postfix-3.2.0-2.6.1<>,3L\ڰg/=„+cwEiQcc28%vbdbs@˅D Z-zӏ0ǥ9`rtbnk䏑t"?⡎ g!hF:bPWwm Jۺ]$!!&;qtJ6#Xhr8ƸãOjΘ:_ "Y>g ֬dG?d   : r"<% '@ ( ,D CZ EHhLPQTt Uh7VD7Z7[[[([ 7['8_9al:l=Q>Q?Q@QCQFQGQHU<IXXYl YY \Y]]^gbhcidj1ej6fj;lj=ujPvm;wxlyzCpostfix3.2.02.6.1A fast, secure, and flexible mailerPostfix aims to be an alternative to the widely-used sendmail program.\ڰglamb151eopenSUSE Leap 42.3openSUSEIPL-1.0http://bugs.opensuse.orgProductivity/Networking/Email/Servershttp://www.postfix.org/linuxx86_64 test -n "$FIRST_ARG" || FIRST_ARG="$1" # disable migration if initial install under systemd [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$FIRST_ARG" -eq 1 ]; then for service in postfix.service ; do sysv_service="${service%.*}" touch "/var/lib/systemd/migrated/$sysv_service" || : done else for service in postfix.service ; do # The tag file might have been left by a preceding # update (see bsc#1059627) rm -f "/run/rpm-postfix-update-$service-new-in-upgrade" if [ ! -e "/usr/lib/systemd/system/$service" ]; then touch "/run/rpm-postfix-update-$service-new-in-upgrade" fi done for service in postfix.service ; do sysv_service="${service%.*}" if [ -e /var/lib/systemd/migrated/$sysv_service ]; then continue fi if [ ! -x /usr/sbin/systemd-sysv-convert ]; then continue fi /usr/sbin/systemd-sysv-convert --save $sysv_service || : done fi VERSIONTEST=$(test -x usr/sbin/postconf && usr/sbin/postconf proxy_read_maps 2>/dev/null || :) if [ -z "$VERSIONTEST" -a -f var/spool/postfix/pid/master.pid ]; then if checkproc -p var/spool/postfix/pid/master.pid usr/lib/postfix/master; then echo "postfix is still running. You have to stop postfix in order to" echo "install a newer version." exit 1 fi fi getent group mail >/dev/null || groupadd -g 12 -o -r mail getent group postfix >/dev/null || groupadd -g 51 -o -r postfix getent group maildrop >/dev/null || groupadd -g 59 -o -r maildrop getent passwd postfix >/dev/null || useradd -r -o -g postfix -u 51 -s /bin/false -c "Postfix Daemon" -d /var/spool/postfix postfix usermod -G 59,mail postfix # ---------------------------------------------------------------------------# We never have to run suseconfig for postfix after installation # We only start postfix own upgrade-configuration by update if [ ${1:-0} -gt 1 ]; then touch /var/adm/postfix.configured # Check if main.cf and master.cf was changed manualy MAINCH=0 if [ -e /var/adm/SuSEconfig/md5/etc/postfix/main.cf ]; then MD5SUM1=$( cat /var/adm/SuSEconfig/md5/etc/postfix/main.cf ) MD5SUM2=$( grep -v "^#" /etc/postfix/main.cf | md5sum ) if [ "$MD5SUM1" != "$MD5SUM2" ]; then MAINCH=1 fi fi MASTERCH=0 if [ -e /var/adm/SuSEconfig/md5/etc/postfix/master.cf ]; then MD5SUM1=$( cat /var/adm/SuSEconfig/md5/etc/postfix/master.cf ) MD5SUM2=$( grep -v "^#" /etc/postfix/master.cf | md5sum ) if [ "$MD5SUM1" != "$MD5SUM2" ]; then MASTERCH=1 fi fi echo "Executing upgrade-configuration." if [ "$(/usr/sbin/postconf -h daemon_directory)" != "/usr/lib/postfix/bin/" ]; then /usr/sbin/postconf daemon_directory=/usr/lib/postfix/bin/ fi /usr/sbin/postfix set-permissions upgrade-configuration setgid_group=maildrop || : if [ $MASTERCH -eq 0 ]; then test -e /var/adm/SuSEconfig/md5/etc/postfix/master.cf && grep -v "^#" /etc/postfix/master.cf | md5sum > /var/adm/SuSEconfig/md5/etc/postfix/master.cf fi if [ $MAINCH -eq 0 ]; then test -e /var/adm/SuSEconfig/md5/etc/postfix/main.cf && grep -v "^#" /etc/postfix/main.cf | md5sum > /var/adm/SuSEconfig/md5/etc/postfix/main.cf fi fi test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$YAST_IS_RUNNING" != "instsys" -a -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi if [ "$FIRST_ARG" -eq 1 ]; then if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl preset postfix.service || : fi elif [ "$FIRST_ARG" -gt 1 ]; then for service in postfix.service ; do if [ ! -e "/run/rpm-postfix-update-$service-new-in-upgrade" ]; then continue fi rm -f "/run/rpm-postfix-update-$service-new-in-upgrade" if [ ! -x /usr/bin/systemctl ]; then continue fi /usr/bin/systemctl preset "$service" || : done for service in postfix.service ; do sysv_service=${service%.*} if [ -e /var/lib/systemd/migrated/$sysv_service ]; then continue fi if [ ! -x /usr/sbin/systemd-sysv-convert ]; then continue fi /usr/sbin/systemd-sysv-convert --apply $sysv_service || : touch /var/lib/systemd/migrated/$sysv_service || : done fi if [ -x /usr/bin/chkstat ]; then /usr/bin/chkstat -n --set --system /usr/sbin/postqueue fi if [ -x /usr/bin/chkstat ]; then /usr/bin/chkstat -n --set --system /usr/sbin/postdrop fi if [ -x /usr/bin/chkstat ]; then /usr/bin/chkstat -n --set --system /etc/postfix/sasl_passwd fi if [ -x /usr/bin/chkstat ]; then /usr/bin/chkstat -n --set --system /usr/sbin/sendmail fi PNAME=postfix SUBPNAME= TEMPLATE_DIR=/var/adm/fillup-templates SYSC_TEMPLATE=$TEMPLATE_DIR/sysconfig.$PNAME$SUBPNAME SD_NAME="" if [ -x /bin/fillup ] ; then if [ -f $SYSC_TEMPLATE ] ; then echo "Updating /etc/sysconfig/$SD_NAME$PNAME..." mkdir -p /etc/sysconfig/$SD_NAME touch /etc/sysconfig/$SD_NAME$PNAME /bin/fillup -q /etc/sysconfig/$SD_NAME$PNAME $SYSC_TEMPLATE fi else echo "ERROR: fillup not found. This should not happen. Please compare" echo "/etc/sysconfig/$PNAME and $TEMPLATE_DIR/sysconfig.$PNAME and" echo "update by hand." fi PNAME=mail SUBPNAME=-postfix TEMPLATE_DIR=/var/adm/fillup-templates SYSC_TEMPLATE=$TEMPLATE_DIR/sysconfig.$PNAME$SUBPNAME SD_NAME="" if [ -x /bin/fillup ] ; then if [ -f $SYSC_TEMPLATE ] ; then echo "Updating /etc/sysconfig/$SD_NAME$PNAME..." mkdir -p /etc/sysconfig/$SD_NAME touch /etc/sysconfig/$SD_NAME$PNAME /bin/fillup -q /etc/sysconfig/$SD_NAME$PNAME $SYSC_TEMPLATE fi else echo "ERROR: fillup not found. This should not happen. Please compare" echo "/etc/sysconfig/$PNAME and $TEMPLATE_DIR/sysconfig.$PNAME and" echo "update by hand." fi /sbin/ldconfig test -n "$FIRST_ARG" || FIRST_ARG=$1 if test "$FIRST_ARG" = "0" ; then test -f /etc/sysconfig/services && . /etc/sysconfig/services if test "$YAST_IS_RUNNING" != "instsys" -a "$DISABLE_STOP_ON_REMOVAL" != yes ; then for service in postfix ; do test -x /bin/systemctl && /bin/systemctl stop $service >/dev/null 2>&1 || : done fi fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -eq 0 -a -x /usr/bin/systemctl ]; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable postfix.service || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_STOP_ON_REMOVAL" && . /etc/sysconfig/services test "$DISABLE_STOP_ON_REMOVAL" = yes -o \ "$DISABLE_STOP_ON_REMOVAL" = 1 && exit 0 /usr/bin/systemctl stop postfix.service ) || : fi # --------------------------------------------------------------------------- test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -ge 1 ]; then # Package upgrade, not uninstall if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services test "$DISABLE_RESTART_ON_UPDATE" = yes -o \ "$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0 /usr/bin/systemctl try-restart postfix.service ) || : fi else # package uninstall for service in postfix.service ; do sysv_service="${service%.*}" rm -f "/var/lib/systemd/migrated/$sysv_service" || : done if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi fi /sbin/ldconfig # ---------------------------------------------------------------------------~.]T'f .'\{zsR"'$H%XR1z21wIH߈)8))0J x:@\s"'$H I[(9: )[Z|p: X x{I8+j:8bJJp::)p)*HJhl8[\Jl~[.((   # I d-  E#d  L Jy .r X 8&X; r$ | N ^_$2Z 0 &  <_A큤큤AAA큤A큀AA큤AAA큤A큤AAAAAAAAAAAAAAA\ڰZ\ڰZ\ڰ[\ڰ[\ڰU\ڰU\ڰU\ڰU\ڰU\ڰU\ڰZ\ڰU\ڰU\ڰZ\ڰZ\ڰ[\ڰU\ڰU\ڰU\ڰ[\ڰU\ڰU\ڰU\ڰU\ڰU\ڰU\ڰ[\ڰ[\ڰU\ڰ[\ڰ[\ڰU\ڰU\ڰU\ڰ[\ڰ[\ڰ[\ڰ[\ڰ[\ڰ[\ڰU\ڰU\ڰ[\ڰ[\ڰ[\ڰa\ڰa\ڰa\ڰ]\ڰ[\ڰ[\ڰ[\ڰ[\ڰ[\ڰ\\ڰ\\ڰ\\ڰ\\ڰ\\ڰ\\ڰ\\ڰ\\ڰ\\ڰX\ڰX\ڰX\ڰX\ڰX\ڰ\\ڰ\\ڰ\\ڰ\\ڰ\\ڰ\\ڰ\\ڰ]\ڰ]\ڰ]\ڰ]\ڰ]\ڰ]\ڰ]\ڰW\ڰW\ڰa\ڰa\ڰa\ڰa\ڰa\ڰW\ڰW\ڰW\ڰ[\ڰW\ڰ]\ڰ]\ڰZ\ڰ[\ڰ]\ڰ]\ڰ]\ڰ]\ڰ^\ڰ[\ڰZ\ڰ[\ڰ^\ڰ^\ڰ^\ڰ^\ڰ^\ڰ^\ڰ^\ڰ^\ڰ^\ڰ^\ڰ^\ڰ^\ڰ^\ڰ`\ڰ^\ڰ^\ڰ^\ڰc7M,\ڰX\ڰX\ڰX\ڰX\ڰX\ڰX\ڰX\ڰX\ڰX\ڰX\ڰX\ڰX\ڰX\ڰX\ڰX\ڰX\ڰX\ڰX\ڰX\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰY\ڰ[\ڰZ\ڰZ\ڰZ\ڰW\ڰW\ڰW\ڰW\ڰW\ڰW\ڰW\ڰW\ڰW\ڰW\ڰW\ڰW\ڰW\ڰW\ڰW67846acdac1a847c961931257ee22005cb01ac4fb665158e70b562197144a347761ea9fd5b920b746326177f6ac04bbe64375f37431336ea1b1b3005fe3fa354f8493478e4bbd665a673716bc8372b6734fad40982d70cc00b8a65db514f2dea504d9d01891bd4db4393774d152f80d366355ebd55c8321f3c7e5b199bbe6f6440af4b12cd452d3c04a615fc3da794e3d2b77f800f1bc04c441d3b3a9bd0d28d39c753b1ab7eaa5aafbf2b56730c5f9c646be960e1fbfe0a341f52dbbb8c19880322c45b2909b502dadf937898ea9ab4f3773b33d0704984575838b4a0fb9912e3ab8978b521cdfc9d78207c41f4398ee675a5fcddec8156ccf68abbbbbd6973016026f85b1611cc3359cba5d9ff3a5345871f51a59701df124000141cb68052b25a8721a93383a68f07c9150fa0e7a6ed83d3b1b6cbd8e30067e7c9a79fa50f2a3bc26e39035de74291c3a900a9797f323fb29f73efeb390b2fbdf11c6a63550293c61cb122902add5a19b99c5160d00f60ad2dd9ec13f0208db11a874d0560c66b5f888b27d0ba1a7a1e07c86fbb24dcdb315ad1c26ebe31f3df93b2f9091b4f478aaff4ecc2cb7ff3c95f0666f822416be021c040fd2f9aefc3801e8b5284f0d1dacb70631b5fc697b965d2894e20105efabeb6873b44751ef989bce1687c1753814568e5c65f247faa29144076b8c1fffdadd37b5be8e1967d77176faf952bd5b03144c148413513cc97ce64d4f5ee17001d4c9e98be592fa75b4eea4680e544a2716b686acd481795c27f761f4df511b68bd41e67a5723b0f9d7f66f739ba18eb6f4e62a2ffd305149ccc259acfda086f9bbcd1b46c359104ba15ffaa7a4e9516c88b848d0ceb16d1cb2c8489f167aed9a17724723b58c2e48a126645de326578f62bca6d6ffc3971f258c9333a0576f3ad5835cc394b2910b2ffeb5caa2e13ecc3913f94388bb7b39050ddbcb1f2e9f7fb43056fb027855d38ce771501a75a3755f191b4eb4bc777a91fad60082915a29a39062726924d47a604ab50b4b6b6e4658b03335c3ac29a42baf053d6b91a73046e42382014f7c2f2240b40d88e11a32f81db3595c06b7a475c9f3b3bbd83fad8c0d1a67db53e7c3fbd2a087d3ea6532a79d2e05c8065738c4119ca77301c35c1629c1290cf64e45d5a0a218eb7b5533f32776f5b9a5a56b3d9ffa47fed83d3b1b6cbd8e30067e7c9a79fa50f323fb29f73efeb390b2fbdf11c6a63550293c61cb122902add5a19b99c5160d00f60ad2dd9ec13f0208db11a874d0560c66b5f888b27d0ba1a7a1e07c86fbb2449575265ff072e59c357881c6908fb7478a95bac805dd19219ca0650014f8cf9bd83fad8c0d1a67db53e7c3fbd2a087d5dc92f95b843021d621f65d3f74598004efbc725f10ed352afe35e8677b5b68e48c41e5b6e439621af5c5dd96cec21bcb6b6e4658b03335c3ac29a42baf053d6d1e1bc91f7b14f51ad3f81e7d76caaf9bd147fe9dbc4bed7706f53ae2628725689db89aa417d01676658763de1dafada9afaa97ab40eb4b306cfae082875e7fc08f214d764d93e4ca62ab573763353cc847348ff6f6c081fd4aa46fdfd7f8797a27daef3cf350a049ace4f615b876afb27d521f4a255799a86b70dd26a3bedcb6760fd2ae98846b86222b19666448bccf7d8738b3fabf7ee562f4c49318897d745871f51a59701df124000141cb680523d89b831ad63f932bbbe0f9e14bd76f7d765eb4b6d7f3e085fd6b3e319f317082da1b4efac83afafa059d9fd1f68cf2ec372143690006bb0ba567ce4131c2fe5d4c075ad8e43c80623a73aa0f0d0f5e63ed2a87cdcf47ab904ff54f6e13931d6d8209afb64443c02b019f6f0507a4037ecbd06bf103ca8f56941f939c02fe1bc8008d54f7c5d5d3cc3b886924a09ae2565d5ccec6aed5a6d8ef2eb2b9831f55c72aa00a4b93e8daf4822cc844fd38dd797b1d3d36d888082ce6dc12e6360306a7254e9d751664e88a25e4a9fb4d80555f756203822f387ea8cf22452965ea624a21d3d2bc84d24e658a524a654b79f49326e7856f5852735bd7a63be487b2df539dc413fbe932e0934ce0c37fc420d6d3ed0cfc2dcbe692980c404065b5fe1449f2594e7d42960c209401ed1e04b7613bf486dfd9606941094b4e9f7883e79ee13557e3921176de4a252230143696038f3720a480e04039ab59a65e858a93a443af8116095b39e07b9064832a39900ed2491ec6704f8c148b26ebc139e52d039c2c380cc74e01713b8176ace248e5d43368794145d40d95289bb8205411f238f7e4fe8b32f541f3703ca57ead89d85d36092f6613b8693b29bd4b57eda0ac75664375f37431336ea1b1b3005fe3fa354f1e35e9aeb70ba482721220d19476500f1e35e9aeb70ba482721220d1947650063f2dad211853e35cce02b09524f48b225b1a19ecca7b7b27cb216d2ebe9f7893ccf6cfdccf16e357290ada13a900f85804e0b5d28a62dac9a3893856233917d5e36d1cbb23c08521c500e933e4ec31794085681f6b68a52d1a3d623562b4800a812404b9d4de9241c363709610ec1c631bcee6d4fecc974e153ae0cf6648ca314224ade1e043025266b5afd1655596b2820196875554a98f0d193863b95d6a169675859da2e74e4b3fe1267b0ab06c06f06d6640e942f35d8df7d0e4f5868b402b1f67cde37cc6e64489b5b7e2cc7ffc01047de295dfec150b1ea3e9382f70b0d4643f956597e40b4913274da33568e84703f055c513681d50e4e99aedf8fd2a16a6d606773cdf4846271c6c49fb7d8460cd2a51149bb39747f546f6b9cb1f4cf8966ddafe2104b73e25b480945344b6db22fdd2ee4312f4419af6f7602d57b857653a8c745b8ffc9f0390d034589c2b5f7cf824859ef23b9879aee3518681863f31f128e022a26a391d03e6a84b0f21a7a14028616590f13cb646b3bf67f6f4670d45b57db59a3369719e09abae5f3b1a982d345e392d22173d25caf75a08bc9209228cd2b303406db4e4e6cdf26e00c55bc6e095ec92f8f631878ece3c81c07ef7ff32ad78dd9ff2ea3f3ec56f13e64af540e2cf3fc71a992950e5b50d6dfb8c82ed62377dce0fa2ae6d7ecbfa155b732f995c7d0350fc3830404d11157832fe60da4e7c5b863160ec90200b93f6698146c9fde993409d3d4ce3dbaa9e09b28da97c997d34eabcfef280e7a7b4e0dd5397a7c64d458c9027d9eb0406a2b5808f3b75a23ee597e1187dd745d6e16004d6a4e0d2f52d8cfdf5eeb70fde0c909b8ad857d5ffac5eb819f4fbe8a839bd0c97e7715b327f141b1275a4c7abd59a81445b4aac4ae4ef28a53a921cee4b27ed7fabd6ee03d1f2df79488864a7450b318887e0c26b5d37f4a419b7204ad1ff015853bc2ca0023b01676b8f54f049c81b1e3d59547d4ddf94d36b0d113fba4e131952958ed6053199fdcef5d4942b0c381537372484df0f0fb18a2432073c5e4edf2ef00f531dd0eed6aeca5232a82d7cadb60d7a67a33882724982b5cf81821f911f42e7763d8245ae830115386cc9251e42aa5c5c3290c36cd9b50929ce9e127f1362227a369c3efb8c537adad6c2b5c17d6bdab8a6944bd748bf374c0837b97395434d5c30e3ef50ebf86a4854a791dcb1413de13e162ecfb7f92b49068c7c78ca220a35bb1adaaf8de3babcf3410868c863c90ce26ff207aed0263ea9a24e0083da01c539d9c5d51b556107884ab44b211a5a760d7439a4135fb84a219af4a49d342f3b890d5d76bff8fc8315409e18c9a96970bd39b63b46de01c403e7839d31246f828a8282e7560a5b0a6361f89803f93d2929d67ab6f5ab5a878102d17b7b3250e7bd2cdda701b79c2599e8f18887e0c26b5d37f4a419b7204ad1ff0e3e3d4b03c3da6c0ceb248f6ed6b34c9cd2e56157738f50b4c757f4471803531918a07cce1956d117136167333bada32b3ce9127f597f845c075245e084538b96d4bd433e1cd26fe4b613ed44501b5f0b18db2de678f693e7cfd56f1146a1352../../ssl/certs../sbin/sendmail../sbin/sendmail../../lib64/libpostfix-dns.so../../lib64/libpostfix-global.so../../lib64/libpostfix-master.so../../lib64/libpostfix-tls.so../../lib64/libpostfix-util.so../sbin/sendmailservicerootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootpostfixrootpostfixpostfixpostfixpostfixpostfixpostfixpostfixpostfixpostfixpostfixpostfixpostfixpostfixrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootmaildroprootrootrootrootrootrootmaildroprootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootmaildroprootmaildroprootrootpostfix-3.2.0-2.6.1.src.rpmconfig(postfix)libpostfix-dns.so()(64bit)libpostfix-global.so()(64bit)libpostfix-master.so()(64bit)libpostfix-tls.so()(64bit)libpostfix-util.so()(64bit)postfixpostfix(x86-64)postfix-ldap.so()(64bit)postfix-pcre.so()(64bit)smtp_daemon@ !@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@    /bin/bash/bin/sh/bin/sh/bin/sh/bin/sh/bin/sh/bin/shconfig(postfix)coreutilsdiffutilsfillupgrepiproute2libc.so.6()(64bit)libc.so.6(GLIBC_2.11)(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.2)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.7)(64bit)libcrypto.so.1.0.0()(64bit)libdb-4.8.so()(64bit)libdl.so.2()(64bit)libdl.so.2(GLIBC_2.2.5)(64bit)libicuuc.so.52.1()(64bit)liblber-2.4.so.2()(64bit)libldap-2.4.so.2()(64bit)libnsl.so.1()(64bit)libnsl.so.1(GLIBC_2.2.5)(64bit)libpcre.so.1()(64bit)libpostfix-dns.so()(64bit)libpostfix-global.so()(64bit)libpostfix-master.so()(64bit)libpostfix-tls.so()(64bit)libpostfix-util.so()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2.5)(64bit)libresolv.so.2()(64bit)libresolv.so.2(GLIBC_2.2.5)(64bit)libsasl2.so.3()(64bit)libssl.so.1.0.0()(64bit)permissionsrpmlib(CompressedFileNames)rpmlib(PartialHardlinkSets)rpmlib(PayloadFilesHavePrefix)shadowsystemdsystemdsystemdsystemdsysvinit(network)sysvinit(syslog)rpmlib(PayloadIsLzma)3.2.0-2.6.13.0.4-14.0.4-14.0-14.4.6-1sendmailexim4.11.2 /usr/bin/chkstat -n --warn --system -e /usr/sbin/postqueue 1>&2 /usr/bin/chkstat -n --warn --system -e /usr/sbin/postdrop 1>&2 /usr/bin/chkstat -n --warn --system -e /etc/postfix/sasl_passwd 1>&2 /usr/bin/chkstat -n --warn --system -e /usr/sbin/sendmail 1>&2 PNAME=postfix SUBPNAME= TEMPLATE_DIR=/var/adm/fillup-templates SYSC_TEMPLATE=$TEMPLATE_DIR/sysconfig.$PNAME$SUBPNAME SD_NAME="" if [ -x /bin/fillup ] ; then if [ -f $SYSC_TEMPLATE ] ; then echo "Updating /etc/sysconfig/$SD_NAME$PNAME..." mkdir -p /etc/sysconfig/$SD_NAME touch /etc/sysconfig/$SD_NAME$PNAME /bin/fillup -q /etc/sysconfig/$SD_NAME$PNAME $SYSC_TEMPLATE fi else echo "ERROR: fillup not found. This should not happen. Please compare" echo "/etc/sysconfig/$PNAME and $TEMPLATE_DIR/sysconfig.$PNAME and" echo "update by hand." fi # ---------------------------------------------------------------------------\\@\N[h@[ @[Z@Y@Y@Y@YyXQ@Xh@XX@XO@XO@X7@XM@Xv@Xk@X9y@X)@X lW1@W WPWJWDB@WDB@WVVVV@VhVU5@U@U@UUlI@UXU6;U3Tء@TOT@TTT@To)@TeTN3TD@T@T1Tk@S/S\SSS@SS,Rb@RW@RM\@R<8QQ@QQQu&@Qr@Q(@QEPP@P@Pf@PPP$POO\@Os@OO@OyO_6OWMOKp@OObO@O yN>@NNؽNk@N@N$@NNf @NRDNLNENA!@N-ZNNN@N N e@MM۝Mc@M@Mz@M(MM@MS@M4/@M# MgL!Lc@L3LLK$@KsKKZKs@KhKC)K0K(K K?K>J@J@J@J0@J@I)@IbPeter Varkoly Peter Varkoly Peter Varkoly varkoly@suse.comvarkoly@suse.comvarkoly@suse.comvarkoly@suse.comvarkoly@suse.comvarkoly@suse.comvarkoly@suse.comvarkoly@suse.comchris@computersalat.dewerner@suse.dechris@computersalat.dekukuk@suse.demrueckert@suse.dewr@rosenauer.orgkukuk@suse.comchris@computersalat.devarkoly@suse.comvarkoly@suse.comchris@computersalat.dechris@computersalat.dechris@computersalat.demichael@stroeder.commichael@stroeder.comschwab@suse.dechris@computersalat.devarkoly@suse.comvarkoly@suse.comopensuse@dstoecker.demrueckert@suse.demrueckert@suse.demrueckert@suse.devarkoly@suse.comvarkoly@suse.commichael@stroeder.comjkeil@suse.demeissner@suse.commeissner@suse.commichael@stroeder.comcrrodriguez@opensuse.orgmpluskal@suse.commrueckert@suse.demrueckert@suse.demichael@stroeder.comvarkoly@suse.comvarkoly@suse.commpluskal@suse.comvarkoly@suse.comvarkoly@suse.comtchvatal@suse.comdimstar@opensuse.orgdmueller@suse.commichael@stroeder.comandreas.stieger@gmx.deandreas.stieger@gmx.derusjako@rus.uni-stuttgart.dedimstar@opensuse.orgchris@computersalat.dejamesp@vicidial.comvarkoly@suse.comvarkoly@suse.comvarkoly@suse.comchris@computersalat.devarkoly@suse.commatz@suse.decrrodriguez@opensuse.orgvarkoly@suse.comschwab@suse.dechris@computersalat.dejengelh@inai.dejengelh@inai.deidonmez@suse.comcrrodriguez@opensuse.orgrmilasan@suse.comvarkoly@suse.comvarkoly@suse.comchris@computersalat.devarkoly@suse.comchris@computersalat.devarkoly@suse.comvarkoly@suse.comchris@computersalat.devarkoly@suse.comvarkoly@suse.comvarkoly@suse.comchris@computersalat.devarkoly@suse.combruno@ioda-net.chdmueller@suse.devarkoly@suse.comvarkoly@suse.comchris@computersalat.devarkoly@suse.comvarkoly@suse.comvarkoly@suse.comvarkoly@suse.comvarkoly@suse.comvarkoly@suse.comvarkoly@suse.comvarkoly@suse.comvarkoly@suse.commhrusecky@suse.czcrrodriguez@opensuse.orgchris@computersalat.devarkoly@novell.comvarkoly@novell.comwerner@suse.dechris@computersalat.dechris@computersalat.dechris@computersalat.devarkoly@novell.comchris@computersalat.dechris@computersalat.devarkoly@novell.comvarkoly@novell.comchris@computersalat.dechris@computersalat.devarkoly@novell.comvarkoly@novell.comvarkoly@novell.comvarkoly@novell.comvarkoly@novell.comchris@computersalat.dechris@computersalat.dechris@computersalat.decoolo@novell.comvarkoly@novell.comchris@computersalat.dechris@computersalat.devarkoly@novell.comchris@computersalat.devarkoly@novell.comvarkoly@novell.comvarkoly@novell.comcoolo@novell.comvarkoly@novell.comchris@computersalat.defreespacer@gmx.dejengelh@medozas.devarkoly@suse.devarkoly@suse.devarkoly@suse.devarkoly@suse.devarkoly@suse.devarkoly@suse.dechris@computersalat.dechris@computersalat.dechris@computersalat.devarkoly@suse.de- bsc#1104543 config.postfix does not start tlsmgr in master.cf when using POSTFIX_SMTP_TLS_CLIENT="must". Applyed the proposed patch.- bsc#1078843 Installation of package postfix fails if group mail is missing. Adapted patch from PTF.- bsc#1120757 L3: File Permissions->Paranoid can cause a system hang Break loop if postfix has no permission in spool directory. - add postfix-avoid-infinit-loop-if-no-permission.patch- bsc#1095073 postfix update S:M:5873:165830: openQA test fails in 1_postfix Daemon_directory must be changed befor starting the postfix-script- bsc#1086465 L3: ignore non-default parent_domain_matches_subdomains setting - add parent_domain_matches_subdomains.diff- bsc#1087471 Unreleased Postfix update breaks SUSE Manager o Removing setting smtpd_sasl_path and smtpd_sasl_type to empty- bsc#1082514 - L3: autoyast: postfix gets not set myhostname properly o When POSTFIX_MYHOSTNAME is empty the output of hostname -f will be used.- bnc#1059512 L3: Postfix Problem The applied changes breaks existing postfix configurations because daemon_directory was not adapted to the new value.- bnc#1059512 L3: Postfix Problem To manage multiple Postfix instances on a single host requires that daemon_directory and shlib_directory is different to avoid use of the shared directories also as per-instance directories. For this reason daemon_directory was set to /usr/lib/postfix/bin/. shlib_directory stands /usr/lib/postfix/.- bnc#1016491 postfix raported to log "warning: group or other writable:" on each symlink in config. * Add fix-postfix-script.patch - bnc#1055995 L3: postfix set-permissions error, chown: cannot access ... No such file or directory- bnc#1045264 L3: postmap problem * Applying proposed patch of leen.meyer@ziggo.nl in bnc#771811- revert changes of postfix-main.cf.patch from rev=261 * config.postfix will not 'enable' (remove #) var, but place modified (enabled) var at end of file, far away from place where it should be * keep vars enabled but empty- Some cleanups * Avoid installing shared libraries twice * Refresh patch postfix-linux45.patch- update postfix-master.cf.patch * recover lost (with 3.2.0 update) submission, smtps sections * merge with upstream update - update config.postfix * update master.cf generation for submission - rebase patches against 3.2.0 * pointer_to_literals.patch * postfix-no-md5.patch * postfix-ssl-release-buffers.patch * postfix-vda-v14-3.0.3.patch- Require system group mail - Use mail group name instead of GID- update to 3.2.0 - [Feature 20170128] Postfix 3.2 fixes the handling of address extensions with email addresses that contain spaces. For example, the virtual_alias_maps, canonical_maps, and smtp_generic_maps features now correctly propagate an address extension from "aa bb+ext"@example.com to "cc dd+ext"@other.example, instead of producing broken output. - [Feature 20161008] "PASS" and "STRIP" actions in header/body_checks. "STRIP" is similar to "IGNORE" but also logs the action, and "PASS" disables header, body, and Milter inspection for the remainder of the message content. Contributed by Hobbit. - [Feature 20160330] The collate.pl script by Viktor Dukhovni for grouping Postfix logfile records into "sessions" based on queue ID and process ID information. It's in the auxiliary/collate directory of the Postfix source tree. - [Feature 20160527] Postfix 3.2 cidr tables support if/endif and negation (by prepending ! to a pattern), just like regexp and pcre tables. The primarily purpose is to improve readability of complex tables. See the cidr_table(5) manpage for syntax details. - [Incompat 20160925] In the Postfix MySQL database client, the default option_group value has changed to "client", to enable reading of "client" option group settings in the MySQL options file. This fixes a "not found" problem with Postfix queries that contain UTF8-encoded non-ASCII text. Specify an empty option_group value (option_group =) to get backwards-compatible behavior. - [Feature 20161217] Stored-procedure support for MySQL databases. Contributed by John Fawcett. See mysql_table(5) for instructions. - [Feature 20170128] The postmap command, and the inline: and texthash: maps now support spaces in left-hand field of the lookup table "source text". Use double quotes (") around a left-hand field that contains spaces, and use backslash (\) to protect embedded quotes in a left-hand field. There is no change in the processing of the right-hand field. - [Feature 20160611] The Postfix SMTP server local IP address and port are available in the policy delegation protocol (attribute names: server_address, server_port), in the Milter protocol (macro names: {daemon_addr}, {daemon_port}), and in the XCLIENT protocol (attribute names: DESTADDR, DESTPORT). - [Feature 20161024] smtpd_milter_maps support for per-client Milter configuration that overrides smtpd_milters, and that has the same syntax. A lookup result of "DISABLE" turns off Milter support. See MILTER_README.html for details. - [Feature 20160611] The Postfix SMTP server local IP address and port are available in the policy delegation protocol (attribute names: server_address, server_port), in the Milter protocol (macro names: {daemon_addr}, {daemon_port}), and in the XCLIENT protocol (attribute names: DESTADDR, DESTPORT). - [Incompat 20170129] The postqueue command no longer forces all message arrival times to be reported in UTC. To get the old behavior, set TZ=UTC in main.cf:import_environment (this override is not recommended, as it affects all Postfix utities and daemons). - [Incompat 20161227] For safety reasons, the sendmail -C option must specify an authorized directory: the default configuration directory, a directory that is listed in the default main.cf file with alternate_config_directories or multi_instance_directories, or the command must be invoked with root privileges (UID 0 and EUID 0). This mitigates a recurring problem with the PHP mail() function. - [Feature 20160625] The Postfix SMTP server now passes remote client and local server network address and port information to the Cyrus SASL library. Build with ``make makefiles "CCARGS=$CCARGS -DNO_IP_CYRUS_SASL_AUTH"'' for backwards compatibility. - [Feature 20161103] Postfix 3.2 disables the 'transitional' compatibility between the IDNA2003 and IDNA2008 standards for internationalized domain names (domain names beyond the limits of US-ASCII). This change makes Postfix behavior consistent with contemporary web browsers. It affects the handling of some corner cases such as German sz and Greek zeta. See http://unicode.org/cldr/utility/idna.jsp for more examples. Specify "enable_idna2003_compatibility = yes" to restore historical behavior (but keep in mind that the rest of the world may not make that same choice). - [Feature 20160828] Fixes for deprecated OpenSSL 1.1.0 API features, so that Postfix will build without depending on backwards-compatibility support. [Incompat 20161204] Postfix 3.2 removes tentative features that were implemented before the DANE spec was finalized: - Support for certificate usage PKIX-EE(1), - The ability to disable digest agility (Postfix now behaves as if "tls_dane_digest_agility = on"), and - The ability to disable support for "TLSA 2 [01] [12]" records that specify the digest of a trust anchor (Postfix now behaves as if "tls_dane_trust_anchor_digest_enable = yes). - [Feature 20161217] Postfix 3.2 enables elliptic curve negotiation with OpenSSL >= 1.0.2. This changes the default smtpd_tls_eecdh_grade setting to "auto", and introduces a new parameter tls_eecdh_auto_curves with the names of curves that may be negotiated. The default tls_eecdh_auto_curves setting is determined at compile time, and depends on the Postfix and OpenSSL versions. At runtime, Postfix will skip curve names that aren't supported by the OpenSSL library. - [Feature 20160611] The Postfix SMTP server local IP address and port are available in the policy delegation protocol (attribute names: server_address, server_port), in the Milter protocol (macro names: {daemon_addr}, {daemon_port}), and in the XCLIENT protocol (attribute names: DESTADDR, DESTPORT). - refresh postfix-master.cf.patch- make sure that system users can be created in %pre- Fix requires: - shadow is needed for postfix-mysql pre-install section - insserv is not needed if systemd is used- update postfix-mysql * update mysql_*.cf files * update postfix-mysql.sql (INNODB, utf8) - update postfix-main.cf.patch * uncomment smtpd_sasl_path, smtpd_sasl_type can be changed via POSTFIX_SMTP_AUTH_SERVICE=(cyrus,dovecot) * add option for smtp_tls_policy_maps (commented) - update postfix-master.cf.patch * fix indentation of submission, smtps options for correct enabling via config.postfix - update config.postfix * fix sync of CA certificates * fix master.cf generation for submission, smtps - rebase postfix-vda-v14-3.0.3.patch- FATE#322322 Update postfix to version 3.X Merging changes with SLES12-SP2 Removeved patches: add_missed_library.patch bnc#947707.diff dynamic_maps.patch postfix-db6.diff postfix-opensslconfig.patch bnc#947519.diff dynamic_maps_pie.patch postfix-post-install.patch These are included in the new version of postfix - Remove references to SuSEconfig.postfix from sysconfig docs. (bsc#871575) - bnc#947519 SuSEconfig.postfix should enforce umask 022 - bnc#947707 mail generated by Amavis being prevented from being re-adressed by /etc/postfix/virtual - bnc#972346 /usr/sbin/SuSEconfig.postfix is wrong - postfix-linux45.patch: handle Linux 4.x and Linux 5.x (used by aarch64) (bsc#940289)- update to 3.1.4 * The postscreen daemon did not merge the client test status information for concurrent sessions from the same IP address. * The Postfix SMTP server falsely rejected a sender address when validating a sender address with "smtpd_reject_unlisted_recipient = yes" or with "reject_unlisted_sender". Cause: the address validation code did not query sender_canonical_maps. * The virtual delivery agent did not detect failure to skip to the end of a mailbox file, so that mail would be delivered to the beginning of the file. This could happen when a mailbox file was already larger than the virtual mailbox size limit. * The postsuper logged an incorrect rename operation count after creating a missing directory. * The Postfix SMTP server falsely rejected mail when a sender-dependent "error" transport was configured. Cause: the SMTP server address validation code was not updated when the sender_dependent_default_transport_maps feature was introduced. * The Postfix SMTP server falsely rejected an SMTPUTF8 sender address, when "smtpd_delay_reject = no". * The "postfix tls deploy-server-cert" command used the wrong certificate and key file. This was caused by a cut-and-paste error in the postfix-tls-script file.- improve config.postfix * improve SASL stuff * add POSTFIX_SMTP_AUTH_SERVICE=(cyrus|dovecot)- improve config.postfix * improve with MySQL stuff- update vda patch to latest available * remove postfix-vda-v13-3.10.0.patch * add postfix-vda-v14-3.0.3.patch - rebase patches (and to be p0) * pointer_to_literals.patch * postfix-main.cf.patch * postfix-master.cf.patch * postfix-no-md5.patch * postfix-ssl-release-buffers.patch - add /etc/postfix/ssl as default DIR for SSL stuff * cacerts -> ../../ssl/certs/ * certs/ - revert POSTFIX_SSL_PATH from '/etc/ssl' to '/etc/postfix/ssl' - improve config.postfix * revert smtpd_tls_CApath to POSTFIX_SSL_PATH/cacerts which is a symlink to /etc/ssl/certs Without reverting, 'gen_CA' would create files which would then be on the previous defined 'sslpath(/etc/ssl)/certs' (smtpd_tls_CApath) Cert reqs would be placed in 'sslpath(/etc/ssl)/certs/postfixreq.pem' which is not a good idea. * mkchroot: sync '/etc/postfix/ssl' to chroot * improve PCONF for smtp{,d}_tls_{cert,key}_file, adding/removing from main.cf, show warning if enabled and file is missing- update to 3.1.3: * The Postfix SMTP server did not reset a previous session's failed/total command counts before rejecting a client that exceeds request or concurrency rates. This resulted in incorrect failed/total command counts being logged at the end of the rejected session. * The unionmap multi-table interface did not propagate table lookup errors, resulting in false "user unknown" responses. * The documentation was updated with a workaround for false "not found" errors with MySQL map queries that contain UTF8-encoded text. The workaround is to specify "option_group = client" in Postfix MySQL configuration files. This will be the default setting with Postfix 3.2 and later.- update to 3.1.2: * Changes to make Postfix build with OpenSSL 1.1.0. * The makedefs script ignored readme_directory=pathname overrides. Fix by Todd C. Olson. * The tls_session_ticket_cipher documentation says that the default cipher for TLS session tickets is aes-256-cbc, but the implemented default was aes-128-cbc. Note that TLS session ticket keys are rotated after 1/2 hour, to limit the impact of attacks on session ticket keys.- postfix-post-install.patch: remove empty patch- fix Changelog cause of Factory decline- Fix typo in config.postfix- bnc#981097 config.postfix creates broken main.cf for tls client configuration - bnc#981099 /etc/sysconfig/postfix: POSTFIX_SMTP_TLS_CLIENT incomplete - update to 3.1.1: - The new address_verify_pending_request_limit parameter introduces a safety limit for the number of address verification probes in the active queue. The default limit is 1/4 of the active queue maximum size. The queue manager enforces the limit by tempfailing probe messages that exceed the limit. This design avoids dependencies on global counters that get out of sync after a process or system crash. - Machine-readable, JSON-formatted queue listing with "postqueue -j" (no "mailq" equivalent). - The milter_macro_defaults feature provides an optional list of macro name=value pairs. These specify default values for Milter macros when no value is available from the SMTP session context. - Support to enforce a destination-independent delay between email deliveries. The following example inserts 20 seconds of delay between all deliveries with the SMTP transport, limiting the delivery rate to at most three messages per minute. smtp_transport_rate_delay = 20s - Historically, the default setting "postscreen_dnsbl_ttl = 1h" assumes that a "not found" result from a DNSBL server will be valid for one hour. This may have been adequate five years ago when postscreen was first implemented, but nowadays, that one hour can result in missed opportunities to block new spambots. To address this, postscreen now respects the TTL of DNSBL "not found" replies, as well as the TTL of DNSWL replies (both "found" and "not found"). The TTL for a "not found" reply is determined according to RFC 2308 (the TTL of an SOA record in the reply). Support for DNSBL or DNSWL reply TTL values is controlled by two configuration parameters: postscreen_dnsbl_min_ttl (default: 60 seconds). postscreen_dnsbl_max_ttl (default: $postscreen_dnsbl_ttl or 1 hour) The postscreen_dnsbl_ttl parameter is now obsolete, and has become the default value for the new postscreen_dnsbl_max_ttl parameter. - New "smtpd_client_auth_rate_limit" feature, to enforce an optional rate limit on AUTH commands per SMTP client IP address. Similar to other smtpd_client_*_rate_limit features, this enforces a limit on the number of requests per $anvil_rate_time_unit. - New SMTPD policy service attribute "policy_context", with a corresponding "smtpd_policy_service_policy_context" configuration parameter. Originally, this was implemented to share the same SMTPD policy service endpoint among multiple check_policy_service clients. - A new "postfix tls" command to quickly enable opportunistic TLS in the Postfix SMTP client or server, and to manage SMTP server keys and certificates, including certificate signing requests and TLSA DNS records for DANE.- build with working support for SMTPUTF8- fix build on sle11 by pointing _libexecdir to /usr/lib all the time.- some distros did not pull pkgconfig indirectly. pull it directly.- fix building the dynamic maps: the old build had postgresql e.g. with missing symbols. - convert to AUXLIBS_* instead of plain AUXLIBS which is needed for proper dynamic maps. - reordered the CCARGS and AUXLIBS* lines to group by feature - use pkgconfig or *_config tools where possible - picked up signed char from fedora spec file - enable lmdb support: new BR lmdb-devel, new subpackage postfix-lmdb. - don't delete vmail user/groups- update to 3.1.0 - Since version 3.0 postfix supports dynamic loading of cdb:, ldap:, lmdb:, mysql:, pcre:, pgsql:, sdbm:, and sqlite: database clients. Thats why the patches dynamic_maps.patch and dynamic_maps_pie.patch could be removed. - Adapting all the patches to postfix 3.1.0 - remove obsolete patches * add_missed_library.patch * postfix-opensslconfig.patch - update vda patch * remove postfix-vda-v13-2.10.0.patch * add postfix-vda-v13-3.10.0.patch - The patch postfix-db6.diff is not more neccessary - Backwards-compatibility safety net. With NEW Postfix installs, you MUST install a main.cf file with the setting "compatibility_level = 2". See conf/main.cf for an example. With UPGRADES of existing Postfix systems, you MUST NOT change the main.cf compatibility_level setting, nor add this setting if it does not exist. Several Postfix default settings have changed with Postfix 3.0. To avoid massive frustration with existing Postfix installations, Postfix 3.0 comes with a safety net that forces Postfix to keep running with backwards-compatible main.cf and master.cf default settings. This safety net depends on the main.cf compatibility_level setting (default: 0). Details are in COMPATIBILITY_README. - Major changes - tls * [Feature 20160207] A new "postfix tls" command to quickly enable opportunistic TLS in the Postfix SMTP client or server, and to manage SMTP server keys and certificates, including certificate signing requests and TLSA DNS records for DANE. * As of the middle of 2015, all supported Postfix releases no longer nable "export" grade ciphers for opportunistic TLS, and no longer use the deprecated SSLv2 and SSLv3 protocols for mandatory or opportunistic TLS. * [Incompat 20150719] The default Diffie-Hellman non-export prime was updated from 1024 to 2048 bits, because SMTP clients are starting to reject TLS handshakes with primes smaller than 2048 bits. * [Feature 20160103] The Postfix SMTP client by default enables DANE policies when an MX host has a (DNSSEC) secure TLSA DNS record, even if the MX DNS record was obtained with insecure lookups. The existence of a secure TLSA record implies that the host wants to talk TLS and not plaintext. For details see the smtp_tls_dane_insecure_mx_policy configuration parameter. - Major changes - default settings [Incompat 20141009] The default settings have changed for relay_domains (new: empty, old: $mydestination) and mynetworks_style (new: host, old: subnet). However the backwards-compatibility safety net will prevent these changes from taking effect, giving the system administrator the option to make an old default setting permanent in main.cf or to adopt the new default setting, before turning off backwards compatibility. See COMPATIBILITY_README for details. [Incompat 20141001] A new backwards-compatibility safety net forces Postfix to run with backwards-compatible main.cf and master.cf default settings after an upgrade to a newer but incompatible Postfix version. See COMPATIBILITY_README for details. While the backwards-compatible default settings are in effect, Postfix logs what services or what email would be affected by the incompatible change. Based on this the administrator can make some backwards-compatibility settings permanent in main.cf or master.cf, before turning off backwards compatibility. - Major changes - address verification safety [Feature 20151227] The new address_verify_pending_request_limit parameter introduces a safety limit for the number of address verification probes in the active queue. The default limit is 1/4 of the active queue maximum size. The queue manager enforces the limit by tempfailing probe messages that exceed the limit. This design avoids dependencies on global counters that get out of sync after a process or system crash. Tempfailing verify requests is not as bad as one might think. The Postfix verify cache proactively updates active addresses weeks before they expire. The address_verify_pending_request_limit affects only unknown addresses, and inactive addresses that have expired from the address verify cache (by default, after 31 days). - Major changes - json support [Feature 20151129] Machine-readable, JSON-formatted queue listing with "postqueue -j" (no "mailq" equivalent). The output is a stream of JSON objects, one per queue file. To simplify parsing, each JSON object is formatted as one text line followed by one newline character. See the postqueue(1) manpage for a detailed description of the output format. - Major changes - milter support [Feature 20150523] The milter_macro_defaults feature provides an optional list of macro name=value pairs. These specify default values for Milter macros when no value is available from the SMTP session context. For example, with "milter_macro_defaults = auth_type=TLS", the Postfix SMTP server will send an auth_type of "TLS" to a Milter, unless the remote client authenticates with SASL. This feature was originally implemented for a submission service that may authenticate clients with a TLS certificate, without having to make changes to the code that implements TLS support. - Major changes - output rate control [Feature 20150710] Destination-independent delivery rate delay Support to enforce a destination-independent delay between email deliveries. The following example inserts 20 seconds of delay between all deliveries with the SMTP transport, limiting the delivery rate to at most three messages per minute. /etc/postfix/main.cf: smtp_transport_rate_delay = 20s For details, see the description of default_transport_rate_delay and transport_transport_rate_delay in the postconf(5) manpage. - Major changes - postscreen dnsbl [Feature 20150710] postscreen support for the TTL of DNSBL and DNSWL lookup results Historically, the default setting "postscreen_dnsbl_ttl = 1h" assumes that a "not found" result from a DNSBL server will be valid for one hour. This may have been adequate five years ago when postscreen was first implemented, but nowadays, that one hour can result in missed opportunities to block new spambots. To address this, postscreen now respects the TTL of DNSBL "not found" replies, as well as the TTL of DNSWL replies (both "found" and "not found"). The TTL for a "not found" reply is determined according to RFC 2308 (the TTL of an SOA record in the reply). Support for DNSBL or DNSWL reply TTL values is controlled by two configuration parameters: postscreen_dnsbl_min_ttl (default: 60 seconds). This parameter specifies a minimum for the amount of time that a DNSBL or DNSWL result will be cached in the postscreen_cache_map. This prevents an excessive number of postscreen cache updates when a DNSBL or DNSWL server specifies a very small reply TTL. postscreen_dnsbl_max_ttl (default: $postscreen_dnsbl_ttl or 1 hour) This parameter specifies a maximum for the amount of time that a DNSBL or DNSWL result will be cached in the postscreen_cache_map. This prevents cache pollution when a DNSBL or DNSWL server specifies a very large reply TTL. The postscreen_dnsbl_ttl parameter is now obsolete, and has become the default value for the new postscreen_dnsbl_max_ttl parameter. - Major changes - sasl auth safety [Feature 20151031] New "smtpd_client_auth_rate_limit" feature, to enforce an optional rate limit on AUTH commands per SMTP client IP address. Similar to other smtpd_client_*_rate_limit features, this enforces a limit on the number of requests per $anvil_rate_time_unit. - Major changes - smtpd policy [Feature 20150913] New SMTPD policy service attribute "policy_context", with a corresponding "smtpd_policy_service_policy_context" configuration parameter. Originally, this was implemented to share the same SMTPD policy service endpoint among multiple check_policy_service clients.- bnc#958329 postfix fails to start when openslp is not installed- upstream update postfix 2.11.7: * The Postfix Milter client aborted with a panic while adding a message header, after adding a short message header with the header_checks PREPEND action. Fixed by invoking the header output function while PREPENDing a message header. * False alarms while scanning the Postfix queue. Fixed by resetting errno before calling readdir(). This defect was introduced 19970309. * The postmulti command produced an incorrect error message. * The postmulti command now refuses to create a new MTA instance when the template main.cf or master.cf file are missing. This is a common problem on Debian-like systems. * Turning on Postfix SMTP server HAProxy support broke TLS wrappermode. Fixed by temporarily using a 1-byte VSTREAM buffer to read the HAProxy connection hand-off information. * The xtext_unquote() function did not propagate error reports from xtext_unquote_append(), causing the decoder to return partial output, instead of rejecting malformed input. The Postfix SMTP server uses this function to parse input for the ENVID and ORCPT parameters, and for XFORWARD and XCLIENT command parameters.- boo#934060: Remove quirky hostname logic from config.postfix * /etc/hostname doesn't contain anything useful * linux.local is no good either * postfix will use `hostname`.localdomain as fallback- postfix-no-md5.patch: replace fingerprint defaults by sha1. bsc#928885- %verifyscript is a new section, move it out of the %ifdef so the fillups are run afterwards.- upstream update postfix 2.11.6: Default settings have been updated so that they no longer enable export-grade ciphers, and no longer enable the SSLv2 and SSLv3 protocols. - removed postfix-2.11.5_linux4.patch because it's obsolete - Bugfix (introduced: Postfix 2.11): with connection caching enabled (the default), recipients could be given to the wrong mail server. (bsc#944722)- postfix-SuSE.tar.gz/postfix.service: None of nss-lookup.target network.target local-fs.target time-sync.target should be Wanted or Required except by the services the implement the relevant functionality i.e network.target is wanted/required by networkmanager, wicked, systemd-network. other software must be ordered After them, see systemd.special(7)- Fix library symlink generation (boo#928662)- added postfix-2.11.5_linux4.patch: Allow building on kernel 4. Patch taken from: https://groups.google.com/forum/#!topic/mailing.postfix.users/fufS22sMGWY- update to postfix 2.11.5 - Bugfix (introduced: Postfix 2.6): sender_dependent_relayhost_maps ignored the relayhost setting in the case of a DUNNO lookup result. It would use the recipient domain instead. Viktor Dukhovni. Wietse took the pieces of code that enforce the precedence of a sender-dependent relayhost, the global relayhost, and the recipient domain, and put that code together in once place so that it is easier to maintain. File: trivial-rewrite/resolve.c. - Bitrot: prepare for future changes in OpenSSL API. Viktor Dukhovni. File: tls_dane.c. - Incompatibility: specifying "make makefiles" with "CC=command" will no longer override the default WARN setting.- upstream update postfix 2.11.4: Postfix 2.11.4 only: * Fix a core dump when smtp_policy_maps specifies an invalid TLS level. * Fix a missing " in \%s\", in postconf(1) fatal error messages, which violated the C language spec. Reported by Iain Hibbert. All supported releases: * Stop excessive recursion in the cleanup server while recovering from a virtual alias expansion loop. Problem found at Two Sigma. * Stop exponential memory allocation with virtual alias expansion loops. This came to light after fixing the previous problem.- correct pf_daemon_directory in spec. This must be /usr/lib/- bnc#914086 syntax error in config.postfix - Adapt config.postfix to be able to run on SLE11 too.- Don't install sysvinit script when systemd is used - Make explicit PreReq dependencies conditional only for older systems - Don't try to set explicit attributes to symlinks - Cleanup spec file vith spec-cleaner- bnc#912594 config.postfix creates config based on old options- bnc#911806 config.postfix does not set up correct saslauthd socket directory for chroot - bnc#910265 config.postfix does not upgrade the chroot - bnc#908003 wrong access rights on /usr/sbin/postdrop causes permission denied when trying to send a mail as non root user - bnc#729154 wrong permissions for some postfix components- Remove keyring and things as it is md5 based one no longer accepted by gpg 2.1- No longer perform gpg validation; osc source_validator does it implicit: + Drop gpg-offline BuildRequires. + No longer execute gpg_verify.- restore previously lost fix: Fri Oct 11 13:32:32 UTC 2013 - matz@suse.de - Ignore errors in %pre/%post.- postfix 2.11.3: * Fix for configurations that prepend message headers with Postfix access maps, policy servers or Milter applications. Postfix now hides its own Received: header from Milters and exposes prepended headers to Milters, regardless of the mechanism used to prepend a header. This fix reverts a partial solution that was released on October 13, 2014, and replaces it with a complete solution. * Portability fix for MacOS X 10.7.x (Darwin 11.x) build procedure. - postfix 2.11.2: * Fix for DMARC implementations based on SPF policy plus DKIM Milter. The PREPEND access/policy action added headers ABOVE Postfix's own Received: header, exposing Postfix's own Received: header to Milters (protocol violation) and hiding the PREPENDed header from Milters. PREPENDed headers are now added BELOW Postfix's own Received: header and remain visible to Milters. * The Postfix SMTP server logged an incorrect client name in reject messages for check_reverse_client_hostname_access and check_reverse_client_hostname_{mx,ns}_access. They replied with the verified client name, instead of the name that was rejected. * The qmqpd daemon crashed with null pointer bug when logging a lost connection while not in a mail transaction.- switch from md5 based signature to one using the SHA-512 digest algorithm supplied by maintainer on ML to pass source_validator- postfix 2.11.1: * With connection caching enabled (the default), recipients could be given to the wrong mail server. * Enforce TLS when TLSA records exist, but all are unusable. * Don't leak memory when TLSA records exist, but all are unusable. * Prepend "-I. -I../../include" to the compiler command-line options, to avoid name clashes with non-Postfix header files. * documentation fixes * logging fixes- fix dynamic_maps patch to enable memcache support, which does not need any libraries- Rename rpmlintrc to %{name}-rpmlintrc. Follow the packaging guidelines.- fix typo in postfix-SuSE/update_chroot.systemd - fix config.postfix * 'insserv amavis' -> 'chkconfig amavis on' - rework main.cf patch * fix virtual stuff * add some dovecot stuff - rework master.cf patch * add some dovecot stuff- The included postfix-mysql.tar.bz2 was using a MySQL 4.1 style of table engine specification. Modified so that the sql uses 'ENGINE=' instead of 'TYPE=' for creating tables.- bnc#816769 - config.postfix issues warnings about missing master.cf- bnc#882033 - Package postfix has changed files according to rpm - bnc#855688 - possible systemd bug: postfix & cifs dependency confict- bnc#863350 - SuSEconfig.postfix complains about modified /etc/postfix/main.cf after updating postfix- replace vda patch: * add postfix-vda-v13-2.10.0.patch * remove postfix-vda-v11-2.9.6.patch - rebase patches - config.postfix * add master.cf support for submission (587) * rework master.cf support for smtps- bnc#862662 - Unable to configure postfix SMTP with forced TLS using YaST2 - Update to 2.11.0 * TLS o Support for PKI-less TLS server certificate verification, where the CA public key or the server certificate is identified via DNSSEC lookup * LMDB database support * master o The master_service_disable parameter value syntax has changed: use "service/type" instead of "service.type". * postconf: o Support for advanced master.cf query and update operations. This was implemented primarily to support automated system management tools. o The postconf command produces more warnings * relay safety New smtpd_relay_restrictions parameter built-in default settings: smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination * postscreen whitelisting Allow a remote SMTP client to skip postscreen(8) tests based on its postscreen_dnsbl_sites score.- Ignore errors in %pre/%post.- two improvements for 13.1 and factory * postfix-opensslconfig.patch call openSSL_config so postfix respects the system's openssl configuration * postfix-SuSE/postfix.service since a few months there is no mail-transfer-agent.target, units must be ordered after a list of smtpd implementations instead.- Proc is not needed in chroot anymore- postfix-main.cf.patch: remove duplicate entry for inet_protocols- fix for warning * unused parameter: virtual_create_maildirsize=yes * unused parameter: virtual_mailbox_extended=yes * rework main.cf.patch - fix rcpostfix for sysvinit systems * /etc/postfix/system/update_postmaps: No such file or directory - rebase patches * vda-v11-2.9.5 -> vda-v11-2.9.6 - fix file postfix-SuSE.tar.gz * made a tar.gz- postfix.spec forces the use of SSL and SASL libraries, so make sure the BuildRequires are there- Add postfix-db6.diff to fix compile abort with libdb-6.0- Add Source URL, see https://en.opensuse.org/SourceUrls - Add GPG verification- postfix-SuSE/postfix.service do not Require or order after syslog.target as it no longer exists postfix will fail to start in the next systemd version.- Install postfix.service accordingly (/usr/lib/systemd for 12.3 and up or /lib/systemd for older versions).- update to 2,9.6 Bugfix: the local(8) delivery agent dereferenced a null pointer while delivering to null command (for example, "|" in a .forward file). Bugfix: memory leak in program initialization. tls/tls_misc.c. Bugfix: he undocumented OpenSSL X509_pubkey_digest() function is unsuitable for computing certificate PUBLIC KEY fingerprints. Postfix now provides a correct procedure that accounts for the algorithm and parameters in addition to the key data. Specify "tls_legacy_public_key_fingerprints = yes" if you need backwards compatibility.- bnc#796162 - script to assign path elements not working in postfix install Build-0284(iso)- rebase patches * vda-v10-2.8.12 -> vda-v11-2.9.5 (and to be a p0) * main, master, post-instal, ssl-release-buffers (remove version) * dynamic_maps, dynamic_maps_pie, pointer_to_literals- update to 2,9.5 * tls support: Support to turn off the TLSv1.1 and TLSv1.2 protocols: To temporarily turn off problematic protocols globally: /etc/postfix/main.cf: smtp_tls_protocols = !SSLv2, !TLSv1.1, !TLSv1.2 smtp_tls_mandatory_protocols = !SSLv2, !TLSv1.1, !TLSv1.2 However, it may be better to temporarily turn off problematic protocols for broken sites only: /etc/postfix/main.cf: smtp_tls_policy_maps = hash:/etc/postfix/tls_policy /etc/postfix/tls_policy: example.com may protocols=!SSLv2:!TLSv1.1:!TLSv1.2 * 20111012 To simplify integration with third-party applications, the Postfix sendmail command now always transforms all input lines ending in into UNIX format (lines ending in ). Specify "sendmail_fix_line_endings = strict" to restore historical Postfix behavior (i.e. convert all input lines ending in only if the first line ends in ). * 20120114 Logfile-based alerting systems may need to be updated to look for "error" messages in addition to "fatal" messages. Specify "daemon_table_open_error_is_fatal = yes" to get the historical behavior (immediate termination with "fatal" message). * enable_long_queue_ids Postfix 2.9 introduces support for non-repeating queue IDs (also used as queue file names). These names are encoded in a mix of upper case, lower case and decimal digit characters. Long queue IDs are disabled by default to avoid breaking tools that parse logfiles and that expect queue IDs with the smaller [A-F0-9] character set. * 20111209 memcache lookup and update support. This provides a way to share postscreen(8) or verify(8) caches between Postfix instances. See MEMCACHE_README and memcache_table(5) for details and limitations. * 20111218 To support external SASL authentication, e.g., in an NGINX proxy daemon, the Postfix SMTP server now always checks the smtpd_sender_login_maps table, even without having "smtpd_sasl_auth_enable = yes" in main.cf. * ipv6 o The default inet_protocols value is now "all" instead of "ipv4", meaning use both IPv4 and IPv6. o The default smtp_address_preference value is now "any" instead of "ipv6", meaning choose randomly between IPv6 and IPv4. With this the Postfix SMTP client will have more success delivering mail to sites that have problematic IPv6 configurations.- update to 2.8.13 * 20121029 Workaround: strip datalink suffix from IPv6 addresses returned by the system getaddrinfo() routine. Such suffixes mess up the default mynetworks value, host name/address verification and possibly more. This change obsoletes the 20101108 change that removes datalink suffixes in the SMTP and QMQP servers, but we leave that code alone. File: util/myaddrinfo.c. * 20121013 Cleanup: to compute the LDAP connection cache lookup key, join the numeric fields with null, just like string fields. Viktor Dukhovni. File: global/dict_ldap.c. * 20121010 Bugfix (introduced: Postfix 2.5): memory leak in program initialization. Reported by Coverity. File: tls/tls_misc.c. Bugfix (introduced: Postfix 2.3): memory leak in the unused oqmgr program. Reported by Coverity. File: oqmgr/qmgr_message.c. * 20121003 Bugfix: the postscreen_access_list feature was case-sensitive in the first character of permit, reject, etc. Reported by Feancis Picabia. File: global/server_acl.c. - rebase dynamic_maps_pie patch - rpmlint * invalid-suse-version-check 1140 * obsolete-suse-version-check 920 (changes file)- bnc#790141 - Command SuSEconfig.postfix reports ERROR - "can not find /lib/YaST/SuSEconfig.functions!!"- bnc#782048 - postfix uses /sbin/conf.d - bnc#784659 - remove SuSEconfig calls from yast2-mail- update to 2.8.12 * 20120730 Bugfix (introduced: 20000314): AUTH is not allowed after MAIL. Timo Sirainen. File: smtpd/smtpd_sasl_proto.c. * 20120702 Bugfix (introduced: 19990127): the BIFF client leaked an unprivileged UDP socket. Fix by Jaroslav Skarvada. File: local/biff_notify.c. * 20120621 Bugfix (introduced: Postfix 2.8): the unused "pass" trigger client could close the wrong file descriptors. File: util/unix_pass_trigger.c. - fix for bnc#771303 * add 'version = 3' to ldap_aliases.cf - rebase patches * main, master, post-install: 2.8.3 -> 2.8.12 * ssl-release-buffers: 2.8.5 -> 2.8.12 * vda-v10: 2.8.9 -> 2.8.12 * dynamic_maps, dynamic_maps_pie, ipv6_disabled, pointer_to_literals - fix changes file- bnc#771811 - postfix update does not regenerate the maps- update to 2.8.11 * 20120520 - Bugfix (introduced Postfix 2.4): the event_drain() function was comparing bitmasks incorrectly causing the program to always wait for the full time limit. This error affected the unused postkick command, but only after s/fifo/unix/ in master.cf. File: util/events.c. - Cleanup: laptop users have always been able to avoid unnecessary disk spin-up by doing s/fifo/unix/ in master.cf (this is currently not supported on Solaris systems). However, to make this work reliably, the "postqueue -f" command must wait until its requests have reached the pickup and qmgr servers before closing the UNIX-domain request sockets. Files: postqueue/postqueue.c, postqueue/Makefile.in.- bnc#753910 - {name} instead of %{name} in postfix .spec - bnc#756452 - VUL-1: postfix: VRFY allows enumerating users- update to 2.8.10 * 20120401 Bitrot: shut up useless warnings about Cyrus SASL call-back function pointer type mis-matches. Files: xsasl/xsasl_cyrus.h, xsasl/xsasl_cyrus_server.c, xsasl/xsasl_client.c. * 20120422 Bit-rot: OpenSSL 1.0.1 introduces new protocols. Update the known TLS protocol list so that protocols can be turned off selectively to work around implementation bugs. Based on a patch by Victor Duchovni. Files: proto/TLS_README.html, proto/postconf.proto, tls/tls.h, tls/tls_misc.c, tls/tls_client.c, tls/tls_server.c. - update to 2.8.9 * 20120217 Cleanup: missing #include statement for bugfix code added 20111226. File: local/unknown.c. * 20120214 Bugfix (introduced: Postfix 2.4): extraneous null assignment caused core dump when postlog emitted the "usage" message. Reported by Kant (fnord.hammer). File: postlog/postlog.c. * 20120202 Bugfix (introduced: Postfix 2.3): the "change header" milter request could replace the wrong header. A long header name could match a shorter one, because a length check was done on the wrong string. Reported by Vladimir Vassiliev. File: cleanup/cleanup_milter.c. - use latest VDA patch (2.8.9)- bnc#756450 - postfix: remove version from banner- add port 587 smtp-auth submission to postfix-fw bnc#756289- set exit code explicitely in cond_slp, systemd checks for it- Documentation for bnc#751994 - SuSEconfig module postfix does not exist- rcpostfix now updates the aliases too- update to 2.8.8 Bugfixes: tlsproxy(8) stored TLS sessions with a serverID of "tlsproxy" instead of "smtpd", wasting an opportunity for session reuse. File: tlsproxy/tlsproxy.c. missing lookup table entry and terminator, causing proxymap server segfault when postscreen(8) or verify(8) attempted to access their cache via the proxymap server. This could never have worked anyway, because the Postfix 2.8 proxymap protocol does not support cache cleanup. File util/dict.c. the Postfix client sqlite quoting routine returned the unquoted result instead of the quoted text. The opportunities for misuse are limited, because Postfix sqlite files are usually owned by root, and Postfix daemons usually run with non-root privileges so they can't corrupt the database. Problem reported by Rob McGee (rob0). File: global/dict_sqlite.c. the trace service did not distinguish between notifications for a non-bounce or a bounce message. This code pre-dates DSN support and should have been updated when it was re-purposed to handle DSN SUCCESS notifications. Problem reported by Sabahattin Gucukoglu. File: bounce/bounce_trace_service.c. - use latest VDA patch (2.8.5)- bnc#743369 - yast2 mail module does not open the firewall - Set MD5DIR in SuSEconfig.postfix to avoid warnings- bnc738693 - upgrade from 11.4 enables mysql service for systemd- Add postmap rebuild script to systemv init script too- bnc#738900 - cyrus-imapd not receiving mail from postfix- Move the post map rebuild script into the start script- Fix the last change in %post- bnc#728308 - warning output after update the postfix package- update to 2.8.7 Bugfixes: smtpd(8) did not sanitize newline characters in cleanup(8) REJECT messages, causing them to be sent out via SMTP as bare newline characters. smtpd(8) sent multi-line responses from a before-queue content filter as text with bare instead of . Workaround: postscreen sent non-compliant SMTP responses (220- followed by 421) when it could not give a connection to a real smtpd process, causing some remote SMTP clients to bounce mail.- Use the systemd macros in the spec file- only fix files that exists in %post- Use SSL_MODE_RELEASE_BUFFERS if available, see SSL_CTX_set_mode man page and http://www.imperialviolet.org/2010/06/25/overclocking-ssl.html for the full details.- update to 2.8.5 * Bugfix: allow for Milters that send an SMTP server reply without RFC 3463 enhanced status code. Reported by Vladimir Vassiliev. File: milter/milter8.c.- bnc#684304 - server:mail/postfix: Bugs in SuSEconfig chroot setup script - Aplly SASL_SOCKET_DIR patch- Move SuSEconfig.postfix into /usr/sbin/ (FATE#311272: Do not rewrite postfix.cf via SuSEconfig) SuSEconfig.postfix will be executed only once after installation automaticaly. Afterwards only you can start it manually or via yast2 mail module.- Just the first strep forward to systemd, please test out /etc/postfix/system/update_chroot /etc/postfix/system/wait_qmgr /etc/postfix/system/cond_slp and /lib/systemd/system/postfix.service and also fill out the missing description.- rework SuSE patch * add missing SASL stuff in rc.postfix- when chrooted and using SASL o mount -o bind SASL_SOCKET_DIR into postfix CHROOT- update to 2.8.4 o Linux kernel version 3 support. for more info see ChangeLog- bnc#686436 - postfix bounces messages with improper use of 8-bit data in message body - Apply patch- rework master.cf patch o fix receive_override_options line - rework SuSE patch o sysconfig: remove POSTFIX_WITH_POP_BEFORE_SMTP o SuSEconfig: fix receive_override_options line- replace vda patch o 2.8.1 -> 2.8.3 - fix files doc o remove 'doc auxiliary' instead cp to pf_docdir- fix spec for building on all repos- bnc#679187 - suseconfig/postfix: missing dependency- fix master.cf o fix missing - amavis unix - - n - 4 smtp - localhost:10025 inet n - n - - smtpd o add master.cf patch - rework patches o main.cf (add two missing sasl vars) o postfix-SuSE (SuSEconfig, cleanup those vars,...)- rework TLS stuff o reworked main.cf patch o added postfix-SuSE patch o added post-install patch Editing /etc/postfix/master.cf, adding missing entry for tlsmgr service add only if it really does not exist - removed Author from description - updated vda patch o vda-2.7.1 > vda-v10-2.8.1 - fix build for SLE_10 o no fdupes ;)- remove document paths from postfix-files to avoid error messages when postfix-doc is not installed- update to 2.8.3 - VUL-0: postfix memory corruption- bnc#641271 - postfix-2.7.1: init script cannot properly stop multi-instance configurations- update to 2.8.2 * DNSBL/DNSWL: o Support for address patterns in DNS blacklist and whitelist lookup results. o The Postfix SMTP server now supports DNS-based whitelisting with several safety features * Support for read-only sqlite database access. * Alias expansion: o Postfix now reports a temporary delivery error when the result of virtual alias expansion would exceed the virtual_alias_recursion_limit or virtual_alias_expansion_limit. o To avoid repeated delivery to mailing lists with pathological nested alias configurations, the local(8) delivery agent now keeps the owner-alias attribute of a parent alias, when delivering mail to a child alias that does not have its own owner alias. * The Postfix SMTP client no longer appends the local domain when looking up a DNS name without ".". * The SMTP server now supports contact information that is appended to "reject" responses: smtpd_reject_footer * Postfix by default no longer adds a "To: undisclosed-recipients:;" header when no recipient specified in the message header. * tls support: o The Postfix SMTP server now always re-computes the SASL mechanism list after successful completion of the STARTTLS command. o The smtpd_starttls_timeout default value is now stress-dependent. o Postfix no longer appends the system-supplied default CA certificates to the lists specified with *_tls_CAfile or with *_tls_CApath. * New feature: Prototype postscreen(8) server that runs a number of time-consuming checks in parallel for all incoming SMTP connections, before clients are allowed to talk to a real Postfix SMTP server. It detects clients that start talking too soon, or clients that appear on DNS blocklists, or clients that hang up without sending any command.- bnc#667299 - Postfix LICENSE not marked as documentation- add some min LDAP support for virtual LDAP-users o sysconfig "WITH_LDAP" o add ldap_aliases.cf o SuSEconfig.postfix virtual_alias_maps = ... ldap:/etc/postfix/ldap_aliases.cf- update to 2.7.2 * Bugfix (introduced Postfix 2.2): Postfix no longer appends the system default CA certificates to the lists specified with *_tls_CAfile or with *_tls_CApath. This prevents third-party certificates from getting mail relay permission with the permit_tls_all_clientcerts feature. Unfortunately this may cause compatibility problems with configurations that rely on certificate verification for other purposes. To get the old behavior, specify "tls_append_default_CA = yes". Files: tls/tls_certkey.c, tls/tls_misc.c, global/mail_params.h. proto/postconf.proto, mantools/postlink. * Compatibility with Postfix < 2.3: fix 20061207 was incomplete (undoing the change to bounce instead of defer after pipe-to-command delivery fails with a signal). Fix by Thomas Arnett. File: global/pipe_command.c. * Bugfix: the milter_header_checks parser provided only the actions that change the message flow (reject, filter, discard, redirect) but disabled the non-flow actions (warn, replace, prepend, ignore, dunno, ok). File: cleanup/cleanup_milter.c. * Performance: fix for poor smtpd_proxy_filter TCP performance over loopback (127.0.0.1) connections. Problem reported by Mark Martinec. Files: smtpd/smtpd_proxy.c. * Cleanup: don't apply reject_rhsbl_helo to non-domain forms such as network addresses. This would cause false positives with dbl.spamhaus.org. File: smtpd/smtpd_check.c. * Bugfix: the "421" reply after Milter error was overruled by Postfix 1.1 code that replied with "503" for RFC 2821 compliance. We now make an exception for "final" replies, as permitted by RFC. Solution by Victor Duchovni. File: smtpd/smtpd.c.- update vda patch o remove 2.6.1-vda-ng.patch o remove 2.6.1-vda-ng-64bit.patch o add vda-2.7.1.patch - rework main.cf.patch o remove 2.2.9-main.cf.patch o add 2.7.1-main.cf.patch- prereq init scripts network and syslog- Remove obsolate postscripts - bnc#625657 - SuSEconfig.postfix and smtp_use_tls - bnc#622873 - postfix doesn't start if ipv6 is disabled- reworked bnc#606251 stuff (not checked in to Factory) o used my_print_defaults command for parsing of /etc/my.cnf o using quotation marks: "$PF_CHROOT" o added sysconfig option POSTFIX_MYSQL_CONN=(socket,tcp)- bnc#606251 - postfix chrooted mysql.sock lost on mysql restart o Now MYSQL_SOCK_DIR is mounted with '-o bind' to postfix CHROOT- update to 2.7.1 * Bugfix (introduced Postfix 2.6) in the XFORWARD implementation, which sends remote SMTP client attributes through SMTP-based content filters. The Postfix SMTP client did not skip "unknown" SMTP client attributes, causing a syntax error when sending an "unknown" client PORT attribute. * Robustness: skip LDAP queries with non-ASCII search strings, instead of failing with a database lookup error. * Safety: Postfix processes now log a warning when a matchlist has a #comment at the end of a line (for example mynetworks or relay_domains). * Portability: OpenSSL 1.0.0 changes the priority of anonymous cyphers. * Portability: Berkeley DB 5.x is now supported.- fix obviously lost POSTFIX_MYHOSTNAME in SuSEconfig.postfix- New file check_mail_queue. This script checks if there are some mails in the queue and starts postfix if necessary. After delivering the mails postfix will be stoped.- bnc#559145 - Changed Domain name not reflected when sending mail First /var/run/dhcp-hostname will be evaluated - Now POSTFIX_SMTP_TLS_CLIENT is ternary : no yes must- update to 2.7.0 * performance - Periodic cache cleanup for the verify(8) cache database. - Improved before-queue filter performance. * sender reputation - The FILTER action in access maps or header/body_checks now supports sender reputation schemes that dynamically choose the SMTP source IP address. * address verification - The verify(8) service now uses a persistent cache by default. * content filter - The meaning of an empty filter next-hop destination has changed. - The FILTER action in access maps or header/body_checks now supports sender reputation schemes that dynamically choose the SMTP source IP address. * milter - Support for header checks on Milter-generated message headers. Please read /usr/share/doc/packages/postfix/RELEASE_NOTES for details.- revert the change to PreReq openldap-devel, this increases the default installation several MBs- bnc#567569 - Postfix: move ldap support to a separate package - bnc#557239 - postfix delivers mail to user's home instead of /var/spool/mail- rpmlint fixes o init-script-undefined-dependency $network-remotefs - fix for SuSEconfig.postfix o if use_amavis eq "yes" then content_filter "amavis:[127.0.0.1]:10024]" is defined, so removed "-o content_filter=smtp:[127.0.0.1]:10024" for smtp - s#ldconfig#/sbin/ldconfig#- Add support for dovecot as MDA to SuSEconfig.- Package documentation as noarch- Remove postfixs update script. This does not work now.- Fix the %post section add missed %{fillup_only -an mail}- bnc#555814 – VUL-0: SMTPD_LISTEN_REMOTE="yes" by default - bnc#555732 - Invalid $(hostname -i) usage SuSEconfig.postfix - bnc#547928 – Postfix does not start during boot process - Avoid append relay multiple times in POSTFIX_MAP_LIST- bnc#549612 – SuSEconfig.postfix- bnc#540538 – postfix-2.6.1-10.1 installs new files in /etc/postfix and does not generate .db - bnc#519438 - Postfix: Running chrooted lets qmgr loosing his syslog-socket - remove obsolate version tests from SuSEconfig.postfix- bnc#525825 - when using cyrus in a chroot environment Suseconfig does not create socket /var/lib/imap/socket/lmtp- spec o fdupes if >= 1100- update to 2.6.1 o merge home:varkoly:Factory and o:F - spec mods o use of getent - rpmlint o remove unneeded dists from examples/chroot-setup/ o postin-without-ldconfig o files-duplicate /usr/share/doc/packages/postfix-doc/html/ o files-duplicate /usr/share/man/man?- added VDA patch o Mailbox / Maildir size limit, known also as "soft quota", to avoid user take all you disk space o Customizable "limit" message when the soft quota limit is reached. NOTE: message is sent to senders, but NOT to the owner of the mailbox. o Limit only 'INBOX', because some people use IMAP and don't want the same limit in IMAP folder that are differents from INBOX. o Support for 'Courier' style Maildir, usefull for people that use courier as pop3/imap server and to get fast soft quota summary. Note that it is also compatible with qmail maildir per default. o Supports for Courier 'maildirsize' file in Maildir folder that is used to read quotas quickly. Note that this option is not actived per default and can be dangerous on some NFS client implementation (like for example Solaris that cache some filesystem operations). o Customisable suffix for Maildir support, when share same external dict between postfix and pop3/imap server sometime "Maildir/" suffix is needed to avoid extra database handling (eg LDAP, MySQL...). - some improvements of SuSEconfig.postfix o POSTFIX_LISTEN: Comma separated list of IP's o POSTFIX_INET_PROTO: ipv4, ipv6, all o POSTFIX_MYHOSTNAME: define SMTPs FQHOSTNAME o POSTFIX_WITH_MYSQL: when using MySQL as backend o POSTFIX_BASIC_SPAM_PREVENTION: "custom" you can now define your own rules - POSTFIX_SMTPD_CLIENT_RESTRICTIONS - POSTFIX_SMTPD_HELO_RESTRICTIONS - POSTFIX_SMTPD_SENDER_RESTRICTIONS - POSTFIX_SMTPD_RECIPIENT_RESTRICTIONS - added helo_access for helo checks - added relay for relaying domain - added MySQL stuff when using MySQL as backend (virtuser) o you should consider postfixAdmin as mgmnt interface o when runninng postfix chrooted: you have to run SUSEconfig each time when you have restarted MySQL because of linking mysql.sock- bnc#439287 - not all POSTFIX_ADD_* values are properly handled by SuSEconfig.postfix - bnc#483208 - Postfix configuration trashed after update - bnc#488268 - SuSEconfig.postfix chroot setup misses /etc/ssl/certs/bin/sh/bin/sh/bin/sh/bin/sh/bin/shlamb15 1557835879  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGH>JKL;NOPQRSTUVWXYZ[\]^_`abcdefghijkmnopqrstuvwxyz{|}~3.2.0-2.6.13.2.0-2.6.13.2.0-2.6.1 smtppostfixpostfix.paranoidpostfixLICENSETLS_LICENSEaccessaliasesbounce.cf.defaultcanonicaldynamicmaps.cfgenericheader_checkshelo_accessldap_aliases.cfmain.cfmain.cf.defaultmakedefs.outmaster.cfopenssl_postfix.conf.inpost-installpostfix-filespostfix-scriptpostfix-tls-scriptpostfix-wrapperpostmulti-scriptrelayrelay_ccertsrelocatedsasl_passwdsender_canonicalsslcacertscertssystemcond_slpconfig_postfixupdate_chrootupdate_postmapswait_qmgrtransportvirtualsasl2smtpd.confsmtpmailqnewaliasespostfixbinanvilbouncecleanupdiscarddnsblogerrorflushlmtplocalmasternqmgroqmgrpickuppipepost-installpostfix-scriptpostfix-tls-scriptpostfix-wrapperpostmulti-scriptpostscreenproxymapqmgrqmqpdscacheshowqsmtpsmtpdspawntlsmgrtlsproxytrivial-rewriteverifyvirtualdynamicmaps.cfdynamicmaps.cf.dlibpostfix-dns.solibpostfix-global.solibpostfix-master.solibpostfix-tls.solibpostfix-util.somain.cf.protomakedefs.outmaster.cf.protopostfix-filespostfix-files.dpostfix-ldap.sopostfix-pcre.sosendmailpostfix.servicelibpostfix-dns.solibpostfix-global.solibpostfix-master.solibpostfix-tls.solibpostfix-util.socheck_mail_queueconfig.postfixmkpostfixcertpostaliaspostcatpostconfpostdroppostfixpostkickpostlockpostlogpostmappostmultipostqueuepostsuperqmqp-sourcercpostfixsendmailsmtp-sinksmtp-sourcepostfixLICENSEmailq.1.gznewaliases.1.gzpostalias.1.gzpostcat.1.gzpostconf.1.gzpostdrop.1.gzpostfix-tls.1.gzpostfix.1.gzpostkick.1.gzpostlock.1.gzpostlog.1.gzpostmap.1.gzpostmulti.1.gzpostqueue.1.gzpostsuper.1.gzsendmail.1.gzaccess.5.gzaliases.5.gzbody_checks.5.gzbounce.5.gzcanonical.5.gzcidr_table.5.gzgeneric.5.gzheader_checks.5.gzldap_table.5.gzlmdb_table.5.gzmaster.5.gzmemcache_table.5.gzmysql_table.5.gznisplus_table.5.gzpcre_table.5.gzpgsql_table.5.gzpostconf.5.gzpostfix-wrapper.5.gzregexp_table.5.gzrelocated.5.gzsocketmap_table.5.gzsqlite_table.5.gztcp_table.5.gztransport.5.gzvirtual.5.gzanvil.8.gzbounce.8.gzcleanup.8.gzdefer.8.gzdiscard.8.gzdnsblog.8.gzerror.8.gzflush.8.gzlmtp.8.gzlocal.8.gzmaster.8.gzoqmgr.8.gzpickup.8.gzpipe.8.gzpostscreen.8.gzproxymap.8.gzqmgr.8.gzqmqpd.8.gzscache.8.gzshowq.8.gzsmtp.8.gzsmtpd.8.gzspawn.8.gztlsmgr.8.gztlsproxy.8.gztrace.8.gztrivial-rewrite.8.gzverify.8.gzvirtual.8.gzpostfix.xmlpostfixsysconfig.mail-postfixsysconfig.postfixpostfixpostfixactivebouncecorruptdeferdeferredflushholdincomingmaildropprivatepublicsavedtrace/etc/pam.d//etc/permissions.d//etc//etc/postfix//etc/postfix/ssl//etc/postfix/system//etc//etc/sasl2//etc/sysconfig/SuSEfirewall2.d/services//usr/bin//usr/lib//usr/lib/postfix//usr/lib/postfix/bin//usr/lib/systemd/system//usr/lib64//usr/sbin//usr/share/doc/packages//usr/share/doc/packages/postfix//usr/share/man/man1//usr/share/man/man5//usr/share/man/man8//usr/share/omc/svcinfo.d//var/adm/backup//var/adm/fillup-templates//var/lib//var/spool//var/spool/postfix/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:10214/openSUSE_Leap_42.3_Update/ed1de151a3c2bd8221f7d082318254e6-postfix.openSUSE_Leap_42.3_Updatedrpmlzma5x86_64-suse-linux  !"#$%&'()*+,-./012345678888888888888898888988888888888888888888988888888888888888888888888889:ASCII textdirectoryASCII text, with very long linesC++ source, ASCII textPOSIX shell script, ASCII text executableBourne-Again shell script, ASCII text executableELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=36959d582cf4d11a2a20a9e0e2e5517c2175ff5d, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=30688b846191f698fb016d1c60797f7cc054efa4, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=057a9d3a2dac0b31722f902808120542c1c9ca06, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=2c03709aeb4aaefe0cc62ed8b78d8db3a319650c, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=1a646513941be8e1d2d4eef61e29332dfa1723bc, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=136c87ec02954aaedf22239e172a83a6c22ddb0f, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=725f60f66f778b4a4a7363f8a3109dc946a72626, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=a2f4f09b81558bffbeeb9a26807d0b151cbfc922, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=8b8f30c3dffb3d1203e7d75e8352b3f3ed60ce7b, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=0207db46a38f3a89a28cf53c8941c54089f22963, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=02b34ebf52027ad0ceaa4489cc189d83bdb29471, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=dec450a34cec2571e815227f331b0d8a78b43acb, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=c7e53555ce3fdba13ec9f844569fecd3b013a5f5, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=2ddd8db888ba638e52e152166ff54d9499867a6b, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=13782ed3ddcd4e118c08105c709e28d3cce7b5da, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=34d7304708d70f48eae079ea550f077e6331d293, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=0af36b7e31828b589a1c31ec6b33cd1032c6e56f, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=8853b594c136b3f040ce37012fce35b37d615b3a, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=a9763ffb52f8785eedd976fa62bf313b4e3a736b, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=759985f9d2c9962353e9c1882a960a54ab38bdb9, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=f519b4bdb62ceb41258cdabb5dd235a41302f70f, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=cddb2ed762b850fbca0647cf898708d5e56d111e, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=7322be28d2fe22b1fcd2fa2c15f8d595955634aa, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=a044acf3844531cca00d7f05bfc974fffb354dcb, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=c308820cca33a69796f815fddc70b78b915102f6, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=3892b907535268ba6ea536d9cc0e68130d991de8, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=16e2c762b390b5381ae9dd450a7173635b53deea, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=2450431b3c3d8f658164728c5a862e20718e25ed, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=964ea89b905f806f442822a40a8401e9410ee316, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=173f4f241329021d21bf034f14eb0194e127c0c7, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=fbb8f968e30e9f0f2323d5ed7b267f79d7035c7f, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=969eace646fb8bf786875db432d3e2bb9d473195, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=ee5276e7dd4d34df4a29be6f33f4056566713340, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=466ef8eebac214ce2dd60bfee57ce32b80cb5fe2, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=2cf19e62767b96ccb61f33419151ba1888f511c7, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=b1168e922f05182108f39bd3849214f92f9ae08a, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=5a398fb342622c41c84baeb197daafa17156fb06, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=4bad109a4efb77bf139701472e790ebc8431ffd2, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=cbf8f0769f395a1f463becfd748e20ab7104e2c9, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=af47a5b99529275e3df2e83a378a2a15fff45f27, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=6519ab9455c4ca3bd0d5599f9d9a2ee98b6ac6ba, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=0568d0f56316ceaa80e9e8fc3d40227f8e3415e2, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=73e1e7e79f24c11d33ec2b0eacc1a635c8b4a4cd, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=f66c00dbac33a5d08a734dea593f0783ed78567a, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=1541f6e4691371b8e26b20a772dc3d02a325cc74, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=e71bd694c6b09ed360a26a0e5e31571c221b532d, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=3581741fbe7f22a866d5d968de643811b355d53b, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=02a4ac64af2bcecbb0c2876e6a10f0bb44d5a2b4, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, for GNU/Linux 3.0.0, BuildID[sha1]=4bc5c342a035e03ea19037368df35b89e8d53411, strippedtroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)C++ source, ASCII text (gzip compressed data, max compression, from Unix)XML document text $+19JS[eov{|}~  '1CDEFLTagmsy          RRRRRRRR"R!R$R RRRR&R"R!R$R%R RRRRR&R"R!R$R%R RRR"R!R$R RRR R"R!R$R RRR"R!R$R RRR&R"R!R$R%R RRRRRRRR&R"R#R R!R$RR)R%R RRRR&R"R!R$R%R RRRR&R!R$R%R RRRRR&R"R!R$R%R RRRRR&R"R!R$R%R RR&R"R!R$R%R RR"R!R$R RRRRRR&RRRR"R#R R!R$R%R RR"R!R$R RRRRR&R"R!R$R%R RRRR&R"R!R$R%R R&RR"R!R$R%R RR&R"R!R$R%R RRRRRRRR&R"R#R R!R$RR)R%R RRRRRRR&R"R#R R!R$R)R%R RR"R!R$R RRR"R#R R!R$RR RR&R"R#R R!R$R*R%R RR"R!R$R RR"R!R$R RRRRR&R"R!R$R%R PRRRRRR P RRRRR PR(R&RRRRRR'R%R PR&RRRRRRRR%R PR&RRRR%R PR&RRRRR*RR%R PRRR&RRRRRRRRRRRR%RR RRRR&RR!R$R%R R&RRRR!R$R%R R&RRRRRR#R R!R$R)R%R RR&R!R$R%R R&RR!R$R%R R&RR!R$R%R R&RR!R$R%R R&RR!R$R%R R&RRR!R$R%R RRR&R!R$R%R RRR&R!R$R%R RR&R!R$R%R RRR&R!R$R%R RRR&R!R$R%R RRRR&R!R$R%R RRRR&R!R$R%R JN,iS6}g?]"k%Y:ܮGVca&zKmC*H`Ya+Eo8۵&o(탼X\GYV\pl3K- v,6G3ε3~qgAD?Boה& y5Z(yƱs_0$Je5}AddȟV)[4yrw-Gi6Y {.1v e5WD]i~U`jcqɂΞsJ`Ǒ?Qk^xtQ} y;`J)V\onVBa>6YlɰH71]r{u#7z 6A B3^D@'Ij`^g6 bŻċnhrd\jD⒛;aҗUA,p8%hƷpVCkc*C2Rwj28 2=CjC.=vJ4qsҕ40w:>_,iA:*XЭO05 rKVƨ1)G)5"U٩tje:>$x k (~'O5\ϤP4kwHpNv%B&:JL&$ftqKC.ږnHjrLXjVFbه=O!$ɽskRonEߑyQc\'houqˑ,#KXsލcpwdHQ'WΓR朜R PCsj8sR,/jG8\p)lқyqbr1sYu6'EQv/g"]~+a h(|bׄ-GQ B5EcǙZ^/J2F#խWK2S/7p]9Y0Y'Z~Lm@+(g JȏԙSVFͰkDzOtmjsM; McH>:9} yT>9AvaVmjtzXvnV halE"QB1߃"uy.z"^s-p,K}(ozK(3йzcl* A)*G# r9B̄Q&4˝ٱ瓟8|ZH߮SON6<ƧH)w*>#ڰfLo"ޞ"lי`ԝLzHi zG'@$?-L~"?9/Ru E+uq4jb `HL0D0ILZ}\Qܔg;\YC_r!a%0YcꋤANNEWi{SZ—DS r-Ia'_Y*"hwY'8Vr #FP3Nx݀9%,RÌXND,rҰSaD`G|>&G}[5EVs>z&ݭ+I\shb!RzD/+s>H*w7)0ϱ y$BKS2[Ɲy׏U l^mM@r\ \v$w!Jvj}%Ⓣ/BYT5rDse!uh^* +s.[aZ& I]G?oQLaaԇKDײ7 ieM^/:>!NKvw0H?1.?-&|y)#dI(tg@$ Sq 5v:T:2y)HЪ 17^\DF qW nx׍D2Rb?,}R,khz;gQsN^/͚1S(n;஖QSl-WCc_*aWΈwE _[63ȻHRtIbDTZ "zɧ\ xN[6.Q~@߶̜Zbg"&z qo]\-b{&^*9 Ѧz˗'&K ,®2p1KV9.CM- ܏ c#6(u!uLJx7OSm督QMµT, A_9scDXmO.H57 'pՏlR;żK5O?. /bIC3=rt#F#Ԙ/"y6Q^'U:nvA ܾ{$z:J-/&&8_NGb-|Gj\rTaB0 Uyr*.T|lX)o&1PZDUW]Q+H\NnClu<)r2hѮ]tlu hW> ؛̶'0_$8 vc'k4* ݅\!=K)g-&jЊynèeV0\Җjc7Po qrEJܟ/8F/AT`pqjdcݳ*uHK,8XAwY*BuTYW_zw.e 䉨(KdN?RA El!}Gm|2*߉L&2P#dyI[F\s1z-Ce}2w$&R9.W ۛB?AYyj$R.U̩5v3i\%:t vVR9g-ܽ-ל^7 5cC'A4q0\5|禅 AYveR L~I:Vף/nZzOUE)xwD-KYͤ0Y,ÃCzeJ*솅\v_de*ݡ!bsw٦NcrD>Q8俙$Sy"›_\Jw!} }8b!BoE&A Եv5atr4W(bjaAXE)YVzot H5 Oxdcl>|8t8T<]ZS:c#ȈZ|4btN GSWIc; kgq Uh-!aܷXl핣 )(g=Q9I `^xHpyغ^%8 cF`ц9iUY`\^iPQ rW9U1{RɨVԍTVC6pP'tf<&o*\͋B+@X|iiy=ې8P;HtV|CQTbx `<'^#&[XQ_c.jy$;`d_h"4%㨺?j\CWPEVm+2cNclJnƪPn0\FTKyGܗ_@c+>}y^-Ncg^}0IS/b40*+t /a(6)~LVzД *{[ElU\47P?dOh+9E =](]0Xfco;H$CRe+|j>f*7_ <E |tReϪ8\$+3؁ nA< \y GneD5Ba}E|fߥnCTȎt h6O qf>0ob% @FlrMQxFr+R/Ei).Qde2>3([|B֚F Ui2DVch ǁDߠ[$I;M Pg2;6 hc(O ?)YCj9ݷlf\UyD{nVFV6Z8SrA"ï gkYfi#pVՒs6E2^LOuCBٿ>ѿ#»-ΩMyg5n7Ӿ{W*pyR ZxKYH"t' YԪ+?2?E, z.:0YeIkf^C9/=pC{M R]TdٲyZW֬I8NTP 1T1Nq& H4ǥOzI aAp~@YzA(XI5fvyӔkb4WawB\0sΟQ[j" Z_!8^&Uz Lwd`VNiJ/ \jE/|7݂ɜ&kSG W Lݪ/0^:kC sWink+c"'gqoog[4OAq80SA\9:azRFgRfwLu~4pLsXsI/|ԹPupWY_cf&w ~>hKÞ`y㷔8wKۂ)l4t>b=+CY_/`pmKi?8}pr ЕJ- aX$G)` #eN7=UIA|uMde4SOy ;dfN,%v!O1.`Ci$tx YL׷€ty .ps_S?w>-7GX'~VQ9ޜԼ0x4U k+y7űZ6枱'3/YU^#JVQH(HD|.B=aaNccYc1XLgxe)6\99p0m/P -iF MAb#3;`T:p3/z Q|jmcEWJ[TոHFd/lڴMo #T ,܄'oq2 `&n'՘U5y]84P](n DusN-`sWPt>l.ME$C4pQߊ1OtDI.V( R1?xsZdB 2CN as~gGnӗT4 0Y`_7ǜ9EUu42\dԴSMe6 F`dҜ3#0B+11U2U ^4_$b ڍ!jTU?n 'N1˘Ԙuk'SOT "÷2XPd-M^l73ܷ ꔕC4oRX<|78_bѦAU)eP.4G@D4plZ+KB)Qo%:KO2‚93V1= )l;o1zs~٧hD,(8&wTx4E;U]%y0(|;;̯n1xdYjz =+> *]*BFLŏoS, TOb'8\5&`wA~v 5[_W³0a ueU[MD6 PX^`A-aUO9d齸%jr?L#հ ϥD2QuNxt)Mi$VJvCGP,v>l Oau?Sͺl.aWHp+(ȅ*'BF+gGg"DMOJ?],SZO:^NU}dt 2|d9':(R ,0/D߽!v$9ֽ _ssKk[e˭'c/WfR&РIjpEQ庢V>)*`GRb~RWSɺW,~zA8~4Ҡd'4[nc>ԶEgB kL%QŒ+JcF(c\ޘTâ4zGt㞅rZ0(ae#`@^6x-xCB< ؍KӇ!uG*[o'm:d EaYPhА"M2eԕF/0<<ۺZRF77Ph-9ۗ`U$EȆ=A|snv/+A9't1\z +C`kR̋%dV|R̪p\v iR߽: n!}F!Y+lI' ;#NBj`5Rt]6Y (Y|MQڛVsUMRPljP 7j^|Q+nXBhˋVK%e֭]_Cl\oH6 i'p T)5ZF74l; 0W"~1H6 29fp: snY]$[0Q#^r:e\( #OMXAo +(>s27(2-7{QhQ mYLA lM Y F@ Hթ4a;ƨ*]y%6qH7j)60V )>0N?h=v =Yg)BWA,3jJitoTZsX}st&py@ HB<1t%aҨd_^'[rB;Vm)Ÿ28(j3<1lkU. 61sxt8mr&R7$cW*Ql%z'Q%.)za~&v4ᵐBTb{wP/ ssN)-G[sj~B>jB4=T/A`WItQ,JT.Ŵ^U"h/w"I=Q O& MX$ #?Ytv )KAg./6]_3e BK}rnz)o-B)k짉F ; Q՗eYJz(K>">OTu4r=5NF}[TA긍T:sHcvʡ-L\ᣵ9Xgf.]qsy&A #^KC7^,Wg)!+lI8fU [V{g@F'3a;{.p)tN|OfH֔NfN|r|Xf9DZKf!hwX[\\[Ler2p-=xߺ~Gd3=nT71,z!/P*% jbi!zG`$ HdrGrl DFyNy:Y zG6j0ÛO*B%X=%ɼ/aJԴI1\k7,IuQ:t4.f)U0='$T#G0!;6?ٗ86t~̪9ô -ȱJwk8Pw{tדNEv LB(}BYaTV Pj@b֡].gaDGd3,`3|n$j:QiVk8 RxER7j&,.nVܟ $)'eG5X 2 (8 CTFqW<ƅ -ϸ@3à CKCVTNj>~%S@d}eNJμXAvu`ó-s_1Uu]8Do0:==Z_#jW|CQ/+jdpN[hCY߳~v< OԾ@j trĔ%&p9>oci Xɫrn=Սgb%jj!:Ug ,= U%dZM'r?&XP~gչ,`o c]qݾ]t"8g7(kuaoe 3*0I ߟ`< Ⱦʏ`#ܢJi˲d2ş$%j4|xfQre.MJ^[sX\3m?-m%z4~ס#(29_'%/!"eA [;3f{1+n8j:jdrw|&'G? _;֐s<1C┧KNSyY-nrrWw])gRuk)ΒWgg#8aQ|'B ێ'Jl 9wq,-O/˲QUcpL*U\ S9"3Rb"`pfN\gÇg")/F=e>ӖE?2_;z4yH,iR1Oq ";^:*s:ȷ0n)@E8.{d2Yv؟? HNT1ncz;cY43r u+4!MU$Cfܴ .$aф,-gDs8!|u}is86/gY,VQ4e8OBSų{F5n7c>/?M'}"zILoݏ9r0D`~Ni+yc=O{t>*U41#CW s_Êc% x^Dڃx|ɚFٗƼP%;pL6T"sk*"[UN6kBԨh/:Ϡ)ڛVC68J T1괊(شAVSEY\ |f=sO)>5dz "F8F\::+"t-u` (QxTIɊ8 l8޲%1(D ?^(RIjPx)v0G :Q27251-=yGz90k2F;0П A\\ N=D:`T] ȷAE\z_ %~<߮|4$DMoUIwD>÷ܚK'?UH#vd -ttPHKu:Ԍ*s^1L)ϝӫY.'34ˍfPo~բ3Iьzxho>jTfXPM7ȃ̖)/7 u: V04* (p9}O,X toZ)>4^ ,sѸ-ߜuOZI+Έ=7-!-a@&4fECGK,M wᑽyӲW/kQ%3U,3oqn@ƎogioyrZpbp8@օp)XY ŷn0@^jy { +F퀑?;qG.섿 7}\鐝t_ܫ֡=iy!vՐQ0W¨USl=?B淟c-c+\q* \~m|tI-ݞV9¦ćue\$V 2[Q^Fy3.J XgheI_wמXI7WasiUD*zW.O/1l+yZZڅx!(qcdz;N잞c C9ߎjxfGrjE-jV٤G\r. Hݝ,Jn<‡ACV8QȍQB>+簉y#Hp; R$K:;de~[֗AbAB[r+x>G^= B{@ d:TDMJ$uvHNoX ǚ=4ٺ$OCZr{^1t\k֎1)4Uhr`zY 9%Q;!fClK[[8_u,72?(emOIhd@$W_(<ҷml}$l]h$^F-ګU |( / !k%%MiK*m0:QB$vMVCgo \96<M yK~i1m luÎǽ?VKv/pj UNhX'mpXdD(+[ǝӑJ@` ;n+DRb SGvJ|U!T~p54]B:>gJMvdL,u^,vvǣ;Һy6l^H\.4z?3.FamyJm: t5f Xfii/)=Vs`A%8 .u\Љ~IcWc QVM2q@ZS '3Hb]zi]biZS\Ud:)5)ek84EbLAPnp-<ۑϊʌFdr\RȷT}ę0cH ȴ>p8#ʩ̾C\DLe~1NQ,i=2(v~"PaJ? 2cE$$E6Q'߬fO=j#W{r{RSѲgЅwr b Ї M~o9H͡0=ESpPx&w<3kjϲLSh0&U)MM('p ~%1H5䷡vJ4q|A9a#x=x?Ʊ ?wF,H}I \aWmL΃zu\g  ӤzzxHFepա$9t7YH4_;iw3Kn0al2tS`TnNG4}CЂ~'Y$ϥ>`ޮ梩XctsavPc ؛ f vA>'Ug$O&32gUk 4X;z(ZAr9x&ytO{dϞkA,Ư6%&]ʴQ9ԨFu[.\57pc~̌vkJn$1ӉyQcvrt>δjk9 t`FbN,6$_bd4}2ό6`LtBWN3f2v5-5@S([NUd?ȵX4MOaZJED/P@Dk;I5e8J(XhOxHd625*йJdE%LDsX `[+X&0k\ŐVC=yH8NNI7. | +hyD2NbGKd($W[)z]e .TAT~/5|p\EM?jL`dV0>OJ3.-?C,/BO3E!fȃ2  3 捬*{*TR5@@x)k:ZZrc!hԊ|~̣{]_,^#¤g嘑dkp-҈:zRkx-h-S o@|ڃ<13'k/U% ࣜYrum8E!nzOMFk4=M&}V rE|`'wr%KioݥCKCÐ`ޭ7fH l%lɽrWTC}$D\9` <%3>4BB[(yhBM d40'E)%4:yCrbܭ v :Ā7) ;UCsWj0Mr1Zތ/c:0]c }4N;[) ~Du)y=hbo2߿4NƖao r}MIR?~JBZ}jh Wn|Od&AӐ4M&3VN@jdfbJ`Z7f(c+)e lU+Ѡc^3̠i~rDt{3_xE{=έ34eE̋3P{:'Zا +K4MWBqPWg{ l3Hz0:J~CG>&8 fv*եJ'E 9ґH, dtv0^vS&`s^G30rݰF%4 &$޸pdUUcrsd:`rw)GfuTc#zq_#8 ({tt$ȇeK@w|F~QvsYcJ+,B:@dP OjLpBj7ʧJ p{<;&7HM8 sc_V, >ot;]T%XE2Hk|WG'QI̛o ֽYE͈L5DI5܉Ze1p;`q,۪! 8$(*Ctqh55~viVvDIH1% *Kz&#.~"x-!(=/1ځ(/7Mu'@6HO/WQsdzfcKbl?lQkt;_9Md-Ĺ=Gl(ct9J. 7|FҮb z4 n!Za{ ~Yrav$=MoiYWTql ϋt4jYJ2H 1_{g[]" NH3W8kM,;ziͽ}ȳ< s##jP<*XQ>Z8uG[OGܗ~#jFfcUI}]~<13&Th,Xk4); P w4]p)&ߗ\v.WzKns]bmT:`Z2.S89eHClk}~߮)4*NvӚ/yaNbMWcQ>^EXx>dvA1S4AHXHA^5{jòT=a,M]/,~g"]Ju8vbid[`@ջ){[ivPa'X\,J#!?_dz2UqT)~u?]Nk;W;!7~Nh:hԂ} D⼪jo,gzb 4ސs(<绨|GщϯveHjژc < re e/,6ª)}Ī5!/- 8wp9VBaX4dm6E%=Ye1@LtmވSOƙLUKo>6*̡`C08!+˘LΑqOX '~uubXڱ9O} Pkf㋑t;3-xT'UWB·PY4 6Lq@5g9!YS(MlrA#1I|L~U7_.L.ۤ(_PjM#t6nW v^qS[bڋTWr\>}H;Sʬ4y &޼37w(jV^JCk:`@U:O!xU_1kAJ#Igt'+Wf49؜~,`q,3MaXPi R%#mT?L|_lX=,tP7{z}~ne_][S´fw"^RD@Cs ߻5+O, z M<0lT`^NkN ]\41J"bje xo=YL)SɆ*vzMx@֎Z8wr*Vr͝Dp")lS&rQ(EJk]Uc.F;~RbM.Yݨp?|lm$7Z*tO=_-Ze!kwiҋwKG/AKÁ(E~ m<~״%^WPXr@Ȩ`+Be$"^B󮍶''Ah̐R#˙j8*³X)O!Nm%/yϕBE K5X[f67ك 4 LnW3H&ρzLPKLZ'4rf S}ܴ{A*4FnI ҅~QGo\MKK]4B9_5nڗG]D7.N䢸3>;kuH9=֘PC)k#h\HbT`_&eKϕ ǧnr(R&(ߞr]zzA%ZYuDm/q5 0":`?A޶ճ2Gd ?sEN/!@ )>ge"6a}wR`787Y>vdl >bs1_P!iph vHRHDbl04\W}}VdVx꼺Vz-e|$lʶ@?v~c.ⱁ!X{?S _SbAP;@c1V"D!4y>^&wu-]=ҎGr@ÂmFXNKݏ19Ju<)q=ؔcZTOCH7WX杲®7~n5\=\>l%bAqG ܲ :sw7w 3}ϞJ\L%E_h*@pXDC֣{xr;ɏ͍nWM]{4g1&"54s G͂s"' MR9sgiMpEm1s͈i3L55Y,0# `n 3Le `^y";poLZh=vg v@?n`Ucc zΖwb.ш=u{R0{quGg%r(O4v{58`ZRF9c#QvesR\i wgqObbJB(hUfH>emfKBڠrQ%m%.N4C ɜJS *[Y&WZr!pNaXGRi7=aGXX/fEkm?E@r xYh=.U۠WfIȲ'0}z U9pW\j(`[G42 ! =e̷Tpt?iXFBJ>Ab}Yp#v0ދزR:_wX{(.uQwlH~z_yJt8!QteD>wc(F&9SL{UƱm//3;%p_؜1Rۗ'Hh\ o x}|a{+l%||L2'RAG%յ<6@A7x+\V/#nM'0CZ/l)p`Ȓ5ܯ8az'd3SþvE'|c{c*;3a )N@eC|1OiXn輋`ltgЄ $4 p[zN~1 >S뱰D+y(lԫ7sm &-VEbO͌VcOJ}.[UͫaQA>T~Mª#>ҖNN{HR' J!H1´F_?ND&:<<,1\Nfa5/]DO6Ž-˿MҙҞacqo Gܵu:6q79rQR[[{Yfw`9>hŒ YJ6JΚ|x@\] pXp&ҨYAl_7\`J9jR 򘷈PH{L؀ߔ`,m>,C5HK:&'kbF$((KK@ED.0TSK>EEwc亯Qwdڽwك餛W6%gxK_ ^kM~ߛ/lWBij.#Q3;/+Qnl(Z 0gѰJxjI@zȞK, I[Ys!IziS0bҲݭTU2|Gq׏-C ӒcRKT ly80SB6"4D xPiwnX#a^~fbD_JgsCcժHCI {C^pŀ(vYT?WS'e/ S[E6e:c-{\nU SHe2vm@K2 6 YDǹsH~LHƶt2V-$âTWcQs2JufN[ )nkhhefy&~x\/`OX#wFqeZO pM@Jܭl*z4jcZ$O嚩r '֠ 8©$5yM1) :ژv'XUl;r EUCZ *bJoԤ-䀊 z4^Q׆FXN2]6$˜R!;2#q nc+ޡS BH4 p.ߘse밺/Lo.`TX?:^4L̏|cxk~3g5Kwt]bCkKʵ^0 'X?6Y ?w31l^ ]M0}a̒FPGk)׀nN̵R:O5Є8IcMUۄT%$k汖Oub~P܀>"Ar@S @-cqU,Y%5r~d ;uk C0i\aPi}IPtX5STo!sbHꖂXg!% LZMX2psf- eM7^Z Z͔9W]6.rÀm;ũ}?+:N.{'$gDغӪi*! auMYKXstߵL %WCc<#_VDhUK>Kt'u hPQJٮ(qa.KbxoKȥJd5))gAa g; D8 gryQj=O/-IP(*]`QFEYs"MoP #g#"BE;WAuʵk) G.!et1~R^`XچYPT__U6lw|<][,y|\;*pyTr8sÚV9KՒtPWgU0-eಶ.c^M: 7/w wOfgN|KR~ƋO ^9ͅB{悅^x}mI=) r(4$ZZj/U*,,.3+8Kb)f^pԬs!.PȾ$g1\$s2R wT:3{̑+r2wٽF++eCZ sd+W`mmgqq0`K{GbJڻMGfw):YFbF|2 Q ȣ$T z^x|\r (k5)+) w"VU^xdW]DID7l33W'~[)Iw#ȝ 5[ bF,sF=] d˛(v beliSyiKA$ņn?܏{9ƨмN&U>x5aݗƶf["|ܩ?RvZ3g3:p%I{Uʹygg_c.A 1h V+atܰC0m!Nami@Fzp6xF'bgu,l! `vekx8`FHyXRvS1NoKu9sC/ ;t`9s>WM<2*Zo(o4\pR2_ѥ&rn-=o/udU@l6%*մ3YpdL [>I6NT@5uOb ApF[ʷmdvz5`Ri TYc|a#=V;5gb[hf~tt`Vf |L^3GdlkAیK)3#F5i/~Ӵ.]@!iwn+~,jZ 0Ũ9w08}iʻQOCqP3=2  )Z6(jdovHc]3^_ \=Ti#W2|pI iǏrRůuVA5@ܴ\7؇O%uyw("ߣNL3QH@Sk[w䪦iqŃXz-\do@IOLlP8*#TocC_G(Nѯ(viB&jJ=Gl5s[O]DʯFzi5̓kͩ$V{+☔_WWz4NZ `M(hO;ӽ҈TPTcaF<8G-07i +#MdQHK\_o?_YY:G lxA0G+s5IQ!:'8;X}ڶLdGB\Q;]/"VK;[T ^{-EٜC[gF/< *v,0"3U{1Pr98+{I lo^ $1\EygMP-]GoW;uBIL WS5+ u!!~@X?kfB9HU@=Գ!%--u?ļqšn|oPw "V(h2TnhGMPsR, ˥.!\`SjVbPDZߓFZ+xC%IfGhFk%Sx~T>п35ݞO؃'* ' ~ߩ|b$:-EEOY*L{T8*x$`8 {1_ Eϋ C0hc79~fba 9-uj-i*A3d.htB`1oFe#6E([4_㥲^\Q2Y]iEȉAYPD97!^yq(=C0\t_GL 9VVj{SIgށWgwC%'OdyʃZ3֕ oQ |=xϺҕfքxkUwQ.2+)*ETX03WӶӐSԋ޻°8Tl6rvd2*r@JL vqco3lpl(K.7eZ'Q]ˊ& 7 Y9{)=֝:I{UƣB.\Ⱦ˖I ,1.hJѯ|?KDg%N#塛i$2fJ CܢTlfFԩEqs2=VJzzwQbWUJk]K,ia)0A>νEsnZp\+`po wÝ0-u?H]BDw1Mvo:X٠ .7],1a$ i#1SxzmH8|?Ϧ|lﶽ"?Y4lQHGN]GHR~),zM Ka/TsdOfCq\bB?AueJbrc` :Xg$طjc0ǜ50=hʼnR%+~5R9CVCڸc⧢’#钱pX;! X&M^N*ci DFx$6 ).1r a7ʪmY"8_HAOGK%?OH*IƏEmd؂AC^?\%lcalW [@Tgh2 d@)^퉾!~Bx!cGV!-cIB vC \*:vSɲQn59 )?ZlՌ&;J+0kh>O R)RDޯ5MUq!cA{S̱0MLSECVN׏fznUWTx\hjo+-w }#zq81NuiD^pim8+H%L>B#Ky#E9@+Nǹ,@eKThіnLr w^dpS4'-QfjL Bx ߛ)".&2}6ty)`L>D˜w}5%9"*J3U +wMK2nF']@B{H#y4_ CfCz9(OSlzG6)4 _ȡeo@\sR&S&m,jABk:`?Ǵy.̾>)' m/<(ēt =9;W N"m]Af2̈́?|ξ_oW5|kۨvМW]qH|rXb 8FqGR:/8]O`b̏)(gT".n<՝iNrsz1"yYtN R,ZFH8 ?M s^LQ$YD+6D1]GP%6@?o+&BlGsYj;g1e+3RTh[ ǃ5(kn@J 81漨ڌkۚ๤P0)jȼ()/V7_vQY-qi ;aI#>0x{{:~8!y Ԑck1|m}|GO?EڸAu ȩ\cp؂{S# 0j : {2YJNKw Ȼ&M@ GISvƻaH.:cZtZ4 =#LzYI/7O*eN?,5;,gYaD4 _xŽJ%ew# 0}S,j*\L(Ě"ٹ:;supQ0qX}XJD{!8|lxO 쵎URxrmnPc+X7{lA&t9 tWu},1g|GR_/>.Dn";jRe#iL^[Frl-5qR}[D?J|2U6ީB\U'%C2B/r׽5m>X[z)PX*]Nt]JzIa<)wEe8&\O:2q>lR1uI2 tldcC|O%MoYtL׫h/#"/qIL/BxkvL ~ G1m[ch%W]4'>7j: l=B֭-uteic~!%8ͷ(SLyg/|ۤ8V1σw&ZiSx{iB˷Y21*$Gw5\? qFJ1o']admY4Ff'. Y@_qKG+71b/Ѫ>Ffz~:|gU:]ղ5qr%J< /.{1fvOGV=6g9+RŠٿ'8.oaݩϮ셦 7+4m:Wd_-a )?'"[|Z*BZS>[tc'BGHCu^#Thia<1"0sLR&%FDz*mL.QȌ"YtEdo*l~T@),ep2:~X7< ad!Ŵ`<%+c>ޯ53fQ87<:\d ~lF l3^o3 4x4rKaQJWUaq9?CHOTYrCoRa~U-KxRTRXćgdkq CY AΖ_@Yh4]֖c_KU͝&eL$Ɩ"rVAEq vA&7W۬0": Z+Ĩ K/{Aع*d}P*4nu@ }T] H:ЂFl,(JW-W/G,ߠPJIۈOUo?R]d~haO婺~FM5$\L7,u?dRh;d"f|R/sm%ywo4e@c W8yhX)tav<5zRpQI^GRM"aً̕e$ŮS%@/Q18W4pށڵ,;v"glHj'`̓l73 xX94_ ܨQ"yˈ8OgXKt+W[܅w} W= K5 Z-T[D3 AY 13vZI]na vF|l[ !ej sX[-2r*nD=A@ZL/+𔦿, 8m1h[Foi?mJ^OIRe+~_>e [Vf*Tp:#|4vZJw= ٕw\,|]pV"@~zj ՖKd _$@3G^GjQTCb=Bӎa}Ɗu2{u?&6fߜMDU#fdfZ}syь;"KS pK#&N1C~.ת0 ފ6nI>2bEj|Hh4KkkK1/&50̶{~]2)`TV 6^;vk@+d[Xz'vx8e0D'ɺ#MMțEGsj/e俢Qŷ KDݞwqF"E.K햠 SRp d7Ň a@nur$*y2fqjEHa]>Qѝ8=ٸ<_y" bz+Vf =p|8 a9?;/ҸA"_%!z !1iW=4eMuo銎&КŲG(udF}~|2QUFa\92t:_%v%I PzƢToJ+`ke"4>Z#NeMDnL1 4 }*Ԛf^\05|۟mè/!`6 &nvR?k!DS|ؙ":!̄矟?CqP {,6WtLbP&di:XaO뜢BgWA}LW=ܰ%N-=촓\X9,|1*C_fN%Њp lbRswXt{+6uc<\d>H<`Ə(F+[zkzpY~Uә$&[nyy_!NMzPvWH1eg+<}`nŸ}**Ql]S ,YʮC@qq:{hj'/vܢ>,铄 ҰOqoeQ^,K>غfk#1%~Х?W,ŶfC+)hOcF" /,]/]D'z?J#F,ZSS\l绲k-T໴%f8'A U2jvD^g1bʎ$Kkɲ53 D^]es¿@U(IJ\C bOV!.Ss5 b4)[ʠ& nÆGg^?3 ,L[&(J>UB*Obn)<|vJO ~y>k|$/?w=7 qI/ti\IGoXrOÒՊs#ƍ2KUVCr6q"OԧLj޴a2spY |>W'Tg̜`Hh"m_]+GOmCFA,L /d n' 9ˊ; t ͇H@3R~T[+*,ȼ4 RPHFQW_< zП]JE\5\wnbw֦TiPc|ψpkLzfLv·]\fQUOSn8*U^m 0玑 ʫ洉[T6ZO؈BA/nRB Nn䔤t/\aʝєئ!i )0Y^tRJp羡: M`38'cGDALp$ggBVkR+u{mi;ӞW7 bh!Qv V/ݕxRKs2qQaweO vw4V=؁wQ0pųQ 1X /Gk-ph̗SrTs 36taIų.бׯ,LDkn|VěMJ.QA70|=z-<>e c5Q"Wss-:_pk-|Ra@&ƬmkS^\6*Vyx$,/"֢/*A'4`akanLub9j[c"PqnVeCO巅<3+w0u[L)c_%ꇝn=.f:&ۣ[/L](5Z@wSS 1 bOŢ%WG{{dm0 !AM{\NGvU ?t2 I`JjtIQ*%[gs7lyc!+CL l'#Se > $/.utOrD1 vD"ܝ(ꮖi{23I7p!gFk(0"pvԁ"8Cqu:zL%_峺+Am{dieH2O J3B(/V9Gop׷L.|-.~a=v|2ɅN5 58Cgۯ'|3