty TKEY and TSIG records (Christian Hofstaedtler)
  * Don't reply to truncated queries (Christian Hofstaedtler)
  * don't log out-of-zone ents during AXFR in (Kees Monshouwer)
  * Prevent XSS by escaping user input. Thanks to Pierre Jaury and Damien
  Cauquil at Sysdream for pointing this out.
  * Handle NULL and boolean properly in gPGSql (Aki Tuomi)
  * Improve negative caching (Kees Monshouwer)
  * Do not divide timeout twice (Aki Tuomi)
  * Correctly sort records with a priority.
  Improvements:
  * Direct query answers and correct zone-rectification in the GeoIP
  backend (Aki Tuomi)
  * Use token names to identify PKCS#11 keys (Aki Tuomi)
  * Fix typo in an error message (Arjen Zonneveld)
  * limit NSEC3 iterations in bindbackend (Kees Monshouwer)
  * Initialize minbody (Aki Tuomi)
  New features:
  * OPENPGPKEY record-type (James Cloos and Kees Monshouwer)
  * add global soa-edit settings (Kees Monshouwer) - update to 3.4.6 [boo#943078] CVE-2015-5230
  Bug fixes:
  * Avoid superfluous backend recycling
  * Removal of dnsdist from the authoritative server distribution
  * Add EDNS unknown version handling and tests EDNS unknown version
  handling
  Improvements:
  * Update YaHTTP to v0.1.7
  * Make trailing/leading spaces stand out in pdnssec check_zone
  * GCC 5.2 support and sync boost.m4 macro with upstream
  * Log answer packets only if log-dns-details is enabled - update to 3.4.5
  Bug fixes:
  * be careful reading empty lines in our config parser and prevent
  integer overflow.
  * prevent crash after --list-modules (Ruben Kerkhof)
  * Limit the maximum length of a qname
  Improvements:
  * Support /etc/default for our debian/ubuntu packages (Aki Tuomi)
  * Our Boost check doesn't recognize gcc 5.1 yet (Ruben Kerkhof)
  * Various PKCS#11 fixes and improvements (Aki Tuomi)
  * Several fixes for building on OpenBSD (Florian Obser)
  * Fix several issues found by Coverity (Aki Tuomi)
  * Look for mbedtls before polarssl (Ruben Kerkhof)
  * Detect Lua on OpenBSD (Ruben Kerkhof)
  * Let pkg-config determine botan dependency libs (Ruben Kerkhof)
  * kill some further mallocs and add note to remind us not to add them back
  * Move remotebackend-unix test socket to testsdir (Aki Tuomi)
  * Defer launch of coprocess until first question (Aki Tuomi)
  * pdnssec: check for glue and delegations in parent zones (Kees
  Monshouwer) - no longer ship dnsdist here, we will ship a new package based on
  the snapshots from http://dnsdist.org/ - update to 3.4.4 with a fix for CVE-2015-1868 (boo# 927569)
  Bug fixes:
  - commit ac3ae09: fix rectify-(all)-zones for mixed case domain
    names
  - commit 2dea55e, commit 032d565, commit 55f2dbf: fix
    CVE-2015-1868
  - commit 21cdbe5: Blocking IO in busy-wait for remote backend
    (Wieger Opmeer)
  - commit cc7b2ac: fix double dot for root MX/SRV in bind slave
    zone files (Kees Monshouwer)
  - commit c40307b: Properly lock lmdb database, fixes ticket #1954
    (Aki Tuomi)
  - commit 662e76d: Fix segfault in zone2lmdb (Ruben Kerkhof)
  New Features:
  - commit 5ae212e: pdnssec: warn for insecure wildcards in opt-out
    zones
  - commits cd3f21c, 8b582f6, 0b7e766, f743af9, dcde3c8 and
    f12fcf7: TKEY record type (Aki Tuomi)
  - commits 0fda1d9, 3dd139d, ba146ce, 25109e2, c011a01, 0600350,
    fc96b5e, 4414468, c163d41, f52c7f6, 8d56a31, 7821417, ea62bd9,
    c5ababd, 91c8351 and 073ac49: Many PKCS#11 improvements (Aki
    Tuomi)
  - commits 6f0d4f1 and 5eb33cb: Introduce xfrBlobNoSpaces and use
    them for TSIG (Aki Tuomi)
  Improvements:
  - commit e4f48ab: allow "pdnssec set-nsec3 ZONE" for insecure
    zones; this saves on one rectify when securing a NSEC3 zone
  - commits cce95b9, e2e9243 and e82da97: Improvements to the
    config-file parsing (Aki Tuomi)
  - commit 2180e21: postgresql check should not touch LDFLAGS
    (Ruben Kerkhof)
  - commit 0481021: Log error when remote cannot do AXFR (Aki
    Tuomi)
  - commit 1ecc3a5: Speed improvements when AXFR is disabled
    (Christian Hofstaedtler)
  - commits 1f7334e and b17799a: NSEC3 and related RRSIGS are not
    part of the dnstree (Kees Monshouwer)
  - commits dd943dd and 58c4834: Change ifdef to check for
    __GLIBC__ instead of __linux__ to prevent errors with other
    libc's (James Taylor)
  - commit c929d50: Try to raise open files before dropping
    privileges (Aki Tuomi)
  - commit 69fd3dc: Add newline to carbon error message on auth
    (Aki Tuomi)
  - commit 3064f80: Make sure we send servfail on error (Aki Tuomi)
  - commit b004529: Ship lmdb-example.pl in tarball (Ruben Kerkhof)
  - commit 9e6b24f: Allocate TCP buffer dynamically, decreasing
    stack usage
  - commit 267fdde: throw if getSOA gets non-SOA record - update to 3.4.3
  Bug fixes:
  - [commit ceb49ce] pdns_control: exit 1 on unknown command (Ruben
    Kerkhof)
  - [commit 1406891]: evaluate KSK ZSK pairs per algorithm (Kees
    Monshouwer)
  - [commit 3ca050f]: always set di.notified_serial in
    getAllDomains (Kees Monshouwer)
  - [commit d9d09e1]: pdns_control: don't open socket in /tmp
    (Ruben Kerkhof)
  New features:
  - [commit 2f67952]: Limit who can send us AXFR notify queries
    (Ruben Kerkhof)
  Improvements:
  - [commit d7bec64]: respond REFUSED instead of NOERROR for
    "unknown zone" situations
  - [commit ebeb9d7]: Check for Lua 5.3 (Ruben Kerkhof)
  - [commit d09931d]: Check compiler for relro support instead of
    linker (Ruben Kerkhof)
  - [commit c4b0d0c]: Replace PacketHandler with UeberBackend where
    possible (Christian Hofstaedtler)
  - [commit 5a85152]: PacketHandler: Share UeberBackend with
    DNSSECKeeper (Christian Hofstaedtler)
  - [commit 97bd444]: fix building with GCC 5
  Experimental API changes (Christian Hofstaedtler):
  - [commit ca44706]: API: move shared DomainInfo reader into it's
    own function
  - [commit 102602f]: API: allow writing to domains.account field
  - [commit d82f632]: API: read and expose domain account field
  - [commit 2b06977]: API: be more strict when parsing record
    contents
  - [commit 2f72b7c]: API: Reject unknown types (TYPE0)
  - [commit d82f632]: API: read and expose domain account field - set $LD for now. this fixes the configure check for relro,now. - remove custom PIE handling. upstream does it for us now. - update to 3.4.2
  This is a performance and bugfix update to 3.4.1 and any earlier
  version. For high traffic setups, including those using DNSSEC,
  upgrading to 3.4.2 may show tremendous performance increases.
  A list of changes since 3.4.1 follows. Please see the full
  clickable changelog at
  https://doc.powerdns.com/md/changelog/#powerdns-authoritative-server-342
- move man pages to section 1 to follow upstream change - disable botan and geoip on SLE_12 because of missing
  dependencies. - Fixed broken _localstatedir - fix bashisms in pre script - update to version 3.4.1
  Changes since 3.4.0:
  * commit dcd6524, commit a8750a5, commit 7dc86bf, commit 2fda71f: PowerDNS now
  polls the security status of a release at startup and periodically. More
  detail on this feature, and how to turn it off, can be found in Section 2,
  â€œSecurity pollingâ€.
  * commit 5fe6dc0: API: Replace HTTP Basic auth with static key in custom header
  (X-API-Key)
  * commit 4a95ab4: Use transaction for pdnssec increase-serial
  * commit 6e82a23: Don't empty ordername during pdnssec increase-serial
  * commit 535f4e3: honor SOA-EDIT while considering "empty IXFR" fallback, fixes
  ticket 1835. This fixes slaving of signed zones to IXFR-aware slaves like NSD
  or BIND. - only enable geoip backend on distros newer than 12.3
  before the package lacks the pkg-config file and there is no
  fallback to finding geoip without it. - fix permissions of the home directory - enable some backends that we had forgotten:
  - pipe   (main package)
  - random (main package)
  - geoip  (new subpackage)
  - new BR: yaml-cpp-devel and GeoIP-devel lamb58 1600868724             €        4.1.8-lp151.2.9.1 4.1.8-lp151.2.9.1        libgeoipbackend.so /usr/lib64/pdns/ -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -g obs://build.opensuse.org/openSUSE:Maintenance:13121/openSUSE_Leap_15.1_Update/09357eebd4b440097887cd3db35b8206-pdns.openSUSE_Leap_15.1_Update drpm xz 5 x86_64-suse-linux      ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=e0d24acea8eb1000c26209710dbf16405630cb60, stripped           P   R  R  R  R  R  R  R  R  
R  R  	R  R  R  R  R  R   R  ºMBà¹ýE—JQdt0   utf-8 ad3dbd41df907053465dadc56dc76b384bff2322d9cdbb16dbf43c7437bbf9cb        ?   ÿÿü    ý7zXZ  
áû¡ !   t/å£àM—:Ð] "ÌkÀ%¡nÙæ60EÌÀý<$#]¨À²1GSŸ˜yË”I<%Ò*ƒÒ:dT(—Òp[BXš~
˜Æ³¾ð×Õ}C]{8ù–jhÓ·r§CÑ!ü‘ãõ¢™Ô×j¿m(îÞtÆ¿q:´®“©(Kø­øÎ7Aä…‡¸ÿ@âÑÜ&¡Lh/Ð†ÞŠÜ–hóþp%
µÛºéDîè÷ô-a‚fä<çþ¨z	ï4º*A5—1 Mnv_è­`º¬‹Õéé¦çré­j¿@YÛ¶»ÙŽ>JÊd„=B0|ƒº„iãéV†‘ÚX[ÊqZlžÔç3äó:ï5¾qìñKòÿLœ¡Î|i…/êÈ¶¨çèê± xïÛ¬úäÜÇF7ôKSK4kö(&ï#–Æ6™ésßîèhvös¦Ùü¢f/•(…²L&WAö<C›c±‰QÁ#aÐEÖÉ&ÜIf hÞËˆõþ‡2Hú]V5¼{•-`þð3w(®wŸüÏé§jóŠóÌÐ¦ûÙó~Ž†”Bð]»'rVEÜZÛÙ²±v‹Z§:¹GEm.,oh&úû|Z}`…7êT§ð¢ÐûysotWüŠëÌî[åtž½¾hºß	!	™—IÉ¡Š\j“·@ù|[2ÊËýˆ"Ô'd»ô£ÀÊ1¶íKV_Iº$pO_ôØžRræ}ƒí]ò1ûñÒ–è¾ËšU”åüìÏ®xÐr¢*l	y¯£6lÕaH ®÷rÃQx66-Üìµf«:ATÎzu@“»œ¾õ¦vD2&µ9))RËkG"ÁË5d µ¿˜,ùE¢M|ÜMÖõ–dd×ã^åÙÕ½uÀtñd„|ÅË¾] kU´Ýú_¼eAM‘†îÊüc%7‚e!Sý@ Oïqñïª=»gs~L°­«Æ7áû.‰Ñ˜~T>Nb²!¹ºÂ]™
£ Ô‹ØíºAt‡ÕGËeZõ±H½%×fó¹3ã3‹˜:ž¥ËÑ‘ò'ß~ìyÐ^ÌÖÊ;Sš[Vê2þVL%Ã¦AüCbXÓÈ‰e=Õ¢àƒ6Ìà˜yÞG¥«‚¨0•‘*+æ.rˆÜ[×úñwØ‘Kê“”ŒkDF%\C·Ø£Šyµ]qmg‚o??`Å§µˆ=óD¼¨BýhU‘³ŽeqÞ˜Jÿé_Ù”HŒŸ#Ô·/6ú˜²á´×ýâ
ã‡ëj×þú,€»8p]š”’Tºf€M•ü…ó¨Â!óµXÅ4•ÏÜ¦Æ\¯ž±ª¤]e™¿I›‰z2ÅÞåÃÑ‹ÎàªR9÷‰à—m¡z~§þo^rZo¶Œ&ÑVÃÂ«bÍmWAl×ÑõTáÈ{øz¬ýÔaø_›²Ó‘üœ–`1»}‡ÏÔ˜ŸKÇüOÀ`<sqÙ½q@YH»;â/üÜ%gùiƒ	ÿ»Ñ*•w¸š¦–ÏÁí®Möc¤	w§¯07õÍÏ´‹3ZMÆ¾‹šåŠâ5.GòÞ?µ”p4¡.k9[²¨÷ýå³÷ÃòZûwòC7€ëY@ŽÂëìîdµÅ®h+Ïl''›[òvNEK*’Rx¯vªFÐv-õ„J¹fü¦¼21ÏºTTé¶×
”WjÃt/vâÕföC+Q&á»±j	C;¥~CaÔXó`ôqÇ=Žètà.þ¶ÇØ}Óåa\%‹@r%ð5jRû“`œ¶áVð£|Àg€²‘ ÿ0ñÅš9å°årŽ Ù—åK %•åb	ÏnÎSNjÒL.£>È"£Ÿ…á‰³”ùÙ÷§Í²œ—»(úÊ¸¼ƒªÜÊ%:Ò9³›3E†¼jlå«l6¸ó™ª¹<”µ|kY&Ñ˜Ê“ÓZÙ:úÙ«Ë—xæå ÊLˆo„Ü=M˜ªæ^u5ÛYì·ëH`EÉeÃbž?7$¶x':Õž¨Ë«ÍmlëÉV¢)q5è6JOåJ:ß²«ŒIáU$	z‰Áê"ð›Ñ°ñ5)8’¦àó$Q…'6SªG†Ã”H¡£ÑŒ¶_7Ì"ü-ápO`œ!ûµú™ÈÚïq$êÅž›š¦ðÃïz¯ž(ÚŠQ@×¸!®²¸g0}´tÑ_P:8A 'ò/¯eYÜÊR(ÔuÅV…÷Q›j¦ßAál^x«ïÜUc‡ß™ølè¨Íô'äTGd#5•ÛA9Ì¥ÒK‰>µ6y’¾¤JÔ3ÐhrŸ’#³}ªÃ\Î~<GPb (ÆƒLKÐïË!¬0Sí(º“˜é.þ6dË×!º«¾E¥Å u[ÖC*»ìh;·Y Nôo¨KÔi;·©üóEªn©)¯0#Cr>«Ú«˜¯Qšèçw˜6tfa.táéc5˜4‹ž?ªMœLuÎë™N®¯³0h’þ'ý˜~|¼Á{h s¢r¾fÏÓ+û;@ú¦hõÈØä[ùÒ³VƒI
nù6DšÁûVCCY´»fCMo4‰¢§¨îA¬Ìéb×dHí†ýZÆ±è—Jº{‡t¤ˆnJQ[!&Q%ƒ%`¾G'HÇï99X‚`¼›Ñ{”õ´‚Jé¡{¨ò¢”[¾Âä;ùH²ç`P<Ÿ¶ Âbb>[à	Ï/âKp¾8LJ)ÜÖ«‹Q8lb©ñ'ÿÑéÄ¼¼‘<V™hÍY§c4;ö»Ñi=ÜŸ=™Š4‰ëÑ²C-ˆ•R¯$*/[°Î¯<²mT©R"nHRêcRúF4 oè³45il’© OÅ!§+pA;©J„Yƒj…eíœœ(!à‹¿­Ø3÷.Ò~ß2íÚ×&8FæyU¦„4jò¡!ål|Ì1¦¬jÙ>Zv¤,lYRû¦{±
táXk¼= ã`[®Yß’^ ÂÒbû…¸D$yµŽ†…ô†ÿ¢ú Šj¼Ê¡òOD¦Y•«„ö›Až‡2nI.s—˜J’æÝPôˆÔžÝd
-Ãæñ˜OÍ¾¬	g>Òö(Áß}d†þ¶xé,M>2] ê¤dµóÖJþ|]4~yF›åß¦—ø™;©‚H"Z›Š&3•®Z¼RŸ™Qn¹0.ÈÎÝæf¥ÄoTÎ˜ÐÎ_%¨oÉ5³¦IŒ¼ù¶¹Mœ[x©™ÒÜ:Ív3¶¹€ÏH«;ÒïÆ²ó¬²ô—´7“¥Çžò½WÞ‚ÏEˆFùÿ?V·ÇÛ$Pzqg>ù»;y“	kÛägU8å±‹ÅZî.ï¸}èv|ËÅ±å_¢am	dòN~'äPØÒGæqBÝ¬'ŠWQÈ€æò*¬ÓúO¥K®Tè‹eîNñû)ìôdõdñ	êÒê†\Æ¾oËøš'\«—K¬×n´£TÅU(då8o4ð’ð?ÂÎÎAæ&Ýp
Åö+¨ªåu‹¶ŒÈÈ²^ÌßÎß6çšmûÞŒÂvç«#qè,ASÚv·N)mðjpvå‹ÁÌ‹ÿÎlP~ýÓ|,Î>ø‘s63Üe–áÝ¡èÍu{÷Í oñh6º·dØ-—ç»×ãeÖÈ )"èÆ#&z”Üƒo,;ö¸&êÈ<@+cÉ«&³û&CJ¨vI8×Ve‚‘ð<mgrÚº>ÚÖH¨Úƒ$ËÐ¯Ê¡TOJ_E“¢r³ÿ›!Þ‹NÔ?”Q8“Š gsÿ’W)ˆ1j— !ñü=Õõæ}ß¥—ŒQÊŒ>¢$…”¾ð&ñY3ñ¦'hÉ–xduG«Ü.¬añp#híÏ>Õ›Ä¬ÏfœÏ EDåöXï“ ÿÕŸõ¹ë€ÝÍ#Ù €>Ÿ?mƒFe&<{‘ù~ ÑüiqÃo¼D™çž"3;>bPþ9Ÿ:Iµ½a|)¾qý$¨%½pS¥÷Aâ·5É#%cLæŽøIVt62¦™˜ã
J–‰PAŒw‹ ædÚ‹ð™{5¨¾ý¦3—œ»­ôe²q-4¼Eñfµwm¶]°þ«$´©ç²Ïmtø²ƒ™v¹§;ýle©(q."Þ[‡ÀÆ(Ï×­+MÇ³Î70§áÁCE·8‘Q’®„p5wR’ÿýn4¶ZM¶K-Ø,†swéêd(ÉðÉ§a„º™jŒKaÚÜ£Ê!·<Hs»è˜ªQþ9›Y^¡òõ|©!Õ/>÷ƒªŸûž-ü,«=„îñÜ6E¹UÕÂW®ñ+0=L$!¹Èi±Õ©˜°©Æû1Ö0ý¼¸ÔƒlZOl±QÑ2@æbÍÌå†mó4öøR¾®´(â¼¡VNçÿ:¨äÅNÝ_8fëé¼ÐV8íƒDp¢ÑÖi	³ÄÐŠúeý~' ›Q|Õ¦–Ý@:1ød©ÆTôù…%wË {~5‡ú
•Iü)ù&w¬¢ítñ4X²ñ²§íNÝ_Xa‚Ã3mocèXQñê•@ç¡r?`!º‘%û‚_y.ˆ°ß) K Û‡wpDÿ¹TƒÓË[éÚ»Ñ_Ø7ÉŽ»0^ÈM¼þ9ÊBæ‚ã¶Ô¡1<Ÿ''þÏ$®$k Ò›&h†4¤v«Õ(¹“MƒŽ¿Özóyif¥}Ÿ÷yX¢ªå˜€ 7P±AwP'¡æ,}ï,O/?Q_òêàIø\óUücÅ²ùÆ±b¾Ù°mÐð^6ƒxC“­ÇkUÕ LäQµêM}2r®à«!=Ð!ÂÚ¾Ô-‘ ^€ñï³êŽcoËlCàdeÌÆR°Ûg«Ÿ·,å}ïÍa,4Cs”DrÆ)°4	rV—:\-½Ò%/û=É¶8ÖYÇ¥`”p£`þC,FE<…'úU»°9=¸TByuóLžpß'Ø­OÃ[‘E_Y•N^£EpvþÿÞ™øSÇ2´}²gõ¶¦¥0®@FQ„Ð
öÈãÔ^júî,
 ƒnM [Úã.Rç¯%T½ƒë\•#”DŒVšÓ·‚¤ïÓi@ù –Œœ‚±õÚö3-QîâL>ÔHÕ2g®‹žÇŽ,°7,9·N!½‰EÛUÃ‚ðÍS`kÏ'qÔÆ‹ý9süà\G\Î<1°´öL&‘™JœeRjÎ
‘ÞQãÑ’
JÁ8ŸuÎLÛH§,}åHºgaÃ‘>œÞÁÅpÔ¬8°Hj’Å‡o?õ$3:n4­úN±W“úvž†#}ƒ‡U|'ôÑŠßnÎNâq(qÌñx,æ{òî«nù)´‰©Gr$àKþ¤ · Ö~Àqž£pxnâ0f§ú!Ô3ÂÙyK^Ò>È2’Ò ‹q9KñæÂ#ß´úÁJþù3UÃêVÓðhŽAÂ]Î¦‰h™Ì±ˆžårÿM^ 6ð±ìt·FA ò–êÆÀµnª5nöÜY€
65åÈª”Åz‰ô¦Ã§/æ’Óºêh,@ a¶}ƒàN›PÝÂýöˆ2È²Bá¨3º#­ _*ƒ²ƒ8‹ÀºLã¶ëL¯Î7ˆ= Ëö7hŸ+b3êêÃÛ÷$¹¦ûCM* 
Ÿ^âñ‡÷¶øÜ&5+Òáµyˆl¼¡go×¤4†„¯´ò/ÜÓ#³uÇøV2éÛ¯(k¦‘ ›Ó—œ¢`ch#—ß	‘íVPý"³F§O»«RIUBMk0LýÈ‚þX³´þ@lÕ3yR™Ü@Óþ ˆÝãu¥2­ñ!Žu…±ÎÒ§ºìde¡*ÌŠQ˜¡ê(çëÕ"Œ6±ª\ñz<EOj„doé °J×¿ä@Žj¢:aaÒÆvˆ¦:©û—fÝ("ŠÂ%hÖ–bØÇû2¡:™°húÖýÐÊça‡Jô’-Kp93‹üüÍfÇßxX}ÎÇlÚæïÙÇ. cÉ²É\º¤YÊ»Á®6eôÚ½¹é¨|‚ˆ.•DË‹e.JDþ~Ð!Â=k™¥.¿oül°{–pz¥ì³@úOÈØŒ1Æ§é—íŒG¾^?µ åC<}µ¬%!	UvÒm{†RÀçsc&ƒ>þkiðOÔg¡¾¶mÒÐ½ÄÝi¥¹äE¼èéfqyO¾{Ú·/^‹:úñXHM²î}…¶' Y lè¹iƒÊ	PÑ„Ï1ÑÙèj€÷W‡í	&•+ÄÎpeîê¼¸O¼ÎñN¤Æèx(°7TÚbªÊ¦ÈeZ\Ïhô¶©ëñƒ%,ÂØn³ 6][¯—Å‘·Ñ¬Ë8;"<TbÚõ±–Ç·µ‘Å 	,AL£øABÙŽ=9óÃžL4foñõÄ8Z$Ð}.¾Û²YÚ<7ü@)RŠº8@ÒÅÔ^”R×Ï¹K€1sS½Ëš´‡úÀŒ^:µµtûgÄ@ÌTœwJž)÷Æ1|æíP-]|“š°É°Ú¡¡·Ñ2B“e«gÁ€ÝØÌ«rY-Ÿè#5÷çÚRã4­$°æ¯ƒs Ún­©¶3ÎÒ*d:DO¹xdN·|l
Ó‹[€Ž¬ž0Þ×ÈØCYáãŽÿêF1•à‹­¨ž—ú¡S©ë¹óŠ¹  $m/4¾ûÕ€uœeà¥nÅÐ8±žÿAÔ7©«¸APÍQöfÇU5º“`cÉêï‘ŸÊRN\jÁ7Õý?¸v¦~X+8ÐöHÁ'¼#“fôKIë5rÀ0á˜d“ÿâŽÂXë1€—ÓbÞ*ûb:Üû¼
ü–ç†´Ô…§[°&³›¤m¼JY $Sm ]ö:©  1
k³¯0®KÙ¨¿â:=žÒœá"ã«Æ[¸Ë®,†C±…6§*ÑëL’à0¦&ö§‹¢¿i"9é• Ê‹kiáá(TEÙfÖ+A8ˆÞ÷ü§X™ÞÍ7OçÿûÌ—:;tÏm*#TO¸(‘GÇOkyØÐµÃÄùz³¼„¬á6;íQÎ:„P`üv™–˜»º!ÔBEÈäÉˆl÷ÙUïç;?ó˜àÖ­_hæÍišu¥Ÿ•.³4ïøƒYÐÿ!Úç¤³ƒ±è‘>æUú¸Ý,_…ÍÐÙ,…ñÁªäÞ~‘IçöÍ‘<N¾3Lô]PËf„ù#Ô@ßA¶‚e·Õ·«ÙHi.ºv¹nƒþvÞ½Ö–ó¶‰œžG›ïx0ö8Ì µè¯×³Ùž‰´¢Ö¡®¨f’õ¬¡xV¼Á–¢®Ÿ­{å®«¸ÂâwÄÏø[‡Î‚J”Î.;½(¡árJÜfÜ¡CTÌa~á–öÇ~æ~æ`TZõ ¬Þ‹”cÝ3WMú:ŠK9k@]øë6¼ë4wé˜&AËP¦D²0ê2%¤…ï÷À!‹¡9J|¯ <'‘‘¤gVN”BÃcëj6ÓxÁôŒÜB±¬Ý²}§o(~²'Ÿµƒäe^:ÊÄ,²ùíx
r)S$í003;¼qæã²cPê…ä…Ô™3jyÃ´Ÿv3BæYä	+TãSçúM§0TºHù0ZO¿àíø^Ê¥Ì<™Òz•E¬ûY½q­=§#C0¾%Ê%3jÉ ÂuúÜ ü»ƒŸí3[ƒqwÜãætdL®3}?ÇíÖÎÅ©ïº5;¥û}@ªOb9ºÐ™‡1Ä¯ûœº½ÃÄµÒ’uQ†’´à†ÄqÆŒbà~Ð.ƒ,	dHª– ËÂäLñk¡Å}80Ý#Û«cÈGk&…\¡6è&†ÒÈBW"Ž¢;xÝò“·pÎ«	£®@,—ûó)¸]3ƒÉma	ò|?iÔ¼e3„GHµK‹&N§ã_;óËïÌàÖÓˆ>â€Ò¨5Äj¯Ì÷œ>0úNûÙZú‘…´ýÛ‚µÃSS::’iÚ`E ÁD_‹G¶'çõz¡MÂä»Å õqmˆ<ôzõ=ÍAÄ¬îìøí¡°ÑšÊoŽ$!*ÎnÞzŠò¿Dû®äPL2Ž…]Ro#†¡ð,³ÿmjïÙÁqp÷3àùÚ®ˆ>¤Aºå´Ë,z¼?¯}-*iÔ÷H^¦mµ1Š&ÄBôfµÈoPbþù‹¦ÑŠ|üÄèpt†XåL9µœ„Ø²ÓÝâ
7á(ªVIêäÑÙ4ã…ór
w°ÿwþ4¡gUæ‘÷¡mv6’,¨ ÊY©‘á'k‰Ñºk×Î4œ–94oÒ×Å)…x7Hp?6¥gáÅTÿÆ#‹R	nžlu^-¯´H!zh”Žåùp”°<·fZ 	™ínéè¯ŽÌÎd0“x¼w_'1EŠÙH«âR–uEi'b¸2#“dD«géDÎâÿÍ=_»0@Y¯òÙ¦¥]ÆÏa/ñ»__‚ÓeòôµæjÂ¹˜¼7X„:1=ò#qSªee’T5Á“ÇôÕ×ƒo0†]ƒÅ;Â¦ã$×ïÿ, è\0aøÙ²ÌÈR€ÒòbmÐu™
%³VNB^Ì</ueºƒTfuI\…N;¾ó¶„Ÿ3*!I^T‹¶ŠØ¹«‚¨ét‹ÿê‘m
„Y+mË:ßZåÞ½…Mß¼
¨eØÕ%iÎA ´ÏÊ JØªÍ_PÌ©íwÔ½<e-Ä9Ó¥ÏµþkÕÐèÇ#†ÒÌˆŽœ‹˜?í°C4ÉsÁÉîÌ9³õ³Ôž÷›9çoà|ˆCHe>ÌE
@'Oé¸ôÑ¹ðw ßÜÚ¸ ¹ÑÈ*øü;¥”©CÐÝ	Ä[I x†›¨)ô9Ë¿Qn¡yÇØœß˜è.¡åq”¼¥ÜSM‚ šhÇ9‡ö‡Í˜Èª8åi©ßæ[ªM ÑpÌºðršVs‡™Íý‰ÔÚßœÓç—ðÇžGäˆ‡ÐK|ÔÖ%ž…ÛIv8›ô(A#~!ù1zý¾I×Á—Á[ˆg;A§ÆïØ'q7§ á®gÁnñtÔ3™ðAPÑÍJJñø½º‰ëŽÝùEÌ’ß»·•i‹rî,?/WmFKÛ¦«¨Që‘öª²°%½iÃb*ÞlÏÞá-i÷Ò§­vVÁ\n@HØ÷•êYXõô"÷­•HüYl0Ö0þÿr"“õr°øµbDŒH6æ—<ÜÙ£ö!iŒ·¤ SÑ¿<N×3sò8™9Fuu_g-eMžÝ½ŸÇ‹(ÀšêQ5Z=­|Já=6zê¶ÚVÏJº:ësÌF©·<Xš×ƒ “oÜ˜ƒðÒÝõ×“k«Ú‘Eu:Þé«²Q¼¡~t1Š+‹sžSÓcóDÀgéZ˜YªÙÚÇqv,¤{mÄ
ÉÍµßEFÔ2wñäYFÇ{Ûë“·ùú9´KIïœs-™™ª©­6ló'²û‘M;",µ¹J{….»ÇÕÑ ÙË<sác­F¢”ºÝßqéí$Gª!! Œdáú8ÏI4ŒÛ:“=;À—«%ŠàpáDØ´•øìý. ûö–ô()‡,•zMh8š
WÂÁþx¤ËÑQþzœ¢E»{€óÌ
1;öf€…ÞÁ™ ƒÏšÆ A[­íäÆ3.NE¿;ÂùëêÐ3èÏžÉ*FV€¨oV±É'ÓíÖ"ws xA]p™M;øú¶]•ïddà…rY(­“|@{	ósDdJº#ªofÕ`ÓßavÊÌü¶¿Âä{·áp5õq3å¤< w0·ù¬Gek¿å“M–ð‰ÛN ŠøØe¨ÆJ“¶Ç1™¯Ò–ô9‰3¼"öŽî¼·XM9)„ìó ~ÛÓšnƒ6T½-ýÓ›¼9ÐÎTWRŒ ´É 6ŒšL½ÇÞû°¾*=Ô£UõÊ–ùŒ&+ÕT_Á.I´ÿÆcÉ’¿pãµVygì2Ã|AkY¡O™vJÇW¬°lé5‚Ð‚rN$Pg˜ª¬èo‰Jn!˜	5gSŠ»¯+8SàJšýaSàƒŽèc¶ièþËtl¦sß%¹Wï¾üçŸ%uÀ>+ì1	¡d"ëÆSèÉ!)==	@ç…$Òª†G}::Ð“gKv8Cà2ñ½—¾kúÌ&ï_"ƒçË
šYßÆ3cômîŒ:–Áòc£v~’- ù¼$!HjæMn¢ÿÈ‘Œkð­Y\Ý›ÝãŸíûQdÜáî|ÄÕœFUñi&˜m @8ì¹¾Ê`vá›¯³má¿V÷TSK˜’½ÃÂF£’SÏäp<XoÂGz ¯dS§PÁKp	Ë/²÷Uƒ!,¦^¶#Ð3Î£-ï¼,×=šn$£üL…kd’þÏx÷ÿÆüÖúu}š)Cçhh9Y¢L4öp^ÛÚê<R=’2îÃ;Qî!ZGóÌ•õyÛÂjÛ¹íAÓ<Ú7cbbþÃÛCÊ¦°ìÉ)j*TLlŒ_-Ç¶ºüaz¬¨Yr§šzWhæÌ=ÿ%ÒŽL1çNŸ2½1ÓåqßžFÂ,J‹!º)€¥1õ¢Š,·Yâj¡uQH¦¯"a‘à@R'ó£ß/„V)ˆ_­©- bSèwÏýÏ“ž!5$óNùªX±”}óz@CT¢¢=]c!+|gÀQR¤¤{ypXüúUÒ×…’é¹ÿ§Š³cØÆ@[“ø$DÇ^jtœÀ ?†Ç<…2ŽIdq+Fìœ8A[÷ÿ:pºNÖÃv\êäq›RÖß±:[{È¾*Ï
*Í’!¾Ã9j°ˆ£ÂsôþóeÅ´2Ù""#\7ìˆäÄSîåÀ·¶0Ò- /Æ‹1ië79­-³*¹È®ŒáçóÚ(®#<¿gÙ<®Žéœ™*^ßøZ‰î$£wVLìD”˜„…R"Ð·Qî†~+ŒñS8{a",'ŸL/xÐwùMÔ´·k§ÚÛ¢K»'Õç¡ViøPH´Èk®/YK8bzú)¬‹L ¦ 'ïèØfò­ùÄ› 1Òí·gØ›;‹5á†I•Õ¢XháÚY„à²1Õ=Ô½(¢›ý1}¨9Âå:â^&\C%©ÿ´É*äâŽäëßNõÖãže/3î@T6Ñê¯ÿ8PV¬ ÆRqE!¦X.xjvq¶ØRqúû|µ#Ï?ØÙb*â6ñ>¥ªŒa™#{TJ¾Káz¿˜üò¨Î- °ÂÃŸ¼¿9‚Ñã$ôG2÷áù¿ºúº¸ƒˆö|‚)€Ésr²!n4bgYó·Õ(±ÍÁÃgÞWììÒ9L¤Àga#Ù^Ó™ÜÑdC'ÓTV”*ëSÈþcxÅ÷_DÐ¦mTØM÷"h©uë®äy€Eß…í)¼êŒŸèWÍÆ•nkêH@¶”
ÐÞ§óÃÅn‹U¥e R?ÕœF±!{.Øa!ÿÓX	c]Ü=arfl¤œyË‡Ô(OÜÎüí±]Dõ(5gƒ$Ÿˆ/ÚÀH ¥ðnÞYk1ª”úzVøj|Ê‡P¯ö²÷¯OéþJ^Š%]D¾ööÃ0Y/F P…~'#ÁõŒrÁHåÇ ?“`è¿Îã¸È2¾f$ôqzý äí­ïÿ‚†µ‘ƒ‚úß>E7…E%–ø¢Í4¢BíÍE.…jRPäÈÂÓ)ƒªg<sùÁ¬ü0 ânÊÙ¾
dM–{põÝÊv·#"¦ûƒ	ÕçX£Á”dus+ß™ )ßJÉAàGU™1øèEÀÒ¦+ÿ8ÿ¦¼Tbâ·Ôåp©ŽÈK™—£F•¹óõ_mÓ…ÐÊ!}RêCb[$wrõA>‹ëlkL	'àv0€Æzþ÷SÇµ¥j˜Ð7aÃ ö¡·šo©'˜Á‡’-XHSMa|R‡™/­!<r0_Šg¿eéä.Ü%E8ï1‡|ŽªÄÄÏ˜YÂAIM¢.p§î|o8åðPšÉjcÑ¹ ¿Ø0ÚæH©’4	g¥Vë–}<W-0A2²µH°ÅÞ–oNŽqj¬ã2UóIbö-é™RÇþ±F‡´‹.[‚)ŸTVV½r*Ò¥„Bx}Ÿƒ¿›kÚ§Çñél84wUcTŒª&Ÿ¢‰Xad‹ËU„d"~®Å¹]ª½ñµl¿miÇÎ¨æ\=?Â¢V<À|¸ý70PñII‚f%O@áÉq N³¥K³¸êÑ?ÖCìõÐÌLFM)Ïô\Ž’£P<´dŽÔÛÑ.Dò1Í<Y~!¨ÿ kí²†ËÑµbÒ;(äœ´´ †šHP}i ÔŒ¼º‡ÉŸ!ØŠëpžy NŠ
du˜«|€À(~©VHµgiÑ YGéÔ˜}5Ó’—î¬þî 41kH³eõ¿Lx¾)ÛÒAV”N6XòZr¨¡FÍeWøYîÁ½KŽ¬Î„F°åmâMäVîßQ€›_^bn7±Ï´<B—¬&é{¼E‚ûðµ™%EŸ‹„¼¼¦o…ù XT¯ºL¶{¶}g]îXšõíÊN[ÀËÀÓ¬m8SI¹B{êÆíážê/£"ð„ÛŸ"èCÑ<6þ¶øaFãYƒWú³à7„¿´!.ÖQ„éêÒ+qnïv8«ª2‰(÷b=š™ÿê³„ðp§õW,w
A5;ø;Ëí£¨7Ä„¦R(!JÿíŸG¾‰aåSc±·œ·Ûußøæ8¹CÂ“–ƒ¶åcñŠjˆŽICãü·K¥HØŒ®¨¼s@ÒæÍð‘¿F×ÌRé%ÇrO.à^ÀB×Pm¡Sd‚.pB»aüçÿªvçKîSq)ÁòÎfÿ}µ2ÞÁ†+j3ÃSèÁïòêµ¦Ð;2¹_ÝêRåàÉÔœ·ò~‘½¬ X‹ôv¦G^ák<¿{Ú,²¯:êõÖ³Ý°É0ZµY–.zÀ¿š(Ñ†ä÷ñaã£[÷ùÝ.¡y¬í®Çí.€R$-ž°u2@\} ÀDGºð/@ôc?Òˆ´	ÏT³ œ»þZ¤ÓÜJ\xÂyë1ï#·ù’u–ê¨	‹#®Ðª6ÿGŠb~wôÅŽðýh¡eóFF%#?è’&çËžn(ÙZÞÇ–DÈÁ¹æÁÜ3YÚ.z»LDï´ ÷Æú8@«n°V"Gi]U–%
úx»é|#S¿ÉŽ_ÄõÇ±´k’OÄçýöâo‘Tgî‚s€˜¥¤>î"1D×ÆåB™HòzwiÖ;¿‘ÓvŽÆ%‘÷ÏS#_ó­à;Ãm?Kääm´¿[Ý·²(³«®K²	ŒxÓ¶¾;>]×Ãö!«­Þ½n¾¼;ŽFíˆÀè²þÜñ?§fÄ+óõž“X›ñTVìÀ­¹ò9»òÁ*ÎöKZ›B+•r,¢gœ ÆmUóÑ9'æËöÅXmyX5Ø·_1jî¸ —`DV'ö¹vŒp”õ&FHLV’dœk³tŽ¯¾tu?‰½›8†íí–	'½›êd°\±Latvö†‡ÕIÏíšOÂ)MÛ`æÉžµIñ[½é:8wchÅÊ¥Ûþ6ªFƒX/üqò€Š“‰5t¨È{eåÕ±¸*"­çÑv[1^FôâçÄ…£18×ØÉ—â×ËÃ–??{ú–õ½ivzµƒãâêV]¸zkØˆ!4—!†NB…f$ßs\Ô‰q3Ÿ5…QóRœîçìÐ"Fð¤ÑÙ‰ºE+%ƒ6s&€ícWmß3`ïq˜Â¤ð³ÆÔk÷®¶céÝ´­±(‹oDû•³*2},çPs)[UÉdéù,ªV?êÕÑ>ÉÁÒ<)S}ÄÞ†¸ûŒ¦	‹’ÞxC^]*½ú“Œ©ÐO»1&=Ã	E›¾BÒß;Þßiïcg‹T±_²É¥Žœ¿^lìÜUwNG’‹bŠí—Ôs_‘õ„<Ê6ÅbÅAÁ²¹ÆÑþW,ñŽ¥³˜¤:èmäuq­WÔÇh…)]ROÃM¾ü7¯—¼ŸnðÐl˜ItûgÝCX¦¶Ý
äÔ›l´zTSY-Ø¸¡õ=*.rf±Æ›0@ß>D+”zý*Òa\(ûþ¨C|Åªªn©&l¹WóFNÂE&n×ÖôäNAc™ (äÒÏ#6ý„ëµiÏÄnªBxö~º<mÉö#YK’sJöÅ8M%O¯ù0¥aDm"€3%‚{i(”£ôÂè©¾šëc¾Ò&É6ÃóC×HÕ£t>†© :´+«{TØv ‘9ŒY¸—u­ŸÚ>|Ãª+½«.ÄàƒË6 5’ìÆ3!;LL±ìlºï6	²¡E(àÇZµÑ¾ ¼´ÍøáI-O¾¿~Õ’c8ÅÐç‰—‚–Î¦Í	•›QïaƒÕ ËòÊWô­Ç‚Æ¿©ãÞ„¯­Š2Nv^ –¼%š
›t½ž§5šÖÖ®5dŽ÷Sú=ÑÛ‘ÒºNeßUû—€mç ã•úWX¾[¦KÞ–|«Ì,.Ê%¤ZH®S­èµ8ÁcÍÎå·­“ÉÄbÐ#Qß$Æ‘e'ŒE…á¿%+š—ië(&@þUÈÛ‡kÙÈTÀ¯²q…ÿXi+IYßŠºñ@ÎÃçú½š¯2rÓìs:²È„Ì²}¢ls8ðúÝt(¥æèªa-¨vØFÉMÃP…¿!»|\t1o²nãg·qE²ñMàòM®hvÌ¨Ktñt¬AÙÎÃ	}¡Ûä––„¦¤áö š7d¥øû-ìÉ6Öôƒ»I2î»ñááá«æß×®,ä1jÝÏÜ…CPwr`þ»Œˆâ³²h<ƒ	GJÒfÂ« óp£}†Á¤K·*‚À÷'ùœ‘+Æ=Ëèq!{¢i+Íæ|ü>¯üWpë(¹	rÿªê)¼zw¶ÓÙ}F˜ª8_à±ÿ!R‰-Ä*lL Ï)Å5b·”÷ ‚m—û£^»’—(Ü©ÞFÆÅ€Ô0×ˆð²ÊKÁúi)‡•ãèhxI‹Y¿wiˆÍ™qØ'K=îƒ°j [„•»$à)ôùÒ¥|±®Ø”K<lGÒó'Ô¦arÌ’É‚+‘t&C§®[µôÖ3têèv†7þ&/dëúž£îAoá³gc¸|ÏiS]©|öÌ†4`šã?ªh·Eâ0õ¦À€ñ!–zµtrò¸ŒQ’—Ù’OAï/Rc²î½ã¸©úÈøçòÔ´…v¾Ççè*½±«"S‹²JG@†úäŽ•À8plzT:Jš
ÉÜâûnQÏÝ¤ÚHþü*¯d ¼x;µÖ.QóGÅçòÆ0¨!ËèûÇScámÅ›Q
XaÚå¢µý•©C¦cãfnË‘>ÓRVñÐÜáqP¾–wŠ{°‚ˆü‰ÓWt;ïíÄ_*€äÞ
Àn[pø-àõí2IÆB³û$¡…pÔ”ÿé`‘YH-„„‡Âáñ×Èš;1šøïÁ'€ªò~2ÍiÃâlk4Ê •‹„cû%ÏÙº¤ÂøÿDÜ7µÏFv¾sFK0gK•5ÑÉ0+IZì²ßoÍù-§Œ$éY²qÄØËê&b(
7èŸîï°œ<iQÈ˜ûØ_^C]òPþÌVþ–„ò@žíö&?£tþç˜|T_ã†$Z 6UGÖô±«{:·ÿÓÑ¾ôLœh@ûq0r%~ud•è¸aí\A¦q=(É`ª¹÷-ª\ãcã¨W:$ÁH^mKüƒbVòM³´7-¡Îª‡Òk7w$¦¼ê~Hr/vñâgï±~•ßëŒ1B/XkõÕÛœø9Ð¿G]~¡”Jyš76":yªCÝ±º¯­148 ³=É  ”'àL—ýÙiÝ'æÑ^^¸=|`šmMù7”‹Ä×‘Ôíµ)Y0ü:ÅUR¬^»‘ªçrŠ/Å'iHI‘/íî[ž<—_WðíÔØ„ éžùqôlý¢mÙ²YÑÂÚoÓ®¿á­—j—‹kâõ;ã†3]ÝðJ••Ô ûO<gµ-Ðk»îíŽN¯âü˜Ñ¤èebÄ=­áƒÍ5ÞeKŒžmHšhÛØ²µ¹Å!š´ÑyÚhÜÝÕ?cÓQÁ2ÊÓÎ ldd#¶2?`²];šóàQcõ¾rNÄ+¡xt™ÍŒç´Öàöª…Ä š&vR‘œ6eî¬n#íÝ¢þ?œ	ž7Ö¸)[OódvŠÞoíJvºfË5V[¦x×
sšý6
¨µ5˜A4_S¢×2è~ðãBË/á/'7ZyN'Öâ	÷s-[ð§Î ,f!îsi¥@ ÛÐø;“l–ƒ‚?÷9juJÆ(vÂQø;XÅ	ÃR¾w èjfý'
œX,2”÷_9™+uºÿqaÈ!/Dµžqrº;>9“”!ˆ‘¬‘>ýîßB›km0€ù0h}ìs..í@Z‚ëÊ¤ÁM´€N‡7º€¨lHu¿Ïå®UÐDÑº¸€ç•`ÉFCÑ™‚ÁÁèÆn–¹ý‚1í¦àÏÍ±DLS°ÚLêÍ/5|á“å’ÃèÇóa8s!R(Ž‡oÇ/¸xÂ!Ý^¢;XÆº‰	ò&‹D^k0"RØô&sTçz‘t£…Œ¹E¡€w¡èp†ZÏbóé!+]£<›JÔxV¯É<ij'ëŠÖ‘þ[5<ÅZ¿.ïÚ¦G¹®,Ñ¯¤›k|È²‡†öÖ*l½S8ðg=Ð~×”»¢[a›ªTE['zîO®®l‡Êx†Ý×2TLk©[>I'éôåùÿ8Ö§VÖV‰?[¹O”â¸éìž£üQ"Ò¦›ÏËÑ°ØI³.DËÝ0úæ3ÅþBˆuë¿ç‚†P¤òÚ*—Íª—Ÿ¯VçÐµh¬ç~›m…%æbÒJTÂ]Gÿ*o5<WñyÙ,ÜNö!Ýfß0Œ%˜@™Ùó§•6µ¦ÂvÞÝO+eï…œnËpw×¸SÆT×s!ÆÅŒøÎ<ê,‡<{mgáQŽb¶3ßÊý²ÂºcWEº:½n‚ø¼<_~8OoæÔS¦ÇjÍú'“tÞ‹Û*Âg¥¯x{p7gÌþ?x8•@ÆAS¼ÙÖQÖŸ9ÐæäL·kFŽÁ_›þáyoÇG'y/¢a ŒÛ‚ð€Ã¨“zuºµÆ¥ËA&–aõ²§M-·kM‘•&‰nÌö¯ÄëT(TyÖ} …èyk>ƒåëÁ¯§dì÷Roí©œ€Aÿ1à4°žïÖ–¨¡kš¸<ÃjM¥d$SÉðÃÓëÜÓBÒÉTë:ó—óè8Z‰nø;¹&b…1‡‹ÜK‘ô]®.Ñ[EQIhwÇÏ1ŒcAü—Ád];{þŠ&ÑÏæ,Ïõk{§·½µß×,˜ÑXŸ©Ö.f3|é¬ÙÔ{±²vðEÿáF!H$Z„ð¿ë-n|®;©kÿ†V÷j3³ªwäÉ‰£:¾ø1ñ¨ñ ¶ŽÕ© /1ï)a‚¨’$dÑR]fõE0º*ïQÕÉ>P£(Ùõžg D¸×ß›ž	äd6Êc4«óæâ
°¥ÇtñÆrÜ=2§„Ž\0{*R¨ªŸg—X˜¬ïBNTµT@ï–âbù±ÉùpÃÄ2´5oVÂÖ
ˆíÅWVA_VG^º×ŒÊaÜÛ|xÈË¤ö ]õø•ç°õÃÍÄ_z_.Ø.h»e›ÈÑ‚Ä›„æ5æ<i”®©}ÊØÛÔ¦Ö_À‚@{r®±Zæð%Ã_Í]¾ÒbÏ%Ûºª
dô¼þWè½PÈtDYWÓU‰Lb`½4Ñ€fHƒÑ|öH"¿û'Á$´&ß«NiÂç¬¨ (Dé|>ùn°ÈRp°[&ÛuÚGfV,Óç{ûà4…Ù/Øj¾KÜŸ
Jê²è‘l`ÖÈÁÌ%µÊ3ô-f¯4"Hñ–RcëýéÁBâQVgóûÛü)ØÑ$]ìê) h-²æÅ‚äî0'/Ë­>”+=¦~Ç)Ûß½’h;÷Ê¯¸ *´œ!ôº5þÓ§oh+.zU¸$Ðì˜îË\“1ôåŸ‚Ìß|²¼Ñ +6—F¹›”Ok	 kÒ„:fo.È"ÿÁM	c½mì€Ûq\™]¥HTZpr“»7üdar]$¬±åJÅîÂí$%£8PÑSo¾ 0•©4LaÎa¦C…sN5h„ß­‹÷©[Œª"?0³ó·‘€»Û•Üê3BÕöyN=p¦ažÔôú­v–³<¯ž|ðÔhå*ãç65ý‰ÙÍ#[†³SNÃD@¯ŒF¿¤[¶›ÝåÝ^Ýðö¸P®ý¡(cÀ¥¹àêž¢Èt§Ò#Ò/=ûÜ±êŸÛ°òbWñ‰]Q„HTZ·áh)dD•^CWÌå™’ žùb²òD˜M´Î•GÐë™¿ïªµ Ö”ÙzCÙÞùŒÂøÁàDÅêûÌ’øIð†‘íùßDQ± Î83"u®'1ê!U¸X¯×{Ø®bMö.õ–ù¶˜ß_Ùž&˜Í²8¨ ­ùbò¨S0³äUþLì]³:û2+H°êÝ6m¦‡Oü¶*0ntâ”|Cê¸ßB‚òÿmþ°`5Œg9„Àucq‘ìÅAŽBÀ:±t˜S·zÀî‡Â'€‚6mÒxZG™Ø_PxÚrAû=>ãr÷ÀÄÞâNR+/x×SWI¦…Ü;l–SW( d~l÷ÙŽRÌÕšñ?è?zE“Ò‰jŒy)\)&ÕWUTqÁÈ
ÇN/ÄñŸ¹ƒ-w CÑ%Ð7É2ùÍ¥ÎØ{êÀN:ò.o?2ãÔZÈÂ§…«jñSB[Ìäú´×@C&Á
i%?Ýv*ŽºZ«ìâ\g-*PCËMìëýÄÚ5V¢PƒãØå¼•7_Qœ¬_ž·ÉB¢u³Ž¹fÖ‡='Àƒ«MLxw ôWHU[:âŒñÑ@=TYƒ+Üëñ¹cÓàï/ð*”5Dò›¹žLí#7kT#
 s–A¦®¢ûs”O©6AwCå7LÌd5XÆ=šÉíÖÒ6ØsáäæMÎþˆN'€ór5ùãª|ŸÂl”ôì«¬Âj–|º‡ï}Ä!6´t£Tû¾µ^€qÆ(Ž¾%âWÏŸd¿ß?.Íå'´í>u‡gIfåì»ššÞS^šj¨w¶þvæÜçl¿Â§±ß2÷4¢ZK³YÀSÊÔ“øãÒÖöWlHªúZúÏÚòµÅá-Ýn þÕþcKùQ#R.”JÎ=Ü‡TN~ªLÑOAÑ&Ú"æÞ—1ÔÅmt[ñ%á˜Œµ$;E¢Þ¤e¬hëÁrSKvÊhbõg¥nRajæT«pLjóÔy8hðZ)¼¬©£ec
ü¾¦cb‘˜€G’F>6:¬1G¢ ]{ …È%Å\É€“Ûmðº+×F-¹‹ÔŠÁ´ì¼Àáq1Á;TƒWÆËEÂ.<§8Üé)ÒˆÛ’¾‚õº[7^ÂãTVp¯ëLg«î°¢‡yÂNr*ÃhÁ
_#B(ÚQ<˜Öñõ§1÷ÿÃLçðØRn»xà‰ú¢—ÌN>ånzæÏ†+—e¢WlsgÙÎ:yòæ‹f…lò#ÒÎc»1b(T¸éqøoƒ²’Ÿÿyq‚Q
_dç®³ÄžO/ùëø§ærýR@A©ÁZ×þ!¾ç !eÂåA¹5šÆ‘YÛÉC5;>Ñ$¾@k…Ý „v˜› g8O ¶éß    
YZ