glibc-2.38-150600.14.37.1<>,h8:p9|v 7sx{N&{*Q&09K\C':&Wog6ySe SWf*H1#- PdAO}r _l>G4=4] Ev*tF%X-]aF4`U~212r}G~8V%#mXDr,2*]S+MA6vnJUjα7P5gI']w.`LO|OVx|mkmK>J$?d   O48DHa )/7/P/ /  /  / / ////I """"("8"9&:4>@BFG/H|/I8/XhIYIZ[ \,/]/^1bcdDeIfLlNud/v !w/xp/y,zCglibc2.38150600.14.37.1Standard Shared Libraries (from the GNU C Library)The GNU C Library provides the most important standard libraries used by nearly all programs: the standard C library, the standard math library, and the POSIX thread library. A system is not functional without these libraries.h8:h01-armsrv3XxSUSE Linux Enterprise 15SUSE LLC GPL-2.0-or-later AND LGPL-2.1-or-later AND LGPL-2.1-or-later WITH GCC-exception-2.0https://www.suse.com/System/Librarieshttps://www.gnu.org/software/libc/libc.htmllinuxaarch64function exec(path, ...) local pid = posix.fork() if pid == 0 then posix.exec(path, ...) io.write(path, ": exec failed: ", posix.errno(), "\n") os.exit(1) end if not pid then error(path .. ": fork failed: " .. posix.errno() .. "\n") end posix.wait(pid) end -- First, get rid of platform-optimized libraries. We remove any we have -- ever built, since otherwise we might end up using some old leftover -- libraries when new ones aren't installed in their place anymore. libraries = { "libc.so.6", "libc.so.6.1", "libm.so.6", "libm.so.6.1", "librt.so.1", "libpthread.so.0", "libthread_db.so.1" } remove_dirs = { "/lib64/tls/" } for i, remove_dir in ipairs(remove_dirs) do for j, library in ipairs(libraries) do local file = remove_dir .. library -- This file could be a symlink to library-2.38.so, so check -- this and don't remove only the link, but also the library itself. local link = posix.readlink(file) if link then if link:sub(1, 1) ~= "/" then link = remove_dir .. link end os.remove(link) end os.remove(file) end end if posix.access("/sbin/ldconfig", "x") then exec("/sbin/ldconfig", "-X") end if posix.utime("/usr/lib64/gconv/gconv-modules.cache") then exec("/usr/sbin/iconvconfig", "-o", "/usr/lib64/gconv/gconv-modules.cache", "--nostdlib", "/usr/lib64/gconv") endb` bI ''p5- 6 %H,(PPPP I ; *AA큤A큤Ah8 h8"h8 h8 h8 h7h8 h8 h8 h8 h8 h8 h8 h8 h8 h8 h8 h8 h8 h8 h8 h8 h8 h8 h8 h8 h8h8 h8 h8h7h8 h8 h8 h8 h8 h8 h8 h8h8"dHh8"dHh8 h8 h8 h8 4b0166e286cb27b577940432c6e39614b143b0d2c207dd3533906a19956e2c040ad7a03c5985fc18c3ee981325a60a7c3f8a169151b9cd653ddfe2e77f01fa266e084899135cda5df149d95e3dc79f22d1b4367b7c3b2fd74582d02be3c785cf3b24a975dcde688434258566813a83ce256a4c73efd7a8a9c3998327b0b4de6848a34092a2b82593fa2aacf5021ad24e22c6441f49695b79b7b6b7f34da0054ce8f69d1b0e77bac0382b516f24e539921fe4e1c8c989d02e6c6e143717be5deaedc01d976f329ffc873143fe9dc6827032ed97b0528c4bb1607df10b2c441b7d0e216dbb01bcea65bd67ab8f8298f833d05cf45719b745b3b95a8bcb5ffddef2cfccb840a00bb815ccfdf7e0c27e96dfae918106a98766874271c54c20d843c33fc7d89200df242bbd3654525bb31732a044113469fdd663ca96022330d95d7afe5272ec7363fec4a547c8acaf272a4a2fe1c6d9be924e8f91a290330b79c19fab92e4a824920331550bd9dca72de6fb9ec3650f57dd338e6c5c3920c978a07dba92442e2d2c02df9063f97a185b70193f20f5af545e2d0b92f36e280eb01b511826e3811ecad5e2477c5ba5c3152a62a7044cad95528160e346882637c4e33cc949c5b2ed1778eb0f6fb7db416b1c78a48ffaed6a23faace38bff5f541403003ab9a7e88f99332c31c0314a316eebcb630f271444fc37479c0cc997f8a71f0df9c3d86e542a55e74dae8c7d83fffe6992c6be1e8c64da77ad396b091f74cc88937093d32393af498c869ffa955fdafd203494493103195f4a7e099958ca7ce675c07126cb4cc56f43d2a10e8f385e6ac0f7bd2870103e1f63a03353934657b060f7cfa677abad70147f4a0e0a70bdc50b7ca67606abd2f3dc56df0474fba38395fc62814ee422bc3c5a4d3d989b237dcb908a3ce4b786feec1432624be9cf37d1156ba4d90af367a336279c6cda679423e458e5af9ddf2627018ade1ab7b52f2034e1a9f45923efe1e93d004d1dceac5f3a5d82429a9779b00898eca56d3a904e7f3653cba1e7834eddd4f11558a21e5fd8193526466b09f2a9eb050849b92f9b5f3f6564fc706facadf93360c9bb522807eb528c3993266518d4daa58f84d0bbc300c219849d441bc1c4a12e9633d2b3494e27a1b31a4bf34083fea996d8a95dc57eeca0941ebc495a4bb9eedbdfe61d8cfefa36639b7be65f3c9675e2e2d618f6316ea8d88d24e5ed0a7600eb32a65cf41589df44587665ec36130c5e4d9b6d25b69339be1743bd084ecfeb3e1a8d24bf11321cd306a9517d812a03a8ec0bb7a066781e508472683f87d21d3cec873bfbfd955887a7c4359142ac16f9e569b7a066781e508472683f87d21d3cec873bfbfd955887a7c4359142ac16f9e569b7a066781e508472683f87d21d3cec873bfbfd955887a7c4359142ac16f9e569b7a066781e508472683f87d21d3cec873bfbfd955887a7c4359142ac16f9e56964c5212e63bb8cca6eda49eb36cc0ae089d81afdfe596a5b7a37b7630869d26076a5771adee7b9f36c7ae66eae78d72f325557500269107f2d98a7e3560a1808b33d0bd9f685b46853548814893a6135e74430d12f6d94ab3eba42fc591f83bc2aa75ddeb08e1772018ed74fe8bc1f1c4467c49c0a939052a2fe6ce2211f07daec3d91ae40cbbf7aafb047a4799c25e00a04d340c0febe83d72f66ca2dfc7dc0397f8cd51dc51c12e1b387201c40191e72bc5b9a92ffa77a0864505e5bc0ec86../lib/getconf/getconf/lib/ld-linux-aarch64.so.1YYrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootglibc-2.38-150600.14.37.1.src.rpmconfig(glibc)glibcglibc(aarch-64)ld-linux-aarch64.so.1()(64bit)ld-linux-aarch64.so.1(GLIBC_2.17)(64bit)ld-linux-aarch64.so.1(GLIBC_2.34)(64bit)ld-linux-aarch64.so.1(GLIBC_2.35)(64bit)libBrokenLocale.so.1()(64bit)libBrokenLocale.so.1(GLIBC_2.17)(64bit)libanl.so.1()(64bit)libanl.so.1(GLIBC_2.17)(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libc.so.6(GLIBC_2.18)(64bit)libc.so.6(GLIBC_2.22)(64bit)libc.so.6(GLIBC_2.23)(64bit)libc.so.6(GLIBC_2.24)(64bit)libc.so.6(GLIBC_2.25)(64bit)libc.so.6(GLIBC_2.26)(64bit)libc.so.6(GLIBC_2.27)(64bit)libc.so.6(GLIBC_2.28)(64bit)libc.so.6(GLIBC_2.29)(64bit)libc.so.6(GLIBC_2.30)(64bit)libc.so.6(GLIBC_2.31)(64bit)libc.so.6(GLIBC_2.32)(64bit)libc.so.6(GLIBC_2.33)(64bit)libc.so.6(GLIBC_2.34)(64bit)libc.so.6(GLIBC_2.35)(64bit)libc.so.6(GLIBC_2.36)(64bit)libc.so.6(GLIBC_2.38)(64bit)libc.so.6(GLIBC_ABI_DT_RELR)(64bit)libc_malloc_debug.so.0()(64bit)libc_malloc_debug.so.0(GLIBC_2.17)(64bit)libc_malloc_debug.so.0(GLIBC_2.33)(64bit)libdl.so.2()(64bit)libdl.so.2(GLIBC_2.17)(64bit)libm.so.6()(64bit)libm.so.6(GLIBC_2.17)(64bit)libm.so.6(GLIBC_2.18)(64bit)libm.so.6(GLIBC_2.23)(64bit)libm.so.6(GLIBC_2.24)(64bit)libm.so.6(GLIBC_2.25)(64bit)libm.so.6(GLIBC_2.27)(64bit)libm.so.6(GLIBC_2.28)(64bit)libm.so.6(GLIBC_2.29)(64bit)libm.so.6(GLIBC_2.31)(64bit)libm.so.6(GLIBC_2.32)(64bit)libm.so.6(GLIBC_2.35)(64bit)libm.so.6(GLIBC_2.38)(64bit)libmvec.so.1()(64bit)libmvec.so.1(GLIBC_2.38)(64bit)libnss_compat.so.2()(64bit)libnss_db.so.2()(64bit)libnss_dns.so.2()(64bit)libnss_files.so.2()(64bit)libnss_hesiod.so.2()(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.17)(64bit)libpthread.so.0(GLIBC_2.18)(64bit)libpthread.so.0(GLIBC_2.28)(64bit)libpthread.so.0(GLIBC_2.30)(64bit)libpthread.so.0(GLIBC_2.31)(64bit)libresolv.so.2()(64bit)libresolv.so.2(GLIBC_2.17)(64bit)librt.so.1()(64bit)librt.so.1(GLIBC_2.17)(64bit)libthread_db.so.1()(64bit)libthread_db.so.1(GLIBC_2.17)(64bit)libutil.so.1()(64bit)libutil.so.1(GLIBC_2.17)(64bit)ngptngpt-develrtld(GNU_HASH)@@@@@@@@@@@@@@@@      /sbin/ldconfigconfig(glibc)filesystemld-linux-aarch64.so.1()(64bit)ld-linux-aarch64.so.1(GLIBC_2.17)(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.17)(64bit)libc.so.6(GLIBC_2.30)(64bit)libc.so.6(GLIBC_2.32)(64bit)libc.so.6(GLIBC_2.33)(64bit)libc.so.6(GLIBC_2.34)(64bit)libc.so.6(GLIBC_2.38)(64bit)libm.so.6()(64bit)libm.so.6(GLIBC_2.17)(64bit)libm.so.6(GLIBC_2.27)(64bit)libm.so.6(GLIBC_2.29)(64bit)libnss_files.so.2()(64bit)libresolv.so.2()(64bit)libresolv.so.2(GLIBC_2.17)(64bit)rpmlib(BuiltinLuaScripts)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PartialHardlinkSets)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)2.38-150600.14.37.14.2.2-13.0.4-14.6.0-14.0.4-14.0-15.2-1kernel4.34.14.3h @hxh+@h@gx@gI@gڱg/@g@g}@gM@gp@fffWfO/f;i@f:f2.f! @f De!@e@e}@epe6@e@e@eeoem@e6`@e/e.w@e#@eSe@ev@e;e@eRd@d@d@d@d@d@dE@dd@dr@dK@d%ydcT@c@c @clcY!@c=qc*c@c6@cb5@bb@bUbb@b@b|bk@b@aa@a@a@a\>@aaaj@a@`P@```8@`7@`u`Y@`F`>(`<@`.V`+`>`_إ@__@_Wr@_+^^x^^j$@^K^E:@^8 @^&]7@]]c@]@]]]@]Z@]Z@]D%]/ ]^@] ] u@]@\@\@\\~d\n\j@\T4\5@[@[[[t[[t[b@[(@["X[)[WZJ@Z@Z2@ZZ@ZZ$Z@ZxG@Zp^@Zp^@Ze@ZKt@Z1@Z/Z@Y@Y@YYܶ@YdY@Y@YY@Y@Y@YW@Y@YJYYw2Yp@YJ_YA%@Y.@Y, @Y, @Y$$@Y"XۡX@XWw@W@W@Ws@Wk@Wj}WYZ@WL+@W3W0{WW V@V@V޾Vm@VIV@VŲ@V`VVV@VLh@V.V$@VVZV VUYU|@UAUȒ@UU@UU4@UUv@U%@U/@U:T@TPTgTܕTء@TO@schwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.degiuliano.belinassi@suse.comschwab@suse.degiuliano.belinassi@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.derguenther@suse.comschwab@suse.derguenther@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.degiuliano.belinassi@suse.comschwab@suse.deschwab@suse.deschwab@suse.delnussel@suse.comschwab@suse.degmbr3@opensuse.orgschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.defvogt@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dedimstar@opensuse.orgmeissner@suse.comschwab@suse.deschwab@suse.dematz@suse.comgiuliano.belinassi@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dematz@suse.comschwab@suse.delnussel@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deguillaume.gardet@opensuse.orgschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.derguenther@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dekukuk@suse.deschwab@suse.deschwab@suse.deschwab@suse.delnussel@suse.deschwab@suse.deschwab@suse.dekukuk@suse.deschwab@suse.deschwab@suse.deschwab@suse.demliska@suse.czmliska@suse.czschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.demliska@suse.czschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dejengelh@inai.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.defvogt@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.dejslaby@suse.comschwab@suse.deschwab@suse.deschwab@suse.deidonmez@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.denormand@linux.vnet.ibm.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.demeissner@suse.comschwab@suse.deschwab@suse.demgorman@suse.comschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.deschwab@suse.de- regcomp-double-free.patch: posix: Fix double-free after allocation failure in regcomp (CVE-2025-8058, bsc#1246965, BZ #33185)- nscd-gethst-race.patch: Reduce chance of crash when using nscd GETFDHST (bsc#1240058)- static-setuid-ld-library-path.patch: elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static (CVE-2025-4802, bsc#1243317)- Add support for userspace livepatching for ppc64le (jsc#PED-11850)- pthread-wakeup.patch: pthreads NPTL: lost wakeup fix 2 (bsc#1234128, BZ [#25847])- Mark functions in libc_nonshared.a as hidden (bsc#1239883)- Bump minimal kernel version to 4.3 to enable use of direct socketcalls on x86-32 and s390x (bsc#1234713)- assert-message-allocation.patch: Fix underallocation of abort_msg_s struct (CVE-2025-0395, bsc#1236282, BZ #32582))- prctl-syscall-wrapper.patch: Linux: Switch back to assembly syscall wrapper for prctl (bsc#1234665, BZ #29770)- Correctly determine livepatching support- Remove nss-systemd from default nsswitch.conf (bsc#1233699)- Apply libc_nonshared.a workaround also on s390x and ppc64le (bsc#1231051)- Use nss-systemd by default also in SLE (bsc#1230638)- s390x-wcsncmp.patch: s390x: Fix segfault in wcsncmp (bsc#1228042, BZ [#31934])- Fix typo in last change- Also include stat64 in the 32-bit libc_nonshared.a workaround (bsc#1221482)- ulp-prologue-into-asm-functions.patch: Avoid creating ULP prologue for _start routine (bsc#1221940)- nscd-netgroup-cache-timeout.patch: Use time_t for return type of addgetnetgrentX (CVE-2024-33602, bsc#1223425) - Also add libc_nonshared.a workaround to 32-bit x86 compat package (bsc#1221482)- glibc-CVE-2024-33599-nscd-Stack-based-buffer-overflow-in-n.patch: nscd: Stack-based buffer overflow in netgroup cache (CVE-2024-33599, bsc#1223423, BZ #31677) - glibc-CVE-2024-33600-nscd-Avoid-null-pointer-crashes-after.patch: nscd: Avoid null pointer crashes after notfound response (CVE-2024-33600, bsc#1223424, BZ #31678) - glibc-CVE-2024-33600-nscd-Do-not-send-missing-not-found-re.patch: nscd: Do not send missing not-found response in addgetnetgrentX (CVE-2024-33600, bsc#1223424, BZ #31678) - glibc-CVE-2024-33601-CVE-2024-33602-nscd-netgroup-Use-two.patch: netgroup: Use two buffers in addgetnetgrentX (CVE-2024-33601, CVE-2024-33602, bsc#1223425, BZ #31680)- iconv-iso-2022-cn-ext.patch: iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961, bsc#1222992)- Add workaround for invalid use of libc_nonshared.a with non-SUSE libc (bsc#1221482)- malloc-arena-get2.patch: malloc: Use __get_nprocs on arena_get2 (BZ [#30945]) - sched-getcpu-rseq-area.patch: linux: Use rseq area unconditionally in sched_getcpu (BZ #31479)- duplocale-global-locale.patch: duplocale: protect use of global locale (bsc#1220441, BZ #23970)- s390-clone-error-clobber-r7.patch: S390: Do not clobber r7 in clone (BZ [#31402])- Add libnsl1 to baselibs.conf (bsc#1219640)- syslog-buffer-overflow.patch: syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6246, CVE-2023-6779, CVE-2023-6780, bsc#1218863, bsc#1218867, bsc#1218868) - qsort-invalid-cmp.patch: qsort: handle degenerated compare function (bsc#1218866)- Change minimum GCC to 13- Split off libnsl.so.1 into a separate package- sem-open-o-creat.patch: sem_open: Clear O_CREAT when semaphore file is expected to exist (BZ #30789) - ldconfig-process-elf-file.patch: elf: Fix wrong break removal from 8ee878592c - tls-modid-reuse.patch: elf: Fix TLS modid reuse generation assignment (BZ #29039) - getaddrinfo-eai-memory.patch: getaddrinfo: translate ENOMEM to EAI_MEMORY (bsc#1217589, BZ #31163) - libio-wdo-write.patch: libio: Check remaining buffer size in _IO_wdo_write (BZ #31183)- aarch64-rawmemchr-unwind.patch: aarch64: correct CFI in rawmemchr (bsc#1217445, BZ #31113)- Remove systemd from shadow and gshadow lookups (bsc#1217220)- gb18030-2022.patch: add GB18030-2022 charmap (jsc#PED-4908, BZ #30243)- dtors-reverse-ctor-order.patch: Remove, has been reverted- Avoid use of SSE in i586 build- Add systemd also to gshadow lookups (jsc#PED-5188) - For SLE continue to use nsswitch.conf without systemd- setxid-propagate-glibc-tunables.patch: Propagate GLIBC_TUNABLES in setxid binaries - tunables-string-parsing.patch: tunables: Terminate if end of input is reached (CVE-2023-4911, bsc#1215501)- fstat-implementation.patch: io: Do not implement fstat with fstatat- getaddrinfo-memory-leak.patch: Fix leak in getaddrinfo introduced by the fix for CVE-2023-4806 (CVE-2023-5156, bsc#1215714, BZ #30884)- getcanonname-use-after-free.patch: getaddrinfo: Fix use after free in getcanonname (CVE-2023-4806, bsc#1215281, BZ #30843) - Do not build any cross packages in SLES- no-aaaa-read-overflow.patch: Stack read overflow with large TCP responses in no-aaaa mode (CVE-2023-4527, bsc#1215280, BZ #30842)- Add systemd to passwd, group and shadow lookups (jsc#PED-5188)- ppc64-flock-fob64.patch: io: Fix record locking contants for powerpc64 with __USE_FILE_OFFSET64 (BZ #30804) - libio-io-vtables.patch: libio: Fix oversized __io_vtables - call-init-proxy-objects.patch: elf: Do not run constructors for proxy objects - dtors-reverse-ctor-order.patch: elf: Always call destructors in reverse constructor order (BZ #30785)- intl-c-utf-8-like-c-locale.patch: intl: Treat C.UTF-8 locale like C locale (BZ #16621) - glibc-disable-gettext-for-c-utf8.patch: Removed- Add cross-ppc64le package- posix-memalign-fragmentation.patch: malloc: Enable merging of remainders in memalign, remove bin scanning from memalign (BZ #30723) - Limit build counter sync to i686 flavor, to reduce needs for rebuilds- Add cross-s390x package (bsc#1214460)- Require that elf/check-localplt does not fail - glibc-2.3.90-langpackdir.diff: add hidden alias for __strcpy_chk - cache-amd-legacy.patch: x86: Fix for cache computation on AMD legacy cpus - cache-intel-shared.patch: x86: Fix incorrect scope of setting `shared_per_thread` (BZ# 30745)- Update to glibc 2.38 * When C2X features are enabled and the base argument is 0 or 2, the following functions support binary integers prefixed by 0b or 0B as input * PRIb*, PRIB* and SCNb* macros from C2X have been added to . * printf-family functions now support the wN format length modifiers for arguments of type intN_t, int_leastN_t, uintN_t or uint_leastN_t and the wfN format length modifiers for arguments of type int_fastN_t or uint_fastN_t, as specified in draft ISO C2X * A new tunable, glibc.pthread.stack_hugetlb, can be used to disable Transparent Huge Pages (THP) in stack allocation at pthread_create * Vector math library libmvec support has been added to AArch64 * The strlcpy and strlcat functions have been added * CVE-2023-25139: When the printf family of functions is called with a format specifier that uses an (enable grouping) and a minimum width specifier, the resulting output could be larger than reasonably expected by a caller that computed a tight bound on the buffer size - Enable build with _FORTIFY_SOURCE - glibc-2.3.90-langpackdir.diff: avoid reference to __strcpy_chk - iconv-error-verbosity.patch: iconv: restore verbosity with unrecognized encoding names (BZ #30694) - printf-grouping.patch, strftime-time64.patch, getlogin-no-loginuid.patch, fix-locking-in-_IO_cleanup.patch, gshadow-erange-rhandling.patch, system-sigchld-block.patch, gmon-buffer-alloc.patch, check-pf-cancel-handler.patch, powerpc64-fcntl-lock.patch, realloc-limit-chunk-reuse.patch, dl-find-object-return.patch; Removed - bsc#1211828 - bsc#1212819- gshadow-erange-rhandling.patch: gshadow: Matching sgetsgent, sgetsgent_r ERANGE handling (BZ #30151) - system-sigchld-block.patch: posix: Fix system blocks SIGCHLD erroneously (BZ #30163) - gmon-buffer-alloc.patch: gmon: Fix allocated buffer overflow (CVE-2023-0687, bsc#1207975, BZ #29444) - check-pf-cancel-handler.patch: __check_pf: Add a cancellation cleanup handler (BZ #20975) - powerpc64-fcntl-lock.patch: io: Fix F_GETLK, F_SETLK, and F_SETLKW for powerpc64 - realloc-limit-chunk-reuse.patch: realloc: Limit chunk reuse to only growing requests (BZ #30579) - dl-find-object-return.patch: elf: _dl_find_object may return 1 during early startup (BZ #30515)- Need to build with GCC 12 as minimum- fix-locking-in-_IO_cleanup.patch: Update to final version- ulp-prologue-into-asm-functions.patch: Add support for livepatches in ASM written functions (bsc#1210777, bsc#1211726)- getlogin-no-loginuid.patch: getlogin_r: fix missing fallback if loginuid is unset (bsc#1209229, BZ #30235)- Exclude static archives from preparation for live patching (bnc#1208721)- Update to glibc 2.37 * The getent tool now supports the --no-addrconfig option * The dynamic linker no longer loads shared objects from the "tls" subdirectories on the library search path or the subdirectory that corresponds to the AT_PLATFORM system name, or employs the legacy AT_HWCAP search mechanism, which was deprecated in version 2.33 - printf-grouping.patch: Account for grouping in printf width (BZ #30068) - strftime-time64.patch: Use 64-bit time_t interfaces in strftime and strptime (BZ #30053) - glibcextract-compile-c-snippet.patch, sys-mount-kernel-definition.patch, sys-mount-usage.patch, nscd-netlink-cache-invalidation.patch, syslog-large-messages.patch, dlmopen-libc-early-init.patch, ldd-vdso-dependency.patch, syslog-extra-whitespace.patch, errlist-edeadlock.patch, makeflags.patch, get-nscd-addresses.patch, x86-64-avx2-string-functions.patch, nscd-aicache.patch, dl-debug-bindings.patch, floatn.patch: Removed - bsc#1207957 - bsc#1208358 - bsc#1212910- Remove reference to obsolete %usrmerged macro (boo#1206798)- floatn.patch: Update _FloatN header support for C++ in GCC 13- nscd: Convert to systemd-sysusers- dl-debug-bindings.patch: elf: Reinstate on DL_DEBUG_BINDINGS _dl_lookup_symbol_x (bsc#1204710)- get-nscd-addresses.patch: get_nscd_addresses: Fix subscript typos (BZ [#29605]) - x86-64-avx2-string-functions.patch: check for required cpu features in AVX2 string functions (BZ #29611) - nscd-aicache.patch: nscd: Drop local address tuple variable (BZ #29607)- makeflags.patch: Makerules: fix MAKEFLAGS assignment for upcoming make-4.4 (BZ# 29564)- errlist-edeadlock.patch: errlist: add missing entry for EDEADLOCK (BZ [#29545])- syslog-large-messages.patch: syslog: Fix large messages (CVE-2022-39046, bsc#1203011, BZ #29536) - dlmopen-libc-early-init.patch: elf: Call __libc_early_init for reused namespaces (BZ #29528) - ldd-vdso-dependency.patch: elf: Restore how vDSO dependency is printed with LD_TRACE_LOADED_OBJECTS (BZ #29539) - syslog-extra-whitespace.patch: syslog: Remove extra whitespace between timestamp and message (BZ #29544)- nscd-netlink-cache-invalidation.patch: nscd: Fix netlink cache invalidation if epoll is used (boo#1199964, BZ #29415)- glibcextract-compile-c-snippet.patch: glibcextract.py: Add compile_c_snippet - sys-mount-kernel-definition.patch: linux: Mimic kernel definition for BLOCK_SIZE - sys-mount-usage.patch: linux: Fix sys/mount.h usage with kernel headers- Update to glibc 2.36 Major new features: * Support for DT_RELR relative relocation format has been added to glibc * On Linux, the pidfd_open, pidfd_getfd, and pidfd_send_signal functions have been added * On Linux, the process_madvise function has been added * On Linux, the process_mrelease function has been added * The “no-aaaa” DNS stub resolver option has been added * On Linux, the fsopen, fsmount, move_mount, fsconfig, fspick, open_tree, and mount_setattr have been added * localedef now accepts locale definition files encoded in UTF-8 * Support for the mbrtoc8 and c8rtomb multibyte/UTF-8 character conversion functions has been added per the ISO C2X N2653 and C++20 P0482R6 proposals * The functions arc4random, arc4random_buf, and arc4random_uniform have been added Deprecated and removed features, and other changes affecting compatibility: * Support for prelink will be removed in the next release * The Linux kernel version check has been removed along with the LD_ASSUME_KERNEL environment variable * On Linux, The LD_LIBRARY_VERSION environment variable has been removed - get-nprocs-sched-uninit-read.patch, get-nprocs-inaccurate.patch, strcmp-rtm-fallback.path, pt-load-invalid-hole.patch, localedef-ld-monetary.patch, nptl-spurious-eintr.patch, strncpy-power9-vsx.patch, nptl-cleanup-async-restore.patch, read-chk-cancel.patch, wcrtomb-fortify.patch, nptl-cleanup-async-restore-2.patch: Removed - CVE-2023-4813, bsc#1215286 - bsc#1198751 - bsc#1200334- nptl-cleanup-async-restore-2.patch: nptl: Fix ___pthread_unregister_cancel_restore asynchronous restore (bsc#1200093, BZ #29214)- read-chk-cancel.patch: debug: make __read_chk a cancellation point (bsc#1200682, BZ #29274) - wcrtomb-fortify.patch: wcrtomb: Make behavior POSIX compliant (bsc#1200688)- Set SUSE_ZNOW=0- strncpy-power9-vsx.patch: powerpc: Fix VSX register number on __strncpy_power9 (BZ #29197) - nptl-cleanup-async-restore.patch: nptl: Fix __libc_cleanup_pop_restore asynchronous restore (bsc#1200093, BZ #29214)- nptl-spurious-eintr.patch: nptl: Handle spurious EINTR when thread cancellation is disabled (BZ #29029)- Follow the distro default gcc version to build the cross bootstrap packages.- switched to https urls- get-nprocs-sched-uninit-read.patch: linux: __get_nprocs_sched: do not feed CPU_COUNT_S with garbage (BZ #28850) - get-nprocs-inaccurate.patch: linux: fix accuracy of get_nprocs and get_nprocs_conf (BZ #28865) - strcmp-rtm-fallback.path: x86: Fallback {str|wcs}cmp RTM in the ncmp overflow case (BZ #28896) - pt-load-invalid-hole.patch: elf: Check invalid hole in PT_LOAD segments (BZ #28838) - localedef-ld-monetary.patch: localedef: Update LC_MONETARY handling (BZ [#28845])- Update to glibc 2.35 Major new features: * Unicode 14.0.0 Support * Bump r_version in the debugger interface to 2 * Support for the C.UTF-8 locale has been added to glibc * functions that round their results to a narrower type, and corresponding macros, are added from TS 18661-1:2014, TS 18661-3:2015 and draft ISO C2X * functions for floating-point maximum and minimum, corresponding to new operations in IEEE 754-2019, and corresponding macros, are added from draft ISO C2X * macros for single-precision float constants are added as a GNU extension * The __STDC_IEC_60559_BFP__ and __STDC_IEC_60559_COMPLEX__ macros are predefined as specified in TS 18661-1:2014 * The exp10 functions in now have a corresponding type-generic macro in * The ISO C2X macro _PRINTF_NAN_LEN_MAX has been added to * printf-family functions now support the %b format for output of integers in binary, as specified in draft ISO C2X, and the %B variant of that format recommended by draft ISO C2X * A new DSO sorting algorithm has been added in the dynamic linker that uses topological sorting by depth-first search (DFS), solving performance issues of the existing sorting algorithm when encountering particular circular object dependency cases * A new tunable, glibc.rtld.dynamic_sort, can be used to select between the two DSO sorting algorithms * ABI support for a new function '__memcmpeq'. '__memcmpeq' is meant to be used by compilers for optimizing usage of 'memcmp' when its return value is only used for its boolean status * Support for automatically registering threads with the Linux rseq system call has been added * A symbolic link to the dynamic linker is now installed under /usr/bin/ld.so (or more precisely, '${bindir}/ld.so') * All programs and the testsuite in glibc are now built as position independent executables (PIE) by default on toolchains and architectures that support it * On Linux, a new tunable, glibc.malloc.hugetlb, can be used to either make malloc issue madvise plus MADV_HUGEPAGE on mmap and sbrk or to use huge pages directly with mmap calls with the MAP_HUGETLB flags) * The printf family of functions now handles the flagged %#m conversion specifier, printing errno as an error constant (similar to strerrorname_np) * The function _dl_find_object has been added * On Linux, the epoll_pwait2 function has been added * The function posix_spawn_file_actions_addtcsetpgrp_np has been added, enabling posix_spawn and posix_spawnp to set the controlling terminal in the new process in a race free manner * Source fortification (_FORTIFY_SOURCE) level 3 is now available for applications compiling with glibc and gcc 12 and later Deprecated and removed features, and other changes affecting compatibility: * On x86-64, the LD_PREFER_MAP_32BIT_EXEC environment variable support has been removed since the first PT_LOAD segment is no longer executable due to defaulting to -z separate-code * The r_version update in the debugger interface makes the glibc binary incompatible with GDB * Intel MPX support (lazy PLT, ld.so profile, and LD_AUDIT) has been removed * The catchsegv script and associated libSegFault.so shared object have been removed * Support for prelink will be removed in the next release; this includes removal of the LD_TRACE_PRELINKING, and LD_USE_LOAD_BIAS, environment variables and their functionality in the dynamic loader Changes to build and runtime requirements: * The audit module interface version LAV_CURRENT is increased to enable proper bind-now support * The audit interface on aarch64 is extended to support both the indirect result location register (x8) and NEON Q register Security related changes: * CVE-2022-23219: Passing an overlong file name to the clnt_create legacy function could result in a stack-based buffer overflow when using the "unix" protocol * CVE-2022-23218: Passing an overlong file name to the svcunix_create legacy function could result in a stack-based buffer overflow * CVE-2021-3998: Passing a path longer than PATH_MAX to the realpath function could result in a memory leak and potential access of uninitialized memory * CVE-2021-3999: Passing a buffer of size exactly 1 byte to the getcwd function may result in an off-by-one buffer underflow and overflow when the current working directory is longer than PATH_MAX and also corresponds to the / directory through an unprivileged mount namespace - copy-and-spawn-sgid-double-close.patch, fcntl-time-bits-64-redirect.patch, gaiconf-init-double-free.patch, gconv-parseconfdir-memory-leak.patch, getcwd-attribute-access.patch, glibc-c-utf8-locale.patch, iconv-charmap-close-output.patch, ld-show-auxv-colon.patch, ldconfig-leak-empty-paths.patch, librt-null-pointer.patch, pthread-kill-fail-after-exit.patch, pthread-kill-race-thread-exit.patch, pthread-kill-return-esrch.patch, pthread-kill-send-specific-thread.patch, pthread-mutexattr-getrobust-np-type.patch, setxid-deadlock-blocked-signals.patch, sysconf-nprocessors-affinity.patch, x86-string-control-test.patch: Removed. - bsc#1194640 - bsc#1194768 - bsc#1194770 - bsc#1197718 - bsc#1211829 - bsc#1215891- Enable building the cross packages in rings.- Add ExtraBuildFlags for build flags that cannot be passed to configure. - Add support for livepatches (jsc#SLE-20049). - Generate ipa-clones tarball artifact when livepatching is enabled.- glibc.rpmlintrc: Update for rpmlint2- ld-show-auxv-colon.patch: elf: Fix missing colon in LD_SHOW_AUXV output (BZ #282539 - x86-string-control-test.patch: x86-64: Use testl to check __x86_string_control - pthread-kill-fail-after-exit.patch: nptl: pthread_kill, pthread_cancel should not fail after exit (BZ #19193) - pthread-kill-race-thread-exit.patch: nptl: Fix race between pthread_kill and thread exit (BZ #12889) - getcwd-attribute-access.patch: posix: Fix attribute access mode on getcwd (BZ #27476) - pthread-kill-return-esrch.patch: nptl: pthread_kill needs to return ESRCH for old programs (BZ #19193) - pthread-mutexattr-getrobust-np-type.patch: nptl: Fix type of pthread_mutexattr_getrobust_np, pthread_mutexattr_setrobust_np (BZ [#28036]) - setxid-deadlock-blocked-signals.patch: nptl: Avoid setxid deadlock with blocked signals in thread exit (BZ #28361) - pthread-kill-send-specific-thread.patch: nptl: pthread_kill must send signals to a specific thread (BZ #28407) - sysconf-nprocessors-affinity.patch: linux: Revert the use of sched_getaffinity on get_nproc (BZ #28310) - iconv-charmap-close-output.patch: renamed from icon-charmap-close-output.patch- Don't create separate debuginfo packages for cross packages- ldconfig-leak-empty-paths.patch: ldconfig: avoid leak on empty paths in config file - gconv-parseconfdir-memory-leak.patch: gconv_parseconfdir: Fix memory leak - gaiconf-init-double-free.patch: gaiconf_init: Avoid double-free in label and precedence lists - copy-and-spawn-sgid-double-close.patch: copy_and_spawn_sgid: Avoid double calls to close() - icon-charmap-close-output.patch: iconv_charmap: Close output file when done - fcntl-time-bits-64-redirect.patch: Linux: Fix fcntl, ioctl, prctl redirects for _TIME_BITS=64 (BZ #28182) - librt-null-pointer.patch: librt: fix NULL pointer dereference (BZ [#28213])- Add cross development packages for aarch64 and riscv64.- Update to glibc 2.34 Major new features: * When _DYNAMIC_STACK_SIZE_SOURCE or _GNU_SOURCE are defined, PTHREAD_STACK_MIN is no longer constant and is redefined to sysconf(_SC_THREAD_STACK_MIN) * Add _SC_MINSIGSTKSZ and _SC_SIGSTKSZ * The dynamic linker implements the --list-diagnostics option, printing a dump of information related to IFUNC resolver operation and glibc-hwcaps subdirectory selection * On Linux, the function execveat has been added * The ISO C2X function timespec_getres has been added * The feature test macro __STDC_WANT_IEC_60559_EXT__, from draft ISO C2X, is supported to enable declarations of functions defined in Annex F of C2X * Add support for 64-bit time_t on configurations like x86 where time_t is traditionally 32-bit * The main gconv-modules file in glibc now contains only a small set of essential converter modules and the rest have been moved into a supplementary configuration file gconv-modules-extra.conf in the gconv-modules.d directory in the same GCONV_PATH * On Linux, a new tunable, glibc.pthread.stack_cache_size, can be used to configure the size of the thread stack cache * The function _Fork has been added as an async-signal-safe fork replacement since Austin Group issue 62 droped the async-signal-safe requirement for fork (and it will be included in the future POSIX standard) * On Linux, the close_range function has been added * The function closefrom has been added * The posix_spawn_file_actions_closefrom_np function has been added, enabling posix_spawn and posix_spawnp to close all file descriptors great than or equal to a giver integer Deprecated and removed features, and other changes affecting compatibility: * The function pthread_mutex_consistent_np has been deprecated * The function pthread_mutexattr_getrobust_np has been deprecated * The function pthread_mutexattr_setrobust_np has been deprecated * The function pthread_yield has been deprecated * The function inet_neta declared in has been deprecated * Various rarely-used functions declared in and have been deprecated * The pthread cancellation handler is now installed with SA_RESTART and pthread_cancel will always send the internal SIGCANCEL on a cancellation request * The symbols mallwatch and tr_break are now deprecated and no longer used in mtrace * The __morecore and __after_morecore_hook malloc hooks and the default implementation __default_morecore have been removed from the API * Debugging features in malloc such as the MALLOC_CHECK_ environment variable (or the glibc.malloc.check tunable), mtrace() and mcheck() have now been disabled by default in the main C library * The deprecated functions malloc_get_state and malloc_set_state have been moved from the core C library into libc_malloc_debug.so * The deprecated memory allocation hooks __malloc_hook, __realloc_hook, __memalign_hook and __free_hook are now removed from the API Changes to build and runtime requirements: * On Linux, the shm_open, sem_open, and related functions now expect the file shared memory file system to be mounted at /dev/shm Security related changes: CVE-2021-27645: The nameserver caching daemon (nscd), when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system CVE-2021-33574: The mq_notify function has a potential use-after-free issue when using a notification type of SIGEV_THREAD and a thread attribute with a non-default affinity mask CVE-2021-35942: The wordexp function may overflow the positional parameter number when processing the expansion resulting in a crash - nss-database-check-reload.patch, nss-load-chroot.patch, x86-isa-level.patch, nscd-netgroupcache.patch, nss-database-lookup.patch, select-modify-timeout.patch, nptl-db-libpthread-load-order.patch, rawmemchr-warning.patch, tst-cpu-features-amx.patch, mq-notify-use-after-free.patch: Removed - bsc#1181403 - bsc#1184035 - bsc#1187911 - jsc#PED-987- Enable usrmerge in Factory always as it's default there - Add conflict with pre-usrmerge filesystem package- mq-notify-use-after-free.patch: Use __pthread_attr_copy in mq_notify (CVE-2021-33574, bsc#1186489, BZ #27896) - Drop glibc-usrmerge-bootstrap-helper package- tst-cpu-features-amx.patch: x86: tst-cpu-features-supports.c: Update AMX check- rawmemchr-warning.patch: string: Work around GCC PR 98512 in rawmemchr- nptl-db-libpthread-load-order.patch: nptl_db: Support different libpthread/ld.so load orders (bsc#1184214, BZ #27744)- Enable support for static PIE (bsc#1184646) - select-modify-timeout.patch: linux: always update select timeout (bsc#1184339, BZ #27706)- Don't remove -f[asynchronous-]unwind-tables during configure run, no longer needed- nss-database-check-reload.patch: nsswitch: return result when nss database is locked (BZ #27343) - nss-load-chroot.patch: nss: Re-enable NSS module loading after chroot (bsc#1182323, BZ #27389) - x86-isa-level.patch: x86: Set minimum x86-64 level marker (bsc#1182522, BZ #27318) - nss-database-lookup.patch: nss: fix nss_database_lookup2's alternate handling (bsc#1182247, BZ #27416) - nss-revert-api.patch: remove - nscd-netgroupcache.patch: nscd: Fix double free in netgroupcache (CVE-2021-27645, bsc#1182733, BZ #27462)- Disable x86 ISA level for now (bsc#1182522, BZ #27318) - nss-revert-api.patch: Workaround for nss-compat brokeness (bsc#1182247, BZ #27416)- Fix build of utils flavor for usrmerge- Prepare for usrmerge (bsc#1029961)- Add --enable-memory-tagging for aarch64- Update to glibc 2.33 * The dynamic linker accepts the --list-tunables argument which prints all the supported tunables. * The dynamic linker accepts the --argv0 argument and provides opportunity to change argv[0] string. * The dynamic linker loads optimized implementations of shared objects from subdirectories under the glibc-hwcaps directory on the library search path if the system's capabilities meet the requirements for that subdirectory. * The new --help option of the dynamic linker provides usage and information and library search path diagnostics. * The mallinfo2 function is added to report statistics as per mallinfo, but with larger field widths to accurately report values that are larger than fit in an integer. * Add to provide query macros for x86 CPU features. * A new fortification level _FORTIFY_SOURCE=3 is available. * The mallinfo function is marked deprecated. * When dlopen is used in statically linked programs, alternative library implementations from HWCAP subdirectories are no longer loaded. * The deprecated header and the function vtimes have been removed. * On s390(x), the type float_t is now derived from the macro __FLT_EVAL_METHOD__ that is defined by the compiler, instead of being hardcoded to double. * A future version of glibc will stop loading shared objects from the "tls" subdirectories on the library search path, the subdirectory that corresponds to the AT_PLATFORM system name, and also stop employing the legacy AT_HWCAP search mechanism. * CVE-2021-3326: An assertion failure during conversion from the ISO-20220-JP-3 character set using the iconv function has been fixed. - Remove obsolete, unused /etc/default/nss - aarch64-static-pie.patch, euc-kr-overrun.patch, get-nprocs-cpu-online-parsing.patch, iconv-redundant-shift.patch, iconv-ucs4-loop-bounds.patch, ifunc-fma4.patch, intl-codeset-suffixes.patch, nscd-gc-cycle.patch, printf-long-double-non-normal.patch, strerrorname-np.patch, syslog-locking.patch, sysvipc.patch: Removed - bsc#1180557 - bsc#1181505 - bsc#1191592 - bsc#1201942- Remove support for %optimize_power - Move to power4 baseline on ppc- aarch64-static-pie.patch: fix static PIE start code for BTI (bsc#1179450, BZ #27068) - iconv-redundant-shift.patch: iconv: Accept redundant shift sequences in IBM1364 (CVE-2020-27618, bsc#1178386, BZ #26224) - iconv-ucs4-loop-bounds.patch: iconv: Fix incorrect UCS4 inner loop bounds (CVE-2020-29562, bsc#1179694, BZ #26923) - printf-long-double-non-normal.patch: x86: Harden printf against non-normal long double values (CVE-2020-29573, bsc#1179721, BZ #26649) - get-nprocs-cpu-online-parsing.patch: Fix parsing of /sys/devices/system/cpu/online (bsc#1180038, BZ #25859)- intl-codeset-suffixes.patch: intl: Handle translation output codesets with suffixes (BZ #26383) - strerrorname-np.patch: string: Fix strerrorname_np return value (BZ [#26555]) - sysvipc.patch: sysvipc: Fix SEM_STAT_ANY kernel argument pass (BZ [#26637], BZ #26639, BZ #26636)- Use --enable-cet on x86_64 to instrument glibc for indirect branch tracking and shadow stack use. Enable indirect branch tracking and shadow stack in the dynamic loader (jsc#PM-2110, bsc#1175154)- Keep nsswitch.conf in /etc for SLES15 - syslog-locking.patch: Correct locking and cancellation cleanup in syslog functions (bsc#1172085, BZ #26100) - ifunc-fma4.patch: x86-64: Fix FMA4 detection in ifunc (BZ #26534)- Update to glibc 2.32 * Unicode 13.0.0 Support * New locale added: ckb_IQ * The GNU C Library now loads audit modules listed in the DT_AUDIT and DT_DEPAUDIT dynamic section entries of the main executable * powerpc64le supports IEEE128 long double libm/libc redirects when using the -mabi=ieeelongdouble to compile C code on supported GCC toolchains * To help detect buffer overflows and other out-of-bounds accesses several APIs have been annotated with GCC 'access' attribute * On Linux, functions the pthread_attr_setsigmask_np and pthread_attr_getsigmask_np have been added * The GNU C Library now provides the header file which declares the variable __libc_single_threaded * The functions sigabbrev_np and sigdescr_np have been added * The functions strerrorname_np and strerrordesc_np have been added * AArch64 now supports standard branch protection security hardening in glibc when it is built with a GCC that is configured with - -enable-standard-branch-protection (or if -mbranch-protection=standard flag is passed when building both GCC target libraries and glibc, in either case a custom GCC is needed) * The deprecated header and the sysctl function have been removed * The sstk function is no longer available to newly linked binaries * The legacy signal handling functions siginterrupt, sigpause, sighold, sigrelse, sigignore and sigset, and the sigmask macro have been deprecated * ldconfig now defaults to the new format for ld.so.cache * The deprecated arrays sys_siglist, _sys_siglist, and sys_sigabbrev are no longer available to newly linked binaries, and their declarations have been removed from * The deprecated symbols sys_errlist, _sys_errlist, sys_nerr, and _sys_nerr are no longer available to newly linked binaries, and their declarations have been removed from from * Both strerror and strerror_l now share the same internal buffer in the calling thread, meaning that the returned string pointer may be invalided or contents might be overwritten on subsequent calls in the same thread or if the thread is terminated * Using weak references to libpthread functions such as pthread_create or pthread_key_create to detect the singled-threaded nature of a program is an obsolescent feature * The "files" NSS module no longer supports the "key" database (used for secure RPC) * The __morecore and __after_morecore_hook malloc hooks and the default implementation __default_morecore have been deprecated * The hesiod NSS module has been deprecated and will be removed in a future version of glibc * CVE-2016-10228: An infinite loop has been fixed in the iconv program when invoked with the -c option and when processing invalid multi-byte input sequences * CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack corruption when they were passed a pseudo-zero argument * CVE-2020-1752: A use-after-free vulnerability in the glob function when expanding ~user has been fixed. * CVE-2020-6096: A signed comparison vulnerability in the ARMv7 memcpy and memmove functions has been fixed - riscv-syscall-clobber.patch, ldbl-96-rem-pio2l.patch, long-double-alias.patch: Removed - bsc#1027496 - bsc#1162930 - bsc#1166106 - bsc#1167631 - bsc#1167939 - bsc#1194785, jsc#SLE-18195 - bsc#1200855 - bsc#1201560 - bsc#1201640 - bsc#1207571 - jsc#SLE-13520- long-double-alias.patch: Fix build with GCC 10 when long double = double - nscd-gc-cycle.patch: nscd: bump GC cycle during cache pruning (bsc#1171878, BZ #26130)- glibc-nsswitch-usr.diff: read /usr/etc/nsswitch.conf if /etc/nsswitch.conf does not exist - Install default nsswitch.conf in /usr/etc - Don't install gai.conf in /etc- Split off %lang_package- riscv-syscall-clobber.patch: riscv: Avoid clobbering register parameters in syscall - ldbl-96-rem-pio2l.patch: Avoid ldbl-96 stack corruption from range reduction of pseudo-zero (CVE-2020-10029, bsc#1165784, BZ #25487)- nsswitch.conf: comment out initgroups setting, so that it defaults to the group setting (bsc#1164075)- fix-locking-in-_IO_cleanup.patch: update to latest version- Update to glibc 2.31 * The GNU C Library now supports a feature test macro _ISOC2X_SOURCE to enable features from the draft ISO C2X standard * The functions that round their results to a narrower type now have corresponding type-generic macros in * The function pthread_clockjoin_np has been added, enabling join with a terminated thread with a specific clock * New locale added: mnw_MM (Mon language spoken in Myanmar). * The DNS stub resolver will optionally send the AD (authenticated data) bit in queries if the trust-ad option is set via the options directive in /etc/resolv.conf (or if RES_TRUSTAD is set in _res.options) * The totalorder and totalordermag functions, and the corresponding functions for other floating-point types, now take pointer arguments to avoid signaling NaNs possibly being converted to quiet NaNs in argument passing * The obsolete function stime is no longer available to newly linked binaries, and its declaration has been removed from * The gettimeofday function no longer reports information about a system-wide time zone * If a lazy binding failure happens during dlopen, during the execution of an ELF constructor, the process is now terminated - malloc-info-whitespace.patch, riscv-vfork.patch, prefer-map-32bit-exec.patch, backtrace-powerpc.patch, ldconfig-dynstr.patch: Removed. - bsc#1157893 - bsc#1163184 - fate#325815, fate#325879, fate#325880, fate#325881, fate#325882 - fate#325962- backtrace-powerpc.patch: Fix array overflow in backtrace on PowerPC (CVE-2020-1751, bsc#1158996, BZ #25423) - Drop support for pluggable gconv modules (bsc#1159851)- prefer-map-32bit-exec.patch: rtld: Check __libc_enable_secure before honoring LD_PREFER_MAP_32BIT_EXEC (CVE-2019-19126, bsc#1157292, BZ [#25204])- nsswitch.conf: add usrfiles for services, protocols, rpc, ethers and aliases for /usr/etc move- euc-kr-overrun.patch: Fix buffer overrun in EUC-KR conversion module (CVE-2019-25013, BZ #24973)- ldconfig-dynstr.patch: ldconfig: handle .dynstr located in separate segment (bsc#1153149, BZ #25087)- Package gconv-modules.cache as %ghost - Regenerate it also in the %post of glibc-local-base-- move mo files to glibc-locale as that's where all the other informations for those locales are. glibc-locale-base only has English anyways.- riscv-vfork.patch: Fix RISC-V vfork build with Linux 5.3 kernel headers- Remove NoSource tags (bsc#994835)- pwdutils is long gone and replaced by shadow- Update to glibc 2.30 * Unicode 12.1.0 Support * The dynamic linker accepts the --preload argument to preload shared objects * The twalk_r function has been added * On Linux, the getdents64, gettid, and tgkill functions have been added * Minguo (Republic of China) calendar support has been added * The entry for the new Japanese era has been added * Memory allocation functions malloc, calloc, realloc, reallocarray, valloc, pvalloc, memalign, and posix_memalign fail now with total object size larger than PTRDIFF_MAX * The dynamic linker no longer refuses to load objects which reference versioned symbols whose implementation has moved to a different soname since the object has been linked * Add new POSIX-proposed pthread_cond_clockwait, pthread_mutex_clocklock, pthread_rwlock_clockrdlock, pthread_rwlock_clockwrlock and sem_clockwait functions * On AArch64 the GNU IFUNC resolver call ABI changed * The copy_file_range function fails with ENOSYS if the kernel does not support the system call of the same name * The functions clock_gettime, clock_getres, clock_settime, clock_getcpuclockid, clock_nanosleep were removed from the librt library for new applications (on architectures which had them) * The obsolete and never-implemented XSI STREAMS header files and have been removed * Support for the "inet6" option in /etc/resolv.conf and the RES_USE_INET6 resolver flag (deprecated in glibc 2.25) have been removed * The obsolete RES_INSECURE1 and RES_INSECURE2 option flags for the DNS stub resolver have been removed from * With --enable-bind-now, installed programs are now linked with the BIND_NOW flag. * On 32-bit Arm, support for the port-based I/O emulation and the header have been removed * The Linux-specific header and the sysctl function have been deprecated and will be removed from a future version of glibc * CVE-2019-7309: x86-64 memcmp used signed Jcc instructions to check size * CVE-2019-9169: Attempted case-insensitive regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read - pthread-rwlock-trylock-stalls.patch, arm-systemtap-probe-constraint.patch, pthread-mutex-barrier.patch, fork-handler-lock.patch, pthread-join-probe.patch, riscv-clone-unwind.patch, add-new-Fortran-vector-math-header-file.patch, regex-read-overrun.patch, japanese-era-name-may-2019.patch, dl-show-auxv.patch, s390-vx-vxe-hwcap.patch, taisho-era-string.patch, malloc-tracing-hooks.patch, pldd-inf-loop.patch, malloc-large-bin-corruption-check.patch, wfile-sync-crash.patch, malloc-tests-warnings.patch, fnmatch-collating-elements.patch, iconv-reset-input-buffer.patch: Removed - malloc-info-whitespace.patch: Remove unwanted leading whitespace in malloc_info (BZ #24867) - bsc#1100396 - bsc#1130045- Move /var/lib/misc/Makefile to /usr/share/misc/Makefile.makedb (bsc#1138726)- malloc-tests-warnings.patch: Fix warnings in malloc tests with GCC 9- Set optflags for i686 after _lto_cflags is set (boo#1138807).- Disable LTO due to a usage of top-level assembler that causes LTO issues (boo#1138807).- nss-files-long-lines-2.patch: Remove obsolete patch- dl-show-auxv.patch: Fix output of LD_SHOW_AUXV=1 - s390-vx-vxe-hwcap.patch: S390: Mark vx and vxe as important hwcap - taisho-era-string.patch: ja_JP: Change the offset for Taisho gan-nen from 2 to 1 (BZ #24162) - malloc-tracing-hooks.patch: malloc: Set and reset all hooks for tracing (BZ #16573) - pldd-inf-loop.patch: elf: Fix pldd (BZ#18035) - malloc-large-bin-corruption-check.patch: malloc: Check for large bin list corruption when inserting unsorted chunk (BZ #24216) - wfile-sync-crash.patch: Fix crash in _IO_wfile_sync (BZ #20568)- japanese-era-name-may-2019.patch: ja_JP locale: Add entry for the new Japanese era (BZ #22964) - Replace glibc_post_upgrade with lua script- add-new-Fortran-vector-math-header-file.patch: Update from upstream- regex-read-overrun.patch: fix read overrun (CVE-2019-9169, bsc#1127308, BZ #24114) - ldconfig-concurrency.patch: Avoid concurrency problem in ldconfig (bsc#1117993, BZ #23973)- Add add-new-Fortran-vector-math-header-file.patch.- pthread-rwlock-trylock-stalls.patch: nptl: Fix pthread_rwlock_try*lock stalls (BZ #23844) - arm-systemtap-probe-constraint.patch: arm: Use "nr" constraint for Systemtap probes (BZ #24164) - pthread-mutex-barrier.patch: Add compiler barriers around modifications of the robust mutex list for pthread_mutex_trylock (BZ #24180) - fork-handler-lock.patch: nptl: Avoid fork handler lock for async-signal-safe fork (BZ #24161) - pthread-join-probe.patch: nptl: Fix invalid Systemtap probe in pthread_join (BZ #24211) - riscv-clone-unwind.patch: RISC-V: Fix elfutils testsuite unwind failures (BZ #24040)- Update to glibc 2.29 * The getcpu wrapper function has been added, which returns the currently used CPU and NUMA node * Optimized generic exp, exp2, log, log2, pow, sinf, cosf, sincosf and tanf * The reallocarray function is now declared under _DEFAULT_SOURCE, not just for _GNU_SOURCE, to match BSD environments * For powercp64le ABI, Transactional Lock Elision is now enabled iff kernel indicates that it will abort the transaction prior to entering the kernel (PPC_FEATURE2_HTM_NOSC on hwcap2) * The functions posix_spawn_file_actions_addchdir_np and posix_spawn_file_actions_addfchdir_np have been added, enabling posix_spawn and posix_spawnp to run the new process in a different directory * The popen and system do not run atfork handlers anymore (BZ#17490) * strftime's default formatting of a locale's alternative year (%Ey) has been changed to zero-pad the year to a minimum of two digits, like "%y" * As a GNU extension, the '_' and '-' flags can now be applied to "%EY" to control how the year number is formatted * The glibc.tune tunable namespace has been renamed to glibc.cpu and the tunable glibc.tune.cpu has been renamed to glibc.cpu.name * The type of the pr_uid and pr_gid members of struct elf_prpsinfo, defined in , has been corrected to match the type actually used by the Linux kernel * An archaic GNU extension to scanf, under which '%as', '%aS', and '%a[...]' meant to scan a string and allocate space for it with malloc, is now restricted to programs compiled in C89 or C++98 mode with _GNU_SOURCE defined - unwind-ctor.patch, old-getdents64.patch, nss-files-leak.patch, riscv-feholdexcept-setround.patch, pthread-cond-broadcast-waiters-after-spinning.patch, regex-uninit-memory-access.patch, spawni-maybe-script-execute.patch, gethostid-gethostbyname-failure.patch, strstr-huge-needle.patch, pthread-mutex-lock-elision-race.patch, x86-haswell-string-flags.patch, if-nametoindex-descr-leak.patch, riscv-flush-icache.patch: Removed - CVE-2016-10739 - bsc#1114984 - bsc#1114993 - bsc#1122729 - bsc#1131330 - bsc#1149332 - bsc#1151582 - bsc#1164505- fnmatch-collating-elements.patch: update - riscv-flush-icache.patch: fix for compiling against 4.20 headers- if-nametoindex-descr-leak.patch: if_nametoindex: Fix descriptor leak for overlong name (CVE-2018-19591, BZ #23927, bsc#1117603)- Fix typography for glibc-locale-base.- pthread-mutex-lock-elision-race.patch: Fix race in pthread_mutex_lock while promoting to PTHREAD_MUTEX_ELISION_NP (BZ #23275) - x86-haswell-string-flags.patch: x86: Fix Haswell CPU string flags (BZ [#23709])- unwind-ctor.patch: Add missing unwind information to ld.so on powerpc32 (BZ #23707) - old-getdents64.patch: Rewrite __old_getdents64 (BZ #23497) - nss-files-leak.patch: Fix file stream leak in aliases lookup (BZ #23521) - riscv-feholdexcept-setround.patch: Fix rounding save/restore bug - pthread-cond-broadcast-waiters-after-spinning.patch: Fix waiters-after-spinning case (BZ #23538) - regex-uninit-memory-access.patch: fix uninitialized memory access (BZ [#23578]) - spawni-maybe-script-execute.patch: Fix segfault in maybe_script_execute - gethostid-gethostbyname-failure.patch: Check for NULL value from gethostbyname_r (BZ #23679) - strstr-huge-needle.patch: Fix strstr bug with huge needles (BZ #23637)- Add libpng-devel and zlib-devel for utils build- Add glibc-locale-base subpackage containing only C, C.UTF-8 and en_US.UTF-8 locales (fate#326551)- Update to glibc 2.28 * The localization data for ISO 14651 is updated to match the 2016 Edition 4 release of the standard, this matches data provided by Unicode 9.0.0 * Unicode 11.0.0 Support: Character encoding, character type info, and transliteration tables are all updated to Unicode 11.0.0, using generator scripts contributed by Mike FABIAN (Red Hat) * functions that round their results to a narrower type are added from TS 18661-1:2014 and TS 18661-3:2015 * Two grammatical forms of month names are now supported * The renameat2 function has been added, a variant of the renameat function which has a flags argument * The statx function has been added, a variant of the fstatat64 function with an additional flags argument * IDN domain names in getaddrinfo and getnameinfo now use the system libidn2 library if installed * Parsing of dynamic string tokens in DT_RPATH, DT_RUNPATH, DT_NEEDED, DT_AUXILIARY, and DT_FILTER has been expanded to support the full range of ELF gABI expressions including such constructs as '$ORIGIN$ORIGIN' (if valid) * Support for ISO C threads (ISO/IEC 9899:2011) has been added. * The nonstandard header files and <_G_config.h> are no longer installed * The stdio functions 'getc' and 'putc' are no longer defined as macros * All stdio functions now treat end-of-file as a sticky condition * The macros 'major', 'minor', and 'makedev' are now only available from the header * The obsolete function ustat is no longer available to newly linked binaries; the headers and have been removed * The obsolete function nfsservctl is no longer available to newly linked binaries * The obsolete function name llseek is no longer available to newly linked binaries * The AI_IDN_ALLOW_UNASSIGNED and NI_IDN_ALLOW_UNASSIGNED flags for the getaddrinfo and getnameinfo functions have been deprecated * The AI_IDN_USE_STD3_ASCII_RULES and NI_IDN_USE_STD3_ASCII_RULES flags for the getaddrinfo and getnameinfo functions have been deprecated * The fcntl function now have a Long File Support variant named fcntl64 * CVE-2016-6261, CVE-2016-6263, CVE-2017-14062: Various vulnerabilities have been fixed by removing the glibc-internal IDNA implementation and using the system-provided libidn2 library instead - Split off all libcrypt related functions into package libxcrypt - fix-locking-in-_IO_cleanup.patch, fnmatch-collating-elements.patch: Rediff - aarch64-sys-ptrace-update.patch, crypt_blowfish-1.2-hack_around_arm.diff, crypt_blowfish-1.2-sha.diff, crypt_blowfish-const.patch, crypt_blowfish-gensalt.patch, glibc-2.14-crypt.diff, i386-memmove-sse2-unaligned.patch, i386-sigaction-sa-restorer.patch, mempcpy-avx512.patch, netgroup-cache-keys.patch, nss-database-multiple-dfn.patch, pkey-get-reserved-name.patch, powerpc-sys-ptrace-undefine-macros.patch, powerpc-sys-ptrace-update.patch, realpath-ssize-max-overflow.patch, res-send-enomem.patch, riscv-fmax-fmin-nan.patch, riscv-kernel-sigaction.patch, riscv-readelflib.patch, riscv-tls-init.patch: Removed - glibc_post_upgrade.c: Don't reload init (bsc#1103124) - CVE-2009-5155, CVE-2015-8985 - bsc#1092877 - bsc#1102526 - bsc#1112570 - bsc#1126590 - bsc#1127223- Use python3-pexpect instead of python-pexpect- riscv-kernel-sigaction.patch: fix struct kernel_sigaction to match the kernel version (BZ #23069)- glibc-2.3.90-langpackdir.diff: No longer search in /usr/share/locale-bundle- mempcpy-avx512.patch: Don't write beyond destination in __mempcpy_avx512_no_vzeroupper (CVE-2018-11237, bsc#1094154) - realpath-ssize-max-overflow.patch: Fix overflow in path length computation (CVE-2018-11236, bsc#1094161, BZ #22786) - Use %license also for COPYING, COPYING.LIB- Readd nis to netgroup and automount nss config (bsc#1088860)- i386-memmove-sse2-unaligned.patch: Fix SSE2 memmove issue when crossing 2GB boundary (CVE-2017-18269, bnc#1094150, BZ #22644)- res-send-enomem.patch: Fix crash in resolver on memory allocation failure (bsc#1086690, BZ #23005)- pkey-get-reserved-name.patch: Linux: use reserved name __key in pkey_get (BZ #22797) - aarch64-sys-ptrace-update.patch: linux/aarch64: sync sys/ptrace.h with Linux 4.15 (BZ #22433) - powerpc-sys-ptrace-undefine-macros.patch: powerpc: Undefine Linux ptrace macros that conflict with __ptrace_request - powerpc-sys-ptrace-update.patch: linux/powerpc: sync sys/ptrace.h with Linux 4.15 (BZ #22433, BZ #22807) - netgroup-cache-keys.patch: Fix netgroup cache keys (BZ #22342) - i386-sigaction-sa-restorer.patch: i386: Fix i386 sigaction sa_restorer initialization (BZ #21269) - riscv-tls-init.patch: RISC-V: Do not initialize $gp in TLS macros - riscv-fmax-fmin-nan.patch: RISC-V: fmax/fmin: Handle signalling NaNs correctly (BZ #22884)- nss-database-multiple-dfn.patch: Fix multiple definitions of __nss_*_database (BZ #22918)- Use %license (boo#1082318)- Add systemtap-headers to BuildRequires - Add --enable-systemtap to configure arguments (fate#324969, bsc#1073636)- riscv-readelflib.patch: Fix parsing flags in ELF64 files on riscv- Update to glibc 2.27 * Optimized x86-64 asin, atan2, exp, expf, log, pow, atan, sin, cosf, sinf, sincosf and tan with FMA * Optimized x86-64 trunc and truncf for processors with SSE4.1 * Optimized generic expf, exp2f, logf, log2f, powf, sinf, cosf and sincosf * In order to support faster and safer process termination the malloc API family of functions will no longer print a failure address and stack backtrace after detecting heap corruption * The abort function terminates the process immediately, without flushing stdio streams * On platforms where long double has the IEEE binary128 format (aarch64, alpha, mips64, riscv, s390 and sparc), the math library now implements _Float128 interfaces for that type, as defined by ISO/IEC TS 18661-3:2015 These are the same interfaces added in version 2.26 for some platforms where this format is supported but is not the format of long double * On platforms with support for _Float64x (aarch64, alpha, i386, ia64, mips64, powerpc64le, riscv, s390, sparc and x86_64), the math library now implements interfaces for that type, as defined by ISO/IEC TS 18661-3:2015 * The math library now implements interfaces for the _Float32, _Float64 and _Float32x types, as defined by ISO/IEC TS 18661-3:2015 * glibc now implements the memfd_create and mlock2 functions on Linux * Support for memory protection keys was added * The copy_file_range function was added * The ldconfig utility now processes `include' directives using the C/POSIX collation ordering * Support for two grammatical forms of month names has been added * Support for the RISC-V ISA running on Linux has been added * Statically compiled applications attempting to load locales compiled for the GNU C Library version 2.27 will fail and fall back to the builtin C/POSIX locale * Support for statically linked applications which call dlopen is deprecated and will be removed in a future version of glibc * Support for old programs which use internal stdio data structures and functions is deprecated * On GNU/Linux, the obsolete Linux constant PTRACE_SEIZE_DEVEL is no longer defined by * libm no longer supports SVID error handling (calling a user-provided matherr function on error) or the _LIB_VERSION variable to control error handling * The libm functions pow10, pow10f and pow10l are no longer supported for new programs * The mcontext_t type is no longer the same as struct sigcontext * The add-ons mechanism for building additional packages at the same time as glibc has been removed * The res_hnok, res_dnok, res_mailok and res_ownok functions now check that the specified string can be parsed as a domain name * In the malloc_info output, the element may contain another element, "subheaps", which contains the number of sub-heaps * In the malloc_info output, the element may contain another element, "subheaps", which contains the number of sub-heaps * The nonstandard header files and <_G_config.h> are deprecated and will be removed in a future release * CVE-2018-6485, CVE-2018-6551: The posix_memalign and memalign functions, when called with an object size near the value of SIZE_MAX, would return a pointer to a buffer which is too small, instead of NULL (bsc#1079036) - Support for Sun RPC is no longer available, use libtirpc instead - glibc-nodate.patch, powerpc-elision-enable-envvar.patch, s390-elision-enable-envvar.patch, resolv-context-leak.patch, dl-runtime-resolve-opt-avx512f.patch, libpthread-compat-wrappers.patch, math-c++-compat.patch, remove-nss-nis-compat.patch, eh-frame-zero-terminator.patch, ld-so-hwcap-x86-64.patch, assert-pedantic.patch, getaddrinfo-errno.patch, resolv-conf-oom.patch, dynarray-allocation.patch, nearbyint-inexact.patch, nss-compat.patch, nscd-libnsl.patch, malloc-tcache-leak.patch, falkor-memcpy-memmove.patch, aarch64-cpu-features.patch, nss-files-large-buffers.patch. sysconf-uio-maxiov.patch, glob-tilde-overflow.patch, dl-runtime-resolve-xsave.patch, spawni-assert.patch, x86-64-dl-platform.patch, glob64-s390.patch, tst-tlsopt-powerpc.patch, powerpc-hwcap-bits.patch, malloc-tcache-check-overflow.patch, dl-init-paths-overflow.patch, fillin-rpath-empty-tokens.patch, getcwd-absolute.patch, ldd-system-interp.patchabort-no-flush.patch: Removed - All patches refreshed - bsc#1063675- fix-locking-in-_IO_cleanup.patch: Skip locked files during exit (bsc#1070491, BZ #15142)- Avoid duplicate source rpm- getcwd-absolute.patch: make getcwd(3) fail if it cannot obtain an absolute path (CVE-2018-1000001, bsc#1074293, BZ #22679)- dl-init-paths-overflow.patch: Count components of the expanded path in _dl_init_path (CVE-2017-1000408, CVE-2017-1000409, bsc#1071319, BZ [#22607], BZ #22627) - fillin-rpath-empty-tokens.patch: Check for empty tokens before dynamic string token expansion (CVE-2017-16997, bsc#1073231, BZ #22625)- tst-tlsopt-powerpc.patch: fix tst-tlsopt-powerpc (bcn#1070419) - powerpc-hwcap-bits.patch: Update HWCAP for powerpc (bnc#1070420) - malloc-tcache-check-overflow.patch: Fix integer overflow in malloc when tcache is enabled (CVE-2017-17426, bnc#1071479, BZ #22375)- Add _multibuild- glob64-s390.patch: no compat glob64 on s390 - noversion.tar.bz2: remove unused source- x86-64-dl-platform.patch: Don't set GLRO(dl_platform) to NULL (BZ #22299)- spawni-assert.patch: Fix improper assert in Linux posix_spawn (BZ [#22273])- math-c++-compat.patch: Add more C++ compatibility (BZ #22296) - malloc-tcache-leak.patch: Fix tcache leak after thread destruction (BZ [#22111]) - falkor-memcpy-memmove.patch: Optimized implementation of memcpy/memmove for Qualcomm Falkor - aarch64-cpu-features.patch: Fix glibc.tune.cpu tunable handling - nss-files-large-buffers.patch: Avoid large buffers with many host addresses (BZ #22078) - sysconf-uio-maxiov.patch: Fix missing definition of UIO_MAXIOV (BZ [#22321]) - glob-tilde-overflow.patch: Fix buffer overflows with GLOB_TILDE (CVE-2017-15670, CVE-2017-15671, CVE-2017-15804, bsc#1064569. bsc#1064580, bsc#1064583, BZ #22320, BZ #22325, BZ #22332) - dl-runtime-resolve-xsave.patch: Use fxsave/xsave/xsavec in _dl_runtime_resolve (BZ #21265)- nscd-libnsl.patch: Remove reference to libnsl from nscd (bsc#1062244)- Drop glibc-obsolete - glibc-2.3.90-noversion.diff: remove - reinitialize-dl_load_write_lock.patch: remove- nss-compat.patch: Move nss_compat from nis to nss subdir and install it unconditionally - nsswitch.conf: switch back to compat for passwd, group, shadow- assert-pedantic.patch: Suppress pedantic warning caused by statement expression (BZ #21242, BZ #21972) - math-c++-compat.patch: Add more C++ compatibility (BZ #22235) - getaddrinfo-errno.patch: Fix errno and h_errno handling in getaddrinfo (BZ #21915, BZ #21922) - resolv-conf-oom.patch: Fix memory handling in OOM situation during resolv.conf parsing (BZ #22095, BZ #22096) - dynarray-allocation.patch: Fix initial size of dynarray allocation and set errno on overflow error - nearbyint-inexact.patch: Avoid spurious inexact in nearbyint (BZ #22225)- math-c++-compat.patch: add more C++ compatibility (BZ #22146)- Remove rpcsvc/yppasswd.* from glibc-devel - ld-so-hwcap-x86-64.patch: add x86_64 to hwcap (bsc#1056606, BZ #22093)- eh-frame-zero-terminator.patch: Properly terminate .eh_frame (BZ #22051)- Disable obsolete libnsl and NIS support - remove-nss-nis-compat.patch: remove nis and compat from default NSS configs - nsswitch.conf: Likewise- math-c++-compat.patch: Do not use __builtin_types_compatible_p in C++ mode (BZ #21930)- Add iconvconfig to baselibs.conf (bsc#1051042)- resolv-context-leak.patch: Fix leaks of resolver contexts - dl-runtime-resolve-opt-avx512f.patch: Use _dl_runtime_resolve_opt only with AVX512F (BZ #21871) - libpthread-compat-wrappers.patch: Don't use IFUNC resolver for longjmp or system in libpthread (BZ #21041)- Update to glibc 2.26 * A per-thread cache has been added to malloc * Unicode 10.0.0 Support * Improvements to the DNS stub resolver * New function reallocarray, which resizes an allocated block (like realloc) to the product of two sizes, with a guaranteed clean failure upon integer overflow in the multiplication * New wrappers for the Linux-specific system calls preadv2 and pwritev2 * posix_spawnattr_setflags now supports the flag POSIX_SPAWN_SETSID, to create a new session ID for the spawned process * errno.h is now safe to use from C-preprocessed assembly language on all supported operating systems * On ia64, powerpc64le, x86-32, and x86-64, the math library now implements 128-bit floating point as defined by ISO/IEC/IEEE 60559:2011 (IEEE 754-2008) and ISO/IEC TS 18661-3:2015 * The synchronization that pthread_spin_unlock performs has been changed to now be equivalent to a C11 atomic store with release memory order to the spin lock's memory location * The DNS stub resolver no longer performs EDNS fallback * res_mkquery and res_nmkquery no longer support the IQUERY opcode * The _res_opcodes variable has been removed from libresolv * no longer includes inline versions of any string functions, as this kind of optimization is better done by the compiler * The nonstandard header has been removed * The obsolete header has been removed * The obsolete signal constant SIGUNUSED is no longer defined by * The obsolete function cfree has been removed * The stack_t type no longer has the name struct sigaltstack * The ucontext_t type no longer has the name struct ucontext * On S/390 GNU/Linux, the constants defined by have been synced with the kernel * Linux kernel 3.2 or later is required at runtime, on all architectures supported by that kernel * The DNS stub resolver limits the advertised UDP buffer size to 1200 bytes, to avoid fragmentation-based spoofing attacks (CVE-2017-12132) * LD_LIBRARY_PATH is now ignored in binaries running in privileged AT_SECURE mode to guard against local privilege escalation attacks (CVE-2017-1000366) * Avoid printing a backtrace from the __stack_chk_fail function since it is called on a corrupt stack and a backtrace is unreliable on a corrupt stack (CVE-2010-3192) * A use-after-free vulnerability in clntudp_call in the Sun RPC system has been fixed (CVE-2017-12133) * fate#322258, fate#321513, fate#322453 - fts-symbol-redirect.patch, glibc-resolv-reload.diff, glibc-2.2-sunrpc.diff, i686-memchr-sse.patch, ld-hwcap-mask-suid.patch, ld-library-path-suid.patch, sunrpc-use-after-free.patch, test-math-vector-sincos-aliasing.patch, tunables-bigendian.patch: Removed - bsc#1074208- Fix RPM group- s390-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (fate#322271)- ld-hwcap-mask-suid.patch: Ignore and remove LD_HWCAP_MASK for AT_SECURE programs (BZ #21209) - ld-library-path-suid.patch: Completely ignore LD_LIBRARY_PATH for AT_SECURE=1 programs (CVE-2017-1000366, bsc#1039357, BZ #21624)- Remove glibc-cpusetsize.diff, no longer useful- fts-symbol-redirect.patch: Fix symbol redirect for fts_set (bsc#1041123, BZ #21289)- test-math-vector-sincos-aliasing.patch: Fix test-math-vector-sincos.h aliasing- add-locales.patch: renamed from glibc-2.3.locales.diff.bz2, drop en_BE locales (bsc#1039502)- Remove glibc-testsuite.patch, no longer relevant- Use multibuild feature - Remove obsolete check-build.sh - glibc.rpmlintrc: remove obsolete entries - Use %tmpfiles_create in nscd postin- i686-memchr-sse.patch: Fix i686 memchr overflow calculation (bsc#1031021, BZ #21182) - sunrpc-use-after-free.patch: Avoid use-after-free read access in clntudp_call (BZ #21115) - Build testsuite with gdb and python-pexpect to enable more tests- tunables-bigendian.patch: Fix getting tunable values on big-endian (BZ [#21109])- Update to glibc 2.25 * The feature test macro __STDC_WANT_LIB_EXT2__, from ISO/IEC TR 24731-2:2010, is supported to enable declarations of functions from that TR. * The feature test macro __STDC_WANT_IEC_60559_BFP_EXT__, from ISO/IEC TS 18661-1:2014, is supported to enable declarations of functions and macros from that TS. * The feature test macro __STDC_WANT_IEC_60559_FUNCS_EXT__, from ISO/IEC TS 18661-4:2015, is supported to enable declarations of functions and macros from that TS. * The nonstandard feature selection macros _REENTRANT and _THREAD_SAFE are now treated as compatibility synonyms for _POSIX_C_SOURCE=199506L. * The inclusion of by is deprecated. * New features from TS 18661-1:2014 are added to libm: the fesetexcept, fetestexceptflag, fegetmode and fesetmode functions, the femode_t type and the FE_DFL_MODE and FE_SNANS_ALWAYS_SIGNAL macros. * Integer width macros from TS 18661-1:2014 are added to : CHAR_WIDTH, SCHAR_WIDTH, UCHAR_WIDTH, SHRT_WIDTH, USHRT_WIDTH, INT_WIDTH, UINT_WIDTH, LONG_WIDTH, ULONG_WIDTH, LLONG_WIDTH, ULLONG_WIDTH; and to : INT8_WIDTH, UINT8_WIDTH, INT16_WIDTH, UINT16_WIDTH, INT32_WIDTH, UINT32_WIDTH, INT64_WIDTH, UINT64_WIDTH, INT_LEAST8_WIDTH, UINT_LEAST8_WIDTH, INT_LEAST16_WIDTH, UINT_LEAST16_WIDTH, INT_LEAST32_WIDTH, UINT_LEAST32_WIDTH, INT_LEAST64_WIDTH, UINT_LEAST64_WIDTH, INT_FAST8_WIDTH, UINT_FAST8_WIDTH, INT_FAST16_WIDTH, UINT_FAST16_WIDTH, INT_FAST32_WIDTH, UINT_FAST32_WIDTH, INT_FAST64_WIDTH, UINT_FAST64_WIDTH, INTPTR_WIDTH, UINTPTR_WIDTH, INTMAX_WIDTH, UINTMAX_WIDTH, PTRDIFF_WIDTH, SIG_ATOMIC_WIDTH, SIZE_WIDTH, WCHAR_WIDTH, WINT_WIDTH. * New features are added from TS 18661-1:2014: - Signaling NaN macros: SNANF, SNAN, SNANL. - Nearest integer functions: roundeven, roundevenf, roundevenl, fromfp, fromfpf, fromfpl, ufromfp, ufromfpf, ufromfpl, fromfpx, fromfpxf, fromfpxl, ufromfpx, ufromfpxf, ufromfpxl. - llogb functions: the llogb, llogbf and llogbl functions, and the FP_LLOGB0 and FP_LLOGBNAN macros. - Max-min magnitude functions: fmaxmag, fmaxmagf, fmaxmagl, fminmag, fminmagf, fminmagl. - Comparison macros: iseqsig. - Classification macros: iscanonical, issubnormal, iszero. - Total order functions: totalorder, totalorderf, totalorderl, totalordermag, totalordermagf, totalordermagl. - Canonicalize functions: canonicalize, canonicalizef, canonicalizel. - NaN functions: getpayload, getpayloadf, getpayloadl, setpayload, setpayloadf, setpayloadl, setpayloadsig, setpayloadsigf, setpayloadsigl. * The functions strfromd, strfromf, and strfroml, from ISO/IEC TS 18661-1:2014, are added to libc. * Most of glibc can now be built with the stack smashing protector enabled. * The function explicit_bzero, from OpenBSD, has been added to libc. * On ColdFire, MicroBlaze, Nios II and SH3, the float_t type is now defined to float instead of double. * On x86_64, when compiling with -mfpmath=387 or -mfpmath=sse+387, the float_t and double_t types are now defined to long double instead of float and double. * The getentropy and getrandom functions, and the header file have been added. * The buffer size for byte-oriented stdio streams is now limited to 8192 bytes by default. * The header now includes the header. * The malloc_get_state and malloc_set_state functions have been removed. * The “ip6-dotint” and “no-ip6-dotint” resolver options, and the corresponding RES_NOIP6DOTINT flag from have been removed. * The "ip6-bytestring" resolver option and the corresponding RES_USEBSTRING flag from have been removed. * The flags RES_AAONLY, RES_PRIMARY, RES_NOCHECKNAME, RES_KEEPTSIG, RES_BLAST defined in the header file have been deprecated. * The "inet6" option in /etc/resolv.conf and the RES_USE_INET6 flag for _res.flags are deprecated. * DNSSEC-related declarations and definitions have been removed from the header file, and libresolv will no longer attempt to decode the data part of DNSSEC record types. * The resource record type classification macros ns_t_qt_p, ns_t_mrr_p, ns_t_rr_p, ns_t_udp_p, ns_t_xfr_p have been removed from the header file because the distinction between RR types and meta-RR types is not officially standardized, subject to revision, and thus not suitable for encoding in a macro. * The types res_sendhookact, res_send_qhook, re_send_rhook, and the qhook and rhook members of the res_state type in have been removed. * For multi-arch support it is recommended to use a GCC which has been built with support for GNU indirect functions. * GDB pretty printers have been added for mutex and condition variable structures in POSIX Threads. * Tunables feature added to allow tweaking of the runtime for an application program. * A new version of condition variables functions have been implemented in the NPTL implementation of POSIX Threads to provide stronger ordering guarantees. * A new version of pthread_rwlock functions have been implemented to use a more scalable algorithm primarily through not using a critical section anymore to make state changes. * On ARM EABI (32-bit), generating a backtrace for execution contexts which have been created with makecontext could fail to terminate due to a missing .cantunwind annotation. (CVE-2016-6323) * The DNS stub resolver functions would crash due to a NULL pointer dereference when processing a query with a valid DNS question type which was used internally in the implementation. (CVE-2015-5180) - Enable stack protector if part of %optflags - startcontext-cantunwind.patch: Removed - cpuid-assertion.patch: Removed- cpuid-assertion.patch: Don't assert on older Intel CPUs (BZ #20647)- glibc-2.3.3-nscd-db-path.diff: Move persistent nscd databases to /var/lib/nscd - glibc-2.3.90-langpackdir.diff: simplify- Update to glibc 2.24 * The minimum Linux kernel version that this version of the GNU C Library can be used with is 3.2 * The pap_AN locale has been deleted * The readdir_r and readdir64_r functions have been deprecated * The type `union wait' has been removed * A new NSS action is added to facilitate large distributed system administration * The deprecated __malloc_initialize_hook variable has been removed from the API * The long unused localedef --old-style option has been removed * nextupl, nextup, nextupf, nextdownl, nextdown and nextdownf are added to libm * An unnecessary stack copy in _nss_dns_getnetbyname_r was removed (CVE-2016-3075) * Previously, getaddrinfo copied large amounts of address data to the stack, even after the fix for CVE-2013-4458 has been applied, potentially resulting in a stack overflow. getaddrinfo now uses a heap allocation instead (CVE-2016-3706) * The glob function suffered from a stack-based buffer overflow when it was called with the GLOB_ALTDIRFUNC flag and encountered a long file name (CVE-2016-1234) * The Sun RPC UDP client could exhaust all available stack space when flooded with crafted ICMP and UDP messages (CVE-2016-4429) * The IPv6 name server management code in libresolv could result in a memory leak for each thread which is created, performs a failing naming lookup, and exits (CVE-2016-5417) - startcontext-cantunwind.patch: mark __startcontext as .cantunwind (bsc#974800, BZ #20435) - Removed patches: * 0001-Updated-translations-for-2.23.patch * 0002-Regenerate-libc.pot-for-2.23.patch * 0003-Regenerated-configure-scripts.patch * 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch * 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch * 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch * 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch * 0008-Update-NEWS.patch * 0009-sln-use-stat64.patch * 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch * 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch * 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch * 0013-Mention-BZ-19762-in-NEWS.patch * 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch * 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch * 0016-Fix-resource-leak-in-resolver-bug-19257.patch * 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch * 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch * 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch * 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch * 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch * 0022-configure-fix-test-usage.patch * 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch * 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch * 0025-getnameinfo-Do-not-preserve-errno.patch * 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch * 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch * 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch * 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch * 0030-hesiod-Remove-RCS-keywords.patch * 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch * 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch * 0033-malloc-Remove-NO_THREADS.patch * 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch * 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch * 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch * 0037-malloc-Add-missing-internal_function-attributes-on-f.patch * 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch * 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch * 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch * 0041-nss_dns-Check-address-length-before-creating-addrinf.patch * 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch * 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch * 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch * 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch * 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch * 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch * 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch * 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch * 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch * 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch * 0052-Fix-tst-dlsym-error-build.patch * 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch * 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch * 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch * 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch * clntudp-call-alloca.patch * glibc-memset-nontemporal.diff * nis-initgroups-status.patch * nscd-gc-crash.patch * robust-mutex-deadlock.patch * strncat-avoid-array-bounds-warning.patch- strncat-avoid-array-bounds-warning.patch: Avoid array-bounds warning for stncat on i586 (BZ #20260) - Update glibc.keyring - Unset MALLOC_CHECK_ during testsuite run- nsswitch.conf: Add fallback to files for passwd and group to prepare for libnsl removal.- nis-initgroups-status.patch: Return proper status from _nss_nis_initgroups_dyn (bsc#984269, BZ #20262) - robust-mutex-deadlock.patch: Fix generic __lll_robust_timedlock_wait to check for timeout (bsc#985170, BZ #20263)- nscd-gc-crash.patch: Fix nscd assertion failure in gc (bsc#965699, BZ [#19755])- clntudp-call-alloca.patch: do not use alloca in clntudp_call (CVE-2016-4429, bsc#980854, BZ #20112)- Import patches from 2.23 branch 0001-Updated-translations-for-2.23.patch 0002-Regenerate-libc.pot-for-2.23.patch 0003-Regenerated-configure-scripts.patch 0004-x86_64-Set-DL_RUNTIME_UNALIGNED_VEC_SIZE-to-8.patch 0005-Add-fts64_-to-sysdeps-arm-nacl-libc.abilist.patch 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch 0007-NEWS-2.23-Fix-typo-in-bug-19048-text.patch 0008-Update-NEWS.patch 0009-sln-use-stat64.patch 0010-Add-sys-auxv.h-wrapper-to-include-sys.patch 0011-mips-terminate-the-FDE-before-the-return-trampoline-.patch 0012-Use-HAS_ARCH_FEATURE-with-Fast_Rep_String.patch 0013-Mention-BZ-19762-in-NEWS.patch 0014-Define-_HAVE_STRING_ARCH_mempcpy-to-1-for-x86.patch 0015-Or-bit_Prefer_MAP_32BIT_EXEC-in-EXTRA_LD_ENVVARS.patch 0016-Fix-resource-leak-in-resolver-bug-19257.patch 0017-math-don-t-clobber-old-libm.so-on-install-BZ-19822.patch 0018-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch 0019-S390-Save-and-restore-fprs-vrs-while-resolving-symbo.patch 0020-S390-Extend-structs-La_s390_regs-La_s390_retval-with.patch 0021-CVE-2016-3075-Stack-overflow-in-_nss_dns_getnetbynam.patch 0022-configure-fix-test-usage.patch 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch 0024-nss_db-Propagate-ERANGE-error-if-parse_line-fails-BZ.patch 0025-getnameinfo-Do-not-preserve-errno.patch 0026-getnameinfo-Refactor-and-fix-memory-leak-BZ-19642.patch 0027-getnameinfo-Reduce-line-length-and-add-missing-comme.patch 0028-getnameinfo-Avoid-calling-strnlen-on-uninitialized-b.patch 0029-getnameinfo-Return-EAI_OVERFLOW-in-more-cases-BZ-197.patch 0030-hesiod-Remove-RCS-keywords.patch 0031-hesiod-Always-use-thread-local-resolver-state-BZ-195.patch 0032-hesiod-Avoid-heap-overflow-in-get_txt_records-BZ-200.patch 0033-malloc-Remove-NO_THREADS.patch 0034-Fix-malloc-threaded-tests-link-on-non-Linux.patch 0035-malloc-Run-fork-handler-as-late-as-possible-BZ-19431.patch 0036-malloc-Remove-malloc-hooks-from-fork-handler.patch 0037-malloc-Add-missing-internal_function-attributes-on-f.patch 0038-nss_dns-Fix-assertion-failure-in-_nss_dns_getcanonna.patch 0039-nss_dns-Validate-RDATA-length-against-packet-length-.patch 0040-resolv-nss_dns-Remove-remaining-syslog-logging-BZ-19.patch 0041-nss_dns-Check-address-length-before-creating-addrinf.patch 0042-nss_dns-Skip-over-non-PTR-records-in-the-netent-code.patch 0043-resolv-Always-set-resplen2-out-parameter-in-send_vc-.patch 0044-tst-audit4-tst-audit10-Compile-AVX-AVX-512-code-sepa.patch 0045-Fix-tst-audit10-build-when-mavx512f-is-not-supported.patch 0046-tst-audit10-Fix-compilation-on-compilers-without-bit.patch 0047-strfmon_l-Use-specified-locale-for-number-formatting.patch 0048-glob-Simplify-the-interface-for-the-GLOB_ALTDIRFUNC-.patch 0049-CVE-2016-1234-glob-Do-not-copy-d_name-field-of-struc.patch 0050-ldconfig-Do-not-remove-stale-symbolic-links-with-X-B.patch 0051-Report-dlsym-dlvsym-lookup-errors-using-dlerror-BZ-1.patch 0052-Fix-tst-dlsym-error-build.patch 0053-Remove-trailing-newline-from-date_fmt-in-Serbian-loc.patch 0054-Revert-Report-dlsym-dlvsym-lookup-errors-using-dlerr.patch 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch - CVE-2016-3075 CVE-2016-1234 CVE-2016-3706 bsc#973164 bsc#969727 - resolv-mem-leak.patch: renamed to 0016-Fix-resource-leak-in-resolver-bug-19257.patch - no-long-double.patch: renamed to 0006-Don-t-use-long-double-math-functions-if-NO_LONG_DOUB.patch - glibc-gcc6.patch: renamed to 0023-Suppress-GCC-6-warning-about-ambiguous-else-with-Wpa.patch- glibc-c-utf8-locale.patch: fix bad standard in LC_IDENTIFICATION categories - glibc-2.3.locales.diff.bz2: likewise- glibc-gcc6.patch: Suppress GCC 6 warning about ambiguous 'else' with - Wparentheses- Add compatibility symlinks for LSB 3.0 (fate#318933)- powerpc-elision-enable-envvar.patch: enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (bsc#967594, fate#318236)- ldd-system-interp.patch: Restore warning about execution permission, it is still needed for noexec mounts (bsc#915985)- Add C.UTF-8 locale (see https://sourceware.org/glibc/wiki/Proposals/C.UTF-8) and rh#902094 . Added with glibc-c-utf8-locale.patch. - Add glibc-disable-gettext-for-c-utf8.patch to disable gettext for C.UTF-8 same as C locale.- Move %install_info_delete to %preun - crypt_blowfish-1.3.tar.gz.sign: Remove, the sign key is no longer acceptable- no-long-double.patch: Don't use long double functions if NO_LONG_DOUBLE- Update to glibc 2.23 release. * Unicode 8.0.0 Support * sched_setaffinity, pthread_setaffinity_np no longer attempt to guess the kernel-internal CPU set size * The fts.h header can now be used with -D_FILE_OFFSET_BITS=64 * getaddrinfo now detects certain invalid responses on an internal netlink socket * A defect in the malloc implementation, present since glibc 2.15 (2012) or glibc 2.10 via --enable-experimental-malloc (2009), could result in the unnecessary serialization of memory allocation requests across threads * The obsolete header has been removed * The obsolete functions bdflush, create_module, get_kernel_syms, query_module and uselib are no longer available to newly linked binaries * Optimized string, wcsmbs and memory functions for IBM z13. * Newly linked programs that define a variable called signgam will no longer have it set by the lgamma, lgammaf and lgammal functions - Removed patches: * dont-remove-nodelete-flag.patch * openat64-readd-o-largefile.patch * mntent-blank-line.patch * opendir-o-directory-check.patch * strcoll-remove-strdiff-opt.patch * ld-pointer-guard.patch * tls-dtor-list-mangling.patch * powerpc-lock-elision-race.patch * prelink-elf-rtype-class.patch * vector-finite-math-aliases.patch * powerpc-elision-adapt-param.patch * catopen-unbound-alloca.patch * strftime-range-check.patch * hcreate-overflow-check.patch * errorcheck-mutex-no-elision.patch * refactor-nan-parsing.patch * send-dg-buffer-overflow.patch * isinf-cxx11-conflict.patch * ibm93x-redundant-shift-si.patch * iconv-reset-input-buffer.patch * tzset-tzname.patch * static-dlopen.patch- isinf-cxx11-conflict.patch: Fix isinf/isnan declaration conflict with C++11 (bsc#963700, BZ #19439)- tls-dtor-list-mangling.patch: Harden tls_dtor_list with pointer mangling (BZ #19018) - prelink-elf-rtype-class.patch: Keep only ELF_RTYPE_CLASS_{PLT|COPY} bits for prelink (BZ #19178) - vector-finite-math-aliases.patch: Better workaround for aliases of * _finite symbols in vector math library (BZ# 19058) - powerpc-elision-adapt-param.patch: powerpc: Fix usage of elision transient failure adapt param (BZ #19174) - catopen-unbound-alloca.patch: Fix unbound alloca in catopen (CVE-2015-8779, bsc#962739, BZ #17905) - strftime-range-check.patch: Add range check on time fields (CVE-2015-8776, bsc#962736, BZ #18985) - hcreate-overflow-check.patch: Handle overflow in hcreate (CVE-2015-8778, bsc#962737, BZ #18240) - errorcheck-mutex-no-elision.patch: Don't do lock elision on an error checking mutex (bsc#956716, BZ #17514) - refactor-nan-parsing.patch: Refactor strtod parsing of NaN payloads (CVE-2014-9761, bsc#962738, BZ #16962) - send-dg-buffer-overflow.patch: Fix getaddrinfo stack-based buffer overflow (CVE-2015-7547, bsc#961721, BZ #18665) - powerpc-lock-elision-race.patch: renamed from 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- Add audit-devel and libcap-devel to BuildRequires, for use by nscd- reinitialize-dl_load_write_lock.patch: Reinitialize dl_load_write_lock on fork (bsc#958315, BZ #19282)- resolv-mem-leak.patch: Fix resource leak in resolver (bsc#955647, BZ #19257) - tzset-tzname.patch: Force rereading TZDEFRULES after it was used to set DST rules only (BZ #19253)- glibc-2.3.90-noversion.diff: use stat64- ld-pointer-guard.patch: Always enable pointer guard (CVE-2015-8777, bsc#950944, BZ #18928)- strcoll-remove-strdiff-opt.patch: Remove incorrect STRDIFF-based optimization (BZ #18589)- iconv-reset-input-buffer.patch: Fix iconv buffer handling with IGNORE error handler (BZ #18830)- new patch [BZ #18743] PowerPC: Fix a race condition when eliding a lock 0001-powerpc-Fix-a-race-condition-when-eliding-a-lock-20150730.patch- nss-files-long-lines-2.patch: Properly reread entry after failure in nss_files getent function (bsc#945779, BZ #18991)- fnmatch-collating-elements.patch: Fix fnmatch handling of collating elements (BZ #17396, BZ #16976)- opendir-o-directory-check.patch: Fix opendir inverted o_directory_works test - static-dlopen.patch: Static dlopen default library search path fix (bsc#937853)- mntent-blank-line.patch: Fix memory corruption w/blank lines- dont-remove-nodelete-flag.patch: Don't remove DF_1_NODELETE flag from all loaded objects on failed dlopen - openat64-readd-o-largefile.patch: Readd O_LARGEFILE flag for openat64- Update to glibc 2.22 release. * Cache information can be queried via sysconf() function on s390 * A buffer overflow in gethostbyname_r and related functions performing DNS requests has been fixed. (CVE-2015-1781) * The time zone file parser has been made more robust against crafted time zone files * A powerpc and powerpc64 optimization for TLS, similar to TLS descriptors for LD and GD on x86 and x86-64, has been implemented. * Character encoding and ctype tables were updated to Unicode 7.0.0 * Added vector math library named libmvec * A new fmemopen implementation has been added with the goal of POSIX compliance. * The header is deprecated, and will be removed in a future release. * bsc#905313 bsc#920338 bsc#927080 bsc#928723 bsc#931480 bsc#939211 bsc#940195 bsc#940332 bsc#944494 bsc#968787 - Patches from upstream removed * htm-tabort.patch * o-tmpfile.patch * memcpy-chk-non-SSE2.patch * pthread-mutexattr-gettype-kind.patch * powerpc-software-sqrt.patch * static-tls-dtv-limit.patch * threaded-trim-threshold.patch * resolv-nameserver-handling.patch * nss-separate-state-getXXent.patch * aarch64-sigstksz.patch * heap-top-corruption.patch * pthread-join-deadlock.patch- pthread-join-deadlock.patch: Use IE model for static variables in libc.so, libpthread.so and rtld (bsc#930015, BZ #18457)- glibc-nodate.patch: fix verification of timestamp- also filter out -fstack-protector-strong- getaddrinfo-ipv6-sanity.diff: Remove. It breaks services that start before IPv6 is up (bsc#931399) - glibc-2.3.locales.diff.bz2: Remove sh_YU locales, fix currency for en_BE.- Add /usr/include/gnu/lib-names-.*.h to baselibs - pthread-join-deadlock.patch: Don't require rtld lock to store static TLS offset in the DTV (bsc#930015, BZ #18457) - heap-top-corruption.patch: Do not corrupt the top of a threaded heap if top chunk is MINSIZE (BZ #18502)- threaded-trim-threshold.patch: Fix regression in threaded application malloc performance (bsc#915955, BZ #17195)- aarch64-sigstksz.patch: Increase MINSIGSTKSZ and SIGSTKSZ (BZ #16850)- powerpc-software-sqrt.patch: Fix powerpc software sqrt (BZ #17964, BZ [#17967]) - nss-separate-state-getXXent.patch: Separate internal state between getXXent and getXXbyYY NSS calls (CVE-2014-8121, bsc#918187, BZ #18007) - static-tls-dtv-limit.patch: Fix DTV race, assert, DTV_SURPLUS Static TLS limit, and nptl_db garbage (bsc#919678, BZ #17090, BZ #17620, BZ #17621, BZ #17628)- resolv-nameserver-handling.patch: Replace with simpler version with more compatibility- memcpy-chk-non-SSE2.patch: Fix __memcpy_chk on non-SSE2 CPUs (bsc#920084)- resolv-nameserver-handling.patch: Rewrite handling of nameserver configuration in resolver- htm-tabort.patch: Fix TABORT encoding for little endian- Update to glibc 2.21 release. * A new semaphore algorithm has been implemented in generic C code for all machines * Added support for TSX lock elision of pthread mutexes on powerpc32, powerpc64 and powerpc64le * Optimized strcpy, stpcpy, strchrnul and strrchr implementations for AArch64 * i386 memcpy functions optimized with SSE2 unaligned load/store * New locales: tu_IN, bh_IN, raj_IN, ce_RU * The obsolete sigvec function has been removed * CVE-2015-1472 CVE-2015-1473 CVE-2012-3406 CVE-2014-9402 CVE-2014-7817 bsc#864081 bsc#906371 bsc#909053 bsc#910599 bsc#916222 - Patches from upstream removed * ifunc-x86-slow-sse4.patch * pthread-mutex-trylock-elision.patch - o-tmpfile.patch: Fix value of O_TMPFILE for architectures with non-default O_DIRECTORY (BZ #17912)- Update to crypt_blowfish 1.3. * Add support for the $2b$ prefix. - ifunc-x86-slow-sse4.patch: Fix misdetected Slow_SSE4_2 cpu feature bit (BZ #17501)/sbin/ldconfigngptngpt-develh01-armsrv3 1753430074  !"####'()*+,-./2.38-150600.14.37.12.38-150600.14.37.12.38-150600.14.37.12.2.22.2.22.2.22.2.2 bindresvport.blacklistgai.confld.so.cacheld.so.confnsswitch.confrpcld-linux-aarch64.so.1libBrokenLocale.so.1libanl.so.1libc.so.6libc_malloc_debug.so.0libdl.so.2libm.so.6libmvec.so.1libnss_compat.so.2libnss_db.so.2libnss_dns.so.2libnss_files.so.2libnss_hesiod.so.2libpthread.so.0libresolv.so.2librt.so.1libthread_db.so.1libutil.so.1ldconfiggencatgetconfgetenticonvld.solddlocalelocaledefgetconfPOSIX_V6_LP64_OFF64POSIX_V7_LP64_OFF64XBS5_LP64_OFF64getconficonvconfigglibcgai.confglibcLICENSESgencat.1.gzgetconf.1.gzlocale.alias.5.gzldconfig/etc//lib//lib64//sbin//usr/bin//usr/lib//usr/lib/getconf//usr/sbin//usr/share/doc/packages//usr/share/doc/packages/glibc//usr/share/licenses//usr/share/licenses/glibc//usr/share/man/man1//usr/share/man/man5//var/cache/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:39825/SUSE_SLE-15-SP6_Update/081120007bb2375093b31b97507e49bb-glibc.SUSE_SLE-15-SP6_Updatedrpmxz5aarch64-suse-linux  ASCII textcannot open `/home/abuild/rpmbuild/BUILDROOT/glibc-2.38-150600.14.37.1.aarch64/etc/gai.conf' (No such file or directory)emptyELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=32cb28eec175d043c7bd3c006abb2c4490a6a129, not strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=cb4b1af159539b212f87733a154b9bb2a9daf704, for GNU/Linux 4.3.0, not strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=7660d25ccef64036f45318ddbfd4286d16c2cf31, for GNU/Linux 4.3.0, not strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (GNU/Linux), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, for GNU/Linux 4.3.0, BuildID[sha1]=97543b48fd8ef55f05ce7c3a1dabdd9c9db8f044, not strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=339fd7d6d6e2eae2954ce27dafc641bdf9a33f71, for GNU/Linux 4.3.0, not strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=b53e32532878a80804c30210e0f9bf8b8a70306d, for GNU/Linux 4.3.0, not strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=7636f6399bd5bc4fdae5d3ef3aea781f9959bb5b, for GNU/Linux 4.3.0, not strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=195477022922fa44cd402f8b3db9f36695884e7a, for GNU/Linux 4.3.0, not strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=83506e811a216c4c2f78df21449b6d7fd875498a, for GNU/Linux 4.3.0, not strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=4fbc8eae45774f949f3531739b9bb47c6f504fa1, for GNU/Linux 4.3.0, not strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=1bd2ae2cd8cd68558c51dc5b53ab97d82cba6e1f, for GNU/Linux 4.3.0, not strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=7f87b1df5c789ba9656780f2beaa5cc7499c917d, for GNU/Linux 4.3.0, not strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=0e98936d24beb47fe8c89c341ea75bd8592636f9, for GNU/Linux 4.3.0, not strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=603ba750e429a0fae007dc70ef37bd0853805de1, for GNU/Linux 4.3.0, not strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=04db6c025aceef530e77fac95509bf16ecf98de0, for GNU/Linux 4.3.0, not strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=be086c7745255f675ac1f83d3b6304179896befa, for GNU/Linux 4.3.0, not strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=0bd9a605dbe697d4ef5a73931ff96924ffe47ed3, for GNU/Linux 4.3.0, not strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=8b99569d25d7dc6a13376fe3240efff04c2ce8f4, for GNU/Linux 4.3.0, not strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (GNU/Linux), dynamically linked, for GNU/Linux 4.3.0, BuildID[sha1]=524d95e9ecc4b6491058177066a1cbe75c0db039, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, for GNU/Linux 4.3.0, BuildID[sha1]=56bdf1c7281f6d368c45bff55ad1e25d362052cc, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, for GNU/Linux 4.3.0, BuildID[sha1]=4aed4a368aac2bcb233bf44ff1abfc08971f5d02, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, for GNU/Linux 4.3.0, BuildID[sha1]=f3c0dd8aa3f899934b7d65aaed616347d8164f3d, strippedBourne-Again shell script, ASCII text executableELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, for GNU/Linux 4.3.0, BuildID[sha1]=77c9e3bb73a0e0dc2e39ae36868bddafdc330f7e, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, for GNU/Linux 4.3.0, BuildID[sha1]=d84b76b2df95c74dbe13f4aa5c2996100ddacd4a, strippeddirectoryELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, for GNU/Linux 4.3.0, BuildID[sha1]=a938b26cc923b35641398dada5204491457955f4, strippedELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-aarch64.so.1, for GNU/Linux 4.3.0, BuildID[sha1]=50ed1887df1ce661d3cc4161b440077d801f44ee, strippedtroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix) 8CGckpvz}(  PPPPPPPPRRRRP P RRP P P PPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPP RRP P!P!PRRRR RRRP#P"RRP%P&P&P'P'P(P(P)P)P*P*P+P+P,P,P-P-P.P.P/P/P0P0P$RRRRP2P1RR RRR RP3RRRRP4RR RRRP5RRRP6RRP7RRR R RRRRRP9P:P:P;P;PRR RRRPAP@RRRPCPBRRRRPEPDRRRR R RRRRR R RRRRR R R RRRRR R R RRRRR R R RRRR RRR RRR RRR RRRR R R RRR8'SB$glibc-extrautf-84392d94a9775d12c0b5996e8ffd67d3071d33113cd6f6d1e34e5b95b763afcf5?`7zXZ !t/]"k%f%| ^6ܷ۬xanvtW̵eETh Q1J12 Yx rvwKM  I@SۭUcZ fXVDDP,V $fi(_]tx}jQJ|F^sBͫ*SsRH2oL;pVԈe.d{(L|5Ӌ0jJp E=Ǖ :4̶ܮI`,[Rd{=EǼ93:ΗKxBVa"bV"Re+ 8t;dpUƖWX6>?,ҊDJUM1O \ȞЄ Z'_lQXY r̹S>>>RNhZbbmk={bnW`r&plBc΢*zu߈ ~}3/h'%?v=wfk5>>Sf5oXSWftFJڗԣsş|lf*VP*؎v1@&[wGMwY88J-%ϻth~&ѵDS/P̏<*sز?VmʉGT̝ R;1^C U3@$5DzhA 3=2FZ^/ܮYV;xMBǻ,q.?#rZhTIH֞g/fuwPFڕLy BݠOSV.юVz@QGgP^-4۠]IܣJbL=:sd Jdž8^ ܝb5qTL8[ AK!YK!.]7LO=A~eTT`N) GV]]A@W+e&lS~x+B'|<+el:1E&'FcT24daA>1{ʳcn> pVKEVa@; ^]JM^8`n18T(Ovl8\IB&'oY@/27ZW`ztRaCҶg^O?(Ĝ[B7'1 E *4|u~Qf_= f?1H9+|[.?$)u@=-xЮ#~p66 %?PcHːtlWR+k`QG҂jՏnb8Ɏյf BHĚwKVlçia 4Vcg&<^"#=QuIgơoh$gr/wP' .`e؀mXlc0??ɐ;Ihe8%qhްSF*(8(N%'Ry "q}Asm 0o4q$D$WsF(V'o1pReR;^:$tRR65Hit"ak[)7:@m4puZŞ,ѾQBhfx>a5@guWs?ݡQl$_Mu\$p^}ZdqԦ!.J2 CٸB/Z.[_FUqi;lBX醯F3cOGG (8e" l֑4]:6=cO8(zκFDÛ@FK.Of:y;O:-Lw=1%m̛I9ȆK{}H(.?fsVCzQ@׾& :5)08`nZҮ (ˣH?ac[ŶfEH|BÙrHX|ħr^Rjfɋ_H,ځcㆢIN#Bu,FI Y2YfbAjg] !eNCe/edF=ZebhcHu p&vj0js%25{sڊZAͩZ4:w4>M`}~K|oѹ7 (OmÔ\'H8+0'~HZ;8u*C)#nXe[?~_稨4y@aj4 Q@<{OK9 s-XǨS<(WEʦ׶b U.OsEz8sdًFfY'@i%hafFn\^j6X@Mk]G;qpv0DxL~6)Ŷҍ^C| P$Lc"NA=#,{1d9{;@H"٪@HewXA`7o+&;̝D( Sҽ ʨ%'LcvLHw ߼^cwV<^@ gu@! O?v}[ك-ANT״6h:mVivfM!>"e`P)}p̮MbeOYzy&a=t|:zX`>V]443q Z&"h\/#NMfyB8 X7PGd1C}'.Q.Ml [R_;x'KYbcBcD^XݚbaN[On(83d DM!C$9og`,^zvƴS8i=[ExDsݫmddOcըJ\]pfkaCN'!e;f0&f+ҫ2NjXi>Y0k*SNj32MV;i8N)KE8*:^aCat!ooyaŀm?ҽlVOAА:^DLp _a7?Ѝȶ@%Ed)l''K-h\L11~ luQFl'#ӣGh"]'M7] NƱVS8|^i`x}©..~z$v9B?w tv5(Tr0oWLBss9IbU=&at3Ƅx| pWr)sEMD.v5{? xT Nìkԇm1%Vd)5V̗,ȹ_=qtr,(V/)^ mp6#(B1m~Y.1|GuoVNQ$q;o%ʨUCdP$&=|N$b[۸zo׹GAk;ׇ}x1,!آn){8(@P72B}3{_~(7Hf_UA*ɓJR w}0L9T{ |hYv&spu[yq,ӤpZ>#&uaNWR ha3$QA!^{KC/V*&A:u ߓ Dm*p֊ԔpU^μp{;嵐Z+Y.!_"~ޢM4:AhUŎOމz)S|zK?yk6h^2zj҇i Wь*'\2O=; YS|Pr ~Fy,jk̅.n3 ABaSTjNJXitEQe#usF,%_ V +!wDgwmx%(Tx*4DzL-Ri*t ,M034)D(#(xƚRcEnQ س1og逦cJ39EZ/ZXVf DHؘ?zTq[Fdh4d #$|r+2_(%5q0F/Yf5+ % Gcp?WWaOt㊠Gmb߫j{ߊ?4kXKH s9^y: $#oWaلP]`?#_(wOuuky!`UY=7os7P`xDohnv^w_d@ 0_2ƕz~(Ⱥ{! J*.SgEЕ Yϒ͎P37-BN*`},>^?14k%mY[/`S0,YV(h 'kU˟ f} }m[2N}Ey*6'OM)S4Ê{Jc%ñJܨJm#T`y#Lm .f@^JgQ;Pϳú)kӔQmcbsi@yNibIoˢh{^"A 7WzY5zVTW Dm_WSoukؗiSN0fӎ=8ˎVcv;+U[J69ix?}(f-Am@ Q<[ĥa@1+—7uKiAF2>qRn-.H% XՓ6˒aFfN ݘSv@qVe!]bm: 39ux" aa#EW{27Z Qdϣb5'S]Ėܱlƣ:j 9՜^ON6K8l$Q2w,RF3FM9ھpIȖ4ʕI|/*'( B?H }l[@9R~5"8l)w20J ha8+7j!`/WWBz$w GاMuB~Nq6`KmYd|Ҟp, l _ecĴwn w/WIP8?"Nۧ~t1=1e"KҫBRåi? e'ԚβLcU/=0 p#fv5LBP4 )(86W pq[ZWa fa,4v-/uÁ(шOYB ]/<'ȦB9b a]j1̄ =S^Mݬ=s2r!}:Gƒ.x\'EgQṶaI(m:.OP4S鮱i₊Lm_*8@ۜ5>huh FeHe;Z&n(S `VЁ- hdB旐ey|6õlVM/t =4Hׅe*!< HIB!o6Z1Ψ'aeN(K,&wX TZ# 5Tap#Z߃Ɩ$Ԡ  6G-(3(_/d_Ϛi,ukj{?I/œo{(+: SᐷƊ6F ,oJO]ry 5'QolW2񕳃 #1Q]yy]'kܻ! EBXk==V`-(G`ޚR;a`aRC_N+AQ_ןTm) ފ@5t(5_X9 EdWI^N3{\)={1N7m&8"#5.-sޚ2W B<a3t}8)]W;j6ĐsOJeA_⊇WN rYzZUYP%K3DI[ .т|Ho$yAJYcr2 M5cxÊsR)vȳhM#@p㑬"Ec0Tokݦ@@ ),ֻD:ރ8ǐ\Z5O]A%|)X%k2ĞvneR%X\lk-N2I%*[Ƹ䝅!ONϼ&31-RQQT|"`D<F%ƾWS7rH'~yd 'o7KO\9 ^Z?:)lLC+ IB>=$x諢I"Ze6E`RX1XME' qBvK#,#&$S…`8g主Rt6@1T1)W5ev+Ͷ%=ێ/;ZA(t%F©(k4jkػz#xqeüHQoioVK=& 9Ip%V\4Ej: ej#2(朞=Od] )Q@"2.|FEέI249ZLjȪm >gic̛tO+aNXp? h E U0` (ߨlv)9VXkSxU%-VEwW;>K; fQ]xH A ^ DaF ̃^tds4cec$R h8\bo@eP4\O&7Y&$(2>g9zsMAVI[ױw,b˾卞BUQ*))d41x \fz }(3WԘF4փPU#[, mAe+bP XƠ~ɴc:!߼IGнnX/b@b 6R}}Ve+g::69 zR}-MsIBُjYУƒ7Sg-=_>ȝ6W|j|$nAk;k޺t&*dq$ A13.ˠ2D!xPi.wpmѷ<-(sr%"aӭʭ%N/DdS<8kaٖ2pI.t %⫔EtߓP#82 }L+h9cTOo@k+g jjRK 5M)E{#E79:Wcbճ1Ik+@v?^u0sV5Ro!}9&юk/w 8Ef Gbuhƭ_QΉU|9G- !u# tJ"FIulXßa]ispre'&e@L vy*1})b1v @{;@WiGm#@/^&^ëyD҇+>H5R6,}"#wuZ4.q4q~劚zRĔ0zu-Ce|B} ڑvZ $BΨ o9%XF9Re #BE%_M?i{%GYx1^\ԍx@hN@m5-MQ "k=kb6N {pI~U~!Fv (D67mY/OP6*|]cC2T6}60's0ph?R36T6 XČag]hq~1䔔sjB"U됣_`=-ăIPn7.iy`~KMj~ĽQ sjqRnh)}[I?5|8 AM[BﲄԄFR/d)nvb0;p&c &4>h <m\+ƍ#=O;CSځD#}&AԤmkCABW+~C # Ir&E6-NdNоΥA|{L D3lQ P) 횫jn:!SfĮE`hp~n/^upRۤ<8əLN1B3مd5!}wc:p}eXa8Yo0pC/|>_39;Z[y~84o*>6/SFVּv_&-C-/;ד9m[g* iqy+GmYU\]Q3.ܿmhXl⮜m*?۲sNLdڧ-?hꏇX j3 ܁"pW t%,6LBTTEUypl5@^tMYI]vYoaķ(?LH?33=="{)VV T`D!l {OTǚkw@dg7ܾS!/5˸t( U儓PZewB!طnNVn[^]11(wfhN:ٻsg VEAC5ߕ/x!ghB:5F'6l΢wxXq>zQGpg5`qP&D 6C^*K.; vl'EM$: 0Ͱ'7PO25EI,n (\B1./<geU|"4sX֓\Fdm_b1 eT|f|oNj}5§26m\_#zCf7)_.$X d>+u\]{afM g"W^LK֡]9對+x/+C>7Դzu!; 8c]$vEٓBp]r_1:ؚdSE4GMP/Nuszo}d@@ӬH%-kU#}r.[+ONI`̣ ʀ hNF1<@$lS-jf}{⛅.6]wBr\պ#2tbpn{#ف[P7Jb,'@QΝ&xr8aZ\nsVQ,}k6Rmq_X/*U} u"??lxexT݌ ~-p!^ 3z4 ~OXW:oNDxyFH6^fjT OM}c:fGMz {&؟nfDy"VI֧u5M,FYU29\\ Gr:ma8X*J.YC!]p $8m@ Z -\K:BƕSG'̰}N`)<}mKl9%oa` 73~\q/oCR{jq䂡 Twc6r`j9Oޟ×7dJ&,a}[g6WH**q! #5:]3Lpu7Rߕb|[!A]52_[>๕D43K[~vǫyON16+`D5Z4)P3k?W nL_HrH]{\)Q8t|zf15XyHg쟊~D.$Z"(Ɍ-(xjہ vvAz⢺sn.eHeaHPJnaGt٪ U:A[[Z]‡ϟ}ݫp_ I ufUٽ~qCpwǡ 8y zbؐ@;+sVHA>77zEWp}MيQ~h<+\5orh1",`d<*rSf>j2X4ĩr3ѾeKSA0C? ˫>}^g«vgZ aɱN{y]KS]])C4G G|+%h+Mhnq)O ׶Xa>*zo;ơQ]PrG.+p䎿~n=J#Φf$ZoÌyy# N(-,Ka!*Q5:\/} ]w^FN7j QipK">iOQG0߬,yZ6^Ǯ l%p٫mHرV3)F'  T|X#_keL=ݑJ%;8C߰lJIbM8x2- \\6XH]ȍ<=uAhĩwwyFBPaD9;ndYK%h<A*['~*K5%k4fY.XhI- u\bA_! _w3[Ǒyv#YMb9NXx4\–HA 59jT q#UE*qoUEP#xvb 6}F-d&bV{w#YmOj>CNUYS,~;Fa;E0 UNVc2rwtԀSA&nE֟,xHv$4I:3(,/4\L3w)ȭ9!{`Ke\Qh|z¨!&>ް yR8;xs$nXGIsXsx? Tç%]}J+ Yi<;v헑het#PcRnv/]y5'?[J*>pn]So'rpqGͦlč *:]-bMUA`{օs r`Fv"yLH2gBy'}t˦ݺV{ʺw8Bg,X35k6a NVAlS| FOxi/TASxƖhs_u!2p*j/:'ln%7u/u,'Kp$43x{jf+ͫUW`ug]xXԽPz_F]dg0$: qX? ě?3J*-ݎ%yvb-O7x*M/݊SՍ/|$dTGk^a[(;ae1rǮTγ a]ǩ!I1pQ'+OQڸ3=5=ּ3}>XKN-#Ğ5BD9uM<sr0NxgsPe~+yFG84qMoն(YhL럘,v oԞ힑!ߑimP]P,Ka h]Ekikea to  ?:Sd%؋K׮j Xģ zWyw0U?΀=U*׻x Q q4Pd Q eV@)GHeJ]I<`>`_ި)EfjBq5 ę|("^fKc# Ps[^S#xFFJdpd$4&17nݲ Ij^=IMjӛ@=djOJke3A%X WB/iO̚wYȶ+I_aBƢ]rUS^xh4|Xm2Sktfd{DH& : 6z ǒ)#2D ҮJfJE/ABUBּ nCoAh$>ҦàZ ֭;4lw6㗳30Y2HǬb$<Ɯ)e#gϨz(pqiX6uSg PM EKm׀Cmh=r% t$/' {)!(~rpb]NDxR]olB .`6 'Ƭ;O\O@R\ҶBҌ~Ёpq˰:'uuDjr21.9rKN-ӢflpCܡT }ƭ_h[Ymb<%d4ߧ8xWRJ?$x _|E攨yG$yk>eR|!`hRBUWnn˦#ETc$N$zsqYq &6cĝ/ !yӤX,3oIlR FVVZH1b"Fo 餡ob푦>Ee1x/#*#MjlO-'ZL/]3Λ4ȳ.. T䂷EF]s1O.kw?˕jψW*Uq%0K dzJxDLƅ45¸Ô'[1Uhf_*p*OABw;U^.Yk~haG80C VJ}#p<7rPxdc=c%UޫTY{' 5DÜʠi:V{uVaaӃ #ئfOPv;&:=Ck4u$ 0}dfO)s-Atk@:%"sjuUJG9/R,cNt|EC (< 77_A\@$\U+Qe,Xr3>dz`evN>^XEzPC<34z~?M uYtxzŪ@vfQ\xok)-m":vfYȽѷY0՛dQU\M`QY3/!B^ meŝʚX2zK\S'U>lv)nJ+1#_گ6@bBFHu{yh2 V9"S>8Y雕;@RWRl,nsy"!!\E>QC* Yh ̩kYLUC 0U1oos}2pEɲ(4+"sQp[`Y0=e@v;uy[3`T7!8+m;~[B[#F,!.F2r}IDӪ#FrLA3! cFUNb yR#4(,qcnü0{飰jW&Md#H^3n)Nx2ЃLЕ||^Qڢrjl6j͌0dSNH)"Gۚ]UB9f`lyH=ffx-e[az)4umַc)\`KÒZt<6۶Qa\M04)KflK0Ry[2,3l%̪qw%ˬ5'GL2s;36ګL;'cf/ul1eG鍐JkR/,By55: b 5MZc ]62DjR'Lw !*L ѽg KƋt\9|6I_ {ZWЯV)tq_mhm<%Ӥp$(EEL*K NK3tt]U(rV],fbv+C'v%)nV0ǯEOHM־3(_su@ N|`$ r\"$m^O%^}p8bz{yeʩ4<~}sO(mP V?Wȯmmi/,#bp@<~oW|,BW><#$A} .,#B=psWTJ%%}G9Dt@@Eb͒6㋢N& ^.]_&࿞Zz]=wdy- ˌX, 8&@A.ã{D6l~åAۂL1f5eTB ՆJ8%_PŽU4(=k= Y腭f)$84jnounT FB44TRZFrLkUMm ބi#H7I"`'k[[( W7w6nXtÄBti\W3gT]"AGNu:ChݺڞFo9˥WvRK!,6fs3qrPHV7^$`yf &?0c=V)6@ŰɎB؂@ 3-sۨmuG@i2 *4oe0o ҂'00oX:mCK;ښ%-8& _ |dcDp ;\W'RhQƥΉII1Y@rOg}piqxf'UEMƅVzÄH怘YO )y/h`yj R\F`Մ~9lM_Ucc ʛɔgI;ҊRJj9jͬ6#-Cu4:+h6!_y'D~Ex>+kR(1h0)wU`b#7D{T7*mfSQ#60&}Kp8*C'$'+R%?w,JqPt(IJXJ :㔖׍L9EzTe>wy1jۥN}w-ȴ Jǝ\U`@ p\3.b"S*ǃ (s5 ;]axTbïk,KN懓$-VvK»U 8 >Pv U{?>e^xHφ?;;uln#li`Y `l6y0Wf<\=4 kQTt$bջD1@4Rz:߉Aywb?Ct\LP=DDFͺ$j"Xb邔M=rl.}~oX+4~.]p>/RA ]ˎ=BvtF[T5px6,<&?kct*Twɢ{ wE(MB?6[[߻R #"_Ğof2ڶFU{ғa gkaAtkIcw\e;eK_eH\7gd0Ro^kL}\'rcL:5g+X!;7&S]LXχ!Q+[3#"W fI@wxS6sbV)?f2rϜdʇ|j2K s+L\'cI@N?qXWT>MR]ܓk# ;ί͒0m:fhyqqgarTGI A fEÑ4@$1ޘa<#@(m߫m4o)>s(7# As;FH_Ci0fT޿ah BB#N׮1Pѧ˪U?DK E4p:d#MQs3QLi*aq(/' 5q4ZG#NHt<'Gk"[})cI]e'a t\P݂2,׋_ M"u4>39FmNe06I[W"2\h90u ?=Be,ˈԏQ,-J#К47ߺW 73^ޟ))Ϊ_\i%m5iyG"#JK;Ρ kb[v6qԔ%}K KHe *~7Ș}xzB)c_c驞KwYB_b|&r|uӡ+b*Y1?;e ;Δ]|*[[]⺌V+# € Ae]) <d[_]'i0V2 ϻ; xE*c-[pO+@wnZrIX?lx;E`XVf\m4m( xLgRig9g?oL?>荾Ў=,k I6"-n%IՀgebP34 l񄖆40:MJWb"ɓ9֪ZlhDNZ=Mb=]@+\Q}(d,6Hf?*񩍮lJx+GhP{0ep!H&wV ߗs&d4M_XܘU~7Ff($S[.hScZ#z.RlATWgq^xdzxNIK{VJ룋/.XNYP.ȹK_eg61G ]1K(x~TxD7XoND. Ak:xmE2H]@ϠfVH罰Nx`8MDG!|LH^ `n-CQW)_HeUj@56nqPG }k[\BEL#ֲ\Z?3A!<ۃ9dx73̡+\ucdQ;^bB3"Q(1c;=.HVd7ӡU 4)@ÐM&PP 0EJ|u&6 -_Fn]{iߴNBwGR,`9,lw趤Z,|CW|1ʪ^Ud]1]׋}h[Bq6sGlΜwʦ.|x>-Sd5n7޻, 86O;\`di.$ub*$%eS1]t&!6L9> bϣ,İ>F:=垸Y yu\h!1Æ;GlX`ѓ @>W{ !vwfǘvrrШ1xճ5٥~ A ѐclD&v|#p ONWw1"׀pv>w> wFA{@hn78+0"' dL>'ߧ>1w*t0{e^r/zCDlw]+es&q({6r%_CNc/ []]> 0Tu6ɄW=|=d:#Gts-Y#V#fig{@cs|j3;2Ј@ OExd,\G㬺&dZF4 Sw K0h a(܏ unFٮokyeR3|x*Rʚı~|/c+*e;qp>U \5b_{@ CAwbT7s$u*- /o`[|f1/N9 _Bɟ[$H-t2= lh=WPi7vK=~nY8D%=ʇvnN_6S+N2nwC01F6%9 }< mzѓ5OΥB!@8zukwyXPxɤucݎ|([ͬ\(.0y4jU)5xY&(QC}pL|gIqG˅K< X<<`ȍX0'g7j O?iʅ ' }"oҗI"DP7lچG aϢ=P{ ]v "D7xr}}wH:tO iAmDWhGVMa ^ހ8?;j0,{MLzL ;l l*Pdjs>H1^օ1R1T!z[_nkr EkӤnӓeu pG[vNPC֥n-sNo(vȷ'`,opg(U`*D0΅|Lf Vk$G U?Gy _%\Wb4@1o {yt|xr/ xHT]$~[peO F ˩0U#~GG{Ar#;q%Do^nΌP` ]1w<ح^, W^-6T`e֎Bٗ}&nC nƉGFP ~n\l@]4d@xv)MBL%P;2`d&t`,iry4. 2u9^b{m:ӁZ sZe p{; X\̺Չ?SgU\ťO@)<SHoFI!lҮ gRUY^V 0f>KwX,K}-5<"q; &QXYD`ΥT H`o8O*>kcG]0/oy!U}~MgM>YB0WN;g j 橻 ;aLѠIXlS}Fr./ X4Yr=u/8f6fXF [Vddv'KiqXş'Ilջ`Ei{ f;,EHBWz7* ;׶I;Þ]+Ɨp_gLJm眧SINI]BLpLKWqݹjb$hxyco9 ˽r)'VN-|H>Bn'Q纯Y44oqDyqӧ/(3VK]0s? IQg k(gjTB7ˇ[Q*- ʫ^9?JMAg.00ЩͿe5;lUމOd ؈{ɰjr IE㘰 ҋ#֎jrYm~ѝXY R)}󰚫V)H4J^ŝ/XsL(e\[=n樑E􆉑_{O 3:1a2.f6 )7u \xgw/u㧆Aи*y_Jaw h2Hr<:uj`R'A|2s=DD^Džrv@mh C74E7tcHn_lx1: F^pda7  =%a7)?n::jКN/<8B-tpء̔ٛιCb}L7빠܎<>Q9$a;= ޘ#8}Z܏6EbMcsQJ)Խ' WDsWUfXPпyѢ籶.d[M[U(vg~A닙8s qJ4DMR՘I6Ԫf`32? {2 o7S/ xs>E{)^շ'f%,oy#wJ3M[f\'BQ6z^& c&Mmi& @P=$Oh҄nAԮ]5J6ނȀ3g}pQƊ`r$%BXA"$=p gIdh%vXjg:Y?`T@ >eM 씫"MӚPRRBSJnjODߟH_fQMKiZWMLb|meG 9&V &[DEzkM"jT-D)x`h!k:*G ц5J1^+N?/A9^$R QG A"dίN'tXuR0ɕ<ЗyI'.J&Zʥӌx"p@n syN~&]84MrD@4qN'XQ2݁]]lN78'l># 1zHEAu|" Եgx׫ʐHll(38TcYg;82 S67T5g_CUҕ ^a"4&Z!tOzz`f 1GLa553e53ی+m!X{Y=)[lB)F/vO\s[ҞfRPQ Ơ4[):aSa[PE*xx<.jDpw܁yb=e 0&M!ԭeA!%5)YbT/rev{EZKitqy*:\9T,V%uQ7uREb2[Fp)CHS՛`Wi<:-sW@흟J);]vYZ +ѭ+AL@A/sɦz* #%du&}ySoUϢKhʂ̋NNR38>fފTQNyׂEFcyݾlv eMO\ti]!!SܑÈ.Pȁd̛mEܘ}q1b ;wϢ3Ij[)q#1]v-^tQ>tyhs#5%:"-hQ|mItx^gq%OZ'i0Fu/ܬiU8,s>jb(Nws.a^ u&Aֆ,\EU9/% !L8gtҘ!J_`Ҩ r}D3Q{8Ȧ*08u%7`Ûޝs!+\]H;UF9ƁhgxWv)X)^r`$i.O Vd2zI_VN1p-@"%o:-NhS y΃!ruvϔ Sb :'q乎7>Q/Q C~;i`jAu I(•{4FƔl$6gV\P 1QMU'e\HuF8Wgtst?^u%vCYɂjڢ3,o+]p]/|Hj&lI+J "`?ks`~7`Kdђ$j)Z[Nj/B{莫r5'9O^MjuANIϣxQi,󘂄E)>:;{h=6VVw QGOQA}6 |~D`1x8T;>̭46eΩմ ~jѱ~ศDinQ2^߂Tf?v~@j&G>q#Z#-o3)_ Ndgn/Z#' F+zV6{:֏l㶻[Ytr5Ϣ gqؤACz#)8|ԨݮiZI*:u!\<2r:i1xDqtޘx-R!I8"C8<HMp?1_ikj uP|6t{{jEz,#!wC~exRsKؘl&!yw1fsֹZi-hZG$ri;NfҙO|q }Fzț˜Lߖc=Oit,) nţR `2RGNǩxMv7wNJ݇eQh쳊>Mk:1V?J9TP*Q :/3N QUt:\~@~4/w[C,X0Y=21wHVZv"$Ruw9*0ݰm|1N29,'FcN*_R/Y?eGs>! wSbOuE]C{GWX;Y8{:@'f f$OP]*LFj7&AZĽ ;A>]ĆKm[G|m$zpmwEQ;B);e Clx?#.c'sy%~oeikJ.O-mj%e(bUso b8؆i(g5Qٞ=Igby`/DyC؄(C0?eM jUi%xF+,mH0_ XSnm*)p='sRoPq:E9G^{VvFlBXIAaYY}O3x kh,5+YŠomjMg 5g_HB Y-')X :1~+NH͘NsVr0Н= 4YKKY~d3F("~(Ü,-Ѫm[k`2tPT fg\̃ģuԋ]IoSr<K_H۔3G`8ϖ߄$&=4{J`C^1j_r\U~ jB5r8tzi N1˟ %\ĎWdZ{'I3#RK .es@;+Nɴ +s﷏-MfP=?r~<`S™9Ɵ6)jԞ.ʀ"j4Sh ټ6dv 1JY.5mP7ֵ&!P֦ራP%g}- 3rQsDp*w G8 ,Y`,֕DО(W 3ST vjx'zޜ=pX/a.Aئ5qB X"gT$3mX6:0kuaЮ C""PGYj37d>o£: K)l2%sBFJ$(U1}'tb!bnj_D^^t&S3w1ejʙ0G;3lؙEgWn2,6=lMXT}B\$&it$R1f99WgIu̼Va8b4R5 `e([ZKu' .XT&8XmKSomhdYk識ŗ%$Ǝʷz(|sj+17>A!0}%a_Ƕˉ(w V:F-gI t!.c=.ky&4㭟X$%:?1<(c/Wt=&ONWuǣx6w؅R*k Cӡ2`voS^35w6(*ԲWnO'a+ˡa^Рg:$ [S:vZaʄxQL*XR]U%Ҵ"z5D!tD\wVM$W^Զ Q r$#dhSqKkoEM9,|Xp;P5Iҩ+ӫi"b>*#i'q0űPde(oJaɏ3 &qwǫǴҸ +4KoYEq= U=^фd5BCLlKq"t>+o|^m:{GF Bcbu5Nvl[{IVY6TSMI^n(P9]ҳ-vap$uF\lf]v@2z,'y5n!QN61z~/v# ԝn>' Š7JcE{,*:e{6YNB%c><ܒ&Ͽ$Ǧ"}{p7e=/[Ք!<ߨ\^fD.46oo]:ސsQ ` Z1im(OPS[]MIAL6\F :f,*mVTikK_uXAsy.˳T>=JHɍ3qRVMQ6/N0Gk. v&Ӂy5[e`Nz[<%G_ KWxlzf5HXbJ Lf'ō-wr'e$Fs1qG/zu'xb1?=ѸFA RLvE0NDx+U5vsȪ#=q30:e ʿqE Ă- e;񂧫SR;eeQ8ۖ&x2,L!F"ail8yPCzuT #[5S˳_1 bAV:]Gp~az<^-85A6*|1A㼱)MA=v✏NCedO!Ǩ4:c룴Pp ~z o /7&dW}*r]ݡ?-Ejiz~U:tƳD8.aC;P'FK~J O1y~_@@ɡ 폂1\k* <U,cV pL^[)w4wJ5w^ԁRy dϦUeޛ nL5Ge А58]=^.kMW?*RK6K_֘O']]gpΈS&XdӠ_.;~>lb@pIzycl+z%4ʤ%{[1uX$b~y5NaCĎ"qZ N"gap&&k3gEBz|;B?4b=(+$TT:>ztxE݇KWg5;"72t*q; &i댈a>uy}{݆Hˉݶ3{rI1ٓ'y[AH7ȮJiWBHKA Zcߥ3[-*V5cO3-x{h5pE X^}Dyj^N h'U:q狒fMA"-rwy _~HF(yu7Gj E j&46瘤ҒXxk! 1m랻-#=c1b* >'[^Q@^A;FS|BؿsԐB'3XTW I T}DIM]TԏZ1D3SQTV!7E!e_$N{ >o%8̼id`}ypwKH/VgbجNXCEG'ˌ9WQ Sd{?[W b^g>s9=xLBo 50A ?pePY#w}b tz6Ab!S 52Df T(zk7֜/`KnAtq<ˁh]ëA'33R%Ζ {\yu.J:ɍLI4{J3+ȳVl-q+ty[`7B '-XrNZBr03guu1x _ bsB3Oj:>{"=`!Y48NYFʚyϚTV-hLɊ EX 7-x$azBEqlL% 'De V~g4U6 k{ 8/70xQݶ V)YhFCdne˨3?fF6ͥuXaĨ.cQܓ9Ն%uWrb*3dO.Y5 㿂B*BSe1W-]C%aҗK Vbh]}5]ͭ4 &~!Ewṳw`al4!R*$xmdN`B會ہpՃP8 |{xs_>,*uFM$JaĜ0Bi"] N%C-2;*'LÞbe:jhF`|a{883`=f}"q'~9C/jj1dvl!ueb}kȒBU,9˩gA!]c`SM<.c@qD+]'4f;1N,xݖ W G* +=l#/<Uh wohcF0\TӏfwMh*#LflHϫm>:SlsƘ Ʒ 1"u;-zYq.E)pR=jœKf!R%lH@Oǘ_upC]&;#U<^| BnjIwQ=n& "U]Sg~Bd:Q\o+.rxy,?LdoY|[n@9@(SfPǎO+1ٱ H(H:z{l+j~xWKۻ?d$k9bQY LW 1I,Ԟo&!&\T nT):zb)|w 7C~[tLc FFq`a1STJZFlߚ5(2ٶ131[Lw ls(ϣiR&xhkzoAZכcG/> #Zhlj"M&U4S#R^-uA '<LCcѤfr1YhKX.o3 [fdDIyE|0Yig)m_uqXBv .`%SUQF')}c+IU[2acN% %24:Yկڔr.N ֲ' QEC{gS6.l@ş\sElD/m䝡՘f\sN"+?X L*]r=C[+ZcKg/P 6А[j{)uH-QXZFJ*+Bh>-9((CX (GM3U4eRB֞o` \Ox0 BZkEk/3ʒ#- Lw0*QC&CÓu"~\.,i fDn>1 & \NvÍC>u)5x+d#2 9A{M̓@0p*H_==1cF(4m/-#2— y[ǡ8-I7uؽ:YAcנ JD\yKc>OLXr "@◅71:ΫA `4y ݢP]on]v>l yϸYt(Ns<ң͍t8I; 0sX(1(+1&:s\t{Ph-3\i9%ZfVO|=ib'rpTV e/{V>[ W#ځz=^mS!1$oX2+EsR i]審; D ٬@-L3 jlDUa_7FpFOG.?[l&J1.q>0 5&E9:Ckr3fFͩ?0e~a⊽Ux?xPu#Zw0:߱8QƱM?yk0|3߻i ]6Sw[4Č0\1{:0CB}P(M2o 7ƱEG"!0tS:~zBBk&!nb.}oZlߜUAao]롞KKz1kH5,?>˝4u+jr؆Yljlq 1&^se ̬UP nɃIVry$z-x.VxXk⌥]Ǩ\D}3S@,QD) 65?uZcm)2T I IY>NbO~&FnQR0XI$[ yq s8>J[/c-gKPs:y21-L9-gxm Z/X8/3s!dl3 J!燱> SǍp?|n'V]/ֆ"Ϣo7Vp~W'uո*-C۬J.8S=7/b.G\!@ Z{P>hdF,G/L4/Q&cpW$ C=Di SX8.E&BL&íC ;`XIoAxbRG9,|R)O |pU1:DI TqeNRuޒ˾bSIMttܜq iwOjPrKwe(9"҄x_$&\{((Xc5ųX:1A-Ɣ| 9A :ɐY8 νHL ~^5aj!_8*=䘕9ـ я!MO< ,W5>ZDvt%j@T"ˇrPH,26wjs 6>ȊBOJ-sDhtDQ;şTZX̏9c IDE$Dh- 5s*'=j&Ut[0}LtH:3hkgH]ObOz)ejgr'oB hvTr?Z 0$i!aOrN)./hsڄy?VN`TyCP0Sf̣]] x%bA*ZjKe6=jx* (p/@;79\v!ƚЮ-#96~ء#1ީJ㍻W+ܺ27wV9 .V/U go.gM@:Ź".R²x){j|Zn ɜ Eus]՟5\gR~F"RGz_.הʕ+&ve*ce{ l.Tp+KUJD?2)NCyzjRpLz@][[yvP;֓p=Ȏ]xn&J;^r@6iG. /IT0N]%AJ -Ó y-a?3isL j@V(L(:qA#?.{ 'u7dMu 7~Ve1DvgPB7vf¬ ң8rz|\WZ+|dFxT5h?Vx0q/01Ûu (䶿t6wӮ/[(bP6GZʹL>?p on\ LEabEG 㺗f$_P H]v&Dֲ"Dž@20|W+t֮>3 5z4NcL;d͐,# o31lyJsi=1rdܨz#+PQn2LBDxt7/ Aly'f dIW b{ǑJ98ULwa//iJX~Il>/6 ,əT.`|hF>CnEn 嵏"k],P\L{j箴^uOxd/3;r#aZ>aےu`2⇼AfgB|W4AϠ;D]8Ӗ }X2$Sw p8r<P/X& o41,Ĉ)o0([2Wu{A7% +lJ^ilX걃wb֖+R1iln?6XQm .H%LI0p+VPgɿ M=n1[1kC&#Xϕ+={C>!+ 9גQ 5pXu+GZԙqRP~e[Ӱ-<\3|9 :~ioI^7%+7WN 0оH䜨ۑ'bU$髃8bj[%~tf- ^1,SߢQ6ls q@\+>]?1{?:ԮvDn>QmJ ~URe n}6B @g/!νWK廰E|hjmE'})Ӻ*O#"E|Q,|%ߕΔh-̩G"`E&s/^S-.:&mܯ^Q?矛6_: O)BNN.se{" Mذ:[~ZK<w"$"*靈qԔ(F΍ikKJ|:Z2j|N* J >s>`G S<Ԡ}9\hM켼ht]nb}݊/P 95῰em5$ZY۞d{,+r0W-Jr4.5"cgqf'K#%֯5 y!coIXx[ɢdDZdE kZ}wr&*vp%xK![WR UkjZ_L=.']kLjʃ@°@Rθ,w5`ɶ*m[N[ U`HRq˄rz3]03Bd힍&&"P:=أ za 5c;4u«i˧B:pDYf="X0ȵйwkJziyqV#.vi&I'ba(woV({wͲf^2ElqE #<^d K= (8HOVP~f[~%¯C(^u/A ݘCz@ Pj.j0u皇 % ߐ ^@)WO:'|M5\\4iRQʉS ՘6.o'>a9 #۲"fLxsUxމbdz77#Y|Rf(cfV d^"L@YTCo )_.Nk=0Ϝ#Xd0 ׇ Պ CY'$?=?#|Z\V:#x.t(5 [ UvBXN Pyv8%X<Rl*ԿCm aS@ $ ?cwAE.9n>[,W}%&9&)pA7g5L=ØIw<7&v3SKSǃGxB =V8OQȯ0v9Ѡ0bfL8>[P~\o|3| GmDKaJ`z hX mHL,0.+meTM*ˣRaʱQ`<ʈ=s?/Iڊ(KLZiÀ k4y(G#|ڹF;.u*>Ve-3mRxMWϲٶ P_.{翔zְmh}l 9 ) ̽&["ؒny9Ӧt>X[F{eׅkvq͇fs3ة-c+| 6M5 Ò[In s3H܃:cyg8E r @ϑ geF'KN!~y4XLWIsX 8$~~u@-lAuU|MQw(jYKAU_6>v[ˁf!|}o)]Gb!}ApMeH]b9fa>5EL- } \w'"-tb#(Q/A q;{طh@RPbU]s rK!F^D&|dDTjMc-J2HhMȗ9 Bt=&/YGgEtSYpHmA:bjCL?;c5Ji>hXEi,''"B)k@TAzK)lt7pɹ<1}5Ƥi;1ѝƊ+gJ~2Nk8iŠ˰;Ujѩ@F Tl4w=ѴG=CBlv;j<~͑㟲%\0UEjbw~W;GlZ |o`>/"@UI禟l.:'7OTMIl]coN"o0Q(۶k-qF4q>cyBu*`H &.e'26ʑ /?^: = t^v\d1 > K=b*V\xOR5>B tܶ`*u+ 07H) a:Q6|ؑ_ :eXK̶]֟mz]&n}bM%{!jtoL2X\QX%hHMR/ ңw@5Iy"Gh՟Ec|>qhfq'\C2]:C9z!)toO?9p$9M  Ȼ dg4C& z%ĔnENWB1P1[pj%625S8aцㅉ&+ɫK&U;tr3%yt:ݮ=颷IPDt/??hU2l!ki.*y;4A\4*MmE^{I'9Bm }ہ?DKXΙp'R]eIhȪY|g +$J;Ъt^0W j\r4[N&g$mЈƙkkʔXDM|~W$ta(eJDNǰ5u!)qo%yoS:=E''SDY\p MR̵` )Bb>!9zo5(hy?*U^ s,Z   7M[F^KE;05T5DD%-i gGcD=1=BMA֘G`˸@:R~? wڽd}Ze@*ڏם$Ƣ_f/bMGKM&OY4 Ae#6k+j%"hP}/ ټb`}N2eSZ6jݵ scIdM0F3l^s-xHz}}7 $ШALyD]Ԟe8 &РF ] zrLV (q"˕إfSrmCu,@ CO]Q0:{*%.t$MaԕKP$i#+5O/ˆ10:1PZY`'Je9*b  վyË5%hmTuGJ"p s*MgH⧖  @ݻ@zM3G\sJ@Ņj"TMOO~0xAĹr2\9^B]=OX~}^_XK͆p?>B3%rKa屩H b} p2rі `nIY؄'ŌDD-i;8Mق z(i# &mGsHXkD9 {axtjs zOl |HɴY63֯^ 5D0ׂmQ=Xkɍ]0E+Or+<,\V2NVXGa7KT^H6>\ %hFBmS-+vC y<8])'T/G i^{C)'#\b#}'l{0q8|K)βWD$%[E IHk9"s}} +C[oubfד}lX$L Q*`S80Pރ)]^m,\%_K8KUG#YE?؎.Qjʦ 7ieAA⑓l W<ALL |(¬ls] q\Fv`,!JYX(asRzoޮT'0%lq!>w) ]r R'-2WV.P g6wj?H9бAaTK53Wlpx~9'DL7$>x ]&CN&ƝxuɆidӗ>=䒗w"L.;31?H8!m49|${op׊ʴwS<Vs\I94Ab}T{naFͭ͠=O57;i:Q+E,_m VF&ۙf\AD#0m<|U!@ojLJiX@5Jefw]j>=ń,Ú,J+kdD2!f";cv%gaG=[4̟5 jHgQS@#?uҝd)_^f򮆎)nMth LN0IOEz*lS+ar_P{ ƆCĞKKs 'Ũwny׶9ZȯY=yǸmzT%IϛP*}*QxNWl8#r!l_`._%Z]݂˗Oi:RqtJ ;NR{6u[43o<9dPyVwpA6UtnZ|CyDFDnc-85,J!Ɛ,HYlo~qa),"z4,RX&jp$,J٦ QI_GS@JZˈlHEœ#_5]IHj+ wxlF߳.h.q*~Q`u,1chǯUT_(K 7h}нc7*b #G֝GC3]w ں P> jǯf MĘ "{FG))πznȥ䩚nUv Jܷa`xn $xzK$)ÿqWb&pkD!Us;g-[56|pSjcpR!10;+Bn=fBFyW9Jsǖľ17nEɍML U/Ӷm:X?,AV}=z:MaH^l+"޵Y)v x]GN3$^ٓTpBចj{ H%#bqF_vt03>Gc܎{(őSѥ|+Xd9Y=OCƕ3LKfݘnq+8KR0L2ۦR*+##%>W2g~W85z $Жf~u|5O})ڛv0Ӡpe.*~4qgf@Tטe%tW^P fy^VUBǔaG6^IRlv}F[v@38P`ZRMK3!4;@pyAXb~^;4;Cxb 05G|J]#dǬ1RjD߀>"Ǚvj*o7@۸s*f@2n~`E ~twG(GFU84=\C蟚iK MZtP_hw ZdB1? ^*)Z Ry͐*?xD)Ș)\SDug= L470F:QZ))hs|AX]umN:i$^Zme#wqlҼA%|RuD[qfv\cY8ѸL# PiFgq1^o܃l& I n!ո,,Y4~C9v*@0i+n+ ;N`@T'f9v"K :v&<4qO\8r!̅S?7Euqdp6zU *琺-*|i$k%K"+)EZ}{,< ӳܸ}b %mjU\ߥkoITCxxj >oroI Z&w&ӽk#}+1^Y4c%~j uvVwm#&.ݸA(Ƅ8S 彗OTs 8$f{oJ:A@,#:'ğ=l*x_)`i <)e -)jx34\`J? ίY)Rc'< d "E1y+F3ޔT {v䀹flF7خ,5,oN,|_Ac%gNugnk (du)ȗ2#O;BT; gIȆrc+_yk)?eă9Av#O8oW;@M3ppۡq{Z =&ziwkA`ύݚYJgX/T-_oDK- \lkMnIAc8c:?Wo!Vð;ف\Ӄaz((dyw6z~!>*Lΐ?#Ŋ•̿f"9]E\?YOò yrfxG3"떵;FE2^bWhwW}EuN߯ÕftES???$ҭS3r9㬱kfo/G X#㧧ѓ 퀠d];eiI3fҽDt^z k&}\tDŽX elI%;N8LlDf͍iM7w6CK4ށZ.kBGSēwV3ꝗBBHQr|?Wҍ3kC韪˩jY1QKViߎ-4]a7WrW݇+,^RHŀtL?J־BA1ʹGG}z<0%;gPINoNjh wCuTn'ǰXy1k*ڥگ R l's70YL7eæYFtR Ej{(Ehqf'ިTD\Cץ*/]6bJ*'¥J*Еo:Pè"Z?KGs,Wlg~0]]g?i;r|Yӄ;U :8mWc璠}0>,(pO p=8YK;Wr+@HFڞ#hHW _]Eһ?s R)z@)T (k9(ƽ)Y.k,`1fZD2e?jF@8u\E)1U8E!j'-B1!Ξ1R蜮ߩrdTsxJIEP?5Gp 2µ:Inz 7h&X=0:lƵ %Qu6D+fH>QN[zYTI+R5̓L+G>7ofhY,9ShK G씦qtdzzľ~20>W,䅔m7]R糋,|?-pZ#GAUIBM7g4FAvۂG;1&$ 4bHTF3`*8.+5ڼ*]Q%sEwBK.gQ.k<1EsgU>ߣ៚o?NAJBFvM7 i E@ :-u ۑj n@t'`ݐcc1_p~aǏL}G$|v]K\AD[qG|{vBrlC4 Z]&:Åm @ b[ޙόG U`KCszkkjF.Ґ 6VO)n~}d\Y)^FRI&}4`BXL0ho1+ƶ񬞙Ghy-kˆ;k k٢H'YZj` ߪ+G8zK" d4 ZMxA*(p2!8RZS sdlEMEx=%.vӒI(@XJl' n_ ur}VéI(^rJe2O24hD4T>xTIIyU6wwveΙNFA49Xy4v+j@)Y4r.I7U2=8lٰ+R8Oj{*9na棠4'`}㻿]-qGTZTvc)>\h"I#<%F ļT*?uJyylE5ŨL< ɠLIN:<.U&XZGrǎ:Dk jq`äN&?O\}Ot"،y?2*r'ڍX?ߔ1'l&QED'Gb7wl7˛7Pk:?CcrzOTly3jiY3H?8 ;}k4au!ZຘGYPqK2l+]MhRom֮?Ea]Yѥ@#fu[T!*p9~7|[XߔUv&ʢ_k!&o^~kּ\, HcFXڡj񁽩eMP0܁/]?}&P=˔@|NƷ!r} IjhXݡ3:% Wyl}0*w7<8v_ n=Gug GռK})st8䏳˵nkUQσZO g6vioůF4Hgfqthޙm N3A4e i2٣,[J-jASb_:L|IDZdIsAnxzY[xm{66%iK'=Y^FEK/bj9Э]kvX޲'%MZmĒ&VT-e}?%҃Xp矾=}BRX0І93x %[%׍LpPR( ~Oğ`GSgc=7\MWK$y |@Awhjl̘5IzUH_&-.͊G)C^kts 7`-(w:՞|W3A2potw_ ơes3Jt'P'^ r  )9,bҠ,dd}n^PBK7&Y{^:_Y( q/kr3aU^ ,4x>P3RRQ96MLBNHD$}15iS9K1bx}K9u9d,p*~tBRZ$p&Հr5Nٌ⼯lOluJvVF |RD(&N#es /P})eVD&fBZ3{lrRkcM5̬T^_=+FpJŁ<0-anL|fߪCȀ$d2, ?]nc7h<pU y׫!ӘwƑMv-ibF?s6Nye3 c4 Ƚ΋2GZJɵ#[ [ d"uYVv=+|Ľ8]L\ߚwk◍Y͠QfFA|UOhtw%C]povBF. BǪXi2:3] b3v_,A@4LA0gVz2F+`^X׎.\s_xT, ܛ. ZEf̝6` h7WJ(X8 3ۿ DD([;r|{0,[/@ob Sw kx_mpėP]^i3X\& φN.,M' d*f a'\MC8I Di8ΰјXS)#a˰RcdO{&AWSiR- (gN6| q8*ZǬPT /4:AQ%FQd|M)é[#Z3]TLC@*;%(O}x aڪ4Y81q`hJ\B{ӍC5ʭTpb)[4#k#=7HlD޳qP~lMqH]nlxLY9te2LMK3o\޲mxr*6v(7[-gZcI6;XkFv@HJFk MS1||8<9[5bh9ޢ)A$KrS8(~ȿr7r%9nfgJ_f7qd/Y6qw$MturgT;mϊxHI%l*<5 f"4 -C4v~Z>iOpO}^"M,wraJ&~EKe[}9C;`ծYz[ DXCej q?@,8k'-X+w('A6-Kؓ`b»K5TcF&³FueVڔۯHKz}u ɿRh"9g4f"QA+ay6{Bfr,|q:Ս!)n7e~Sg_'%4[XVD`΍xPs+eKm`c䵏zHs4𢚇+f7g>ؙѕtT" Ow:lp׍OyfT*ޞ4˪xb#z-r>KѶQ:Ūm'ilff󘭆yk! >&B?T*LY/07%}sƻHò$Y89ԪG_f‡0i=[1X[6ciU_A7Ķ)`%UK?Ą(\ ,ۏ_ JT">b^\`R=D{бB{P=8$?K0.zP ŧ'SzNSSc#c 5k"AQmx cn3Km᲏LefI6%%}4exu,n ϛIj_U VPz,81O;BUΊc\U/a$p`MdI.84&Y%rkr?ܪnʿS>l'p9bHnǥ)5du͈+-G4~X z;+0w8 }[bR2*NNB{K{NB Q_',q{/# Qቹbq!WT;@XgrDdΥp5TP9^e_FҴ`0+_Gg8.Dme&kkWFlf'`8+ъ <\'gުcqm31>xaݏ wc۰ΚCKcK17\;T~|CC@vrɭ$%, ; +JIk W'.ət13!2/jlbYSe#dizr_ZꠒjHqp,xM,mCAG1|Oƭa\'T4!,w a SN'xd1q?[{R?Q&#ƘU3&B+}tT`Xrj4'%4S ͈sj](^P@ (@(!VFBLe{T k4UD`j>ܯH RL4.@t]LDL(TՄӧ640-_H:v^GQD$ QBWSʻf#j:@nH$FmXq쇨fz_%; ), NV1$;4-[YA QPVX%:L5%hӞ F^nݶEV<|@o=Z'{M?Qݣ^ima2I,G(IP! /S*=C f =]G-7[WKǧflrI7O8}UDbHْ4_q]:Zٲܞ16g} _H>0"L5;Z o'ԯ(OęW9$c8W2Piz샒Ob vT5& lGHy`~at?jճ!,GOѡ%DX=Jǝn&=&ϰ;EvVE/poG%L28;ɪ*ލS kf h(7MΑ(1=*t0zoi"]a&nP>.UHC1 c*\Xϴ($(W~ula{xя85A+*=$O L%+j5!YjF:d xI~ofDXLKrpJdٰ5|4iuP/Ig[Yl")D~%Fxi`Gi&e*gI+_ii8#ou(FH(ힱ^tp>*|ͮQD 1*'.jT NŔ#[."҄AJXrHuc*0g(yDw_T6 iJ`l5J6yη~wn >|z$PfO^Kڸ.$$2m̄2y!lݤip.ⶉ- fo q~8_5<0ja>鎪*-.I`ު5;"%cWrbР8K-?%O⚯Jk#,c|g # -)@U$#"W+B/G7 >w-rՎK0ը5&"g?߷~zbf M"@N*w1d_ ]Wwh}/ox P2viAbAxlY_1dItqf}-"6C&+-}W j`kM++Uoj@y84(7D9"[Gu<鐛|GXo~u鳑K--Gg2G?ɉ(*OOld+~2#hȒʿ!p~LUЬATM&6IrڣBe͘{;w޺(|Bo7u0k;Vm mP|Ev|Ӱzǣ%`894M\ EUT|vBe Cq!e2q3I/u]>18 J@g㒦kP"Ԣ#~Y'[Q3|o:+Հ9n U-rՁ3$Xa[^?;3k#qǠ\kӵm*b!Gl# Զ3N&Hr4AP[ѭ.S+݁pYs~j%bvD!DL_,'BjOP"E.VܦTǍ]' Zp]h7i;Mo tƮ,fq8X0)W1!d"jz|I4acVEj"Jזqκ!ι(xĊڣcx `-%ͨ*B%|ViZ5& |9z=0 XG@rSx8ɇLjGro@aO?f(4,ɌK9եLiwYB HWfo7RR} 8:]7w+QO=[s+94ؾ)2yGN8 oŶV[`8)50Xm1 +#[R8^"EhԵibo3#Lٝuua|<^hLO%24}͆caCZJO:PLȮ&&Bڈ(T>-Kؓ<=Gn6'5͇l鄇U'Yi'.o _@Û8GN~*`ą[1I ީuZoЌS (Z;Y !ۣ@yAǚԡy_?rݏa#SIs_1>')Q abzs@(; `$6DGpR*9kC#݋蕬i Xcg\ȇK)K\ӛ\-B;' pqgYlYfyH<Sغ@+{u,QqYm~m삾~YVL\ɃMɨ&Y/[]- :^IBFHp[7rmp8IVw*d /){h[85EeqS=g;jN IKƭ"kN'gW 033.DRa8!0TZε>M qL2+qXϓ? 5 [1ҵ>{[bzAEvID%_G# Dȏ:(:ڍя~8,e:;wFJ;&l-AfAt1' ]f-WʢJYz<<};tqsF:7ux>v47 ˕Sic[ ?+3*& `?VWըe t[kL`k5U7O4]EG`vB!""H$>/ĺ/[0Џi -AcO;8s:`VHUDET $AltA@60Oj6VJ+g}yCjG(5IG"o ElJhiXiNPZ.Yn6$# \&Z E !S0Z J /HX:( HF[dRRVJ7% .}%&G1@xhLAǗPю^I+{3ÈGLArjo ?K. WؓDJ.LtT=%tmԹHw `:I,1\1-88x95& 8@MFTeR͗xCeGc4Wn"%Qj\2QQmG < &u##t.-|ك8CRbK*+`wӴ: z=^f%%ta~ߢ`G  y/Pݻʜi jzE+Go<2֚2ű$>]`#Jqfלnjz{:]9$(v{]4$&+,:nUH'~Iw-O0|Wp@}]UG΃_,7EGa)"#W R_YZ{m.BRiZP?ѫkVXU")A;;AGR8=Ű1LS eA0BV+@QWkT|6 <16޸VѶ0eHGH;|iB1Zr4YG,Df_O)lRm @_ȾHfol:zcy=*TʟY*1QPyL?ߎ,(X}[]`%ZTt, 46?:&'Jm!,>I t$scEh-jlA>ό#8hN齙2[.[k8/XH)W=\ivjC|(d XQY vaSF#)f܁BI 2,Ǧ|Wr=$ܪLWR\?qC\g1HNchFnzu2qꯀ\\h )K1[DO|u">TjAX r GlIHbr `(?P+V:]Uw;д%wc#J宊9~:Tf W Q)aLO_9;F߭p #B ~u"eO)1 ʑ3iCEV&*™k Jw`TQ%BI.uȯ7AոB~4~`[Btǧ燰 3Nn"Nm,0W Yȸ'W~rY+WQ`ĊEQ;fp՜]2oq<u}}VDzy~ޢSyr!baTra.0ӴAdε3u.Dl;dž,`<ёrn9$dK4Ou*~40d6|d~'K r_3IK7=D6ne[f8:{qX*[lp̃[ḿom&ɢw ިA?{tϜqunĻ,%PWs e*ź[qIO"W~kuT V0+M1e3&u?%EvFYC˩$'m;xSW\cpd_ڌiikQ[ qf :9x󨨧ђi :%Vl' V0#/ pܕN2MPhnvy'䗪æili's;ǎ`vV gYA0,W;ogMMPe8xBss゘0tP~; A͙/"រ#@vpXcYrOi?3$édy&y`*]HP![Tq̐1BkZYqeֽ,/PQf Wrs.!#Ws;4 4' t0MYZ>~%`à葶QxeZp.+_daft#zs';kA:{ A`>śK?VaX^1_M4wk:칒u:(24 >ہ+>ågr"EhVG3 2𼮔Zw2r\rh趻Ҡ@򧷣(iM2Nl!{64L?SM>WUtsI_w7tp_3?}oA_@YILmHo>vs٪X-yd%yYq[MZy,K XgOo`djD)YG v0;:fwxc_u5qS14zik@toAC7Hf VZğ`zcHSb īeRb|?jYD9dH]( E^H Kue|V)OcX" A,fHE֢jurvgDGpg=ۆZ-P̵p@$lR;.  ТZ9@/# 󀢦 SەAК`שiRIœ{P\Un=;M!)&b*zS-bJh(g*z8KHl<ƛi}ug*B_ٮC. ݽ%E 4oQbƆFWeB70j^V".! 05HςN S~x^\X}C`k/#Tg_ٛiY8YCJL=M@ӕRiBD!&T5<*R\\X|l NQc@(Aϗ 34@Ѡx0P^$:ӏpLDK<&.=lf;_ƀ΂e+pKeq[/ɵ;wb#W sDKpo,l8LZΕ ZOMf-raH=\u)?/QsV8;Ȇ%Iwޒml"Jp:`.}ff3F?ORb]]D@Qәt8yQa3'Ljn5 #YF1 Z9" +Jy*1P5*Д:/dK~z+ 5>7瞠& b450]@e]&<< !D/;@*ؗ>D=BlY ZAYd8O`a="QRa' 2T?6_Ay=HX^!GoN==gvѡ RZq-+0f gk*lWX&Uj"b]魦g `!x'@۠5]LxsC* .yw!/kE_%uvQY\SX,4h?= : ;.ϙ7_5~\+Sk{$o^(%ͳT`~*+)8@ːؼT, Gz~#>٘r#_k <i}>q08%:sa8;ҡF~ H:3I$=L׉COn'ޟhvLe[2&1+*ZUD"abzo,rkP(>5Ϗ*;#fc3b}7_ĝK\!rĪ=%BAIf!4<"L9׵RˋF%MH"t)w1*4żsa;{^qyz1x8Ue] Y'j#5#cb&'ٜ'R`5]gKl2>պƈpY'CQ.:2W j|Ϋŵ"Ba 38OROW⊀N)t v sIAc^ Oa]FkDrµ }wͼĜ16A.⧒9y<)^tcW*>O3D8RahvAzЋ$We: !|y):"h <5+VW{e#jZk ŭ8^BQ+GsDœ rWEgžEyPP5emw^:?鷋?uJlO(ٴLh^>K\]]oo˳aD7r4…UѪ!QAcqD$DƲoP82D#R`a`Y|yb-klӉ Fգ@}h }`t1NI.< ~J('wɁ9vs|=N^&nVJ4"oBB24mȹn[P}͏Q-K0q$8ڃAV#7QԽ?F-YB4LH[iM6m]GDb ief\w |RnPS~d>gЁA@AȠ`m3UET:b%D=> K7~ .0<Ulr冲XxikhW *mH%UYG 5N:PRUs<`{:20}k[G7!N=TYߦ QIXKH!bHͺhLuIQ8)ico(I H/7(yv rv6Cc:* |/C ? ~RnY4|waT/Fk'*2d_9H JGHa1-GvјWM6uc|{D;6&~Cxs䞘7>P0M^Γc }"&8lV;^٩]̑2aׇ 2R 9Y]1H/K%)-eQJ#U .Y8:XH ;JׅtE5, QV>&< D"JZӉb'oڗ234rnTT*  2֗`z/HYqx8J͟j[b$ ❲usvӈ>xΛ8fF+B FֽbR'٠w\~jzh/WӒzfpȁ?M(&9@tL b |!Z؁V%a(`[nĊuʴS_`S"Z4 Uƫᩀe+HS)R 6\]a5(9#,ѥNXtOoGٚe2$,Ng^e48-1FJx%d+Ϥ0yB :Q$i5՜WX϶q7+q~1y֙ut&*(^hB5\GrxC ǝ j?fh_|V`a!  6 jZYW,8fĆqc:rFe`QX`f}zJY\n_cJll&EIHK,j lW7[%;8USEZ7hai`.\h})DMѰ;Mۄ:I\Z0N~SP{IC+'^Fg=$)Ǽޓ@l.CDmnCg_g}Ä?il#ۨuµX_;⥱F>=D I*y2+4|\E< ? w'{bNIȏ$S{uOG8T\ut< .~!}I};,ws1FBz\؁)Ar4[&.mm>dL qfjȋLe>:RnULUHKv-͎KBd7y|_Fe{>rB9CNN԰KWգAp 3 Ze//\oS"_5JW|ڽ2J7Ey9s@/:<.:\ce`(<>^I {K+6ȥ{V^%q\TW_J(De:_\nPq'©PLOS#^ MJb<&|H5=KMA^h_ЌݩSt*0qCB_$R:WHucY]K~ u1J0Mee2 "+"_EgẢtw4rzQ1 7q^ww9~j,~O8"G!wyK}h8G4rL"qyAI{W1_,&)irKVyC'^SdtfYIB5h[ۣ#/=K :&IJ|I+rOn5nm7| ?ס-L^k Q/hf}omla>gӌ[_FQ=N6wSWSmx|FǍҕJ=/ ^RqfD9h·lVvNhR<ĐS# #BB[1i>N $uٗ34$dϙ8)(v"/oNSY[\WW*4 ZHb8Jzlҳq~gK^=[iXNrJӲ囩 sk\~) i}H&A/zӡFx.$|ṂPqoÜtu46)qvdሐeK!෥VYj"X' mM)n\/~y3i7~PT|J͜s+a Bœ!C'1O/C@L'\lh30o"ߘ`׬]El &J>o<-9vs7žʅ47ߋ:KPl)HWp,9'Ye{v19mB]8@5Y_`)5b/W̼8-#O Vex" @ $c55SVSgN2ZfgZ5&+9)5S['b?.K1yq#?B4Fݗubr BwUUȐFwdcAS bqf4UJ|w}>wy,NYz,1EPl;DDُUZQnϘo$6`>{4u>m٘㱬@Ab7 - `Q~|Yޜt_v hI}hǓ pY{ \i8d]{rSA<[B 6TW ]"ag0؈CWΎzᆨbg5 $&pA6LtϹI%=ZmRaoYN6Gpl-`=4<$ (Pn,Y\,f;/kϽftu?0}t\O~ k3ɘq=_$6!l> $i%ف#yЙvl;G ZɄh,( "e:> c+El22ݜ-;6gө |qDgZt  sm9I*T/{^N ׭ZnP83l:5Wx& de%#DJ=l3qsa̕=U<8qm!jnm4Do79JТ?/prvhp9׈a*yKb*Z4Q9%0Lf㗪ǖB P5hLeyLQv=3AnkFGZU嫬YwZI!81U~%4q<#ɍ:9w `ޕWQ2&<I[zmGպ}(!`xʇ|&AhR'aAiW) s=e=ɞC"^ߖqI:36{ R `bkZv 1spw1܈C 8(a/t;6[g='}laIcR -` jzA902Y(BO!Ʀ[0rNw(KdiDv#F Ļ2z<ȯثR> ҉?I:{)VuHKqRy-N⼫B{w1 . Fm8FqdIbERMuc󷽢PsAv8psluy@@¿/A Wp>ѷ>ˢ㰴;ENW䉮WboTb 7cYk`}>Z(5pK;XP ut7f7\ kB07Z kE$LٯӃFN?-œJq4rX_ ^P8cN_3qy+/)Zi5+F*vAy %}:(Gs;Ts ,h XKmtB0"b*1AvA!Br~&bz>ߴh"'*S 78qZ|tޫȚj=5MoEvA^(eQ7Wkz#k1BKEM@-.B!b PdruGrAgW/ŽQޭ-2M_kO(;$,͍v[mى62xPᱛ/ wT :o[V#Xoպ.0"iFcѐE>"At%vFw#ߙ9$Do$D=ok@)Jthʒxk' Xּ{ I6EQjUy:zօ ڈI`ARa|Q3Ug0u&8J$AaԐݎݽ99rݹw퇚/m^TBxY%ȡSwiX)ծCuY%#)1&7$RmGCvW+hGA=ْVQQexAeTSG`I9=(U@ц0o#kX<1ck$ċ'犙iN#߮V=@nUYWa"k_kt#A~CxP q/?\RۣWFPX^߉}"%X&ˇQ%ZUmr~l[ȧ!е7O\q郃uTSe;/e}.< |Ѽض Sp2Äv:7=C.ye Jr߽my}v oق"eqC/aEO88O\&渕ⲉ~fNLt~;_= {QrJQq#?h!5-=XCt@aFҟ6;-\%҄jyxc|5 $4AFU$č V"fx-̉=p߭WsE\X% [/SL9c8j 4]뙣SAQ'ր"փd{ܟӟUOI .LB3BiqԄA3]i_}G{ nOޤ g \@"*֠b^@˱4R~o96R /<Ue(H |1fu|eTK(<+u)EcD'\5#*6 ϷMu P wJgwXN0bW:>DMdf߰l%ȼےr߱(uua{"wxW ߠ6{ c kKԡG[MǒşO߀d& '<cvV؆z/|Ou;mЃZ^+s&`WYhpoc$Kcd T?]_g&=3Sr_Z"']kZIk%%O9"V""$#*=]hՕ 't2 g1]ܢgZ#x ^(}rJRBW܀-g]aJ;@R YI @ cQuĢTzKSj$xdNh~=<-L'7& #H#rʎj9_|[zjM37G<"yBwS\xǒ >Vg o%-HgɱDA */p/vMA1#L_Lp'yލGVw2X5KN2g ⷃ,#%`2㒛E{64`ۓ(?79b+ ;zL󓲥iU[GZϓ R⹁S6/|)p8t on}_GoK#:\3;z/8nފ}Hg9_%F;Z{Nme5  {fIOAǙ7U!\y= db*CkK54CM:qG9WfȒck֑T^n`Eitf!J.>BqDuܿXݝjxJ:)yx? A\ʛ${(@96nW,MT"KUHԇ6F'LsuկcOuxsJ.oS=.=]-|^1]rY# dFDͬs%ɹ J L4r{RA5HD ;f݃dj:M*1zu◵Z;IqN)G߶9ƍZ~cfjf'̮ci8[h^ L~b Ԥ7k *o:d~Yh[qKN'5r{Q*?T˖|'CoIzO;9$dX܍ox@p%Ր^c}f 0y?rQg,RTzE,BACw> E>a]'<ӼI%2k:u~z%_;xwnO(u-ȼZT|Iu7;%tԟ@ha1Oe}Shet E^0fl3yEI.CP0᥵("_ZXgja2"i- 0Z{t,WPhn/ĎVFꓢvVe4~iAd9ج9-|Va+P> Z&1 %ỲcB4,B~G5>w eEmT Ĝ[m%$%p jfz򅾮YEII>=N̈>`%K3 ;wB4d6B}6s-ւ}PRjirm`àE단,3ڥ y@xei;co"5txg3NC5E0k^ԶGrX=Sbp\̃IޚYc!҈!Ao<9KyiH0;^]He+E :8GFGQ̳hC`G~yJ(DE!.{ sE1`|7 Ugz Q`;-Q6@(2E?m_:&s/ ubÛjv`hJ&W1 灚Sh'L];MZ~JSTS$L:Ӷ@r=1. &z ,RʘVʪ_ӏ sAZ+jX(_12"1Ӹ=X=f=9]Q@αA"֗pO^ԂE.,oF-S/\rЬ1`!]϶iiqiPYL 3GހO 69wn\mԄ2wÉO^:JCqoNJ3Oة?N2g* (/(T1tT8.[F`q&+lEq{T:-I  ~k*`؝rg+2v~˿q*d jDSG5O펶nBP&Mձy?=T\POÊ͸"mWT:5`x_&ͻ/9."U<2L٪{`?jq+^̭|2AFH9ِQB2L ÌI*R=;bpv`NCДxc@6bW%XBƎ]WpB( H2ib kT fer/H/V@ x1$Et.+pZa/ۂK^?4kdHR ^!QԈT4߾ $D'2}tpq댥ƨ/I#-~YT`(t5:REGwFt'ܭ96boFMк8-~KS聗Vs9lizƂpץygq>!d]n@B3TCA<q:Fx1=sKӂ?E4 oKa%,Y;9 L'| N#\*U#=ǃE7e{&Jz)638vP\s땲5(^KLs]Gٖ(f=g}&ʼakqU@h~䵢Gd6?~ x઄p r{/ԚTgjއ QȐ.W`s݌`NHG`;"L¾V`ZLRR` @>q-^ sEK?t8+ۄB?5\dyO-@ q(T ^ Zv^D7%`N;|I>+X^X#:S6BCj%UMp^T)!'<~қJa/oӘui4};č5<^2%Pp~ ʼn"?rH$|-i+އvCe uO ~My` =!1ѷFyfb#e 4t^WxU+I=AN;yo_Qu=liBaxQ|ry Mٮw Y$BH87 !)f &Aہ?P3~3z4^ê9/ğG0?%z" Qݰ6+*@àJ`L *jcJO1zÒMg˭l+$h;GJ+)y)و0x$ᵖ!j@>S ?|#MP4&_fB_G1.h\0Jإ`h.H4R̚Si.Y.zq+h~A_>k ra+3vo>ERMzN] /Ss!rη_l1S. kck'Щ~{cX*8|葧OK'4Cz+93J!\z\Lԅv 稏̼/p5w(B^Qݽ" d *M5KE6'a[Q7߽xK2>trKdle@6\@Gͭ1Ɔ,.Vslevy1L]Yf߫œT!aO}zO 6‡dKjxL}G[zٓu{c![l>Rsj>Kz,cGi8FE l$ϊ*1F!O,ߎIb:+cj(0!g,8Cn+ێM M(DnЌ.؅%* S5%Ȓ vm|5[ Qn(Gdnno, noPvo1o&FaVAfw/S20'@v.AUikV2;0 ODy-AX fj8(i(ak3پqR ՌuP3LO."kglIe^Ĝ gl(8l=,1Y#$m Mm b6FoDXY2BUFFkMqNyMV ᵁ Cu>"ur]#Nh)i}m},ltsڍ6eu @N֡Rm e(U&$޳B>1+!`FO^9hY&U=x\s{Ղ%؍ ܍V2=qR"vNRښ`fe:2v[3 G<`D ?ۓ?+o}Ȣ\~ڡBC Y^! gmvלnP 1zQ fc+^ Vڕc (Н`M3Y~gkE??q/?%&=w^֝Z/ 1?& iњ;U=^5{,;jl]SFW kY6rRC}v9.ީI蒮`-ۓ*F7LIe9 f `VzDz}*JD'yYawУw;+Y+D-2hX^'^c$ C~yl }p8>C. N_׶"cOh o<ȠviyNF۲ 'kǠ|(˅3-C>Zqag㪎 |Q/]X9hXu=BQ%vMb^"j{"cݑ2+hNdw\EEZOC?!9 Yǁm 6!>kOYp+m.25 J($^ˆ*1V @v4Ǡ*)g;JqgJn%E ;c5҅W8!QOYJUwW/JG,aiG5*_Q%qUs+E_w^4BXo5Ț1 <`o(PdH_52;̹}!X1Lƒ6TLV@wvǛpM0W3oye)f@?@̧Ʋ6f*;0.|Ai$Kok6SR̍E@Wd9o4[Ug1ؤ* 5 n대nԞ›+ܝ{U}ܵ:7w=)vy^ 8R* o#_j4Z NVrNr"`@J*4W.oTZ;W"Z1}H͂7#Z#swǎd>6.C )lxik$8=H%t=<Խ>eXlyy`~ic/TN{0au3CYf%I xg)TQpqEmB/alaA^3WU/f5WA/Mr`i+,Q< K/jav@pDCrAUǁG+<-6␟/=΀9N@yXM-EfiC=pWxõT$0m" sJ?oϻ *ڿ!\ `qsaH?驌2[Ĩ­ ^˷ \C;Wp79&wWT4jqelv,RD3* ѷͳ4= 0Ah2 eƌ`\ 28S-n}`E6Łtt30q/$ƇǵSE<$[֪Ve7`Yi@fۆBc  X9 $͜R^5xh+iY&~ldD2^,ڗt/MxD jGO(/}?.n^%%5B okP͏[蔎&xX9 nνpd; B~m4 Eќ+rwύm*;apϜв";Rj<~`I-.|!'XSdut\.òSŃxMeΑx\؏)s^LsuYF#bud!.qwolm7E'dDM{cQ!=Y,Oituԕ;ƴ8Vl,guS91,IlR)}? ""=i8yck7MӻHUU$=ҒX2) <U._ r}ڎYM NJ&\jN=u>$xqO$IGq!{̓Ix|G7OGzLtvREozs)xW4Q3 DA/ nFx }6Hqblۘiޔ<;/vjaJeƱŦ WXEE3RُϕTzy|G;x-9Ƌ;С=I1> | WuPGbuG2I%hVO2ɍ/N+x\H$&0K1Pq ߌ_J%ON!9nab9d { ߝzI^>]l~_96ۻcnrp2wԘc&4 HB5&e]T%+"#,Y2(hXqN% %>Ir"Md,Be)nE+0U6}tW4l#-GЕ˾ka_0u SP0=PdϵIG sĬ:h2B͈ސ;d&u@E^"!?p)Oz oOْІg+ga<͗BG?sJ <읨T7[& ?b=ׇVG$<Q7(ke?|`T U?Uq6+_zݡTVK)ۀb:MAwg"K-DAzug;ay=OOmå&hsW|*(*jxj.DmF׽聦~-+6)W3(lx id{'rYB07cn7eu/`xGC࿏jaz!Vוwf5o3RǐEWn\ ^">92 *30W@՘|劸Z$(L8Ş<4]QO[џ*NiI9+E{K~P~Ґ-laΙ>*(cE 1 ڦjx F7(W~&hLfk:,2ޛuӘ~Kӄ:9Ob"tL.JX\X6Mơ=/ ^ef9|`~V8s/BWnE|h+G:_e2o%{+ LI()"0\&΢1X%Xq8}NF*4&Bx\7.k:N^0Lc9Y͠f ']ā !.[6y@O>6N*uGBeQTê?l6 @3IU My=N\09 !p/~Vqj=uEp&^Y KLB6vU7Pf=x얺m֫5bӽ+5> o+nqDjf^ <ޏ0<q^L ŐWl趥#{kR4)Dz!Rd{89DgՅ/۸cu%jt;; /Iy1Pmmh~tЈ6cj`qdr#88 zj36tV1׹}pmH(0Ryw~TIO]H<^Wҝa@q&|FM]h.2%z7yyw(oz/S%ҡb[mLLWPϱbA)i[ I'.HTis/m\n:yGQzyVV {/M.j!&q?6 {3 |MةK!xg3 H|CƁLiUH6PAgʡ:<5t5dT;x:U*ܽYdWp4ҋqP@LkKe` cV " ͞ѿDjRk@? 1oi^ߊV 3jJ2b8s0Tl1EAB@9R2%6c sW+i30w/)|HPW*D6 4 /ɵa~{;D%TFݠ@UP :ԡ3y?= 梣IF-ucK/8tMsbhkPvV:׉yaV*M#!:&JMrO,D7Q}B踐AjFY+";ѣ* P o"Wπa=/cc6eJzUۿ U%)eD*RBUL[̶TTs&qBLOQ#Y=&>$f:QOyP } T^XOŦZ= ?'Yux9_bѶ¿S٦T΄޿.;a0aI&#_V5jqqzϑZƎ9vxD0}rjU0 NV#Uz zmjzaR=p+o(FqLE9G~R(/傐,Bq t7<~%bݔgN|C)ET_O}GOBb}bt16 ]"Ct 4 2A.\ W)ߣ6slރ__xo|֘\-]"xcH@Hq4QpM+6 l&Aԝܙ_Ĕ^v^WLBUH /C6 r5D;Hr$Bjb-I5fn$d)~zp y,^;a Z6<-W؅%00&+ wSG9+&`*M1/gI-gcX%~GP^yA u~!yk}R~=k+[9G[ n!4552M;Q99$S`ʵ\sf ٮޚ& 0R-[\GY:¾8|ib4P8O_+Lvׇ4*7%DU:/",>KiI4n Oa4ԂUNCΙ?`Dt=LHX"v >,|{?+q2C˺ǹ<Ѹԃh=ZЖ "u"\$:(1˿sR^^:¥^ B.64]B2!DY]xe:"<1F!o(R;RDYke~v 016{7}s0[|Y]˷AC`n~:k"U!rȬ_ (ʕ+~*WdC| xϴG`r,!8rK i\SşC&٤QqwFm_N]2Bq,]e(}a˥ ^ܥW_s5);4d%}e#DyFJ]}SdB/1KF 鎃 2xҼ']8tNQ:L{L;G3 }kX@NaGvupAw 2p"}wJ!v5cգFao݇1a:(~TQцIt'T"hMzEZA0oWӳRC>ec$*}ńCty eڠ_P<k>Nm:ϝG|B)~XaSS6')kS Sqj^I ً  RH|*T Q"um.|HI0p׶WPےlS[)TV|2|)ĥv>&+GH+vgĩJB͌,}:כ /IKC~l4)qeb3/2WȽW@{? /D߲0fnFzI>'r_}%ʮu6a8{E^s =̏WʐG1LL=jI>+k_W (<}.e163NH=HZ.&mz\hYN@\aC8ۖ%G=A|R[bhO2L,s0T?>Mlj ,XK2"Wً$toEy"c{2R˃FɸcBgO.!NYЋd.gڋ{)-8ğNw%,nm4rя $`‹b8$u{k`m" sEiUYIr*9v"WOql]аY}Q2<=& ֭ɋmhI_5D2vO=-bb.vF]A\+*ԓʳe%I_IxPت5>e y4Oa=Dgary#!L9J M3cELЍz\*1R'(쁬'9Z#&`; ^7F{Vh]bzxfM_vwba/P"FtggH>xXSMJYd(ri ["88̅U:>1vjߨEcg+,Cs9E#vGM)b nhM[9`xdTbS+=0S/IjR;dmTG횆*ꋿ+T-;}V-mmgL/sJC \ׂ6#)eEt&وGDa]쭠J0MS(/U9Y k sq S*2Sێ=W \G9P|߫<_o'sB1-菢# aژy |%î2o8#}5wèX7ڙHJgo174rپ^z#H̝hpMᰃj4u*&Oj2&m)40n=yJe00ͶZYydf3I~jټm@1,ؠyKWCJo6%H*m Y-wJ5FR˱up{YFzAa^1,m-0FjVi˝n'! &*e&%ߞۨzqgSΑ㉭w7+",QP9ï㖅2R?ؠ BC[MEu Pzת;K\YP%+]3ݨpwZQ{/֬5a) ʥp~\,dK̗"51FwqYӹٝz3ZJ%ζ;KGr?ۆ@Y~.>KЌj.z)1=!9 nZDsw0Ya3C} *JY*/R6Xb#s# OeR0IijkYXPW.8ydQnz/$Ek-hK*q"b֕Fg.T` s7y_<)[Go索}(@R!x4ܥ^AnŽi3{tƣe?;p{=5v,L7PАW-[&otuαMXX itm7Wm|>T߀+6'$j_HU ơfTҩ p޾\XZS x5u%i60IhL3\$d4ʳL~M&%РYȨˇq9F|J˔~ug(ڂf e4jwqQtԝ6?U桤&Rb-/pU}2Nr3]wťefQ@?3s:߫SkB@.!/v{e/m`C{u~B.mr^+[Ф]%!ji%}B P0 <)DD n,b[Q#U*%3kD[F*eiU[%;H+/n d78Y19t24D/y/4Cf}%Ux3_o|i L/co%S-08xO̫u3NP7+Z4lw|A2Jȱ`r*^>)GWϋH|+b*/Tc\ y ߻$X }`@Q`U{'@ Z'\ !t1:WS80O1ׅ{c#ˇK?2p(ZXxN2z`@Zx p{02 xGAMꦿgV6JQ[~MKLa4YYd8Dlvna K~Î@E^5dniPCĉGScfs.gIdu^KfyMKEދC>Db,?ÍޞyHHI4Ŧ5|7=+mKvYy[V⋇<Q^N˾c'FgF`){A&[4ǀ: ~E_N:_pɁF 26`R ()O/jln֑mG ٷMq?2DV 4_V/Œx46̈B]!gzU?iVSDgSIzY\{l sZnr_7G̘к,b~}6ӹ_5 LG]FZTB$v k3!.{ucs/ uClU3{;cnV^e޸ca@ Qm6SRcxM tZ=`CJs{+VPI&k~p/?ɹ($U_˩Dc!/K d{|-4EeDL0%g&z Q?s_jg6wDS-p[};KmV}S쩷 $R$"(ka6HO%-#L{S:HVsN7M4=wCzF<腘_/vWy`A18i-lw-t8CˊJm] efأ7LyFrk/UB1x,ZX@g) FB OBig"\ߨˌ"a's\50YYh Qxdkzb YjF:$/p0?3ݒ2f$:-4೮Ld嫤G@ι=ˎ>wUG%;1f ew]8YῬ])]O4-P Bnz<Ǻ>⡦G !&C ^IxH7Ug`E"g[V5f bY'Aݡ%jެhO˵sAr41T#,%jSJHΖP>GC^;'zQF6}z;u0mģ _)5=lR94-W#w\K}|q?\6%r_ҥwEI)߆:2ڊ_VGgו~JP ؾ+v -Y$#s#O >ABUn_ixEt1v;O gjmy)$t]}# 1?fQӵm=*mxY9ۚμ֑]-Pm0JhtVw;&fT,EӆFЍ{\RGNCOOY* \=#P/H%6 Xλʓ񀦅F>:tkө Z67`9# w8R-Psا妑hԉɂ^c*#O(Hbc3F(6-5|?9􃑲6at'TW{P s|b)'2pL;,kSZH>g6zӚO?TWP6y]uTT s%LM2h咼;UEcn?r/[]y~qiQWD՞mq"H8MFn < uyW:t5"WŶqhBSqՈJV|}dyyL`~2fp4l'9@O9[\]=0`ȩyʋC9G FW s^SemΙatLn\VSnB>Xe|? qqӣSyps F,uȺ_6o&]#T~n.81Hفs{2 Pnͩ{]UVرV8W/􄋄V1[`=]-<̼%'L=\If@ \NGԞjRZL7ɁxHuuvr5LO'd7SX4/+2'ka!\-J}tUu G#rU'Ayǔ`t0'7bã#3r`+V/оi?X&?Kq-o0q3:᭴ȐMyzmv!h\C኿b*=Q'@GiɎX"AnN~fe{8rg^Nv%{2(̝r[QK=5XP?rˊYr4?I[MuvZ}b|M8!j`LO*hN*L|EDZ6B"ͤdVg`VoiQi`_55G] ;X3MkdNۘRKi|.)fjڧ(ѓroN9<n5/˦Eu3/ ÞPDH8䋢m}<s9\OpLSɧdÔ<kKX*Z%Q 5qu&Kc`־nkYQՊäQ*v]!b/džIdVO7ȇǛ4g2+k'61*M1|Pv)[' Dt=!GdJy&nLS)r2s!͙,=kk|$Q$) (dʠύ j3ާ{Fɓu7 սօW]XY A>QOx0q_&ZgN2yҏI<~\af^s&=lgtCy~b3!%C՞XoV3\A NuKj>Jij md!<o?30xiq5"nW4pwչvNhǛr@G_")_[XXheRPH^G  22zLJ +&d:%H)\-c`߼\~%}}ߠӴ; aQr`PWs/ϸVrJ0qwT~6˧ZK/F[LX6]^um$fHoaW 2tJ= ,YAGY'S N<'[&ȝ3xyM-LŪx0+\FNo92؈r_\ 7U.΂2P:镴o[ǻ?=tzWĸuJ؄~3!'@3eqN}bnBkGNפ$#Mg†Ʃa~Fq!3Ef:Pvt!OHV00dq> E1B;yqh^C(>t 5߅;Tn˾r,|QG;dB~N>VZR9aQ}H;($Jw"AuK7ߐ5߂0S@rQ&eەK32B3'0 emNEp BjʱM88Ή bcV~\4*u>Yo36UvD٢(UFDE v+Wl~0RAcג{ej$~O Ѻ ]҂|tHGhZM||힣̣U;UH]~z ' jŐ]Zoy084Q,@t=GQBD%4`ү=U;-n):~2g&l4Y4Yn -ՙ!2L!uA6 \fy'=:MU}#K,”w}AX):HmCj~ ĪE! JZ2A]:pǹt>fTtFQM[k5Ȉi vax!.cvw֎S< NN23l\3M:i~E.ޘpJav$F(DU۱aŦHnY:#:\^؁ʋyi<}l8 gBۺFFf~uR ;b36~,Δ_ Mw߈L&j|OZ5x9R@Lk(rS#ek,P`%:<Ȗgy.VEG2d\f/u/_70+(,}$+I%OVOSY(kI;ki5VZ)+8l[ *Nڨ/xhÖ.FE>q^WO/AXE/+j,{G6, w1sn&Nw<уkRG( =\^]YF&cZ4k+X-l+C)$q?2HL'mֻJtO'Nύ4io,Bq1s@G/Tޤb%{ yG f&1|<hЗf>V[s1YLbxߢTa k/w^荼( vݽWU 91gQ7;COJO7 @[zK< .n3acm9Mˉ&i}ۂ:8k,= b7^_nM"7u!~&? Ž'Y߯ )E9K:kzQl塖/$R2Ң}BjΧx>_h%XS ?C7݄; [HĤܩ.pSw[hv['4넏>58c#+o}w/DPy4;ӊ`8`tId&lOu‹,mQ;.M79HZ\f/,/< "RmHV`5r]nxg}jB>;`<ߠGL.FQ'FӅKtE O@]- V2gtEI{Ywew6BeQLOD|;ެ"_C O| OFmYBaTT_.ê4.a)k49"HOWڬ=[|CrN|Ɓ{3+s0xe&_3cPU12jpcø`S委cYSwa\"=sl}zL0A-&X\cjRy \@p~ɍҊ-qw0 uSmF;ܲ<7/!<)L-tIx[,ȉ?FDL̊^ \S^e4Pcxɷ#:Z_`;TS_YP-68:O%SyadPrWmU5 ; f\+ Ez8A [՝rDuXdgg'"k}& oĸ*}K5 PGYi(P`?],W[x% ;J ?QotOc bgVj6D)*5to.q@vCTGDMIb^ [Uޕ \?5ooOD89"(H=6W^|xpfѭΝwG\rU<6D9oǼyS970>3 tH%9+]FƩ1\(rb˗hy H9op"P39F; :דU)iDL@tn&JՎjwm?;K/6 Ex0* 3ût B vȆ ?gnn"R 5!CXl#LUs(\cyGN\4i5_Mӛ@?8NX]SgjmX܈5%GByCj-,dT9tߋ. L:\؛ZkjM^rE6ϼ p]ZL4*g0 fImC 7g԰ᘱb:)g< x72]z*KmU<?ijm8q1pr}[<-NNm0@Py4h\iˇpa;g^~羈=l&V̠BӋI\m/b=}*ӘOz S3\ݖ֮1FSZ]LF`6:t v#$ql|:sO9x^,nG0C w0j = JZJ wPBđyV,Y/{8%߶#fQɈVWs7ܱ&VFF3`*G' ̂&#([)_έ[r- 4 <9kHv.]sBngeG~NC)~Uƨz<'b@3!ӕWSUZI~ꤐf#lB% @xdY7iAA|!'gX9Yg|hVa^G Pb0lrpNmLT8o uȱlW.YAv#[:(ϸ" *\vg)̙ژn͞-si:J2cD |DlTBs.cqc)U=0ÍlIdiR v\sձZLB,xN 7(Iˁn!(4pُ­ĦrL%<թCnz+R|qsǷXC2l;Sڞ7V-/D:Ck+ryw6J{m0l+YޓT9սļ9#& vƒs=%=BrҋT~$Me=`AiU%}oh?˴ ~5ab]ٗ$9Ecd7YU2;F$Sg`Ef,-JV O]&ǤA篷S#P܀eR^8z[r1fBpCrI4XDIMH<{<(o{;L:.~b^{@ḓ8uH$ haw?TQ.GH#Po%4߱nWJ3nꌆg&5ԙԠS5ʵq-ȘVzs*TLW hK@!AV V pIo֟M4:z&07%DMPSGJw`mb,6ZN7)!܅n&MywS 6?3ecIHd^|ˇp9E 8n"s 9󗁉o#[|]#=mZr}톛A.w<(U~Z1t5) Gš&}J4 vIW\4+酬Џ]@S|#E洷Ī#@a@]s m{A&`WEd]3ݯBi+@#N$Cb`!\)8mҘz1|@`^;|UY'D2+WCZdrܙ!BޗU] 9j&f6A Oþҟ?1_nO8 #p5%{j %Վc$j6|wMJ N*6[Ƴ g ?t~EC#ؗb+m𘈓NhLrU&6+ynꤰc8{2i No& cPDᔌ֬ܖˮV Mѳ"l{ם=질Y(^3Aw5 cep4y]=O웭in ?$}j/0HZP1x8C JzmgNDo~ZoSR%C{9eZnO.IaȨqC LWX% Q5aF*JbՆ4HZ%-].0AV R<|;UWf!麪RR:6 S5םOXlYF%5XӲ>>gV8zI n3QaT1KR4EJ"&n{!7!5e mr"6đkK-aB=NF3iuRPS65$—QB|w=T$VxѤ=G6W~ۿݺQa^9>'ZJ:I@ 4Qn/`C9<S~Ws'q*+nSD >-?fWe )/./WL>7r<΅#4sqMt*^8jL| Xg`@ #%Ѯ/K r ']}7=TDݲY IwjM|"zHR ˛㑎D1ckCFhvn P;aB]C53" 2/RˤSnEɅ84̶}\n#D+z"?Gʎ@*QDA{9.6I͉Fc3Ϡ7}E WJ {m;WB\{m)sOs1sVoy_ S+ڊRVZ'28#P-H2OJ"(IkPM/Q=/6n 2y: gZH])65.[}c\*iX@7EC5MaJmrF4~WÒέ0JC+ilmxq)i k:1q+ OvbJZq!s,˝d~9$4H_8T 0ysgg)T%̛@ )i|qjD^W0Hst4RD`dӴi.2Do ص~d8e5qipI4ڡ6?b(]Qz qUYOT|[d*ol+MP#ǔwp {*jWkΟWGL0Hm,#-|\d&y@/L-bjghm ?Vl4 Iceԣ: ˛k*cr/ƅp׍Ly`e% 9`rC f#Gr-nHn>@X2|Ê6B9E{ٿb@ED.| V;".^ƿM8s,2s+Y@jIG#+Z>B&w_PAxd%hѫHn .9࢔s,@qN%vvԂ|{c?c5MϵYtƻhuX&anּf$O{#(X^Om&^nk ?.,CQ-\%sx-sS16nVLa a#monBO|_rÒ GJT>VfaȒ<@TI4vVh߾Jk2U^yd3_jj%͡Áa%ֹӊ Ug)ď~‚lLÜAYI+N`.}ṟa`@.QJ8ՕE"G2ؖ9%tL!# EcȝD> K"iGbF7F=o6nL03U֙@s%2O\2"d{ǣ"í~w&Fk) _]Sdp-C{1QA4[SNS6(ä,}&B|By~V Lι%6(MG-rL &5?#= TJD `l(-To\-qNE% y,yR*3iSbYKsvH'ޙ#JovMOЌ T5{~R dd|+wtY1vn_vMHpuMc(t kwkk,sه|~. ~PpQN=3'3snŬ+}!R|!臎0ɢqbV2^An/f.- WKnvmDXV ,9mJe`v:N=KLMOUWe.fѕj5 GdcV*@.ƴ$+Kx'QꑅFJ?З8![9O}$L0%g .9<~~JO4*#8c&E=VwB%D T&W !^۔Û_OC۔ yi2h[`Wctt!;xzdD +{Qj3݀$#]m՗QPQ}-GՆBdӃSPߔS,kWT*tr pAkrS&ƽ"cG$`09Y(&9n71VޮZp4d`` 2E܄_uKM'<ƴcӼ'Ks{B`T!rⓅe(3C=X=RY=ƄW VdUח<k"zo{¦ 2}aft!tiCփilʙfH0P~.:#QD5ឡ֛ys鿤B7?eu@L" ڔ )R`9C*7;PXXʪ n4.A1x/4c[4f=R36#K'e{5X=E9a,م::f*,w`{ ˂ddf8 { !0Q Ay6kkہ9nWЭ=&"[)p4!5$@r ue n>r//&k[\-g3Kj'`'sKc%_by rMB&a*=ZwٕLcDcЖ>R,b(NkeW%LٗK2k5խ$+g~s tM??{\:? R{Pisdg`G)4Su Լl OBXlvi $?^4d-&"{zZ^!V**Ճ߈LKM2ZFnKѼԻO6}^y줣 Y9P3TI>0h |ȠN|uB`L#mva'$CE\avMY`*?swr@<]*fZPĽ&ue9nhvvF\,8R/ "04g\ Desxi*c=%rj,S+䛶T\KFnSBiMrɀ&jJC 99~xlbfرmHrS2_]A|"%AXQ(sd0C+;{\Z\ a%ɷe2DK>`Rv*sSU?)`iwc$sn T瘆AjZZt)o5 NN994-[F!d4Ҩ8)Ӹ骥>"ARE8sKa' ϊZgӄ2SђltN9>vt6Œ( }.Ԕm|õ3FXvA)H{h# PEL *&x9 rƁmJ.'?>7Bq.V}PGuAMW>` s:_#Kx긘ZVHgNPX~ 62󙛒\BӉ,I 4Z]<YGeVppJFu(`$_ūݧZWk66d ?X@^{Pvؒ?T| gWB_LWh)%>~1/<:߈W= d $<H(̸C#)EFgLf*orqëqL؏y` :'G%0XiHI:x7Hk|fhmI0;D MJeW$Q jϾnI2'!qtxUIc`ڋst_fFk"]gQ /_c}jk=>7T,ѳȦ"]AL~[;g9S0Z]q{.TKA1DDSl)/|gJZ"ɱl85jOZw1;g:!FvcjOMpxcͫ@iuy>2$' -,<s@`w#$prZJCc #A1)b"(N*= WB٩Q2CyOG|;\ ݶde;&@ǿ9QfZ*m@ gЃBl[ѩ"2%Mn7ỹ6dZ3PF\?av> #cצBRbt Ix|Mקǜ$fHZԀ Xx_F!_ GH[āK>ݯ` _) YZ