libssh2-1-1.11.0-150000.4.22.1<>,ep9|[.NJMȽCfTuRɠ$vE0)Ǒ.욦Q> mQTu 풹r0L23Q >Έs,/R26AFʐ=>DO2r Mr#fʻM 579\ڟܭ/g%iP$lA2g17;áCW1GߧjO -'>>4hU-v`qFs/M 峪,r p]i>@I?Id  ! J ,0Ijw     . @HR\(89:g>F@FFFGFHFIGXGYG\G<]GD^GbbGncHdHeHfHlHuHvHwILxITyI\ zIIIIIClibssh2-11.11.0150000.4.22.1A library implementing the SSH2 protocollibssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS, SECSH-USERAUTH, SECSH-CONNECTION, SECSH-ARCH, SECSH-FILEXFER, SECSH-DHGEX, SECSH-NUMBERS, and SECSH-PUBLICKEY.eh01-ch3bpSUSE Linux Enterprise 15SUSE LLC BSD-3-Clausehttps://www.suse.com/Development/Libraries/C and C++https://www.libssh2.org/linuxx86_64pee6af9b5b58006f87555af3f2cae917bc74e7240cf023cf705de4fbb22d905ceedlibssh2.so.1.0.1rootrootrootrootlibssh2_org-1.11.0-150000.4.22.1.src.rpmlibssh2-1libssh2-1(x86-64)libssh2.so.1()(64bit)@@@@@@@@@@    /sbin/ldconfig/sbin/ldconfiglibc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.25)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libcrypto.so.1.1()(64bit)libcrypto.so.1.1(OPENSSL_1_1_0)(64bit)libz.so.1()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.1ee;d@daA@_@_G@]@\\@\MZ]@YTYA%@VIUzU.@otto.hollmann@suse.compmonreal@suse.compmonreal@suse.compmonreal@suse.comdavid.anes@suse.compmonreal@suse.comdimstar@opensuse.orgpmonrealgonzalez@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.compmonrealgonzalez@suse.comdimstar@opensuse.orgjengelh@inai.detchvatal@suse.comvcizek@suse.comvcizek@suse.comvcizek@suse.com- Security fix: [bsc#1218127, CVE-2023-48795] * Add 'strict KEX' to fix CVE-2023-48795 "Terrapin Attack" * Add libssh2_org-CVE-2023-48795.patch- Upgrade to version 1.11.0 in SLE-15: [jsc#PED-7040] * Add the keyring file: libssh2_org.keyring * Rebase libssh2-ocloexec.patch * Remove libssh2_org-CVE-2020-22218.patch- Security fix: [bsc#1214527, CVE-2020-22218] * The function _libssh2_packet_add() allows to access out of bounds memory. * Add libssh2_org-CVE-2020-22218.patch- Update to 1.11.0: * Enhancements and bugfixes - Adds support for encrypt-then-mac (ETM) MACs - Adds support for AES-GCM crypto protocols - Adds support for sk-ecdsa-sha2-nistp256 and sk-ssh-ed25519 keys - Adds support for RSA certificate authentication - Adds FIDO support with *_sk() functions - Adds RSA-SHA2 key upgrading to OpenSSL, WinCNG, mbedTLS, OS400 backends - Adds Agent Forwarding and libssh2_agent_sign() - Adds support for Channel Signal message libssh2_channel_signal_ex() - Adds support to get the user auth banner message libssh2_userauth_banner() - Adds LIBSSH2_NO_{MD5, HMAC_RIPEMD, DSA, RSA, RSA_SHA1, ECDSA, ED25519, AES_CBC, AES_CTR, BLOWFISH, RC4, CAST, 3DES} options - Adds direct stream UNIX sockets with libssh2_channel_direct_streamlocal_ex() - Adds wolfSSL support to CMake file - Adds mbedTLS 3.x support - Adds LibreSSL 3.5 support - Adds support for CMake "unity" builds - Adds CMake support for building shared and static libs in a single pass - Adds symbol hiding support to CMake - Adds support for libssh2.rc for all build tools - Adds .zip, .tar.xz and .tar.bz2 release tarballs - Enables ed25519 key support for LibreSSL 3.7.0 or higher - Improves OpenSSL 1.1 and 3 compatibility - Now requires OpenSSL 1.0.2 or newer - Now requires CMake 3.1 or newer - SFTP: Adds libssh2_sftp_open_ex_r() and libssh2_sftp_open_r() extended APIs - SFTP: No longer has a packet limit when reading a directory - SFTP: now parses attribute extensions if they exist - SFTP: no longer will busy loop if SFTP fails to initialize - SFTP: now clear various errors as expected - SFTP: no longer skips files if the line buffer is too small - SCP: add option to not quote paths - SCP: Enables 64-bit offset support unconditionally - Now skips leading \r and \n characters in banner_receive() - Enables secure memory zeroing with all build tools on all platforms - No longer logs SSH_MSG_REQUEST_FAILURE packets from keepalive - Speed up base64 encoding by 7x - Assert if there is an attempt to write a value that is too large - WinCNG: fix memory leak in _libssh2_dh_secret() - Added protection against possible null pointer dereferences - Agent now handles overly large comment lengths - Now ensure KEX replies don't include extra bytes - Fixed possible buffer overflow when receiving SSH_MSG_USERAUTH_BANNER - Fixed possible buffer overflow in keyboard interactive code path - Fixed overlapping memcpy() - Fixed Windows UWP builds - Fixed DLL import name - Renamed local RANDOM_PADDING macro to avoid unexpected define on Windows - Support for building with gcc versions older than 8 - Improvements to CMake, Makefile, NMakefile, GNUmakefile, autoreconf files - Restores ANSI C89 compliance - Enabled new compiler warnings and fixed/silenced them - Improved error messages - Now uses CIFuzz - Numerous minor code improvements - Improvements to CI builds - Improvements to unit tests - Improvements to doc files - Improvements to example files - Removed "old gex" build option - Removed no-encryption/no-mac builds - Removed support for NetWare and Watcom wmake build files * Rebase libssh2-ocloexec.patch- Bump to version 1.10.0 Enhancements and bugfixes: * support ECDSA certificate authentication * fix detailed _libssh2_error being overwritten by generic errors * unified error handling * fix _libssh2_random() silently discarding errors * don't error if using keys without RSA * avoid OpenSSL latent error in FIPS mode * fix EVP_Cipher interface change in openssl 3 * fix potential overwrite of buffer when reading stdout of command * use string_buf in ecdh_sha2_nistp() to avoid attempting to parse malformed data * correct a typo which may lead to stack overflow * fix random big number generation to match openssl * added key exchange group16-sha512 and group18-sha512. * add support for an OSS Fuzzer fuzzing target * adds support for ECDSA for both key exchange and host key algorithms * clean up curve25519 code * update the min, preferred and max DH group values based on RFC 8270. * changed type of LIBSSH2_FX_* constants to unsigned long * added diffie-hellman-group14-sha256 kex * fix for use of uninitialized aes_ctr_cipher.key_len when using HAVE_OPAQUE_STRUCTS, regression * fixes memory leaks and use after free AES EVP_CIPHER contexts when using OpenSSL 1.0.x. * fixes crash with delayed compression option using Bitvise server. * adds support for PKIX key reading * use new API to parse data in packet_x11_open() for better bounds checking. * double the static buffer size when reading and writing known hosts * improved bounds checking in packet_queue_listener * improve message parsing (CVE-2019-17498) * improve bounds checking in kex_agree_methods() * adding SSH agent forwarding. * fix agent forwarding message, updated example. * added integration test code and cmake target. Added example to cmake list. * don't call `libssh2_crypto_exit()` until `_libssh2_initialized` count is down to zero. * add an EWOULDBLOCK check for better portability * fix off by one error when loading public keys with no id * fix use-after-free crash on reinitialization of openssl backend * preserve error info from agent_list_identities() * make sure the error code is set in _libssh2_channel_open() * fixed misspellings * fix potential typecast error for `_libssh2_ecdsa_key_get_curve_type` * rename _libssh2_ecdsa_key_get_curve_type to _libssh2_ecdsa_get_curve_type - Rebased patch libssh2-ocloexec.path - Removed patch libssh2_org-CVE-2019-17498.patch: the security fix is already included in the latest version.- Version update to 1.9.0: [bsc#1178083, jsc#SLE-16922] Enhancements and bugfixes: * adds ECDSA keys and host key support when using OpenSSL * adds ED25519 key and host key support when using OpenSSL 1.1.1 * adds OpenSSH style key file reading * adds AES CTR mode support when using WinCNG * adds PEM passphrase protected file support for Libgcrypt and WinCNG * adds SHA256 hostkey fingerprint * adds libssh2_agent_get_identity_path() and libssh2_agent_set_identity_path() * adds explicit zeroing of sensitive data in memory * adds additional bounds checks to network buffer reads * adds the ability to use the server default permissions when creating sftp directories * adds support for building with OpenSSL no engine flag * adds support for building with LibreSSL * increased sftp packet size to 256k * fixed oversized packet handling in sftp * fixed building with OpenSSL 1.1 * fixed a possible crash if sftp stat gets an unexpected response * fixed incorrect parsing of the KEX preference string value * fixed conditional RSA and AES-CTR support * fixed a small memory leak during the key exchange process * fixed a possible memory leak of the ssh banner string * fixed various small memory leaks in the backends * fixed possible out of bounds read when parsing public keys from the server * fixed possible out of bounds read when parsing invalid PEM files * no longer null terminates the scp remote exec command * now handle errors when diffie hellman key pair generation fails * improved building instructions * improved unit tests - Rebased patches: * libssh2-ocloexec.patch * libssh2_org-CVE-2019-17498.patch - Remove patches fixed in this version: libssh2_org-CVE-2019-3855.patch libssh2_org-CVE-2019-3856.patch libssh2_org-CVE-2019-3857.patch libssh2_org-CVE-2019-3858.patch libssh2_org-CVE-2019-3859.patch libssh2_org-CVE-2019-3859-fix.patch libssh2_org-CVE-2019-3860.patch libssh2_org-CVE-2019-3861.patch libssh2_org-CVE-2019-3862.patch libssh2_org-CVE-2019-3863.patch- Drop man and groff BuildRequires: both are no longer used in current versions.- Security fix: [bsc#1154862, CVE-2019-17498] * The SSH_MSG_DISCONNECT:packet.c logic has an integer overflow in a bounds check that might lead to disclose sensitive information or cause a denial of service * Add patch libssh2_org-CVE-2019-17498.patch- Fix upstream patch for CVE-2019-3859 [bsc#1133528, bsc#1130103] - Added libssh2_org-CVE-2019-3859-fix.patch- Version update to 1.8.2: [bsc#1130103] Bug fixes: * Fixed the misapplied userauth patch that broke 1.8.1 * moved the MAX size declarations from the public header- Security fixes: * [bsc#1128471, CVE-2019-3855] Possible integer overflow in transport read allows out-of-bounds write with specially crafted payload - libssh2_org-CVE-2019-3855.patch * [bsc#1128472, CVE-2019-3856] Possible integer overflow in keyboard interactive handling allows out-of-bounds write with specially crafted payload - libssh2_org-CVE-2019-3856.patch * [bsc#1128474, CVE-2019-3857] Possible integer overflow leading to zero-byte allocation and out-of-bounds with specially crafted message channel request SSH packet - libssh2_org-CVE-2019-3857.patch * [bsc#1128476, CVE-2019-3858] Possible zero-byte allocation leading to an out-of-bounds read with a specially crafted SFTP packet - libssh2_org-CVE-2019-3858.patch * [bsc#1128480, CVE-2019-3859] Out-of-bounds reads with specially crafted payloads due to unchecked use of _libssh2_packet_require and _libssh2_packet_requirev - libssh2_org-CVE-2019-3859.patch * [bsc#1128481, CVE-2019-3860] Out-of-bounds reads with specially crafted SFTP packets - libssh2_org-CVE-2019-3860.patch * [bsc#1128490, CVE-2019-3861] Out-of-bounds reads with specially crafted SSH packets - libssh2_org-CVE-2019-3861.patch * [bsc#1128492, CVE-2019-3862] Out-of-bounds memory comparison with specially crafted message channel request SSH packet - libssh2_org-CVE-2019-3862.patch * [bsc#1128493, CVE-2019-3863] Integer overflow in user authenicate keyboard interactive allows out-of-bounds writes with specially crafted keyboard responses - libssh2_org-CVE-2019-3863.patch- Drop openssh BuildRequires: this is only used for one of the minor self-tests.- Remove --with-pic which is only for static libs- Version update to 1.8.0: * support openssl-1.1 * many bugfixes - Fixes bsc#1042660 - Remove obsolete conditionals that are no longer needed- update to 1.7.0 * Fixes CVE-2016-0787 (boo#967026) * Changes: libssh2_session_set_last_error: Add function mac: Add support for HMAC-SHA-256 and HMAC-SHA-512 WinCNG: support for SHA256/512 HMAC kex: Added diffie-hellman-group-exchange-sha256 support OS/400 crypto library QC3 support * and many bugfixes- update to 1.6.0 Changes: Added CMake build system Added libssh2_userauth_publickey_frommemory() Bug fixes: wait_socket: wrong use of difftime() userauth: Fixed prompt text no longer being copied to the prompts struct mingw build: allow to pass custom CFLAGS Let mansyntax.sh work regardless of where it is called from Init HMAC_CTX before using it direct_tcpip: Fixed channel write WinCNG: fixed backend breakage OpenSSL: caused by introducing libssh2_hmac_ctx_init userauth.c: fix possible dereferences of a null pointer wincng: Added explicit clear memory feature to WinCNG backend openssl.c: fix possible segfault in case EVP_DigestInit fails wincng: fix return code of libssh2_md5_init() kex: do not ignore failure of libssh2_sha1_init() scp: fix that scp_send may transmit not initialised memory scp.c: improved command length calculation nonblocking examples: fix warning about unused tvdiff on Mac OS X configure: make clear-memory default but WARN if backend unsupported OpenSSL: Enable use of OpenSSL that doesn't have DSA OpenSSL: Use correct no-blowfish #define kex: fix libgcrypt memory leaks of bignum libssh2_channel_open: more detailed error message wincng: fixed memleak in (block) cipher destructor- update to 1.5.0 * fixes CVE-2015-1782 (bnc#921070) - tarball verification * added libssh2_org.keyring * added libssh2-1.5.0.tar.gz.asc Changes in 1.5.0: Added Windows Cryptography API: Next Generation based backend Bug fixes: Security Advisory: Using `SSH_MSG_KEXINIT` data unbounded, CVE-2015-1782 missing _libssh2_error in _libssh2_channel_write knownhost: Fix DSS keys being detected as unknown. knownhost: Restore behaviour of `libssh2_knownhost_writeline` with short buffer. libssh2.h: on Windows, a socket is of type SOCKET, not int libssh2_priv.h: a 1 bit bit-field should be unsigned windows build: do not export externals from static library Fixed two potential use-after-frees of the payload buffer Fixed a few memory leaks in error paths userauth: Fixed an attempt to free from stack on error agent_list_identities: Fixed memory leak on OOM knownhosts: Abort if the hosts buffer is too small sftp_close_handle: ensure the handle is always closed channel_close: Close the channel even in the case of errors docs: added missing libssh2_session_handshake.3 file docs: fixed a bunch of typos userauth_password: pass on the underlying error code _libssh2_channel_forward_cancel: accessed struct after free _libssh2_packet_add: avoid using uninitialized memory _libssh2_channel_forward_cancel: avoid memory leaks on error _libssh2_channel_write: client spins on write when window full windows build: fix build errors publickey_packet_receive: avoid junk in returned pointers channel_receive_window_adjust: store windows size always userauth_hostbased_fromfile: zero assign to avoid uninitialized use configure: change LIBS not LDFLAGS when checking for libs agent_connect_unix: make sure there's a trailing zero MinGW build: Fixed redefine warnings. sftpdir.c: added authentication method detection. Watcom build: added support for WinCNG build. configure.ac: replace AM_CONFIG_HEADER with AC_CONFIG_HEADERS sftp_statvfs: fix for servers not supporting statfvs extension knownhost.c: use LIBSSH2_FREE macro instead of free Fixed compilation using mingw-w64 knownhost.c: fixed that 'key_type_len' may be used uninitialized configure: Display individual crypto backends on separate lines examples on Windows: check for WSAStartup return code examples on Windows: check for socket return code agent.c: check return code of MapViewOfFile kex.c: fix possible NULL pointer de-reference with session->kex packet.c: fix possible NULL pointer de-reference within listen_state tests on Windows: check for WSAStartup return code userauth.c: improve readability and clarity of for-loops examples on Windows: use native SOCKET-type instead of int packet.c: i < 256 was always true and i would overflow to 0 kex.c: make sure mlist is not set to NULL session.c: check return value of session_nonblock in debug mode session.c: check return value of session_nonblock during startup userauth.c: make sure that sp_len is positive and avoid overflows knownhost.c: fix use of uninitialized argument variable wrote openssl: initialise the digest context before calling EVP_DigestInit() libssh2_agent_init: init ->fd to LIBSSH2_INVALID_SOCKET configure.ac: Add zlib to Requires.private in libssh2.pc if using zlib configure.ac: Rework crypto library detection configure.ac: Reorder --with-* options in --help output configure.ac: Call zlib zlib and not libz in text but keep option names Fix non-autotools builds: Always define the LIBSSH2_OPENSSL CPP macro sftp: seek: Don't flush buffers on same offset sftp: statvfs: Along error path, reset the correct 'state' variable. sftp: Add support for fsync (OpenSSH extension). _libssh2_channel_read: fix data drop when out of window comp_method_zlib_decomp: Improve buffer growing algorithm _libssh2_channel_read: Honour window_size_initial window_size: redid window handling for flow control reasons knownhosts: handle unknown key types/sbin/ldconfig/sbin/ldconfigh01-ch3b 17030640691.11.0-150000.4.22.11.11.0-150000.4.22.1libssh2.so.1libssh2.so.1.0.1/usr/lib64/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:31955/SUSE_SLE-15_Update/4690c3e3ef3d5589f213a6b5fa521482-libssh2_org.SUSE_SLE-15_Updatedrpmxz5x86_64-suse-linuxELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=8bf54d3c50fd2d577dae70c51430bd8ee09ce906, stripped PRRRRRRR R R RDz_?3j3:&PCHԔ.G³@(Ƚlk$K @NiotEG\rQ 0\ &vlJT/PsN-5kC+v\#t^k&ꂏDqnz f Ym" PX5@՟RșN&ud7?#:00|<_? GkY\J--/Wi}O|Y Vh @)If_w&FqI7b0\ *-6xE AaB $9oZmP<ꣃZ>/GvaŒW9%\4?@ m Wzz ! Eu!'yˣMEfyMU[n_ORC>R' ji S?v-d2k©q$.gPBQob;WO~c4?d/m䝿Od0Vdp /DF5.dA(,OD☱tR} us^{z{giQf!E޼MDx~AGdƷ{VQQ5b! ߽63֏: 2& ]8?h^߄ @#~QGJsM~"`+h؟vÎLvvGw!ŤĀCHeS0'-@a|(:7!QT|%XFb VJ~=H}k^/giO!˒v |["0?ƃE*.kh:xb"E#+ >D &ĉ Vt_Qʞ| KXx!b4؋nH^a@<2 ;!O2_jsxߢΣ\o&뤮~ENA>ąlw`Ƃݦ ŶVeuemRۇ IQ6>uE:Ze E6y|3#?v[*<쨰r;'Dxʉ%"{f# @VhVKF[׵TH"cJ|W>rRCnVZBWlYq<~EkiG` 2U.gj@Pq\ZIxd[{yRؤ4Hԛ9y Wv ˷16W`V.n9Kmth¼|"YkpƲCapKFtK_I~꯻j' UeX!i{?:{Uo C&)~E}1إ"x` 38 ڽn'qZ&z&Ϗ_vIZ@s?-wi.KF 7Eq sծsSB]P^B&$~*CsO?^C8.>&9:2WOTs=}5~&K9[DzАcaWU[|um]LީZI7׊b쉋iZg65BoϕjGI"zĐ{peT -707K]4Yb!bcҷ foQ=OX0< 8 6hC3r9<kuoU0T EUsp~˖1JkK=E'L^NC%h}0$gpD_4d(ߊ_XdH? NW;Nخp0ۏO|8?}%:NLko':cc+#G56[] ydQLm jU(.ޭ?A4쎿(ϓ zWʚc8V6"e*T5j;~} 161i6iuT}*+'hng‘fFc *\Wkf ~v_8y}sGђl2bF~Zå8 }lV) CwvTRK;iAo% f4NɟBB 闹 0K tht'i 2$/x:|p9H! A\lzaS5~^Cn&8c,V>D" %n?0cZ- }=cWG*Z s*F:Õn8 `fyW3{БQcHlO20>oO<M)v^tYS@W\Xq9lP*̋_TorVD%-4i(zԑe'wH3.ʨ%J@>%N:alSyK~*ff`a,f2;z8S71/Ky jVYVF5>s!_ZWr|ƀq#Ex\$5d E Ҩ;g#Q^YΩ ǫdKluYc5ʷZ3p\v&`lKx>{׵fIn?Rd#GH=Q\VRy02ˡcZHTot(F$'Kؕ:!I"پ\3mwTLseq%3uEthC[$!J}R#PmP1+ʘBh6 dTהK2Y x}/\\:|`j=Kpz_ťof0 q5rStQ1(;kvp ?ՠЧPDۤ /=,FDU&kϧ_Rޫ~S\A#>Us BM(\eeTU^lW{ZT+B#E Dh`jm.V||KhFzL*,j?S鴥=X^ΜG|^ \Bm PK7RA$V!Мxe#90=fvhܖ|sVSaCc' tcL ~Im|zvaɹ`m:dJ}N@4$ U(xQ*S]߂rM{}&ӔuйIO>ўG*GtzaySeu-$muU(Y%q$ںk>sc+Tjn*.B)Ovtgra}\S8!(,SfH*K7u{en=?$A7`|Ǿ$Ji}ׂ+@g/f,SD=]7! ;q0?FZcK.PL09o-uu Gu=0Yo=2$W[P3k&ّ( ;lJ7΂"2%2g!<<},^"W޳ɠ !W4{`BŵrþK4~Uј[y9U~4!Fz]L-G=ѩN}aݭVHmLY5挌z!\swKc‡9cơ{ZoCCcڶ/e<,K?Uxn,`US;*v3=dv{khV3 ,EVS'Қٳ/V. tȼ#X7$fX^&:rL"錰v-T*n/[`EJX|][  l ) Aq5jZUK~RfFg ]=iGx3抬wK3fXPi6y̋U-cԪP~gh lRt EvMeIn`k@3;%`v37 G I5E"2ٳV@Q:_DjgJdXi)V%@ ȯtcnfi fo>|jџOԡT;H+)Vԕ 8gьɁ驏RY1\|iO`\]M=2[&9T~ H"&4zmHT egي3oӢu*]mW1ˮh美t4Q加d&{Ѩ0SO#M.WJ481o@47[ 9R)kv[lAhoRxs#]CQPƈ\.kB/MZjCbFReyw9ݡ2{ 6:Cq3uB8iɦkd](٥״ymMn" (/uHZʻt_#⾲DG2+e !&s0uWݤ6҅,<7(m:.D6 1ܲ9/|(>_p;}G9y4?`B}pMRG+٣Սe|1eپXz=daSV}*Fkg-:9rT=ke>7Px'.صYSe-%[vx*k=~K )*Fv\,5鍤2-zP8ؼ}50#bGu|#3&K~T=eۂhsUQ|octվY} 8듅2_$7FG.:)24rM˴& 2` ^,/$ogztX6 Ꭽ`c9>]u3I 2i}5~{m`D˫ 4Kgm :'j{ sU!y s ަja|],autwb@zH$Q :m (}1cG,G-@ʩ71 w>\{ G+jQT ?9o5YoZUKڳvw+a8RPw) /,5EO/yfbl[ V{UF)7)4zJ# 0^ח WB|!t8{Q3i=.+-GJXLߩ*9_fLĵF8aDSbҀJR(EVڷ%y C*EװR#1+"JFԾl e[wқsk#j/[i# ].QyHwro20TlVdwl6fᣠ6Xl$](RCѱ,J~kQJP*d5j tE}aev?(yl^][:GOD RE c [1jf1^K .acQTͼ].x90,E"%~+qOr|I?@֛bcPĈOJHThD{)L(6g}SESҰZ~.)h{x;/Wt#)B u6=.,o:SDah*B/I+D\"̳hse";lQvFm0q}89BP? YS'1}k1EF`4 En룑~-h+ +aO]  e|Y$50#c\fѬv=&ܑܳÃ).yi ΃)e:!rAYp{ty!"L *:]{yb"YVkod (eMl{5%Dۚ6j r,:d(EO]9s%rﱲX| ŒiZ 3m,ҜësN^G/\>]DA ً\~t7 j륰dN,4c3Cnu+kB?-Z Vp0Ku #}at-זz/!EӀ.]/\4WX>l2=(;9ѐĸ& !x|SPzX5 ힽR^腯PKpOu0& ҏ*D /Ob6ZlV򜚹>넘u"s5Sӧvk:c9^G+v+QPcқ+&µTJ,s MzI.W?9m5Щ_G0C?&sZ>7&F2~]OqIEN/- 8B[*5AM.zo0'Ej(lH%j?~`{bThϱ[WH i]x{AbQ|>郅屘FV+:ꛗ+lXq ٯg V/1ߺδM q)/B|"Dt<q5sgĜyW ]i0jh:ϧ)" H1`N[ #O+&.?IˣCF ;_Qoc"Xr*CNz|eN</'Qh)+6Sr+s0leEI >-g۪U=#[k!qc!]ݝkxT{Wd<ʇ!Ja jP&^]W{ ZB@*H/24Dzb&7Va#MI`N2Ab=Z|Rʪ3My-4dT})jWUG͹̥&r3t̸3}-kA<|HfmvI\L`ȬnQH,z4O^&n$?]ɦ#Zf.FB!\=SkcD'AY_g`$AN,z4Y+mڵ?hQ(f'ka-sF^N9p=Ӿߺ=wgk TWLxp ^~Hݢ?HEW}EϹQԇv_vpS~YSTD+ 4y߼}n^ <6Θ#F\):}1bnWp  ݂PjYi 2i^o :6d<74;y[RtLwe CYE b)AM}Űmmכ:5PL,ꇊ!lOG.~7WF)WOM"= )Ȓ]oƾw}gr)4H5Stw`ԕJL|dB EK+P(FR هNZf2$T_&z>"kz+%NҘ\2Qt*>ތmmA<hґER^M aIw_gQFf`%U0n k9_o2](Mg[Zc1tj5'O`Ҟ=3A e]w< ⹰=*Ͼ-[?٧SDv EU B4tS~r+ON[dxFWyUu US:c\X (u;5v:K`*`ٟZz ̓%o$H|ܝ=@Jq-jG{S"g&]m$ -o'~Ia|6gDd!'ν)S6B^_yn؏l5&>czhiv^z؈e{+4t.5,VOsS@%8G6ۮKn;/$gʑ2R[oG udXheƦ,BcjI>t $f̣YQ)2k,~[Kzfd/d@ $" ṣWnJR8Itf$C'WfJ~ۛqϿdCS'{w< mDMz2}B{CjiUɮPWF9sˉCI CXoVUX OG.Q~K\k~ktZ|n 6)2Pv[JAڽ t) m]tDvN_%O|i^>N"cm،`?#'V&pRIJQED:%/ .7Y"_I@YŨ&%)yкsk/_ֆ Y (i3>fpo1송ؘ`EuPc>CjݷU*5޵<^ HËmC .L6 ׵B jnR{d)SH;v:`9_d}lĀ _gꘂ*ؙ(onvhu$/=.Eyb"‘ O^T͝MktzpNMcv~~S(V_L=*1F*V(cԯ`]}mrj׿n2? 2`ђG^VxU{9`-y H4|eNQOzg'L VfW`Ah;x14nB)purE=u}HW؁2h?v6,7&a"x/JXk\xq  Eƥ_u;f9v!xz>uIXL=s\{Fe;C0𚢱 "wZŜF7F^| 㶱HЌAm3;&V/HPB?ƹ%UͣkNKMq࠭:]FÓ𔼿vfmgh[,>&z·uļQ06qYP|(Mnaϼ.ujҾ:'NnJ(Gc2[0U *@,J0wR<#~B9; 3yv5n`.}\=~NFq-W7q.I6Rl8(֭*/;4ksO5kچ}4ŠI<_cC7 ;tEcs~'(\zLJh^^"<5?.>sQ _%^~ɣ`,<~KʣN/(kʪ+J^-ފQ"w|B.[\!gt$j.b gzߑ_R#JMfH{xF϶ZÙG׎A2/Fw %k&hJ}tB.⥬wylV$0}%5MZCp3!Ib \kY# 5I+ @Yʙ6mTI'wڴb.r;FVIj4|pyKOH>y8اE?86Zd7 %hӘPסk<?\yZ:`/8ܷ wȓZ?&bz' j,DT@e4Sq2:PC4ݞov7.2M& :b"eBQE@-~8jZԌ_ l}\qva .[Gi+ݛ^e}YE%y"PU2bk6t%Gύ@@h㝼Ӯ1H# CdŞ?(3ֶ^]XvkߋAH^~fZC,*r.J`m G(sş1}lb1ColMmo6~n_h{{2"j|̳}S bchvj:5ݢ}1K:gRjA5x;')]hHɇ,prlX;i[ǚpӧCK4wTA9=myGr"E+S7c/gO|id.^96Fz' iY &laYFwِ>} p2yd$۰%aq{?WgTA'⽕lht&H;P>BY Ӆ`ͣD2PRI)IQ3WBYD@3́Y tzBKOP&Zq`7q Y%F7M372 y[lBA]$aa3B0QP`o l^ .{p\ E ,*Je_cJI`0A$yYhѫC;ʆAI-b8:AX9{0+tgZ>(4Ԝ?17wEnfYC`3>]4/i ;K rӠ*OaCu}_gq"rx'9kYV%Q~CD6SԟRw+gj y 7>zm8 &&O6x7бt|^q;NfثE!?)m>.ߥ}dd ۰ I"@GD0jqUq}Cĕjz(7֞Q`RbbKǞaAr vZ!ޕjyR;ꫂ#J;Uz%PBYr?1y+-gYQ_;7hЩn|?)Yv>U(G$4Ý_vrApRCG,Ӑ@X̶ ]Y͏%1Ow Üҷ_ȥgl&2MrJݠD@h/( "NJ8_8m`Li4lx )_eѶk!_*27N^(<;" 0iI&[T w 9,'|}UXdkp35N:ˑylP- څB7\))j4Xi,%$.DWMܳ*` f 4=Bݡ`@MA \2c !Ox6NI.?xJT1jQ\f>8pm~B b2Ksq].{X1ܵϰh=@!s0&.EqԀ=`g߉x<2 M([o1ާuXw+bLXͿ,F qbǹ o "ԊG$5p_#n:+1۸Dw.Do?QC2NKzoU?fnDuNӆVk `0 `=Ds}'˅<㼐"[:NFAa01t$ΰj]J"Z 39췃%m IJ t+1OT@%qԝLF'>mHn/2g>tJ$GlҨ(~ )M ~<&mvNf1 ($B1X0ٞoa%UN֙آAv_:gt(N~*f `=|0xLTb+ ] բ}=0s\~ٚoG;VAhÐfWDtUuɦ1oQ OO[ø&~K݄J\N1}Q%kZI$w\VA]ՒvP򿙷Yh*p fa5dZ4lѰooB\*rZ@c;:_}IҌxQ * !ۋ؜=j{=!@'"iYpZ230Hp*|[A!o%|a}!BQd^zǷbG0=X3~1=.tтo9ɿSnC,,$Ѐk,9aں%jXHᵘ}Hd9og)$o5!3}[}Āq@!Qgk\v `hZY$F2=}bYF#}5g[>4VT.Zh+<>e;kUκsqKPR7I،[wRCb.0< K9O?RU ટc7S =hk+OZ~57Дdл5F1D9P &B%Bܫ2,G0.{S!sZAG [e1kkfV !RFj9Įa+1u"VF^/WAM%nCpu-#<#3L|Q`bG3եI"*+f=_PjAtPSn2, YZ