python-base-32bit-2.7.18-150000.77.1<>,gҘp9|U u.JDg&O!NFhۥOaLKD}Rj߮%GQr%F汃548'>ҏ7Q'!r4B8JnPEx/ঞ5Hh9~[tmG^VĝVjI-;_& G |RX|"t] b" Hqױrt0|&'D(EUO ".W4TsǤ>d?Td ' G  +H`fm|=p= = d= X= U= ====4**3*(x8u9Tu:' u>G=H=I=X8Y@\h=]\=^bWcdeflu=v<wT=xH=y<PCpython-base-32bit2.7.18150000.77.1Python Interpreter base packagePython is an interpreted, object-oriented programming language, and is often compared to Tcl, Perl, Scheme, or Java. You can find an overview of Python in the documentation and tutorials included in the python-doc (HTML) or python-doc-pdf (PDF) packages. This package contains all of stand-alone Python files, minus binary modules that would pull in extra dependencies.gҘh04-ch1c/ SUSE Linux Enterprise 15SUSE LLC Python-2.0https://www.suse.com/Development/Languages/Pythonhttps://www.python.org/linuxx86_64/sbin/ldconfig- 6F vvtnptV:4R,bT]|K$>>k790JTT7\g\ P<B4 I&D\)TT8\)0j <'gp+gL&\F Y LTAAgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘgҘf2bb40526e44a101732f16e6d036d447a0be45bdb8d96abb28af17e8bb3b33e36d56b6e99aa8b5d5d9a469742fbacbc0140e5bbe76cce36b7652754064bf14aa9866b14de78ec3de9822cae68b7af714166d0dc462cbc791f608bf93430a394a9d76017c08582022df6e540482352224ee09a7f7a8c55d72e0e4fb87b71c71ab1648d258349410813d588f0a244e6394fd93f41af1f6f56e86e44ec912ff0a4e97eab9b6836e60f0c029224b045253faaec63233f25345c3dc3cc9327c6566ffff1fb97a187051ba51370aa58914854622a4f01d07614ec5eed8dd896fb47e70e639e6e9f84304c6cbf6a972684627cd313fd438ff8309120a0b1a37eeb26d183dff4b31c520aa2ae5f28c9b310f1bb7dca05d01df5361e8e66d1c3bd6f358fe2fbadc9ad84e8f2168632923a38e536d91b1c7ed2ad82ee306a016d24009505d301bb69514449e9f8a9842fb95dd3b3ae070b46378d855f1df54e1d55c8eefbec02ff6a3109be336c315570caed15271a93049ad1b56f34b1b5f9d521a9b458e7cbafafbbff77a5211b69e5861600c736c3531aa0438f8fb26ea2d269e3295fd5eab0e296f1e23bf2a6b74c015ae84f018dcd64978998f78e3e45bb4ec9425d15be425a674fae287229ff9e8e8872bb8ad2b8300e60b7385fb5c401766f545e32ab6c3836f5cb69c4d24e4cdda56c2159920116d5a96bb2481fb89a06d29f82bd9519ffdf0c0f993c8cb90da564df0727e7714e55a6d6b8074045cd5c15e71989c737362ba6ab343ce781a56a7adcc76e50cb7eea658189c2491eee040a4ba10350517c9736e605101c8e53efc22aa7f1dfa81e868f7869780afeaf1dd124918755b9d4ccf8fc5b332f5077271e0e9124b88bbd2daabbd313fa653dae8a7388ed971d6b71ada65c416eb1b482b5cf80bc6d816e8ef27f7810448d1f835165bd8f0c84b9a55bebf6db0b16510f6c49a072fa163912b4dfe9d1ac8735a9a269a12bd6d25c2ad38969342d9e8511a2ad4a0b3e6299eb9461132d70b6850a109fae9a905ea32633e7dc6b10b05d2ca4949996284ffe8104e48313e6c6ddfd886e1513cb873068730d4283324a7237447f88516941ad369342c132068747a59c2e2f00da7b461295a54c52208bae923dbe4eaca078c02f13033859b149e682f2e6867e67e8d6a05af2f16688291614e4887d7fe54c27fa1fe55621fa645d015ea01e1434058d5f5f9cb5e2e9f3290a0d116e348c41b128c8bcc2bafe4d363690ba63f4d00bf688305c16b69ad196c1cec8ec85e0ff8973bd0bcd4a9a68edc6a38daecf176465a3e4050e055f6ffec72181ded5fd9be890a22cddb0cc67a4497da1e313d97317ec7670dc8dddde42e9f522dc3ec7fd5c961c18125653cce14c93b13b0349ac5167cf17bce5c5fb80de72723cd5c0350ced204351f8b00e15dbaec86c07bf2c4504a9f8c7f48738a916f677148a67c9c4493fd79949edc5de66173ae61dfc8352e5ed804c4c6242cfcf1ce4254f06aa1880d1a0ba56fbcdbc200184284a54a10d4f509310d513de361bf9506f999ae46c745f95a56ea9e45ec3dbd76707c5d70899315fb9d133f46dd8eb7a022426e07d38c211055cacb58ea7730d15702976d10ac37e65bf12b8bde00ca8d3fc8d3e4ef107c1e32506bab33aa4e0ab0ec0e9406deafa00c74ace37ccfd7f85051894fe5868fcd69270aade23d9d30aee4c0ffd31b745e5aa13bc304ccfcd8a888ffa0a7518a266bd3d4cfd3e62ee7ad81216d6a25ee9dff3045bc54cd8c6bae6433b1db6ca70d41c8c5c2279bc5db01f327dea41484802be764308cbd4d860efad6435d72eb40a3dae11752f953581652c089875462d7597d4b03ea35a8eabe7639d692b7a2b64da0d4856a1e9901e5d6a9e9da8e9dd5c9c047c84805de8bd65e86bdb07d827b6e3c8a84381e4dfc8905383451ecac23953d7bbff21b7876a07e113e8acaf934c7c6bf7b4eb41aae8da7c5e947deba987ed642b074f066e91ef2af988ec5754a0cd1c50e45e2af267fcd5e8970b14704aa85a80e4527e031146223cd86dc2fb192cc14656b0d9c698d833b2e3437efcc760426ca53e7583a19db1ed0ed0a9b1210611147994ac346f2afa5de686ec1be681b1a4358f1f8e6c1183a29822798aaf086dfbebc49b4cbcec9219156a6a7e4935ba1e30f25dde2788ee70de9ca94fc38e473059a97e3be87414caaacddc039a21eb24c332c8552b8d900f0226f4af6d948ee19d2f03ec62fc02ea4a2f1b7b427632cabfe72bd017382de7cb49e08f0cd7f5f76e066da78f4017afa5e46cbda99a5c81a3abdbe13dd1b166b2d4bd41f2a7a060ea2cc74ff75df2f7634d902b8fbf8cd3f7b3fcf48803fcc81e69fab5286cf8fd17d340b955984929f80fb10f33464a07b147b33848dff8393b27e687b54d15f8ed8dded6c176cfc63b969536a7dae071b0f8becf64fff388a4a93f6338236023e12058853fe13330d170ef88076315da2dd88d6107e105e1ed1469e313a8cd4fd5b9ad867499e829d7a109d06fd78e740e5f8eea936dcc873defacb0a9f996a1fde0276a1daf7ea74f9672c51e8b2693858808850757f8fbbf886fac91b9a0d8764a27dbf3058ed13681efd62afbfecc1223a5ec66757c0683a3974d6af07b1688265786d51rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootpython-base-2.7.18-150000.77.1.src.rpmpython-base-32bitpython-base-32bit(x86-32)@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@    /bin/shlibbz2.so.1libc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1)libc.so.6(GLIBC_2.1.2)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.15)libc.so.6(GLIBC_2.2)libc.so.6(GLIBC_2.3)libc.so.6(GLIBC_2.3.2)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)libc.so.6(GLIBC_2.7)libcrypt.so.1libcrypt.so.1(GLIBC_2.0)libdl.so.2libdl.so.2(GLIBC_2.0)libdl.so.2(GLIBC_2.1)libffi.so.7libffi.so.7(LIBFFI_BASE_7.0)libffi.so.7(LIBFFI_CLOSURE_7.0)libm.so.6libm.so.6(GLIBC_2.0)libm.so.6(GLIBC_2.1)libnsl.so.2libnsl.so.2(LIBNSL_1.0)libpthread.so.0libpthread.so.0(GLIBC_2.0)libpthread.so.0(GLIBC_2.1)libpthread.so.0(GLIBC_2.1.1)libpthread.so.0(GLIBC_2.2)libpython2.7.so.1.0libtirpc.so.3libtirpc.so.3(TIRPC_0.3.0)libz.so.1libz.so.1(ZLIB_1.2.0)python(abi)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)2.73.0.4-14.6.0-14.0-15.2-14.14.1gw@g@g@g4f@fH@f?]fh@e,e @eedeeeRd˖dD@dq@du@dtdm@dxdc>@cӼc0c|ck@c pcbbb@b@b@ba@a@a(@aim@aI@a'@a#aj@a`t`8`_T^J^@^@^>^>^;^8 @^.^g@^ @]f@]@]]]d@]d@]@]z@]V]y@]9]1]\t@\\7\7\\J@\J@\C@\2[[#@[6@[@[ @[Za@Z@ZxG@ZtRZp^@Z, gh#python/cpython#103848#issuecomment-2708135083).- Modify CVE-2025-0938-sq-brackets-domain-names.patch: we don't use bracketed_host variable any more (correction of the fix for bsc#1236705, discovered during analysis for bsc#1223694).- Add CVE-2025-0938-sq-brackets-domain-names.patch which disallows square brackets ([ and ]) in domain names for parsed URLs (bsc#1236705, CVE-2025-0938, gh#python/cpython#105704)- Add CVE-2024-11168-validation-IPv6-addrs.patch fixing bsc#1233307 (CVE-2024-11168, gh#python/cpython#103848): Improper validation of IPv6 and IPvFuture addresses. - Add ipaddress module from https://github.com/phihag/ipaddress - Remove -IVendor/ from python-config boo#1231795- Stop using %%defattr, it seems to be breaking proper executable attributes on /usr/bin/ scripts (bsc#1227378).- bsc#1221854 (CVE-2024-0450) Add CVE-2024-0450-zipfile-avoid-quoted-overlap-zipbomb.patch detecting the vulnerability of the "quoted-overlap" zipbomb (from gh#python/cpython!110016).- Switch to using the system libexpat (bsc#1219559, CVE-2023-52425) - Make sure to remove all embedded versions of other packages (including expat). - Add CVE-2023-52425-libexpat-2.6.0-remove-failing-tests.patch removing failing test fixing bpo#3151, which we just not support. - Remove patches over those embedded packages (cffi): - python-2.7-libffi-aarch64.patch - sparc_longdouble.patch- Modify CVE-2023-27043-email-parsing-errors.patch to fix the unicode string handling in email.utils.parseaddr() (bsc#1222537). - Revert CVE-2022-48560-after-free-heappushpop.patch, the fix was unneeded.- Switch off tests. ONLY FOR FACTORY!!! (bsc#1219306)- Build with -std=gnu89 to build correctly with gcc14, bsc#1220970- Add CVE-2023-27043-email-parsing-errors.patch to gh#python/cpython!111116, fixing bsc#1210638 (CVE-2023-27043).- Add CVE-2022-48560-after-free-heappushpop.patch fixing use-after-free in Python via heappushpop in heapq (bsc#1214675, CVE-2022-48560). - switch from %patchN style to the %patch -P N one.- (bsc#1214691, CVE-2022-48566) Add CVE-2022-48566-compare_digest-more-constant.patch to make compare_digest more constant-time. - Allow nis.so for SLE-12.- (bsc#1214685, CVE-2022-48565) Add CVE-2022-48565-plistlib-XML-vulns.patch (from gh#python/cpython#86217) reject XML entity declarations in plist files. - Remove BOTH CVE-2023-27043-email-parsing-errors.patch and Revert-gh105127-left-tests.patch (as per discussion on bsc#1210638).- Add CVE-2023-40217-avoid-ssl-pre-close.patch fixing gh#python/cpython#108310, backport from upstream patch gh#python/cpython#108315 (bsc#1214692, CVE-2023-40217)- IT MEANS THAT bsc#1210638 STILL HAS NOT BEEN FIXED! - Add Revert-gh105127-left-tests.patch (gh#python/cpython!106941) partially reverting CVE-2023-27043-email-parsing-errors.patch, because of the regression in gh#python/cpython#106669.- (bsc#1210638, CVE-2023-27043) Add CVE-2023-27043-email-parsing-errors.patch, which detects email address parsing errors and returns empty tuple to indicate the parsing error (old API).- Fix the application of the python-2.7.17-switch-off-failing-SSL-tests.patch.- python-2.7.5-multilib.patch: Update for riscv64 - Don't fail if _ctypes or dl extension was not built- The condition around libnsl-devel BuildRequires is NOT switching off NIS support on SLE < 15, support for NIS used to be in the glibc itself. Partial revert of sr#1061583.- Add PygmentsBridge-trime_doctest_flags.patch to allow build of the documentation even with the current Sphinx. (SUSE-ONLY PATCH, DO NOT SEND UPSTREAM!)- Enable --with-system-ffi for non-standard architectures.- SLE-12 builds nis.so as well.- Add CVE-2023-24329-blank-URL-bypass.patch (CVE-2023-24329, bsc#1208471) blocklists bypass via the urllib.parse component when supplying a URL that starts with blank characters- Disable NIS for new products, it's deprecated and gets removed- Add skip_unverified_test.patch because apparently switching off SSL verification doesn't work on older SLE.- Restore python-2.7.9-sles-disable-verification-by-default.patch for SLE-12.- Add CVE-2022-45061-DoS-by-IDNA-decode.patch to avoid CVE-2022-45061 (bsc#1205244) allowing DoS by IDNA decoding extremely long domain names.- Add bpo34990-2038-problem-compileall.patch making compileall.py compliant with year 2038 (bsc#1202666, gh#python/cpython#79171), backport of fix to Python 2.7.- Add patch CVE-2021-28861-double-slash-path.patch: * BaseHTTPServer: Fix an open redirection vulnerability in the HTTP server when an URI path starts with //. (bsc#1202624, CVE-2021-28861)- Add CVE-2015-20107-mailcap-unsafe-filenames.patch to avoid CVE-2015-20107 (bsc#1198511, gh#python/cpython#68966), the command injection in the mailcap module.- Filter out executable-stack error that is triggered for i586 target.- Update bundled pip wheel to the latest SLE version patched against bsc#1186819 (CVE-2021-3572). - Recover again proper value of %python2_package_prefix (bsc#1175619).- BuildRequire rpm-build-python: The provider to inject python(abi) has been moved there. rpm-build pulls rpm-build-python automatically in when building anything against python3-base, but this implies that the initial build of python3-base does not trigger the automatic installation.- Older SLE versions should use old OpenSSL.- Add CVE-2022-0391-urllib_parse-newline-parsing.patch (bsc#1195396, CVE-2022-0391, bpo#43882) sanitizing URLs containing ASCII newline and tabs in urlparse.- Add CVE-2021-4189-ftplib-trust-PASV-resp.patch (bsc#1194146, bpo#43285, CVE-2021-4189, gh#python/cpython#24838) make ftplib not trust the PASV response.- build against openssl 1.1.x (incompatible with openssl 3.0x) for now.- on sle12, python2 modules will still be called python-xxxx until EOL, for newer SLE versions they will be python2-xxxx- BuildRequire rpm-build-python: The provider to inject python(abi) has been moved there. rpm-build pulls rpm-build-python automatically in when building anything against python3-base, but this implies that the initial build of python3-base does not trigger the automatic installation.- Add CVE-2019-20907_tarfile-inf-loop.patch fixing bsc#1174091 (CVE-2019-20907, bpo#39017) avoiding possible infinite loop in specifically crafted tarball. Add recursion.tar as a testing tarball for the patch. - Provide the newest setuptools wheel (bsc#1176262, CVE-2019-20916) in their correct form (bsc#1180686). - Add CVE-2020-26116-httplib-header-injection.patch fixing bsc#1177211 (CVE-2020-26116, bpo#39603) no longer allowing special characters in the method parameter of HTTPConnection.putrequest in httplib, stopping injection of headers. Such characters now raise ValueError.- Renamed patch for assigned CVE: * bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch -> CVE-2021-3737-fix-HTTP-client-infinite-line-reading-after-a-HTTP-100-Continue.patch (boo#1189241, CVE-2021-3737)- Renamed patch for assigned CVE: * bpo43075-fix-ReDoS-in-request.patch -> CVE-2021-3733-fix-ReDoS-in-request.patch (boo#1189287, CVE-2021-3733) - Fix python-doc build (bpo#35293): * sphinx-update-removed-function.patch - Update documentation formatting for Sphinx 3.0 (bpo#40204).- Add bpo43075-fix-ReDoS-in-request.patch which fixes ReDoS in request (bpo#43075, boo#1189287). - Add missing security announcement to bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch.- Add bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch which fixes http client infinite line reading (DoS) after a http 100 (bpo#44022, boo#1189241).- Modify Lib/ensurepip/__init__.py to contain the same version numbers as are in reality the ones in the bundled wheels (bsc#1187668).- Add CVE-2021-23336-only-amp-as-query-sep.patch which forbids use of semicolon as a query string separator (bpo#42967, bsc#1182379, CVE-2021-23336).- Add CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch fixing bsc#1181126 (CVE-2021-3177) buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution.- (bsc#1180125) We really don't Require python-rpm-macros package. Unnecessary dependency.- Add patch configure_PYTHON_FOR_REGEN.patch which makes configure.ac to consider the correct version of PYTHON_FO_REGEN (bsc#1078326).- Use python3-Sphinx on anything more recent than SLE-15 (inclusive).- Update to 2.7.18, final release of Python 2. Ever.: - Newline characters have been escaped when performing uu encoding to prevent them from overflowing into to content section of the encoded file. This prevents malicious or accidental modification of data during the decoding process. - Fixes a ReDoS vulnerability in `http.cookiejar`. Patch by Ben Caller. - Fixed line numbers and column offsets for AST nodes for calls without arguments in decorators. - bsc#1155094 (CVE-2019-18348) Disallow control characters in hostnames in http.client. Such potentially malicious header injection URLs now cause a InvalidURL to be raised. - Fix urllib.urlretrieve failing on subsequent ftp transfers from the same host. - Fix problems identified by GCC's -Wstringop-truncation warning. - AddRefActCtx() was needlessly being checked for failure in PC/dl_nt.c. - Prevent failure of test_relative_path in test_py_compile on macOS Catalina. - Fixed possible leak in `PyArg_Parse` and similar functions for format units "es#" and "et#" when the macro `PY_SSIZE_T_CLEAN` is not defined. - Remove upstreamed patches: - CVE-2019-18348-CRLF_injection_via_host_part.patch - python-2.7.14-CVE-2017-1000158.patch - CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch - CVE-2018-1061-DOS-via-regexp-difflib.patch - CVE-2019-10160-netloc-port-regression.patch - CVE-2019-16056-email-parse-addr.patch- Add CVE-2019-9674-zip-bomb.patch to improve documentation warning about dangers of zip-bombs and other security problems with zipfile library. (bsc#1162825 CVE-2019-9674)- Change to Requires: libpython%{so_version} == %{version}-%{release} to python-base to keep both packages always synchronized (add %{so_version}) (bsc#1162224).- Add CVE-2020-8492-urllib-ReDoS.patch fixing the security bug "Python urrlib allowed an HTTP server to conduct Regular Expression Denial of Service (ReDoS)" (bsc#1162367)- Provide python-testsuite from devel subkg to ease py2->py3 dependencies- Add python-2.7.17-switch-off-failing-SSL-tests.patch to switch off tests coliding with the combination of modern Python and ancient OpenSSL on SLE-12.- libnsl is required only on more recent SLEs and openSUSE, older glibc supported NIS on its own.- Add provides in gdbm subpackage to provide dbm symbols. This allows us to use %%{python_module dbm} as a dependency and have it properly resolved for both python2 and python3- Drop appstream-glib BuildRequires and no longer call appstream-util validate-relax: eliminate a build cycle between as-glib and python. The only thing would would gain by calling as-uril is catching if upstream breaks the appdata.xml file in a future release. Considering py2 is dying, chances for a new release, let alone one breaking the xml file, are slim.- Unify packages among openSUSE:Factory and SLE versions. (bsc#1159035) ; add missing records to this changelog. - Add idle.desktop and idle.appdata.xml to provide IDLE in menus (bsc#1153830)- Add python2_split_startup Provide to make it possible to conflict older packages by shared-python-startup.- Move /etc/pythonstart script to shared-python-startup package.- Add bpo-36576-skip_tests_for_OpenSSL-111.patch (originally from bpo#36576) skipping tests failing with OpenSSL 1.1.1. Fixes bsc#1149792- Add adapted-from-F00251-change-user-install-location.patch fixing pip/distutils to install into /usr/local.- Update to 2.7.17: - a bug fix release in the Python 2.7.x series. It is expected to be the penultimate release for Python 2.7. - Removed patches included upstream: - CVE-2018-20852-cookie-domain-check.patch - CVE-2019-16935-xmlrpc-doc-server_title.patch - CVE-2019-9636-netloc-no-decompose-characters.patch - CVE-2019-9947-no-ctrl-char-http.patch - CVE-2019-9948-avoid_local-file.patch - python-2.7.14-CVE-2018-1000030-1.patch - python-2.7.14-CVE-2018-1000030-2.patch - Renamed remove-static-libpython.diff and python-bsddb6.diff to remove-static-libpython.patch and python-bsddb6.patch to unify filenames.- Add CVE-2019-16935-xmlrpc-doc-server_title.patch fixing bsc#1153238 (aka CVE-2019-16935) fixing a reflected XSS in python/Lib/DocXMLRPCServer.py- Add bpo36302-sort-module-sources.patch (boo#1041090)- Add CVE-2019-16056-email-parse-addr.patch fixing the email module wrongly parses email addresses [bsc#1149955, CVE-2019-16056]- boo#1141853 (CVE-2018-20852) add CVE-2018-20852-cookie-domain-check.patch fixing http.cookiejar.DefaultPolicy.domain_return_ok which did not correctly validate the domain: it could be tricked into sending cookies to the wrong server.- Skip test_urllib2_localnet that randomly fails in OBS- bsc#1138459: add CVE-2019-10160-netloc-port-regression.patch which fixes regression introduced by the previous patch. (CVE-2019-10160) Upstream gh#python/cpython#13812- Set _lto_cflags to nil as it will prevent to propage LTO for Python modules that are built in a separate package.- bsc#1130840 (CVE-2019-9947): add CVE-2019-9947-no-ctrl-char-http.patch Address the issue by disallowing URL paths with embedded whitespace or control characters through into the underlying http client request. Such potentially malicious header injection URLs now cause a ValueError to be raised.- bsc#1130847 (CVE-2019-9948) add CVE-2019-9948-avoid_local-file.patch removing unnecessary (and potentially harmful) URL scheme local-file://.- bsc#1129346: add CVE-2019-9636-netloc-no-decompose-characters.patch Characters in the netloc attribute that decompose under NFKC normalization (as used by the IDNA encoding) into any of ``/``, ``?``, ``#``, ``@``, or ``:`` will raise a ValueError. If the URL is decomposed before parsing, or is not a Unicode string, no error will be raised (CVE-2019-9636). Upstream commits e37ef41 and 507bd8c.- (bsc#1111793) Update to 2.7.16: * bugfix-only release: complete list of changes on https://github.com/python/cpython/blob/2.7/Misc/NEWS.d/2.7.16rc1.rst * Removed openssl-111.patch and CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch which are fully included in the tarball. * Updated patches to apply cleanly: CVE-2019-5010-null-defer-x509-cert-DOS.patch bpo36160-init-sysconfig_vars.patch do-not-use-non-ascii-in-test_ssl.patch openssl-111-middlebox-compat.patch openssl-111-ssl_options.patch python-2.5.1-sqlite.patch python-2.6-gettext-plurals.patch python-2.7-dirs.patch python-2.7.2-fix_date_time_compiler.patch python-2.7.4-canonicalize2.patch python-2.7.5-multilib.patch python-2.7.9-ssl_ca_path.patch python-bsddb6.diff remove-static-libpython.patch * Update python-2.7.5-multilib.patch to pass with new platlib regime.- bsc#1109847 (CVE-2018-14647): add CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch fixing bpo-34623.- bsc#1073748: add bpo-29347-dereferencing-undefined-pointers.patch PyWeakref_NewProxy@Objects/weakrefobject.c creates new isntance of PyWeakReference struct and does not intialize wr_prev and wr_next of new isntance. These pointers can have garbage and point to random memory locations. Python should not crash while destroying the isntance created in the same interpreter function. As per my understanding, both wr_prev and wr_next of PyWeakReference instance should be initialized to NULL to avoid segfault.- bsc#1122191: add CVE-2019-5010-null-defer-x509-cert-DOS.patch fixing bpo-35746 (CVE-2019-5010). An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.7.2. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability.- Use upstream-recommended %{_rpmconfigdir}/macros.d directory for the rpm macros.- Add patch openssl-111.patch to work with openssl-1.1.1 (bsc#1113755)- Apply "CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch" which converts shutil._call_external_zip to use subprocess rather than distutils.spawn. [bsc#1109663, CVE-2018-1000802]- Apply "CVE-2018-1061-DOS-via-regexp-difflib.patch" to prevent low-grade poplib REDOS (CVE-2018-1060) and to prevent difflib REDOS (CVE-2018-1061). Prior to this patch mail server's timestamp was susceptible to catastrophic backtracking on long evil response from the server. Also, it was susceptible to catastrophic backtracking, which was a potential DOS vector. [bsc#1088004 and bsc#1088009, CVE-2018-1061 and CVE-2018-1060]- Apply "CVE-2017-18207.patch" to add a check to Lib/wave.py that verifies that at least one channel is provided. Prior to this check, attackers could cause a denial of service (divide-by-zero error and application crash) via a crafted wav format audio file. [bsc#1083507, CVE-2017-18207]- Apply "python-sorted_tar.patch" (bsc#1086001, boo#1081750) sort tarfile output directory listing- update to 2.7.15 * dozens of bugfixes, see NEWS for details - removed obsolete patches: * python-ncurses-6.0-accessors.patch * python-fix-shebang.patch * gcc8-miscompilation-fix.patch - add patch from upstream: * do-not-use-non-ascii-in-test_ssl.patch- Add gcc8-miscompilation-fix.patch (boo#1084650).- Apply "python-2.7.14-CVE-2017-1000158.patch" to prevent integer overflows in PyString_DecodeEscape that could have resulted in heap-based buffer overflow attacks and possible arbitrary code execution. [bsc#1068664, CVE-2017-1000158]- exclude test_socket & test_subprocess for PowerPC boo#1078485 (same ref as previous change)- Add python-skip_random_failing_tests.patch bypass boo#1078485 and exclude many tests for PowerPC- Add patch python-fix-shebang.patch to fix bsc#1078326- exclude test_regrtest for s390, where it does not segfault as it should (fixes bsc#1073269) - fix segfault while creating weakref - bsc#1073748, bpo#29347 (this is actually fixed by the 2.7.14 update; mentioning this for purposes of bugfix tracking)- update to 2.7.14 * dozens of bugfixes, see NEWS for details * fixed possible integer overflow in PyString_DecodeEscape (CVE-2017-1000158, bsc#1068664) * fixed segfaults with dict mutated during search * fixed possible free-after-use problems with buffer objects with custom indexing * fixed urllib.splithost to correctly parse fragments (bpo-30500) - drop upstreamed python-2.7.13-overflow_check.patch - drop unneeded python-2.7.12-makeopcode.patch - drop upstreamed 0001-2.7-bpo-30714-ALPN-changes-for-OpenSSL-1.1.0f-3094.patch - Apply "python-2.7.14-CVE-2018-1000030-1.patch" and "python-2.7.14-CVE-2018-1000030-2.patch" to remedy a bug that would crash the Python interpreter when multiple threads used the same I/O stream concurrently. This issue is not classified as a security vulnerability due to the fact that an attacker must be able to run code, however in some situations -- such as function as a service -- this vulnerability can potentially be used by an attacker to violate a trust boundary. [bsc#1079300, CVE-2018-1000030]- Call python2 instead of python in macros- Fix test broken with OpenSSL 1.1 (bsc#1042670) * add 0001-2.7-bpo-30714-ALPN-changes-for-OpenSSL-1.1.0f-3094.patch- drop SUSE_ASNEEDED=0 as it is not needed anymore- Add libnsl-devel build requires for glibc obsoleting libnsl- obsolete/provide python-argparse and provide python2-argparse, because the argparse module is available from python 2.7 up- SLE package update (bsc#1027282) - refresh python-2.7.5-multilib.patch - dropped upstreamed patches: python-fix-short-dh.patch python-2.7.7-mhlib-linkcount.patch python-2.7-urllib2-localnet-ssl.patch CVE-2016-0772-smtplib-starttls.patch CVE-2016-5699-http-header-injection.patch CVE-2016-5636-zipimporter-overflow.patch python-2.7-httpoxy.patch - Add python-ncurses-6.0-accessors.patch: Fix build with NCurses 6.0 and OPAQUE_WINDOW set to 1. (dimstar@opensuse.org)- Add reproducible.patch to allow reproducible builds of various python packages like python-amqp Upstream: https://github.com/python/cpython/pull/296- update to 2.7.13 * dozens of bugfixes, see NEWS for details * updated cipher lists for openssl wrapper, support openssl >= 1.1.0 * properly fix HTTPoxy (CVE-2016-1000110) * profile-opt build now applies PGO to modules as well - update python-2.7.10-overflow_check.patch with python-2.7.13-overflow_check.patch, incorporating upstream changes (bnc#964182) - add "-fwrapv" to optflags explicitly because upstream code still relies on it in many places- provide python2-* symbols, for support of new packages built as python2-foo - rename macros.python to macros.python2 accordingly - require python-rpm-macros package, drop macro definitions from macros.python2- initial packaging of `python27` side-by-side variant (fate#321075, bsc#997436) - renamed `python` to `python27` in package names and requires - removed Provides and Obsoletes clauses - dropped SLE12-only patch python-2.7.9-sles-disable-verification-by-default.patch, companion sle_tls_checks_policy.py file and the python-strict-tls-checks subpackage - dropped profile files - removed /usr/bin/python and /usr/bin/python2, along with other unversioned aliases - rewrote macros file to enable stand-alone packages depending on py2.7 - re-included downloaded version of HTML documentation- update to 2.7.12 * dozens of bugfixes, see NEWS for details * fixes multiple security issues: CVE-2016-0772 TLS stripping attack on smtplib (bsc#984751) CVE-2016-5636 zipimporter heap overflow (bsc#985177) CVE-2016-5699 httplib header injection (bsc#985348) (this one is actually fixed since 2.7.10) - removed upstreamed python-2.7.7-mhlib-linkcount.patch - refreshed multilib patch - python-2.7.12-makeopcode.patch - run newly-built python interpreter to make opcodes, in order not to require pre-built python - update LD_LIBRARY_PATH to use $PWD instead of "." because the test process escapes to its own directory - modify shebang-fixing scriptlet to ignore makeopcodetargets.py- CVE-2016-0772-smtplib-starttls.patch: smtplib vulnerability opens startTLS stripping attack (CVE-2016-0772, bsc#984751) - CVE-2016-5636-zipimporter-overflow.patch: heap overflow when importing malformed zip files (CVE-2016-5636, bsc#985177) - CVE-2016-5699-http-header-injection.patch: incorrect validation of HTTP headers allow header injection (CVE-2016-5699, bsc#985348) - python-2.7-httpoxy.patch: HTTPoxy vulnerability in urllib, fixed by disregarding HTTP_PROXY when REQUEST_METHOD is also set (CVE-2016-1000110, bsc#989523)- Add python-2.7.10-overflow_check.patch to fix broken overflow checks. [bnc#964182]- copy strict-tls-checks subpackage from SLE to retain future compatibility (not built in openSUSE) - do this properly to fix bnc#945401 - update SLE check to exclude Leap which also has version 1315, just to be sure- Add python-ncurses-6.0-accessors.patch: Fix build with NCurses 6.0 and OPAQUE_WINDOW set to 1.- add missing ssl.pyc and ssl.pyo to package - implement python-strict-tls-checks subpackage * when present, Python will perform TLS certificate checking by default. it is possible to remove the package to turn off the checks for compatibility with legacy scripts. * as discussed in fate#318300 * this is not built for openSUSE, but retained here in case we want to build the package for a SLE system- python-fix-short-dh.patch: Bump DH parameters to 2048 bit to fix logjam security issue. bsc#935856- add __python2 compatibility macro (used by Fedora) (fate#318838)- update to 2.7.10 - removed obsolete python-2.7-urllib2-localnet-ssl.patch- Reenable test_posix on aarch64- python-2.7.4-aarch64.patch: Remove obsolete patch - python-2.7-libffi-aarch64.patch: Fix argument passing in libffi for aarch64- update to 2.7.9 * contains full backport of ssl module from Python 3.4 (PEP466) * HTTPS certificate validation enabled by default (PEP476) * SSLv3 disabled by default (bnc#901715) * backported ensurepip module (PEP477) * fixes several missing CVEs from last release: CVE-2013-1752, CVE-2013-1753 * dozens of minor bugfixes - dropped upstreamed patches: python-2.7.6-poplib.patch, smtplib_maxline-2.7.patch, xmlrpc_gzip_27.patch - dropped patch python-2.7.3-ssl_ca_path.patch because we don't need it with ssl module from Python 3 - libffi was upgraded upstream, seems to contain our changes, so dropping libffi-ppc64le.diff as well - python-2.7-urllib2-localnet-ssl.patch - properly remove unconditional "import ssl" from test_urllib2_localnet that caused it to fail without ssl- skip test_thread in qemu_linux_user mode/bin/sh  !"#$%&'()*+,-./0123456789:;<=2.7.18-150000.77.12.7.18-150000.77.1python2.7lib-dynload_bisect.so_codecs_cn.so_codecs_hk.so_codecs_iso2022.so_codecs_jp.so_codecs_kr.so_codecs_tw.so_collections.so_csv.so_ctypes.so_ctypes_test.so_elementtree.so_functools.so_heapq.so_hotshot.so_io.so_json.so_locale.so_lsprof.so_md5.so_multibytecodec.so_multiprocessing.so_random.so_sha.so_sha256.so_sha512.so_socket.so_struct.so_testcapi.soarray.soaudioop.sobinascii.sobz2.socPickle.socStringIO.socmath.socrypt.sodatetime.sodl.sofcntl.sofuture_builtins.sogrp.soitertools.solinuxaudiodev.somath.sommap.sonis.sooperator.soossaudiodev.soparser.soresource.soselect.sospwd.sostrop.sosyslog.sotermios.sotime.sounicodedata.sozlib.so/usr/lib//usr/lib/python2.7//usr/lib/python2.7/lib-dynload/-fomit-frame-pointer -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:37853/SUSE_SLE-15_Update/60309471534e9d2a6d0f8a9c71cf578e-python-base.SUSE_SLE-15_Updatedrpmxz5x86_64-suse-linux  !"#$%&'()*+,-./0123456789:;directoryELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=01d58dd2cd00d692e33a160ddc3e3dc49743eee6, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=90e8df7410bb9a92cce995df955779c9c973b55c, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=d8ca12b8d25a3c58d8423e65c37e8f6e03acdd01, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=fe7286ff57855534219bdd7ee9d1ddf5fdae2184, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=02b4859f7443f0d0b080a9d003506b02acf34232, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=ca91983a88f9d9fb53fbe3d67479e9ebaadd7910, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=84814190f22c39be66a4c0d0c2f94f398b076e0b, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=8944bfc25682d9d858ee2da36ba17fccbcd2eb3a, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=3646a0d885ed232681b0b891acd577d39261413e, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=3da20b36280b21af73c82f0044b220d281dae5da, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=5ae4780f8842d1c230f5fe77e7b46b3816ddd65b, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=8346db100891028d71dd0141ea072604ee45e310, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=e883f879ecdbbbaef4eab19d181c508cc6efc894, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=b8a930faba8dda9ff1f2c7157143bc93a8c7d0bc, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=3815a5d9fa118155bdfa6b7617fc1a33cbce1380, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=ea61b1cd2b15361b4007da535fc05b6314bfec31, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=579273acaef44c2bb6b1ca51924afc0202387286, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=1ad0821f7450f881972eb615165b96804226d2f8, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=95512c0818bd0d6cc366c5dcb7a6d350c4ad77b8, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=784f746cef5058cbbef781152a044e83362da1a9, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=c191cf95001a164e78f8a973f5187ac99c714276, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=724f8d5a2a1cb70312f6aec7d7563c9f1bd147b7, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=eb8b003139490ed02ee8115a36378a0f1f97a0c7, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=e1205c37dff564dc00309bf0eccf80e9a03afb79, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=941c41e35fdc45bfcc7ddb540a1f4429175f0be9, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=3444dc1a8395d86e7a12ed2810e9632ed815d640, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=f3cc6965200c95e043920ccc4f31a9cd99250b71, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=1e26c8e3038fa7d3aa815e219f7be6ce75eb8d1e, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=20f42652761cf616b00e4918b379737970fdaa91, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=13a6e961ba45edf78bb19881ac61ea40c97a3f6a, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=7ade5e601d8b61d7435587576c0a29a00b4a574b, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=47883c7377f2fcd45b40806a271d5309cff64762, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=b8b0344074eda882a1dd0e2c61f170257f773ea8, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=b81dc41aad08b83bdb4d7c8fd6e20eed2625828e, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=dc77b614cfdb6effd8d7e184c16336a28729bf08, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=df5a5e3d6ebcf12226d20cbf6c3ca55ca43748c2, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=dad8595ecec7aeceba46e712cd80e731075e1222, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=a3b23383f8883e08529771c4200c92f444a3c268, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=621be2605823b5a237f2df8b052ba69da291a8a1, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=60cecdc71bdbdedda8516217cbcc150d2da5dc3b, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=d4ac2f5710f488418148ae299d272cea6fd9184b, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=c7ffc5b5fe5c9ce536ee6023a83c004651943d57, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=416148499d83196a8b3c55c8200568dec83d0a8a, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=b673fbe9a966e06b7ef223e9729d5582e8e59081, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=743bb1cb6755964d2d13d85fd70d4e5ea12050f6, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=5fded1e2dca81e56dff5d1d9d8c7650aa43cea9b, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=fc4231b55db5dacb7fe5804a0fc9e917fc7bba38, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=bf052be8dfdb863ecdcae91d585cf95b6c7b56ce, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=cee3c7f3556ac41771063107798868ac2bb35dbe, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=62e9ee28bc1dcb527d0c954e8f7acba8c4bf1bf1, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=9ad7c1f4a2d11f4e0216f5bca32f28f395bdc089, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=2af01c0cf41b28925ea6f1e57cc047e9822c64e5, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=339522fcd101ad89e535f7b5fb19711c87073f4f, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=7c78a950e91cd4557c55221fa9ed10bb415bed9a, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=094499944c4b9117cf868dc6562a401ffdeb3b37, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=4141b70b87b79c901b55bf5a0851ac314bf78b0b, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=72d3019aa0e34e347e8b008626c6187eb65758f3, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=334de820bd7c12efccf5a43def611e12b4add52d, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=dbed135b4b6df2758b7fcd488f6b3152dfbb0a16, stripped%-5=DS[cjpy*2=CLRY`ju               R%RR R RRR%R RR RR RRR%R RR RR RRR%RR RR RRR%R RR RR RRR%R RR RR RRR%R RR RR RRR%R RR RR RRR%RR RR RRR%RRRR RR RRRRRR RRR%RR RR R RRR%R RR RR RRR%RRR R RRR%RR R RRR%R RR RRR RRR%RRRRRR RR RRR%RR RR RRR%R RRR RR RRR%RR RR RRR%RR RR RRR%RR RR RRR%RR RRRRRR RRR%RR RR RRR%RR RR RRR%RR RR RRR%RR RR RRR%RRR RRR RRRR RRR%R RR RR RRR%R RRR RRR RRR%R RR RR RRR%RR RR RRR%R RRR R#R RRR%RR RRR RRR%RRR RR RRR%RRR RR RRR%RRR RRRRR RRR%RRR RR RRR%RRR RR RRR RRR%RR R RRR%RR RRR R RRR%RR R RRR%RR RR RRR%RRR R RRR%R RRR RRR RRR%RRR RRRRR RRR%RRRRR RR RRR%RRR RR"RR!R RRR%RRR R RRR%R R RRR RRRR RRR%RR RR RRR%RRRRR RR RRR%RR RRR RR RRR%RR RR RRR%RRR RR R RRR%RR RR RRR%RRR RR RRR%RRRR RRR RRR%R RRR R RRR%R$RR RR#R RRutf-8ba4119082261ff414ea4600c30850aaa5422a92d7c186d55ecc2e0eeeb9a3092? 7zXZ !t/ 7]"k%na C4ntf QOA^]X7TDOy0Q i0:_k5/Qϳ9b DEOr(s8C,](H"D!g[a\e2Q/1)*ssye^>?텂E =AܽT>w]5bYH /dtL9:@'f& zDxgOC}v_뺆ǥV(ć3G'ᘐ@B7˺ xhҺoլcbl3ZhRv:ER] 3lNJʚ'7*8#-TϚp] }]`O&CV(g-\_7u xc{) ʕh̟!go^eZƾ(WqsKҳzWd?Y2hAzk>N"Jey#$ ;]:Q7}Qo )"= ni{d:)>,Q jbTR";J7Ux:VQE??hF1H.ٝQB4f*hJ3G?k"4!|jZ+"VYe6iT·=ڀ%I [=O>=G@@Q1{у(uBӛ~s$=e|'B`SQIG:fzK=ٕIl4ǻ,!(ܞJn=@nf9׎te6RĂ=n9\_GaWML-|A[82# U{0[32\ A kD7g al"b7: =qޯ@1Cl>QRd24򋊳K;$y-s=S 7`YbO CM7?}Z,ij=Q4?mBTM4$u$!=*` X-!g/l8ߛZHҿvl^KiE 8cODYs4ѼV#'>h|ttU>Pp-CNyPɛ5!qvayތu̓;P΅;S^ͤ2Am*t.ߜ:U}R\x@yAPpc^WX Zoݎy*9Q1mD$U֗EI+Ptj„@fhH2uqIdls݌}yUO&PTMÅoljÑ(ӕƽ4dfs2 DRXU?\g⠚.NaG%0gX~` uk_ќnnФl8#*PuAC6!UtuU{|5ͱ+_ǜъ_AE]|*֝ƕdѐqgfaWJ~ d3^C z8 KN,nL'Xvokl"FQdZfѩg^V6sHq=rD4%p#xK/9FF 7<&p<AA2|n y$êҋI91=JdJ1?: DnI{! ` ٖ$ۓک.0Xo}MBYaXBcWqv5Gwd"'w7T*xymTFtHPCr 1D >sY+?Ļh]bV˪}^F?;4t!6*Lgw "ڹ@g롂BSp)?Y Uf*T71QlOۉ_ Ҏ5LnDYۻ ף^nky%2"A6uC3_Djr4-2ө &Mkʃ#AsbhoWeU;[!`{}j) BŔNӈ/h@4Nz,kt ^D=lΎ)rs2ݨQ.fẪ"I%5ٓsYtP\"ڃ7Cs:d\1ӌm_&cD^Z/H 8 YM3/-d\=5xx B,{້&C~_8|h`cd"^Uo ؒl^d&?2tG?E Ӓ\8¹sۍw|8ب7  YZ