í«îÛ    bouncycastle-pg-1.64-lp152.2.3.1                                                    Ž­è         <   >     ,     è            ê          ì          Jü‰ `Öu¸‹/Ô=½Â„œ˜ €»Õ
“]”Ò‹©¯
Uÿ\ÀRFWÑ‚³8?N˜OÈo§wL¼ØÖ°{C¨gãXŠ™@z&xƒ…¦³äØç´üøbß[›È«i¾ðîcÉ¯ãÖü`I$êUqÂVaÛ'`V”–^C± LÅWMˆç3™\L%í…œ¾‚‘¹al%b'ž™ôÈ)ø7	jE˜h$—(£Uõ¦ª4K ¿%-uê×Cgi†b(WU$š¥™Ž$¼ûdÍÔ|å%èÔWfŒi‘ÏÖqÿOŸúC7qU"…Qô¾Á‡1Öå\½Ý	U€·Zû«‚íE—²’¼à´
{fÇõ]©ëÉ0¤j¥:…NË9 ©bÎ   >   ÿÿÿÀ       Ž­è       >  =0   ?     =       d            è           é           ê           ì   	   #     í   	   =     î     4     ï     8     ñ     D     ò     H     ó     [     ö     d     ÷     w     ø   	       ü     «     ý     È     þ     Î          Ø          ì     	     ö     
                                               4          M          f          Œ                     Œ          ¨          >     (     a     8     h     9     ¬     :     }     F     8Ñ     G     8è     H     8ü     I     9     X     9     Y     94     \     9d     ]     9x     ^     9½     b     ::     c     :ã     d     ;y     e     ;~     f     ;     l     ;ƒ     u     ;˜     v     ;¬     w     <x     x     <Œ     y     <      z     <À     “     <Ð     Æ     <Ô     ä     <Ú     å     =   C bouncycastle-pg 1.64 lp152.2.3.1 Bouncy Castle OpenPGP API The Bouncy Castle Java API for handling the OpenPGP protocol. This jar
contains the OpenPGP API for JDK 1.5 to JDK 1.8. The APIs can be used in
conjunction with a JCE/JCA provider such as the one provided with the
Bouncy Castle Cryptography APIs. `Öucloud114     [openSUSE Leap 15.2 openSUSE MIT AND Apache-2.0 http://bugs.opensuse.org Development/Libraries/Java https://www.bouncycastle.org linux noarch     ìB      –  Ù  	ª¤Aí¤¤¤          `Ö>`ÖG`ÖÏ`Ö>]¢Ü0856aae2b830e13e45ccd08354835eb8ed723f84054c29176c1c9651f756b012  6bf0c9181a98f1de795ff462241aa69a635ddff624fbefab3300bf03f5a6b88a 206f11684065703f57e6ca539cd71e148462b4448498fad1d8ab53fe49666748 b91300f84f882b5dd53efe50c998218c6d02a0bf46bb67eda31cecdaae625a1a                   €        root root root root root root root root root root bouncycastle-1.64-lp152.2.3.1.src.rpm ÿÿÿÿ    ÿÿÿÿÿÿÿÿÿÿÿÿbouncycastle-pg mvn(org.bouncycastle:bcpg-jdk15) mvn(org.bouncycastle:bcpg-jdk15:pom:) mvn(org.bouncycastle:bcpg-jdk15on) mvn(org.bouncycastle:bcpg-jdk15on:pom:) mvn(org.bouncycastle:bcpg-jdk16) mvn(org.bouncycastle:bcpg-jdk16:pom:)         @   @   
  
  
  
bouncycastle java-headless javapackages-filesystem rpmlib(CompressedFileNames) rpmlib(FileDigests) rpmlib(PayloadFilesHavePrefix) rpmlib(PayloadIsXz) 1.64   3.0.4-1 4.6.0-1 4.0-1 5.2-1 4.14.1 `§ À]ÂµÀ]¡À@]Ÿ@]Ÿ@]Š@[P}@[d@ZúËÀY»ÀÀY±4ÀYÞ@VÈU@V*!@U	hÀTç!ÀTÙòÀPedro Monreal <pmonreal@suse.com> Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com> Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com> Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com> Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com> Fridrich Strba <fstrba@suse.com> tchvatal@suse.com abergmann@suse.com fstrba@suse.com fstrba@suse.com fstrba@suse.com pcervinka@suse.com tchvatal@suse.com tchvatal@suse.com tchvatal@suse.com tchvatal@suse.com tchvatal@suse.com - Security fix: [bsc#1186328, CVE-2020-15522]
  * Fixes a timing issue within the EC math library
  * Blind the inversion when normalizing
- Add bouncycastle-CVE-2020-15522.patch - Fix arch dependent macros in noarch package [bsc#1109539] - Update pom files with those from Maven repository. - Version update to 1.64 [bsc#1153385, CVE-2019-17359]
  [bsc#1096291, CVE-2018-1000180][bsc#1100694, CVE-2018-1000613]
  * Security Advisory:
  - CVE-2019-17359: A change to the ASN.1 parser in 1.63 introduced
    a regression that can cause an OutOfMemoryError to occur on
    parsing ASN.1 data.
  * Defects Fixed:
  - OpenSSH: Fixed padding in generated Ed25519 private keys.
  - GOST3410-2012-512 now uses the GOST3411-2012-256 as its KDF digest.
  - Validation of headers in PemReader now looks for tailing dashes in header.
  - Some compatibility issues around the signature encryption algorithm
    field in CMS SignedData and the GOST algorithms have been addressed.
  * Additional Features and Functionality:
  - PKCS12 key stores containing only certificates can now be created
    without the need to provide passwords.
  - BCJSSE: Initial support for AlgorithmConstraints; protocol versions
    and cipher suites.
  - BCJSSE: Initial support for 'jdk.tls.disabledAlgorithms'; protocol
    versions and cipher suites.
  - BCJSSE: Add SecurityManager check to access session context.
  - BCJSSE: Improved SunJSSE compatibility of the NULL_SESSION.
  - BCJSSE: SSLContext algorithms updated for SunJSSE compatibility
    (default enabled protocols).
  - The digest functions Haraka-256 and Haraka-512 have been added to
    the provider and the light-weight API
  - XMSS/XMSS^MT key management now allows for allocating subsets of the
    private key space using the extraKeyShard() method. Use of
    StateAwareSignature is now deprecated.
  - Support for Java 11's NamedParameterSpec class has been added
    (using reflection) to the EC and EdEC KeyPairGenerator implementations. - Version update to 1.63
  * Defects Fixed:
  - The ASN.1 parser would throw a large object exception for some objects
    which could be safely parsed.
  - GOST3412-2015 CTR mode was unusable at the JCE level.
  - The DSTU MACs were failing to reset fully on doFinal().
  - The DSTU MACs would throw an exception if the key was a multiple of the
    size as the MAC's underlying buffer size.
  - EdEC and QTESLA were not previously usable with the post Java 9 module structure.
  - ECNR was not correctly bounds checking the input and could produce invalid signatures.
  - ASN.1: Enforce no leading zeroes in OID branches (longer than 1 character).
  - TLS: Fix X448 support in JcaTlsCrypto.
  - Fixed field reduction for secp128r1 custom curve.
  - Fixed unsigned multiplications in X448 field squaring.
  - Some issues over subset Name Constraint validation in the CertPath analyser
  - TimeStampResponse.getEncoded() could throw an exception if the TimeStampToken was null.
  - Unnecessary memory usage in the ARGON2 implementation has been removed.
  - Param-Z in the GOST-28147 algorithm was not resolving correctly.
  - It is now possible to specify different S-Box parameters for the GOST 28147-89 MAC.
  * Additional Features and Functionality:
  - QTESLA is now updated with the round 2 changes. Note: the security catergories,
    and in some cases key generation and signatures, have changed. The round 1 version is
    now moved to org.bouncycastle.pqc.crypto.qteslarnd1, this package will be deleted in
    1.64. Please keep in mind that QTESLA may continue to evolve.
  - Support has been added for generating Ed25519/Ed448 signed certificates.
  - A method for recovering the message/digest value from an ECNR signature has been added.
  - Support for the ZUC-128 and ZUC-256 ciphers and MACs has been added to the provider
    and the lightweight API.
  - Support has been added for ChaCha20-Poly1305 AEAD mode from RFC 7539.
  - Improved performance for multiple ECDSA verifications using same public key.
  - Support for PBKDF2withHmacSM3 has been added to the BC provider.
  - The S/MIME API has been fixed to avoid unnecessary delays due to DNS resolution of a
    hosts name in internal MimeMessage preparation.
  - The valid path for EST services has been updated to cope with the characters used in
    the Aruba clearpass EST implementation.
- Version update to 1.62
  * Defects Fixed:
  - DTLS: Fixed infinite loop on IO exceptions.
  - DTLS: Retransmission timers now properly apply to flights monolithically.
  - BCJSSE: setEnabledCipherSuites ignores unsupported cipher suites.
  - BCJSSE: SSLSocket implementations store passed-in 'host' before connecting.
  - BCJSSE: Handle SSLEngine closure prior to handshake.
  - BCJSSE: Provider now configurable using security config under Java 11 and later.
  - EdDSA verifiers now reject overly long signatures.
  - XMSS/XMSS^MT OIDs now using the values defined in RFC 8391.
  - XMSS/XMSS^MT keys now encoded with OID at start.
  - An error causing valid paths to be rejected due to DN based name constraints
    has been fixed in the CertPath API.
  - Name constraint resolution now includes special handling of serial numbers.
  - Cipher implementations now handle ByteBuffer usage where the ByteBuffer has
    no backing array.
  - CertificateFactory now enforces presence of PEM headers when required.
  - A performance issue with RSA key pair generation that was introduced in 1.61
    has been mostly eliminated.
  * Additional Features and Functionality:
  - Builders for X509 certificates and CRLs now support replace and remove extension methods.
  - DTLS: Added server-side support for HelloVerifyRequest.
  - DTLS: Added support for an overall handshake timeout.
  - DTLS: Added support for the heartbeat extension (RFC 6520).
  - DTLS: Improve record seq. behaviour in HelloVerifyRequest scenarios.
  - TLS: BasicTlsPSKIdentity now reusable (returns cloned array from getPSK).
  - BCJSSE: Improved ALPN support, including selectors from Java 9.
  - Lightweight RSADigestSigner now support use of NullDigest.
  - SM2Engine now supports C1C3C2 mode.
  - SHA256withSM2 now added to provider.
  - BCJSSE: Added support for ALPN selectors (including in BC extension API for earlier JDKs).
  - BCJSSE: Support 'SSL' algorithm for SSLContext (alias for 'TLS').
  - The BLAKE2xs XOF has been added to the lightweight API.
  - Utility classes added to support journaling of SecureRandom and algorithms to allow
    persistance and later resumption.
  - PGP SexprParser now handles some unprotected key types.
  - NONEwithRSA support added to lightweight RSADigestSigner.
  - Support for the Ethereum flavor of IES has been added to the lightweight API.
- Version update to 1.61
  * Defects Fixed:
  - Use of EC named curves could be lost if keys were constructed.
    via a key factory and algorithm parameters.
  - RFC3211WrapEngine would not properly handle messages longer than 127 bytes.
  - The JCE implementations for RFC3211 would not return null AlgorithmParameters.
  - TLS: Don't check CCS status for hello_request.
  - TLS: Tolerate unrecognized hash algorithms.
  - TLS: Tolerate unrecognized SNI types.
  - Incompatibility issue in ECIES-KEM encryption in cofactor fixed.
  - Issue with XMSS/XMSSMT private key loading which could result in invalid signatures fixed.
  - StateAwareSignature.isSigningCapable() now returns false when the
    key has reached it's maximum number of signatures.
  - The McEliece KeyPairGenerator was failing to initialize the underlying
    class if a SecureRandom was explicitly passed.
  - The McEliece cipher would sometimes report the wrong value on a call
    to Cipher.getOutputSize(int).
  - CSHAKEDigest.leftEncode() was using the wrong endianness for multi byte values.
  - Some ciphers, such as CAST6, were missing AlgorithmParameters implementations.
  - An issue with the default "m" parameter for 1024 bit Diffie-Hellman keys which
    could result in an exception on key pair generation has been fixed.
  - The SPHINCS256 implementation is now more tolerant of parameters wrapped with a
    SecureRandom and will not throw an exception if it receives one.
  - A regression in PGPUtil.writeFileToLiteralData() which could cause corrupted
    literal data has been fixed.
  - Several parsing issues related to the processing of CMP PKIPublicationInfo.
  - The ECGOST curves for id-tc26-gost-3410-12-256-paramSetA and
    id-tc26-gost-3410-12-512-paramSetC had incorrect co-factors.
  * Additional Features and Functionality:
  - The qTESLA signature algorithm has been added to PQC light-weight API and the PQC provider.
  - The password hashing function, Argon2 has been added to the lightweight API.
  - BCJSSE: Added support for endpoint ID validation (HTTPS, LDAP, LDAPS).
  - BCJSSE: Added support for 'useCipherSuitesOrder' parameter.
  - BCJSSE: Added support for ALPN.
  - BCJSSE: Various changes for improved compatibility with SunJSSE.
  - BCJSSE: Provide default extended key/trust managers.
  - TLS: Added support for TLS 1.2 features from RFC 8446.
  - TLS: Removed support for EC point compression.
  - TLS: Removed support for record compression.
  - TLS: Updated to RFC 7627 from draft-ietf-tls-session-hash-04.
  - TLS: Improved certificate sig. alg. checks.
  - TLS: Finalised support for RFC 8442 cipher suites.
  - Support has been added to the main Provider for the Ed25519 and Ed448 signature algorithms.
  - Support has been added to the main Provider for the X25519 and X448 key agreement algorithms.
  - Utility classes have been added for handling OpenSSH keys.
  - Support for processing messages built using GPG and Curve25519 has been added to the OpenPGP API.
  - The provider now recognises the standard SM3 OID.
  - A new API for directly parsing and creating S/MIME documents has been added to the PKIX API.
  - SM2 in public key cipher mode has been added to the provider API.
  - The BCFKSLoadStoreParameter has been extended to allow the use of certificates and digital
    signatures for verifying the integrity of BCFKS key stores. - Package also the bcpkix bcpg bcmail bctls artifacts in separate
  sub-packages
- Revert to building with source/target 6, since it is still
  possible
- Added patch:
  * bouncycastle-javadoc.patch
    + fix javadoc build - Version update to 1.60 bsc#1100694:
  * CVE-2018-1000613 Use of Externally-ControlledInput to Select Classes or Code
  * CVE-2018-1000180: issue around primality tests for RSA key pair generation
    if done using only the low-level API [bsc#1096291]
  * Release notes:
    http://www.bouncycastle.org/releasenotes.html - Version update to 1.59:
  * CVE-2017-13098: Fix against Bleichenbacher oracle when not
    using the lightweight APIs (boo#1072697).
  * CVE-2016-1000338: Fix DSA ASN.1 validation during encoding of
    signature on verification (boo#1095722).
  * CVE-2016-1000339: Fix AESEngine key information leak via lookup
    table accesses (boo#1095853).
  * CVE-2016-1000340: Fix carry propagation bugs in the
    implementation of squaring for several raw math classes
    (boo#1095854).
  * CVE-2016-1000341: Fix DSA signature generation vulnerability to
    timing attack (boo#1095852).
  * CVE-2016-1000342: Fix ECDSA ASN.1 validation during encoding of
    signature on verification (boo#1095850).
  * CVE-2016-1000343: Fix week default settings for private DSA key
    pair generation (boo#1095849).
  * CVE-2016-1000344: Remove DHIES from the provider to disable the
    unsafe usage of ECB mode (boo#1096026).
  * CVE-2016-1000345: Fix DHIES/ECIES CBC mode padding oracle
    attack (boo#1096025).
  * CVE-2016-1000346: Fix other party DH public key validation
    (boo#1096024).
  * CVE-2016-1000352: Remove ECIES from the provider to disable the
    unsafe usage of ECB mode (boo#1096022).
  * Release notes:
    http://www.bouncycastle.org/releasenotes.html
- Removed patch:
  * ambiguous-reseed.patch - Build with source and target 8 to prepare for a possible removal
  of 1.6 compatibility - Version update to 1.58
- Added patch:
  * ambiguous-reseed.patch
    + Upstream fix for an ambiguous overload - Set java source and target to 1.6 to allow building with jdk9 - New build dependency: javapackages-local
- Fixed requires
- Spec file cleaned - Version update to 1.54:
  * No obvious changelog to be found
  * Fixes bnc#967521 CVE-2015-7575 - Version update to 1.53 (latest upstream)
  * No obvious changelog
  * Fixes bnc#951727 CVE-2015-7940 - Fix build with new javapackages-tools - Disable tests on obs as they hang - Version bump to 1.50 to match Fedora
- Cleanup with spec-cleaner cloud114 1624644981                                               €  €  €  €  €  €1.64-lp152.2.3.1 1.64 1.64 1.64 1.64 1.64 1.64                  bcpg.jar bouncycastle-pg LICENSE.html bouncycastle-bcpg.xml bcpg.pom /usr/share/java/ /usr/share/licenses/ /usr/share/licenses/bouncycastle-pg/ /usr/share/maven-metadata/ /usr/share/maven-poms/ -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -g obs://build.opensuse.org/openSUSE:Maintenance:16608/openSUSE_Leap_15.2_Update/fdc372b7038dd3a0ca59a20ee3d05951-bouncycastle.openSUSE_Leap_15.2_Update drpm xz 5 noarch-suse-linux                    gzip ERROR: Stdin has more than one entry--rest ignored (Zip archive data, at least v1.0 to extract Java archive data (JAR)) directory HTML document, ASCII text ASCII text XML 1.0 document, ASCII text                                           P  P  P  P  P  P  R  R  ŠÔñ.õb¼Õ‰°-=y‡×s   utf-8 ab1fbd50fd320ee854af582331196044b3ba3c31c93b6cd0b9ddd9ffa6657e26        ?   ÿÿü    ý7zXZ  
áû¡ !   t/å£àî	ƒ] "ÌkÀ%‡ïšÁÝ¥$€7_—\qÎñ:pû—A ]§äÕOÚÍÁ®å¾ŠÝÒG`Dù$»k'A#:“Þ”±íÎü­ÂÇš}hûäD°œÒ˜ÇoÒƒÜ­0)e{ÐW÷˜]ø—†*öZ1q`§lc³úÊ|”VRƒv<Ÿ^iêÐ‘ç/5>|‘®…êwˆ/Å‘Ò‚û(‰6d›A¥LL"1çrwýSbÓ+¦‡³îéâ­¤Ëu·YÞD+@hÊG™¹§gm†Cz¼b<ä/Æ@"‡´hv© ¥MP„º:3þ&×‘ùO@
Õ³ò²¦—iî„Ñ\ŽD°!4Ø#’µ¨Õgo^g¾Ãr}^|±¡)$;3Òë ›Bš1¡Ò+3¯êÂÿíÅ†˜PýF[6°ümE¤gQŠjñ=-l›w\BÁôú‚Ï¢'Ö s&óJ³Tut‡‘Œ]ë'!åuž'È Ö£Y7·§r’‡¥µÅ=¢Où§Ëo¡{I2MZx´.þ-æC:»ÅÎ`Ä‡©“»C“é»ÖÞÚý<pÆ×Ùä<8|%;aUgl„:½©a#¿žI–fO7Ë‹D£€¡'¨`ú¢ŠAb9{÷€FÀ38
ô0 P+`~dÁË¹†D÷Ä×>Øa»´´—ŸQý©œÈb|¨Ha²ÊP·%Ópßí‹ÐÔŠO^=Éc@]¤ãûÛÐF?ô$T“AîœBî¸³£äS‰&E‡'ŒPûívÐq5ïÓökœDÉfÙN1µ0f„uik S¡EÓ"NpÑ#ie°Ä1	~¢oØÓœe]efÅ Ûâ£‘ák(ªX¡Æ&™,ÑY–ž0VƒdZÀK"[u=‰	¾(½ÚÚ‡KŸˆq×0ÁeŠvÈÿ²túlåVxa•¦ü·Bj²Ñ˜B+dîÒ·h¨%Q–¸#	@ñ»Rëy+M«Ý]ÄàÐEA‚ X« BÒÚ„™„å(‰$fe<fæ¤œ²=@õ~ÓÑg¡e²1Õ—d§ÀdèÞä±0¡m“íÕäXjP5ûCæØž2' ¾ÍàBŒˆ¢ÒÁ»}F—…ÑÇ!Ñ0P‚õÞ¤°„æ63\šç·ƒ¬ô[
K«˜å´ÀHr"Äi/ØõpÁ
òk]µÊ=q5)­*øú]½·" •Ê•`Ð£œ„ VÕ.Ó®5øþJ»‡ŸÅðÄ¸=¬{9-æìøçLLöÌã
¶¼ï"ÀÒts’Î| ÙÅ“v`	µÖùp¼*ØŸ^ucØB<V&šçx—”)7ŒîÒ"Û®WÔ
xr¨¬UA*B7z™/’ºílë¢üz0€2¯…ìÌ_½÷ñõºù;QB“*™gÿ=„ñìÓ^ÞìŠ¸ŽüIyRd¡ÿ.[qL¦²ž¨ÄCÍraØÔK·Pis%WtºIDÀƒ÷,Ž#kn6¤!P{rOžÔ¤‘ðnÆ­VIÁõ„ê‚F?ì¢M‚zY¶w ar,a
…zñÙ¤»SëÚ5Áš<Ó|î}?ðlÏYÚ…ôÑS¹—]3Å¼vé!g¦ ¦žúžÜ´Ø}8ÿ-Ø˜¥U”Ìî*fOKuÒ™¸—lV†îrWiÙÝÔÛžý…˜Æ£Ø÷kÔånÌžìª…(;@t;È“ÄT9<…ú…s@pÌ¯b[æÅéóÖDvJ‘²6±Š´Ý²Ûò˜Ð]7zæ~9¾GÌ9Ú«—cÊ¦ÐfëH5º%h/b1WUËä->5wÒ£Ë:€ZfÄÒku8ujqfeZ„érIÌ°h¬A&F #\šŸ–0¸p‡E@lY2ÀÚ¦lÿ…QÔ•¶¾1ÒäœjïÂ.”©ÉÕÇ\žâwI¶÷mß¿Ÿ]<_Åa·2zè e_âr}°Ž/Ó%ç|ôg¨ƒûÅ‘D3)•‡Ä©ý< xm&C[.ü¸›<z#ïaç’ µÑ\Åa1ÆµVò˜<uìžf7ÃÖ¸±: ˆˆ{çm`$¡n<+c†”3·£Cò·3^áÌ·G+G°¯¾eƒ™#{F`Y$dwx5)ª€i« tCÏ§{Ôg¶þ!O…G^a®unÅþt’¯ä»s!á§ rÚQkyu§IYvÑT]‚‘à?oÛAÍæ¹"QÇ†Ž"«šy(%1‚ñ¬›Ì‡±g³žûg…âd;“Z‚+‹/ûxÆ°ÃJsB÷4#È.ê\(•C6öOJÙ·js¡™G#ß¹€Íú­ƒªMºôB#J#ôc.]$BÿÚÄ¹nˆ^ÝŽ^WÑA"ÿë±È¶ªÅ|SÔ_µµê½ÄðS&g›©PqüyG´šÔ¦®=6u·§® óÉ<Ðgg2îOÛÑ`¥hu¾hwÉÏÜA$ö7e:•‰îZbW`ÕY”,æÏ¯(RXZƒ3ÓQIRÊñ>L]`š™$ÓÔ‡ÿd9ÚLHšhë¤Ñ®ö…ß‹þ“¼:Ü–ÏÃ6ÜüÇ‰&ùáw@a{(cˆZ‘v¯l\Ô‚›À8VÿrÛdamó9þn©tÊÎmÙ+Ø¦(T¾nÞéÛÌ¸É höR=ƒ~éRkv°ôºø;Ópb±@opt• S0A¥¬â]áõÒÖ
jÇµìåo²VùÅL%?-Ž”ÈP0]¶7,¸ò¬ñ¢{2gëT|P…Zº—½}[GÔk3ÓeÀ³ÂÆkâRsv2"Uie¸ü¤çó©ÎšÐ/“riº9@î‡çPÑñŠ	tìçƒpø„2Þ'ÊŒjLÛÛÓ:Ç=þi¸È¯Í»oUh3Ö´óÌ»á¶ç<³lJ–!!““¢4“\¨l™––A­ñŸRf£à¼åÝ2™u›ÌÌŸws¥e_àE>näS=p
»yñÃ0(™Û5!ª, Ãò„â2ï+õÝ/1ôJ·ÏŽÐOU¼Ì:.ApXÓo=ÓkºNjÔÇ_Šœ&+ºúÁM|"ê„XÞöÍÛÑ.û|k¶‰øµ “Ï«E †Ôlxu›––àÌÜÝeªú¶GK$^Ð\8‡?ƒ‡3YéCÈ’–ôº½JuÐ”ÃÍ`äùxùyî9˜ð‰p­“²Î©8   Ûû*å‰=Õ9ü›7]¸ƒõîHÏJGá¢‡Úý~x6_–× ·ï9  3•|F¶éß    
YZ