dbus-1-1.12.2-lp152.6.6.1<>,D@a#/=„ NIryujOU fzP0c}}3wq uŋWֳΞ BkaD5zNp.DžӜ:Hػ>@x_VT@<' K,ʴclȈ-~N?- Z~[hjvؼh_i# h3aձRQPA#9^;IkBJtar7`]pD ?2J?xd   5 %+0 ?P== = = = #= $=%=&=((@=)4)h)* )-)(-Z7-a8-+9.h+:1_+=@>H?P@XC`FhG|=Hp=Id=XY\=]=^_bcRdeflu=vw=x=y}z (,2tCdbus-11.12.2lp152.6.6.1D-Bus Message Bus SystemD-Bus is a message bus system, a simple way for applications to talk to one another. D-Bus supplies both a system daemon and a per-user-login-session daemon. Also, the message bus is built on top of a general one-to-one message passing framework, which can be used by any two apps to communicate directly (without going through the message bus daemon).a#lamb10 6openSUSE Leap 15.2openSUSEGPL-2.0-or-later OR AFL-2.1http://bugs.opensuse.orgSystem/Daemonshttp://dbus.freedesktop.org/linuxi586getent group messagebus >/dev/null || \ /usr/sbin/groupadd -r messagebus getent passwd messagebus >/dev/null || \ /usr/sbin/useradd -r -s /usr/bin/false -c "User for D-Bus" -d /run/dbus -g messagebus messagebus if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : for service in dbus.service dbus.socket ; do sysv_service=${service%.*} if [ ! -e /usr/lib/systemd/system/$service ] && [ ! -e /etc/init.d/$sysv_service ]; then mkdir -p /run/systemd/rpm/needs-preset touch /run/systemd/rpm/needs-preset/$service elif [ -e /etc/init.d/$sysv_service ] && [ ! -e /var/lib/systemd/migrated/$sysv_service ]; then /usr/sbin/systemd-sysv-convert --save $sysv_service || : mkdir -p /run/systemd/rpm/needs-sysv-convert touch /run/systemd/rpm/needs-sysv-convert/$service fi done fi # Lines below are temporary code to disable service restart on update sflees@suse.de boo#1020301 # These are potentially not needed on non tumbleweed systems where updates while running a desktop are not supported. # This seems likely to only effect the last version of tumbleweed where the service files were added and can probably be # removed reletavly soon. # Get the current version if [ "$FIRST_ARG" -gt 1 ]; then CURRENT_VER=$(/usr/bin/dbus-daemon --version 2>/dev/null| sed 's/^.*[^0-9]\([0-9]*\.[0-9]*\.[0-9]*\).*$/\1/' | head -1) # If the current version is or less then 1.10.2 where this change was added then migration needs to be run # The following line will return 1.10.2 if its newer then the current version TEST_VER=$(printf "1.10.2\n$CURRENT_VER" | sort -Vr | head -1) if [ "$TEST_VER" = "1.10.12" ]; then if [ -f /etc/sysconfig/services ]; then cp -a /etc/sysconfig/services /etc/sysconfig/services.rpmbak.dbus-1-1.12.2-lp152.6.6.1 else touch /etc/sysconfig/services.rpmbak.dbus-1-1.12.2-lp152.6.6.1 fi cat >>/etc/sysconfig/services < /dev/null if [ $? ]; then rm -f /var/lib/dbus/machine-id fi fi if [ ! -L /var/lib/dbus/machine-id ]; then mkdir -p /var/lib/dbus/ ln -s /etc/machine-id /var/lib/dbus/machine-id fi /sbin/ldconfig if [ -x /usr/bin/chkstat ]; then /usr/bin/chkstat -n --set --system /usr/lib/dbus-1/dbus-daemon-launch-helper fi /usr/sbin/update-alternatives --install /usr/bin/dbus-launch dbus-launch /usr/bin/dbus-launch.nox11 10 if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$YAST_IS_RUNNING" != "instsys" ]; then /usr/bin/systemctl daemon-reload || : fi for service in dbus.service dbus.socket ; do sysv_service=${service%.*} if [ -e /run/systemd/rpm/needs-preset/$service ]; then /usr/bin/systemctl preset $service || : rm "/run/systemd/rpm/needs-preset/$service" || : elif [ -e /run/systemd/rpm/needs-sysv-convert/$service ]; then /usr/sbin/systemd-sysv-convert --apply $sysv_service || : rm "/run/systemd/rpm/needs-sysv-convert/$service" || : touch /var/lib/systemd/migrated/$sysv_service || : fi done fi [ -z "${TRANSACTIONAL_UPDATE}" -a -x /usr/bin/systemd-tmpfiles ] && /usr/bin/systemd-tmpfiles --create /usr/lib/tmpfiles.d/dbus.conf || :if [ "$1" = 0 ] ; then /usr/sbin/update-alternatives --remove dbus-launch /usr/bin/dbus-launch.nox11 fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -eq 0 -a -x /usr/bin/systemctl ]; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable dbus.service dbus.socket || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_STOP_ON_REMOVAL" && . /etc/sysconfig/services test "$DISABLE_STOP_ON_REMOVAL" = yes -o \ "$DISABLE_STOP_ON_REMOVAL" = 1 && exit 0 /usr/bin/systemctl stop dbus.service dbus.socket ) || : fi# immediately restarting the dbus service causes issues, As such wait for the next reboot to restart export DISABLE_RESTART_ON_UPDATE=yes test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ $1 -eq 0 ]; then # Package removal for service in dbus.service dbus.socket ; do sysv_service="${service%.*}" rm "/var/lib/systemd/migrated/$sysv_service" || : done fi if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi if [ "$FIRST_ARG" -ge 1 ]; then # Package upgrade, not uninstall if [ -x /usr/bin/systemctl ]; then ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services test "$DISABLE_RESTART_ON_UPDATE" = yes -o \ "$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0 /usr/bin/systemctl try-restart dbus.service dbus.socket ) || : fi fi+|FA&0 FxV&fF6L&lfh FW5@:q1 ]AAAAAA聤AAAA큤A큤Aa#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#a#YjYjZ Yja#Yja#a#a#a#a#a#a#a#a#a#a#9e984094dfb1060dd844d32e216d47929afa37e752daad68f31b006d4ee1b11b2218b9313dc6d2e07d85751f318124cc5138787358ae1039703321cf6b35602aa6f50dc70ef082a110dcdb164579cd2af221b90226c5e0aca237edcad98a1c26267ec55784579845840e93904ac420ce184c4912d266cc76dc68fe33818a48dd0f2a6f14f4234450842c5072d1a02a44dc003b7ce4259b3c75e4c9e2a0b23e2f65ac9acd7f771bc0949f8fb97a0c25cd0c7702fccc8dac4414d216c59b05f35f07e3250751d940a1fc6ba53f33c698104d8a7238a5ca3f49d547be0773421b4876141ce721aa2c7057c79cf340f30e3eae16e398d035ab3ff9506fb88f9f0f21f1e693acc06002af24ef1c5c53665cd7946b5d009792fbff5fc282cf640a57ee02a4f8eb7c67937b00bb8e65eca085e6d31278b420019d3a9e1d672f828e0b0bf189bbd3e5d4f8c8d10ed4ef752a841e64699d636d89928f2b56fac94169fa190e3bb786937955730cc0e209354ca8bb5adbd1a4452653eb1ce815e3e8f93fbb61d100e52e17234a7a9c2efcb40ea8fd56f66451a7fd2fdec8338d0a0e6e92270f2e827b4c146d8fc7c0cfb5348056916e6c2b057ef40d77d55320472bbacccae05359bbdc083b8db2b49542b26429166b5e13367a63668a4e8ff8a1b496f7ae19d7b51e1e6da255346ac6acbf95627baf14c324e84ee841d90fab98bcc0e9942b7ac7357065180d1c2f3f00c11d17dadd31cdc3d7e59c623eb733beb3e50cef8d6c76ba6b7eaba0c987ab294f3534f3603dc5717349271cef7f46e7c530727abc7f3e09dfbd851b91b2b70d62730ce4e46323718ad35d635011689940ef6f6c206f009ddcf909422f3651c687b4623a5780fb7486c6d650e5332f57c00d6be118938a267987dee9ef442cdb9a5cba6d1e7303be93b0013b0948f20831921e5222ad2317b7040e0aca41b5c9a04141aaf20143e15072eb19394248eb5f5e5a19e2584de5acbe9ef4a792e39d9141c3a2b60fb592bf4d7c27cedd7bf8d201f4c2484db3de366500912c63d834154173c7886e7ded484d4fe1dde4b62f6d30b59b02757b6a8cba77f6273f07848aa1a81cdd02d0aaa0f86d3c73f2ecf5488531760e46f54efb12d04ab5c33713bacd0e140c9a35b57ae29e03c853203266e8f3a1a840b72f672d54494564bbbf9b2376d43f4d0f95678d64d2148c4fc67abf5b9f900ba3cb3136c9ffa470819eaa626c82fa7cd027c7e873e51f23506d00bb99298d9448b127524912be33999c3aaf1dc1270d30b688fdaae6d9bb6437c4c61630328a20efe0944104a1b2dfe3cc4d556203ebb63e6162d8d5fc97112207ce1c2fec4a8b444c49f5e17532bab9b17d6cd3198fd96db8102b3e5a1e5af4665158a8ee493ab361bc6302422a49e8d5a7102c4fde9931f87a02946d3417e3302b80a6a57474fb0c554323c87863276eacf3a8d47170d2d11c6acaf1700532d1fbe37d3ab0b9c58e1ee6ac3b5e8c7f1d203e0f596f12a6dc1bb16f0f10467173c04c02ef0fb85200c5411a7c65ceb080d77152d324dfba28bb23b447e0063b1d5b6fda/usr/bin/dbus-cleanup-sockets/usr/bin/dbus-daemon/usr/bin/dbus-monitor/usr/bin/dbus-send/usr/bin/dbus-test-tool/usr/bin/dbus-update-activation-environment/usr/bin/dbus-uuidgen/etc/alternatives/dbus-launch../dbus.service../dbus.socket../dbus.socketservice@@@rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootmessagebusrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootdbus-1-1.12.2-lp152.6.6.1.src.rpmconfig(dbus-1)dbus-1dbus-1(x86-32)dbus-launch@  !@@@@@@@@@@@@@@@@@@@@@@@@    /bin/bash/bin/sh/bin/sh/bin/sh/bin/sh/bin/sh/bin/shconfig(dbus-1)libaudit.so.1libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1)libc.so.6(GLIBC_2.1.2)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.2)libc.so.6(GLIBC_2.3.2)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)libc.so.6(GLIBC_2.8)libc.so.6(GLIBC_2.9)libcap-ng.so.0libdbus-1-3libdbus-1.so.3libdbus-1.so.3(LIBDBUS_1_3)libdbus-1.so.3(LIBDBUS_PRIVATE_1.12.2)libexpat.so.1libpthread.so.0libpthread.so.0(GLIBC_2.0)libpthread.so.0(GLIBC_2.1)libpthread.so.0(GLIBC_2.2)libselinux.so.1libsystemd.so.0libsystemd.so.0(LIBSYSTEMD_209)permissionsrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)shadowupdate-alternativesupdate-alternatives1.12.2-lp152.6.6.11.12.23.0.4-14.6.0-14.0-15.2-14.14.1 /usr/bin/chkstat -n --warn --system -e /usr/lib/dbus-1/dbus-daemon-launch-helper 1>&2`#@`.`@]:\=@\Simon Lees Simon Lees Simon Lees alarrosa@suse.comkukuk@suse.deJan Engelhardt eich@suse.comdimstar@opensuse.orgsflees@suse.dejengelh@inai.desflees@suse.desflees@suse.desflees@suse.desflees@suse.desflees@suse.desflees@suse.desflees@suse.desflees@suse.defstrba@suse.comsflees@suse.desflees@suse.desflees@suse.demarius.kittler@suse.comfstrba@suse.comjengelh@inai.defstrba@suse.comkukuk@suse.defstrba@suse.commvidner@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comhrvoje.senjan@gmail.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.comfstrba@suse.com- Add missing patch for CVE-2020-12049 * fix-upstream-CVE-2020-12049_2.patch- Fix CVE-2020-12049 truncated messages lead to resource exhaustion (CVE-2020-12049, bsc#1172505) * fix-upstream-CVE-2020-12049.patch - Rebased fix-CVE-2019-12749.patch- Fix CVE-2020-35512 - shared UID's caused issues (CVE-2020-35512 bsc#1187105) * fix-upstream-userdb-constpointer.patch * fix-upstream-CVE-2020-35512.patch- Fix CVE-2019-12749 Authentication bypass (CVE-2019-12749 bsc#1137832) * added fix-CVE-2019-12749.patch- Make libdbus-1-3 own the %{_datadir}/dbus-1/system.d directory- Use %license instead of %doc [bsc#1082318]- Avoid bashisms in scriptlets.- Avoid ugly error message from %pre(install) script when installing for the first time.- Don't spit out a warning if /usr/bin/dbus-daemon does not exist when we run the pre-script.- Swap a missed libdir to libexecdir- Do not hide errors during useradd.- Fix dbus-daemon-launch-helper to use proper ref to libexecdir- use %{_libexecdir}/dbus-1 as libexecdir- Update to 1.12.2 Deprecations: • Eavesdropping is officially deprecated in favour of BecomeMonitor. See the release notes for spec version 0.31 (in dbus 1.11.14). • [Unix] Flag files in /var/run/console/${username} are deprecated. See the release notes for 1.11.18. New APIs: • and rules in dbus-daemon configuration can now include send_broadcast="true", send_broadcast="false", max_unix_fds="N", min_unix_fds="N" (for some integer N). See the release notes for 1.11.18. • dbus_try_get_local_machine_id() is like dbus_get_local_machine_id(), but returns a DBusError. • New APIs around DBusMessageIter to simplify cleanup. See the release notes for 1.11.16. • The message bus daemon now implements the standard Introspectable, Peer and Properties interfaces. See the release notes for dbus 1.11.14 and spec version 0.31. • DTDs for introspection XML and bus configuration are installed. • [Unix] A new unix:dir=… address family resembles unix:tmpdir=… but never uses Linux abstract sockets, which is advantageous for containers. On non-Linux it is equivalent to unix:tmpdir=…. See the release notes for dbus 1.11.14 and spec version 0.31. • [Unix] New option "dbus-launch --exit-with-x11". • [Unix] Session managers can create transient .service files in $XDG_RUNTIME_DIR/dbus-1/services. See the release notes for 1.11.12. • [Unix] A sysusers.d snippet can create the messagebus user on-demand. Miscellaneous behaviour changes: • [Unix] The session bus now logs to syslog if it was started by dbus-launch. • [Unix] Internal warnings are logged to syslog if configured. • [Unix] Exceeding an anti-DoS limit is logged to syslog if configured, or to stderr. - Enabled "make check test suite" - Patches removed, fixed upstream * fix-upstream-drop-install-sections-from-user-services.patch * fix-upstream-increase-backlog.patch * fix-upstream-timeout-reset-1.patch * fix-upstream-timeout-reset-2.patch- boo#1027201 dbus-daemon not found - boo#978477 systemd reseting under heavy load * fix-upstream-timeout-reset-1.patch * fix-upstream-timeout-reset-2.patch- boo#1027200 don't generate machine-id in %post systemd will do it on first boot. - swap usage of /bin/false to /usr/bin/false - Use libexecdir=%{_libdir}/dbus-1 rather then /lib/dbus-1- No need to set --libdir anymore now that prefix is /usr/bin, * fixes boo#1047532 - No need to set --bindir, bindir in dbus-1-x11 was incorrect - Other fixes required to properly change prefix - Don't pass --with-initscripts we don't use them anymore.- Update to 1.10.20 * Fixes: + Fix a reference leak when blocking on a pending call on a connection that has been disconnected (fdo#101481, Shin-ichi MORITA) + Don't put timestamps in the Doxygen-generated documentation, for closer-to-reproducible builds (fdo#100692, Simon McVittie) + Avoid an assertion failure when connecting to a semicolon-separated series of addresses, one of which fails (fdo#101257, Simon McVittie) * Documentation: + Update git URIs in HACKING document to sync up with cgit.freedesktop.org (fdo#100715, Simon McVittie)- swap to /usr/bin bsc#1029968 - Add the following fixes from SLE12 * bsc#980928 increase listen() backlog of AF_UNIX sockets to SOMAXCONN fix-upstream-increase-backlog.patch - The following bugs were already fixed but are missing changelog entries * bsc#867256 (No longer applicable) * bsc#916785 (No longer applicable) * bsc#1012564 (Not applicable) * fdo#90004 (Fixed Upstream) - Rename the following patches as a tidy up * dbus-log-deny.patch to feature-suse-log-deny.patch * dbus-do-autolaunch.patch feature-suse-do-autolaunch.patch * 0001-Add-RefuseManualStartStop.patch to feature-suse-refuse-manual-start-stop.patch * 0001-Drop-Install-sections-from-user-services.patch to fix-upstream-drop-install-sections-from-user-services.patch- Update to 1.10.18 * Fixes + Re-order dbus-daemon startup so that on SELinux systems, the thread that reads AVC notifications retains the ability to write to the audit log (fdo#92832, Debian #857660; Laurent Bigonville) + Fix a harmless read overflow and some memory leaks in a unit test (fdo#100568, Philip Withnall)- Update to 1.10.16 Fixes: * Prevent symlink attacks in the nonce-tcp transport on Unix that could allow an attacker to overwrite a file named "nonce", in a directory that the user running dbus-daemon can write, with a random value known only to the user running dbus-daemon. This is unlikely to be exploitable in practice, particularly since the nonce-tcp transport is really only useful on Windows. (fd.o #99828, Simon McVittie) (bsc#1025950) * Avoid symlink attacks in the "embedded tests", which are not enabled by default and should never be enabled in production builds of dbus. (fd.o #99828, Simon McVittie) (bsc#1025951) * Work around an undesired effect of the fix for CVE-2014-3637 (fd.o #80559), in which processes that frequently send fds, such as logind during a flood of new PAM sessions, can get disconnected for continuously having at least one fd "in flight" for too long; dbus-daemon interprets that as a potential denial of service attack. The workaround is to disable that check for uid 0 process such as logind, with a message in the system log. The bug remains open while we look for a more general solution. (fd.o #95263, LP#1591411; Simon McVittie) * Don't run the test test-dbus-launch-x11.sh if X11 autolaunching was disabled at compile time. That test is not expected to work in that configuration. (fd.o #98665, Simon McVittie) Enhancements: * Do the Travis-CI build in Docker containers for Ubuntu LTS, Debian stable and Debian testing in addition to the older Ubuntu that is the default (fd.o #98889, Simon McVittie)- A note for scripts bsc#974092 (remove sysvinit script) is already fixed here.- Don't restart dbus on upgrade - Includes temporary work around for last version boo#1020301 - Add 0001-Add-RefuseManualStartStop.patch don't allow users to Manually start or stop dbus.- Add systemd unit files to start session bus via systemd - Added patch: * 0001-Drop-Install-sections-from-user-services.patch + remove install section from socket unit because it does not need to be enabled explicitly (see fdo#92402)- Requires systemd >= 209 and drop the compatibility pkg-config names that don't exist in newer systemd- Drop useless --with-pic which is only for static libs - Abort installation when user/group creation fails - Avoid calling %service_* more than once- Build the dbus-1 package without X in the dbus-1.spec - Move the dbus-launch.nox11 to the dbus-1 package and install it by default - Build devel-doc package in dbus-1.spec and don't build any documentation in dbus-1-x11 - Make dbus-1-x11 package contains only the X11-enabled dbus-launch - Fix some rpmlint warnings - Delete the dbus-1-x11.spec.in file, since maintaining it is more complicated then keeping in sync a dbus-1-x11.spec file of less then 120 lines- Create new subpackage: dbus-1-nox11 - contains dbus-launch without x11 support - Rename dbus-launch to dbus-launch.x11 - use update-alternatives to switch between dbus-launch with and without X11 - Solves [bnc#934214]- Update to 1.10.12 * Security fixes: + Do not treat ActivationFailure message received from root-owned systemd name as a format string. In principle this is a security vulnerability, but we do not believe it is exploitable in practice, because only privileged processes can own the org.freedesktop.systemd1 bus name, and systemd does not appear to send activation failures that contain "%". Please note that this probably *was* exploitable in dbus versions older than 1.6.30, 1.8.16 and 1.9.10 due to a missing check which at the time was only thought to be a denial of service vulnerability (CVE-2015-0245). If you are still running one of those versions, patch or upgrade immediately. (fdo#98157, bsc#1003898, Simon McVittie) * Other fixes: + Harden dbus-daemon against malicious or incorrect ActivationFailure messages by rejecting them if they do not come from a privileged process, or if systemd activation is not enabled (fdo#98157, Simon McVittie) + Avoid undefined behaviour when setting reply serial number without going via union DBusBasicValue (fdo#98035, Marc Mutz) + autogen.sh: fail cleanly if autoconf fails (Simon McVittie)- Moved dbus-run-session from dbus-1-x11 to dbus-1 (bdo#836296)- Update to 1.10.10 * Fixes: + On Linux, when dbus-daemon is run with reduced susceptibility to the OOM killer (typically via systemd), do not let child processes inherit that setting (fdo#32851; Kimmo Hämäläinen, WaLyong Cho) + Output valid shell syntax in ~/.dbus/session-bus/ if the bus address contains a semicolon (fdo#94746, Thiago Macieira) + Fix memory leaks and thread safety in subprocess starting on Windows (fdo#95191, Ralf Habacker) + Do not require systemd to have a service file if using it for activation (fdo#93194; Simon McVittie; backport from 1.11.0) + Stop test-dbus-daemon incorrectly failing on platforms that cannot discover the process ID of clients (fdo#96653, Руслан Ижбулатов) + In tests that exercise correct handling of crashing D-Bus services, suppress Windows crash handler (fdo#95155; Yiyang Fei, Ralf Habacker) + Explicitly check for stdint.h (Ioan-Adrian Ratiu) + update-activation-environment: produce better diagnostics on error (fdo#96653, Simon McVittie) + Don't fail the build with an unused const variable warning under gcc 6 (fdo#97282; Thomas Zimmermann, Simon McVittie) + Merge dbus-1.10-ci branch, containing backports from 1.11.0 in build/test code to support continuous integration (fdo#93194, Simon McVittie) - Avoid -Wunused-label when compiling with libselinux but no libaudit - In development builds, allow OOM tests to be disabled as documented - Accept and ignore the --tap argument in all "embedded tests", and run all automated tests with that argument for better diagnostics - Fix the systemd activation test under CMake by installing the required files - In Automake, fix shell syntax for installcheck-local with no DESTDIR - In Automake, don't try to run manual tests in installcheck - In CMake, don't run manual-tcp test as an automated test - Add travis-ci.org build machinery- Update to 1.10.8 * Fixes: + Enable "large file support" on systems where it exists: dbus-daemon is not expected to open large files, but it might need to stat files that happen to have large inode numbers (fdo#93545, Hongxu Jia) + Eliminate padding inside DBusMessageIter on 64-bit platforms, which might result in a pedantic C compiler not copying the entire contents of a DBusMessageIter; statically assert that this is not an ABI change in practice (fdo#94136, Simon McVittie) + Document dbus-test-tool echo --sleep-ms=N instead of incorrect --sleep=N (fdo#94244, Dmitri Iouchtchenko) + Correctly report test failures in C tests from run-test.sh (fdo#93379; amit tewari, Simon McVittie) + When tests are enabled, run all the marshal-validate tests, not just the even-numbered ones (fdo#93908, Nick Lewycky) + Correct the expected error from one marshal-validate test, which was previously not run due to the above bug(fdo#93908, Simon McVittie)- Update to 1.10.6 * Fixes: - On Unix when running tests as root, don't assert that root and the dbus-daemon user can still call UpdateActivationEnvironment; assert that those privileged users can call BecomeMonitor instead (fdo#93036, Simon McVittie) - On Windows, fix a memory leak in the autolaunch transport (fdo#92899, Simon McVittie) - On Windows Autotools builds, don't run tests that rely on dbus-run-session and other Unix-specifics (fdo#92899, Simon McVittie)- Update to 1.10.4 * Changes between 1.10.2 and 1.10.4 - Enhancements: + GetConnectionCredentials, GetConnectionUnixUser and GetConnectionUnixProcessID with argument "org.freedesktop.DBus" will now return details of the dbus-daemon itself. This is required to be able to call SetEnvironment on systemd. (fdo#92857, Jan Alexander Steffens) - Fixes: + Make UpdateActivationEnvironment always fail with AccessDenied on the system bus. Previously, it was possible to configure it so root could call it, but the environment variables were not actually used, because the launch helper would discard them. (fdo#92857, Jan Alexander Steffens) + On Unix with --systemd-activation on a user bus, make UpdateActivationEnvironment pass on its arguments to systemd's SetEnvironment method, solving inconsistency between the environments used for traditional activation and systemd user-service activation. (fdo#92857, Jan Alexander Steffens) + On Windows, don't crash if or --syslog is used (fdo#92538, Ralf Habacker) + On Windows, fix a memory leak when setting a DBusError from a Windows error (fdo#92721, Ralf Habacker) + On Windows, don't go into infinite recursion if we abort the process with backtraces enabled (fdo#92721, Ralf Habacker) + Fix various failing tests, variously on Windows and cross-platform: . don't test system.conf features (users, groups) that only make sense on the system bus, which is not supported on Windows . don't call _dbus_warn() when we skip a test, since it is fatal . fix computation of expected . when running TAP tests, translate newlines to Unix format, fixing cross-compiled tests under Wine on Linux . don't stress-test refcounting under Wine, where it's really slow . stop assuming that a message looped-back to the test will be received immediately . skip some system bus tests on Windows since they make no sense there (fdo#92538, fdo#92721; Ralf Habacker, Simon McVittie) * Changes between 1.10.0 and 1.10.2 - Fixes: + Correct error handling for activation: if there are multiple attempts to activate the same service and it fails immediately, the first attempt would get the correct reply, but the rest would time out. We now send the same error reply to each attempt. (fdo#92200, Simon McVittie) + If BecomeMonitor is called with a syntactically invalid match rule, don't crash with an assertion failure, fixing a regression in 1.9.10. This was not exploitable as a denial of service, because the check for a privileged user is done first. (fdo#92298, Simon McVittie) + On Linux with --enable-user-session, add the bus address to the environment of systemd services for better backwards compatibility (fdo#92612, Jan Alexander Steffens) + On Windows, fix the logic for replacing the installation prefix in service files' Exec lines (fdo#83539; Milan Crha, Simon McVittie) + On Windows, if installed in the conventional layout with ${prefix}/etc and ${prefix}/share, use relative paths between bus configuration files to allow the tree to be relocated (fdo#92028, Simon McVittie) + Make more of the regression tests pass in Windows builds (fdo#92538, Simon McVittie) * Summary of major changes since 1.8.0: - The basic setup for the well-known system and session buses is now done in read-only files in ${datadir} (normally /usr/share). - AppArmor integration has been merged, with features similar to the pre-existing SELinux integration. It is mostly compatible with the patches previously shipped by Ubuntu, with one significant change: Ubuntu's GetConnectionAppArmorSecurityContext method has been superseded by GetConnectionCredentials and was not included. - The --enable-user-session configure option can be enabled by OS integrators intending to use systemd to provide a session bus per user (in effect, treating all concurrent graphical and non-graphical login sessions as one large session). - The new listenable address mode "unix:runtime=yes" listens on $XDG_RUNTIME_DIR/bus, the same AF_UNIX socket used by the systemd user session. libdbus and "dbus-launch --autolaunch" will connect to this address by default. GLib >= 2.45.3 and sd-bus >= 209 have a matching default. - All executables are now dynamically linked to libdbus-1. Previously, some executables, most notably dbus-daemon, were statically linked to a specially-compiled variant of libdbus. This results in various private functions in the _dbus namespace being exposed by the shared library. These are not API, and must not be used outside the dbus source tree. - On platforms with ELF symbol versioning, all public symbols are versioned LIBDBUS_1_3. * New bus APIs: - org.freedesktop.DBus.GetConnectionCredentials returns LinuxSecurityLabel where supported - org.freedesktop.DBus.Monitoring interface (privileged) . BecomeMonitor method supersedes match rules with eavesdrop=true, which are now deprecated - org.freedesktop.DBus.Stats interface (semi-privileged) . now enabled by default . new GetAllMatchRules method - org.freedesktop.DBus.Verbose interface (not normally compiled) . toggles the effect of DBUS_VERBOSE * New executables: - dbus-test-tool - dbus-update-activation-environment * New optional dependencies: - The systemd: pseudo-transport requires libsystemd or libsd-daemon - Complete documentation requires Ducktype and yelp-tools - Full test coverage requires GLib 2.36 and PyGI - AppArmor integration requires libapparmor and optionally libaudit * Dependencies removed: - dbus-glib- Update to 1.8.20: * Fixes: - Fix a memory leak when GetConnectionCredentials() succeeds (fdo#91008, Jacek Bukarewicz) - Ensure that dbus-monitor does not reply to messages intended for others (fdo#90952, Simon McVittie)- Account for openSUSE:Leap in the conditional for chosing right local state directories (boo#941352)- Move common-begin sections around to make pre_checkin work again - Unconditionally build with systemd features, there are no cycles now, systemd no longer buildrequires dbus-1-devel- Update to 1.8.18: * Security hardening: - On Unix platforms, change the default configuration for the session bus to only allow EXTERNAL authentication (secure kernel-mediated credentials-passing), as was already done for the system bus. This avoids falling back to DBUS_COOKIE_SHA1, which relies on strongly unpredictable pseudo-random numbers; under certain circumstances (/dev/urandom unreadable or malloc() returns NULL), dbus could fall back to using rand(), which does not have the desired unpredictability. The fallback to rand() has not been changed in this stable-branch since the necessary code changes for correct error-handling are rather intrusive. If you are using D-Bus over the (unencrypted!) tcp: or nonce-tcp: transport, in conjunction with DBUS_COOKIE_SHA1 and a shared home directory using NFS or similar, you will need to reconfigure the session bus to accept DBUS_COOKIE_SHA1 by commenting out the element. This configuration is not recommended. (bsc#931066, fdo#90414, Simon McVittie) * Other fixes: - Add locking to DBusCounter's reference count and notify function (fdo#89297, Adrian Szyndela) - Ensure that DBusTransport's reference count is protected by the corresponding DBusConnection's lock (fdo#90312, Adrian Szyndela) - On Windows, listen on the same port for IPv4 and IPv6 (previously broken by an endianness mistake), and fix a failure to bind TCP sockets on approximately 1 attempt in 256 (fdo#87999, Ralf Habacker) - Correctly release DBusServer mutex before early-return if we run out of memory while copying authentication mechanisms (fdo#90021, Ralf Habacker) - Correctly initialize all fields of DBusTypeReader (fdo#90021, Ralf Habacker, Simon McVittie) - Fix some missing \n in verbose (debug log) messages (fdo#90021, Ralf Habacker) - Clean up some memory leaks in test code (fdo#90021, Ralf Habacker)- Sync changes from SLE12 conditionalized for suse_version <= 1315- Update to 1.8.16: * Security fixes: - Do not allow non-uid-0 processes to send forged ActivationFailure messages. On Linux systems with systemd activation, this would allow a local denial of service: unprivileged processes could flood the bus with these forged messages, winning the race with the actual service activation and causing an error reply to be sent back when service auto-activation was requested. This does not prevent the real service from being started, so it only works while the real service is not running. (CVE-2015-0245, fdo#88811, bnc#916343; Simon McVittie) * Other fixes: - fix a Windows build failure (fdo#88009, Ralf Habacker) - on Windows, allow up to 8K connections to the dbus-daemon instead of the previous 64, completing a previous fix which only worked under Autotools (fdo#71297, Ralf Habacker)- Update to 1.8.14 * Security hardening: - Do not allow calls to UpdateActivationEnvironment from uids other than the uid of the dbus-daemon. If a system service installs unsafe security policy rules that allow arbitrary method calls (such as CVE-2014-8148) then this prevents memory consumption and possible privilege escalation via UpdateActivationEnvironment. We believe that in practice, privilege escalation here is avoided by dbus-daemon-launch-helper sanitizing its environment; but it seems better to be safe. - Do not allow calls to UpdateActivationEnvironment or the Stats interface on object paths other than /org/freedesktop/DBus. Some system services install unsafe security policy rules that allow arbitrary method calls to any destination, method and interface with a specified object path; while less bad than allowing arbitrary method calls, these security policies are still harmful, since dbus-daemon normally offers the same API on all object paths and other system services might behave similarly. * Other fixes: - Add missing initialization so GetExtendedTcpTable doesn't crash on Windows Vista SP0 (fdo#77008, Ilya A. Tkachenko)- Update to 1.8.12: * Fixes: - Partially revert the CVE-2014-3639 patch by increasing the default authentication timeout on the system bus from 5 seconds back to 30 seconds, since this has been reported to cause boot regressions for some users, mostly with parallel boot (systemd) on slower hardware. On fast systems where local users are considered particularly hostile, administrators can return to the 5 second timeout (or any other value in milliseconds) by saving this as /etc/dbus-1/system-local.conf: 5000 (fdo#86431, Simon McVittie) - Add a message in syslog/the Journal when the auth_timeout is exceeded (fdo#86431, Simon McVittie) - Send back an AccessDenied error if the addressed recipient is not allowed to receive a message (and in builds with assertions enabled, don't assert under the same conditions). (fdo#86194, Jacek Bukarewicz)- Update to 1.8.10: * Security fixes: - Increase dbus-daemon's RLIMIT_NOFILE rlimit to 65536 so that CVE-2014-3636 part A cannot exhaust the system bus' file descriptors, completing the incomplete fix in 1.8.8. (CVE-2014-7824, fdo#85105; Simon McVittie, Alban Crequy)/bin/sh/bin/sh/bin/sh/bin/sh/bin/shlamb10 1629728149  !"#$%&'()*+,-./0123456789:;<=1.12.2-lp152.6.6.11.12.2-lp152.6.6.11.12.2-lp152.6.6.1 dbus-cleanup-socketsdbus-daemondbus-monitordbus-senddbus-test-tooldbus-update-activation-environmentdbus-uuidgenConsoleKitrun-session.ddbus_at_console.ckdbus-launchsession.confsystem.confdbus-1system-servicesdbusdbus-cleanup-socketsdbus-daemondbus-launchdbus-launch.nox11dbus-monitordbus-run-sessiondbus-senddbus-test-tooldbus-update-activation-environmentdbus-uuidgendbus-1dbus-daemon-launch-helperdbus.servicedbus.socketmulti-user.target.wantsdbus.servicesockets.target.wantsdbus.socketdbus.servicedbus.socketsockets.target.wantsdbus.socketdbus.confdbus.confrcdbussession.confsystem.confdbus-1AUTHORSHACKINGNEWSREADMEdbus-1COPYINGdbus-cleanup-sockets.1.gzdbus-daemon.1.gzdbus-launch.1.gzdbus-monitor.1.gzdbus-run-session.1.gzdbus-send.1.gzdbus-test-tool.1.gzdbus-update-activation-environment.1.gzdbus-uuidgen.1.gzdbusmachine-id/bin//etc//etc/ConsoleKit//etc/ConsoleKit/run-session.d//etc/alternatives//etc/dbus-1//lib//lib/dbus-1//run//usr/bin//usr/lib//usr/lib/dbus-1//usr/lib/systemd/system//usr/lib/systemd/system/multi-user.target.wants//usr/lib/systemd/system/sockets.target.wants//usr/lib/systemd/user//usr/lib/systemd/user/sockets.target.wants//usr/lib/sysusers.d//usr/lib/tmpfiles.d//usr/sbin//usr/share/dbus-1//usr/share/doc/packages//usr/share/doc/packages/dbus-1//usr/share/licenses//usr/share/licenses/dbus-1//usr/share/man/man1//var/lib//var/lib/dbus/-fomit-frame-pointer -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:16857/openSUSE_Leap_15.2_Update/43530d46962a271066705ab87c546169-dbus-1.openSUSE_Leap_15.2_Updatedrpmxz5i586-suse-linux directoryBourne-Again shell script, ASCII text executablecannot open `/home/abuild/rpmbuild/BUILDROOT/dbus-1-1.12.2-lp152.6.6.1.i386/etc/alternatives/dbus-launch' (No such file or directory)exported SGML document, ASCII textELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, BuildID[sha1]=95ffe93275af74ede1771a02a9f4541e27caf832, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, BuildID[sha1]=90b5659f296ea22279a878a81febc2e13e6fc1ba, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, BuildID[sha1]=b14cf4e100899a8cc42222a85f936cb35d74936c, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, BuildID[sha1]=e37f59bb89b6bd2f99b83718f3c2d12f6bc86e80, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, BuildID[sha1]=8eace9bb0585c69c65d67c3d791df6880082170c, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, BuildID[sha1]=321a86a9def7ba301501df0408b064bcea83182c, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, BuildID[sha1]=5b9f29b8103a2a2a87fb264383345f3064ade145, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, BuildID[sha1]=fdaad1377653b8f4a7a291a177033afd55aa2abf, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, BuildID[sha1]=e07695cd5ed823afaaf4e06a758041b6be912e60, for GNU/Linux 3.2.0, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, BuildID[sha1]=cea15737980ad2c58b5a11176cda7dbd537134c5, for GNU/Linux 3.2.0, strippedASCII textUTF-8 Unicode texttroff or preprocessor input, ASCII text, with very long lines (gzip compressed data, max compression, from Unix)troff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)cannot open `/home/abuild/rpmbuild/BUILDROOT/dbus-1-1.12.2-lp152.6.6.1.i386/var/lib/dbus/machine-id' (No such file or directory)(4>JUaj RRRR RR R R R RRRR RRR R RRRRRRRRRRRRR RRRR RR RRRR RRR RR RRRRRRR RRRR RR RRRR RRRR RR RRRRRR RRR RR RRRRRR RRRR RR RRRRRR RRRR R RRRR R RRRR RRR RRR R RRRRRRR -"ӟg7t=# See comments in pre if [ -s "/etc/sysconfig/services.rpmbak.dbus-1-1.12.2-lp152.6.6.1" ]; then mv -f /etc/sysconfig/services.rpmbak.dbus-1-1.12.2-lp152.6.6.1 /etc/sysconfig/services elif [ -e "/etc/sysconfig/services.rpmbak.dbus-1-1.12.2-lp152.6.6.1" ]; then rm -f /etc/sysconfig/services fi/bin/shutf-8f061cb770a221dce25642a3c0bcd431f964ad9b4d85072c8e18eeb3b8db42ed9?`7zXZ !t/]"k%n(/_bJ~mkL1eӘ&YOAEV3rc1l^?8eql s Zq67&H)0ݵ7@9C_Իc*Ⱦ*x(D,b,6-#ZEv8nb|{|߽)g Z?o`3 5Rɼ[_O "h h֪ܪP:^Yx8u*MuEX_FETD 9!r8]bx@ڋBykz@"˳köٲTo$RvuԼ'9|*!ٓZWfly/N,T m!Rw;RZJWKg^2>T gN;Ք Ta\;uڥ)dPP _kDohG^aWOhxB%Z7`mEmHoSaiҔfso[,>~ GŝU@tΩ%Cd'gZVJ:"NfȮ~M6C0-R.xkY[?"Q=2JE\uE^' G> l1gs`I!'$*䌸z_d,èI34|*m֢*!CbG4Tzd[ɷ6p( mqb+æ5ΠվԧG=+:N0 PK=\c| X7|ɀlhG7gu%r1lPygɦ\ڞee޵zq;ǵ5@o:vŎjr_oǽX>Yi1X+C::ϰb^ ֽy|r8 + E5ۃ1^Y|6ӗvNq)kY+OyKa9PzQl_֧sܵB~;' }+RҨ &V>Ddxgd(WL;]o/N)$T ;ر܉9P+fAڶNӣnB}{sr!`Q-՜*=/\vid\. ֓sw)2Bޚ{Ρ3'HEv^ rÎ_ dV܋y9E)NWeϿv(}h C>嚊M(ٺ(V |eB-+04YSL#?)r`C![|ռhIJ.;o 0٢?2~ǂh~QKI95 e_V}chH(EHFfm:Aw>LQEyŪ*P?8]^ ^ܕNgЎI:7VP3_zy%: 0BO n5!8?$4P0569|$&vjRIt1nO}-|N*ZS$1@ N8Oљ7lޅٗv_ΔB(>*Gq9 uRQdB.Zn.H3׿<[ǎ;I9ÁF @4Lf"֊P;Z먮5T\y%N#P]p{:~vUo7|tqs0`o",4}wgʐOuC솞t {P ĝ}wjAu,})w`@dJ$--s|+VlMeS Xc + i%,85[~)l1-zG'ɗq19,2aRƅ|C+Gʠe J?}d{>NBϐCLN> ~{..CЍ6N9EGUb9_e+">e#8UIcSYZ͊K-@562bBC`+٪ 8mCi,0={D9R׺:a[vjp㥯-B~s UESi=؝7՚#҆hPgx01'HOTl#vw"?K%m|K+R֑l`u2 #j9i坐%Xl8YqQwȪ 6dMu!RakmoWL+HCt23+MhM9! y(O] E?jx e˛fvMt%؜yGFS-,_ `31dK2OD7ւ^۬`Pև"9rU?9|:wo*It_ĸ$o걢0 -7`IZ췈ݩjx Au,WsCI6JA6!3kI&Gu-;`=AZ ϡKX>K~j^g.9dBE9乢é}5gd; ֐ǽ-oǡMMd4K&6 '씨#Ve 3m:G}4[g??rWķ ncE,@MqK1 ǓJNX&39 ЂMGQ &;אO.nɮ)) lB.dU@{Uzԗw'xqK!n$po{'-EV I+VQ:|"R0UrA E،A줥"  l䶨 _g,%۞@:V[ "'4 s[m39`e-&BBJ+򷎗GqI Ayp Ϭ/|1]`ԅsDdUհπTAj{憲2|1~3Hen w>v {.%VȬ5vQNo 2nzRROhQ®IM.(\nR7ȑ+;=`u/C* 9(^}nUIePy)@|!B'oO\T+kpo#1G|r,>qxk$"7;(ۆ꣐eNJⴍe&\+{ 5Jď|<>R++ GP2XlF]d3IjQW̅bVinSADQ*x|[=h*[[>XâwާGXRl/Gn;Ԃdlo_.KCƱf@W9EfϺ9rnsr jJDW0G:O7UXmLه;"k2gIn7t`4|@o2==w.Yy&F[ٮrv`wL ^ץ#٨_y/lw${*?:Cs%]mY|?Ӎ,Bۏ(?cH2AktnJiTz:EG׹R mY媻;.䃝RsXk2|*r 4RH\4I>cBԓ̈}:41uv%v4H]{5 M@P)q@+[jz^N YZAٶ2TN|)g.<HO1&R%ߦ5R- tڙ_X$S04_8蓱y?B>ml핫d$$ޓ`75M67=$H6X#X.%h<^K/ڍVILFG/<$6o D!$>l=$!Ѻށ썥} hf{)"m~bl\jP$ƼJIÁF/=Ex།Ӭg6&m&T&p<|^qg jt 0rUi.EFT^f-hQ/*7)u P>!e?+9unH(K$&FҥsQF0Ac3yD$aDz4qp9SY%$}6u1$AĎݗƯ ӖVP8T`6}LKIfwP^iML"d{+:>'LaSzYPݕ?ف#wFBFf ʯz9:SceuE#yhz JT{w᯼6O2VY^0 JWpQ௫%24:2Q½(k\Lr!sTȰt "#KNIܠ5>dfѥ+ 7~wc_Em ʋP}rsQ*5Mut FyP),[x ?i_8hY7}?pV[:Y/?_Ҏ FH Aj<4Gq$\c>[|Ց>:9R:GY ay@rΪk;@BBh0/ (hGFJ,֡ͩiZbYjCBz'WjLyHkM]T :Ʀvr[ ӋPV mj޴z%PfWǸ>zQ{S v }ê+ }I5ۇn&LŐh߲4#(f "P **}F-o,2> T{5tT> ;s/kћp=j=|c4C8cvA$Q[wg9xsjv ÕԴH4, a+0]+xQ-9c42AZ.>)ߋ&LUMV@Hv1q6=Wmf#jia~>ٌT2d\H˵B_,zocn++0Bi$*Bfid> O'Ab(ÛENI<,+|(K~J=zB1iĎ3pr܆S_<lc"`'7*k751 ✏c*%Ug;a]0KKWP ߈ti7RwL2qʯWDAl,jJ!`RSۘKƍP CW$vyl~S4Eb2|o6dKW-gD4 gLx?f*:9鰲fRmlٲv֣k@ECwU co`޴!yVlF:Cٶ*ޘo[qЇ5S A4jI[ϩtUzH,^4)qD?IV񋊕 AGSG[ J1]L"Q@Q;4?;{ی}K|6U? m7u\1ػ ~ R٦YCl/ t˵SNjk|qƸS#__xƲ6;$S',Z?ʳ|+l|.v򋑲2ZYzlbk(OP('7~X׽WЂ';yeɾ |7cf]>؟a1)4z(a :+gEw%.`F^W(uZ$tq+ap9$.nksi4=zF_8Q,xe+<=RL")Y`hk 8Z,]m#5"yB+Y\g\fJr1wZ-4Iy9 08gɅ2] 4UjC&3g9@;=.iV.0}p/\;zx|k}"Bn;݃w g&J򵦣KGB{M%WE7sZPׅZ\C3?iOK$wЉÒd~hUJ뭊u(˝ȼ ݳFִޠ*]4ƤW&֞@= ٫- |h#by0YhCgIfE$fW52/c|:6&RiZss\)ZֳKT{ˠ6]|ٯ4F-[ "R}$8 67ci۴^ |Xwoલ(!TLfU29Y]=w[-I;Ãɧ7V-ʣ;pk$:Aۻp<* e$T'J뻽5^w['iK\ExۓՔƮ'PV2*E^nh8>q9( IG!_hr{ST-} &R|t拑z3wTK j;eHBO'SȋX+ RmKnk$mQR{;cǾDvOԇLBX\t4?/Kձ JٔfT?]*lXˆE5q;Ĥm`} N5p{(R :L„1f@K)Siԅ2$#j]c|}u4vCDdy|P2^Ǔ"$BN森VȄMW:ۇH',J^{,Ʉ`>Zx#yx(Obd'>N(%.g3ܧS@)9a$4+]N:l^%94I4I)2\S >n1pc'J  ͞&ral 1='XكI:<@Jt#.(gy.fT5vz`NJBۧm{Pݯ" q;xOQ$ ` sCFרOX&.Q͂p~;7[,J]>LUFgChbFY̶ڲ%+ྣ9Fss -{x?Z4 f,ʂpe$ VTb0@Xk@jzrTm,3GH]xh涂rPh14W}Pκ~IQ?N:bA2}V ̿-&8M%XH*MeJ͌,Z?lIPdq:2ϣ3הxpe3f7pCQqb=^R8Iհ,u`!#ܰh8Ӥfb&矔V8p<$bkY3'I@pŐ\0)س)+A7"ĥ@ }98 2"Fnl*wҜ"ۑ*}i壈 $8U/fB  lw F(q26°AW':;~> dP/Py ]xL*D6kv.8LUy5I[ 0a3=  1aPJ,Vh =`1urR.OȃJMf ~@['|)'d:!PQy|߭:R7n<[6|@.Xܝ~ ^.nu"@vC }uqh( ~Nzd\ /̲t{NU!byD?:5aȥ븅Θ|1@ ngŨw,ՆySL(r*u5-ZYĘ3nƣx&bndΚk^|fC`>Nk}i!5#g0oy{rwARDZE@@_ƺ #r|geN.аӝʢ]GUEXٚBr v B>:MLhie#ȟZN56 ],D j0è4־xcVe\p}G0Յ:^e )҉qb`\QB¾/GNC 34%vlbvf+>R+ګ<ٔK(Zݷ͙GX,"Y+sYOmeOγ%HcD \vF۟x[a(c JU>轉 ̳: Q^SFtRr d{hĕIH2$6#;b;!(7UOFZo|ohhw9cRpؤc 8 YG9d%N_ d[ۖ) ßWXyYm QsyK-z?]6If3򏬔 RK+ٵ0N&5^>il,UBWyEfL4ܲzi]WɘY̱Z|;ۏQ'}x蜵ؚOvu彰Cq"$0cbԙ/ y碮\MC$5E/< ^iЌR=2YP얕ɡ1y$"li;RS)x#\ȣ<sf gLS#\Nk?nI#"9;1GxjXd4^)r$s&×Qsc 5- |}LbН$Ñ]{#,n`ٝxΤZ-\'r.UsmX^09@00.d;|"iLO 'r Zf ^CBOۤh}DNSJ(4(6 껊CW#P?V7pYS{7g}t N4kFhxGV ށ\ PҽQ hVL%JDC*9zS(iR\~'tbA Z,EW2/N^Ȥl7Oj*(V*,QYYNXx Ov d==6wבSj?)AF z%|xZd2x}6ѻuou.PM3 iʜ hc I\ ȷDPڸB5, y.lx|v{Tc;&KF%drwp,QX_bf缗i^3L+9/sbW%02Ns):65}*{27㥤*s*sX>ʣZ b!@^k|tUTլ[Y.Z:+hpsJӶ+Rs".IB@,~JRcdc1L ]J ]FҼ „`=g>fjLTXp@cxq)(2Ƿ~:t)^^]砑6U ezُ'٠ df5!Xox|W (S=/z Tpx䫚[,!Փb! E|+W \Vq8-O,ϖ! !F$@U%2 ֙>wVڃĦ0Qw@@D! G*&ɠ)'s-=bn\y /Z.WbS6-iK N~,%}Ƨ W?.AAe򤞠<RñWqՓ*O_DeˡAk|ᡑQnl ȫ˟bDh7UGvVn>lJb͹, =_ԡ 5jd/d-Z2rpNe3(2lyMeq1 fA"}XS;/`$vsgLY 2Uʍf8+ַA !;rsH DYeϖ BP\bd&IJ*nק?(x==I:mR.A=x.ot+Ϋr-niDJe){lMԐw74,:~y7jvؽ dG$q0rxh'kzP6:ȀAH|S+a~D<€, [KGR }*?]@2ƒ;-XCB Y6R{-. 0{eQ n $ nz L8Gdž2K=X#mULaVH c',[LzTF-n'^O\}9O+;e$<;7ʨnACIHw_g)NԔ >W@Ox>}{[˂{ܾ^͟. PGS!EP&[*a\x"o@EiFľu?ۅ`lJe,* ZZ]4aph%ڥKxvuFέW=%jjAWL+0gc0I[[uY:#ӵM~.Ċ^;X |@֟)/֦-M{xqp?l\&V(NmӽWNCᔿGUE1rg̹m4]dvܤ_й Q'T$tcKaVΉTͨ!J(e=/n\@[BW*@x~AW\pE2գcΎEC#E$غQ0-fw##֧@RܴYY'*l 7nL(Xyd* $r)lix)43a:!j̪n+AzY1{W)Pz"U7XO\!s=> ]&CC;>ȣ޾!AQ0㘱+&FR؉رf$v5S{ o5,Ӕ 08YB`:Uw;f 3RS '`/K%N#HEs(o?sٓ@0PïvegUKA Yh@"5;kW ~\8 ~&*7Z/d}pvNV"mHf>k + 4!Aܝ] 4^t|h3B2꘰n:B:h78csj *N9\pe2{4(-Dy֔t UBu09`oZ9@ gxgjDqojD?3tO?Sb3 ӹrGrrJ,;\ՋGdX]/:#ϭ"yG0O}fJZ<מ$rr@?o S..eQ\*s@yNq;v$}Je<©O Fa8ߨ@Ba1 e`Pم+K]ŏ? }RjC[NH, %~JpH[1U_VHXsLiaBf*i_A5)+13}!G! {Ʒaǝ XH pȳ[k ֐ތ%3ZL8bΪҝM ;7X$?=ԙ5#I#JNGYV#,Qt(>OD1¥[$ܐJX5Ϧ>6sdJ+(_bJDǃ^s|in%!Xa@!dek&~:Sc(YHѻI[kxI?35˫"k%A^\tsuh"\п@ocG;1ExA 28v6qKI@!ĭx,eY~`ڎ^},OVUbؠ\<{_T/[Xile5"oAHdQa}NjP?3h)3$>gxpLniL'ONR8 L*{BC,ЄT<;ƫp71/wD.1[z2C wNN΁4b<4h~fĶO],+Q0oʺ88"N0&e@*S(E95;JA0⹌G:"vcޠwނ?ؖI?KGrB.D6bpG-m٪ _{X| p+5Uy$j{$/AL0/kǗݳ@7%b-aA@O ^8%O%GMo)5㑂孀i,=%}ߠP޿9 ~c%d7t+݌FliHgEemJrb- ;^RRcj4D{^'[} #5򿎨!(&\mxKՐP̘E<ꊉx |>W.Ch  .7To@ҴΊ""(}Dn `c|GEtPTqR@@ $е0׵@v&(ş*KsTB\(p$) &z#IN]kSYhOۀuɲ{P@aJL#3)[.|+4fM;Gתf"[J5Dd(W؂QM6jB'<1S-ڭ/1Nʿ,!ӰC "/~XNfrav70ww?cA6*OH1:L ΄PH=ko\Uņ#1Wf=݄Ҁ,8n*VL>9E#&|w6 >"lAL䧢OBm۞zzz Oyd#7Rbn> Q ߴvL#!KֺAݍ陋ϒ@P$A 0Ĵe&;ux<5G]k.W/s?'.Zp]m+PeB"ESGSMNRv !D+͆@?$f}(Kpo$ANS31 n8Y" HFHcJ^^{"SBcLFE /:L[Wh '6u'pѱ:HoDUJ B:l^Tץ"C?o'_8竨{ )ZXXO (aJ@6Evt9k6yxLe+]je-,P|vƮp]Er~]\%n#QiЅK_X) 2FQ7j t9vtlcҢ̈́9s$-{R2QSClƓo>[#YWns`⍈L퍍 ~qLO}NyH`IV1$ Ư0-Sfv\:)RE#CYPv̛;hLv c W{IQIQ(|`0D1 SFVB'+-jylU8؈7QcElXCim*H_o@0q=>0iG!VϑNd5tsrX#DV=:Rz)Ք p2Ic&>ly7JwE9eЧ%Lۚ&ĒndkNe=1lE()_r}Uq/Z%u#@TPsRW6Kdw~ŸW Kc1%oW{ZsoM _?.ty2;I( \h,ȃTu7%|TitE$x|f4j5UKA#zp:u ZdQVI =V|[1/F! 0GZeܰPT {h+ Eb/>\YC$ILsqC(^Z:g w۝\| _ .K'ƾ݌p'yxvlHխ y+t Zv-,JZw3 fc YzP GĿ@Bk Jszڥ)eٝk}2!\\6嚾H9a25 g_0{*@LBf@> ,8YuÍ7 zARY;r](PښwD*k!Kj߼id_`H ]~]E ĺ; Hw\惡0-è9I̪s!ȃzG ނP4uN#چ|X k&@)[yδ 4%؊|0f·*jMU69&VYir30(*y]ER&Q $qSCVABej&oN2\b(ˆAd7I*}41p4!N` dէ&l5=M` R"jj &ջ Vr/cYvY'LWtնSBXK055>rgxȹ=B y4. ~S99WG@kCgBOH]l 6= $KڣeWeDGNoliZsYݰTc޻O87Iet.櫼Q—eh(P{̩cv,AFVThdA @}ySa 50 (߄Py[a8z沲y1UdY[hE\PîBpAj&oc.ҙG& Z)vi\GyU|!b1}ČbǫddsLZ(%w+\EwrbփU9,BꑒLk=,NEz}ܫ+>$#}4oc\6aFǺf/=˴ch:k-7D.V\\myQ`Vɬc37iW(|w7qKn@T8j2!˳cgL{d[eMIO4Tqv6ݾXn3/ȈIKHX[;`lE6ЂswSL ;6 j=GZ` _x,gșgς Ί b"zj-s'> EQ/xZ0_}[` w'd ;GKLiMh29kc?z-hLQ.TC->I _Hi 6x- Є6ATIohue}Ls҆*`>oL#Rnpq.Cӥp1E=H>ߍM 1Zȩ oZ;>䊐l}o@u֙>431&r]шNr#7̪ *#PÃSEšؒ@U0'TB5)F%3vE-f qk&Ü@T1#<̎[iL ew=!rΰ['\}K3j\[= \>۫}#?;*;wJ znK|ZҴD:cMI$2q F;Su7~O^qgkaAHdڵUB ?zP'u96]i[^юI.)5*AJo&T##׈h3BtR7'u5C{b~^d2ɢdmc=oʞc5QLQ$dT*u"d6CltK=.0cpY *3XZ¶3H#mRh-[HD*ʓoF ol{ˮqfP"+؛V$( ),MyWQ0)*_)?tѼr֐ C"twMݓD /"CxV~A$pv&Ɖ 8!L@AN^/g  bug ̇wbdJr zG)%+.ZʩsX;.z=s0  . ڳmi2ugKuR%đ 멇] >iiA9mttAKzPMF h O`ü*- ;U# ^,h_$0}llY[\R,/?]ְٚ;l_p}7PK`bbm!_ v,7' @(ЪO QI(f Юg$xl.M "P/'H x /0.V+I/z^ζa2LR&`F?<ҮbbU;cgu zY\g$v/GLS4`QZqb(.xeu8P"P/aîVkwt\(럶OLvBFVn uV,GM {*5F*kRrw [6#u'"7rcJ5kJܴ3 P~b>RRڲm+%^),ԣ:ퟗ=`p 䏻92f/bgwɩt׳* DB5Pb[Z2 2kfn5msm;MѓT v,osXƥ_y‡츏$jA( cAHRzwϥΐ魪C%udxg)Ţ m1Zz*PͽC` )#1Sd1 v-RV&G*~OwcbU\! afft\phwb˩a@ Yk/|I %H$w zUOث궶ڝ.ϹSw1PR:Tsh]fw1eIN>`&Lc ܇C:`Vzh,;>Qбt/.ru ~h>.qTŨ}OGiKQNrhvގdAˆib61=.HtT S-@R,{P!>Z6W2?{1)ETϋ1:pE>MaJzuuz&s BMGxmKbleqZ^OsBv99l"SuN]`\ 0|<۶.3qchJG/ 'O-f]%mtsLt"R"o/UPLY GIPed^xMm*'B4KpTw-^LJ }4'h-mzs]ƏyA5MѷM U`'!N #>STMɼՅyW:Y"^AЦ/{/ 䁂@#~FV39۟.MPO3(dBGdRh} _+<?26,i* 2ڔ,)2B1zPz*|i GayMr ө/D t raU"__2aj:]7vj˶.*VrP;J]SvBjޱNbc-3'OV/V-BAֻ-Mc2-ƾSȑſFTЕb&9*p}hX >| ZhEqhoը9:av4,Y-k35٦- >5 b)ePtY%QkсZJ;ڦ,`S7P&%֓ŁԵ_Bͱ EP طj0=xBw-fHn6 Q SmW7\* lf$f,  Y6bY R-Bɮ8mQ /ޟvϽ2?0ԘSz!|Hz흳,?< t"osƢ>쥯XG.uuNb/@Em.m#vu>@_|75e+.2!yi.}yz_'Db/~C葝tT3 (9e@* 2M7+JcZFMr9xAi=)wkxhu wLE*H_:Y@2*DoUU! w'1E|IbŭMf÷9#K`0 ̫D]CMK0TUpm|g*Lu ugןkFboSs+Om֥7St@ rE4?U>gaؚMvo\l8"B(&>?Y|]MGuyd}7-yl(R7*x'&LܘHqQc=I\e=T-?Gyݜ}ghrc8!5 #5x^xp%0{ʠ(Rׅ{7 $X(W j1A0ޖOMSҁ񤤈Q=kVAu!Y|hQG9+_ia(V-KR,r0JokpA%,FF>a%͝$GӤ 5+E*Fy:*FRMx=R<ƈoG0PQɅ(@ ;v+M3Ѡ +sSG;yhIuWr.a]IKې(EheވęyBN3 ПLP?vgk3ubsI+FAz WiX 9&~&+o?2 K*Yl=Y&xB0(bX{J3GQ΄Ŷ2|8^ck6Xao zO1U<\׮\McjuXETZ(A+"0@4p|/E+]j~^{: q?Bvh+*uQD:L3 E5[s{Eo`P~W,b 6=a'3LL>J~YDH8' Iҙӑ@٧yWPɥLs9v"?PkEv΁ ,KY0'");Hcnxi.bm7f{ ǦK+pi~wFVω̝Yqfg9ʢ', x,*v]9gC(Ts}^YBT \1%2PjZk*ī0q? AI [i}U@3 x yVޟÕ%~ǗƱu}:áGYo_o,-3G:%3t(Ep]0.I'=$j.p uXvXqMEFӦ!A1o< \YfU} Ep{#7M:g􁼟H^A[V yHZXj+x=(Sb%Ƙoƅ$M[G\~NuU?b"jظb}wibWs}p !0(co nA[FGZKnOKN~a*[*&9zj'͵υ%tXSe@ׅ1 ӎJ2)x@3dt͞J"Zeo}b*%2L> :|K_\M)!QpC;yC@| U=7hNDE_\2dzJFڸh-ؕE; >m6]k̘ NƗE8a{0(\9'oXo+QEe ,S :(KWp>#z%gAw#*]ĝ*j9hJwȑ-[dq3) *2^з3{(̙)`6Ƭf5T1A7avZ:xם$ZmRrwι+C| haMhP.AKe~;Voe*rM,nh=ahh ~V ~[c6}hqOL8BzrcJM:) o giu Atc_lLoo`ߟ#w jE\&u%TNy }IRINB L) HLdmocD[@ qˀjoL/ &|E7$4q'o*rSN?m6vVZ{wm2L&BG~tM^dTI i% Ikn+E1׏ʋعfX< z?'ƹčC-}/Y1Cԅl9 G:_U.(9 rxTFs":\SXS|πD}7x~Us?Nd͓(oX^i↱@O p4MKq+H'|+T5r<8:CLuxĩQ%i<wF/m*@&?zq-­jæ!9.A?n8l?τi}V(ƻQ-V I3rѸql=>› L %ϧḤF\TO(9Iaer VZLJtiЬn hV9pHQuHUjbp]0H Gvh*cA;io] PH\ 8tΛس{wp]a`TN{P>4J4w(SY) dP˚5m#\R7|񨶫^GrZZEfN j6B%Ig1*BHM (%C O B΄cnFsF,O]}/p{V ީ1yS4wpz*,B_ w G Snf^{fO0xz}}$Ⳏ[:^D؟QR^D_:.A_9 `*tn.N5*MS'ֈǃ 0"(^`l<Z/ !JRfB|g?G,Z9byo[t#s7NUWQ7t:Q4jKlHTOu[#zb%Irַq)IPDU8F0/2D77- %*iASḽ8|dhQ15 [pV+p@7px𨻿R8 kZ0:#MYt`33J@@|*(y*,N!<0vmuxJ6[O#8rT5)l֦EV /Wz&#;v}F|!!|2Ɵ6*i߁f]pm]ujk U?;<`EX3Reer{m.{,x7-kYYǰG?.; OK+I_QGAfyd Եb2 Րh/-<A;<9g*rq=DuqDzl8ʂ?zϧ QD)8KxZ=|v>|eviH~bV`@Jeum["j519H5ݾz3"XoiȄw-.V[4ߏ:iU:BqXXSFg匭J\6Nz}=ߒwnvC@_+F Nsqfsjd)<e[r)*r(^ yje,7 vuuOZ>2(! aQ|**S%ϯvi$lo^SԘG&Urq!~)Wb>7[au36WC؄lKؘAQ,\YAsw9q@H3e?\h_Ryw5 Dqy]Ԑ6x 9~%H6{ԥuePX<Oߗf/ƺuЌ ELc.o+:;t;smWܣ@  ݀!"Ծ9jMSt 1Mh2CO}VC4 tu3}Xkug&V{=A(̶Stg:*9AEC܏ @AV0O۸]1[PC$zPOzk qoo6#D7`g>vmEIX?E9G FiV\Z[=WNU%Tyjڥ%49ܨ >.Nf[!q}ra=އ>J @2(S34UeT$gUØ1 7~ yXD]{T?_#v$a 7MQkbE5Ve?o0[6D%6l+yC4$ɸK҄Q 7$U>ck܄QW l!'H. N@}P';Cg>UC86c@ɮ 6swSFj ,t@1Sh[+!* |Q=wXUXl %/GB,AR$`墯DgJ6I{5Y/!Pօk5 N?2~P6LAuM/;X.B3 "(O3 C)Ŷ Ɖc25a˚^YL^lKcyC F>4 6&)s&1mJmDAl6+NZ,&@ lh,Ul-C`7J[V~{FE3fa0? >l(Y.L[+Jv0eGrGD פm/`f1wۏeYJ k`r6CTLY'qM^5!MY KP_z@,xgaͯԏ7k vU(mI Z7L 󂣮hm'vJP-+E.u-!'1=Fr4НTwUuw[V'Nhu+FȬǽ/lg[U· zȵd.Bh81hX*7} ǹa-j 4VЛ&BJ)2~kqثJt {l2W 䘠02 ,.05)iKJxw!孾a@-o ~vۂKӋN%]QLo$>3$ 8X4=1CꛗXӜFc5)l=Ԏ嚛L=uÈU.>o|h-x 뼝ؖ^6s]eVF go\Vr^ƛ~eYS*D]p lp֯T[RBD2IEf~0# r4aP\ԋ笵%}>k_q,20T0.|]2|zd*R(t:Zr!ejlvRy(8#3JvY8 (cp-6 *r uiyhFF`wemSjt 2ϢT ;#M-Lv毜aCoZAI! !2 e"tycf&ěd>ו׎+Roo|Ϯ,>[Ueu)Y!ŎxG.V(KM'$JK%:oEyoתJ[uc`Ԉl~=;W(6-+i*v"m,A*(q#xvd60?M}Nwiܨjiqؙ׉¿._毊0ު;4fkaSʎӠA=&61ou_; gTr<(TcX?iQsJv"Oz OPsWߍ&EO<KB 9r0E+Rat°*\mgʝ54eg5%6#8~=%*oLfpcp ʠ蓇)<"˸Wt[+z#;pU_&,WNQ:Ub: dqB)-Ik8߬qO&yA3VWo9@QzxnmqWZ*4鿢!dq)HK㗀0wY$ĐSDrn?ߎx<3(<Y=lFr[_ M8*g 8t$$k>P*_7 ,jNj%ĥcjQ}ƭꁔ %alK(e1,OmT@0Jy$ZP]+ @h65T/K Y6TlJ[(%-WB*?ZSq(!5m|V%kLf?2-HI=fHBG{G (%27ݤ[9=4ilǧK+}mU0\o7 ]ZЏyYs^$2A &7#ߚg;?D ht?sj斓NotDބb}-IY%xLoJxYK{ab@IemAvxE N6vgU4 Os<ݒo; QRaN)Ad{FͭW|)&ÖTO;_21rϾ._%))/:F^X0tNeú|2c[LR= U i=@$nr(x$.9e?Xpmٸ%odz Ǎye+s< 8WAO'\umYJS;܊z5 ޤJپHNپB͐>^9-14V'ۤd|WC"ȵ}ƻ뻴nGdlYTI0 LnHݮX+LiN&pG> ) עq(Ąɔs?R 3rm:<H ='-DW2:3p۳kR3878AuU~SJ\sJU:ByǍόOgFW̦]ۉFlqgOur"e|౦~HĹr/BL u]}{_6׿WۡWx)c>Nz//=}`9qa7ƛ>47?%3|B\BWU) :[Tx* P60咣8H6ovKqĸ:L|کϨ 9 t< J *!_TШwz=>3$F_Xs/.yjX 0:O?'AKܐHsC(3'sºxZr(k5~SZ!, c֒)̟X MIy)׎bEKhӟF%)]lZ13ˏuT1`6"zP=3 dc<>i+̡R00-%uQ^EƯ" k[&]5EE< ½a nxWvHr6vH}}^w% ẘ~[19#:2j$kimS~5̍W*/_JK/SO'>ͩ^U{?A&qT՘% rU||:\IjHN]+qz~#+؆rwuhw ^i(pE6si9=ME ^w3OAy~NQsuo+w# G9ˬ YZ