libexpat1-2.4.4-150400.3.17.1<>,dep9|\opH]ȓGdGy+K^̨-X[k D%n2-:HQ#)!K:56;8[rs%Vz?*hO$$.H&@K ~l8ك⒠MPa%!De3¸gX˼1cb^so-8ZRhvҏh:O\o4u@g?gd   3!BF \m     $HP  v (8$90$:$>d~@dFdGdHdIdXdYd\d]e^e$be0cedfYef^ffalfcufxvfwg$xg,yg4zgDgTgXg^gClibexpat12.4.4150400.3.17.1XML Parser ToolkitExpat is an XML parser library written in C. It is a stream-oriented parser in which an application registers handlers for things the parser might find in the XML document (like start tags).enebbioloSUSE Linux Enterprise 15SUSE LLC MIThttps://www.suse.com/System/Librarieshttps://libexpat.github.iolinuxppc64leeee95c4103c4bbba259498e133629576c65a24d647c00fa4914b47d9ac472aa143libexpat.so.1.8.4rootrootrootrootexpat-2.4.4-150400.3.17.1.src.rpmlibexpat.so.1()(64bit)libexpat1libexpat1(ppc-64)@@@    /sbin/ldconfig/sbin/ldconfiglibc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libc.so.6(GLIBC_2.25)(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.3e,eN@cY!@c1@b#Pb~a a@aZ@aɪa7T@`@`@`u`lM@_y@]@]y@]o@]G@\\\-@[@Z }Z }ZY@YYdY[@WW~W=2.4.5] Fix to CVE-2022-25236 breaks biboumi, ClairMeta, jxmlease, libwbxml, openleadr-python, rnv, xmltodict - Added expat-CVE-2022-25236-relax-fix.patch- Security fixes: * (CVE-2022-25236, bsc#1196025) Expat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs - Added expat-CVE-2022-25236.patch * (CVE-2022-25235, bsc#1196026) xmltok_impl.c in Expat before 2.4.5 does not check whether a UTF-8 character is valid in a certain context. - Added expat-CVE-2022-25235.patch * (CVE-2022-25313, bsc#1196168) Stack exhaustion in build_model() via uncontrolled recursion - Added expat-CVE-2022-25313.patch - The fix upstream introduced a regression that was later amended in 2.4.6 version + Added expat-CVE-2022-25313-fix-regression.patch * (CVE-2022-25314, bsc#1196169) Integer overflow in copyString - Added expat-CVE-2022-25314.patch * (CVE-2022-25315, bsc#1196171) Integer overflow in storeRawNames - Added expat-CVE-2022-25315.patch- Update to latest version 2.4.4 in SLE-15-SP4 [jsc#SLE-21253]- update to 2.4.4 (bsc#1195217, bsc#1195054): * Security fixes: - CVE-2022-23852 -- Fix signed integer overflow (undefined behavior) in function XML_GetBuffer that is also called by function XML_Parse internally) for when XML_CONTEXT_BYTES is defined to >0 (which is both common and default). Impact is denial of service or more. - CVE-2022-23990 -- Fix unsigned integer overflow in function doProlog triggered by large content in element type declarations when there is an element declaration handler present (from a prior call to XML_SetElementDeclHandler). Impact is denial of service or more. * Bug fixes: - xmlwf: Fix a memory leak on output file opening error * Other changes: - Version info bumped from 9:3:8 to 9:4:8; see https://verbump.de/ for what these numbers do * Drop unused file valid-xhtml10.png- update to 2.4.3 (bsc#1194251, bsc#1194362, bsc#1194474, bsc#1194476, bsc#1194477, bsc#1194478, bsc#1194479, bsc#1194480): * CVE-2021-45960 -- Fix issues with left shifts by >=29 places resulting in a) realloc acting as free b) realloc allocating too few bytes c) undefined behavior depending on architecture and precise value for XML documents with >=2^27+1 prefixed attributes on a single XML tag a la "" where XML_ParserCreateNS is used to create the parser (which needs argument "-n" when running xmlwf). Impact is denial of service, or more. * CVE-2021-46143 (ZDI-CAN-16157) -- Fix integer overflow on variable m_groupSize in function doProlog leading to realloc acting as free. Impact is denial of service or more. * CVE-2022-22822 to CVE-2022-22827 -- Prevent integer overflows near memory allocation at multiple places. Mitre assigned a dedicated CVE for each involved internal C function: - CVE-2022-22822 for function addBinding - CVE-2022-22823 for function build_model - CVE-2022-22824 for function defineAttribute - CVE-2022-22825 for function lookup - CVE-2022-22826 for function nextScaffoldPart - CVE-2022-22827 for function storeAtts Impact is denial of service or more.- update to 2.4.2: * Link againgst libm for function "isnan" * Include expat_config.h as early as possible * Autotools: Include files with release archives: - buildconf.sh - fuzz/*.c * Autotools: Sync CMake templates * docs: Document that function XML_GetBuffer may return NULL when asking for a buffer of 0 (zero) bytes size * docs: Fix return value docs for both XML_SetBillionLaughsAttackProtection* functions * Version info bumped from 9:1:8 to 9:2:8- Update to 2.4.1 in SLE-15-SP4 [jsc#SLE-21253] * Remove expat-CVE-2018-20843.patch upstream- Update to 2.4.1: * Bug fixes: - Autotools: Fix installed header expat_config.h for multilib systems; regression introduced in 2.4.0 by pull request #486 * Other changes: - Version info bumped from 9:0:8 to 9:1:8; see https://verbump.de/ for what these numbers do- Update to 2.4.0: [CVE-2013-0340 "Billion Laughs"] * Security fixes: - CVE-2013-0340/CWE-776 -- Protect against billion laughs attacks (denial-of-service; flavors targeting CPU time or RAM or both, leveraging general entities or parameter entities or both) by tracking and limiting the input amplification factor ( := ( + ) / ). By conservative default, amplification up to a factor of 100.0 is tolerated and rejection only starts after 8 MiB of output bytes (= + ) have been processed. The fix adds the following to the API: - A new error code XML_ERROR_AMPLIFICATION_LIMIT_BREACH to signals this specific condition. - Two new API functions .. - XML_SetBillionLaughsAttackProtectionMaximumAmplification and - XML_SetBillionLaughsAttackProtectionActivationThreshold .. to further tighten billion laughs protection parameters when desired. Please see file "doc/reference.html" for details. If you ever need to increase the defaults for non-attack XML payload, please file a bug report with libexpat. - Two new XML_FEATURE_* constants .. - that can be queried using the XML_GetFeatureList function, and - that are shown in "xmlwf -v" output. - Two new environment variable switches .. - EXPAT_ACCOUNTING_DEBUG=(0|1|2|3) and - EXPAT_ENTITY_DEBUG=(0|1) .. for runtime debugging of accounting and entity processing. Specific behavior of these values may change in the future. - Two new command line arguments "-a FACTOR" and "-b BYTES" for xmlwf to further tighten billion laughs protection parameters when desired. If you ever need to increase the defaults for non-attack XML payload, please file a bug report with libexpat. * Bug fixes: - For (non-default) compilation with -DEXPAT_MIN_SIZE=ON (CMake) or CPPFLAGS=-DXML_MIN_SIZE (GNU Autotools): Fix segfault for UTF-16 payloads containing CDATA sections. - Autotools: Fix generated CMake files for non-64bit and non-Linux platforms (e.g. macOS and MinGW in particular) that were introduced with release 2.3.0 * Other changes: - xmlwf: Improve help output and the xmlwf man page - xmlwf: Improve maintainability through some refactoring - xmlwf: Fix man page DocBook validity - CMake: Support absolute paths for both CMAKE_INSTALL_LIBDIR and CMAKE_INSTALL_INCLUDEDIR - CMake: Add support for standard variable BUILD_SHARED_LIBS - Unexpose symbol _INTERNAL_trim_to_complete_utf8_characters - Resolve macro HAVE_EXPAT_CONFIG_H - Delete unused legacy helper file "conftools/PrintPath" - doc/reference.html: Fix XHTML validity - doc/reference.html: Replace the 90s look by OK.css - Version info bumped from 8:0:7 to 9:0:8 due to addition of new symbols and error codes; see https://verbump.de/ for what these numbers do- Do not BuildRequire cmake: expat is part of the distro bootstrap cycle and any additional dependency makes the ring larger. In this case here, cmake was even only used to own a directory.- update to 2.3.0: * When calling XML_ParseBuffer without a prior successful call to XML_GetBuffer as a user, no longer trigger undefined behavior (by adding an integer to a NULL pointer) but rather return XML_STATUS_ERROR and set the error code to (new) code XML_ERROR_NO_BUFFER. Found by UBSan (UndefinedBehaviorSanitizer) of Clang 11 (but not Clang 9). * xmlwf: Exit status 2 was used for both: - malformed input files (documented) and - invalid command-line arguments (undocumented). case of invalid command-line arguments now has its own exit status 4, resolving the ambiguity. * Other changes- Update to 2.2.10: * Bug fixes: - Fix undefined behavior during parsing caused by pointer arithmetic with NULL pointers - Fix reading uninitialized variable during parsing - xmlwf: Add missing check for malloc NULL return * Other changes: - xmlwf: Document exit codes in xmlwf manpage and exit with code 3 (rather than code 1) for output errors when used with "-d DIRECTORY" - Autotools: Use -Werror while configure tests the compiler for supported compile flags to avoid false positives - Autotools: Improve handling of user (C|CPP|CXX|LD)FLAGS, e.g. ensure that they have the last word over flags added while running ./configure - CMake: Create libexpatw.{dll,so} and expatw.pc (with emphasis on suffix "w") with -DEXPAT_CHAR_TYPE=(ushort|wchar_t) - CMake: Detect and deny unsupported build combinations involving -DEXPAT_CHAR_TYPE=(ushort|wchar_t) - CMake: Install pre-compiled shipped xmlwf.1 manpage in case of -DEXPAT_BUILD_DOCS=OFF - CMake: Fix use of Expat by means of add_subdirectory - CMake: Keep expat target name constant at "expat" (i.e. refrain from using the target name to control build artifact filenames) - CMake: Expose man page compilation as target "xmlwf-manpage" - CMake: Introduce option EXPAT_BUILD_PKGCONFIG to control generation of pkg-config file "expat.pc" - CMake: Add minimalistic support for building binary packages with CMake target "package"; based on CPack - CMake: Add option -DEXPAT_OSSFUZZ_BUILD=(ON|OFF) with default OFF to build fuzzer code against OSS-Fuzz and related environment variable LIB_FUZZING_ENGINE - Fix testsuite for -DEXPAT_DTD=OFF and -DEXPAT_NS=OFF - Address compiler warnings - Address pngcheck warnings with doc/*.png images: Version info bumped from 7:11:6 to 7:12:6- Version update to 2.2.9 * Other changes: - examples: Drop executable bits from elements.c [#349] Windows: Change the name of the Windows DLLs from expat*.dll to libexpat*.dll once more (regression from 2.2.8, first fixed in 1.95.3, issue #61 on SourceForge today, was issue #432456 back then); needs a fix due case-insensitive file systems on Windows and the fact that Perl's XML::Parser::Expat compiles into Expat.dll. [#347] Windows: Only define _CRT_RAND_S if not defined Version info bumped from 7:10:6 to 7:11:6- Version update to 2.2.8 * Security fixes: (CVE-2019-15903, bsc#1149429) - CVE-2019-15903 -- Fix heap overflow triggered by XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber), and deny internal entities closing the doctype; * Bug fixes: - Fix cases where XML_StopParser did not have any effect when called from inside of an end element handler - xmlwf: Fix exit code for operation without "-d DIRECTORY"; previously, only "-d DIRECTORY" would give you a proper exit code: Now both cases return exit code 2. * Other changes: - examples: Improve elements.c - Autotools: Add argument --enable-xml-attr-info - Autotools: Add arguments --with-getrandom --without-getrandom --with-sys-getrandom --without-sys-getrandom - Autotools: Fix linking issues with "./configure LD=clang" - Autotools: Fix "make run-xmltest" for out-of-source builds - CMake: Pull all options from Expat <=2.2.7 into namespace - CMake: Add argument -DEXPAT_ATTR_INFO=(ON|OFF), default OFF - CMake: Add argument -DEXPAT_LARGE_SIZE=(ON|OFF), default OFF - CMake: Add argument -DEXPAT_MIN_SIZE=(ON|OFF), default OFF - CMake: Add arguments -DEXPAT_WITH_GETRANDOM=(ON|OFF|AUTO), default AUTO - CMake: Add arguments -DEXPAT_WITH_SYS_GETRANDOM=(ON|OFF|AUTO), default AUTO - CMake: Install expat_config.h to include directory - CMake: Generate and install configuration files for future find_package(expat [..] CONFIG [..]) - CMake: Now produces a summary of applied configuration - CMake: Require C++ compiler only when tests are enabled - CMake: Fix compilation for 16bit character types, i.e. ex -DXML_UNICODE=ON (and ex -DXML_UNICODE_WCHAR_T=ON) - CMake: Port "make run-xmltest" from GNU Autotools to CMake - CMake: Integrate OSS-Fuzz fuzzers, option -DEXPAT_BUILD_FUZZERS=(ON|OFF), default OFF - Removed patches fixed in the update: * expat-CVE-2019-15903.patch * expat-CVE-2019-15903-tests.patch- Security fix (CVE-2019-15903, bsc#1149429) * Crafted XML input results in heap-based buffer over-read by fooling the parser into changing from DTD parsing to document parsing * Added patches: - expat-CVE-2019-15903.patch - expat-CVE-2019-15903-tests.patch- Version update to 2.2.7 (CVE-2018-20843, bsc#1139937) * Security fixes: - CVE-2018-20843 - Fix extraction of namespace prefixes from XML names; XML names with multiple colons could end up in the wrong namespace, and take a high amount of RAM and CPU resources while processing, opening the door to use for denial-of-service attacks * Other changes: - Autotools/CMake: Utilize -fvisibility=hidden to stop exporting non-API symbols - Autotools: Add --without-examples and --without-tests - Autotools: Modernize configure.ac - Autotools: Fix check for -fvisibility=hidden for Clang - Autotools: Fix compilation for lack of docbook2x-man - CMake: Make libdir of pkgconfig expat.pc support multilib - CMake: Build man page in PROJECT_BINARY_DIR not _SOURCE_DIR - Remove fallback to bcopy, assume that memmove(3) exists - Removed expat-2.2.6-fix-make-clean.patch- Add expat-2.2.6-fix-make-clean.patch - Allow profile guided optimization again- Drop docbook2x dependency, the manpages are generated in the upstream archive and this way we break buildcycle- Version update to 2.2.6 Sun August 12 2018 * Bug fixes: - Avoid doing arithmetic with NULL pointers in XML_GetBuffer - Fix 2.2.5 regression with suspend-resume while parsing a document like '' * Other changes: - Autotools: Fix docbook-related configure syntax error - Autotools: Avoid grep option `-q` for Solaris - Autotools: Support ./configure DOCBOOK_TO_MAN="xmlto man --skip-validation" - Autotools: Support DOCBOOK_TO_MAN command which produces xmlwf.1 rather than XMLWF.1; also covers case insensitive file systems - Autotools: Drop -rpath option passed to libtool - Autotools: Detect and deny SGML docbook2man as ours is XML - Autotools/CMake: Support command db2x_docbook2man as well - CMake: Introduce option WARNINGS_AS_ERRORS, defaults to OFF - CMake: Introduce option MSVC_USE_STATIC_CRT, defaults to OFF - CMake: Introduce option XML_UNICODE and XML_UNICODE_WCHAR_T, both defaulting to OFF - CMake: Prefer check_symbol_exists over check_function_exists - CMake: Create the same pkg-config file as with GNU Autotools - CMake: Use GNUInstallDirs module to set proper defaults for install directories - CMake: Utilize expat_config.h.cmake for XML_DEV_URANDOM - Address compiler warnings - Fix miscellaneous typos- Expand description of expat-devel.- Do not generate manpages from docbook - Temporarily disable profiling due to bug in build system- Version update to 2.2.5 Tue October 31 2017 * Bug fixes: - If the parser runs out of memory, make sure its internal state reflects the memory it actually has, not the memory it wanted to have. - The default handler wasn't being called when it should for a SYSTEM or PUBLIC doctype if an entity declaration handler was registered. - Fix a case of mistakenly reported parsing success where XML_StopParser was called from an element handler - Function XML_ErrorString was returning NULL rather than a message for code XML_ERROR_INVALID_ARGUMENT introduced with release 2.2.1 * Other changes: - Add argument -N adding notation declarations - various compiler-specific fixes - Improve docbook2x-man detection - drop expat-docbook.patch * fixed in 0f5186c7b8e503c669e332d944712de010b265f3 - switch to github for release tarballs and website- Version update to 2.2.4 Sat August 19 2017 * Bug fixes: [#115] Fix copying of partial characters for UTF-8 input * Other changes: [#109] Fix "make check" for non-x86 architectures that default to unsigned type char (-128..127 rather than 0..255) [#109] coverage.sh: Cover -funsigned-char Autotools: Introduce --without-xmlwf argument [#65] Autotools: Replace handwritten Makefile with GNU Automake [#43] CMake: Auto-detect high quality entropy extractors, add new option USE_libbsd=ON to use arc4random_buf of libbsd [#74] CMake: Add -fno-strict-aliasing only where supported [#114] CMake: Always honor manually set BUILD_* options [#114] CMake: Compile man page if docbook2x-man is available, only [#117] Include file tests/xmltest.log.expected in source tarball (required for "make run-xmltest") [#111] Fix some typos in documentation Version info bumped from 7:5:6 to 7:6:6 - Release 2.2.3 Wed August 2 2017 * Bug fixes: [#85] Fix a dangling pointer issue related to realloc * Other changes: [#91] Linux: Allow getrandom to fail if nonblocking pool has not yet been initialized and read /dev/urandom then, instead. This is in line with what recent Python does. [#86] Check that a UTF-16 encoding in an XML declaration has the right endianness [#4] #5 #7 Recover correctly when some reallocations fail Repair "./configure && make" for systems without any provider of high quality entropy and try reading /dev/urandom on those Ensure that user-defined character encodings have converter functions when they are needed Fix mis-leading description of argument -c in xmlwf.1 Rely on macro HAVE_ARC4RANDOM_BUF (rather than __CloudABI__) for CloudABI [#100] Fix use of SIPHASH_MAIN in siphash.h [#23] Test suite: Fix memory leaks Version info bumped from 7:4:6 to 7:5:6 - Release 2.2.2 Wed July 12 2017 * Security fixes: [#43] Protect against compilation without any source of high quality entropy enabled, e.g. with CMake build system; * [MOX-006] Fix non-NULL parser parameter validation in XML_Parse; resulted in NULL dereference, previously; * Bug fixes: [#69] Fix improper use of unsigned long long integer literals * Other changes: [#73] Start requiring a C99 compiler [#49] Fix "==" Bashism in configure script [#58] Address compile warnings [#68] Fix "./buildconf.sh && ./configure" for some versions of Dash for /bin/sh [#72] CMake: Ease use of Expat in context of a parent project with multiple CMakeLists.txt files [#72] CMake: Resolve mistaken executable permissions [#76] Address compile warning with -DNDEBUG (not recommended!) [#77] Address compile warning about macro redefinition * Added patch expat-docbook.patch to compile the man pages with docbook-to-man * Cleaned spec file with spec-cleaner- Allow building when do_profiling is undefined- Build with profiling when possible- Version update to 2.2.1 Sat June 17 2017 - Security fixes: CVE-2017-9233 / bsc#1047236 -- External entity infinite loop DoS Details: https://libexpat.github.io/doc/cve-2017-9233/ Commit c4bf96bb51dd2a1b0e185374362ee136fe2c9d7f - [MOX-002] CVE-2016-9063 / bsc#1047240 -- Detect integer overflow; (Fixed version of existing downstream patches!) - (SF.net) #539 Fix regression from fix to CVE-2016-0718 cutting off longer tag names; [#25] More integer overflow detection (function poolGrow); - [MOX-002] Detect overflow from len=INT_MAX call to XML_Parse; - [MOX-005] #30 Use high quality entropy for hash initialization: * arc4random_buf on BSD, systems with libbsd (when configured with --with-libbsd), CloudABI * RtlGenRandom on Windows XP / Server 2003 and later * getrandom on Linux 3.17+ In a way, that's still part of CVE-2016-5300. https://github.com/libexpat/libexpat/pull/30/commits - [MOX-005] For the low quality entropy extraction fallback code, the parser instance address can no longer leak, - [MOX-003] Prevent use of uninitialised variable; commit - [MOX-004] a4dc944f37b664a3ca7199c624a98ee37babdb4b Add missing parameter validation to public API functions and dedicated error code XML_ERROR_INVALID_ARGUMENT: - [MOX-006] * NULL checks; commits * Negative length (XML_Parse); commit - [MOX-002] 70db8d2538a10f4c022655d6895e4c3e78692e7f - [MOX-001] #35 Change hash algorithm to William Ahern's version of SipHash to go further with fixing CVE-2012-0876. https://github.com/libexpat/libexpat/pull/39/commits - Bug fixes: [#32] Fix sharing of hash salt across parsers; relevant where XML_ExternalEntityParserCreate is called prior to XML_Parse, in particular (e.g. FBReader) [#28] xmlwf: Auto-disable use of memory-mapping (and parsing as a single chunk) for files larger than ~1 GB (2^30 bytes) rather than failing with error "out of memory" [#3] Fix double free after malloc failure in DTD code; commit 7ae9c3d3af433cd4defe95234eae7dc8ed15637f [#17] Fix memory leak on parser error for unbound XML attribute prefix with new namespaces defined in the same tag; found by Google's OSS-Fuzz; commits xmlwf on Windows: Add missing calls to CloseHandle - New features: [#30] Introduced environment switch EXPAT_ENTROPY_DEBUG=1 for runtime debugging of entropy extraction Bump version info from 7:2:6 to 7:3:6- Remove pointless --with-pic (for static only)- Version update to 2.2.0: * Fixes bnc#983215 CVE-2012-6702 * Fixes bnc#983216 CVE-2016-5300 * Various cmake and autotools script updates * Fix detection of utf8 character boundaries - Remove all patches merged upstream: * expat-2.1.1-avoid_relying_on_undef_behaviour.patch * expat-2.1.1-parser_crashes_on_malformed_input.patch * expat-alloc-size.patch * expat-visibility.patch- add expat-2.1.1-avoid_relying_on_undef_behaviour.patch to avoid relying on undefined behavior in the original CVE-2015-1283 fix [bnc#980391], [bnc#983985], [CVE-2016-4472] - add expat-2.1.1-parser_crashes_on_malformed_input.patch to fix Expat XML parser that mishandles certain kinds of malformed input documents [bnc#979441], [CVE-2016-0718] - use spec-cleaner to clean specfile- After simplification of expat-visibility.patch, it became uneffective as no symbols are getting hidden. add - fvisibility=hidden to CFLAGS again. - expat-alloc-size.patch: fix braino, realloc()-like functions should not take __attribute__(malloc)- Update to version 2.1.1 * Fixes CVE-2015-1283 — Multiple integer overflows in the XML_GetBuffer function * Fix potential null pointer dereference * Symbol XML_SetHashSalt was not exported * Output of xmlwf -h was incomplete * Document behavior of calling XML_SetHashSalt with salt 0 * Minor improvements to man page xmlwf(1) - Simplify expat-visibility.patch, refresh expat-alloc-size.patch - Drop config-guess-sub-update.patch, fixed upstream.- Cleanup spec file with spec-cleaner - Remove old ppc obsoletes/provides/sbin/ldconfig/sbin/ldconfignebbiolo 17107499452.4.4-150400.3.17.12.4.4-150400.3.17.1libexpat.so.1libexpat.so.1.8.4/usr/lib64/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:32868/SUSE_SLE-15-SP4_Update/25076609447c9113fea917c2cb786238-expat.SUSE_SLE-15-SP4_Updatedrpmxz5ppc64le-suse-linuxELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, BuildID[sha1]=a00766d4d027873e4a95fa8158a55e6db3ea5da4, strippedPRRR)!Z@utf-82c2c3f9920ab8acf04d0a1bdac49307fcb804e2e70ae53c8edaaa59136e8d468?7zXZ !t/fBH]"k%{U}dtb3z,n褖ksi;-0m{h_+62#;gtSlc{dBbOSy( n ]V@RNe+x[q>LCo"}T8n/x RIw@W _@1H}R)A o^OfǑ")0Qڡ &ۀ- rfFH/zkNmwՔ\}2-/ l~ArAD^l>orΔN,W  &1i M6ӈ'MtOsLz'T9sdqN}Sa } zMvo iHzDŊzi. ̏ *OޯFl?ѯUC#VZ믝pԚD!VJM J~yq0+Rn(rٜD{EH{",&+ XS@IL_ ,} YKdHJ|7sK֕jO*\#:g|1Öv9nU "\^x.=\Q˖~]ulp&Ī$>H?h6x rx;(AUWEށ}տD(զnudn+LhmR9 Z/IFFxsBE0ycs()eZǰ>pګ #>xM_lmj֠/潳NހV%mu2ӯ,b8 z{M( %dt%*d$i|4M$ז,F-fKڐm#&MOԜB‰e(а4)WJj_(WREeۭ6o8^ 4#*VZ :AzFz:z~7O.)Z.~TtTn &ghfX.䢷N>=[jh!HkYV ،7i]TՌPf8%Kgz$PH$"f^_ F 04~VgFF_RRU>Bi?qu%-9e_ @I^׷_ɉ@VePR4%׾T e5ek6YeX3{Ui+"t|z0lK;pdQQ\5&P J>!r]z9Ec/ ǹ0:nz~F#frE33U]z*.I۝D^UvhN7zʶhOJ:T;uk@FlT/*- =~Ρ+y{e[z&#*iNUkšIG[BU0% 5zrAeԝ'гw a7ݲB 7G37W5^+3]%i1|].o'hp!;epG`^I]7A3p**1xn3,{߷ yЛEwGX1BXNi(g|zUf̀d0uGt ^*\0sQLo| (yE7q8R(&g`f/C&iD)@wڍVYYocSW_G/~c93H:(Vkr信&_>E4cL+ e]BJ5uΫE^EM'6tpt;:NITBq?sS2݌ l@Z2VGSYE1Տ]vNy(>ެ>tT(3lh"՗L q-&j_  ~nǶl׹W3ek!E 4$"Y|!eP Zw?r2?-,?rZ]q m<ǸʵP@ݲSP%6*@ w޼9~2Sqe;cr땳݃PXdp'II=Uj9 {7ҥKkpV+pګYfIo#)r Ƨ?bA4KRt LLN cu!}rMո7w~9ρN=Ytb[$i"EQϤj#FNs]GGBӁ7Z_)87ar-5- k=? 9Rl\/uW# q芗S90< h.9IJG_c۫@TČXeC M"ˣ7ffVZ{p HL-}MqsgOϷHXa9 ¡nJ:zNe2hI]>f>*~"K=3j6-wanbfqj2u'֛+eX.bí[wCiIZՅhr#ثYʆiv" gMJqcBMqi9rdh(Z(A9 xkR+A7:LGnnX]p RP|F980Oec\*Cs^ѐvo{R͞{.!KQ :S 4½͠Rج8U[~k8PW5`{@:g8 +Id?e(aMw N0[fU oOYmui*kd Pq0N' { aB A\k@6r3zm&wD&LS3'StVX8P93nNze%]j4Fl+if!3[@i!4s,{[f®_g[a}JS*ۘcs+5wxAx=0獯Sb2JXD` ^VA\~373i&XT%oU:5Y9aHpkW^:}59 ί.$B +aB֙(!f *X^Qj]効(e d~QiҘBPK"%%L$&,YOō3Hxbjԅꡁ^T~ ;G)dO+S!%c%kwD6tcxפkf;iOamd~k?L#ѺRTDUDSجUARWy#.3DwSOZє:RT́Z&HF38T<^KW݌q^rLjjI"L~DXbN`fR` q eY>OSŭ(w1cVgY"R #'6粲SȖlfqZj ٙ@pR[aŖ$i,Hr$qA@HORjfNL,xa!=Y*>4R %c_vĿ/"K厼{{Co⮣a ;X;<( ӑ5&co94yn4E"\+F:l֑e^'Um#_"҇8PFo2)K`ZvAܧhXBHóc H& !gJl,Du邫BiAK ,ALW#n]P"TE^:M'1%Xhҧ$U!w;K.˔ay`bL.>lw!"Rause͹v\|$0ӣl:\5;#ob\/-$.n2ȯY4@nXzCI)ftʨba#1QɲjX"2u˨β7#3qK #t)FSC B*FN4LD}(db1?HѶ\*Dǵ˨KBj9ןUϕYoCV10[?T1ea2HkfLU @U젝jrQJw{|ZB41+j{zz=*56^KNK9)F BV= @팚KP}ږӎ¢"%(V||/ zS4,)S$BS#lvH}iZ: ^Ii ~ȉ~ʆI-m_ždS?\rU>CGc!d`T~&kIp-iuU>H~z]0+W\DhNjyw2|&\MX|?ms?80I;Y(i_0ƏL"Я♬H+#:xs߀#1=f,_+e , PhYyrdP2YIU̐%M#VuX`%3W^洅>R8m=s8M^rQ`X7ýUvIḍ.?D5'h2-"&pWeZm2fVisKG:MTG->dS!hDdMIjiB2]VE#P!MoNK? gk<c*2Z#P3Y*Hqe jL^b!l{1+ɄH@ZcL?}:hM2LڃӲ8}l5ξPE+6&iUέMBwi$Z,#?c%" }`^hSp)AJ"Rl31'NYJtWbèk(|o&H, ( x > [1(cA>N_2!]w;!t 1c`7jA c&! "6R^Bz%r3pu9$\ B,4*0N֧n b:س^T+e3v`sAL9rp^Z/{`aˊI*اf% aw'4w Cˑc!&q,3P (/?c= t!. =ڇ!͔ϼP1U=~y[<A~U89`a %}.P|i_׿ Ll }_l6Ft,.is+lPݧN4T1]t3+w 4#w'?C QW&٦ ġ6%/Zx'뙶Id6|v$aA"]x:7h`%V?:XU&ؓ\S |6)'g=RqvLr_Ӡ<~Y׌]G$b)g_(!`` NU $>jW۾Ξ8TW0` s!g6$v1f"A<U|^Zx;}}HW>0h %M@t/*ŤidVL " ShDJx/ࣈV Ofj}*Q|Xd+{ 7Ky|W'EʩNuc@gLsHY]i~c8R>*탢d82-Ք@ ޣjc6O{dDkKѧP+o]p,x쇚Ji<z.S AՍm`\=s%IL2~ Ku/(y@g6٬9zzYjdQ8>b!afN_)L-"=H*hm,'AeL,%UmU z}:_l2괣쳣"gwh x'֨75oa,- "ibFOlOI= 1s>MŘ3]~.ֳ^LJ]_e'V!wZ3s ~p_}r> Չ [/Wea6ڄTz/G7qvFj$I[IQ-Y*p* e8 JGrZT䭳|@[h.!XnMPÜ%OC>~9s%-ζ5GU]olNEށpﮎ2~&BC=--/u/ x;U9|Ŷz_J0U,ek>T*0{yBl)3<8 %<]sOtBB׋ZzKoɴnl4.1kYͤs d@c=N,DZ4#[gyyª-xo`oˤR)֭6IњAY׆܆HZJ[ᄷ{; 2dJ ]L&PRZ[R\F~KV?<Aua}Дu(Hd(Mb=!͈<倐,ߕϪOYDj#]! Ympb= wcwr3Co!%o\됛KH3\I+`D!V;P^D0Yx`~c= ?<Cʕ7uBLQ~3Q#E''"^Pp|RKx01a<2M >#Zz8UoǼY_X%rcPq\6s\ƒ7LT_D'myԩU<Ǹ 8!RCVy xK"OA) a]LPW?s:anp STǭL20j Xu5Vo'ҰSV[~(_$ɣSLAϭI $ 쀋@ ed[pߗ'짥-Bk,h*?%8TdLk,PA1/^PkrQ29U'hWY)f@)MjR[!hrlrТLBhH CcF7*.w8Hn=(dIAhX`$ W?+bBߊ^u3N0M,딊yF@~nZ R{Zb~s.Bhᘴ! d#uYGsGLŃX39C,!p%B#)ɡC -O?t*ΓJъL e L`@1Sb0I-T,bMJJTnlY}[rz~?! =6>I@|tm-=#䅾ZO F7۞ʗ⧄oқ𭰦*^k0hx o ڱBcdHdT87 ):CG|dxfS9D"Ba0 /=wkKCI< k`?!esMMzk82HQ! .VV"KS4a4 a%$b8iNsʪ7/؀gFֹQ܏Nwx\GEHLe_f{8v2xm)VY~dA]]H$NJ $/3P։N3Y:yċI>1Ҽ]zvNsҜ"#Vi*F!Aw~kfyTgL3*eS\'S`v]DfW%6GŻBt16GI٤F?UJ$d}8nl[zԐkk%aB2 ]]>{_pX`ڜ@gY k^N(F]wT]t GbO,k) r܌S{-J1gߏ װ57qY+ XFFH:RK[6!%#"bbflǁA-v^\5 =5"!؋4ԼdÓ1i3s%RBO#52|YT\]zM]GJ/#/[iUvR#ɫC7-l;c~r[2T8„cA/w_*!XnTܤWQЮĂ@~}-.%!zd'rI HaP.r?޾j~3RlF+&ea4r(Z۽=O&!Z!yO&%A"w{%[Zv6P%7[e1Z-jnt]g9'KHZ4S&wX).`Po[IFEÜcJڏmT:/ߗ2,Ad$brq>ϐ u##7gtX8Dt*&¸2ؼ3 CH0*;ֽoW]$5L3&uL  A z6 NHHba7ߋshrfhcĹ0=j/}cQSLh( +v%\O:G^4C$n%K5bqSZBE:M$nX?kȲJV%bct|`3d1#x+m)|ISa;Mb ӠkјK!8CMl 8@o_TDm:'߱, R(^_^)ٍW  w5ĶCۗEȎv;M4],Z~[DϢv`Y+>2!B1.b#gPC}vߌ)磂b5X50+<}/ѐ#&]ֵKpW$D=cἒ:(N3]S3ˁU&046b[ ASCyQIM*Pl%_XvM*_ҚG!PX6&4{Q6nl%``g0 Ra fu_kpqduOa8f=??;2|"<.򚯝eڠoiR͡S>XQ8u ,iLUf:T}lJEZhn=b*ERWqjS5Zstؼ 7!kȿl5 e'&3m+1|/WJ:GqߚĐ'웳a*}|u\H3b"qXh6H}3dž(& r'Lvf+^?Y1<G?[.%хna:,XS3[Kb'˾E N/ľ\:l@ &}+$Tuc-K䛑StDێ<ڶ\'eUhZi-(I!D"l.';N4dMOOOrE MC<D.)445na$*IdXFT[MI㗠a((By7)Eغ*Xdp.9b}TX%+tvlzMz1sNkTv1@:.w 8'b t˽~77'7A.c)=.Vݱ!ؚ_< VQV6Y0Ng'^w]X MnqzwT-=3>weTQud`H 0xbJl@WވMvS`5P{f3PЛn9bI/02mA9Wr\hh'4\iQ%mb:W-(0Ye8h+ mx A.V7ע~_G;?ɣTSF޻!slqDJk:vH؟ZLdnX)y>"1=S @hc33D} 9<H:ydJ$Rúx8]:-+G$>놪% pdHL :7=n\aq7W ;bm6ky71Z^Y K {ZXo_%{tZѪuoviTѺPK~oӤgF0ah8  -߲]q}MaC˶+6wTb]WƥQl+by>[zg}([n5/'#|і|XhhEu ̀?Qr2YzVI S`)= 7)ƀZSWx:{њMMhV4 'Z<78CYxIV1)_D}p*Ӂ|c;K/nsTs6b.:Or5a 9\0ʶXZm+cEyCȡ뙮'NۼV.ytCٟ> 2a].L"C :.,C@Wyl/8$?$BabZOwm:)RoFBԸ2q3.lȏJS ɍJH[ ѹDzӈZqo٭`j--Usg2;#i4®"1o`Cj"Y` cuκ:ep]9Q>c)Z"yXSBVá8c =`&@3:><9[!(ObL\iO=&~*خlˈX6bf}w@C$ݱψ=s-pNZ(䓌G2*C