pam_pkcs11-0.6.10-150600.16.8.1<>,} hOWp9|v#z?37Y䂆xs.&Cqd6,POYJÖ<7c{AÈ8͙乳|!eCK砰*)c?@,a<='luU`A\9Qd1*9kI] ܂gl $9U0ғxJ?&bv{؁Vs/)WYcqGIIK@쎙ZS̢Qd{ۘ3ZʳNi|;i* UYV][ZStStt>IKp?K`d  " 6"4 J`  p9T9 9 89 9 9 X9 <9!Y9"v"9##)$\)')((I8(P 9(x :)A =2>2?2@2F2G29H39I49X5Y5 \5L9]609^9b;cLGPL-2.1-or-laterhttps://www.suse.com/Productivity/Securityhttps://github.com/OpenSC/pam_pkcs11linuxx86_64 if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : for service in pkcs11_eventmgr.service ; do sysv_service=${service%.*} if [ ! -e /usr/lib/systemd/system/$service ] && [ ! -e /etc/init.d/$sysv_service ]; then mkdir -p /run/systemd/rpm/needs-preset touch /run/systemd/rpm/needs-preset/$service elif [ -e /etc/init.d/$sysv_service ] && [ ! -e /var/lib/systemd/migrated/$sysv_service ]; then /usr/sbin/systemd-sysv-convert --save $sysv_service || : mkdir -p /run/systemd/rpm/needs-sysv-convert touch /run/systemd/rpm/needs-sysv-convert/$service fi done fi if [ -x /usr/bin/systemctl ]; then test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$YAST_IS_RUNNING" != "instsys" ]; then /usr/bin/systemctl daemon-reload || : fi for service in pkcs11_eventmgr.service ; do sysv_service=${service%.*} if [ -e /run/systemd/rpm/needs-preset/$service ]; then /usr/bin/systemctl preset $service || : rm "/run/systemd/rpm/needs-preset/$service" || : elif [ -e /run/systemd/rpm/needs-sysv-convert/$service ]; then /usr/sbin/systemd-sysv-convert --apply $sysv_service || : rm "/run/systemd/rpm/needs-sysv-convert/$service" || : touch /var/lib/systemd/migrated/$sysv_service || : fi done fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -eq 0 -a -x /usr/bin/systemctl ]; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable pkcs11_eventmgr.service || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_STOP_ON_REMOVAL" && . /etc/sysconfig/services test "$DISABLE_STOP_ON_REMOVAL" = yes -o \ "$DISABLE_STOP_ON_REMOVAL" = 1 && exit 0 /usr/bin/systemctl stop pkcs11_eventmgr.service ) || : fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ $1 -eq 0 ]; then # Package removal for service in pkcs11_eventmgr.service ; do sysv_service="${service%.*}" rm -f "/var/lib/systemd/migrated/$sysv_service" || : done fi if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi if [ "$FIRST_ARG" -ge 1 ]; then # Package upgrade, not uninstall if [ -x /usr/bin/systemctl ]; then ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services test "$DISABLE_RESTART_ON_UPDATE" = yes -o \ "$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0 /usr/bin/systemctl try-restart pkcs11_eventmgr.service ) || : fi fiF"( ٰxx9xg> ( ="(_i ; 8 E6EoylAA큤A큤큤AA큤hOUhOUhOUhOUhOUhOUhOUhOVhOVhOVhOVhOVhOUhOVhOVhOUhOVhOVhOVhOVhOUhOU[.@hOG[.@\T#[.@[.@[.@[.@[.@[.@hOUhOUhOUhOPhOUhOUhOPhOUhOUhOUhOUhOUhOUhOUhOUhOUhOUhOUhOUhOUhOUhOUhOUhOUhOUe24eb295659efb39bdf56c59c6b2126e29d1a0adcb62800445ead20c51a67212c79e89aab0974402abc9411da4431b9d9ca9b1ac1c907f09b6d87ae6a2b1f84043fd4e62884418ea546390d29af404c34f74d585ecc05599bba72aa25f9da53c131ff417cde40bad00e7c5df30395e1ff1732903bc3a801db0b61abc6bee4d0e1efc16e3670a3087b19cb87b571218d5a6256469251daf80d7301fcc8a95724bbd457fbb9ad381b7a4788bfdf93607469d1645f5b7888a3780ee54b264decb7da88248d930f5e199dc9074e156d3cbd0cc76c9b3a51269465d6af836751805687760ad35ae78cefbf209219267104fa87d2ee88ecc920c446b55c247ef17cd42063df92c51068b1c1a003690b8b64f633594b24c893cfefe63e17726b8897c467a511d42da4d012097b3df55d144021cf2ed98b2b934eda56de4ddcf8f68b6fd1c86a2314e1a9c256c4287e24151e6cb0b74da7b0ad0471785908ec1093968882dbe1b7d12eb7e1ea2ee9d94592c4208d0faf0effb242bb8f447372d47dd5a8335ac90a159fcfa5f390fa1ec51fad76645f02572fde9d99b0bf9190c46570fde1edc6d8bb46987025ed27f14ed868846a7ac79ecf204235617ad0962d192e75004d728df9c9971a6b6b4560f5a973bc519bcadc8377f73d76936975d571ba869ac27fbfe46a435fddde7d92051121f4618bec7f100f35b04a9862f39311d96af5a5e8294453f7b0acdd079fe687606dd1952aa8c85ace94ac76720e6a01645b715268e0a938155fef128a36fd20bbcbdbcc68229cb05882db74d42b8392883defca543bfc2e74e4520445d469834e2ebbfda30f90e09dcf3f283644b1bd31c08e5ac7af0a33e952dd5cccd0c344fa3255b1865f3b86ba2c85ad0c8dcf8afc2a90786adc85f218870c929ba49130246d55096b53ddbe243c43fcf000604dcd024eedb7ee6611c73fe69220bc3b774ccb18d7dfff7dfcd05ce96c44c7f3346df33f2f0405f9ba1cc07d60a0a036076557480f10d1a038a1e78b44d2b89b266fc696c50089a5c6a137d2be64b94dfd4d0515dbe041881b164007f8ca5385bcf78188b6f52d4a5ce7dc57b92275dcb7a9991be07be5417d07e691742e6f1fb3e4e729b2647732f01409b797bcb71a5a53775dbc2bb3288f5932b594ccbb56bcb8147c79e89aab0974402abc9411da4431b9d9ca9b1ac1c907f09b6d87ae6a2b1f840558ed62beb359afb96c6ae277740c735669862f01e330471f40a38ee7a3cc710bf4bf8da3fb658b6b07d79ce99ba12aca945c77b5e20a530500f7d756c5ece2b1303f66ed4c5da4000de8d3e0fdd716d3390008e388e1acc957c913c0437ccd7980caf8b7e060f068cdfc13ac5631f1ca982d76ce8d8b72db42a2188c4dc77a943fd4e62884418ea546390d29af404c34f74d585ecc05599bba72aa25f9da53cf6b5de0548dbfe62cdf51f9be893cc4eb3f66748193af0a973c76ea6a5ca49eb131ff417cde40bad00e7c5df30395e1ff1732903bc3a801db0b61abc6bee4d0e90b9fbb4dd495544fc3cc3a1e80bd013fb02677a3ca55ff9a4ffbba907385d4dcc83b959726b34d34f904e3828bad5100024e17f1a205ed6a12818a6a0ff38d3964e20238be9fa953632a00a1db19186d76477dfec71c0bd6a482d3a83b057e716a9758f298fa77beab9daee075c66a1f6469add7b42d495281d2b77a18bbdae951d79b1d79f755504ed5ddbd22b3741c3da126f86c47cfc9fdf2fa85843c633285fbff6d89fcd57f838119cba143b750467ce776d4f0c9da391846566ea750d602c9854f0619a32412187c216267d5aba1a5c0e8706ecc1e5b93cffb5852d993da77083b332201f3c8e7e2c13e8d962fc4f5154736a082fa9e85a7edf6123cc02816430f1e721af71badad8120cf06079427833f6364d88f7b6caf768eadc44114a004f1490bd721a24607ead73fe3ca8afad0209871e505cd35df7cddb27aa92d7c59a6744b8e577df930aba6fc51d7baa7234a1b06c0893e51a42e4ce319ec2bba7a8141656e0c4d8b8c7a8e6005679951f4fedb77fe5bef0e71ff828ee4770a251c26a268b0c45a1838164ac0ec0747fb04bd07d7543affe1ece1e11365a95bb326ca3a34843524f31298311cab56641ef39704f8cc5c9f8410f0adc1010a511a95317518984b0efe0a80bfe1c0ee7290190c598a68ad1a22923b39cd6d8c882ab24d11940db20bc4637ec8e9589923922baa2dc8c25b953f149b05b308d6d75762c06337c15ae0105f52b35eb10bc331088eedca160bfb731e4d79c8cb6servicerootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootpam_pkcs11-0.6.10-150600.16.8.1.src.rpmconfig(pam_pkcs11)pam_pkcs11pam_pkcs11(x86-64)@ @@@@@@@@@@@@@@@@@@@@@@@@@@@    /bin/bash/bin/sh/bin/sh/bin/sh/bin/shconfig(pam_pkcs11)libc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.33)(64bit)libc.so.6(GLIBC_2.34)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.7)(64bit)libcurl.so.4()(64bit)libldap_r-2.4.so.2()(64bit)libnspr4.so()(64bit)libnss3.so()(64bit)libnss3.so(NSS_3.10)(64bit)libnss3.so(NSS_3.2)(64bit)libnss3.so(NSS_3.3)(64bit)libnss3.so(NSS_3.4)(64bit)libnss3.so(NSS_3.6)(64bit)libnss3.so(NSS_3.7)(64bit)libnss3.so(NSS_3.8)(64bit)libnss3.so(NSS_3.9.2)(64bit)libnss3.so(NSS_3.9.3)(64bit)libpam.so.0()(64bit)libpam.so.0(LIBPAM_1.0)(64bit)libpam.so.0(LIBPAM_EXTENSION_1.0)(64bit)libpcsclite.so.1()(64bit)libplc4.so()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)systemdsystemdsystemdsystemd0.6.10-150600.16.8.13.0.4-14.6.0-14.0-15.2-14.14.3h+@gf:\P@@[v[U@Y)@Y@Yp@Vvalentin.lefebvre@suse.comangel.yankov@suse.comdavide.benini@suse.comsbrabec@suse.comvcizek@suse.comsbrabec@suse.comjengelh@inai.deastieger@suse.comsbrabec@suse.comantoine.belvire@laposte.net- Removes pam_env from auth stack for security reason [bsc#1243226, CVE-2025-6018]- Security update fix [bsc#1237062, CVE-2025-24032], [bsc#1237058, CVE-2025-24031] * Fix CVE-2025-24032: vulnerable to authentication bypass with default value for `cert_policy` (`none`) * Fix CVE-2025-24031: vulnerable to segmentation fault on ctrl-c/ctrl-d when asked for PIN * Add pam_pkcs11-CVE-2025-24032.patch * Add pam_pkcs11-CVE-2025-24031.patch * spec: set noarch for doc pkg, add %check section- Fix for bsc#1221255: * Add patch 0001-Set-slot_num-configuration-parameter-to-0-by-default.patch- Update to version 0.6.10: * Fix some security issues (thx @frankmorgner): https://www.x41-dsec.de/lab/advisories/x41-2018-003-pam_pkcs11/ (drop 0001-verify-using-a-nonce-from-the-system-not-the-card.patch, 0002-fixed-buffer-overflow-with-long-home-directory.patch, 0003-fixed-wiping-secrets-with-OpenSSL_cleanse.patch). * Fix buffer overflow with long home directory. * Fix wiping secrets (now using OpenSSL_cleanse()). * Verify using a nonce from the system, not the card. * Fix segfalt when checking CRLs (drop pam_pkcs11-crl-check.patch). - Add rcpkcs11_eventmgr service symlink.- Address security issues found by X41 D-Sec audit (bsc#1105012) * Authentication Replay * Buffer Overflow * Memory not cleaned properly before free() - add patches: * 0001-verify-using-a-nonce-from-the-system-not-the-card.patch * 0002-fixed-buffer-overflow-with-long-home-directory.patch * 0003-fixed-wiping-secrets-with-OpenSSL_cleanse.patch- Fix segfault and fetch problems when checking CRLs (pam_pkcs11-crl-check.patch).- Repair bulletpoint that skidded in description. Trim description of %name-devel-doc, it does not cotain the programs.- add service file bsc#1049219- Updated to version 0.6.9: * Upstream web moved. * pkcs11_listcerts: Do not fail on certificate error. * Do not fail if card was already unlocked. * Other bug fixes. * Translation updates. - Drop upstreamed pam_pkcs11-0.6.8-fix-crypto-cflags.patch. - Work around incorrect upstream release process not calling "make dist". - Split API documentation into a separate package pam_pkcs11-devel-doc. - Add pam_pkcs11-fsf-address.patch.- Fix build for Tumbleweed: * Add pam_pkcs11-0.6.8-fix-crypto-cflags.patch * Rebuild configure with the bootstrap script (add libtool as build dependency)/bin/sh/bin/sh/bin/sh/bin/shh01-ch5a 1750070103  56789:;<=>?@ABCDEFGHIJKLMdefritnlplptrutr0.6.10-150600.16.8.10.6.10-150600.16.8.10.6.10-150600.16.8.1 common-auth-smartcardpam_pkcs11cacertscard_eventmgr.confcrlspam_pkcs11.confpkcs11_eventmgr.confpam_pkcs11.socard_eventmgrpkcs11_eventmgrpkcs11_inspectpkcs11_listcertspkcs11_make_hash_linkpkcs11_setuppklogin_finderpkcs11_eventmgr.servicepam_pkcs11ldap_mapper.soopensc_mapper.soopenssh_mapper.sorcpkcs11_eventmgrpam_pkcs11AUTHORSCOPYINGChangeLogChangeLog.gitNEWSREADMEREADME.autologinREADME.mappersREADME.mdTODOcard_eventmgr.conf.exampledigest_mapping.examplemail_mapping.examplemappers_api.htmlpam.d_login.examplepam_pkcs11.conf.examplepam_pkcs11.htmlpkcs11_eventmgr.conf.examplesubject_mapping.examplepam_pkcs11.mopam_pkcs11.mopam_pkcs11.mopam_pkcs11.mopam_pkcs11.mopam_pkcs11.mopam_pkcs11.mopam_pkcs11.mocard_eventmgr.1.gzpkcs11_eventmgr.1.gzpkcs11_inspect.1.gzpkcs11_listcerts.1.gzpkcs11_make_hash_link.1.gzpkcs11_setup.1.gzpklogin_finder.1.gzpam_pkcs11.8.gz/etc/pam.d//etc//etc/pam_pkcs11//lib64/security//usr/bin//usr/lib/systemd/system//usr/lib64//usr/lib64/pam_pkcs11//usr/sbin//usr/share/doc/packages//usr/share/doc/packages/pam_pkcs11//usr/share/locale/de/LC_MESSAGES//usr/share/locale/fr/LC_MESSAGES//usr/share/locale/it/LC_MESSAGES//usr/share/locale/nl/LC_MESSAGES//usr/share/locale/pl/LC_MESSAGES//usr/share/locale/pt_BR/LC_MESSAGES//usr/share/locale/ru/LC_MESSAGES//usr/share/locale/tr/LC_MESSAGES//usr/share/man/man1//usr/share/man/man8/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:38821/SUSE_SLE-15-SP6_Update/ccb54b8152a4531969b6e4c51545deaf-pam_pkcs11.SUSE_SLE-15-SP6_Updatedrpmxz5x86_64-suse-linux   ASCII textdirectoryELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=5f65f34400c409e6fbc15b00821f34612ef29067, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 4.3.0, BuildID[sha1]=bb4bc82d9a31c94fe240bad175c79e57260bcb40, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 4.3.0, BuildID[sha1]=096f34e130f2db0b223bd4ec288203e388734a1e, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 4.3.0, BuildID[sha1]=6f67dc5e6cdfaa91c5de651d6772dad33858d0da, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 4.3.0, BuildID[sha1]=0fe9bfe3c8393dcaa48717674c13b6c1974c637e, strippedBourne-Again shell script, ASCII text executableELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 4.3.0, BuildID[sha1]=d8d6f389193248c334b489e0e560fd9c7fab1c20, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 4.3.0, BuildID[sha1]=c26ede36e045a6ff126dc1bebed369eea893ffda, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=08add0ad036bffcb494bcb25caf08ac9f85f830b, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=b6421b9df3374455de7df271ba9a0a4272541deb, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=62bee8ca842237aa3e8371197596a31931976a2e, strippedUTF-8 Unicode textXML 1.0 document, UTF-8 Unicode text, with very long linestroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)troff or preprocessor input, UTF-8 Unicode text (gzip compressed data, max compression, from Unix)"0FZ[bx RRRRRRRRRRRRRR R R R RR RR RRRRRR RR RR R RRRRRRRRR R RR R RRRRRRRRRRRRR RR RR R RR RR RRRRRRRRRRRRRRR R RR R RR RRRRR R RR R RRRRRRRRRRR RR RR R RR RR RRRRR R R RR RRRRRRRRRRRR RRRRRRRRRRRRRRRR R RR R RR RRRRRRRRRRRRRRR R RR R RR RRRJ0Som>tӛOusystemd-sysvcompatutf-8a449afee0c5ac9955d1b9681c9028e0a6d949123e8cae1b9155edfb5d97ff45c?p7zXZ !t/CP,]"k%k4ϴva ?-K{r<[» IA a&(3yCrdM<y'J \V&:_ONTGP?wVhGdOn x7F$l T{vq-lsKݻɦFjC+/bd<,$L ?^Osbɪ:G-;(# 4=D&$o'Vz2O9/z(2r?&שZEe.|{vx!8m(Kj_.QZ\1gWA$)m=$ B40Z*2պqUGT0{_vzsvaœ%|um9P^T} 6`NV/3["ޤ:YtyՁcmLcI8 &n`kҗ>R֚hNNjNFH ^dݯ]~rL?AJؤP@"\b T vGUAR^擾̧ȺWArZ ުSfr3:}.X t G#% "$!*2t[+&F8 ;4'qRZ1, {51^B YL"G {}dO&]u+G E.]cZ3"9t )H1 9)2b*LA4Y EC?eK7DQCgQiZ8SRJ,o< o7p*Y48gN,>a\U]ͶE*48+, Qb1)܍ڻD܆>5}"(4GMĿ$J+إab`SiҺ|QǺ/sgެ.<ņRNG`<6v@ s`GWl{xt-~*J',Ӥ6_,~Rb0e1rۿZ+\~®rчW]r{Ò^⺶g5RMjƦ݌ѣ؉KPU)UlX?ERJɮ}QølIt.؂EP8/T k'|g9VHߧ"~JO{TBƕcN .巆3X+Oе"45g46Y!B kՉSiW[P-N7K)X3]-F[TKF@ԓP(={P ݹ*^ 6 1T /k] pdE\l<4z&@a9! XW4Zls8HxI`tKUpd,n6DҤQ~8,:ҋj9sF:h~N!Dkx$ fm3^V}nF-AֵvD@I\$/"1Iy|7.>f^uP0uTiIg9Sw#o&qKzb  ːfKϭ~2Nb(l Q>jt>AvP1k2 'Fz\L?5xrB}ϸ$651U^՚rd[%B~ OdxX40)w:螕3 kqwu-M^MވuᠲS-{kC-]XE9V&dXY,p / msN>GmU^^ۇ5*EY?-i,;,Q=0R4cBIЫX5C q8WzB _ַ\uM΃kg3^wȫ}qUkkbOh/#;:o@Er7*{*ׅ+kd;3mai7I?9Lvu\Ɍ2b0Wܺj88%7e;ig+j ͣ-p|",u?\ T d(F4čl}wYLņZFL췢=93;k͠ꧏ溕'k忂aҨv?Yp5+tif9tBL)n1@i7G0AX 5o1'%VwM)7<J}gj.Q{D Cn qbmHn..ܺ IZOwaTw%*%o8lN-r#=Tu ̄?ZR\Yv_A){}!FXaf֊ 9'+ ;WiHv12:2:G4E1Q_ ЕwFkK(M5)X_ߘם̹m</x3-Xsgf4]B/W~B>;YDZSעϊsS.% q*؏&jOS䬀n J4k.TOOZ`*zP@+ d{n`ȃUK8=xec㿽 ً!eJ,լi܋&mqMWm%A,<$kC-Q]C%d7GFC@HD;(rS=} (H-fb=pA;T|mm`Pģ77**iׁ(h(dރx#4O0n]pmF6{ER!PkYIf#_ 84)d&E Cѝ ̖=86I)WV騛/b} qS_3$Dh18l/Yq=C(y&AI[u}P7XȠx!yH44݈olf\ th/}Hg (ϸ1)-֗2[f?e*ѨRj7/&P)l$v4ܹmPf?n|51D5%T#185e!2#2v' oAlÎEa+J|;1:{)t]1iA͛ KwDBst2e;\pob@>fh9$ϭ8Q ca -]yWSx>*]H <2Q3deW$].]9֧*lF)()75^tFS{«^b kذq$b[ XPߌ{EIh/3N=P@ .9ۗmn` V3K lt01. ]%],0T,6[b3^fp'n!LهVQ~IHt8UKHN~)R1` Vt8Uy1s6H#2 [-Mjp J( !$_Zg@ rk9yi#0 Dv%̓C|@S01iMKINz&I0>;%])ĕCj|ىa|*v(i(3@}di{gh' v)tկ%7!O_UaO} "c,xc3f݃@̙W(]f+q8F(,WiH58K ?M8ym%ʜ`F>Cݷ]TY @^y)]1J\^SNI"C=/-FPb= U ~`,vF~w.7$D5Z8! eul)cu&5I;jךP}<"jy6 Poʟ0T㵡(i+{D,|u=`@$'CY·zTSTT=fVQO9 +k8Q.#%Kc'#eL}6ќ{9K3IT&-%N0YC3k"z?Ԇ@ŎKA Xz!cQ'^ly\AJT_/pě5JT=If0!ŗr?݉7e[X^ lԟPNE{񟭻Tn,{)"fM|UqY$teOU(QhMK*\[Td/G><ۗ%ܬ1{]x79N%,mc'9|q"#(5B9ޑ?Mc"DeF&zZo3xjꨧF{JD(S_gSt?\N2װLKuArg'z*283˩Nx0gHsw̞[~9r~t{7HJ[SI[{֬#zze!wJ< b=05cݤjX"ឥm/]R;1+?(@DC(7C'8D!Y5="NK1/W]|ۼ5ѵ@EГ ͚'Zwb=ؘjEб OR;x٢"! ntbgq +niF@4%M 92!2QN.eJ -x%; BVⲼO}.w+/A+3ٞn-[4 UOu#hCz"1ߗ\$&LO>u a\h8<;+) WYk\t89Ul4}j,4KAʷ#yɇ0.<JfMVo.BY HZZG͚# dM3Z.%sg>5T)wK細}$.x⯰7Ft"W!_8 Tgq&`3M(p^kN08R>&tŲm)=CbYCa$l]! DtVq^XX>A >v,RvrYNtm뎚n1(8Ǒ/Lw*lKY&N&׊3rj9{g}Ɯȣ-mӓx*$,3y)bǂ؊P Je~N| "]!YewA(>{pZA/VK:>6ʽN*LZ/)ZLX / ? HpZ ;@3aM`+2ɅZ7؛f4,¤c*T}^<9;s嶷 \ԇx>d?=Kjie<^<MGIUoHWXh2{`iAHCNG2ϐ?cK#Ǜ!(JmTtY>SZi1D \*Y)rJqkY=%ܒ.!FFƎ1qڞp)Ë!\}u&$[{pXHet =Gp@?~:븠ys Lon?B]%}5tU)DZWroLKE3rl!*O30S*' "2H+(8-QHM@1D0iFBK" vrhry1z0槒3T!-e3 @IDL>Ƈ(]kr'X:sηbiX|u!^KlI>X^r|ֱ١@4NMX!tClx3 Tes|!QsTIcq;pPZ-1Z-% %1dž+Bi\W]hu0qI^yigA4Ǝl~Aq4q b'$$o tc ^JzTnۢ݁y m-z*ס nw1nf֪XU.?-WAq F70Vak^ɱ4@LGC``4]B9Cv/4BRiյS+}lG?(Z>N[D\x萢F= ->8y`y#0iM.*Dj6h4U2^S>ק3; -6JisuU+61ֈ|1 ~AoSci-V*W|*]͉B DKeIXqy+!1Xe@Y s 3zmD%DWlF~=T[̰‹R{syC_\h:|r雠1CnL,%OUm4Uy/dZåL?| u!+~˜J}Etp+AJ["pUZ-z]N;D_FRtc2X πuZNK(KC=0{^d' [csS93 6,Y6' ~h~ IܘY#wsO$[(n1xEfk%R+}/q100QzF&*!Djδ@+bғW[3,8BD86u.i?L>\wK"1SF&) R VVCjJ.NC9{:lx 3꩙=4hz%"Q Ht+*"D)cl@ }f.Yz7-C);$&bsk1;Q +i{ƹnƄ_Ѷ^ky_q"R!2dЙ9GppΤa% G\9E@GFeD!쬈i\mʶAvD:զթʈIR7Z=k* q*#ך!8O;fl`h5H y*|>qқ/^zUm<Z3_fr;lE@ U^n d _-| ش9ݎTٌTe#_\5$@|$VAc=g巐"jrdk I.jj7hBbҊ kNQīò:K-i=0?eߗ.!J dUI%7a(2̈}I"GooJ|> ls[|ιX+`cdC,5+5Äصτ5??Gi\G/oܬx{AY#ΏWMmb -4ZBLL>A 脥EAs`^g7l]F19+- \W+A biݒRݙ :@@'\a -FOIvB>GlOGq̽wIRfB6گcLrhNBDDau\smR(zD,:`m3>Na贁h/6t__MACL)e:h-x ²ͼC~i4|PkG2s3kyg\KڤR G"`(Z#jYoHw} >*"2s0#Ϭy/{̺&;\e0qxʯ]ƬFz7a[R=lOLRm:0zm/4 `V1`I.P& xVs-2KeP+OlZŐQO,yR:;YF0I&Mj8*?u(a]nG;r Sm0;}5*QsBѺ8yW. :QqM)?4gZyf4=oهcPMRJ0e#BL]z2+AYahU˺[UΌnz% =͂Zj>вȋ^3Va 2F1 HDTf$P&\SZ,8RhW|H~]upݴ_ }T:)8i9gt.*p ^\_fqq;u^u<j-R`ҀZn4+p 98 '0_1悽Gng0Y-Sgc4w[\*6 ϱӨ,`&"9eҐY@ȜeHTZ5qYzZIH{zNl *":9{+(ZY ۍs_yh>0igy{)dO߮HeaIp 0^yѿ.'OB1hG>i˓l[X5 jrRSx^faΩ2Bt)W+>>9ˆ)m6U”F/$J쓾 4鐬N,Īܙx8)iɎΏۺLU+Zctf&=ǩ4܍9Y/gŝ9w 07?@>{1OV_pᧄ]ZJJwq>Cl@@5+Yцt|ֶ YZ