libgcrypt20-1.6.1-48.1<>,b\;/=„k(-"{/ @#%Eb)Q'b?K?Kd  0  HNXh p x   <L(8I9I: &I>G@GFH GH HH0IH@XHDYHT\Hl]H|^HbIcIdJ6eJ;fJ@lJBuJTvJdwKxKyK( zK\KlK}KClibgcrypt201.6.148.1The GNU Crypto LibraryLibgcrypt is a general purpose crypto library based on the code used in GnuPG (alpha version).\;cloud136openSUSE Leap 42.3openSUSEGPL-2.0-or-later AND LGPL-2.1-or-laterhttp://bugs.opensuse.orgDevelopment/Libraries/C and C++http://directory.fsf.org/wiki/Libgcryptlinuxx86_64[HgA큤\8\9\:QCu1c5d140bcf2c7ec9d0931433bcf0fbecbbb461211a33b134d42ed5ee802b37fflibgcrypt.so.20.0.1rootrootrootrootrootrootrootrootlibgcrypt-1.6.1-48.1.src.rpmlibgcrypt.so.20()(64bit)libgcrypt.so.20(GCRYPT_1.6)(64bit)libgcrypt20libgcrypt20(x86-64)@@@@@@@@@@@   /sbin/ldconfig/sbin/ldconfiglibc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.15)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libdl.so.2()(64bit)libdl.so.2(GLIBC_2.2.5)(64bit)libgpg-error.so.0()(64bit)libgpg-error.so.0(GPG_ERROR_1.0)(64bit)rpmlib(CompressedFileNames)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsLzma)3.0.4-14.0-14.4.6-14.11.2[@[*AZ@Z@ZYx@Yg`Y[@YV=@Y:Y1S@W:W;WW@V@VV@U@U@Ug@U_@U_@U_@U]U>$UT@T~TTfT|T@T->@T*@T)IT%U@T%U@T%U@T$T!`TT&@T&@T_S0SS,Sr @ShShR>R@RƦ@RƦ@RRQdQ@Q@QQo@QLGQGQ O/@O7NN@N@NR@LfL0wK,@I@@Pedro Monreal Gonzalez psimons@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.compmonrealgonzalez@suse.comvcizek@suse.compmonrealgonzalez@suse.compjanouch@suse.depjanouch@suse.depjanouch@suse.dehpj@suse.comhpj@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comabergmann@suse.comabergmann@suse.comabergmann@suse.comvcizek@suse.comvcizek@suse.comjmatejek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comlnussel@suse.devcizek@suse.comlnussel@suse.devcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.commeissner@suse.commeissner@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.comidonmez@suse.comandreas.stieger@gmx.dedmueller@suse.commvyskocil@suse.commvyskocil@suse.commvyskocil@suse.comandreas.stieger@gmx.demvyskocil@suse.comcoolo@suse.comcrrodriguez@opensuse.organdreas.stieger@gmx.demvyskocil@suse.comandreas.stieger@gmx.decoolo@suse.comchris@computersalat.decrrodriguez@opensuse.orgopensuse@dstoecker.dejengelh@medozas.decoolo@suse.comcrrodriguez@opensuse.orgmvyskocil@suse.czjengelh@medozas.dejengelh@medozas.decrrodriguez@suse.de- Fail selftests when checksum file is missing in FIPS mode only (bsc#1117355) * add libgcrypt-binary_integrity_in_non-FIPS.patch- Apply "CVE-2018-0495.patch" from upstream to enable blinding for ECDSA signing. This change mitigates a novel side-channel attack. [CVE-2018-0495, bsc#1097410]- Suggest libgcrypt20-hmac for package libgcrypt20 to ensure they are installed in the right order. [bsc#1090766]- Extended the fipsdrv dsa-sign and dsa-verify commands with the - -algo parameter for the FIPS testing of DSA SigVer and SigGen (bsc#1064455). * Added libgcrypt-fipsdrv-enable-algo-for-dsa-sign.patch * Added libgcrypt-fipsdrv-enable-algo-for-dsa-verify.patch- Fix a regression in the fix for bsc#1043333 which caused libgcrypt to leak file descriptors (bsc#1059723) * add libgcrypt-fips_avoid_clash_with_gkd.patch * drop libgcrypt-fips_no_static_fd_random.patch- libgcrypt stored an open file descriptor to the random device in a static variable between invocations. gnome-keyring-daemon on initialization reopens descriptors 0-2 with /dev/null which caused an infinite loop when libgcrypt attempted to read from the random device (bsc#1043333) add libgcrypt-fips_no_static_fd_random.patch- Avoid seeding the DRBG during FIPS power-up selftests (bsc#1046659) * don't call gcry_drbg_instantiate() in healthcheck sanity test to save entropy * turn off blinding for RSA decryption in selftests_rsa to avoid allocation of a random integer * add libgcrypt-fips_dont_seed_drbg_in_selftests.patch - fix a bug in gcry_drbg_healthcheck_sanity() which caused skipping some of the tests * libgcrypt-fips_drbg_healthcheck_sanity_bug.patch (bsc#1046659#c4)- dlsym returns PLT address on s390x, dlopen libgcrypt20.so before calling dlsym (bsc#1047008) * add libgcrypt-fips-use_dlopen_to_get_hmac_path.patch- Security fix [CVE-2017-7526, bsc#1046607] * libgcrypt-CVE-2017-7526-1.6.1-2.patch - Hardening against local side-channel attack * libgcrypt-CVE-2017-7526-1.6.1-1.patch - Factored code for function (secret) and added new functions (secret_core_std, secret_core_crt) in cipher/rsa.c- Don't require secure memory for the fips selftests (bsc#931932) * prevents "Oops, secure memory pool already initialized" warning - modified libgcrypt-fips_run_selftest_at_constructor.patch- Added libgcrypt-secure-EdDSA-session-key.patch [bsc#1042326] * Store the session key in secure memory to ensure that constant time point operations are used in the MPI library.- Add libgcrypt-CVE-2016-6313-1.patch and libgcrypt-CVE-2016-6313-2.patch (bsc#994157 CVE-2016-6313)- make the -hmac package depend on the same version of the library, fixing bsc#979629 FIPS: system fails to reboot after installing fips pattern- Add libgcrypt-CVE-2015-7511.patch (bsc#965902), fixing side-channel attack on ECDH with Weierstrass curves- Update libgcrypt-bsc932232-avoid-drbg-crash-with-fips.patch (bsc#970882). Fixes crashes with GPG key generation.- Add libgcrypt-bsc932232-avoid-drbg-crash-with-fips.patch (bsc#932232).- fix for CVE-2015-0837 (bsc#920057) * Fixed data-dependent timing variations in modular exponentiation [related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks are Practical] * added patches: libgcrypt-CVE-2015-0837-1.patch libgcrypt-CVE-2015-0837-2.patch libgcrypt-CVE-2015-0837-3.patch- don't drop privileges when locking secure memory (bsc#938343) * added libgcrypt-secmem_dont_drop_privilege.patch- the RSA decryption needs p < q for CRT to work (bnc#929919) * added libgcrypt-fips_rsa_p_less_than_q.patch - minor changes to the testsuite * modified libgcrypt-fips_testsuite.patch- remove obsolete drbg_test.patch added Aug 22 2014, now covered by libgcrypt-fips_add_drbg_cavs_test.patch * removed drbg_test.patch- update local cavs_driver.pl copy to the latest version- enable DRBG reseeding * added libgcrypt-1.6.1-drbg-reseeding.patch * added drbg_test-reseeding.patch- add possibility to specify salt length for RSASSA-PSS verification * added libgcrypt-fips_pss.patch- perform selftests if the module is complete (checksum files are installed) (bnc#928740) * changed libgcrypt-fips_run_selftest_at_constructor.patch- updated %post and %postun scripts with correct .info filenames- fix CVE-2014-3591 (bnc#920057) * use ciphertext blinding for Elgamal decryption * added libgcrypt-CVE-2014-3591.patch- handle priming error in DRBG continuous test (bnc#905483) * added libgcrypt-fips_handle_priming_error_in_drbg.patch from Jan Matejek- fix a bug in FIPS 186-4 dsa generation * changed libgcrypt-fips-dsa.patch - testsuite adjustments to make it work in fips mode (bnc#899524) * added libgcrypt-fips_testsuite.patch * dropped FIXME-temporary-hack-to-make-some-tests-work.patch- use the RSA keygen generator from Fedora that supports KAT tests * added libgcrypt-fips_rsa_keygen.patch - add gcrypt_rsagtest binary for CAVS testing of rsa keygen KAT * added libgcrypt-fips_KAT_keygen_test.patch- merge in RSA keygen RPP and KAT tests from Fedora * fixes bnc#900275 and bnc#900276 * added libgcrypt-fips_cavs_rsa_keygen.patch- all the drbg patches were merged into v10-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch - update drbg_test (libgcrypt-fips_add_drbg_cavs_test.patch) - add libgcrypt-fips_fipsdrv.patch- address a potential integer issue * changed libgcrypt-fips_PKBKDF_missing_step1.patch- enable HW support in fips mode (bnc#896435) * added libgcrypt-fips_enable_hardware_support.patch- fixes from Jan Matejek: * make DSA selftest use 2048 bit keys (bnc#898003) * added ECDSA selftests and add support for it to the CAVS testing framework (bnc#896202) * fix a bug in fipsdrv * changed patches: - libgcrypt-1.6.1-fips-cavs.patch - libgcrypt-fips_ecdsa.patch - libgcrypt-fips-dsa.patch- hide most of the fips patches behind a conditional, so they are not applied- fix condition for minimal e_value (bnc#896201, RSA-FIPS-186-4-adjustments.patch) - more testsuite fixes (fix-test-suite-for-RSA-in-fips-mode.patch, FIXME-temporary-hack-to-make-some-tests-work.patch)- don't apply libgcrypt-fips_run_selftest_at_constructor.patch * the system currently doesn't boot with it in FIPS mode (bnc#898253)- update libgcrypt-1.6.1-use-fipscheck.patch to not require hardcoding library soname - FIPS 186-4 RSA adjustments (bnc#896201) Added patches: * calculate-fips-checksum-after-build.patch * disable-algorithms-that-are-not-allowed-in-fips.patch * RSA-FIPS-186-4-adjustments.patch * skip-GCM-for-FIPS.patch * fix-test-suite-for-RSA-in-fips-mode.patch * FIXME-temporary-hack-to-make-some-tests-work.patch- add missing PKSC5v2.1 step 1 to PBKDF algorithm (bnc#898005)- disabled curve P-192 in FIPS mode (bnc#896202) * added libgcrypt-fips_ecdsa.patch - don't use SHA-1 for ECDSA in FIPS mode - also run the fips self tests only in FIPS mode- run the fips self tests at the constructor code * added libgcrypt-fips_run_selftest_at_constructor.patch- rewrite the DSA-2 code to be FIPS 186-4 compliant (bnc#894216) * added libgcrypt-fips-dsa.patch * install fips186_dsa - use 2048 bit keys in selftests_dsa- fix an issue in DRBG patchset * size_t type is 32-bit on 32-bit systems - added v9-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch - added v9-0007-User-interface-to-DRBG.patch - removed v7-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch - removed v7-0007-User-interface-to-DRBG.patch - update drbg_test.c to the latest release- fix a potential NULL pointer deference in DRBG patchset * fixes from https://bugs.g10code.com/gnupg/issue1701 * added v7-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch * added v7-0007-User-interface-to-DRBG.patch * removed 0001-SP800-90A-Deterministic-Random-Bit-Generator.patch.bz2 * removed 0007-User-interface-to-DRBG.patch - add a subpackage for CAVS testing * add cavs_driver.pl and cavs-test.sh from the kernel cavs package * added drbg_test.patch- split off the -hmac package that contains the checksums- libgcrypt-fix-rng.patch: make drbg work again in FIPS mode. - libgcrypt-1.6.1-use-fipscheck.patch: library to test is libgcrypt.so.20 and not libgcrypt.so.11 - libgcrypt-init-at-elf-load-fips.patch: initialize at ELF DSO load time.- add new 0007-User-interface-to-DRBG.patch from upstream * fixes bnc#877233- add support for SP800-90A DRBG (fate#316929, bnc#856312) * patches by Stephan Mueller (http://www.chronox.de/drbg.html): 0001-SP800-90A-Deterministic-Random-Bit-Generator.patch.bz2 0002-Compile-DRBG.patch 0003-Function-definitions-of-interfaces-for-random.c.patch 0004-Invoke-DRBG-from-common-libgcrypt-RNG-code.patch 0005-Function-definitions-for-gcry_control-callbacks.patch 0006-DRBG-specific-gcry_control-requests.patch 0007-User-interface-to-DRBG.patch- FIPS changes (from Fedora): - replaced libgcrypt-1.5.0-etc_gcrypt_rngseed-symlink.diff by libgcrypt-1.6.1-fips-cfgrandom.patch - libgcrypt-fixed-sizet.patch: fixed an int type for -flto - libgcrypt-1.6.1-use-fipscheck.patch: use the fipscheck binary - libgcrypt-1.6.1-fips-cavs.patch: add CAVS tests- Drop arm-missing-files.diff, fixed upstream- libgcrypt 1.6.1, a bugfix release with the folloging fixes: * Added emulation for broken Whirlpool code prior to 1.6.0. * Improved performance of KDF functions. * Improved ECDSA compliance. * Fixed message digest lookup by OID (regression in 1.6.0). * Fixed memory leaks in ECC code. * Fixed some asm build problems and feature detection bugs. * Interface changes relative to the 1.6.0 release: GCRY_MD_FLAG_BUGEMU1 NEW (minor API change).- add arm-missing-files.diff: Add missing files to fix build- fix bnc#856915: can't open /dev/urandom * correct libgcrypt-1.5.0-etc_gcrypt_rngseed-symlink.diff - require libgpg-error 1.11 or higher- fix dependency for 32bit devel package - name hmac files according soname - fix hmac subpackage dependency- update to 1.6. * Removed the long deprecated gcry_ac interface. Thus Libgcrypt is not anymore ABI compatible to previous versions if they used the ac interface. Check NEWS in libgcrypt-devel for removed interfaces. * Removed the module register subsystem. * The deprecated message digest debug macros have been removed. Use gcry_md_debug instead. * Removed deprecated control codes. * Improved performance of most cipher algorithms as well as for the SHA family of hash functions. * Added support for the IDEA cipher algorithm. * Added support for the Salsa20 and reduced Salsa20/12 stream ciphers. * Added limited support for the GOST 28147-89 cipher algorithm. * Added support for the GOST R 34.11-94 and R 34.11-2012 (Stribog) hash algorithms. * Added a random number generator to directly use the system's RNG. Also added an interface to prefer the use of a specified RNG. * Added support for the SCRYPT algorithm. * Mitigated the Yarom/Falkner flush+reload side-channel attack on RSA secret keys. See [CVE-2013-4242]. * Added support for Deterministic DSA as per RFC-6969. * Added support for curve Ed25519. * Added a scatter gather hash convenience function. * Added several MPI amd SEXP helper functions. * Added support for negative numbers to gcry_mpi_print, gcry_mpi_aprint and gcry_mpi_scan. * The algorithm ids GCRY_PK_ECDSA and GCRY_PK_ECDH are now deprecated. Use GCRY_PK_ECC if you need an algorithm id. * Changed gcry_pk_genkey for "ecc" to only include the curve name and not the parameters. The flag "param" may be used to revert this. * Added a feature to globally disable selected hardware features. * Added debug helper functions. - rebased patches * libgcrypt-1.5.0-etc_gcrypt_rngseed-symlink.diff * libgcrypt-ppc64.patch - add libgcrypt-1.6.0-use-intenal-functions.patch to fix fips.c build - Move all documentation to -devel package- update to 1.5.3 [bnc#831359] CVE-2013-4242 * Mitigate the Yarom/Falkner flush+reload side-channel attack on RSA secret keys. See .- port SLE enhancenments to Factory (bnc#831028) * add libgcrypt-unresolved-dladdr.patch (bnc#701267) * add libgcrypt-1.5.0-etc_gcrypt_rngseed-symlink.diff (bnc#724841) * add libgcrypt-1.5.0-LIBGCRYPT_FORCE_FIPS_MODE-env.diff - install .hmac256.hmac (bnc#704068) - enable varuous new options in configure (m-guard, hmac binary check and random device linux) - build with all ciphers, pubkeys and digest by default as whitelist simply allowed them all- avoid gpg-offline in bootstrap packages- Library must be built with large file support in 32 bit archs.- update to 1.5.2 * The upstream sources now contain the IDEA algorithm, dropping: idea.c.gz libgcrypt-1.5.0-idea.patch libgcrypt-1.5.0-idea_codecleanup.patch * Made the Padlock code work again (regression since 1.5.0). * Fixed alignment problems for Serpent. * Fixed two bugs in ECC computations.- add GPL3.0+ to License tag because of dumpsexp (bnc#810759)- update to 1.5.1 * Allow empty passphrase with PBKDF2. * Do not abort on an invalid algorithm number in gcry_cipher_get_algo_keylen and gcry_cipher_get_algo_blklen. * Fixed some Valgrind warnings. * Fixed a problem with select and high fd numbers. * Improved the build system * Various minor bug fixes. * Interface changes relative to the 1.5.0 release: GCRYCTL_SET_ENFORCED_FIPS_FLAG NEW. GCRYPT_VERSION_NUMBER NEW. - add verification of source code signatures - now requires automake 1.11 to build- update license to new format- fix deps * libgpg-error-devel >= 1.8 - add libsoname macro- Libraries back into %{_libdir}, /usr merge project- add the missing IDEA algorithm after the patent is no longer relevant- Remove redundant/unwanted tags/section (cf. specfile guidelines)- add libtool as explicit buildrequire to avoid implicit dependency from prjconf- Update to version 1.5.0, most important changes * Uses the Intel AES-NI instructions if available * Support ECDH.- update to 1.4.6 * Fixed minor memory leak in DSA key generation. * No more switching to FIPS mode if /proc/version is not readable. * Fixed a sigill during Padlock detection on old CPUs. * Boosted SHA-512 performance by 30% on ia32 boxes and gcc 4.3; SHA-256 went up by 25%. * New variants of the TIGER algorithm. * New cipher algorithm mode for AES-WRAP. * Interface changes relative to the 1.4.2 release: GCRY_MD_TIGER1 NEW GCRY_MD_TIGER2 NEW GCRY_CIPHER_MODE_AESWRAP NEW- add missing definition of udiv_qrnnd for sparcv9:32 - use %_smp_mflags- add baselibs.conf as a source - disable the use of hand-coded assembler functions on sparc - this is giving me an infinite loop with ./tests/prime (specifically ./sparc32v8/mpih-mul1.S:_gcry_mpih_mul_1. Fedora disables this too.- update to version 1.4.4 * Publish GCRY_MODULE_ID_USER and GCRY_MODULE_ID_USER_LAST constants. This functionality has been in Libgcrypt since 1.3.0. * MD5 may now be used in non-enforced fips mode. * Fixed HMAC for SHA-384 and SHA-512 with keys longer than 64 bytes. * In fips mode, RSA keys are now generated using the X9.31 algorithm and DSA keys using the FIPS 186-2 algorithm. * The transient-key flag is now also supported for DSA key generation. DSA domain parameters may be given as well./sbin/ldconfig/sbin/ldconfigcloud136 15454121551.6.1-48.11.6.1-48.1libgcrypt.so.20libgcrypt.so.20.0.1libgcrypt20COPYING.LIB/usr/lib64//usr/share/doc/packages//usr/share/doc/packages/libgcrypt20/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:9381/openSUSE_Leap_42.3_Update/56a3541f08ebd5cee17c177f20656398-libgcrypt.openSUSE_Leap_42.3_Updatedrpmlzma5x86_64-suse-linuxELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=4c4ddf9c2feea9506d44e593689447f7f5d636c8, strippeddirectoryASCII text PPR R RRRRRRR R RkI J îglibgcrypt20-hmac1.6.1-48.1?]"k%f0]dJtZQud$b)MT\%4=6譪qg&5Bw Edi[jD/4dj%Dp%y.6?'Q*H_~ cӕGDQH|<uӹ.P(K2|Y(< >S[3bԲdU(Ia? OI)!$ť}PʭrmS{dH=' !sO^rd}0XrBi,^f{a}0A@ -U|VQdq^P;c@Fwo,˵g 8) ÙfZK?8Tbuܖ ' phN:YdL6&N>؀e? C<Λl.':4 k١ٯ=w60(WB{ s6 ;Ŷ9F'½c t6( ?1c)I1inqX29)l &%cw+:@~_m/`?|VYJ vp5\@.kd2"pT^9ւ] (H'*l)j|M߭bcQFxEGP|-̦o>A\;>TOYf%MT 4X3G22w[x(_?dX72VN~'kG:,5Ǯ\ς[ oQRe)CU7BBʑ}دv2ji3IY1fxCc'115lL< 5~Å._*C*6d} - LK3s"|wڜ^ep9oBFi%cMF~m˰8 -MP2ή iE޲ V.Q9ޏLڰi*ַ` -[_7ޣ6OSA Q/Y#b*\D0#^!fI<,+%Q`$H+.mـ:SG^¯FT󱘬]wO ?~RWXCȴ)9tzT g#Dޜҷvm)9}j+Zz^ȗb+ "_*+V1_ykv 19cOMkX돟>S2w&z!&[,!'/gK\#? Enu>~zԔWErNuz+b/LM*s !y|΢P#1*frs/Lq\=ic>H9†fĉ$8f6=jjZ岟eMoj+O&l&!ti8{SE*OF kemC@sޜ x}*m.YߣҀl5֔=4pP7&eg~3}*)w@c%}В)ZQ`2ίqjYlتArY!Fxc}&;rB*$/ ML*h/8o2T@ =S^}H<%p$C&n3֎RK e 秀T*@tek)VlSZ6#=_  pD|PaMF Y~x wfWWּsZ՜'Uh} ciƒ.!, n!Y~67̡2v.eH4+:b)48)6ummݑsx-m\ 4z%?;aӾ@uC sASvdb֊UziߧԲ8+ɏLTH869IoiF0δTAL$a0|T x>Y*.c"a.yxU |w/AmQ;\r`d9U=m M lޟ&}\\$(R- X`E[JETE\< FElIOfKi.Q1{z,z ۵?<*\GG{ft Oa.wy,~R 0ppof|+|H<ŕt֬:*,zsD(J%UMUK,zH9\_ݻV;]ԵZ0=o.".*'ܝųw?aCJ1q9j%QPÿT##мuPtL0K5,ARq zKZq@ڌy]`d|%OgW n,;ٳd$k5}uXg&Co>A9뚵G*n$$ؚ/U46#gsRu}Yj^,U4(n$a%3yR5F:s M>)8> 4&}?:^>{C"9ᯔ1ߨiG ]E7a& (Wmu=oFďqDD5h,c!7II vppv>R-Nȼahi&8t#f\[#7*VCLJM7-p@6!f~.Wi L^Ln ݆އC&- cQJT'avöh{ .;(wriĤF}~A_דFfHcK\CiEE&FP|͆!BSB3^]KymfN8z^}y. 8uU1+FO0;4I6\\| otIPm9LHM*h)>/G[#^f|Fʁ(ni1sCn=ģMgJV;Rݣ)K9 rabTcP{kLY&$NI4VvvUNh<[E @ܧK_oM IV0fԦ>=pF}27 }˞`Rɧt7~l @sfᲐۘFԌc6S;~W{Rx_;(ĭnukzs WL+ _ ̘~GM\0Vj(I]_4C']bD!(9'a;u/%| W][}HYxy8l*k_3nGY7\@"tE?{4K*M`[> v"N3ut̔ 17bU 'TqUo1P4gIhccbtK$}Xb{2n)[U65&o<ptWnh'pQ_:q/ǝfSқ5.ㅤHD(Rm\̄qFWoU˵둪S2Y26im| R/e ꏖ\Q=qJ eoA~X?UPg 5fi#$n$Othl;*3U$mAMQicj<8ˬLΞUU_/Ko;@ƅ*SKUqHN.Ru2 g}?|`p[K.s\!NU3uV>[;DO!NӁ||oZX,@ڼ@NZTT(ι><ؔ3,} 61DIU"CO4a!2oILSpo9_`R2>p- : G#Tl%}FԺ$]#R.SRyև:S<C!$A6{K#jټU=&}YZ3/E i- ~++^UD' ϶' =emdJ{sO1$!u%05d{y_ Umc~ ߚFdVz6f0\Q]A#/_+`JQ_a2Sr,Zָ'4E'>CtQ9USa^֒&zql%H:7%N$xm\ \slga6ռ1`%Aٜ>3ax;:Vo}!<љ-hRiM #(/̶zz͕mXZe 㥹&~Fն\.~pS 6ӰfG& -,:ቛjᐳ!5_uѕCrA)'2$l/#zsbq urJnd;s7YIy:4RA=|C])zg f'ؘPREJ5ɮʮsΛiJaݴ񜍼̝0B}{4~Zآv ξaox\x$QQKܮ٥nm968n}Qv^o$ ^LJwE|ƴ&Ve+-bxOWX&xw!URu_H@ L~>fU{WRF~x`itw3A);bOU%{ky>/jL}S2 Y7aZu ɋJ5X9e@tdRvfEfܽ"2MZ4 QU($d4sX"V2Ԥ&ˀ#/.faH}?0"Oi,{r:oI&-Jy ($ 1#7zf󯿣[5Imr1qwmBB4@j}xR| n*q}kn6޿q)MyH`AC}?zswݛs-p݀lB75%8@jv${kYjGFfࠟ"P:xM&gYY B?(DwҼ5ڪc5un!aeњM=pi ֫71\ީlU;KroP#`VCQ~H/sʉ|9&sclMS/%np'):lmJO ؖZ7/p˫I$ǃ[rU dKx|wsbYc+Ftĭx>.%p@[U9E+}-I+XƟ*](\\i&lDͻj6蜌ʺ]\M/5!]a)֞#61ڜann<|f" u2]n}~ }'6{h'{QdXq[0.'uBC8oH\!]{  5JhقL䥰zlop%bx7dN4H\ϋw{|y}z U9ז@oտlE#_%DW]\fC g7nX'7Sߎ@ZX 3 _PM۱waM2GԦ}Xai׺@BZ嶻0OՏmKQ*$Ki_UDVj_mCc`C `6WڅL𔰡=æc}ڛfKJE=kqG@xX}x?\!h1?f#pv;eYjDU&BF &m@9Σ2Î׿ր&IuQt5lIX!#@d rH+h z:~([.4{ĮTsAI]QprҺO_Ω](i cIx-{ p(iWH^{X.}]2ZBiK@-_& ;#$%H2ȎT~;<]RiHU`'5ZJ\~F_Aaޜl[C ;T7m77XM=S쑮_Qx\ٖjB\9 nj ܚ7JHrn&63đܟɡ!&Ľ(WOE(]P V Hsہ$`K[H:l̅x{j(ٕy%-'Hk9րJR\Tk ]l@b/O~vh_sڠnKVLui5(-kL@q('򏎸>#Kg[}Ǔv!ϫ5A$h*>ID?UޖnTEMd=S?&#% _YOyYdHm 6+҆@+y7/ƷaA)ąbݰ84Tzm4:|KRhm BAi,lt!@yrCo.Tx*1YhJܺ4 ( %6gMp\FCR9hl fC"„/H߶Rr=hφ| \tf B>¥r0ۇ~*QvFv(QxpFiڛB.'GS|o.'kaq\xxOZRoVΕ5GBiځF ]T0w!II0^ p2CFܸ80N)J 񊽂aY&dH4WԮ 㕮 qTjj kD0$Q< @|Z2z1Bp9IkVQ2hyu8#D:mc 4Ynb{IQy?л1 W~2)q>||5S؛' _^4b)k!ѓo*<>]=@O5Rl fZ_E.2_$ȅVa`a!&k^xIqy/0,› qI ˟DQwoV٫h Z Ip3(/j7'f@%)?!RqYI%4ඵxx&Xg$*} W %Z‘2ƁBQTxXi*M G! E=?ZLS \HA jH3%Ac!vƒf~{(x>͙#RBObpi& ɲ绫Vd488oQb6}hM01NxLe9GV"`8t3ZW;ꞳB`+/'uAy' >A֊9 Y%#]aۺ8?ZXE8w+/8j ~\"va+nU!z1行8q Az6'߽ҫCSZ ݝ3F"b}ͪWJ}2 '`u 3+![ pUfϸ4i>)_[@HBN7P[lׅ ; 9+-]%ĪW !Njr()~JNouΤCDDIMA5b䒖9K1ˊ+5qUpQXi+iGϡmU'O$hn ԒpPzl;wi2/`4GڮHn3ˤUΰ{NBE:GenGc1A$#Kp40 )$*h+T{6Pv3MzGE\)* ,!{ "MVq f`] 1Tj@N-K8L^!ț֜m~VxpS?I=oe>eek}@uGƼ6/r\`t^<5AT%-Dm3yFm`nVREpKضe֒H܇r`?910wN3à7@\3ڷBpQ"'m 7U#;lSji+QңfBwBKT/d%Ecm02JUgeDfŽWCcj9L-M7amT0fOd#1F") BWJrY=aȣJM 9]@qdB5_c}߈sFn9qM0=伫NM54)?E &`!N"+r|Ï}`u芝co7ʼR!css ;xa1' =>p{sP"=&[i 6K2e'2 =2E"JNֹL$}-tǠ ?N,Bj7"n&o=#~iƉ s-n ]yv1)1I2,\{>jR ,r;5l{Q> )|?Ep2 χM w#h$?4Cᦢlj<E1C01¦uDSZ/L.ܽy*pqH(b2S/yaMpQ=k4$*y!W]pItچOQ%n~X< atM«W,ڌ$ D+r@Tf5m4˘= -w L}<. NVy UƲgGmz%B&o(cOKgbB3E Fqo7R1.Q:ճ4jY;GnmB]: ۥYROGn5 /t_K}V^6WK;7(r̾sTG.m 'ՅR&iޏG qYZ\'+^ANF3-{ƯK*m!_$o)̽B% QDfEB[Wag~TT_`8CIzĸGl-fdGU^Ai~M g 9zk@1YÃK01+<3?`4_ء0EwIҟ(˅P!6Fw{^?/P0АIy&ꡨ|Ul KP%kay(oE]Ygy.5jd6o}'*X7;[.'nA`f*%&6҆LI0U#pd37~tO1l,x4NbRPs ɚ)书#Kܥ t_,JJb=9Yn,B>Sel*6(Q ];$W (n֤4tC"6Kv<kZÅ MMmh)%Jy~pM`$={T(?P^'ӊpn+AvKV:Y^Mj\NZ"w*VsL[^ٮ^՝G%.7@ gi_ A#P=!d1 $2XCoa%|]Ϗ N gHSTWk-6i2joک S]`~Ba3gA}eR2Ӟ ( 'f6L`m>e{ئga ?-OYEfR _+Ox qv:݋t23Znu,l f[$$,m1NmhJQQsUQšVc~ 󄀅`|Q|aN#K?LZ2qiz[F рxs/fke!/{+R^k]&_6l~3YqJH)۟>Ƈqʩn?PͨtLzuC#46W*K-!̢\1sټo?ӥb F}̀+PHd묅Sx4jI72 no3:}Lʵ cx{bKzݢsU%PI6-kEEe+eɅP[g" ^tP[d}o5LUトD2^wma QmGo=,8mrT{')de=({VT-$[C؀T./j su*Q%}aB\0|z[9iz'yPe%節y99&;_VCC6ݒ X= \GT!ɢ؝2pf-fփsP+ ,g-i'(j2['RmENs@t#/ ttsKT 0Dܖbi./iE7*KYM+Lm$NUsuW0~*`j[PjE>WծETXnpl&!#'x^^]ˀOQp -.VQ%q-37E$FlL|W4Pn/CdEŴO1|ti/5Kq͙=C׶ϊwJʄ#n }+0 $o?;Wݧ|w*CuCTu)"#}au]ߟiK-f(VZ` _ pAvݹwU" 99U ʦv].H=7C{~S}XYewy `g<6kzC-JJr9#%@aӔR eqQm7sZ=~H= BfHJ9& %Q隇eT_55"XAӸ}M5)}X+ Cϯľ?NzSw:-dЦ\P9-,M ˦".[v[ -+U)ֽW/Èa\hc <ŃH ,Ǽ&J]4Ɏy?2K;KQm0Ax` PpՂ>j<.|q!$mҴ3NOߊ!&˧%Ixy&D|ܡDy'pOeꞫ %J[C dc5T]fEa؏V? 0sK-E?G,hQփyuȸf'nM=zb!Eu#}4aJ,p jR"[Vfgt]Αru? 4 Q'8] Z4tFK2WXc_N)s)&t9?&gX?4~:.ë~x V(߁%2ukzّ%&`¸8PX1c_).,HWǘ^@X`I rzoY>T) N F2'}"уcg1kBӆ\R}'LLu}r@S?G]D糐WvK|왻QC1pA%ίCM jWk՘AЕށԂȊ_|NּUzi"dzgIبʯsZvfX"΅4w1T{pmXa:IlE^V~4T6q+aɸ6>"#~8rhWPQ]T2_9$'$=> Z!U;/qSTX̪$HWG&l=b?UB%ꕗpA^1׊~F5ڄc Wʙ O g>; E'm#:I.-c&<F`}{g-B(!Ib>9.O鼕m˟b6}p|Aew/(tc2G4Jf +QC\|o%g(hû3=ʰ'm1j܉++TDTDmvd\ex҇v|s 7[ee.x >z9v/53733IV u䁔XabcT ĴfC(+q C%<[oX!^v 8aݳ,% ք͈z}6딹7Y&܉׆v˧J)TcuBRpf΀6c{\n0nM!Tt]SZ"BAS[ia!+u:} -By,6G%@:DZj`אC.3JyE@jip iZ%le8F j{E+8U{,|<|m>I$2)pjCʖKUϑ,+\7ZAw]2͝ ߰mzuڠ]pL9"t A|MխvWf^5@+:wf&Oa[{iRק FFVrjt_| MTl|g]`37"ɶ3:;}40Ju{xoHuiߗSSƥ)/x71%ZH*3taxg"WAmic4v6J!ݫ3)<ǴĮuoʼ #9K njs|apG'`rClkh ?R~Jd/-ygoF &hʹˏ>_$.?}9L_!yjHw:- Hw~FY_}$ɛZj3'e%WX :1^$Xvo.""j!]ꅿDGzrCA0^7.Q2 X^=#QBkH,P2vdٴӼgk;Y,zV/D8pJ/^Io\8Y?Fi /dZĂ|vkڊ)}p-)M==<~K]=G@ *ͬ >nku֐V|z9[] d} 5}ɐ1h ߃>#K*WRʝVGKkU^BZշ2{ed}͹E4__ze=8ϱ?qpX:fNhr\gU!|iAM)ȥZ齧fړn8;=~Ƌ:}B[8vHY2ku^A)Lv[ַv S\Oj;û.(biX"Šz]{*za@f$,b ~ gՅW v(̎n \B٘l4 ^ "̍W3];!kK S̩+/nwj\6mwwaKFc6# (Iǃm:@$#LիY SrkzOv|xrS󹻛˔{ 6H,"RĤl=wAgOgC0XaՋխFfCs[Y!ӧγtm}05~ZNIs,sE@ǴKphE~'{8g.6k}-6P7}rny1.n\QQ*,\Jk;}Iy5= 씍Ӗ2|.E3?AmeKTsCU2T#\yB:7Ɓ,CW`^&'<~O b 6in uhn:ꧫFE* ,Uo!xGOj:O&nJKb 1u-4J!U7q mB1-eVhVmE#C3~x^n_un*

Bߒtv$Rk[uAUOz'vŔq@yVnX(Zh34¼ ExMd2(x2i8^AE*Q)<$G(%kw-kׇjI̢v}\leh|7hEɥ+޿ 9p$)P. Q/$#ޚlЇ|Iʀ0\@ ZI܎hl.0e^p!:竌T~b 3jw]bd֍`ۅ[ybW䳭6n)W)!jd?I68Jc6fOon6aji+7Ȍ4vםFe`o!A_c9 VN^ͣY jJ V[p7u w2 N 0?q4LH_nk IN-OP/1>ܜF@ƹiXvmhKn7a kk7 MZj̤s#Oŋw.+ 9Qgi"4Qmdf K)܍eTY 欑b#SX3r_eB̵×fT=t^Po߷W!]JE핤 Rre)a@dylc!Y;Wy Y3y@5@0¾wdVBC>}|k3wy8zo%L4g ~N_ @PJ5J빰]e 궴K6 ܈z Xsf![MP3KSA>RԆy<[]"L dR=Ku7l4t3STM CI!|&Nzsj2ZZS5"14#~uPDŽbzAUg[D")՚%Byȕ胘"D$7A_iFbnpP^e!䴇)S R&z+eV%!m }ܫڈ4TMa6qBK bPѢQqDEJ5a|JĀQ]wB^m@ tTHGUBr;jL qNSΏևs=f{wN$;PizyQtD11!$b~ =Rr$h)DN.b0&^9}rWmҀI9Sy |1V=%A?YqsDyf8mey7/-n \|6p7L9-]xWf|&h)q:|%/iWh}ɤm?܋*>G*1UjĎDzVܪ`h:G Ŧ,?JÔIF4 ޱHU+ա^R"bd~<&sjTZ27g%aƾ#-r2)=k|2hS6԰AL~3Pf?Exix|f.Mf= @8mHsF<1R#[I^Džu'9N.z:1(_Di{Wv]VaM-06(A頍P$'i- zE.u&d8:\͸UfQ#๣EDmZ?Sx1$wNbg]X&VnAwi̝JF(=cxUhJ.zhMJNJX m$bTK1~ ;iwN9T)|ƅ$.?R'Mm_ɲj}\ױu8 i~ MK~,S#8Y_HnǑ/>8`a~ƠEC8qz}FD?HCE ȳ]5齔^2=C I˕e:򣴏=f{z(œDqobzQQ@d𐼣eRQۣ g}C]GO4#܇p\؃H"o5ƵC *hMԴ@⠘!U7 I(^<W͗ QA8Uf)'H P>r踀{ܱ "!]!$CXFs `bP󊴨ɐFyy;cD_({ϯ&q%yݢMi2+[Yb@!i1&d5M1_dt 4>o/3U]\b'w6YWHکiIPшhfF޺FG!߰LpnJÑi޺JBAa<( 6-ag՟5T>*Pzb"TtnTxU>#O}h)U?9;`,"D7|#ڭDl*+pj٪ek[63Yr=[fs+WƉ9`޹/kSVEK\B&i9151<="P.f9))>4}ʄ`$~?4e9I,9I]8RN ;-`@P[}Nª,n׬Bvcz]JFS҈q+m 6.v#pLy'y\Kt o!9tJc)@t -/cZo%m 5 " Ţ2Z,Q߈gͿÆ_}30'q0~ ;)Xw"]PЅzQUˀJc<)t0ge8Ȍu3w3ƥ-QԨ&Õ mg*r1 ) - M']XoƠN% ߯,_įO!: 鉅#!<ťvOiHe\ ;lZ'3,~ ]N" 2$\}?UOg3'ǫ!hp#iQt0[N@ mhC0XP^+Ph\LлGk{u8ߺ,+RS")I y5Q` S-iRӘ5t86 މH2#Xx .O;fV+ bذxCAk:'㵫 &ӚTq+gAN+1F94?݄-ubT .Pt \M4<2߷{D Q2HOKOK͛I2^ЋI 'ޅ~IvCaUvNx;8PmBvd ;O+^6M\R'ؒ{ HM6Я+˥Ya 2:.4ϖ,EK/8Xy`3+m<2& p5kv꧹Ku( aبyVT 6?jOz= s Pg]hxe"IM-\fzC%`C0 X~6WiyH창Ha+h` ŏòc&US-vmBcئ!yI4Pb1A^-߄eGҎϾRzM_k TV;̞DG[EIWjB=O_ 5{3ADkӻ4 ؏9~)A :!!vj:Ck6VXfw}j0Y;*?_p-*R~0ٞ N$k#+ IL @-%0߿NE0bGӝdi~=:z_X  k)"8kt|;WimPRĚF74_9Ó$C-r Z}a'!.Ł3Z{;gE8VVam^}v[g{rX#x !lNDS$ eVS(ʵ#QJ\<ݮ2Rݛ.e C]Z,89>/}Mqna{K6#:X# ٞYc CV|q&}}IWX3)hJjClDUF;^?vòs/Ywޭ !T1 =%oxصaԛi^DN`# jKUXmK-G̫lͦ.j+Tk?N;Lyδ0m<d@Ƨ,i9~U4u*acʈɋ:7c/Pϕ%lšRp*AaΑQ"+ O:̯ܢ\ ָg}?$V ,*Li_&;UϜBk'AyVG ɵV.Y`5\p{bWXX8QQ=iV?d,-'FV]H/#^RF8Q_Qr]n,6DWlgwʐ!1C+毆Jyx5Axήs&yk5B+3- (AS(a\17}ei`r]E~<~'VEIEVLפ;\[2؏yӻt#/[[# 0'n* {,YOIizk^Q^}}e`H g|(WR*{I}% zdQxS" 'L0A,w~<~/l 1'ɵH>YTrSG${SBrOHR[I=!UC$sGMۖyĘu~b^w;x1;==aG41gcarTTb3wmf+'X5+(wuBo% "wXAf 4M^Vա#lS08Vk="ba$&vO\A&³g6Bk7p\wpې MPn\٥7x12<3 =,[LjJLZ ژڔKA-8.882N&A\d0|8HJWMZ<g 2w ?{0x,߇QŃ-V07FˍU~2%O^nvXBG{ºB,߽?^*y[X̍Ja/l̋r FÅ%8F ?" z'ioT=3`a(%^at!=;h[4u B8&w~u[*$qSs\E]_J[΂ s:9!!r/Zx`,\]yE"*9!s&/_a-ҼuB_i-GS{6.`V. 'uuw~wJkP)K6+#8S,#>̴Vm3Xhd)yM:xʦ>ڂق;QzSV1Q$;ycn>&fc*X#@Gw@? xm0X,6Ѧ*ab 0y5\!ާ<ڛ[…r7kȵ,cY^㛲⹸۰~>tWHf흋$;^xc}Q5MJ.eS!"~YtEAv͹: kQ:ϞUf͈:V<~NT3z`CF_>2d+^.9-j "Ԏ}$b!(ezVzA b*J6VH6c[e g{;ֲɛyXXN+v+=5M5.`0q&|d 1o5ݗp={:XT$tbUغrWR~թ r\Wc^s7ԍi\ 4)Ȗ1aAg Gpca:u|ZXVRl/YJx ŵӇ8_pabې^JЄu3U s Tͮ4&&Z U79o[6jHF7Pj] t!j"MXSj_hNX #Dxmn3TXh Qmnf 99Mtu}Bo<D\K [~+W,@i1ٺ Н !>}b ttȑ NnL;E=uTSHd!fbWgkiz }:9U@;t'H0;z8ӹY64<9>0c8~y>I@lfpqRoϖcw10% "dvaSoȗW[eH|j\xd>l9%ǥU\eeY#Vny_ҔîTkHa5gi{B īCyU|8*s欔k!f<^p6.M}ȘN(uYBҋ]b?T_4f LT/iTv;D~ft`-^/O@z;@#*YR6jQ}~'(Ko-wHL9w6L8t4C}NSgP ixZ8{Ix֮T^2q"NGGbV"x<[:vE3[qFFMsA-& 9ڻxխnYWiyf-On/-_6էg`iT[oOYt She޸ø{zR~p]m`#/7C΃0yo8ƽS N-3( n# 3ФsɧA:K,h8ɔmb+ۻDS yQa L$ޔFCfZލdUnUtNR*a:u@e q }żVCT/L@QY9ZvOoxrGo@sy,)HÍJy\DӰG#k<r]1,YaJ1GggDU e:8Pj"7`@!pca~i{K.. 'a]}X>>Xy暯ւq+&돁 U?Cëi人a㲞#tV*]{ΆxsK݌.FO/o#]uBWd$m>ǽ4Xws<.^9>5Ƞ~849Aͦ>