polkit-0.116-lp152.2.3.1<>,k@`A/=„~wnyn[j=;16ޟ 8 FL ]$|EN?À9Ű`]8*iػ]N;Cy:s]<͎Xb(U`Nb/=qDk.>>wt;cr4 Q7ꥺPҼVd@A♍[<  W|m=v+˱Qٱ>V㐾uWv7JuJj%_BCZh`l^)N7@>KK?Kd   = '8iov^  .. . 8. . . ..p.Vx.0X''!'(!7!8"9":$=7>7?7@7C7F7G7.H8.I9L.X9Y9\9.]:.^<#b@Qc@dAeAfAlAuA.vB`wH.xI.yJ@BzKHKXK\KdKhKlKrKCpolkit0.116lp152.2.3.1PolicyKit Authorization FrameworkPolicyKit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes.`Agoat11QopenSUSE Leap 15.2openSUSELGPL-2.1-or-laterhttp://bugs.opensuse.orgSystem/Librarieshttp://www.freedesktop.org/wiki/Software/polkit/linuxx86_64getent group polkitd > /dev/null || groupadd -r polkitd getent passwd polkitd > /dev/null || useradd -r -g polkitd -d /var/lib/polkit -s /sbin/nologin -c "User for polkitd" polkitd if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : for service in polkit.service ; do sysv_service=${service%.*} if [ ! -e /usr/lib/systemd/system/$service ] && [ ! -e /etc/init.d/$sysv_service ]; then mkdir -p /run/systemd/rpm/needs-preset touch /run/systemd/rpm/needs-preset/$service elif [ -e /etc/init.d/$sysv_service ] && [ ! -e /var/lib/systemd/migrated/$sysv_service ]; then /usr/sbin/systemd-sysv-convert --save $sysv_service || : mkdir -p /run/systemd/rpm/needs-sysv-convert touch /run/systemd/rpm/needs-sysv-convert/$service fi done fi exit 0 if [ -x /usr/bin/chkstat ]; then /usr/bin/chkstat -n --set --system /usr/bin/pkexec fi if [ -x /usr/bin/chkstat ]; then /usr/bin/chkstat -n --set --system /usr/lib/polkit-1/polkit-agent-helper-1 fi if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$YAST_IS_RUNNING" != "instsys" ]; then /usr/bin/systemctl daemon-reload || : fi for service in polkit.service ; do sysv_service=${service%.*} if [ -e /run/systemd/rpm/needs-preset/$service ]; then /usr/bin/systemctl preset $service || : rm "/run/systemd/rpm/needs-preset/$service" || : elif [ -e /run/systemd/rpm/needs-sysv-convert/$service ]; then /usr/sbin/systemd-sysv-convert --apply $sysv_service || : rm "/run/systemd/rpm/needs-sysv-convert/$service" || : touch /var/lib/systemd/migrated/$sysv_service || : fi done fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -eq 0 -a -x /usr/bin/systemctl ]; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable polkit.service || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_STOP_ON_REMOVAL" && . /etc/sysconfig/services test "$DISABLE_STOP_ON_REMOVAL" = yes -o \ "$DISABLE_STOP_ON_REMOVAL" = 1 && exit 0 /usr/bin/systemctl stop polkit.service ) || : fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ $1 -eq 0 ]; then # Package removal for service in polkit.service ; do sysv_service="${service%.*}" rm "/var/lib/systemd/migrated/$sysv_service" || : done fi if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi if [ "$FIRST_ARG" -ge 1 ]; then # Package upgrade, not uninstall if [ -x /usr/bin/systemctl ]; then ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services test "$DISABLE_RESTART_ON_UPDATE" = yes -o \ "$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0 /usr/bin/systemctl try-restart polkit.service ) || : fi fi~A9Zh0:08@c+)VJihP BAA큤AAA큤AA큤A큤AA큤AA`=`=`=`=`=`=`=`>`>`>`>`>`>`>`=`=`=`=`>Z.`=`=`=`=`=`=`=`=`=`=`=`>`>`>`>`=`=`=`=`=`=`=`=`=`=`>28067ad27702251ba38d9794738cb81e18ce2151d26b3d103a33b4107c2f9877af4292db23ff017727a86c35067121354c63911f32caa09e0b9e42d6b4252133aea3041de2c15db8683620de8533206e50241c309eb27893605d5ead17e5e75f17290b9901ac2467da63d8a0e817565c5a5461d41bf19f9f67477f252e7b762fb07521cecd95e9438f0bc9ae62e4e9888c1b7b8f7c618c9e7c2b94068e6b89961cf0a5def8c356ed25c302dc3de7753efd77128adc003d248a3ccc595d1187f1a3fcb147a6037585df371f536fc66ef2e21bceff7b8e9d7628ae78ed0083c517fc75c32af37ac6a9fac94cf8c9a4eddb210717d86e8919d9c44a076ccdc758c688f225975db0e268869fddc772c7e05e31ea8d60f6c9f042951aa6fdb72a2d7b6dac9df426bbaec2bd79b1e71ad2a30d01e40c0c6e1c0d94150f762c7890b8ffbaed12288339ed4b1df90f017beb8af07b56eba1b2edc4a60914880c13617af1d2e2aa973e29c75e1b492e67ea7b7da9de2d501d49a934657971fd74f9a0b0a8561b4b59f36d6e34af024d07ef8a80457559736138ec9e9e4d14f8e926c17512725f7541bf0703006687192fa4eab464b4e91797794e0fec5e705d2c66808a1a1d862c3977460da9e096a5267d4989d977f9e4eeff7781639b80a138fcb7ddbb86a99df215a09ec829e81f8b6d99e8d88950630a3fb319cf837c3d0506b17ba6a632e2e392c367b48cbc844b0ed41cc2287126dbac51fb7d1a64f40211ca0589c888d46402d2bf113d5859a57569c53ab68a179bc2fc084b36c13fb45020eecd73c95abb890de9cb72fbee8947befb6f489bac6f50dd7325a553b1c3cfda9e0c77ec4e0353f78877f22fa4575ae21fe371584a041b3e0f3b3c96042e030352e82735b902d88a25d4a74135d82696c544658237ecc659cd90560b88103eab1393d5c9b88e431a17804f869b4320fd642bd6c40230c4085c0b6949820a20e9a3c7dfdb5e050f3a7140479dfe7636813c4fd071b20d5034e8c7a83ed65e4fb1977ac6d17b84ef6c4a9e966850ec833c4bfc17e15da6131723f22fc0d38902082503a21c5947e9731f3558bbb979b7bfb65422961ef2b6108ad6177f29c6e8deb62899a0a2a2e36dca2a54c89ea06d695156b518e02b52883e93b70ba63e3768298a19529a141086b5d46de37fc95895360c379d49563d5b513323e73f0f5750436a885304c3e892e3e6e167676ecc691c6736c7116bd1157a1201495e0556f31381669a20fdc713af31cedf7272d21db31b5aa85423df8a845e4b7c8034ad697d4076a8600153d9159a0c37901560f168f01b5cac61e19dac08186a5f5e5238c1f816f452baa3077f54a5b66861913d097eb2b094e3da19f8af2426f951b4c22701d3fbc5b432d9fdf0de1499e9b29504f8f6e9d313b519d64c43af35a906bddfe09035f887c526aacec04bc44b5376dabf82c4a0f6c955ea3650eb4c416b3d7a66c3bef7b57d54d7c9cdf02ccacd53a5d630d1ffa76114cfe0bbc5889fdad5dd6drootrootrootrootrootpolkitdrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootpolkitdrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootpolkit-0.116-lp152.2.3.1.src.rpmconfig(polkit)polkitpolkit(x86-64) !@@@@@@@@@@@@@@@@@@@@@@@@@    /bin/sh/bin/sh/bin/sh/bin/sh/bin/shconfig(polkit)dbus-1libc.so.6()(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libexpat.so.1()(64bit)libgcc_s.so.1()(64bit)libgcc_s.so.1(GCC_3.0)(64bit)libgio-2.0.so.0()(64bit)libglib-2.0.so.0()(64bit)libgobject-2.0.so.0()(64bit)libmozjs-60.so()(64bit)libmozjs-60.so(js)(64bit)libpam.so.0()(64bit)libpam.so.0(LIBPAM_1.0)(64bit)libpolkit-agent-1.so.0()(64bit)libpolkit-gobject-1.so.0()(64bit)libpolkit0libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2.5)(64bit)libstdc++.so.6()(64bit)libstdc++.so.6(CXXABI_1.3)(64bit)libstdc++.so.6(CXXABI_1.3.9)(64bit)libstdc++.so.6(GLIBCXX_3.4)(64bit)libsystemd.so.0()(64bit)libsystemd.so.0(LIBSYSTEMD_209)(64bit)libsystemd.so.0(LIBSYSTEMD_213)(64bit)permissionsrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)shadow0.116-lp152.2.3.10.116-lp152.2.3.13.0.4-14.6.0-14.0-15.2-14.14.1 /usr/bin/chkstat -n --warn --system -e /usr/bin/pkexec 1>&2 /usr/bin/chkstat -n --warn --system -e /usr/lib/polkit-1/polkit-agent-helper-1 1>&2`]@]z@\t@\g\\@[v[E@ZUZ@ZY@Y?WXWV@VV@UL@T@T@Marcus Meissner Bjørn Lie Marcus Meissner Bjørn Lie Dominique Leuenberger mvetter@suse.commeissner@suse.combjorn.lie@gmail.commeissner@suse.combjorn.lie@gmail.comschwab@suse.dedimstar@opensuse.orgdimstar@opensuse.orglnussel@suse.defbui@suse.comfbui@suse.commeissner@suse.comantoine.belvire@laposte.nettchvatal@suse.commeissner@suse.com- CVE-2021-3560: fixed a local privilege escalation using polkit_system_bus_name_get_creds_sync() (bsc#1186497) CVE-2021-3560.patch- Fix usage of libexecdir instead of prefix/lib where applicable.- polkit-keyinit.patch: add pam_keyinit to the polkit configuration (bsc#1144053)- Update to version 0.116: + Leaking zombie child processes. + Possible resource leak found by static analyzer. + Output messages tuneup. + Sanity fixes. + pkttyagent tty echo disabled on SIGINT. + HACKING: add link to Code of Conduct. + polkitbackend: comment typos fix. + configure.ac: fix detection of systemd with cgroups v2. + CVE-2018-19788 High UIDs overflow fix. + CVE-2019-6133 Slowfork vulnerability fix. + Allow unset process-uid. + Port the JS authority to mozjs-60. + Use JS_EncodeStringToUTF8. + Updated translations. - Replace pkgconfig(mozjs-52) with pkgconfig(mozjs-60) BuildRequires following upstreams changes. - Drop patches fixed upstream: + polkit-fix-possible-resource-leak.patch + polkit-fix-leaking-zombie-child-processes.patch + polkit-CVE-2018-19788.patch - Refresh patches with quilt.- Use systemd_ordering instead of systemd_requires: strictly speaking, polkit does not require systemd to be present. Just that when we install on a system with systemd (e.g outside containers) we would want systemd to be present before installing polkit. Help also reduce a cycle without special hacks in systemd.spec.- bsc#1130588: Require shadow instead of old pwdutils - User proper Requires(pre)/Requires(post) for permissions and shadow- polkit-CVE-2018-19788.patch: Fixed handling of UIDs over MAX_UINT (bsc#1118277 CVE-2018-19788)- Add polkit-fix-possible-resource-leak.patch: Fix possible resource leak found by static analyzer. - Add polkit-fix-leaking-zombie-child-processes.patch: polkitd: fix zombie not reaped when js spawned process timed out (fdo#106021).- Update to version 0.115: - Fix CVE-2018-1116: Trusting client-supplied UID (bsc#1099031) - jsauthority: pass "%s" format string to remaining report function (obsoletes polkit-jsauthority-pass-format-string.patch)- Update to version 0.114: + Port to mozjs 52, the latest version of the firefox JavaScript engine. + Add gettext support for policy files. + Fixes for various memory leaks. + Updated translations. - Update keyring with Ray Strode public key. - Drop with_systemd define and all conditionals and polkit-no-systemd.patch and ConsoleKit BuildRequires, we only support systemd now. - Drop upstream fixed polkit-itstools.patch. - Rebase pkexec.patch with quilt. - Add gcc-c++ and pkgconfig(mozjs-52) BuildRequires: New dependencies. - Drop conditional pkgconfig(mozjs-17.0) and pkgconfig(mozjs185): no longer supported. - Drop autoconf and automake BuildRequires: They are implicit via libtool BuildRequires. - Replace glib2-devel and gobject-introspection-devel with their pkgconfig counterparts: pkgconfig(gio-unix-2.0), pkgconfig(gmodule-2.0) and pkgconfig(gobject-introspection-1.0). - Add polkit-jsauthority-pass-format-string.patch: jsauthority: pass "%s" format string to remaining report function, patch from upstream git, adding missed commit (bgo#105865). - Drop polkit-revert-session-magic.patch: Upstream systemd bug is since a long time fixed (gh#systemd#58) (boo#954139).- pkexec.patch: pkexec: allow --version and --help even if not setuid- Modernize spec-file by calling spec-cleaner- Add polkit-itstools.patch: Add gettext support for .policy files.- Use gettext as fallback to get potential distro translations for polkit actions. Similar mechnism as used for desktop file translations. That way it's possible to use weblate to add additional translations that are not provided by upstream (polkit-gettext.patch).- Use pkgconfig() instead of requiring systemd package names directly.- systemd.pc is shipped by systemd main package (bsc#983167) Strangely polkit wants systemd.pc to detect that the target system is running systemd even if its configured to build systemd support...- polkit-revert-session-magic.patch: revert a session detection change that could lead to sessions not being detected as active due to a systemd bug. bsc#954139- Update to 0.113: * Fix CVE-2015-4625 * Fix CVE-2015-3256 * Fix CVE-2015-3255 * Fix CVE-2015-3218 * On systemd-213 and later, the “active” state is shared across all sessions of an user, instead of being tracked separately * pkexec: when not given a program to execute, runs the users’ shell by default - Remove polkit-no-kded-leak.patch (upstreamed)- Try to fix kded leaking due to powerdevil exposing this issue in polkit: (bsc#912889) * polkit-no-kded-leak.patch- Added gpg signature and keyring with David Zeuthen and Miloslav Trmac ids./bin/sh/bin/sh/bin/sh/bin/sh/bin/shgoat11 1622736705  !"#$%&'()*+,-.csdadehrhuiditplptsksvtrukzhzh0.116-lp152.2.3.10.116-lp152.2.3.10.116-lp152.2.3.1  ! "dbus-1system.dorg.freedesktop.PolicyKit1.confpolkit-1polkit-1rules.d50-default.rulespkactionpkcheckpkexecpkttyagentpolkit-1polkit-agent-helper-1polkitdpolkit.servicedbus-1system-servicesorg.freedesktop.PolicyKit1.servicepolkitCOPYINGpolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopolkit-1.mopkaction.1.gzpkcheck.1.gzpkexec.1.gzpkttyagent.1.gzpolkit.8.gzpolkitd.8.gzpolkit-1actionsorg.freedesktop.policykit.policyrules.dpolkit/etc//etc/dbus-1//etc/dbus-1/system.d//etc/pam.d//etc/polkit-1//etc/polkit-1/rules.d//usr/bin//usr/lib//usr/lib/polkit-1//usr/lib/systemd/system//usr/share//usr/share/dbus-1//usr/share/dbus-1/system-services//usr/share/licenses//usr/share/licenses/polkit//usr/share/locale/cs/LC_MESSAGES//usr/share/locale/da/LC_MESSAGES//usr/share/locale/de/LC_MESSAGES//usr/share/locale/hr/LC_MESSAGES//usr/share/locale/hu/LC_MESSAGES//usr/share/locale/id/LC_MESSAGES//usr/share/locale/it/LC_MESSAGES//usr/share/locale/pl/LC_MESSAGES//usr/share/locale/pt_BR/LC_MESSAGES//usr/share/locale/sk/LC_MESSAGES//usr/share/locale/sv/LC_MESSAGES//usr/share/locale/tr/LC_MESSAGES//usr/share/locale/uk/LC_MESSAGES//usr/share/locale/zh_CN/LC_MESSAGES//usr/share/locale/zh_TW/LC_MESSAGES//usr/share/man/man1//usr/share/man/man8//usr/share/polkit-1//usr/share/polkit-1/actions//var/lib/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:16428/openSUSE_Leap_15.2_Update/9b516402f69890947bca5467e5b54193-polkit.openSUSE_Leap_15.2_Updatedrpmxz5x86_64-suse-linux directoryXML 1.0 document, ASCII textASCII textELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=87d87d846e16863fc53595761297a4514a0b55f1, for GNU/Linux 3.2.0, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=08e6ae0ac4d78fd5a224d757d5e63f1ab51a568b, for GNU/Linux 3.2.0, strippedsetuid ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=0f3a169c00da02b3da9870e0b962d72bfaa4e067, for GNU/Linux 3.2.0, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=0f422404cbc9719ce5222b0080925f94847985a1, for GNU/Linux 3.2.0, strippedsetuid ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=859fd6328f611684dd014cf73218cedf58a53723, for GNU/Linux 3.2.0, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=5799e4cf8e48aef3dd520a4d78c535392f95e8e4, for GNU/Linux 3.2.0, strippedtroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)troff or preprocessor input, UTF-8 Unicode text, with very long lines (gzip compressed data, max compression, from Unix)troff or preprocessor input, ASCII text, with very long lines (gzip compressed data, max compression, from Unix)XML 1.0 document, UTF-8 Unicode text#- R RRRRRRR RRRRRRRRRR RRRRRRRRRR RRRRRRRRR R RRRRRRRR RR RR RRRRRRRRRRR RRR RRtMO1? -q\systemdutf-8e7d438fc4746e7c4ff44ed52c08e851cae405d8f5ccf9028c5ac6f63f9131a1f?P7zXZ !t/3^]"k%f90wD8jYTO}5c;~,'K`w.f e׍׻J\GM9A`l^}lvNmZ2Ps0Dv9/P;ǟYU٩vڸdk[Wr#Nq Ћ.ؿCktL-*] &Ys4ЉR̘v6<CFAPG'zU2@tg>-I,U>g's a,k~c&aM$]>x$D23)B^r3(HLa<~43bXZ|\'wlZ5<`&B 9,{F}.f)Pe(XhcZWC ~Y,[ѹ0@Q|뤎R{_zb]C3Ma_Q0~ug?? Ȇ۽X.Fo:=h|hɼdI8\/\,<`nGM f*Qȩ d1. |6u-Sx*cCmk@2wPAL0!Pr*3p-+^fPz7r /Wf L3ӳK͍'yI+A93e\fl\|A1Lxe(Gn,$<}㡊•[N#*}c>\𓆍4- NsϟRZ6)Hxmݠ,kݟzzS @GcY_=-uNŭeƠDzN ;Jren`R. Л'"?@8_]`VrkjF<2̩t +W8q$ujU!ѱ,8Gm\3T#a%UoW/n投c9Xq7{!LEN:D!ZHu~6Y7ͳ6ŴW\g2'dtz):4mmN^}AYa܃LAoBqj;^kdF|76 ~,G uJlVZ;"*P+il1['/4z,>ב9H*[IP}[o2P>mxkKܝyOBX!RrWI}T~g8T "8 "DϧU6Cfg#z-`V}S6" Exx5G/K":1A>6\=6*JFgs ܮ# $:Ur箋]h^'E_өXx_oK8&Q ur:$[ vBqs<2eXylzddN+3-]ԑSEL $ ISP=$0-k?֘pu2tK}] a4XY1pB|[Lb\U%͇;y9# Y\TD>NlaWfפr麛ۣ<`vjJ}PSf&^B-)m`;BO@+OK.c+'v&"7a(* - _nV|@Գg#k 1/ mQre!!9>IǑIG3),uQMP|MBwQϤ&Y% $M0AZUrw+6vFet7}ű"CU4ͤfH|^HBhQ1Kd8r㐛pg N27JA_hw5ۭ(}oqɑS>9NͰ1#J&?/\~L?%ҍJnz)M/tD6ʟlkuMHߘ/KnI(eKO.8a$]alX-U%x]-q8ĥ)0%ؗ/~i]}AId@7DxI>^:= &b .D!uln^$W mղ3qYӭͬ_X5LZ}ӗ"*- Tcmꔪwޟv/-늚Fb>f'Sc*6F=Wo;Oj._z[>W8lR%`QVފ"Gf'[iA; K..'^8rl89.9"DA oeUaݸFw}7INbSss:5g'?bw6Q'gt8] ~b)|}ke(8OXI%xg㞍9-=>oc9#RϐB1^49WEqKrԪտ%kBZ&H߈$!,o^;nLy^/$\d=1r/p7Z#Y(n/ "׼8]<s鳅<ͳY&isz=8kN/S>aiK0ɝDvOOJ"~Ţ Fi~ןXgؖf Sv.#Fd~+W)1h ͞ )57gIiZ).5쌗raЀIV8QXUeJk`;?|=7yY+; 3.u3B{|H.㲫;ńJl g\38ʭ'2m-#yK f?m<ȭ&ے YWFj!%V;Q;hFċE@&j<$+} MK6ܲgBX+&J/j0n/&q.Tx#2>0XӼi9;&@3˲5dƤ{pޣ2c67lЌ]JLwtPS{~ ! j[Wr{|dƺEcPk&1beҷFۓ4Ep=xczhJI%j/eld؋)(l;9TiTd"QR2CYڜ/Z]ĞƇy?~hs% 7! `KwR`hB8u2G='d@@xcuWGJs+"\x6x([ٮu- ͈ JC5 R [nT_eq2]vу1_Ki-jQ!Ø]6$p74FJi!kA!u]O:7HrAW_\ra'6c ׬M ~`d~>0<{<n=܄YWv:àWB |]_fU"daa T8O񐧁@g3*Y|?DD ;p 3Vx dBk{RzLLaێWIs'SAmGXcuH=l>@ ;F5#Xp& iM᫬b"(*#B DB=5ȶz'O!BŖ#e6>G2}*G =*UQxV}NφC徴m|pňNx帤\һr] 5toοX3S?i+ $TtF>=)]s^c`m,x41oF zg#e*LVM߇_!aQk?vf<ӆQ yk"xLH>(G:6I}:2ΫۈҿMcdn~ k"Rgpt"H;o F I',gˠ cau^ᡱ@tA}e~Kͥ {G'ڋWu|!^(Mx{Yɫ0>%/|>8Hv@1|l>K.ŝ0*dv6+Ke,"lci-*JJ }4dF9hGn:' M/:KLwqιķ-̂Et>M;g~*mg6L~߿hMca ܸ38[/53jK=8"P1mm>+)R=a:rm~vJTORUHSxf RLшx*Çڈ.F%QR?pWx >S:1%ýί.lT$X2޵?WbITv2M_cz1q߈-azǚB1\ 17ZZiws I\Ǖמ5>+J-5(gsٚЮFy8D*~{1*6 vݡHC SϐwERM4 XKi6IZ BNOpo/(* mD^sE8vb _bvK( /2&ڍʵ2$*zU!7&m$p}p.طYU*3]@^^T@05QzS`